]> git.proxmox.com Git - mirror_edk2.git/blob - OvmfPkg/Library/PeilessStartupLib/PeilessStartup.c
projects / mirror_edk2.git / blob
? search:
summary | shortlog | log | commit | commitdiff | tree
blame | history | raw | HEAD
OvmfPkg: Refactor MeasureHobList
[mirror_edk2.git] / OvmfPkg / Library / PeilessStartupLib / PeilessStartup.c
1 /** @file
2
3 Copyright (c) 2021, Intel Corporation. All rights reserved.<BR>
4
5 SPDX-License-Identifier: BSD-2-Clause-Patent
6
7 **/
8
9 #include <PiPei.h>
10 #include <Library/BaseLib.h>
11 #include <Library/BaseMemoryLib.h>
12 #include <Library/MemoryAllocationLib.h>
13 #include <Library/DebugLib.h>
14 #include <Protocol/DebugSupport.h>
15 #include <Library/TdxLib.h>
16 #include <IndustryStandard/Tdx.h>
17 #include <Library/PrePiLib.h>
18 #include <Library/PeilessStartupLib.h>
19 #include <Library/PlatformInitLib.h>
20 #include <Library/TdxHelperLib.h>
21 #include <ConfidentialComputingGuestAttr.h>
22 #include <Guid/MemoryTypeInformation.h>
23 #include <OvmfPlatforms.h>
24 #include "PeilessStartupInternal.h"
25
26 #define GET_GPAW_INIT_STATE(INFO) ((UINT8) ((INFO) & 0x3f))
27
28 EFI_MEMORY_TYPE_INFORMATION mDefaultMemoryTypeInformation[] = {
29 { EfiACPIMemoryNVS, 0x004 },
30 { EfiACPIReclaimMemory, 0x008 },
31 { EfiReservedMemoryType, 0x004 },
32 { EfiRuntimeServicesData, 0x024 },
33 { EfiRuntimeServicesCode, 0x030 },
34 { EfiBootServicesCode, 0x180 },
35 { EfiBootServicesData, 0xF00 },
36 { EfiMaxMemoryType, 0x000 }
37 };
38
39 EFI_STATUS
40 EFIAPI
41 InitializePlatform (
42 EFI_HOB_PLATFORM_INFO *PlatformInfoHob
43 )
44 {
45 VOID *VariableStore;
46
47 DEBUG ((DEBUG_INFO, "InitializePlatform in Pei-less boot\n"));
48 PlatformDebugDumpCmos ();
49
50 PlatformInfoHob->DefaultMaxCpuNumber = 64;
51 PlatformInfoHob->PcdPciMmio64Size = 0x800000000;
52
53 PlatformInfoHob->HostBridgeDevId = PciRead16 (OVMF_HOSTBRIDGE_DID);
54 DEBUG ((DEBUG_INFO, "HostBridgeDeviceId = 0x%x\n", PlatformInfoHob->HostBridgeDevId));
55
56 PlatformAddressWidthInitialization (PlatformInfoHob);
57 DEBUG ((
58 DEBUG_INFO,
59 "PhysMemAddressWidth=0x%x, Pci64Base=0x%llx, Pci64Size=0x%llx\n",
60 PlatformInfoHob->PhysMemAddressWidth,
61 PlatformInfoHob->PcdPciMmio64Base,
62 PlatformInfoHob->PcdPciMmio64Size
63 ));
64
65 PlatformMaxCpuCountInitialization (PlatformInfoHob);
66 DEBUG ((
67 DEBUG_INFO,
68 "MaxCpuCount=%d, BootCpuCount=%d\n",
69 PlatformInfoHob->PcdCpuMaxLogicalProcessorNumber,
70 PlatformInfoHob->PcdCpuBootLogicalProcessorNumber
71 ));
72
73 PlatformGetSystemMemorySizeBelow4gb (PlatformInfoHob);
74 PlatformQemuUc32BaseInitialization (PlatformInfoHob);
75 DEBUG ((
76 DEBUG_INFO,
77 "Uc32Base = 0x%x, Uc32Size = 0x%x, LowerMemorySize = 0x%x\n",
78 PlatformInfoHob->Uc32Base,
79 PlatformInfoHob->Uc32Size,
80 PlatformInfoHob->LowMemory
81 ));
82
83 VariableStore = PlatformReserveEmuVariableNvStore ();
84 PlatformInfoHob->PcdEmuVariableNvStoreReserved = (UINT64)(UINTN)VariableStore;
85 #ifdef SECURE_BOOT_FEATURE_ENABLED
86 PlatformInitEmuVariableNvStore (VariableStore);
87 #endif
88
89 if (TdIsEnabled ()) {
90 PlatformTdxPublishRamRegions ();
91 } else {
92 PlatformQemuInitializeRam (PlatformInfoHob);
93 PlatformQemuInitializeRamForS3 (PlatformInfoHob);
94 }
95
96 //
97 // Create Memory Type Information HOB
98 //
99 BuildGuidDataHob (
100 &gEfiMemoryTypeInformationGuid,
101 mDefaultMemoryTypeInformation,
102 sizeof (mDefaultMemoryTypeInformation)
103 );
104
105 PlatformMemMapInitialization (PlatformInfoHob);
106
107 PlatformNoexecDxeInitialization (PlatformInfoHob);
108
109 if (TdIsEnabled ()) {
110 PlatformInfoHob->PcdConfidentialComputingGuestAttr = CCAttrIntelTdx;
111 PlatformInfoHob->PcdTdxSharedBitMask = TdSharedPageMask ();
112 PlatformInfoHob->PcdSetNxForStack = TRUE;
113 }
114
115 PlatformMiscInitialization (PlatformInfoHob);
116
117 return EFI_SUCCESS;
118 }
119
120 /**
121 * This function brings up the Tdx guest from SEC phase to DXE phase.
122 * PEI phase is skipped because most of the components in PEI phase
123 * is not needed for Tdx guest, for example, MP Services, TPM etc.
124 * In this way, the attack surfaces are reduced as much as possible.
125 *
126 * @param Context The pointer to the SecCoreData
127 * @return VOID This function never returns
128 */
129 VOID
130 EFIAPI
131 PeilessStartup (
132 IN VOID *Context
133 )
134 {
135 EFI_SEC_PEI_HAND_OFF *SecCoreData;
136 EFI_FIRMWARE_VOLUME_HEADER *BootFv;
137 EFI_STATUS Status;
138 EFI_HOB_PLATFORM_INFO PlatformInfoHob;
139 UINT32 DxeCodeBase;
140 UINT32 DxeCodeSize;
141 TD_RETURN_DATA TdReturnData;
142 VOID *VmmHobList;
143 UINT8 *CfvBase;
144
145 Status = EFI_SUCCESS;
146 BootFv = NULL;
147 VmmHobList = NULL;
148 SecCoreData = (EFI_SEC_PEI_HAND_OFF *)Context;
149 CfvBase = (UINT8 *)(UINTN)FixedPcdGet32 (PcdCfvBase);
150
151 ZeroMem (&PlatformInfoHob, sizeof (PlatformInfoHob));
152
153 if (TdIsEnabled ()) {
154 VmmHobList = (VOID *)(UINTN)FixedPcdGet32 (PcdOvmfSecGhcbBase);
155 Status = TdCall (TDCALL_TDINFO, 0, 0, 0, &TdReturnData);
156 ASSERT (Status == EFI_SUCCESS);
157
158 DEBUG ((
159 DEBUG_INFO,
160 "Tdx started with(Hob: 0x%x, Gpaw: 0x%x, Cpus: %d)\n",
161 (UINT32)(UINTN)VmmHobList,
162 GET_GPAW_INIT_STATE (TdReturnData.TdInfo.Gpaw),
163 TdReturnData.TdInfo.NumVcpus
164 ));
165
166 Status = ConstructFwHobList (VmmHobList);
167 } else {
168 DEBUG ((DEBUG_INFO, "Ovmf started\n"));
169 Status = ConstructSecHobList ();
170 }
171
172 if (EFI_ERROR (Status)) {
173 ASSERT (FALSE);
174 CpuDeadLoop ();
175 }
176
177 DEBUG ((DEBUG_INFO, "HobList: %p\n", GetHobList ()));
178
179 if (TdIsEnabled ()) {
180 //
181 // Measure HobList
182 //
183 Status = TdxHelperMeasureTdHob ();
184 if (EFI_ERROR (Status)) {
185 ASSERT (FALSE);
186 CpuDeadLoop ();
187 }
188
189 //
190 // Build GuidHob for tdx measurement
191 //
192 Status = TdxHelperBuildGuidHobForTdxMeasurement ();
193 if (EFI_ERROR (Status)) {
194 ASSERT (FALSE);
195 CpuDeadLoop ();
196 }
197
198 //
199 // Measure Tdx CFV
200 //
201 Status = MeasureFvImage ((EFI_PHYSICAL_ADDRESS)(UINTN)CfvBase, FixedPcdGet32 (PcdCfvRawDataSize), 1);
202 if (EFI_ERROR (Status)) {
203 ASSERT (FALSE);
204 CpuDeadLoop ();
205 }
206 }
207
208 //
209 // Initialize the Platform
210 //
211 Status = InitializePlatform (&PlatformInfoHob);
212 if (EFI_ERROR (Status)) {
213 ASSERT (FALSE);
214 CpuDeadLoop ();
215 }
216
217 BuildGuidDataHob (&gUefiOvmfPkgPlatformInfoGuid, &PlatformInfoHob, sizeof (EFI_HOB_PLATFORM_INFO));
218
219 //
220 // SecFV
221 //
222 BootFv = (EFI_FIRMWARE_VOLUME_HEADER *)SecCoreData->BootFirmwareVolumeBase;
223 BuildFvHob ((UINTN)BootFv, BootFv->FvLength);
224
225 //
226 // DxeFV
227 //
228 DxeCodeBase = PcdGet32 (PcdBfvBase);
229 DxeCodeSize = PcdGet32 (PcdBfvRawDataSize) - (UINT32)BootFv->FvLength;
230 BuildFvHob (DxeCodeBase, DxeCodeSize);
231
232 DEBUG ((DEBUG_INFO, "SecFv : %p, 0x%x\n", BootFv, BootFv->FvLength));
233 DEBUG ((DEBUG_INFO, "DxeFv : %x, 0x%x\n", DxeCodeBase, DxeCodeSize));
234
235 BuildStackHob ((UINTN)SecCoreData->StackBase, SecCoreData->StackSize <<= 1);
236
237 BuildResourceDescriptorHob (
238 EFI_RESOURCE_SYSTEM_MEMORY,
239 EFI_RESOURCE_ATTRIBUTE_PRESENT |
240 EFI_RESOURCE_ATTRIBUTE_INITIALIZED |
241 EFI_RESOURCE_ATTRIBUTE_UNCACHEABLE |
242 EFI_RESOURCE_ATTRIBUTE_WRITE_COMBINEABLE |
243 EFI_RESOURCE_ATTRIBUTE_WRITE_THROUGH_CACHEABLE |
244 EFI_RESOURCE_ATTRIBUTE_WRITE_BACK_CACHEABLE |
245 EFI_RESOURCE_ATTRIBUTE_TESTED,
246 (UINT64)SecCoreData->TemporaryRamBase,
247 (UINT64)SecCoreData->TemporaryRamSize
248 );
249
250 //
251 // Load the DXE Core and transfer control to it.
252 // Only DxeFV is in the compressed section.
253 //
254 Status = DxeLoadCore (1);
255
256 //
257 // Never arrive here.
258 //
259 ASSERT (FALSE);
260 CpuDeadLoop ();
261 }
EFI Development Kit II mirror for PVE