Date   

Re: [PATCH] CloudHv: can't find gUefiOvmfPkgTokenSpaceGuid

Sunil V L
 

On Tue, Mar 28, 2023 at 03:28:25AM +0000, Jianyong Wu wrote:
Add Ard Biesheuvel <ardb@...> and Sunil V L <sunilvl@...> to cc list.

-----Original Message-----
From: Jianyong Wu <jianyong.wu@...>
Sent: 2023年2月17日 14:48
To: devel@edk2.groups.io; Sami Mujawar <Sami.Mujawar@...>
Cc: Jianyong Wu <Jianyong.Wu@...>
Subject: [PATCH] CloudHv: can't find gUefiOvmfPkgTokenSpaceGuid

commit f13264b34 introduces a bug for CloudHv as OvmfPkg/OvmfPkg.dec is
missing in CloudHvHasAcpiDtDxe.inf which leads to
gUefiOvmfPkgTokenSpaceGuid found nowhere.

Signed-off-by: Jianyong Wu <jianyong.wu@...>
---
ArmVirtPkg/CloudHvPlatformHasAcpiDtDxe/CloudHvHasAcpiDtDxe.inf | 1 +
1 file changed, 1 insertion(+)

diff --git
a/ArmVirtPkg/CloudHvPlatformHasAcpiDtDxe/CloudHvHasAcpiDtDxe.inf
b/ArmVirtPkg/CloudHvPlatformHasAcpiDtDxe/CloudHvHasAcpiDtDxe.inf
index 7cad40e11f..6ff80b24d0 100644
--- a/ArmVirtPkg/CloudHvPlatformHasAcpiDtDxe/CloudHvHasAcpiDtDxe.inf
+++ b/ArmVirtPkg/CloudHvPlatformHasAcpiDtDxe/CloudHvHasAcpiDtDxe.inf
@@ -23,6 +23,7 @@
EmbeddedPkg/EmbeddedPkg.dec
MdeModulePkg/MdeModulePkg.dec
MdePkg/MdePkg.dec
+ OvmfPkg/OvmfPkg.dec
Hi Jianyong,

Thanks for fixing this!. Sorry that I missed this in the first place.

Reviewed-by: Sunil V L <sunilvl@...>


Re: [PATCH] CloudHv: can't find gUefiOvmfPkgTokenSpaceGuid

Jianyong Wu
 

Add Ard Biesheuvel <ardb@...> and Sunil V L <sunilvl@...> to cc list.

-----Original Message-----
From: Jianyong Wu <jianyong.wu@...>
Sent: 2023年2月17日 14:48
To: devel@edk2.groups.io; Sami Mujawar <Sami.Mujawar@...>
Cc: Jianyong Wu <Jianyong.Wu@...>
Subject: [PATCH] CloudHv: can't find gUefiOvmfPkgTokenSpaceGuid

commit f13264b34 introduces a bug for CloudHv as OvmfPkg/OvmfPkg.dec is
missing in CloudHvHasAcpiDtDxe.inf which leads to
gUefiOvmfPkgTokenSpaceGuid found nowhere.

Signed-off-by: Jianyong Wu <jianyong.wu@...>
---
ArmVirtPkg/CloudHvPlatformHasAcpiDtDxe/CloudHvHasAcpiDtDxe.inf | 1 +
1 file changed, 1 insertion(+)

diff --git
a/ArmVirtPkg/CloudHvPlatformHasAcpiDtDxe/CloudHvHasAcpiDtDxe.inf
b/ArmVirtPkg/CloudHvPlatformHasAcpiDtDxe/CloudHvHasAcpiDtDxe.inf
index 7cad40e11f..6ff80b24d0 100644
--- a/ArmVirtPkg/CloudHvPlatformHasAcpiDtDxe/CloudHvHasAcpiDtDxe.inf
+++ b/ArmVirtPkg/CloudHvPlatformHasAcpiDtDxe/CloudHvHasAcpiDtDxe.inf
@@ -23,6 +23,7 @@
EmbeddedPkg/EmbeddedPkg.dec
MdeModulePkg/MdeModulePkg.dec
MdePkg/MdePkg.dec
+ OvmfPkg/OvmfPkg.dec

[LibraryClasses]
BaseLib
--
2.17.1
IMPORTANT NOTICE: The contents of this email and any attachments are confidential and may also be privileged. If you are not the intended recipient, please notify the sender immediately and do not disclose the contents to any other person, use it for any purpose, or store or copy the information in any medium. Thank you.


Re: [PATCH 3/9] IntelFsp2Pkg: Add CpuPageTableLib required by DxeIpl in DSC

Chiu, Chasel
 

Reviewed-by: Chasel Chiu <chasel.chiu@...>

Thanks,
Chasel

-----Original Message-----
From: Tan, Dun <dun.tan@...>
Sent: Monday, March 27, 2023 7:43 PM
To: devel@edk2.groups.io
Cc: Chiu, Chasel <chasel.chiu@...>; Desimone, Nathaniel L
<nathaniel.l.desimone@...>; Zeng, Star <star.zeng@...>; Ni, Ray
<ray.ni@...>
Subject: [PATCH 3/9] IntelFsp2Pkg: Add CpuPageTableLib required by DxeIpl in
DSC

Add CpuPageTableLib instance required by DxeIpl in QemuFspPkg.dsc of
IntelFsp2Pkg.

Signed-off-by: Dun Tan <dun.tan@...>
Cc: Chasel Chiu <chasel.chiu@...>
Cc: Nate DeSimone <nathaniel.l.desimone@...>
Cc: Star Zeng <star.zeng@...>
Cc: Ray Ni <ray.ni@...>
---
IntelFsp2Pkg/Tools/Tests/QemuFspPkg.dsc | 3 ++-
1 file changed, 2 insertions(+), 1 deletion(-)

diff --git a/IntelFsp2Pkg/Tools/Tests/QemuFspPkg.dsc
b/IntelFsp2Pkg/Tools/Tests/QemuFspPkg.dsc
index 3155812118..52052692dd 100644
--- a/IntelFsp2Pkg/Tools/Tests/QemuFspPkg.dsc
+++ b/IntelFsp2Pkg/Tools/Tests/QemuFspPkg.dsc
@@ -1,7 +1,7 @@
## @file
# FSP DSC build file for QEMU platform
#
-# Copyright (c) 2017 - 2021, Intel Corporation. All rights reserved.<BR>
+# Copyright (c) 2017 - 2023, Intel Corporation. All rights
+reserved.<BR>
#
# This program and the accompanying materials
# are licensed and made available under the terms and conditions of the BSD
License
@@ -114,6 +114,7 @@
DebugLib|MdePkg/Library/BaseDebugLibNull/BaseDebugLibNull.inf
SerialPortLib|MdePkg/Library/BaseSerialPortLibNull/BaseSerialPortLibNull.inf
!endif
+
+ CpuPageTableLib|UefiCpuPkg/Library/CpuPageTableLib/CpuPageTableLib.inf



#################################################################
###############
--
2.31.1.windows.1


[PATCH 9/9] MdeModulePkg/DxeIpl: Refinement to the code to set PageTable as RO

duntan
 

Code refinement to the code to set page table as RO in DxeIpl module.
Set all page table pools as ReadOnly by calling PageTableMap() in
CpuPageTableLib multiple times instead of searching each page table
pool address in page table layer by layer. Also, this commit solve
the issue that original SetPageTablePoolReadOnly() code in DxeIpl
doesn't handle the Level5Paging case.

Bugzila: https://bugzilla.tianocore.org/show_bug.cgi?id=4176
Signed-off-by: Dun Tan <dun.tan@...>
Cc: Dandan Bi <dandan.bi@...>
Cc: Liming Gao <gaoliming@...>
Cc: Ray Ni <ray.ni@...>
Cc: Jian J Wang <jian.j.wang@...>
---
MdeModulePkg/Core/DxeIplPeim/X64/VirtualMemory.c | 154 ++++++++++++++--------------------------------------------------------------------------------------------------------------------------------------------
MdeModulePkg/Core/DxeIplPeim/X64/VirtualMemory.h | 15 ---------------
2 files changed, 14 insertions(+), 155 deletions(-)

diff --git a/MdeModulePkg/Core/DxeIplPeim/X64/VirtualMemory.c b/MdeModulePkg/Core/DxeIplPeim/X64/VirtualMemory.c
index ac3a2b2dc4..c88ff7cf0a 100644
--- a/MdeModulePkg/Core/DxeIplPeim/X64/VirtualMemory.c
+++ b/MdeModulePkg/Core/DxeIplPeim/X64/VirtualMemory.c
@@ -330,154 +330,36 @@ CreateOrUpdatePageTable (
ASSERT (PageTableBufferSize == 0);
}

-/**
- Set one page of page table pool memory to be read-only.
-
- @param[in] PageTableBase Base address of page table (CR3).
- @param[in] Address Start address of a page to be set as read-only.
- @param[in] Level4Paging Level 4 paging flag.
-
-**/
-VOID
-SetPageTablePoolReadOnly (
- IN UINTN PageTableBase,
- IN EFI_PHYSICAL_ADDRESS Address,
- IN BOOLEAN Level4Paging
- )
-{
- UINTN Index;
- UINTN EntryIndex;
- UINT64 AddressEncMask;
- EFI_PHYSICAL_ADDRESS PhysicalAddress;
- UINT64 *PageTable;
- UINT64 *NewPageTable;
- UINT64 PageAttr;
- UINT64 LevelSize[5];
- UINT64 LevelMask[5];
- UINTN LevelShift[5];
- UINTN Level;
- UINT64 PoolUnitSize;
-
- ASSERT (PageTableBase != 0);
-
- //
- // Since the page table is always from page table pool, which is always
- // located at the boundary of PcdPageTablePoolAlignment, we just need to
- // set the whole pool unit to be read-only.
- //
- Address = Address & PAGE_TABLE_POOL_ALIGN_MASK;
-
- LevelShift[1] = PAGING_L1_ADDRESS_SHIFT;
- LevelShift[2] = PAGING_L2_ADDRESS_SHIFT;
- LevelShift[3] = PAGING_L3_ADDRESS_SHIFT;
- LevelShift[4] = PAGING_L4_ADDRESS_SHIFT;
-
- LevelMask[1] = PAGING_4K_ADDRESS_MASK_64;
- LevelMask[2] = PAGING_2M_ADDRESS_MASK_64;
- LevelMask[3] = PAGING_1G_ADDRESS_MASK_64;
- LevelMask[4] = PAGING_1G_ADDRESS_MASK_64;
-
- LevelSize[1] = SIZE_4KB;
- LevelSize[2] = SIZE_2MB;
- LevelSize[3] = SIZE_1GB;
- LevelSize[4] = SIZE_512GB;
-
- AddressEncMask = PcdGet64 (PcdPteMemoryEncryptionAddressOrMask) &
- PAGING_1G_ADDRESS_MASK_64;
- PageTable = (UINT64 *)(UINTN)PageTableBase;
- PoolUnitSize = PAGE_TABLE_POOL_UNIT_SIZE;
-
- for (Level = (Level4Paging) ? 4 : 3; Level > 0; --Level) {
- Index = ((UINTN)RShiftU64 (Address, LevelShift[Level]));
- Index &= PAGING_PAE_INDEX_MASK;
-
- PageAttr = PageTable[Index];
- if ((PageAttr & IA32_PG_PS) == 0) {
- //
- // Go to next level of table.
- //
- PageTable = (UINT64 *)(UINTN)(PageAttr & ~AddressEncMask &
- PAGING_4K_ADDRESS_MASK_64);
- continue;
- }
-
- if (PoolUnitSize >= LevelSize[Level]) {
- //
- // Clear R/W bit if current page granularity is not larger than pool unit
- // size.
- //
- if ((PageAttr & IA32_PG_RW) != 0) {
- while (PoolUnitSize > 0) {
- //
- // PAGE_TABLE_POOL_UNIT_SIZE and PAGE_TABLE_POOL_ALIGNMENT are fit in
- // one page (2MB). Then we don't need to update attributes for pages
- // crossing page directory. ASSERT below is for that purpose.
- //
- ASSERT (Index < EFI_PAGE_SIZE/sizeof (UINT64));
-
- PageTable[Index] &= ~(UINT64)IA32_PG_RW;
- PoolUnitSize -= LevelSize[Level];
-
- ++Index;
- }
- }
-
- break;
- } else {
- //
- // The smaller granularity of page must be needed.
- //
- ASSERT (Level > 1);
-
- NewPageTable = AllocatePageTableMemory (1);
- ASSERT (NewPageTable != NULL);
-
- PhysicalAddress = PageAttr & LevelMask[Level];
- for (EntryIndex = 0;
- EntryIndex < EFI_PAGE_SIZE/sizeof (UINT64);
- ++EntryIndex)
- {
- NewPageTable[EntryIndex] = PhysicalAddress | AddressEncMask |
- IA32_PG_P | IA32_PG_RW;
- if (Level > 2) {
- NewPageTable[EntryIndex] |= IA32_PG_PS;
- }
-
- PhysicalAddress += LevelSize[Level - 1];
- }
-
- PageTable[Index] = (UINT64)(UINTN)NewPageTable | AddressEncMask |
- IA32_PG_P | IA32_PG_RW;
- PageTable = NewPageTable;
- }
- }
-}
-
/**
Prevent the memory pages used for page table from been overwritten.

- @param[in] PageTableBase Base address of page table (CR3).
- @param[in] Level4Paging Level 4 paging flag.
+ @param[in] PageTableBase Base address of page table (CR3).
+ @param[in] PagingMode The paging mode.

**/
VOID
EnablePageTableProtection (
- IN UINTN PageTableBase,
- IN BOOLEAN Level4Paging
+ IN UINTN PageTableBase,
+ IN PAGING_MODE PagingMode
)
{
PAGE_TABLE_POOL *HeadPool;
PAGE_TABLE_POOL *Pool;
UINT64 PoolSize;
EFI_PHYSICAL_ADDRESS Address;
+ IA32_MAP_ATTRIBUTE MapAttribute;
+ IA32_MAP_ATTRIBUTE MapMask;

if (mPageTablePool == NULL) {
return;
}

+ MapAttribute.Uint64 = 0;
+ MapMask.Uint64 = 0;
+ MapMask.Bits.ReadWrite = 1;
+
//
- // No need to clear CR0.WP since PageTableBase has't been written to CR3 yet.
- // SetPageTablePoolReadOnly might update mPageTablePool. It's safer to
+ // CreateOrUpdatePageTable might update mPageTablePool. It's safer to
// remember original one in advance.
//
HeadPool = mPageTablePool;
@@ -485,18 +367,10 @@ EnablePageTableProtection (
do {
Address = (EFI_PHYSICAL_ADDRESS)(UINTN)Pool;
PoolSize = Pool->Offset + EFI_PAGES_TO_SIZE (Pool->FreePages);
-
//
- // The size of one pool must be multiple of PAGE_TABLE_POOL_UNIT_SIZE, which
- // is one of page size of the processor (2MB by default). Let's apply the
- // protection to them one by one.
+ // Set entire pool including header, used-memory and left free-memory as ReadOnly.
//
- while (PoolSize > 0) {
- SetPageTablePoolReadOnly (PageTableBase, Address, Level4Paging);
- Address += PAGE_TABLE_POOL_UNIT_SIZE;
- PoolSize -= PAGE_TABLE_POOL_UNIT_SIZE;
- }
-
+ CreateOrUpdatePageTable (&PageTableBase, PagingMode, Address, PoolSize, &MapAttribute, &MapMask);
Pool = Pool->NextPool;
} while (Pool != HeadPool);

@@ -678,7 +552,7 @@ CreateIdentityMappingPageTables (
// Protect the page table by marking the memory used for page table to be
// read-only.
//
- EnablePageTableProtection ((UINTN)PageTable, TRUE);
+ EnablePageTableProtection (PageTable, PagingMode);

//
// Set IA32_EFER.NXE if necessary.
diff --git a/MdeModulePkg/Core/DxeIplPeim/X64/VirtualMemory.h b/MdeModulePkg/Core/DxeIplPeim/X64/VirtualMemory.h
index 7d4bc4e4ba..174a2245c0 100644
--- a/MdeModulePkg/Core/DxeIplPeim/X64/VirtualMemory.h
+++ b/MdeModulePkg/Core/DxeIplPeim/X64/VirtualMemory.h
@@ -50,23 +50,8 @@ typedef struct {

#define CR0_WP BIT16

-#define IA32_PG_P BIT0
-#define IA32_PG_RW BIT1
-#define IA32_PG_PS BIT7
-
-#define PAGING_PAE_INDEX_MASK 0x1FF
-
-#define PAGING_4K_ADDRESS_MASK_64 0x000FFFFFFFFFF000ull
-#define PAGING_2M_ADDRESS_MASK_64 0x000FFFFFFFE00000ull
#define PAGING_1G_ADDRESS_MASK_64 0x000FFFFFC0000000ull

-#define PAGING_L1_ADDRESS_SHIFT 12
-#define PAGING_L2_ADDRESS_SHIFT 21
-#define PAGING_L3_ADDRESS_SHIFT 30
-#define PAGING_L4_ADDRESS_SHIFT 39
-
-#define PAGING_PML4E_NUMBER 4
-
#define PAGE_TABLE_POOL_ALIGNMENT BASE_2MB
#define PAGE_TABLE_POOL_UNIT_SIZE SIZE_2MB
#define PAGE_TABLE_POOL_UNIT_PAGES EFI_SIZE_TO_PAGES (PAGE_TABLE_POOL_UNIT_SIZE)
--
2.31.1.windows.1


[PATCH 8/9] MdeModulePkg/DxeIpl: Remove duplicated code to enable NX

duntan
 

In IA32 code, remove the duplicated code to enable NX.
In the previous patch, IA32 code also uses the new
CreateIdentityMappingPageTables() to create PAE page table.
This function calls EnableExecuteDisableBit if needed.

Signed-off-by: Dun Tan <dun.tan@...>
Cc: Dandan Bi <dandan.bi@...>
Cc: Liming Gao <gaoliming@...>
Cc: Ray Ni <ray.ni@...>
Cc: Jian J Wang <jian.j.wang@...>
---
MdeModulePkg/Core/DxeIplPeim/Ia32/DxeLoadFunc.c | 3 ---
1 file changed, 3 deletions(-)

diff --git a/MdeModulePkg/Core/DxeIplPeim/Ia32/DxeLoadFunc.c b/MdeModulePkg/Core/DxeIplPeim/Ia32/DxeLoadFunc.c
index e0e2601637..4b97e4ea80 100644
--- a/MdeModulePkg/Core/DxeIplPeim/Ia32/DxeLoadFunc.c
+++ b/MdeModulePkg/Core/DxeIplPeim/Ia32/DxeLoadFunc.c
@@ -322,9 +322,6 @@ HandOffToDxeCore (
BuildPageTablesIa32Pae = ToBuildPageTable ();
if (BuildPageTablesIa32Pae) {
PageTables = CreateIdentityMappingPageTables (TRUE, BaseOfStack, STACK_SIZE, 0, 0);
- if (IsEnableNonExecNeeded ()) {
- EnableExecuteDisableBit ();
- }
}

//
--
2.31.1.windows.1


[PATCH 7/9] MdeModulePkg/DxeIpl: Create page table by CpuPageTableLib

duntan
 

Modify CreateIdentityMappingPageTables() to create page table
based on CpuPageTableLib in DxeIpl module. This function can
be used to create both IA32 PAE paging and long mode 4-level,
5-level paging structure. With the PageTableMap() API in the
CpuPageTableLib, we can remove the complicated page table
manipulating code. This commit doesn't change any functionality.

Signed-off-by: Dun Tan <dun.tan@...>
Cc: Dandan Bi <dandan.bi@...>
Cc: Liming Gao <gaoliming@...>
Cc: Ray Ni <ray.ni@...>
Cc: Jian J Wang <jian.j.wang@...>
---
MdeModulePkg/Core/DxeIplPeim/DxeIpl.h | 3 ++-
MdeModulePkg/Core/DxeIplPeim/DxeIpl.inf | 4 +++-
MdeModulePkg/Core/DxeIplPeim/Ia32/DxeLoadFunc.c | 109 ++++---------------------------------------------------------------------------------------------------------
MdeModulePkg/Core/DxeIplPeim/X64/DxeLoadFunc.c | 5 +++--
MdeModulePkg/Core/DxeIplPeim/X64/VirtualMemory.c | 557 ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++-----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------
MdeModulePkg/Core/DxeIplPeim/X64/VirtualMemory.h | 167 ++++++++++-------------------------------------------------------------------------------------------------------------------------------------------------------------
6 files changed, 166 insertions(+), 679 deletions(-)

diff --git a/MdeModulePkg/Core/DxeIplPeim/DxeIpl.h b/MdeModulePkg/Core/DxeIplPeim/DxeIpl.h
index 2f015befce..03e6f8cff7 100644
--- a/MdeModulePkg/Core/DxeIplPeim/DxeIpl.h
+++ b/MdeModulePkg/Core/DxeIplPeim/DxeIpl.h
@@ -2,7 +2,7 @@
Master header file for DxeIpl PEIM. All source files in this module should
include this file for common definitions.

-Copyright (c) 2006 - 2019, Intel Corporation. All rights reserved.<BR>
+Copyright (c) 2006 - 2023, Intel Corporation. All rights reserved.<BR>
SPDX-License-Identifier: BSD-2-Clause-Patent

**/
@@ -42,6 +42,7 @@ SPDX-License-Identifier: BSD-2-Clause-Patent
#include <Library/DebugAgentLib.h>
#include <Library/PeiServicesTablePointerLib.h>
#include <Library/PerformanceLib.h>
+#include <Library/CpuPageTableLib.h>

#define STACK_SIZE 0x20000
#define BSP_STORE_SIZE 0x4000
diff --git a/MdeModulePkg/Core/DxeIplPeim/DxeIpl.inf b/MdeModulePkg/Core/DxeIplPeim/DxeIpl.inf
index 052ea0ec1a..60623b4f66 100644
--- a/MdeModulePkg/Core/DxeIplPeim/DxeIpl.inf
+++ b/MdeModulePkg/Core/DxeIplPeim/DxeIpl.inf
@@ -5,7 +5,7 @@
# PPI to discover and dispatch the DXE Foundation and components that are
# needed to run the DXE Foundation.
#
-# Copyright (c) 2006 - 2019, Intel Corporation. All rights reserved.<BR>
+# Copyright (c) 2006 - 2023, Intel Corporation. All rights reserved.<BR>
# Copyright (c) 2017, AMD Incorporated. All rights reserved.<BR>
# Copyright (c) 2020, Hewlett Packard Enterprise Development LP. All rights reserved.<BR>
# Copyright (c) 2022, Loongson Technology Corporation Limited. All rights reserved.<BR>
@@ -60,6 +60,7 @@
[Packages]
MdePkg/MdePkg.dec
MdeModulePkg/MdeModulePkg.dec
+ UefiCpuPkg/UefiCpuPkg.dec

[Packages.ARM, Packages.AARCH64]
ArmPkg/ArmPkg.dec
@@ -79,6 +80,7 @@
DebugAgentLib
PeiServicesTablePointerLib
PerformanceLib
+ CpuPageTableLib

[LibraryClasses.ARM, LibraryClasses.AARCH64]
ArmMmuLib
diff --git a/MdeModulePkg/Core/DxeIplPeim/Ia32/DxeLoadFunc.c b/MdeModulePkg/Core/DxeIplPeim/Ia32/DxeLoadFunc.c
index fdeaaa39d8..e0e2601637 100644
--- a/MdeModulePkg/Core/DxeIplPeim/Ia32/DxeLoadFunc.c
+++ b/MdeModulePkg/Core/DxeIplPeim/Ia32/DxeLoadFunc.c
@@ -1,7 +1,7 @@
/** @file
Ia32-specific functionality for DxeLoad.

-Copyright (c) 2006 - 2018, Intel Corporation. All rights reserved.<BR>
+Copyright (c) 2006 - 2023, Intel Corporation. All rights reserved.<BR>
Copyright (c) 2017, AMD Incorporated. All rights reserved.<BR>

SPDX-License-Identifier: BSD-2-Clause-Patent
@@ -70,107 +70,6 @@ GLOBAL_REMOVE_IF_UNREFERENCED IA32_DESCRIPTOR gLidtDescriptor = {
0
};

-/**
- Allocates and fills in the Page Directory and Page Table Entries to
- establish a 4G page table.
-
- @param[in] StackBase Stack base address.
- @param[in] StackSize Stack size.
-
- @return The address of page table.
-
-**/
-UINTN
-Create4GPageTablesIa32Pae (
- IN EFI_PHYSICAL_ADDRESS StackBase,
- IN UINTN StackSize
- )
-{
- UINT8 PhysicalAddressBits;
- EFI_PHYSICAL_ADDRESS PhysicalAddress;
- UINTN IndexOfPdpEntries;
- UINTN IndexOfPageDirectoryEntries;
- UINT32 NumberOfPdpEntriesNeeded;
- PAGE_MAP_AND_DIRECTORY_POINTER *PageMap;
- PAGE_MAP_AND_DIRECTORY_POINTER *PageDirectoryPointerEntry;
- PAGE_TABLE_ENTRY *PageDirectoryEntry;
- UINTN TotalPagesNum;
- UINTN PageAddress;
- UINT64 AddressEncMask;
-
- //
- // Make sure AddressEncMask is contained to smallest supported address field
- //
- AddressEncMask = PcdGet64 (PcdPteMemoryEncryptionAddressOrMask) & PAGING_1G_ADDRESS_MASK_64;
-
- PhysicalAddressBits = 32;
-
- //
- // Calculate the table entries needed.
- //
- NumberOfPdpEntriesNeeded = (UINT32)LShiftU64 (1, (PhysicalAddressBits - 30));
-
- TotalPagesNum = NumberOfPdpEntriesNeeded + 1;
- PageAddress = (UINTN)AllocatePageTableMemory (TotalPagesNum);
- ASSERT (PageAddress != 0);
-
- PageMap = (VOID *)PageAddress;
- PageAddress += SIZE_4KB;
-
- PageDirectoryPointerEntry = PageMap;
- PhysicalAddress = 0;
-
- for (IndexOfPdpEntries = 0; IndexOfPdpEntries < NumberOfPdpEntriesNeeded; IndexOfPdpEntries++, PageDirectoryPointerEntry++) {
- //
- // Each Directory Pointer entries points to a page of Page Directory entires.
- // So allocate space for them and fill them in in the IndexOfPageDirectoryEntries loop.
- //
- PageDirectoryEntry = (VOID *)PageAddress;
- PageAddress += SIZE_4KB;
-
- //
- // Fill in a Page Directory Pointer Entries
- //
- PageDirectoryPointerEntry->Uint64 = (UINT64)(UINTN)PageDirectoryEntry | AddressEncMask;
- PageDirectoryPointerEntry->Bits.Present = 1;
-
- for (IndexOfPageDirectoryEntries = 0; IndexOfPageDirectoryEntries < 512; IndexOfPageDirectoryEntries++, PageDirectoryEntry++, PhysicalAddress += SIZE_2MB) {
- if ( (IsNullDetectionEnabled () && (PhysicalAddress == 0))
- || ( (PhysicalAddress < StackBase + StackSize)
- && ((PhysicalAddress + SIZE_2MB) > StackBase)))
- {
- //
- // Need to split this 2M page that covers stack range.
- //
- Split2MPageTo4K (PhysicalAddress, (UINT64 *)PageDirectoryEntry, StackBase, StackSize, 0, 0);
- } else {
- //
- // Fill in the Page Directory entries
- //
- PageDirectoryEntry->Uint64 = (UINT64)PhysicalAddress | AddressEncMask;
- PageDirectoryEntry->Bits.ReadWrite = 1;
- PageDirectoryEntry->Bits.Present = 1;
- PageDirectoryEntry->Bits.MustBe1 = 1;
- }
- }
- }
-
- for ( ; IndexOfPdpEntries < 512; IndexOfPdpEntries++, PageDirectoryPointerEntry++) {
- ZeroMem (
- PageDirectoryPointerEntry,
- sizeof (PAGE_MAP_AND_DIRECTORY_POINTER)
- );
- }
-
- //
- // Protect the page table by marking the memory used for page table to be
- // read-only.
- //
- EnablePageTableProtection ((UINTN)PageMap, FALSE);
-
- return (UINTN)PageMap;
-}
-
/**
The function will check if IA32 PAE is supported.

@@ -299,9 +198,9 @@ HandOffToDxeCore (
//
AsmWriteGdtr (&gGdt);
//
- // Create page table and save PageMapLevel4 to CR3
+ // Create page table and save PageMapLevel4 or PageMapLevel5 to CR3
//
- PageTables = CreateIdentityMappingPageTables (BaseOfStack, STACK_SIZE, 0, 0);
+ PageTables = CreateIdentityMappingPageTables (FALSE, BaseOfStack, STACK_SIZE, 0, 0);

//
// End of PEI phase signal
@@ -422,7 +321,7 @@ HandOffToDxeCore (
PageTables = 0;
BuildPageTablesIa32Pae = ToBuildPageTable ();
if (BuildPageTablesIa32Pae) {
- PageTables = Create4GPageTablesIa32Pae (BaseOfStack, STACK_SIZE);
+ PageTables = CreateIdentityMappingPageTables (TRUE, BaseOfStack, STACK_SIZE, 0, 0);
if (IsEnableNonExecNeeded ()) {
EnableExecuteDisableBit ();
}
diff --git a/MdeModulePkg/Core/DxeIplPeim/X64/DxeLoadFunc.c b/MdeModulePkg/Core/DxeIplPeim/X64/DxeLoadFunc.c
index fa2050cf02..36e32d05e3 100644
--- a/MdeModulePkg/Core/DxeIplPeim/X64/DxeLoadFunc.c
+++ b/MdeModulePkg/Core/DxeIplPeim/X64/DxeLoadFunc.c
@@ -1,7 +1,7 @@
/** @file
x64-specifc functionality for DxeLoad.

-Copyright (c) 2006 - 2018, Intel Corporation. All rights reserved.<BR>
+Copyright (c) 2006 - 2023, Intel Corporation. All rights reserved.<BR>
SPDX-License-Identifier: BSD-2-Clause-Patent

**/
@@ -91,9 +91,10 @@ HandOffToDxeCore (
PageTables = 0;
if (FeaturePcdGet (PcdDxeIplBuildPageTables)) {
//
- // Create page table and save PageMapLevel4 to CR3
+ // Create page table and save PageMapLevel4 or PageMapLevel5 to CR3
//
PageTables = CreateIdentityMappingPageTables (
+ FALSE,
(EFI_PHYSICAL_ADDRESS)(UINTN)BaseOfStack,
STACK_SIZE,
(EFI_PHYSICAL_ADDRESS)(UINTN)GhcbBase,
diff --git a/MdeModulePkg/Core/DxeIplPeim/X64/VirtualMemory.c b/MdeModulePkg/Core/DxeIplPeim/X64/VirtualMemory.c
index 18b121d768..ac3a2b2dc4 100644
--- a/MdeModulePkg/Core/DxeIplPeim/X64/VirtualMemory.c
+++ b/MdeModulePkg/Core/DxeIplPeim/X64/VirtualMemory.c
@@ -15,7 +15,7 @@
2) IA-32 Intel(R) Architecture Software Developer's Manual Volume 2:Instruction Set Reference, Intel
3) IA-32 Intel(R) Architecture Software Developer's Manual Volume 3:System Programmer's Guide, Intel

-Copyright (c) 2006 - 2022, Intel Corporation. All rights reserved.<BR>
+Copyright (c) 2006 - 2023, Intel Corporation. All rights reserved.<BR>
Copyright (c) 2017, AMD Incorporated. All rights reserved.<BR>

SPDX-License-Identifier: BSD-2-Clause-Patent
@@ -186,55 +186,6 @@ EnableExecuteDisableBit (
}
}

-/**
- The function will check if page table entry should be splitted to smaller
- granularity.
-
- @param Address Physical memory address.
- @param Size Size of the given physical memory.
- @param StackBase Base address of stack.
- @param StackSize Size of stack.
- @param GhcbBase Base address of GHCB pages.
- @param GhcbSize Size of GHCB area.
-
- @retval TRUE Page table should be split.
- @retval FALSE Page table should not be split.
-**/
-BOOLEAN
-ToSplitPageTable (
- IN EFI_PHYSICAL_ADDRESS Address,
- IN UINTN Size,
- IN EFI_PHYSICAL_ADDRESS StackBase,
- IN UINTN StackSize,
- IN EFI_PHYSICAL_ADDRESS GhcbBase,
- IN UINTN GhcbSize
- )
-{
- if (IsNullDetectionEnabled () && (Address == 0)) {
- return TRUE;
- }
-
- if (PcdGetBool (PcdCpuStackGuard)) {
- if ((StackBase >= Address) && (StackBase < (Address + Size))) {
- return TRUE;
- }
- }
-
- if (PcdGetBool (PcdSetNxForStack)) {
- if ((Address < StackBase + StackSize) && ((Address + Size) > StackBase)) {
- return TRUE;
- }
- }
-
- if (GhcbBase != 0) {
- if ((Address < GhcbBase + GhcbSize) && ((Address + Size) > GhcbBase)) {
- return TRUE;
- }
- }
-
- return FALSE;
-}
-
/**
Initialize a buffer pool for page table use only.

@@ -341,143 +292,42 @@ AllocatePageTableMemory (
}

/**
- Split 2M page to 4K.
-
- @param[in] PhysicalAddress Start physical address the 2M page covered.
- @param[in, out] PageEntry2M Pointer to 2M page entry.
- @param[in] StackBase Stack base address.
- @param[in] StackSize Stack size.
- @param[in] GhcbBase GHCB page area base address.
- @param[in] GhcbSize GHCB page area size.
-
+ This function create new page table or modifies the page MapAttribute for the memory region
+ specified by BaseAddress and Length from their current attributes to the attributes specified
+ by MapAttribute and Mask.
+
+ @param[in] PageTable Pointer to Page table address.
+ @param[in] PagingMode The paging mode.
+ @param[in] BaseAddress The start of the linear address range.
+ @param[in] Length The length of the linear address range.
+ @param[in] MapAttribute The attribute of the linear address range.
+ @param[in] MapMask The mask used for attribute.
**/
VOID
-Split2MPageTo4K (
- IN EFI_PHYSICAL_ADDRESS PhysicalAddress,
- IN OUT UINT64 *PageEntry2M,
- IN EFI_PHYSICAL_ADDRESS StackBase,
- IN UINTN StackSize,
- IN EFI_PHYSICAL_ADDRESS GhcbBase,
- IN UINTN GhcbSize
+CreateOrUpdatePageTable (
+ IN UINTN *PageTable,
+ IN PAGING_MODE PagingMode,
+ IN PHYSICAL_ADDRESS BaseAddress,
+ IN UINT64 Length,
+ IN IA32_MAP_ATTRIBUTE *MapAttribute,
+ IN IA32_MAP_ATTRIBUTE *MapMask
)
{
- EFI_PHYSICAL_ADDRESS PhysicalAddress4K;
- UINTN IndexOfPageTableEntries;
- PAGE_TABLE_4K_ENTRY *PageTableEntry;
- UINT64 AddressEncMask;
-
- //
- // Make sure AddressEncMask is contained to smallest supported address field
- //
- AddressEncMask = PcdGet64 (PcdPteMemoryEncryptionAddressOrMask) & PAGING_1G_ADDRESS_MASK_64;
-
- PageTableEntry = AllocatePageTableMemory (1);
- ASSERT (PageTableEntry != NULL);
-
- //
- // Fill in 2M page entry.
- //
- *PageEntry2M = (UINT64)(UINTN)PageTableEntry | AddressEncMask | IA32_PG_P | IA32_PG_RW;
-
- PhysicalAddress4K = PhysicalAddress;
- for (IndexOfPageTableEntries = 0; IndexOfPageTableEntries < 512; IndexOfPageTableEntries++, PageTableEntry++, PhysicalAddress4K += SIZE_4KB) {
- //
- // Fill in the Page Table entries
- //
- PageTableEntry->Uint64 = (UINT64)PhysicalAddress4K;
-
- //
- // The GHCB range consists of two pages per CPU, the GHCB and a
- // per-CPU variable page. The GHCB page needs to be mapped as an
- // unencrypted page while the per-CPU variable page needs to be
- // mapped encrypted. These pages alternate in assignment.
- //
- if ( (GhcbBase == 0)
- || (PhysicalAddress4K < GhcbBase)
- || (PhysicalAddress4K >= GhcbBase + GhcbSize)
- || (((PhysicalAddress4K - GhcbBase) & SIZE_4KB) != 0))
- {
- PageTableEntry->Uint64 |= AddressEncMask;
- }
-
- PageTableEntry->Bits.ReadWrite = 1;
-
- if ((IsNullDetectionEnabled () && (PhysicalAddress4K == 0)) ||
- (PcdGetBool (PcdCpuStackGuard) && (PhysicalAddress4K == StackBase)))
- {
- PageTableEntry->Bits.Present = 0;
- } else {
- PageTableEntry->Bits.Present = 1;
- }
-
- if ( PcdGetBool (PcdSetNxForStack)
- && (PhysicalAddress4K >= StackBase)
- && (PhysicalAddress4K < StackBase + StackSize))
- {
- //
- // Set Nx bit for stack.
- //
- PageTableEntry->Bits.Nx = 1;
- }
+ RETURN_STATUS Status;
+ UINTN PageTableBufferSize;
+ VOID *PageTableBuffer;
+
+ PageTableBufferSize = 0;
+ Status = PageTableMap (PageTable, PagingMode, NULL, &PageTableBufferSize, BaseAddress, Length, MapAttribute, MapMask, NULL);
+ if (Status == RETURN_BUFFER_TOO_SMALL) {
+ PageTableBuffer = AllocatePageTableMemory (EFI_SIZE_TO_PAGES (PageTableBufferSize));
+ DEBUG ((DEBUG_INFO, "DxeIpl: 0x%x bytes needed for page table\n", PageTableBufferSize));
+ ASSERT (PageTableBuffer != NULL);
+ Status = PageTableMap (PageTable, PagingMode, PageTableBuffer, &PageTableBufferSize, BaseAddress, Length, MapAttribute, MapMask, NULL);
}
-}
-
-/**
- Split 1G page to 2M.

- @param[in] PhysicalAddress Start physical address the 1G page covered.
- @param[in, out] PageEntry1G Pointer to 1G page entry.
- @param[in] StackBase Stack base address.
- @param[in] StackSize Stack size.
- @param[in] GhcbBase GHCB page area base address.
- @param[in] GhcbSize GHCB page area size.
-
-**/
-VOID
-Split1GPageTo2M (
- IN EFI_PHYSICAL_ADDRESS PhysicalAddress,
- IN OUT UINT64 *PageEntry1G,
- IN EFI_PHYSICAL_ADDRESS StackBase,
- IN UINTN StackSize,
- IN EFI_PHYSICAL_ADDRESS GhcbBase,
- IN UINTN GhcbSize
- )
-{
- EFI_PHYSICAL_ADDRESS PhysicalAddress2M;
- UINTN IndexOfPageDirectoryEntries;
- PAGE_TABLE_ENTRY *PageDirectoryEntry;
- UINT64 AddressEncMask;
-
- //
- // Make sure AddressEncMask is contained to smallest supported address field
- //
- AddressEncMask = PcdGet64 (PcdPteMemoryEncryptionAddressOrMask) & PAGING_1G_ADDRESS_MASK_64;
-
- PageDirectoryEntry = AllocatePageTableMemory (1);
- ASSERT (PageDirectoryEntry != NULL);
-
- //
- // Fill in 1G page entry.
- //
- *PageEntry1G = (UINT64)(UINTN)PageDirectoryEntry | AddressEncMask | IA32_PG_P | IA32_PG_RW;
-
- PhysicalAddress2M = PhysicalAddress;
- for (IndexOfPageDirectoryEntries = 0; IndexOfPageDirectoryEntries < 512; IndexOfPageDirectoryEntries++, PageDirectoryEntry++, PhysicalAddress2M += SIZE_2MB) {
- if (ToSplitPageTable (PhysicalAddress2M, SIZE_2MB, StackBase, StackSize, GhcbBase, GhcbSize)) {
- //
- // Need to split this 2M page that covers NULL or stack range.
- //
- Split2MPageTo4K (PhysicalAddress2M, (UINT64 *)PageDirectoryEntry, StackBase, StackSize, GhcbBase, GhcbSize);
- } else {
- //
- // Fill in the Page Directory entries
- //
- PageDirectoryEntry->Uint64 = (UINT64)PhysicalAddress2M | AddressEncMask;
- PageDirectoryEntry->Bits.ReadWrite = 1;
- PageDirectoryEntry->Bits.Present = 1;
- PageDirectoryEntry->Bits.MustBe1 = 1;
- }
- }
+ ASSERT_RETURN_ERROR (Status);
+ ASSERT (PageTableBufferSize == 0);
}

/**
@@ -657,19 +507,20 @@ EnablePageTableProtection (
}

/**
- Allocates and fills in the Page Directory and Page Table Entries to
+ Create IA32 PAE paging or 4-level/5-level paging for long mode to
establish a 1:1 Virtual to Physical mapping.

- @param[in] StackBase Stack base address.
- @param[in] StackSize Stack size.
- @param[in] GhcbBase GHCB base address.
- @param[in] GhcbSize GHCB size.
-
- @return The address of 4 level page map.
+ @param[in] Is32BitPageTable Whether to create 32-bit PAE page table.
+ @param[in] StackBase Stack base address.
+ @param[in] StackSize Stack size.
+ @param[in] GhcbBase GHCB base address.
+ @param[in] GhcbSize GHCB size.

+ @return PageTable Address
**/
UINTN
CreateIdentityMappingPageTables (
+ IN BOOLEAN Is32BitPageTable,
IN EFI_PHYSICAL_ADDRESS StackBase,
IN UINTN StackSize,
IN EFI_PHYSICAL_ADDRESS GhcbBase,
@@ -680,274 +531,154 @@ CreateIdentityMappingPageTables (
CPUID_STRUCTURED_EXTENDED_FEATURE_FLAGS_ECX EcxFlags;
UINT32 RegEdx;
UINT8 PhysicalAddressBits;
- EFI_PHYSICAL_ADDRESS PageAddress;
- UINTN IndexOfPml5Entries;
- UINTN IndexOfPml4Entries;
- UINTN IndexOfPdpEntries;
- UINTN IndexOfPageDirectoryEntries;
- UINT32 NumberOfPml5EntriesNeeded;
- UINT32 NumberOfPml4EntriesNeeded;
- UINT32 NumberOfPdpEntriesNeeded;
- PAGE_MAP_AND_DIRECTORY_POINTER *PageMapLevel5Entry;
- PAGE_MAP_AND_DIRECTORY_POINTER *PageMapLevel4Entry;
- PAGE_MAP_AND_DIRECTORY_POINTER *PageMap;
- PAGE_MAP_AND_DIRECTORY_POINTER *PageDirectoryPointerEntry;
- PAGE_TABLE_ENTRY *PageDirectoryEntry;
- UINTN TotalPagesNum;
- UINTN BigPageAddress;
VOID *Hob;
BOOLEAN Page5LevelSupport;
BOOLEAN Page1GSupport;
- PAGE_TABLE_1G_ENTRY *PageDirectory1GEntry;
UINT64 AddressEncMask;
IA32_CR4 Cr4;
-
- //
- // Set PageMapLevel5Entry to suppress incorrect compiler/analyzer warnings
- //
- PageMapLevel5Entry = NULL;
+ PAGING_MODE PagingMode;
+ UINTN PageTable;
+ IA32_MAP_ATTRIBUTE MapAttribute;
+ IA32_MAP_ATTRIBUTE MapMask;
+ EFI_PHYSICAL_ADDRESS GhcbBase4K;

//
// Make sure AddressEncMask is contained to smallest supported address field
//
- AddressEncMask = PcdGet64 (PcdPteMemoryEncryptionAddressOrMask) & PAGING_1G_ADDRESS_MASK_64;
-
- Page1GSupport = FALSE;
- if (PcdGetBool (PcdUse1GPageTable)) {
- AsmCpuid (0x80000000, &RegEax, NULL, NULL, NULL);
- if (RegEax >= 0x80000001) {
- AsmCpuid (0x80000001, NULL, NULL, NULL, &RegEdx);
- if ((RegEdx & BIT26) != 0) {
- Page1GSupport = TRUE;
+ AddressEncMask = PcdGet64 (PcdPteMemoryEncryptionAddressOrMask) & PAGING_1G_ADDRESS_MASK_64;
+ Page5LevelSupport = FALSE;
+ Page1GSupport = FALSE;
+
+ if (Is32BitPageTable) {
+ PagingMode = PagingPae;
+ PhysicalAddressBits = 32;
+ } else {
+ if (PcdGetBool (PcdUse1GPageTable)) {
+ AsmCpuid (0x80000000, &RegEax, NULL, NULL, NULL);
+ if (RegEax >= 0x80000001) {
+ AsmCpuid (0x80000001, NULL, NULL, NULL, &RegEdx);
+ if ((RegEdx & BIT26) != 0) {
+ Page1GSupport = TRUE;
+ }
}
}
- }

- //
- // Get physical address bits supported.
- //
- Hob = GetFirstHob (EFI_HOB_TYPE_CPU);
- if (Hob != NULL) {
- PhysicalAddressBits = ((EFI_HOB_CPU *)Hob)->SizeOfMemorySpace;
- } else {
- AsmCpuid (0x80000000, &RegEax, NULL, NULL, NULL);
- if (RegEax >= 0x80000008) {
- AsmCpuid (0x80000008, &RegEax, NULL, NULL, NULL);
- PhysicalAddressBits = (UINT8)RegEax;
+ //
+ // Get physical address bits supported.
+ //
+ Hob = GetFirstHob (EFI_HOB_TYPE_CPU);
+ if (Hob != NULL) {
+ PhysicalAddressBits = ((EFI_HOB_CPU *)Hob)->SizeOfMemorySpace;
} else {
- PhysicalAddressBits = 36;
+ AsmCpuid (0x80000000, &RegEax, NULL, NULL, NULL);
+ if (RegEax >= 0x80000008) {
+ AsmCpuid (0x80000008, &RegEax, NULL, NULL, NULL);
+ PhysicalAddressBits = (UINT8)RegEax;
+ } else {
+ PhysicalAddressBits = 36;
+ }
}
- }

- Page5LevelSupport = FALSE;
- if (PcdGetBool (PcdUse5LevelPageTable)) {
- AsmCpuidEx (
- CPUID_STRUCTURED_EXTENDED_FEATURE_FLAGS,
- CPUID_STRUCTURED_EXTENDED_FEATURE_FLAGS_SUB_LEAF_INFO,
- NULL,
- NULL,
- &EcxFlags.Uint32,
- NULL
- );
- if (EcxFlags.Bits.FiveLevelPage != 0) {
- Page5LevelSupport = TRUE;
+ if (PcdGetBool (PcdUse5LevelPageTable)) {
+ AsmCpuidEx (
+ CPUID_STRUCTURED_EXTENDED_FEATURE_FLAGS,
+ CPUID_STRUCTURED_EXTENDED_FEATURE_FLAGS_SUB_LEAF_INFO,
+ NULL,
+ NULL,
+ &EcxFlags.Uint32,
+ NULL
+ );
+ if (EcxFlags.Bits.FiveLevelPage != 0) {
+ Page5LevelSupport = TRUE;
+ }
}
- }
-
- DEBUG ((DEBUG_INFO, "AddressBits=%u 5LevelPaging=%u 1GPage=%u\n", PhysicalAddressBits, Page5LevelSupport, Page1GSupport));

- //
- // IA-32e paging translates 48-bit linear addresses to 52-bit physical addresses
- // when 5-Level Paging is disabled,
- // due to either unsupported by HW, or disabled by PCD.
- //
- ASSERT (PhysicalAddressBits <= 52);
- if (!Page5LevelSupport && (PhysicalAddressBits > 48)) {
- PhysicalAddressBits = 48;
- }
-
- //
- // Calculate the table entries needed.
- //
- NumberOfPml5EntriesNeeded = 1;
- if (PhysicalAddressBits > 48) {
- NumberOfPml5EntriesNeeded = (UINT32)LShiftU64 (1, PhysicalAddressBits - 48);
- PhysicalAddressBits = 48;
- }
+ if (Page5LevelSupport) {
+ if (Page1GSupport) {
+ PagingMode = Paging5Level1GB;
+ } else {
+ PagingMode = Paging5Level;
+ }
+ } else {
+ if (Page1GSupport) {
+ PagingMode = Paging4Level1GB;
+ } else {
+ PagingMode = Paging4Level;
+ }
+ }

- NumberOfPml4EntriesNeeded = 1;
- if (PhysicalAddressBits > 39) {
- NumberOfPml4EntriesNeeded = (UINT32)LShiftU64 (1, PhysicalAddressBits - 39);
- PhysicalAddressBits = 39;
+ DEBUG ((DEBUG_INFO, "AddressBits=%u 5LevelPaging=%u 1GPage=%u\n", PhysicalAddressBits, Page5LevelSupport, Page1GSupport));
+ //
+ // IA-32e paging translates 48-bit linear addresses to 52-bit physical addresses
+ // when 5-Level Paging is disabled, due to either unsupported by HW, or disabled by PCD.
+ //
+ ASSERT (PhysicalAddressBits <= 52);
+ if (!Page5LevelSupport && (PhysicalAddressBits > 48)) {
+ PhysicalAddressBits = 48;
+ }
}

- NumberOfPdpEntriesNeeded = 1;
- ASSERT (PhysicalAddressBits > 30);
- NumberOfPdpEntriesNeeded = (UINT32)LShiftU64 (1, PhysicalAddressBits - 30);
+ PageTable = 0;
+ MapAttribute.Uint64 = AddressEncMask;
+ MapAttribute.Bits.Present = 1;
+ MapAttribute.Bits.ReadWrite = 1;
+ MapMask.Uint64 = MAX_UINT64;
+ CreateOrUpdatePageTable (&PageTable, PagingMode, 0, LShiftU64 (1, PhysicalAddressBits), &MapAttribute, &MapMask);

- //
- // Pre-allocate big pages to avoid later allocations.
- //
- if (!Page1GSupport) {
- TotalPagesNum = ((NumberOfPdpEntriesNeeded + 1) * NumberOfPml4EntriesNeeded + 1) * NumberOfPml5EntriesNeeded + 1;
- } else {
- TotalPagesNum = (NumberOfPml4EntriesNeeded + 1) * NumberOfPml5EntriesNeeded + 1;
- }
-
- //
- // Substract the one page occupied by PML5 entries if 5-Level Paging is disabled.
- //
- if (!Page5LevelSupport) {
- TotalPagesNum--;
+ if ((GhcbBase > 0) && (GhcbSize > 0) && (AddressEncMask != 0)) {
+ //
+ // The GHCB range consists of two pages per CPU, the GHCB and a
+ // per-CPU variable page. The GHCB page needs to be mapped as an
+ // unencrypted page while the per-CPU variable page needs to be
+ // mapped encrypted. These pages alternate in assignment.
+ //
+ ASSERT (Is32BitPageTable == FALSE);
+ GhcbBase4K = ALIGN_VALUE (GhcbBase, SIZE_4KB);
+ MapAttribute.Uint64 = GhcbBase4K;
+ MapMask.Uint64 = 0;
+ MapMask.Bits.PageTableBaseAddressLow = 1;
+ CreateOrUpdatePageTable (&PageTable, PagingMode, GhcbBase4K, SIZE_4KB, &MapAttribute, &MapMask);
}

- DEBUG ((
- DEBUG_INFO,
- "Pml5=%u Pml4=%u Pdp=%u TotalPage=%Lu\n",
- NumberOfPml5EntriesNeeded,
- NumberOfPml4EntriesNeeded,
- NumberOfPdpEntriesNeeded,
- (UINT64)TotalPagesNum
- ));
-
- BigPageAddress = (UINTN)AllocatePageTableMemory (TotalPagesNum);
- ASSERT (BigPageAddress != 0);
-
- //
- // By architecture only one PageMapLevel4 exists - so lets allocate storage for it.
- //
- PageMap = (VOID *)BigPageAddress;
- if (Page5LevelSupport) {
+ if (PcdGetBool (PcdSetNxForStack)) {
//
- // By architecture only one PageMapLevel5 exists - so lets allocate storage for it.
+ // Set the stack as Nx in page table.
//
- PageMapLevel5Entry = PageMap;
- BigPageAddress += SIZE_4KB;
+ MapAttribute.Uint64 = 0;
+ MapAttribute.Bits.Nx = 1;
+ MapMask.Uint64 = 0;
+ MapMask.Bits.Nx = 1;
+ CreateOrUpdatePageTable (&PageTable, PagingMode, StackBase, StackSize, &MapAttribute, &MapMask);
}

- PageAddress = 0;
-
- for ( IndexOfPml5Entries = 0
- ; IndexOfPml5Entries < NumberOfPml5EntriesNeeded
- ; IndexOfPml5Entries++)
- {
+ MapAttribute.Uint64 = 0;
+ MapMask.Uint64 = 0;
+ MapMask.Bits.Present = 1;
+ if (IsNullDetectionEnabled ()) {
//
- // Each PML5 entry points to a page of PML4 entires.
- // So lets allocate space for them and fill them in in the IndexOfPml4Entries loop.
- // When 5-Level Paging is disabled, below allocation happens only once.
+ // Set [0, 4KB] as not-present in page table.
//
- PageMapLevel4Entry = (VOID *)BigPageAddress;
- BigPageAddress += SIZE_4KB;
-
- if (Page5LevelSupport) {
- //
- // Make a PML5 Entry
- //
- PageMapLevel5Entry->Uint64 = (UINT64)(UINTN)PageMapLevel4Entry | AddressEncMask;
- PageMapLevel5Entry->Bits.ReadWrite = 1;
- PageMapLevel5Entry->Bits.Present = 1;
- PageMapLevel5Entry++;
- }
-
- for ( IndexOfPml4Entries = 0
- ; IndexOfPml4Entries < (NumberOfPml5EntriesNeeded == 1 ? NumberOfPml4EntriesNeeded : 512)
- ; IndexOfPml4Entries++, PageMapLevel4Entry++)
- {
- //
- // Each PML4 entry points to a page of Page Directory Pointer entires.
- // So lets allocate space for them and fill them in in the IndexOfPdpEntries loop.
- //
- PageDirectoryPointerEntry = (VOID *)BigPageAddress;
- BigPageAddress += SIZE_4KB;
-
- //
- // Make a PML4 Entry
- //
- PageMapLevel4Entry->Uint64 = (UINT64)(UINTN)PageDirectoryPointerEntry | AddressEncMask;
- PageMapLevel4Entry->Bits.ReadWrite = 1;
- PageMapLevel4Entry->Bits.Present = 1;
-
- if (Page1GSupport) {
- PageDirectory1GEntry = (VOID *)PageDirectoryPointerEntry;
-
- for (IndexOfPageDirectoryEntries = 0; IndexOfPageDirectoryEntries < 512; IndexOfPageDirectoryEntries++, PageDirectory1GEntry++, PageAddress += SIZE_1GB) {
- if (ToSplitPageTable (PageAddress, SIZE_1GB, StackBase, StackSize, GhcbBase, GhcbSize)) {
- Split1GPageTo2M (PageAddress, (UINT64 *)PageDirectory1GEntry, StackBase, StackSize, GhcbBase, GhcbSize);
- } else {
- //
- // Fill in the Page Directory entries
- //
- PageDirectory1GEntry->Uint64 = (UINT64)PageAddress | AddressEncMask;
- PageDirectory1GEntry->Bits.ReadWrite = 1;
- PageDirectory1GEntry->Bits.Present = 1;
- PageDirectory1GEntry->Bits.MustBe1 = 1;
- }
- }
- } else {
- for ( IndexOfPdpEntries = 0
- ; IndexOfPdpEntries < (NumberOfPml4EntriesNeeded == 1 ? NumberOfPdpEntriesNeeded : 512)
- ; IndexOfPdpEntries++, PageDirectoryPointerEntry++)
- {
- //
- // Each Directory Pointer entries points to a page of Page Directory entires.
- // So allocate space for them and fill them in in the IndexOfPageDirectoryEntries loop.
- //
- PageDirectoryEntry = (VOID *)BigPageAddress;
- BigPageAddress += SIZE_4KB;
-
- //
- // Fill in a Page Directory Pointer Entries
- //
- PageDirectoryPointerEntry->Uint64 = (UINT64)(UINTN)PageDirectoryEntry | AddressEncMask;
- PageDirectoryPointerEntry->Bits.ReadWrite = 1;
- PageDirectoryPointerEntry->Bits.Present = 1;
-
- for (IndexOfPageDirectoryEntries = 0; IndexOfPageDirectoryEntries < 512; IndexOfPageDirectoryEntries++, PageDirectoryEntry++, PageAddress += SIZE_2MB) {
- if (ToSplitPageTable (PageAddress, SIZE_2MB, StackBase, StackSize, GhcbBase, GhcbSize)) {
- //
- // Need to split this 2M page that covers NULL or stack range.
- //
- Split2MPageTo4K (PageAddress, (UINT64 *)PageDirectoryEntry, StackBase, StackSize, GhcbBase, GhcbSize);
- } else {
- //
- // Fill in the Page Directory entries
- //
- PageDirectoryEntry->Uint64 = (UINT64)PageAddress | AddressEncMask;
- PageDirectoryEntry->Bits.ReadWrite = 1;
- PageDirectoryEntry->Bits.Present = 1;
- PageDirectoryEntry->Bits.MustBe1 = 1;
- }
- }
- }
-
- //
- // Fill with null entry for unused PDPTE
- //
- ZeroMem (PageDirectoryPointerEntry, (512 - IndexOfPdpEntries) * sizeof (PAGE_MAP_AND_DIRECTORY_POINTER));
- }
- }
+ CreateOrUpdatePageTable (&PageTable, PagingMode, 0, SIZE_4KB, &MapAttribute, &MapMask);
+ }

+ if (PcdGetBool (PcdCpuStackGuard)) {
//
- // For the PML4 entries we are not using fill in a null entry.
+ // Set the the last 4KB of stack as not-present in page table.
//
- ZeroMem (PageMapLevel4Entry, (512 - IndexOfPml4Entries) * sizeof (PAGE_MAP_AND_DIRECTORY_POINTER));
+ CreateOrUpdatePageTable (&PageTable, PagingMode, StackBase, SIZE_4KB, &MapAttribute, &MapMask);
}

if (Page5LevelSupport) {
Cr4.UintN = AsmReadCr4 ();
Cr4.Bits.LA57 = 1;
AsmWriteCr4 (Cr4.UintN);
- //
- // For the PML5 entries we are not using fill in a null entry.
- //
- ZeroMem (PageMapLevel5Entry, (512 - IndexOfPml5Entries) * sizeof (PAGE_MAP_AND_DIRECTORY_POINTER));
}

//
// Protect the page table by marking the memory used for page table to be
// read-only.
//
- EnablePageTableProtection ((UINTN)PageMap, TRUE);
+ EnablePageTableProtection ((UINTN)PageTable, TRUE);

//
// Set IA32_EFER.NXE if necessary.
@@ -956,5 +687,5 @@ CreateIdentityMappingPageTables (
EnableExecuteDisableBit ();
}

- return (UINTN)PageMap;
+ return PageTable;
}
diff --git a/MdeModulePkg/Core/DxeIplPeim/X64/VirtualMemory.h b/MdeModulePkg/Core/DxeIplPeim/X64/VirtualMemory.h
index 616ebe42b0..7d4bc4e4ba 100644
--- a/MdeModulePkg/Core/DxeIplPeim/X64/VirtualMemory.h
+++ b/MdeModulePkg/Core/DxeIplPeim/X64/VirtualMemory.h
@@ -7,7 +7,7 @@
3) IA-32 Intel(R) Architecture Software Developer's Manual Volume 3:System Programmer's Guide, Intel
4) AMD64 Architecture Programmer's Manual Volume 2: System Programming

-Copyright (c) 2006 - 2018, Intel Corporation. All rights reserved.<BR>
+Copyright (c) 2006 - 2023, Intel Corporation. All rights reserved.<BR>
Copyright (c) 2017, AMD Incorporated. All rights reserved.<BR>

SPDX-License-Identifier: BSD-2-Clause-Patent
@@ -46,99 +46,6 @@ typedef struct {
UINT32 Reserved;
} X64_IDT_GATE_DESCRIPTOR;

-//
-// Page-Map Level-4 Offset (PML4) and
-// Page-Directory-Pointer Offset (PDPE) entries 4K & 2MB
-//
-
-typedef union {
- struct {
- UINT64 Present : 1; // 0 = Not present in memory, 1 = Present in memory
- UINT64 ReadWrite : 1; // 0 = Read-Only, 1= Read/Write
- UINT64 UserSupervisor : 1; // 0 = Supervisor, 1=User
- UINT64 WriteThrough : 1; // 0 = Write-Back caching, 1=Write-Through caching
- UINT64 CacheDisabled : 1; // 0 = Cached, 1=Non-Cached
- UINT64 Accessed : 1; // 0 = Not accessed, 1 = Accessed (set by CPU)
- UINT64 Reserved : 1; // Reserved
- UINT64 MustBeZero : 2; // Must Be Zero
- UINT64 Available : 3; // Available for use by system software
- UINT64 PageTableBaseAddress : 40; // Page Table Base Address
- UINT64 AvabilableHigh : 11; // Available for use by system software
- UINT64 Nx : 1; // No Execute bit
- } Bits;
- UINT64 Uint64;
-} PAGE_MAP_AND_DIRECTORY_POINTER;
-
-//
-// Page Table Entry 4KB
-//
-typedef union {
- struct {
- UINT64 Present : 1; // 0 = Not present in memory, 1 = Present in memory
- UINT64 ReadWrite : 1; // 0 = Read-Only, 1= Read/Write
- UINT64 UserSupervisor : 1; // 0 = Supervisor, 1=User
- UINT64 WriteThrough : 1; // 0 = Write-Back caching, 1=Write-Through caching
- UINT64 CacheDisabled : 1; // 0 = Cached, 1=Non-Cached
- UINT64 Accessed : 1; // 0 = Not accessed, 1 = Accessed (set by CPU)
- UINT64 Dirty : 1; // 0 = Not Dirty, 1 = written by processor on access to page
- UINT64 PAT : 1; //
- UINT64 Global : 1; // 0 = Not global page, 1 = global page TLB not cleared on CR3 write
- UINT64 Available : 3; // Available for use by system software
- UINT64 PageTableBaseAddress : 40; // Page Table Base Address
- UINT64 AvabilableHigh : 11; // Available for use by system software
- UINT64 Nx : 1; // 0 = Execute Code, 1 = No Code Execution
- } Bits;
- UINT64 Uint64;
-} PAGE_TABLE_4K_ENTRY;
-
-//
-// Page Table Entry 2MB
-//
-typedef union {
- struct {
- UINT64 Present : 1; // 0 = Not present in memory, 1 = Present in memory
- UINT64 ReadWrite : 1; // 0 = Read-Only, 1= Read/Write
- UINT64 UserSupervisor : 1; // 0 = Supervisor, 1=User
- UINT64 WriteThrough : 1; // 0 = Write-Back caching, 1=Write-Through caching
- UINT64 CacheDisabled : 1; // 0 = Cached, 1=Non-Cached
- UINT64 Accessed : 1; // 0 = Not accessed, 1 = Accessed (set by CPU)
- UINT64 Dirty : 1; // 0 = Not Dirty, 1 = written by processor on access to page
- UINT64 MustBe1 : 1; // Must be 1
- UINT64 Global : 1; // 0 = Not global page, 1 = global page TLB not cleared on CR3 write
- UINT64 Available : 3; // Available for use by system software
- UINT64 PAT : 1; //
- UINT64 MustBeZero : 8; // Must be zero;
- UINT64 PageTableBaseAddress : 31; // Page Table Base Address
- UINT64 AvabilableHigh : 11; // Available for use by system software
- UINT64 Nx : 1; // 0 = Execute Code, 1 = No Code Execution
- } Bits;
- UINT64 Uint64;
-} PAGE_TABLE_ENTRY;
-
-//
-// Page Table Entry 1GB
-//
-typedef union {
- struct {
- UINT64 Present : 1; // 0 = Not present in memory, 1 = Present in memory
- UINT64 ReadWrite : 1; // 0 = Read-Only, 1= Read/Write
- UINT64 UserSupervisor : 1; // 0 = Supervisor, 1=User
- UINT64 WriteThrough : 1; // 0 = Write-Back caching, 1=Write-Through caching
- UINT64 CacheDisabled : 1; // 0 = Cached, 1=Non-Cached
- UINT64 Accessed : 1; // 0 = Not accessed, 1 = Accessed (set by CPU)
- UINT64 Dirty : 1; // 0 = Not Dirty, 1 = written by processor on access to page
- UINT64 MustBe1 : 1; // Must be 1
- UINT64 Global : 1; // 0 = Not global page, 1 = global page TLB not cleared on CR3 write
- UINT64 Available : 3; // Available for use by system software
- UINT64 PAT : 1; //
- UINT64 MustBeZero : 17; // Must be zero;
- UINT64 PageTableBaseAddress : 22; // Page Table Base Address
- UINT64 AvabilableHigh : 11; // Available for use by system software
- UINT64 Nx : 1; // 0 = Execute Code, 1 = No Code Execution
- } Bits;
- UINT64 Uint64;
-} PAGE_TABLE_1G_ENTRY;
-
#pragma pack()

#define CR0_WP BIT16
@@ -194,44 +101,25 @@ EnableExecuteDisableBit (
);

/**
- Split 2M page to 4K.
-
- @param[in] PhysicalAddress Start physical address the 2M page covered.
- @param[in, out] PageEntry2M Pointer to 2M page entry.
- @param[in] StackBase Stack base address.
- @param[in] StackSize Stack size.
- @param[in] GhcbBase GHCB page area base address.
- @param[in] GhcbSize GHCB page area size.
-
-**/
-VOID
-Split2MPageTo4K (
- IN EFI_PHYSICAL_ADDRESS PhysicalAddress,
- IN OUT UINT64 *PageEntry2M,
- IN EFI_PHYSICAL_ADDRESS StackBase,
- IN UINTN StackSize,
- IN EFI_PHYSICAL_ADDRESS GhcbBase,
- IN UINTN GhcbSize
- );
-
-/**
- Allocates and fills in the Page Directory and Page Table Entries to
+ Create IA32 PAE paging or 4-level/5-level paging for long mode to
establish a 1:1 Virtual to Physical mapping.

- @param[in] StackBase Stack base address.
- @param[in] StackSize Stack size.
- @param[in] GhcbBase GHCB page area base address.
- @param[in] GhcbSize GHCB page area size.
+ @param[in] Is32BitPageTable Whether to create 32-bit PAE page table.
+ @param[in] StackBase Stack base address.
+ @param[in] StackSize Stack size.
+ @param[in] GhcbBase GHCB page area base address.
+ @param[in] GhcbSize GHCB page area size.

- @return The address of 4 level page map.
+ @return The address of page table.

**/
UINTN
CreateIdentityMappingPageTables (
+ IN BOOLEAN Is32BitPageTable,
IN EFI_PHYSICAL_ADDRESS StackBase,
IN UINTN StackSize,
IN EFI_PHYSICAL_ADDRESS GhcbBase,
- IN UINTN GhcbkSize
+ IN UINTN GhcbSize
);

/**
@@ -289,39 +177,4 @@ IsNullDetectionEnabled (
VOID
);

-/**
- Prevent the memory pages used for page table from been overwritten.
-
- @param[in] PageTableBase Base address of page table (CR3).
- @param[in] Level4Paging Level 4 paging flag.
-
-**/
-VOID
-EnablePageTableProtection (
- IN UINTN PageTableBase,
- IN BOOLEAN Level4Paging
- );
-
-/**
- This API provides a way to allocate memory for page table.
-
- This API can be called more than once to allocate memory for page tables.
-
- Allocates the number of 4KB pages and returns a pointer to the allocated
- buffer. The buffer returned is aligned on a 4KB boundary.
-
- If Pages is 0, then NULL is returned.
- If there is not enough memory remaining to satisfy the request, then NULL is
- returned.
-
- @param Pages The number of 4 KB pages to allocate.
-
- @return A pointer to the allocated buffer or NULL if allocation fails.
-
-**/
-VOID *
-AllocatePageTableMemory (
- IN UINTN Pages
- );
-
#endif
--
2.31.1.windows.1


[PATCH 6/9] MdeModulePkg: Add UefiCpuPkg.dec to pass DependencyCheck

duntan
 

Add UefiCpuPkg/UefiCpuPkg.dec in MdeModulePkg.ci.yaml to pass
DependencyCheck since DxeIpl in MdeModulePkg needs to consume
CpuPageTableLib in UefiCpuPkg.

Signed-off-by: Dun Tan <dun.tan@...>
Cc: Liming Gao <gaoliming@...>
Cc: Ray Ni <ray.ni@...>
Cc: Jian J Wang <jian.j.wang@...>
---
MdeModulePkg/MdeModulePkg.ci.yaml | 5 +++--
1 file changed, 3 insertions(+), 2 deletions(-)

diff --git a/MdeModulePkg/MdeModulePkg.ci.yaml b/MdeModulePkg/MdeModulePkg.ci.yaml
index f69989087b..d2616f4cdc 100644
--- a/MdeModulePkg/MdeModulePkg.ci.yaml
+++ b/MdeModulePkg/MdeModulePkg.ci.yaml
@@ -2,7 +2,7 @@
# CI configuration for MdeModulePkg
#
# Copyright (c) Microsoft Corporation
-# Copyright (c) 2020, Intel Corporation. All rights reserved.<BR>
+# Copyright (c) 2020 - 2023, Intel Corporation. All rights reserved.<BR>
# (C) Copyright 2021 Hewlett Packard Enterprise Development LP<BR>
# SPDX-License-Identifier: BSD-2-Clause-Patent
##
@@ -51,7 +51,8 @@
"MdePkg/MdePkg.dec",
"MdeModulePkg/MdeModulePkg.dec",
"StandaloneMmPkg/StandaloneMmPkg.dec",
- "ArmPkg/ArmPkg.dec" # this should be fixed by promoting an abstraction
+ "ArmPkg/ArmPkg.dec", # this should be fixed by promoting an abstraction
+ "UefiCpuPkg/UefiCpuPkg.dec"
],
# For host based unit tests
"AcceptableDependencies-HOST_APPLICATION":[
--
2.31.1.windows.1


[PATCH 5/9] OvmfPkg: Add CpuPageTableLib required by DxeIpl in DSC file

duntan
 

Add CpuPageTableLib instance required by DxeIpl in corresponding
DSC files of OvmfPkg.

Signed-off-by: Dun Tan <dun.tan@...>
Cc: Ard Biesheuvel <ardb+tianocore@...>
Cc: Jiewen Yao <jiewen.yao@...>
Cc: Jordan Justen <jordan.l.justen@...>
Cc: Gerd Hoffmann <kraxel@...>
Cc: Ray Ni <ray.ni@...>
---
OvmfPkg/AmdSev/AmdSevX64.dsc | 2 +-
OvmfPkg/Bhyve/BhyveX64.dsc | 3 ++-
OvmfPkg/CloudHv/CloudHvX64.dsc | 2 +-
OvmfPkg/Microvm/MicrovmX64.dsc | 2 +-
OvmfPkg/OvmfPkgIa32.dsc | 3 ++-
OvmfPkg/OvmfPkgIa32X64.dsc | 2 +-
OvmfPkg/OvmfPkgX64.dsc | 2 +-
OvmfPkg/OvmfXen.dsc | 2 +-
8 files changed, 10 insertions(+), 8 deletions(-)

diff --git a/OvmfPkg/AmdSev/AmdSevX64.dsc b/OvmfPkg/AmdSev/AmdSevX64.dsc
index 654c3af092..60b7ba1a13 100644
--- a/OvmfPkg/AmdSev/AmdSevX64.dsc
+++ b/OvmfPkg/AmdSev/AmdSevX64.dsc
@@ -169,6 +169,7 @@
MemEncryptTdxLib|OvmfPkg/Library/BaseMemEncryptTdxLib/BaseMemEncryptTdxLib.inf
PeiHardwareInfoLib|OvmfPkg/Library/HardwareInfoLib/PeiHardwareInfoLib.inf
DxeHardwareInfoLib|OvmfPkg/Library/HardwareInfoLib/DxeHardwareInfoLib.inf
+ CpuPageTableLib|UefiCpuPkg/Library/CpuPageTableLib/CpuPageTableLib.inf

!if $(SOURCE_DEBUG_ENABLE) == TRUE
PeCoffExtraActionLib|SourceLevelDebugPkg/Library/PeCoffExtraActionLibDebug/PeCoffExtraActionLibDebug.inf
@@ -352,7 +353,6 @@
DebugAgentLib|SourceLevelDebugPkg/Library/DebugAgent/DxeDebugAgentLib.inf
!endif
PciLib|OvmfPkg/Library/DxePciLibI440FxQ35/DxePciLibI440FxQ35.inf
- CpuPageTableLib|UefiCpuPkg/Library/CpuPageTableLib/CpuPageTableLib.inf
MpInitLib|UefiCpuPkg/Library/MpInitLib/DxeMpInitLib.inf
NestedInterruptTplLib|OvmfPkg/Library/NestedInterruptTplLib/NestedInterruptTplLib.inf
QemuFwCfgS3Lib|OvmfPkg/Library/QemuFwCfgS3Lib/DxeQemuFwCfgS3LibFwCfg.inf
diff --git a/OvmfPkg/Bhyve/BhyveX64.dsc b/OvmfPkg/Bhyve/BhyveX64.dsc
index d0d2712c56..67f8a77c3a 100644
--- a/OvmfPkg/Bhyve/BhyveX64.dsc
+++ b/OvmfPkg/Bhyve/BhyveX64.dsc
@@ -1,6 +1,6 @@
#
# Copyright (c) 2020, Rebecca Cran <rebecca@...>
-# Copyright (c) 2006 - 2021, Intel Corporation. All rights reserved.<BR>
+# Copyright (c) 2006 - 2023, Intel Corporation. All rights reserved.<BR>
# (C) Copyright 2016 Hewlett Packard Enterprise Development LP<BR>
# Copyright (c) 2014, Pluribus Networks, Inc.
#
@@ -171,6 +171,7 @@
MemEncryptTdxLib|OvmfPkg/Library/BaseMemEncryptTdxLib/BaseMemEncryptTdxLib.inf
PeiHardwareInfoLib|OvmfPkg/Library/HardwareInfoLib/PeiHardwareInfoLib.inf
DxeHardwareInfoLib|OvmfPkg/Library/HardwareInfoLib/DxeHardwareInfoLib.inf
+ CpuPageTableLib|UefiCpuPkg/Library/CpuPageTableLib/CpuPageTableLib.inf

CustomizedDisplayLib|MdeModulePkg/Library/CustomizedDisplayLib/CustomizedDisplayLib.inf
FrameBufferBltLib|MdeModulePkg/Library/FrameBufferBltLib/FrameBufferBltLib.inf
diff --git a/OvmfPkg/CloudHv/CloudHvX64.dsc b/OvmfPkg/CloudHv/CloudHvX64.dsc
index b9820cc14b..ffc65b0e15 100644
--- a/OvmfPkg/CloudHv/CloudHvX64.dsc
+++ b/OvmfPkg/CloudHv/CloudHvX64.dsc
@@ -190,6 +190,7 @@
MemEncryptSevLib|OvmfPkg/Library/BaseMemEncryptSevLib/DxeMemEncryptSevLib.inf
PeiHardwareInfoLib|OvmfPkg/Library/HardwareInfoLib/PeiHardwareInfoLib.inf
DxeHardwareInfoLib|OvmfPkg/Library/HardwareInfoLib/DxeHardwareInfoLib.inf
+ CpuPageTableLib|UefiCpuPkg/Library/CpuPageTableLib/CpuPageTableLib.inf
!if $(SMM_REQUIRE) == FALSE
LockBoxLib|OvmfPkg/Library/LockBoxLib/LockBoxBaseLib.inf
!endif
@@ -403,7 +404,6 @@
DebugAgentLib|SourceLevelDebugPkg/Library/DebugAgent/DxeDebugAgentLib.inf
!endif
PciLib|OvmfPkg/Library/DxePciLibI440FxQ35/DxePciLibI440FxQ35.inf
- CpuPageTableLib|UefiCpuPkg/Library/CpuPageTableLib/CpuPageTableLib.inf
MpInitLib|UefiCpuPkg/Library/MpInitLib/DxeMpInitLib.inf
NestedInterruptTplLib|OvmfPkg/Library/NestedInterruptTplLib/NestedInterruptTplLib.inf
QemuFwCfgS3Lib|OvmfPkg/Library/QemuFwCfgS3Lib/DxeQemuFwCfgS3LibFwCfg.inf
diff --git a/OvmfPkg/Microvm/MicrovmX64.dsc b/OvmfPkg/Microvm/MicrovmX64.dsc
index 384b0b7afc..aa74a9d5ad 100644
--- a/OvmfPkg/Microvm/MicrovmX64.dsc
+++ b/OvmfPkg/Microvm/MicrovmX64.dsc
@@ -193,6 +193,7 @@
MemEncryptTdxLib|OvmfPkg/Library/BaseMemEncryptTdxLib/BaseMemEncryptTdxLib.inf
PeiHardwareInfoLib|OvmfPkg/Library/HardwareInfoLib/PeiHardwareInfoLib.inf
DxeHardwareInfoLib|OvmfPkg/Library/HardwareInfoLib/DxeHardwareInfoLib.inf
+ CpuPageTableLib|UefiCpuPkg/Library/CpuPageTableLib/CpuPageTableLib.inf

!if $(SOURCE_DEBUG_ENABLE) == TRUE
PeCoffExtraActionLib|SourceLevelDebugPkg/Library/PeCoffExtraActionLibDebug/PeCoffExtraActionLibDebug.inf
@@ -402,7 +403,6 @@
PciLib|MdePkg/Library/BasePciLibPciExpress/BasePciLibPciExpress.inf
PciPcdProducerLib|OvmfPkg/Fdt/FdtPciPcdProducerLib/FdtPciPcdProducerLib.inf
PciExpressLib|OvmfPkg/Library/BaseCachingPciExpressLib/BaseCachingPciExpressLib.inf
- CpuPageTableLib|UefiCpuPkg/Library/CpuPageTableLib/CpuPageTableLib.inf
MpInitLib|UefiCpuPkg/Library/MpInitLib/DxeMpInitLib.inf
NestedInterruptTplLib|OvmfPkg/Library/NestedInterruptTplLib/NestedInterruptTplLib.inf
QemuFwCfgS3Lib|OvmfPkg/Library/QemuFwCfgS3Lib/DxeQemuFwCfgS3LibFwCfg.inf
diff --git a/OvmfPkg/OvmfPkgIa32.dsc b/OvmfPkg/OvmfPkgIa32.dsc
index 9e4705f29b..0ec3480337 100644
--- a/OvmfPkg/OvmfPkgIa32.dsc
+++ b/OvmfPkg/OvmfPkgIa32.dsc
@@ -1,7 +1,7 @@
## @file
# EFI/Framework Open Virtual Machine Firmware (OVMF) platform
#
-# Copyright (c) 2006 - 2022, Intel Corporation. All rights reserved.<BR>
+# Copyright (c) 2006 - 2023, Intel Corporation. All rights reserved.<BR>
# (C) Copyright 2016 Hewlett Packard Enterprise Development LP<BR>
# Copyright (c) Microsoft Corporation.
#
@@ -193,6 +193,7 @@
MemEncryptTdxLib|OvmfPkg/Library/BaseMemEncryptTdxLib/BaseMemEncryptTdxLibNull.inf
PeiHardwareInfoLib|OvmfPkg/Library/HardwareInfoLib/PeiHardwareInfoLib.inf
DxeHardwareInfoLib|OvmfPkg/Library/HardwareInfoLib/DxeHardwareInfoLib.inf
+ CpuPageTableLib|UefiCpuPkg/Library/CpuPageTableLib/CpuPageTableLib.inf
!if $(SMM_REQUIRE) == FALSE
LockBoxLib|OvmfPkg/Library/LockBoxLib/LockBoxBaseLib.inf
!endif
diff --git a/OvmfPkg/OvmfPkgIa32X64.dsc b/OvmfPkg/OvmfPkgIa32X64.dsc
index 86940e9af5..09f29c67c2 100644
--- a/OvmfPkg/OvmfPkgIa32X64.dsc
+++ b/OvmfPkg/OvmfPkgIa32X64.dsc
@@ -197,6 +197,7 @@
MemEncryptTdxLib|OvmfPkg/Library/BaseMemEncryptTdxLib/BaseMemEncryptTdxLibNull.inf
PeiHardwareInfoLib|OvmfPkg/Library/HardwareInfoLib/PeiHardwareInfoLib.inf
DxeHardwareInfoLib|OvmfPkg/Library/HardwareInfoLib/DxeHardwareInfoLib.inf
+ CpuPageTableLib|UefiCpuPkg/Library/CpuPageTableLib/CpuPageTableLib.inf
!if $(SMM_REQUIRE) == FALSE
LockBoxLib|OvmfPkg/Library/LockBoxLib/LockBoxBaseLib.inf
!endif
@@ -413,7 +414,6 @@
DebugAgentLib|SourceLevelDebugPkg/Library/DebugAgent/DxeDebugAgentLib.inf
!endif
PciLib|OvmfPkg/Library/DxePciLibI440FxQ35/DxePciLibI440FxQ35.inf
- CpuPageTableLib|UefiCpuPkg/Library/CpuPageTableLib/CpuPageTableLib.inf
MpInitLib|UefiCpuPkg/Library/MpInitLib/DxeMpInitLib.inf
NestedInterruptTplLib|OvmfPkg/Library/NestedInterruptTplLib/NestedInterruptTplLib.inf
QemuFwCfgS3Lib|OvmfPkg/Library/QemuFwCfgS3Lib/DxeQemuFwCfgS3LibFwCfg.inf
diff --git a/OvmfPkg/OvmfPkgX64.dsc b/OvmfPkg/OvmfPkgX64.dsc
index 00f7005fca..af0654a92b 100644
--- a/OvmfPkg/OvmfPkgX64.dsc
+++ b/OvmfPkg/OvmfPkgX64.dsc
@@ -210,6 +210,7 @@
MemEncryptTdxLib|OvmfPkg/Library/BaseMemEncryptTdxLib/BaseMemEncryptTdxLib.inf
PeiHardwareInfoLib|OvmfPkg/Library/HardwareInfoLib/PeiHardwareInfoLib.inf
DxeHardwareInfoLib|OvmfPkg/Library/HardwareInfoLib/DxeHardwareInfoLib.inf
+ CpuPageTableLib|UefiCpuPkg/Library/CpuPageTableLib/CpuPageTableLib.inf

!if $(SMM_REQUIRE) == FALSE
LockBoxLib|OvmfPkg/Library/LockBoxLib/LockBoxBaseLib.inf
@@ -434,7 +435,6 @@
DebugAgentLib|SourceLevelDebugPkg/Library/DebugAgent/DxeDebugAgentLib.inf
!endif
PciLib|OvmfPkg/Library/DxePciLibI440FxQ35/DxePciLibI440FxQ35.inf
- CpuPageTableLib|UefiCpuPkg/Library/CpuPageTableLib/CpuPageTableLib.inf
MpInitLib|UefiCpuPkg/Library/MpInitLib/DxeMpInitLib.inf
NestedInterruptTplLib|OvmfPkg/Library/NestedInterruptTplLib/NestedInterruptTplLib.inf
QemuFwCfgS3Lib|OvmfPkg/Library/QemuFwCfgS3Lib/DxeQemuFwCfgS3LibFwCfg.inf
diff --git a/OvmfPkg/OvmfXen.dsc b/OvmfPkg/OvmfXen.dsc
index 990225d2dd..806e6e064e 100644
--- a/OvmfPkg/OvmfXen.dsc
+++ b/OvmfPkg/OvmfXen.dsc
@@ -173,6 +173,7 @@
MemEncryptTdxLib|OvmfPkg/Library/BaseMemEncryptTdxLib/BaseMemEncryptTdxLib.inf
PeiHardwareInfoLib|OvmfPkg/Library/HardwareInfoLib/PeiHardwareInfoLib.inf
DxeHardwareInfoLib|OvmfPkg/Library/HardwareInfoLib/DxeHardwareInfoLib.inf
+ CpuPageTableLib|UefiCpuPkg/Library/CpuPageTableLib/CpuPageTableLib.inf

!if $(SOURCE_DEBUG_ENABLE) == TRUE
PeCoffExtraActionLib|SourceLevelDebugPkg/Library/PeCoffExtraActionLibDebug/PeCoffExtraActionLibDebug.inf
@@ -338,7 +339,6 @@
DebugAgentLib|SourceLevelDebugPkg/Library/DebugAgent/DxeDebugAgentLib.inf
!endif
PciLib|OvmfPkg/Library/DxePciLibI440FxQ35/DxePciLibI440FxQ35.inf
- CpuPageTableLib|UefiCpuPkg/Library/CpuPageTableLib/CpuPageTableLib.inf
MpInitLib|UefiCpuPkg/Library/MpInitLib/DxeMpInitLib.inf
NestedInterruptTplLib|OvmfPkg/Library/NestedInterruptTplLib/NestedInterruptTplLib.inf
QemuFwCfgS3Lib|OvmfPkg/Library/QemuFwCfgS3Lib/DxeQemuFwCfgS3LibFwCfg.inf
--
2.31.1.windows.1


[PATCH 4/9] MdeModulePkg: Add CpuPageTableLib required by DxeIpl in DSC

duntan
 

Add CpuPageTableLib instance required by DxeIpl in
MdeModulePkg.dsc.

Signed-off-by: Dun Tan <dun.tan@...>
Cc: Jian J Wang <jian.j.wang@...>
Cc: Liming Gao <gaoliming@...>
Cc: Ray Ni <ray.ni@...>
---
MdeModulePkg/MdeModulePkg.dsc | 3 ++-
1 file changed, 2 insertions(+), 1 deletion(-)

diff --git a/MdeModulePkg/MdeModulePkg.dsc b/MdeModulePkg/MdeModulePkg.dsc
index 1014598f31..d95acabe83 100644
--- a/MdeModulePkg/MdeModulePkg.dsc
+++ b/MdeModulePkg/MdeModulePkg.dsc
@@ -2,7 +2,7 @@
# EFI/PI Reference Module Package for All Architectures
#
# (C) Copyright 2014 Hewlett-Packard Development Company, L.P.<BR>
-# Copyright (c) 2007 - 2021, Intel Corporation. All rights reserved.<BR>
+# Copyright (c) 2007 - 2023, Intel Corporation. All rights reserved.<BR>
# Copyright (c) Microsoft Corporation.
# Copyright (C) 2023 Advanced Micro Devices, Inc. All rights reserved.<BR>
#
@@ -106,6 +106,7 @@
MmUnblockMemoryLib|MdePkg/Library/MmUnblockMemoryLib/MmUnblockMemoryLibNull.inf
VariableFlashInfoLib|MdeModulePkg/Library/BaseVariableFlashInfoLib/BaseVariableFlashInfoLib.inf
IpmiCommandLib|MdeModulePkg/Library/BaseIpmiCommandLibNull/BaseIpmiCommandLibNull.inf
+ CpuPageTableLib|UefiCpuPkg/Library/CpuPageTableLib/CpuPageTableLib.inf

[LibraryClasses.EBC.PEIM]
IoLib|MdePkg/Library/PeiIoLibCpuIo/PeiIoLibCpuIo.inf
--
2.31.1.windows.1


[PATCH 3/9] IntelFsp2Pkg: Add CpuPageTableLib required by DxeIpl in DSC

duntan
 

Add CpuPageTableLib instance required by DxeIpl in QemuFspPkg.dsc
of IntelFsp2Pkg.

Signed-off-by: Dun Tan <dun.tan@...>
Cc: Chasel Chiu <chasel.chiu@...>
Cc: Nate DeSimone <nathaniel.l.desimone@...>
Cc: Star Zeng <star.zeng@...>
Cc: Ray Ni <ray.ni@...>
---
IntelFsp2Pkg/Tools/Tests/QemuFspPkg.dsc | 3 ++-
1 file changed, 2 insertions(+), 1 deletion(-)

diff --git a/IntelFsp2Pkg/Tools/Tests/QemuFspPkg.dsc b/IntelFsp2Pkg/Tools/Tests/QemuFspPkg.dsc
index 3155812118..52052692dd 100644
--- a/IntelFsp2Pkg/Tools/Tests/QemuFspPkg.dsc
+++ b/IntelFsp2Pkg/Tools/Tests/QemuFspPkg.dsc
@@ -1,7 +1,7 @@
## @file
# FSP DSC build file for QEMU platform
#
-# Copyright (c) 2017 - 2021, Intel Corporation. All rights reserved.<BR>
+# Copyright (c) 2017 - 2023, Intel Corporation. All rights reserved.<BR>
#
# This program and the accompanying materials
# are licensed and made available under the terms and conditions of the BSD License
@@ -114,6 +114,7 @@
DebugLib|MdePkg/Library/BaseDebugLibNull/BaseDebugLibNull.inf
SerialPortLib|MdePkg/Library/BaseSerialPortLibNull/BaseSerialPortLibNull.inf
!endif
+ CpuPageTableLib|UefiCpuPkg/Library/CpuPageTableLib/CpuPageTableLib.inf


################################################################################
--
2.31.1.windows.1


[PATCH 2/9] EmulatorPkg: Add CpuPageTableLib required by DxeIpl in DSC

duntan
 

Add CpuPageTableLib instance required by DxeIpl in EmulatorPkg.dsc.

Signed-off-by: Dun Tan <dun.tan@...>
Cc: Andrew Fish <afish@...>
Cc: Ray Ni <ray.ni@...>
---
EmulatorPkg/EmulatorPkg.dsc | 3 ++-
1 file changed, 2 insertions(+), 1 deletion(-)

diff --git a/EmulatorPkg/EmulatorPkg.dsc b/EmulatorPkg/EmulatorPkg.dsc
index b44435d7e6..d1fb9d9256 100644
--- a/EmulatorPkg/EmulatorPkg.dsc
+++ b/EmulatorPkg/EmulatorPkg.dsc
@@ -4,7 +4,7 @@
# The Emulation Platform can be used to debug individual modules, prior to creating
# a real platform. This also provides an example for how an DSC is created.
#
-# Copyright (c) 2006 - 2021, Intel Corporation. All rights reserved.<BR>
+# Copyright (c) 2006 - 2023, Intel Corporation. All rights reserved.<BR>
# Portions copyright (c) 2010 - 2011, Apple Inc. All rights reserved.<BR>
# Copyright (c) Microsoft Corporation.
#
@@ -66,6 +66,7 @@
PeCoffGetEntryPointLib|MdePkg/Library/BasePeCoffGetEntryPointLib/BasePeCoffGetEntryPointLib.inf
BaseMemoryLib|MdePkg/Library/BaseMemoryLib/BaseMemoryLib.inf
FrameBufferBltLib|MdeModulePkg/Library/FrameBufferBltLib/FrameBufferBltLib.inf
+ CpuPageTableLib|UefiCpuPkg/Library/CpuPageTableLib/CpuPageTableLib.inf

#
# UEFI & PI
--
2.31.1.windows.1


[PATCH 1/9] ArmVirtPkg: Add CpuPageTableLib required by DxeIpl in DSC

duntan
 

Add CpuPageTableLib instance required by DxeIpl in the
corresponding DSC files of ArmVirtPkg.

Signed-off-by: Dun Tan <dun.tan@...>
Cc: Ard Biesheuvel <ardb+tianocore@...>
Cc: Leif Lindholm <quic_llindhol@...>
Cc: Sami Mujawar <sami.mujawar@...>
Cc: Gerd Hoffmann <kraxel@...>
Cc: Ray Ni <ray.ni@...>
---
ArmVirtPkg/ArmVirtCloudHv.dsc | 2 ++
ArmVirtPkg/ArmVirtQemu.dsc | 3 ++-
2 files changed, 4 insertions(+), 1 deletion(-)

diff --git a/ArmVirtPkg/ArmVirtCloudHv.dsc b/ArmVirtPkg/ArmVirtCloudHv.dsc
index c975e139a2..3e74c4d9f5 100644
--- a/ArmVirtPkg/ArmVirtCloudHv.dsc
+++ b/ArmVirtPkg/ArmVirtCloudHv.dsc
@@ -1,5 +1,6 @@
#
# Copyright (c) 2021, ARM Limited. All rights reserved.
+# Copyright (c) 2023, Intel Corporation. All rights reserved.
#
# SPDX-License-Identifier: BSD-2-Clause-Patent
#
@@ -56,6 +57,7 @@

TpmMeasurementLib|MdeModulePkg/Library/TpmMeasurementLibNull/TpmMeasurementLibNull.inf
TpmPlatformHierarchyLib|SecurityPkg/Library/PeiDxeTpmPlatformHierarchyLibNull/PeiDxeTpmPlatformHierarchyLib.inf
+ CpuPageTableLib|UefiCpuPkg/Library/CpuPageTableLib/CpuPageTableLib.inf

!include MdePkg/MdeLibs.dsc.inc

diff --git a/ArmVirtPkg/ArmVirtQemu.dsc b/ArmVirtPkg/ArmVirtQemu.dsc
index 449e73b9e1..62716af907 100644
--- a/ArmVirtPkg/ArmVirtQemu.dsc
+++ b/ArmVirtPkg/ArmVirtQemu.dsc
@@ -1,7 +1,7 @@
#
# Copyright (c) 2011-2015, ARM Limited. All rights reserved.
# Copyright (c) 2014, Linaro Limited. All rights reserved.
-# Copyright (c) 2015 - 2020, Intel Corporation. All rights reserved.
+# Copyright (c) 2015 - 2023, Intel Corporation. All rights reserved.
#
# SPDX-License-Identifier: BSD-2-Clause-Patent
#
@@ -81,6 +81,7 @@
PciHostBridgeLib|OvmfPkg/Fdt/FdtPciHostBridgeLib/FdtPciHostBridgeLib.inf
PciHostBridgeUtilityLib|OvmfPkg/Library/PciHostBridgeUtilityLib/PciHostBridgeUtilityLib.inf
PeiHardwareInfoLib|OvmfPkg/Library/HardwareInfoLib/PeiHardwareInfoLib.inf
+ CpuPageTableLib|UefiCpuPkg/Library/CpuPageTableLib/CpuPageTableLib.inf

!if $(TPM2_ENABLE) == TRUE
Tpm2CommandLib|SecurityPkg/Library/Tpm2CommandLib/Tpm2CommandLib.inf
--
2.31.1.windows.1


[PATCH 0/9] Create page table by CpuPageTableLib in DxeIpl

duntan
 

This patch set is to create page table by CpuPageTableLib in DxeIpl.
With the CpuPageTableLib, we can create or update page table by
calling PageTableMap() in CpuPageTableLib multiple times. Then the
original page table manipulating code can be removed.

Dun Tan (9):
ArmVirtPkg: Add CpuPageTableLib required by DxeIpl in DSC
EmulatorPkg: Add CpuPageTableLib required by DxeIpl in DSC
IntelFsp2Pkg: Add CpuPageTableLib required by DxeIpl in DSC
MdeModulePkg: Add CpuPageTableLib required by DxeIpl in DSC
OvmfPkg: Add CpuPageTableLib required by DxeIpl in DSC file
MdeModulePkg: Add UefiCpuPkg.dec to pass DependencyCheck
MdeModulePkg/DxeIpl: Create page table by CpuPageTableLib
MdeModulePkg/DxeIpl: Remove duplicated code to enable NX
MdeModulePkg/DxeIpl: Refinement to the code to set PageTable as RO

ArmVirtPkg/ArmVirtCloudHv.dsc | 2 ++
ArmVirtPkg/ArmVirtQemu.dsc | 3 ++-
EmulatorPkg/EmulatorPkg.dsc | 3 ++-
IntelFsp2Pkg/Tools/Tests/QemuFspPkg.dsc | 3 ++-
MdeModulePkg/Core/DxeIplPeim/DxeIpl.h | 3 ++-
MdeModulePkg/Core/DxeIplPeim/DxeIpl.inf | 4 +++-
MdeModulePkg/Core/DxeIplPeim/Ia32/DxeLoadFunc.c | 112 ++++------------------------------------------------------------------------------------------------------------
MdeModulePkg/Core/DxeIplPeim/X64/DxeLoadFunc.c | 5 +++--
MdeModulePkg/Core/DxeIplPeim/X64/VirtualMemory.c | 709 +++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------
MdeModulePkg/Core/DxeIplPeim/X64/VirtualMemory.h | 182 ++++++++++----------------------------------------------------------------------------------------------------------------------------------------------------------------------------
MdeModulePkg/MdeModulePkg.ci.yaml | 5 +++--
MdeModulePkg/MdeModulePkg.dsc | 3 ++-
OvmfPkg/AmdSev/AmdSevX64.dsc | 2 +-
OvmfPkg/Bhyve/BhyveX64.dsc | 3 ++-
OvmfPkg/CloudHv/CloudHvX64.dsc | 2 +-
OvmfPkg/Microvm/MicrovmX64.dsc | 2 +-
OvmfPkg/OvmfPkgIa32.dsc | 3 ++-
OvmfPkg/OvmfPkgIa32X64.dsc | 2 +-
OvmfPkg/OvmfPkgX64.dsc | 2 +-
OvmfPkg/OvmfXen.dsc | 2 +-
20 files changed, 202 insertions(+), 850 deletions(-)

--
2.31.1.windows.1


Re: [PATCHv2 1/1] MdeModulePkg/Ahci: Skip retry for non-transient errors

Wu, Hao A
 

Reviewed-by: Hao A Wu <hao.a.wu@...>
Will wait a couple of days before merging to see if comments from other reviewers.

Best Regards,
Hao Wu

-----Original Message-----
From: Albecki, Mateusz <mateusz.albecki@...>
Sent: Tuesday, March 28, 2023 5:38 AM
To: devel@edk2.groups.io
Cc: Albecki, Mateusz <mateusz.albecki@...>; Wu, Hao A
<hao.a.wu@...>; Ni, Ray <ray.ni@...>; Chang, Hunter
<hunter.chang@...>; Anbazhagan, Baraneedharan
<anbazhagan@...>
Subject: [PATCHv2 1/1] MdeModulePkg/Ahci: Skip retry for non-transient errors

Currently AHCI driver will try to retry all failed packets

regardless of the failure cause. This is a problem in password

unlock flow where number of password retries is tracked by the

device. If user passes a wrong password Ahci driver will try

to send the wrong password multiple times which will exhaust

number of password retries and force the user to restart the

machine. This commit introduces a logic to check for the cause

of packet failure and only retry packets which failed due to

transient conditions on the link. With this patch only packets for

which CRC error is flagged are retried.



Cc: Hao A Wu <hao.a.wu@...>

Cc: Ray Ni <ray.ni@...>

Cc: Hunter Chang <hunter.chang@...>

Cc: Baraneedharan Anbazhagan <anbazhagan@...>



Signed-off-by: Mateusz Albecki <mateusz.albecki@...>

---

.../Bus/Ata/AtaAtapiPassThru/AhciMode.c | 71 +++++++++++++++++--

.../Bus/Ata/AtaAtapiPassThru/AhciMode.h | 3 +-

2 files changed, 69 insertions(+), 5 deletions(-)



diff --git a/MdeModulePkg/Bus/Ata/AtaAtapiPassThru/AhciMode.c
b/MdeModulePkg/Bus/Ata/AtaAtapiPassThru/AhciMode.c

index 06c4a3e052..c0c8ffbd9e 100644

--- a/MdeModulePkg/Bus/Ata/AtaAtapiPassThru/AhciMode.c

+++ b/MdeModulePkg/Bus/Ata/AtaAtapiPassThru/AhciMode.c

@@ -737,12 +737,68 @@ AhciRecoverPortError (

Status = AhciResetPort (PciIo, Port);

if (EFI_ERROR (Status)) {

DEBUG ((DEBUG_ERROR, "Failed to reset the port %d\n", Port));

+ return EFI_DEVICE_ERROR;

}

}



return EFI_SUCCESS;

}



+/**

+ This function will check if the failed command should be retired. Only error

+ conditions which are a result of transient conditions on a link(either to
system or to device).

+

+ @param[in] PciIo Pointer to AHCI controller PciIo.

+ @param[in] Port SATA port index on which to check.

+

+ @retval TRUE Command failure was caused by transient condition and
should be retried

+ @retval FALSE Command should not be retried

+**/

+BOOLEAN

+AhciShouldCmdBeRetried (

+ IN EFI_PCI_IO_PROTOCOL *PciIo,

+ IN UINT8 Port

+ )

+{

+ UINT32 Offset;

+ UINT32 PortInterrupt;

+ UINT32 Serr;

+ UINT32 Tfd;

+

+ Offset = EFI_AHCI_PORT_START + Port * EFI_AHCI_PORT_REG_WIDTH +
EFI_AHCI_PORT_IS;

+ PortInterrupt = AhciReadReg (PciIo, Offset);

+ Offset = EFI_AHCI_PORT_START + Port * EFI_AHCI_PORT_REG_WIDTH +
EFI_AHCI_PORT_SERR;

+ Serr = AhciReadReg (PciIo, Offset);

+ Offset = EFI_AHCI_PORT_START + Port * EFI_AHCI_PORT_REG_WIDTH +
EFI_AHCI_PORT_TFD;

+ Tfd = AhciReadReg (PciIo, Offset);

+

+ //

+ // This can occur if there was a CRC error on a path from system memory to

+ // host controller.

+ //

+ if (PortInterrupt & EFI_AHCI_PORT_IS_HBDS) {

+ return TRUE;

+ //

+ // This can occur if there was a CRC error detected by host during
communication

+ // with the device

+ //

+ } else if ((PortInterrupt & (EFI_AHCI_PORT_IS_IFS | EFI_AHCI_PORT_IS_INFS))
&&

+ (Serr & EFI_AHCI_PORT_SERR_CRCE))

+ {

+ return TRUE;

+ //

+ // This can occur if there was a CRC error detected by device during
communication

+ // with the host. Device returns error status to host with D2H FIS.

+ //

+ } else if ((PortInterrupt & EFI_AHCI_PORT_IS_TFES) &&

+ (Tfd & EFI_AHCI_PORT_TFD_ERR_INT_CRC))

+ {

+ return TRUE;

+ }

+

+ return FALSE;

+}

+

/**

Checks if specified FIS has been received.



@@ -950,6 +1006,7 @@ AhciPioTransfer (

UINT32 PrdCount;

UINT32 Retry;

EFI_STATUS RecoveryStatus;

+ BOOLEAN DoRetry;



if (Read) {

Flag = EfiPciIoOperationBusMasterWrite;

@@ -1027,8 +1084,9 @@ AhciPioTransfer (



if (Status == EFI_DEVICE_ERROR) {

DEBUG ((DEBUG_ERROR, "PIO command failed at retry %d\n", Retry));

+ DoRetry = AhciShouldCmdBeRetried (PciIo, Port); // needs to be called
before error recovery

RecoveryStatus = AhciRecoverPortError (PciIo, Port);

- if (EFI_ERROR (RecoveryStatus)) {

+ if (!DoRetry || EFI_ERROR (RecoveryStatus)) {

break;

}

} else {

@@ -1124,6 +1182,7 @@ AhciDmaTransfer (

EFI_TPL OldTpl;

UINT32 Retry;

EFI_STATUS RecoveryStatus;

+ BOOLEAN DoRetry;



Map = NULL;

PciIo = Instance->PciIo;

@@ -1222,8 +1281,9 @@ AhciDmaTransfer (

Status = AhciWaitUntilFisReceived (PciIo, Port, Timeout, SataFisD2H);

if (Status == EFI_DEVICE_ERROR) {

DEBUG ((DEBUG_ERROR, "DMA command failed at retry: %d\n", Retry));

+ DoRetry = AhciShouldCmdBeRetried (PciIo, Port); // needs to be
called before error recovery

RecoveryStatus = AhciRecoverPortError (PciIo, Port);

- if (EFI_ERROR (RecoveryStatus)) {

+ if (!DoRetry || EFI_ERROR (RecoveryStatus)) {

break;

}

} else {

@@ -1263,6 +1323,7 @@ AhciDmaTransfer (

Status = AhciCheckFisReceived (PciIo, Port, SataFisD2H);

if (Status == EFI_DEVICE_ERROR) {

DEBUG ((DEBUG_ERROR, "DMA command failed at retry: %d\n", Task-
RetryTimes));
+ DoRetry = AhciShouldCmdBeRetried (PciIo, Port); // call this before
error recovery

RecoveryStatus = AhciRecoverPortError (PciIo, Port);

//

// If recovery passed mark the Task as not started and change the status

@@ -1270,7 +1331,7 @@ AhciDmaTransfer (

// and on next call the command will be re-issued due to IsStart being
FALSE.

// This also makes the next condition decrement the RetryTimes.

//

- if (RecoveryStatus == EFI_SUCCESS) {

+ if (DoRetry && (RecoveryStatus == EFI_SUCCESS)) {

Task->IsStart = FALSE;

Status = EFI_NOT_READY;

}

@@ -1378,6 +1439,7 @@ AhciNonDataTransfer (

EFI_AHCI_COMMAND_LIST CmdList;

UINT32 Retry;

EFI_STATUS RecoveryStatus;

+ BOOLEAN DoRetry;



//

// Package read needed

@@ -1418,8 +1480,9 @@ AhciNonDataTransfer (

Status = AhciWaitUntilFisReceived (PciIo, Port, Timeout, SataFisD2H);

if (Status == EFI_DEVICE_ERROR) {

DEBUG ((DEBUG_ERROR, "Non data transfer failed at retry %d\n", Retry));

+ DoRetry = AhciShouldCmdBeRetried (PciIo, Port); // call this before
error recovery

RecoveryStatus = AhciRecoverPortError (PciIo, Port);

- if (EFI_ERROR (RecoveryStatus)) {

+ if (!DoRetry || EFI_ERROR (RecoveryStatus)) {

break;

}

} else {

diff --git a/MdeModulePkg/Bus/Ata/AtaAtapiPassThru/AhciMode.h
b/MdeModulePkg/Bus/Ata/AtaAtapiPassThru/AhciMode.h

index d7434b408c..5bb31057ec 100644

--- a/MdeModulePkg/Bus/Ata/AtaAtapiPassThru/AhciMode.h

+++ b/MdeModulePkg/Bus/Ata/AtaAtapiPassThru/AhciMode.h

@@ -146,7 +146,8 @@ typedef union {

#define EFI_AHCI_PORT_TFD_BSY BIT7

#define EFI_AHCI_PORT_TFD_DRQ BIT3

#define EFI_AHCI_PORT_TFD_ERR BIT0

-#define EFI_AHCI_PORT_TFD_ERR_MASK 0x00FF00

+#define EFI_AHCI_PORT_TFD_ERR_MASK 0x00FF00 // ERROR field is
specified by ATA/ATAPI Command Set specification

+#define EFI_AHCI_PORT_TFD_ERR_INT_CRC BIT15

#define EFI_AHCI_PORT_SIG 0x0024

#define EFI_AHCI_PORT_SSTS 0x0028

#define EFI_AHCI_PORT_SSTS_DET_MASK 0x000F

--

2.39.1.windows.1


[PATCH v3] RedfishPkg/RedfishPlatformCredentialIpmiLib: IPMI implementation

Nickle Wang
 

This library follows Redfish Host Interface specification and use IPMI
command to get bootstrap account credential(NetFn 2Ch, Command 02h)
from BMC. RedfishHostInterfaceDxe will use this credential for the
following communication between BIOS and BMC.

Signed-off-by: Nickle Wang <nicklew@...>
Cc: Abner Chang <abner.chang@...>
Cc: Igor Kulchytskyy <igork@...>
Cc: Nick Ramirez <nramirez@...>
---
RedfishPkg/RedfishPkg.dec | 7 +
RedfishPkg/RedfishLibs.dsc.inc | 1 +
RedfishPkg/RedfishPkg.dsc | 2 +
.../RedfishPlatformCredentialIpmiLib.inf | 42 ++
.../RedfishPlatformCredentialIpmiLib.h | 89 ++++
.../RedfishPlatformCredentialIpmiLib.c | 457 ++++++++++++++++++
6 files changed, 598 insertions(+)
create mode 100644 RedfishPkg/Library/RedfishPlatformCredentialIpmiLib/RedfishPlatformCredentialIpmiLib.inf
create mode 100644 RedfishPkg/Library/RedfishPlatformCredentialIpmiLib/RedfishPlatformCredentialIpmiLib.h
create mode 100644 RedfishPkg/Library/RedfishPlatformCredentialIpmiLib/RedfishPlatformCredentialIpmiLib.c

diff --git a/RedfishPkg/RedfishPkg.dec b/RedfishPkg/RedfishPkg.dec
index 42d28d6dac..f171053aec 100644
--- a/RedfishPkg/RedfishPkg.dec
+++ b/RedfishPkg/RedfishPkg.dec
@@ -81,6 +81,9 @@
[Guids]
gEfiRedfishPkgTokenSpaceGuid = { 0x4fdbccb7, 0xe829, 0x4b4c, { 0x88, 0x87, 0xb2, 0x3f, 0xd7, 0x25, 0x4b, 0x85 }}

+ # Redfish variable guid
+ gEfiRedfishVariableGuid = { 0x85ef8dd3, 0xe606, 0x4b89, { 0x8b, 0xbd, 0x93, 0xbf, 0x5c, 0xbe, 0x1c, 0x18 } }
+
[PcdsFixedAtBuild, PcdsPatchableInModule]
#
# This PCD is the UEFI device path which is used as the Redfish host interface.
@@ -123,3 +126,7 @@
# specification for that.
#
gEfiRedfishPkgTokenSpaceGuid.PcdRedfishServiceUuid|L"00000000-0000-0000-0000-000000000000"|VOID*|0x00001006
+ #
+ # This PCD indicates that if BMC bootstrap credential service will be disabled by BIOS or not.
+ #
+ gEfiRedfishPkgTokenSpaceGuid.PcdRedfishDisableBootstrapCredentialService|FALSE|BOOLEAN|0x00001007
diff --git a/RedfishPkg/RedfishLibs.dsc.inc b/RedfishPkg/RedfishLibs.dsc.inc
index 84f52d4b27..110526738c 100644
--- a/RedfishPkg/RedfishLibs.dsc.inc
+++ b/RedfishPkg/RedfishLibs.dsc.inc
@@ -19,5 +19,6 @@
JsonLib|RedfishPkg/Library/JsonLib/JsonLib.inf
RedfishLib|RedfishPkg/PrivateLibrary/RedfishLib/RedfishLib.inf
RedfishDebugLib|RedfishPkg/Library/RedfishDebugLib/RedfishDebugLib.inf
+ RedfishPlatformCredentialLib|RedfishPkg/Library/RedfishPlatformCredentialIpmiLib/RedfishPlatformCredentialIpmiLib.inf
!endif

diff --git a/RedfishPkg/RedfishPkg.dsc b/RedfishPkg/RedfishPkg.dsc
index 223ab72c1d..5503e65de4 100644
--- a/RedfishPkg/RedfishPkg.dsc
+++ b/RedfishPkg/RedfishPkg.dsc
@@ -4,6 +4,7 @@
# Copyright (c) 2019 - 2021, Intel Corporation. All rights reserved.<BR>
# (C) Copyright 2021 Hewlett-Packard Enterprise Development LP.
# Copyright (C) 2023 Advanced Micro Devices, Inc. All rights reserved.
+# Copyright (c) 2023, NVIDIA CORPORATION & AFFILIATES. All rights reserved.
#
# SPDX-License-Identifier: BSD-2-Clause-Patent
#
@@ -59,6 +60,7 @@
RedfishPkg/Library/PlatformHostInterfaceLibNull/PlatformHostInterfaceLibNull.inf
RedfishPkg/Library/PlatformHostInterfaceBmcUsbNicLib/PlatformHostInterfaceBmcUsbNicLib.inf
RedfishPkg/Library/PlatformCredentialLibNull/PlatformCredentialLibNull.inf
+ RedfishPkg/Library/RedfishPlatformCredentialIpmiLib/RedfishPlatformCredentialIpmiLib.inf
RedfishPkg/Library/RedfishContentCodingLibNull/RedfishContentCodingLibNull.inf
RedfishPkg/Library/DxeRestExLib/DxeRestExLib.inf
RedfishPkg/Library/BaseUcs2Utf8Lib/BaseUcs2Utf8Lib.inf
diff --git a/RedfishPkg/Library/RedfishPlatformCredentialIpmiLib/RedfishPlatformCredentialIpmiLib.inf b/RedfishPkg/Library/RedfishPlatformCredentialIpmiLib/RedfishPlatformCredentialIpmiLib.inf
new file mode 100644
index 0000000000..5c20ea22f8
--- /dev/null
+++ b/RedfishPkg/Library/RedfishPlatformCredentialIpmiLib/RedfishPlatformCredentialIpmiLib.inf
@@ -0,0 +1,42 @@
+## @file
+# INF file for RedfishPlatformCredentialIpmiLib.
+#
+# Copyright (c) 2022-2023 NVIDIA CORPORATION & AFFILIATES. All rights reserved.
+#
+# SPDX-License-Identifier: BSD-2-Clause-Patent
+#
+##
+
+[Defines]
+ INF_VERSION = 0x0001000b
+ BASE_NAME = RedfishPlatformCredentialIpmiLib
+ FILE_GUID = 9C45D622-4C66-417F-814C-F76246D97233
+ MODULE_TYPE = DXE_DRIVER
+ VERSION_STRING = 1.0
+ LIBRARY_CLASS = RedfishPlatformCredentialIpmiLib
+
+[Sources]
+ RedfishPlatformCredentialIpmiLib.c
+ RedfishPlatformCredentialIpmiLib.h
+
+[Packages]
+ MdePkg/MdePkg.dec
+ MdeModulePkg/MdeModulePkg.dec
+ RedfishPkg/RedfishPkg.dec
+
+[LibraryClasses]
+ UefiLib
+ DebugLib
+ IpmiLib
+ MemoryAllocationLib
+ BaseMemoryLib
+ UefiRuntimeServicesTableLib
+
+[Pcd]
+ gEfiRedfishPkgTokenSpaceGuid.PcdRedfishDisableBootstrapCredentialService
+
+[Guids]
+ gEfiRedfishVariableGuid
+
+[Depex]
+ TRUE
diff --git a/RedfishPkg/Library/RedfishPlatformCredentialIpmiLib/RedfishPlatformCredentialIpmiLib.h b/RedfishPkg/Library/RedfishPlatformCredentialIpmiLib/RedfishPlatformCredentialIpmiLib.h
new file mode 100644
index 0000000000..898ee88844
--- /dev/null
+++ b/RedfishPkg/Library/RedfishPlatformCredentialIpmiLib/RedfishPlatformCredentialIpmiLib.h
@@ -0,0 +1,89 @@
+/** @file
+ Header file for RedfishPlatformCredentialIpmiLib.
+
+ Copyright (c) 2022-2023 NVIDIA CORPORATION & AFFILIATES. All rights reserved.
+
+ SPDX-License-Identifier: BSD-2-Clause-Patent
+
+**/
+
+#ifndef REDFISH_PLATFORM_CREDENTIAL_IPMI_LIB_H_
+#define REDFISH_PLATFORM_CREDENTIAL_IPMI_LIB_H_
+
+#include <Uefi.h>
+#include <IndustryStandard/Ipmi.h>
+#include <IndustryStandard/RedfishHostInterfaceIpmi.h>
+
+#include <Protocol/EdkIIRedfishCredential.h>
+
+#include <Library/BaseLib.h>
+#include <Library/BaseMemoryLib.h>
+#include <Library/DebugLib.h>
+#include <Library/IpmiLib.h>
+#include <Library/MemoryAllocationLib.h>
+#include <Library/RedfishCredentialLib.h>
+#include <Library/UefiLib.h>
+#include <Library/UefiRuntimeServicesTableLib.h>
+
+#define CREDENTIAL_VARIABLE_NAME L"Partstooblaitnederc"
+
+///
+/// The bootstrap credential keeping in UEFI variable
+///
+typedef struct {
+ CHAR8 Username[USERNAME_MAX_SIZE];
+ CHAR8 Password[PASSWORD_MAX_SIZE];
+} BOOTSTRAP_CREDENTIALS_VARIABLE;
+
+/**
+ Function to retrieve temporary user credentials for the UEFI redfish client. This function can
+ also disable bootstrap credential service in BMC.
+
+ @param[in] DisableBootstrapControl TRUE - Tell the BMC to disable the bootstrap credential
+ service to ensure no one else gains credentials
+ FALSE Allow the bootstrap credential service to continue
+ @param[in,out] BootstrapUsername A pointer to a Ascii encoded string for the credential username
+ When DisableBootstrapControl is TRUE, this pointer can be NULL
+ @param[in] BootstrapUsernameSize The size of BootstrapUsername including NULL terminator in bytes.
+ Per specification, the size is USERNAME_MAX_SIZE.
+ @param[in,out] BootstrapPassword A pointer to a Ascii encoded string for the credential password
+ When DisableBootstrapControl is TRUE, this pointer can be NULL
+ @param[in] BootstrapPasswordSize The size of BootstrapPassword including NULL terminator in bytes.
+ Per specification, the size is PASSWORD_MAX_SIZE.
+
+ @retval EFI_SUCCESS Credentials were successfully fetched and returned. When DisableBootstrapControl
+ is set to TRUE, the bootstrap credential service is disabled successfully.
+ @retval EFI_INVALID_PARAMETER BootstrapUsername or BootstrapPassword is NULL when DisableBootstrapControl
+ is set to FALSE. BootstrapUsernameSize or BootstrapPasswordSize is incorrect when
+ DisableBootstrapControl is set to FALSE.
+ @retval EFI_DEVICE_ERROR An IPMI failure occurred
+**/
+EFI_STATUS
+GetBootstrapAccountCredentials (
+ IN BOOLEAN DisableBootstrapControl,
+ IN OUT CHAR8 *BootstrapUsername, OPTIONAL
+ IN UINTN BootstrapUsernameSize,
+ IN OUT CHAR8 *BootstrapPassword, OPTIONAL
+ IN UINTN BootstrapPasswordSize
+ );
+
+/**
+ Function to save temporary user credentials into boot time variable. When DeleteVariable is True,
+ this function delete boot time variable.
+
+ @param[in] BootstrapUsername A pointer to a Ascii encoded string for the credential username.
+ @param[in] BootstrapPassword A pointer to a Ascii encoded string for the credential password.
+ @param[in] DeleteVariable True to remove boot time variable. False otherwise.
+
+ @retval EFI_SUCCESS Credentials were successfully saved.
+ @retval EFI_INVALID_PARAMETER BootstrapUsername or BootstrapPassword is NULL
+ @retval Others Error occurs
+**/
+EFI_STATUS
+SetBootstrapAccountCredentialsToVariable (
+ IN CHAR8 *BootstrapUsername, OPTIONAL
+ IN CHAR8 *BootstrapPassword, OPTIONAL
+ IN BOOLEAN DeleteVariable
+ );
+
+#endif
diff --git a/RedfishPkg/Library/RedfishPlatformCredentialIpmiLib/RedfishPlatformCredentialIpmiLib.c b/RedfishPkg/Library/RedfishPlatformCredentialIpmiLib/RedfishPlatformCredentialIpmiLib.c
new file mode 100644
index 0000000000..7fccf1795d
--- /dev/null
+++ b/RedfishPkg/Library/RedfishPlatformCredentialIpmiLib/RedfishPlatformCredentialIpmiLib.c
@@ -0,0 +1,457 @@
+/** @file
+ Implementation of getting bootstrap credential via IPMI.
+
+ Copyright (c) 2022-2023 NVIDIA CORPORATION & AFFILIATES. All rights reserved.
+
+ SPDX-License-Identifier: BSD-2-Clause-Patent
+
+ @par Specification Reference:
+ - Redfish Host Interface Specification
+ (https://www.dmtf.org/sites/default/files/standards/documents/DSP0270_1.3.0.pdf)
+**/
+
+#include "RedfishPlatformCredentialIpmiLib.h"
+
+//
+// Global flag of controlling credential service
+//
+BOOLEAN mRedfishServiceStopped = FALSE;
+
+/**
+ Notify the Redfish service provide to stop provide configuration service to this platform.
+
+ This function should be called when the platform is about to leave the safe environment.
+ It will notify the Redfish service provider to abort all login session, and prohibit
+ further login with original auth info. GetAuthInfo() will return EFI_UNSUPPORTED once this
+ function is returned.
+
+ @param[in] This Pointer to EDKII_REDFISH_CREDENTIAL_PROTOCOL instance.
+ @param[in] ServiceStopType Reason of stopping Redfish service.
+
+ @retval EFI_SUCCESS Service has been stoped successfully.
+ @retval EFI_INVALID_PARAMETER This is NULL.
+ @retval Others Some error happened.
+
+**/
+EFI_STATUS
+EFIAPI
+LibStopRedfishService (
+ IN EDKII_REDFISH_CREDENTIAL_PROTOCOL *This,
+ IN EDKII_REDFISH_CREDENTIAL_STOP_SERVICE_TYPE ServiceStopType
+ )
+{
+ EFI_STATUS Status;
+
+ if ((ServiceStopType <= ServiceStopTypeNone) || (ServiceStopType >= ServiceStopTypeMax)) {
+ return EFI_INVALID_PARAMETER;
+ }
+
+ //
+ // Only stop credential service after leaving BIOS
+ //
+ if (ServiceStopType != ServiceStopTypeExitBootService) {
+ return EFI_UNSUPPORTED;
+ }
+
+ //
+ // Raise flag first
+ //
+ mRedfishServiceStopped = TRUE;
+
+ //
+ // Delete cached variable
+ //
+ Status = SetBootstrapAccountCredentialsToVariable (NULL, NULL, TRUE);
+ if (EFI_ERROR (Status)) {
+ DEBUG ((DEBUG_ERROR, "%a: fail to remove bootstrap credential: %r\n", __FUNCTION__, Status));
+ }
+
+ DEBUG ((DEBUG_INFO, "%a: bootstrap credential service stopped\n", __FUNCTION__));
+
+ return EFI_SUCCESS;
+}
+
+/**
+ Notification of Exit Boot Service.
+
+ @param[in] This Pointer to EDKII_REDFISH_CREDENTIAL_PROTOCOL.
+**/
+VOID
+EFIAPI
+LibCredentialExitBootServicesNotify (
+ IN EDKII_REDFISH_CREDENTIAL_PROTOCOL *This
+ )
+{
+ //
+ // Stop the credential support when system is about to enter OS.
+ //
+ LibStopRedfishService (This, ServiceStopTypeExitBootService);
+}
+
+/**
+ Notification of End of DXe.
+
+ @param[in] This Pointer to EDKII_REDFISH_CREDENTIAL_PROTOCOL.
+**/
+VOID
+EFIAPI
+LibCredentialEndOfDxeNotify (
+ IN EDKII_REDFISH_CREDENTIAL_PROTOCOL *This
+ )
+{
+ //
+ // Do nothing now.
+ // We can stop credential support when system reach end-of-dxe for security reason.
+ //
+}
+
+/**
+ Function to retrieve temporary user credentials for the UEFI redfish client. This function can
+ also disable bootstrap credential service in BMC.
+
+ @param[in] DisableBootstrapControl TRUE - Tell the BMC to disable the bootstrap credential
+ service to ensure no one else gains credentials
+ FALSE Allow the bootstrap credential service to continue
+ @param[in,out] BootstrapUsername A pointer to a Ascii encoded string for the credential username
+ When DisableBootstrapControl is TRUE, this pointer can be NULL
+ @param[in] BootstrapUsernameSize The size of BootstrapUsername including NULL terminator in bytes.
+ Per specification, the size is USERNAME_MAX_SIZE.
+ @param[in,out] BootstrapPassword A pointer to a Ascii encoded string for the credential password
+ When DisableBootstrapControl is TRUE, this pointer can be NULL
+ @param[in] BootstrapPasswordSize The size of BootstrapPassword including NULL terminator in bytes.
+ Per specification, the size is PASSWORD_MAX_SIZE.
+
+ @retval EFI_SUCCESS Credentials were successfully fetched and returned. When DisableBootstrapControl
+ is set to TRUE, the bootstrap credential service is disabled successfully.
+ @retval EFI_INVALID_PARAMETER BootstrapUsername or BootstrapPassword is NULL when DisableBootstrapControl
+ is set to FALSE. BootstrapUsernameSize or BootstrapPasswordSize is incorrect when
+ DisableBootstrapControl is set to FALSE.
+ @retval EFI_DEVICE_ERROR An IPMI failure occurred
+**/
+EFI_STATUS
+GetBootstrapAccountCredentials (
+ IN BOOLEAN DisableBootstrapControl,
+ IN OUT CHAR8 *BootstrapUsername, OPTIONAL
+ IN UINTN BootstrapUsernameSize,
+ IN OUT CHAR8 *BootstrapPassword, OPTIONAL
+ IN UINTN BootstrapPasswordSize
+ )
+{
+ EFI_STATUS Status;
+ IPMI_BOOTSTRAP_CREDENTIALS_COMMAND_DATA CommandData;
+ IPMI_BOOTSTRAP_CREDENTIALS_RESULT_RESPONSE ResponseData;
+ UINT32 ResponseSize;
+
+ //
+ // NULL buffer check
+ //
+ if (!DisableBootstrapControl && ((BootstrapUsername == NULL) || (BootstrapPassword == NULL))) {
+ return EFI_INVALID_PARAMETER;
+ }
+
+ if ((BootstrapUsernameSize != USERNAME_MAX_SIZE) || (BootstrapPasswordSize != PASSWORD_MAX_SIZE)) {
+ return EFI_INVALID_PARAMETER;
+ }
+
+ DEBUG ((DEBUG_VERBOSE, "%a: Disable bootstrap control: 0x%x\n", __FUNCTION__, DisableBootstrapControl));
+
+ //
+ // IPMI callout to NetFn 2C, command 02
+ // Request data:
+ // Byte 1: REDFISH_IPMI_GROUP_EXTENSION
+ // Byte 2: DisableBootstrapControl
+ //
+ CommandData.GroupExtensionId = REDFISH_IPMI_GROUP_EXTENSION;
+ CommandData.DisableBootstrapControl = (DisableBootstrapControl ? REDFISH_IPMI_BOOTSTRAP_CREDENTIAL_DISABLE : REDFISH_IPMI_BOOTSTRAP_CREDENTIAL_ENABLE);
+
+ ResponseSize = sizeof (ResponseData);
+
+ //
+ // Response data:
+ // Byte 1 : Completion code
+ // Byte 2 : REDFISH_IPMI_GROUP_EXTENSION
+ // Byte 3-18 : Username
+ // Byte 19-34: Password
+ //
+ Status = IpmiSubmitCommand (
+ IPMI_NETFN_GROUP_EXT,
+ REDFISH_IPMI_GET_BOOTSTRAP_CREDENTIALS_CMD,
+ (UINT8 *)&CommandData,
+ sizeof (CommandData),
+ (UINT8 *)&ResponseData,
+ &ResponseSize
+ );
+
+ if (EFI_ERROR (Status)) {
+ DEBUG ((DEBUG_ERROR, "%a: IPMI transaction failure. Returning\n", __FUNCTION__));
+ return Status;
+ } else {
+ if (ResponseData.CompletionCode != IPMI_COMP_CODE_NORMAL) {
+ if (ResponseData.CompletionCode == REDFISH_IPMI_COMP_CODE_BOOTSTRAP_CREDENTIAL_DISABLED) {
+ DEBUG ((DEBUG_ERROR, "%a: bootstrap credential support was disabled\n", __FUNCTION__));
+ return EFI_ACCESS_DENIED;
+ }
+
+ DEBUG ((DEBUG_ERROR, "%a: Completion code = 0x%x. Returning\n", __FUNCTION__, ResponseData.CompletionCode));
+ return EFI_PROTOCOL_ERROR;
+ } else if (ResponseData.GroupExtensionId != REDFISH_IPMI_GROUP_EXTENSION) {
+ DEBUG ((DEBUG_ERROR, "%a: Group Extension Response = 0x%x. Returning\n", __FUNCTION__, ResponseData.GroupExtensionId));
+ return EFI_DEVICE_ERROR;
+ } else {
+ if (BootstrapUsername != NULL) {
+ CopyMem (BootstrapUsername, ResponseData.Username, USERNAME_MAX_LENGTH);
+ //
+ // Manually append null-terminator in case 16 characters username returned.
+ //
+ BootstrapUsername[USERNAME_MAX_LENGTH] = '\0';
+ }
+
+ if (BootstrapPassword != NULL) {
+ CopyMem (BootstrapPassword, ResponseData.Password, PASSWORD_MAX_LENGTH);
+ //
+ // Manually append null-terminator in case 16 characters password returned.
+ //
+ BootstrapPassword[PASSWORD_MAX_LENGTH] = '\0';
+ }
+ }
+ }
+
+ DEBUG ((DEBUG_INFO, "%a: get bootstrap credential via IPMI: %r\n", __FUNCTION__, Status));
+
+ return Status;
+}
+
+/**
+ Function to retrieve temporary user credentials from cached boot time variable.
+
+ @param[in,out] BootstrapUsername A pointer to a Ascii encoded string for the credential username.
+ @param[in] BootstrapUsernameSize The size of BootstrapUsername including NULL terminator in bytes.
+ Per specification, the size is USERNAME_MAX_SIZE.
+ @param[in,out] BootstrapPassword A pointer to a Ascii encoded string for the credential password.
+ @param[in] BootstrapPasswordSize The size of BootstrapPassword including NULL terminator in bytes.
+ Per specification, the size is PASSWORD_MAX_SIZE.
+
+ @retval EFI_SUCCESS Credentials were successfully fetched and returned.
+ @retval EFI_INVALID_PARAMETER BootstrapUsername or BootstrapPassword is NULL.
+ BootstrapUsernameSize or BootstrapPasswordSize is incorrect.
+ @retval EFI_NOT_FOUND No variable found for account and credentials.
+**/
+EFI_STATUS
+GetBootstrapAccountCredentialsFromVariable (
+ IN OUT CHAR8 *BootstrapUsername,
+ IN UINTN BootstrapUsernameSize,
+ IN OUT CHAR8 *BootstrapPassword,
+ IN UINTN BootstrapPasswordSize
+ )
+{
+ EFI_STATUS Status;
+ BOOTSTRAP_CREDENTIALS_VARIABLE *CredentialVariable;
+ VOID *Data;
+ UINTN DataSize;
+
+ if ((BootstrapUsername == NULL) || (BootstrapPassword == NULL)) {
+ return EFI_INVALID_PARAMETER;
+ }
+
+ if ((BootstrapUsernameSize != USERNAME_MAX_SIZE) || (BootstrapPasswordSize != PASSWORD_MAX_SIZE)) {
+ return EFI_INVALID_PARAMETER;
+ }
+
+ DataSize = 0;
+ Status = GetVariable2 (
+ CREDENTIAL_VARIABLE_NAME,
+ &gEfiRedfishVariableGuid,
+ (VOID *)&Data,
+ &DataSize
+ );
+ if (EFI_ERROR (Status)) {
+ return EFI_NOT_FOUND;
+ }
+
+ if (DataSize != sizeof (BOOTSTRAP_CREDENTIALS_VARIABLE)) {
+ DEBUG ((DEBUG_ERROR, "%a: data corruption. returned size: %d != structure size: %d\n", __FUNCTION__, DataSize, sizeof (BOOTSTRAP_CREDENTIALS_VARIABLE)));
+ return EFI_NOT_FOUND;
+ }
+
+ CredentialVariable = (BOOTSTRAP_CREDENTIALS_VARIABLE *)Data;
+
+ AsciiStrCpyS (BootstrapUsername, USERNAME_MAX_SIZE, CredentialVariable->Username);
+ AsciiStrCpyS (BootstrapPassword, PASSWORD_MAX_SIZE, CredentialVariable->Password);
+
+ ZeroMem (CredentialVariable->Username, USERNAME_MAX_SIZE);
+ ZeroMem (CredentialVariable->Password, PASSWORD_MAX_SIZE);
+
+ FreePool (Data);
+
+ DEBUG ((DEBUG_INFO, "%a: get bootstrap credential from variable\n", __FUNCTION__));
+
+ return EFI_SUCCESS;
+}
+
+/**
+ Function to save temporary user credentials into boot time variable. When DeleteVariable is True,
+ this function delete boot time variable.
+
+ @param[in] BootstrapUsername A pointer to a Ascii encoded string for the credential username.
+ @param[in] BootstrapPassword A pointer to a Ascii encoded string for the credential password.
+ @param[in] DeleteVariable True to remove boot time variable. False otherwise.
+
+ @retval EFI_SUCCESS Credentials were successfully saved.
+ @retval EFI_INVALID_PARAMETER BootstrapUsername or BootstrapPassword is NULL
+ @retval Others Error occurs
+**/
+EFI_STATUS
+SetBootstrapAccountCredentialsToVariable (
+ IN CHAR8 *BootstrapUsername, OPTIONAL
+ IN CHAR8 *BootstrapPassword, OPTIONAL
+ IN BOOLEAN DeleteVariable
+ )
+{
+ EFI_STATUS Status;
+ BOOTSTRAP_CREDENTIALS_VARIABLE CredentialVariable;
+ VOID *Data;
+
+ if (!DeleteVariable && ((BootstrapUsername == NULL) || (BootstrapUsername[0] == '\0'))) {
+ return EFI_INVALID_PARAMETER;
+ }
+
+ if (!DeleteVariable && ((BootstrapPassword == NULL) || (BootstrapPassword[0] == '\0'))) {
+ return EFI_INVALID_PARAMETER;
+ }
+
+ //
+ // Delete variable
+ //
+ Status = GetVariable2 (
+ CREDENTIAL_VARIABLE_NAME,
+ &gEfiRedfishVariableGuid,
+ (VOID *)&Data,
+ NULL
+ );
+ if (!EFI_ERROR (Status)) {
+ FreePool (Data);
+ gRT->SetVariable (
+ CREDENTIAL_VARIABLE_NAME,
+ &gEfiRedfishVariableGuid,
+ EFI_VARIABLE_BOOTSERVICE_ACCESS,
+ 0,
+ NULL
+ );
+ }
+
+ //
+ // This is request to delete credentials. We are done.
+ //
+ if (DeleteVariable) {
+ return EFI_SUCCESS;
+ }
+
+ ZeroMem (CredentialVariable.Username, USERNAME_MAX_SIZE);
+ ZeroMem (CredentialVariable.Password, PASSWORD_MAX_SIZE);
+
+ AsciiStrCpyS (CredentialVariable.Username, USERNAME_MAX_SIZE, BootstrapUsername);
+ AsciiStrCpyS (CredentialVariable.Password, PASSWORD_MAX_SIZE, BootstrapPassword);
+
+ Status = gRT->SetVariable (
+ CREDENTIAL_VARIABLE_NAME,
+ &gEfiRedfishVariableGuid,
+ EFI_VARIABLE_BOOTSERVICE_ACCESS,
+ sizeof (BOOTSTRAP_CREDENTIALS_VARIABLE),
+ (VOID *)&CredentialVariable
+ );
+
+ ZeroMem (CredentialVariable.Username, USERNAME_MAX_SIZE);
+ ZeroMem (CredentialVariable.Password, PASSWORD_MAX_SIZE);
+
+ return Status;
+}
+
+/**
+ Retrieve platform's Redfish authentication information.
+
+ This functions returns the Redfish authentication method together with the user Id and
+ password.
+ - For AuthMethodNone, the UserId and Password could be used for HTTP header authentication
+ as defined by RFC7235.
+ - For AuthMethodRedfishSession, the UserId and Password could be used for Redfish
+ session login as defined by Redfish API specification (DSP0266).
+
+ Callers are responsible for and freeing the returned string storage.
+
+ @param[in] This Pointer to EDKII_REDFISH_CREDENTIAL_PROTOCOL instance.
+ @param[out] AuthMethod Type of Redfish authentication method.
+ @param[out] UserId The pointer to store the returned UserId string.
+ @param[out] Password The pointer to store the returned Password string.
+
+ @retval EFI_SUCCESS Get the authentication information successfully.
+ @retval EFI_ACCESS_DENIED SecureBoot is disabled after EndOfDxe.
+ @retval EFI_INVALID_PARAMETER This or AuthMethod or UserId or Password is NULL.
+ @retval EFI_OUT_OF_RESOURCES There are not enough memory resources.
+ @retval EFI_UNSUPPORTED Unsupported authentication method is found.
+
+**/
+EFI_STATUS
+EFIAPI
+LibCredentialGetAuthInfo (
+ IN EDKII_REDFISH_CREDENTIAL_PROTOCOL *This,
+ OUT EDKII_REDFISH_AUTH_METHOD *AuthMethod,
+ OUT CHAR8 **UserId,
+ OUT CHAR8 **Password
+ )
+{
+ EFI_STATUS Status;
+ BOOLEAN DisableCredentialService;
+
+ if ((AuthMethod == NULL) || (UserId == NULL) || (Password == NULL)) {
+ return EFI_INVALID_PARAMETER;
+ }
+
+ *UserId = NULL;
+ *Password = NULL;
+ DisableCredentialService = PcdGetBool (PcdRedfishDisableBootstrapCredentialService);
+
+ if (mRedfishServiceStopped) {
+ DEBUG ((DEBUG_ERROR, "%a: credential service is stopped due to security reason\n", __FUNCTION__));
+ return EFI_ACCESS_DENIED;
+ }
+
+ *AuthMethod = AuthMethodHttpBasic;
+
+ *UserId = AllocateZeroPool (sizeof (CHAR8) * USERNAME_MAX_SIZE);
+ if (*UserId == NULL) {
+ return EFI_OUT_OF_RESOURCES;
+ }
+
+ *Password = AllocateZeroPool (sizeof (CHAR8) * PASSWORD_MAX_SIZE);
+ if (*Password == NULL) {
+ return EFI_OUT_OF_RESOURCES;
+ }
+
+ //
+ // Get bootstrap credential from variable first
+ //
+ Status = GetBootstrapAccountCredentialsFromVariable (*UserId, USERNAME_MAX_SIZE, *Password, PASSWORD_MAX_SIZE);
+ if (!EFI_ERROR (Status)) {
+ return EFI_SUCCESS;
+ }
+
+ //
+ // Make a IPMI query
+ //
+ Status = GetBootstrapAccountCredentials (DisableCredentialService, *UserId, USERNAME_MAX_SIZE, *Password, PASSWORD_MAX_SIZE);
+ if (EFI_ERROR (Status)) {
+ DEBUG ((DEBUG_ERROR, "%a: fail to get bootstrap credential: %r\n", __FUNCTION__, Status));
+ return Status;
+ }
+
+ if (DisableCredentialService) {
+ DEBUG ((DEBUG_INFO, "%a: credential bootstrapping control disabled\n", __FUNCTION__));
+ }
+
+ Status = SetBootstrapAccountCredentialsToVariable (*UserId, *Password, FALSE);
+ if (EFI_ERROR (Status)) {
+ DEBUG ((DEBUG_ERROR, "%a: fail to cache bootstrap credential: %r\n", __FUNCTION__, Status));
+ }
+
+ return EFI_SUCCESS;
+}
--
2.40.0.windows.1


Event: TianoCore Bug Triage - APAC / NAMO - Tuesday, March 28, 2023 #cal-reminder

Group Notification <noreply@...>
 

Reminder: TianoCore Bug Triage - APAC / NAMO

When:
Tuesday, March 28, 2023
6:30pm to 7:30pm
(UTC-07:00) America/Los Angeles

Where:
https://teams.microsoft.com/l/meetup-join/19%3ameeting_OTk1YzJhN2UtOGQwNi00NjY4LWEwMTktY2JiODRlYTY1NmY0%40thread.v2/0?context=%7b%22Tid%22%3a%2246c98d88-e344-4ed4-8496-4ed7712e255d%22%2c%22Oid%22%3a%226e4ce4c4-1242-431b-9a51-92cd01a5df3c%22%7d

Organizer: Liming Gao gaoliming@...

View Event

Description:

TianoCore Bug Triage - APAC / NAMO

Hosted by Liming Gao

 

________________________________________________________________________________

Microsoft Teams meeting

Join on your computer or mobile app

Click here to join the meeting

Join with a video conferencing device

teams@...

Video Conference ID: 116 062 094 0

Alternate VTC dialing instructions

Or call in (audio only)

+1 916-245-6934,,77463821#   United States, Sacramento

Phone Conference ID: 774 638 21#

Find a local number | Reset PIN

Learn More | Meeting options


Re: [PATCH v1 1/2] MdePkg/BaseCacheMaintenanceLib: Enable RISCV CMO

Sunil V L
 

On Mon, Mar 27, 2023 at 11:29:07PM +0530, Dhaval Sharma wrote:
My comments inline:

On Mon, Mar 27, 2023 at 9:12 PM Sunil V L <sunilvl@...> wrote:

Hi Dhaval,

Thank you for looking at CMO support!

General comments first:
1) Please have a cover letter patch and move some part of the commit
message to cover letter. Please CC all maintainers in the cover letter
also.
https://edk2.groups.io/g/devel/message/101795?p=%2C%2C%2C20%2C0%2C0%2C0%3A%3Arecentpostdate%2Fsticky%2C%2Ccmo%2C20%2C2%2C0%2C97826395.
Is this the one you are looking for?
Yes, sorry I missed it due to mail filters.


2) Please run BaseTools/Scripts/GetMaintainer.py and CC all maintainers.
Sure.

3) Follow

https://github.com/tianocore/tianocore.github.io/wiki/EDK-II-Development-Process

Have you run CI tests?
I actually did run it but I believe the current edk2 CI is using a GCC5
based compiler. Hence it failed as it did not recognize cmo instructions as
expected. So I submitted this as WIP patch to sort that out first.
Do let me know if I can follow any other better process here.


On Fri, Mar 24, 2023 at 09:13:41PM +0530, Dhaval Sharma wrote:
Adding code to support Cache Management Operations
(CMO) defined by RV spec https://github.com/riscv/riscv-CMOs
Notes:
1. CMO only supports block based Operations. Meaning complete
cache flush/invd/clean Operations are not available
2. Current implementation uses ifence instructions but it
maybe platform specific. Many platforms may not support cache
Operations based on ifence.
fence.i?

Ack.



IMO, it is better to add a new library such as BaseRiscV64CMOLib and
included conditionally in the DSC for the platforms which support CMO.
BaseCacheMaintenanceLib will continue to have default fence.i
implementation. Is there an issue with this?
There are 2 libraries involved here. 1. BaseCacheMaintenanceLib. It is a
generic Lib for multiple archs. So yes it is possible to create another
Lib, but I was thinking if it is possible somehow to create a RV specific
Lib.
2. BaseLib which contains required .S files. For CBO I have added a
separate .S. Again this is generic Baselib for all Arch. So we need to be
able to differentiate in DSC now for both these libs. I am not sure if this
is the
best way to address this. I could try to do inline assembly within
CMOCachelib to address #2.
I was thinking single independent library of CacheMaintenanceLib class
for CMO exclusively. Let BaseLib/BaseCacheMaintenanceLib continue to use
the default fence.i implementation. The DSC for the platform can chose
between default vs CMO libraries.


3. For now adding CMO on top of ifence as it is not considered
harmful.
4. This requires support for GCC12.2 onwards.
Yeah, this is another challenge like zifencei_zicsr which we could
workaround and support both older and newer tool chain. But for CMO,
I don't see any option but to support only GCC12.2+.
How do we support this in CI?
Oliver has a patch to update CI image to GCC12. I think it is not yet
merged. But I have not checked whether it is 12.2. You can run CI
including that patch with yours and try.

https://edk2.groups.io/g/devel/message/101164


Re: [PATCH v1 0/1] Define security policy in SECURITY.md file for repository

Demeter, Miki
 

Ack

 

Need to get this acked by others in infosec too

 

 

-- 

Miki Demeter (she/her/Miki)

Security Researcher / FW Developer

FST

Intel Corporation

 

Co-Chair, Network of Intel African-Ancestry(NIA) - Oregon

NIA-Oregon

 

Portland Women in Tech Best Speaker

miki.demeter@...

503.712.8030 (office)

971.248.0123 (cell)

 

 

From: Kun Qin <kuqin12@...>
Date: Thursday, March 9, 2023 at 1:44 PM
To: devel@edk2.groups.io <devel@edk2.groups.io>
Cc: Andrew Fish <afish@...>, Leif Lindholm <quic_llindhol@...>, Kinney, Michael D <michael.d.kinney@...>, Demeter, Miki <miki.demeter@...>, Sean Brogan <sean.brogan@...>
Subject: [PATCH v1 0/1] Define security policy in SECURITY.md file for repository

This change added a markdown file as a policy guideline for Tianocore EDK2
community to handle security sensitive reports.

Patch v1 branch: https://github.com/kuqin12/edk2/tree/patch-1

Cc: Andrew Fish <afish@...>
Cc: Leif Lindholm <quic_llindhol@...>
Cc: Michael D Kinney <michael.d.kinney@...>
Cc: Miki Demeter <miki.demeter@...>
Cc: Sean Brogan <sean.brogan@...>

Sean Brogan (1):
  Define security policy in SECURITY.md file for repository

 SECURITY.md | 33 ++++++++++++++++++++
 1 file changed, 33 insertions(+)
 create mode 100644 SECURITY.md

--
2.37.1.windows.1


Re: PATCH v1 1/1 MdePkg: Remove Itanium leftover data structure

Paweł Poławski
 

Hi Mike,

Thank you for taking care of this.
Also thanks to everyone involved in the discussion on how to address this issue.

Best regards,
Pawel


On Sun, Mar 26, 2023 at 4:04 AM Michael D Kinney <michael.d.kinney@...> wrote:

Merged: https://github.com/tianocore/edk2/pull/4181

Commit: https://github.com/tianocore/edk2/commit/07fa6d1841abcfc58b226027d711ebb47559f442

 

Mike

 

From: Kinney, Michael D <michael.d.kinney@...>
Sent: Saturday, March 25, 2023 6:05 PM
To: Pawel Polawski <ppolawsk@...>
Cc: devel@edk2.groups.io; Gao, Liming <gaoliming@...>; Liu, Zhiguang <zhiguang.liu@...>; Zimmer, Vincent <vincent.zimmer@...>; Kinney, Michael D <michael.d.kinney@...>
Subject: RE: [edk2-devel] PATCH v1 1/1 MdePkg: Remove Itanium leftover data structure

 

Thanks Pawel,

 

I see there were some minor CI issues related to uncrustify formatting.

 

I am fixing those and will post a new PR with my Rb.

 

I will close 4174.

 

Mike

 

From: Pawel Polawski <ppolawsk@...>
Sent: Friday, March 24, 2023 7:46 AM
To: Kinney, Michael D <michael.d.kinney@...>
Cc: devel@edk2.groups.io; Gao, Liming <gaoliming@...>; Liu, Zhiguang <zhiguang.liu@...>; Zimmer, Vincent <vincent.zimmer@...>
Subject: Re: [edk2-devel] PATCH v1 1/1 MdePkg: Remove Itanium leftover data structure

 

Hi Michael,

 

Sorry for the delay in my response. I just opened PR against EDK2 repo to trigger CI:

 

Best regards,

Pawel

 

On Thu, Mar 23, 2023 at 11:10 PM Kinney, Michael D <michael.d.kinney@...> wrote:

Hi Pawel,

Any updates on this task?

I would like to see this go in soon so it can get some flight time before next stable tag.

Mike

> -----Original Message-----
> From: Kinney, Michael D <michael.d.kinney@...>
> Sent: Tuesday, March 7, 2023 2:25 PM
> To: Paweł Poławski <ppolawsk@...>; devel@edk2.groups.io
> Cc: Gao, Liming <gaoliming@...>; Liu, Zhiguang <zhiguang.liu@...>; Zimmer, Vincent <vincent.zimmer@...>;
> Kinney, Michael D <michael.d.kinney@...>
> Subject: RE: [edk2-devel] PATCH v1 1/1 MdePkg: Remove Itanium leftover data structure
>
> Hi Pawel,
>
> Can you please also reference the following BZ and commit in the commit message
>
> https://bugzilla.tianocore.org/show_bug.cgi?id=1560
> https://github.com/tianocore/edk2/commit/4e1daa60f5372c22a11503961061ffa569eaf873
>
> If you post a branch with these small updates and my Rb and send it
> through EDK II CI, I can do the push from there.
>
> Thanks,
>
> Mike
>
> > -----Original Message-----
> > From: Kinney, Michael D <michael.d.kinney@...>
> > Sent: Tuesday, March 7, 2023 1:59 PM
> > To: Paweł Poławski <ppolawsk@...>; devel@edk2.groups.io
> > Cc: Gao, Liming <gaoliming@...>; Liu, Zhiguang <zhiguang.liu@...>; Zimmer, Vincent
> > <vincent.zimmer@...>; Kinney, Michael D <michael.d.kinney@...>
> > Subject: RE: [edk2-devel] PATCH v1 1/1 MdePkg: Remove Itanium leftover data structure
> >
> > Hi Pawel,
> >
> > With suggestion from Vincent, let's remove ItaniumHealthFlags.
> >
> > https://edk2.groups.io/g/devel/message/100812
> >
> > I recommend adding a note in the comment block for the
> > EFI_SEC_PLATFORM_INFORMATION_RECORD that with the removal of the
> > ItaniumHealthFlags, this union has diverged from the PI
> > Specification definition.
> >
> > With that one comment addition:
> >
> > Reviewed-by: Michael D Kinney <michael.d.kinney@...>
> >
> > Mike
> >
> >
> > > -----Original Message-----
> > > From: Paweł Poławski <ppolawsk@...>
> > > Sent: Thursday, December 1, 2022 7:36 AM
> > > To: devel@edk2.groups.io
> > > Cc: Kinney, Michael D <michael.d.kinney@...>; Gao, Liming <gaoliming@...>; Liu, Zhiguang
> > > <zhiguang.liu@...>
> > > Subject: [edk2-devel] PATCH v1 1/1 MdePkg: Remove Itanium leftover data structure
> > >
> > > Itanium support has been removed from EDK2 aroun 2019.
> > > ITANIUM_HANDOFF_STATUS data structure looks to be
> > > some leftover from that process.
> > >
> > > There is also positive sidefect of this data structure removal.
> > > Due to HOB allocation type used in PEI stage there is a limit
> > > how much data about virtual CPU can be hold. This limit result
> > > in only 1024 vCPU can be used by VM.
> > > With Itanium related data structure removed more allocated space
> > > can be used for vCPU data and with current allocation limit
> > > will change from 1024 to around 8k vCPUs.
> > >
> > > Cc: Michael D Kinney <michael.d.kinney@...>
> > > Cc: Liming Gao <gaoliming@...>
> > > Cc: Zhiguang Liu <zhiguang.liu@...>
> > >
> > > Signed-off-by: Paweł Poławski <ppolawsk@...>
> > > ---
> > >  MdePkg/Include/Ppi/SecPlatformInformation.h | 44 --------------------
> > >  1 file changed, 44 deletions(-)
> > >
> > > diff --git a/MdePkg/Include/Ppi/SecPlatformInformation.h b/MdePkg/Include/Ppi/SecPlatformInformation.h
> > > index 02b0711f189e..fbcd205acd96 100644
> > > --- a/MdePkg/Include/Ppi/SecPlatformInformation.h
> > > +++ b/MdePkg/Include/Ppi/SecPlatformInformation.h
> > > @@ -84,49 +84,6 @@ typedef union {
> > >
> > >  typedef EFI_HEALTH_FLAGS X64_HANDOFF_STATUS;
> > >  typedef EFI_HEALTH_FLAGS IA32_HANDOFF_STATUS;
> > > -///
> > > -/// The hand-off status structure for Itanium architecture.
> > > -///
> > > -typedef struct {
> > > -  ///
> > > -  /// SALE_ENTRY state : 3 = Recovery_Check
> > > -  /// and 0 = RESET or Normal_Boot phase.
> > > -  ///
> > > -  UINT8     BootPhase;
> > > -  ///
> > > -  /// Firmware status on entry to SALE.
> > > -  ///
> > > -  UINT8     FWStatus;
> > > -  UINT16    Reserved1;
> > > -  UINT32    Reserved2;
> > > -  ///
> > > -  /// Geographically significant unique processor ID assigned by PAL.
> > > -  ///
> > > -  UINT16    ProcId;
> > > -  UINT16    Reserved3;
> > > -  UINT8     IdMask;
> > > -  UINT8     EidMask;
> > > -  UINT16    Reserved4;
> > > -  ///
> > > -  /// Address to make PAL calls.
> > > -  ///
> > > -  UINT64    PalCallAddress;
> > > -  ///
> > > -  /// If the entry state is RECOVERY_CHECK, this contains the PAL_RESET
> > > -  /// return address, and if entry state is RESET, this contains
> > > -  /// address for PAL_authentication call.
> > > -  ///
> > > -  UINT64    PalSpecialAddress;
> > > -  ///
> > > -  /// GR35 from PALE_EXIT state.
> > > -  ///
> > > -  UINT64    SelfTestStatus;
> > > -  ///
> > > -  /// GR37 from PALE_EXIT state.
> > > -  ///
> > > -  UINT64    SelfTestControl;
> > > -  UINT64    MemoryBufferRequired;
> > > -} ITANIUM_HANDOFF_STATUS;
> > >
> > >  ///
> > >  /// EFI_SEC_PLATFORM_INFORMATION_RECORD.
> > > @@ -134,7 +91,6 @@ typedef struct {
> > >  typedef union {
> > >    IA32_HANDOFF_STATUS       IA32HealthFlags;
> > >    X64_HANDOFF_STATUS        x64HealthFlags;
> > > -  ITANIUM_HANDOFF_STATUS    ItaniumHealthFlags;
> > >  } EFI_SEC_PLATFORM_INFORMATION_RECORD;
> > >
> > >  /**
> > > --
> > > 2.38.1



--

Paweł Poławski

Red Hat Virtualization

ppolawsk@...   



--

Paweł Poławski

Red Hat Virtualization

ppolawsk@...   



Now: Tools, CI, Code base construction meeting series - Monday, March 27, 2023 #cal-notice

Group Notification <noreply@...>
 

Tools, CI, Code base construction meeting series

When:
Monday, March 27, 2023
4:30pm to 5:30pm
(UTC-07:00) America/Los Angeles

Where:
https://github.com/tianocore/edk2/discussions/2614

View Event

Description:

TianoCore community,

Microsoft and Intel will be hosting a series of open meetings to discuss build, CI, tools, and other related topics. If you are interested, have ideas/opinions please join us. These meetings will be Monday 4:30pm Pacific Time on Microsoft Teams.

MS Teams Link in following discussion: * https://github.com/tianocore/edk2/discussions/2614

Anyone is welcome to join.

MS Teams Browser Clients * https://docs.microsoft.com/en-us/microsoftteams/get-clients?tabs=Windows#browser-client