tyler.durden
/
audk
mirror of https://github.com/acidanthera/audk.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity
audk/OvmfPkg/ResetVector/Main.asm

Ignoring revisions in .git-blame-ignore-revs. Click here to bypass and see the normal blame view.

128 lines
2.9 KiB
NASM
Raw Normal View History

OvmfPkg: Copy Main.asm from UefiCpuPkg to OvmfPkg's ResetVector RFC: https://bugzilla.tianocore.org/show_bug.cgi?id=3429 Previously OvmfPkg/ResetVector uses the Main.asm in UefiCpuPkg/ReseteVector/Vtf0. In this Main.asm there is only Main16 entry point. This patch-set is to introduce Intel TDX into Ovmf. Main32 entry point is needed in Main.asm by Intel TDX. To reduce the complexity of Main.asm in UefiCpuPkg, OvmfPkg create its own Main.asm to meet the requirement of Intel TDX. This Main.asm is an unmodified copy (so no functional change) and the actual changes for tdx come as incremental patches. UefiCpuPkg/ResetVector/Vtf0/main.asm -> OvmfPkg/ResetVector/Main.asm Cc: Ard Biesheuvel <ardb+tianocore@kernel.org> Cc: Jordan Justen <jordan.l.justen@intel.com> Cc: Gerd Hoffmann <kraxel@redhat.com> Cc: Brijesh Singh <brijesh.singh@amd.com> Cc: Erdem Aktas <erdemaktas@google.com> Cc: James Bottomley <jejb@linux.ibm.com> Cc: Jiewen Yao <jiewen.yao@intel.com> Cc: Tom Lendacky <thomas.lendacky@amd.com> Acked-by: Gerd Hoffmann <kraxel@redhat.com> Signed-off-by: Min Xu <min.m.xu@intel.com> Reviewed-by: Jiewen Yao <jiewen.yao@intel.com>
2021-09-23 05:09:00 +02:00
;------------------------------------------------------------------------------
; @file
; Main routine of the pre-SEC code up through the jump into SEC
;
; Copyright (c) 2008 - 2009, Intel Corporation. All rights reserved.<BR>
; SPDX-License-Identifier: BSD-2-Clause-Patent
;
;------------------------------------------------------------------------------
BITS 16
;
; Modified: EBX, ECX, EDX, EBP
;
; @param[in,out] RAX/EAX Initial value of the EAX register
; (BIST: Built-in Self Test)
; @param[in,out] DI 'BP': boot-strap processor, or
; 'AP': application processor
; @param[out] RBP/EBP Address of Boot Firmware Volume (BFV)
; @param[out] DS Selector allowing flat access to all addresses
; @param[out] ES Selector allowing flat access to all addresses
; @param[out] FS Selector allowing flat access to all addresses
; @param[out] GS Selector allowing flat access to all addresses
; @param[out] SS Selector allowing flat access to all addresses
;
; @return None This routine jumps to SEC and does not return
;
Main16:
OneTimeCall EarlyInit16
;
; Transition the processor from 16-bit real mode to 32-bit flat mode
;
OneTimeCall TransitionFromReal16To32BitFlat
BITS 32
OvmfPkg: Clear WORK_AREA_GUEST_TYPE in Main.asm RFC: https://bugzilla.tianocore.org/show_bug.cgi?id=3429 Previously WORK_AREA_GUEST_TYPE was cleared in SetCr3ForPageTables64. This is workable for Legacy guest and SEV guest. But it doesn't work after Intel TDX is introduced. It is because all TDX CPUs (BSP and APs) start to run from 0xfffffff0, thus WORK_AREA_GUEST_TYPE will be cleared multi-times if it is TDX guest. So the clearance of WORK_AREA_GUEST_TYPE is moved to Main16 entry point in Main.asm. Note: WORK_AREA_GUEST_TYPE is only defined for ARCH_X64. For Intel TDX, its corresponding entry point is Main32 (which will be introduced in next commit in this patch-set). WORK_AREA_GUEST_TYPE will be cleared there. Cc: Ard Biesheuvel <ardb+tianocore@kernel.org> Cc: Jordan Justen <jordan.l.justen@intel.com> Cc: Gerd Hoffmann <kraxel@redhat.com> Cc: Brijesh Singh <brijesh.singh@amd.com> Cc: Erdem Aktas <erdemaktas@google.com> Cc: James Bottomley <jejb@linux.ibm.com> Cc: Jiewen Yao <jiewen.yao@intel.com> Cc: Tom Lendacky <thomas.lendacky@amd.com> Signed-off-by: Min Xu <min.m.xu@intel.com> Reviewed-by: Jiewen Yao <jiewen.yao@intel.com>
2021-09-27 02:29:01 +02:00
; Clear the WorkArea header. The SEV probe routines will populate the
; work area when detected.
mov byte[WORK_AREA_GUEST_TYPE], 0
OvmfPkg: Enable TDX in ResetVector RFC: https://bugzilla.tianocore.org/show_bug.cgi?id=3429 Intel's Trust Domain Extensions (Intel TDX) refers to an Intel technology that extends Virtual Machines Extensions (VMX) and Multi-Key Total Memory Encryption (MKTME) with a new kind of virutal machines guest called a Trust Domain (TD). A TD is desinged to run in a CPU mode that protects the confidentiality of TD memory contents and the TD's CPU state from other software, including the hosting Virtual-Machine Monitor (VMM), unless explicitly shared by the TD itself. Note: Intel TDX is only available on X64, so the Tdx related changes are in X64 path. In IA32 path, there may be null stub to make the build success. This patch includes below major changes. 1. Ia32/IntelTdx.asm IntelTdx.asm includes below routines used in ResetVector - IsTdx Check if the running system is Tdx guest. - InitTdxWorkarea It initialize the TDX_WORK_AREA. Because it is called by both BSP and APs and to avoid the race condition, only BSP can initialize the WORK_AREA. AP will wait until the field of TDX_WORK_AREA_PGTBL_READY is set. - ReloadFlat32 After reset all CPUs in TDX are initialized to 32-bit protected mode. But GDT register is not set. So this routine loads the GDT then jump to Flat 32 protected mode again. - InitTdx This routine wrap above 3 routines together to do Tdx initialization in ResetVector phase. - IsTdxEnabled It is a OneTimeCall to probe if TDX is enabled by checking the CC_WORK_AREA. - CheckTdxFeaturesBeforeBuildPagetables This routine is called to check if it is Non-TDX guest, TDX-Bsp or TDX-APs. Because in TDX guest all the initialization is done by BSP (including the page tables). APs should not build the tables. - TdxPostBuildPageTables It is called after Page Tables are built by BSP. byte[TDX_WORK_AREA_PGTBL_READY] is set by BSP to indicate APs can leave spin and go. 2. Ia32/PageTables64.asm As described above only the TDX BSP build the page tables. So PageTables64.asm is updated to make sure only TDX BSP build the PageTables. TDX APs will skip the page table building and set Cr3 directly. 3. Ia16/ResetVectorVtf0.asm In Tdx all CPUs "reset" to run on 32-bit protected mode with flat descriptor (paging disabled). But in Non-Td guest the initial state of CPUs is 16-bit real mode. To resolve this conflict, BITS 16/32 is used in the ResetVectorVtf0.asm. It checks the 32-bit protected mode or 16-bit real mode, then jump to the corresponding entry point. Cc: Ard Biesheuvel <ardb+tianocore@kernel.org> Cc: Jordan Justen <jordan.l.justen@intel.com> Cc: Gerd Hoffmann <kraxel@redhat.com> Cc: Brijesh Singh <brijesh.singh@amd.com> Cc: Erdem Aktas <erdemaktas@google.com> Cc: James Bottomley <jejb@linux.ibm.com> Cc: Jiewen Yao <jiewen.yao@intel.com> Cc: Tom Lendacky <thomas.lendacky@amd.com> Signed-off-by: Min Xu <min.m.xu@intel.com> Reviewed-by: Jiewen Yao <jiewen.yao@intel.com>
2021-09-28 04:55:59 +02:00
%ifdef ARCH_X64
jmp SearchBfv
;
; Entry point of Main32
;
Main32:
OneTimeCall InitTdx
SearchBfv:
%endif
OvmfPkg: Copy Main.asm from UefiCpuPkg to OvmfPkg's ResetVector RFC: https://bugzilla.tianocore.org/show_bug.cgi?id=3429 Previously OvmfPkg/ResetVector uses the Main.asm in UefiCpuPkg/ReseteVector/Vtf0. In this Main.asm there is only Main16 entry point. This patch-set is to introduce Intel TDX into Ovmf. Main32 entry point is needed in Main.asm by Intel TDX. To reduce the complexity of Main.asm in UefiCpuPkg, OvmfPkg create its own Main.asm to meet the requirement of Intel TDX. This Main.asm is an unmodified copy (so no functional change) and the actual changes for tdx come as incremental patches. UefiCpuPkg/ResetVector/Vtf0/main.asm -> OvmfPkg/ResetVector/Main.asm Cc: Ard Biesheuvel <ardb+tianocore@kernel.org> Cc: Jordan Justen <jordan.l.justen@intel.com> Cc: Gerd Hoffmann <kraxel@redhat.com> Cc: Brijesh Singh <brijesh.singh@amd.com> Cc: Erdem Aktas <erdemaktas@google.com> Cc: James Bottomley <jejb@linux.ibm.com> Cc: Jiewen Yao <jiewen.yao@intel.com> Cc: Tom Lendacky <thomas.lendacky@amd.com> Acked-by: Gerd Hoffmann <kraxel@redhat.com> Signed-off-by: Min Xu <min.m.xu@intel.com> Reviewed-by: Jiewen Yao <jiewen.yao@intel.com>
2021-09-23 05:09:00 +02:00
;
; Search for the Boot Firmware Volume (BFV)
;
OneTimeCall Flat32SearchForBfvBase
;
; EBP - Start of BFV
;
;
; Search for the SEC entry point
;
OneTimeCall Flat32SearchForSecEntryPoint
;
; ESI - SEC Core entry point
; EBP - Start of BFV
;
%ifdef ARCH_IA32
OvmfPkg: Make an Ia32/X64 hybrid build work with SEV The BaseMemEncryptSevLib functionality was updated to rely on the use of the OVMF/SEV workarea to check for SEV guests. However, this area is only updated when running the X64 OVMF build, not the hybrid Ia32/X64 build. Base SEV support is allowed under the Ia32/X64 build, but it now fails to boot as a result of the change. Update the ResetVector code to check for SEV features when built for 32-bit mode, not just 64-bit mode (requiring updates to both the Ia32 and Ia32X64 fdf files). Fixes: f1d1c337e7c0575da7fd248b2dd9cffc755940df Cc: Ard Biesheuvel <ardb+tianocore@kernel.org> Cc: Jiewen Yao <jiewen.yao@intel.com> Cc: Jordan Justen <jordan.l.justen@intel.com> Cc: Gerd Hoffmann <kraxel@redhat.com> Cc: Erdem Aktas <erdemaktas@google.com> Cc: James Bottomley <jejb@linux.ibm.com> Cc: Michael Roth <michael.roth@amd.com> Cc: Min Xu <min.m.xu@intel.com> Signed-off-by: Tom Lendacky <thomas.lendacky@amd.com> Reviewed-by: Ard Biesheuvel <ardb@kernel.org>
2022-05-16 22:24:02 +02:00
;
; SEV support can be built and run using the Ia32/X64 split environment.
; Set the OVMF/SEV work area as appropriate.
;
OneTimeCall CheckSevFeatures
OvmfPkg: Copy Main.asm from UefiCpuPkg to OvmfPkg's ResetVector RFC: https://bugzilla.tianocore.org/show_bug.cgi?id=3429 Previously OvmfPkg/ResetVector uses the Main.asm in UefiCpuPkg/ReseteVector/Vtf0. In this Main.asm there is only Main16 entry point. This patch-set is to introduce Intel TDX into Ovmf. Main32 entry point is needed in Main.asm by Intel TDX. To reduce the complexity of Main.asm in UefiCpuPkg, OvmfPkg create its own Main.asm to meet the requirement of Intel TDX. This Main.asm is an unmodified copy (so no functional change) and the actual changes for tdx come as incremental patches. UefiCpuPkg/ResetVector/Vtf0/main.asm -> OvmfPkg/ResetVector/Main.asm Cc: Ard Biesheuvel <ardb+tianocore@kernel.org> Cc: Jordan Justen <jordan.l.justen@intel.com> Cc: Gerd Hoffmann <kraxel@redhat.com> Cc: Brijesh Singh <brijesh.singh@amd.com> Cc: Erdem Aktas <erdemaktas@google.com> Cc: James Bottomley <jejb@linux.ibm.com> Cc: Jiewen Yao <jiewen.yao@intel.com> Cc: Tom Lendacky <thomas.lendacky@amd.com> Acked-by: Gerd Hoffmann <kraxel@redhat.com> Signed-off-by: Min Xu <min.m.xu@intel.com> Reviewed-by: Jiewen Yao <jiewen.yao@intel.com>
2021-09-23 05:09:00 +02:00
;
; Restore initial EAX value into the EAX register
;
mov eax, esp
;
; Jump to the 32-bit SEC entry point
;
jmp esi
%else
;
; Transition the processor from 32-bit flat mode to 64-bit flat mode
;
OneTimeCall Transition32FlatTo64Flat
BITS 64
;
; Some values were calculated in 32-bit mode. Make sure the upper
; 32-bits of 64-bit registers are zero for these values.
;
mov rax, 0x00000000ffffffff
and rsi, rax
and rbp, rax
and rsp, rax
;
; RSI - SEC Core entry point
; RBP - Start of BFV
;
;
; Restore initial EAX value into the RAX register
;
mov rax, rsp
;
; Jump to the 64-bit SEC entry point
;
jmp rsi
%endif