From mboxrd@z Thu Jan 1 00:00:00 1970 Received: from mail-pj1-f47.google.com (mail-pj1-f47.google.com [209.85.216.47]) by mx.groups.io with SMTP id smtpd.web12.18902.1665571536100221474 for ; Wed, 12 Oct 2022 03:45:36 -0700 Authentication-Results: mx.groups.io; dkim=pass header.i=@ventanamicro.com header.s=google header.b=BUWn1qAm; spf=pass (domain: ventanamicro.com, ip: 209.85.216.47, mailfrom: sunilvl@ventanamicro.com) Received: by mail-pj1-f47.google.com with SMTP id x31-20020a17090a38a200b0020d2afec803so1653923pjb.2 for ; Wed, 12 Oct 2022 03:45:36 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=ventanamicro.com; s=google; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:from:to:cc:subject:date :message-id:reply-to; bh=qFX0sg0/3N0nkSQ7+aSMICdJlIyFyH/RSslLhg1yKog=; b=BUWn1qAmxWjj6aJWziLZMtJNo86fzMNOL3vjIZ5d0+CGH2u8VHKeeMIH9KDXbEM8oB XpBJezagxHYppqnXMl4yMRU89dxCfu++KZF9Vrhc+rUU+9aT/86X3M9ivXtuhLopGQaj zEDCl5RTduOYWgp61Lr4R0rSKDAXGIqS7a2qmgiMF4Q+P8ShZH4YwffuBtuLwZ9G+wxy VkRcZg4qM4BI0D4Oewy/FGvZ/IgIAzYvEL+uvEilV78MAQQDRZVQDhhF8jSkH4Ip7H8M KLvkce2v0tlFwMeOAo+JHioj3HckF7TH0C86SL0VhQElqpXj/TFX14+X9D+WLC6OgXgm fIfA== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20210112; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:x-gm-message-state:from:to:cc :subject:date:message-id:reply-to; bh=qFX0sg0/3N0nkSQ7+aSMICdJlIyFyH/RSslLhg1yKog=; b=Wvyhac1ncBESf2q1ENpciweQN+kCvX7wQobg1uCZ+x8ZjTU36hkMXoXfAup3dsByhW 7kwl9K0TTt4qJCIpMZsYrWUQx2UYt4NeTfF1WGoMdGOCanWAdZSN8G8D45P/N4kDzGHy nw5QMcuvrRMyTNSqpQNJuqPVOiufYyGTE+Q9tG4sNrKhKuGAKc10xiP0vHi/n0ddPz7u 0hSG6Y9vDOnBzbJJq2kRj0h2GzOfEtGAIieQiGGc2Rv2OUGJMRzSY6f0HQtEXiW0C9VJ rOTBJuAqVNx7octjpv/WPOHkpoQZPaeHF0bgMOHU/48IlmdCYXf0sL3ru8Pz0rxmOMAX 7tBQ== X-Gm-Message-State: ACrzQf3ZkucuHl3N7W9DMAAYZlXYX0QZEptPH9d9Oj4ey1qDrUGoWDJc rnq6PqZvYvG5oJ6SUrBaUTwupuiM8cgkiA== X-Google-Smtp-Source: AMsMyM61KHcLayR3/lvwDS3dDkBu+j7U72z0N5Lwel2YpTMn4pQ1NyAQaqoZySU9LaMqJe70feQ+8A== X-Received: by 2002:a17:90a:66c9:b0:20a:f78a:77e4 with SMTP id z9-20020a17090a66c900b0020af78a77e4mr4339259pjl.214.1665571535217; Wed, 12 Oct 2022 03:45:35 -0700 (PDT) Return-Path: Received: from localhost.localdomain ([49.206.13.138]) by smtp.gmail.com with ESMTPSA id z4-20020aa79e44000000b0054223a0185asm10812221pfq.161.2022.10.12.03.45.31 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Wed, 12 Oct 2022 03:45:34 -0700 (PDT) From: "Sunil V L" To: devel@edk2.groups.io Cc: Ard Biesheuvel , Jiewen Yao , Jordan Justen , Gerd Hoffmann , Brijesh Singh , Erdem Aktas , James Bottomley , Min Xu , Tom Lendacky , Daniel Schaefer Subject: [edk2-staging/RiscV64QemuVirt PATCH V2 10/33] OvmfPkg/Sec: Add RISC-V support Date: Wed, 12 Oct 2022 16:14:33 +0530 Message-Id: <20221012104456.1393376-11-sunilvl@ventanamicro.com> X-Mailer: git-send-email 2.25.1 In-Reply-To: <20221012104456.1393376-1-sunilvl@ventanamicro.com> References: <20221012104456.1393376-1-sunilvl@ventanamicro.com> MIME-Version: 1.0 Content-Transfer-Encoding: 8bit REF: https://bugzilla.tianocore.org/show_bug.cgi?id=4076 Add the SEC module for RISC-V. EDK2 is launched as the payload for machine mode firmware in RISC-V. Cc: Ard Biesheuvel Cc: Jiewen Yao Cc: Jordan Justen Cc: Gerd Hoffmann Cc: Brijesh Singh Cc: Erdem Aktas Cc: James Bottomley Cc: Min Xu Cc: Tom Lendacky Cc: Daniel Schaefer Signed-off-by: Sunil V L --- OvmfPkg/Sec/SecMain.inf | 16 +- OvmfPkg/Sec/RiscV64/SecMain.h | 65 ++++ OvmfPkg/Sec/RiscV64/SecMain.c | 573 +++++++++++++++++++++++++++++++++ OvmfPkg/Sec/RiscV64/SecEntry.S | 23 ++ 4 files changed, 676 insertions(+), 1 deletion(-) create mode 100644 OvmfPkg/Sec/RiscV64/SecMain.h create mode 100644 OvmfPkg/Sec/RiscV64/SecMain.c create mode 100644 OvmfPkg/Sec/RiscV64/SecEntry.S diff --git a/OvmfPkg/Sec/SecMain.inf b/OvmfPkg/Sec/SecMain.inf index 7c80ecaaf49b..76c47778ce8c 100644 --- a/OvmfPkg/Sec/SecMain.inf +++ b/OvmfPkg/Sec/SecMain.inf @@ -18,7 +18,7 @@ [Defines] # # The following information is for reference only and not required by the build tools. # -# VALID_ARCHITECTURES = IA32 X64 EBC +# VALID_ARCHITECTURES = IA32 X64 EBC RISCV64 # [Sources.IA32, Sources.X64] @@ -34,6 +34,13 @@ [Sources.IA32] [Sources.X64] X64/SecEntry.nasm +[Sources.RISCV64] + SecMainCommon.c + SecMainCommon.h + RiscV64/SecEntry.S + RiscV64/SecMain.c + RiscV64/SecMain.h + [Packages] MdePkg/MdePkg.dec MdeModulePkg/MdeModulePkg.dec @@ -61,11 +68,17 @@ [LibraryClasses.IA32, LibraryClasses.X64] PeiServicesLib CcProbeLib +[LibraryClasses.RISCV64] + RiscVSbiLib + [Ppis] gEfiTemporaryRamSupportPpiGuid # PPI ALWAYS_PRODUCED gEfiPeiMpInitLibMpDepPpiGuid gEfiPeiMpInitLibUpDepPpiGuid +[Ppis.RISCV64] + gEfiTemporaryRamDonePpiGuid ## PRODUCES + [Pcd] gUefiCpuPkgTokenSpaceGuid.PcdSevEsWorkAreaBase gUefiOvmfPkgTokenSpaceGuid.PcdOvmfPeiMemFvBase @@ -88,6 +101,7 @@ [Pcd] gUefiOvmfPkgTokenSpaceGuid.PcdOvmfSecGhcbBackupBase gUefiOvmfPkgTokenSpaceGuid.PcdTdxAcceptPageSize gUefiOvmfPkgTokenSpaceGuid.PcdOvmfWorkAreaBase + gUefiOvmfPkgTokenSpaceGuid.PcdOvmfFdBaseAddress [FeaturePcd] gUefiOvmfPkgTokenSpaceGuid.PcdSmmSmramRequire diff --git a/OvmfPkg/Sec/RiscV64/SecMain.h b/OvmfPkg/Sec/RiscV64/SecMain.h new file mode 100644 index 000000000000..11e3daa090b5 --- /dev/null +++ b/OvmfPkg/Sec/RiscV64/SecMain.h @@ -0,0 +1,65 @@ +/** @file + Master header file for SecCore. + + Copyright (c) 2019-2022, Hewlett Packard Enterprise Development LP. All rights reserved.
+ Copyright (c) 2022, Ventana Micro Systems Inc. All rights reserved.
+ SPDX-License-Identifier: BSD-2-Clause-Patent + +**/ + +#ifndef _SEC_MAIN_H_ +#define _SEC_MAIN_H_ + +#include +#include +#include +#include +#include +#include +#include +#include +#include +#include +#include +#include +#include +#include +#include +#include +#include +#include +#include +#include + +#include "SecMainCommon.h" + +/** + Entry point to the C language phase of SEC. After the SEC assembly + code has initialized some temporary memory and set up the stack, + the control is transferred to this function. + + @param SizeOfRam Size of the temporary memory available for use. + @param TempRamBase Base address of temporary ram + @param BootFirmwareVolume Base address of the Boot Firmware Volume. +**/ +VOID +NORETURN +EFIAPI +SecStartup ( + IN UINTN BootHartId, + IN VOID *DeviceTreeAddress + ); + +/** + Auto-generated function that calls the library constructors for all of the module's + dependent libraries. This function must be called by the SEC Core once a stack has + been established. + +**/ +VOID +EFIAPI +ProcessLibraryConstructorList ( + VOID + ); + +#endif diff --git a/OvmfPkg/Sec/RiscV64/SecMain.c b/OvmfPkg/Sec/RiscV64/SecMain.c new file mode 100644 index 000000000000..c8c852714a32 --- /dev/null +++ b/OvmfPkg/Sec/RiscV64/SecMain.c @@ -0,0 +1,573 @@ +/** @file + RISC-V SEC phase module. + + Copyright (c) 2008 - 2015, Intel Corporation. All rights reserved.
+ Copyright (c) 2022, Ventana Micro Systems Inc. All rights reserved.
+ + SPDX-License-Identifier: BSD-2-Clause-Patent + +**/ + +#include "SecMain.h" + +EFI_STATUS +EFIAPI +TemporaryRamMigration ( + IN CONST EFI_PEI_SERVICES **PeiServices, + IN EFI_PHYSICAL_ADDRESS TemporaryMemoryBase, + IN EFI_PHYSICAL_ADDRESS PermanentMemoryBase, + IN UINTN CopySize + ); + +EFI_STATUS +EFIAPI +TemporaryRamDone ( + VOID + ); + +STATIC EFI_PEI_TEMPORARY_RAM_SUPPORT_PPI mTemporaryRamSupportPpi = { + TemporaryRamMigration +}; + +STATIC EFI_PEI_TEMPORARY_RAM_DONE_PPI mTemporaryRamDonePpi = { + TemporaryRamDone +}; + +STATIC EFI_PEI_PPI_DESCRIPTOR mPrivateDispatchTable[] = { + { + EFI_PEI_PPI_DESCRIPTOR_PPI, + &gEfiTemporaryRamSupportPpiGuid, + &mTemporaryRamSupportPpi + }, + { + (EFI_PEI_PPI_DESCRIPTOR_PPI | EFI_PEI_PPI_DESCRIPTOR_TERMINATE_LIST), + &gEfiTemporaryRamDonePpiGuid, + &mTemporaryRamDonePpi + }, +}; + +/** Temporary RAM migration function. + + This function migrates the data from temporary RAM to permanent + memory. + + @param[in] PeiServices PEI service + @param[in] TemporaryMemoryBase Temporary memory base address + @param[in] PermanentMemoryBase Permanent memory base address + @param[in] CopySize Size to copy + +**/ +EFI_STATUS +EFIAPI +TemporaryRamMigration ( + IN CONST EFI_PEI_SERVICES **PeiServices, + IN EFI_PHYSICAL_ADDRESS TemporaryMemoryBase, + IN EFI_PHYSICAL_ADDRESS PermanentMemoryBase, + IN UINTN CopySize + ) +{ + VOID *OldHeap; + VOID *NewHeap; + VOID *OldStack; + VOID *NewStack; + EFI_RISCV_FIRMWARE_CONTEXT *FirmwareContext; + + DEBUG (( + DEBUG_INFO, + "%a: Temp Mem Base:0x%Lx, Permanent Mem Base:0x%Lx, CopySize:0x%Lx\n", + __FUNCTION__, + TemporaryMemoryBase, + PermanentMemoryBase, + (UINT64)CopySize + )); + + OldHeap = (VOID *)(UINTN)TemporaryMemoryBase; + NewHeap = (VOID *)((UINTN)PermanentMemoryBase + (CopySize >> 1)); + + OldStack = (VOID *)((UINTN)TemporaryMemoryBase + (CopySize >> 1)); + NewStack = (VOID *)(UINTN)PermanentMemoryBase; + + CopyMem (NewHeap, OldHeap, CopySize >> 1); // Migrate Heap + CopyMem (NewStack, OldStack, CopySize >> 1); // Migrate Stack + + // + // Reset firmware context pointer + // + GetFirmwareContextPointer (&FirmwareContext); + FirmwareContext = (VOID *)FirmwareContext + (unsigned long)((UINTN)NewStack - (UINTN)OldStack); + SetFirmwareContextPointer (FirmwareContext); + + DEBUG ((DEBUG_INFO, "%a: Firmware Context is relocated to 0x%x\n", __FUNCTION__, FirmwareContext)); + + register UINTN a0 asm ("a0") = (UINTN)((UINTN)NewStack - (UINTN)OldStack); + + asm volatile ("add sp, sp, a0"::"r"(a0):); + return EFI_SUCCESS; +} + +/** Temprary RAM done function. + +**/ +EFI_STATUS EFIAPI +TemporaryRamDone ( + VOID + ) +{ + DEBUG ((DEBUG_INFO, "%a: 2nd time PEI core, temporary ram done.\n", __FUNCTION__)); + return EFI_SUCCESS; +} + +/** Return platform SEC PPI before PEI Core + + @param[in,out] ThisPpiList Pointer to retrieve EFI_PEI_PPI_DESCRIPTOR. + +**/ +STATIC EFI_STATUS +GetPlatformPrePeiCorePpiDescriptor ( + IN OUT EFI_PEI_PPI_DESCRIPTOR **ThisPpiList + ) +{ + *ThisPpiList = mPrivateDispatchTable; + return EFI_SUCCESS; +} + +/** + Locates the main boot firmware volume. + + @param[in,out] BootFv On input, the base of the BootFv + On output, the decompressed main firmware volume + + @retval EFI_SUCCESS The main firmware volume was located and decompressed + @retval EFI_NOT_FOUND The main firmware volume was not found + +**/ +EFI_STATUS +FindMainFv ( + IN OUT EFI_FIRMWARE_VOLUME_HEADER **BootFv + ) +{ + EFI_FIRMWARE_VOLUME_HEADER *Fv; + UINTN Distance; + + ASSERT (((UINTN)*BootFv & EFI_PAGE_MASK) == 0); + + Fv = *BootFv; + Distance = (UINTN)(*BootFv)->FvLength; + do { + Fv = (EFI_FIRMWARE_VOLUME_HEADER *)((UINT8 *)Fv + EFI_PAGE_SIZE); + Distance += EFI_PAGE_SIZE; + if (Distance > SIZE_32MB) { + return EFI_NOT_FOUND; + } + + if (Fv->Signature != EFI_FVH_SIGNATURE) { + continue; + } + + if ((UINTN)Fv->FvLength < Distance) { + continue; + } + + *BootFv = Fv; + return EFI_SUCCESS; + } while (TRUE); +} + +/** + Locates the compressed main firmware volume and decompresses it. + + @param[in,out] Fv On input, the firmware volume to search + On output, the decompressed BOOT/PEI FV + + @retval EFI_SUCCESS The file and section was found + @retval EFI_NOT_FOUND The file and section was not found + @retval EFI_VOLUME_CORRUPTED The firmware volume was corrupted + +**/ +EFI_STATUS +DecompressMemFvs ( + IN OUT EFI_FIRMWARE_VOLUME_HEADER **Fv + ) +{ + EFI_STATUS Status; + EFI_GUID_DEFINED_SECTION *Section; + UINT32 OutputBufferSize; + UINT32 ScratchBufferSize; + UINT16 SectionAttribute; + UINT32 AuthenticationStatus; + VOID *OutputBuffer; + VOID *ScratchBuffer; + EFI_COMMON_SECTION_HEADER *FvSection; + EFI_FIRMWARE_VOLUME_HEADER *PeiMemFv; + EFI_FIRMWARE_VOLUME_HEADER *DxeMemFv; + UINT32 FvHeaderSize; + UINT32 FvSectionSize; + + FvSection = (EFI_COMMON_SECTION_HEADER *)NULL; + + Status = FindFfsFileAndSection ( + *Fv, + EFI_FV_FILETYPE_FIRMWARE_VOLUME_IMAGE, + EFI_SECTION_GUID_DEFINED, + (EFI_COMMON_SECTION_HEADER **)&Section + ); + if (EFI_ERROR (Status)) { + DEBUG ((DEBUG_ERROR, "Unable to find GUID defined section\n")); + return Status; + } + + Status = ExtractGuidedSectionGetInfo ( + Section, + &OutputBufferSize, + &ScratchBufferSize, + &SectionAttribute + ); + if (EFI_ERROR (Status)) { + DEBUG ((DEBUG_ERROR, "Unable to GetInfo for GUIDed section\n")); + return Status; + } + + OutputBuffer = (VOID *)((UINT8 *)(UINTN)PcdGet32 (PcdOvmfDxeMemFvBase) + SIZE_1MB); + ScratchBuffer = ALIGN_POINTER ((UINT8 *)OutputBuffer + OutputBufferSize, SIZE_1MB); + + Status = ExtractGuidedSectionDecode ( + Section, + &OutputBuffer, + ScratchBuffer, + &AuthenticationStatus + ); + if (EFI_ERROR (Status)) { + DEBUG ((DEBUG_ERROR, "Error during GUID section decode\n")); + return Status; + } + + Status = FindFfsSectionInstance ( + OutputBuffer, + OutputBufferSize, + EFI_SECTION_FIRMWARE_VOLUME_IMAGE, + 0, + &FvSection + ); + if (EFI_ERROR (Status)) { + DEBUG ((DEBUG_ERROR, "Unable to find PEI FV section\n")); + return Status; + } + + ASSERT ( + SECTION_SIZE (FvSection) == + (PcdGet32 (PcdOvmfPeiMemFvSize) + sizeof (*FvSection)) + ); + ASSERT (FvSection->Type == EFI_SECTION_FIRMWARE_VOLUME_IMAGE); + + PeiMemFv = (EFI_FIRMWARE_VOLUME_HEADER *)(UINTN)PcdGet32 (PcdOvmfPeiMemFvBase); + CopyMem (PeiMemFv, (VOID *)(FvSection + 1), PcdGet32 (PcdOvmfPeiMemFvSize)); + + if (PeiMemFv->Signature != EFI_FVH_SIGNATURE) { + DEBUG ((DEBUG_ERROR, "Extracted FV at %p does not have FV header signature\n", PeiMemFv)); + CpuDeadLoop (); + return EFI_VOLUME_CORRUPTED; + } + + Status = FindFfsSectionInstance ( + OutputBuffer, + OutputBufferSize, + EFI_SECTION_FIRMWARE_VOLUME_IMAGE, + 1, + &FvSection + ); + if (EFI_ERROR (Status)) { + DEBUG ((DEBUG_ERROR, "Unable to find DXE FV section\n")); + return Status; + } + + ASSERT (FvSection->Type == EFI_SECTION_FIRMWARE_VOLUME_IMAGE); + + if (IS_SECTION2 (FvSection)) { + FvSectionSize = SECTION2_SIZE (FvSection); + FvHeaderSize = sizeof (EFI_COMMON_SECTION_HEADER2); + } else { + FvSectionSize = SECTION_SIZE (FvSection); + FvHeaderSize = sizeof (EFI_COMMON_SECTION_HEADER); + } + + ASSERT (FvSectionSize == (PcdGet32 (PcdOvmfDxeMemFvSize) + FvHeaderSize)); + + DxeMemFv = (EFI_FIRMWARE_VOLUME_HEADER *)(UINTN)PcdGet32 (PcdOvmfDxeMemFvBase); + CopyMem (DxeMemFv, (VOID *)((UINTN)FvSection + FvHeaderSize), PcdGet32 (PcdOvmfDxeMemFvSize)); + + if (DxeMemFv->Signature != EFI_FVH_SIGNATURE) { + DEBUG ((DEBUG_ERROR, "Extracted FV at %p does not have FV header signature\n", DxeMemFv)); + CpuDeadLoop (); + return EFI_VOLUME_CORRUPTED; + } + + *Fv = PeiMemFv; + return EFI_SUCCESS; +} + +/** + Locates the PEI Core entry point address + + @param[in,out] Fv The firmware volume to search + @param[out] PeiCoreEntryPoint The entry point of the PEI Core image + + @retval EFI_SUCCESS The file and section was found + @retval EFI_NOT_FOUND The file and section was not found + @retval EFI_VOLUME_CORRUPTED The firmware volume was corrupted + +**/ +VOID +FindPeiCoreImageBase ( + IN OUT EFI_FIRMWARE_VOLUME_HEADER **BootFv, + OUT EFI_PHYSICAL_ADDRESS *PeiCoreImageBase + ) +{ + *PeiCoreImageBase = 0; + + FindMainFv (BootFv); + + DecompressMemFvs (BootFv); + + FindPeiCoreImageBaseInFv (*BootFv, PeiCoreImageBase); +} + +/** + Find core image base. + +**/ +EFI_STATUS +FindImageBase ( + IN EFI_FIRMWARE_VOLUME_HEADER *BootFirmwareVolumePtr, + OUT EFI_PHYSICAL_ADDRESS *SecCoreImageBase + ) +{ + EFI_PHYSICAL_ADDRESS CurrentAddress; + EFI_PHYSICAL_ADDRESS EndOfFirmwareVolume; + EFI_FFS_FILE_HEADER *File; + UINT32 Size; + EFI_PHYSICAL_ADDRESS EndOfFile; + EFI_COMMON_SECTION_HEADER *Section; + EFI_PHYSICAL_ADDRESS EndOfSection; + + *SecCoreImageBase = 0; + + CurrentAddress = (EFI_PHYSICAL_ADDRESS)(UINTN)BootFirmwareVolumePtr; + EndOfFirmwareVolume = CurrentAddress + BootFirmwareVolumePtr->FvLength; + + // + // Loop through the FFS files in the Boot Firmware Volume + // + for (EndOfFile = CurrentAddress + BootFirmwareVolumePtr->HeaderLength; ; ) { + CurrentAddress = (EndOfFile + 7) & 0xfffffffffffffff8ULL; + if (CurrentAddress > EndOfFirmwareVolume) { + return EFI_NOT_FOUND; + } + + File = (EFI_FFS_FILE_HEADER *)(UINTN)CurrentAddress; + Size = FFS_FILE_SIZE (File); + if (Size < sizeof (*File)) { + return EFI_NOT_FOUND; + } + + EndOfFile = CurrentAddress + Size; + if (EndOfFile > EndOfFirmwareVolume) { + return EFI_NOT_FOUND; + } + + // + // Look for SEC Core + // + if (File->Type != EFI_FV_FILETYPE_SECURITY_CORE) { + continue; + } + + // + // Loop through the FFS file sections within the FFS file + // + EndOfSection = (EFI_PHYSICAL_ADDRESS)(UINTN)(File + 1); + for ( ; ;) { + CurrentAddress = (EndOfSection + 3) & 0xfffffffffffffffcULL; + Section = (EFI_COMMON_SECTION_HEADER *)(UINTN)CurrentAddress; + + Size = SECTION_SIZE (Section); + if (Size < sizeof (*Section)) { + return EFI_NOT_FOUND; + } + + EndOfSection = CurrentAddress + Size; + if (EndOfSection > EndOfFile) { + return EFI_NOT_FOUND; + } + + // + // Look for executable sections + // + if ((Section->Type == EFI_SECTION_PE32) || (Section->Type == EFI_SECTION_TE)) { + if (File->Type == EFI_FV_FILETYPE_SECURITY_CORE) { + *SecCoreImageBase = (PHYSICAL_ADDRESS)(UINTN)(Section + 1); + } + + break; + } + } + + // + // SEC Core image found + // + if (*SecCoreImageBase != 0) { + return EFI_SUCCESS; + } + } +} + +/* + Find and return Pei Core entry point. + + It also find SEC and PEI Core file debug information. It will report them if + remote debug is enabled. + +**/ +VOID +FindAndReportEntryPoints ( + IN EFI_FIRMWARE_VOLUME_HEADER **BootFirmwareVolumePtr, + OUT EFI_PEI_CORE_ENTRY_POINT *PeiCoreEntryPoint + ) +{ + EFI_STATUS Status; + EFI_PHYSICAL_ADDRESS SecCoreImageBase; + EFI_PHYSICAL_ADDRESS PeiCoreImageBase; + PE_COFF_LOADER_IMAGE_CONTEXT ImageContext; + + // + // Find SEC Core and PEI Core image base + // + Status = FindImageBase (*BootFirmwareVolumePtr, &SecCoreImageBase); + ASSERT_EFI_ERROR (Status); + + FindPeiCoreImageBase (BootFirmwareVolumePtr, &PeiCoreImageBase); + + ZeroMem ((VOID *)&ImageContext, sizeof (PE_COFF_LOADER_IMAGE_CONTEXT)); + // + // Report SEC Core debug information when remote debug is enabled + // + ImageContext.ImageAddress = SecCoreImageBase; + ImageContext.PdbPointer = PeCoffLoaderGetPdbPointer ((VOID *)(UINTN)ImageContext.ImageAddress); + PeCoffLoaderRelocateImageExtraAction (&ImageContext); + + // + // Report PEI Core debug information when remote debug is enabled + // + ImageContext.ImageAddress = (EFI_PHYSICAL_ADDRESS)(UINTN)PeiCoreImageBase; + ImageContext.PdbPointer = PeCoffLoaderGetPdbPointer ((VOID *)(UINTN)ImageContext.ImageAddress); + PeCoffLoaderRelocateImageExtraAction (&ImageContext); + + // + // Find PEI Core entry point + // + Status = PeCoffLoaderGetEntryPoint ((VOID *)(UINTN)PeiCoreImageBase, (VOID **)PeiCoreEntryPoint); + if (EFI_ERROR (Status)) { + *PeiCoreEntryPoint = 0; + } + + return; +} + +/** + + Entry point to the C language phase of SEC. After the SEC assembly + code has initialized some temporary memory and set up the stack, + the control is transferred to this function. + + + @param[in] BootHartId Hardware thread ID of boot hart. + @param[in] DeviceTreeAddress Pointer to Device Tree (DTB) +**/ +VOID +NORETURN +EFIAPI +SecStartup ( + IN UINTN BootHartId, + IN VOID *DeviceTreeAddress + ) +{ + EFI_RISCV_FIRMWARE_CONTEXT FirmwareContext; + EFI_FIRMWARE_VOLUME_HEADER *BootFv; + EFI_PEI_CORE_ENTRY_POINT PeiCoreEntryPoint; + EFI_PEI_PPI_DESCRIPTOR *PpiList; + EFI_SEC_PEI_HAND_OFF SecCoreData; + EFI_STATUS Status; + + // + // Report Status Code to indicate entering SEC core + // + DEBUG (( + DEBUG_INFO, + "%a() BootHartId: 0x%x, DeviceTreeAddress=0x%x\n", + __FUNCTION__, + BootHartId, + DeviceTreeAddress + )); + + // + // Process all libraries constructor function linked to SecCore. + // + ProcessLibraryConstructorList (); + + BootFv = (EFI_FIRMWARE_VOLUME_HEADER *)FixedPcdGet32 (PcdOvmfFdBaseAddress); + + ASSERT (BootFv != NULL); + SecCoreData.DataSize = (UINT16)sizeof (EFI_SEC_PEI_HAND_OFF); + SecCoreData.BootFirmwareVolumeBase = BootFv; + SecCoreData.BootFirmwareVolumeSize = (UINTN)BootFv->FvLength; + SecCoreData.TemporaryRamBase = (VOID *)(UINT64)FixedPcdGet32 (PcdOvmfSecPeiTempRamBase); + SecCoreData.TemporaryRamSize = (UINTN)FixedPcdGet32 (PcdOvmfSecPeiTempRamSize); + SecCoreData.PeiTemporaryRamBase = SecCoreData.TemporaryRamBase; + SecCoreData.PeiTemporaryRamSize = SecCoreData.TemporaryRamSize >> 1; + SecCoreData.StackBase = (UINT8 *)SecCoreData.TemporaryRamBase + (SecCoreData.TemporaryRamSize >> 1); + SecCoreData.StackSize = SecCoreData.TemporaryRamSize >> 1; + + DEBUG (( + DEBUG_INFO, + "%a() BFV Base: 0x%x, BFV Size: 0x%x, TempRAM Base: 0x%x, TempRAM Size: 0x%x, PeiTempRamBase: 0x%x, PeiTempRamSize: 0x%x, StackBase: 0x%x, StackSize: 0x%x\n", + __FUNCTION__, + SecCoreData.BootFirmwareVolumeBase, + SecCoreData.BootFirmwareVolumeSize, + SecCoreData.TemporaryRamBase, + SecCoreData.TemporaryRamSize, + SecCoreData.PeiTemporaryRamBase, + SecCoreData.PeiTemporaryRamSize, + SecCoreData.StackBase, + SecCoreData.StackSize + )); + + FindAndReportEntryPoints ( + &BootFv, + &PeiCoreEntryPoint + ); + if (PeiCoreEntryPoint == NULL) { + CpuDeadLoop (); + } + + SecCoreData.BootFirmwareVolumeBase = BootFv; + SecCoreData.BootFirmwareVolumeSize = (UINTN)BootFv->FvLength; + + Status = GetPlatformPrePeiCorePpiDescriptor (&PpiList); + if (EFI_ERROR (Status)) { + PpiList = NULL; + } + + FirmwareContext.BootHartId = BootHartId; + FirmwareContext.FlattenedDeviceTree = (UINT64)DeviceTreeAddress; + SetFirmwareContextPointer (&FirmwareContext); + + // + // Transfer the control to the PEI core + // + ASSERT (PeiCoreEntryPoint != NULL); + (*PeiCoreEntryPoint)(&SecCoreData, PpiList); + + // + // Should not come here. + // + UNREACHABLE (); +} diff --git a/OvmfPkg/Sec/RiscV64/SecEntry.S b/OvmfPkg/Sec/RiscV64/SecEntry.S new file mode 100644 index 000000000000..d201e9f8a608 --- /dev/null +++ b/OvmfPkg/Sec/RiscV64/SecEntry.S @@ -0,0 +1,23 @@ +/* + Copyright (c) 2021-2022 , Hewlett Packard Enterprise Development LP. All rights reserved. + Copyright (c) 2019 Western Digital Corporation or its affiliates. + Copyright (c) 2022 Ventana Micro Systems Inc. + + SPDX-License-Identifier: BSD-2-Clause-Patent + + */ + +#include "SecMain.h" + +.text +.align 3 + +ASM_FUNC (_ModuleEntryPoint) + /* Use Temp memory as the stack for calling to C code */ + li a4, FixedPcdGet32 (PcdOvmfSecPeiTempRamBase) + li a5, FixedPcdGet32 (PcdOvmfSecPeiTempRamSize) + + /* Use Temp memory as the stack for calling to C code */ + add sp, a4, a5 + + call SecStartup -- 2.25.1