From mboxrd@z Thu Jan 1 00:00:00 1970 Received: from mga04.intel.com (mga04.intel.com [192.55.52.120]) by mx.groups.io with SMTP id smtpd.web12.8480.1648454962517853012 for ; Mon, 28 Mar 2022 01:09:33 -0700 Authentication-Results: mx.groups.io; dkim=fail reason="unable to parse pub key" header.i=@intel.com header.s=intel header.b=dClFR+Gn; spf=pass (domain: intel.com, ip: 192.55.52.120, mailfrom: min.m.xu@intel.com) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=intel.com; i=@intel.com; q=dns/txt; s=Intel; t=1648454972; x=1679990972; h=from:to:cc:subject:date:message-id:in-reply-to: references:mime-version:content-transfer-encoding; bh=ZyU/ZJyKvYHdScA1gauQxrJIls4U3bHOyFMFCxPS/PU=; b=dClFR+GnrRJS0ZnewqP1ZDCUEaklPiiNJEHJPRoe5iMACpVahp9NKW9a MrOzXMdZ/lqebOYhZB7WsZ34WB3ff6zZglVvfPlqdNScsojzjClSk7giP KzS8i3foTo+yinv3fnJQZF34kmL2UqfMk7oBp7X65lSBuRjjcAe86Rc+D EKczG+/xO//Zfkk4PuYdRvjcznh5CTfv/9G2x421kruLiTIQd8rYR9t8T 4rF+sxD2h3mrH7yaCSre48skkTcBW2jcp3qkKC3EscnXcV+hCOVorJH3k AjziLYIZRuusCI1VmPSOJD78ieKuarHNQMctd1qjWDTMja/piut3NMV9k w==; X-IronPort-AV: E=McAfee;i="6200,9189,10299"; a="257770781" X-IronPort-AV: E=Sophos;i="5.90,216,1643702400"; d="scan'208";a="257770781" Received: from orsmga008.jf.intel.com ([10.7.209.65]) by fmsmga104.fm.intel.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384; 28 Mar 2022 01:09:26 -0700 X-IronPort-AV: E=Sophos;i="5.90,216,1643702400"; d="scan'208";a="563427097" Received: from mxu9-mobl1.ccr.corp.intel.com ([10.249.175.167]) by orsmga008-auth.jf.intel.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384; 28 Mar 2022 01:09:23 -0700 From: "Min Xu" To: devel@edk2.groups.io Cc: Min Xu , Brijesh Singh , Erdem Aktas , James Bottomley , Jiewen Yao , Tom Lendacky , Eric Dong , Ray Ni , Rahul Kumar , Gerd Hoffmann Subject: [PATCH V11 14/47] UefiCpuPkg: Enable Tdx support in MpInitLib Date: Mon, 28 Mar 2022 16:07:53 +0800 Message-Id: <6ae0bfcd1c819318d3745732950e4cfc88c373da.1648454440.git.min.m.xu@intel.com> X-Mailer: git-send-email 2.29.2.windows.2 In-Reply-To: References: MIME-Version: 1.0 Content-Transfer-Encoding: 8bit RFC: https://bugzilla.tianocore.org/show_bug.cgi?id=3429 In TDVF BSP and APs are simplified. BSP is the vCPU-0, while the others are treated as APs. So MP intialization is rather simple. The processor info is retrieved by TDCALL, ApWorker is not supported, BSP is always the working processor, while the APs are just in a wait-for-precedure state. Cc: Brijesh Singh Cc: Erdem Aktas Cc: James Bottomley Cc: Jiewen Yao Cc: Tom Lendacky Cc: Eric Dong Cc: Ray Ni Cc: Rahul Kumar Cc: Gerd Hoffmann Acked-by: Gerd Hoffmann Signed-off-by: Min Xu --- UefiCpuPkg/Library/MpInitLib/DxeMpInitLib.inf | 3 + UefiCpuPkg/Library/MpInitLib/MpIntelTdx.h | 71 +++++++++++ UefiCpuPkg/Library/MpInitLib/MpLib.c | 63 +++++++++- UefiCpuPkg/Library/MpInitLib/MpLibTdx.c | 116 ++++++++++++++++++ UefiCpuPkg/Library/MpInitLib/MpLibTdxNull.c | 73 +++++++++++ UefiCpuPkg/Library/MpInitLib/PeiMpInitLib.inf | 3 + 6 files changed, 324 insertions(+), 5 deletions(-) create mode 100644 UefiCpuPkg/Library/MpInitLib/MpIntelTdx.h create mode 100644 UefiCpuPkg/Library/MpInitLib/MpLibTdx.c create mode 100644 UefiCpuPkg/Library/MpInitLib/MpLibTdxNull.c diff --git a/UefiCpuPkg/Library/MpInitLib/DxeMpInitLib.inf b/UefiCpuPkg/Library/MpInitLib/DxeMpInitLib.inf index e1cd0b350008..159b4d16ed0e 100644 --- a/UefiCpuPkg/Library/MpInitLib/DxeMpInitLib.inf +++ b/UefiCpuPkg/Library/MpInitLib/DxeMpInitLib.inf @@ -24,10 +24,12 @@ [Sources.IA32] Ia32/AmdSev.c Ia32/MpFuncs.nasm + MpLibTdxNull.c [Sources.X64] X64/AmdSev.c X64/MpFuncs.nasm + MpLibTdx.c [Sources.common] AmdSev.c @@ -36,6 +38,7 @@ MpLib.c MpLib.h Microcode.c + MpIntelTdx.h [Packages] MdePkg/MdePkg.dec diff --git a/UefiCpuPkg/Library/MpInitLib/MpIntelTdx.h b/UefiCpuPkg/Library/MpInitLib/MpIntelTdx.h new file mode 100644 index 000000000000..b2136f466ce6 --- /dev/null +++ b/UefiCpuPkg/Library/MpInitLib/MpIntelTdx.h @@ -0,0 +1,71 @@ +/** @file + Intel Tdx header file. + + Copyright (c) 2021, Intel Corporation. All rights reserved.
+ + SPDX-License-Identifier: BSD-2-Clause-Patent + +**/ + +#ifndef MP_INTEL_TDX_H_ +#define MP_INTEL_TDX_H_ + +#include +#include +#include +#include +#include + +/** + Gets detailed MP-related information on the requested processor at the + instant this call is made. This service may only be called from the BSP. + + @param[in] ProcessorNumber The handle number of processor. + @param[out] ProcessorInfoBuffer A pointer to the buffer where information for + the requested processor is deposited. + @param[out] HealthData Return processor health data. + + @retval EFI_SUCCESS Processor information was returned. + @retval EFI_DEVICE_ERROR The calling processor is an AP. + @retval EFI_INVALID_PARAMETER ProcessorInfoBuffer is NULL. + @retval EFI_NOT_FOUND The processor with the handle specified by + ProcessorNumber does not exist in the platform. + @retval EFI_NOT_READY MP Initialize Library is not initialized. + +**/ +EFI_STATUS +EFIAPI +TdxMpInitLibGetProcessorInfo ( + IN UINTN ProcessorNumber, + OUT EFI_PROCESSOR_INFORMATION *ProcessorInfoBuffer, + OUT EFI_HEALTH_FLAGS *HealthData OPTIONAL + ); + +/** + Retrieves the number of logical processor in the platform and the number of + those logical processors that are enabled on this boot. This service may only + be called from the BSP. + + @param[out] NumberOfProcessors Pointer to the total number of logical + processors in the system, including the BSP + and disabled APs. + @param[out] NumberOfEnabledProcessors Pointer to the number of enabled logical + processors that exist in system, including + the BSP. + + @retval EFI_SUCCESS The number of logical processors and enabled + logical processors was retrieved. + @retval EFI_DEVICE_ERROR The calling processor is an AP. + @retval EFI_INVALID_PARAMETER NumberOfProcessors is NULL and NumberOfEnabledProcessors + is NULL. + @retval EFI_NOT_READY MP Initialize Library is not initialized. + +**/ +EFI_STATUS +EFIAPI +TdxMpInitLibGetNumberOfProcessors ( + OUT UINTN *NumberOfProcessors, OPTIONAL + OUT UINTN *NumberOfEnabledProcessors OPTIONAL + ); + +#endif diff --git a/UefiCpuPkg/Library/MpInitLib/MpLib.c b/UefiCpuPkg/Library/MpInitLib/MpLib.c index 4a73787ee43a..91c7afaeb2ad 100644 --- a/UefiCpuPkg/Library/MpInitLib/MpLib.c +++ b/UefiCpuPkg/Library/MpInitLib/MpLib.c @@ -9,9 +9,11 @@ **/ #include "MpLib.h" +#include "MpIntelTdx.h" #include #include #include +#include EFI_GUID mCpuInitMpLibHobGuid = CPU_INIT_MP_LIB_HOB_GUID; @@ -1803,6 +1805,10 @@ MpInitLibInitialize ( UINTN BackupBufferAddr; UINTN ApIdtBase; + if (CC_GUEST_IS_TDX (PcdGet64 (PcdConfidentialComputingGuestAttr))) { + return EFI_SUCCESS; + } + OldCpuMpData = GetCpuMpDataFromGuidedHob (); if (OldCpuMpData == NULL) { MaxLogicalProcessorNumber = PcdGet32 (PcdCpuMaxLogicalProcessorNumber); @@ -2073,6 +2079,10 @@ MpInitLibGetProcessorInfo ( CPU_INFO_IN_HOB *CpuInfoInHob; UINTN OriginalProcessorNumber; + if (CC_GUEST_IS_TDX (PcdGet64 (PcdConfidentialComputingGuestAttr))) { + return TdxMpInitLibGetProcessorInfo (ProcessorNumber, ProcessorInfoBuffer, HealthData); + } + CpuMpData = GetCpuMpData (); CpuInfoInHob = (CPU_INFO_IN_HOB *)(UINTN)CpuMpData->CpuInfoInHob; @@ -2167,6 +2177,10 @@ SwitchBSPWorker ( BOOLEAN OldInterruptState; BOOLEAN OldTimerInterruptState; + if (CC_GUEST_IS_TDX (PcdGet64 (PcdConfidentialComputingGuestAttr))) { + return EFI_UNSUPPORTED; + } + // // Save and Disable Local APIC timer interrupt // @@ -2307,6 +2321,10 @@ EnableDisableApWorker ( CPU_MP_DATA *CpuMpData; UINTN CallerNumber; + if (CC_GUEST_IS_TDX (PcdGet64 (PcdConfidentialComputingGuestAttr))) { + return EFI_UNSUPPORTED; + } + CpuMpData = GetCpuMpData (); // @@ -2367,6 +2385,11 @@ MpInitLibWhoAmI ( return EFI_INVALID_PARAMETER; } + if (CC_GUEST_IS_TDX (PcdGet64 (PcdConfidentialComputingGuestAttr))) { + *ProcessorNumber = 0; + return EFI_SUCCESS; + } + CpuMpData = GetCpuMpData (); return GetProcessorNumber (CpuMpData, ProcessorNumber); @@ -2405,12 +2428,16 @@ MpInitLibGetNumberOfProcessors ( UINTN EnabledProcessorNumber; UINTN Index; - CpuMpData = GetCpuMpData (); - if ((NumberOfProcessors == NULL) && (NumberOfEnabledProcessors == NULL)) { return EFI_INVALID_PARAMETER; } + if (CC_GUEST_IS_TDX (PcdGet64 (PcdConfidentialComputingGuestAttr))) { + return TdxMpInitLibGetNumberOfProcessors (NumberOfProcessors, NumberOfEnabledProcessors); + } + + CpuMpData = GetCpuMpData (); + // // Check whether caller processor is BSP // @@ -2490,13 +2517,16 @@ StartupAllCPUsWorker ( BOOLEAN HasEnabledAp; CPU_STATE ApState; - CpuMpData = GetCpuMpData (); - if (FailedCpuList != NULL) { *FailedCpuList = NULL; } - if ((CpuMpData->CpuCount == 1) && ExcludeBsp) { + Status = MpInitLibGetNumberOfProcessors (&ProcessorCount, NULL); + if (EFI_ERROR (Status)) { + return Status; + } + + if ((ProcessorCount == 1) && ExcludeBsp) { return EFI_NOT_STARTED; } @@ -2504,6 +2534,22 @@ StartupAllCPUsWorker ( return EFI_INVALID_PARAMETER; } + if (CC_GUEST_IS_TDX (PcdGet64 (PcdConfidentialComputingGuestAttr))) { + // + // For Td guest ExcludeBsp must be FALSE. Otherwise it will return in above checks. + // + ASSERT (!ExcludeBsp); + + // + // Start BSP. + // + Procedure (ProcedureArgument); + + return EFI_SUCCESS; + } + + CpuMpData = GetCpuMpData (); + // // Check whether caller processor is BSP // @@ -2643,6 +2689,13 @@ StartupThisAPWorker ( CPU_AP_DATA *CpuData; UINTN CallerNumber; + // + // In Td guest, startup of AP is not supported in current stage. + // + if (CC_GUEST_IS_TDX (PcdGet64 (PcdConfidentialComputingGuestAttr))) { + return EFI_UNSUPPORTED; + } + CpuMpData = GetCpuMpData (); if (Finished != NULL) { diff --git a/UefiCpuPkg/Library/MpInitLib/MpLibTdx.c b/UefiCpuPkg/Library/MpInitLib/MpLibTdx.c new file mode 100644 index 000000000000..f5d58283adf0 --- /dev/null +++ b/UefiCpuPkg/Library/MpInitLib/MpLibTdx.c @@ -0,0 +1,116 @@ +/** @file + CPU MP Initialize Library common functions. + + Copyright (c) 2016 - 2020, Intel Corporation. All rights reserved.
+ Copyright (c) 2020, AMD Inc. All rights reserved.
+ + SPDX-License-Identifier: BSD-2-Clause-Patent + +**/ + +#include "MpLib.h" +#include "MpIntelTdx.h" +#include +#include +#include +#include + +EFI_PROCESSOR_INFORMATION gTdxProcessorInformation = { + 0, // ProcessorId + PROCESSOR_AS_BSP_BIT | PROCESSOR_ENABLED_BIT, // StatusFlag + { 0 }, // Location + { .Location2 = { 0} } // ExtendedInformation +}; + +/** + Gets detailed MP-related information on the requested processor at the + instant this call is made. This service may only be called from the BSP. + + In current stage only the BSP is workable. So ProcessorNumber should be 0. + + @param[in] ProcessorNumber The handle number of processor. + @param[out] ProcessorInfoBuffer A pointer to the buffer where information for + the requested processor is deposited. + @param[out] HealthData Return processor health data. + + @retval EFI_SUCCESS Processor information was returned. + @retval EFI_DEVICE_ERROR The calling processor is an AP. + @retval EFI_INVALID_PARAMETER ProcessorInfoBuffer is NULL or ProcessorNumber is not 0. + @retval EFI_NOT_FOUND The processor with the handle specified by + ProcessorNumber does not exist in the platform. + @retval EFI_NOT_READY MP Initialize Library is not initialized. + +**/ +EFI_STATUS +EFIAPI +TdxMpInitLibGetProcessorInfo ( + IN UINTN ProcessorNumber, + OUT EFI_PROCESSOR_INFORMATION *ProcessorInfoBuffer, + OUT EFI_HEALTH_FLAGS *HealthData OPTIONAL + ) +{ + EFI_STATUS Status; + TD_RETURN_DATA TdReturnData; + + if ((ProcessorInfoBuffer == NULL) || (ProcessorNumber != 0)) { + return EFI_INVALID_PARAMETER; + } + + Status = TdCall (TDCALL_TDINFO, 0, 0, 0, &TdReturnData); + ASSERT (Status == EFI_SUCCESS); + + if (ProcessorNumber >= TdReturnData.TdInfo.NumVcpus) { + return EFI_NOT_FOUND; + } + + CopyMem (ProcessorInfoBuffer, &gTdxProcessorInformation, sizeof (EFI_PROCESSOR_INFORMATION)); + + if (HealthData != NULL) { + HealthData->Uint32 = 0; + } + + return Status; +} + +/** + Retrieves the number of logical processor in the platform and the number of + those logical processors that are enabled on this boot. This service may only + be called from the BSP. + + @param[out] NumberOfProcessors Pointer to the total number of logical + processors in the system, including the BSP + and disabled APs. + @param[out] NumberOfEnabledProcessors Pointer to the number of enabled logical + processors that exist in system, including + the BSP. + + @retval EFI_SUCCESS The number of logical processors and enabled + logical processors was retrieved. + @retval EFI_DEVICE_ERROR The calling processor is an AP. + @retval EFI_INVALID_PARAMETER NumberOfProcessors is NULL and NumberOfEnabledProcessors + is NULL. + @retval EFI_NOT_READY MP Initialize Library is not initialized. + +**/ +EFI_STATUS +EFIAPI +TdxMpInitLibGetNumberOfProcessors ( + OUT UINTN *NumberOfProcessors, OPTIONAL + OUT UINTN *NumberOfEnabledProcessors OPTIONAL + ) +{ + ASSERT (NumberOfProcessors != NULL || NumberOfEnabledProcessors != NULL); + // + // In current stage only the BSP is workable. So NumberOfProcessors + // & NumberOfEnableddProcessors are both 1. + // + if (NumberOfProcessors != NULL) { + *NumberOfProcessors = 1; + } + + if (NumberOfEnabledProcessors != NULL) { + *NumberOfEnabledProcessors = 1; + } + + return EFI_SUCCESS; +} diff --git a/UefiCpuPkg/Library/MpInitLib/MpLibTdxNull.c b/UefiCpuPkg/Library/MpInitLib/MpLibTdxNull.c new file mode 100644 index 000000000000..2849e13f2aaa --- /dev/null +++ b/UefiCpuPkg/Library/MpInitLib/MpLibTdxNull.c @@ -0,0 +1,73 @@ +/** @file + CPU MP Initialize Library common functions. + + Copyright (c) 2016 - 2020, Intel Corporation. All rights reserved.
+ Copyright (c) 2020, AMD Inc. All rights reserved.
+ + SPDX-License-Identifier: BSD-2-Clause-Patent + +**/ + +#include "MpLib.h" +#include "MpIntelTdx.h" +#include + +/** + Gets detailed MP-related information on the requested processor at the + instant this call is made. This service may only be called from the BSP. + + @param[in] ProcessorNumber The handle number of processor. + @param[out] ProcessorInfoBuffer A pointer to the buffer where information for + the requested processor is deposited. + @param[out] HealthData Return processor health data. + + @retval EFI_SUCCESS Processor information was returned. + @retval EFI_DEVICE_ERROR The calling processor is an AP. + @retval EFI_INVALID_PARAMETER ProcessorInfoBuffer is NULL. + @retval EFI_NOT_FOUND The processor with the handle specified by + ProcessorNumber does not exist in the platform. + @retval EFI_NOT_READY MP Initialize Library is not initialized. + +**/ +EFI_STATUS +EFIAPI +TdxMpInitLibGetProcessorInfo ( + IN UINTN ProcessorNumber, + OUT EFI_PROCESSOR_INFORMATION *ProcessorInfoBuffer, + OUT EFI_HEALTH_FLAGS *HealthData OPTIONAL + ) +{ + ASSERT (FALSE); + return EFI_UNSUPPORTED; +} + +/** + Retrieves the number of logical processor in the platform and the number of + those logical processors that are enabled on this boot. This service may only + be called from the BSP. + + @param[out] NumberOfProcessors Pointer to the total number of logical + processors in the system, including the BSP + and disabled APs. + @param[out] NumberOfEnabledProcessors Pointer to the number of enabled logical + processors that exist in system, including + the BSP. + + @retval EFI_SUCCESS The number of logical processors and enabled + logical processors was retrieved. + @retval EFI_DEVICE_ERROR The calling processor is an AP. + @retval EFI_INVALID_PARAMETER NumberOfProcessors is NULL and NumberOfEnabledProcessors + is NULL. + @retval EFI_NOT_READY MP Initialize Library is not initialized. + +**/ +EFI_STATUS +EFIAPI +TdxMpInitLibGetNumberOfProcessors ( + OUT UINTN *NumberOfProcessors, OPTIONAL + OUT UINTN *NumberOfEnabledProcessors OPTIONAL + ) +{ + ASSERT (FALSE); + return EFI_UNSUPPORTED; +} diff --git a/UefiCpuPkg/Library/MpInitLib/PeiMpInitLib.inf b/UefiCpuPkg/Library/MpInitLib/PeiMpInitLib.inf index 5facf4db9499..894be0f8daab 100644 --- a/UefiCpuPkg/Library/MpInitLib/PeiMpInitLib.inf +++ b/UefiCpuPkg/Library/MpInitLib/PeiMpInitLib.inf @@ -24,10 +24,12 @@ [Sources.IA32] Ia32/AmdSev.c Ia32/MpFuncs.nasm + MpLibTdxNull.c [Sources.X64] X64/AmdSev.c X64/MpFuncs.nasm + MpLibTdx.c [Sources.common] AmdSev.c @@ -36,6 +38,7 @@ MpLib.c MpLib.h Microcode.c + MpIntelTdx.h [Packages] MdePkg/MdePkg.dec -- 2.29.2.windows.2