[mirror_edk2.git] / OvmfPkg / CpuHotplugSmm / CpuHotplug.c

/** @file\r
  Root SMI handler for VCPU hotplug SMIs.\r
\r
  Copyright (c) 2020, Red Hat, Inc.\r
\r
  SPDX-License-Identifier: BSD-2-Clause-Patent\r
**/\r
\r
#include <CpuHotPlugData.h>                  // CPU_HOT_PLUG_DATA\r
#include <IndustryStandard/Q35MchIch9.h>     // ICH9_APM_CNT\r
#include <IndustryStandard/QemuCpuHotplug.h> // QEMU_CPUHP_CMD_GET_PENDING\r
#include <Library/BaseLib.h>                 // CpuDeadLoop()\r
#include <Library/DebugLib.h>                // ASSERT()\r
#include <Library/MmServicesTableLib.h>      // gMmst\r
#include <Library/PcdLib.h>                  // PcdGetBool()\r
#include <Library/SafeIntLib.h>              // SafeUintnSub()\r
#include <Protocol/MmCpuIo.h>                // EFI_MM_CPU_IO_PROTOCOL\r
#include <Protocol/SmmCpuService.h>          // EFI_SMM_CPU_SERVICE_PROTOCOL\r
#include <Uefi/UefiBaseType.h>               // EFI_STATUS\r
\r
#include "ApicId.h"                          // APIC_ID\r
#include "QemuCpuhp.h"                       // QemuCpuhpWriteCpuSelector()\r
#include "Smbase.h"                          // SmbaseAllocatePostSmmPen()\r
\r
//\r
// We use this protocol for accessing IO Ports.\r
//\r
STATIC EFI_MM_CPU_IO_PROTOCOL *mMmCpuIo;\r
//\r
// The following protocol is used to report the addition or removal of a CPU to\r
// the SMM CPU driver (PiSmmCpuDxeSmm).\r
//\r
STATIC EFI_SMM_CPU_SERVICE_PROTOCOL *mMmCpuService;\r
//\r
// This structure is a communication side-channel between the\r
// EFI_SMM_CPU_SERVICE_PROTOCOL consumer (i.e., this driver) and provider\r
// (i.e., PiSmmCpuDxeSmm).\r
//\r
STATIC CPU_HOT_PLUG_DATA *mCpuHotPlugData;\r
//\r
// SMRAM arrays for fetching the APIC IDs of processors with pending events (of\r
// known event types), for the time of just one MMI.\r
//\r
// The lifetimes of these arrays match that of this driver only because we\r
// don't want to allocate SMRAM at OS runtime, and potentially fail (or\r
// fragment the SMRAM map).\r
//\r
// These arrays provide room for ("possible CPU count" minus one) APIC IDs\r
// each, as we don't expect every possible CPU to appear, or disappear, in a\r
// single MMI. The numbers of used (populated) elements in the arrays are\r
// determined on every MMI separately.\r
//\r
STATIC APIC_ID *mPluggedApicIds;\r
STATIC APIC_ID *mToUnplugApicIds;\r
//\r
// Address of the non-SMRAM reserved memory page that contains the Post-SMM Pen\r
// for hot-added CPUs.\r
//\r
STATIC UINT32 mPostSmmPenAddress;\r
//\r
// Represents the registration of the CPU Hotplug MMI handler.\r
//\r
STATIC EFI_HANDLE mDispatchHandle;\r
\r
\r
/**\r
  CPU Hotplug MMI handler function.\r
\r
  This is a root MMI handler.\r
\r
  @param[in] DispatchHandle      The unique handle assigned to this handler by\r
                                 EFI_MM_SYSTEM_TABLE.MmiHandlerRegister().\r
\r
  @param[in] Context             Context passed in by\r
                                 EFI_MM_SYSTEM_TABLE.MmiManage(). Due to\r
                                 CpuHotplugMmi() being a root MMI handler,\r
                                 Context is ASSERT()ed to be NULL.\r
\r
  @param[in,out] CommBuffer      Ignored, due to CpuHotplugMmi() being a root\r
                                 MMI handler.\r
\r
  @param[in,out] CommBufferSize  Ignored, due to CpuHotplugMmi() being a root\r
                                 MMI handler.\r
\r
  @retval EFI_SUCCESS                       The MMI was handled and the MMI\r
                                            source was quiesced. When returned\r
                                            by a non-root MMI handler,\r
                                            EFI_SUCCESS terminates the\r
                                            processing of MMI handlers in\r
                                            EFI_MM_SYSTEM_TABLE.MmiManage().\r
                                            For a root MMI handler (i.e., for\r
                                            the present function too),\r
                                            EFI_SUCCESS behaves identically to\r
                                            EFI_WARN_INTERRUPT_SOURCE_QUIESCED,\r
                                            as further root MMI handlers are\r
                                            going to be called by\r
                                            EFI_MM_SYSTEM_TABLE.MmiManage()\r
                                            anyway.\r
\r
  @retval EFI_WARN_INTERRUPT_SOURCE_QUIESCED  The MMI source has been quiesced,\r
                                              but other handlers should still\r
                                              be called.\r
\r
  @retval EFI_WARN_INTERRUPT_SOURCE_PENDING   The MMI source is still pending,\r
                                              and other handlers should still\r
                                              be called.\r
\r
  @retval EFI_INTERRUPT_PENDING               The MMI source could not be\r
                                              quiesced.\r
**/\r
STATIC\r
EFI_STATUS\r
EFIAPI\r
CpuHotplugMmi (\r
  IN EFI_HANDLE DispatchHandle,\r
  IN CONST VOID *Context        OPTIONAL,\r
  IN OUT VOID   *CommBuffer     OPTIONAL,\r
  IN OUT UINTN  *CommBufferSize OPTIONAL\r
  )\r
{\r
  EFI_STATUS Status;\r
  UINT8      ApmControl;\r
  UINT32     PluggedCount;\r
  UINT32     ToUnplugCount;\r
  UINT32     PluggedIdx;\r
  UINT32     NewSlot;\r
\r
  //\r
  // Assert that we are entering this function due to our root MMI handler\r
  // registration.\r
  //\r
  ASSERT (DispatchHandle == mDispatchHandle);\r
  //\r
  // When MmiManage() is invoked to process root MMI handlers, the caller (the\r
  // MM Core) is expected to pass in a NULL Context. MmiManage() then passes\r
  // the same NULL Context to individual handlers.\r
  //\r
  ASSERT (Context == NULL);\r
  //\r
  // Read the MMI command value from the APM Control Port, to see if this is an\r
  // MMI we should care about.\r
  //\r
  Status = mMmCpuIo->Io.Read (mMmCpuIo, MM_IO_UINT8, ICH9_APM_CNT, 1,\r
                          &ApmControl);\r
  if (EFI_ERROR (Status)) {\r
    DEBUG ((DEBUG_ERROR, "%a: failed to read ICH9_APM_CNT: %r\n", __FUNCTION__,\r
      Status));\r
    //\r
    // We couldn't even determine if the MMI was for us or not.\r
    //\r
    goto Fatal;\r
  }\r
\r
  if (ApmControl != ICH9_APM_CNT_CPU_HOTPLUG) {\r
    //\r
    // The MMI is not for us.\r
    //\r
    return EFI_WARN_INTERRUPT_SOURCE_QUIESCED;\r
  }\r
\r
  //\r
  // Collect the CPUs with pending events.\r
  //\r
  Status = QemuCpuhpCollectApicIds (\r
             mMmCpuIo,\r
             mCpuHotPlugData->ArrayLength,     // PossibleCpuCount\r
             mCpuHotPlugData->ArrayLength - 1, // ApicIdCount\r
             mPluggedApicIds,\r
             &PluggedCount,\r
             mToUnplugApicIds,\r
             &ToUnplugCount\r
             );\r
  if (EFI_ERROR (Status)) {\r
    goto Fatal;\r
  }\r
  if (ToUnplugCount > 0) {\r
    DEBUG ((DEBUG_ERROR, "%a: hot-unplug is not supported yet\n",\r
      __FUNCTION__));\r
    goto Fatal;\r
  }\r
\r
  //\r
  // Process hot-added CPUs.\r
  //\r
  // The Post-SMM Pen need not be reinstalled multiple times within a single\r
  // root MMI handling. Even reinstalling once per root MMI is only prudence;\r
  // in theory installing the pen in the driver's entry point function should\r
  // suffice.\r
  //\r
  SmbaseReinstallPostSmmPen (mPostSmmPenAddress);\r
\r
  PluggedIdx = 0;\r
  NewSlot = 0;\r
  while (PluggedIdx < PluggedCount) {\r
    APIC_ID NewApicId;\r
    UINTN   NewProcessorNumberByProtocol;\r
\r
    NewApicId = mPluggedApicIds[PluggedIdx];\r
    //\r
    // Find the first empty slot in CPU_HOT_PLUG_DATA.\r
    //\r
    while (NewSlot < mCpuHotPlugData->ArrayLength &&\r
           mCpuHotPlugData->ApicId[NewSlot] != MAX_UINT64) {\r
      NewSlot++;\r
    }\r
    if (NewSlot == mCpuHotPlugData->ArrayLength) {\r
      DEBUG ((DEBUG_ERROR, "%a: no room for APIC ID " FMT_APIC_ID "\n",\r
        __FUNCTION__, NewApicId));\r
      goto Fatal;\r
    }\r
\r
    //\r
    // Store the APIC ID of the new processor to the slot.\r
    //\r
    mCpuHotPlugData->ApicId[NewSlot] = NewApicId;\r
\r
    //\r
    // Relocate the SMBASE of the new CPU.\r
    //\r
    Status = SmbaseRelocate (NewApicId, mCpuHotPlugData->SmBase[NewSlot],\r
               mPostSmmPenAddress);\r
    if (EFI_ERROR (Status)) {\r
      goto RevokeNewSlot;\r
    }\r
\r
    //\r
    // Add the new CPU with EFI_SMM_CPU_SERVICE_PROTOCOL.\r
    //\r
    Status = mMmCpuService->AddProcessor (mMmCpuService, NewApicId,\r
                              &NewProcessorNumberByProtocol);\r
    if (EFI_ERROR (Status)) {\r
      DEBUG ((DEBUG_ERROR, "%a: AddProcessor(" FMT_APIC_ID "): %r\n",\r
        __FUNCTION__, NewApicId, Status));\r
      goto RevokeNewSlot;\r
    }\r
\r
    DEBUG ((DEBUG_INFO, "%a: hot-added APIC ID " FMT_APIC_ID ", SMBASE 0x%Lx, "\r
      "EFI_SMM_CPU_SERVICE_PROTOCOL assigned number %Lu\n", __FUNCTION__,\r
      NewApicId, (UINT64)mCpuHotPlugData->SmBase[NewSlot],\r
      (UINT64)NewProcessorNumberByProtocol));\r
\r
    NewSlot++;\r
    PluggedIdx++;\r
  }\r
\r
  //\r
  // We've handled this MMI.\r
  //\r
  return EFI_SUCCESS;\r
\r
RevokeNewSlot:\r
  mCpuHotPlugData->ApicId[NewSlot] = MAX_UINT64;\r
\r
Fatal:\r
  ASSERT (FALSE);\r
  CpuDeadLoop ();\r
  //\r
  // We couldn't handle this MMI.\r
  //\r
  return EFI_INTERRUPT_PENDING;\r
}\r
\r
\r
//\r
// Entry point function of this driver.\r
//\r
EFI_STATUS\r
EFIAPI\r
CpuHotplugEntry (\r
  IN EFI_HANDLE       ImageHandle,\r
  IN EFI_SYSTEM_TABLE *SystemTable\r
  )\r
{\r
  EFI_STATUS Status;\r
  UINTN      Size;\r
\r
  //\r
  // This module should only be included when SMM support is required.\r
  //\r
  ASSERT (FeaturePcdGet (PcdSmmSmramRequire));\r
  //\r
  // This driver depends on the dynamically detected "SMRAM at default SMBASE"\r
  // feature.\r
  //\r
  if (!PcdGetBool (PcdQ35SmramAtDefaultSmbase)) {\r
    return EFI_UNSUPPORTED;\r
  }\r
\r
  //\r
  // Errors from here on are fatal; we cannot allow the boot to proceed if we\r
  // can't set up this driver to handle CPU hotplug.\r
  //\r
  // First, collect the protocols needed later. All of these protocols are\r
  // listed in our module DEPEX.\r
  //\r
  Status = gMmst->MmLocateProtocol (&gEfiMmCpuIoProtocolGuid,\r
                    NULL /* Registration */, (VOID **)&mMmCpuIo);\r
  if (EFI_ERROR (Status)) {\r
    DEBUG ((DEBUG_ERROR, "%a: locate MmCpuIo: %r\n", __FUNCTION__, Status));\r
    goto Fatal;\r
  }\r
  Status = gMmst->MmLocateProtocol (&gEfiSmmCpuServiceProtocolGuid,\r
                    NULL /* Registration */, (VOID **)&mMmCpuService);\r
  if (EFI_ERROR (Status)) {\r
    DEBUG ((DEBUG_ERROR, "%a: locate MmCpuService: %r\n", __FUNCTION__,\r
      Status));\r
    goto Fatal;\r
  }\r
\r
  //\r
  // Our DEPEX on EFI_SMM_CPU_SERVICE_PROTOCOL guarantees that PiSmmCpuDxeSmm\r
  // has pointed PcdCpuHotPlugDataAddress to CPU_HOT_PLUG_DATA in SMRAM.\r
  //\r
  mCpuHotPlugData = (VOID *)(UINTN)PcdGet64 (PcdCpuHotPlugDataAddress);\r
  if (mCpuHotPlugData == NULL) {\r
    Status = EFI_NOT_FOUND;\r
    DEBUG ((DEBUG_ERROR, "%a: CPU_HOT_PLUG_DATA: %r\n", __FUNCTION__, Status));\r
    goto Fatal;\r
  }\r
  //\r
  // If the possible CPU count is 1, there's nothing for this driver to do.\r
  //\r
  if (mCpuHotPlugData->ArrayLength == 1) {\r
    return EFI_UNSUPPORTED;\r
  }\r
  //\r
  // Allocate the data structures that depend on the possible CPU count.\r
  //\r
  if (RETURN_ERROR (SafeUintnSub (mCpuHotPlugData->ArrayLength, 1, &Size)) ||\r
      RETURN_ERROR (SafeUintnMult (sizeof (APIC_ID), Size, &Size))) {\r
    Status = EFI_ABORTED;\r
    DEBUG ((DEBUG_ERROR, "%a: invalid CPU_HOT_PLUG_DATA\n", __FUNCTION__));\r
    goto Fatal;\r
  }\r
  Status = gMmst->MmAllocatePool (EfiRuntimeServicesData, Size,\r
                    (VOID **)&mPluggedApicIds);\r
  if (EFI_ERROR (Status)) {\r
    DEBUG ((DEBUG_ERROR, "%a: MmAllocatePool(): %r\n", __FUNCTION__, Status));\r
    goto Fatal;\r
  }\r
  Status = gMmst->MmAllocatePool (EfiRuntimeServicesData, Size,\r
                    (VOID **)&mToUnplugApicIds);\r
  if (EFI_ERROR (Status)) {\r
    DEBUG ((DEBUG_ERROR, "%a: MmAllocatePool(): %r\n", __FUNCTION__, Status));\r
    goto ReleasePluggedApicIds;\r
  }\r
\r
  //\r
  // Allocate the Post-SMM Pen for hot-added CPUs.\r
  //\r
  Status = SmbaseAllocatePostSmmPen (&mPostSmmPenAddress,\r
             SystemTable->BootServices);\r
  if (EFI_ERROR (Status)) {\r
    goto ReleaseToUnplugApicIds;\r
  }\r
\r
  //\r
  // Sanity-check the CPU hotplug interface.\r
  //\r
  // Both of the following features are part of QEMU 5.0, introduced primarily\r
  // in commit range 3e08b2b9cb64..3a61c8db9d25:\r
  //\r
  // (a) the QEMU_CPUHP_CMD_GET_ARCH_ID command of the modern CPU hotplug\r
  //     interface,\r
  //\r
  // (b) the "SMRAM at default SMBASE" feature.\r
  //\r
  // From these, (b) is restricted to 5.0+ machine type versions, while (a)\r
  // does not depend on machine type version. Because we ensured the stricter\r
  // condition (b) through PcdQ35SmramAtDefaultSmbase above, the (a)\r
  // QEMU_CPUHP_CMD_GET_ARCH_ID command must now be available too. While we\r
  // can't verify the presence of precisely that command, we can still verify\r
  // (sanity-check) that the modern interface is active, at least.\r
  //\r
  // Consult the "Typical usecases | Detecting and enabling modern CPU hotplug\r
  // interface" section in QEMU's "docs/specs/acpi_cpu_hotplug.txt", on the\r
  // following.\r
  //\r
  QemuCpuhpWriteCpuSelector (mMmCpuIo, 0);\r
  QemuCpuhpWriteCpuSelector (mMmCpuIo, 0);\r
  QemuCpuhpWriteCommand (mMmCpuIo, QEMU_CPUHP_CMD_GET_PENDING);\r
  if (QemuCpuhpReadCommandData2 (mMmCpuIo) != 0) {\r
    Status = EFI_NOT_FOUND;\r
    DEBUG ((DEBUG_ERROR, "%a: modern CPU hotplug interface: %r\n",\r
      __FUNCTION__, Status));\r
    goto ReleasePostSmmPen;\r
  }\r
\r
  //\r
  // Register the handler for the CPU Hotplug MMI.\r
  //\r
  Status = gMmst->MmiHandlerRegister (\r
                    CpuHotplugMmi,\r
                    NULL,            // HandlerType: root MMI handler\r
                    &mDispatchHandle\r
                    );\r
  if (EFI_ERROR (Status)) {\r
    DEBUG ((DEBUG_ERROR, "%a: MmiHandlerRegister(): %r\n", __FUNCTION__,\r
      Status));\r
    goto ReleasePostSmmPen;\r
  }\r
\r
  //\r
  // Install the handler for the hot-added CPUs' first SMI.\r
  //\r
  SmbaseInstallFirstSmiHandler ();\r
\r
  return EFI_SUCCESS;\r
\r
ReleasePostSmmPen:\r
  SmbaseReleasePostSmmPen (mPostSmmPenAddress, SystemTable->BootServices);\r
  mPostSmmPenAddress = 0;\r
\r
ReleaseToUnplugApicIds:\r
  gMmst->MmFreePool (mToUnplugApicIds);\r
  mToUnplugApicIds = NULL;\r
\r
ReleasePluggedApicIds:\r
  gMmst->MmFreePool (mPluggedApicIds);\r
  mPluggedApicIds = NULL;\r
\r
Fatal:\r
  ASSERT (FALSE);\r
  CpuDeadLoop ();\r
  return Status;\r
}\r
Commit	Line	Data
17efae27 LE	1	/** @file\r
	2	Root SMI handler for VCPU hotplug SMIs.\r
	3	\r
	4	Copyright (c) 2020, Red Hat, Inc.\r
	5	\r
	6	SPDX-License-Identifier: BSD-2-Clause-Patent\r
	7	**/\r
	8	\r
17cb8ddb	9	#include <CpuHotPlugData.h> // CPU_HOT_PLUG_DATA\r
17efae27	10	#include <IndustryStandard/Q35MchIch9.h> // ICH9_APM_CNT\r
f668e788	11	#include <IndustryStandard/QemuCpuHotplug.h> // QEMU_CPUHP_CMD_GET_PENDING\r
17efae27 LE	12	#include <Library/BaseLib.h> // CpuDeadLoop()\r
	13	#include <Library/DebugLib.h> // ASSERT()\r
	14	#include <Library/MmServicesTableLib.h> // gMmst\r
	15	#include <Library/PcdLib.h> // PcdGetBool()\r
17cb8ddb	16	#include <Library/SafeIntLib.h> // SafeUintnSub()\r
17efae27	17	#include <Protocol/MmCpuIo.h> // EFI_MM_CPU_IO_PROTOCOL\r
17cb8ddb	18	#include <Protocol/SmmCpuService.h> // EFI_SMM_CPU_SERVICE_PROTOCOL\r
17efae27 LE	19	#include <Uefi/UefiBaseType.h> // EFI_STATUS\r
17efae27 LE	20	\r
17cb8ddb	21	#include "ApicId.h" // APIC_ID\r
f668e788	22	#include "QemuCpuhp.h" // QemuCpuhpWriteCpuSelector()\r
bc498ac4	23	#include "Smbase.h" // SmbaseAllocatePostSmmPen()\r
f668e788	24	\r
17efae27 LE	25	//\r
	26	// We use this protocol for accessing IO Ports.\r
	27	//\r
	28	STATIC EFI_MM_CPU_IO_PROTOCOL *mMmCpuIo;\r
	29	//\r
17cb8ddb LE	30	// The following protocol is used to report the addition or removal of a CPU to\r
	31	// the SMM CPU driver (PiSmmCpuDxeSmm).\r
	32	//\r
	33	STATIC EFI_SMM_CPU_SERVICE_PROTOCOL *mMmCpuService;\r
	34	//\r
	35	// This structure is a communication side-channel between the\r
	36	// EFI_SMM_CPU_SERVICE_PROTOCOL consumer (i.e., this driver) and provider\r
	37	// (i.e., PiSmmCpuDxeSmm).\r
	38	//\r
	39	STATIC CPU_HOT_PLUG_DATA *mCpuHotPlugData;\r
	40	//\r
	41	// SMRAM arrays for fetching the APIC IDs of processors with pending events (of\r
	42	// known event types), for the time of just one MMI.\r
	43	//\r
	44	// The lifetimes of these arrays match that of this driver only because we\r
	45	// don't want to allocate SMRAM at OS runtime, and potentially fail (or\r
	46	// fragment the SMRAM map).\r
	47	//\r
	48	// These arrays provide room for ("possible CPU count" minus one) APIC IDs\r
	49	// each, as we don't expect every possible CPU to appear, or disappear, in a\r
	50	// single MMI. The numbers of used (populated) elements in the arrays are\r
	51	// determined on every MMI separately.\r
	52	//\r
	53	STATIC APIC_ID *mPluggedApicIds;\r
	54	STATIC APIC_ID *mToUnplugApicIds;\r
	55	//\r
bc498ac4 LE	56	// Address of the non-SMRAM reserved memory page that contains the Post-SMM Pen\r
	57	// for hot-added CPUs.\r
	58	//\r
	59	STATIC UINT32 mPostSmmPenAddress;\r
	60	//\r
17efae27 LE	61	// Represents the registration of the CPU Hotplug MMI handler.\r
	62	//\r
	63	STATIC EFI_HANDLE mDispatchHandle;\r
	64	\r
	65	\r
	66	/**\r
	67	CPU Hotplug MMI handler function.\r
	68	\r
	69	This is a root MMI handler.\r
	70	\r
	71	@param[in] DispatchHandle The unique handle assigned to this handler by\r
	72	EFI_MM_SYSTEM_TABLE.MmiHandlerRegister().\r
	73	\r
	74	@param[in] Context Context passed in by\r
	75	EFI_MM_SYSTEM_TABLE.MmiManage(). Due to\r
	76	CpuHotplugMmi() being a root MMI handler,\r
	77	Context is ASSERT()ed to be NULL.\r
	78	\r
	79	@param[in,out] CommBuffer Ignored, due to CpuHotplugMmi() being a root\r
	80	MMI handler.\r
	81	\r
	82	@param[in,out] CommBufferSize Ignored, due to CpuHotplugMmi() being a root\r
	83	MMI handler.\r
	84	\r
	85	@retval EFI_SUCCESS The MMI was handled and the MMI\r
	86	source was quiesced. When returned\r
	87	by a non-root MMI handler,\r
	88	EFI_SUCCESS terminates the\r
	89	processing of MMI handlers in\r
	90	EFI_MM_SYSTEM_TABLE.MmiManage().\r
	91	For a root MMI handler (i.e., for\r
	92	the present function too),\r
	93	EFI_SUCCESS behaves identically to\r
	94	EFI_WARN_INTERRUPT_SOURCE_QUIESCED,\r
	95	as further root MMI handlers are\r
	96	going to be called by\r
	97	EFI_MM_SYSTEM_TABLE.MmiManage()\r
	98	anyway.\r
	99	\r
	100	@retval EFI_WARN_INTERRUPT_SOURCE_QUIESCED The MMI source has been quiesced,\r
	101	but other handlers should still\r
	102	be called.\r
	103	\r
	104	@retval EFI_WARN_INTERRUPT_SOURCE_PENDING The MMI source is still pending,\r
	105	and other handlers should still\r
	106	be called.\r
	107	\r
	108	@retval EFI_INTERRUPT_PENDING The MMI source could not be\r
	109	quiesced.\r
	110	**/\r
	111	STATIC\r
	112	EFI_STATUS\r
	113	EFIAPI\r
	114	CpuHotplugMmi (\r
	115	IN EFI_HANDLE DispatchHandle,\r
	116	IN CONST VOID *Context OPTIONAL,\r
	117	IN OUT VOID *CommBuffer OPTIONAL,\r
	118	IN OUT UINTN *CommBufferSize OPTIONAL\r
	119	)\r
	120	{\r
	121	EFI_STATUS Status;\r
	122	UINT8 ApmControl;\r
17cb8ddb LE	123	UINT32 PluggedCount;\r
17cb8ddb LE	124	UINT32 ToUnplugCount;\r
bc498ac4 LE	125	UINT32 PluggedIdx;\r
bc498ac4 LE	126	UINT32 NewSlot;\r
17efae27 LE	127	\r
	128	//\r
	129	// Assert that we are entering this function due to our root MMI handler\r
	130	// registration.\r
	131	//\r
	132	ASSERT (DispatchHandle == mDispatchHandle);\r
	133	//\r
	134	// When MmiManage() is invoked to process root MMI handlers, the caller (the\r
	135	// MM Core) is expected to pass in a NULL Context. MmiManage() then passes\r
	136	// the same NULL Context to individual handlers.\r
	137	//\r
	138	ASSERT (Context == NULL);\r
	139	//\r
	140	// Read the MMI command value from the APM Control Port, to see if this is an\r
	141	// MMI we should care about.\r
	142	//\r
	143	Status = mMmCpuIo->Io.Read (mMmCpuIo, MM_IO_UINT8, ICH9_APM_CNT, 1,\r
	144	&ApmControl);\r
	145	if (EFI_ERROR (Status)) {\r
	146	DEBUG ((DEBUG_ERROR, "%a: failed to read ICH9_APM_CNT: %r\n", __FUNCTION__,\r
	147	Status));\r
	148	//\r
	149	// We couldn't even determine if the MMI was for us or not.\r
	150	//\r
	151	goto Fatal;\r
	152	}\r
	153	\r
	154	if (ApmControl != ICH9_APM_CNT_CPU_HOTPLUG) {\r
	155	//\r
	156	// The MMI is not for us.\r
	157	//\r
	158	return EFI_WARN_INTERRUPT_SOURCE_QUIESCED;\r
	159	}\r
	160	\r
17cb8ddb LE	161	//\r
	162	// Collect the CPUs with pending events.\r
	163	//\r
	164	Status = QemuCpuhpCollectApicIds (\r
	165	mMmCpuIo,\r
	166	mCpuHotPlugData->ArrayLength, // PossibleCpuCount\r
	167	mCpuHotPlugData->ArrayLength - 1, // ApicIdCount\r
	168	mPluggedApicIds,\r
	169	&PluggedCount,\r
	170	mToUnplugApicIds,\r
	171	&ToUnplugCount\r
	172	);\r
	173	if (EFI_ERROR (Status)) {\r
	174	goto Fatal;\r
	175	}\r
	176	if (ToUnplugCount > 0) {\r
	177	DEBUG ((DEBUG_ERROR, "%a: hot-unplug is not supported yet\n",\r
	178	__FUNCTION__));\r
	179	goto Fatal;\r
	180	}\r
	181	\r
bc498ac4 LE	182	//\r
	183	// Process hot-added CPUs.\r
	184	//\r
	185	// The Post-SMM Pen need not be reinstalled multiple times within a single\r
	186	// root MMI handling. Even reinstalling once per root MMI is only prudence;\r
	187	// in theory installing the pen in the driver's entry point function should\r
	188	// suffice.\r
	189	//\r
	190	SmbaseReinstallPostSmmPen (mPostSmmPenAddress);\r
	191	\r
	192	PluggedIdx = 0;\r
	193	NewSlot = 0;\r
	194	while (PluggedIdx < PluggedCount) {\r
	195	APIC_ID NewApicId;\r
	196	UINTN NewProcessorNumberByProtocol;\r
	197	\r
	198	NewApicId = mPluggedApicIds[PluggedIdx];\r
	199	//\r
	200	// Find the first empty slot in CPU_HOT_PLUG_DATA.\r
	201	//\r
	202	while (NewSlot < mCpuHotPlugData->ArrayLength &&\r
	203	mCpuHotPlugData->ApicId[NewSlot] != MAX_UINT64) {\r
	204	NewSlot++;\r
	205	}\r
	206	if (NewSlot == mCpuHotPlugData->ArrayLength) {\r
	207	DEBUG ((DEBUG_ERROR, "%a: no room for APIC ID " FMT_APIC_ID "\n",\r
	208	__FUNCTION__, NewApicId));\r
	209	goto Fatal;\r
	210	}\r
	211	\r
	212	//\r
	213	// Store the APIC ID of the new processor to the slot.\r
	214	//\r
	215	mCpuHotPlugData->ApicId[NewSlot] = NewApicId;\r
	216	\r
	217	//\r
	218	// Relocate the SMBASE of the new CPU.\r
	219	//\r
	220	Status = SmbaseRelocate (NewApicId, mCpuHotPlugData->SmBase[NewSlot],\r
	221	mPostSmmPenAddress);\r
	222	if (EFI_ERROR (Status)) {\r
	223	goto RevokeNewSlot;\r
	224	}\r
	225	\r
	226	//\r
	227	// Add the new CPU with EFI_SMM_CPU_SERVICE_PROTOCOL.\r
	228	//\r
	229	Status = mMmCpuService->AddProcessor (mMmCpuService, NewApicId,\r
	230	&NewProcessorNumberByProtocol);\r
	231	if (EFI_ERROR (Status)) {\r
	232	DEBUG ((DEBUG_ERROR, "%a: AddProcessor(" FMT_APIC_ID "): %r\n",\r
	233	__FUNCTION__, NewApicId, Status));\r
	234	goto RevokeNewSlot;\r
	235	}\r
	236	\r
	237	DEBUG ((DEBUG_INFO, "%a: hot-added APIC ID " FMT_APIC_ID ", SMBASE 0x%Lx, "\r
	238	"EFI_SMM_CPU_SERVICE_PROTOCOL assigned number %Lu\n", __FUNCTION__,\r
	239	NewApicId, (UINT64)mCpuHotPlugData->SmBase[NewSlot],\r
	240	(UINT64)NewProcessorNumberByProtocol));\r
	241	\r
	242	NewSlot++;\r
	243	PluggedIdx++;\r
	244	}\r
	245	\r
17efae27 LE	246	//\r
	247	// We've handled this MMI.\r
	248	//\r
	249	return EFI_SUCCESS;\r
	250	\r
bc498ac4 LE	251	RevokeNewSlot:\r
	252	mCpuHotPlugData->ApicId[NewSlot] = MAX_UINT64;\r
	253	\r
17efae27 LE	254	Fatal:\r
	255	ASSERT (FALSE);\r
	256	CpuDeadLoop ();\r
	257	//\r
	258	// We couldn't handle this MMI.\r
	259	//\r
	260	return EFI_INTERRUPT_PENDING;\r
	261	}\r
	262	\r
	263	\r
	264	//\r
	265	// Entry point function of this driver.\r
	266	//\r
	267	EFI_STATUS\r
	268	EFIAPI\r
	269	CpuHotplugEntry (\r
	270	IN EFI_HANDLE ImageHandle,\r
	271	IN EFI_SYSTEM_TABLE *SystemTable\r
	272	)\r
	273	{\r
	274	EFI_STATUS Status;\r
17cb8ddb	275	UINTN Size;\r
17efae27 LE	276	\r
	277	//\r
	278	// This module should only be included when SMM support is required.\r
	279	//\r
	280	ASSERT (FeaturePcdGet (PcdSmmSmramRequire));\r
	281	//\r
	282	// This driver depends on the dynamically detected "SMRAM at default SMBASE"\r
	283	// feature.\r
	284	//\r
	285	if (!PcdGetBool (PcdQ35SmramAtDefaultSmbase)) {\r
	286	return EFI_UNSUPPORTED;\r
	287	}\r
	288	\r
	289	//\r
	290	// Errors from here on are fatal; we cannot allow the boot to proceed if we\r
	291	// can't set up this driver to handle CPU hotplug.\r
	292	//\r
	293	// First, collect the protocols needed later. All of these protocols are\r
	294	// listed in our module DEPEX.\r
	295	//\r
	296	Status = gMmst->MmLocateProtocol (&gEfiMmCpuIoProtocolGuid,\r
	297	NULL /* Registration /, (VOID *)&mMmCpuIo);\r
	298	if (EFI_ERROR (Status)) {\r
	299	DEBUG ((DEBUG_ERROR, "%a: locate MmCpuIo: %r\n", __FUNCTION__, Status));\r
	300	goto Fatal;\r
	301	}\r
17cb8ddb LE	302	Status = gMmst->MmLocateProtocol (&gEfiSmmCpuServiceProtocolGuid,\r
	303	NULL /* Registration /, (VOID *)&mMmCpuService);\r
	304	if (EFI_ERROR (Status)) {\r
	305	DEBUG ((DEBUG_ERROR, "%a: locate MmCpuService: %r\n", __FUNCTION__,\r
	306	Status));\r
	307	goto Fatal;\r
	308	}\r
	309	\r
	310	//\r
	311	// Our DEPEX on EFI_SMM_CPU_SERVICE_PROTOCOL guarantees that PiSmmCpuDxeSmm\r
	312	// has pointed PcdCpuHotPlugDataAddress to CPU_HOT_PLUG_DATA in SMRAM.\r
	313	//\r
	314	mCpuHotPlugData = (VOID *)(UINTN)PcdGet64 (PcdCpuHotPlugDataAddress);\r
	315	if (mCpuHotPlugData == NULL) {\r
	316	Status = EFI_NOT_FOUND;\r
	317	DEBUG ((DEBUG_ERROR, "%a: CPU_HOT_PLUG_DATA: %r\n", __FUNCTION__, Status));\r
	318	goto Fatal;\r
	319	}\r
	320	//\r
	321	// If the possible CPU count is 1, there's nothing for this driver to do.\r
	322	//\r
	323	if (mCpuHotPlugData->ArrayLength == 1) {\r
	324	return EFI_UNSUPPORTED;\r
	325	}\r
	326	//\r
	327	// Allocate the data structures that depend on the possible CPU count.\r
	328	//\r
	329	if (RETURN_ERROR (SafeUintnSub (mCpuHotPlugData->ArrayLength, 1, &Size)) \|\|\r
	330	RETURN_ERROR (SafeUintnMult (sizeof (APIC_ID), Size, &Size))) {\r
	331	Status = EFI_ABORTED;\r
	332	DEBUG ((DEBUG_ERROR, "%a: invalid CPU_HOT_PLUG_DATA\n", __FUNCTION__));\r
	333	goto Fatal;\r
	334	}\r
	335	Status = gMmst->MmAllocatePool (EfiRuntimeServicesData, Size,\r
	336	(VOID **)&mPluggedApicIds);\r
	337	if (EFI_ERROR (Status)) {\r
	338	DEBUG ((DEBUG_ERROR, "%a: MmAllocatePool(): %r\n", __FUNCTION__, Status));\r
	339	goto Fatal;\r
	340	}\r
	341	Status = gMmst->MmAllocatePool (EfiRuntimeServicesData, Size,\r
	342	(VOID **)&mToUnplugApicIds);\r
	343	if (EFI_ERROR (Status)) {\r
	344	DEBUG ((DEBUG_ERROR, "%a: MmAllocatePool(): %r\n", __FUNCTION__, Status));\r
	345	goto ReleasePluggedApicIds;\r
	346	}\r
17efae27	347	\r
bc498ac4 LE	348	//\r
	349	// Allocate the Post-SMM Pen for hot-added CPUs.\r
	350	//\r
	351	Status = SmbaseAllocatePostSmmPen (&mPostSmmPenAddress,\r
	352	SystemTable->BootServices);\r
	353	if (EFI_ERROR (Status)) {\r
	354	goto ReleaseToUnplugApicIds;\r
	355	}\r
	356	\r
f668e788 LE	357	//\r
	358	// Sanity-check the CPU hotplug interface.\r
	359	//\r
	360	// Both of the following features are part of QEMU 5.0, introduced primarily\r
	361	// in commit range 3e08b2b9cb64..3a61c8db9d25:\r
	362	//\r
	363	// (a) the QEMU_CPUHP_CMD_GET_ARCH_ID command of the modern CPU hotplug\r
	364	// interface,\r
	365	//\r
	366	// (b) the "SMRAM at default SMBASE" feature.\r
	367	//\r
	368	// From these, (b) is restricted to 5.0+ machine type versions, while (a)\r
	369	// does not depend on machine type version. Because we ensured the stricter\r
	370	// condition (b) through PcdQ35SmramAtDefaultSmbase above, the (a)\r
	371	// QEMU_CPUHP_CMD_GET_ARCH_ID command must now be available too. While we\r
	372	// can't verify the presence of precisely that command, we can still verify\r
	373	// (sanity-check) that the modern interface is active, at least.\r
	374	//\r
	375	// Consult the "Typical usecases \| Detecting and enabling modern CPU hotplug\r
	376	// interface" section in QEMU's "docs/specs/acpi_cpu_hotplug.txt", on the\r
	377	// following.\r
	378	//\r
	379	QemuCpuhpWriteCpuSelector (mMmCpuIo, 0);\r
	380	QemuCpuhpWriteCpuSelector (mMmCpuIo, 0);\r
	381	QemuCpuhpWriteCommand (mMmCpuIo, QEMU_CPUHP_CMD_GET_PENDING);\r
	382	if (QemuCpuhpReadCommandData2 (mMmCpuIo) != 0) {\r
	383	Status = EFI_NOT_FOUND;\r
	384	DEBUG ((DEBUG_ERROR, "%a: modern CPU hotplug interface: %r\n",\r
	385	__FUNCTION__, Status));\r
bc498ac4	386	goto ReleasePostSmmPen;\r
f668e788 LE	387	}\r
f668e788 LE	388	\r
17efae27 LE	389	//\r
	390	// Register the handler for the CPU Hotplug MMI.\r
	391	//\r
	392	Status = gMmst->MmiHandlerRegister (\r
	393	CpuHotplugMmi,\r
	394	NULL, // HandlerType: root MMI handler\r
	395	&mDispatchHandle\r
	396	);\r
	397	if (EFI_ERROR (Status)) {\r
	398	DEBUG ((DEBUG_ERROR, "%a: MmiHandlerRegister(): %r\n", __FUNCTION__,\r
	399	Status));\r
bc498ac4	400	goto ReleasePostSmmPen;\r
17efae27 LE	401	}\r
17efae27 LE	402	\r
bc498ac4 LE	403	//\r
	404	// Install the handler for the hot-added CPUs' first SMI.\r
	405	//\r
	406	SmbaseInstallFirstSmiHandler ();\r
	407	\r
17efae27 LE	408	return EFI_SUCCESS;\r
17efae27 LE	409	\r
bc498ac4 LE	410	ReleasePostSmmPen:\r
	411	SmbaseReleasePostSmmPen (mPostSmmPenAddress, SystemTable->BootServices);\r
	412	mPostSmmPenAddress = 0;\r
	413	\r
17cb8ddb LE	414	ReleaseToUnplugApicIds:\r
	415	gMmst->MmFreePool (mToUnplugApicIds);\r
	416	mToUnplugApicIds = NULL;\r
	417	\r
	418	ReleasePluggedApicIds:\r
	419	gMmst->MmFreePool (mPluggedApicIds);\r
	420	mPluggedApicIds = NULL;\r
	421	\r
17efae27 LE	422	Fatal:\r
	423	ASSERT (FALSE);\r
	424	CpuDeadLoop ();\r
	425	return Status;\r
	426	}\r