Commit2ac1730bf2
(MdeModulePkg/DxeIpl: Mark page table as read-only) sets the memory pages used for page table as read-only after paging is setup and sets CR0.WP to protect CPU modifying the read-only pages. The commit causes #PF when MemEncryptSevClearPageEncMask() or MemEncryptSevSetPageEncMask() tries to change the page-table attributes. This patch takes the similar approach as Commit147fd35c3e
(UefiCpuPkg/CpuDxe: Enable protection for newly added page table). When page table protection is enabled, we disable it temporarily before changing the page table attributes. This patch makes use of the same approach as Commit2ac1730bf2
(MdeModulePkg/DxeIpl: Mark page table as read-only)) for allocating page table memory from reserved memory pool, which helps to reduce a potential "split" operation. The patch duplicates code from commit147fd35c3e
. The code duplication will be removed after we implement page table manipulation library. See bugzilla https://bugzilla.tianocore.org/show_bug.cgi?id=847. Cc: Jian J Wang <jian.j.wang@intel.com> Cc: Jiewen Yao <jiewen.yao@intel.com> Cc: Jordan Justen <jordan.l.justen@intel.com> Cc: Laszlo Ersek <lersek@redhat.com> Cc: Ard Biesheuvel <ard.biesheuvel@linaro.org> Contributed-under: TianoCore Contribution Agreement 1.1 Signed-off-by: Brijesh Singh <brijesh.singh@amd.com> Acked-by: Laszlo Ersek <lersek@redhat.com>