2016-07-20 16:44:39 +02:00
;------------------------------------------------------------------------------ ;
2019-08-01 11:58:24 +02:00
; Copyright (c) 2015 - 2019, Intel Corporation. All rights reserved.<BR>
2019-04-04 01:07:22 +02:00
; SPDX-License-Identifier: BSD-2-Clause-Patent
2016-07-20 16:44:39 +02:00
; Module Name:
; MpFuncs.nasm
; Abstract:
; This is the assembly code for MP support
%include "MpEqu.inc"
extern ASM_PFX(InitializeFloatingPointUnits)
;RendezvousFunnelProc procedure follows. All APs execute their procedure. This
;procedure serializes all the AP processors through an Init sequence. It must be
;noted that APs arrive here very raw...ie: real mode, no stack.
global ASM_PFX(RendezvousFunnelProc)
; At this point CS = 0x(vv00) and ip= 0x0.
; Save BIST information to ebp firstly
mov ebp, eax ; Save BIST information
mov ax, cs
mov ds, ax
mov es, ax
mov ss, ax
xor ax, ax
mov fs, ax
mov gs, ax
mov si, BufferStartLocation
mov ebx, [si]
2017-12-29 02:12:54 +01:00
mov si, DataSegmentLocation
mov edx, [si]
; Get start address of 32-bit code in low memory (<1MB)
mov edi, ModeTransitionMemoryLocation
2016-07-20 16:44:39 +02:00
mov si, GdtrLocation
o32 lgdt [cs:si]
mov si, IdtrLocation
o32 lidt [cs:si]
2017-12-29 02:12:54 +01:00
; Switch to protected mode
mov eax, cr0 ; Get control register 0
or eax, 000000003h ; Set PE bit (bit #0) & MP
mov cr0, eax
; Switch to 32-bit code (>1MB)
o32 jmp far [cs:di]
; Following code must be copied to memory with type of EfiBootServicesCode.
; This is required if NX is enabled for EfiBootServicesCode of memory.
Flat32Start: ; protected mode entry point
mov ds, dx
mov es, dx
mov fs, dx
mov gs, dx
mov ss, dx
2016-07-29 15:13:34 +02:00
; Enable execute disable bit
2017-12-29 02:12:54 +01:00
mov esi, EnableExecuteDisableLocation
cmp byte [ebx + esi], 0
jz SkipEnableExecuteDisableBit
2016-07-29 15:13:34 +02:00
mov ecx, 0c0000080h ; EFER MSR number
rdmsr ; Read EFER
bts eax, 11 ; Enable Execute Disable Bit
wrmsr ; Write EFER
2017-12-29 02:12:54 +01:00
; Enable PAE
2016-07-20 16:44:39 +02:00
mov eax, cr4
bts eax, 5
2019-08-01 11:58:24 +02:00
mov esi, Enable5LevelPagingLocation
cmp byte [ebx + esi], 0
jz SkipEnable5LevelPaging
; Enable 5 Level Paging
bts eax, 12 ; Set LA57=1.
2016-07-20 16:44:39 +02:00
mov cr4, eax
2017-12-29 02:12:54 +01:00
; Load page table
mov esi, Cr3Location ; Save CR3 in ecx
mov ecx, [ebx + esi]
2016-07-20 16:44:39 +02:00
mov cr3, ecx ; Load CR3
2017-12-29 02:12:54 +01:00
; Enable long mode
2016-07-20 16:44:39 +02:00
mov ecx, 0c0000080h ; EFER MSR number
rdmsr ; Read EFER
bts eax, 8 ; Set LME=1
wrmsr ; Write EFER
2017-12-29 02:12:54 +01:00
; Enable paging
2016-07-20 16:44:39 +02:00
mov eax, cr0 ; Read CR0
bts eax, 31 ; Set PG=1
mov cr0, eax ; Write CR0
2017-12-29 02:12:54 +01:00
; Far jump to 64-bit code
mov edi, ModeHighMemoryLocation
add edi, ebx
jmp far [edi]
2016-07-20 16:44:39 +02:00
2016-11-14 04:38:25 +01:00
mov esi, ebx
lea edi, [esi + InitFlagLocation]
cmp qword [edi], 1 ; ApInitConfig
jnz GetApicId
2017-10-23 09:02:36 +02:00
; Increment the number of APs executing here as early as possible
; This is decremented in C code when AP is finished executing
mov edi, esi
add edi, NumApsExecutingLocation
lock inc dword [edi]
2016-11-14 04:38:25 +01:00
; AP init
2016-07-20 16:44:39 +02:00
mov edi, esi
add edi, LockLocation
mov rax, NotVacantFlag
xchg qword [edi], rax
cmp rax, NotVacantFlag
jz TestLock
2017-10-23 08:45:44 +02:00
lea ecx, [esi + ApIndexLocation]
2016-11-14 04:38:25 +01:00
inc dword [ecx]
mov ebx, [ecx]
2016-07-20 16:44:39 +02:00
2016-11-14 04:38:25 +01:00
mov rax, VacantFlag
xchg qword [edi], rax
; program stack
2016-07-20 16:44:39 +02:00
mov edi, esi
add edi, StackSizeLocation
2016-11-14 04:38:25 +01:00
mov eax, dword [edi]
mov ecx, ebx
inc ecx
mul ecx ; EAX = StackSize * (CpuNumber + 1)
2016-07-20 16:44:39 +02:00
mov edi, esi
add edi, StackStartAddressLocation
add rax, qword [edi]
mov rsp, rax
2016-11-14 04:38:25 +01:00
jmp CProcedureInvoke
mov eax, 0
cmp eax, 0bh
UefiCpuPkg/MpInitLib: fix feature test for Extended Topology CPUID leaf
According to the Intel SDM (325462-060US / September 2016),
> INPUT EAX = 0BH: Returns Extended Topology Information
> [...] Software must detect the presence of CPUID leaf 0BH by verifying
> (a) the highest leaf index supported by CPUID is >= 0BH, and
> (b) CPUID.0BH:EBX[15:0] reports a non-zero value. [...]
The "GetApicId" sections in the Ia32 and X64 "MpFuncs.nasm" files do not
perform check (b).
This causes an actual bug in the following OVMF setup:
- Intel W3550 host processor <http://ark.intel.com/products/39720/>,
- the QEMU/KVM guest's VCPU model is set to "host", that is, "the CPU
visible to the guest should be exactly the same as the host CPU".
Under "GetApicId", check (a) passes: the CPUID level of the W3550 is
exactly 11 decimal. However, leaf 11 itself is not supported, therefore
EDX is set to zero:
> If a value entered for CPUID.EAX is less than or equal to the maximum
> input value and the leaf is not supported on that processor then 0 is
> returned in all the registers.
Because we don't check (b), the "GetProcessorNumber" section of the code
is reached with an initial APIC ID of 0 in EDX on all of the APs. Given
that "GetProcessorNumber" searches the
"MP_CPU_EXCHANGE_INFO.CpuInfo[*].InitialApicId" fields for a match, all
APs enter ApWakeupFunction() with an identical "NumApsExecuting"
parameter. This results in unpredictable guest behavior (crashes, reboots,
hangs etc).
Reorganize the "GetApicId" section and add the missing check in both
assembly files.
Cc: Jeff Fan <jeff.fan@intel.com>
Contributed-under: TianoCore Contribution Agreement 1.0
Signed-off-by: Laszlo Ersek <lersek@redhat.com>
Reviewed-by: Jeff Fan <jeff.fan@intel.com>
2016-11-22 13:58:54 +01:00
mov eax, 0bh
xor ecx, ecx
test ebx, 0ffffh
jz NoX2Apic ; CPUID.0BH:EBX[15:0] is zero
; Processor is x2APIC capable; 32-bit x2APIC ID is already in EDX
jmp GetProcessorNumber
2016-11-14 04:38:25 +01:00
; Processor is not x2APIC capable, so get 8-bit APIC ID
mov eax, 1
shr ebx, 24
mov edx, ebx
; Get processor number for this AP
; Note that BSP may become an AP due to SwitchBsp()
xor ebx, ebx
lea eax, [esi + CpuInfoLocation]
mov edi, [eax]
2016-07-20 16:44:39 +02:00
2016-11-14 04:38:25 +01:00
cmp dword [edi], edx ; APIC ID match?
jz ProgramStack
UefiCpuPkg/MpInitLib: support 64-bit AP stack addresses
The cached "CPU_INFO_IN_HOB.ApTopOfStack" field currently has type UINT32.
This is not ideal because the AP stacks are located within
"CpuMpData->Buffer", which is allocated with a plain AllocatePages() call
in MpInitLibInitialize():
platform CpuMpPei included PEI RAM > 4GB result
-------- ----------------- ------------- ------
Ia32 * n/a good
Ia32X64 no n/a BAD
Ia32X64 yes n/a good
X64 no * BAD
X64 yes no good
X64 yes yes BAD
- If we are on an Ia32X64 or X64 platform that does not include CpuMpPei,
then CpuDxe cannot reuse the CPU_INFO_IN_HOB structures preallocated by
CpuMpPei (through the CpuInitMpLib GUID HOB), and then AllocatePages()
-- invoked first in 64-bit DXE -- could return an address outside of
32-bit address space.
- If we are on an X64 platform where the permanent PEI RAM extends above
the 32-bit address space, then the same issue can surface even if
CpuMpPei is included: even the original allocation of the
CPU_INFO_IN_HOB structures, by CpuMpPei, could be satisfied from above
The original "AP init" branch in "X64/MpFuncs.nasm" correctly considers a
64-bit stack start: the "MP_CPU_EXCHANGE_INFO.StackStart" field has type
UINTN, and the code uses QWORD addition and movement to set RSP from it.
Adapt the "GetApicId" branch of "X64/MpFuncs.nasm":
- change the type of "CPU_INFO_IN_HOB.ApTopOfStack" to UINT64,
- remove the explicit truncation to UINT32 in InitializeApData(),
- update the "GetNextProcNumber" iteration size to the new size of
- set RSP with a QWORD movement from "CPU_INFO_IN_HOB.ApTopOfStack".
Because the same CPU_INFO_IN_HOB structure is used by "Ia32/MpFuncs.nasm",
we have to update the "GetNextProcNumber" iteration size there as well.
The ESP setting can be preserved as a DWORD movement from the original
offset (decimal 12), since our integers are little endian.
Cc: Jeff Fan <jeff.fan@intel.com>
Fixes: 845c5be1fd9bf7edfac4a103dfab70829686978f
Contributed-under: TianoCore Contribution Agreement 1.0
Signed-off-by: Laszlo Ersek <lersek@redhat.com>
Reviewed-by: Jeff Fan <jeff.fan@intel.com>
2016-11-16 23:31:11 +01:00
add edi, 20
2016-11-14 04:38:25 +01:00
inc ebx
2018-06-27 15:14:20 +02:00
jmp GetNextProcNumber
2016-11-14 04:38:25 +01:00
UefiCpuPkg/MpInitLib: support 64-bit AP stack addresses
The cached "CPU_INFO_IN_HOB.ApTopOfStack" field currently has type UINT32.
This is not ideal because the AP stacks are located within
"CpuMpData->Buffer", which is allocated with a plain AllocatePages() call
in MpInitLibInitialize():
platform CpuMpPei included PEI RAM > 4GB result
-------- ----------------- ------------- ------
Ia32 * n/a good
Ia32X64 no n/a BAD
Ia32X64 yes n/a good
X64 no * BAD
X64 yes no good
X64 yes yes BAD
- If we are on an Ia32X64 or X64 platform that does not include CpuMpPei,
then CpuDxe cannot reuse the CPU_INFO_IN_HOB structures preallocated by
CpuMpPei (through the CpuInitMpLib GUID HOB), and then AllocatePages()
-- invoked first in 64-bit DXE -- could return an address outside of
32-bit address space.
- If we are on an X64 platform where the permanent PEI RAM extends above
the 32-bit address space, then the same issue can surface even if
CpuMpPei is included: even the original allocation of the
CPU_INFO_IN_HOB structures, by CpuMpPei, could be satisfied from above
The original "AP init" branch in "X64/MpFuncs.nasm" correctly considers a
64-bit stack start: the "MP_CPU_EXCHANGE_INFO.StackStart" field has type
UINTN, and the code uses QWORD addition and movement to set RSP from it.
Adapt the "GetApicId" branch of "X64/MpFuncs.nasm":
- change the type of "CPU_INFO_IN_HOB.ApTopOfStack" to UINT64,
- remove the explicit truncation to UINT32 in InitializeApData(),
- update the "GetNextProcNumber" iteration size to the new size of
- set RSP with a QWORD movement from "CPU_INFO_IN_HOB.ApTopOfStack".
Because the same CPU_INFO_IN_HOB structure is used by "Ia32/MpFuncs.nasm",
we have to update the "GetNextProcNumber" iteration size there as well.
The ESP setting can be preserved as a DWORD movement from the original
offset (decimal 12), since our integers are little endian.
Cc: Jeff Fan <jeff.fan@intel.com>
Fixes: 845c5be1fd9bf7edfac4a103dfab70829686978f
Contributed-under: TianoCore Contribution Agreement 1.0
Signed-off-by: Laszlo Ersek <lersek@redhat.com>
Reviewed-by: Jeff Fan <jeff.fan@intel.com>
2016-11-16 23:31:11 +01:00
mov rsp, qword [edi + 12]
2016-07-20 16:44:39 +02:00
2016-07-29 15:08:01 +02:00
push rbp ; Push BIST data at top of AP stack
xor rbp, rbp ; Clear ebp for call stack trace
2016-07-20 16:44:39 +02:00
push rbp
mov rbp, rsp
2017-05-17 21:19:16 +02:00
mov rax, qword [esi + InitializeFloatingPointUnitsAddress]
2016-07-20 16:44:39 +02:00
sub rsp, 20h
call rax ; Call assembly function to initialize FPU per UEFI spec
add rsp, 20h
2017-10-23 08:45:44 +02:00
mov edx, ebx ; edx is ApIndex
2016-07-20 16:44:39 +02:00
mov ecx, esi
add ecx, LockLocation ; rcx is address of exchange info data buffer
mov edi, esi
add edi, ApProcedureLocation
mov rax, qword [edi]
sub rsp, 20h
2016-07-29 15:08:01 +02:00
call rax ; Invoke C function
2016-07-20 16:44:39 +02:00
add rsp, 20h
2016-07-29 15:08:01 +02:00
jmp $ ; Should never reach here
2016-07-20 16:44:39 +02:00
2016-07-20 16:47:47 +02:00
2016-11-25 06:18:57 +01:00
; AsmRelocateApLoop (MwaitSupport, ApTargetCState, PmCodeSegment, TopOfApStack, CountTofinish);
2016-07-20 16:47:47 +02:00
global ASM_PFX(AsmRelocateApLoop)
2018-03-19 06:00:13 +01:00
cli ; Disable interrupt before switching to 32-bit mode
2016-11-25 06:18:57 +01:00
mov rax, [rsp + 40] ; CountTofinish
lock dec dword [rax] ; (*CountTofinish)--
2016-11-23 14:52:24 +01:00
mov rsp, r9
2016-07-20 16:47:47 +02:00
push rcx
push rdx
lea rsi, [PmEntry] ; rsi <- The start address of transition code
push r8
push rsi
DB 0x48
mov eax, cr0
btr eax, 31 ; Clear CR0.PG
mov cr0, eax ; Disable paging and caches
mov ebx, edx ; Save EntryPoint to rbx, for rdmsr will overwrite rdx
mov ecx, 0xc0000080
and ah, ~ 1 ; Clear LME
mov eax, cr4
and al, ~ (1 << 5) ; Clear PAE
mov cr4, eax
pop edx
add esp, 4
pop ecx,
add esp, 4
cmp cl, 1 ; Check mwait-monitor support
jnz HltLoop
mov ebx, edx ; Save C-State to ebx
2018-03-19 06:00:13 +01:00
2016-07-20 16:47:47 +02:00
mov eax, esp ; Set Monitor Address
xor ecx, ecx ; ecx = 0
xor edx, edx ; edx = 0
mov eax, ebx ; Mwait Cx, Target C-State per eax[7:4]
2016-11-25 05:58:36 +01:00
shl eax, 4
2016-07-20 16:47:47 +02:00
jmp MwaitLoop
jmp HltLoop
2016-07-20 16:44:39 +02:00
; AsmGetAddressMap (&AddressMap);
global ASM_PFX(AsmGetAddressMap)
2017-05-17 21:19:16 +02:00
lea rax, [ASM_PFX(RendezvousFunnelProc)]
2016-07-20 16:44:39 +02:00
mov qword [rcx], rax
mov qword [rcx + 8h], LongModeStart - RendezvousFunnelProcStart
mov qword [rcx + 10h], RendezvousFunnelProcEnd - RendezvousFunnelProcStart
2017-05-17 21:19:16 +02:00
lea rax, [ASM_PFX(AsmRelocateApLoop)]
2016-07-20 16:56:09 +02:00
mov qword [rcx + 18h], rax
mov qword [rcx + 20h], AsmRelocateApLoopEnd - AsmRelocateApLoopStart
2017-12-29 02:12:54 +01:00
mov qword [rcx + 28h], Flat32Start - RendezvousFunnelProcStart
2016-07-20 16:44:39 +02:00
;AsmExchangeRole procedure follows. This procedure executed by current BSP, that is
2016-07-29 15:08:01 +02:00
;about to become an AP. It switches its stack with the current AP.
2016-07-20 16:44:39 +02:00
;AsmExchangeRole (IN CPU_EXCHANGE_INFO *MyInfo, IN CPU_EXCHANGE_INFO *OthersInfo);
global ASM_PFX(AsmExchangeRole)
; DO NOT call other functions in this function, since 2 CPU may use 1 stack
; at the same time. If 1 CPU try to call a function, stack will be corrupted.
push rax
push rbx
push rcx
push rdx
push rsi
push rdi
push rbp
push r8
push r9
push r10
push r11
push r12
push r13
push r14
push r15
mov rax, cr0
push rax
mov rax, cr4
push rax
; rsi contains MyInfo pointer
mov rsi, rcx
; rdi contains OthersInfo pointer
mov rdi, rdx
;Store EFLAGS, GDTR and IDTR regiter to stack
sgdt [rsi + 16]
sidt [rsi + 26]
; Store the its StackPointer
mov [rsi + 8], rsp
; update its switch state to STORED
; wait until the other CPU finish storing its state
jz OtherStored
jmp WaitForOtherStored
; Since another CPU already stored its state, load them
; load GDTR value
lgdt [rdi + 16]
; load IDTR value
lidt [rdi + 26]
; load its future StackPointer
mov rsp, [rdi + 8]
; update the other CPU's switch state to LOADED
; wait until the other CPU finish loading new state,
; otherwise the data in stack may corrupt
jz OtherLoaded
jmp WaitForOtherLoaded
; since the other CPU already get the data it want, leave this procedure
pop rax
mov cr4, rax
pop rax
mov cr0, rax
pop r15
pop r14
pop r13
pop r12
pop r11
pop r10
pop r9
pop r8
pop rbp
pop rdi
pop rsi
pop rdx
pop rcx
pop rbx
pop rax