[mirror_edk2.git] / UefiCpuPkg / Library / MpInitLib / X64 / MpFuncs.nasm

;------------------------------------------------------------------------------ ;\r
; Copyright (c) 2015 - 2017, Intel Corporation. All rights reserved.<BR>\r
; This program and the accompanying materials\r
; are licensed and made available under the terms and conditions of the BSD License\r
; which accompanies this distribution.  The full text of the license may be found at\r
; http://opensource.org/licenses/bsd-license.php.\r
;\r
; THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS,\r
; WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER EXPRESS OR IMPLIED.\r
;\r
; Module Name:\r
;\r
;   MpFuncs.nasm\r
;\r
; Abstract:\r
;\r
;   This is the assembly code for MP support\r
;\r
;-------------------------------------------------------------------------------\r
\r
%include "MpEqu.inc"\r
extern ASM_PFX(InitializeFloatingPointUnits)\r
\r
DEFAULT REL\r
\r
SECTION .text\r
\r
;-------------------------------------------------------------------------------------\r
;RendezvousFunnelProc  procedure follows. All APs execute their procedure. This\r
;procedure serializes all the AP processors through an Init sequence. It must be\r
;noted that APs arrive here very raw...ie: real mode, no stack.\r
;ALSO THIS PROCEDURE IS EXECUTED BY APs ONLY ON 16 BIT MODE. HENCE THIS PROC\r
;IS IN MACHINE CODE.\r
;-------------------------------------------------------------------------------------\r
global ASM_PFX(RendezvousFunnelProc)\r
ASM_PFX(RendezvousFunnelProc):\r
RendezvousFunnelProcStart:\r
; At this point CS = 0x(vv00) and ip= 0x0.\r
; Save BIST information to ebp firstly\r
\r
BITS 16\r
    mov        ebp, eax                        ; Save BIST information\r
\r
    mov        ax, cs\r
    mov        ds, ax\r
    mov        es, ax\r
    mov        ss, ax\r
    xor        ax, ax\r
    mov        fs, ax\r
    mov        gs, ax\r
\r
    mov        si,  BufferStartLocation\r
    mov        ebx, [si]\r
\r
    mov        di,  ModeOffsetLocation\r
    mov        eax, [di]\r
    mov        di,  CodeSegmentLocation\r
    mov        edx, [di]\r
    mov        di,  ax\r
    sub        di,  02h\r
    mov        [di],dx                         ; Patch long mode CS\r
    sub        di,  04h\r
    add        eax, ebx\r
    mov        [di],eax                        ; Patch address\r
\r
    mov        si, GdtrLocation\r
o32 lgdt       [cs:si]\r
\r
    mov        si, IdtrLocation\r
o32 lidt       [cs:si]\r
\r
    mov        si, EnableExecuteDisableLocation\r
    cmp        byte [si], 0\r
    jz         SkipEnableExecuteDisableBit\r
\r
    ;\r
    ; Enable execute disable bit\r
    ;\r
    mov        ecx, 0c0000080h             ; EFER MSR number\r
    rdmsr                                  ; Read EFER\r
    bts        eax, 11                     ; Enable Execute Disable Bit\r
    wrmsr                                  ; Write EFER\r
\r
SkipEnableExecuteDisableBit:\r
\r
    mov        di,  DataSegmentLocation\r
    mov        edi, [di]                   ; Save long mode DS in edi\r
\r
    mov        si, Cr3Location             ; Save CR3 in ecx\r
    mov        ecx, [si]\r
\r
    xor        ax,  ax\r
    mov        ds,  ax                     ; Clear data segment\r
\r
    mov        eax, cr0                    ; Get control register 0\r
    or         eax, 000000003h             ; Set PE bit (bit #0) & MP\r
    mov        cr0, eax\r
\r
    mov        eax, cr4\r
    bts        eax, 5\r
    mov        cr4, eax\r
\r
    mov        cr3, ecx                    ; Load CR3\r
\r
    mov        ecx, 0c0000080h             ; EFER MSR number\r
    rdmsr                                  ; Read EFER\r
    bts        eax, 8                      ; Set LME=1\r
    wrmsr                                  ; Write EFER\r
\r
    mov        eax, cr0                    ; Read CR0\r
    bts        eax, 31                     ; Set PG=1\r
    mov        cr0, eax                    ; Write CR0\r
\r
    jmp        0:strict dword 0  ; far jump to long mode\r
BITS 64\r
LongModeStart:\r
    mov        eax, edi\r
    mov        ds,  ax\r
    mov        es,  ax\r
    mov        ss,  ax\r
\r
    mov        esi, ebx\r
    lea        edi, [esi + InitFlagLocation]\r
    cmp        qword [edi], 1       ; ApInitConfig\r
    jnz        GetApicId\r
\r
    ; Increment the number of APs executing here as early as possible\r
    ; This is decremented in C code when AP is finished executing\r
    mov        edi, esi\r
    add        edi, NumApsExecutingLocation\r
    lock inc   dword [edi]\r
\r
    ; AP init\r
    mov        edi, esi\r
    add        edi, LockLocation\r
    mov        rax, NotVacantFlag\r
\r
TestLock:\r
    xchg       qword [edi], rax\r
    cmp        rax, NotVacantFlag\r
    jz         TestLock\r
\r
    lea        ecx, [esi + ApIndexLocation]\r
    inc        dword [ecx]\r
    mov        ebx, [ecx]\r
\r
Releaselock:\r
    mov        rax, VacantFlag\r
    xchg       qword [edi], rax\r
    ; program stack\r
    mov        edi, esi\r
    add        edi, StackSizeLocation\r
    mov        eax, dword [edi]\r
    mov        ecx, ebx\r
    inc        ecx\r
    mul        ecx                               ; EAX = StackSize * (CpuNumber + 1)\r
    mov        edi, esi\r
    add        edi, StackStartAddressLocation\r
    add        rax, qword [edi]\r
    mov        rsp, rax\r
    jmp        CProcedureInvoke\r
\r
GetApicId:\r
    mov        eax, 0\r
    cpuid\r
    cmp        eax, 0bh\r
    jb         NoX2Apic             ; CPUID level below CPUID_EXTENDED_TOPOLOGY\r
\r
    mov        eax, 0bh\r
    xor        ecx, ecx\r
    cpuid\r
    test       ebx, 0ffffh\r
    jz         NoX2Apic             ; CPUID.0BH:EBX[15:0] is zero\r
\r
    ; Processor is x2APIC capable; 32-bit x2APIC ID is already in EDX\r
    jmp        GetProcessorNumber\r
\r
NoX2Apic:\r
    ; Processor is not x2APIC capable, so get 8-bit APIC ID\r
    mov        eax, 1\r
    cpuid\r
    shr        ebx, 24\r
    mov        edx, ebx\r
\r
GetProcessorNumber:\r
    ;\r
    ; Get processor number for this AP\r
    ; Note that BSP may become an AP due to SwitchBsp()\r
    ;\r
    xor         ebx, ebx\r
    lea         eax, [esi + CpuInfoLocation]\r
    mov         edi, [eax]\r
\r
GetNextProcNumber:\r
    cmp         dword [edi], edx                      ; APIC ID match?\r
    jz          ProgramStack\r
    add         edi, 20\r
    inc         ebx\r
    jmp         GetNextProcNumber    \r
\r
ProgramStack:\r
    mov         rsp, qword [edi + 12]\r
\r
CProcedureInvoke:\r
    push       rbp               ; Push BIST data at top of AP stack\r
    xor        rbp, rbp          ; Clear ebp for call stack trace\r
    push       rbp\r
    mov        rbp, rsp\r
\r
    mov        rax, qword [esi + InitializeFloatingPointUnitsAddress]\r
    sub        rsp, 20h\r
    call       rax               ; Call assembly function to initialize FPU per UEFI spec\r
    add        rsp, 20h\r
\r
    mov        edx, ebx          ; edx is ApIndex\r
    mov        ecx, esi\r
    add        ecx, LockLocation ; rcx is address of exchange info data buffer\r
\r
    mov        edi, esi\r
    add        edi, ApProcedureLocation\r
    mov        rax, qword [edi]\r
\r
    sub        rsp, 20h\r
    call       rax               ; Invoke C function\r
    add        rsp, 20h\r
    jmp        $                 ; Should never reach here\r
\r
RendezvousFunnelProcEnd:\r
\r
;-------------------------------------------------------------------------------------\r
;  AsmRelocateApLoop (MwaitSupport, ApTargetCState, PmCodeSegment, TopOfApStack, CountTofinish);\r
;-------------------------------------------------------------------------------------\r
global ASM_PFX(AsmRelocateApLoop)\r
ASM_PFX(AsmRelocateApLoop):\r
AsmRelocateApLoopStart:\r
    mov        rax, [rsp + 40]   ; CountTofinish\r
    lock dec   dword [rax]       ; (*CountTofinish)--\r
    mov        rsp, r9\r
    push       rcx\r
    push       rdx\r
\r
    lea        rsi, [PmEntry]    ; rsi <- The start address of transition code\r
\r
    push       r8\r
    push       rsi\r
    DB         0x48\r
    retf\r
BITS 32\r
PmEntry:\r
    mov        eax, cr0\r
    btr        eax, 31           ; Clear CR0.PG\r
    mov        cr0, eax          ; Disable paging and caches\r
\r
    mov        ebx, edx          ; Save EntryPoint to rbx, for rdmsr will overwrite rdx\r
    mov        ecx, 0xc0000080\r
    rdmsr\r
    and        ah, ~ 1           ; Clear LME\r
    wrmsr\r
    mov        eax, cr4\r
    and        al, ~ (1 << 5)    ; Clear PAE\r
    mov        cr4, eax\r
\r
    pop        edx\r
    add        esp, 4\r
    pop        ecx,\r
    add        esp, 4\r
    cmp        cl, 1              ; Check mwait-monitor support\r
    jnz        HltLoop\r
    mov        ebx, edx           ; Save C-State to ebx\r
MwaitLoop:\r
    mov        eax, esp           ; Set Monitor Address\r
    xor        ecx, ecx           ; ecx = 0\r
    xor        edx, edx           ; edx = 0\r
    monitor\r
    mov        eax, ebx           ; Mwait Cx, Target C-State per eax[7:4]\r
    shl        eax, 4\r
    mwait\r
    jmp        MwaitLoop\r
HltLoop:\r
    cli\r
    hlt\r
    jmp        HltLoop\r
BITS 64\r
AsmRelocateApLoopEnd:\r
\r
;-------------------------------------------------------------------------------------\r
;  AsmGetAddressMap (&AddressMap);\r
;-------------------------------------------------------------------------------------\r
global ASM_PFX(AsmGetAddressMap)\r
ASM_PFX(AsmGetAddressMap):\r
    lea        rax, [ASM_PFX(RendezvousFunnelProc)]\r
    mov        qword [rcx], rax\r
    mov        qword [rcx +  8h], LongModeStart - RendezvousFunnelProcStart\r
    mov        qword [rcx + 10h], RendezvousFunnelProcEnd - RendezvousFunnelProcStart\r
    lea        rax, [ASM_PFX(AsmRelocateApLoop)]\r
    mov        qword [rcx + 18h], rax\r
    mov        qword [rcx + 20h], AsmRelocateApLoopEnd - AsmRelocateApLoopStart\r
    ret\r
\r
;-------------------------------------------------------------------------------------\r
;AsmExchangeRole procedure follows. This procedure executed by current BSP, that is\r
;about to become an AP. It switches its stack with the current AP.\r
;AsmExchangeRole (IN   CPU_EXCHANGE_INFO    *MyInfo, IN   CPU_EXCHANGE_INFO    *OthersInfo);\r
;-------------------------------------------------------------------------------------\r
global ASM_PFX(AsmExchangeRole)\r
ASM_PFX(AsmExchangeRole):\r
    ; DO NOT call other functions in this function, since 2 CPU may use 1 stack\r
    ; at the same time. If 1 CPU try to call a function, stack will be corrupted.\r
\r
    push       rax\r
    push       rbx\r
    push       rcx\r
    push       rdx\r
    push       rsi\r
    push       rdi\r
    push       rbp\r
    push       r8\r
    push       r9\r
    push       r10\r
    push       r11\r
    push       r12\r
    push       r13\r
    push       r14\r
    push       r15\r
\r
    mov        rax, cr0\r
    push       rax\r
\r
    mov        rax, cr4\r
    push       rax\r
\r
    ; rsi contains MyInfo pointer\r
    mov        rsi, rcx\r
\r
    ; rdi contains OthersInfo pointer\r
    mov        rdi, rdx\r
\r
    ;Store EFLAGS, GDTR and IDTR regiter to stack\r
    pushfq\r
    sgdt       [rsi + 16]\r
    sidt       [rsi + 26]\r
\r
    ; Store the its StackPointer\r
    mov        [rsi + 8], rsp\r
\r
    ; update its switch state to STORED\r
    mov        byte [rsi], CPU_SWITCH_STATE_STORED\r
\r
WaitForOtherStored:\r
    ; wait until the other CPU finish storing its state\r
    cmp        byte [rdi], CPU_SWITCH_STATE_STORED\r
    jz         OtherStored\r
    pause\r
    jmp        WaitForOtherStored\r
\r
OtherStored:\r
    ; Since another CPU already stored its state, load them\r
    ; load GDTR value\r
    lgdt       [rdi + 16]\r
\r
    ; load IDTR value\r
    lidt       [rdi + 26]\r
\r
    ; load its future StackPointer\r
    mov        rsp, [rdi + 8]\r
\r
    ; update the other CPU's switch state to LOADED\r
    mov        byte [rdi], CPU_SWITCH_STATE_LOADED\r
\r
WaitForOtherLoaded:\r
    ; wait until the other CPU finish loading new state,\r
    ; otherwise the data in stack may corrupt\r
    cmp        byte [rsi], CPU_SWITCH_STATE_LOADED\r
    jz         OtherLoaded\r
    pause\r
    jmp        WaitForOtherLoaded\r
\r
OtherLoaded:\r
    ; since the other CPU already get the data it want, leave this procedure\r
    popfq\r
\r
    pop        rax\r
    mov        cr4, rax\r
\r
    pop        rax\r
    mov        cr0, rax\r
\r
    pop        r15\r
    pop        r14\r
    pop        r13\r
    pop        r12\r
    pop        r11\r
    pop        r10\r
    pop        r9\r
    pop        r8\r
    pop        rbp\r
    pop        rdi\r
    pop        rsi\r
    pop        rdx\r
    pop        rcx\r
    pop        rbx\r
    pop        rax\r
\r
    ret\r
Commit	Line	Data
d94e5f67	1	;------------------------------------------------------------------------------ ;\r
3b2928b4	2	; Copyright (c) 2015 - 2017, Intel Corporation. All rights reserved.<BR>\r
d94e5f67 JF	3	; This program and the accompanying materials\r
	4	; are licensed and made available under the terms and conditions of the BSD License\r
	5	; which accompanies this distribution. The full text of the license may be found at\r
	6	; http://opensource.org/licenses/bsd-license.php.\r
	7	;\r
	8	; THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS,\r
	9	; WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER EXPRESS OR IMPLIED.\r
	10	;\r
	11	; Module Name:\r
	12	;\r
	13	; MpFuncs.nasm\r
	14	;\r
	15	; Abstract:\r
	16	;\r
	17	; This is the assembly code for MP support\r
	18	;\r
	19	;-------------------------------------------------------------------------------\r
	20	\r
	21	%include "MpEqu.inc"\r
	22	extern ASM_PFX(InitializeFloatingPointUnits)\r
	23	\r
	24	DEFAULT REL\r
	25	\r
	26	SECTION .text\r
	27	\r
	28	;-------------------------------------------------------------------------------------\r
	29	;RendezvousFunnelProc procedure follows. All APs execute their procedure. This\r
	30	;procedure serializes all the AP processors through an Init sequence. It must be\r
	31	;noted that APs arrive here very raw...ie: real mode, no stack.\r
	32	;ALSO THIS PROCEDURE IS EXECUTED BY APs ONLY ON 16 BIT MODE. HENCE THIS PROC\r
	33	;IS IN MACHINE CODE.\r
	34	;-------------------------------------------------------------------------------------\r
	35	global ASM_PFX(RendezvousFunnelProc)\r
	36	ASM_PFX(RendezvousFunnelProc):\r
	37	RendezvousFunnelProcStart:\r
	38	; At this point CS = 0x(vv00) and ip= 0x0.\r
	39	; Save BIST information to ebp firstly\r
	40	\r
	41	BITS 16\r
	42	mov ebp, eax ; Save BIST information\r
	43	\r
	44	mov ax, cs\r
	45	mov ds, ax\r
	46	mov es, ax\r
	47	mov ss, ax\r
	48	xor ax, ax\r
	49	mov fs, ax\r
	50	mov gs, ax\r
	51	\r
	52	mov si, BufferStartLocation\r
	53	mov ebx, [si]\r
	54	\r
	55	mov di, ModeOffsetLocation\r
	56	mov eax, [di]\r
	57	mov di, CodeSegmentLocation\r
	58	mov edx, [di]\r
	59	mov di, ax\r
8396e2dd	60	sub di, 02h\r
d94e5f67 JF	61	mov [di],dx ; Patch long mode CS\r
	62	sub di, 04h\r
	63	add eax, ebx\r
	64	mov [di],eax ; Patch address\r
	65	\r
	66	mov si, GdtrLocation\r
	67	o32 lgdt [cs:si]\r
	68	\r
	69	mov si, IdtrLocation\r
	70	o32 lidt [cs:si]\r
	71	\r
5c66d125 JF	72	mov si, EnableExecuteDisableLocation\r
	73	cmp byte [si], 0\r
	74	jz SkipEnableExecuteDisableBit\r
	75	\r
	76	;\r
	77	; Enable execute disable bit\r
	78	;\r
	79	mov ecx, 0c0000080h ; EFER MSR number\r
	80	rdmsr ; Read EFER\r
	81	bts eax, 11 ; Enable Execute Disable Bit\r
	82	wrmsr ; Write EFER\r
	83	\r
	84	SkipEnableExecuteDisableBit:\r
d94e5f67 JF	85	\r
	86	mov di, DataSegmentLocation\r
	87	mov edi, [di] ; Save long mode DS in edi\r
	88	\r
	89	mov si, Cr3Location ; Save CR3 in ecx\r
	90	mov ecx, [si]\r
	91	\r
	92	xor ax, ax\r
	93	mov ds, ax ; Clear data segment\r
	94	\r
	95	mov eax, cr0 ; Get control register 0\r
	96	or eax, 000000003h ; Set PE bit (bit #0) & MP\r
	97	mov cr0, eax\r
	98	\r
	99	mov eax, cr4\r
	100	bts eax, 5\r
	101	mov cr4, eax\r
	102	\r
	103	mov cr3, ecx ; Load CR3\r
	104	\r
	105	mov ecx, 0c0000080h ; EFER MSR number\r
	106	rdmsr ; Read EFER\r
	107	bts eax, 8 ; Set LME=1\r
	108	wrmsr ; Write EFER\r
	109	\r
	110	mov eax, cr0 ; Read CR0\r
	111	bts eax, 31 ; Set PG=1\r
	112	mov cr0, eax ; Write CR0\r
	113	\r
	114	jmp 0:strict dword 0 ; far jump to long mode\r
	115	BITS 64\r
	116	LongModeStart:\r
	117	mov eax, edi\r
	118	mov ds, ax\r
	119	mov es, ax\r
	120	mov ss, ax\r
	121	\r
845c5be1 JF	122	mov esi, ebx\r
	123	lea edi, [esi + InitFlagLocation]\r
	124	cmp qword [edi], 1 ; ApInitConfig\r
	125	jnz GetApicId\r
	126	\r
0594ec41 ED	127	; Increment the number of APs executing here as early as possible\r
	128	; This is decremented in C code when AP is finished executing\r
	129	mov edi, esi\r
	130	add edi, NumApsExecutingLocation\r
	131	lock inc dword [edi]\r
	132	\r
845c5be1	133	; AP init\r
d94e5f67 JF	134	mov edi, esi\r
	135	add edi, LockLocation\r
	136	mov rax, NotVacantFlag\r
	137	\r
	138	TestLock:\r
	139	xchg qword [edi], rax\r
	140	cmp rax, NotVacantFlag\r
	141	jz TestLock\r
	142	\r
37676b9f	143	lea ecx, [esi + ApIndexLocation]\r
845c5be1 JF	144	inc dword [ecx]\r
845c5be1 JF	145	mov ebx, [ecx]\r
d94e5f67	146	\r
845c5be1 JF	147	Releaselock:\r
	148	mov rax, VacantFlag\r
	149	xchg qword [edi], rax\r
	150	; program stack\r
d94e5f67 JF	151	mov edi, esi\r
d94e5f67 JF	152	add edi, StackSizeLocation\r
845c5be1 JF	153	mov eax, dword [edi]\r
	154	mov ecx, ebx\r
	155	inc ecx\r
	156	mul ecx ; EAX = StackSize * (CpuNumber + 1)\r
d94e5f67 JF	157	mov edi, esi\r
	158	add edi, StackStartAddressLocation\r
	159	add rax, qword [edi]\r
	160	mov rsp, rax\r
845c5be1 JF	161	jmp CProcedureInvoke\r
	162	\r
	163	GetApicId:\r
	164	mov eax, 0\r
	165	cpuid\r
	166	cmp eax, 0bh\r
1cbd8330 LE	167	jb NoX2Apic ; CPUID level below CPUID_EXTENDED_TOPOLOGY\r
	168	\r
	169	mov eax, 0bh\r
	170	xor ecx, ecx\r
	171	cpuid\r
	172	test ebx, 0ffffh\r
	173	jz NoX2Apic ; CPUID.0BH:EBX[15:0] is zero\r
	174	\r
	175	; Processor is x2APIC capable; 32-bit x2APIC ID is already in EDX\r
	176	jmp GetProcessorNumber\r
	177	\r
	178	NoX2Apic:\r
845c5be1 JF	179	; Processor is not x2APIC capable, so get 8-bit APIC ID\r
	180	mov eax, 1\r
	181	cpuid\r
	182	shr ebx, 24\r
	183	mov edx, ebx\r
845c5be1	184	\r
845c5be1 JF	185	GetProcessorNumber:\r
	186	;\r
	187	; Get processor number for this AP\r
	188	; Note that BSP may become an AP due to SwitchBsp()\r
	189	;\r
	190	xor ebx, ebx\r
	191	lea eax, [esi + CpuInfoLocation]\r
	192	mov edi, [eax]\r
d94e5f67	193	\r
845c5be1 JF	194	GetNextProcNumber:\r
	195	cmp dword [edi], edx ; APIC ID match?\r
	196	jz ProgramStack\r
dd3fa0cd	197	add edi, 20\r
845c5be1 JF	198	inc ebx\r
	199	jmp GetNextProcNumber \r
	200	\r
	201	ProgramStack:\r
dd3fa0cd	202	mov rsp, qword [edi + 12]\r
d94e5f67 JF	203	\r
d94e5f67 JF	204	CProcedureInvoke:\r
8396e2dd JF	205	push rbp ; Push BIST data at top of AP stack\r
8396e2dd JF	206	xor rbp, rbp ; Clear ebp for call stack trace\r
d94e5f67 JF	207	push rbp\r
	208	mov rbp, rsp\r
	209	\r
3b2928b4	210	mov rax, qword [esi + InitializeFloatingPointUnitsAddress]\r
d94e5f67 JF	211	sub rsp, 20h\r
	212	call rax ; Call assembly function to initialize FPU per UEFI spec\r
	213	add rsp, 20h\r
	214	\r
37676b9f	215	mov edx, ebx ; edx is ApIndex\r
d94e5f67 JF	216	mov ecx, esi\r
	217	add ecx, LockLocation ; rcx is address of exchange info data buffer\r
	218	\r
	219	mov edi, esi\r
	220	add edi, ApProcedureLocation\r
	221	mov rax, qword [edi]\r
	222	\r
	223	sub rsp, 20h\r
8396e2dd	224	call rax ; Invoke C function\r
d94e5f67	225	add rsp, 20h\r
8396e2dd	226	jmp $ ; Should never reach here\r
d94e5f67 JF	227	\r
	228	RendezvousFunnelProcEnd:\r
	229	\r
76157021	230	;-------------------------------------------------------------------------------------\r
9f91cb01	231	; AsmRelocateApLoop (MwaitSupport, ApTargetCState, PmCodeSegment, TopOfApStack, CountTofinish);\r
76157021 JF	232	;-------------------------------------------------------------------------------------\r
	233	global ASM_PFX(AsmRelocateApLoop)\r
	234	ASM_PFX(AsmRelocateApLoop):\r
	235	AsmRelocateApLoopStart:\r
9f91cb01 JF	236	mov rax, [rsp + 40] ; CountTofinish\r
9f91cb01 JF	237	lock dec dword [rax] ; (*CountTofinish)--\r
bf2786dc	238	mov rsp, r9\r
76157021 JF	239	push rcx\r
	240	push rdx\r
	241	\r
	242	lea rsi, [PmEntry] ; rsi <- The start address of transition code\r
	243	\r
	244	push r8\r
	245	push rsi\r
	246	DB 0x48\r
	247	retf\r
	248	BITS 32\r
	249	PmEntry:\r
	250	mov eax, cr0\r
	251	btr eax, 31 ; Clear CR0.PG\r
	252	mov cr0, eax ; Disable paging and caches\r
	253	\r
	254	mov ebx, edx ; Save EntryPoint to rbx, for rdmsr will overwrite rdx\r
	255	mov ecx, 0xc0000080\r
	256	rdmsr\r
	257	and ah, ~ 1 ; Clear LME\r
	258	wrmsr\r
	259	mov eax, cr4\r
	260	and al, ~ (1 << 5) ; Clear PAE\r
	261	mov cr4, eax\r
	262	\r
	263	pop edx\r
	264	add esp, 4\r
	265	pop ecx,\r
	266	add esp, 4\r
	267	cmp cl, 1 ; Check mwait-monitor support\r
	268	jnz HltLoop\r
	269	mov ebx, edx ; Save C-State to ebx\r
	270	MwaitLoop:\r
	271	mov eax, esp ; Set Monitor Address\r
	272	xor ecx, ecx ; ecx = 0\r
	273	xor edx, edx ; edx = 0\r
	274	monitor\r
76157021	275	mov eax, ebx ; Mwait Cx, Target C-State per eax[7:4]\r
f56379f3	276	shl eax, 4\r
76157021 JF	277	mwait\r
	278	jmp MwaitLoop\r
	279	HltLoop:\r
	280	cli\r
	281	hlt\r
	282	jmp HltLoop\r
76157021 JF	283	BITS 64\r
	284	AsmRelocateApLoopEnd:\r
	285	\r
d94e5f67 JF	286	;-------------------------------------------------------------------------------------\r
	287	; AsmGetAddressMap (&AddressMap);\r
	288	;-------------------------------------------------------------------------------------\r
	289	global ASM_PFX(AsmGetAddressMap)\r
	290	ASM_PFX(AsmGetAddressMap):\r
3b2928b4	291	lea rax, [ASM_PFX(RendezvousFunnelProc)]\r
d94e5f67 JF	292	mov qword [rcx], rax\r
	293	mov qword [rcx + 8h], LongModeStart - RendezvousFunnelProcStart\r
	294	mov qword [rcx + 10h], RendezvousFunnelProcEnd - RendezvousFunnelProcStart\r
3b2928b4	295	lea rax, [ASM_PFX(AsmRelocateApLoop)]\r
f7f85d83 JF	296	mov qword [rcx + 18h], rax\r
f7f85d83 JF	297	mov qword [rcx + 20h], AsmRelocateApLoopEnd - AsmRelocateApLoopStart\r
d94e5f67 JF	298	ret\r
	299	\r
	300	;-------------------------------------------------------------------------------------\r
	301	;AsmExchangeRole procedure follows. This procedure executed by current BSP, that is\r
8396e2dd	302	;about to become an AP. It switches its stack with the current AP.\r
d94e5f67 JF	303	;AsmExchangeRole (IN CPU_EXCHANGE_INFO MyInfo, IN CPU_EXCHANGE_INFO OthersInfo);\r
	304	;-------------------------------------------------------------------------------------\r
	305	global ASM_PFX(AsmExchangeRole)\r
	306	ASM_PFX(AsmExchangeRole):\r
	307	; DO NOT call other functions in this function, since 2 CPU may use 1 stack\r
	308	; at the same time. If 1 CPU try to call a function, stack will be corrupted.\r
	309	\r
	310	push rax\r
	311	push rbx\r
	312	push rcx\r
	313	push rdx\r
	314	push rsi\r
	315	push rdi\r
	316	push rbp\r
	317	push r8\r
	318	push r9\r
	319	push r10\r
	320	push r11\r
	321	push r12\r
	322	push r13\r
	323	push r14\r
	324	push r15\r
	325	\r
	326	mov rax, cr0\r
	327	push rax\r
	328	\r
	329	mov rax, cr4\r
	330	push rax\r
	331	\r
	332	; rsi contains MyInfo pointer\r
	333	mov rsi, rcx\r
	334	\r
	335	; rdi contains OthersInfo pointer\r
	336	mov rdi, rdx\r
	337	\r
	338	;Store EFLAGS, GDTR and IDTR regiter to stack\r
	339	pushfq\r
	340	sgdt [rsi + 16]\r
	341	sidt [rsi + 26]\r
	342	\r
	343	; Store the its StackPointer\r
	344	mov [rsi + 8], rsp\r
	345	\r
	346	; update its switch state to STORED\r
	347	mov byte [rsi], CPU_SWITCH_STATE_STORED\r
	348	\r
	349	WaitForOtherStored:\r
	350	; wait until the other CPU finish storing its state\r
	351	cmp byte [rdi], CPU_SWITCH_STATE_STORED\r
	352	jz OtherStored\r
	353	pause\r
	354	jmp WaitForOtherStored\r
	355	\r
	356	OtherStored:\r
	357	; Since another CPU already stored its state, load them\r
	358	; load GDTR value\r
	359	lgdt [rdi + 16]\r
	360	\r
	361	; load IDTR value\r
	362	lidt [rdi + 26]\r
	363	\r
	364	; load its future StackPointer\r
	365	mov rsp, [rdi + 8]\r
	366	\r
367	; update the other CPU's switch state to LOADED\r
368	mov byte [rdi], CPU_SWITCH_STATE_LOADED\r
369	\r
370	WaitForOtherLoaded:\r
371	; wait until the other CPU finish loading new state,\r
372	; otherwise the data in stack may corrupt\r
373	cmp byte [rsi], CPU_SWITCH_STATE_LOADED\r
374	jz OtherLoaded\r
375	pause\r
376	jmp WaitForOtherLoaded\r
377	\r
378	OtherLoaded:\r
379	; since the other CPU already get the data it want, leave this procedure\r
380	popfq\r
381	\r
382	pop rax\r
383	mov cr4, rax\r
384	\r
385	pop rax\r
386	mov cr0, rax\r
387	\r
388	pop r15\r
389	pop r14\r
390	pop r13\r
391	pop r12\r
392	pop r11\r
393	pop r10\r
394	pop r9\r
395	pop r8\r
396	pop rbp\r
397	pop rdi\r
398	pop rsi\r
399	pop rdx\r
400	pop rcx\r
401	pop rbx\r
402	pop rax\r
403	\r
404	ret\r