[APL] Enable APL DMA protection code flow
This patch added required code flow to prepare to enable DMA protection for APL platform. Platform code needs to build a VTD_INFO structure, and then call SetDmaProtection to enable and disable DMA protection at different initialization phase. Platform needs to enable DMA protection as early as possible after memory is ready. For APL, since VT-d is only enabled in FspSiliconInit, it was postponed to Stage2. Signed-off-by: Maurice Ma <maurice.ma@intel.com>
This commit is contained in:
parent
48ff85fc3d
commit
a1df5f9cc5
|
@ -50,6 +50,7 @@ class Board(BaseBoard):
|
|||
self.ENABLE_SPLASH = 1
|
||||
self.ENABLE_FRAMEBUFFER_INIT = 1
|
||||
self.ENABLE_GRUB_CONFIG = 1
|
||||
self.ENABLE_DMA_PROTECTION = 0
|
||||
|
||||
# G9 for 384 | W7 Opt for SHA384| Ni Opt for SHA256| V8 Opt for SHA256
|
||||
self.ENABLE_CRYPTO_SHA_OPT = IPP_CRYPTO_OPTIMIZATION_MASK['SHA256_NI']
|
||||
|
|
|
@ -26,6 +26,7 @@
|
|||
MdePkg/MdePkg.dec
|
||||
BootloaderCorePkg/BootloaderCorePkg.dec
|
||||
BootloaderCommonPkg/BootloaderCommonPkg.dec
|
||||
Silicon/CommonSocPkg/CommonSocPkg.dec
|
||||
Silicon/ApollolakePkg/ApollolakePkg.dec
|
||||
|
||||
[LibraryClasses]
|
||||
|
|
|
@ -32,6 +32,7 @@
|
|||
BootloaderCommonPkg/BootloaderCommonPkg.dec
|
||||
Silicon/ApollolakePkg/ApollolakePkg.dec
|
||||
Platform/CommonBoardPkg/CommonBoardPkg.dec
|
||||
Silicon/CommonSocPkg/CommonSocPkg.dec
|
||||
Platform/ApollolakeBoardPkg/ApollolakeBoardPkg.dec
|
||||
|
||||
[LibraryClasses]
|
||||
|
|
|
@ -670,6 +670,42 @@ UpdatePayloadId (
|
|||
SetPayloadId (PayloadId);
|
||||
}
|
||||
|
||||
/**
|
||||
Build VT-d information to prepare PMR program
|
||||
|
||||
**/
|
||||
STATIC
|
||||
VOID
|
||||
BuildVtdInfo (
|
||||
VOID
|
||||
)
|
||||
{
|
||||
VTD_INFO *VtdInfo;
|
||||
UINT32 McD0BaseAddress;
|
||||
UINT32 MchBar;
|
||||
UINT32 Idx;
|
||||
UINT32 VtdIdx;
|
||||
UINT32 Data;
|
||||
UINT32 RegOff[2] = {R_SA_MCHBAR_VTD1_OFFSET, R_SA_MCHBAR_VTD2_OFFSET};
|
||||
|
||||
VtdInfo = &((PLATFORM_DATA *)GetPlatformDataPtr ())->VtdInfo;
|
||||
McD0BaseAddress = MM_PCI_ADDRESS (SA_MC_BUS, 0, 0, 0);
|
||||
MchBar = MmioRead32 (McD0BaseAddress + R_SA_MCHBAR_REG) & ~BIT0;
|
||||
VtdInfo->HostAddressWidth = 38;
|
||||
|
||||
VtdIdx = 0;
|
||||
for (Idx = 0; Idx < ARRAY_SIZE(RegOff); Idx++) {
|
||||
Data = MmioRead32 (MchBar + RegOff[Idx]) & ~3;
|
||||
if (Data != 0) {
|
||||
DEBUG ((DEBUG_INFO, "VT-d Engine %d @ 0x%08X\n", VtdIdx, Data));
|
||||
VtdInfo->VTdEngineAddress[VtdIdx++] = Data;
|
||||
ASSERT (VtdIdx <= ARRAY_SIZE(VtdInfo->VTdEngineAddress));
|
||||
}
|
||||
}
|
||||
|
||||
VtdInfo->VTdEngineCount = VtdIdx;
|
||||
}
|
||||
|
||||
/**
|
||||
Board specific hook points.
|
||||
|
||||
|
@ -690,6 +726,7 @@ BoardInit (
|
|||
LOADER_GLOBAL_DATA *LdrGlobal;
|
||||
UINT32 TsegBase;
|
||||
UINT64 TsegSize;
|
||||
VTD_INFO *VtdInfo;
|
||||
|
||||
switch (InitPhase) {
|
||||
case PreSiliconInit:
|
||||
|
@ -731,6 +768,12 @@ BoardInit (
|
|||
PciWrite8 (PCI_LIB_ADDRESS(SA_IGD_BUS, SA_IGD_DEV, SA_IGD_FUN_0, PCI_COMMAND_OFFSET), \
|
||||
EFI_PCI_COMMAND_MEMORY_SPACE | EFI_PCI_COMMAND_BUS_MASTER);
|
||||
}
|
||||
// Enable DMA protection
|
||||
if (FeaturePcdGet (PcdDmaProtectionEnabled)) {
|
||||
BuildVtdInfo ();
|
||||
VtdInfo = &((PLATFORM_DATA *)GetPlatformDataPtr ())->VtdInfo;
|
||||
SetDmaProtection (VtdInfo, TRUE);
|
||||
}
|
||||
BuildOsConfigDataHob ();
|
||||
break;
|
||||
case PostPciEnumeration:
|
||||
|
@ -768,6 +811,11 @@ BoardInit (
|
|||
break;
|
||||
case EndOfFirmware:
|
||||
ClearFspHob ();
|
||||
if (FeaturePcdGet (PcdDmaProtectionEnabled)) {
|
||||
// Disable DMA protection
|
||||
VtdInfo = &((PLATFORM_DATA *)GetPlatformDataPtr ())->VtdInfo;
|
||||
SetDmaProtection (VtdInfo, FALSE);
|
||||
}
|
||||
EnterIaUnTrustMode ();
|
||||
// Clear known MCA logged in BANK4 and enable this MCA again
|
||||
AsmWriteMsr64 (IA32_MC4_STATUS, 0);
|
||||
|
@ -1302,7 +1350,6 @@ UpdateOsBootMediumInfo (
|
|||
DEBUG ((DEBUG_INFO, "Set boot to shell!\n"));
|
||||
OsBootOptionList->BootToShell = 1;
|
||||
}
|
||||
|
||||
}
|
||||
|
||||
/**
|
||||
|
|
|
@ -41,6 +41,7 @@
|
|||
#include <Library/SpiFlashLib.h>
|
||||
#include <Library/TpmLib.h>
|
||||
#include <Library/VtdLib.h>
|
||||
#include <Library/VtdPmrLib.h>
|
||||
#include <RegAccess.h>
|
||||
#include <IndustryStandard/Pci.h>
|
||||
#include <IndustryStandard/Acpi.h>
|
||||
|
|
|
@ -100,4 +100,7 @@
|
|||
gPlatformModuleTokenSpaceGuid.PcdSmramTsegBase
|
||||
gPlatformModuleTokenSpaceGuid.PcdSmramTsegSize
|
||||
gPlatformModuleTokenSpaceGuid.PcdFuncCpuInitHook
|
||||
gPlatformCommonLibTokenSpaceGuid.PcdDmaProtectionEnabled
|
||||
gPlatformCommonLibTokenSpaceGuid.PcdDmaBufferAlignment
|
||||
gPlatformCommonLibTokenSpaceGuid.PcdDmaBufferSize
|
||||
gPlatformCommonLibTokenSpaceGuid.PcdEmmcHs400SupportEnabled
|
||||
|
|
|
@ -10,6 +10,7 @@
|
|||
|
||||
#include <Library/BootGuardLib.h>
|
||||
#include <Library/BootloaderCoreLib.h>
|
||||
#include <Library/VtdPmrLib.h>
|
||||
|
||||
typedef enum {
|
||||
BootModeTargetNormal = 0,
|
||||
|
@ -123,6 +124,7 @@ typedef struct {
|
|||
BOOT_GUARD_INFO BtGuardInfo;
|
||||
VOID *LoaderSeedList;
|
||||
PLAT_FEATURES PlatformFeatures;
|
||||
VTD_INFO VtdInfo;
|
||||
} PLATFORM_DATA;
|
||||
|
||||
typedef struct {
|
||||
|
|
|
@ -27,6 +27,7 @@ MdePkg/MdePkg.dec
|
|||
IntelFsp2Pkg/IntelFsp2Pkg.dec
|
||||
BootloaderCorePkg/BootloaderCorePkg.dec
|
||||
BootloaderCommonPkg/BootloaderCommonPkg.dec
|
||||
Silicon/CommonSocPkg/CommonSocPkg.dec
|
||||
Silicon/ApollolakePkg/ApollolakePkg.dec
|
||||
Platform/ApollolakeBoardPkg/ApollolakeBoardPkg.dec
|
||||
|
||||
|
|
|
@ -10,6 +10,7 @@
|
|||
#define __VTD_PMR_LIB_H__
|
||||
|
||||
#include <IndustryStandard/Vtd.h>
|
||||
#include <Library/PcdLib.h>
|
||||
|
||||
#define VTD_ENGINE_ALL ((UINT64)(-1))
|
||||
|
||||
|
@ -17,7 +18,7 @@ typedef struct {
|
|||
UINT64 EngineMask;
|
||||
UINT8 HostAddressWidth;
|
||||
UINTN VTdEngineCount;
|
||||
UINT64 VTdEngineAddress[1];
|
||||
UINT64 VTdEngineAddress[8];
|
||||
} VTD_INFO;
|
||||
|
||||
/**
|
||||
|
|
Loading…
Reference in New Issue