[mirror_edk2.git] / OvmfPkg / Library / PeilessStartupLib / PeilessStartup.c

/** @file\r
\r
  Copyright (c) 2021, Intel Corporation. All rights reserved.<BR>\r
\r
  SPDX-License-Identifier: BSD-2-Clause-Patent\r
\r
**/\r
\r
#include <PiPei.h>\r
#include <Library/BaseLib.h>\r
#include <Library/BaseMemoryLib.h>\r
#include <Library/MemoryAllocationLib.h>\r
#include <Library/DebugLib.h>\r
#include <Protocol/DebugSupport.h>\r
#include <Library/TdxLib.h>\r
#include <IndustryStandard/Tdx.h>\r
#include <Library/PrePiLib.h>\r
#include <Library/PeilessStartupLib.h>\r
#include <Library/PlatformInitLib.h>\r
#include <ConfidentialComputingGuestAttr.h>\r
#include <Guid/MemoryTypeInformation.h>\r
#include <OvmfPlatforms.h>\r
#include "PeilessStartupInternal.h"\r
\r
#define GET_GPAW_INIT_STATE(INFO)  ((UINT8) ((INFO) & 0x3f))\r
\r
EFI_MEMORY_TYPE_INFORMATION  mDefaultMemoryTypeInformation[] = {\r
  { EfiACPIMemoryNVS,       0x004 },\r
  { EfiACPIReclaimMemory,   0x008 },\r
  { EfiReservedMemoryType,  0x004 },\r
  { EfiRuntimeServicesData, 0x024 },\r
  { EfiRuntimeServicesCode, 0x030 },\r
  { EfiBootServicesCode,    0x180 },\r
  { EfiBootServicesData,    0xF00 },\r
  { EfiMaxMemoryType,       0x000 }\r
};\r
\r
EFI_STATUS\r
EFIAPI\r
InitializePlatform (\r
  EFI_HOB_PLATFORM_INFO  *PlatformInfoHob\r
  )\r
{\r
  VOID  *VariableStore;\r
\r
  DEBUG ((DEBUG_INFO, "InitializePlatform in Pei-less boot\n"));\r
  PlatformDebugDumpCmos ();\r
\r
  PlatformInfoHob->DefaultMaxCpuNumber = 64;\r
  PlatformInfoHob->PcdPciMmio64Size    = 0x800000000;\r
\r
  PlatformInfoHob->HostBridgeDevId = PciRead16 (OVMF_HOSTBRIDGE_DID);\r
  DEBUG ((DEBUG_INFO, "HostBridgeDeviceId = 0x%x\n", PlatformInfoHob->HostBridgeDevId));\r
\r
  PlatformAddressWidthInitialization (PlatformInfoHob);\r
  DEBUG ((\r
    DEBUG_INFO,\r
    "PhysMemAddressWidth=0x%x, Pci64Base=0x%llx, Pci64Size=0x%llx\n",\r
    PlatformInfoHob->PhysMemAddressWidth,\r
    PlatformInfoHob->PcdPciMmio64Base,\r
    PlatformInfoHob->PcdPciMmio64Size\r
    ));\r
\r
  PlatformMaxCpuCountInitialization (PlatformInfoHob);\r
  DEBUG ((\r
    DEBUG_INFO,\r
    "MaxCpuCount=%d, BootCpuCount=%d\n",\r
    PlatformInfoHob->PcdCpuMaxLogicalProcessorNumber,\r
    PlatformInfoHob->PcdCpuBootLogicalProcessorNumber\r
    ));\r
\r
  PlatformGetSystemMemorySizeBelow4gb (PlatformInfoHob);\r
  PlatformQemuUc32BaseInitialization (PlatformInfoHob);\r
  DEBUG ((\r
    DEBUG_INFO,\r
    "Uc32Base = 0x%x, Uc32Size = 0x%x, LowerMemorySize = 0x%x\n",\r
    PlatformInfoHob->Uc32Base,\r
    PlatformInfoHob->Uc32Size,\r
    PlatformInfoHob->LowMemory\r
    ));\r
\r
  VariableStore                                  = PlatformReserveEmuVariableNvStore ();\r
  PlatformInfoHob->PcdEmuVariableNvStoreReserved = (UINT64)(UINTN)VariableStore;\r
 #ifdef SECURE_BOOT_FEATURE_ENABLED\r
  PlatformInitEmuVariableNvStore (VariableStore);\r
 #endif\r
\r
  if (TdIsEnabled ()) {\r
    PlatformTdxPublishRamRegions ();\r
  } else {\r
    PlatformQemuInitializeRam (PlatformInfoHob);\r
    PlatformQemuInitializeRamForS3 (PlatformInfoHob);\r
  }\r
\r
  //\r
  // Create Memory Type Information HOB\r
  //\r
  BuildGuidDataHob (\r
    &gEfiMemoryTypeInformationGuid,\r
    mDefaultMemoryTypeInformation,\r
    sizeof (mDefaultMemoryTypeInformation)\r
    );\r
\r
  PlatformMemMapInitialization (PlatformInfoHob);\r
\r
  PlatformNoexecDxeInitialization (PlatformInfoHob);\r
\r
  if (TdIsEnabled ()) {\r
    PlatformInfoHob->PcdConfidentialComputingGuestAttr = CCAttrIntelTdx;\r
    PlatformInfoHob->PcdTdxSharedBitMask               = TdSharedPageMask ();\r
    PlatformInfoHob->PcdSetNxForStack                  = TRUE;\r
  }\r
\r
  PlatformMiscInitialization (PlatformInfoHob);\r
\r
  return EFI_SUCCESS;\r
}\r
\r
/**\r
 * This function brings up the Tdx guest from SEC phase to DXE phase.\r
 * PEI phase is skipped because most of the components in PEI phase\r
 * is not needed for Tdx guest, for example, MP Services, TPM etc.\r
 * In this way, the attack surfaces are reduced as much as possible.\r
 *\r
 * @param Context   The pointer to the SecCoreData\r
 * @return VOID     This function never returns\r
 */\r
VOID\r
EFIAPI\r
PeilessStartup (\r
  IN VOID  *Context\r
  )\r
{\r
  EFI_SEC_PEI_HAND_OFF        *SecCoreData;\r
  EFI_FIRMWARE_VOLUME_HEADER  *BootFv;\r
  EFI_STATUS                  Status;\r
  EFI_HOB_PLATFORM_INFO       PlatformInfoHob;\r
  UINT32                      DxeCodeBase;\r
  UINT32                      DxeCodeSize;\r
  TD_RETURN_DATA              TdReturnData;\r
  VOID                        *VmmHobList;\r
  UINT8                       *CfvBase;\r
\r
  Status      = EFI_SUCCESS;\r
  BootFv      = NULL;\r
  VmmHobList  = NULL;\r
  SecCoreData = (EFI_SEC_PEI_HAND_OFF *)Context;\r
  CfvBase     = (UINT8 *)(UINTN)FixedPcdGet32 (PcdCfvBase);\r
\r
  ZeroMem (&PlatformInfoHob, sizeof (PlatformInfoHob));\r
\r
  if (TdIsEnabled ()) {\r
    VmmHobList = (VOID *)(UINTN)FixedPcdGet32 (PcdOvmfSecGhcbBase);\r
    Status     = TdCall (TDCALL_TDINFO, 0, 0, 0, &TdReturnData);\r
    ASSERT (Status == EFI_SUCCESS);\r
\r
    DEBUG ((\r
      DEBUG_INFO,\r
      "Tdx started with(Hob: 0x%x, Gpaw: 0x%x, Cpus: %d)\n",\r
      (UINT32)(UINTN)VmmHobList,\r
      GET_GPAW_INIT_STATE (TdReturnData.TdInfo.Gpaw),\r
      TdReturnData.TdInfo.NumVcpus\r
      ));\r
\r
    Status = ConstructFwHobList (VmmHobList);\r
  } else {\r
    DEBUG ((DEBUG_INFO, "Ovmf started\n"));\r
    Status = ConstructSecHobList ();\r
  }\r
\r
  if (EFI_ERROR (Status)) {\r
    ASSERT (FALSE);\r
    CpuDeadLoop ();\r
  }\r
\r
  DEBUG ((DEBUG_INFO, "HobList: %p\n", GetHobList ()));\r
\r
  if (TdIsEnabled ()) {\r
    //\r
    // Measure HobList\r
    //\r
    Status = MeasureHobList (VmmHobList);\r
    if (EFI_ERROR (Status)) {\r
      ASSERT (FALSE);\r
      CpuDeadLoop ();\r
    }\r
\r
    //\r
    // Measure Tdx CFV\r
    //\r
    Status = MeasureFvImage ((EFI_PHYSICAL_ADDRESS)(UINTN)CfvBase, FixedPcdGet32 (PcdCfvRawDataSize), 1);\r
    if (EFI_ERROR (Status)) {\r
      ASSERT (FALSE);\r
      CpuDeadLoop ();\r
    }\r
  }\r
\r
  //\r
  // Initialize the Platform\r
  //\r
  Status = InitializePlatform (&PlatformInfoHob);\r
  if (EFI_ERROR (Status)) {\r
    ASSERT (FALSE);\r
    CpuDeadLoop ();\r
  }\r
\r
  BuildGuidDataHob (&gUefiOvmfPkgPlatformInfoGuid, &PlatformInfoHob, sizeof (EFI_HOB_PLATFORM_INFO));\r
\r
  //\r
  // SecFV\r
  //\r
  BootFv = (EFI_FIRMWARE_VOLUME_HEADER *)SecCoreData->BootFirmwareVolumeBase;\r
  BuildFvHob ((UINTN)BootFv, BootFv->FvLength);\r
\r
  //\r
  // DxeFV\r
  //\r
  DxeCodeBase = PcdGet32 (PcdBfvBase);\r
  DxeCodeSize = PcdGet32 (PcdBfvRawDataSize) - (UINT32)BootFv->FvLength;\r
  BuildFvHob (DxeCodeBase, DxeCodeSize);\r
\r
  DEBUG ((DEBUG_INFO, "SecFv : %p, 0x%x\n", BootFv, BootFv->FvLength));\r
  DEBUG ((DEBUG_INFO, "DxeFv : %x, 0x%x\n", DxeCodeBase, DxeCodeSize));\r
\r
  BuildStackHob ((UINTN)SecCoreData->StackBase, SecCoreData->StackSize <<= 1);\r
\r
  BuildResourceDescriptorHob (\r
    EFI_RESOURCE_SYSTEM_MEMORY,\r
    EFI_RESOURCE_ATTRIBUTE_PRESENT |\r
    EFI_RESOURCE_ATTRIBUTE_INITIALIZED |\r
    EFI_RESOURCE_ATTRIBUTE_UNCACHEABLE |\r
    EFI_RESOURCE_ATTRIBUTE_WRITE_COMBINEABLE |\r
    EFI_RESOURCE_ATTRIBUTE_WRITE_THROUGH_CACHEABLE |\r
    EFI_RESOURCE_ATTRIBUTE_WRITE_BACK_CACHEABLE |\r
    EFI_RESOURCE_ATTRIBUTE_TESTED,\r
    (UINT64)SecCoreData->TemporaryRamBase,\r
    (UINT64)SecCoreData->TemporaryRamSize\r
    );\r
\r
  //\r
  // Load the DXE Core and transfer control to it.\r
  // Only DxeFV is in the compressed section.\r
  //\r
  Status = DxeLoadCore (1);\r
\r
  //\r
  // Never arrive here.\r
  //\r
  ASSERT (FALSE);\r
  CpuDeadLoop ();\r
}\r
Commit	Line	Data
4fe26784 MX	1	/** @file\r
	2	\r
	3	Copyright (c) 2021, Intel Corporation. All rights reserved.<BR>\r
	4	\r
	5	SPDX-License-Identifier: BSD-2-Clause-Patent\r
	6	\r
	7	**/\r
	8	\r
	9	#include <PiPei.h>\r
	10	#include <Library/BaseLib.h>\r
	11	#include <Library/BaseMemoryLib.h>\r
	12	#include <Library/MemoryAllocationLib.h>\r
	13	#include <Library/DebugLib.h>\r
	14	#include <Protocol/DebugSupport.h>\r
	15	#include <Library/TdxLib.h>\r
	16	#include <IndustryStandard/Tdx.h>\r
	17	#include <Library/PrePiLib.h>\r
	18	#include <Library/PeilessStartupLib.h>\r
	19	#include <Library/PlatformInitLib.h>\r
	20	#include <ConfidentialComputingGuestAttr.h>\r
	21	#include <Guid/MemoryTypeInformation.h>\r
	22	#include <OvmfPlatforms.h>\r
	23	#include "PeilessStartupInternal.h"\r
	24	\r
	25	#define GET_GPAW_INIT_STATE(INFO) ((UINT8) ((INFO) & 0x3f))\r
	26	\r
	27	EFI_MEMORY_TYPE_INFORMATION mDefaultMemoryTypeInformation[] = {\r
	28	{ EfiACPIMemoryNVS, 0x004 },\r
	29	{ EfiACPIReclaimMemory, 0x008 },\r
	30	{ EfiReservedMemoryType, 0x004 },\r
	31	{ EfiRuntimeServicesData, 0x024 },\r
	32	{ EfiRuntimeServicesCode, 0x030 },\r
	33	{ EfiBootServicesCode, 0x180 },\r
	34	{ EfiBootServicesData, 0xF00 },\r
	35	{ EfiMaxMemoryType, 0x000 }\r
	36	};\r
	37	\r
	38	EFI_STATUS\r
	39	EFIAPI\r
	40	InitializePlatform (\r
	41	EFI_HOB_PLATFORM_INFO *PlatformInfoHob\r
	42	)\r
	43	{\r
124b7650	44	VOID *VariableStore;\r
4fe26784 MX	45	\r
	46	DEBUG ((DEBUG_INFO, "InitializePlatform in Pei-less boot\n"));\r
	47	PlatformDebugDumpCmos ();\r
	48	\r
	49	PlatformInfoHob->DefaultMaxCpuNumber = 64;\r
	50	PlatformInfoHob->PcdPciMmio64Size = 0x800000000;\r
	51	\r
	52	PlatformInfoHob->HostBridgeDevId = PciRead16 (OVMF_HOSTBRIDGE_DID);\r
	53	DEBUG ((DEBUG_INFO, "HostBridgeDeviceId = 0x%x\n", PlatformInfoHob->HostBridgeDevId));\r
	54	\r
	55	PlatformAddressWidthInitialization (PlatformInfoHob);\r
	56	DEBUG ((\r
	57	DEBUG_INFO,\r
	58	"PhysMemAddressWidth=0x%x, Pci64Base=0x%llx, Pci64Size=0x%llx\n",\r
	59	PlatformInfoHob->PhysMemAddressWidth,\r
	60	PlatformInfoHob->PcdPciMmio64Base,\r
	61	PlatformInfoHob->PcdPciMmio64Size\r
	62	));\r
	63	\r
	64	PlatformMaxCpuCountInitialization (PlatformInfoHob);\r
	65	DEBUG ((\r
	66	DEBUG_INFO,\r
	67	"MaxCpuCount=%d, BootCpuCount=%d\n",\r
	68	PlatformInfoHob->PcdCpuMaxLogicalProcessorNumber,\r
	69	PlatformInfoHob->PcdCpuBootLogicalProcessorNumber\r
	70	));\r
	71	\r
124b7650	72	PlatformGetSystemMemorySizeBelow4gb (PlatformInfoHob);\r
4fe26784 MX	73	PlatformQemuUc32BaseInitialization (PlatformInfoHob);\r
	74	DEBUG ((\r
	75	DEBUG_INFO,\r
	76	"Uc32Base = 0x%x, Uc32Size = 0x%x, LowerMemorySize = 0x%x\n",\r
	77	PlatformInfoHob->Uc32Base,\r
	78	PlatformInfoHob->Uc32Size,\r
124b7650	79	PlatformInfoHob->LowMemory\r
4fe26784 MX	80	));\r
4fe26784 MX	81	\r
ee91d9ef MX	82	VariableStore = PlatformReserveEmuVariableNvStore ();\r
	83	PlatformInfoHob->PcdEmuVariableNvStoreReserved = (UINT64)(UINTN)VariableStore;\r
	84	#ifdef SECURE_BOOT_FEATURE_ENABLED\r
	85	PlatformInitEmuVariableNvStore (VariableStore);\r
	86	#endif\r
	87	\r
4fe26784 MX	88	if (TdIsEnabled ()) {\r
	89	PlatformTdxPublishRamRegions ();\r
	90	} else {\r
	91	PlatformQemuInitializeRam (PlatformInfoHob);\r
	92	PlatformQemuInitializeRamForS3 (PlatformInfoHob);\r
	93	}\r
	94	\r
	95	//\r
	96	// Create Memory Type Information HOB\r
	97	//\r
	98	BuildGuidDataHob (\r
	99	&gEfiMemoryTypeInformationGuid,\r
	100	mDefaultMemoryTypeInformation,\r
	101	sizeof (mDefaultMemoryTypeInformation)\r
	102	);\r
	103	\r
	104	PlatformMemMapInitialization (PlatformInfoHob);\r
	105	\r
	106	PlatformNoexecDxeInitialization (PlatformInfoHob);\r
	107	\r
	108	if (TdIsEnabled ()) {\r
	109	PlatformInfoHob->PcdConfidentialComputingGuestAttr = CCAttrIntelTdx;\r
	110	PlatformInfoHob->PcdTdxSharedBitMask = TdSharedPageMask ();\r
	111	PlatformInfoHob->PcdSetNxForStack = TRUE;\r
	112	}\r
	113	\r
	114	PlatformMiscInitialization (PlatformInfoHob);\r
	115	\r
	116	return EFI_SUCCESS;\r
	117	}\r
	118	\r
	119	/**\r
	120	* This function brings up the Tdx guest from SEC phase to DXE phase.\r
	121	* PEI phase is skipped because most of the components in PEI phase\r
	122	* is not needed for Tdx guest, for example, MP Services, TPM etc.\r
	123	* In this way, the attack surfaces are reduced as much as possible.\r
	124	*\r
	125	* @param Context The pointer to the SecCoreData\r
	126	* @return VOID This function never returns\r
	127	*/\r
	128	VOID\r
	129	EFIAPI\r
	130	PeilessStartup (\r
	131	IN VOID *Context\r
	132	)\r
	133	{\r
	134	EFI_SEC_PEI_HAND_OFF *SecCoreData;\r
	135	EFI_FIRMWARE_VOLUME_HEADER *BootFv;\r
	136	EFI_STATUS Status;\r
	137	EFI_HOB_PLATFORM_INFO PlatformInfoHob;\r
	138	UINT32 DxeCodeBase;\r
	139	UINT32 DxeCodeSize;\r
	140	TD_RETURN_DATA TdReturnData;\r
	141	VOID *VmmHobList;\r
4b0a6226	142	UINT8 *CfvBase;\r
4fe26784 MX	143	\r
	144	Status = EFI_SUCCESS;\r
	145	BootFv = NULL;\r
	146	VmmHobList = NULL;\r
	147	SecCoreData = (EFI_SEC_PEI_HAND_OFF *)Context;\r
4b0a6226	148	CfvBase = (UINT8 *)(UINTN)FixedPcdGet32 (PcdCfvBase);\r
4fe26784 MX	149	\r
	150	ZeroMem (&PlatformInfoHob, sizeof (PlatformInfoHob));\r
	151	\r
	152	if (TdIsEnabled ()) {\r
	153	VmmHobList = (VOID *)(UINTN)FixedPcdGet32 (PcdOvmfSecGhcbBase);\r
	154	Status = TdCall (TDCALL_TDINFO, 0, 0, 0, &TdReturnData);\r
	155	ASSERT (Status == EFI_SUCCESS);\r
	156	\r
	157	DEBUG ((\r
	158	DEBUG_INFO,\r
	159	"Tdx started with(Hob: 0x%x, Gpaw: 0x%x, Cpus: %d)\n",\r
	160	(UINT32)(UINTN)VmmHobList,\r
	161	GET_GPAW_INIT_STATE (TdReturnData.TdInfo.Gpaw),\r
	162	TdReturnData.TdInfo.NumVcpus\r
	163	));\r
	164	\r
	165	Status = ConstructFwHobList (VmmHobList);\r
	166	} else {\r
	167	DEBUG ((DEBUG_INFO, "Ovmf started\n"));\r
	168	Status = ConstructSecHobList ();\r
	169	}\r
	170	\r
	171	if (EFI_ERROR (Status)) {\r
	172	ASSERT (FALSE);\r
	173	CpuDeadLoop ();\r
	174	}\r
	175	\r
	176	DEBUG ((DEBUG_INFO, "HobList: %p\n", GetHobList ()));\r
	177	\r
4b0a6226 MX	178	if (TdIsEnabled ()) {\r
	179	//\r
	180	// Measure HobList\r
	181	//\r
	182	Status = MeasureHobList (VmmHobList);\r
	183	if (EFI_ERROR (Status)) {\r
	184	ASSERT (FALSE);\r
	185	CpuDeadLoop ();\r
	186	}\r
	187	\r
4b0a6226 MX	188	//\r
	189	// Measure Tdx CFV\r
	190	//\r
	191	Status = MeasureFvImage ((EFI_PHYSICAL_ADDRESS)(UINTN)CfvBase, FixedPcdGet32 (PcdCfvRawDataSize), 1);\r
	192	if (EFI_ERROR (Status)) {\r
	193	ASSERT (FALSE);\r
	194	CpuDeadLoop ();\r
	195	}\r
	196	}\r
	197	\r
4fe26784 MX	198	//\r
	199	// Initialize the Platform\r
	200	//\r
	201	Status = InitializePlatform (&PlatformInfoHob);\r
	202	if (EFI_ERROR (Status)) {\r
	203	ASSERT (FALSE);\r
	204	CpuDeadLoop ();\r
	205	}\r
	206	\r
	207	BuildGuidDataHob (&gUefiOvmfPkgPlatformInfoGuid, &PlatformInfoHob, sizeof (EFI_HOB_PLATFORM_INFO));\r
	208	\r
	209	//\r
	210	// SecFV\r
	211	//\r
	212	BootFv = (EFI_FIRMWARE_VOLUME_HEADER *)SecCoreData->BootFirmwareVolumeBase;\r
	213	BuildFvHob ((UINTN)BootFv, BootFv->FvLength);\r
	214	\r
	215	//\r
	216	// DxeFV\r
	217	//\r
	218	DxeCodeBase = PcdGet32 (PcdBfvBase);\r
	219	DxeCodeSize = PcdGet32 (PcdBfvRawDataSize) - (UINT32)BootFv->FvLength;\r
	220	BuildFvHob (DxeCodeBase, DxeCodeSize);\r
	221	\r
	222	DEBUG ((DEBUG_INFO, "SecFv : %p, 0x%x\n", BootFv, BootFv->FvLength));\r
	223	DEBUG ((DEBUG_INFO, "DxeFv : %x, 0x%x\n", DxeCodeBase, DxeCodeSize));\r
	224	\r
	225	BuildStackHob ((UINTN)SecCoreData->StackBase, SecCoreData->StackSize <<= 1);\r
	226	\r
	227	BuildResourceDescriptorHob (\r
	228	EFI_RESOURCE_SYSTEM_MEMORY,\r
	229	EFI_RESOURCE_ATTRIBUTE_PRESENT \|\r
	230	EFI_RESOURCE_ATTRIBUTE_INITIALIZED \|\r
	231	EFI_RESOURCE_ATTRIBUTE_UNCACHEABLE \|\r
	232	EFI_RESOURCE_ATTRIBUTE_WRITE_COMBINEABLE \|\r
	233	EFI_RESOURCE_ATTRIBUTE_WRITE_THROUGH_CACHEABLE \|\r
	234	EFI_RESOURCE_ATTRIBUTE_WRITE_BACK_CACHEABLE \|\r
	235	EFI_RESOURCE_ATTRIBUTE_TESTED,\r
	236	(UINT64)SecCoreData->TemporaryRamBase,\r
	237	(UINT64)SecCoreData->TemporaryRamSize\r
	238	);\r
	239	\r
	240	//\r
	241	// Load the DXE Core and transfer control to it.\r
	242	// Only DxeFV is in the compressed section.\r
	243	//\r
	244	Status = DxeLoadCore (1);\r
	245	\r
	246	//\r
	247	// Never arrive here.\r
	248	//\r
	249	ASSERT (FALSE);\r
	250	CpuDeadLoop ();\r
	251	}\r