From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: from mail03.groups.io (mail03.groups.io [45.79.227.220]) by spool.mail.gandi.net (Postfix) with ESMTPS id A2DB2D8027D for ; Fri, 12 Apr 2024 14:33:47 +0000 (UTC) DKIM-Signature: a=rsa-sha256; bh=NNJRgEEIrNhW6qBAHjZeD2C5Kf4Npl3cZSsgVbm/j48=; c=relaxed/simple; d=groups.io; h=Received-SPF:Received-SPF:From:To:CC:Subject:Date:Message-ID:In-Reply-To:References:MIME-Version:NoDisclaimer:Precedence:List-Subscribe:List-Help:Sender:List-Id:Mailing-List:Delivered-To:Resent-Date:Resent-From:Reply-To:List-Unsubscribe-Post:List-Unsubscribe:Content-Type; s=20240206; t=1712932426; v=1; b=ozj28a/K8DOrD3hOg+Kui6sCSbWtzVG3PQ1lNz5BklTLpu//aE1/d1BMuFMq+WR8rNt6dgMa AfxfeXojeEBBXXv6gUq07P3CyZQXiNdFxbFBs+/fmqjYBlt6Z+RDEMYPfKJrvYvmkIgIkjeOB9R pLwVZZNRHlWrxuzO6ljOX+VrBxekMNcrxjz4w6ijiAQh600GFmF6x4d+gHd1pgsHB0n9+sIKZRA xzTQA8DiCoS78TisLjTbQM8AcYQjUOYQGr+YdzZwiBhBdJ7cUY1DcqU+k4wFCngsXVnQBt8QdRQ PJZSEkry8BEPmRe2zIoo9D0XMBm99zBL4GxkXThRBtCfw== X-Received: by 127.0.0.2 with SMTP id tjsbYY7687511xb23jyX7SNz; Fri, 12 Apr 2024 07:33:46 -0700 X-Received: from EUR02-DB5-obe.outbound.protection.outlook.com (EUR02-DB5-obe.outbound.protection.outlook.com [40.107.249.55]) by mx.groups.io with SMTP id smtpd.web10.48528.1712932424773239520 for ; Fri, 12 Apr 2024 07:33:45 -0700 X-Received: from DUZPR01CA0133.eurprd01.prod.exchangelabs.com (2603:10a6:10:4bc::28) by DB3PR08MB8987.eurprd08.prod.outlook.com (2603:10a6:10:431::10) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.7409.55; Fri, 12 Apr 2024 14:33:40 +0000 X-Received: from DU2PEPF00028D13.eurprd03.prod.outlook.com (2603:10a6:10:4bc:cafe::99) by DUZPR01CA0133.outlook.office365.com (2603:10a6:10:4bc::28) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.7472.26 via Frontend Transport; Fri, 12 Apr 2024 14:33:40 +0000 X-MS-Exchange-Authentication-Results: spf=pass (sender IP is 63.35.35.123) smtp.mailfrom=arm.com; dkim=pass (signature was verified) header.d=armh.onmicrosoft.com;dmarc=pass action=none header.from=arm.com; Received-SPF: Pass (protection.outlook.com: domain of arm.com designates 63.35.35.123 as permitted sender) receiver=protection.outlook.com; client-ip=63.35.35.123; helo=64aa7808-outbound-1.mta.getcheckrecipient.com; pr=C X-Received: from 64aa7808-outbound-1.mta.getcheckrecipient.com (63.35.35.123) by DU2PEPF00028D13.mail.protection.outlook.com (10.167.242.27) with Microsoft SMTP Server (version=TLS1_3, cipher=TLS_AES_256_GCM_SHA384) id 15.20.7452.22 via Frontend Transport; Fri, 12 Apr 2024 14:33:40 +0000 X-Received: ("Tessian outbound e14047529286:v313"); Fri, 12 Apr 2024 14:33:39 +0000 X-CheckRecipientChecked: true X-CR-MTA-CID: ca7115d346d54f37 X-CR-MTA-TID: 64aa7808 X-Received: from f6dc26937f29.1 by 64aa7808-outbound-1.mta.getcheckrecipient.com id 580FA303-7F3B-4C6A-95B0-6F491E5686DF.1; Fri, 12 Apr 2024 14:33:32 +0000 X-Received: from EUR02-DB5-obe.outbound.protection.outlook.com by 64aa7808-outbound-1.mta.getcheckrecipient.com with ESMTPS id f6dc26937f29.1 (version=TLSv1.2 cipher=ECDHE-RSA-AES256-GCM-SHA384); Fri, 12 Apr 2024 14:33:32 +0000 X-Received: from DB8P191CA0017.EURP191.PROD.OUTLOOK.COM (2603:10a6:10:130::27) by AS2PR08MB9128.eurprd08.prod.outlook.com (2603:10a6:20b:5fc::10) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.7409.46; Fri, 12 Apr 2024 14:33:31 +0000 X-Received: from DU6PEPF00009529.eurprd02.prod.outlook.com (2603:10a6:10:130:cafe::3d) by DB8P191CA0017.outlook.office365.com (2603:10a6:10:130::27) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.7472.22 via Frontend Transport; Fri, 12 Apr 2024 14:33:31 +0000 X-MS-Exchange-Authentication-Results: spf=pass (sender IP is 40.67.248.234) smtp.mailfrom=arm.com; dkim=none (message not signed) header.d=none;dmarc=pass action=none header.from=arm.com; Received-SPF: Pass (protection.outlook.com: domain of arm.com designates 40.67.248.234 as permitted sender) receiver=protection.outlook.com; client-ip=40.67.248.234; helo=nebula.arm.com; pr=C X-Received: from nebula.arm.com (40.67.248.234) by DU6PEPF00009529.mail.protection.outlook.com (10.167.8.10) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.20.7452.22 via Frontend Transport; Fri, 12 Apr 2024 14:33:31 +0000 X-Received: from AZ-NEU-EX04.Arm.com (10.251.24.32) by AZ-NEU-EX04.Arm.com (10.251.24.32) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.1.2507.35; Fri, 12 Apr 2024 14:33:29 +0000 X-Received: from E114225.Arm.com (10.1.196.56) by mail.arm.com (10.251.24.32) with Microsoft SMTP Server id 15.1.2507.35 via Frontend Transport; Fri, 12 Apr 2024 14:33:29 +0000 From: "Sami Mujawar" To: CC: Sami Mujawar , , , , , , , Subject: [edk2-devel] [PATCH v2 10/45] ArmVirtPkg: Add library for Arm CCA initialisation in PEI Date: Fri, 12 Apr 2024 15:32:47 +0100 Message-ID: <20240412143322.5244-11-sami.mujawar@arm.com> In-Reply-To: <20240412143322.5244-1-sami.mujawar@arm.com> References: <20240412143322.5244-1-sami.mujawar@arm.com> MIME-Version: 1.0 X-EOPAttributedMessage: 1 X-MS-TrafficTypeDiagnostic: DU6PEPF00009529:EE_|AS2PR08MB9128:EE_|DU2PEPF00028D13:EE_|DB3PR08MB8987:EE_ X-MS-Office365-Filtering-Correlation-Id: d5edeeda-3656-4ab2-bf94-08dc5afd8bf6 x-checkrecipientrouted: true NoDisclaimer: true X-MS-Exchange-SenderADCheck: 1 X-MS-Exchange-AntiSpam-Relay: 0 X-Microsoft-Antispam-Untrusted: BCL:0; X-Microsoft-Antispam-Message-Info-Original: 9w27+3Iq3PyFLValbVNDmQwklvWeU9q2G4BFsoAQk5hLXZW1vFGmO3PksobNn3ihySM0YhmLprRyYK+NjgHBaGsf68gI0dm8JbD0fbpyASBy66c4lCKtoYVkVB4yRbhtLQL8pMhrea0rTYHR/Hlp2F3zypmHtu14uiyGkfd9iRfvy6eIZzsaunrETcy80TlTi7C1Xc/rEhiAKz0HPBWdj83gZgBTZoJZYyhHHXiQWE1ENxBF/tpbDbmegoYncO1kRg8ybFbW/cOdNmwEEgqjABMC3Cdl9LzwVUyUe1AZNRgrKN6hgTdWUCc+Z8VeKsLadvdoB6yEPssCKMKKHusxTkdXbDYQvv8tVXjL3EHDZaK5yFM66Jwxt0KW6iFL214lzmIP+YlF7nJGT1vpIFmxoN3dBXSSJWNBB6uKP7ebzKoORUlrxlrTLAvD4mHbCXMinTy6daLtf5Nt9dmuVR5Gm7j2DjjPEjIc1XTab/uS5ZEOsFzJf8XfDZz3rcxkSn+QVnX2wHElDcdorPYMP3M7OF77RmhiaoBYcR8LO/oSES1FIMJzW0zEA0yHQuIurJ+GQY71Dqaqxa73igRrQifRnvb3ZM+rUvzawapVtEqXy/zmP2aXvLXpckQBZ14Dwb/aOZCslqW/4b9FaLRRL6m64HZRY+9Z+lURDbrECn5uSratQFCoGRFWULBsDMD1wk/vyXlQvNDMtS8pmUXkp15W6urXPaP/tBPHgKAArG9EdRFKsb4FTpE9eW0vZ9aq4M4j X-Forefront-Antispam-Report-Untrusted: CIP:40.67.248.234;CTRY:IE;LANG:en;SCL:1;SRV:;IPV:NLI;SFV:NSPM;H:nebula.arm.com;PTR:InfoDomainNonexistent;CAT:NONE;SFS:(13230031)(36860700004)(376005)(82310400014)(1800799015);DIR:OUT;SFP:1101; X-MS-Exchange-Transport-CrossTenantHeadersStamped: AS2PR08MB9128 X-MS-Exchange-Transport-CrossTenantHeadersStripped: DU2PEPF00028D13.eurprd03.prod.outlook.com X-MS-PublicTrafficType: Email X-MS-Office365-Filtering-Correlation-Id-Prvs: 759530a3-3c95-495a-fa56-08dc5afd8698 X-Microsoft-Antispam-Message-Info: kJp0Q5HNN6RM6/P2nUnYPt8tPp3udw2xPEYr1v2gxyrvmLxHUi7jEJVcGYpqBkrgrZ6dDLJlv/F8aUGic24jUWf1gcj9353jdkwVR9TxytuD211gYzRN57E4So57FUMOfmMQh1Udzz2wgqFoce1hm/uWksD6WU4xK4Jc5j2hxK4FxxOgzzaaS5Y2bmXlSXxV1tCGkblYia0vmzeegLQN3ZoDu3nZGlLA0TG+1+Ky7yPdKwJUNOSDUFRseSJICByV4sqqTLAelfVWK+8iZ1TxksZoRvnelfvCRg87oOIEeooSWC4W1o5mr+Oc2la/0XhAxbhQA2QJD4Sf9pZZlmBg82Kk1/GjMG5aagITW0uzTUwADXtt7BhAd49Q6CLmO4hU0JbZUkeOXkCxw8jDoIlW4Q9LYgziD4p4RU7qntRK75XTYsJCx4y1E57kORNR3lRYLMJf3aTpBCTIMGiXIuASMz650ybKN/3S5fnzoADtaFpRfMhDX8himIs9K3dBY5VoEAuxRpqzrYHbJ/TZGFMc4WBuChiciVOFv4A6PmQk4mwoGjRSkoUQZX79/tpC1Ewc+6PrJnX56zK/7nyRMG1svMgFQEKCXjOELu4/escn0ezTRCHMrY73E4IEbq1x5MVHtPZMbR9cxMo81IIMtPHFsi33bqBeyeF/cvxmDSa5Sh3ewoSErMIRL3rnvMGwm5vf/Hkj/iqm0tBBqrRroc6AJggZ/7nX4SJPHGXFNi5pIvg+xzrSj/L1PLAZHQI0pO9k X-OriginatorOrg: arm.com X-MS-Exchange-CrossTenant-OriginalArrivalTime: 12 Apr 2024 14:33:40.1197 (UTC) X-MS-Exchange-CrossTenant-Network-Message-Id: d5edeeda-3656-4ab2-bf94-08dc5afd8bf6 X-MS-Exchange-CrossTenant-Id: f34e5979-57d9-4aaa-ad4d-b122a662184d X-MS-Exchange-CrossTenant-OriginalAttributedTenantConnectingIp: TenantId=f34e5979-57d9-4aaa-ad4d-b122a662184d;Ip=[63.35.35.123];Helo=[64aa7808-outbound-1.mta.getcheckrecipient.com] X-MS-Exchange-CrossTenant-AuthSource: DU2PEPF00028D13.eurprd03.prod.outlook.com X-MS-Exchange-CrossTenant-AuthAs: Anonymous X-MS-Exchange-CrossTenant-FromEntityHeader: HybridOnPrem X-MS-Exchange-Transport-CrossTenantHeadersStamped: DB3PR08MB8987 Precedence: Bulk List-Subscribe: List-Help: Sender: devel@edk2.groups.io List-Id: Mailing-List: list devel@edk2.groups.io; contact devel+owner@edk2.groups.io Resent-Date: Fri, 12 Apr 2024 07:33:45 -0700 Resent-From: sami.mujawar@arm.com Reply-To: devel@edk2.groups.io,sami.mujawar@arm.com List-Unsubscribe-Post: List-Unsubscribe=One-Click List-Unsubscribe: X-Gm-Message-State: Y2UWnlrpjBvXiCy9zG71IA96x7686176AA= Content-Type: text/plain X-GND-Status: LEGIT Authentication-Results: spool.mail.gandi.net; dkim=pass header.d=groups.io header.s=20240206 header.b="ozj28a/K"; spf=pass (spool.mail.gandi.net: domain of bounce@groups.io designates 45.79.227.220 as permitted sender) smtp.mailfrom=bounce@groups.io; dmarc=fail reason="SPF not aligned (relaxed), DKIM not aligned (relaxed)" header.from=arm.com (policy=none) Add ArmCcaInitPeiLib library that performs the Arm CCA specific initialisation in the PEI phase like: - Configuring the system memory as Protected RAM. - Reading the Realm Config and storing the IPA width in a GUID HOB i.e., gArmCcaIpaWidthGuid for subsequent use. - Calling ArmCcaConfigureMmio () to configure the MMIO regions by setting the Unprotected IPA attribute in the page tables. Cc: Ard Biesheuvel Cc: Leif Lindholm Cc: Gerd Hoffmann Signed-off-by: Sami Mujawar --- ArmVirtPkg/ArmVirtPkg.dec | 1 + ArmVirtPkg/Include/Library/ArmCcaInitPeiLib.h | 49 +++++++++ ArmVirtPkg/Library/ArmCcaInitPeiLib/ArmCcaInitPeiLib.c | 116 ++++++++++++++++++++ ArmVirtPkg/Library/ArmCcaInitPeiLib/ArmCcaInitPeiLib.inf | 39 +++++++ 4 files changed, 205 insertions(+) diff --git a/ArmVirtPkg/ArmVirtPkg.dec b/ArmVirtPkg/ArmVirtPkg.dec index 0f95fd43bd189eda713aeccc6c73019e0f815169..23179c89704db789ab649de81873924c3958ab2a 100644 --- a/ArmVirtPkg/ArmVirtPkg.dec +++ b/ArmVirtPkg/ArmVirtPkg.dec @@ -26,6 +26,7 @@ [Includes.common] Include # Root include for the package [LibraryClasses] + ArmCcaInitPeiLib|Include/Library/ArmCcaInitPeiLib.h ArmCcaRsiLib|Include/Library/ArmCcaRsiLib.h ArmVirtMemInfoLib|Include/Library/ArmVirtMemInfoLib.h diff --git a/ArmVirtPkg/Include/Library/ArmCcaInitPeiLib.h b/ArmVirtPkg/Include/Library/ArmCcaInitPeiLib.h new file mode 100644 index 0000000000000000000000000000000000000000..439a70a54a218badd4cd4d6c419df58f57271cc2 --- /dev/null +++ b/ArmVirtPkg/Include/Library/ArmCcaInitPeiLib.h @@ -0,0 +1,49 @@ +/** @file + Library that implements the Arm CCA helper functions. + + Copyright (c) 2022 2023, Arm Ltd. All rights reserved.
+ SPDX-License-Identifier: BSD-2-Clause-Patent + + - Rsi or RSI - Realm Service Interface + - IPA - Intermediate Physical Address + - RIPAS - Realm IPA state +**/ + +#ifndef ARM_CCA_INIT_PEI_LIB_ +#define ARM_CCA_INIT_PEI_LIB_ + +#include + +/** + Configure the System Memory region as Protected RAM. + + When a VMM creates a Realm, a small amount of DRAM (which contains the + firmware image) and the initial content is configured as Protected RAM. + The remaining System Memory is in the Protected Empty state. The firmware + must then initialise the remaining System Memory as Protected RAM before + it can be accessed. + + @retval RETURN_SUCCESS Success. + @retval RETURN_INVALID_PARAMETER A parameter is invalid. + @retval RETURN_UNSUPPORTED The execution context is not in a Realm. +**/ +RETURN_STATUS +EFIAPI +ArmCcaConfigureSystemMemory ( + VOID + ); + +/** + Perform Arm CCA specific initialisations. + + @retval RETURN_SUCCESS Success or execution context is not a Realm. + @retval RETURN_OUT_OF_RESOURCES Out of resources. + @retval RETURN_INVALID_PARAMETER A parameter is invalid. +**/ +RETURN_STATUS +EFIAPI +ArmCcaInitialize ( + VOID + ); + +#endif // ARM_CCA_LIB_ diff --git a/ArmVirtPkg/Library/ArmCcaInitPeiLib/ArmCcaInitPeiLib.c b/ArmVirtPkg/Library/ArmCcaInitPeiLib/ArmCcaInitPeiLib.c new file mode 100644 index 0000000000000000000000000000000000000000..2b2801cc5426994efc15c970fd6b0adf43bd7d36 --- /dev/null +++ b/ArmVirtPkg/Library/ArmCcaInitPeiLib/ArmCcaInitPeiLib.c @@ -0,0 +1,116 @@ +/** @file + Library that implements the Arm CCA initialisation in PEI phase. + + Copyright (c) 2022 2023, Arm Limited. All rights reserved.
+ SPDX-License-Identifier: BSD-2-Clause-Patent + + @par Glossary: + - Rsi or RSI - Realm Service Interface + - IPA - Intermediate Physical Address + - RIPAS - Realm IPA state +**/ +#include + +#include +#include +#include +#include +#include +#include +#include +#include +#include +#include + +/** + Configure the System Memory region as Protected RAM. + + When a VMM creates a Realm, a small amount of DRAM (which contains the + firmware image) and the initial content is configured as Protected RAM. + The remaining System Memory is in the Protected Empty state. The firmware + must then initialise the remaining System Memory as Protected RAM before + it can be accessed. + + @retval RETURN_SUCCESS Success. + @retval RETURN_INVALID_PARAMETER A parameter is invalid. + @retval RETURN_UNSUPPORTED The execution context is not in a Realm. +**/ +RETURN_STATUS +EFIAPI +ArmCcaConfigureSystemMemory ( + VOID + ) +{ + RETURN_STATUS Status; + + if (!IsRealm ()) { + return RETURN_UNSUPPORTED; + } + + Status = RsiSetIpaState ( + (UINT64 *)PcdGet64 (PcdSystemMemoryBase), + PcdGet64 (PcdSystemMemorySize), + RipasRam + ); + if (RETURN_ERROR (Status)) { + // Panic + CpuDeadLoop (); + } + + return Status; +} + +/** + Perform Arm CCA specific initialisations. + + @retval RETURN_SUCCESS Success or execution context is not a Realm. + @retval RETURN_OUT_OF_RESOURCES Out of resources. + @retval RETURN_INVALID_PARAMETER A parameter is invalid. +**/ +RETURN_STATUS +EFIAPI +ArmCcaInitialize ( + VOID + ) +{ + EFI_STATUS Status; + REALM_CONFIG *Config; + UINT64 *IpaWidthHobData; + + if (!IsRealm ()) { + // Noting to do as the execution context is not a Realm. + return RETURN_SUCCESS; + } + + // Read the Realm Config and store the IPA width in a GUID HOB. + Config = AllocatePages (EFI_SIZE_TO_PAGES (sizeof (REALM_CONFIG))); + if (Config == NULL) { + ASSERT (0); + return RETURN_OUT_OF_RESOURCES; + } + + ZeroMem (Config, sizeof (REALM_CONFIG)); + + Status = RsiGetRealmConfig (Config); + if (RETURN_ERROR (Status)) { + ASSERT (0); + return Status; + } + + IpaWidthHobData = BuildGuidHob ( + &gArmCcaIpaWidthGuid, + sizeof (*IpaWidthHobData) + ); + if (IpaWidthHobData == NULL) { + ASSERT (0); + FreePages (Config, EFI_SIZE_TO_PAGES (sizeof (REALM_CONFIG))); + return RETURN_OUT_OF_RESOURCES; + } + + *IpaWidthHobData = Config->IpaWidth; + + FreePages (Config, EFI_SIZE_TO_PAGES (sizeof (REALM_CONFIG))); + + // Configure the MMIO memory regions. + return ArmCcaConfigureMmio (*IpaWidthHobData); +} diff --git a/ArmVirtPkg/Library/ArmCcaInitPeiLib/ArmCcaInitPeiLib.inf b/ArmVirtPkg/Library/ArmCcaInitPeiLib/ArmCcaInitPeiLib.inf new file mode 100644 index 0000000000000000000000000000000000000000..f2a321d9cdfcf1bd87d6584e3c6834686a298bf0 --- /dev/null +++ b/ArmVirtPkg/Library/ArmCcaInitPeiLib/ArmCcaInitPeiLib.inf @@ -0,0 +1,39 @@ +## @file +# Library that implements the Arm CCA initialisation in PEI phase. +# +# Copyright (c) 2022 - 2023, Arm Limited. All rights reserved.
+# +# SPDX-License-Identifier: BSD-2-Clause-Patent +# +## + +[Defines] + INF_VERSION = 0x0001001B + BASE_NAME = ArmCcaInitPeiLib + FILE_GUID = 9A8C3768-79ED-487E-8155-BBF4DD638296 + MODULE_TYPE = BASE + VERSION_STRING = 1.0 + LIBRARY_CLASS = ArmCcaInitPeiLib + +[Sources] + ArmCcaInitPeiLib.c + +[Packages] + ArmPkg/ArmPkg.dec + ArmVirtPkg/ArmVirtPkg.dec + MdePkg/MdePkg.dec + +[LibraryClasses] + ArmCcaLib + ArmCcaRsiLib + ArmLib + ArmMmuLib + ArmVirtMemInfoLib + BaseLib + +[Pcd] + gArmTokenSpaceGuid.PcdSystemMemoryBase + gArmTokenSpaceGuid.PcdSystemMemorySize + +[Guids] + gArmCcaIpaWidthGuid -- 'Guid(CE165669-3EF3-493F-B85D-6190EE5B9759)' -=-=-=-=-=-=-=-=-=-=-=- Groups.io Links: You receive all messages sent to this group. View/Reply Online (#117671): https://edk2.groups.io/g/devel/message/117671 Mute This Topic: https://groups.io/mt/105483409/7686176 Group Owner: devel+owner@edk2.groups.io Unsubscribe: https://edk2.groups.io/g/devel/unsub [rebecca@openfw.io] -=-=-=-=-=-=-=-=-=-=-=-