Re: [edk2-devel] [PATCH v3 13/24] UefiPayloadPkg: Prepare UefiPayloadPkg to use the AmdSvsmLib library
Reviewed-by: Guo Dong -Original Message- From: Tom Lendacky Sent: Friday, March 8, 2024 8:30 AM To: devel@edk2.groups.io Cc: Ard Biesheuvel ; Aktas, Erdem ; Gerd Hoffmann ; Yao, Jiewen ; Laszlo Ersek ; Liming Gao ; Kinney, Michael D ; Xu, Min M ; Liu, Zhiguang ; Kumar, Rahul R ; Ni, Ray ; Michael Roth ; Guo, Gua ; Dong, Guo ; Lu, James ; Rhodes, Sean Subject: [PATCH v3 13/24] UefiPayloadPkg: Prepare UefiPayloadPkg to use the AmdSvsmLib library BZ: https://bugzilla.tianocore.org/show_bug.cgi?id=4654 The MpInitLib library will be updated to use the new AmdSvsmLib library. To prevent any build breakage, update the UefiPayloadPkg DSC file to include the AmdSvsmLib NULL library. Cc: Gua Guo Cc: Guo Dong Cc: James Lu Cc: Sean Rhodes Acked-by: Gerd Hoffmann Signed-off-by: Tom Lendacky --- UefiPayloadPkg/UefiPayloadPkg.dsc | 1 + 1 file changed, 1 insertion(+) diff --git a/UefiPayloadPkg/UefiPayloadPkg.dsc b/UefiPayloadPkg/UefiPayloadPkg.dsc index 433fb51a5695..e1b9d5ecf182 100644 --- a/UefiPayloadPkg/UefiPayloadPkg.dsc +++ b/UefiPayloadPkg/UefiPayloadPkg.dsc @@ -313,6 +313,7 @@ [LibraryClasses] VariablePolicyHelperLib|MdeModulePkg/Library/VariablePolicyHelperLib/VariablePolicyHelperLib.inf VariableFlashInfoLib|MdeModulePkg/Library/BaseVariableFlashInfoLib/BaseVariableFlashInfoLib.inf CcExitLib|UefiCpuPkg/Library/CcExitLibNull/CcExitLibNull.inf + AmdSvsmLib|UefiCpuPkg/Library/AmdSvsmLibNull/AmdSvsmLibNull.inf ReportStatusCodeLib|MdeModulePkg/Library/DxeReportStatusCodeLib/DxeReportStatusCodeLib.inf FdtLib|MdePkg/Library/BaseFdtLib/BaseFdtLib.inf [LibraryClasses.common] -- 2.43.2 -=-=-=-=-=-=-=-=-=-=-=- Groups.io Links: You receive all messages sent to this group. View/Reply Online (#117718): https://edk2.groups.io/g/devel/message/117718 Mute This Topic: https://groups.io/mt/104810720/21656 Group Owner: devel+ow...@edk2.groups.io Unsubscribe: https://edk2.groups.io/g/devel/unsub [arch...@mail-archive.com] -=-=-=-=-=-=-=-=-=-=-=-
Re: [edk2-devel] [PATCH v3 00/24] Provide SEV-SNP support for running under an SVSM
On 4/12/24 10:05, Ard Biesheuvel wrote: On Fri, 12 Apr 2024 at 16:02, Tom Lendacky wrote: Re-pinging the list/maintainers, again. I need reviews from the maintainers on patches #2, #7, #10, #11 and #13. Once I get final approval, I'll submit the change to edk2-platforms for the new library as a reply to this series for a quick review. So this is MdePkg and UefiCpuPkg, right? MdePkg and UefiPayloadPkg. @Liming, Mike, Ray: please let me know if you are ok with these Ray already reviewed/acked the UefiCpuPkg patches. Looking for MdePkg: Liming, Mike or Zhiguang UefiPayloadPkg: Gua, Guo, James or Sean changes, or whether there are any objections. I intend to merge this somewhere next week unless there are issues raised. I'll submit the edk2-platforms series (2 patches, one for Platform/AMD and one for Platform/Intel) on Monday, just to have out there. Thanks, Tom Thanks, Ard. -=-=-=-=-=-=-=-=-=-=-=- Groups.io Links: You receive all messages sent to this group. View/Reply Online (#117717): https://edk2.groups.io/g/devel/message/117717 Mute This Topic: https://groups.io/mt/104810672/21656 Group Owner: devel+ow...@edk2.groups.io Unsubscribe: https://edk2.groups.io/g/devel/unsub [arch...@mail-archive.com] -=-=-=-=-=-=-=-=-=-=-=-
[edk2-devel] [PATCH v2 00/45] Support for Arm CCA guest firmware
This v2 series enables the Arm Confidential Compute Architecture (CCA) support for the Kvmtool guest firmware and is aligned with the ARM CCA RMM 1.0-eac5 specification. The feedback received for the RFC v1 series has been addressed in this series and the intention is to integrate the Arm CCA support in ArmVirtPkg and enable the guest firmware support for Realms. Summary of updates in this v2 Series: 1. Variable emulation support patches that we part of v1 series are already merged, hence dropped from this series. 2. SetMemoryRegionAttributes() was dropped in the upstream code. Therefore, introduced SetMemoryProtectionAttribute() to configure the top bit of the Realm IPA space which is used as the protection bit 3. The patch to add the APRIORI Dxe ArmCcaDxe has been dropped. 4. Dropped patch that configured PcdMonitorConduitHvc as a dynamic PCD, and introduced ArmVirtMonitorLib, a new instance of the ArmMonitorLib that reads the conduit to be used from the FDT. 4. Bug fixes to correct the size of IMM field in RSI Host Call arguments, and to correct the RSI Version mask 5. Patches 32 to 43 include updates to the firmware support to RMM specification v1.0-EAC5. 6. Minor optimisations, e.g. to cache the current world value. Introduction Arm Confidential Compute Architecture (CCA) --- Arm CCA is a reference software architecture and implementation that builds on the Realm Management Extension (RME), enabling the execution of Virtual machines (VMs), while preventing access by more privileged software, such as hypervisor. Arm CCA allows the hypervisor to control the VM, but removes the right for access to the code, register state or data used by VM. More information on the architecture is available here [1]. Realm World ||Normal World || Secure World || ||| |||| EL0 x-x|| xx | x--x |||| | Realm ||| || | | | |||| | VM*||| | VM | | | | |||| |x---x||| || | | | |||| || |||| || | | H | |||| || Guest |||| || | | | |||| || OS ||||-||---| o |-|||| || |||| || | | | |||| |x---x||| || | | s | |||| |^||| || | | | |||| ||||| || | | t | |||| |+---+||| || | | | |||| || REALM |||| || | | | |||| || GUEST |||| || | | O | |||| || UEFI |||| || | | | |||| |+---+||| || | | S | |||| EL1 x-x|| xx | | | |||| ^ ||| | | |||| | ||| | | |||| R*||--| |-|||| S || | | |||| I || x-->| | |||| | || | | | |||| | || | x--x |||| | || | ^|||| v || SMC ||||| x---x || | x--x |||| | RMM* | || | | HOST | |||| x---x || | | UEFI | |||| ^ || | x--x |||| EL2 | || ||||| | || ||||| =|=| | | x--- *RMI* ---x EL3 Root World EL3 Firmware === Where: RMM - Realm Management Monitor RMI - Realm Management Interface RSI - Realm Service Interface SMC - Secure Monitor Call RME introduces two added additional worlds, "Realm world" and "Root World" in addition to the traditional Secure world and Normal world. The Arm CCA defines a new component, Realm Management Monitor (RMM) that runs at R-EL2. This is a standard piece of firmware, verified, installed and loaded by the EL3 firmware (e.g., TF-A), at system boot. The RMM provides a standard interface Realm Management Interface (RMI) to the Normal world hypervisor to manage the
[edk2-devel] [PATCH v2 41/45] ArmVirtPkg: RMM 1.0-eac4 - Add RSI Features support
The RMM 1.0-eac4 introduces a new FID RSI_FEATURES to query the RSI features supported that have been implemented. Therefore, introduce a new function RsiGetFeatures to query the features supported by the RSI. Cc: Ard Biesheuvel Cc: Leif Lindholm Cc: Gerd Hoffmann Signed-off-by: Sami Mujawar --- ArmVirtPkg/Include/Library/ArmCcaRsiLib.h | 24 +++- ArmVirtPkg/Library/ArmCcaRsiLib/ArmCcaRsi.h| 3 +- ArmVirtPkg/Library/ArmCcaRsiLib/ArmCcaRsiLib.c | 39 +++- 3 files changed, 63 insertions(+), 3 deletions(-) diff --git a/ArmVirtPkg/Include/Library/ArmCcaRsiLib.h b/ArmVirtPkg/Include/Library/ArmCcaRsiLib.h index 88351f53336c42c032fcff6ea97ea7728b917b76..8c1c0d5bc19d14fa640464c8d0d44e3ef522ba79 100644 --- a/ArmVirtPkg/Include/Library/ArmCcaRsiLib.h +++ b/ArmVirtPkg/Include/Library/ArmCcaRsiLib.h @@ -11,7 +11,7 @@ - REM - Realm Extensible Measurement @par Reference(s): - - Realm Management Monitor (RMM) Specification, version 1.0-eac3 + - Realm Management Monitor (RMM) Specification, version 1.0-eac4 (https://developer.arm.com/documentation/den0137/) **/ @@ -334,4 +334,26 @@ RsiGetVersion ( OUT UINT16 *CONST Minor ); +/** + Get the features supported by the RSI implementation. + + RMM implementations across different CCA platforms may support + disparate features and may offer disparate configuration options + for Realms. The features supported by an RSI implementation are + discovered by reading feature pseudo-register values using the + RSI_FEATURES command. + + @param [in] FeatureRegIndexThe Feature Register Index. + @param [out] FeatureRegValueThe Feature Register Value. + + @retval RETURN_SUCCESSSuccess. + @retval RETURN_INVALID_PARAMETER A parameter is invalid. +**/ +RETURN_STATUS +EFIAPI +RsiGetFeatures ( + INUINT64 FeatureRegIndex, + OUT UINT64 *FeatureRegValue + ); + #endif // ARM_CCA_RSI_LIB_ diff --git a/ArmVirtPkg/Library/ArmCcaRsiLib/ArmCcaRsi.h b/ArmVirtPkg/Library/ArmCcaRsiLib/ArmCcaRsi.h index b1c359e2486c20ee19493b10ed3fcef1e20f2689..cd2c9ac05c02413caeed26fd764320dd751ea05b 100644 --- a/ArmVirtPkg/Library/ArmCcaRsiLib/ArmCcaRsi.h +++ b/ArmVirtPkg/Library/ArmCcaRsiLib/ArmCcaRsi.h @@ -10,7 +10,7 @@ - RIPAS- Realm IPA state @par Reference(s): - - Realm Management Monitor (RMM) Specification, version A-bet0 + - Realm Management Monitor (RMM) Specification, version 1.0-eac4 (https://developer.arm.com/documentation/den0137/) **/ @@ -20,6 +20,7 @@ // FIDs for Realm Service Interface calls. #define FID_RSI_ATTESTATION_TOKEN_CONTINUE 0xC4000195 #define FID_RSI_ATTESTATION_TOKEN_INIT 0xC4000194 +#define FID_RSI_FEATURES0xC4000191 #define FID_RSI_HOST_CALL 0xC4000199 #define FID_RSI_IPA_STATE_GET 0xC4000198 #define FID_RSI_IPA_STATE_SET 0xC4000197 diff --git a/ArmVirtPkg/Library/ArmCcaRsiLib/ArmCcaRsiLib.c b/ArmVirtPkg/Library/ArmCcaRsiLib/ArmCcaRsiLib.c index 12636c484824426b2ea81ca007d962f5f7c58f8c..edd2e11f786d11191f13dd9b087cdeec4127b375 100644 --- a/ArmVirtPkg/Library/ArmCcaRsiLib/ArmCcaRsiLib.c +++ b/ArmVirtPkg/Library/ArmCcaRsiLib/ArmCcaRsiLib.c @@ -11,7 +11,7 @@ - REM - Realm Extensible Measurement @par Reference(s): - - Realm Management Monitor (RMM) Specification, version 1.0-eac3 + - Realm Management Monitor (RMM) Specification, version 1.0-eac4 (https://developer.arm.com/documentation/den0137/) **/ @@ -574,3 +574,40 @@ RsiGetVersion ( *Major = (SmcCmd.Arg0 & RSI_VER_MAJOR_MASK) >> RSI_VER_MAJOR_SHIFT; return RETURN_SUCCESS; } + +/** + Get the features supported by the RSI implementation. + + RMM implementations across different CCA platforms may support + disparate features and may offer disparate configuration options + for Realms. The features supported by an RSI implementation are + discovered by reading feature pseudo-register values using the + RSI_FEATURES command. + + @param [in] FeatureRegIndexThe Feature Register Index. + @param [out] FeatureRegValueThe Feature Register Value. + + @retval RETURN_SUCCESSSuccess. + @retval RETURN_INVALID_PARAMETER A parameter is invalid. +**/ +RETURN_STATUS +EFIAPI +RsiGetFeatures ( + INUINT64 FeatureRegIndex, + OUT UINT64 *FeatureRegValue + ) +{ + ARM_SMC_ARGS SmcCmd; + + if (FeatureRegValue == NULL) { +return RETURN_INVALID_PARAMETER; + } + + ZeroMem (&SmcCmd, sizeof (SmcCmd)); + SmcCmd.Arg0 = FID_RSI_FEATURES; + SmcCmd.Arg1 = FeatureRegIndex; + + ArmCallSmc (&SmcCmd); + *FeatureRegValue = SmcCmd.Arg1; + return RsiCmdStatusToEfiStatus (SmcCmd.Arg0); +} -- 'Guid(CE165669-3EF3-493F-B85D-6190EE5B9759)' -=-=-=-=-=-=-=-=-=-=-=- Groups.io Links: You receive all messages sent to this group. View/Reply Online (#117715): https://edk2.groups.io/g/devel/message/117715 Mute This Topic: https://groups.io/mt/105484267/21656
[edk2-devel] [PATCH v2 43/45] ArmVirtPkg: RMM 1.0-eac5 - Update RSI Version support
The RMM 1.0-eac5 specification updates the RSI version command to return the highest interface revision which is supported by the RMM and the lower revision value which indicates: a. The RMM supports an interface revision which is compatible with the requested revision and the lower revision is equal to the requested revision and the status code is RSI_SUCCESS b. The RMM does not support the requested version, but the RMM supports an interface revision which is lower than the requested revision and the status code is RSI_ERROR_INPUT c. The RMM does not support an interface revision which is compatible with the requested revision and that it supports an interface revision that is greater than the requested revision. The status code is RSI_ERROR_INPUT and the lower revision is equal to the higher revision. Therefore, update the RsiGetVersion() to return the lower and higher revision that is supported by the RMM. The RsiGetVersion function also returns the RSI version that is implemented by the firmware. Cc: Ard Biesheuvel Cc: Leif Lindholm Cc: Gerd Hoffmann Signed-off-by: Sami Mujawar --- ArmVirtPkg/Include/Library/ArmCcaRsiLib.h | 20 -- ArmVirtPkg/Library/ArmCcaLib/ArmCcaLib.c | 11 +++- ArmVirtPkg/Library/ArmCcaRsiLib/ArmCcaRsi.h| 12 +++- ArmVirtPkg/Library/ArmCcaRsiLib/ArmCcaRsiLib.c | 65 4 files changed, 85 insertions(+), 23 deletions(-) diff --git a/ArmVirtPkg/Include/Library/ArmCcaRsiLib.h b/ArmVirtPkg/Include/Library/ArmCcaRsiLib.h index b768f3498314a2ea61762af65bf2668d463909a6..fd86191f90f64329aadbb847d31cd46d2549b032 100644 --- a/ArmVirtPkg/Include/Library/ArmCcaRsiLib.h +++ b/ArmVirtPkg/Include/Library/ArmCcaRsiLib.h @@ -330,17 +330,25 @@ RsiHostCall ( /** Get the version of the RSI implementation. - @param [out] Major The major version of the RSI implementation. - @param [out] Minor The minor version of the RSI implementation. + @param [out] UefiImpl The version of the RSI specification +implemented by the UEFI firmware. + @param [out] RmmImplLow The low version of the RSI specification +implemented by the RMM. + @param [out] RmmImplHigh The high version of the RSI specification +implemented by the RMM. - @retval RETURN_SUCCESSSuccess. - @retval RETURN_INVALID_PARAMETER A parameter is invalid. + @retval RETURN_SUCCESSSuccess. + @retval RETURN_UNSUPPORTEDThe execution context is not a Realm. + @retval RETURN_INCOMPATIBLE_VERSION The Firmware and RMM specification +revisions are not compatible. + @retval RETURN_INVALID_PARAMETER A parameter is invalid. **/ RETURN_STATUS EFIAPI RsiGetVersion ( - OUT UINT16 *CONST Major, - OUT UINT16 *CONST Minor + OUT UINT32 *CONST UefiImpl, + OUT UINT32 *CONST RmmImplLow, + OUT UINT32 *CONST RmmImplHigh ); /** diff --git a/ArmVirtPkg/Library/ArmCcaLib/ArmCcaLib.c b/ArmVirtPkg/Library/ArmCcaLib/ArmCcaLib.c index 57b05f308377cf931c5f43fc7793c260dfdc36fb..3abb4dfaf567c635b28ff3a7cd5adea064e02510 100644 --- a/ArmVirtPkg/Library/ArmCcaLib/ArmCcaLib.c +++ b/ArmVirtPkg/Library/ArmCcaLib/ArmCcaLib.c @@ -36,11 +36,16 @@ IsRealm ( ) { RETURN_STATUS Status; - UINT16 Major; - UINT16 Minor; + UINT32 UefiImpl; + UINT32 RmmImplLow; + UINT32 RmmImplHigh; if (ArmHasRme ()) { -Status = RsiGetVersion (&Major, &Minor); +Status = RsiGetVersion ( + &UefiImpl, + &RmmImplLow, + &RmmImplHigh + ); if (!RETURN_ERROR (Status)) { return TRUE; } diff --git a/ArmVirtPkg/Library/ArmCcaRsiLib/ArmCcaRsi.h b/ArmVirtPkg/Library/ArmCcaRsiLib/ArmCcaRsi.h index cd2c9ac05c02413caeed26fd764320dd751ea05b..ce3cb0c36ffa6ddf3a16f9f47199123dc6150c51 100644 --- a/ArmVirtPkg/Library/ArmCcaRsiLib/ArmCcaRsi.h +++ b/ArmVirtPkg/Library/ArmCcaRsiLib/ArmCcaRsi.h @@ -10,7 +10,7 @@ - RIPAS- Realm IPA state @par Reference(s): - - Realm Management Monitor (RMM) Specification, version 1.0-eac4 + - Realm Management Monitor (RMM) Specification, version 1.0-eac5 (https://developer.arm.com/documentation/den0137/) **/ @@ -45,5 +45,15 @@ #define RSI_VER_MINOR_MASK 0xULL #define RSI_VER_MAJOR_MASK 0x7FFFULL #define RSI_VER_MAJOR_SHIFT 16 +#define RSI_VERSION_MASK (RSI_VER_MAJOR_MASK | RSI_VER_MINOR_MASK) + +#define RMM_VERSION(Major, Minor) ((Minor & RSI_VER_MINOR_MASK) | \ + ((Major << RSI_VER_MAJOR_SHIFT) & RSI_VER_MAJOR_MASK)) + +#define GET_MAJOR_REVISION(Rev) \ + ((Rev & RSI_VER_MAJOR_MASK) >> RSI_VER_MAJOR_SHIFT) + +#define GET_MINOR_REVISION(Rev) \ + ((Rev & RSI_VER_MINOR_MASK)) #endif // ARM_CCA_RSI_H_ diff --git a/ArmVirtPkg/Library/ArmCcaRsiLib/ArmCcaRsiLib.c b/ArmVirtPkg/Library/ArmCcaRsiLib/ArmCcaRsi
[edk2-devel] [PATCH v2 44/45] ArmVirtPkg: ArmCcaLib: Cache current world value
IsRealm() probes to check if the code is executing in a Realm context by checking if RME is supported and then issuing a RSI_VERSION command to check it is supported. Instead of calling RSI_VERSION command every time the IsRealm() is called, cache the world value we are running in, to return the value in subsequent calls. Cc: Ard Biesheuvel Cc: Leif Lindholm Cc: Gerd Hoffmann Signed-off-by: Sami Mujawar --- ArmVirtPkg/Library/ArmCcaLib/ArmCcaLib.c | 31 1 file changed, 18 insertions(+), 13 deletions(-) diff --git a/ArmVirtPkg/Library/ArmCcaLib/ArmCcaLib.c b/ArmVirtPkg/Library/ArmCcaLib/ArmCcaLib.c index 3abb4dfaf567c635b28ff3a7cd5adea064e02510..67ad2824f1f6a8fe4e1fd3f837300097a68775c7 100644 --- a/ArmVirtPkg/Library/ArmCcaLib/ArmCcaLib.c +++ b/ArmVirtPkg/Library/ArmCcaLib/ArmCcaLib.c @@ -35,23 +35,28 @@ IsRealm ( VOID ) { - RETURN_STATUS Status; - UINT32 UefiImpl; - UINT32 RmmImplLow; - UINT32 RmmImplHigh; + RETURN_STATUS Status; + UINT32 UefiImpl; + UINT32 RmmImplLow; + UINT32 RmmImplHigh; + STATIC BOOLEAN RealmWorld = FALSE; + STATIC BOOLEAN FlagsInitialised = FALSE; - if (ArmHasRme ()) { -Status = RsiGetVersion ( - &UefiImpl, - &RmmImplLow, - &RmmImplHigh - ); -if (!RETURN_ERROR (Status)) { - return TRUE; + if (!FlagsInitialised) { +FlagsInitialised = TRUE; +if (ArmHasRme ()) { + Status = RsiGetVersion ( + &UefiImpl, + &RmmImplLow, + &RmmImplHigh + ); + if (!RETURN_ERROR (Status)) { +RealmWorld = TRUE; + } } } - return FALSE; + return RealmWorld; } /** -- 'Guid(CE165669-3EF3-493F-B85D-6190EE5B9759)' -=-=-=-=-=-=-=-=-=-=-=- Groups.io Links: You receive all messages sent to this group. View/Reply Online (#117714): https://edk2.groups.io/g/devel/message/117714 Mute This Topic: https://groups.io/mt/105484265/21656 Group Owner: devel+ow...@edk2.groups.io Unsubscribe: https://edk2.groups.io/g/devel/unsub [arch...@mail-archive.com] -=-=-=-=-=-=-=-=-=-=-=-
[edk2-devel] [PATCH v2 45/45] ArmVirtPkg: ArmCcaIoMmu: Provide an implementation for SetAttribute
The patch at "049695a0b1e2 MdeModulePkg/PciBusDxe: Add feedback status for PciIoMap" adds support to propagate the error code following the invocation of the IoMmu protocol SetAttribute() operation. Since the ArmCcaIoMmuDxe implementation of the SetAttribute() function returned EFI_UNSUPPORTED, it resulted in the virtio disk not being mounted. Although there is nothing to be done in SetAttribute(), follow the approach as done by the patch at "97c3f5b8d272 Provide an implementation for SetAttribute" to validate the IoMmu access method being requested against the IoMmu mapping operation and return a suitable return code. Cc: Ard Biesheuvel Cc: Leif Lindholm Cc: Gerd Hoffmann Signed-off-by: Sami Mujawar --- ArmVirtPkg/ArmCcaIoMmuDxe/ArmCcaIoMmu.c | 63 +++- 1 file changed, 61 insertions(+), 2 deletions(-) diff --git a/ArmVirtPkg/ArmCcaIoMmuDxe/ArmCcaIoMmu.c b/ArmVirtPkg/ArmCcaIoMmuDxe/ArmCcaIoMmu.c index cf52b82218bb9ece7bfedcb6e3a2ced00eff5e92..91f9dae91843b6739ddb818e9ec81706ccfa73b3 100644 --- a/ArmVirtPkg/ArmCcaIoMmuDxe/ArmCcaIoMmu.c +++ b/ArmVirtPkg/ArmCcaIoMmuDxe/ArmCcaIoMmu.c @@ -629,7 +629,9 @@ IoMmuFreeBuffer ( @param[in] Mapping The mapping value returned from Map(). @param[in] IoMmuAccess The IOMMU access. - @retval EFI_UNSUPPORTEDOperation not supported by IOMMU. + @retval EFI_INVALID_PARAMETER A parameter was invalid. + @retval EFI_UNSUPPORTED The requested operation is not supported. + @retval EFI_SUCCESS Success. **/ EFI_STATUS @@ -641,7 +643,64 @@ IoMmuSetAttribute ( IN UINT64IoMmuAccess ) { - return EFI_UNSUPPORTED; + EFI_STATUS Status; + MAP_INFO*MapInfo; + + DEBUG (( +DEBUG_VERBOSE, +"%a: Mapping=0x%p Access=%lu\n", +__func__, +Mapping, +IoMmuAccess +)); + + if (Mapping == NULL) { +return EFI_INVALID_PARAMETER; + } + + Status = EFI_SUCCESS; + + // An IoMmuAccess value of 0 is always accepted, + // validate any non-zero value. + if (IoMmuAccess != 0) { +MapInfo = (MAP_INFO *)Mapping; + +// The mapping operation already implied the access mode. +// Validate that the supplied access mode matches operation +// access mode. +switch (MapInfo->Operation) { + case EdkiiIoMmuOperationBusMasterRead: + case EdkiiIoMmuOperationBusMasterRead64: +if (IoMmuAccess != EDKII_IOMMU_ACCESS_READ) { + Status = EFI_INVALID_PARAMETER; +} + +break; + + case EdkiiIoMmuOperationBusMasterWrite: + case EdkiiIoMmuOperationBusMasterWrite64: +if (IoMmuAccess != EDKII_IOMMU_ACCESS_WRITE) { + Status = EFI_INVALID_PARAMETER; +} + +break; + + case EdkiiIoMmuOperationBusMasterCommonBuffer: + case EdkiiIoMmuOperationBusMasterCommonBuffer64: +if (IoMmuAccess != +(EDKII_IOMMU_ACCESS_READ | EDKII_IOMMU_ACCESS_WRITE)) +{ + Status = EFI_INVALID_PARAMETER; +} + +break; + + default: +Status = EFI_UNSUPPORTED; +} // switch + } + + return Status; } /** Arm CCA IoMMU protocol -- 'Guid(CE165669-3EF3-493F-B85D-6190EE5B9759)' -=-=-=-=-=-=-=-=-=-=-=- Groups.io Links: You receive all messages sent to this group. View/Reply Online (#117713): https://edk2.groups.io/g/devel/message/117713 Mute This Topic: https://groups.io/mt/105484264/21656 Group Owner: devel+ow...@edk2.groups.io Unsubscribe: https://edk2.groups.io/g/devel/unsub [arch...@mail-archive.com] -=-=-=-=-=-=-=-=-=-=-=-
[edk2-devel] [PATCH v2 30/45] ArmVirtPkg: ArmCcaRsiLib: Fix incorrect RSI version masks
The RsiInterfaceVersion fieldset contains an RSI interface version and the width of this fieldset is 64 bits. The bits 15:0 of this fieldset represent the RSI minor revision number and the bits 30:16 represent the major revision number. The remaining bits 63:31 are reserved and should be zero. The RSI version masks were incorrectly defined which resulted in an incorrect RSI version being returned by RsiGetVersion (). Therefore, fix the RSI version masks to reflect the bit fields defined by the RMM specification. Cc: Ard Biesheuvel Cc: Leif Lindholm Cc: Gerd Hoffmann Signed-off-by: Sami Mujawar --- ArmVirtPkg/Library/ArmCcaRsiLib/ArmCcaRsi.h | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/ArmVirtPkg/Library/ArmCcaRsiLib/ArmCcaRsi.h b/ArmVirtPkg/Library/ArmCcaRsiLib/ArmCcaRsi.h index 70e84a20711f04c32a5850230cc907a6d231f50b..b1c359e2486c20ee19493b10ed3fcef1e20f2689 100644 --- a/ArmVirtPkg/Library/ArmCcaRsiLib/ArmCcaRsi.h +++ b/ArmVirtPkg/Library/ArmCcaRsiLib/ArmCcaRsi.h @@ -41,8 +41,8 @@ See Section B4.4.3, RMM Specification, version A-bet0. The width of the RsiInterfaceVersion fieldset is 64 bits. */ -#define RSI_VER_MINOR_MASK 0x00FFULL -#define RSI_VER_MAJOR_MASK 0x7F00ULL +#define RSI_VER_MINOR_MASK 0xULL +#define RSI_VER_MAJOR_MASK 0x7FFFULL #define RSI_VER_MAJOR_SHIFT 16 #endif // ARM_CCA_RSI_H_ -- 'Guid(CE165669-3EF3-493F-B85D-6190EE5B9759)' -=-=-=-=-=-=-=-=-=-=-=- Groups.io Links: You receive all messages sent to this group. View/Reply Online (#117712): https://edk2.groups.io/g/devel/message/117712 Mute This Topic: https://groups.io/mt/105484263/21656 Group Owner: devel+ow...@edk2.groups.io Unsubscribe: https://edk2.groups.io/g/devel/unsub [arch...@mail-archive.com] -=-=-=-=-=-=-=-=-=-=-=-
Re: [edk2-devel] MdeModulePkg: Fix MAT SplitRecord() Logic introduce one bug and will cause SUT reset when boot to windows
Hi Yanbo, Can you help me understand the memory layout which causes this issue? If a single EfiRuntimeServicesCode descriptor needs to be split because an image is within the memory range. I think that descriptor is split like so in the case you're encountering: --- --- --- | DATA | | | --- | | | CODE | | Image | --- | Memory | EfiRuntimeServicesCode | DATA | | | --- --- | | Extra Pages | | --- --- In this case, because the memory type of the buffer is EfiRuntimeServicesCode, shouldn't the final pages be EFI_MEMORY_RO? Thanks! -Taylor On 4/11/2024 10:14 PM, Huang, Yanbo wrote: Hi Beebe, Recently we found this commit " MdeModulePkg: Fix MAT SplitRecord() Logic " will cause SUT reset after enable some knobs. I filed one Bugzilla for it: https://bugzilla.tianocore.org/show_bug.cgi?id=4751 After debug, we found in SplitRecord API, many entries attribute are set to 0, not align with the UEFI spec: "Memory Attributes Table (MAT): EFI_MEMORY_ATTRIBUTES_TABLE. The entire UEFI runtime must be described by this table. All entries must include attributes EFI_MEMORY_RO, EFI_MEMORY_XP, or both. Memory MUST be either readable and executable OR writeable and non-executable." This should be the root cause of this issue. When we update "NewRecord->Attribute = TempRecord.Attribute;" to "NewRecord->Attribute = TempRecord.Attribute | EFI_MEMORY_XP;", SUT can boot to windows. @taylor.d.be...@gmail.com Could you please help to send one formal fix patch for this issue? Thanks! Best Regards, Yanbo Huang -Original Message- From: devel@edk2.groups.io On Behalf Of Taylor Beebe Sent: Tuesday, November 28, 2023 2:18 AM To: devel@edk2.groups.io Cc: Wang, Jian J ; Gao, Liming ; Bi, Dandan Subject: [edk2-devel] [PATCH v5 10/16] MdeModulePkg: Fix MAT SplitRecord() Logic SplitRecord() does not handle the case where a memory descriptor describes an image region plus extra pages before or after the image region. This patch fixes this case by carving off the unrelated regions into their own descriptors. Cc: Jian J Wang Cc: Liming Gao Cc: Dandan Bi Signed-off-by: Taylor Beebe Reviewed-by: Liming Gao --- MdeModulePkg/Library/ImagePropertiesRecordLib/ImagePropertiesRecordLib.c | 56 ++-- 1 file changed, 27 insertions(+), 29 deletions(-) diff --git a/MdeModulePkg/Library/ImagePropertiesRecordLib/ImagePropertiesRecordLib.c b/MdeModulePkg/Library/ImagePropertiesRecordLib/ImagePropertiesRecordLib.c index 7c0ecd07c1bb..9d4082280bf5 100644 --- a/MdeModulePkg/Library/ImagePropertiesRecordLib/ImagePropertiesRecordLib.c +++ b/MdeModulePkg/Library/ImagePropertiesRecordLib/ImagePropertiesRecor +++ dLib.c @@ -323,7 +323,6 @@ SplitRecord ( UINT64 PhysicalEnd; UINTNNewRecordCount; UINTNTotalNewRecordCount; - BOOLEAN IsLastRecordData; if (MaxSplitRecordCount == 0) { CopyMem (NewRecord, OldRecord, DescriptorSize); @@ -344,35 +343,16 @@ SplitRecord ( NewImageRecord = GetImageRecordByAddress (PhysicalStart, PhysicalEnd - PhysicalStart, ImageRecordList); if (NewImageRecord == NULL) { // - // No more image covered by this range, stop + // No more images cover this range, check if we've reached the end of the old descriptor. If not, + // add the remaining range to the new descriptor list. // - if ((PhysicalEnd > PhysicalStart) && (ImageRecord != NULL)) { -// -// If this is still address in this record, need record. -// -NewRecord= PREVIOUS_MEMORY_DESCRIPTOR (NewRecord, DescriptorSize); -IsLastRecordData = FALSE; -if ((NewRecord->Attribute & EFI_MEMORY_XP) != 0) { - IsLastRecordData = TRUE; -} - -if (IsLastRecordData) { - // - // Last record is DATA, just merge it. - // - NewRecord->NumberOfPages = EfiSizeToPages (PhysicalEnd - NewRecord->PhysicalStart); -} else { - // - // Last record is CODE, create a new DATA entry. - // - NewRecord= NEXT_MEMORY_DESCRIPTOR (NewRecord, DescriptorSize); - NewRecord->Type = TempRecord.Type; - NewRecord->PhysicalStart = TempRecord.PhysicalStart; - NewRecord->VirtualStart = 0; - NewRecord->NumberOfPages = TempRecord.NumberOfPages; - NewRecord->Attribute = TempRecord.Attribute | EFI_MEMORY_XP; - TotalNewRecordCount++; -} + if (PhysicalEnd > PhysicalStart) { +NewRecord->Type = TempRecord.Type; +NewRecord->PhysicalStart = PhysicalStart; +NewRecord->VirtualStart = 0; +NewRecord->NumberOfPages = EfiSizeToPages (PhysicalEnd -
Re: [edk2-devel] [PATCH v3 00/24] Provide SEV-SNP support for running under an SVSM
On Fri, 12 Apr 2024 at 16:02, Tom Lendacky wrote: > > Re-pinging the list/maintainers, again. I need reviews from the > maintainers on patches #2, #7, #10, #11 and #13. > > Once I get final approval, I'll submit the change to edk2-platforms for > the new library as a reply to this series for a quick review. > So this is MdePkg and UefiCpuPkg, right? @Liming, Mike, Ray: please let me know if you are ok with these changes, or whether there are any objections. I intend to merge this somewhere next week unless there are issues raised. Thanks, Ard. -=-=-=-=-=-=-=-=-=-=-=- Groups.io Links: You receive all messages sent to this group. View/Reply Online (#117709): https://edk2.groups.io/g/devel/message/117709 Mute This Topic: https://groups.io/mt/104810672/21656 Group Owner: devel+ow...@edk2.groups.io Unsubscribe: https://edk2.groups.io/g/devel/unsub [arch...@mail-archive.com] -=-=-=-=-=-=-=-=-=-=-=-
[edk2-devel] [PATCH v2 38/45] ArmVirtPkg: RMM 1.0-eac2 - Add RsiRipasChangeFlags definitions
The RMM specification 1.0-eac2 updates the RSI_IPA_STATE_SET interface to add a new parameter RsiRipasChangeFlags. The RsiRipasChangeFlags fieldset is 64 bits and the bit 0 describes the RsiRipasChangeDestroyed type which is used to indicate if a RIPAS change from DESTROYED should be permitted or not. Therefore, define the macros for specifying the RsiRipasChangeFlags that represent the RsiRipasChangeDestroyed type. Cc: Ard Biesheuvel Cc: Leif Lindholm Cc: Gerd Hoffmann Signed-off-by: Sami Mujawar --- ArmVirtPkg/Include/Library/ArmCcaRsiLib.h | 20 1 file changed, 20 insertions(+) diff --git a/ArmVirtPkg/Include/Library/ArmCcaRsiLib.h b/ArmVirtPkg/Include/Library/ArmCcaRsiLib.h index e237187dbc481d32aa6018c135aabe6f5a0781c6..154a5717f259502952a36312f6c3b3d6b75f15cb 100644 --- a/ArmVirtPkg/Include/Library/ArmCcaRsiLib.h +++ b/ArmVirtPkg/Include/Library/ArmCcaRsiLib.h @@ -71,6 +71,26 @@ */ #define RSI_HASH_SHA_512 1 +/* The RsiRipasChangeFlags fieldset contains flags provided by + the Realm when requesting a RIPAS change. + See section B4.4.8 RsiRipasChangeFlags type in the + RMM Specification, version 1.0-eac2. + The following macros prefixed RIPAS_CHANGE_FLAGS_xxx + define the values of the RsiRipasChangeFlags fieldset. +*/ + +/* A RIPAS change from DESTROYED should not be permitted. + See section B4.4.7 RsiRipasChangeDestroyed type in the + RMM Specification, version 1.0-eac2 +*/ +#define RIPAS_CHANGE_FLAGS_RSI_NO_CHANGE_DESTROYED 0 + +/* A RIPAS change from DESTROYED should be permitted. + See section B4.4.7 RsiRipasChangeDestroyed type in the + RMM Specification, version 1.0-eac2 +*/ +#define RIPAS_CHANGE_FLAGS_RSI_CHANGE_DESTROYED 1 + /** An enum describing the RSI RIPAS. See Section A5.2.2 Realm IPA state, RMM Specification, version 1.0-eac2 */ -- 'Guid(CE165669-3EF3-493F-B85D-6190EE5B9759)' -=-=-=-=-=-=-=-=-=-=-=- Groups.io Links: You receive all messages sent to this group. View/Reply Online (#117708): https://edk2.groups.io/g/devel/message/117708 Mute This Topic: https://groups.io/mt/105483452/21656 Group Owner: devel+ow...@edk2.groups.io Unsubscribe: https://edk2.groups.io/g/devel/unsub [arch...@mail-archive.com] -=-=-=-=-=-=-=-=-=-=-=-
[edk2-devel] [PATCH v2 37/45] ArmVirtPkg: RMM 1.0-eac2 - Add RIPAS DESTROYED state
The RMM specification 1.0-eac2 updates the RIPAS state to add a new DESTROYED state for an address which is inaccessible to the Realm due to an action taken by the Host. Therefore, update the RSI RIPAS state enum to add the new RIPAS_DESTROYED state. Cc: Ard Biesheuvel Cc: Leif Lindholm Cc: Gerd Hoffmann Signed-off-by: Sami Mujawar --- ArmVirtPkg/Include/Library/ArmCcaRsiLib.h | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/ArmVirtPkg/Include/Library/ArmCcaRsiLib.h b/ArmVirtPkg/Include/Library/ArmCcaRsiLib.h index 2b72ad09da85a9fd2f067db1c511d12f636d3dda..e237187dbc481d32aa6018c135aabe6f5a0781c6 100644 --- a/ArmVirtPkg/Include/Library/ArmCcaRsiLib.h +++ b/ArmVirtPkg/Include/Library/ArmCcaRsiLib.h @@ -72,11 +72,12 @@ #define RSI_HASH_SHA_512 1 /** An enum describing the RSI RIPAS. - See Section A5.2.2 Realm IPA state, RMM Specification, version A-bet0 + See Section A5.2.2 Realm IPA state, RMM Specification, version 1.0-eac2 */ typedef enum Ripas { RipasEmpty, ///< Unused IPA location. RipasRam,///< Private code or data owned by the Realm. + RipasDestroyed, ///< An address which is inaccessible to the Realm. RipasMax ///< A valid RIPAS type value is less than RipasMax. } RIPAS; -- 'Guid(CE165669-3EF3-493F-B85D-6190EE5B9759)' -=-=-=-=-=-=-=-=-=-=-=- Groups.io Links: You receive all messages sent to this group. View/Reply Online (#117704): https://edk2.groups.io/g/devel/message/117704 Mute This Topic: https://groups.io/mt/105483447/21656 Group Owner: devel+ow...@edk2.groups.io Unsubscribe: https://edk2.groups.io/g/devel/unsub [arch...@mail-archive.com] -=-=-=-=-=-=-=-=-=-=-=-
[edk2-devel] [PATCH v2 33/45] ArmVirtPkg: RMM 1.0-bet2 - Increase number of RSI host call args
The RMM 1.0-bet2 spec expands the set of GPRs for RSI host call to X0-X30. Therefore, update the RSI HOST_CALL_ARGS structure to reflect these changes. Cc: Ard Biesheuvel Cc: Leif Lindholm Cc: Gerd Hoffmann Signed-off-by: Sami Mujawar --- ArmVirtPkg/Include/Library/ArmCcaRsiLib.h | 29 ++-- ArmVirtPkg/Library/ArmCcaRsiLib/ArmCcaRsiLib.c | 3 +- 2 files changed, 27 insertions(+), 5 deletions(-) diff --git a/ArmVirtPkg/Include/Library/ArmCcaRsiLib.h b/ArmVirtPkg/Include/Library/ArmCcaRsiLib.h index 81d125a81941cc1680cfdfb08e001193851d50e5..3d6ace866def5f10dd74afd4e9340530150f6f43 100644 --- a/ArmVirtPkg/Include/Library/ArmCcaRsiLib.h +++ b/ArmVirtPkg/Include/Library/ArmCcaRsiLib.h @@ -11,7 +11,7 @@ - REM - Realm Extensible Measurement @par Reference(s): - - Realm Management Monitor (RMM) Specification, version 1.0-bet1 + - Realm Management Monitor (RMM) Specification, version 1.0-bet2 (https://developer.arm.com/documentation/den0137/) **/ @@ -82,7 +82,7 @@ typedef struct RealmConfig { } REALM_CONFIG; /** A structure describing the Host Call arguments -See Section 4.4.2 RsiHostCall type, RMM Specification, version 1.0-bet1 +See Section 4.4.2 RsiHostCall type, RMM Specification, version 1.0-bet2 */ typedef struct HostCallArgs { UINT16Imm; @@ -95,7 +95,30 @@ typedef struct HostCallArgs { UINT64Gprs4; UINT64Gprs5; UINT64Gprs6; - UINT8 Reserved[0x100 - (sizeof (UINT64) * 8)]; + UINT64Gprs7; + UINT64Gprs8; + UINT64Gprs9; + UINT64Gprs10; + UINT64Gprs11; + UINT64Gprs12; + UINT64Gprs13; + UINT64Gprs14; + UINT64Gprs15; + UINT64Gprs16; + UINT64Gprs17; + UINT64Gprs18; + UINT64Gprs19; + UINT64Gprs20; + UINT64Gprs21; + UINT64Gprs22; + UINT64Gprs23; + UINT64Gprs24; + UINT64Gprs25; + UINT64Gprs26; + UINT64Gprs27; + UINT64Gprs28; + UINT64Gprs29; + UINT64Gprs30; } HOST_CALL_ARGS; /** diff --git a/ArmVirtPkg/Library/ArmCcaRsiLib/ArmCcaRsiLib.c b/ArmVirtPkg/Library/ArmCcaRsiLib/ArmCcaRsiLib.c index 5984651f6d9d627d9fee30a4fbf11c45b3951877..ceec0477d7ec9ba0ae831aa5a4f31d8a3791b9d1 100644 --- a/ArmVirtPkg/Library/ArmCcaRsiLib/ArmCcaRsiLib.c +++ b/ArmVirtPkg/Library/ArmCcaRsiLib/ArmCcaRsiLib.c @@ -11,7 +11,7 @@ - REM - Realm Extensible Measurement @par Reference(s): - - Realm Management Monitor (RMM) Specification, version 1.0-bet1 + - Realm Management Monitor (RMM) Specification, version 1.0-bet2 (https://developer.arm.com/documentation/den0137/) **/ @@ -522,7 +522,6 @@ RsiHostCall ( // Clear the reserved fields ZeroMem (&Args->Reserved1, sizeof (Args->Reserved1)); - ZeroMem (&Args->Reserved, sizeof (Args->Reserved)); ZeroMem (&SmcCmd, sizeof (SmcCmd)); SmcCmd.Arg0 = FID_RSI_HOST_CALL; -- 'Guid(CE165669-3EF3-493F-B85D-6190EE5B9759)' -=-=-=-=-=-=-=-=-=-=-=- Groups.io Links: You receive all messages sent to this group. View/Reply Online (#117703): https://edk2.groups.io/g/devel/message/117703 Mute This Topic: https://groups.io/mt/105483446/21656 Group Owner: devel+ow...@edk2.groups.io Unsubscribe: https://edk2.groups.io/g/devel/unsub [arch...@mail-archive.com] -=-=-=-=-=-=-=-=-=-=-=-
[edk2-devel] [PATCH v2 42/45] ArmVirtPkg: RMM 1.0-eac5 - Attestation token API updates
The RMM 1.0-eac3 specification removed the restriction that attestation token size must not exceed 4KB. Further it also extended the RSI_ATTESTATION_TOKEN_CONTINUE command so as to return up to a granule worth of the attestation token data. The RMM 1.0-eac5 specification simplified the attestation token interfaces such that, the RSI_ATTESTATION_TOKEN_INIT command returns the upper bound of the attestation token size. This eliminates the need for relocation of token data buffers during attestation token retrieval. Therefore, implement the attestation token API updates from RMM 1.0-eac3 through to RMM 1.0-eac5 specification. Note: The RsiGetAttestationToken() API has been modified such that ArmCcaRsiLib allocates memory for the returned attestation token buffer. The caller is therefore required to call RsiFreeAttestationToken() to free the memory that was allocated for the attestation token buffer. Cc: Ard Biesheuvel Cc: Leif Lindholm Cc: Gerd Hoffmann Signed-off-by: Sami Mujawar --- ArmVirtPkg/Include/Library/ArmCcaRsiLib.h | 31 ++-- ArmVirtPkg/Library/ArmCcaRsiLib/ArmCcaRsiLib.c | 160 +++- 2 files changed, 146 insertions(+), 45 deletions(-) diff --git a/ArmVirtPkg/Include/Library/ArmCcaRsiLib.h b/ArmVirtPkg/Include/Library/ArmCcaRsiLib.h index 8c1c0d5bc19d14fa640464c8d0d44e3ef522ba79..b768f3498314a2ea61762af65bf2668d463909a6 100644 --- a/ArmVirtPkg/Include/Library/ArmCcaRsiLib.h +++ b/ArmVirtPkg/Include/Library/ArmCcaRsiLib.h @@ -11,7 +11,7 @@ - REM - Realm Extensible Measurement @par Reference(s): - - Realm Management Monitor (RMM) Specification, version 1.0-eac4 + - Realm Management Monitor (RMM) Specification, version 1.0-eac5 (https://developer.arm.com/documentation/den0137/) **/ @@ -33,11 +33,6 @@ */ #define RIPAS_TYPE_MASK 0xFF -/* Maximum attestation token size - RBXKKY The size of an attestation token is no larger than 4KB. -*/ -#define MAX_ATTESTATION_TOKEN_SIZE SIZE_4KB - /* Maximum challenge data size in bits. */ #define MAX_CHALLENGE_DATA_SIZE_BITS 512 @@ -185,9 +180,10 @@ typedef struct HostCallArgs { @param [in] ChallengeDataSizeBits Size of the challenge data in bits. @param [out] TokenBuffer Pointer to a buffer to store the retrieved attestation token. - @param [in, out] TokenBufferSize Size of the token buffer on input and - number of bytes stored in token buffer - on return. + @param [out] TokenBufferSize Length of token data returned. + + Note: The TokenBuffer allocated must be freed by the caller + using RsiFreeAttestationToken(). @retval RETURN_SUCCESSSuccess. @retval RETURN_INVALID_PARAMETER A parameter is invalid. @@ -202,8 +198,21 @@ EFIAPI RsiGetAttestationToken ( IN CONST UINT8 *CONST ChallengeData, INUINT64 ChallengeDataSizeBits, - OUT UINT8 *CONST TokenBuffer, - IN OUTUINT64 *CONST TokenBufferSize + OUT UINT8 **CONST TokenBuffer, + OUT UINT64 *CONST TokenBufferSize + ); + +/** + Free the attestation token buffer. + + @param [in] TokenBuffer Pointer to the retrieved + attestation token. + @param [in] TokenBufferSize Size of the token buffer. +**/ +VOID +RsiFreeAttestationToken ( + IN UINT8 *CONST TokenBuffer, + IN UINT64 CONST TokenBufferSize ); /** diff --git a/ArmVirtPkg/Library/ArmCcaRsiLib/ArmCcaRsiLib.c b/ArmVirtPkg/Library/ArmCcaRsiLib/ArmCcaRsiLib.c index edd2e11f786d11191f13dd9b087cdeec4127b375..b861b2e79d5d659a0eb16206d329a0cb039eda0d 100644 --- a/ArmVirtPkg/Library/ArmCcaRsiLib/ArmCcaRsiLib.c +++ b/ArmVirtPkg/Library/ArmCcaRsiLib/ArmCcaRsiLib.c @@ -11,7 +11,7 @@ - REM - Realm Extensible Measurement @par Reference(s): - - Realm Management Monitor (RMM) Specification, version 1.0-eac4 + - Realm Management Monitor (RMM) Specification, version 1.0-eac5 (https://developer.arm.com/documentation/den0137/) **/ @@ -22,6 +22,7 @@ #include #include #include +#include #include "ArmCcaRsi.h" /** @@ -88,6 +89,8 @@ AddrIsGranuleAligned ( @param [out] TokenBuffer Pointer to a buffer to store the retrieved attestation token. + @param [in] Offset Offset within Token buffer granule +to start of buffer in bytes. @param [in,out] TokenSizeOn input size of the token buffer, and on output size of the token returned if operation is successful, @@ -106,6 +109,7 @@ RETURN_STATUS EFIAPI RsiAttestationTokenContinue ( OUT UINT8 *CONST TokenBuffer, + INUINT64 CONST Offset, IN O
[edk2-devel] [PATCH v2 40/45] ArmVirtPkg: RMM 1.0-eac3 - Handle RsiSetIpaState() response
The RMM 1.0-eac3 specification extends the RSI_IPA_STATE_SET command to return a new RsiResponse value to indicate if the Host accepts or rejects the IPA state change request to RAM. Therefore, define the RsiResponse enum and return an error RETURN_ACCESS_DENIED if the Host rejects the RIPAS change request to RAM. Such a failure is fatal and not recoverable and the caller is then expected to tear down the Realm. Cc: Ard Biesheuvel Cc: Leif Lindholm Cc: Gerd Hoffmann Signed-off-by: Sami Mujawar --- ArmVirtPkg/Include/Library/ArmCcaRsiLib.h | 26 +++- ArmVirtPkg/Library/ArmCcaRsiLib/ArmCcaRsiLib.c | 8 +- 2 files changed, 32 insertions(+), 2 deletions(-) diff --git a/ArmVirtPkg/Include/Library/ArmCcaRsiLib.h b/ArmVirtPkg/Include/Library/ArmCcaRsiLib.h index 5c2f996d3b4376e831a901f2919780acffec3313..88351f53336c42c032fcff6ea97ea7728b917b76 100644 --- a/ArmVirtPkg/Include/Library/ArmCcaRsiLib.h +++ b/ArmVirtPkg/Include/Library/ArmCcaRsiLib.h @@ -11,7 +11,7 @@ - REM - Realm Extensible Measurement @par Reference(s): - - Realm Management Monitor (RMM) Specification, version 1.0-eac2 + - Realm Management Monitor (RMM) Specification, version 1.0-eac3 (https://developer.arm.com/documentation/den0137/) **/ @@ -91,6 +91,29 @@ */ #define RIPAS_CHANGE_FLAGS_RSI_CHANGE_DESTROYED 1 +/* The RsiResponse type is a value returned by the + RSI_IPA_STATE_SET command and represents whether + the Host accepted or rejected a Realm request. + See section B4.4.6 RsiResponse type in the + RMM Specification, version 1.0-eac3. + The width of the RsiResponse enumeration is 1 bit + and the following macros prefixed RIPAS_CHANGE_RESPONSE_xxx + define the values of the RsiResponse type. +*/ + +/* The RIPAS change request to RAM was accepted + by the host. +*/ +#define RIPAS_CHANGE_RESPONSE_ACCEPT 0 + +/* The RIPAS change request to RAM was rejected + by the host. +*/ +#define RIPAS_CHANGE_RESPONSE_REJECT 1 + +/* A mask for the RSI Response bit */ +#define RSI_RESPONSE_MASK BIT0 + /** An enum describing the RSI RIPAS. See Section A5.2.2 Realm IPA state, RMM Specification, version 1.0-eac2 */ @@ -209,6 +232,7 @@ RsiGetIpaState ( @retval RETURN_SUCCESSSuccess. @retval RETURN_INVALID_PARAMETER A parameter is invalid. + @retval RETURN_ACCESS_DENIED RIPAS change request was rejected. **/ RETURN_STATUS EFIAPI diff --git a/ArmVirtPkg/Library/ArmCcaRsiLib/ArmCcaRsiLib.c b/ArmVirtPkg/Library/ArmCcaRsiLib/ArmCcaRsiLib.c index 0535254a3991bfe7a19b904e83b9482f801da20c..12636c484824426b2ea81ca007d962f5f7c58f8c 100644 --- a/ArmVirtPkg/Library/ArmCcaRsiLib/ArmCcaRsiLib.c +++ b/ArmVirtPkg/Library/ArmCcaRsiLib/ArmCcaRsiLib.c @@ -11,7 +11,7 @@ - REM - Realm Extensible Measurement @par Reference(s): - - Realm Management Monitor (RMM) Specification, version 1.0-eac2 + - Realm Management Monitor (RMM) Specification, version 1.0-eac3 (https://developer.arm.com/documentation/den0137/) **/ @@ -322,6 +322,7 @@ RsiGetIpaState ( @retval RETURN_SUCCESSSuccess. @retval RETURN_INVALID_PARAMETER A parameter is invalid. + @retval RETURN_ACCESS_DENIED RIPAS change request was rejected. **/ RETURN_STATUS EFIAPI @@ -365,6 +366,11 @@ RsiSetIpaState ( BaseAddress = (UINT64 *)SmcCmd.Arg1; Size= EndAddress - BaseAddress; + +if ((SmcCmd.Arg2 & RSI_RESPONSE_MASK) == RIPAS_CHANGE_RESPONSE_REJECT) { + Status = RETURN_ACCESS_DENIED; + break; +} } // while return Status; -- 'Guid(CE165669-3EF3-493F-B85D-6190EE5B9759)' -=-=-=-=-=-=-=-=-=-=-=- Groups.io Links: You receive all messages sent to this group. View/Reply Online (#117707): https://edk2.groups.io/g/devel/message/117707 Mute This Topic: https://groups.io/mt/105483451/21656 Group Owner: devel+ow...@edk2.groups.io Unsubscribe: https://edk2.groups.io/g/devel/unsub [arch...@mail-archive.com] -=-=-=-=-=-=-=-=-=-=-=-
[edk2-devel] [PATCH v2 35/45] ArmVirtPkg: RMM 1.0-eac1 - Relax alignment of RSI host call arg
The RMM 1.0-eac1 relaxed the RSI_HOST_CALL alignment requirement from 4KB to 256B. Therefore, update the alignment check for the address parameter of the RSI_HOST_CALL command to relax the alignment requirement to 256 bytes. Cc: Ard Biesheuvel Cc: Leif Lindholm Cc: Gerd Hoffmann Signed-off-by: Sami Mujawar --- ArmVirtPkg/Library/ArmCcaRsiLib/ArmCcaRsiLib.c | 8 ++-- 1 file changed, 6 insertions(+), 2 deletions(-) diff --git a/ArmVirtPkg/Library/ArmCcaRsiLib/ArmCcaRsiLib.c b/ArmVirtPkg/Library/ArmCcaRsiLib/ArmCcaRsiLib.c index 59b9d7a12c82a534280595328347995f1ff51ee2..0280d8e42882ddfb02d0a40c47a6fba7855ba84f 100644 --- a/ArmVirtPkg/Library/ArmCcaRsiLib/ArmCcaRsiLib.c +++ b/ArmVirtPkg/Library/ArmCcaRsiLib/ArmCcaRsiLib.c @@ -11,7 +11,7 @@ - REM - Realm Extensible Measurement @par Reference(s): - - Realm Management Monitor (RMM) Specification, version 1.0-eac0 + - Realm Management Monitor (RMM) Specification, version 1.0-eac1 (https://developer.arm.com/documentation/den0137/) **/ @@ -512,7 +512,11 @@ RsiHostCall ( { ARM_SMC_ARGS SmcCmd; - if ((Args == NULL) || (!AddrIsGranuleAligned ((UINT64 *)Args))) { + // The RMM specification, version 1.0-eac1, relaxes the alignment + // requirement for RSI_HOST_CALL from 4KB to 256B. Also see RMM + // specification, sections B4.3.3 RSI_HOST_CALL command and + // section B4.3.3.2 Failure conditions. + if ((Args == NULL) || (((UINT64)Args & (0x100 - 1)) != 0)) { return RETURN_INVALID_PARAMETER; } -- 'Guid(CE165669-3EF3-493F-B85D-6190EE5B9759)' -=-=-=-=-=-=-=-=-=-=-=- Groups.io Links: You receive all messages sent to this group. View/Reply Online (#117705): https://edk2.groups.io/g/devel/message/117705 Mute This Topic: https://groups.io/mt/105483448/21656 Group Owner: devel+ow...@edk2.groups.io Unsubscribe: https://edk2.groups.io/g/devel/unsub [arch...@mail-archive.com] -=-=-=-=-=-=-=-=-=-=-=-
[edk2-devel] [PATCH v2 23/45] ArmVirtPkg: Arm CCA configure system memory in early Pei
When a VMM creates a Realm, a small amount of DRAM (which contains the firmware image) and the initial content is configured as Protected RAM. The remaining System Memory is in the Protected Empty state. The firmware must then initialise the remaining System Memory as Protected RAM before it can be accessed. Therefore, call the ArmCcaConfigureSystemMemory () in the early Pei phase so that the System Memory is configured as Protected RAM. Note: ArmCcaConfigureSystemMemory () is implemented in ArmCcaInitPeiLib for which a Null implementation is provided. Therefore, this change should not have an impact for non-Arm CCA enabled systems. Cc: Ard Biesheuvel Cc: Leif Lindholm Cc: Gerd Hoffmann Signed-off-by: Sami Mujawar --- ArmVirtPkg/PrePi/AArch64/ModuleEntryPoint.S | 6 +- ArmVirtPkg/PrePi/ArmVirtPrePiUniCoreRelocatable.inf | 3 ++- 2 files changed, 7 insertions(+), 2 deletions(-) diff --git a/ArmVirtPkg/PrePi/AArch64/ModuleEntryPoint.S b/ArmVirtPkg/PrePi/AArch64/ModuleEntryPoint.S index 01623b6b3591242778a5c76df5d401b1ce71834f..03bef60dd408e787cbeb912d95639821714f 100644 --- a/ArmVirtPkg/PrePi/AArch64/ModuleEntryPoint.S +++ b/ArmVirtPkg/PrePi/AArch64/ModuleEntryPoint.S @@ -1,5 +1,5 @@ // -// Copyright (c) 2011-2013, ARM Limited. All rights reserved. +// Copyright (c) 2011-2023, Arm Limited. All rights reserved. // Copyright (c) 2015-2016, Linaro Limited. All rights reserved. // // SPDX-License-Identifier: BSD-2-Clause-Patent @@ -11,6 +11,10 @@ ASM_FUNC(_ModuleEntryPoint) blASM_PFX(DiscoverDramFromDt) + // Check if we are in a Realm and configure + // the System Memory as Protected RAM. + blASM_PFX(ArmCcaConfigureSystemMemory) + // Get ID of this CPU in Multicore system blASM_PFX(ArmReadMpidr) // Keep a copy of the MpId register value diff --git a/ArmVirtPkg/PrePi/ArmVirtPrePiUniCoreRelocatable.inf b/ArmVirtPkg/PrePi/ArmVirtPrePiUniCoreRelocatable.inf index 578ee37e7467b2f29bacac0b5d111271061e3ff5..f1c2776c7b74d0fae3529956ea91a9b504ba83c2 100755 --- a/ArmVirtPkg/PrePi/ArmVirtPrePiUniCoreRelocatable.inf +++ b/ArmVirtPkg/PrePi/ArmVirtPrePiUniCoreRelocatable.inf @@ -1,6 +1,6 @@ #/** @file # -# Copyright (c) 2011-2015, ARM Ltd. All rights reserved. +# Copyright (c) 2011-2023, Arm Limited. All rights reserved. # Copyright (c) 2015, Linaro Ltd. All rights reserved. # # SPDX-License-Identifier: BSD-2-Clause-Patent @@ -38,6 +38,7 @@ [Packages] OvmfPkg/OvmfPkg.dec [LibraryClasses] + ArmCcaInitPeiLib BaseLib DebugLib FdtLib -- 'Guid(CE165669-3EF3-493F-B85D-6190EE5B9759)' -=-=-=-=-=-=-=-=-=-=-=- Groups.io Links: You receive all messages sent to this group. View/Reply Online (#117702): https://edk2.groups.io/g/devel/message/117702 Mute This Topic: https://groups.io/mt/105483445/21656 Group Owner: devel+ow...@edk2.groups.io Unsubscribe: https://edk2.groups.io/g/devel/unsub [arch...@mail-archive.com] -=-=-=-=-=-=-=-=-=-=-=-
[edk2-devel] [PATCH v2 28/45] MdePkg: Warn if AArch64 RNDR instruction is not supported
The BaseRngLib library constructor for AArch64 asserts if the RNDR instruction is not supported by the CPU. This approach to warn about the unsupported instruction may be suitable for the host platform firmware. However, for a guest firmware the only mechanism to discover the supported RNG interface is by probing the processor feature registers. The guest firmware may therefore assume that RNDR instruction is supported and if the probe fails, fall back to an alternate RNG source, e.g. Virtio RNG. Therefore, replace the assert with a warning message to allow the guest firmware to progress. Note: - If RNDR instruction is not supported, the GetRandomNumberXXX functions will return FALSE to indicate that the random number generation has failed. It is expected that the calling function checks the status and handles this error appropriately. - This change should not have any side effect as the behaviour will be similar to that of release builds where the asserts would be removed. Cc: Ard Biesheuvel Cc: Leif Lindholm Cc: Gerd Hoffmann Cc: Michael D Kinney Cc: Liming Gao Cc: Zhiguang Liu Signed-off-by: Sami Mujawar --- MdePkg/Library/BaseRngLib/AArch64/Rndr.c | 10 +++--- 1 file changed, 7 insertions(+), 3 deletions(-) diff --git a/MdePkg/Library/BaseRngLib/AArch64/Rndr.c b/MdePkg/Library/BaseRngLib/AArch64/Rndr.c index d39db62153eed415151e7a27a5931231febd20d3..dc41eea8fbfd7d18bca24e2ebe1cdc56b4eb8d81 100644 --- a/MdePkg/Library/BaseRngLib/AArch64/Rndr.c +++ b/MdePkg/Library/BaseRngLib/AArch64/Rndr.c @@ -49,10 +49,14 @@ BaseRngLibConstructor ( // Determine RNDR support by examining bits 63:60 of the ISAR0 register returned by // MSR. A non-zero value indicates that the processor supports the RNDR instruction. // - Isar0 = ArmReadIdIsar0 (); - ASSERT ((Isar0 & RNDR_MASK) != 0); - + Isar0 = ArmReadIdIsar0 (); mRndrSupported = ((Isar0 & RNDR_MASK) != 0); + if (!mRndrSupported) { +DEBUG (( + DEBUG_WARN, + "WARNING: BaseRngLib: RNDR instruction not supported by the processor.\n" + )); + } return EFI_SUCCESS; } -- 'Guid(CE165669-3EF3-493F-B85D-6190EE5B9759)' -=-=-=-=-=-=-=-=-=-=-=- Groups.io Links: You receive all messages sent to this group. View/Reply Online (#117701): https://edk2.groups.io/g/devel/message/117701 Mute This Topic: https://groups.io/mt/105483444/21656 Group Owner: devel+ow...@edk2.groups.io Unsubscribe: https://edk2.groups.io/g/devel/unsub [arch...@mail-archive.com] -=-=-=-=-=-=-=-=-=-=-=-
[edk2-devel] [PATCH v2 26/45] ArmVirtPkg: IoMMU driver to DMA from Realms
On Arm CCA systems the access to pages inside the Realm is protected. However, software executing in a Realm needs to interact with the external world. This may be done using para virtualisation of the disk, network interfaces, etc. For this to work the buffers in the Realm need to be shared with the Host. The sharing and management of the Realm buffers is done by the Realm Aperture Management Protocol, which invokes the necessary Realm Service Interfaces to transition the buffers from Protected IPA to Unprotected IPA. The ArmCcaIoMmu driver provides the necessary hooks so that DMA operations can be performed by bouncing buffers using pages shared with the Host. It uses the Realm Aperture Management protocol to share the buffers with the Host. Cc: Ard Biesheuvel Cc: Leif Lindholm Cc: Gerd Hoffmann Signed-off-by: Sami Mujawar --- ArmVirtPkg/ArmCcaIoMmuDxe/ArmCcaIoMmu.c | 813 ArmVirtPkg/ArmCcaIoMmuDxe/ArmCcaIoMmu.h | 66 ++ ArmVirtPkg/ArmCcaIoMmuDxe/ArmCcaIoMmuDxe.c | 59 ++ ArmVirtPkg/ArmCcaIoMmuDxe/ArmCcaIoMmuDxe.inf | 45 ++ 4 files changed, 983 insertions(+) diff --git a/ArmVirtPkg/ArmCcaIoMmuDxe/ArmCcaIoMmu.c b/ArmVirtPkg/ArmCcaIoMmuDxe/ArmCcaIoMmu.c new file mode 100644 index ..cf52b82218bb9ece7bfedcb6e3a2ced00eff5e92 --- /dev/null +++ b/ArmVirtPkg/ArmCcaIoMmuDxe/ArmCcaIoMmu.c @@ -0,0 +1,813 @@ +/** @file + The protocol provides support to allocate, free, map and umap a DMA buffer + for bus master (e.g PciHostBridge). When the execution context is a Realm, + the DMA operations must be performed on buffers that are shared with the Host. + Hence the RAMP protocol is used to manage the sharing of the DMA buffers or + in some cases to bounce the buffers. + + Copyright (c) 2017, AMD Inc. All rights reserved. + Copyright (c) 2017, Intel Corporation. All rights reserved. + Copyright (c) 2022 - 2023, Arm Limited. All rights reserved. + + SPDX-License-Identifier: BSD-2-Clause-Patent +**/ + +#include "ArmCcaIoMmu.h" + +/** List of the MAP_INFO structures that have been set up by IoMmuMap() and not +yet torn down by IoMmuUnmap(). The list represents the full set of mappings +currently in effect. +*/ +STATIC LIST_ENTRY mMapInfos = INITIALIZE_LIST_HEAD_VARIABLE (mMapInfos); + +#if !defined (MDEPKG_NDEBUG) + +/** ASCII names for EDKII_IOMMU_OPERATION constants, for debug logging. +*/ +STATIC CONST CHAR8 *CONST +mBusMasterOperationName[EdkiiIoMmuOperationMaximum] = { + "Read", + "Write", + "CommonBuffer", + "Read64", + "Write64", + "CommonBuffer64" +}; +#endif + +/** Pointer to the Realm Aperture Management Protocol +*/ +extern EDKII_REALM_APERTURE_MANAGEMENT_PROTOCOL *mRamp; + +/** + Given the host address find a mapping node in the linked list. + + @param [in] HostAddress Host address. + + @return Pointer to the MapInfo node if found, otherwise NULL. +**/ +STATIC +MAP_INFO * +EFIAPI +FindMappingByHostAddress ( + INVOID *HostAddress + ) +{ + LIST_ENTRY *Node; + LIST_ENTRY *NextNode; + MAP_INFO*MapInfo; + + for (Node = GetFirstNode (&mMapInfos); Node != &mMapInfos; Node = NextNode) { +NextNode = GetNextNode (&mMapInfos, Node); +MapInfo = CR (Node, MAP_INFO, Link, MAP_INFO_SIG); +if (MapInfo->HostAddress == HostAddress) { + return MapInfo; +} + } + + return NULL; +} + +/** + Map a shared buffer + + @param [in] Operation IoMMU operation to perform. + @param [in] HostAddress Pointer to the Host buffer. + @param [in] NumberOfBytes Number of bytes to map. + @param [in] BbAddress Bounce buffer address. + @param [in] BbPages Number of pages covering the bounce buffer. + @param [out] Mapping Pointer to the MapInfo node. + + @retval RETURN_SUCCESSSuccess. + @retval RETURN_INVALID_PARAMETER A parameter is invalid. + @retval EFI_OUT_OF_RESOURCES Failed to allocate memory. +**/ +STATIC +EFI_STATUS +MapSharedBuffer ( + INEDKII_IOMMU_OPERATION Operation, + INVOID *HostAddress, + INUINTN NumberOfBytes, + INEFI_PHYSICAL_ADDRESS BbAddress, + INUINTN BbPages, + OUT MAP_INFO **Mapping + ) +{ + EFI_STATUS Status; + MAP_INFO*MapInfo; + + if (BbPages != EFI_SIZE_TO_PAGES (NumberOfBytes)) { +return EFI_INVALID_PARAMETER; + } + + // Allocate a MAP_INFO structure to remember the mapping when Unmap() is + // called later. + MapInfo = AllocateZeroPool (sizeof (MAP_INFO)); + if (MapInfo == NULL) { +return EFI_OUT_OF_RESOURCES; + } + + InitializeListHead (&MapInfo->Link); + + // Initialize the MAP_INFO structure, except the NonParAddress field + MapInfo->Signature = MAP_INFO_SIG; + MapInfo->Operation = Operation; + MapInfo->NumberOfBytes = NumberOfBytes; + MapInfo->NumberOfPages = BbPages; + MapInfo->HostAddress = HostAddress; + MapInfo->BbAddress = BbAddress; + + // Open apertu
[edk2-devel] [PATCH v2 32/45] ArmVirtPkg: RMM 1.0-bet1 - Update width of RSI host call struct
The RMM 1.0-bet1 updates the width of the RsiHostCall structure to 256 (0x100) bytes. Therefore, update the RSI HOST_CALL_ARGS structure to reflect these changes. Cc: Ard Biesheuvel Cc: Leif Lindholm Cc: Gerd Hoffmann Signed-off-by: Sami Mujawar --- ArmVirtPkg/Include/Library/ArmCcaRsiLib.h | 6 +++--- ArmVirtPkg/Library/ArmCcaRsiLib/ArmCcaRsiLib.c | 6 -- 2 files changed, 7 insertions(+), 5 deletions(-) diff --git a/ArmVirtPkg/Include/Library/ArmCcaRsiLib.h b/ArmVirtPkg/Include/Library/ArmCcaRsiLib.h index af4be275d37f0376335de5344f9626c9a92c70d2..81d125a81941cc1680cfdfb08e001193851d50e5 100644 --- a/ArmVirtPkg/Include/Library/ArmCcaRsiLib.h +++ b/ArmVirtPkg/Include/Library/ArmCcaRsiLib.h @@ -11,7 +11,7 @@ - REM - Realm Extensible Measurement @par Reference(s): - - Realm Management Monitor (RMM) Specification, version A-bet0 + - Realm Management Monitor (RMM) Specification, version 1.0-bet1 (https://developer.arm.com/documentation/den0137/) **/ @@ -82,7 +82,7 @@ typedef struct RealmConfig { } REALM_CONFIG; /** A structure describing the Host Call arguments -See Section 4.4.2 RsiHostCall type, RMM Specification, version A-bet0 +See Section 4.4.2 RsiHostCall type, RMM Specification, version 1.0-bet1 */ typedef struct HostCallArgs { UINT16Imm; @@ -95,7 +95,7 @@ typedef struct HostCallArgs { UINT64Gprs4; UINT64Gprs5; UINT64Gprs6; - UINT8 Reserved[0x1000 - (sizeof (UINT64) * 8)]; + UINT8 Reserved[0x100 - (sizeof (UINT64) * 8)]; } HOST_CALL_ARGS; /** diff --git a/ArmVirtPkg/Library/ArmCcaRsiLib/ArmCcaRsiLib.c b/ArmVirtPkg/Library/ArmCcaRsiLib/ArmCcaRsiLib.c index dc41e77b55f4369e89592b5437e525baf80aa0b3..5984651f6d9d627d9fee30a4fbf11c45b3951877 100644 --- a/ArmVirtPkg/Library/ArmCcaRsiLib/ArmCcaRsiLib.c +++ b/ArmVirtPkg/Library/ArmCcaRsiLib/ArmCcaRsiLib.c @@ -11,7 +11,7 @@ - REM - Realm Extensible Measurement @par Reference(s): - - Realm Management Monitor (RMM) Specification, version A-bet0 + - Realm Management Monitor (RMM) Specification, version 1.0-bet1 (https://developer.arm.com/documentation/den0137/) **/ @@ -516,7 +516,9 @@ RsiHostCall ( return RETURN_INVALID_PARAMETER; } - STATIC_ASSERT (sizeof (HOST_CALL_ARGS) == SIZE_4KB); + // See RMM specification, version 1.0-bet1, Section B4.4.2 RsiHostCall type + // The width of the RsiHostCall structure is 256 (0x100) bytes. + STATIC_ASSERT (sizeof (HOST_CALL_ARGS) == 0x100); // Clear the reserved fields ZeroMem (&Args->Reserved1, sizeof (Args->Reserved1)); -- 'Guid(CE165669-3EF3-493F-B85D-6190EE5B9759)' -=-=-=-=-=-=-=-=-=-=-=- Groups.io Links: You receive all messages sent to this group. View/Reply Online (#117694): https://edk2.groups.io/g/devel/message/117694 Mute This Topic: https://groups.io/mt/105483434/21656 Group Owner: devel+ow...@edk2.groups.io Unsubscribe: https://edk2.groups.io/g/devel/unsub [arch...@mail-archive.com] -=-=-=-=-=-=-=-=-=-=-=-
[edk2-devel] [PATCH v2 34/45] ArmVirtPkg: RMM 1.0-eac0 - Update RsiSetIpaState parameter usage
The RMM 1.0-eac0 specification updates the parameter usage for the RSI_IPA_STATE_SET command to change the parameter 3 from IPA region size to Top of target IPA region. Therefore, update the RseSetIpaState () implementation to reflect this change. Cc: Ard Biesheuvel Cc: Leif Lindholm Cc: Gerd Hoffmann Signed-off-by: Sami Mujawar --- ArmVirtPkg/Library/ArmCcaRsiLib/ArmCcaRsiLib.c | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/ArmVirtPkg/Library/ArmCcaRsiLib/ArmCcaRsiLib.c b/ArmVirtPkg/Library/ArmCcaRsiLib/ArmCcaRsiLib.c index ceec0477d7ec9ba0ae831aa5a4f31d8a3791b9d1..59b9d7a12c82a534280595328347995f1ff51ee2 100644 --- a/ArmVirtPkg/Library/ArmCcaRsiLib/ArmCcaRsiLib.c +++ b/ArmVirtPkg/Library/ArmCcaRsiLib/ArmCcaRsiLib.c @@ -11,7 +11,7 @@ - REM - Realm Extensible Measurement @par Reference(s): - - Realm Management Monitor (RMM) Specification, version 1.0-bet2 + - Realm Management Monitor (RMM) Specification, version 1.0-eac0 (https://developer.arm.com/documentation/den0137/) **/ @@ -351,7 +351,7 @@ RsiSetIpaState ( ZeroMem (&SmcCmd, sizeof (SmcCmd)); SmcCmd.Arg0 = FID_RSI_IPA_STATE_SET; SmcCmd.Arg1 = (UINTN)BaseAddress; -SmcCmd.Arg2 = (UINTN)Size; +SmcCmd.Arg2 = (UINTN)EndAddress; SmcCmd.Arg3 = (UINTN)State; ArmCallSmc (&SmcCmd); -- 'Guid(CE165669-3EF3-493F-B85D-6190EE5B9759)' -=-=-=-=-=-=-=-=-=-=-=- Groups.io Links: You receive all messages sent to this group. View/Reply Online (#117699): https://edk2.groups.io/g/devel/message/117699 Mute This Topic: https://groups.io/mt/105483442/21656 Group Owner: devel+ow...@edk2.groups.io Unsubscribe: https://edk2.groups.io/g/devel/unsub [arch...@mail-archive.com] -=-=-=-=-=-=-=-=-=-=-=-
[edk2-devel] [PATCH v2 36/45] ArmVirtPkg: RMM 1.0-eac2 - Update RsiRealmConfig structure
The RMM 1.0-eac2 specification updates the RsiRealmConfig structure to add a new member to identify the Realm hash algorithm. Therefore, update the REALM_CONFIG structure to add a new member HashAlgorithm that represents the Realm hash value. Also add macros to define the RsiHashAlgorithm enumeration values SHA-256 and SHA-512. Cc: Ard Biesheuvel Cc: Leif Lindholm Cc: Gerd Hoffmann Signed-off-by: Sami Mujawar --- ArmVirtPkg/Include/Library/ArmCcaRsiLib.h | 18 +++--- 1 file changed, 15 insertions(+), 3 deletions(-) diff --git a/ArmVirtPkg/Include/Library/ArmCcaRsiLib.h b/ArmVirtPkg/Include/Library/ArmCcaRsiLib.h index 3d6ace866def5f10dd74afd4e9340530150f6f43..2b72ad09da85a9fd2f067db1c511d12f636d3dda 100644 --- a/ArmVirtPkg/Include/Library/ArmCcaRsiLib.h +++ b/ArmVirtPkg/Include/Library/ArmCcaRsiLib.h @@ -11,7 +11,7 @@ - REM - Realm Extensible Measurement @par Reference(s): - - Realm Management Monitor (RMM) Specification, version 1.0-bet2 + - Realm Management Monitor (RMM) Specification, version 1.0-eac2 (https://developer.arm.com/documentation/den0137/) **/ @@ -61,6 +61,16 @@ #define MIN_REM_INDEX 1 #define MAX_REM_INDEX 4 +/* The values of the RsiHashAlgorithm enumeration. + SHA-256 (Secure Hash Standard (SHS)) +*/ +#define RSI_HASH_SHA_256 0 + +/* The values of the RsiHashAlgorithm enumeration. + SHA-512 (Secure Hash Standard (SHS)) +*/ +#define RSI_HASH_SHA_512 1 + /** An enum describing the RSI RIPAS. See Section A5.2.2 Realm IPA state, RMM Specification, version A-bet0 */ @@ -71,14 +81,16 @@ typedef enum Ripas { } RIPAS; /** A structure describing the Realm Configuration. - See Section B4.4.4 RsiRealmConfig type, RMM Specification, version A-bet0 + See Section B4.4.5 RsiRealmConfig type, RMM Specification, version 1.0-eac2 The width of the RsiRealmConfig structure is 4096 (0x1000) bytes. */ typedef struct RealmConfig { // Width of IPA in bits. UINT64IpaWidth; + // Width of the RsiHashAlgorithm enumeration is 8 bits. + UINT8 HashAlgorithm; // Unused bits of the RsiRealmConfig structure should be zero. - UINT8 Reserved[SIZE_4KB - sizeof (UINT64)]; + UINT8 Reserved[SIZE_4KB - (sizeof (UINT64) + sizeof (UINT8))]; } REALM_CONFIG; /** A structure describing the Host Call arguments -- 'Guid(CE165669-3EF3-493F-B85D-6190EE5B9759)' -=-=-=-=-=-=-=-=-=-=-=- Groups.io Links: You receive all messages sent to this group. View/Reply Online (#117698): https://edk2.groups.io/g/devel/message/117698 Mute This Topic: https://groups.io/mt/105483441/21656 Group Owner: devel+ow...@edk2.groups.io Unsubscribe: https://edk2.groups.io/g/devel/unsub [arch...@mail-archive.com] -=-=-=-=-=-=-=-=-=-=-=-
[edk2-devel] [PATCH v2 25/45] ArmVirtPkg: Introduce Realm Aperture Management Protocol
The Realm Aperture Management Protocol (RAMP) is used to manage the sharing of buffers between the Guest and Host. It configures the memory regions as Protected EMPTY or Protected RAM by calling RSI_IPA_STATE_SET command. The RAMP provides interfaces that device drivers can use to open/close apertures for sharing buffers. The RAMP also keeps track of the apertures that have been opened and closes them on ExitBootServices. It also registers for reset notification and closes all open apertures before the platform resets the system. Cc: Ard Biesheuvel Cc: Leif Lindholm Cc: Gerd Hoffmann Signed-off-by: Sami Mujawar --- ArmVirtPkg/ArmVirtPkg.dec | 3 + ArmVirtPkg/Include/Protocol/RealmApertureManagementProtocol.h | 103 +++ ArmVirtPkg/RealmApertureManagementProtocolDxe/RealmApertureManagementProtocolDxe.c | 658 ArmVirtPkg/RealmApertureManagementProtocolDxe/RealmApertureManagementProtocolDxe.inf | 48 ++ 4 files changed, 812 insertions(+) diff --git a/ArmVirtPkg/ArmVirtPkg.dec b/ArmVirtPkg/ArmVirtPkg.dec index d521e107ddff15e6dc585e3a63567e3ad817189f..a6701ed3f88b9976110992dda22c11eea735cc4c 100644 --- a/ArmVirtPkg/ArmVirtPkg.dec +++ b/ArmVirtPkg/ArmVirtPkg.dec @@ -44,6 +44,9 @@ [PcdsFeatureFlag] # gArmVirtTokenSpaceGuid.PcdTpm2SupportEnabled|FALSE|BOOLEAN|0x0004 +[Protocols] + gEfiRealmApertureManagementProtocolGuid = { 0x585c00be, 0xcf7c, 0x4db8, { 0x8a, 0xa2, 0x49, 0xd, 0x67, 0xf5, 0xf6, 0xe6 } } + [PcdsFixedAtBuild, PcdsPatchableInModule] ## # This is the physical address of Rsdp which is the core struct of Acpi. diff --git a/ArmVirtPkg/Include/Protocol/RealmApertureManagementProtocol.h b/ArmVirtPkg/Include/Protocol/RealmApertureManagementProtocol.h new file mode 100644 index ..0f45fd296fd54ec536ed3d4bd7725350ab487295 --- /dev/null +++ b/ArmVirtPkg/Include/Protocol/RealmApertureManagementProtocol.h @@ -0,0 +1,103 @@ +/** @file + Realm Aperture Management Protocol (RAMP) + On Arm CCA Systems the Realm protects access and visibility of Guest memory + and code execution from software outside the realm. + + However, software executing in a Realm needs to interact with the external + world. This may be done using virtualised disk, network interfaces, etc. + The drivers for these virtualised devices need to share buffers with the host + OS to exchange information/data. + + Since the Guest memory is protected by the Realm, the host cannot access these + buffers unless the IPA state of the buffers is changed to Protected EMPTY by + the software executing in the Realm. + + By enabling the sharing of the buffers, we are essentially opening an + aperture so that the host OS can access the range of pages that are shared. + + The virtual firmware (Guest firmware) needs a mechanism to manage the sharing + of buffers. The Realm Aperture Management Protocol provides an interface that + UEFI drivers/modules can use to enable/disable the sharing of buffers with the + Host. The protocol also tracks open apertures and ensures they are shut on + ExitBootServices. + + Copyright (c) 2022 - 2023, ARM Ltd. All rights reserved. + + SPDX-License-Identifier: BSD-2-Clause-Patent + + @par Glossary: +- RAMP - Realm Aperture Management Protocol +**/ + +#ifndef REALM_APERTURE_MANAGEMENT_PROTOCOL_H_ +#define REALM_APERTURE_MANAGEMENT_PROTOCOL_H_ + +/** This macro defines the Realm Aperture Management Protocol GUID. + + GUID: {585C00BE-CF7C-4DB8-8AA2-490D67F5F6E6} +*/ +#define EDKII_REALM_APERTURE_MANAGEMENT_PROTOCOL_GUID \ + { 0x585c00be, 0xcf7c, 0x4db8, \ +{ 0x8a, 0xa2, 0x49, 0xd, 0x67, 0xf5, 0xf6, 0xe6 } \ + }; + +/** This macro defines the Realm Aperture Management Protocol Revision. +*/ +#define EDKII_REALM_APERTURE_MANAGEMENT_PROTOCOL_REVISION 0x0001 + +#pragma pack(1) + +/** Enables sharing of the memory buffers with the host. + + @param [in] Memory Pointer to the page start address. + @param [in] Pages Number of pages to share. + @param [out] ApertureReference Reference to the opened aperture. + + @retval EFI_SUCCESS Success. + @retval EFI_INVALID_PARAMETER A parameter is invalid. + @retval EFI_OUT_OF_RESOURCESMemory allocation failed. + @retval EFI_ACCESS_DENIED Aperture already open over memory region. +**/ +typedef +EFI_STATUS +(EFIAPI *EDKII_REALM_APERTURE_MANAGEMENT_PROTOCOL_OPEN_APERTURE)( + IN CONST EFI_PHYSICAL_ADDRESSMemory, + IN CONST UINTN Pages, + OUT EFI_HANDLE *CONST ApertureReference + ); + +/** Disables the sharing of the buffers. + + @param [in] ApertureReference Reference to the aperture for closing. + + @retval EFI_SUCCESS The operation completed successfully. + @retval EFI_INVALID_PARAMETER A paramete
[edk2-devel] [PATCH v2 39/45] ArmVirtPkg: RMM 1.0-eac2 - Add Flags to RsiSetIpaState()
The RMM specification 1.0-eac2 updates the RSI_IPA_STATE_SET interface to add a new parameter RsiRipasChangeFlags. The RsiRipasChangeFlags fieldset is 64 bits and the bit 0 describes the RsiRipasChangeDestroyed type which is used to indicate if a RIPAS change from DESTROYED should be permitted or not. Therefore, update the RsiSetIpaState() to add a new parameter for specifying the RsiRipasChangeFlags. Also update the usage of RsiSetIpaState() in ArmCcaInitPeiLib and in RealmApertureManagementProtocolDxe. Cc: Ard Biesheuvel Cc: Leif Lindholm Cc: Gerd Hoffmann Signed-off-by: Sami Mujawar --- ArmVirtPkg/Include/Library/ArmCcaRsiLib.h | 4 +++- ArmVirtPkg/Library/ArmCcaInitPeiLib/ArmCcaInitPeiLib.c | 3 ++- ArmVirtPkg/Library/ArmCcaRsiLib/ArmCcaRsiLib.c | 7 +-- ArmVirtPkg/RealmApertureManagementProtocolDxe/RealmApertureManagementProtocolDxe.c | 6 -- 4 files changed, 14 insertions(+), 6 deletions(-) diff --git a/ArmVirtPkg/Include/Library/ArmCcaRsiLib.h b/ArmVirtPkg/Include/Library/ArmCcaRsiLib.h index 154a5717f259502952a36312f6c3b3d6b75f15cb..5c2f996d3b4376e831a901f2919780acffec3313 100644 --- a/ArmVirtPkg/Include/Library/ArmCcaRsiLib.h +++ b/ArmVirtPkg/Include/Library/ArmCcaRsiLib.h @@ -205,6 +205,7 @@ RsiGetIpaState ( @param [in] Address Address to the start of the memory range. @param [in] SizeLength of the memory range. @param [in] State The RIPAS state to be configured. + @param [in] Flags The RIPAS change flags. @retval RETURN_SUCCESSSuccess. @retval RETURN_INVALID_PARAMETER A parameter is invalid. @@ -214,7 +215,8 @@ EFIAPI RsiSetIpaState ( IN UINT64 *Address, IN UINT64 Size, - IN RIPAS State + IN RIPAS State, + IN UINT64 Flags ); /** diff --git a/ArmVirtPkg/Library/ArmCcaInitPeiLib/ArmCcaInitPeiLib.c b/ArmVirtPkg/Library/ArmCcaInitPeiLib/ArmCcaInitPeiLib.c index 2b2801cc5426994efc15c970fd6b0adf43bd7d36..e59a990da42526e280c1951b404e318df6a7bfca 100644 --- a/ArmVirtPkg/Library/ArmCcaInitPeiLib/ArmCcaInitPeiLib.c +++ b/ArmVirtPkg/Library/ArmCcaInitPeiLib/ArmCcaInitPeiLib.c @@ -50,7 +50,8 @@ ArmCcaConfigureSystemMemory ( Status = RsiSetIpaState ( (UINT64 *)PcdGet64 (PcdSystemMemoryBase), PcdGet64 (PcdSystemMemorySize), - RipasRam + RipasRam, + RIPAS_CHANGE_FLAGS_RSI_NO_CHANGE_DESTROYED ); if (RETURN_ERROR (Status)) { // Panic diff --git a/ArmVirtPkg/Library/ArmCcaRsiLib/ArmCcaRsiLib.c b/ArmVirtPkg/Library/ArmCcaRsiLib/ArmCcaRsiLib.c index 0280d8e42882ddfb02d0a40c47a6fba7855ba84f..0535254a3991bfe7a19b904e83b9482f801da20c 100644 --- a/ArmVirtPkg/Library/ArmCcaRsiLib/ArmCcaRsiLib.c +++ b/ArmVirtPkg/Library/ArmCcaRsiLib/ArmCcaRsiLib.c @@ -11,7 +11,7 @@ - REM - Realm Extensible Measurement @par Reference(s): - - Realm Management Monitor (RMM) Specification, version 1.0-eac1 + - Realm Management Monitor (RMM) Specification, version 1.0-eac2 (https://developer.arm.com/documentation/den0137/) **/ @@ -318,6 +318,7 @@ RsiGetIpaState ( @param [in] Address Address to the start of the memory range. @param [in] SizeLength of the memory range. @param [in] State The RIPAS state to be configured. + @param [in] Flags The RIPAS change flags. @retval RETURN_SUCCESSSuccess. @retval RETURN_INVALID_PARAMETER A parameter is invalid. @@ -327,7 +328,8 @@ EFIAPI RsiSetIpaState ( IN UINT64 *Address, IN UINT64 Size, - IN RIPAS State + IN RIPAS State, + IN UINT64 Flags ) { RETURN_STATUS Status; @@ -353,6 +355,7 @@ RsiSetIpaState ( SmcCmd.Arg1 = (UINTN)BaseAddress; SmcCmd.Arg2 = (UINTN)EndAddress; SmcCmd.Arg3 = (UINTN)State; +SmcCmd.Arg4 = Flags; ArmCallSmc (&SmcCmd); Status = RsiCmdStatusToEfiStatus (SmcCmd.Arg0); diff --git a/ArmVirtPkg/RealmApertureManagementProtocolDxe/RealmApertureManagementProtocolDxe.c b/ArmVirtPkg/RealmApertureManagementProtocolDxe/RealmApertureManagementProtocolDxe.c index 991054d47b10b45ed5c211827e795d88f8942c02..9212f0f6d2522a59bf289d2699d0972a074b8f9d 100644 --- a/ArmVirtPkg/RealmApertureManagementProtocolDxe/RealmApertureManagementProtocolDxe.c +++ b/ArmVirtPkg/RealmApertureManagementProtocolDxe/RealmApertureManagementProtocolDxe.c @@ -236,7 +236,8 @@ RampOpenAperture ( Status = RsiSetIpaState ( (UINT64 *)Memory, (Pages * EFI_PAGE_SIZE), - RipasEmpty + RipasEmpty, + RIPAS_CHANGE_FLAGS_RSI_NO_CHANGE_DESTROYED ); if (RETURN_ERROR (Status)) { DEBUG (( @@ -335,7 +336,8 @@ RampCloseAperture ( Status = RsiSetIpaState ( (UINT64 *)ApertInfo->BaseAddress, (ApertInfo->Pages * EFI_PAGE_SIZE), - RipasRam +
[edk2-devel] [PATCH v2 27/45] ArmVirtPkg: Enable Virtio communication for Arm CCA
Arm CCA Realms protect the access to memory from outside the Realm. For Virtio to work the Realm Guest and the Host should be able to share buffers. Realm Aperture Management protocol (RAMP) manages the sharing of buffers between the Realm Guest and the Host, while the ArmCcaIoMmuDxe implements the EDKII_IOMMU_PROTOCOL which provides the necessary hooks so that DMA accesses can be performed by bouncing buffers using pages shared with the host. Therefore, enable the support for Realm Aperture Management Protocol and ArmCcaIoMmuDxe for Kvmtool Guest firmware. Note: The ArmCcaIoMmuDxe and RAMP check if the code is executing in a Realm before installing the respective protocols. If the code is not executing in a Realm the gIoMmuAbsentProtocolGuid is installed, thereby allowing the same firmware to be used both for normal and Realm Guest firmware. Cc: Ard Biesheuvel Cc: Leif Lindholm Cc: Gerd Hoffmann Signed-off-by: Sami Mujawar --- ArmVirtPkg/ArmVirtKvmTool.dsc | 13 +++-- ArmVirtPkg/ArmVirtKvmTool.fdf | 10 ++ 2 files changed, 21 insertions(+), 2 deletions(-) diff --git a/ArmVirtPkg/ArmVirtKvmTool.dsc b/ArmVirtPkg/ArmVirtKvmTool.dsc index 33eb280f91413141cacb6526375c2733778a853c..c358b0a55daea8f8231b037cc63005cc86fe9a18 100644 --- a/ArmVirtPkg/ArmVirtKvmTool.dsc +++ b/ArmVirtPkg/ArmVirtKvmTool.dsc @@ -401,9 +401,18 @@ [Components.common] # SecurityPkg/RandomNumberGenerator/RngDxe/RngDxe.inf -!if $(ARCH) == AARCH64 +[Components.AARCH64] # # ACPI Support # ArmVirtPkg/KvmtoolCfgMgrDxe/ConfigurationManagerDxe.inf -!endif + + # + # Realm Aperture Management + # + ArmVirtPkg/RealmApertureManagementProtocolDxe/RealmApertureManagementProtocolDxe.inf + + # + # IoMMU support for Arm CCA + # + ArmVirtPkg/ArmCcaIoMmuDxe/ArmCcaIoMmuDxe.inf diff --git a/ArmVirtPkg/ArmVirtKvmTool.fdf b/ArmVirtPkg/ArmVirtKvmTool.fdf index cdf756c11289b90cb3815295a6cb38cb2f74916f..07d86f649e01a9e61f2acb76f748a95eb57c0a6e 100644 --- a/ArmVirtPkg/ArmVirtKvmTool.fdf +++ b/ArmVirtPkg/ArmVirtKvmTool.fdf @@ -212,6 +212,16 @@ [FV.FvMain] !include DynamicTablesPkg/DynamicTables.fdf.inc INF ArmVirtPkg/KvmtoolCfgMgrDxe/ConfigurationManagerDxe.inf + + # + # Realm Aperture Management + # + INF ArmVirtPkg/RealmApertureManagementProtocolDxe/RealmApertureManagementProtocolDxe.inf + + # + # IoMMU support for Arm CCA + # + INF ArmVirtPkg/ArmCcaIoMmuDxe/ArmCcaIoMmuDxe.inf !endif # -- 'Guid(CE165669-3EF3-493F-B85D-6190EE5B9759)' -=-=-=-=-=-=-=-=-=-=-=- Groups.io Links: You receive all messages sent to this group. View/Reply Online (#117695): https://edk2.groups.io/g/devel/message/117695 Mute This Topic: https://groups.io/mt/105483435/21656 Group Owner: devel+ow...@edk2.groups.io Unsubscribe: https://edk2.groups.io/g/devel/unsub [arch...@mail-archive.com] -=-=-=-=-=-=-=-=-=-=-=-
[edk2-devel] [PATCH v2 31/45] ArmVirtPkg: ArmCcaRsiLib: Fix size of Imm field in HostCallArgs
The section B4.4.2 'RsiHostCall type' of the RMM specification version A-bet0 specifies the Imm field in HostCallArgs structure as a 16 bit wide value and the offset for the gprs[0] field is 0x8, which means the 6 bytes after the Imm field are padded. Therefore, define the Imm field as UINT16 and add an additional field UINT8 Reserved1[6] for padding. Also update the RsiHostCall() to initialise the Reserved1 field to zero. Cc: Ard Biesheuvel Cc: Leif Lindholm Cc: Gerd Hoffmann Signed-off-by: Sami Mujawar --- ArmVirtPkg/Include/Library/ArmCcaRsiLib.h | 4 +++- ArmVirtPkg/Library/ArmCcaRsiLib/ArmCcaRsiLib.c | 1 + 2 files changed, 4 insertions(+), 1 deletion(-) diff --git a/ArmVirtPkg/Include/Library/ArmCcaRsiLib.h b/ArmVirtPkg/Include/Library/ArmCcaRsiLib.h index db1ae5b4c1a6475a275ce6be3383ea933ec9af20..af4be275d37f0376335de5344f9626c9a92c70d2 100644 --- a/ArmVirtPkg/Include/Library/ArmCcaRsiLib.h +++ b/ArmVirtPkg/Include/Library/ArmCcaRsiLib.h @@ -85,7 +85,9 @@ typedef struct RealmConfig { See Section 4.4.2 RsiHostCall type, RMM Specification, version A-bet0 */ typedef struct HostCallArgs { - UINT64Imm; + UINT16Imm; + UINT8 Reserved1[6]; + UINT64Gprs0; UINT64Gprs1; UINT64Gprs2; diff --git a/ArmVirtPkg/Library/ArmCcaRsiLib/ArmCcaRsiLib.c b/ArmVirtPkg/Library/ArmCcaRsiLib/ArmCcaRsiLib.c index 79a65300f05af665b3afebe2a8f8b1f6faf76f23..dc41e77b55f4369e89592b5437e525baf80aa0b3 100644 --- a/ArmVirtPkg/Library/ArmCcaRsiLib/ArmCcaRsiLib.c +++ b/ArmVirtPkg/Library/ArmCcaRsiLib/ArmCcaRsiLib.c @@ -519,6 +519,7 @@ RsiHostCall ( STATIC_ASSERT (sizeof (HOST_CALL_ARGS) == SIZE_4KB); // Clear the reserved fields + ZeroMem (&Args->Reserved1, sizeof (Args->Reserved1)); ZeroMem (&Args->Reserved, sizeof (Args->Reserved)); ZeroMem (&SmcCmd, sizeof (SmcCmd)); -- 'Guid(CE165669-3EF3-493F-B85D-6190EE5B9759)' -=-=-=-=-=-=-=-=-=-=-=- Groups.io Links: You receive all messages sent to this group. View/Reply Online (#117693): https://edk2.groups.io/g/devel/message/117693 Mute This Topic: https://groups.io/mt/105483432/21656 Group Owner: devel+ow...@edk2.groups.io Unsubscribe: https://edk2.groups.io/g/devel/unsub [arch...@mail-archive.com] -=-=-=-=-=-=-=-=-=-=-=-
[edk2-devel] [PATCH v2 16/45] ArmVirtPkg: Qemu: Add a NULL implementation of ArmCcaConfigureMmio
To support Arm CCA, a hook function ArmCcaConfigureMmio () has been added to the ArmVirtMemInfoLib library. Since, Arm CCA has not been enabled for the Qemu guest firmware, update the QemuVirtMemInfoLib library to add a NULL implementation for ArmCcaConfigureMmio () that returns RETURN_UNSUPPORTED. Cc: Ard Biesheuvel Cc: Leif Lindholm Cc: Gerd Hoffmann Signed-off-by: Sami Mujawar --- ArmVirtPkg/Library/QemuVirtMemInfoLib/QemuVirtMemInfoLib.c | 21 1 file changed, 21 insertions(+) diff --git a/ArmVirtPkg/Library/QemuVirtMemInfoLib/QemuVirtMemInfoLib.c b/ArmVirtPkg/Library/QemuVirtMemInfoLib/QemuVirtMemInfoLib.c index 62fa62e5f04668227f7412252212e0462114f85a..18fc8a4447bda601d144c240cb2d355d99321aa5 100644 --- a/ArmVirtPkg/Library/QemuVirtMemInfoLib/QemuVirtMemInfoLib.c +++ b/ArmVirtPkg/Library/QemuVirtMemInfoLib/QemuVirtMemInfoLib.c @@ -1,6 +1,7 @@ /** @file Copyright (c) 2014-2017, Linaro Limited. All rights reserved. + Copyright (c) 2023, Arm Limited. All rights reserved. SPDX-License-Identifier: BSD-2-Clause-Patent @@ -122,3 +123,23 @@ ArmVirtGetMemoryMap ( *VirtualMemoryMap = VirtualMemoryTable; } + +/** + Configure the MMIO regions as shared with the VMM. + + Set the protection attribute for the MMIO regions as Unprotected IPA. + + @param[in]IpaWidth IPA width of the Realm. + + @retval RETURN_SUCCESSSuccess. + @retval RETURN_INVALID_PARAMETER A parameter is invalid. + @retval RETURN_UNSUPPORTEDThe execution context is not in a Realm. +**/ +EFI_STATUS +EFIAPI +ArmCcaConfigureMmio ( + IN UINT64 IpaWidth + ) +{ + return RETURN_UNSUPPORTED; +} -- 'Guid(CE165669-3EF3-493F-B85D-6190EE5B9759)' -=-=-=-=-=-=-=-=-=-=-=- Groups.io Links: You receive all messages sent to this group. View/Reply Online (#117691): https://edk2.groups.io/g/devel/message/117691 Mute This Topic: https://groups.io/mt/105483430/21656 Group Owner: devel+ow...@edk2.groups.io Unsubscribe: https://edk2.groups.io/g/devel/unsub [arch...@mail-archive.com] -=-=-=-=-=-=-=-=-=-=-=-
[edk2-devel] [PATCH v2 29/45] ArmVirtPkg: Kvmtool: Switch to use BaseRng for AArch64
The kvmtool guest firmware is using the default RNG library defined in ArmVirtPkg.dsc.inc which is BaseRngLibTimerLib. BaseRngLibTimerLib is only present to use for test purposes on platforms that do not have a suitable RNG source and must not be used for production purposes. Armv8.5 introduces random number instructions (e.g., RNDR) which return a 64-bit random number. Although, this feature is optional, it can be assumed that most modern platforms will implement this support. This feature i.e. FEAT_RNG can be discovered by examining the processor feature registers. It is therefore desirable to use the RNDR instructions instead of using the default BaseRngLibTimerLib which is unsafe. The BaseRngLib in MdePkg already implements the RNG support using RNDR. However, it is worth noting that FEAT_RNG is supported in AArch64 state only. Therefore, switch to using the BaseRngLib instance for AArch64 firmware builds. The AArch32 firmware builds will continue to use BaseRngLibTimerLib. Note: The guest firmware already supports Virtio RNG. So, should the processor not implement FEAT_RNG, the guest firmware can fall back to use Virtio RNG. Cc: Ard Biesheuvel Cc: Leif Lindholm Cc: Gerd Hoffmann Signed-off-by: Sami Mujawar --- ArmVirtPkg/ArmVirtKvmTool.dsc | 1 + 1 file changed, 1 insertion(+) diff --git a/ArmVirtPkg/ArmVirtKvmTool.dsc b/ArmVirtPkg/ArmVirtKvmTool.dsc index c358b0a55daea8f8231b037cc63005cc86fe9a18..835e4f1a5a618537d885682322a288f12b8ce8dd 100644 --- a/ArmVirtPkg/ArmVirtKvmTool.dsc +++ b/ArmVirtPkg/ArmVirtKvmTool.dsc @@ -90,6 +90,7 @@ [LibraryClasses.common] [LibraryClasses.AARCH64] ArmCcaLib|ArmVirtPkg/Library/ArmCcaLib/ArmCcaLib.inf ArmCcaRsiLib|ArmVirtPkg/Library/ArmCcaRsiLib/ArmCcaRsiLib.inf + RngLib|MdePkg/Library/BaseRngLib/BaseRngLib.inf [LibraryClasses.common.SEC, LibraryClasses.common.PEI_CORE, LibraryClasses.common.PEIM] PciExpressLib|MdePkg/Library/BasePciExpressLib/BasePciExpressLib.inf -- 'Guid(CE165669-3EF3-493F-B85D-6190EE5B9759)' -=-=-=-=-=-=-=-=-=-=-=- Groups.io Links: You receive all messages sent to this group. View/Reply Online (#117692): https://edk2.groups.io/g/devel/message/117692 Mute This Topic: https://groups.io/mt/105483431/21656 Group Owner: devel+ow...@edk2.groups.io Unsubscribe: https://edk2.groups.io/g/devel/unsub [arch...@mail-archive.com] -=-=-=-=-=-=-=-=-=-=-=-
[edk2-devel] [PATCH v2 19/45] ArmVirtPkg: Kvmtool: Use Null version of DebugLib in PrePi
The patch at "6c8a08bd8a680 ArmVirtPkg/PrePi: Ensure timely execution of library constructors" moved the processing of library constructors before the MMU is initialised. This resulted in the BaseDebugLibSerialPort library constructor BaseDebugLibSerialPortConstructor () which initialises the serial port, being invoked before the MMU is enabled. However, the Realm Code requires the protection attribute of the MMIO regions to be configured as unprotected (shared with the host), which requires the MMU to be enabled. Otherwise, accesses to the MMIO region result in a synchronous external abort being reflected to the Realm by the RMM. Therefore, link the Null version of DebugLib in PrePi stage. Cc: Ard Biesheuvel Cc: Leif Lindholm Cc: Gerd Hoffmann Signed-off-by: Sami Mujawar --- ArmVirtPkg/ArmVirtKvmTool.dsc | 1 + 1 file changed, 1 insertion(+) diff --git a/ArmVirtPkg/ArmVirtKvmTool.dsc b/ArmVirtPkg/ArmVirtKvmTool.dsc index 20da3319667900e64755272fa110d57452d1fc67..d09b3e06928ad70dba8581bd605a7c76b231ba61 100644 --- a/ArmVirtPkg/ArmVirtKvmTool.dsc +++ b/ArmVirtPkg/ArmVirtKvmTool.dsc @@ -250,6 +250,7 @@ [Components.common] # ArmVirtPkg/PrePi/ArmVirtPrePiUniCoreRelocatable.inf { + DebugLib|MdePkg/Library/BaseDebugLibNull/BaseDebugLibNull.inf ExtractGuidedSectionLib|EmbeddedPkg/Library/PrePiExtractGuidedSectionLib/PrePiExtractGuidedSectionLib.inf LzmaDecompressLib|MdeModulePkg/Library/LzmaCustomDecompressLib/LzmaCustomDecompressLib.inf PrePiLib|EmbeddedPkg/Library/PrePiLib/PrePiLib.inf -- 'Guid(CE165669-3EF3-493F-B85D-6190EE5B9759)' -=-=-=-=-=-=-=-=-=-=-=- Groups.io Links: You receive all messages sent to this group. View/Reply Online (#117690): https://edk2.groups.io/g/devel/message/117690 Mute This Topic: https://groups.io/mt/105483429/21656 Group Owner: devel+ow...@edk2.groups.io Unsubscribe: https://edk2.groups.io/g/devel/unsub [arch...@mail-archive.com] -=-=-=-=-=-=-=-=-=-=-=-
[edk2-devel] [PATCH v2 05/45] ArmVirtPkg: ArmCcaRsiLib: Add interfaces to manage the Realm IPA state
The IPA space of a Realm is divided into two halves: Protected IPA space and Unprotected IPA space. Software in a Realm should treat the most significant bit of an IPA as a protection attribute. A Protected IPA is an address in the lower half of a Realm's IPA space. An Unprotected IPA is an address in the upper half of a Realm's IPA space. A Protected IPA has an associated Realm IPA state (RIPAS). The RIPAS values are: * EMPTY - Unused address * RAM- Private code or data owned by the Realm. Software in the Realm needs to share memory with the host to communicate with the outside world, e.g. network, disk image, etc. To share memory, the software in the Realm first transitions the RIPAS of memory region it wants to share with the host from RAM to EMPTY. The Realm software can then access the shared memory region using the Unprotected IPA address. The RMM specification defines the following Realm Service Interfaces for managing the IPA state: * RSI_IPA_STATE_GET * RSI_IPA_STATE_SET Therefore, update the ArmCcaRsiLib to add interfaces to get and set the IPA state of Realm memory pages. Cc: Ard Biesheuvel Cc: Leif Lindholm Cc: Gerd Hoffmann Signed-off-by: Sami Mujawar --- ArmVirtPkg/Include/Library/ArmCcaRsiLib.h | 50 +++ ArmVirtPkg/Library/ArmCcaRsiLib/ArmCcaRsi.h| 7 +- ArmVirtPkg/Library/ArmCcaRsiLib/ArmCcaRsiLib.c | 92 3 files changed, 147 insertions(+), 2 deletions(-) diff --git a/ArmVirtPkg/Include/Library/ArmCcaRsiLib.h b/ArmVirtPkg/Include/Library/ArmCcaRsiLib.h index ab70240b3ab2979996f20190ddf669b53183556b..0c7f1afc78252b286a20dd8a7a81d538cf76ea8f 100644 --- a/ArmVirtPkg/Include/Library/ArmCcaRsiLib.h +++ b/ArmVirtPkg/Include/Library/ArmCcaRsiLib.h @@ -6,6 +6,7 @@ - Rsi or RSI - Realm Service Interface - IPA - Intermediate Physical Address +- RIPAS- Realm IPA state @par Reference(s): - Realm Management Monitor (RMM) Specification, version A-bet0 @@ -24,6 +25,21 @@ */ #define REALM_GRANULE_SIZE SIZE_4KB +/** + A macro defining the mask for the RSI RIPAS type. + See Section B4.4.5 RsiRipas type, RMM Specification, version A-bet0. +*/ +#define RIPAS_TYPE_MASK 0xFF + +/** An enum describing the RSI RIPAS. + See Section A5.2.2 Realm IPA state, RMM Specification, version A-bet0 +*/ +typedef enum Ripas { + RipasEmpty, ///< Unused IPA location. + RipasRam,///< Private code or data owned by the Realm. + RipasMax ///< A valid RIPAS type value is less than RipasMax. +} RIPAS; + /** A structure describing the Realm Configuration. See Section B4.4.4 RsiRealmConfig type, RMM Specification, version A-bet0 The width of the RsiRealmConfig structure is 4096 (0x1000) bytes. @@ -35,6 +51,40 @@ typedef struct RealmConfig { UINT8 Reserved[SIZE_4KB - sizeof (UINT64)]; } REALM_CONFIG; +/** + Returns the IPA state for the page pointed by the address. + + @param [in] Address Address to retrive IPA state. + @param [out] State The RIPAS state for the address specified. + + @retval RETURN_SUCCESSSuccess. + @retval RETURN_INVALID_PARAMETER A parameter is invalid. +**/ +RETURN_STATUS +EFIAPI +RsiGetIpaState ( + IN UINT64 *Address, + OUT RIPAS *State + ); + +/** + Sets the IPA state for the pages pointed by the memory range. + + @param [in] Address Address to the start of the memory range. + @param [in] SizeLength of the memory range. + @param [in] State The RIPAS state to be configured. + + @retval RETURN_SUCCESSSuccess. + @retval RETURN_INVALID_PARAMETER A parameter is invalid. +**/ +RETURN_STATUS +EFIAPI +RsiSetIpaState ( + IN UINT64 *Address, + IN UINT64 Size, + IN RIPAS State + ); + /** Read the Realm Configuration. diff --git a/ArmVirtPkg/Library/ArmCcaRsiLib/ArmCcaRsi.h b/ArmVirtPkg/Library/ArmCcaRsiLib/ArmCcaRsi.h index 90e9dbb609679c82cd8e8ee8081428fd97021f97..9cc12bc5a70b457367077d0b26011c3b91fa63c9 100644 --- a/ArmVirtPkg/Library/ArmCcaRsiLib/ArmCcaRsi.h +++ b/ArmVirtPkg/Library/ArmCcaRsiLib/ArmCcaRsi.h @@ -7,6 +7,7 @@ @par Glossary: - Rsi or RSI - Realm Service Interface - IPA - Intermediate Physical Address +- RIPAS- Realm IPA state @par Reference(s): - Realm Management Monitor (RMM) Specification, version A-bet0 @@ -17,8 +18,10 @@ #define ARM_CCA_RSI_H_ // FIDs for Realm Service Interface calls. -#define FID_RSI_REALM_CONFIG 0xC4000196 -#define FID_RSI_VERSION 0xC4000190 +#define FID_RSI_IPA_STATE_GET 0xC4000198 +#define FID_RSI_IPA_STATE_SET 0xC4000197 +#define FID_RSI_REALM_CONFIG 0xC4000196 +#define FID_RSI_VERSION0xC4000190 /** RSI Command Return codes See Section B4.4.1, RMM Specification, version A-bet0. diff --git a/ArmVirtPkg/Library/ArmCcaRsiLib/ArmCcaRsiLib.c b/ArmVirtPkg/Library/ArmCcaRsiLib/ArmCcaRsiLib.c index 42b99fb7a71c8b38512a2f7472f9bc8a034fe1e9..546df9a94cb86533b37f
[edk2-devel] [PATCH v2 15/45] ArmVirtPkg: CloudHv: Add a NULL implementation of ArmCcaConfigureMmio
To support Arm CCA, a hook function ArmCcaConfigureMmio () has been added to the ArmVirtMemInfoLib library. Since, Arm CCA has not been enabled for the Cloud Hypervisor guest firmware, update the CloudHvVirtMemInfoLib library to add a NULL implementation for ArmCcaConfigureMmio () that returns RETURN_UNSUPPORTED. Cc: Ard Biesheuvel Cc: Leif Lindholm Cc: Gerd Hoffmann Signed-off-by: Sami Mujawar --- ArmVirtPkg/Library/CloudHvVirtMemInfoLib/CloudHvVirtMemInfoLib.c | 22 +++- 1 file changed, 21 insertions(+), 1 deletion(-) diff --git a/ArmVirtPkg/Library/CloudHvVirtMemInfoLib/CloudHvVirtMemInfoLib.c b/ArmVirtPkg/Library/CloudHvVirtMemInfoLib/CloudHvVirtMemInfoLib.c index 98cc13870599c10bfab5029de9f7730a67099b72..c47ddc4a16caf9b3755617627718789098aa2f26 100644 --- a/ArmVirtPkg/Library/CloudHvVirtMemInfoLib/CloudHvVirtMemInfoLib.c +++ b/ArmVirtPkg/Library/CloudHvVirtMemInfoLib/CloudHvVirtMemInfoLib.c @@ -1,6 +1,6 @@ /** @file - Copyright (c) 2022, Arm Limited. All rights reserved. + Copyright (c) 2022 - 2023, Arm Limited. All rights reserved. SPDX-License-Identifier: BSD-2-Clause-Patent @@ -241,3 +241,23 @@ ArmVirtGetMemoryMap ( *VirtualMemoryMap = VirtualMemoryTable; } + +/** + Configure the MMIO regions as shared with the VMM. + + Set the protection attribute for the MMIO regions as Unprotected IPA. + + @param[in]IpaWidth IPA width of the Realm. + + @retval RETURN_SUCCESSSuccess. + @retval RETURN_INVALID_PARAMETER A parameter is invalid. + @retval RETURN_UNSUPPORTEDThe execution context is not in a Realm. +**/ +EFI_STATUS +EFIAPI +ArmCcaConfigureMmio ( + IN UINT64 IpaWidth + ) +{ + return RETURN_UNSUPPORTED; +} -- 'Guid(CE165669-3EF3-493F-B85D-6190EE5B9759)' -=-=-=-=-=-=-=-=-=-=-=- Groups.io Links: You receive all messages sent to this group. View/Reply Online (#117679): https://edk2.groups.io/g/devel/message/117679 Mute This Topic: https://groups.io/mt/105483417/21656 Group Owner: devel+ow...@edk2.groups.io Unsubscribe: https://edk2.groups.io/g/devel/unsub [arch...@mail-archive.com] -=-=-=-=-=-=-=-=-=-=-=-
[edk2-devel] [PATCH v2 18/45] ArmVirtPkg: Configure the MMIO regions for Arm CCA
The IPA space of a Realm is divided into two halves: - Protected IPA space and - Unprotected IPA space. Software in a Realm should treat the most significant bit of an IPA as a protection attribute. The Unprotected IPA space is used for sharing memory and for performing MMIO accesses with the Host. An Unprotected IPA is an address in the upper half of a Realm's IPA space. The most significant bit of an Unprotected IPA is 1. The page tables for the MMIO regions must be updated to set the most significant bit of the IPA space. Therefore, implement ArmCcaConfigureMmio () which configures the MMIO regions as Unprotected IPA by setting the protection attribute in the page tables for the MMIO regions. Cc: Ard Biesheuvel Cc: Leif Lindholm Cc: Gerd Hoffmann Signed-off-by: Sami Mujawar --- ArmVirtPkg/Library/KvmtoolVirtMemInfoLib/KvmtoolVirtMemInfoLib.c | 39 +++- ArmVirtPkg/Library/KvmtoolVirtMemInfoLib/KvmtoolVirtMemInfoLib.inf | 3 +- 2 files changed, 40 insertions(+), 2 deletions(-) diff --git a/ArmVirtPkg/Library/KvmtoolVirtMemInfoLib/KvmtoolVirtMemInfoLib.c b/ArmVirtPkg/Library/KvmtoolVirtMemInfoLib/KvmtoolVirtMemInfoLib.c index 79412897f2251712fafa4a9633b44235f2d7bb9b..a4fee904a43ccb8844ceaea992698a99df2a8b3c 100644 --- a/ArmVirtPkg/Library/KvmtoolVirtMemInfoLib/KvmtoolVirtMemInfoLib.c +++ b/ArmVirtPkg/Library/KvmtoolVirtMemInfoLib/KvmtoolVirtMemInfoLib.c @@ -1,14 +1,16 @@ /** @file Kvmtool virtual memory map library. - Copyright (c) 2018 - 2020, ARM Limited. All rights reserved. + Copyright (c) 2018 - 2023, Arm Limited. All rights reserved. SPDX-License-Identifier: BSD-2-Clause-Patent **/ #include +#include #include +#include #include #include #include @@ -96,3 +98,38 @@ ArmVirtGetMemoryMap ( *VirtualMemoryMap = VirtualMemoryTable; } + +/** + Configure the MMIO regions as shared with the VMM. + + Set the protection attribute for the MMIO regions as Unprotected IPA. + + @param[in]IpaWidth IPA width of the Realm. + + @retval RETURN_SUCCESSSuccess. + @retval RETURN_INVALID_PARAMETER A parameter is invalid. + @retval RETURN_UNSUPPORTEDThe execution context is not in a Realm. +**/ +EFI_STATUS +EFIAPI +ArmCcaConfigureMmio ( + IN UINT64 IpaWidth + ) +{ + EFI_STATUS Status; + + if (!IsRealm ()) { +return RETURN_UNSUPPORTED; + } + + // Set the protection attribute for the Peripheral memory. + // Peripheral space before DRAM + Status = ArmCcaSetMemoryProtectAttribute ( + 0, + PcdGet64 (PcdSystemMemoryBase), + IpaWidth, + TRUE + ); + ASSERT_EFI_ERROR (Status); + return Status; +} diff --git a/ArmVirtPkg/Library/KvmtoolVirtMemInfoLib/KvmtoolVirtMemInfoLib.inf b/ArmVirtPkg/Library/KvmtoolVirtMemInfoLib/KvmtoolVirtMemInfoLib.inf index a354e734ab1b7308a3e52b4e2b4885ef29592681..8e157a44dc9d11b9258d3f6182d5b169ec97ae9c 100644 --- a/ArmVirtPkg/Library/KvmtoolVirtMemInfoLib/KvmtoolVirtMemInfoLib.inf +++ b/ArmVirtPkg/Library/KvmtoolVirtMemInfoLib/KvmtoolVirtMemInfoLib.inf @@ -1,7 +1,7 @@ ## @file # Kvmtool virtual memory map library. # -# Copyright (c) 2018, ARM Limited. All rights reserved. +# Copyright (c) 2018 - 2023, Arm Limited. All rights reserved. # # SPDX-License-Identifier: BSD-2-Clause-Patent # @@ -26,6 +26,7 @@ [Packages] MdePkg/MdePkg.dec [LibraryClasses] + ArmCcaLib ArmLib BaseLib BaseMemoryLib -- 'Guid(CE165669-3EF3-493F-B85D-6190EE5B9759)' -=-=-=-=-=-=-=-=-=-=-=- Groups.io Links: You receive all messages sent to this group. View/Reply Online (#117683): https://edk2.groups.io/g/devel/message/117683 Mute This Topic: https://groups.io/mt/105483421/21656 Group Owner: devel+ow...@edk2.groups.io Unsubscribe: https://edk2.groups.io/g/devel/unsub [arch...@mail-archive.com] -=-=-=-=-=-=-=-=-=-=-=-
[edk2-devel] [PATCH v2 20/45] ArmVirtPkg: Introduce ArmVirtMonitorLib library
ArmMonitorLib provides an abstraction for invoking monitor calls using a SMC or HVC conduit based on the value configured in the PCD PcdMonitorConduitHvc. The monitor call conduit is fixed for a platform firmware in most scenarios. For a normal virtual machine guest firmware, the default conduit is HVC. However, for Arm CCA the Realm code must use SMC as the conduit. To have a common code base for Guest/Virtual firmware to be used by both normal VMs and Realm VMs, the firmware must dynamically detect the conduit to be used. Some VMMs like kvmtool setup the PSCI conduit to be used in the device tree it hands off to the firmware. Therefore, introduce an ArmVirt instance of ArmMontorLib that parses this device tree to read the PSCI conduit value and issues monitor calls using the appropriate conduit. Cc: Ard Biesheuvel Cc: Leif Lindholm Cc: Gerd Hoffmann Signed-off-by: Sami Mujawar --- ArmVirtPkg/Library/ArmVirtMonitorLib/ArmVirtMonitorLib.c | 119 ArmVirtPkg/Library/ArmVirtMonitorLib/ArmVirtMonitorLib.inf | 37 ++ 2 files changed, 156 insertions(+) diff --git a/ArmVirtPkg/Library/ArmVirtMonitorLib/ArmVirtMonitorLib.c b/ArmVirtPkg/Library/ArmVirtMonitorLib/ArmVirtMonitorLib.c new file mode 100644 index ..a13bec36b3537a2348e7883c29c5beb6e55dc64b --- /dev/null +++ b/ArmVirtPkg/Library/ArmVirtMonitorLib/ArmVirtMonitorLib.c @@ -0,0 +1,119 @@ +/** @file + Arm Monitor Library. + + Copyright (c) 2022 - 2023, Arm Limited. All rights reserved. + + SPDX-License-Identifier: BSD-2-Clause-Patent + +**/ + +#include + +#include +#include +#include +#include +#include +#include +#include + +/** + An enum representing the PSCI conduits for issuing monitor calls. +*/ +typedef enum PsciConduit { + PsciConduitHvc, // < HVC conduit + PsciConduitSmc, // < SMC conduit + PsciConduitMax +} PSCI_CONDUIT; + +/** + A variable that stores the PSCI conduit to be used. +*/ +STATIC PSCI_CONDUIT mArmPsciConduit = PsciConduitMax; + +/** Monitor call. + + An HyperVisor Call (HVC) or System Monitor Call (SMC) will be issued + depending on the conduit. The library constructor for ArmVirtMonitorLib + determines the conduit by parsing the Device Tree handed off by the VMM + and initialising mArmPsciConduit. + + @param [in,out] ArgsArguments for the HVC/SMC. +**/ +VOID +EFIAPI +ArmMonitorCall ( + IN OUT ARM_MONITOR_ARGS *Args + ) +{ + switch (mArmPsciConduit) { +case PsciConduitHvc: + ArmCallHvc ((ARM_HVC_ARGS *)Args); + break; +case PsciConduitSmc: + ArmCallSmc ((ARM_SMC_ARGS *)Args); + break; +default: + ASSERT (0); + CpuDeadLoop (); + } +} + +/** Constructor for ArmVirtMonitorLib. + + The library constructor for ArmVirtMonitorLib determines the conduit + by parsing the Device Tree handed off by the VMM and initialising + mArmPsciConduit, which can then be used to select the appropriate + conduit for invoking the monitor call. + + @retval RETURN_SUCCESSThe constructor always returns RETURN_SUCCESS. + @retval RETURN_NOT_FOUND An entry for the PSCI conduit was not found in +the platform device tree. +**/ +RETURN_STATUS +EFIAPI +ArmVirtMonitorLibConstructor ( + VOID + ) +{ + RETURN_STATUSStatus; + FDT_CLIENT_PROTOCOL *FdtClient; + CONST VOID *Prop; + + Status = gBS->LocateProtocol ( + &gFdtClientProtocolGuid, + NULL, + (VOID **)&FdtClient + ); + if (RETURN_ERROR (Status)) { +ASSERT (0); +return Status; + } + + Status = FdtClient->FindCompatibleNodeProperty ( +FdtClient, +"arm,psci-0.2", +"method", +&Prop, +NULL +); + if (RETURN_ERROR (Status)) { +return Status; + } + + if (AsciiStrnCmp (Prop, "hvc", 3) == 0) { +mArmPsciConduit = PsciConduitHvc; + } else if (AsciiStrnCmp (Prop, "smc", 3) == 0) { +mArmPsciConduit = PsciConduitSmc; + } else { +DEBUG (( + DEBUG_ERROR, + "%a: Unknown PSCI method \"%a\"\n", + __func__, + Prop + )); +return RETURN_NOT_FOUND; + } + + return RETURN_SUCCESS; +} diff --git a/ArmVirtPkg/Library/ArmVirtMonitorLib/ArmVirtMonitorLib.inf b/ArmVirtPkg/Library/ArmVirtMonitorLib/ArmVirtMonitorLib.inf new file mode 100644 index ..d90f92d5faff96de9cd0433c1de18b0168b42592 --- /dev/null +++ b/ArmVirtPkg/Library/ArmVirtMonitorLib/ArmVirtMonitorLib.inf @@ -0,0 +1,37 @@ +## @file +# Arm Virt Monitor Library +# +# Copyright (c) 2022 - 2023, Arm Limited. All rights reserved. +# +# SPDX-License-Identifier: BSD-2-Clause-Patent +## + +[Defines] + INF_VERSION= 1.29 + BASE_NAME = ArmVirtMonitorLib + FILE_GUID = 3E464134-890D-4C3F-A559-D0FE2803E332 + M
[edk2-devel] [PATCH v2 22/45] ArmVirtPkg: Add Arm CCA libraries for Kvmtool guest firmware
The following libraries have been introduced for Arm CCA: * ArmCcaInitPeiLib - provides functions for ARM CCA initialisations in early PEI phase. * ArmCcaLib- provides the necessary helper functions for Arm CCA * ArmCcaRsiLib - implements functions to call the Realm Service Interface. Therefore, add these libraries in the Kvmtool guest firmware workspace as part of enabling support for Arm CCA. Cc: Ard Biesheuvel Cc: Leif Lindholm Cc: Gerd Hoffmann Signed-off-by: Sami Mujawar --- ArmVirtPkg/ArmVirtKvmTool.dsc | 7 +++ 1 file changed, 7 insertions(+) diff --git a/ArmVirtPkg/ArmVirtKvmTool.dsc b/ArmVirtPkg/ArmVirtKvmTool.dsc index a310fbd53ec7a37805865525da142e0610846f86..33eb280f91413141cacb6526375c2733778a853c 100644 --- a/ArmVirtPkg/ArmVirtKvmTool.dsc +++ b/ArmVirtPkg/ArmVirtKvmTool.dsc @@ -87,6 +87,10 @@ [LibraryClasses.common] ArmMonitorLib|ArmVirtPkg/Library/ArmVirtMonitorLib/ArmVirtMonitorLib.inf ArmTrngLib|ArmPkg/Library/ArmTrngLib/ArmTrngLib.inf +[LibraryClasses.AARCH64] + ArmCcaLib|ArmVirtPkg/Library/ArmCcaLib/ArmCcaLib.inf + ArmCcaRsiLib|ArmVirtPkg/Library/ArmCcaRsiLib/ArmCcaRsiLib.inf + [LibraryClasses.common.SEC, LibraryClasses.common.PEI_CORE, LibraryClasses.common.PEIM] PciExpressLib|MdePkg/Library/BasePciExpressLib/BasePciExpressLib.inf PlatformHookLib|ArmVirtPkg/Library/Fdt16550SerialPortHookLib/EarlyFdt16550SerialPortHookLib.inf @@ -100,6 +104,9 @@ [LibraryClasses.common.DXE_RUNTIME_DRIVER] DebugLib|MdePkg/Library/DxeRuntimeDebugLibSerialPort/DxeRuntimeDebugLibSerialPort.inf !endif +[LibraryClasses.AARCH64.SEC, LibraryClasses.AARCH64.PEI_CORE, LibraryClasses.AARCH64.PEIM] + ArmCcaInitPeiLib|ArmVirtPkg/Library/ArmCcaInitPeiLib/ArmCcaInitPeiLib.inf + [LibraryClasses.common.UEFI_DRIVER] UefiScsiLib|MdePkg/Library/UefiScsiLib/UefiScsiLib.inf -- 'Guid(CE165669-3EF3-493F-B85D-6190EE5B9759)' -=-=-=-=-=-=-=-=-=-=-=- Groups.io Links: You receive all messages sent to this group. View/Reply Online (#117689): https://edk2.groups.io/g/devel/message/117689 Mute This Topic: https://groups.io/mt/105483428/21656 Group Owner: devel+ow...@edk2.groups.io Unsubscribe: https://edk2.groups.io/g/devel/unsub [arch...@mail-archive.com] -=-=-=-=-=-=-=-=-=-=-=-
[edk2-devel] [PATCH v2 08/45] ArmVirtPkg: ArmCcaRsiLib: Add an interface to make a RSI Host Call
The Section A4.5 Host call, RMM Specification, version A-bet0 describes the programming model for Realm communication with the Host and specifies the following: DYDJWT - A Host call is a call made by the Realm to the Host, by execution of the RSI_HOST_CALL command. IXNFKZ - A Host call can be used by a Realm to make a hypercall. DYDJWT - A Host call is a call made by the Realm to the Host, by execution of the RSI_HOST_CALL command. Therefore, introduce definition of HOST_CALL_ARGS structure that represents the arguments to the RSI_HOST_CALL command as defined in Section B4.3.3 RSI_HOST_CALL command. Also update the ArmCcaRsiLib library to add a new interface RsiHostCall () to make a Host call. Cc: Ard Biesheuvel Cc: Leif Lindholm Cc: Gerd Hoffmann Signed-off-by: Sami Mujawar --- ArmVirtPkg/Include/Library/ArmCcaRsiLib.h | 36 ++ ArmVirtPkg/Library/ArmCcaRsiLib/ArmCcaRsi.h| 1 + ArmVirtPkg/Library/ArmCcaRsiLib/ArmCcaRsiLib.c | 40 3 files changed, 77 insertions(+) diff --git a/ArmVirtPkg/Include/Library/ArmCcaRsiLib.h b/ArmVirtPkg/Include/Library/ArmCcaRsiLib.h index 99a8175262331f4b0ddc098c3c62a20954b2b516..db1ae5b4c1a6475a275ce6be3383ea933ec9af20 100644 --- a/ArmVirtPkg/Include/Library/ArmCcaRsiLib.h +++ b/ArmVirtPkg/Include/Library/ArmCcaRsiLib.h @@ -81,6 +81,21 @@ typedef struct RealmConfig { UINT8 Reserved[SIZE_4KB - sizeof (UINT64)]; } REALM_CONFIG; +/** A structure describing the Host Call arguments +See Section 4.4.2 RsiHostCall type, RMM Specification, version A-bet0 +*/ +typedef struct HostCallArgs { + UINT64Imm; + UINT64Gprs0; + UINT64Gprs1; + UINT64Gprs2; + UINT64Gprs3; + UINT64Gprs4; + UINT64Gprs5; + UINT64Gprs6; + UINT8 Reserved[0x1000 - (sizeof (UINT64) * 8)]; +} HOST_CALL_ARGS; + /** Retrieve an attestation token from the RMM. @@ -198,6 +213,27 @@ RsiGetRealmConfig ( IN REALM_CONFIG *Config ); +/** + Make a Host Call. + + A Host call can be used by a Realm to make a hypercall. + On Realm execution of HVC, an Unknown exception is taken to the Realm. + + @param [in] ArgsPointer to the IPA of the Host call data + structure. + + Note: The IPA of the Host call arguments data structure must be aligned + to the Realm granule size. + + @retval RETURN_SUCCESSSuccess. + @retval RETURN_INVALID_PARAMETER A parameter is invalid. +**/ +RETURN_STATUS +EFIAPI +RsiHostCall ( + IN HOST_CALL_ARGS *Args + ); + /** Get the version of the RSI implementation. diff --git a/ArmVirtPkg/Library/ArmCcaRsiLib/ArmCcaRsi.h b/ArmVirtPkg/Library/ArmCcaRsiLib/ArmCcaRsi.h index 6f0ee3061ade5a4a99b717a52d5a241e0e446270..70e84a20711f04c32a5850230cc907a6d231f50b 100644 --- a/ArmVirtPkg/Library/ArmCcaRsiLib/ArmCcaRsi.h +++ b/ArmVirtPkg/Library/ArmCcaRsiLib/ArmCcaRsi.h @@ -20,6 +20,7 @@ // FIDs for Realm Service Interface calls. #define FID_RSI_ATTESTATION_TOKEN_CONTINUE 0xC4000195 #define FID_RSI_ATTESTATION_TOKEN_INIT 0xC4000194 +#define FID_RSI_HOST_CALL 0xC4000199 #define FID_RSI_IPA_STATE_GET 0xC4000198 #define FID_RSI_IPA_STATE_SET 0xC4000197 #define FID_RSI_MEASUREMENT_EXTEND 0xC4000193 diff --git a/ArmVirtPkg/Library/ArmCcaRsiLib/ArmCcaRsiLib.c b/ArmVirtPkg/Library/ArmCcaRsiLib/ArmCcaRsiLib.c index eb9896668a267f2cdf30f36bd14697d56d2612ed..79a65300f05af665b3afebe2a8f8b1f6faf76f23 100644 --- a/ArmVirtPkg/Library/ArmCcaRsiLib/ArmCcaRsiLib.c +++ b/ArmVirtPkg/Library/ArmCcaRsiLib/ArmCcaRsiLib.c @@ -489,6 +489,46 @@ RsiGetRealmConfig ( return RsiCmdStatusToEfiStatus (SmcCmd.Arg0); } +/** + Make a Host Call. + + A Host call can be used by a Realm to make a hypercall. + On Realm execution of HVC, an Unknown exception is taken to the Realm. + + @param [in] ArgsPointer to the IPA of the Host call data + structure. + + Note: The IPA of the Host call arguments data structure must be aligned + to the Realm granule size. + + @retval RETURN_SUCCESSSuccess. + @retval RETURN_INVALID_PARAMETER A parameter is invalid. +**/ +RETURN_STATUS +EFIAPI +RsiHostCall ( + IN HOST_CALL_ARGS *Args + ) +{ + ARM_SMC_ARGS SmcCmd; + + if ((Args == NULL) || (!AddrIsGranuleAligned ((UINT64 *)Args))) { +return RETURN_INVALID_PARAMETER; + } + + STATIC_ASSERT (sizeof (HOST_CALL_ARGS) == SIZE_4KB); + + // Clear the reserved fields + ZeroMem (&Args->Reserved, sizeof (Args->Reserved)); + + ZeroMem (&SmcCmd, sizeof (SmcCmd)); + SmcCmd.Arg0 = FID_RSI_HOST_CALL; + SmcCmd.Arg1 = (UINTN)Args; + + ArmCallSmc (&SmcCmd); + return RsiCmdStatusToEfiStatus (SmcCmd.Arg0); +} + /** Get the version of the RSI implementation. -- 'Guid(CE165669-3EF3-493F-B85D-6190EE5B9759)' -=-=-=-=-=-=-=-=-=-=-=- Groups.io Links: You receive all messages sent to this group. View/Reply Online (#117686): https://edk
[edk2-devel] [PATCH v2 14/45] ArmVirtPkg: Define an interface to configure MMIO regions for Arm CCA
The IPA space of a Realm is divided into two halves: - Protected IPA space and - Unprotected IPA space. Software in a Realm should treat the most significant bit of an IPA as a protection attribute. The Unprotected IPA space is used for sharing memory and for performing MMIO accesses with the Host. An Unprotected IPA is an address in the upper half of a Realm's IPA space. The most significant bit of an Unprotected IPA is 1. Therefore, the page tables for the MMIO regions must be updated to set the most significant bit of the IPA space. To facilitate this define ArmCcaConfigureMmio () that can be called during the early firmware startup. Cc: Ard Biesheuvel Cc: Leif Lindholm Cc: Gerd Hoffmann Signed-off-by: Sami Mujawar --- ArmVirtPkg/Include/Library/ArmVirtMemInfoLib.h | 19 ++- 1 file changed, 18 insertions(+), 1 deletion(-) diff --git a/ArmVirtPkg/Include/Library/ArmVirtMemInfoLib.h b/ArmVirtPkg/Include/Library/ArmVirtMemInfoLib.h index 7812c2e28657ca9525880dcc0d16d7bca90cc334..b70a96ed923e8c2654e51c9714074744a4d5f0c2 100644 --- a/ArmVirtPkg/Include/Library/ArmVirtMemInfoLib.h +++ b/ArmVirtPkg/Include/Library/ArmVirtMemInfoLib.h @@ -1,6 +1,6 @@ /** @file - Copyright (c) 2011-2013, ARM Limited. All rights reserved. + Copyright (c) 2011-2023, Arm Limited. All rights reserved. Copyright (c) 2017, Linaro, Ltd. All rights reserved. SPDX-License-Identifier: BSD-2-Clause-Patent @@ -32,4 +32,21 @@ ArmVirtGetMemoryMap ( OUT ARM_MEMORY_REGION_DESCRIPTOR **VirtualMemoryMap ); +/** + Configure the MMIO regions as shared with the VMM. + + Set the protection attribute for the MMIO regions as Unprotected IPA. + + @param[in]IpaWidth IPA width of the Realm. + + @retval RETURN_SUCCESSSuccess. + @retval RETURN_INVALID_PARAMETER A parameter is invalid. + @retval RETURN_UNSUPPORTEDThe execution context is not in a Realm. +**/ +EFI_STATUS +EFIAPI +ArmCcaConfigureMmio ( + IN UINT64 IpaWidth + ); + #endif -- 'Guid(CE165669-3EF3-493F-B85D-6190EE5B9759)' -=-=-=-=-=-=-=-=-=-=-=- Groups.io Links: You receive all messages sent to this group. View/Reply Online (#117687): https://edk2.groups.io/g/devel/message/117687 Mute This Topic: https://groups.io/mt/105483426/21656 Group Owner: devel+ow...@edk2.groups.io Unsubscribe: https://edk2.groups.io/g/devel/unsub [arch...@mail-archive.com] -=-=-=-=-=-=-=-=-=-=-=-
[edk2-devel] [PATCH v2 24/45] ArmVirtPkg: Perform Arm CCA initialisation in the Pei phase
Add ArmCcaInitialize () to perform Arm CCA specific initialisation like: - Reading the Realm Config by calling the RSI interface. - Storing the IPA width of the Realm in PcdArmCcaEarlyIpaWidth. - Configuring the MMIO regions to update the page tables to set the protection attribute as Unprotected IPA. Note: ArmCcaInitialize () is implemented in ArmCcaInitPeiLib for which a Null implementation is provided. Therefore, this change should not break existing platforms that do not implement the Arm CCA. Cc: Ard Biesheuvel Cc: Leif Lindholm Cc: Gerd Hoffmann Signed-off-by: Sami Mujawar --- ArmVirtPkg/PrePi/PrePi.c | 8 1 file changed, 8 insertions(+) diff --git a/ArmVirtPkg/PrePi/PrePi.c b/ArmVirtPkg/PrePi/PrePi.c index f27e0ad3d223820f60d1f8087325a96c60ebe876..405da60177f56238a79687ff8e1839207b14afd3 100755 --- a/ArmVirtPkg/PrePi/PrePi.c +++ b/ArmVirtPkg/PrePi/PrePi.c @@ -9,6 +9,7 @@ #include #include +#include #include #include #include @@ -34,6 +35,7 @@ PrePiMain ( CHAR8 Buffer[100]; UINTN CharCount; UINTN StacksSize; + RETURN_STATUS RetStatus; // Initialize the architecture specific bits ArchInitialize (); @@ -61,6 +63,12 @@ PrePiMain ( Status = MemoryPeim (UefiMemoryBase, FixedPcdGet32 (PcdSystemMemoryUefiRegionSize)); ASSERT_EFI_ERROR (Status); + // Perform the Arm CCA specific initialisations. + RetStatus = ArmCcaInitialize (); + if (RETURN_ERROR (RetStatus)) { +CpuDeadLoop (); + } + // Initialize the Serial Port SerialPortInitialize (); CharCount = AsciiSPrint ( -- 'Guid(CE165669-3EF3-493F-B85D-6190EE5B9759)' -=-=-=-=-=-=-=-=-=-=-=- Groups.io Links: You receive all messages sent to this group. View/Reply Online (#117688): https://edk2.groups.io/g/devel/message/117688 Mute This Topic: https://groups.io/mt/105483427/21656 Group Owner: devel+ow...@edk2.groups.io Unsubscribe: https://edk2.groups.io/g/devel/unsub [arch...@mail-archive.com] -=-=-=-=-=-=-=-=-=-=-=-
[edk2-devel] [PATCH v2 17/45] ArmVirtPkg: Xen: Add a NULL implementation of ArmCcaConfigureMmio
To support Arm CCA, a hook function ArmCcaConfigureMmio () has been added to the ArmVirtMemInfoLib library. Since, Arm CCA has not been enabled for the Xen guest firmware, update the XenVirtMemInfoLib library to add a NULL implementation for ArmCcaConfigureMmio () that returns RETURN_UNSUPPORTED. Cc: Ard Biesheuvel Cc: Leif Lindholm Cc: Gerd Hoffmann Signed-off-by: Sami Mujawar --- ArmVirtPkg/Library/XenVirtMemInfoLib/XenVirtMemInfoLib.c | 21 1 file changed, 21 insertions(+) diff --git a/ArmVirtPkg/Library/XenVirtMemInfoLib/XenVirtMemInfoLib.c b/ArmVirtPkg/Library/XenVirtMemInfoLib/XenVirtMemInfoLib.c index ac0c75aecfe54090788836f2eea097f4abb112a3..8a9f6e1e1eee91ec2fc1418b342c0966548e8a6c 100644 --- a/ArmVirtPkg/Library/XenVirtMemInfoLib/XenVirtMemInfoLib.c +++ b/ArmVirtPkg/Library/XenVirtMemInfoLib/XenVirtMemInfoLib.c @@ -1,6 +1,7 @@ /** @file Copyright (c) 2014-2017, Linaro Limited. All rights reserved. + Copyright (c) 2023, Arm Limited. All rights reserved. SPDX-License-Identifier: BSD-2-Clause-Patent @@ -55,3 +56,23 @@ ArmVirtGetMemoryMap ( *VirtualMemoryMap = mVirtualMemoryTable; } + +/** + Configure the MMIO regions as shared with the VMM. + + Set the protection attribute for the MMIO regions as Unprotected IPA. + + @param[in]IpaWidth IPA width of the Realm. + + @retval RETURN_SUCCESSSuccess. + @retval RETURN_INVALID_PARAMETER A parameter is invalid. + @retval RETURN_UNSUPPORTEDThe execution context is not in a Realm. +**/ +EFI_STATUS +EFIAPI +ArmCcaConfigureMmio ( + IN UINT64 IpaWidth + ) +{ + return RETURN_UNSUPPORTED; +} -- 'Guid(CE165669-3EF3-493F-B85D-6190EE5B9759)' -=-=-=-=-=-=-=-=-=-=-=- Groups.io Links: You receive all messages sent to this group. View/Reply Online (#117685): https://edk2.groups.io/g/devel/message/117685 Mute This Topic: https://groups.io/mt/105483424/21656 Group Owner: devel+ow...@edk2.groups.io Unsubscribe: https://edk2.groups.io/g/devel/unsub [arch...@mail-archive.com] -=-=-=-=-=-=-=-=-=-=-=-
[edk2-devel] [PATCH v2 04/45] ArmVirtPkg: Add Arm CCA Realm Service Interface Library
The Realm Management Monitor (RMM) is a software component which forms part of a system which implements the Arm Confidential Compute Architecture (CCA) and is responsible for management of Realms. The RMM specification defines a Realm Service Interface (RSI) that the Guest can use to request services from the RMM. Therefore, add a library that implements the RSI interfaces to: - query the RSI version - get the Realm configuration. Cc: Ard Biesheuvel Cc: Leif Lindholm Cc: Gerd Hoffmann Signed-off-by: Sami Mujawar --- ArmVirtPkg/ArmVirtPkg.dec| 1 + ArmVirtPkg/Include/Library/ArmCcaRsiLib.h| 72 ++ ArmVirtPkg/Library/ArmCcaRsiLib/ArmCcaRsi.h | 40 ++ ArmVirtPkg/Library/ArmCcaRsiLib/ArmCcaRsiLib.c | 145 ArmVirtPkg/Library/ArmCcaRsiLib/ArmCcaRsiLib.inf | 29 5 files changed, 287 insertions(+) diff --git a/ArmVirtPkg/ArmVirtPkg.dec b/ArmVirtPkg/ArmVirtPkg.dec index 6aa5ea05f4e9bfc7aa17d40777dda916ccc82798..d92cb52fc30a6f0ee3469fbd2a940f88e9cf2c67 100644 --- a/ArmVirtPkg/ArmVirtPkg.dec +++ b/ArmVirtPkg/ArmVirtPkg.dec @@ -26,6 +26,7 @@ [Includes.common] Include# Root include for the package [LibraryClasses] + ArmCcaRsiLib|Include/Library/ArmCcaRsiLib.h ArmVirtMemInfoLib|Include/Library/ArmVirtMemInfoLib.h [Guids.common] diff --git a/ArmVirtPkg/Include/Library/ArmCcaRsiLib.h b/ArmVirtPkg/Include/Library/ArmCcaRsiLib.h new file mode 100644 index ..ab70240b3ab2979996f20190ddf669b53183556b --- /dev/null +++ b/ArmVirtPkg/Include/Library/ArmCcaRsiLib.h @@ -0,0 +1,72 @@ +/** @file + Library that implements the Arm CCA Realm Service Interface calls. + + Copyright (c) 2022 - 2023, Arm Limited. All rights reserved. + SPDX-License-Identifier: BSD-2-Clause-Patent + +- Rsi or RSI - Realm Service Interface +- IPA - Intermediate Physical Address + + @par Reference(s): + - Realm Management Monitor (RMM) Specification, version A-bet0 + (https://developer.arm.com/documentation/den0137/) +**/ + +#ifndef ARM_CCA_RSI_LIB_ +#define ARM_CCA_RSI_LIB_ + +#include + +/** + A macro defining the size of a Realm Granule. + See Section A2.2, RMM Specification, version A-bet0 + DNBXXX A Granule is a unit of physical memory whose size is 4KB. +*/ +#define REALM_GRANULE_SIZE SIZE_4KB + +/** A structure describing the Realm Configuration. + See Section B4.4.4 RsiRealmConfig type, RMM Specification, version A-bet0 + The width of the RsiRealmConfig structure is 4096 (0x1000) bytes. +*/ +typedef struct RealmConfig { + // Width of IPA in bits. + UINT64IpaWidth; + // Unused bits of the RsiRealmConfig structure should be zero. + UINT8 Reserved[SIZE_4KB - sizeof (UINT64)]; +} REALM_CONFIG; + +/** + Read the Realm Configuration. + + @param [out] Config Pointer to the address of the buffer to retrieve + the Realm configuration. + + Note: The buffer to retrieve the Realm configuration must be aligned to the +Realm granule size. + + @retval RETURN_SUCCESSSuccess. + @retval RETURN_INVALID_PARAMETER A parameter is invalid. +**/ +RETURN_STATUS +EFIAPI +RsiGetRealmConfig ( + IN REALM_CONFIG *Config + ); + +/** + Get the version of the RSI implementation. + + @param [out] Major The major version of the RSI implementation. + @param [out] Minor The minor version of the RSI implementation. + + @retval RETURN_SUCCESSSuccess. + @retval RETURN_INVALID_PARAMETER A parameter is invalid. + */ +RETURN_STATUS +EFIAPI +RsiGetVersion ( + OUT UINT16 *CONST Major, + OUT UINT16 *CONST Minor + ); + +#endif // ARM_CCA_RSI_LIB_ diff --git a/ArmVirtPkg/Library/ArmCcaRsiLib/ArmCcaRsi.h b/ArmVirtPkg/Library/ArmCcaRsiLib/ArmCcaRsi.h new file mode 100644 index ..90e9dbb609679c82cd8e8ee8081428fd97021f97 --- /dev/null +++ b/ArmVirtPkg/Library/ArmCcaRsiLib/ArmCcaRsi.h @@ -0,0 +1,40 @@ +/** @file + Definitions for Arm CCA Realm Service Interface. + + Copyright (c) 2022 - 2023, ARM Ltd. All rights reserved. + SPDX-License-Identifier: BSD-2-Clause-Patent + + @par Glossary: +- Rsi or RSI - Realm Service Interface +- IPA - Intermediate Physical Address + + @par Reference(s): + - Realm Management Monitor (RMM) Specification, version A-bet0 + (https://developer.arm.com/documentation/den0137/) +**/ + +#ifndef ARM_CCA_RSI_H_ +#define ARM_CCA_RSI_H_ + +// FIDs for Realm Service Interface calls. +#define FID_RSI_REALM_CONFIG 0xC4000196 +#define FID_RSI_VERSION 0xC4000190 + +/** RSI Command Return codes + See Section B4.4.1, RMM Specification, version A-bet0. + The width of the RsiCommandReturnCode enumeration is 64 bits. +*/ +#define RSI_SUCCESS 0ULL +#define RSI_ERROR_INPUT 1ULL +#define RSI_ERROR_STATE 2ULL +#define RSI_INCOMPLETE 3ULL + +/** RSI interface Version + See Section B4.4.3, RMM Specific
[edk2-devel] [PATCH v2 12/45] ArmVirtPkg: Add library for Arm CCA helper functions
Introduce ArmCcaLib library that implements helper functions to: - probe if the code is executing in a Realm context - configure the protection attribute in page tables for the memory regions shared with the host - get the IPA width of the Realm which was stored in the GUID HOB gArmCcaIpaWidthGuid. Cc: Ard Biesheuvel Cc: Leif Lindholm Cc: Gerd Hoffmann Signed-off-by: Sami Mujawar --- ArmVirtPkg/ArmVirtPkg.dec | 1 + ArmVirtPkg/Include/Library/ArmCcaLib.h | 114 + ArmVirtPkg/Library/ArmCcaLib/ArmCcaLib.c | 174 ArmVirtPkg/Library/ArmCcaLib/ArmCcaLib.inf | 34 4 files changed, 323 insertions(+) diff --git a/ArmVirtPkg/ArmVirtPkg.dec b/ArmVirtPkg/ArmVirtPkg.dec index 23179c89704db789ab649de81873924c3958ab2a..d521e107ddff15e6dc585e3a63567e3ad817189f 100644 --- a/ArmVirtPkg/ArmVirtPkg.dec +++ b/ArmVirtPkg/ArmVirtPkg.dec @@ -27,6 +27,7 @@ [Includes.common] [LibraryClasses] ArmCcaInitPeiLib|Include/Library/ArmCcaInitPeiLib.h + ArmCcaLib|Include/Library/ArmCcaLib.h ArmCcaRsiLib|Include/Library/ArmCcaRsiLib.h ArmVirtMemInfoLib|Include/Library/ArmVirtMemInfoLib.h diff --git a/ArmVirtPkg/Include/Library/ArmCcaLib.h b/ArmVirtPkg/Include/Library/ArmCcaLib.h new file mode 100644 index ..a47e14b507f1bfd1feece636063eb2ba83357a5b --- /dev/null +++ b/ArmVirtPkg/Include/Library/ArmCcaLib.h @@ -0,0 +1,114 @@ +/** @file + Library that implements the Arm CCA helper functions. + + Copyright (c) 2022 - 2023, Arm Ltd. All rights reserved. + SPDX-License-Identifier: BSD-2-Clause-Patent + +- Rsi or RSI - Realm Service Interface +- IPA - Intermediate Physical Address +- RIPAS- Realm IPA state +**/ + +#ifndef ARM_CCA_LIB_ +#define ARM_CCA_LIB_ + +#include +#include + +/** + Check if running in a Realm. + +@retval TRUEThe execution is within the context of a Realm. +@retval FALSE The execution is not within the context of a Realm. +**/ +BOOLEAN +EFIAPI +IsRealm ( + VOID + ); + +/** + Configure the protection attribute for the page tables + describing the memory region. + + The IPA space of a Realm is divided into two halves: +- Protected IPA space and +- Unprotected IPA space. + + Software in a Realm should treat the most significant bit of an + IPA as a protection attribute. + + A Protected IPA is an address in the lower half of a Realms IPA + space. The most significant bit of a Protected IPA is 0. + + An Unprotected IPA is an address in the upper half of a Realms + IPA space. The most significant bit of an Unprotected IPA is 1. + + Note: + - Configuring the memory region as Unprotected IPA enables the +Realm to share the memory region with the Host. + - This function updates the page table entries to reflect the +protection attribute. + - A separate call to transition the memory range using the Realm +Service Interface (RSI) RSI_IPA_STATE_SET command is additionally +required and is expected to be done outside this function. + +@param [in] BaseAddress Base address of the memory region. +@param [in] Length Length of the memory region. +@param [in] IpaWidth IPA width of the Realm. +@param [in] ShareIf TRUE, set the most significant + bit of the IPA to configure the memory + region as Unprotected IPA. + If FALSE, clear the most significant + bit of the IPA to configure the memory + region as Protected IPA. + +@retval RETURN_SUCCESSIPA protection attribute updated. +@retval RETURN_INVALID_PARAMETER A parameter is invalid. +@retval RETURN_UNSUPPORTEDThe request is not initiated in a + Realm. +**/ +RETURN_STATUS +EFIAPI +ArmCcaSetMemoryProtectAttribute ( + IN EFI_PHYSICAL_ADDRESS BaseAddress, + IN UINT64Length, + IN UINT64IpaWidth, + IN BOOLEAN Share + ); + +/** + Return the IPA width of the Realm. + + The IPA width of the Realm is used to configure the protection attribute + for memory regions, see ArmCcaSetMemoryProtectAttribute(). + + The IPA width of the Realm is present in the Realm config which is read + when the ArmCcaInitPeiLib library hook function ArmCcaInitialize () is + called in the PrePi phase. ArmCcaInitialize () stores the IPA width of + the Realm in a GUID HOB gArmCcaIpaWidthGuid. + + This function searches the GUID HOB gArmCcaIpaWidthGuid and returns the + IPA width value stored therein. + + Note: + - This function must only be called after ArmCcaInitialize () has setup +the GUID HOB gArmCcaIpaWidthGuid. + +@param [out] IpaWidth IPA width of the Realm. + +@retval RETURN_SUCCESSSuccess. +@retval RETURN_INVALID_PARAMETER A parameter is invalid. +@retval RETUR
[edk2-devel] [PATCH v2 21/45] ArmVirtPkg: Kvmtool: Use ArmVirt instance of ArmMonitorLib
ArmVirtMonitorLib parses the device tree handed off by the VMM to determine the conduit that must be used for monitor calls. For a normal virtual machine guest firmware, the default conduit is HVC. However, for Arm CCA the Realm code must use SMC as the conduit. Kvmtool populates the correct conduit to be used by the VM instance in the device tree it hands off to the firmware. Therefore, switch to using ArmVirtMonitorLib as this enables to have a unified firmware binary for both Normal VMs and Realm VMs. Cc: Ard Biesheuvel Cc: Leif Lindholm Cc: Gerd Hoffmann Signed-off-by: Sami Mujawar --- ArmVirtPkg/ArmVirtKvmTool.dsc | 4 +--- 1 file changed, 1 insertion(+), 3 deletions(-) diff --git a/ArmVirtPkg/ArmVirtKvmTool.dsc b/ArmVirtPkg/ArmVirtKvmTool.dsc index d09b3e06928ad70dba8581bd605a7c76b231ba61..a310fbd53ec7a37805865525da142e0610846f86 100644 --- a/ArmVirtPkg/ArmVirtKvmTool.dsc +++ b/ArmVirtPkg/ArmVirtKvmTool.dsc @@ -84,7 +84,7 @@ [LibraryClasses.common] HwInfoParserLib|DynamicTablesPkg/Library/FdtHwInfoParserLib/FdtHwInfoParserLib.inf DynamicPlatRepoLib|DynamicTablesPkg/Library/Common/DynamicPlatRepoLib/DynamicPlatRepoLib.inf - ArmMonitorLib|ArmPkg/Library/ArmMonitorLib/ArmMonitorLib.inf + ArmMonitorLib|ArmVirtPkg/Library/ArmVirtMonitorLib/ArmVirtMonitorLib.inf ArmTrngLib|ArmPkg/Library/ArmTrngLib/ArmTrngLib.inf [LibraryClasses.common.SEC, LibraryClasses.common.PEI_CORE, LibraryClasses.common.PEIM] @@ -126,8 +126,6 @@ [PcdsFeatureFlag.common] # Use MMIO for accessing RTC controller registers. gPcAtChipsetPkgTokenSpaceGuid.PcdRtcUseMmio|TRUE - gArmTokenSpaceGuid.PcdMonitorConduitHvc|TRUE - [PcdsFixedAtBuild.common] gEfiMdePkgTokenSpaceGuid.PcdDebugPrintErrorLevel|0x800F -- 'Guid(CE165669-3EF3-493F-B85D-6190EE5B9759)' -=-=-=-=-=-=-=-=-=-=-=- Groups.io Links: You receive all messages sent to this group. View/Reply Online (#117680): https://edk2.groups.io/g/devel/message/117680 Mute This Topic: https://groups.io/mt/105483418/21656 Group Owner: devel+ow...@edk2.groups.io Unsubscribe: https://edk2.groups.io/g/devel/unsub [arch...@mail-archive.com] -=-=-=-=-=-=-=-=-=-=-=-
[edk2-devel] [PATCH v2 06/45] ArmVirtPkg: ArmCcaRsiLib: Add an interface to get an attestation token
A CCA attestation token is a collection of claims about the state of a Realm and of the CCA platform on which the Realm is running. A CCA attestation token consists of two parts: * Realm token - Contains attributes of the Realm, including: # Realm Initial Measurement # Realm Extensible Measurements * CCA platform token - Contains attributes of the CCA platform on which the Realm is running, including: # CCA platform identity # CCA platform life cycle state # CCA platform software component measurements The CCA attestation token is used by a verification service to validate these claims. The Realm Service Interface defines the following interfaces to retrieve an attestation token from the Realm Management Monitor (RMM). - RSI_ATTESTATION_TOKEN_INIT - RSI_ATTESTATION_TOKEN_CONTINUE Therefore, update the ArmCcaRsiLib to add an interface to get an attestation token from the RMM. Cc: Ard Biesheuvel Cc: Leif Lindholm Cc: Gerd Hoffmann Signed-off-by: Sami Mujawar --- ArmVirtPkg/Include/Library/ArmCcaRsiLib.h | 44 - ArmVirtPkg/Library/ArmCcaRsiLib/ArmCcaRsi.h| 10 +- ArmVirtPkg/Library/ArmCcaRsiLib/ArmCcaRsiLib.c | 195 +++- 3 files changed, 243 insertions(+), 6 deletions(-) diff --git a/ArmVirtPkg/Include/Library/ArmCcaRsiLib.h b/ArmVirtPkg/Include/Library/ArmCcaRsiLib.h index 0c7f1afc78252b286a20dd8a7a81d538cf76ea8f..f88b07ee9806a51dd10add3a82bf5ce1115c0656 100644 --- a/ArmVirtPkg/Include/Library/ArmCcaRsiLib.h +++ b/ArmVirtPkg/Include/Library/ArmCcaRsiLib.h @@ -31,6 +31,19 @@ */ #define RIPAS_TYPE_MASK 0xFF +/* Maximum attestation token size + RBXKKY The size of an attestation token is no larger than 4KB. +*/ +#define MAX_ATTESTATION_TOKEN_SIZE SIZE_4KB + +/* Maximum challenge data size in bits. +*/ +#define MAX_CHALLENGE_DATA_SIZE_BITS 512 + +/* Minimum recommended challenge data size in bits. +*/ +#define MIN_CHALLENGE_DATA_SIZE_BITS 256 + /** An enum describing the RSI RIPAS. See Section A5.2.2 Realm IPA state, RMM Specification, version A-bet0 */ @@ -51,6 +64,35 @@ typedef struct RealmConfig { UINT8 Reserved[SIZE_4KB - sizeof (UINT64)]; } REALM_CONFIG; +/** + Retrieve an attestation token from the RMM. + + @param [in] ChallengeData Pointer to the challenge data to be + included in the attestation token. + @param [in] ChallengeDataSizeBits Size of the challenge data in bits. + @param [out] TokenBuffer Pointer to a buffer to store the + retrieved attestation token. + @param [in, out] TokenBufferSize Size of the token buffer on input and + number of bytes stored in token buffer + on return. + + @retval RETURN_SUCCESSSuccess. + @retval RETURN_INVALID_PARAMETER A parameter is invalid. + @retval RETURN_ABORTEDThe operation was aborted as the state +of the Realm or REC does not match the +state expected by the command. + @retval RETURN_NOT_READY The operation requested by the command +is not complete. +**/ +RETURN_STATUS +EFIAPI +RsiGetAttestationToken ( + IN CONST UINT8 *CONST ChallengeData, + INUINT64 ChallengeDataSizeBits, + OUT UINT8 *CONST TokenBuffer, + IN OUTUINT64 *CONST TokenBufferSize + ); + /** Returns the IPA state for the page pointed by the address. @@ -111,7 +153,7 @@ RsiGetRealmConfig ( @retval RETURN_SUCCESSSuccess. @retval RETURN_INVALID_PARAMETER A parameter is invalid. - */ +**/ RETURN_STATUS EFIAPI RsiGetVersion ( diff --git a/ArmVirtPkg/Library/ArmCcaRsiLib/ArmCcaRsi.h b/ArmVirtPkg/Library/ArmCcaRsiLib/ArmCcaRsi.h index 9cc12bc5a70b457367077d0b26011c3b91fa63c9..325234d06695befc840dcf37e951130dfe0550c3 100644 --- a/ArmVirtPkg/Library/ArmCcaRsiLib/ArmCcaRsi.h +++ b/ArmVirtPkg/Library/ArmCcaRsiLib/ArmCcaRsi.h @@ -18,10 +18,12 @@ #define ARM_CCA_RSI_H_ // FIDs for Realm Service Interface calls. -#define FID_RSI_IPA_STATE_GET 0xC4000198 -#define FID_RSI_IPA_STATE_SET 0xC4000197 -#define FID_RSI_REALM_CONFIG 0xC4000196 -#define FID_RSI_VERSION0xC4000190 +#define FID_RSI_ATTESTATION_TOKEN_CONTINUE 0xC4000195 +#define FID_RSI_ATTESTATION_TOKEN_INIT 0xC4000194 +#define FID_RSI_IPA_STATE_GET 0xC4000198 +#define FID_RSI_IPA_STATE_SET 0xC4000197 +#define FID_RSI_REALM_CONFIG0xC4000196 +#define FID_RSI_VERSION 0xC4000190 /** RSI Command Return codes See Section B4.4.1, RMM Specification, version A-bet0. diff --git a/ArmVirtPkg/Library/ArmCcaRsiLib/ArmCcaRsiLib.c b/ArmVirtPkg/Library/ArmCcaRsiLib/ArmCcaRsiLib.c index 546df9a94cb86533b37fef7e42fdaf7b8563052d..3cc6be299e0a7bd
[edk2-devel] [PATCH v2 07/45] ArmVirtPkg: ArmCcaRsiLib: Add interfaces to get/extend REMs
The Section A2.1.3 Realm attributes, RMM Specification, version A-bet0 introduces the concept of REMs as described below: DGRFCS - A Realm Extensible Measurement (REM) is a measurement value which can be extended during the lifetime of a Realm. IFMPYL - Attributes of a Realm include an array of measurement values. The first entry in this array is a RIM. The remaining entries in this array are REMs. The Realm Service Interface commands defined in section B4.3.7 RSI_MEASUREMENT_READ and B4.3.6 RSI_MEASUREMENT_EXTEND specify the interfaces to read and extend measurements to REMs. Therefore, update ArmCcaRsiLib to add interfaces to get and extend REMs. Cc: Ard Biesheuvel Cc: Leif Lindholm Cc: Gerd Hoffmann Signed-off-by: Sami Mujawar --- ArmVirtPkg/Include/Library/ArmCcaRsiLib.h | 53 ArmVirtPkg/Library/ArmCcaRsiLib/ArmCcaRsi.h| 2 + ArmVirtPkg/Library/ArmCcaRsiLib/ArmCcaRsiLib.c | 91 3 files changed, 146 insertions(+) diff --git a/ArmVirtPkg/Include/Library/ArmCcaRsiLib.h b/ArmVirtPkg/Include/Library/ArmCcaRsiLib.h index f88b07ee9806a51dd10add3a82bf5ce1115c0656..99a8175262331f4b0ddc098c3c62a20954b2b516 100644 --- a/ArmVirtPkg/Include/Library/ArmCcaRsiLib.h +++ b/ArmVirtPkg/Include/Library/ArmCcaRsiLib.h @@ -7,6 +7,8 @@ - Rsi or RSI - Realm Service Interface - IPA - Intermediate Physical Address - RIPAS- Realm IPA state +- RIM - Realm Initial Measurement +- REM - Realm Extensible Measurement @par Reference(s): - Realm Management Monitor (RMM) Specification, version A-bet0 @@ -44,6 +46,21 @@ */ #define MIN_CHALLENGE_DATA_SIZE_BITS 256 +/* Maximum measurement data size in bytes. + See Section C1.11 RmmRealmMeasurement type, RMM Specification, version A-bet0 + The width of the RmmRealmMeasurement type is 512 bits. +*/ +#define MAX_MEASUREMENT_DATA_SIZE_BYTES 64 + +/* Minimum and Maximum indices for REMs + See Section A2.1.3 Realm attributes, RMM Specification, version A-bet0 + IFMPYL - Attributes of a Realm include an array of measurement values. The + first entry in this array is a RIM. The remaining entries in this array are + REMs. +*/ +#define MIN_REM_INDEX 1 +#define MAX_REM_INDEX 4 + /** An enum describing the RSI RIPAS. See Section A5.2.2 Realm IPA state, RMM Specification, version A-bet0 */ @@ -127,6 +144,42 @@ RsiSetIpaState ( IN RIPAS State ); +/** + Extends a measurement to a REM. + + @param [in] MeasurementIndex Index of the REM. + @param [in] Measurement Pointer to the measurement buffer. + @param [in] MeasurementSize Size of the measurement data. + + @retval RETURN_SUCCESSSuccess. + @retval RETURN_INVALID_PARAMETER A parameter is invalid. +**/ +RETURN_STATUS +EFIAPI +RsiExtendMeasurement ( + INUINTN MeasurementIndex, + IN CONST UINT8 *CONST Measurement, + INUINTN MeasurementSize + ); + +/** + Read the measurement value from a REM. + + @param [in] MeasurementIndex Index of the REM. + @param [out] MeasurementBuffer Pointer to store the measurement data. + @param [in] MeasurementBufferSize Size of the measurement buffer. + + @retval RETURN_SUCCESSSuccess. + @retval RETURN_INVALID_PARAMETER A parameter is invalid. +**/ +RETURN_STATUS +EFIAPI +RsiReadMeasurement ( + INUINTN MeasurementIndex, + OUT UINT8 *CONST MeasurementBuffer, + INUINTN MeasurementBufferSize + ); + /** Read the Realm Configuration. diff --git a/ArmVirtPkg/Library/ArmCcaRsiLib/ArmCcaRsi.h b/ArmVirtPkg/Library/ArmCcaRsiLib/ArmCcaRsi.h index 325234d06695befc840dcf37e951130dfe0550c3..6f0ee3061ade5a4a99b717a52d5a241e0e446270 100644 --- a/ArmVirtPkg/Library/ArmCcaRsiLib/ArmCcaRsi.h +++ b/ArmVirtPkg/Library/ArmCcaRsiLib/ArmCcaRsi.h @@ -22,6 +22,8 @@ #define FID_RSI_ATTESTATION_TOKEN_INIT 0xC4000194 #define FID_RSI_IPA_STATE_GET 0xC4000198 #define FID_RSI_IPA_STATE_SET 0xC4000197 +#define FID_RSI_MEASUREMENT_EXTEND 0xC4000193 +#define FID_RSI_MEASUREMENT_READ0xC4000192 #define FID_RSI_REALM_CONFIG0xC4000196 #define FID_RSI_VERSION 0xC4000190 diff --git a/ArmVirtPkg/Library/ArmCcaRsiLib/ArmCcaRsiLib.c b/ArmVirtPkg/Library/ArmCcaRsiLib/ArmCcaRsiLib.c index 3cc6be299e0a7bd12e5a91d17eb0b9393f57a907..eb9896668a267f2cdf30f36bd14697d56d2612ed 100644 --- a/ArmVirtPkg/Library/ArmCcaRsiLib/ArmCcaRsiLib.c +++ b/ArmVirtPkg/Library/ArmCcaRsiLib/ArmCcaRsiLib.c @@ -8,6 +8,7 @@ - Rsi or RSI - Realm Service Interface - IPA - Intermediate Physical Address - RIPAS- Realm IPA state +- REM - Realm Extensible Measurement @par Reference(s): - Realm Management Monitor (RMM) Specification, version A-bet0 @@ -366,6 +367,96 @@ RsiSetIpaState ( return Status; } +/** + Ex
[edk2-devel] [PATCH v2 11/45] ArmVirtPkg: Add NULL instance of ArmCcaInitPeiLib
Add a NULL instance of ArmCcaInitPeiLib library that guest firmware for VMMs that do not implement Arm CCA Realms can use. Cc: Ard Biesheuvel Cc: Leif Lindholm Cc: Gerd Hoffmann Signed-off-by: Sami Mujawar --- ArmVirtPkg/ArmVirt.dsc.inc | 2 + ArmVirtPkg/Library/ArmCcaInitPeiLibNull/ArmCcaInitPeiLibNull.c | 59 ArmVirtPkg/Library/ArmCcaInitPeiLibNull/ArmCcaInitPeiLibNull.inf | 27 + 3 files changed, 88 insertions(+) diff --git a/ArmVirtPkg/ArmVirt.dsc.inc b/ArmVirtPkg/ArmVirt.dsc.inc index 2bc6a29eb131f7c3817c4b411a0a69eb6181a059..8c1063fb73f81e69e866549a2ba9b12945c83d9c 100644 --- a/ArmVirtPkg/ArmVirt.dsc.inc +++ b/ArmVirtPkg/ArmVirt.dsc.inc @@ -194,6 +194,8 @@ [LibraryClasses.common.SEC] DebugLib|ArmVirtPkg/Library/DebugLibFdtPL011Uart/DebugLibFdtPL011UartFlash.inf !endif + ArmCcaInitPeiLib|ArmVirtPkg/Library/ArmCcaInitPeiLibNull/ArmCcaInitPeiLibNull.inf + [LibraryClasses.common.PEI_CORE] PcdLib|MdePkg/Library/PeiPcdLib/PeiPcdLib.inf BaseMemoryLib|MdePkg/Library/BaseMemoryLib/BaseMemoryLib.inf diff --git a/ArmVirtPkg/Library/ArmCcaInitPeiLibNull/ArmCcaInitPeiLibNull.c b/ArmVirtPkg/Library/ArmCcaInitPeiLibNull/ArmCcaInitPeiLibNull.c new file mode 100644 index ..5b606208dbcf4f0494cde79dd8923ef80fa0137b --- /dev/null +++ b/ArmVirtPkg/Library/ArmCcaInitPeiLibNull/ArmCcaInitPeiLibNull.c @@ -0,0 +1,59 @@ +/** @file + Library that implements a NULL implementation of the ArmCcaInitPeiLib. + + Copyright (c) 2022 - 2023, Arm Limited. All rights reserved. + SPDX-License-Identifier: BSD-2-Clause-Patent + + @par Glossary: +- Rsi or RSI - Realm Service Interface +- IPA - Intermediate Physical Address +- RIPAS- Realm IPA state +**/ + +#include +#include +#include +#include +#include +#include +#include +#include + +/** + Configure the System Memory region as Protected RAM. + + When a VMM creates a Realm, a small amount of DRAM (which contains the + firmware image) and the initial content is configured as Protected RAM. + The remaining System Memory is in the Protected Empty state. The firmware + must then initialise the remaining System Memory as Protected RAM before + it can be accessed. + + @retval RETURN_SUCCESSSuccess. + @retval RETURN_INVALID_PARAMETER A parameter is invalid. + @retval RETURN_UNSUPPORTEDThe execution context is not in a Realm. +**/ +RETURN_STATUS +EFIAPI +ArmCcaConfigureSystemMemory ( + VOID + ) +{ + return RETURN_UNSUPPORTED; +} + +/** + Perform Arm CCA specific initialisations. + + @retval EFI_SUCCESS Success or execution context is not a Realm. + @retval EFI_OUT_OF_RESOURCES Out of resources. + @retval RETURN_INVALID_PARAMETER A parameter is invalid. +**/ +EFI_STATUS +EFIAPI +ArmCcaInitialize ( + VOID + ) +{ + // Noting to do as the execution context is not a Realm. + return EFI_SUCCESS; +} diff --git a/ArmVirtPkg/Library/ArmCcaInitPeiLibNull/ArmCcaInitPeiLibNull.inf b/ArmVirtPkg/Library/ArmCcaInitPeiLibNull/ArmCcaInitPeiLibNull.inf new file mode 100644 index ..f039c7abdb6d5391f792179546ff9947086fe541 --- /dev/null +++ b/ArmVirtPkg/Library/ArmCcaInitPeiLibNull/ArmCcaInitPeiLibNull.inf @@ -0,0 +1,27 @@ +## @file +# Library that implements a NULL implementation of the ArmCcaInitPeiLib. +# +# Copyright (c) 2022 - 2023, Arm Limited. All rights reserved. +# +# SPDX-License-Identifier: BSD-2-Clause-Patent +# +## + +[Defines] + INF_VERSION= 0x0001001B + BASE_NAME = ArmCcaInitPeiLib + FILE_GUID = 60686C60-8433-49EE-9F2C-DDC424A95652 + MODULE_TYPE= BASE + VERSION_STRING = 1.0 + LIBRARY_CLASS = ArmCcaInitPeiLib + +[Sources] + ArmCcaInitPeiLibNull.c + +[Packages] + ArmPkg/ArmPkg.dec + ArmVirtPkg/ArmVirtPkg.dec + MdePkg/MdePkg.dec + +[LibraryClasses] + BaseLib -- 'Guid(CE165669-3EF3-493F-B85D-6190EE5B9759)' -=-=-=-=-=-=-=-=-=-=-=- Groups.io Links: You receive all messages sent to this group. View/Reply Online (#117677): https://edk2.groups.io/g/devel/message/117677 Mute This Topic: https://groups.io/mt/105483415/21656 Group Owner: devel+ow...@edk2.groups.io Unsubscribe: https://edk2.groups.io/g/devel/unsub [arch...@mail-archive.com] -=-=-=-=-=-=-=-=-=-=-=-
[edk2-devel] [PATCH v2 09/45] ArmVirtPkg: Define a GUID HOB for IPA width of a Realm
The IPA width of a Realm is read from the Realm Config by invoking the RSI call RSI_REALM_CONFIG to read the Realm Config. The IPA width is then stored in a GUID HOB gArmCcaIpaWidthGuid for subsequent use. This GUID HOB is also useful to pass the IPA width of the Realm to the DXE phase. Cc: Ard Biesheuvel Cc: Leif Lindholm Cc: Gerd Hoffmann Signed-off-by: Sami Mujawar --- ArmVirtPkg/ArmVirtPkg.dec | 1 + 1 file changed, 1 insertion(+) diff --git a/ArmVirtPkg/ArmVirtPkg.dec b/ArmVirtPkg/ArmVirtPkg.dec index d92cb52fc30a6f0ee3469fbd2a940f88e9cf2c67..0f95fd43bd189eda713aeccc6c73019e0f815169 100644 --- a/ArmVirtPkg/ArmVirtPkg.dec +++ b/ArmVirtPkg/ArmVirtPkg.dec @@ -34,6 +34,7 @@ [Guids.common] gEarlyPL011BaseAddressGuid = { 0xB199DEA9, 0xFD5C, 0x4A84, { 0x80, 0x82, 0x2F, 0x41, 0x70, 0x78, 0x03, 0x05 } } gEarly16550UartBaseAddressGuid = { 0xea67ca3e, 0x1f54, 0x436b, { 0x97, 0x88, 0xd4, 0xeb, 0x29, 0xc3, 0x42, 0x67 } } gArmVirtSystemMemorySizeGuid = { 0x504eccb9, 0x1bf0, 0x4420, { 0x86, 0x5d, 0xdc, 0x66, 0x06, 0xd4, 0x13, 0xbf } } + gArmCcaIpaWidthGuid = { 0xbdb66787, 0xfc8a, 0x412e, { 0xa0, 0x9b, 0x84, 0x96, 0x61, 0x81, 0x72, 0xc0 } } [PcdsFeatureFlag] # -- 'Guid(CE165669-3EF3-493F-B85D-6190EE5B9759)' -=-=-=-=-=-=-=-=-=-=-=- Groups.io Links: You receive all messages sent to this group. View/Reply Online (#117670): https://edk2.groups.io/g/devel/message/117670 Mute This Topic: https://groups.io/mt/105483408/21656 Group Owner: devel+ow...@edk2.groups.io Unsubscribe: https://edk2.groups.io/g/devel/unsub [arch...@mail-archive.com] -=-=-=-=-=-=-=-=-=-=-=-
[edk2-devel] [PATCH v2 13/45] ArmVirtPkg: Add Null instance of ArmCcaLib
Add a Null instance of ArmCcaLib so that guest firmware that does not support Arm CCA can link to this Null version of the library. Also include it in ArmVirt.dsc.inc so that it is linked for the non-Arm CCA firmware builds. Cc: Ard Biesheuvel Cc: Leif Lindholm Cc: Gerd Hoffmann Signed-off-by: Sami Mujawar --- ArmVirtPkg/ArmVirt.dsc.inc | 4 +- ArmVirtPkg/Library/ArmCcaLibNull/ArmCcaLibNull.c | 117 ArmVirtPkg/Library/ArmCcaLibNull/ArmCcaLibNull.inf | 28 + 3 files changed, 148 insertions(+), 1 deletion(-) diff --git a/ArmVirtPkg/ArmVirt.dsc.inc b/ArmVirtPkg/ArmVirt.dsc.inc index 8c1063fb73f81e69e866549a2ba9b12945c83d9c..c8a29dd8ebc88107c4caab4f826001d9b0c2e7f7 100644 --- a/ArmVirtPkg/ArmVirt.dsc.inc +++ b/ArmVirtPkg/ArmVirt.dsc.inc @@ -1,5 +1,5 @@ # -# Copyright (c) 2011 - 2022, ARM Limited. All rights reserved. +# Copyright (c) 2011 - 2023, ARM Limited. All rights reserved. # Copyright (c) 2014, Linaro Limited. All rights reserved. # Copyright (c) 2015 - 2018, Intel Corporation. All rights reserved. # Copyright (c) Microsoft Corporation. @@ -180,6 +180,8 @@ [LibraryClasses.common] ReportStatusCodeLib|MdePkg/Library/BaseReportStatusCodeLibNull/BaseReportStatusCodeLibNull.inf + ArmCcaLib|ArmVirtPkg/Library/ArmCcaLibNull/ArmCcaLibNull.inf + [LibraryClasses.common.SEC] PcdLib|MdePkg/Library/BasePcdLibNull/BasePcdLibNull.inf BaseMemoryLib|MdePkg/Library/BaseMemoryLib/BaseMemoryLib.inf diff --git a/ArmVirtPkg/Library/ArmCcaLibNull/ArmCcaLibNull.c b/ArmVirtPkg/Library/ArmCcaLibNull/ArmCcaLibNull.c new file mode 100644 index ..e5e645e148d485fc324e060ec27fbc3607fe8aae --- /dev/null +++ b/ArmVirtPkg/Library/ArmCcaLibNull/ArmCcaLibNull.c @@ -0,0 +1,117 @@ +/** @file + Null implemmentation of the ArmCcaLib library. + + Copyright (c) 2022 - 2023, Arm Limited. All rights reserved. + SPDX-License-Identifier: BSD-2-Clause-Patent + + @par Glossary: +- Rsi or RSI - Realm Service Interface +- IPA - Intermediate Physical Address +- RIPAS- Realm IPA state +**/ +#include + +/** + Check if running in a Realm. + +@retval TRUEThe execution is within the context of a Realm. +@retval FALSE The execution is not within the context of a Realm. +**/ +BOOLEAN +EFIAPI +IsRealm ( + VOID + ) +{ + return FALSE; +} + +/** + Configure the protection attribute for the page tables + describing the memory region. + + The IPA space of a Realm is divided into two halves: +- Protected IPA space and +- Unprotected IPA space. + + Software in a Realm should treat the most significant bit of an + IPA as a protection attribute. + + A Protected IPA is an address in the lower half of a Realms IPA + space. The most significant bit of a Protected IPA is 0. + + An Unprotected IPA is an address in the upper half of a Realms + IPA space. The most significant bit of an Unprotected IPA is 1. + + Note: + - Configuring the memory region as Unprotected IPA enables the +Realm to share the memory region with the Host. + - This function updates the page table entries to reflect the +protection attribute. + - A separate call to transition the memory range using the Realm +Service Interface (RSI) RSI_IPA_STATE_SET command is additionally +required and is expected to be done outside this function. + +@param [in] BaseAddress Base address of the memory region. +@param [in] Length Length of the memory region. +@param [in] IpaWidth IPA width of the Realm. +@param [in] ShareIf TRUE, set the most significant + bit of the IPA to configure the memory + region as Unprotected IPA. + If FALSE, clear the most significant + bit of the IPA to configure the memory + region as Protected IPA. + +@retval RETURN_SUCCESSIPA protection attribute updated. +@retval RETURN_INVALID_PARAMETER A parameter is invalid. +@retval RETURN_UNSUPPORTEDThe request is not initiated in a + Realm. +**/ +RETURN_STATUS +EFIAPI +ArmCcaSetMemoryProtectAttribute ( + IN EFI_PHYSICAL_ADDRESS BaseAddress, + IN UINT64Length, + IN UINT64IpaWidth, + IN BOOLEAN Share + ) +{ + return RETURN_UNSUPPORTED; +} + +/** + Return the IPA width of the Realm. + + The IPA width of the Realm is used to configure the protection attribute + for memory regions, see ArmCcaSetMemoryProtectAttribute(). + + The IPA width of the Realm is present in the Realm config which is read + when the ArmCcaInitPeiLib library hook function ArmCcaInitialize () is + called in the PrePi phase. ArmCcaInitialize () stores the IPA width of + the Realm in a GUID HOB gArmCcaIpaWidthGuid. + + This function searches the GUID HOB gArmCc
[edk2-devel] [PATCH v2 03/45] ArmPkg: Extend number of parameter registers in SMC call
The Realm Service Interface (RSI) commands use registers between X1-X10 as parameters and between X0-X8 as return values for SMC calls. According to the SMCCC Section 2.6 SMC32/HVC32 argument passing When an SMC32/HVC32 call is made from AArch32: - Arguments are passed in registers R1-R7. - Results are returned in R0-R7. When an SMC32/HVC32 call is made from AArch64: - Arguments are passed in registers W1-W7. - Results are returned in W0-W7. According to SMCCC Section 2.7 SMC64/HVC64 argument passing When an SMC64/HVC64 call is made from AArch64: - Arguments are passed in registers X1-X17. - Results are returned in X0-X17. This means SMC calls can take up to 7/17 arguments and return up to 7/17 return values. However, for the current use-case(s): - SMC32/HVC32 calls made from AArch32/AArch64 require up to 7 arguments and 4 return values. - SMC64/HVC64 calls made from AArch64 require up to 10 arguments and 9 return values. Therefore, for SMC32/HVC32 calls made from AArch32/AArch64 there is no update required. However, for AMC64/HVC64 calls made from AArch64, extend the ArmCallSmc () to use registers X1-X11 as parameters and return values for SMC call. Cc: Ard Biesheuvel Cc: Leif Lindholm Signed-off-by: Sami Mujawar --- ArmPkg/Include/Library/ArmSmcLib.h| 50 ++-- ArmPkg/Library/ArmSmcLib/AArch64/ArmSmc.S | 22 ++--- 2 files changed, 62 insertions(+), 10 deletions(-) diff --git a/ArmPkg/Include/Library/ArmSmcLib.h b/ArmPkg/Include/Library/ArmSmcLib.h index beef0175c35ce86aac9e465f9062bf8052b08dfb..e80b74671a6424723323bab95917fb3909771759 100644 --- a/ArmPkg/Include/Library/ArmSmcLib.h +++ b/ArmPkg/Include/Library/ArmSmcLib.h @@ -1,10 +1,13 @@ /** @file * * Copyright (c) 2021, NUVIA Inc. All rights reserved. -* Copyright (c) 2012-2014, ARM Limited. All rights reserved. +* Copyright (c) 2012-2023, Arm Limited. All rights reserved. * * SPDX-License-Identifier: BSD-2-Clause-Patent * +* @par Reference(s): +* - SMC Calling Convention (SMCCC), ARM DEN 0028E, EAC0, 1.4 +* (https://developer.arm.com/documentation/den0028/e/) **/ #ifndef ARM_SMC_LIB_H_ @@ -13,6 +16,18 @@ /** * The size of the SMC arguments are different between AArch64 and AArch32. * The native size is used for the arguments. + * According to the SMCCC Section 2.6 SMC32/HVC32 argument passing + * When an SMC32/HVC32 call is made from AArch32: + * - Arguments are passed in registers R1-R7. + * - Results are returned in R0-R7. + * When an SMC32/HVC32 call is made from AArch64: + * - Arguments are passed in registers W1-W7. + * - Results are returned in W0-W7. + * + * According to SMCCC Section 2.7 SMC64/HVC64 argument passing + * When an SMC64/HVC64 call is made from AArch64: + * - Arguments are passed in registers X1-X17. + * - Results are returned in X0-X17. */ typedef struct { UINTNArg0; @@ -23,13 +38,42 @@ typedef struct { UINTNArg5; UINTNArg6; UINTNArg7; + #ifdef MDE_CPU_AARCH64 + UINTNArg8; + UINTNArg9; + UINTNArg10; + UINTNArg11; + #endif } ARM_SMC_ARGS; /** Trigger an SMC call - SMC calls can take up to 7 arguments and return up to 4 return values. - Therefore, the 4 first fields in the ARM_SMC_ARGS structure are used + According to the SMCCC Section 2.6 SMC32/HVC32 argument passing + When an SMC32/HVC32 call is made from AArch32: + - Arguments are passed in registers R1-R7. + - Results are returned in R0-R7. + When an SMC32/HVC32 call is made from AArch64: + - Arguments are passed in registers W1-W7. + - Results are returned in W0-W7. + + According to SMCCC Section 2.7 SMC64/HVC64 argument passing + When an SMC64/HVC64 call is made from AArch64: + - Arguments are passed in registers X1-X17. + - Results are returned in X0-X17. + + This means SMC calls can take up to 7/17 arguments and return up + to 7/17 return values. + + However, the current use-case: + - For SMC32/HVC32 calls made from AArch32/AArch64 up to 7 arguments +and 4 return values are required. Therefore, limit the maximum +arguments to 7 and return values to 4. + - For AMC64/HVC64 calls made from AArch64 up to 11 arguments and +return values are required. Therefore, limit the maximum arguments +and return values to 11. + + The fields in the ARM_SMC_ARGS structure are used for both input and output values. **/ diff --git a/ArmPkg/Library/ArmSmcLib/AArch64/ArmSmc.S b/ArmPkg/Library/ArmSmcLib/AArch64/ArmSmc.S index 4a8c2a8f59eab3e5b66dda2515d5bbced131af13..299d612dc5e1ebfeaf69a356b400c511905d72fe 100644 --- a/ArmPkg/Library/ArmSmcLib/AArch64/ArmSmc.S +++ b/ArmPkg/Library/ArmSmcLib/AArch64/ArmSmc.S @@ -1,8 +1,11 @@ // -// Copyright (c) 2012-2014, ARM Limited. All rights reserved. +// Copyright (c) 2012-2023, Arm Limited. All rights reserved. // // SPDX-License-Identifier: BSD-2-Clause-Patent // +// @par Reference(s): +// - SMC Calling Convention (SMCCC), ARM DE
[edk2-devel] [PATCH v2 01/45] ArmPkg: Add helper function to detect RME
Add helper function to check if the Realm Management Extension (RME) is implemented by the hardware. Cc: Ard Biesheuvel Cc: Leif Lindholm Signed-off-by: Sami Mujawar --- ArmPkg/Include/Chipset/AArch64.h | 3 ++- ArmPkg/Include/Library/ArmLib.h| 15 ++- ArmPkg/Library/ArmLib/AArch64/AArch64Lib.c | 16 +++- 3 files changed, 31 insertions(+), 3 deletions(-) diff --git a/ArmPkg/Include/Chipset/AArch64.h b/ArmPkg/Include/Chipset/AArch64.h index 5390bf0a2774fb410f33e031cb0367708905c658..33f8df12637b7003b46458ae0680f67ebc3a431a 100644 --- a/ArmPkg/Include/Chipset/AArch64.h +++ b/ArmPkg/Include/Chipset/AArch64.h @@ -1,7 +1,7 @@ /** @file Copyright (c) 2008 - 2009, Apple Inc. All rights reserved. - Copyright (c) 2011 - 2021, Arm Limited. All rights reserved. + Copyright (c) 2011 - 2023, Arm Limited. All rights reserved. SPDX-License-Identifier: BSD-2-Clause-Patent @@ -30,6 +30,7 @@ // ID_AA64PFR0 - AArch64 Processor Feature Register 0 definitions #define AARCH64_PFR0_FP (0xF << 16) #define AARCH64_PFR0_GIC (0xF << 24) +#define AARCH64_PFR0_RME (0xFULL << 52) // ID_AA64DFR0 - AArch64 Debug Feature Register 0 definitions #define AARCH64_DFR0_TRACEVER (0xFULL << 4) diff --git a/ArmPkg/Include/Library/ArmLib.h b/ArmPkg/Include/Library/ArmLib.h index 6aa8a48f07f39255b70406774d2d803dbfc97b0b..ed876d231bbe82a1655e7455d04c92042aab3a94 100644 --- a/ArmPkg/Include/Library/ArmLib.h +++ b/ArmPkg/Include/Library/ArmLib.h @@ -1,7 +1,7 @@ /** @file Copyright (c) 2008 - 2009, Apple Inc. All rights reserved. - Copyright (c) 2011 - 2016, ARM Ltd. All rights reserved. + Copyright (c) 2011 - 2023, Arm Limited. All rights reserved. Copyright (c) 2020 - 2021, NUVIA Inc. All rights reserved. SPDX-License-Identifier: BSD-2-Clause-Patent @@ -824,6 +824,19 @@ ArmHasSecurityExtensions ( VOID ); +#else + +/** Checks if RME is implemented. + + @retval TRUE RME is implemented. + @retval FALSE RME is not implemented. +**/ +BOOLEAN +EFIAPI +ArmHasRme ( + VOID + ); + #endif // MDE_CPU_ARM #endif // ARM_LIB_H_ diff --git a/ArmPkg/Library/ArmLib/AArch64/AArch64Lib.c b/ArmPkg/Library/ArmLib/AArch64/AArch64Lib.c index 87285465871dc100ea0065659959ca845912c549..8952524fb3d56695cce181f852723d8b2a1dc77c 100644 --- a/ArmPkg/Library/ArmLib/AArch64/AArch64Lib.c +++ b/ArmPkg/Library/ArmLib/AArch64/AArch64Lib.c @@ -1,7 +1,7 @@ /** @file Copyright (c) 2008 - 2009, Apple Inc. All rights reserved. - Portions copyright (c) 2011 - 2014, ARM Ltd. All rights reserved. + Portions copyright (c) 2011 - 2023, Arm Limited. All rights reserved. Copyright (c) 2021, NUVIA Inc. All rights reserved. SPDX-License-Identifier: BSD-2-Clause-Patent @@ -150,3 +150,17 @@ ArmHasEte ( // The ID_AA64DFR0_EL1.TraceVer field identifies the presence of FEAT_ETE. return ((ArmReadIdAA64Dfr0 () & AARCH64_DFR0_TRACEVER) != 0); } + +/** Checks if RME is implemented. + + @retval TRUE RME is implemented. + @retval FALSE RME is not implemented. +**/ +BOOLEAN +EFIAPI +ArmHasRme ( + VOID + ) +{ + return ((ArmReadIdAA64Pfr0 () & AARCH64_PFR0_RME) != 0); +} -- 'Guid(CE165669-3EF3-493F-B85D-6190EE5B9759)' -=-=-=-=-=-=-=-=-=-=-=- Groups.io Links: You receive all messages sent to this group. View/Reply Online (#117672): https://edk2.groups.io/g/devel/message/117672 Mute This Topic: https://groups.io/mt/105483410/21656 Group Owner: devel+ow...@edk2.groups.io Unsubscribe: https://edk2.groups.io/g/devel/unsub [arch...@mail-archive.com] -=-=-=-=-=-=-=-=-=-=-=-
[edk2-devel] [PATCH v2 10/45] ArmVirtPkg: Add library for Arm CCA initialisation in PEI
Add ArmCcaInitPeiLib library that performs the Arm CCA specific initialisation in the PEI phase like: - Configuring the system memory as Protected RAM. - Reading the Realm Config and storing the IPA width in a GUID HOB i.e., gArmCcaIpaWidthGuid for subsequent use. - Calling ArmCcaConfigureMmio () to configure the MMIO regions by setting the Unprotected IPA attribute in the page tables. Cc: Ard Biesheuvel Cc: Leif Lindholm Cc: Gerd Hoffmann Signed-off-by: Sami Mujawar --- ArmVirtPkg/ArmVirtPkg.dec| 1 + ArmVirtPkg/Include/Library/ArmCcaInitPeiLib.h| 49 + ArmVirtPkg/Library/ArmCcaInitPeiLib/ArmCcaInitPeiLib.c | 116 ArmVirtPkg/Library/ArmCcaInitPeiLib/ArmCcaInitPeiLib.inf | 39 +++ 4 files changed, 205 insertions(+) diff --git a/ArmVirtPkg/ArmVirtPkg.dec b/ArmVirtPkg/ArmVirtPkg.dec index 0f95fd43bd189eda713aeccc6c73019e0f815169..23179c89704db789ab649de81873924c3958ab2a 100644 --- a/ArmVirtPkg/ArmVirtPkg.dec +++ b/ArmVirtPkg/ArmVirtPkg.dec @@ -26,6 +26,7 @@ [Includes.common] Include# Root include for the package [LibraryClasses] + ArmCcaInitPeiLib|Include/Library/ArmCcaInitPeiLib.h ArmCcaRsiLib|Include/Library/ArmCcaRsiLib.h ArmVirtMemInfoLib|Include/Library/ArmVirtMemInfoLib.h diff --git a/ArmVirtPkg/Include/Library/ArmCcaInitPeiLib.h b/ArmVirtPkg/Include/Library/ArmCcaInitPeiLib.h new file mode 100644 index ..439a70a54a218badd4cd4d6c419df58f57271cc2 --- /dev/null +++ b/ArmVirtPkg/Include/Library/ArmCcaInitPeiLib.h @@ -0,0 +1,49 @@ +/** @file + Library that implements the Arm CCA helper functions. + + Copyright (c) 2022 2023, Arm Ltd. All rights reserved. + SPDX-License-Identifier: BSD-2-Clause-Patent + +- Rsi or RSI - Realm Service Interface +- IPA - Intermediate Physical Address +- RIPAS- Realm IPA state +**/ + +#ifndef ARM_CCA_INIT_PEI_LIB_ +#define ARM_CCA_INIT_PEI_LIB_ + +#include + +/** + Configure the System Memory region as Protected RAM. + + When a VMM creates a Realm, a small amount of DRAM (which contains the + firmware image) and the initial content is configured as Protected RAM. + The remaining System Memory is in the Protected Empty state. The firmware + must then initialise the remaining System Memory as Protected RAM before + it can be accessed. + + @retval RETURN_SUCCESSSuccess. + @retval RETURN_INVALID_PARAMETER A parameter is invalid. + @retval RETURN_UNSUPPORTEDThe execution context is not in a Realm. +**/ +RETURN_STATUS +EFIAPI +ArmCcaConfigureSystemMemory ( + VOID + ); + +/** + Perform Arm CCA specific initialisations. + + @retval RETURN_SUCCESS Success or execution context is not a Realm. + @retval RETURN_OUT_OF_RESOURCES Out of resources. + @retval RETURN_INVALID_PARAMETER A parameter is invalid. +**/ +RETURN_STATUS +EFIAPI +ArmCcaInitialize ( + VOID + ); + +#endif // ARM_CCA_LIB_ diff --git a/ArmVirtPkg/Library/ArmCcaInitPeiLib/ArmCcaInitPeiLib.c b/ArmVirtPkg/Library/ArmCcaInitPeiLib/ArmCcaInitPeiLib.c new file mode 100644 index ..2b2801cc5426994efc15c970fd6b0adf43bd7d36 --- /dev/null +++ b/ArmVirtPkg/Library/ArmCcaInitPeiLib/ArmCcaInitPeiLib.c @@ -0,0 +1,116 @@ +/** @file + Library that implements the Arm CCA initialisation in PEI phase. + + Copyright (c) 2022 2023, Arm Limited. All rights reserved. + SPDX-License-Identifier: BSD-2-Clause-Patent + + @par Glossary: +- Rsi or RSI - Realm Service Interface +- IPA - Intermediate Physical Address +- RIPAS- Realm IPA state +**/ +#include + +#include +#include +#include +#include +#include +#include +#include +#include +#include +#include + +/** + Configure the System Memory region as Protected RAM. + + When a VMM creates a Realm, a small amount of DRAM (which contains the + firmware image) and the initial content is configured as Protected RAM. + The remaining System Memory is in the Protected Empty state. The firmware + must then initialise the remaining System Memory as Protected RAM before + it can be accessed. + + @retval RETURN_SUCCESSSuccess. + @retval RETURN_INVALID_PARAMETER A parameter is invalid. + @retval RETURN_UNSUPPORTEDThe execution context is not in a Realm. +**/ +RETURN_STATUS +EFIAPI +ArmCcaConfigureSystemMemory ( + VOID + ) +{ + RETURN_STATUS Status; + + if (!IsRealm ()) { +return RETURN_UNSUPPORTED; + } + + Status = RsiSetIpaState ( + (UINT64 *)PcdGet64 (PcdSystemMemoryBase), + PcdGet64 (PcdSystemMemorySize), + RipasRam + ); + if (RETURN_ERROR (Status)) { +// Panic +CpuDeadLoop (); + } + + return Status; +} + +/** + Perform Arm CCA specific initialisations. + + @retval RETURN_SUCCESS Success or execution context is not a Realm. + @retv
[edk2-devel] [PATCH v2 02/45] ArmPkg: Introduce SetMemoryProtectionAttribute() for Realms
Arm CCA requires the software in a Realm to treat the most significant bit of an IPA as a protection attribute. To enable/disable sharing of memory regions with the host, the protection attribute needs to be set/cleared accordingly. Therefore, introduce SetMemoryProtectionAttribute() so that the memory regions can be shared/unshared with the host. Cc: Ard Biesheuvel Cc: Leif Lindholm Signed-off-by: Sami Mujawar --- ArmPkg/Include/Library/ArmMmuLib.h | 55 ArmPkg/Library/ArmMmuLib/AArch64/ArmMmuLibCore.c | 90 2 files changed, 145 insertions(+) diff --git a/ArmPkg/Include/Library/ArmMmuLib.h b/ArmPkg/Include/Library/ArmMmuLib.h index 2ce948e8db1d34e5ba0228de3dc347e186f31c11..1cea71ee6e88d351a3c57c4b97fe229305bfc1af 100644 --- a/ArmPkg/Include/Library/ArmMmuLib.h +++ b/ArmPkg/Include/Library/ArmMmuLib.h @@ -71,4 +71,59 @@ ArmSetMemoryAttributes ( IN UINT64AttributeMask ); +#ifdef MDE_CPU_AARCH64 + +/** + Configure the protection attribute for the page tables + describing the memory region. + + The IPA space of a Realm is divided into two halves: +- Protected IPA space and +- Unprotected IPA space. + + Software in a Realm should treat the most significant bit of an + IPA as a protection attribute. + + A Protected IPA is an address in the lower half of a Realms IPA + space. The most significant bit of a Protected IPA is 0. + + An Unprotected IPA is an address in the upper half of a Realms + IPA space. The most significant bit of an Unprotected IPA is 1. + + Note: + - Configuring the memory region as Unprotected IPA enables the +Realm to share the memory region with the Host. + - This function updates the page table entries to reflect the +protection attribute. + - A separate call to transition the memory range using the Realm +Service Interface (RSI) RSI_IPA_STATE_SET command is additionally +required and is expected to be done outside this function. + - The caller must ensure that this function call is invoked by code +executing within the Realm. + +@param [in] BaseAddress Base address of the memory region. +@param [in] Length Length of the memory region. +@param [in] IpaWidth IPA width of the Realm. +@param [in] ShareIf TRUE, set the most significant + bit of the IPA to configure the memory + region as Unprotected IPA. + If FALSE, clear the most significant + bit of the IPA to configure the memory + region as Protected IPA. + +@retval EFI_SUCCESSIPA protection attribute updated. +@retval EFI_INVALID_PARAMETER A parameter is invalid. +@retval EFI_UNSUPPORTEDRME is not supported. +**/ +EFI_STATUS +EFIAPI +SetMemoryProtectionAttribute ( + IN EFI_PHYSICAL_ADDRESS BaseAddress, + IN UINT64Length, + IN UINT64IpaWidth, + IN BOOLEAN Share + ); + +#endif + #endif // ARM_MMU_LIB_H_ diff --git a/ArmPkg/Library/ArmMmuLib/AArch64/ArmMmuLibCore.c b/ArmPkg/Library/ArmMmuLib/AArch64/ArmMmuLibCore.c index 9d9c623581fe0010e35cb33c0c8ef4061720a6f7..25d32cceb61e1f0fd62d878202cf8ead05cfd9e2 100644 --- a/ArmPkg/Library/ArmMmuLib/AArch64/ArmMmuLibCore.c +++ b/ArmPkg/Library/ArmMmuLib/AArch64/ArmMmuLibCore.c @@ -7,6 +7,10 @@ * * SPDX-License-Identifier: BSD-2-Clause-Patent * +* @par Glossary: +*- Rsi or RSI - Realm Service Interface +*- IPA - Intermediate Physical Address +*- RIPAS- Realm IPA state **/ #include @@ -749,3 +753,89 @@ ArmMmuBaseLibConstructor ( return RETURN_SUCCESS; } + +/** + Configure the protection attribute for the page tables + describing the memory region. + + The IPA space of a Realm is divided into two halves: +- Protected IPA space and +- Unprotected IPA space. + + Software in a Realm should treat the most significant bit of an + IPA as a protection attribute. + + A Protected IPA is an address in the lower half of a Realms IPA + space. The most significant bit of a Protected IPA is 0. + + An Unprotected IPA is an address in the upper half of a Realms + IPA space. The most significant bit of an Unprotected IPA is 1. + + Note: + - Configuring the memory region as Unprotected IPA enables the +Realm to share the memory region with the Host. + - This function updates the page table entries to reflect the +protection attribute. + - A separate call to transition the memory range using the Realm +Service Interface (RSI) RSI_IPA_STATE_SET command is additionally +required and is expected to be done outside this function. + - The caller must ensure that this function call is invoked by code +executing within the Realm. + +@param [in] BaseAddress Base address of the memory region. +@param [in] Length Length of the memory r
Re: [edk2-devel] ACPI table generators and ConfigurationManagerProtocol
Hi, > > And tell which of platforms is a good example of using those? > > Juno, FVP, Morello, N1SDP, one NXP platform and ArmVirt use them. Probably > the last one would be best to look at but who knows... Probably not ArmVirt. At least not the qemu variant, maybe the kvmtool version. On qemu the usual workflow is that qemu generates the acpi tables, matching the virtual machine configuration, and the firmware just downloads and installs them. > > From first look it seems like using ACPI table generators may allow to > > simplify code by not creating tables by hand (or in ASL). I would > > like to do some changes around SBSA Reference Platform without rewriting > > ASL into C again. > > In meantime I rewrote some ASL into C. Again. Now need a way to generate > DSDT for PCIe buses. Can write something in C again. But do I really need > to? Is there a non-qemu implementation of the SBSA Reference Platform? If not it might be easiest to offload acpi table generation to qemu. If the acpi tables are not changing you might have a look at OvmfPkg/Bhyve/AcpiTables instead of going for DynamicTablesPkg. take care, Gerd -=-=-=-=-=-=-=-=-=-=-=- Groups.io Links: You receive all messages sent to this group. View/Reply Online (#117668): https://edk2.groups.io/g/devel/message/117668 Mute This Topic: https://groups.io/mt/105481311/21656 Group Owner: devel+ow...@edk2.groups.io Unsubscribe: https://edk2.groups.io/g/devel/unsub [arch...@mail-archive.com] -=-=-=-=-=-=-=-=-=-=-=-
Re: [edk2-devel] [PATCH v3 00/24] Provide SEV-SNP support for running under an SVSM
Re-pinging the list/maintainers, again. I need reviews from the maintainers on patches #2, #7, #10, #11 and #13. Once I get final approval, I'll submit the change to edk2-platforms for the new library as a reply to this series for a quick review. Thanks, Tom On 4/2/24 13:16, Lendacky, Thomas via groups.io wrote: Re-pinging the list/maintainers. Still awaiting feedback/reviews/acks on the changes. Thanks, Tom On 3/26/24 13:34, Tom Lendacky wrote: Any issues with this version of the series? Still looking for Reviewed-by's for the MdePkg, UefiCpuPkg and UefiPayloadPkg related patches. Once I get those, I'll submit the edk2-platform patches to support the new library as a response to these patches for a quick review. Thanks, Tom On 3/8/24 09:29, Tom Lendacky wrote: BZ: https://bugzilla.tianocore.org/show_bug.cgi?id=4654 This series adds SEV-SNP support for running OVMF under an Secure VM Service Module (SVSM) at a less privileged VM Privilege Level (VMPL). By running at a less priviledged VMPL, the SVSM can be used to provide services, e.g. a virtual TPM, for the guest OS within the SEV-SNP confidential VM (CVM) rather than trust such services from the hypervisor. Currently, OVMF expects to run at the highest VMPL, VMPL0, and there are certain SNP related operations that require that VMPL level. Specifically, the PVALIDATE instruction and the RMPADJUST instruction when setting the the VMSA attribute of a page (used when starting APs). If OVMF is to run at a less privileged VMPL, e.g. VMPL2, then it must use an SVSM (which is running at VMPL0) to perform the operations that it is no longer able to perform. When running under an SVSM, OVMF must know the APIC IDs of the vCPUs that it will be starting. As a result, the GHCB APIC ID retrieval action must be performed. Since this service can also work with SEV-SNP running at VMPL0, the patches to make use of this feature are near the beginning of the series. How OVMF interacts with and uses the SVSM is documented in the SVSM specification [1] and the GHCB specification [2]. This support creates a new AmdSvsmLib library that is used by MpInitLib. The edk2-platforms repo requires updates/patches to add the new library requirement. To accomodate that, this series could be split between: patch number 12: UefiCpuPkg/AmdSvsmLib: Create the AmdSvsmLib library to support an SVSM and patch number 13: UefiPayloadPkg: Prepare UefiPayloadPkg to use the AmdSvsmLib library The updates to edk2-platforms can be applied at the split. This series introduces support to run OVMF under an SVSM. It consists of: - Retrieving the list of vCPU APIC IDs and starting up all APs without performing a broadcast SIPI - Reorganizing the page state change support to not directly use the GHCB buffer since an SVSM will use the calling area buffer, instead - Detecting the presence of an SVSM - When not running at VMPL0, invoking the SVSM for page validation and VMSA page creation/deletion - Detecting and allowing OVMF to run in a VMPL other than 0 when an SVSM is present The series is based off of commit: e60529df58e4 ("UefiPayloadPkg: Make Dsc accomodative of other archs") [1] https://www.amd.com/content/dam/amd/en/documents/epyc-technical-docs/specifications/58019.pdf [2] https://www.amd.com/content/dam/amd/en/documents/epyc-technical-docs/specifications/56421.pdf Cc: Anatol Belski Cc: Anthony Perard Cc: Ard Biesheuvel Cc: Corvin Köhne Cc: Erdem Aktas Cc: Gerd Hoffmann Cc: Gua Guo Cc: Guo Dong Cc: James Lu Cc: Jianyong Wu Cc: Jiewen Yao Cc: Laszlo Ersek Cc: Liming Gao Cc: Michael D Kinney Cc: Michael Roth Cc: Min Xu Cc: Rahul Kumar Cc: Ray Ni Cc: Rebecca Cran Cc: Sean Rhodes Cc: Zhiguang Liu --- Changes in v3: - Renamed CcSvsmLib to a more AMD-specific AmdSvsmLib with corresponding function name changes - Moved the GHCB APIC ID list GUID definition from MdePkg to UefiCpuPkg and change the name from gEfiApicIdsGuid to gGhcbApicIdsGuid - Separated the OvmfPkg changes for the AmdSvsmLib into two patches: - First patch adds usage of the AmdSvsmLib NULL library - Second patch adds the OVMF AmdSvsmLib implementation - Updated the commit message for the OVMF AmdSvsmLib implementation to indicate that the base functionality for PVALIDATE and RMPADJUST was copied from the original locations in prep for converting those sites to using the library API. Changes in v2: - Move the APIC IDs retrieval support to the beginning of the patch series - Use a GUIDed HOB to hold the APIC ID list instead of a PCD - Split up Page State Change reorganization into multiple patches - Created CcSvsmLib library instead of extending CcExitLib - This will require a corresponding update to edk2-platform DSC files - Removed Ray Ni's Acked-by since it is not a minor change - Variable name changes and other misc changes Tom Lendacky (24): OvmfPkg/BaseMemEncryptLib: Fix error check from AsmRm
Re: [edk2-devel] ACPI table generators and ConfigurationManagerProtocol
W dniu 8.10.2023 o 19:25, Marcin Juszkiewicz via groups.io pisze: I hate replying to myself after half a year of not seeing any answer. So added some people from repo to Cc: Can someone point me to documentation on how to use ACPI table generators and ConfigurationManagerProtocol? https://github.com/tianocore/edk2/blob/master/DynamicTablesPkg/Readme.md tells the story and points to presentation from 2018 with some pictures in it. Looks like the only documentation is the code itself. Is checkout of some old tree and looking change by change how it was done on some platform the easiest way to find out how to use it? And tell which of platforms is a good example of using those? Juno, FVP, Morello, N1SDP, one NXP platform and ArmVirt use them. Probably the last one would be best to look at but who knows... From first look it seems like using ACPI table generators may allow to simplify code by not creating tables by hand (or in ASL). I would like to do some changes around SBSA Reference Platform without rewriting ASL into C again. In meantime I rewrote some ASL into C. Again. Now need a way to generate DSDT for PCIe buses. Can write something in C again. But do I really need to? I am aware that moving platform to use configuration manager may require even more work. The more I look at */ConfigurationManager.[ch] the more I do not like the amount of static structures there. All those EDKII_PLATFORM_REPOSITORY_INFO covering 1000 lines looks like "how the hell I will find what to change in other piece of code". Any doc pointers? Recommendations (other than "change your job")? -=-=-=-=-=-=-=-=-=-=-=- Groups.io Links: You receive all messages sent to this group. View/Reply Online (#117666): https://edk2.groups.io/g/devel/message/117666 Mute This Topic: https://groups.io/mt/105481311/21656 Group Owner: devel+ow...@edk2.groups.io Unsubscribe: https://edk2.groups.io/g/devel/unsub [arch...@mail-archive.com] -=-=-=-=-=-=-=-=-=-=-=-
Re: [edk2-devel] [PATCH] EmbeddedPkg/VirtualRealTimeClockLib: Support SOURCE_DATE_EPOCH
Hi experts, On Fri, Apr 12, 2024 at 03:25:56PM +0800, Lee, Chun-Yi wrote: > From: Chun-Yi Lee > > RISC-V ovmf used VirtualRealTimeClockLib but the default epoch is a > compilation time. It causes that the RISC-V ovmf binary image is NOT > reproducible. > > This patch added the support of SOURCE_DATE_EPOCH by printenv command. > If SOURCE_DATE_EPOCH be found then we use it as BUILD_EPOCH. Otherwise > we run date command for setting BUILD_EPOCH. > > For distributions want a reproducible RISC-V ovmf image, they should > export SOURCE_DATE_EPOCH environment variable before building ovmf. > > References: https://reproducible-builds.org/docs/source-date-epoch/ > Cc: Pete Batard > Cc: Ard Biesheuvel > Signed-off-by: Chun-Yi Lee I have filed pull request: https://github.com/tianocore/edk2/pull/5550 Thanks! Joey Lee > --- > .../Library/VirtualRealTimeClockLib/VirtualRealTimeClockLib.inf | 2 +- > 1 file changed, 1 insertion(+), 1 deletion(-) > > diff --git > a/EmbeddedPkg/Library/VirtualRealTimeClockLib/VirtualRealTimeClockLib.inf > b/EmbeddedPkg/Library/VirtualRealTimeClockLib/VirtualRealTimeClockLib.inf > index 5d0f867..285e880 100644 > --- a/EmbeddedPkg/Library/VirtualRealTimeClockLib/VirtualRealTimeClockLib.inf > +++ b/EmbeddedPkg/Library/VirtualRealTimeClockLib/VirtualRealTimeClockLib.inf > @@ -34,4 +34,4 @@ > > # Current usage of this library expects GCC in a UNIX-like shell environment > with the date command > [BuildOptions] > - GCC:*_*_*_CC_FLAGS = -DBUILD_EPOCH=`date +%s` > + GCC:*_*_*_CC_FLAGS = -DBUILD_EPOCH=`printenv SOURCE_DATE_EPOCH || date +%s` > -- > 2.35.3 -=-=-=-=-=-=-=-=-=-=-=- Groups.io Links: You receive all messages sent to this group. View/Reply Online (#117665): https://edk2.groups.io/g/devel/message/117665 Mute This Topic: https://groups.io/mt/105479031/21656 Group Owner: devel+ow...@edk2.groups.io Unsubscribe: https://edk2.groups.io/g/devel/unsub [arch...@mail-archive.com] -=-=-=-=-=-=-=-=-=-=-=-
[edk2-devel] [PATCH] EmbeddedPkg/VirtualRealTimeClockLib: Support SOURCE_DATE_EPOCH
From: Chun-Yi Lee RISC-V ovmf used VirtualRealTimeClockLib but the default epoch is a compilation time. It causes that the RISC-V ovmf binary image is NOT reproducible. This patch added the support of SOURCE_DATE_EPOCH by printenv command. If SOURCE_DATE_EPOCH be found then we use it as BUILD_EPOCH. Otherwise we run date command for setting BUILD_EPOCH. For distributions want a reproducible RISC-V ovmf image, they should export SOURCE_DATE_EPOCH environment variable before building ovmf. References: https://reproducible-builds.org/docs/source-date-epoch/ Cc: Pete Batard Cc: Ard Biesheuvel Signed-off-by: Chun-Yi Lee --- .../Library/VirtualRealTimeClockLib/VirtualRealTimeClockLib.inf | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/EmbeddedPkg/Library/VirtualRealTimeClockLib/VirtualRealTimeClockLib.inf b/EmbeddedPkg/Library/VirtualRealTimeClockLib/VirtualRealTimeClockLib.inf index 5d0f867..285e880 100644 --- a/EmbeddedPkg/Library/VirtualRealTimeClockLib/VirtualRealTimeClockLib.inf +++ b/EmbeddedPkg/Library/VirtualRealTimeClockLib/VirtualRealTimeClockLib.inf @@ -34,4 +34,4 @@ # Current usage of this library expects GCC in a UNIX-like shell environment with the date command [BuildOptions] - GCC:*_*_*_CC_FLAGS = -DBUILD_EPOCH=`date +%s` + GCC:*_*_*_CC_FLAGS = -DBUILD_EPOCH=`printenv SOURCE_DATE_EPOCH || date +%s` -- 2.35.3 -=-=-=-=-=-=-=-=-=-=-=- Groups.io Links: You receive all messages sent to this group. View/Reply Online (#117664): https://edk2.groups.io/g/devel/message/117664 Mute This Topic: https://groups.io/mt/105479031/21656 Group Owner: devel+ow...@edk2.groups.io Unsubscribe: https://edk2.groups.io/g/devel/unsub [arch...@mail-archive.com] -=-=-=-=-=-=-=-=-=-=-=-
Re: [edk2-devel] [PATCH v1 16/26] OvmfPkg/LoongArchVirt: Add a NULL library named CollectApResouceLibNull
Hi Gerd, Thanks, Chao On 2024/3/15 17:22, Gerd Hoffmann wrote: On Mon, Mar 11, 2024 at 02:39:02AM -0700, Chao Li wrote: This Library is used to collect APs resources, but is currently NULL for OvmfPkg, because it is not used by the LoongArch virtual machine. What is the point of having this library then? This NULL library will be filled in the future. +#include +#include +#include +#include +#include +#include "../../../UefiCpuPkg/Library/MpInitLib/LoongArch64/MpLib.h" Including private header files of other libraries looks questionable. OK, it will be removed next time. take care, Gerd -=-=-=-=-=-=-=-=-=-=-=- Groups.io Links: You receive all messages sent to this group. View/Reply Online (#117663): https://edk2.groups.io/g/devel/message/117663 Mute This Topic: https://groups.io/mt/104859891/21656 Group Owner: devel+ow...@edk2.groups.io Unsubscribe: https://edk2.groups.io/g/devel/unsub [arch...@mail-archive.com] -=-=-=-=-=-=-=-=-=-=-=-
[edk2-devel] [PATCH v4 1/1] SecurityPkg/OpalPasswordDxe: Force reparsing IFR binary when RETRIEVE
REF: https://bugzilla.tianocore.org/show_bug.cgi?id=4735 When change callback action from FORM_OPEN to RETRIEVE, it is observed that NVNE disks will not be displayed when the user enters the formset at the first time. Revisit the formset can see the update. 1. Add HiiUpdateForm() to force reparsing the IFR binary when RETRIEVE. 2. Create dummy label with suppressif statement in VFR for form update usage. Cc: Jiewen Yao Cc: Rahul Kumar Cc: Dandan Bi Cc: Ming Tan Cc: Arthur Chen Cc: Xiao X Chen Cc: Tina Chen Signed-off-by: CindyX Kuo --- .../Tcg/Opal/OpalPassword/OpalDriver.h| 1 + SecurityPkg/Tcg/Opal/OpalPassword/OpalHii.c | 82 --- .../Tcg/Opal/OpalPassword/OpalHiiFormValues.h | 6 ++ .../Tcg/Opal/OpalPassword/OpalPasswordDxe.inf | 1 + .../Opal/OpalPassword/OpalPasswordForm.vfr| 8 +- 5 files changed, 86 insertions(+), 12 deletions(-) diff --git a/SecurityPkg/Tcg/Opal/OpalPassword/OpalDriver.h b/SecurityPkg/Tcg/Opal/OpalPassword/OpalDriver.h index 2089bd81b6..1a4671c602 100644 --- a/SecurityPkg/Tcg/Opal/OpalPassword/OpalDriver.h +++ b/SecurityPkg/Tcg/Opal/OpalPassword/OpalDriver.h @@ -23,6 +23,7 @@ SPDX-License-Identifier: BSD-2-Clause-Patent #include #include +#include #include #include diff --git a/SecurityPkg/Tcg/Opal/OpalPassword/OpalHii.c b/SecurityPkg/Tcg/Opal/OpalPassword/OpalHii.c index 56ada1a9f3..47af4fee40 100644 --- a/SecurityPkg/Tcg/Opal/OpalPassword/OpalHii.c +++ b/SecurityPkg/Tcg/Opal/OpalPassword/OpalHii.c @@ -40,6 +40,7 @@ EFI_HII_HANDLE gHiiPackageListHandle = NULL; // const EFI_GUID gHiiPackageListGuid = PACKAGE_LIST_GUID; const EFI_GUID gHiiSetupVariableGuid = SETUP_VARIABLE_GUID; +const EFI_GUID gOpalSetupFormSetGuid = SETUP_FORMSET_GUID; // // Structure that contains state of the HII @@ -611,10 +612,15 @@ DriverCallback ( EFI_BROWSER_ACTION_REQUEST*ActionRequest ) { - HII_KEYHiiKey; - UINT8 HiiKeyId; - UINT32 PpRequest; - OPAL_DISK *OpalDisk; + HII_KEY HiiKey; + UINT8 HiiKeyId; + UINT32 PpRequest; + OPAL_DISK *OpalDisk; + EFI_STATUS Status; + VOID*StartOpCodeHandle; + VOID*EndOpCodeHandle; + EFI_IFR_GUID_LABEL *StartLabel; + EFI_IFR_GUID_LABEL *EndLabel; if (ActionRequest != NULL) { *ActionRequest = EFI_BROWSER_ACTION_REQUEST_NONE; @@ -633,14 +639,68 @@ DriverCallback ( HiiKeyId = (UINT8)HiiKey.KeyBits.Id; if (Action == EFI_BROWSER_ACTION_RETRIEVE) { -switch (HiiKeyId) { - case HII_KEY_ID_VAR_SUPPORTED_DISKS: -DEBUG ((DEBUG_INFO, "HII_KEY_ID_VAR_SUPPORTED_DISKS\n")); -return HiiPopulateMainMenuForm (); +if ((HiiKeyId == HII_KEY_ID_VAR_SUPPORTED_DISKS) || (HiiKeyId == HII_KEY_ID_VAR_SELECTED_DISK_AVAILABLE_ACTIONS)) { + // + // Allocate space for creation of UpdateData Buffer + // + StartOpCodeHandle = HiiAllocateOpCodeHandle (); + if (StartOpCodeHandle == NULL) { +return EFI_OUT_OF_RESOURCES; + } + + EndOpCodeHandle = HiiAllocateOpCodeHandle (); + if (EndOpCodeHandle == NULL) { +return EFI_OUT_OF_RESOURCES; + } + + // + // Create Hii Extend Label OpCode as the start opcode + // + StartLabel = (EFI_IFR_GUID_LABEL *)HiiCreateGuidOpCode (StartOpCodeHandle, &gEfiIfrTianoGuid, NULL, sizeof (EFI_IFR_GUID_LABEL)); + StartLabel->ExtendOpCode = EFI_IFR_EXTEND_OP_LABEL; + + // + // Create Hii Extend Label OpCode as the end opcode + // + EndLabel = (EFI_IFR_GUID_LABEL *)HiiCreateGuidOpCode (EndOpCodeHandle, &gEfiIfrTianoGuid, NULL, sizeof (EFI_IFR_GUID_LABEL)); + EndLabel->ExtendOpCode = EFI_IFR_EXTEND_OP_LABEL; + + switch (HiiKeyId) { +case HII_KEY_ID_VAR_SUPPORTED_DISKS: + DEBUG ((DEBUG_INFO, "HII_KEY_ID_VAR_SUPPORTED_DISKS\n")); + Status = HiiPopulateMainMenuForm (); + + StartLabel->Number = OPAL_MAIN_MENU_LABEL_START; + EndLabel->Number = OPAL_MAIN_MENU_LABEL_END; + HiiUpdateForm ( +gHiiPackageListHandle, +(EFI_GUID *)&gOpalSetupFormSetGuid, +FORMID_VALUE_MAIN_MENU, +StartOpCodeHandle, +EndOpCodeHandle +); + break; + +case HII_KEY_ID_VAR_SELECTED_DISK_AVAILABLE_ACTIONS: + DEBUG ((DEBUG_INFO, "HII_KEY_ID_VAR_SELECTED_DISK_AVAILABLE_ACTIONS\n")); + Status = HiiPopulateDiskInfoForm (); + + StartLabel->Number = OPAL_DISK_INFO_LABEL_START; + EndLabel->Number = OPAL_DISK_INFO_LABEL_END; + HiiUpdateForm ( +gHiiPackageListHandle, +(EFI_GUID *)&gOpalSetupFormSetGuid, +FORMID_VALUE_DISK_INFO_FORM_MAIN, +StartOpCodeHandle, +EndOpCodeHandle +); + break; + } + + HiiFreeOpCodeHandle (StartOpCodeHandle); + HiiFreeOpCodeH
[edk2-devel] [PATCH v4 0/1] SecurityPkg/OpalPasswordDxe: Update UI according to UEFI spec
REF: https://bugzilla.tianocore.org/show_bug.cgi?id=4735 Should not call HiiGetBrowserData() and HiiSetBrowserData() in FORM_OPEN call back function. Those APIs are called within OpalHiiSetBrowserData/OpalHiiGetBrowserData which have been used by OpalHii.c. Change callback action from FORM_OPEN to RETRIEVE. Cc: Jiewen Yao Cc: Rahul Kumar Cc: Dandan Bi Cc: Ming Tan Cc: Arthur Chen Cc: Xiao X Chen Cc: Tina Chen Signed-off-by: CindyX Kuo --- SecurityPkg/Tcg/Opal/OpalPassword/OpalHii.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/SecurityPkg/Tcg/Opal/OpalPassword/OpalHii.c b/SecurityPkg/Tcg/Opal/OpalPassword/OpalHii.c index 8035f44ebe..56ada1a9f3 100644 --- a/SecurityPkg/Tcg/Opal/OpalPassword/OpalHii.c +++ b/SecurityPkg/Tcg/Opal/OpalPassword/OpalHii.c @@ -632,7 +632,7 @@ DriverCallback ( HiiKey.Raw = QuestionId; HiiKeyId = (UINT8)HiiKey.KeyBits.Id; - if (Action == EFI_BROWSER_ACTION_FORM_OPEN) { + if (Action == EFI_BROWSER_ACTION_RETRIEVE) { switch (HiiKeyId) { case HII_KEY_ID_VAR_SUPPORTED_DISKS: DEBUG ((DEBUG_INFO, "HII_KEY_ID_VAR_SUPPORTED_DISKS\n")); -- 2.44.0.windows.1 -=-=-=-=-=-=-=-=-=-=-=- Groups.io Links: You receive all messages sent to this group. View/Reply Online (#117661): https://edk2.groups.io/g/devel/message/117661 Mute This Topic: https://groups.io/mt/105478921/21656 Group Owner: devel+ow...@edk2.groups.io Unsubscribe: https://edk2.groups.io/g/devel/unsub [arch...@mail-archive.com] -=-=-=-=-=-=-=-=-=-=-=-
[edk2-devel] [PATCH v3 13/13] UefiCpuPkg/UefiCpuPkg.dsc: Add CpuMmio2Dxe.inf to LoongArch64 field
LoongArch64 requires CpuMmio2Dxe, add it into LoongArch64 field. Cc: Ray Ni Cc: Rahul Kumar Cc: Gerd Hoffmann Signed-off-by: Chao Li --- UefiCpuPkg/UefiCpuPkg.dsc | 1 + 1 file changed, 1 insertion(+) diff --git a/UefiCpuPkg/UefiCpuPkg.dsc b/UefiCpuPkg/UefiCpuPkg.dsc index e92ceb6466..1af5a0c525 100644 --- a/UefiCpuPkg/UefiCpuPkg.dsc +++ b/UefiCpuPkg/UefiCpuPkg.dsc @@ -213,6 +213,7 @@ [Components.RISCV64] [Components.LOONGARCH64] UefiCpuPkg/Library/CpuMmuLib/CpuMmuLib.inf + UefiCpuPkg/CpuMmio2Dxe/CpuMmio2Dxe.inf [BuildOptions] *_*_*_CC_FLAGS = -D DISABLE_NEW_DEPRECATED_INTERFACES -- 2.27.0 -=-=-=-=-=-=-=-=-=-=-=- Groups.io Links: You receive all messages sent to this group. View/Reply Online (#117660): https://edk2.groups.io/g/devel/message/117660 Mute This Topic: https://groups.io/mt/105478504/21656 Group Owner: devel+ow...@edk2.groups.io Unsubscribe: https://edk2.groups.io/g/devel/unsub [arch...@mail-archive.com] -=-=-=-=-=-=-=-=-=-=-=-
[edk2-devel] [PATCH v3 12/13] UefiCpuPkg: Add CpuDxe driver for LoongArch64
Added LoongArch64 CPU driver into CpuDxe. BZ: https://bugzilla.tianocore.org/show_bug.cgi?id=4734 Cc: Ray Ni Cc: Rahul Kumar Cc: Gerd Hoffmann Signed-off-by: Chao Li Co-authored-by: Baoqi Zhang Co-authored-by: Dongyan Qian Acked-by: Gerd Hoffmann --- UefiCpuPkg/CpuDxe/CpuDxe.inf | 25 +- UefiCpuPkg/CpuDxe/LoongArch64/CpuDxe.c| 439 + UefiCpuPkg/CpuDxe/LoongArch64/CpuDxe.h| 288 UefiCpuPkg/CpuDxe/LoongArch64/CpuMp.c | 544 ++ UefiCpuPkg/CpuDxe/LoongArch64/Exception.c | 159 +++ 5 files changed, 1451 insertions(+), 4 deletions(-) create mode 100644 UefiCpuPkg/CpuDxe/LoongArch64/CpuDxe.c create mode 100644 UefiCpuPkg/CpuDxe/LoongArch64/CpuDxe.h create mode 100644 UefiCpuPkg/CpuDxe/LoongArch64/CpuMp.c create mode 100644 UefiCpuPkg/CpuDxe/LoongArch64/Exception.c diff --git a/UefiCpuPkg/CpuDxe/CpuDxe.inf b/UefiCpuPkg/CpuDxe/CpuDxe.inf index 9e1c673283..fca74c44b3 100644 --- a/UefiCpuPkg/CpuDxe/CpuDxe.inf +++ b/UefiCpuPkg/CpuDxe/CpuDxe.inf @@ -3,6 +3,7 @@ # # Copyright (c) 2008 - 2019, Intel Corporation. All rights reserved. # Copyright (c) 2017, AMD Incorporated. All rights reserved. +# Copyright (c) 2024, Loongson Technology Corporation Limited. All rights reserved. # # SPDX-License-Identifier: BSD-2-Clause-Patent # @@ -22,7 +23,7 @@ [Packages] MdeModulePkg/MdeModulePkg.dec UefiCpuPkg/UefiCpuPkg.dec -[LibraryClasses] +[LibraryClasses.common] BaseLib BaseMemoryLib CpuExceptionHandlerLib @@ -30,9 +31,7 @@ [LibraryClasses] DebugLib DxeServicesTableLib HobLib - LocalApicLib MemoryAllocationLib - MtrrLib MpInitLib PeCoffGetEntryPointLib ReportStatusCodeLib @@ -41,7 +40,15 @@ [LibraryClasses] UefiDriverEntryPoint UefiLib -[Sources] +[LibraryClasses.IA32, LibraryClasses.X64] + LocalApicLib + MtrrLib + +[LibraryClasses.LoongArch64] + CacheMaintenanceLib + CpuMmuLib + +[Sources.IA32, Sources.X64] CpuDxe.c CpuDxe.h CpuGdt.c @@ -59,6 +66,13 @@ [Sources.X64] X64/CpuAsm.nasm X64/PagingAttribute.c +[Sources.LoongArch64] + CpuMp.h + LoongArch64/CpuDxe.c + LoongArch64/CpuMp.c + LoongArch64/Exception.c + LoongArch64/CpuDxe.h + [Protocols] gEfiCpuArchProtocolGuid ## PRODUCES gEfiMpServiceProtocolGuid ## PRODUCES @@ -81,6 +95,9 @@ [Pcd] gUefiCpuPkgTokenSpaceGuid.PcdCpuStackSwitchExceptionList ## CONSUMES gUefiCpuPkgTokenSpaceGuid.PcdCpuKnownGoodStackSize## CONSUMES +[Pcd.LoongArch64] + gUefiCpuPkgTokenSpaceGuid.PcdLoongArchExceptionVectorBaseAddress ## CONSUMES + [Depex] TRUE diff --git a/UefiCpuPkg/CpuDxe/LoongArch64/CpuDxe.c b/UefiCpuPkg/CpuDxe/LoongArch64/CpuDxe.c new file mode 100644 index 00..24b9d51ee7 --- /dev/null +++ b/UefiCpuPkg/CpuDxe/LoongArch64/CpuDxe.c @@ -0,0 +1,439 @@ +/** @file CpuDxe.c + + CPU DXE Module to produce CPU ARCH Protocol. + + Copyright (c) 2024, Loongson Technology Corporation Limited. All rights reserved. + + SPDX-License-Identifier: BSD-2-Clause-Patent +**/ + +#include "CpuDxe.h" +#include "CpuMp.h" +#include +#include +#include +#include + +UINT64 mTimerPeriod = 0; + +/** + IPI Interrupt Handler. + + @param InterruptTypeThe type of interrupt that occurred + @param SystemContextA pointer to the system context when the interrupt occurred +**/ +VOID +EFIAPI +IpiInterruptHandler ( + IN EFI_EXCEPTION_TYPE InterruptType, + IN EFI_SYSTEM_CONTEXT SystemContext + ); + +// +// Globals used to initialize the protocol +// +EFI_HANDLE mCpuHandle = NULL; +EFI_CPU_ARCH_PROTOCOL gCpu = { + CpuFlushCpuDataCache, + CpuEnableInterrupt, + CpuDisableInterrupt, + CpuGetInterruptState, + CpuInit, + CpuRegisterInterruptHandler, + CpuGetTimerValue, + CpuSetMemoryAttributes, + 0, // NumberOfTimers + 4, // DmaBufferAlignment +}; + +/** + This function flushes the range of addresses from Start to Start+Length + from the processor's data cache. If Start is not aligned to a cache line + boundary, then the bytes before Start to the preceding cache line boundary + are also flushed. If Start+Length is not aligned to a cache line boundary, + then the bytes past Start+Length to the end of the next cache line boundary + are also flushed. The FlushType of EfiCpuFlushTypeWriteBackInvalidate must be + supported. If the data cache is fully coherent with all DMA operations, then + this function can just return EFI_SUCCESS. If the processor does not support + flushing a range of the data cache, then the entire data cache can be flushed. + + @param This The EFI_CPU_ARCH_PROTOCOL instance. + @param StartThe beginning physical address to flush from the processor's data + cache. + @param Length The number of bytes to flush from the processor's data cache. This + function may flush
[edk2-devel] [PATCH v3 11/13] UefiCpuPkg: Add multiprocessor library for LoongArch64
Added LoongArch multiprocessor initialization instance into MpInitLib. BZ: https://bugzilla.tianocore.org/show_bug.cgi?id=4734 Cc: Ray Ni Cc: Rahul Kumar Cc: Gerd Hoffmann Signed-off-by: Chao Li Acked-by: Gerd Hoffmann Reviewed-by: Ray Ni --- UefiCpuPkg/Library/MpInitLib/DxeMpInitLib.inf | 23 +- .../Library/MpInitLib/LoongArch64/DxeMpLib.c | 480 + .../Library/MpInitLib/LoongArch64/MpLib.c | 1626 + .../Library/MpInitLib/LoongArch64/MpLib.h | 350 .../Library/MpInitLib/LoongArch64/PeiMpLib.c | 381 UefiCpuPkg/Library/MpInitLib/PeiMpInitLib.inf | 23 +- 6 files changed, 2871 insertions(+), 12 deletions(-) create mode 100644 UefiCpuPkg/Library/MpInitLib/LoongArch64/DxeMpLib.c create mode 100644 UefiCpuPkg/Library/MpInitLib/LoongArch64/MpLib.c create mode 100644 UefiCpuPkg/Library/MpInitLib/LoongArch64/MpLib.h create mode 100644 UefiCpuPkg/Library/MpInitLib/LoongArch64/PeiMpLib.c diff --git a/UefiCpuPkg/Library/MpInitLib/DxeMpInitLib.inf b/UefiCpuPkg/Library/MpInitLib/DxeMpInitLib.inf index 7ef4c0d4db..407f4988b5 100644 --- a/UefiCpuPkg/Library/MpInitLib/DxeMpInitLib.inf +++ b/UefiCpuPkg/Library/MpInitLib/DxeMpInitLib.inf @@ -2,6 +2,7 @@ # MP Initialize Library instance for DXE driver. # # Copyright (c) 2016 - 2023, Intel Corporation. All rights reserved. +# Copyright (c) 2024, Loongson Technology Corporation Limited. All rights reserved. # SPDX-License-Identifier: BSD-2-Clause-Patent # ## @@ -18,7 +19,7 @@ [Defines] # # The following information is for reference only and not required by the build tools. # -# VALID_ARCHITECTURES = IA32 X64 +# VALID_ARCHITECTURES = IA32 X64 LOONGARCH64 # [Sources.IA32] @@ -31,7 +32,7 @@ [Sources.X64] X64/CreatePageTable.c X64/MpFuncs.nasm -[Sources.common] +[Sources.IA32, Sources.X64] AmdSev.c DxeMpLib.c Microcode.c @@ -40,6 +41,11 @@ [Sources.common] MpLib.h MpHandOff.h +[Sources.LoongArch64] + LoongArch64/DxeMpLib.c + LoongArch64/MpLib.c + LoongArch64/MpLib.h + [Packages] MdePkg/MdePkg.dec MdeModulePkg/MdeModulePkg.dec @@ -47,18 +53,20 @@ [Packages] [LibraryClasses] BaseLib - CcExitLib CpuLib DebugAgentLib HobLib - LocalApicLib MemoryAllocationLib - MicrocodeLib - MtrrLib PcdLib SynchronizationLib UefiBootServicesTableLib +[LibraryClasses.IA32, LibraryClasses.X64] + CcExitLib + LocalApicLib + MicrocodeLib + MtrrLib + [LibraryClasses.X64] CpuPageTableLib @@ -70,6 +78,9 @@ [Guids] gEfiEventLegacyBootGuid ## SOMETIMES_CONSUMES ## Event gEdkiiMicrocodePatchHobGuid ## SOMETIMES_CONSUMES ## HOB +[Guids.LoongArch64] + gProcessorResourceHobGuid ## SOMETIMES_CONSUMES ## HOB + [Pcd] gEfiMdeModulePkgTokenSpaceGuid.PcdCpuStackGuard ## CONSUMES gEfiMdeModulePkgTokenSpaceGuid.PcdGhcbBase ## CONSUMES diff --git a/UefiCpuPkg/Library/MpInitLib/LoongArch64/DxeMpLib.c b/UefiCpuPkg/Library/MpInitLib/LoongArch64/DxeMpLib.c new file mode 100644 index 00..739da77e32 --- /dev/null +++ b/UefiCpuPkg/Library/MpInitLib/LoongArch64/DxeMpLib.c @@ -0,0 +1,480 @@ +/** @file + LoongArch64 MP initialize support functions for DXE phase. + + Copyright (c) 2024, Loongson Technology Corporation Limited. All rights reserved. + SPDX-License-Identifier: BSD-2-Clause-Patent + +**/ + +#include "MpLib.h" + +#include +#include +#include + +#include + +CPU_MP_DATA *mCpuMpData= NULL; +EFI_EVENT mCheckAllApsEvent = NULL; +volatile BOOLEAN mStopCheckAllApsStatus = TRUE; + +/** + Enable Debug Agent to support source debugging on AP function. + +**/ +VOID +EnableDebugAgent ( + VOID + ) +{ + // + // Initialize Debug Agent to support source level debug in DXE phase + // + InitializeDebugAgent (DEBUG_AGENT_INIT_DXE_AP, NULL, NULL); +} + +/** + Get the pointer to CPU MP Data structure. + + @return The pointer to CPU MP Data structure. +**/ +CPU_MP_DATA * +GetCpuMpData ( + VOID + ) +{ + ASSERT (mCpuMpData != NULL); + return mCpuMpData; +} + +/** + Save the pointer to CPU MP Data structure. + + @param[in] CpuMpData The pointer to CPU MP Data structure will be saved. +**/ +VOID +SaveCpuMpData ( + IN CPU_MP_DATA *CpuMpData + ) +{ + mCpuMpData = CpuMpData; +} + +/** + Get available EfiBootServicesCode memory below 4GB by specified size. + + This buffer is required to safely transfer AP from real address mode to + protected mode or long mode, due to the fact that the buffer returned by + GetWakeupBuffer() may be marked as non-executable. + + @param[in] BufferSize Wakeup transition buffer size. + + @retval other Return wakeup transition buffer address below 4GB. + @retval 0 Cannot find free memory below 4GB. +**/ +UINTN +GetModeTransitionBuffer ( + IN UINTN BufferSize + ) +{ + return 0; +} + +/** + Checks APs status and updates APs status if
[edk2-devel] [PATCH v3 10/13] UefiCpuPkg: Add a new GUID to store the processors resource
On a multi-processor system, if the BSP dose not know how many APs are online or cannot wake up the AP via broadcast, it can collect AP resouces before wakeing up the AP and add a new HOB to save the processor resouces. Cc: Ray Ni Cc: Rahul Kumar Cc: Gerd Hoffmann Signed-off-by: Chao Li --- .../Include/Guid/ProcessorResourceHob.h | 29 +++ UefiCpuPkg/UefiCpuPkg.dec | 3 ++ 2 files changed, 32 insertions(+) create mode 100644 UefiCpuPkg/Include/Guid/ProcessorResourceHob.h diff --git a/UefiCpuPkg/Include/Guid/ProcessorResourceHob.h b/UefiCpuPkg/Include/Guid/ProcessorResourceHob.h new file mode 100644 index 00..da7f381d3b --- /dev/null +++ b/UefiCpuPkg/Include/Guid/ProcessorResourceHob.h @@ -0,0 +1,29 @@ +/** @file + Processor resource HOB + + If BSP does not known how many cores are online or the platform cannot + wake up AP via broadcast, this HOB can be used to store the processor + resource data that may come from ACPI or FDT, etc. + + Copyright (c) 2024, Loongson Technology Corporation Limited. All rights reserved. + + SPDX-License-Identifier: BSD-2-Clause-Patent + +**/ + +#ifndef PROCESSOR_RESOURCE_HOB_H_ +#define PROCESSOR_RESOURCE_HOB_H_ + +#define PROCESSOR_RESOURCE_HOB_GUID \ + { \ +0xb855c7fe, 0xa758, 0x701f, { 0xa7, 0x30, 0x87, 0xf3, 0x9c, 0x03, 0x46, 0x7e } \ + } + +typedef struct { + UINT32NumberOfProcessor; + UINTN *ApicId; +} PROCESSOR_RESOURCE_DATA; + +extern EFI_GUID gProcessorResourceHobGuid; + +#endif diff --git a/UefiCpuPkg/UefiCpuPkg.dec b/UefiCpuPkg/UefiCpuPkg.dec index 1b890e975c..8ca3b7a5a6 100644 --- a/UefiCpuPkg/UefiCpuPkg.dec +++ b/UefiCpuPkg/UefiCpuPkg.dec @@ -96,6 +96,9 @@ [Guids] ## Include/Guid/MpInformation2.h gMpInformation2HobGuid = { 0x417a7f64, 0xf4e9, 0x4b32, {0x84, 0x6a, 0x5c, 0xc4, 0xd8, 0x62, 0x18, 0x79 }} + ## Include/Guid/ProcessorResourceHob.h + gProcessorResourceHobGuid = { 0xb855c7fe, 0xa758, 0x701f, { 0xa7, 0x30, 0x87, 0xf3, 0x9c, 0x03, 0x46, 0x7e }} + [Protocols] ## Include/Protocol/SmmCpuService.h gEfiSmmCpuServiceProtocolGuid = { 0x1d202cab, 0xc8ab, 0x4d5c, { 0x94, 0xf7, 0x3c, 0xfc, 0xc0, 0xd3, 0xd3, 0x35 }} -- 2.27.0 -=-=-=-=-=-=-=-=-=-=-=- Groups.io Links: You receive all messages sent to this group. View/Reply Online (#117657): https://edk2.groups.io/g/devel/message/117657 Mute This Topic: https://groups.io/mt/105478501/21656 Group Owner: devel+ow...@edk2.groups.io Unsubscribe: https://edk2.groups.io/g/devel/unsub [arch...@mail-archive.com] -=-=-=-=-=-=-=-=-=-=-=-
[edk2-devel] [PATCH v3 09/13] UefiCpuPkg: Add CpuMmuLib to UefiCpuPkg
Add a new base library named CpuMmuLib and add a LoongArch64 instance with in the library. BZ: https://bugzilla.tianocore.org/show_bug.cgi?id=4734 Cc: Ray Ni Cc: Rahul Kumar Cc: Gerd Hoffmann Signed-off-by: Chao Li Co-authored-by: Baoqi Zhang Co-authored-by: Dongyan Qian Co-authored-by: Xianglai Li Co-authored-by: Bibo Mao Acked-by: Gerd Hoffmann --- UefiCpuPkg/Library/CpuMmuLib/CpuMmuLib.inf| 39 + UefiCpuPkg/Library/CpuMmuLib/CpuMmuLib.uni| 14 + .../Library/CpuMmuLib/LoongArch64/CpuMmu.c| 785 ++ .../Library/CpuMmuLib/LoongArch64/Page.h | 33 + .../LoongArch64/TlbExceptionHandle.S | 51 ++ .../LoongArch64/TlbExceptionHandle.h | 36 + .../CpuMmuLib/LoongArch64/TlbInvalid.S| 24 + .../CpuMmuLib/LoongArch64/TlbInvalid.h| 24 + UefiCpuPkg/UefiCpuPkg.dsc | 3 + 9 files changed, 1009 insertions(+) create mode 100644 UefiCpuPkg/Library/CpuMmuLib/CpuMmuLib.inf create mode 100644 UefiCpuPkg/Library/CpuMmuLib/CpuMmuLib.uni create mode 100644 UefiCpuPkg/Library/CpuMmuLib/LoongArch64/CpuMmu.c create mode 100644 UefiCpuPkg/Library/CpuMmuLib/LoongArch64/Page.h create mode 100644 UefiCpuPkg/Library/CpuMmuLib/LoongArch64/TlbExceptionHandle.S create mode 100644 UefiCpuPkg/Library/CpuMmuLib/LoongArch64/TlbExceptionHandle.h create mode 100644 UefiCpuPkg/Library/CpuMmuLib/LoongArch64/TlbInvalid.S create mode 100644 UefiCpuPkg/Library/CpuMmuLib/LoongArch64/TlbInvalid.h diff --git a/UefiCpuPkg/Library/CpuMmuLib/CpuMmuLib.inf b/UefiCpuPkg/Library/CpuMmuLib/CpuMmuLib.inf new file mode 100644 index 00..5eecfb4838 --- /dev/null +++ b/UefiCpuPkg/Library/CpuMmuLib/CpuMmuLib.inf @@ -0,0 +1,39 @@ +## @file +# CPU Memory Manager Unit library instance. +# +# Copyright (c) 2024 Loongson Technology Corporation Limited. All rights reserved. +# +# SPDX-License-Identifier: BSD-2-Clause-Patent +# +## + +[Defines] + INF_VERSION= 1.29 + BASE_NAME = CpuMmuLib + MODULE_UNI_FILE= CpuMmuLib.uni + FILE_GUID = DA8F0232-FB14-42F0-922C-63104D2C70BE + MODULE_TYPE= BASE + VERSION_STRING = 1.0 + LIBRARY_CLASS = CpuMmuLib + +# +# VALID_ARCHITECTURES = LOONGARCH64 +# + +[Sources.LoongArch64] + LoongArch64/TlbInvalid.S | GCC + LoongArch64/TlbExceptionHandle.S | GCC + LoongArch64/CpuMmu.c + LoongArch64/Page.h + LoongArch64/TlbInvalid.h + +[Packages] + MdePkg/MdePkg.dec + UefiCpuPkg/UefiCpuPkg.dec + +[LibraryClasses] + DebugLib + MemoryAllocationLib + +[Pcd.LoongArch64] + gUefiCpuPkgTokenSpaceGuid.PcdLoongArchExceptionVectorBaseAddress ## CONSUMES diff --git a/UefiCpuPkg/Library/CpuMmuLib/CpuMmuLib.uni b/UefiCpuPkg/Library/CpuMmuLib/CpuMmuLib.uni new file mode 100644 index 00..2408f2f90b --- /dev/null +++ b/UefiCpuPkg/Library/CpuMmuLib/CpuMmuLib.uni @@ -0,0 +1,14 @@ +// /** @file +// CPU Memory Manager Unit library instance. +// +// CPU Memory Manager Unit library instance. +// +// Copyright (c) 2024, Loongson Technology Corporation Limited. All rights reserved. +// +// SPDX-License-Identifier: BSD-2-Clause-Patent +// +// **/ + +#string STR_MODULE_ABSTRACT #language en-US "CPU Memory Manager Unit library instance." + +#string STR_MODULE_DESCRIPTION #language en-US "CPU Memory Manager Unit library instance." diff --git a/UefiCpuPkg/Library/CpuMmuLib/LoongArch64/CpuMmu.c b/UefiCpuPkg/Library/CpuMmuLib/LoongArch64/CpuMmu.c new file mode 100644 index 00..6d77a1221f --- /dev/null +++ b/UefiCpuPkg/Library/CpuMmuLib/LoongArch64/CpuMmu.c @@ -0,0 +1,785 @@ +/** @file + + CPU Memory Map Unit Handler Library common functions. + + Copyright (c) 2011-2020, ARM Limited. All rights reserved. + Copyright (c) 2016, Linaro Limited. All rights reserved. + Copyright (c) 2017, Intel Corporation. All rights reserved. + Copyright (c) 2023, Ventana Micro Systems Inc. All Rights Reserved. + Copyright (c) 2024 Loongson Technology Corporation Limited. All rights reserved. + + SPDX-License-Identifier: BSD-2-Clause-Patent + +**/ +#include +#include +#include +#include +#include +#include +#include +#include +#include +#include "TlbInvalid.h" +#include "TlbExceptionHandle.h" +#include "Page.h" + +/** + Check to see if mmu successfully initializes. + + @param VOID. + + @retval TRUE Initialization has been completed. + FALSE Initialization did not complete. +**/ +STATIC +BOOLEAN +MmuIsInit ( + VOID + ) +{ + if (CsrRead (LOONGARCH_CSR_PGDL) != 0) { +return TRUE; + } + + return FALSE; +} + +/** + Check to see if mmu is enabled. + + @param VOID. + + @retval TRUE MMU has been enabled. + FALSE MMU did not enabled. +**/ +STATIC +BOOLEAN +MmuIsEnabled ( + VOID + ) +{ + if ((CsrRead (LOONGARCH_CSR_CRMD) & BIT4) != 0) { +return TRUE; + } + + return FALSE; +} + +/** + Determine if an entry is
[edk2-devel] [PATCH v3 08/13] UefiCpuPkg: Added a new PCD named PcdLoongArchExceptionVectorBaseAddress
Added PcdLoongArchExceptionVectorBaseAddress use for storing the CPU exception vector base address. This PCD can be populated at build time or changed at runtime, and is used only by LoongArch. BZ: https://bugzilla.tianocore.org/show_bug.cgi?id=4734 Cc: Ray Ni Cc: Rahul Kumar Cc: Gerd Hoffmann Signed-off-by: Chao Li Acked-by: Gerd Hoffmann --- UefiCpuPkg/UefiCpuPkg.dec | 6 ++ 1 file changed, 6 insertions(+) diff --git a/UefiCpuPkg/UefiCpuPkg.dec b/UefiCpuPkg/UefiCpuPkg.dec index ca744fab55..1b890e975c 100644 --- a/UefiCpuPkg/UefiCpuPkg.dec +++ b/UefiCpuPkg/UefiCpuPkg.dec @@ -3,6 +3,7 @@ # # Copyright (c) 2007 - 2023, Intel Corporation. All rights reserved. # Copyright (C) 2023 Advanced Micro Devices, Inc. All rights reserved. +# Copyright (c) 2024, Loongson Technology Corporation Limited. All rights reserved. # # SPDX-License-Identifier: BSD-2-Clause-Patent # @@ -414,6 +415,11 @@ [PcdsFixedAtBuild.RISCV64] # 10 - 57bit mode. gUefiCpuPkgTokenSpaceGuid.PcdCpuRiscVMmuMaxSatpMode|10|UINT32|0x6021 +[PcdsFixedAtBuild.LOONGARCH64, PcdsPatchableInModule.LOONGARCH64, PcdsDynamic.LOONGARCH64, PcdsDynamicEx.LOONGARCH64] + ## This PCD Contains the pointer to a CPU exception vector base address. + # @Prompt The pointer to a CPU exception vector base address. + gUefiCpuPkgTokenSpaceGuid.PcdLoongArchExceptionVectorBaseAddress|0x0|UINT64|0x6022 + [PcdsDynamic, PcdsDynamicEx] ## Contains the pointer to a CPU S3 data buffer of structure ACPI_CPU_DATA. # @Prompt The pointer to a CPU S3 data buffer. -- 2.27.0 -=-=-=-=-=-=-=-=-=-=-=- Groups.io Links: You receive all messages sent to this group. View/Reply Online (#117655): https://edk2.groups.io/g/devel/message/117655 Mute This Topic: https://groups.io/mt/105478499/21656 Group Owner: devel+ow...@edk2.groups.io Unsubscribe: https://edk2.groups.io/g/devel/unsub [arch...@mail-archive.com] -=-=-=-=-=-=-=-=-=-=-=-
[edk2-devel] [PATCH v3 07/13] UefiCpuPkg: Add CpuMmuLib.h to UefiCpuPkg
Add a new header file CpuMmuLib.h, whitch is referenced from ArmPkg/Include/Library/ArmMmuLib.h. Currently, only support for LoongArch64 is added, and more architectures can be accommodated in the future. BZ: https://bugzilla.tianocore.org/show_bug.cgi?id=4734 Cc: Ray Ni Cc: Rahul Kumar Cc: Gerd Hoffmann Cc: Leif Lindholm Cc: Ard Biesheuvel Cc: Sami Mujawar Cc: Sunil V L Cc: Andrei Warkentin Signed-off-by: Chao Li Acked-by: Gerd Hoffmann --- UefiCpuPkg/Include/Library/CpuMmuLib.h | 41 ++ UefiCpuPkg/UefiCpuPkg.dec | 4 +++ 2 files changed, 45 insertions(+) create mode 100644 UefiCpuPkg/Include/Library/CpuMmuLib.h diff --git a/UefiCpuPkg/Include/Library/CpuMmuLib.h b/UefiCpuPkg/Include/Library/CpuMmuLib.h new file mode 100644 index 00..e6cfbd5168 --- /dev/null +++ b/UefiCpuPkg/Include/Library/CpuMmuLib.h @@ -0,0 +1,41 @@ +/** @file + + Copyright (c) 2024 Loongson Technology Corporation Limited. All rights reserved. + + SPDX-License-Identifier: BSD-2-Clause-Patent + +**/ + +#ifndef CPU_MMU_LIB_H_ +#define CPU_MMU_LIB_H_ + +#include + +/** + Maps the memory region in the page table to the specified attributes. + + @param[in, out] PageTable The pointer to the page table to update, or pointer to NULL + if a new page table is to be created. + @param[in] PageWalkCfgThe page walk controller configure. + @param[in] BaseAddressThe base address of the memory region to set the Attributes. + @param[in] Length The length of the memory region to set the Attributes. + @param[in] Attributes The bitmask of attributes to set, which refer to UEFI SPEC + 7.2.3(EFI_BOOT_SERVICES.GetMemoryMap()). + @param[in] AttributeMask Mask of memory attributes to take into account. + + @retval EFI_SUCCESSThe Attributes was set successfully or Length is 0. + @retval EFI_INVALID_PARAMETER PageTable is NULL. + @retval EFI_UNSUPPORTED*PageTable is NULL. +**/ +EFI_STATUS +EFIAPI +MemoryRegionMap ( + IN OUT UINTN *PageTable OPTIONAL, + IN UINT64PageWalkCfg, + IN EFI_PHYSICAL_ADDRESS BaseAddress, + IN UINT64Length, + IN UINT64Attributes, + IN UINT64AttributeMask + ); + +#endif // CPU_MMU_LIB_H_ diff --git a/UefiCpuPkg/UefiCpuPkg.dec b/UefiCpuPkg/UefiCpuPkg.dec index 571b59b36f..ca744fab55 100644 --- a/UefiCpuPkg/UefiCpuPkg.dec +++ b/UefiCpuPkg/UefiCpuPkg.dec @@ -72,6 +72,10 @@ [LibraryClasses.RISCV64] ## RiscVMmuLib|Include/Library/BaseRiscVMmuLib.h +[LibraryClasses.LoongArch64] + ## @libraryclass Provides functions for the memory management unit. + CpuMmuLib|Include/Library/CpuMmuLib.h + [Guids] gUefiCpuPkgTokenSpaceGuid = { 0xac05bf33, 0x995a, 0x4ed4, { 0xaa, 0xb8, 0xef, 0x7a, 0xe8, 0xf, 0x5c, 0xb0 }} gMsegSmramGuid = { 0x5802bce4, 0x, 0x4e33, { 0xa1, 0x30, 0xeb, 0xad, 0x27, 0xf0, 0xe4, 0x39 }} -- 2.27.0 -=-=-=-=-=-=-=-=-=-=-=- Groups.io Links: You receive all messages sent to this group. View/Reply Online (#117654): https://edk2.groups.io/g/devel/message/117654 Mute This Topic: https://groups.io/mt/105478496/21656 Group Owner: devel+ow...@edk2.groups.io Unsubscribe: https://edk2.groups.io/g/devel/unsub [arch...@mail-archive.com] -=-=-=-=-=-=-=-=-=-=-=-
[edk2-devel] [PATCH v3 06/13] UefiCpuPkg: Add CPU exception library for LoongArch
Added LoongArch exception handler into CpuExceptionHandlerLib. BZ: https://bugzilla.tianocore.org/show_bug.cgi?id=4734 Cc: Ray Ni Cc: Rahul Kumar Cc: Gerd Hoffmann Signed-off-by: Chao Li Co-authored-by: Baoqi Zhang Acked-by: Gerd Hoffmann Reviewed-by: Ray Ni --- .../DxeCpuExceptionHandlerLib.inf | 23 +- .../LoongArch/DxeExceptionLib.c | 198 ++ .../LoongArch/ExceptionCommon.c | 171 .../LoongArch/ExceptionCommon.h | 131 +++ .../LoongArch64/ArchExceptionHandler.c| 268 + .../LoongArch64/ExceptionHandlerAsm.S | 366 ++ .../LoongArch/SecPeiExceptionLib.c| 102 + .../SecPeiCpuExceptionHandlerLib.inf | 23 +- 8 files changed, 1273 insertions(+), 9 deletions(-) create mode 100644 UefiCpuPkg/Library/CpuExceptionHandlerLib/LoongArch/DxeExceptionLib.c create mode 100644 UefiCpuPkg/Library/CpuExceptionHandlerLib/LoongArch/ExceptionCommon.c create mode 100644 UefiCpuPkg/Library/CpuExceptionHandlerLib/LoongArch/ExceptionCommon.h create mode 100644 UefiCpuPkg/Library/CpuExceptionHandlerLib/LoongArch/LoongArch64/ArchExceptionHandler.c create mode 100644 UefiCpuPkg/Library/CpuExceptionHandlerLib/LoongArch/LoongArch64/ExceptionHandlerAsm.S create mode 100644 UefiCpuPkg/Library/CpuExceptionHandlerLib/LoongArch/SecPeiExceptionLib.c diff --git a/UefiCpuPkg/Library/CpuExceptionHandlerLib/DxeCpuExceptionHandlerLib.inf b/UefiCpuPkg/Library/CpuExceptionHandlerLib/DxeCpuExceptionHandlerLib.inf index aabcabff0f..9fcba009d6 100644 --- a/UefiCpuPkg/Library/CpuExceptionHandlerLib/DxeCpuExceptionHandlerLib.inf +++ b/UefiCpuPkg/Library/CpuExceptionHandlerLib/DxeCpuExceptionHandlerLib.inf @@ -2,6 +2,7 @@ # CPU Exception Handler library instance for DXE modules. # # Copyright (c) 2013 - 2018, Intel Corporation. All rights reserved. +# Copyright (c) 2024, Loongson Technology Corporation Limited. All rights reserved. # SPDX-License-Identifier: BSD-2-Clause-Patent # ## @@ -18,7 +19,7 @@ [Defines] # # The following information is for reference only and not required by the build tools. # -# VALID_ARCHITECTURES = IA32 X64 +# VALID_ARCHITECTURES = IA32 X64 LOONGARCH64 # [Sources.Ia32] @@ -32,12 +33,19 @@ [Sources.X64] X64/ArchInterruptDefs.h X64/ExceptionHandlerAsm.nasm -[Sources.common] +[Sources.Ia32, Sources.X64] CpuExceptionCommon.h CpuExceptionCommon.c DxeException.c PeiDxeSmmCpuException.c +[Sources.LoongArch64] + LoongArch/DxeExceptionLib.c + LoongArch/ExceptionCommon.h + LoongArch/ExceptionCommon.c + LoongArch/LoongArch64/ArchExceptionHandler.c + LoongArch/LoongArch64/ExceptionHandlerAsm.S | GCC + [Pcd] gEfiMdeModulePkgTokenSpaceGuid.PcdCpuStackGuard gUefiCpuPkgTokenSpaceGuid.PcdCpuStackSwitchExceptionList @@ -51,16 +59,21 @@ [Packages] MdeModulePkg/MdeModulePkg.dec UefiCpuPkg/UefiCpuPkg.dec -[LibraryClasses] +[LibraryClasses.common] BaseLib - CcExitLib DebugLib - LocalApicLib MemoryAllocationLib PeCoffGetEntryPointLib PrintLib SerialPortLib SynchronizationLib +[LibraryClasses.Ia32, LibraryClasses.X64] + CcExitLib + LocalApicLib + +[LibraryClasses.LoongArch64] + CpuLib + [BuildOptions] XCODE:*_*_X64_NASM_FLAGS = -D NO_ABSOLUTE_RELOCS_IN_TEXT diff --git a/UefiCpuPkg/Library/CpuExceptionHandlerLib/LoongArch/DxeExceptionLib.c b/UefiCpuPkg/Library/CpuExceptionHandlerLib/LoongArch/DxeExceptionLib.c new file mode 100644 index 00..eed5644552 --- /dev/null +++ b/UefiCpuPkg/Library/CpuExceptionHandlerLib/LoongArch/DxeExceptionLib.c @@ -0,0 +1,198 @@ +/** @file DxeExceptionLib.c + + LoongArch exception library implemenation for DXE modules. + + Copyright (c) 2024, Loongson Technology Corporation Limited. All rights reserved. + + SPDX-License-Identifier: BSD-2-Clause-Patent +**/ + +#include +#include +#include +#include +#include +#include +#include +#include + +#include "ExceptionCommon.h" + +EFI_EXCEPTION_CALLBACK ExternalInterruptHandler[MAX_LOONGARCH_INTERRUPT + 1] = { 0 }; +EFI_EXCEPTION_CALLBACK ExceptionHandler[MAX_LOONGARCH_EXCEPTION + 1] = { 0 }; + +/** + Registers a function to be called from the processor interrupt or exception handler. + + This function registers and enables the handler specified by InterruptHandler for a processor + interrupt or exception type specified by InterruptType. If InterruptHandler is NULL, then the + handler for the processor interrupt or exception type specified by InterruptType is uninstalled. + The installed handler is called once for each processor interrupt or exception. + + @param InterruptTypeA pointer to the processor's current interrupt state. Set to TRUE if interrupts + are enabled and FALSE if interrupts are disabled. + @param InterruptHandler A pointer to a function of type EFI_CPU_INTERRUPT_HANDLER that is called +
[edk2-devel] [PATCH v3 05/13] UefiCpuPkg: Add LoongArch64 CPU Timer instance
Add the LoongArch64 CPU Timer instance to CpuTimerLib, using CPUCFG 0x4 and 0x5 for Stable Counter frequency. BZ: https://bugzilla.tianocore.org/show_bug.cgi?id=4734 Cc: Ray Ni Cc: Rahul Kumar Cc: Gerd Hoffmann Signed-off-by: Chao Li Acked-by: Gerd Hoffmann Reviewed-by: Ray Ni --- .../Library/CpuTimerLib/BaseCpuTimerLib.inf | 15 +- .../CpuTimerLib/LoongArch64/CpuTimerLib.c | 250 ++ UefiCpuPkg/UefiCpuPkg.dsc | 3 + 3 files changed, 266 insertions(+), 2 deletions(-) create mode 100644 UefiCpuPkg/Library/CpuTimerLib/LoongArch64/CpuTimerLib.c diff --git a/UefiCpuPkg/Library/CpuTimerLib/BaseCpuTimerLib.inf b/UefiCpuPkg/Library/CpuTimerLib/BaseCpuTimerLib.inf index f0f4ae902a..4a1c7c0510 100644 --- a/UefiCpuPkg/Library/CpuTimerLib/BaseCpuTimerLib.inf +++ b/UefiCpuPkg/Library/CpuTimerLib/BaseCpuTimerLib.inf @@ -1,10 +1,15 @@ ## @file # Base CPU Timer Library # -# Provides basic timer support using CPUID Leaf 0x15 XTAL frequency. The performance +# Provides basic timer support. +# +# In x86, using CPUID Leaf 0x15 XTAL frequency. The performance # counter features are provided by the processors time stamp counter. # +# In LoongArch64, using CPUCFG 0x4 and 0x5 for Stable Counter frequency. +# # Copyright (c) 2021, Intel Corporation. All rights reserved. +# Copyright (c) 2024, Loongson Technology Corporation Limited. All rights reserved. # SPDX-License-Identifier: BSD-2-Clause-Patent # ## @@ -18,10 +23,13 @@ [Defines] LIBRARY_CLASS = TimerLib MODULE_UNI_FILE= BaseCpuTimerLib.uni -[Sources] +[Sources.IA32, Sources.X64] CpuTimerLib.c BaseCpuTimerLib.c +[Sources.LoongArch64] + LoongArch64/CpuTimerLib.c + [Packages] MdePkg/MdePkg.dec UefiCpuPkg/UefiCpuPkg.dec @@ -31,5 +39,8 @@ [LibraryClasses] DebugLib PcdLib +[LibraryClasses.LoongArch64] + SafeIntLib + [Pcd] gUefiCpuPkgTokenSpaceGuid.PcdCpuCoreCrystalClockFrequency ## CONSUMES diff --git a/UefiCpuPkg/Library/CpuTimerLib/LoongArch64/CpuTimerLib.c b/UefiCpuPkg/Library/CpuTimerLib/LoongArch64/CpuTimerLib.c new file mode 100644 index 00..7ba7408498 --- /dev/null +++ b/UefiCpuPkg/Library/CpuTimerLib/LoongArch64/CpuTimerLib.c @@ -0,0 +1,250 @@ +/** @file + CPUCFG 0x4 and 0x5 for Stable Counter frequency instance of Timer Library. + + Copyright (c) 2024, Loongson Technology Corporation Limited. All rights reserved. + + SPDX-License-Identifier: BSD-2-Clause-Patent +**/ + +#include +#include +#include +#include +#include +#include + +/** + Calculate clock frequency using CPUCFG 0x4 and 0x5 registers. + + @param VOID. + + @return The frequency in Hz. + +**/ +STATIC +UINT64 +CalcConstFreq ( + VOID + ) +{ + UINT32 BaseFreq; + UINT64 ClockMultiplier; + UINT32 ClockDivide; + CPUCFG_REG4_INFO_DATA CcFreq; + CPUCFG_REG5_INFO_DATA CpucfgReg5Data; + UINT64 StableTimerFreq; + + // + // Get the the crystal frequency corresponding to the constant + // frequency timer and the clock used by the timer. + // + AsmCpucfg (CPUCFG_REG4_INFO, &CcFreq.Uint32); + + // + // Get the multiplication factor and frequency division factor + // corresponding to the constant frequency timer and the clock + // used by the timer. + // + AsmCpucfg (CPUCFG_REG5_INFO, &CpucfgReg5Data.Uint32); + + BaseFreq= CcFreq.Bits.CC_FREQ; + ClockMultiplier = CpucfgReg5Data.Bits.CC_MUL & 0x; + ClockDivide = CpucfgReg5Data.Bits.CC_DIV & 0x; + + if ((BaseFreq == 0x0) || (ClockMultiplier == 0x0) || (ClockDivide == 0x0)) { +DEBUG (( + DEBUG_ERROR, + "LoongArch Stable Timer is not available in the CPU, hence this library cannot be used.\n" + )); +ASSERT (FALSE); +CpuDeadLoop (); + } + + StableTimerFreq = ((ClockMultiplier * BaseFreq) / ClockDivide); + + ASSERT (StableTimerFreq != 0); + + return StableTimerFreq; +} + +/** + Stalls the CPU for at least the given number of microseconds. + + Stalls the CPU for the number of microseconds specified by MicroSeconds. + + @param MicroSeconds The minimum number of microseconds to delay. + + @return MicroSeconds + +**/ +UINTN +EFIAPI +MicroSecondDelay ( + IN UINTN MicroSeconds + ) +{ + UINT64 CurrentTicks, ExceptedTicks, Remaining; + RETURN_STATUS Status; + + Status = SafeUint64Mult (MicroSeconds, CalcConstFreq (), &Remaining); + ASSERT_RETURN_ERROR (Status); + + ExceptedTicks = DivU64x32 (Remaining, 100U); + CurrentTicks = AsmReadStableCounter (); + ExceptedTicks += CurrentTicks; + + do { +CurrentTicks = AsmReadStableCounter (); + } while (CurrentTicks < ExceptedTicks); + + return MicroSeconds; +} + +/** + Stalls the CPU for at least the given number of nanoseconds. + + Stalls the CPU for the number of nanoseconds specified by NanoSeconds. + + @param NanoSeconds The minimum number of nanoseconds to delay. + + @return NanoSeconds + +**/ +UIN
[edk2-devel] [PATCH v3 04/13] UefiCpuPkg/CpuDxe: Reorder the INF file alphabetically
Some of the order is not in alphabetical, reorder. BZ: https://bugzilla.tianocore.org/show_bug.cgi?id=4726 Cc: Ray Ni Cc: Rahul Kumar Cc: Gerd Hoffmann Signed-off-by: Chao Li Acked-by: Gerd Hoffmann Reviewed-by: Ray Ni --- UefiCpuPkg/CpuDxe/CpuDxe.inf | 16 1 file changed, 8 insertions(+), 8 deletions(-) diff --git a/UefiCpuPkg/CpuDxe/CpuDxe.inf b/UefiCpuPkg/CpuDxe/CpuDxe.inf index 1d3e9f8cdb..9e1c673283 100644 --- a/UefiCpuPkg/CpuDxe/CpuDxe.inf +++ b/UefiCpuPkg/CpuDxe/CpuDxe.inf @@ -25,21 +25,21 @@ [Packages] [LibraryClasses] BaseLib BaseMemoryLib + CpuExceptionHandlerLib CpuLib DebugLib DxeServicesTableLib + HobLib + LocalApicLib MemoryAllocationLib MtrrLib + MpInitLib + PeCoffGetEntryPointLib + ReportStatusCodeLib + TimerLib UefiBootServicesTableLib UefiDriverEntryPoint - LocalApicLib UefiLib - CpuExceptionHandlerLib - HobLib - ReportStatusCodeLib - MpInitLib - TimerLib - PeCoffGetEntryPointLib [Sources] CpuDxe.c @@ -77,9 +77,9 @@ [Pcd] gEfiMdeModulePkgTokenSpaceGuid.PcdCpuStackGuard ## CONSUMES gEfiMdeModulePkgTokenSpaceGuid.PcdHeapGuardPropertyMask ## CONSUMES gEfiMdeModulePkgTokenSpaceGuid.PcdNullPointerDetectionPropertyMask## CONSUMES + gEfiMdeModulePkgTokenSpaceGuid.PcdTdxSharedBitMask## CONSUMES gUefiCpuPkgTokenSpaceGuid.PcdCpuStackSwitchExceptionList ## CONSUMES gUefiCpuPkgTokenSpaceGuid.PcdCpuKnownGoodStackSize## CONSUMES - gEfiMdeModulePkgTokenSpaceGuid.PcdTdxSharedBitMask## CONSUMES [Depex] TRUE -- 2.27.0 -=-=-=-=-=-=-=-=-=-=-=- Groups.io Links: You receive all messages sent to this group. View/Reply Online (#117651): https://edk2.groups.io/g/devel/message/117651 Mute This Topic: https://groups.io/mt/105478493/21656 Group Owner: devel+ow...@edk2.groups.io Unsubscribe: https://edk2.groups.io/g/devel/unsub [arch...@mail-archive.com] -=-=-=-=-=-=-=-=-=-=-=-
[edk2-devel] [PATCH v3 03/13] UefiCpuPkg/MpInitLib: Reorder the INF files alphabetically
Some of the order is not in alphabetical, reorder. BZ: https://bugzilla.tianocore.org/show_bug.cgi?id=4726 Cc: Ray Ni Cc: Rahul Kumar Cc: Gerd Hoffmann Signed-off-by: Chao Li Acked-by: Gerd Hoffmann Reviewed-by: Ray Ni --- UefiCpuPkg/Library/MpInitLib/DxeMpInitLib.inf | 29 ++- UefiCpuPkg/Library/MpInitLib/PeiMpInitLib.inf | 25 2 files changed, 28 insertions(+), 26 deletions(-) diff --git a/UefiCpuPkg/Library/MpInitLib/DxeMpInitLib.inf b/UefiCpuPkg/Library/MpInitLib/DxeMpInitLib.inf index 55e46d4a1f..7ef4c0d4db 100644 --- a/UefiCpuPkg/Library/MpInitLib/DxeMpInitLib.inf +++ b/UefiCpuPkg/Library/MpInitLib/DxeMpInitLib.inf @@ -23,21 +23,21 @@ [Defines] [Sources.IA32] Ia32/AmdSev.c - Ia32/MpFuncs.nasm Ia32/CreatePageTable.c + Ia32/MpFuncs.nasm [Sources.X64] X64/AmdSev.c - X64/MpFuncs.nasm X64/CreatePageTable.c + X64/MpFuncs.nasm [Sources.common] AmdSev.c - MpEqu.inc DxeMpLib.c + Microcode.c + MpEqu.inc MpLib.c MpLib.h - Microcode.c MpHandOff.h [Packages] @@ -47,17 +47,18 @@ [Packages] [LibraryClasses] BaseLib + CcExitLib + CpuLib + DebugAgentLib + HobLib LocalApicLib MemoryAllocationLib - HobLib + MicrocodeLib MtrrLib - CpuLib - UefiBootServicesTableLib - DebugAgentLib - SynchronizationLib PcdLib - CcExitLib - MicrocodeLib + SynchronizationLib + UefiBootServicesTableLib + [LibraryClasses.X64] CpuPageTableLib @@ -70,6 +71,9 @@ [Guids] gEdkiiMicrocodePatchHobGuid ## SOMETIMES_CONSUMES ## HOB [Pcd] + gEfiMdeModulePkgTokenSpaceGuid.PcdCpuStackGuard ## CONSUMES + gEfiMdeModulePkgTokenSpaceGuid.PcdGhcbBase ## CONSUMES + gEfiMdePkgTokenSpaceGuid.PcdConfidentialComputingGuestAttr ## CONSUMES gUefiCpuPkgTokenSpaceGuid.PcdCpuMaxLogicalProcessorNumber## CONSUMES gUefiCpuPkgTokenSpaceGuid.PcdCpuBootLogicalProcessorNumber ## CONSUMES gUefiCpuPkgTokenSpaceGuid.PcdCpuApInitTimeOutInMicroSeconds ## SOMETIMES_CONSUMES @@ -82,6 +86,3 @@ [Pcd] gUefiCpuPkgTokenSpaceGuid.PcdGhcbHypervisorFeatures ## CONSUMES gUefiCpuPkgTokenSpaceGuid.PcdSevEsWorkAreaBase ## SOMETIMES_CONSUMES gUefiCpuPkgTokenSpaceGuid.PcdFirstTimeWakeUpAPsBySipi## CONSUMES - gEfiMdeModulePkgTokenSpaceGuid.PcdCpuStackGuard ## CONSUMES - gEfiMdeModulePkgTokenSpaceGuid.PcdGhcbBase ## CONSUMES - gEfiMdePkgTokenSpaceGuid.PcdConfidentialComputingGuestAttr ## CONSUMES diff --git a/UefiCpuPkg/Library/MpInitLib/PeiMpInitLib.inf b/UefiCpuPkg/Library/MpInitLib/PeiMpInitLib.inf index bc3d716aa9..599ca36bc2 100644 --- a/UefiCpuPkg/Library/MpInitLib/PeiMpInitLib.inf +++ b/UefiCpuPkg/Library/MpInitLib/PeiMpInitLib.inf @@ -31,31 +31,34 @@ [Sources.X64] [Sources.common] AmdSev.c + Microcode.c MpEqu.inc - PeiMpLib.c MpLib.c MpLib.h - Microcode.c MpHandOff.h + PeiMpLib.c + [Packages] MdePkg/MdePkg.dec - UefiCpuPkg/UefiCpuPkg.dec MdeModulePkg/MdeModulePkg.dec + UefiCpuPkg/UefiCpuPkg.dec [LibraryClasses] BaseLib + CcExitLib + CpuLib + HobLib LocalApicLib MemoryAllocationLib - HobLib + MicrocodeLib MtrrLib - CpuLib - SynchronizationLib - PeiServicesLib PcdLib - CcExitLib - MicrocodeLib + PeiServicesLib + SynchronizationLib [Pcd] + gEfiMdeModulePkgTokenSpaceGuid.PcdGhcbBase ## CONSUMES + gEfiMdePkgTokenSpaceGuid.PcdConfidentialComputingGuestAttr ## CONSUMES gUefiCpuPkgTokenSpaceGuid.PcdCpuMaxLogicalProcessorNumber## CONSUMES gUefiCpuPkgTokenSpaceGuid.PcdCpuBootLogicalProcessorNumber ## CONSUMES gUefiCpuPkgTokenSpaceGuid.PcdCpuApInitTimeOutInMicroSeconds ## SOMETIMES_CONSUMES @@ -66,9 +69,7 @@ [Pcd] gUefiCpuPkgTokenSpaceGuid.PcdCpuApTargetCstate ## SOMETIMES_CONSUMES gUefiCpuPkgTokenSpaceGuid.PcdSevEsWorkAreaBase ## SOMETIMES_CONSUMES gUefiCpuPkgTokenSpaceGuid.PcdGhcbHypervisorFeatures ## CONSUMES - gUefiCpuPkgTokenSpaceGuid.PcdFirstTimeWakeUpAPsBySipi ## CONSUMES - gEfiMdeModulePkgTokenSpaceGuid.PcdGhcbBase ## CONSUMES - gEfiMdePkgTokenSpaceGuid.PcdConfidentialComputingGuestAttr ## CONSUMES + gUefiCpuPkgTokenSpaceGuid.PcdFirstTimeWakeUpAPsBySipi## CONSUMES [Ppis] gEdkiiPeiShadowMicrocodePpiGuid## SOMETIMES_CONSUMES -- 2.27.0 -=-=-=-=-=-=-=-=-=-=-=- Groups.io Links: You receive all messages sent to this group. View/Reply Online (#117650): https://edk2.groups.io/g/devel/message/117650 Mute This Topic: https://groups.io/mt/105478490/21656 Group Owner: devel+ow...@edk2.groups.io Unsubscribe: https://edk2.groups.io/g/devel/unsub [arch...@mail-archive.com] -=-=-=-=-=-=-=-=-=-=-=-
[edk2-devel] [PATCH v3 02/13] UefiCpuPkg/CpuExceptionHandlerLib: Reorder the INF files alphabetically
Some of the order is not in alphabetical, reorder. BZ: https://bugzilla.tianocore.org/show_bug.cgi?id=4726 Cc: Ray Ni Cc: Rahul Kumar Cc: Gerd Hoffmann Signed-off-by: Chao Li Acked-by: Gerd Hoffmann Reviewed-by: Ray Ni --- .../DxeCpuExceptionHandlerLib.inf | 20 +-- .../PeiCpuExceptionHandlerLib.inf | 16 +++ .../SecPeiCpuExceptionHandlerLib.inf | 12 +-- .../SmmCpuExceptionHandlerLib.inf | 16 +++ 4 files changed, 32 insertions(+), 32 deletions(-) diff --git a/UefiCpuPkg/Library/CpuExceptionHandlerLib/DxeCpuExceptionHandlerLib.inf b/UefiCpuPkg/Library/CpuExceptionHandlerLib/DxeCpuExceptionHandlerLib.inf index fdbebadab9..aabcabff0f 100644 --- a/UefiCpuPkg/Library/CpuExceptionHandlerLib/DxeCpuExceptionHandlerLib.inf +++ b/UefiCpuPkg/Library/CpuExceptionHandlerLib/DxeCpuExceptionHandlerLib.inf @@ -22,21 +22,21 @@ [Defines] # [Sources.Ia32] - Ia32/ExceptionHandlerAsm.nasm - Ia32/ExceptionTssEntryAsm.nasm Ia32/ArchExceptionHandler.c Ia32/ArchInterruptDefs.h + Ia32/ExceptionHandlerAsm.nasm + Ia32/ExceptionTssEntryAsm.nasm [Sources.X64] - X64/ExceptionHandlerAsm.nasm X64/ArchExceptionHandler.c X64/ArchInterruptDefs.h + X64/ExceptionHandlerAsm.nasm [Sources.common] CpuExceptionCommon.h CpuExceptionCommon.c - PeiDxeSmmCpuException.c DxeException.c + PeiDxeSmmCpuException.c [Pcd] gEfiMdeModulePkgTokenSpaceGuid.PcdCpuStackGuard @@ -53,14 +53,14 @@ [Packages] [LibraryClasses] BaseLib - SerialPortLib - PrintLib - SynchronizationLib + CcExitLib + DebugLib LocalApicLib - PeCoffGetEntryPointLib MemoryAllocationLib - DebugLib - CcExitLib + PeCoffGetEntryPointLib + PrintLib + SerialPortLib + SynchronizationLib [BuildOptions] XCODE:*_*_X64_NASM_FLAGS = -D NO_ABSOLUTE_RELOCS_IN_TEXT diff --git a/UefiCpuPkg/Library/CpuExceptionHandlerLib/PeiCpuExceptionHandlerLib.inf b/UefiCpuPkg/Library/CpuExceptionHandlerLib/PeiCpuExceptionHandlerLib.inf index 3bcaff5c5f..3a11516e32 100644 --- a/UefiCpuPkg/Library/CpuExceptionHandlerLib/PeiCpuExceptionHandlerLib.inf +++ b/UefiCpuPkg/Library/CpuExceptionHandlerLib/PeiCpuExceptionHandlerLib.inf @@ -22,15 +22,15 @@ [Defines] # [Sources.Ia32] - Ia32/ExceptionHandlerAsm.nasm - Ia32/ExceptionTssEntryAsm.nasm Ia32/ArchExceptionHandler.c Ia32/ArchInterruptDefs.h + Ia32/ExceptionHandlerAsm.nasm + Ia32/ExceptionTssEntryAsm.nasm [Sources.X64] - X64/SecPeiExceptionHandlerAsm.nasm X64/ArchExceptionHandler.c X64/ArchInterruptDefs.h + X64/SecPeiExceptionHandlerAsm.nasm [Sources.common] CpuExceptionCommon.h @@ -45,14 +45,14 @@ [Packages] [LibraryClasses] BaseLib - SerialPortLib - PrintLib - LocalApicLib - PeCoffGetEntryPointLib + CcExitLib HobLib + LocalApicLib MemoryAllocationLib + PeCoffGetEntryPointLib + PrintLib + SerialPortLib SynchronizationLib - CcExitLib [Pcd] gEfiMdeModulePkgTokenSpaceGuid.PcdCpuStackGuard# CONSUMES diff --git a/UefiCpuPkg/Library/CpuExceptionHandlerLib/SecPeiCpuExceptionHandlerLib.inf b/UefiCpuPkg/Library/CpuExceptionHandlerLib/SecPeiCpuExceptionHandlerLib.inf index e7b1144f69..f8e597d86d 100644 --- a/UefiCpuPkg/Library/CpuExceptionHandlerLib/SecPeiCpuExceptionHandlerLib.inf +++ b/UefiCpuPkg/Library/CpuExceptionHandlerLib/SecPeiCpuExceptionHandlerLib.inf @@ -22,15 +22,15 @@ [Defines] # [Sources.Ia32] - Ia32/ExceptionHandlerAsm.nasm - Ia32/ExceptionTssEntryAsm.nasm Ia32/ArchExceptionHandler.c Ia32/ArchInterruptDefs.h + Ia32/ExceptionHandlerAsm.nasm + Ia32/ExceptionTssEntryAsm.nasm [Sources.X64] - X64/SecPeiExceptionHandlerAsm.nasm X64/ArchExceptionHandler.c X64/ArchInterruptDefs.h + X64/SecPeiExceptionHandlerAsm.nasm [Sources.common] CpuExceptionCommon.h @@ -44,11 +44,11 @@ [Packages] [LibraryClasses] BaseLib - SerialPortLib - PrintLib + CcExitLib LocalApicLib PeCoffGetEntryPointLib - CcExitLib + PrintLib + SerialPortLib [Pcd] gEfiMdeModulePkgTokenSpaceGuid.PcdCpuStackGuard diff --git a/UefiCpuPkg/Library/CpuExceptionHandlerLib/SmmCpuExceptionHandlerLib.inf b/UefiCpuPkg/Library/CpuExceptionHandlerLib/SmmCpuExceptionHandlerLib.inf index 27f0b96fa9..cc280a6ee7 100644 --- a/UefiCpuPkg/Library/CpuExceptionHandlerLib/SmmCpuExceptionHandlerLib.inf +++ b/UefiCpuPkg/Library/CpuExceptionHandlerLib/SmmCpuExceptionHandlerLib.inf @@ -22,15 +22,15 @@ [Defines] # [Sources.Ia32] - Ia32/ExceptionHandlerAsm.nasm - Ia32/ExceptionTssEntryAsm.nasm Ia32/ArchExceptionHandler.c Ia32/ArchInterruptDefs.h + Ia32/ExceptionHandlerAsm.nasm + Ia32/ExceptionTssEntryAsm.nasm [Sources.X64] - X64/ExceptionHandlerAsm.nasm X64/ArchExceptionHandler.c X64/ArchInterruptDefs.h + X64/ExceptionHandlerAsm.nasm [Sources.common] CpuExceptionCommon.h @@ -45,13 +45,13 @@ [Packages] [LibraryClasses] BaseLib - SerialPortLib - PrintLib - SynchronizationLib + CcExitLib + DebugLib Loca
[edk2-devel] [PATCH v3 01/13] UefiCpuPkg/CpuTimerLib: Reorder the INF file alphabetically
Some of the order is not in alphabetical, reorder. BZ: https://bugzilla.tianocore.org/show_bug.cgi?id=4726 Cc: Ray Ni Cc: Rahul Kumar Cc: Gerd Hoffmann Signed-off-by: Chao Li Acked-by: Gerd Hoffmann Reviewed-by: Ray Ni --- UefiCpuPkg/Library/CpuTimerLib/BaseCpuTimerLib.inf | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/UefiCpuPkg/Library/CpuTimerLib/BaseCpuTimerLib.inf b/UefiCpuPkg/Library/CpuTimerLib/BaseCpuTimerLib.inf index de0648de91..f0f4ae902a 100644 --- a/UefiCpuPkg/Library/CpuTimerLib/BaseCpuTimerLib.inf +++ b/UefiCpuPkg/Library/CpuTimerLib/BaseCpuTimerLib.inf @@ -28,8 +28,8 @@ [Packages] [LibraryClasses] BaseLib - PcdLib DebugLib + PcdLib [Pcd] gUefiCpuPkgTokenSpaceGuid.PcdCpuCoreCrystalClockFrequency ## CONSUMES -- 2.27.0 -=-=-=-=-=-=-=-=-=-=-=- Groups.io Links: You receive all messages sent to this group. View/Reply Online (#117648): https://edk2.groups.io/g/devel/message/117648 Mute This Topic: https://groups.io/mt/105478487/21656 Group Owner: devel+ow...@edk2.groups.io Unsubscribe: https://edk2.groups.io/g/devel/unsub [arch...@mail-archive.com] -=-=-=-=-=-=-=-=-=-=-=-
[edk2-devel] [PATCH v3 00/13] Part 2 patch set to add LoongArch support into UefiCpuPkg
This patch set adjusted some order in UefiCpuPig alphabetically, added LoongArch libraries and drivers into UefiCpuPkg, it is a continuation of the first patch series v8 submitted at https://edk2.groups.io/g/devel/message/114526. And also separated from https://edk2.groups.io/g/devel/message/116583. This series only contents the changes for UefiCpuPkg. Patch1-Patch4: Reorder some INF files located in UefiCpuPkg alphabetically. Patch5-Patch13: Added Timer, CpuMmuLib, CpuMmuInitLib, MpInitLib, CpuDxe for LoongArch, and added some PCD and header files requested by the above libraries and drivers. Modfied modules: UefiCpuPkg BZ: https://bugzilla.tianocore.org/show_bug.cgi?id=4726 BZ: https://bugzilla.tianocore.org/show_bug.cgi?id=4734 PR: https://github.com/tianocore/edk2/pull/5483 V1 -> V2: 1. Removed PcdCpuMmuIsEnabled. 2. Removed API GetMemoryRegionAttributes API as it is no longer needed. 3. Patch3, added two empty line in DXE and PEI INF files. 4. Patch5, added the Status check in GetTimeInnanoSecond function. 5. Separated into two series, this is series one, and the second one is OvmfPkg. V2 -> V3: 1. Remove CpuMmuInitLib. 2. Added a new GUID HOB named PROCESSOR_RESOURCE_HOG_GUID. 3. Following Ray suggest, adjust CpuMmuLib API, rename the API name. 4. Rename the PcdCpuExceptionVectorBaseAddress to PcdLoongArch64ExceptionVectorBaseAddress. 5. Enable CpuMmio2Dxe in LoongArch. Cc: Ray Ni Cc: Rahul Kumar Cc: Gerd Hoffmann Cc: Sami Mujawar Cc: Sunil V L Cc: Bibo Mao Cc: Dongyan Qian Chao Li (13): UefiCpuPkg/CpuTimerLib: Reorder the INF file alphabetically UefiCpuPkg/CpuExceptionHandlerLib: Reorder the INF files alphabetically UefiCpuPkg/MpInitLib: Reorder the INF files alphabetically UefiCpuPkg/CpuDxe: Reorder the INF file alphabetically UefiCpuPkg: Add LoongArch64 CPU Timer instance UefiCpuPkg: Add CPU exception library for LoongArch UefiCpuPkg: Add CpuMmuLib.h to UefiCpuPkg UefiCpuPkg: Added a new PCD named PcdLoongArchExceptionVectorBaseAddress UefiCpuPkg: Add CpuMmuLib to UefiCpuPkg UefiCpuPkg: Add a new GUID to store the processors resource UefiCpuPkg: Add multiprocessor library for LoongArch64 UefiCpuPkg: Add CpuDxe driver for LoongArch64 UefiCpuPkg/UefiCpuPkg.dsc: Add CpuMmio2Dxe.inf to LoongArch64 field UefiCpuPkg/CpuDxe/CpuDxe.inf | 39 +- UefiCpuPkg/CpuDxe/LoongArch64/CpuDxe.c| 439 + UefiCpuPkg/CpuDxe/LoongArch64/CpuDxe.h| 288 +++ UefiCpuPkg/CpuDxe/LoongArch64/CpuMp.c | 544 ++ UefiCpuPkg/CpuDxe/LoongArch64/Exception.c | 159 ++ .../Include/Guid/ProcessorResourceHob.h | 29 + UefiCpuPkg/Include/Library/CpuMmuLib.h| 41 + .../DxeCpuExceptionHandlerLib.inf | 37 +- .../LoongArch/DxeExceptionLib.c | 198 ++ .../LoongArch/ExceptionCommon.c | 171 ++ .../LoongArch/ExceptionCommon.h | 131 ++ .../LoongArch64/ArchExceptionHandler.c| 268 +++ .../LoongArch64/ExceptionHandlerAsm.S | 366 .../LoongArch/SecPeiExceptionLib.c| 102 ++ .../PeiCpuExceptionHandlerLib.inf | 16 +- .../SecPeiCpuExceptionHandlerLib.inf | 31 +- .../SmmCpuExceptionHandlerLib.inf | 16 +- UefiCpuPkg/Library/CpuMmuLib/CpuMmuLib.inf| 39 + UefiCpuPkg/Library/CpuMmuLib/CpuMmuLib.uni| 14 + .../Library/CpuMmuLib/LoongArch64/CpuMmu.c| 785 .../Library/CpuMmuLib/LoongArch64/Page.h | 33 + .../LoongArch64/TlbExceptionHandle.S | 51 + .../LoongArch64/TlbExceptionHandle.h | 36 + .../CpuMmuLib/LoongArch64/TlbInvalid.S| 24 + .../CpuMmuLib/LoongArch64/TlbInvalid.h| 24 + .../Library/CpuTimerLib/BaseCpuTimerLib.inf | 17 +- .../CpuTimerLib/LoongArch64/CpuTimerLib.c | 250 +++ UefiCpuPkg/Library/MpInitLib/DxeMpInitLib.inf | 42 +- .../Library/MpInitLib/LoongArch64/DxeMpLib.c | 480 + .../Library/MpInitLib/LoongArch64/MpLib.c | 1626 + .../Library/MpInitLib/LoongArch64/MpLib.h | 350 .../Library/MpInitLib/LoongArch64/PeiMpLib.c | 381 UefiCpuPkg/Library/MpInitLib/PeiMpInitLib.inf | 40 +- UefiCpuPkg/UefiCpuPkg.dec | 13 + UefiCpuPkg/UefiCpuPkg.dsc |7 + 35 files changed, 7008 insertions(+), 79 deletions(-) create mode 100644 UefiCpuPkg/CpuDxe/LoongArch64/CpuDxe.c create mode 100644 UefiCpuPkg/CpuDxe/LoongArch64/CpuDxe.h create mode 100644 UefiCpuPkg/CpuDxe/LoongArch64/CpuMp.c create mode 100644 UefiCpuPkg/CpuDxe/LoongArch64/Exception.c create mode 100644 UefiCpuPkg/Include/Guid/ProcessorResourceHob.h create mode 100644 UefiCpuPkg/Include/Library/CpuMmuLib.h create mode 100644 UefiCpuPkg/Library/CpuExceptionHandlerLib/LoongArch/DxeExceptionLib.c create mode 100644 UefiCpuPkg/Library/CpuExceptionHandlerLib/LoongArch/ExceptionCommon.c create mode 100644 UefiCpuPkg/Library/CpuExceptionHandlerLib/LoongArch/
[edk2-devel] [PATCH v3 00/13] Part 2 patch set to add LoongArch support into UefiCpuPkg
This patch set adjusted some order in UefiCpuPig alphabetically, added LoongArch libraries and drivers into UefiCpuPkg, it is a continuation of the first patch series v8 submitted at https://edk2.groups.io/g/devel/message/114526. And also separated from https://edk2.groups.io/g/devel/message/116583. This series only contents the changes for UefiCpuPkg. Patch1-Patch4: Reorder some INF files located in UefiCpuPkg alphabetically. Patch5-Patch13: Added Timer, CpuMmuLib, CpuMmuInitLib, MpInitLib, CpuDxe for LoongArch, and added some PCD and header files requested by the above libraries and drivers. Modfied modules: UefiCpuPkg BZ: https://bugzilla.tianocore.org/show_bug.cgi?id=4726 BZ: https://bugzilla.tianocore.org/show_bug.cgi?id=4734 PR: https://github.com/tianocore/edk2/pull/5483 V1 -> V2: 1. Removed PcdCpuMmuIsEnabled. 2. Removed API GetMemoryRegionAttributes API as it is no longer needed. 3. Patch3, added two empty line in DXE and PEI INF files. 4. Patch5, added the Status check in GetTimeInnanoSecond function. 5. Separated into two series, this is series one, and the second one is OvmfPkg. V2 -> V3: 1. Remove CpuMmuInitLib. 2. Added a new GUID HOB named PROCESSOR_RESOURCE_HOG_GUID. 3. Following Ray suggest, adjust CpuMmuLib API, rename the API name. 4. Rename the PcdCpuExceptionVectorBaseAddress to PcdLoongArch64ExceptionVectorBaseAddress. 5. Enable CpuMmio2Dxe in LoongArch. Chao Li (13): UefiCpuPkg/CpuTimerLib: Reorder the INF file alphabetically UefiCpuPkg/CpuExceptionHandlerLib: Reorder the INF files alphabetically UefiCpuPkg/MpInitLib: Reorder the INF files alphabetically UefiCpuPkg/CpuDxe: Reorder the INF file alphabetically UefiCpuPkg: Add LoongArch64 CPU Timer instance UefiCpuPkg: Add CPU exception library for LoongArch UefiCpuPkg: Add CpuMmuLib.h to UefiCpuPkg UefiCpuPkg: Added a new PCD named PcdLoongArchExceptionVectorBaseAddress UefiCpuPkg: Add CpuMmuLib to UefiCpuPkg UefiCpuPkg: Add a new GUID to store the processors resource UefiCpuPkg: Add multiprocessor library for LoongArch64 UefiCpuPkg: Add CpuDxe driver for LoongArch64 UefiCpuPkg/UefiCpuPkg.dsc: Add CpuMmio2Dxe.inf to LoongArch64 field UefiCpuPkg/CpuDxe/CpuDxe.inf | 39 +- UefiCpuPkg/CpuDxe/LoongArch64/CpuDxe.c| 439 + UefiCpuPkg/CpuDxe/LoongArch64/CpuDxe.h| 288 +++ UefiCpuPkg/CpuDxe/LoongArch64/CpuMp.c | 544 ++ UefiCpuPkg/CpuDxe/LoongArch64/Exception.c | 159 ++ .../Include/Guid/ProcessorResourceHob.h | 29 + UefiCpuPkg/Include/Library/CpuMmuLib.h| 41 + .../DxeCpuExceptionHandlerLib.inf | 37 +- .../LoongArch/DxeExceptionLib.c | 198 ++ .../LoongArch/ExceptionCommon.c | 171 ++ .../LoongArch/ExceptionCommon.h | 131 ++ .../LoongArch64/ArchExceptionHandler.c| 268 +++ .../LoongArch64/ExceptionHandlerAsm.S | 366 .../LoongArch/SecPeiExceptionLib.c| 102 ++ .../PeiCpuExceptionHandlerLib.inf | 16 +- .../SecPeiCpuExceptionHandlerLib.inf | 31 +- .../SmmCpuExceptionHandlerLib.inf | 16 +- UefiCpuPkg/Library/CpuMmuLib/CpuMmuLib.inf| 39 + UefiCpuPkg/Library/CpuMmuLib/CpuMmuLib.uni| 14 + .../Library/CpuMmuLib/LoongArch64/CpuMmu.c| 785 .../Library/CpuMmuLib/LoongArch64/Page.h | 33 + .../LoongArch64/TlbExceptionHandle.S | 51 + .../LoongArch64/TlbExceptionHandle.h | 36 + .../CpuMmuLib/LoongArch64/TlbInvalid.S| 24 + .../CpuMmuLib/LoongArch64/TlbInvalid.h| 24 + .../Library/CpuTimerLib/BaseCpuTimerLib.inf | 17 +- .../CpuTimerLib/LoongArch64/CpuTimerLib.c | 250 +++ UefiCpuPkg/Library/MpInitLib/DxeMpInitLib.inf | 42 +- .../Library/MpInitLib/LoongArch64/DxeMpLib.c | 480 + .../Library/MpInitLib/LoongArch64/MpLib.c | 1626 + .../Library/MpInitLib/LoongArch64/MpLib.h | 350 .../Library/MpInitLib/LoongArch64/PeiMpLib.c | 381 UefiCpuPkg/Library/MpInitLib/PeiMpInitLib.inf | 40 +- UefiCpuPkg/UefiCpuPkg.dec | 13 + UefiCpuPkg/UefiCpuPkg.dsc |7 + 35 files changed, 7008 insertions(+), 79 deletions(-) create mode 100644 UefiCpuPkg/CpuDxe/LoongArch64/CpuDxe.c create mode 100644 UefiCpuPkg/CpuDxe/LoongArch64/CpuDxe.h create mode 100644 UefiCpuPkg/CpuDxe/LoongArch64/CpuMp.c create mode 100644 UefiCpuPkg/CpuDxe/LoongArch64/Exception.c create mode 100644 UefiCpuPkg/Include/Guid/ProcessorResourceHob.h create mode 100644 UefiCpuPkg/Include/Library/CpuMmuLib.h create mode 100644 UefiCpuPkg/Library/CpuExceptionHandlerLib/LoongArch/DxeExceptionLib.c create mode 100644 UefiCpuPkg/Library/CpuExceptionHandlerLib/LoongArch/ExceptionCommon.c create mode 100644 UefiCpuPkg/Library/CpuExceptionHandlerLib/LoongArch/ExceptionCommon.h create mode 100644 UefiCpuPkg/Library/CpuExceptionHandlerLib/LoongArch/LoongArch64/ArchExcepti
[edk2-devel] [PATCH v2 1/1] SecurityPkg/Tcg2Config: Hide BIOS unsupported hash algorithm from UI
REF: https://bugzilla.tianocore.org/show_bug.cgi?id=4731 TCG2 configuration UI shows all the hash algorithms that TPM hardware supports in the checkbox. If user only selects one algorithm that is supported by TPM hardware but not supported by BIOS and uncheck the others, the SyncPcrAllocationsAndPcrMask in Tcg2Pei will not be able to decide a viable PCR to activate, then an assert occurs. Add check against PcdTcg2HashAlgorithmBitmap when deciding whether to suppress the hash algorithm checkbox to avoid user to select the hash algorithm which may cause an assert. Cc: Rahul Kumar Cc: Jiewen Yao Signed-off-by: Wei6 Xu Reviewed-by: Rahul Kumar --- SecurityPkg/Tcg/Tcg2Config/Tcg2ConfigImpl.c | 61 ++--- 1 file changed, 41 insertions(+), 20 deletions(-) diff --git a/SecurityPkg/Tcg/Tcg2Config/Tcg2ConfigImpl.c b/SecurityPkg/Tcg/Tcg2Config/Tcg2ConfigImpl.c index 6eb04c014448..aec7a903cf89 100644 --- a/SecurityPkg/Tcg/Tcg2Config/Tcg2ConfigImpl.c +++ b/SecurityPkg/Tcg/Tcg2Config/Tcg2ConfigImpl.c @@ -722,33 +722,50 @@ FillBufferWithBootHashAlg ( } /** - Set ConfigInfo according to TpmAlgHash. + Set ConfigInfo according to TpmAlgHash and Tcg2HashAlgBitmap. @param[in,out] Tcg2ConfigInfo TCG2 config info. @param[in] TpmAlgHash TpmAlgHash. + @param[in] Tcg2HashAlgBitmapTCG2 Hash Algorithm Bitmap. **/ VOID SetConfigInfo ( IN OUT TCG2_CONFIGURATION_INFO *Tcg2ConfigInfo, - IN UINT32 TpmAlgHash + IN UINT32 TpmAlgHash, + IN UINT32 Tcg2HashAlgBitmap ) { switch (TpmAlgHash) { case TPM_ALG_SHA1: - Tcg2ConfigInfo->Sha1Supported = TRUE; + if ((Tcg2HashAlgBitmap & HASH_ALG_SHA1) != 0) { +Tcg2ConfigInfo->Sha1Supported = TRUE; + } + break; case TPM_ALG_SHA256: - Tcg2ConfigInfo->Sha256Supported = TRUE; + if ((Tcg2HashAlgBitmap & HASH_ALG_SHA256) != 0) { +Tcg2ConfigInfo->Sha256Supported = TRUE; + } + break; case TPM_ALG_SHA384: - Tcg2ConfigInfo->Sha384Supported = TRUE; + if ((Tcg2HashAlgBitmap & HASH_ALG_SHA384) != 0) { +Tcg2ConfigInfo->Sha384Supported = TRUE; + } + break; case TPM_ALG_SHA512: - Tcg2ConfigInfo->Sha512Supported = TRUE; + if ((Tcg2HashAlgBitmap & HASH_ALG_SHA512) != 0) { +Tcg2ConfigInfo->Sha512Supported = TRUE; + } + break; case TPM_ALG_SM3_256: - Tcg2ConfigInfo->Sm3Supported = TRUE; + if ((Tcg2HashAlgBitmap & HASH_ALG_SM3_256) != 0) { +Tcg2ConfigInfo->Sm3Supported = TRUE; + } + break; } } @@ -809,16 +826,17 @@ InstallTcg2ConfigForm ( IN OUT TCG2_CONFIG_PRIVATE_DATA *PrivateData ) { - EFI_STATUS Status; - EFI_HII_HANDLE HiiHandle; - EFI_HANDLE DriverHandle; - EFI_HII_CONFIG_ACCESS_PROTOCOL *ConfigAccess; - UINTN Index; - TPML_PCR_SELECTION Pcrs; - CHAR16 TempBuffer[1024]; - TCG2_CONFIGURATION_INFO Tcg2ConfigInfo; - TPM2_PTP_INTERFACE_TYPE TpmDeviceInterfaceDetected; - BOOLEAN IsCmdImp = FALSE; + EFI_STATUS Status; + EFI_HII_HANDLE HiiHandle; + EFI_HANDLE DriverHandle; + EFI_HII_CONFIG_ACCESS_PROTOCOL *ConfigAccess; + UINTNIndex; + TPML_PCR_SELECTION Pcrs; + CHAR16 TempBuffer[1024]; + TCG2_CONFIGURATION_INFO Tcg2ConfigInfo; + TPM2_PTP_INTERFACE_TYPE TpmDeviceInterfaceDetected; + BOOLEAN IsCmdImp; + EFI_TCG2_EVENT_ALGORITHM_BITMAP Tcg2HashAlgorithmBitmap; DriverHandle = NULL; ConfigAccess = &PrivateData->ConfigAccess; @@ -879,6 +897,8 @@ InstallTcg2ConfigForm ( break; } + Tcg2HashAlgorithmBitmap = PcdGet32 (PcdTcg2HashAlgorithmBitmap); + ZeroMem (&Tcg2ConfigInfo, sizeof (Tcg2ConfigInfo)); Status = Tpm2GetCapabilityPcrs (&Pcrs); if (EFI_ERROR (Status)) { @@ -897,20 +917,21 @@ InstallTcg2ConfigForm ( TempBuffer[0] = 0; for (Index = 0; Index < Pcrs.count; Index++) { AppendBufferWithTpmAlgHash (TempBuffer, sizeof (TempBuffer), Pcrs.pcrSelections[Index].hash); - SetConfigInfo (&Tcg2ConfigInfo, Pcrs.pcrSelections[Index].hash); + SetConfigInfo (&Tcg2ConfigInfo, Pcrs.pcrSelections[Index].hash, Tcg2HashAlgorithmBitmap); } HiiSetString (PrivateData->HiiHandle, STRING_TOKEN (STR_TPM2_SUPPORTED_HASH_ALGO_CONTENT), TempBuffer, NULL); } - Status = Tpm2GetCapabilityIsCommandImplemented (TPM_CC_ChangeEPS, &IsCmdImp); + IsCmdImp = FALSE; + Status = Tpm2GetCapabilityIsCommandImplemented (TPM_CC_ChangeEPS, &IsCmdImp); if (EFI_ERROR (Status)) { DEBUG ((DEBUG_ERROR, "Tpm2GetCapabilityIsCmdImpl fails %r\n", Status)); } Tcg2ConfigInfo.ChangeEPSSupported = IsCm
[edk2-devel] [PATCH v2 0/1] SecurityPkg/Tcg2Config: Hide BIOS unsupported hash algorithm from UI
REF: https://bugzilla.tianocore.org/show_bug.cgi?id=4731 V1: The patch is to hide BIOS unsupported hash algorithm from UI to avoid user to the select wrong hash algorithm which may cause an assert. V2: Rename BiosHashAlgBitmap to Tcg2HashAlgBitmap to avoid confusion. Beacuse it not legacy BIOS related. Cc: Rahul Kumar Cc: Jiewen Yao Cc: Michael D Kinney Wei6 Xu (1): SecurityPkg/Tcg2Config: Hide BIOS unsupported hash algorithm from UI SecurityPkg/Tcg/Tcg2Config/Tcg2ConfigImpl.c | 61 ++--- 1 file changed, 41 insertions(+), 20 deletions(-) -- 2.29.2.windows.2 -=-=-=-=-=-=-=-=-=-=-=- Groups.io Links: You receive all messages sent to this group. View/Reply Online (#117644): https://edk2.groups.io/g/devel/message/117644 Mute This Topic: https://groups.io/mt/105478365/21656 Group Owner: devel+ow...@edk2.groups.io Unsubscribe: https://edk2.groups.io/g/devel/unsub [arch...@mail-archive.com] -=-=-=-=-=-=-=-=-=-=-=-
Re: [edk2-devel] [PATCH v3] SecurityPkg/OpalPasswordDxe: Update UI according to UEFI spec
Hi Jiewen, As you comment, I'll split them into two patch and upload later. And here is the test I've done for the patch. 1. Enter and exit Opal setup main menu and sub-menu disk info page, and make sure no latency issue is observed. 2. Set password for Opal device and check boot successfully when unlock device with correct password. 3. Set password for Opal device and check system would force to shutdown when unlock device with incorrect password and retry count exceeds the limit. Thanks, Cindy Kuo -Original Message- From: Yao, Jiewen Sent: Friday, April 12, 2024 12:06 PM To: Chen, Tina ; Bi, Dandan ; Kuo, CindyX ; devel@edk2.groups.io Cc: Kumar, Rahul R ; Tan, Ming ; Chen, Arthur G ; Chen, Xiao X Subject: RE: [PATCH v3] SecurityPkg/OpalPasswordDxe: Update UI according to UEFI spec Thanks to explain the background to me. I appreciate that. Also I trust Dandan's judgement as the UI expert. But my question remains: Are 2 and 3 related to UEFI spec update? IMHO, they are NOT required if we just want to do update for UEFI spec. If it is such case, please file a new issue, or split them into different patch. In each patch, please explain as clear as possible, on why it is needed. That will help reviewer or maintainer to have better understanding. Last but not least, please describe what test you have done for the patch. Thank you Yao, Jiewen > -Original Message- > From: Chen, Tina > Sent: Friday, April 12, 2024 11:25 AM > To: Yao, Jiewen ; Bi, Dandan > ; Kuo, CindyX ; > devel@edk2.groups.io > Cc: Kumar, Rahul R ; Tan, Ming > ; Chen, Arthur G ; Chen, > Xiao X > Subject: RE: [PATCH v3] SecurityPkg/OpalPasswordDxe: Update UI > according to UEFI spec > > Hi JieWen, > > For opalHii current design, it will display all NVME disks when the > user enters TCG Drive Management dynamically. > Also, the related disk info form will be created along with the disks. > These actions will call get/set browser to refresh the display. > To meet UEFI 2.9 spec, a latency issue will be observed if the browser > action changes from ACTION_FORM_OPEN to ACTION_RETRIEVE due to the > current Hii browser design flow. > The NVNE disks will not be able to display when the user enters the formset. > (Revisit the formset can see the update.) After discussing with > Dandan, came up with a solution to force reparsing the IFR binary when > RETRIEVE. > That's why it needs to have additional changes besides changing the > execute action only. > Thanks. > > Sincerely, > Tina > > -Original Message- > From: Yao, Jiewen > Sent: Thursday, April 11, 2024 23:45 > To: Bi, Dandan ; Kuo, CindyX > ; devel@edk2.groups.io > Cc: Kumar, Rahul R ; Tan, Ming > ; Chen, Arthur G ; Chen, > Xiao X ; Chen, Tina > Subject: RE: [PATCH v3] SecurityPkg/OpalPasswordDxe: Update UI > according to UEFI spec > > Hi > It seems this patch adds more change than just "update UI according to > UEFI spec". > > Please help me understand why we need below 2 and 3. Are you required > for UEFI spec update? > > > 2. Create dummy label with suppressif statement in VFR for form update > > usage. > > 3. Add HiiUpdateForm() to force reparsing the IFR binary. > > Thank you > Yao, Jiewen > > > > -Original Message- > > From: Bi, Dandan > > Sent: Thursday, April 11, 2024 7:15 PM > > To: Kuo, CindyX ; devel@edk2.groups.io > > Cc: Yao, Jiewen ; Kumar, Rahul R > > ; Tan, Ming ; Chen, > > Arthur G ; Chen, Xiao X > > ; Chen, Tina > > Subject: RE: [PATCH v3] SecurityPkg/OpalPasswordDxe: Update UI > > according to UEFI spec > > > > Reviewed-by: Dandan Bi > > > > > > Thanks, > > Dandan > > -Original Message- > > From: Kuo, CindyX > > Sent: Thursday, April 11, 2024 11:11 AM > > To: devel@edk2.groups.io > > Cc: Kuo, CindyX ; Yao, Jiewen > > ; Kumar, Rahul R ; > > Bi, Dandan ; Tan, Ming ; > > Chen, Arthur G ; Chen, Xiao X > > ; Chen, Tina > > Subject: [PATCH v3] SecurityPkg/OpalPasswordDxe: Update UI according > > to UEFI spec > > > > REF: https://bugzilla.tianocore.org/show_bug.cgi?id=4735 > > > > Should not call HiiGetBrowserData() and HiiSetBrowserData() in > > FORM_OPEN call back function. > > Those APIs are called within > > OpalHiiSetBrowserData/OpalHiiGetBrowserData > > which have been used by OpalHii.c. > > > > 1. Change callback action from FORM_OPEN to RETRIEVE. > > 2. Create dummy label with suppressif statement in VFR for form update > > usage. > > 3. Add HiiUpdateForm() to force reparsing the IFR binary. > > > > Cc: Jiewen Yao > > Cc: Rahul Kumar > > Cc: Dandan Bi > > Cc: Ming Tan > > Cc: Arthur Chen > > Cc: Xiao X Chen > > Cc: Tina Chen > > Signed-off-by: CindyX Kuo > > --- > > .../Tcg/Opal/OpalPassword/OpalDriver.h| 1 + > > SecurityPkg/Tcg/Opal/OpalPassword/OpalHii.c | 84 --- > > .../Tcg/Opal/OpalPassword/OpalHiiFormValues.h | 6 > > ++ .../Tcg/Opal/OpalPassword/OpalPasswordDxe.inf | 1 + > > .../Opal/OpalPassword/OpalPasswordForm.vfr| 8 +- >