/** @file\r
MP initialize support functions for DXE phase.\r
\r
- Copyright (c) 2016, Intel Corporation. All rights reserved.<BR>\r
- This program and the accompanying materials\r
- are licensed and made available under the terms and conditions of the BSD License\r
- which accompanies this distribution. The full text of the license may be found at\r
- http://opensource.org/licenses/bsd-license.php\r
-\r
- THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS,\r
- WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER EXPRESS OR IMPLIED.\r
+ Copyright (c) 2016 - 2020, Intel Corporation. All rights reserved.<BR>\r
+ SPDX-License-Identifier: BSD-2-Clause-Patent\r
\r
**/\r
\r
#include <Library/UefiLib.h>\r
#include <Library/UefiBootServicesTableLib.h>\r
#include <Library/DebugAgentLib.h>\r
+#include <Library/DxeServicesTableLib.h>\r
+#include <Library/VmgExitLib.h>\r
+#include <Register/Amd/Fam17Msr.h>\r
+#include <Register/Amd/Ghcb.h>\r
\r
#include <Protocol/Timer.h>\r
\r
-#define AP_CHECK_INTERVAL (EFI_TIMER_PERIOD_MILLISECONDS (100))\r
#define AP_SAFE_STACK_SIZE 128\r
\r
CPU_MP_DATA *mCpuMpData = NULL;\r
UINTN mReservedTopOfApStack;\r
volatile UINT32 mNumberToFinish = 0;\r
\r
+//\r
+// Begin wakeup buffer allocation below 0x88000\r
+//\r
+STATIC EFI_PHYSICAL_ADDRESS mSevEsDxeWakeupBuffer = 0x88000;\r
+\r
/**\r
Enable Debug Agent to support source debugging on AP function.\r
\r
}\r
\r
/**\r
- Get available system memory below 1MB by specified size.\r
+ Get available system memory below 0x88000 by specified size.\r
\r
@param[in] WakeupBufferSize Wakeup buffer size required\r
\r
{\r
EFI_STATUS Status;\r
EFI_PHYSICAL_ADDRESS StartAddress;\r
+ EFI_MEMORY_TYPE MemoryType;\r
+\r
+ if (PcdGetBool (PcdSevEsIsEnabled)) {\r
+ MemoryType = EfiReservedMemoryType;\r
+ } else {\r
+ MemoryType = EfiBootServicesData;\r
+ }\r
\r
- StartAddress = BASE_1MB;\r
+ //\r
+ // Try to allocate buffer below 1M for waking vector.\r
+ // LegacyBios driver only reports warning when page allocation in range\r
+ // [0x60000, 0x88000) fails.\r
+ // This library is consumed by CpuDxe driver to produce CPU Arch protocol.\r
+ // LagacyBios driver depends on CPU Arch protocol which guarantees below\r
+ // allocation runs earlier than LegacyBios driver.\r
+ //\r
+ if (PcdGetBool (PcdSevEsIsEnabled)) {\r
+ //\r
+ // SEV-ES Wakeup buffer should be under 0x88000 and under any previous one\r
+ //\r
+ StartAddress = mSevEsDxeWakeupBuffer;\r
+ } else {\r
+ StartAddress = 0x88000;\r
+ }\r
Status = gBS->AllocatePages (\r
AllocateMaxAddress,\r
- EfiBootServicesData,\r
+ MemoryType,\r
EFI_SIZE_TO_PAGES (WakeupBufferSize),\r
&StartAddress\r
);\r
ASSERT_EFI_ERROR (Status);\r
- if (!EFI_ERROR (Status)) {\r
- Status = gBS->FreePages(\r
- StartAddress,\r
- EFI_SIZE_TO_PAGES (WakeupBufferSize)\r
- );\r
- ASSERT_EFI_ERROR (Status);\r
- DEBUG ((DEBUG_INFO, "WakeupBufferStart = %x, WakeupBufferSize = %x\n",\r
- (UINTN) StartAddress, WakeupBufferSize));\r
- } else {\r
+ if (EFI_ERROR (Status)) {\r
StartAddress = (EFI_PHYSICAL_ADDRESS) -1;\r
+ } else if (PcdGetBool (PcdSevEsIsEnabled)) {\r
+ //\r
+ // Next SEV-ES wakeup buffer allocation must be below this allocation\r
+ //\r
+ mSevEsDxeWakeupBuffer = StartAddress;\r
+ }\r
+\r
+ DEBUG ((DEBUG_INFO, "WakeupBufferStart = %x, WakeupBufferSize = %x\n",\r
+ (UINTN) StartAddress, WakeupBufferSize));\r
+\r
+ return (UINTN) StartAddress;\r
+}\r
+\r
+/**\r
+ Get available EfiBootServicesCode memory below 4GB by specified size.\r
+\r
+ This buffer is required to safely transfer AP from real address mode to\r
+ protected mode or long mode, due to the fact that the buffer returned by\r
+ GetWakeupBuffer() may be marked as non-executable.\r
+\r
+ @param[in] BufferSize Wakeup transition buffer size.\r
+\r
+ @retval other Return wakeup transition buffer address below 4GB.\r
+ @retval 0 Cannot find free memory below 4GB.\r
+**/\r
+UINTN\r
+GetModeTransitionBuffer (\r
+ IN UINTN BufferSize\r
+ )\r
+{\r
+ EFI_STATUS Status;\r
+ EFI_PHYSICAL_ADDRESS StartAddress;\r
+\r
+ StartAddress = BASE_4GB - 1;\r
+ Status = gBS->AllocatePages (\r
+ AllocateMaxAddress,\r
+ EfiBootServicesCode,\r
+ EFI_SIZE_TO_PAGES (BufferSize),\r
+ &StartAddress\r
+ );\r
+ if (EFI_ERROR (Status)) {\r
+ StartAddress = 0;\r
}\r
+\r
+ return (UINTN)StartAddress;\r
+}\r
+\r
+/**\r
+ Return the address of the SEV-ES AP jump table.\r
+\r
+ This buffer is required in order for an SEV-ES guest to transition from\r
+ UEFI into an OS.\r
+\r
+ @return Return SEV-ES AP jump table buffer\r
+**/\r
+UINTN\r
+GetSevEsAPMemory (\r
+ VOID\r
+ )\r
+{\r
+ EFI_STATUS Status;\r
+ EFI_PHYSICAL_ADDRESS StartAddress;\r
+ MSR_SEV_ES_GHCB_REGISTER Msr;\r
+ GHCB *Ghcb;\r
+ BOOLEAN InterruptState;\r
+\r
+ //\r
+ // Allocate 1 page for AP jump table page\r
+ //\r
+ StartAddress = BASE_4GB - 1;\r
+ Status = gBS->AllocatePages (\r
+ AllocateMaxAddress,\r
+ EfiReservedMemoryType,\r
+ 1,\r
+ &StartAddress\r
+ );\r
+ ASSERT_EFI_ERROR (Status);\r
+\r
+ DEBUG ((DEBUG_INFO, "Dxe: SevEsAPMemory = %lx\n", (UINTN) StartAddress));\r
+\r
+ //\r
+ // Save the SevEsAPMemory as the AP jump table.\r
+ //\r
+ Msr.GhcbPhysicalAddress = AsmReadMsr64 (MSR_SEV_ES_GHCB);\r
+ Ghcb = Msr.Ghcb;\r
+\r
+ VmgInit (Ghcb, &InterruptState);\r
+ VmgExit (Ghcb, SVM_EXIT_AP_JUMP_TABLE, 0, (UINT64) (UINTN) StartAddress);\r
+ VmgDone (Ghcb, InterruptState);\r
+\r
return (UINTN) StartAddress;\r
}\r
\r
}\r
}\r
\r
+/**\r
+ Get Protected mode code segment with 16-bit default addressing\r
+ from current GDT table.\r
+\r
+ @return Protected mode 16-bit code segment value.\r
+**/\r
+UINT16\r
+GetProtectedMode16CS (\r
+ VOID\r
+ )\r
+{\r
+ IA32_DESCRIPTOR GdtrDesc;\r
+ IA32_SEGMENT_DESCRIPTOR *GdtEntry;\r
+ UINTN GdtEntryCount;\r
+ UINT16 Index;\r
+\r
+ Index = (UINT16) -1;\r
+ AsmReadGdtr (&GdtrDesc);\r
+ GdtEntryCount = (GdtrDesc.Limit + 1) / sizeof (IA32_SEGMENT_DESCRIPTOR);\r
+ GdtEntry = (IA32_SEGMENT_DESCRIPTOR *) GdtrDesc.Base;\r
+ for (Index = 0; Index < GdtEntryCount; Index++) {\r
+ if (GdtEntry->Bits.L == 0) {\r
+ if (GdtEntry->Bits.Type > 8 && GdtEntry->Bits.DB == 0) {\r
+ break;\r
+ }\r
+ }\r
+ GdtEntry++;\r
+ }\r
+ ASSERT (Index != GdtEntryCount);\r
+ return Index * 8;\r
+}\r
+\r
/**\r
Get Protected mode code segment from current GDT table.\r
\r
UINTN GdtEntryCount;\r
UINT16 Index;\r
\r
- Index = (UINT16) -1;\r
AsmReadGdtr (&GdtrDesc);\r
GdtEntryCount = (GdtrDesc.Limit + 1) / sizeof (IA32_SEGMENT_DESCRIPTOR);\r
GdtEntry = (IA32_SEGMENT_DESCRIPTOR *) GdtrDesc.Base;\r
for (Index = 0; Index < GdtEntryCount; Index++) {\r
if (GdtEntry->Bits.L == 0) {\r
- if (GdtEntry->Bits.Type > 8 && GdtEntry->Bits.L == 0) {\r
+ if (GdtEntry->Bits.Type > 8 && GdtEntry->Bits.DB == 1) {\r
break;\r
}\r
}\r
GdtEntry++;\r
}\r
- ASSERT (Index != -1);\r
+ ASSERT (Index != GdtEntryCount);\r
return Index * 8;\r
}\r
\r
BOOLEAN MwaitSupport;\r
ASM_RELOCATE_AP_LOOP AsmRelocateApLoopFunc;\r
UINTN ProcessorNumber;\r
+ UINTN StackStart;\r
\r
- MpInitLibWhoAmI (&ProcessorNumber); \r
+ MpInitLibWhoAmI (&ProcessorNumber);\r
CpuMpData = GetCpuMpData ();\r
MwaitSupport = IsMwaitSupport ();\r
+ if (CpuMpData->SevEsIsEnabled) {\r
+ StackStart = CpuMpData->SevEsAPResetStackStart;\r
+ } else {\r
+ StackStart = mReservedTopOfApStack;\r
+ }\r
AsmRelocateApLoopFunc = (ASM_RELOCATE_AP_LOOP) (UINTN) mReservedApLoopFunc;\r
AsmRelocateApLoopFunc (\r
MwaitSupport,\r
CpuMpData->ApTargetCState,\r
CpuMpData->PmCodeSegment,\r
- mReservedTopOfApStack - ProcessorNumber * AP_SAFE_STACK_SIZE,\r
- (UINTN) &mNumberToFinish\r
+ StackStart - ProcessorNumber * AP_SAFE_STACK_SIZE,\r
+ (UINTN) &mNumberToFinish,\r
+ CpuMpData->Pm16CodeSegment,\r
+ CpuMpData->SevEsAPBuffer,\r
+ CpuMpData->WakeupBuffer\r
);\r
//\r
// It should never reach here\r
\r
CpuMpData = GetCpuMpData ();\r
CpuMpData->PmCodeSegment = GetProtectedModeCS ();\r
+ CpuMpData->Pm16CodeSegment = GetProtectedMode16CS ();\r
CpuMpData->ApLoopMode = PcdGet8 (PcdCpuApLoopMode);\r
mNumberToFinish = CpuMpData->CpuCount - 1;\r
- WakeUpAP (CpuMpData, TRUE, 0, RelocateApLoop, NULL);\r
+ WakeUpAP (CpuMpData, TRUE, 0, RelocateApLoop, NULL, TRUE);\r
while (mNumberToFinish > 0) {\r
CpuPause ();\r
}\r
+\r
+ if (CpuMpData->SevEsIsEnabled && (CpuMpData->WakeupBuffer != (UINTN) -1)) {\r
+ //\r
+ // There are APs present. Re-use reserved memory area below 1MB from\r
+ // WakeupBuffer as the area to be used for transitioning to 16-bit mode\r
+ // in support of booting of the AP by an OS.\r
+ //\r
+ CopyMem (\r
+ (VOID *) CpuMpData->WakeupBuffer,\r
+ (VOID *) (CpuMpData->AddressMap.RendezvousFunnelAddress +\r
+ CpuMpData->AddressMap.SwitchToRealPM16ModeOffset),\r
+ CpuMpData->AddressMap.SwitchToRealPM16ModeSize\r
+ );\r
+ }\r
+\r
DEBUG ((DEBUG_INFO, "%a() done!\n", __FUNCTION__));\r
}\r
\r
IN CPU_MP_DATA *CpuMpData\r
)\r
{\r
- EFI_STATUS Status;\r
- EFI_PHYSICAL_ADDRESS Address;\r
- UINTN ApSafeBufferSize;\r
+ EFI_STATUS Status;\r
+ EFI_PHYSICAL_ADDRESS Address;\r
+ UINTN ApSafeBufferSize;\r
+ UINTN Index;\r
+ EFI_GCD_MEMORY_SPACE_DESCRIPTOR MemDesc;\r
+ UINTN StackBase;\r
+ CPU_INFO_IN_HOB *CpuInfoInHob;\r
\r
SaveCpuMpData (CpuMpData);\r
\r
return;\r
}\r
\r
+ if (PcdGetBool (PcdCpuStackGuard)) {\r
+ //\r
+ // One extra page at the bottom of the stack is needed for Guard page.\r
+ //\r
+ if (CpuMpData->CpuApStackSize <= EFI_PAGE_SIZE) {\r
+ DEBUG ((DEBUG_ERROR, "PcdCpuApStackSize is not big enough for Stack Guard!\n"));\r
+ ASSERT (FALSE);\r
+ }\r
+\r
+ //\r
+ // DXE will reuse stack allocated for APs at PEI phase if it's available.\r
+ // Let's check it here.\r
+ //\r
+ // Note: BSP's stack guard is set at DxeIpl phase. But for the sake of\r
+ // BSP/AP exchange, stack guard for ApTopOfStack of cpu 0 will still be\r
+ // set here.\r
+ //\r
+ CpuInfoInHob = (CPU_INFO_IN_HOB *)(UINTN)CpuMpData->CpuInfoInHob;\r
+ for (Index = 0; Index < CpuMpData->CpuCount; ++Index) {\r
+ if (CpuInfoInHob != NULL && CpuInfoInHob[Index].ApTopOfStack != 0) {\r
+ StackBase = (UINTN)CpuInfoInHob[Index].ApTopOfStack - CpuMpData->CpuApStackSize;\r
+ } else {\r
+ StackBase = CpuMpData->Buffer + Index * CpuMpData->CpuApStackSize;\r
+ }\r
+\r
+ Status = gDS->GetMemorySpaceDescriptor (StackBase, &MemDesc);\r
+ ASSERT_EFI_ERROR (Status);\r
+\r
+ Status = gDS->SetMemorySpaceAttributes (\r
+ StackBase,\r
+ EFI_PAGES_TO_SIZE (1),\r
+ MemDesc.Attributes | EFI_MEMORY_RP\r
+ );\r
+ ASSERT_EFI_ERROR (Status);\r
+\r
+ DEBUG ((DEBUG_INFO, "Stack Guard set at %lx [cpu%lu]!\n",\r
+ (UINT64)StackBase, (UINT64)Index));\r
+ }\r
+ }\r
+\r
//\r
// Avoid APs access invalid buffer data which allocated by BootServices,\r
// so we will allocate reserved data for AP loop code. We also need to\r
// Allocating it in advance since memory services are not available in\r
// Exit Boot Services callback function.\r
//\r
- ApSafeBufferSize = CpuMpData->AddressMap.RelocateApLoopFuncSize;\r
- ApSafeBufferSize += CpuMpData->CpuCount * AP_SAFE_STACK_SIZE;\r
-\r
+ ApSafeBufferSize = EFI_PAGES_TO_SIZE (EFI_SIZE_TO_PAGES (\r
+ CpuMpData->AddressMap.RelocateApLoopFuncSize\r
+ ));\r
Address = BASE_4GB - 1;\r
Status = gBS->AllocatePages (\r
AllocateMaxAddress,\r
&Address\r
);\r
ASSERT_EFI_ERROR (Status);\r
+\r
mReservedApLoopFunc = (VOID *) (UINTN) Address;\r
ASSERT (mReservedApLoopFunc != NULL);\r
- mReservedTopOfApStack = (UINTN) Address + EFI_PAGES_TO_SIZE (EFI_SIZE_TO_PAGES (ApSafeBufferSize));\r
+\r
+ //\r
+ // Make sure that the buffer memory is executable if NX protection is enabled\r
+ // for EfiReservedMemoryType.\r
+ //\r
+ // TODO: Check EFI_MEMORY_XP bit set or not once it's available in DXE GCD\r
+ // service.\r
+ //\r
+ Status = gDS->GetMemorySpaceDescriptor (Address, &MemDesc);\r
+ if (!EFI_ERROR (Status)) {\r
+ gDS->SetMemorySpaceAttributes (\r
+ Address,\r
+ ApSafeBufferSize,\r
+ MemDesc.Attributes & (~EFI_MEMORY_XP)\r
+ );\r
+ }\r
+\r
+ ApSafeBufferSize = EFI_PAGES_TO_SIZE (EFI_SIZE_TO_PAGES (\r
+ CpuMpData->CpuCount * AP_SAFE_STACK_SIZE\r
+ ));\r
+ Address = BASE_4GB - 1;\r
+ Status = gBS->AllocatePages (\r
+ AllocateMaxAddress,\r
+ EfiReservedMemoryType,\r
+ EFI_SIZE_TO_PAGES (ApSafeBufferSize),\r
+ &Address\r
+ );\r
+ ASSERT_EFI_ERROR (Status);\r
+\r
+ mReservedTopOfApStack = (UINTN) Address + ApSafeBufferSize;\r
ASSERT ((mReservedTopOfApStack & (UINTN)(CPU_STACK_ALIGNMENT - 1)) == 0);\r
CopyMem (\r
mReservedApLoopFunc,\r
Status = gBS->SetTimer (\r
mCheckAllApsEvent,\r
TimerPeriodic,\r
- AP_CHECK_INTERVAL\r
+ EFI_TIMER_PERIOD_MICROSECONDS (\r
+ PcdGet32 (PcdCpuApStatusCheckIntervalInMicroSeconds)\r
+ )\r
);\r
ASSERT_EFI_ERROR (Status);\r
\r
//\r
mStopCheckAllApsStatus = TRUE;\r
\r
- Status = StartupAllAPsWorker (\r
+ Status = StartupAllCPUsWorker (\r
Procedure,\r
SingleThread,\r
+ TRUE,\r
WaitEvent,\r
TimeoutInMicroseconds,\r
ProcedureArgument,\r
\r
return Status;\r
}\r
+\r
+/**\r
+ This funtion will try to invoke platform specific microcode shadow logic to\r
+ relocate microcode update patches into memory.\r
+\r
+ @param[in, out] CpuMpData The pointer to CPU MP Data structure.\r
+\r
+ @retval EFI_SUCCESS Shadow microcode success.\r
+ @retval EFI_OUT_OF_RESOURCES No enough resource to complete the operation.\r
+ @retval EFI_UNSUPPORTED Can't find platform specific microcode shadow\r
+ PPI/Protocol.\r
+**/\r
+EFI_STATUS\r
+PlatformShadowMicrocode (\r
+ IN OUT CPU_MP_DATA *CpuMpData\r
+ )\r
+{\r
+ //\r
+ // There is no DXE version of platform shadow microcode protocol so far.\r
+ // A platform which only uses DxeMpInitLib instance could only supports\r
+ // the PCD based microcode shadowing.\r
+ //\r
+ return EFI_UNSUPPORTED;\r
+}\r