* [edk2-devel] [PATCH v2 00/45] Support for Arm CCA guest firmware
@ 2024-04-12 15:13 Sami Mujawar
2024-04-12 15:13 ` [edk2-devel] [PATCH v2 30/45] ArmVirtPkg: ArmCcaRsiLib: Fix incorrect RSI version masks Sami Mujawar
` (4 more replies)
0 siblings, 5 replies; 6+ messages in thread
From: Sami Mujawar @ 2024-04-12 15:13 UTC (permalink / raw)
To: devel
Cc: Sami Mujawar, ardb+tianocore, quic_llindhol, kraxel,
michael.d.kinney, gaoliming, zhiguang.liu, Suzuki.Poulose,
Steven.Price, Pierre.Gondois, Matteo.Carlini, Akanksha.Jain2,
Sibel.Allinson, nd
This v2 series enables the Arm Confidential Compute Architecture (CCA)
support for the Kvmtool guest firmware and is aligned with the ARM CCA
RMM 1.0-eac5 specification.
The feedback received for the RFC v1 series has been addressed in this
series and the intention is to integrate the Arm CCA support in ArmVirtPkg
and enable the guest firmware support for Realms.
Summary of updates in this v2 Series:
----------------------------------------
1. Variable emulation support patches that we part of v1 series
are already merged, hence dropped from this series.
2. SetMemoryRegionAttributes() was dropped in the upstream
code. Therefore, introduced SetMemoryProtectionAttribute()
to configure the top bit of the Realm IPA space which is
used as the protection bit
3. The patch to add the APRIORI Dxe ArmCcaDxe has been dropped.
4. Dropped patch that configured PcdMonitorConduitHvc as a
dynamic PCD, and introduced ArmVirtMonitorLib, a new
instance of the ArmMonitorLib that reads the conduit to
be used from the FDT.
4. Bug fixes to correct the size of IMM field in RSI Host
Call arguments, and to correct the RSI Version mask
5. Patches 32 to 43 include updates to the firmware support
to RMM specification v1.0-EAC5.
6. Minor optimisations, e.g. to cache the current world value.
Introduction
============
Arm Confidential Compute Architecture (CCA)
-------------------------------------------
Arm CCA is a reference software architecture and implementation that
builds on the Realm Management Extension (RME), enabling the execution
of Virtual machines (VMs), while preventing access by more privileged
software, such as hypervisor. Arm CCA allows the hypervisor to control
the VM, but removes the right for access to the code, register state or
data used by VM.
More information on the architecture is available here [1].
Realm World || Normal World || Secure World ||
|| | || ||
EL0 x---------x || x----x | x------x || ||
| Realm | || | | | | | || ||
| VM* | || | VM | | | | || ||
|x-------x| || | | | | | || ||
|| || || | | | | H | || ||
|| Guest || || | | | | | || ||
----|| OS ||--------||-| |---| o |-||----------------||
|| || || | | | | | || ||
|x-------x| || | | | | s | || ||
| ^ | || | | | | | || ||
| | | || | | | | t | || ||
|+-------+| || | | | | | || ||
|| REALM || || | | | | | || ||
|| GUEST || || | | | | O | || ||
|| UEFI || || | | | | | || ||
|+-------+| || | | | | S | || ||
EL1 x---------x || x----x | | | || ||
^ || | | | || ||
| || | | | || ||
-------- R*------------||----------| |-||----------------||
S || | | || ||
I || x-->| | || ||
| || | | | || ||
| || | x------x || ||
| || | ^ || ||
v || SMC | || ||
x-------x || | x------x || ||
| RMM* | || | | HOST | || ||
x-------x || | | UEFI | || ||
^ || | x------x || ||
EL2 | || | || ||
| || | || ||
=========|=====================|================================
| |
x------- *RMI* -------x
EL3 Root World
EL3 Firmware
===============================================================
Where:
RMM - Realm Management Monitor
RMI - Realm Management Interface
RSI - Realm Service Interface
SMC - Secure Monitor Call
RME introduces two added additional worlds, "Realm world" and "Root
World" in addition to the traditional Secure world and Normal world.
The Arm CCA defines a new component, Realm Management Monitor (RMM)
that runs at R-EL2. This is a standard piece of firmware, verified,
installed and loaded by the EL3 firmware (e.g., TF-A), at system boot.
The RMM provides a standard interface Realm Management Interface (RMI)
to the Normal world hypervisor to manage the VMs running in the Realm
world (also called Realms). These are exposed via SMC and are routed
through the EL3 firmware.
The RMM also provides certain services to the Realms via SMC, called
the Realm Service Interface (RSI). These include:
- Realm Guest Configuration
- Attestation & Measurement services
- Managing the state of an Intermediate Physical Address (IPA aka GPA)
page
- Host Call service (Communication with the Normal world Hypervisor).
This patch series aligns with the RMM *v1.0-eac5* specification, and
the latest version is available here [2].
The Trusted Firmware foundation has an implementation of the RMM -
TF-RMM - available here [4].
Implementation
==============
This version of the Realm Guest UEFI firmware is intended to be
used with the Linux Kernel stack[7] which is also based on the
RMM specification v1.0-eac5[3].
This release includes the following features:
a) Boot a Linux Kernel in a Realm VM using the Realm Guest UEFI
firmware
b) Hardware description is provided using ACPI tables
c) Support for Virtio v1.0
d) All I/O are treated as non-secure/shared
e) Load the Linux Kernel and RootFS from a Virtio attached disk
using the Virtio-1.0 PCIe transport.
Overview of updates for enabling Arm CCA
----------------------------------------
The Arm CCA implementation is spread across a number of libraries
that provide required functionality during various phases of the
firmware boot.
The following libraries have been provided:
i. ArmCcaInitPeiLib - A library that implements the hook functions
in the PEI phase
ii. ArmCcaLib - A library that implements common functions like
checking if RME extension is implemented and to configure the
Protection attribute for the memory regions
iii. ArmCcaRsiLib - A library that implements the Realm Service
Interface functions.
A NULL implementation of the ArmCcaInitPeiLib and ArmCcaLib is also
provided for platforms that do not implement the RME extensions.
Additionally, the following DXE modules have been provided to implement
the required functionality in the DXE phase.
i. RealmApertureManagementProtocolDxe - A DXE that implements the
Realm Aperture Management Protocol, used to manage the sharing
of buffers in a Realm with the Host
ii. ArmCcaIoMmuDxe - A driver which implements the EDKII_IOMMU_PROTOCOL
that provides the necessary hooks so that DMA operations can be
performed by bouncing buffers using pages shared with the Host.
Arm CCA updates in PEI phase
----------------------------
For supporting Arm CCA two hooks have been added in the PrePi module:
i. An early hook to configure the System Memory as Protected RAM
ii. A second hook after the MMU is initialised to perform the
remaining CCA initialisations like reading the Realm Config
to determine the IPA width of the realm, configuring the
Protection attribute for the MMIO regions, etc.
These hook functions are implemented in ArmCcaInitPeiLib. A NULL
version of the library has also been provided for implementations
that do not have the RME extensions.
Additionally, the ArmVirtMemInfoLib has been updated to implement
a platform specific hook function ArmCcaConfigureMmio() that can
configure the protection attribute for the MMIO regions for the
platform.
+=====+
|PrePi|
+=====+
|
_ModuleEntryPoint()
===================
|
DiscoverDramFromDt()
|
+--> ArmCcaInitPeiLib|ArmCcaConfigureSystemMemory()
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
| // configure System Memory
---------------- // as Protected RAM.
|
...
|
--------
|
CEntryPoint()
|
PrePiMain()
===========
|
...
|
ProcessLibraryConstructorList()
|
MemoryPeim()
|
ArmCcaInitPeiLib|ArmCcaInitialize() // Perform Arm CCA
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ // initialisations,
| // like reading the
| // Realm Config, etc.
|
ArmVirtMemInfoLib|ArmCcaConfigureMmio()
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
| // Configure Protection attribute
-------- // for the MMIO region.
|
----------
|
...
|
+===+
|DXE|
+===+
Building the UEFI firmware
============================
a. Set up the development environment
Follow the steps as described in
https://github.com/tianocore/edk2-platforms/blob/master/Platform/ARM/Readme.md
b. The source code for the Host and Realm Guest firmware can
be downloaded from [12].
c. Building the Host UEFI firmware for FVP Base RevC AEM Model
Follow the instructions in
https://github.com/tianocore/edk2-platforms/blob/master/Platform/ARM/Readme.md
to "Build the firmware for Arm FVP Base AEMv8A-AEMv8A model
platform" based on your development environment configuration.
Note: The same firmware binary can be used for both the Arm FVP
Base AEMv8A-AEMv8A and the FVP Base RevC AEM Model.
d. Building the Realm Guest UEFI firmware for kvmtool:
To build the kvmtool guest firmware, run the following commands:
$build -a AARCH64 -t GCC5 -p ArmVirtPkg/ArmVirtKvmTool.dsc -b DEBUG
$build -a AARCH64 -t GCC5 -p ArmVirtPkg/ArmVirtKvmTool.dsc -b RELEASE
The Kvmtool guest firmware binaries are at the following location:
$WORKSPACE/Build/ArmVirtKvmTool-AARCH64/<DEBUG|RELEASE>_GCC5/
FV/KVMTOOL_EFI.fd
Running the stack
====================
To run/test the stack, you would need the following components:
i. FVP Base AEM RevC model with FEAT_RME support [5]
ii. TF-A firmware for EL3 [6]
iii. TF-A RMM for R-EL2 [4]
iv. Linux Kernel [7]
v. kvmtool [8]
vi. UEFI Firmware for Arm CCA [12].
Instructions for building the remaining firmware components and
running the model are available here [10]. Once, the host kernel
has finished booting, a Realm can be launched by invoking the
`lkvm` command as follows:
$ lkvm run --realm \
--restricted_mem \
--measurement-algo=["sha256", "sha512"] \
--firmware KVMTOOL_EFI.fd \
-m 512 \
--irqchip=gicv3-its \
--force-pci \
--disk <Disk image containing the Guest Kernel & RootFS>
<normal-vm-options>
Where:
* --measurement-algo (Optional) specifies the algorithm selected for
creating the initial measurements by the RMM for this Realm (defaults
to sha256)
* GICv3 is mandatory for the Realms
* --force-pci is required as only Virtio-v1.0 PCIe transport is
supported.
Links
============
[1] Arm CCA Landing page (See Key Resources section for various documentations)
https://www.arm.com/armcca
[2] RMM Specification Latest
https://developer.arm.com/documentation/den0137/latest
[3] RMM v1.0-eac5 specification
https://developer.arm.com/documentation/den0137/1-0eac5
[4] Trusted Firmware RMM - TF-RMM
https://www.trustedfirmware.org/projects/tf-rmm/
GIT: https://git.trustedfirmware.org/TF-RMM/tf-rmm.git
TAG: rmm-spec-v1.0-eac5
[5] FVP Base RevC AEM Model (available on x86_64 / Arm64 Linux)
https://developer.arm.com/Tools%20and%20Software/Fixed%20Virtual%20Platforms
[6] Trusted Firmware for A class
https://www.trustedfirmware.org/projects/tf-a/
[7] Linux kernel support for Arm-CCA
https://gitlab.arm.com/linux-arm/linux-cca
KVM Support branch: cca-host/v2
Linux Guest branch: cca-guest/v2
Full stack branch: cca-full/v2
[8] kvmtool support for Arm CCA
https://gitlab.arm.com/linux-arm/kvmtool-cca
Branch: cca/v2
[9] kvm-unit-tests support for Arm CCA
https://gitlab.arm.com/linux-arm/kvm-unit-tests-cca
Branch: cca/v2
[10] Instructions for Building Firmware components and running the model, see
section 4.19.2 "Building and running TF-A with RME"
https://trustedfirmware-a.readthedocs.io/en/latest/components/realm-management-extension.html#building-and-running-tf-a-with-rme
[11] RFC V1 series posted previously for adding support for Arm CCA guest firmware:
https://edk2.groups.io/g/devel/message/103581
[12] UEFI Firmware support for Arm CCA
Host & Guest Support:
- Repo:
edk2: https://gitlab.arm.com/linux-arm/edk2-cca
edk2-platforms: https://gitlab.arm.com/linux-arm/edk2-platforms-cca
- Branch: 2865_arm_cca_v2
- URLs:
edk2: https://gitlab.arm.com/linux-arm/edk2-cca/-/tree/2865_arm_cca_v2
edk2-platforms: https://gitlab.arm.com/linux-arm/edk2-platforms-cca/-/tree/2865_arm_cca_v2
Sami Mujawar (45):
ArmPkg: Add helper function to detect RME
ArmPkg: Introduce SetMemoryProtectionAttribute() for Realms
ArmPkg: Extend number of parameter registers in SMC call
ArmVirtPkg: Add Arm CCA Realm Service Interface Library
ArmVirtPkg: ArmCcaRsiLib: Add interfaces to manage the Realm IPA state
ArmVirtPkg: ArmCcaRsiLib: Add an interface to get an attestation token
ArmVirtPkg: ArmCcaRsiLib: Add interfaces to get/extend REMs
ArmVirtPkg: ArmCcaRsiLib: Add an interface to make a RSI Host Call
ArmVirtPkg: Define a GUID HOB for IPA width of a Realm
ArmVirtPkg: Add library for Arm CCA initialisation in PEI
ArmVirtPkg: Add NULL instance of ArmCcaInitPeiLib
ArmVirtPkg: Add library for Arm CCA helper functions
ArmVirtPkg: Add Null instance of ArmCcaLib
ArmVirtPkg: Define an interface to configure MMIO regions for Arm CCA
ArmVirtPkg: CloudHv: Add a NULL implementation of ArmCcaConfigureMmio
ArmVirtPkg: Qemu: Add a NULL implementation of ArmCcaConfigureMmio
ArmVirtPkg: Xen: Add a NULL implementation of ArmCcaConfigureMmio
ArmVirtPkg: Configure the MMIO regions for Arm CCA
ArmVirtPkg: Kvmtool: Use Null version of DebugLib in PrePi
ArmVirtPkg: Introduce ArmVirtMonitorLib library
ArmVirtPkg: Kvmtool: Use ArmVirt instance of ArmMonitorLib
ArmVirtPkg: Add Arm CCA libraries for Kvmtool guest firmware
ArmVirtPkg: Arm CCA configure system memory in early Pei
ArmVirtPkg: Perform Arm CCA initialisation in the Pei phase
ArmVirtPkg: Introduce Realm Aperture Management Protocol
ArmVirtPkg: IoMMU driver to DMA from Realms
ArmVirtPkg: Enable Virtio communication for Arm CCA
MdePkg: Warn if AArch64 RNDR instruction is not supported
ArmVirtPkg: Kvmtool: Switch to use BaseRng for AArch64
ArmVirtPkg: ArmCcaRsiLib: Fix incorrect RSI version masks
ArmVirtPkg: ArmCcaRsiLib: Fix size of Imm field in HostCallArgs
ArmVirtPkg: RMM 1.0-bet1 - Update width of RSI host call struct
ArmVirtPkg: RMM 1.0-bet2 - Increase number of RSI host call args
ArmVirtPkg: RMM 1.0-eac0 - Update RsiSetIpaState parameter usage
ArmVirtPkg: RMM 1.0-eac1 - Relax alignment of RSI host call arg
ArmVirtPkg: RMM 1.0-eac2 - Update RsiRealmConfig structure
ArmVirtPkg: RMM 1.0-eac2 - Add RIPAS DESTROYED state
ArmVirtPkg: RMM 1.0-eac2 - Add RsiRipasChangeFlags definitions
ArmVirtPkg: RMM 1.0-eac2 - Add Flags to RsiSetIpaState()
ArmVirtPkg: RMM 1.0-eac3 - Handle RsiSetIpaState() response
ArmVirtPkg: RMM 1.0-eac4 - Add RSI Features support
ArmVirtPkg: RMM 1.0-eac5 - Attestation token API updates
ArmVirtPkg: RMM 1.0-eac5 - Update RSI Version support
ArmVirtPkg: ArmCcaLib: Cache current world value
ArmVirtPkg: ArmCcaIoMmu: Provide an implementation for SetAttribute
ArmPkg/Include/Chipset/AArch64.h | 3 +-
ArmPkg/Include/Library/ArmLib.h | 15 +-
ArmPkg/Include/Library/ArmMmuLib.h | 55 ++
ArmPkg/Include/Library/ArmSmcLib.h | 50 +-
ArmPkg/Library/ArmLib/AArch64/AArch64Lib.c | 16 +-
ArmPkg/Library/ArmMmuLib/AArch64/ArmMmuLibCore.c | 90 ++
ArmPkg/Library/ArmSmcLib/AArch64/ArmSmc.S | 22 +-
ArmVirtPkg/ArmCcaIoMmuDxe/ArmCcaIoMmu.c | 872 ++++++++++++++++++++
ArmVirtPkg/ArmCcaIoMmuDxe/ArmCcaIoMmu.h | 66 ++
ArmVirtPkg/ArmCcaIoMmuDxe/ArmCcaIoMmuDxe.c | 59 ++
ArmVirtPkg/ArmCcaIoMmuDxe/ArmCcaIoMmuDxe.inf | 45 +
ArmVirtPkg/ArmVirt.dsc.inc | 6 +-
ArmVirtPkg/ArmVirtKvmTool.dsc | 26 +-
ArmVirtPkg/ArmVirtKvmTool.fdf | 10 +
ArmVirtPkg/ArmVirtPkg.dec | 7 +
ArmVirtPkg/Include/Library/ArmCcaInitPeiLib.h | 49 ++
ArmVirtPkg/Include/Library/ArmCcaLib.h | 114 +++
ArmVirtPkg/Include/Library/ArmCcaRsiLib.h | 376 +++++++++
ArmVirtPkg/Include/Library/ArmVirtMemInfoLib.h | 19 +-
ArmVirtPkg/Include/Protocol/RealmApertureManagementProtocol.h | 103 +++
ArmVirtPkg/Library/ArmCcaInitPeiLib/ArmCcaInitPeiLib.c | 117 +++
ArmVirtPkg/Library/ArmCcaInitPeiLib/ArmCcaInitPeiLib.inf | 39 +
ArmVirtPkg/Library/ArmCcaInitPeiLibNull/ArmCcaInitPeiLibNull.c | 59 ++
ArmVirtPkg/Library/ArmCcaInitPeiLibNull/ArmCcaInitPeiLibNull.inf | 27 +
ArmVirtPkg/Library/ArmCcaLib/ArmCcaLib.c | 184 +++++
ArmVirtPkg/Library/ArmCcaLib/ArmCcaLib.inf | 34 +
ArmVirtPkg/Library/ArmCcaLibNull/ArmCcaLibNull.c | 117 +++
ArmVirtPkg/Library/ArmCcaLibNull/ArmCcaLibNull.inf | 28 +
ArmVirtPkg/Library/ArmCcaRsiLib/ArmCcaRsi.h | 59 ++
ArmVirtPkg/Library/ArmCcaRsiLib/ArmCcaRsiLib.c | 744 +++++++++++++++++
ArmVirtPkg/Library/ArmCcaRsiLib/ArmCcaRsiLib.inf | 29 +
ArmVirtPkg/Library/ArmVirtMonitorLib/ArmVirtMonitorLib.c | 119 +++
ArmVirtPkg/Library/ArmVirtMonitorLib/ArmVirtMonitorLib.inf | 37 +
ArmVirtPkg/Library/CloudHvVirtMemInfoLib/CloudHvVirtMemInfoLib.c | 22 +-
ArmVirtPkg/Library/KvmtoolVirtMemInfoLib/KvmtoolVirtMemInfoLib.c | 39 +-
ArmVirtPkg/Library/KvmtoolVirtMemInfoLib/KvmtoolVirtMemInfoLib.inf | 3 +-
ArmVirtPkg/Library/QemuVirtMemInfoLib/QemuVirtMemInfoLib.c | 21 +
ArmVirtPkg/Library/XenVirtMemInfoLib/XenVirtMemInfoLib.c | 21 +
ArmVirtPkg/PrePi/AArch64/ModuleEntryPoint.S | 6 +-
ArmVirtPkg/PrePi/ArmVirtPrePiUniCoreRelocatable.inf | 3 +-
ArmVirtPkg/PrePi/PrePi.c | 8 +
ArmVirtPkg/RealmApertureManagementProtocolDxe/RealmApertureManagementProtocolDxe.c | 660 +++++++++++++++
ArmVirtPkg/RealmApertureManagementProtocolDxe/RealmApertureManagementProtocolDxe.inf | 48 ++
MdePkg/Library/BaseRngLib/AArch64/Rndr.c | 10 +-
44 files changed, 4409 insertions(+), 28 deletions(-)
create mode 100644 ArmVirtPkg/ArmCcaIoMmuDxe/ArmCcaIoMmu.c
create mode 100644 ArmVirtPkg/ArmCcaIoMmuDxe/ArmCcaIoMmu.h
create mode 100644 ArmVirtPkg/ArmCcaIoMmuDxe/ArmCcaIoMmuDxe.c
create mode 100644 ArmVirtPkg/ArmCcaIoMmuDxe/ArmCcaIoMmuDxe.inf
create mode 100644 ArmVirtPkg/Include/Library/ArmCcaInitPeiLib.h
create mode 100644 ArmVirtPkg/Include/Library/ArmCcaLib.h
create mode 100644 ArmVirtPkg/Include/Library/ArmCcaRsiLib.h
create mode 100644 ArmVirtPkg/Include/Protocol/RealmApertureManagementProtocol.h
create mode 100644 ArmVirtPkg/Library/ArmCcaInitPeiLib/ArmCcaInitPeiLib.c
create mode 100644 ArmVirtPkg/Library/ArmCcaInitPeiLib/ArmCcaInitPeiLib.inf
create mode 100644 ArmVirtPkg/Library/ArmCcaInitPeiLibNull/ArmCcaInitPeiLibNull.c
create mode 100644 ArmVirtPkg/Library/ArmCcaInitPeiLibNull/ArmCcaInitPeiLibNull.inf
create mode 100644 ArmVirtPkg/Library/ArmCcaLib/ArmCcaLib.c
create mode 100644 ArmVirtPkg/Library/ArmCcaLib/ArmCcaLib.inf
create mode 100644 ArmVirtPkg/Library/ArmCcaLibNull/ArmCcaLibNull.c
create mode 100644 ArmVirtPkg/Library/ArmCcaLibNull/ArmCcaLibNull.inf
create mode 100644 ArmVirtPkg/Library/ArmCcaRsiLib/ArmCcaRsi.h
create mode 100644 ArmVirtPkg/Library/ArmCcaRsiLib/ArmCcaRsiLib.c
create mode 100644 ArmVirtPkg/Library/ArmCcaRsiLib/ArmCcaRsiLib.inf
create mode 100644 ArmVirtPkg/Library/ArmVirtMonitorLib/ArmVirtMonitorLib.c
create mode 100644 ArmVirtPkg/Library/ArmVirtMonitorLib/ArmVirtMonitorLib.inf
create mode 100644 ArmVirtPkg/RealmApertureManagementProtocolDxe/RealmApertureManagementProtocolDxe.c
create mode 100644 ArmVirtPkg/RealmApertureManagementProtocolDxe/RealmApertureManagementProtocolDxe.inf
--
'Guid(CE165669-3EF3-493F-B85D-6190EE5B9759)'
-=-=-=-=-=-=-=-=-=-=-=-
Groups.io Links: You receive all messages sent to this group.
View/Reply Online (#117716): https://edk2.groups.io/g/devel/message/117716
Mute This Topic: https://groups.io/mt/105484270/7686176
Group Owner: devel+owner@edk2.groups.io
Unsubscribe: https://edk2.groups.io/g/devel/unsub [rebecca@openfw.io]
-=-=-=-=-=-=-=-=-=-=-=-
^ permalink raw reply [flat|nested] 6+ messages in thread
* [edk2-devel] [PATCH v2 30/45] ArmVirtPkg: ArmCcaRsiLib: Fix incorrect RSI version masks
2024-04-12 15:13 [edk2-devel] [PATCH v2 00/45] Support for Arm CCA guest firmware Sami Mujawar
@ 2024-04-12 15:13 ` Sami Mujawar
2024-04-12 15:13 ` [edk2-devel] [PATCH v2 41/45] ArmVirtPkg: RMM 1.0-eac4 - Add RSI Features support Sami Mujawar
` (3 subsequent siblings)
4 siblings, 0 replies; 6+ messages in thread
From: Sami Mujawar @ 2024-04-12 15:13 UTC (permalink / raw)
To: devel
Cc: Sami Mujawar, ardb+tianocore, quic_llindhol, kraxel,
Matteo.Carlini, Akanksha.Jain2, Sibel.Allinson, nd
The RsiInterfaceVersion fieldset contains an RSI interface
version and the width of this fieldset is 64 bits.
The bits 15:0 of this fieldset represent the RSI minor
revision number and the bits 30:16 represent the major
revision number. The remaining bits 63:31 are reserved
and should be zero.
The RSI version masks were incorrectly defined which
resulted in an incorrect RSI version being returned
by RsiGetVersion (). Therefore, fix the RSI version
masks to reflect the bit fields defined by the RMM
specification.
Cc: Ard Biesheuvel <ardb+tianocore@kernel.org>
Cc: Leif Lindholm <quic_llindhol@quicinc.com>
Cc: Gerd Hoffmann <kraxel@redhat.com>
Signed-off-by: Sami Mujawar <sami.mujawar@arm.com>
---
ArmVirtPkg/Library/ArmCcaRsiLib/ArmCcaRsi.h | 4 ++--
1 file changed, 2 insertions(+), 2 deletions(-)
diff --git a/ArmVirtPkg/Library/ArmCcaRsiLib/ArmCcaRsi.h b/ArmVirtPkg/Library/ArmCcaRsiLib/ArmCcaRsi.h
index 70e84a20711f04c32a5850230cc907a6d231f50b..b1c359e2486c20ee19493b10ed3fcef1e20f2689 100644
--- a/ArmVirtPkg/Library/ArmCcaRsiLib/ArmCcaRsi.h
+++ b/ArmVirtPkg/Library/ArmCcaRsiLib/ArmCcaRsi.h
@@ -41,8 +41,8 @@
See Section B4.4.3, RMM Specification, version A-bet0.
The width of the RsiInterfaceVersion fieldset is 64 bits.
*/
-#define RSI_VER_MINOR_MASK 0x00FFULL
-#define RSI_VER_MAJOR_MASK 0x7F00ULL
+#define RSI_VER_MINOR_MASK 0x0000FFFFULL
+#define RSI_VER_MAJOR_MASK 0x7FFF0000ULL
#define RSI_VER_MAJOR_SHIFT 16
#endif // ARM_CCA_RSI_H_
--
'Guid(CE165669-3EF3-493F-B85D-6190EE5B9759)'
-=-=-=-=-=-=-=-=-=-=-=-
Groups.io Links: You receive all messages sent to this group.
View/Reply Online (#117712): https://edk2.groups.io/g/devel/message/117712
Mute This Topic: https://groups.io/mt/105484263/7686176
Group Owner: devel+owner@edk2.groups.io
Unsubscribe: https://edk2.groups.io/g/devel/unsub [rebecca@openfw.io]
-=-=-=-=-=-=-=-=-=-=-=-
^ permalink raw reply related [flat|nested] 6+ messages in thread
* [edk2-devel] [PATCH v2 41/45] ArmVirtPkg: RMM 1.0-eac4 - Add RSI Features support
2024-04-12 15:13 [edk2-devel] [PATCH v2 00/45] Support for Arm CCA guest firmware Sami Mujawar
2024-04-12 15:13 ` [edk2-devel] [PATCH v2 30/45] ArmVirtPkg: ArmCcaRsiLib: Fix incorrect RSI version masks Sami Mujawar
@ 2024-04-12 15:13 ` Sami Mujawar
2024-04-12 15:13 ` [edk2-devel] [PATCH v2 43/45] ArmVirtPkg: RMM 1.0-eac5 - Update RSI Version support Sami Mujawar
` (2 subsequent siblings)
4 siblings, 0 replies; 6+ messages in thread
From: Sami Mujawar @ 2024-04-12 15:13 UTC (permalink / raw)
To: devel
Cc: Sami Mujawar, ardb+tianocore, quic_llindhol, kraxel,
Matteo.Carlini, Akanksha.Jain2, Sibel.Allinson, nd
The RMM 1.0-eac4 introduces a new FID RSI_FEATURES
to query the RSI features supported that have been
implemented.
Therefore, introduce a new function RsiGetFeatures
to query the features supported by the RSI.
Cc: Ard Biesheuvel <ardb+tianocore@kernel.org>
Cc: Leif Lindholm <quic_llindhol@quicinc.com>
Cc: Gerd Hoffmann <kraxel@redhat.com>
Signed-off-by: Sami Mujawar <sami.mujawar@arm.com>
---
ArmVirtPkg/Include/Library/ArmCcaRsiLib.h | 24 +++++++++++-
ArmVirtPkg/Library/ArmCcaRsiLib/ArmCcaRsi.h | 3 +-
ArmVirtPkg/Library/ArmCcaRsiLib/ArmCcaRsiLib.c | 39 +++++++++++++++++++-
3 files changed, 63 insertions(+), 3 deletions(-)
diff --git a/ArmVirtPkg/Include/Library/ArmCcaRsiLib.h b/ArmVirtPkg/Include/Library/ArmCcaRsiLib.h
index 88351f53336c42c032fcff6ea97ea7728b917b76..8c1c0d5bc19d14fa640464c8d0d44e3ef522ba79 100644
--- a/ArmVirtPkg/Include/Library/ArmCcaRsiLib.h
+++ b/ArmVirtPkg/Include/Library/ArmCcaRsiLib.h
@@ -11,7 +11,7 @@
- REM - Realm Extensible Measurement
@par Reference(s):
- - Realm Management Monitor (RMM) Specification, version 1.0-eac3
+ - Realm Management Monitor (RMM) Specification, version 1.0-eac4
(https://developer.arm.com/documentation/den0137/)
**/
@@ -334,4 +334,26 @@ RsiGetVersion (
OUT UINT16 *CONST Minor
);
+/**
+ Get the features supported by the RSI implementation.
+
+ RMM implementations across different CCA platforms may support
+ disparate features and may offer disparate configuration options
+ for Realms. The features supported by an RSI implementation are
+ discovered by reading feature pseudo-register values using the
+ RSI_FEATURES command.
+
+ @param [in] FeatureRegIndex The Feature Register Index.
+ @param [out] FeatureRegValue The Feature Register Value.
+
+ @retval RETURN_SUCCESS Success.
+ @retval RETURN_INVALID_PARAMETER A parameter is invalid.
+**/
+RETURN_STATUS
+EFIAPI
+RsiGetFeatures (
+ IN UINT64 FeatureRegIndex,
+ OUT UINT64 *FeatureRegValue
+ );
+
#endif // ARM_CCA_RSI_LIB_
diff --git a/ArmVirtPkg/Library/ArmCcaRsiLib/ArmCcaRsi.h b/ArmVirtPkg/Library/ArmCcaRsiLib/ArmCcaRsi.h
index b1c359e2486c20ee19493b10ed3fcef1e20f2689..cd2c9ac05c02413caeed26fd764320dd751ea05b 100644
--- a/ArmVirtPkg/Library/ArmCcaRsiLib/ArmCcaRsi.h
+++ b/ArmVirtPkg/Library/ArmCcaRsiLib/ArmCcaRsi.h
@@ -10,7 +10,7 @@
- RIPAS - Realm IPA state
@par Reference(s):
- - Realm Management Monitor (RMM) Specification, version A-bet0
+ - Realm Management Monitor (RMM) Specification, version 1.0-eac4
(https://developer.arm.com/documentation/den0137/)
**/
@@ -20,6 +20,7 @@
// FIDs for Realm Service Interface calls.
#define FID_RSI_ATTESTATION_TOKEN_CONTINUE 0xC4000195
#define FID_RSI_ATTESTATION_TOKEN_INIT 0xC4000194
+#define FID_RSI_FEATURES 0xC4000191
#define FID_RSI_HOST_CALL 0xC4000199
#define FID_RSI_IPA_STATE_GET 0xC4000198
#define FID_RSI_IPA_STATE_SET 0xC4000197
diff --git a/ArmVirtPkg/Library/ArmCcaRsiLib/ArmCcaRsiLib.c b/ArmVirtPkg/Library/ArmCcaRsiLib/ArmCcaRsiLib.c
index 12636c484824426b2ea81ca007d962f5f7c58f8c..edd2e11f786d11191f13dd9b087cdeec4127b375 100644
--- a/ArmVirtPkg/Library/ArmCcaRsiLib/ArmCcaRsiLib.c
+++ b/ArmVirtPkg/Library/ArmCcaRsiLib/ArmCcaRsiLib.c
@@ -11,7 +11,7 @@
- REM - Realm Extensible Measurement
@par Reference(s):
- - Realm Management Monitor (RMM) Specification, version 1.0-eac3
+ - Realm Management Monitor (RMM) Specification, version 1.0-eac4
(https://developer.arm.com/documentation/den0137/)
**/
@@ -574,3 +574,40 @@ RsiGetVersion (
*Major = (SmcCmd.Arg0 & RSI_VER_MAJOR_MASK) >> RSI_VER_MAJOR_SHIFT;
return RETURN_SUCCESS;
}
+
+/**
+ Get the features supported by the RSI implementation.
+
+ RMM implementations across different CCA platforms may support
+ disparate features and may offer disparate configuration options
+ for Realms. The features supported by an RSI implementation are
+ discovered by reading feature pseudo-register values using the
+ RSI_FEATURES command.
+
+ @param [in] FeatureRegIndex The Feature Register Index.
+ @param [out] FeatureRegValue The Feature Register Value.
+
+ @retval RETURN_SUCCESS Success.
+ @retval RETURN_INVALID_PARAMETER A parameter is invalid.
+**/
+RETURN_STATUS
+EFIAPI
+RsiGetFeatures (
+ IN UINT64 FeatureRegIndex,
+ OUT UINT64 *FeatureRegValue
+ )
+{
+ ARM_SMC_ARGS SmcCmd;
+
+ if (FeatureRegValue == NULL) {
+ return RETURN_INVALID_PARAMETER;
+ }
+
+ ZeroMem (&SmcCmd, sizeof (SmcCmd));
+ SmcCmd.Arg0 = FID_RSI_FEATURES;
+ SmcCmd.Arg1 = FeatureRegIndex;
+
+ ArmCallSmc (&SmcCmd);
+ *FeatureRegValue = SmcCmd.Arg1;
+ return RsiCmdStatusToEfiStatus (SmcCmd.Arg0);
+}
--
'Guid(CE165669-3EF3-493F-B85D-6190EE5B9759)'
-=-=-=-=-=-=-=-=-=-=-=-
Groups.io Links: You receive all messages sent to this group.
View/Reply Online (#117715): https://edk2.groups.io/g/devel/message/117715
Mute This Topic: https://groups.io/mt/105484267/7686176
Group Owner: devel+owner@edk2.groups.io
Unsubscribe: https://edk2.groups.io/g/devel/unsub [rebecca@openfw.io]
-=-=-=-=-=-=-=-=-=-=-=-
^ permalink raw reply related [flat|nested] 6+ messages in thread
* [edk2-devel] [PATCH v2 43/45] ArmVirtPkg: RMM 1.0-eac5 - Update RSI Version support
2024-04-12 15:13 [edk2-devel] [PATCH v2 00/45] Support for Arm CCA guest firmware Sami Mujawar
2024-04-12 15:13 ` [edk2-devel] [PATCH v2 30/45] ArmVirtPkg: ArmCcaRsiLib: Fix incorrect RSI version masks Sami Mujawar
2024-04-12 15:13 ` [edk2-devel] [PATCH v2 41/45] ArmVirtPkg: RMM 1.0-eac4 - Add RSI Features support Sami Mujawar
@ 2024-04-12 15:13 ` Sami Mujawar
2024-04-12 15:13 ` [edk2-devel] [PATCH v2 44/45] ArmVirtPkg: ArmCcaLib: Cache current world value Sami Mujawar
2024-04-12 15:13 ` [edk2-devel] [PATCH v2 45/45] ArmVirtPkg: ArmCcaIoMmu: Provide an implementation for SetAttribute Sami Mujawar
4 siblings, 0 replies; 6+ messages in thread
From: Sami Mujawar @ 2024-04-12 15:13 UTC (permalink / raw)
To: devel
Cc: Sami Mujawar, ardb+tianocore, quic_llindhol, kraxel,
Matteo.Carlini, Akanksha.Jain2, Sibel.Allinson, nd
The RMM 1.0-eac5 specification updates the RSI version command
to return the highest interface revision which is supported by
the RMM and the lower revision value which indicates:
a. The RMM supports an interface revision which is compatible
with the requested revision and the lower revision is equal
to the requested revision and the status code is RSI_SUCCESS
b. The RMM does not support the requested version, but the RMM
supports an interface revision which is lower than the
requested revision and the status code is RSI_ERROR_INPUT
c. The RMM does not support an interface revision which is
compatible with the requested revision and that it supports
an interface revision that is greater than the requested
revision. The status code is RSI_ERROR_INPUT and the lower
revision is equal to the higher revision.
Therefore, update the RsiGetVersion() to return the lower and
higher revision that is supported by the RMM. The RsiGetVersion
function also returns the RSI version that is implemented by
the firmware.
Cc: Ard Biesheuvel <ardb+tianocore@kernel.org>
Cc: Leif Lindholm <quic_llindhol@quicinc.com>
Cc: Gerd Hoffmann <kraxel@redhat.com>
Signed-off-by: Sami Mujawar <sami.mujawar@arm.com>
---
ArmVirtPkg/Include/Library/ArmCcaRsiLib.h | 20 ++++--
ArmVirtPkg/Library/ArmCcaLib/ArmCcaLib.c | 11 +++-
ArmVirtPkg/Library/ArmCcaRsiLib/ArmCcaRsi.h | 12 +++-
ArmVirtPkg/Library/ArmCcaRsiLib/ArmCcaRsiLib.c | 65 ++++++++++++++++----
4 files changed, 85 insertions(+), 23 deletions(-)
diff --git a/ArmVirtPkg/Include/Library/ArmCcaRsiLib.h b/ArmVirtPkg/Include/Library/ArmCcaRsiLib.h
index b768f3498314a2ea61762af65bf2668d463909a6..fd86191f90f64329aadbb847d31cd46d2549b032 100644
--- a/ArmVirtPkg/Include/Library/ArmCcaRsiLib.h
+++ b/ArmVirtPkg/Include/Library/ArmCcaRsiLib.h
@@ -330,17 +330,25 @@ RsiHostCall (
/**
Get the version of the RSI implementation.
- @param [out] Major The major version of the RSI implementation.
- @param [out] Minor The minor version of the RSI implementation.
+ @param [out] UefiImpl The version of the RSI specification
+ implemented by the UEFI firmware.
+ @param [out] RmmImplLow The low version of the RSI specification
+ implemented by the RMM.
+ @param [out] RmmImplHigh The high version of the RSI specification
+ implemented by the RMM.
- @retval RETURN_SUCCESS Success.
- @retval RETURN_INVALID_PARAMETER A parameter is invalid.
+ @retval RETURN_SUCCESS Success.
+ @retval RETURN_UNSUPPORTED The execution context is not a Realm.
+ @retval RETURN_INCOMPATIBLE_VERSION The Firmware and RMM specification
+ revisions are not compatible.
+ @retval RETURN_INVALID_PARAMETER A parameter is invalid.
**/
RETURN_STATUS
EFIAPI
RsiGetVersion (
- OUT UINT16 *CONST Major,
- OUT UINT16 *CONST Minor
+ OUT UINT32 *CONST UefiImpl,
+ OUT UINT32 *CONST RmmImplLow,
+ OUT UINT32 *CONST RmmImplHigh
);
/**
diff --git a/ArmVirtPkg/Library/ArmCcaLib/ArmCcaLib.c b/ArmVirtPkg/Library/ArmCcaLib/ArmCcaLib.c
index 57b05f308377cf931c5f43fc7793c260dfdc36fb..3abb4dfaf567c635b28ff3a7cd5adea064e02510 100644
--- a/ArmVirtPkg/Library/ArmCcaLib/ArmCcaLib.c
+++ b/ArmVirtPkg/Library/ArmCcaLib/ArmCcaLib.c
@@ -36,11 +36,16 @@ IsRealm (
)
{
RETURN_STATUS Status;
- UINT16 Major;
- UINT16 Minor;
+ UINT32 UefiImpl;
+ UINT32 RmmImplLow;
+ UINT32 RmmImplHigh;
if (ArmHasRme ()) {
- Status = RsiGetVersion (&Major, &Minor);
+ Status = RsiGetVersion (
+ &UefiImpl,
+ &RmmImplLow,
+ &RmmImplHigh
+ );
if (!RETURN_ERROR (Status)) {
return TRUE;
}
diff --git a/ArmVirtPkg/Library/ArmCcaRsiLib/ArmCcaRsi.h b/ArmVirtPkg/Library/ArmCcaRsiLib/ArmCcaRsi.h
index cd2c9ac05c02413caeed26fd764320dd751ea05b..ce3cb0c36ffa6ddf3a16f9f47199123dc6150c51 100644
--- a/ArmVirtPkg/Library/ArmCcaRsiLib/ArmCcaRsi.h
+++ b/ArmVirtPkg/Library/ArmCcaRsiLib/ArmCcaRsi.h
@@ -10,7 +10,7 @@
- RIPAS - Realm IPA state
@par Reference(s):
- - Realm Management Monitor (RMM) Specification, version 1.0-eac4
+ - Realm Management Monitor (RMM) Specification, version 1.0-eac5
(https://developer.arm.com/documentation/den0137/)
**/
@@ -45,5 +45,15 @@
#define RSI_VER_MINOR_MASK 0x0000FFFFULL
#define RSI_VER_MAJOR_MASK 0x7FFF0000ULL
#define RSI_VER_MAJOR_SHIFT 16
+#define RSI_VERSION_MASK (RSI_VER_MAJOR_MASK | RSI_VER_MINOR_MASK)
+
+#define RMM_VERSION(Major, Minor) ((Minor & RSI_VER_MINOR_MASK) | \
+ ((Major << RSI_VER_MAJOR_SHIFT) & RSI_VER_MAJOR_MASK))
+
+#define GET_MAJOR_REVISION(Rev) \
+ ((Rev & RSI_VER_MAJOR_MASK) >> RSI_VER_MAJOR_SHIFT)
+
+#define GET_MINOR_REVISION(Rev) \
+ ((Rev & RSI_VER_MINOR_MASK))
#endif // ARM_CCA_RSI_H_
diff --git a/ArmVirtPkg/Library/ArmCcaRsiLib/ArmCcaRsiLib.c b/ArmVirtPkg/Library/ArmCcaRsiLib/ArmCcaRsiLib.c
index b861b2e79d5d659a0eb16206d329a0cb039eda0d..dba93013eba0344a717f2e4d082af2be084e469a 100644
--- a/ArmVirtPkg/Library/ArmCcaRsiLib/ArmCcaRsiLib.c
+++ b/ArmVirtPkg/Library/ArmCcaRsiLib/ArmCcaRsiLib.c
@@ -25,6 +25,10 @@
#include <Library/MemoryAllocationLib.h>
#include "ArmCcaRsi.h"
+/** The version of RSI specification implemented by this module.
+*/
+STATIC CONST UINT32 mRsiImplVersion = RMM_VERSION (1, 0);
+
/**
Convert the RSI status code to EFI Status code.
@@ -639,32 +643,67 @@ RsiHostCall (
/**
Get the version of the RSI implementation.
- @param [out] Major The major version of the RSI implementation.
- @param [out] Minor The minor version of the RSI implementation.
+ @param [out] UefiImpl The version of the RSI specification
+ implemented by the UEFI firmware.
+ @param [out] RmmImplLow The low version of the RSI specification
+ implemented by the RMM.
+ @param [out] RmmImplHigh The high version of the RSI specification
+ implemented by the RMM.
- @retval RETURN_SUCCESS Success.
- @retval RETURN_INVALID_PARAMETER A parameter is invalid.
+ @retval RETURN_SUCCESS Success.
+ @retval RETURN_UNSUPPORTED The execution context is not a Realm.
+ @retval RETURN_INCOMPATIBLE_VERSION The Firmware and RMM specification
+ revisions are not compatible.
+ @retval RETURN_INVALID_PARAMETER A parameter is invalid.
**/
RETURN_STATUS
EFIAPI
RsiGetVersion (
- OUT UINT16 *CONST Major,
- OUT UINT16 *CONST Minor
+ OUT UINT32 *CONST UefiImpl,
+ OUT UINT32 *CONST RmmImplLow,
+ OUT UINT32 *CONST RmmImplHigh
)
{
- ARM_SMC_ARGS SmcCmd;
+ RETURN_STATUS Status;
+ ARM_SMC_ARGS SmcCmd;
- if ((Major == NULL) || (Minor == NULL)) {
- return EFI_INVALID_PARAMETER;
+ if ((UefiImpl == NULL) || (RmmImplLow == NULL) || (RmmImplHigh == NULL)) {
+ return RETURN_INVALID_PARAMETER;
}
ZeroMem (&SmcCmd, sizeof (SmcCmd));
SmcCmd.Arg0 = FID_RSI_VERSION;
-
+ SmcCmd.Arg1 = mRsiImplVersion;
ArmCallSmc (&SmcCmd);
- *Minor = SmcCmd.Arg0 & RSI_VER_MINOR_MASK;
- *Major = (SmcCmd.Arg0 & RSI_VER_MAJOR_MASK) >> RSI_VER_MAJOR_SHIFT;
- return RETURN_SUCCESS;
+ if (SmcCmd.Arg0 == MAX_UINT64) {
+ // This FID is not implemented, which means
+ // we are not running in a Realm, therefore
+ // return the error code as unsupported.
+ return RETURN_UNSUPPORTED;
+ }
+
+ *RmmImplLow = (SmcCmd.Arg1 & RSI_VERSION_MASK);
+ *RmmImplHigh = (SmcCmd.Arg2 & RSI_VERSION_MASK);
+ *UefiImpl = mRsiImplVersion;
+
+ // The RSI_VERSION command does not have any failure
+ // conditions see section B5.3.10.2 Failure conditions
+ // Therefore the only defined return values are
+ // RSI_SUCCESS and RSI_ERROR_INPUT.
+ Status = RsiCmdStatusToEfiStatus (SmcCmd.Arg0);
+ if (Status == RETURN_INVALID_PARAMETER) {
+ // RSI_VERSION returns RSI_ERROR_INPUT when
+ // the RMM does not support an interface revision
+ // which is compatible with the requested revision.
+ // Since RSI_ERROR_INPUT is mapped to RETURN_INVALID_PARAMETER
+ // by RsiCmdStatusToEfiStatus(), return the status code as
+ // RETURN_INCOMPATIBLE_VERSION.
+ return RETURN_INCOMPATIBLE_VERSION;
+ }
+
+ // Add an assert in case RMM returns a different error code than expected.
+ ASSERT (Status == RETURN_SUCCESS);
+ return Status;
}
/**
--
'Guid(CE165669-3EF3-493F-B85D-6190EE5B9759)'
-=-=-=-=-=-=-=-=-=-=-=-
Groups.io Links: You receive all messages sent to this group.
View/Reply Online (#117711): https://edk2.groups.io/g/devel/message/117711
Mute This Topic: https://groups.io/mt/105484262/7686176
Group Owner: devel+owner@edk2.groups.io
Unsubscribe: https://edk2.groups.io/g/devel/unsub [rebecca@openfw.io]
-=-=-=-=-=-=-=-=-=-=-=-
^ permalink raw reply related [flat|nested] 6+ messages in thread
* [edk2-devel] [PATCH v2 44/45] ArmVirtPkg: ArmCcaLib: Cache current world value
2024-04-12 15:13 [edk2-devel] [PATCH v2 00/45] Support for Arm CCA guest firmware Sami Mujawar
` (2 preceding siblings ...)
2024-04-12 15:13 ` [edk2-devel] [PATCH v2 43/45] ArmVirtPkg: RMM 1.0-eac5 - Update RSI Version support Sami Mujawar
@ 2024-04-12 15:13 ` Sami Mujawar
2024-04-12 15:13 ` [edk2-devel] [PATCH v2 45/45] ArmVirtPkg: ArmCcaIoMmu: Provide an implementation for SetAttribute Sami Mujawar
4 siblings, 0 replies; 6+ messages in thread
From: Sami Mujawar @ 2024-04-12 15:13 UTC (permalink / raw)
To: devel
Cc: Sami Mujawar, ardb+tianocore, quic_llindhol, kraxel,
Matteo.Carlini, Akanksha.Jain2, Sibel.Allinson, nd
IsRealm() probes to check if the code is executing
in a Realm context by checking if RME is supported
and then issuing a RSI_VERSION command to check it
is supported.
Instead of calling RSI_VERSION command every time the
IsRealm() is called, cache the world value we are
running in, to return the value in subsequent calls.
Cc: Ard Biesheuvel <ardb+tianocore@kernel.org>
Cc: Leif Lindholm <quic_llindhol@quicinc.com>
Cc: Gerd Hoffmann <kraxel@redhat.com>
Signed-off-by: Sami Mujawar <sami.mujawar@arm.com>
---
ArmVirtPkg/Library/ArmCcaLib/ArmCcaLib.c | 31 ++++++++++++--------
1 file changed, 18 insertions(+), 13 deletions(-)
diff --git a/ArmVirtPkg/Library/ArmCcaLib/ArmCcaLib.c b/ArmVirtPkg/Library/ArmCcaLib/ArmCcaLib.c
index 3abb4dfaf567c635b28ff3a7cd5adea064e02510..67ad2824f1f6a8fe4e1fd3f837300097a68775c7 100644
--- a/ArmVirtPkg/Library/ArmCcaLib/ArmCcaLib.c
+++ b/ArmVirtPkg/Library/ArmCcaLib/ArmCcaLib.c
@@ -35,23 +35,28 @@ IsRealm (
VOID
)
{
- RETURN_STATUS Status;
- UINT32 UefiImpl;
- UINT32 RmmImplLow;
- UINT32 RmmImplHigh;
+ RETURN_STATUS Status;
+ UINT32 UefiImpl;
+ UINT32 RmmImplLow;
+ UINT32 RmmImplHigh;
+ STATIC BOOLEAN RealmWorld = FALSE;
+ STATIC BOOLEAN FlagsInitialised = FALSE;
- if (ArmHasRme ()) {
- Status = RsiGetVersion (
- &UefiImpl,
- &RmmImplLow,
- &RmmImplHigh
- );
- if (!RETURN_ERROR (Status)) {
- return TRUE;
+ if (!FlagsInitialised) {
+ FlagsInitialised = TRUE;
+ if (ArmHasRme ()) {
+ Status = RsiGetVersion (
+ &UefiImpl,
+ &RmmImplLow,
+ &RmmImplHigh
+ );
+ if (!RETURN_ERROR (Status)) {
+ RealmWorld = TRUE;
+ }
}
}
- return FALSE;
+ return RealmWorld;
}
/**
--
'Guid(CE165669-3EF3-493F-B85D-6190EE5B9759)'
-=-=-=-=-=-=-=-=-=-=-=-
Groups.io Links: You receive all messages sent to this group.
View/Reply Online (#117714): https://edk2.groups.io/g/devel/message/117714
Mute This Topic: https://groups.io/mt/105484265/7686176
Group Owner: devel+owner@edk2.groups.io
Unsubscribe: https://edk2.groups.io/g/devel/unsub [rebecca@openfw.io]
-=-=-=-=-=-=-=-=-=-=-=-
^ permalink raw reply related [flat|nested] 6+ messages in thread
* [edk2-devel] [PATCH v2 45/45] ArmVirtPkg: ArmCcaIoMmu: Provide an implementation for SetAttribute
2024-04-12 15:13 [edk2-devel] [PATCH v2 00/45] Support for Arm CCA guest firmware Sami Mujawar
` (3 preceding siblings ...)
2024-04-12 15:13 ` [edk2-devel] [PATCH v2 44/45] ArmVirtPkg: ArmCcaLib: Cache current world value Sami Mujawar
@ 2024-04-12 15:13 ` Sami Mujawar
4 siblings, 0 replies; 6+ messages in thread
From: Sami Mujawar @ 2024-04-12 15:13 UTC (permalink / raw)
To: devel
Cc: Sami Mujawar, ardb+tianocore, quic_llindhol, kraxel,
Matteo.Carlini, Akanksha.Jain2, Sibel.Allinson, nd
The patch at "049695a0b1e2 MdeModulePkg/PciBusDxe: Add feedback
status for PciIoMap" adds support to propagate the error code
following the invocation of the IoMmu protocol SetAttribute()
operation.
Since the ArmCcaIoMmuDxe implementation of the SetAttribute()
function returned EFI_UNSUPPORTED, it resulted in the virtio
disk not being mounted.
Although there is nothing to be done in SetAttribute(), follow
the approach as done by the patch at "97c3f5b8d272 Provide an
implementation for SetAttribute" to validate the IoMmu access
method being requested against the IoMmu mapping operation and
return a suitable return code.
Cc: Ard Biesheuvel <ardb+tianocore@kernel.org>
Cc: Leif Lindholm <quic_llindhol@quicinc.com>
Cc: Gerd Hoffmann <kraxel@redhat.com>
Signed-off-by: Sami Mujawar <sami.mujawar@arm.com>
---
ArmVirtPkg/ArmCcaIoMmuDxe/ArmCcaIoMmu.c | 63 +++++++++++++++++++-
1 file changed, 61 insertions(+), 2 deletions(-)
diff --git a/ArmVirtPkg/ArmCcaIoMmuDxe/ArmCcaIoMmu.c b/ArmVirtPkg/ArmCcaIoMmuDxe/ArmCcaIoMmu.c
index cf52b82218bb9ece7bfedcb6e3a2ced00eff5e92..91f9dae91843b6739ddb818e9ec81706ccfa73b3 100644
--- a/ArmVirtPkg/ArmCcaIoMmuDxe/ArmCcaIoMmu.c
+++ b/ArmVirtPkg/ArmCcaIoMmuDxe/ArmCcaIoMmu.c
@@ -629,7 +629,9 @@ IoMmuFreeBuffer (
@param[in] Mapping The mapping value returned from Map().
@param[in] IoMmuAccess The IOMMU access.
- @retval EFI_UNSUPPORTED Operation not supported by IOMMU.
+ @retval EFI_INVALID_PARAMETER A parameter was invalid.
+ @retval EFI_UNSUPPORTED The requested operation is not supported.
+ @retval EFI_SUCCESS Success.
**/
EFI_STATUS
@@ -641,7 +643,64 @@ IoMmuSetAttribute (
IN UINT64 IoMmuAccess
)
{
- return EFI_UNSUPPORTED;
+ EFI_STATUS Status;
+ MAP_INFO *MapInfo;
+
+ DEBUG ((
+ DEBUG_VERBOSE,
+ "%a: Mapping=0x%p Access=%lu\n",
+ __func__,
+ Mapping,
+ IoMmuAccess
+ ));
+
+ if (Mapping == NULL) {
+ return EFI_INVALID_PARAMETER;
+ }
+
+ Status = EFI_SUCCESS;
+
+ // An IoMmuAccess value of 0 is always accepted,
+ // validate any non-zero value.
+ if (IoMmuAccess != 0) {
+ MapInfo = (MAP_INFO *)Mapping;
+
+ // The mapping operation already implied the access mode.
+ // Validate that the supplied access mode matches operation
+ // access mode.
+ switch (MapInfo->Operation) {
+ case EdkiiIoMmuOperationBusMasterRead:
+ case EdkiiIoMmuOperationBusMasterRead64:
+ if (IoMmuAccess != EDKII_IOMMU_ACCESS_READ) {
+ Status = EFI_INVALID_PARAMETER;
+ }
+
+ break;
+
+ case EdkiiIoMmuOperationBusMasterWrite:
+ case EdkiiIoMmuOperationBusMasterWrite64:
+ if (IoMmuAccess != EDKII_IOMMU_ACCESS_WRITE) {
+ Status = EFI_INVALID_PARAMETER;
+ }
+
+ break;
+
+ case EdkiiIoMmuOperationBusMasterCommonBuffer:
+ case EdkiiIoMmuOperationBusMasterCommonBuffer64:
+ if (IoMmuAccess !=
+ (EDKII_IOMMU_ACCESS_READ | EDKII_IOMMU_ACCESS_WRITE))
+ {
+ Status = EFI_INVALID_PARAMETER;
+ }
+
+ break;
+
+ default:
+ Status = EFI_UNSUPPORTED;
+ } // switch
+ }
+
+ return Status;
}
/** Arm CCA IoMMU protocol
--
'Guid(CE165669-3EF3-493F-B85D-6190EE5B9759)'
-=-=-=-=-=-=-=-=-=-=-=-
Groups.io Links: You receive all messages sent to this group.
View/Reply Online (#117713): https://edk2.groups.io/g/devel/message/117713
Mute This Topic: https://groups.io/mt/105484264/7686176
Group Owner: devel+owner@edk2.groups.io
Unsubscribe: https://edk2.groups.io/g/devel/unsub [rebecca@openfw.io]
-=-=-=-=-=-=-=-=-=-=-=-
^ permalink raw reply related [flat|nested] 6+ messages in thread
end of thread, other threads:[~2024-04-12 15:14 UTC | newest]
Thread overview: 6+ messages (download: mbox.gz follow: Atom feed
-- links below jump to the message on this page --
2024-04-12 15:13 [edk2-devel] [PATCH v2 00/45] Support for Arm CCA guest firmware Sami Mujawar
2024-04-12 15:13 ` [edk2-devel] [PATCH v2 30/45] ArmVirtPkg: ArmCcaRsiLib: Fix incorrect RSI version masks Sami Mujawar
2024-04-12 15:13 ` [edk2-devel] [PATCH v2 41/45] ArmVirtPkg: RMM 1.0-eac4 - Add RSI Features support Sami Mujawar
2024-04-12 15:13 ` [edk2-devel] [PATCH v2 43/45] ArmVirtPkg: RMM 1.0-eac5 - Update RSI Version support Sami Mujawar
2024-04-12 15:13 ` [edk2-devel] [PATCH v2 44/45] ArmVirtPkg: ArmCcaLib: Cache current world value Sami Mujawar
2024-04-12 15:13 ` [edk2-devel] [PATCH v2 45/45] ArmVirtPkg: ArmCcaIoMmu: Provide an implementation for SetAttribute Sami Mujawar
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox