From nobody Thu Dec 26 12:52:00 2024 Delivered-To: importer@patchew.org Received-SPF: none (zoho.com: 198.145.21.10 is neither permitted nor denied by domain of lists.01.org) client-ip=198.145.21.10; envelope-from=edk2-devel-bounces@lists.01.org; helo=ml01.01.org; Authentication-Results: mx.zohomail.com; spf=none (zoho.com: 198.145.21.10 is neither permitted nor denied by domain of lists.01.org) smtp.mailfrom=edk2-devel-bounces@lists.01.org Return-Path: Received: from ml01.01.org (ml01.01.org [198.145.21.10]) by mx.zohomail.com with SMTPS id 150482411112152.57969053582224; Thu, 7 Sep 2017 15:41:51 -0700 (PDT) Received: from [127.0.0.1] (localhost [IPv6:::1]) by ml01.01.org (Postfix) with ESMTP id 96DA921E2BE45; Thu, 7 Sep 2017 15:38:46 -0700 (PDT) Received: from mx1.redhat.com (mx1.redhat.com [209.132.183.28]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ml01.01.org (Postfix) with ESMTPS id 01F9421CEB0FF for ; Thu, 7 Sep 2017 15:38:45 -0700 (PDT) Received: from smtp.corp.redhat.com (int-mx04.intmail.prod.int.phx2.redhat.com [10.5.11.14]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by mx1.redhat.com (Postfix) with ESMTPS id 36EC54E049; Thu, 7 Sep 2017 22:41:36 +0000 (UTC) Received: from lacos-laptop-7.usersys.redhat.com (ovpn-120-54.rdu2.redhat.com [10.10.120.54]) by smtp.corp.redhat.com (Postfix) with ESMTP id E5EB05D967; Thu, 7 Sep 2017 22:41:34 +0000 (UTC) X-Original-To: edk2-devel@lists.01.org DMARC-Filter: OpenDMARC Filter v1.3.2 mx1.redhat.com 36EC54E049 Authentication-Results: ext-mx09.extmail.prod.ext.phx2.redhat.com; dmarc=none (p=none dis=none) header.from=redhat.com Authentication-Results: ext-mx09.extmail.prod.ext.phx2.redhat.com; spf=fail smtp.mailfrom=lersek@redhat.com From: Laszlo Ersek To: edk2-devel-01 Date: Fri, 8 Sep 2017 00:41:15 +0200 Message-Id: <20170907224116.895-10-lersek@redhat.com> In-Reply-To: <20170907224116.895-1-lersek@redhat.com> References: <20170907224116.895-1-lersek@redhat.com> X-Scanned-By: MIMEDefang 2.79 on 10.5.11.14 X-Greylist: Sender IP whitelisted, not delayed by milter-greylist-4.5.16 (mx1.redhat.com [10.5.110.38]); Thu, 07 Sep 2017 22:41:36 +0000 (UTC) Subject: [edk2] [PATCH 09/10] OvmfPkg/IoMmuDxe: generalize IoMmuUnmap() to IoMmuUnmapWorker() X-BeenThere: edk2-devel@lists.01.org X-Mailman-Version: 2.1.22 Precedence: list List-Id: EDK II Development List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Cc: Jiewen Yao , Brijesh Singh , Jordan Justen , Ard Biesheuvel MIME-Version: 1.0 Content-Transfer-Encoding: quoted-printable Errors-To: edk2-devel-bounces@lists.01.org Sender: "edk2-devel" X-ZohoMail: RSF_4 Z_629925259 SPT_0 Content-Type: text/plain; charset="utf-8" IoMmuUnmapWorker() is identical to IoMmuUnmap(), it just takes an additional BOOLEAN parameter called "MemoryMapLocked". If the memory map is locked, IoMmuUnmapWorker() does its usual job, but it purposely leaks memory rather than freeing it. This makes it callable from ExitBootServices() context. Turn IoMmuUnmap() into a thin wrapper around IoMmuUnmapWorker() that passes constant FALSE for "MemoryMapLocked". Cc: Ard Biesheuvel Cc: Brijesh Singh Cc: Jiewen Yao Cc: Jordan Justen Contributed-under: TianoCore Contribution Agreement 1.1 Signed-off-by: Laszlo Ersek --- OvmfPkg/IoMmuDxe/AmdSevIoMmu.c | 60 +++++++++++++++++--- 1 file changed, 53 insertions(+), 7 deletions(-) diff --git a/OvmfPkg/IoMmuDxe/AmdSevIoMmu.c b/OvmfPkg/IoMmuDxe/AmdSevIoMmu.c index c86e73498555..34e1c6ee4a74 100644 --- a/OvmfPkg/IoMmuDxe/AmdSevIoMmu.c +++ b/OvmfPkg/IoMmuDxe/AmdSevIoMmu.c @@ -316,32 +316,46 @@ Failed: } =20 /** Completes the Map() operation and releases any corresponding resources. =20 + This is an internal worker function that only extends the Map() API with + the MemoryMapLocked parameter. + @param This The protocol instance pointer. @param Mapping The mapping value returned from Map(). + @param MemoryMapLocked The function is executing on the stack of + gBS->ExitBootServices(); changes to the UE= FI + memory map are forbidden. =20 @retval EFI_SUCCESS The range was unmapped. @retval EFI_INVALID_PARAMETER Mapping is not a value that was returned by Map(). @retval EFI_DEVICE_ERROR The data was not committed to the target s= ystem memory. **/ +STATIC EFI_STATUS EFIAPI -IoMmuUnmap ( +IoMmuUnmapWorker ( IN EDKII_IOMMU_PROTOCOL *This, - IN VOID *Mapping + IN VOID *Mapping, + IN BOOLEAN MemoryMapLocked ) { MAP_INFO *MapInfo; EFI_STATUS Status; COMMON_BUFFER_HEADER *CommonBufferHeader; VOID *EncryptionTarget; =20 - DEBUG ((DEBUG_VERBOSE, "%a: Mapping=3D0x%p\n", __FUNCTION__, Mapping)); + DEBUG (( + DEBUG_VERBOSE, + "%a: Mapping=3D0x%p MemoryMapLocked=3D%d\n", + __FUNCTION__, + Mapping, + MemoryMapLocked + )); =20 if (Mapping =3D=3D NULL) { return EFI_INVALID_PARAMETER; } =20 @@ -410,11 +424,12 @@ IoMmuUnmap ( // // For BusMasterCommonBuffer[64] operations, copy the stashed data to the // original (now encrypted) location. // // For all other operations, fill the late bounce buffer (which existed = as - // plaintext at some point) with zeros, and then release it. + // plaintext at some point) with zeros, and then release it (unless the = UEFI + // memory map is locked). // if (MapInfo->Operation =3D=3D EdkiiIoMmuOperationBusMasterCommonBuffer || MapInfo->Operation =3D=3D EdkiiIoMmuOperationBusMasterCommonBuffer64= ) { CopyMem ( (VOID *)(UINTN)MapInfo->CryptedAddress, @@ -424,22 +439,53 @@ IoMmuUnmap ( } else { ZeroMem ( (VOID *)(UINTN)MapInfo->PlainTextAddress, EFI_PAGES_TO_SIZE (MapInfo->NumberOfPages) ); - gBS->FreePages (MapInfo->PlainTextAddress, MapInfo->NumberOfPages); + if (!MemoryMapLocked) { + gBS->FreePages (MapInfo->PlainTextAddress, MapInfo->NumberOfPages); + } } =20 // - // Forget and free the MAP_INFO structure. + // Forget the MAP_INFO structure, then free it (unless the UEFI memory m= ap is + // locked). // RemoveEntryList (&MapInfo->Link); - FreePool (MapInfo); + if (!MemoryMapLocked) { + FreePool (MapInfo); + } =20 return EFI_SUCCESS; } =20 +/** + Completes the Map() operation and releases any corresponding resources. + + @param This The protocol instance pointer. + @param Mapping The mapping value returned from Map(). + + @retval EFI_SUCCESS The range was unmapped. + @retval EFI_INVALID_PARAMETER Mapping is not a value that was returned by + Map(). + @retval EFI_DEVICE_ERROR The data was not committed to the target s= ystem + memory. +**/ +EFI_STATUS +EFIAPI +IoMmuUnmap ( + IN EDKII_IOMMU_PROTOCOL *This, + IN VOID *Mapping + ) +{ + return IoMmuUnmapWorker ( + This, + Mapping, + FALSE // MemoryMapLocked + ); +} + /** Allocates pages that are suitable for an OperationBusMasterCommonBuffer = or OperationBusMasterCommonBuffer64 mapping. =20 @param This The protocol instance pointer. --=20 2.14.1.3.gb7cf6e02401b _______________________________________________ edk2-devel mailing list edk2-devel@lists.01.org https://lists.01.org/mailman/listinfo/edk2-devel