sravan/system76-edk2
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

OvmfPkg/MemEncryptSevLib: add support to validate > 4GB memory in PEI phase

Browse Source 
BZ: https://bugzilla.tianocore.org/show_bug.cgi?id=3275

The initial page built during the SEC phase is used by the
MemEncryptSevSnpValidateSystemRam() for the system RAM validation. The
page validation process requires using the PVALIDATE instruction;  the
instruction accepts a virtual address of the memory region that needs
to be validated. If hardware encounters a page table walk failure (due
to page-not-present) then it raises #GP.

The initial page table built in SEC phase address up to 4GB. Add an
internal function to extend the page table to cover > 4GB. The function
builds 1GB entries in the page table for access > 4GB. This will provide
the support to call PVALIDATE instruction for the virtual address >
4GB in PEI phase.

Cc: Michael Roth <michael.roth@amd.com>
Cc: James Bottomley <jejb@linux.ibm.com>
Cc: Min Xu <min.m.xu@intel.com>
Cc: Jiewen Yao <jiewen.yao@intel.com>
Cc: Tom Lendacky <thomas.lendacky@amd.com>
Cc: Jordan Justen <jordan.l.justen@intel.com>
Cc: Ard Biesheuvel <ardb+tianocore@kernel.org>
Cc: Erdem Aktas <erdemaktas@google.com>
Cc: Gerd Hoffmann <kraxel@redhat.com>
Acked-by: Jiewen Yao <Jiewen.yao@intel.com>
Acked-by: Gerd Hoffmann <kraxel@redhat.com>
Signed-off-by: Brijesh Singh <brijesh.singh@amd.com>
This commit is contained in:
Brijesh Singh via groups.io
2021-12-09 11:27:45 +08:00
committed by mergify[bot]
parent 11b15336f0
commit d39f8d88ec
3 changed files with 160 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

24
OvmfPkg/Library/BaseMemEncryptSevLib/X64/VirtualMemory.h
View File

@@ -144,4 +144,28 @@ InternalMemEncryptSevClearMmioPageEncMask (
IN UINTN Length
);
/**
Create 1GB identity mapping for the specified virtual address range.
The function is preliminary used by the SEV-SNP page state change
APIs to build the page table required before issuing the PVALIDATE
instruction. The function must be removed after the EDK2 core is
enhanced to do the lazy validation.
@param[in] Cr3BaseAddress Cr3 Base Address (if zero then use
current CR3)
@param[in] VirtualAddress Virtual address
@param[in] Length Length of virtual address range
@retval RETURN_INVALID_PARAMETER Number of pages is zero.
**/
RETURN_STATUS
EFIAPI
InternalMemEncryptSevCreateIdentityMap1G (
IN PHYSICAL_ADDRESS Cr3BaseAddress,
IN PHYSICAL_ADDRESS PhysicalAddress,
IN UINTN Length
);
#endif