OvmfPkg/Library/PeilessStartupLib/PeilessStartup.c

   1 /** @file
   2
   3   Copyright (c) 2021, Intel Corporation. All rights reserved.<BR>
   4
   5   SPDX-License-Identifier: BSD-2-Clause-Patent
   6
   7 **/
   8
   9 #include <PiPei.h>
  10 #include <Library/BaseLib.h>
  11 #include <Library/BaseMemoryLib.h>
  12 #include <Library/MemoryAllocationLib.h>
  13 #include <Library/DebugLib.h>
  14 #include <Protocol/DebugSupport.h>
  15 #include <Library/TdxLib.h>
  16 #include <IndustryStandard/Tdx.h>
  17 #include <Library/PrePiLib.h>
  18 #include <Library/PeilessStartupLib.h>
  19 #include <Library/PlatformInitLib.h>
  20 #include <ConfidentialComputingGuestAttr.h>
  21 #include <Guid/MemoryTypeInformation.h>
  22 #include <OvmfPlatforms.h>
  23 #include "PeilessStartupInternal.h"
  24
  25 #define GET_GPAW_INIT_STATE(INFO)  ((UINT8) ((INFO) & 0x3f))
  26
  27 EFI_MEMORY_TYPE_INFORMATION  mDefaultMemoryTypeInformation[] = {
  28   { EfiACPIMemoryNVS,       0x004 },
  29   { EfiACPIReclaimMemory,   0x008 },
  30   { EfiReservedMemoryType,  0x004 },
  31   { EfiRuntimeServicesData, 0x024 },
  32   { EfiRuntimeServicesCode, 0x030 },
  33   { EfiBootServicesCode,    0x180 },
  34   { EfiBootServicesData,    0xF00 },
  35   { EfiMaxMemoryType,       0x000 }
  36 };
  37
  38 EFI_STATUS
  39 EFIAPI
  40 InitializePlatform (
  41   EFI_HOB_PLATFORM_INFO  *PlatformInfoHob
  42   )
  43 {
  44   VOID  *VariableStore;
  45
  46   DEBUG ((DEBUG_INFO, "InitializePlatform in Pei-less boot\n"));
  47   PlatformDebugDumpCmos ();
  48
  49   PlatformInfoHob->DefaultMaxCpuNumber = 64;
  50   PlatformInfoHob->PcdPciMmio64Size    = 0x800000000;
  51
  52   PlatformInfoHob->HostBridgeDevId = PciRead16 (OVMF_HOSTBRIDGE_DID);
  53   DEBUG ((DEBUG_INFO, "HostBridgeDeviceId = 0x%x\n", PlatformInfoHob->HostBridgeDevId));
  54
  55   PlatformAddressWidthInitialization (PlatformInfoHob);
  56   DEBUG ((
  57     DEBUG_INFO,
  58     "PhysMemAddressWidth=0x%x, Pci64Base=0x%llx, Pci64Size=0x%llx\n",
  59     PlatformInfoHob->PhysMemAddressWidth,
  60     PlatformInfoHob->PcdPciMmio64Base,
  61     PlatformInfoHob->PcdPciMmio64Size
  62     ));
  63
  64   PlatformMaxCpuCountInitialization (PlatformInfoHob);
  65   DEBUG ((
  66     DEBUG_INFO,
  67     "MaxCpuCount=%d, BootCpuCount=%d\n",
  68     PlatformInfoHob->PcdCpuMaxLogicalProcessorNumber,
  69     PlatformInfoHob->PcdCpuBootLogicalProcessorNumber
  70     ));
  71
  72   PlatformGetSystemMemorySizeBelow4gb (PlatformInfoHob);
  73   PlatformQemuUc32BaseInitialization (PlatformInfoHob);
  74   DEBUG ((
  75     DEBUG_INFO,
  76     "Uc32Base = 0x%x, Uc32Size = 0x%x, LowerMemorySize = 0x%x\n",
  77     PlatformInfoHob->Uc32Base,
  78     PlatformInfoHob->Uc32Size,
  79     PlatformInfoHob->LowMemory
  80     ));
  81
  82   VariableStore                                  = PlatformReserveEmuVariableNvStore ();
  83   PlatformInfoHob->PcdEmuVariableNvStoreReserved = (UINT64)(UINTN)VariableStore;
  84  #ifdef SECURE_BOOT_FEATURE_ENABLED
  85   PlatformInitEmuVariableNvStore (VariableStore);
  86  #endif
  87
  88   if (TdIsEnabled ()) {
  89     PlatformTdxPublishRamRegions ();
  90   } else {
  91     PlatformQemuInitializeRam (PlatformInfoHob);
  92     PlatformQemuInitializeRamForS3 (PlatformInfoHob);
  93   }
  94
  95   //
  96   // Create Memory Type Information HOB
  97   //
  98   BuildGuidDataHob (
  99     &gEfiMemoryTypeInformationGuid,
 100     mDefaultMemoryTypeInformation,
 101     sizeof (mDefaultMemoryTypeInformation)
 102     );
 103
 104   PlatformMemMapInitialization (PlatformInfoHob);
 105
 106   PlatformNoexecDxeInitialization (PlatformInfoHob);
 107
 108   if (TdIsEnabled ()) {
 109     PlatformInfoHob->PcdConfidentialComputingGuestAttr = CCAttrIntelTdx;
 110     PlatformInfoHob->PcdTdxSharedBitMask               = TdSharedPageMask ();
 111     PlatformInfoHob->PcdSetNxForStack                  = TRUE;
 112   }
 113
 114   PlatformMiscInitialization (PlatformInfoHob);
 115
 116   return EFI_SUCCESS;
 117 }
 118
 119 /**
 120  * This function brings up the Tdx guest from SEC phase to DXE phase.
 121  * PEI phase is skipped because most of the components in PEI phase
 122  * is not needed for Tdx guest, for example, MP Services, TPM etc.
 123  * In this way, the attack surfaces are reduced as much as possible.
 124  *
 125  * @param Context   The pointer to the SecCoreData
 126  * @return VOID     This function never returns
 127  */
 128 VOID
 129 EFIAPI
 130 PeilessStartup (
 131   IN VOID  *Context
 132   )
 133 {
 134   EFI_SEC_PEI_HAND_OFF        *SecCoreData;
 135   EFI_FIRMWARE_VOLUME_HEADER  *BootFv;
 136   EFI_STATUS                  Status;
 137   EFI_HOB_PLATFORM_INFO       PlatformInfoHob;
 138   UINT32                      DxeCodeBase;
 139   UINT32                      DxeCodeSize;
 140   TD_RETURN_DATA              TdReturnData;
 141   VOID                        *VmmHobList;
 142   UINT8                       *CfvBase;
 143
 144   Status      = EFI_SUCCESS;
 145   BootFv      = NULL;
 146   VmmHobList  = NULL;
 147   SecCoreData = (EFI_SEC_PEI_HAND_OFF *)Context;
 148   CfvBase     = (UINT8 *)(UINTN)FixedPcdGet32 (PcdCfvBase);
 149
 150   ZeroMem (&PlatformInfoHob, sizeof (PlatformInfoHob));
 151
 152   if (TdIsEnabled ()) {
 153     VmmHobList = (VOID *)(UINTN)FixedPcdGet32 (PcdOvmfSecGhcbBase);
 154     Status     = TdCall (TDCALL_TDINFO, 0, 0, 0, &TdReturnData);
 155     ASSERT (Status == EFI_SUCCESS);
 156
 157     DEBUG ((
 158       DEBUG_INFO,
 159       "Tdx started with(Hob: 0x%x, Gpaw: 0x%x, Cpus: %d)\n",
 160       (UINT32)(UINTN)VmmHobList,
 161       GET_GPAW_INIT_STATE (TdReturnData.TdInfo.Gpaw),
 162       TdReturnData.TdInfo.NumVcpus
 163       ));
 164
 165     Status = ConstructFwHobList (VmmHobList);
 166   } else {
 167     DEBUG ((DEBUG_INFO, "Ovmf started\n"));
 168     Status = ConstructSecHobList ();
 169   }
 170
 171   if (EFI_ERROR (Status)) {
 172     ASSERT (FALSE);
 173     CpuDeadLoop ();
 174   }
 175
 176   DEBUG ((DEBUG_INFO, "HobList: %p\n", GetHobList ()));
 177
 178   if (TdIsEnabled ()) {
 179     //
 180     // Measure HobList
 181     //
 182     Status = MeasureHobList (VmmHobList);
 183     if (EFI_ERROR (Status)) {
 184       ASSERT (FALSE);
 185       CpuDeadLoop ();
 186     }
 187
 188     //
 189     // Measure Tdx CFV
 190     //
 191     Status = MeasureFvImage ((EFI_PHYSICAL_ADDRESS)(UINTN)CfvBase, FixedPcdGet32 (PcdCfvRawDataSize), 1);
 192     if (EFI_ERROR (Status)) {
 193       ASSERT (FALSE);
 194       CpuDeadLoop ();
 195     }
 196   }
 197
 198   //
 199   // Initialize the Platform
 200   //
 201   Status = InitializePlatform (&PlatformInfoHob);
 202   if (EFI_ERROR (Status)) {
 203     ASSERT (FALSE);
 204     CpuDeadLoop ();
 205   }
 206
 207   BuildGuidDataHob (&gUefiOvmfPkgPlatformInfoGuid, &PlatformInfoHob, sizeof (EFI_HOB_PLATFORM_INFO));
 208
 209   //
 210   // SecFV
 211   //
 212   BootFv = (EFI_FIRMWARE_VOLUME_HEADER *)SecCoreData->BootFirmwareVolumeBase;
 213   BuildFvHob ((UINTN)BootFv, BootFv->FvLength);
 214
 215   //
 216   // DxeFV
 217   //
 218   DxeCodeBase = PcdGet32 (PcdBfvBase);
 219   DxeCodeSize = PcdGet32 (PcdBfvRawDataSize) - (UINT32)BootFv->FvLength;
 220   BuildFvHob (DxeCodeBase, DxeCodeSize);
 221
 222   DEBUG ((DEBUG_INFO, "SecFv : %p, 0x%x\n", BootFv, BootFv->FvLength));
 223   DEBUG ((DEBUG_INFO, "DxeFv : %x, 0x%x\n", DxeCodeBase, DxeCodeSize));
 224
 225   BuildStackHob ((UINTN)SecCoreData->StackBase, SecCoreData->StackSize <<= 1);
 226
 227   BuildResourceDescriptorHob (
 228     EFI_RESOURCE_SYSTEM_MEMORY,
 229     EFI_RESOURCE_ATTRIBUTE_PRESENT |
 230     EFI_RESOURCE_ATTRIBUTE_INITIALIZED |
 231     EFI_RESOURCE_ATTRIBUTE_UNCACHEABLE |
 232     EFI_RESOURCE_ATTRIBUTE_WRITE_COMBINEABLE |
 233     EFI_RESOURCE_ATTRIBUTE_WRITE_THROUGH_CACHEABLE |
 234     EFI_RESOURCE_ATTRIBUTE_WRITE_BACK_CACHEABLE |
 235     EFI_RESOURCE_ATTRIBUTE_TESTED,
 236     (UINT64)SecCoreData->TemporaryRamBase,
 237     (UINT64)SecCoreData->TemporaryRamSize
 238     );
 239
 240   //
 241   // Load the DXE Core and transfer control to it.
 242   // Only DxeFV is in the compressed section.
 243   //
 244   Status = DxeLoadCore (1);
 245
 246   //
 247   // Never arrive here.
 248   //
 249   ASSERT (FALSE);
 250   CpuDeadLoop ();
 251 }