From mboxrd@z Thu Jan 1 00:00:00 1970 Received: from mga03.intel.com (mga03.intel.com [134.134.136.65]) by mx.groups.io with SMTP id smtpd.web11.2445.1645581498521435815 for ; Tue, 22 Feb 2022 17:58:18 -0800 Authentication-Results: mx.groups.io; dkim=fail reason="unable to parse pub key" header.i=@intel.com header.s=intel header.b=cEIAWuZ9; spf=pass (domain: intel.com, ip: 134.134.136.65, mailfrom: min.m.xu@intel.com) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=intel.com; i=@intel.com; q=dns/txt; s=Intel; t=1645581498; x=1677117498; h=from:to:cc:subject:date:message-id:references: in-reply-to:content-transfer-encoding:mime-version; bh=j1nQEKYx5TWexlSQhfSFPsxFHdieuwBNkf/IcbclcHY=; b=cEIAWuZ9rTKamtewinKFlfcxBjSNjrBYBGlkyfO2I7rNztDakO57c1Hi WzNI+uYV2rRGjrtL+JQ14gYrb8hxQpSwxh+EVvAzHTwmg5Qf0qZoggKY7 SmeSiPwn5YvPaxugehlAQuJRpwNZDAYXjTp4A+eQkQCmv8Z4+6j+ixCbq jg9536zU24Is3opgOFg5obdLcJM4Cg5aN+uSFlG/w2c9Yzz7vrI2JqoKN hHvQRNxyN3QyZaw6pKsZ+DWEK4kYNld5/7bewQqGtwB1vWv9RlYLWJp7j OQqlpX6hp0unvwTpHDzOODstGvt/5Vk7BX1sn+RVbwYOP6dJHvX9bne6s w==; X-IronPort-AV: E=McAfee;i="6200,9189,10266"; a="251782622" X-IronPort-AV: E=Sophos;i="5.88,389,1635231600"; d="scan'208";a="251782622" Received: from orsmga003.jf.intel.com ([10.7.209.27]) by orsmga103.jf.intel.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384; 22 Feb 2022 17:58:17 -0800 X-ExtLoop1: 1 X-IronPort-AV: E=Sophos;i="5.88,389,1635231600"; d="scan'208";a="491018584" Received: from fmsmsx602.amr.corp.intel.com ([10.18.126.82]) by orsmga003.jf.intel.com with ESMTP; 22 Feb 2022 17:58:17 -0800 Received: from fmsmsx612.amr.corp.intel.com (10.18.126.92) by fmsmsx602.amr.corp.intel.com (10.18.126.82) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.1.2308.21; Tue, 22 Feb 2022 17:58:17 -0800 Received: from fmsedg602.ED.cps.intel.com (10.1.192.136) by fmsmsx612.amr.corp.intel.com (10.18.126.92) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.1.2308.20 via Frontend Transport; Tue, 22 Feb 2022 17:58:17 -0800 Received: from NAM04-DM6-obe.outbound.protection.outlook.com (104.47.73.46) by edgegateway.intel.com (192.55.55.71) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.1.2308.20; Tue, 22 Feb 2022 17:58:13 -0800 ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=kao6+0GqPHPoHhBIg6itLFOOfYbyJhTM1U6waxAXH0I+jLo93qZz81vfO4oUOMwwYVb9kPW0f6AWSGQ6nXYfeZvqrdMKI9R1HaHu6PC025e+fC529znTCzuQoPRYlbDdfbuhwFLPd5paZWqR94i/yIsuSMj6wa1tbTS93S39qntgF1H+Zckie0lUdsqj8zvv2HPdIfBbBYGoR17juzbpwuybI2PwcgysTPhX3g6r3RprXBjXvRT5RRzO6/rkt6Ky0QsoMaF8mpexCtXxSr57z2AG+RmhLIOr9YzsTIAygV01jBgDJ1KXcl3pdIZiBG9D5TrkH9IMPWQ2dzmGjJ7Igw== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1; bh=CmplPRYC7RcZg1OCbV0IfpB9BV63jl+88xeSaQLxi68=; b=TphQFQkpmCM2lY871guiYJYESts2wMEhgYBN4YCk4nPbpXuN4pwU0GxhgE8iWwpqW0z5kfxUzl8eFEvNw7Fk0grPpY9ZFswijzypNQLWji71Z4ears5tjjuW/BYVLd0L4KaHX4bLncBP6u+yDhQJne2sJtYNZdviAMzEGyLuYT63ku/szmn8JwlMP0vgwaJWmnmTaWzXriZjTpxbIAJrUBDoUlfy+9rwlUbN5CMIKOTv1pKiLJIGwqMoN6JpSZ1EKXLBhZJLYGB+2pSH9R+SHdEcozqhDK0/C9VYELF4uW3mjprFPsYV+9Szsvxd7/lNez8biS/zi7KEUBAfF1boIw== ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=intel.com; dmarc=pass action=none header.from=intel.com; dkim=pass header.d=intel.com; arc=none Received: from PH0PR11MB5064.namprd11.prod.outlook.com (2603:10b6:510:3b::15) by MN2PR11MB3694.namprd11.prod.outlook.com (2603:10b6:208:f7::22) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.4995.15; Wed, 23 Feb 2022 01:57:45 +0000 Received: from PH0PR11MB5064.namprd11.prod.outlook.com ([fe80::98f5:edb6:aee6:6886]) by PH0PR11MB5064.namprd11.prod.outlook.com ([fe80::98f5:edb6:aee6:6886%8]) with mapi id 15.20.4995.026; Wed, 23 Feb 2022 01:57:45 +0000 From: "Min Xu" To: "devel@edk2.groups.io" CC: "Kinney, Michael D" , "Gao, Liming" , "Liu, Zhiguang" , Brijesh Singh , "Aktas, Erdem" , James Bottomley , "Yao, Jiewen" , Tom Lendacky , Gerd Hoffmann Subject: Re: [PATCH V6 02/42] MdePkg: Introduce basic Tdx functions in BaseLib Thread-Topic: [PATCH V6 02/42] MdePkg: Introduce basic Tdx functions in BaseLib Thread-Index: AQHYJYfaBeWkyqFHpES7BLJnbLKiGKygZh8A Date: Wed, 23 Feb 2022 01:57:45 +0000 Message-ID: References: <373ce93a5ab0c05a2b4660801bdce882f8511543.1645261990.git.min.m.xu@intel.com> In-Reply-To: <373ce93a5ab0c05a2b4660801bdce882f8511543.1645261990.git.min.m.xu@intel.com> Accept-Language: en-US X-MS-Has-Attach: X-MS-TNEF-Correlator: dlp-product: dlpe-windows dlp-reaction: no-action dlp-version: 11.6.200.16 authentication-results: dkim=none (message not signed) header.d=none;dmarc=none action=none header.from=intel.com; x-ms-publictraffictype: Email x-ms-office365-filtering-correlation-id: b4e071be-b927-4cfe-47bd-08d9f66fe295 x-ms-traffictypediagnostic: MN2PR11MB3694:EE_ x-ld-processed: 46c98d88-e344-4ed4-8496-4ed7712e255d,ExtAddr x-microsoft-antispam-prvs: x-ms-exchange-senderadcheck: 1 x-ms-exchange-antispam-relay: 0 x-microsoft-antispam: BCL:0; x-microsoft-antispam-message-info: kzr/IlF6w6FK/s8qy2Dj/pRr7KF+wL4d2tW+tpmh/AZsgtruLXJkUEMNmBEm5XdahHd/cxsE2gnlh5HijmSoR0QngeeeWMD5Vy7wMCdQsgQgRYgjSB/GBC51IdaAbfNWRpktmJ88qwDdP+tvbthT9mxlJUot3ZtFv/E6ZGs9zYyi2n6Qh2N++JlBdb7zg4gXxAeqmEHdk2YOO4LJxcbdGQiS2AWyOGm6XArpcB2xb9daZ0RUriWz/ryZ8PFrIojpsWFeW1kNnppjhHuBFjOfZ3ZZH+SUQWlrVwNzkrxqFgt/twkSxjoo5aP3L9JkDGr/jYGTKGglFhaSlf5r5zrOtZCBLHhHqtts3i5+nMntkiz2BUk+Zg0BnbYmPm004uts1kEFMoA72w+WtIe4kDQh/v+WUQ1gbK9ULTY7MNkymO/SmgF8p81LfchF3Die1EuxGdnnlWaOIS6U3SYT/zMpOfbGw+LgTWwdZC2moOfU7JkFMbTLks9LXa+VXef0CB0+nia3QVO2p8eEXnL+2SJbS2OjasGeTamivDU4OXGrtHwi7G04XVkkOQIP/vyTuljXgbpkO5Bf/+wc76VNF9CuspKCOEDw57xGqZ2FFERZ30i2dngw6dWsTQ12pVRDrctb3y+Mon13MMDsZZEnTlU8f0Ns+37VkHFzzgFPhC8F/1XQCwcCRExfn7UHP0w+UiNRKolhk+s0ho9ixvFcmD4MPsVt/S3R5s1H9TVUN3SrPT1yWczoMHLLCCk7pH/r7r3jnPZXXgZ3/LoksbJccDDBxoYhE+mQPvXFEgc9dCBTWZqmav6T+kXH7njmCMNGhRwBulKy+Vq/Scn6cDI8MuYuZw== x-forefront-antispam-report: CIP:255.255.255.255;CTRY:;LANG:en;SCL:1;SRV:;IPV:NLI;SFV:NSPM;H:PH0PR11MB5064.namprd11.prod.outlook.com;PTR:;CAT:NONE;SFS:(13230001)(366004)(86362001)(66556008)(66446008)(38070700005)(82960400001)(38100700002)(66476007)(64756008)(122000001)(8676002)(5660300002)(6916009)(316002)(4326008)(54906003)(66946007)(76116006)(2906002)(55016003)(30864003)(52536014)(8936002)(71200400001)(26005)(33656002)(186003)(508600001)(19627235002)(966005)(83380400001)(9686003)(7696005)(6506007);DIR:OUT;SFP:1102; x-ms-exchange-antispam-messagedata-chunkcount: 1 x-ms-exchange-antispam-messagedata-0: =?us-ascii?Q?E4jJipgKwU7gLJVr1XTNo2dddC3yM1mSs+F/HELi1hK/AsN7H0yIzS317hGi?= =?us-ascii?Q?Y53UW+oqSKdd9V2BCDb3vr/IxGftnyubtTtOPAoVQZ5sPL2Fg59FDSsaJtj9?= =?us-ascii?Q?n6yeOtllLYx3qKlDcscJTmVLF9J/rdNgNbeaALUcYGF6vD7WrN5fxmZ0dfsA?= =?us-ascii?Q?lLCzAxwws+KZlsJzZzJW91DLzA1v5+KZtNpwX7EBvcD3LQ0ekoCUR35cYNe6?= =?us-ascii?Q?BwneNit9PuYUNZ1bs5zedd/d1mA0tOkCzHgqNsdXSn9A5/0hR45uA61w3zaT?= =?us-ascii?Q?qRQ7vizVbzYz74CafbSXvSmz2AqjmxWgZ/1iXIls6z56FWJvFo1BP+MpWcrI?= =?us-ascii?Q?odBn+LdqaMTVuNQULLd89TpKRkej3sAanobCEFFph5t12J7KXFLKAew843cG?= =?us-ascii?Q?nn1MxGjcmvdonHrJWCAYyNhZpDlpxK81yonvBvk3kYCLeNsjmnnY5v92Y+Vf?= =?us-ascii?Q?mJNu3oInmJMoZ8SFCEXz/8OvXA6wEzc5D1vKv40kJc7EKosJuj56K/6mdZYa?= =?us-ascii?Q?xJ99pK86GeaG+lpsqkNeIMTRwZX6d1NLWNwW7nlUlSAhVBEGI3vSbLcGe2Kc?= =?us-ascii?Q?ZH8jHrNjGTKimOiOJyEfgdtM9DW5B1ojwYZ30qOEU2jUFCCvqk319Spojiki?= =?us-ascii?Q?x6FbGVjHdiFpIm08f2tb9L9zqeVa6B+SjhkCCEYoVGgMDhOG6MnVl+un26xQ?= =?us-ascii?Q?kuiRRKaCN0l8Cy2S1Tj5a9rv8IbuDjqQ3RzymDmlPC8SJqZmvKQrwlXQk9dJ?= =?us-ascii?Q?dJBMy6IF80F/0LFvQyIF3Buw7QCbDNDwQ07njtId8l81LCizFPexUzIUY8Pa?= =?us-ascii?Q?9vzUEohilKIbxCDydCjidHR0hn6i3TwinOTxGTk3ESOvELpGYjyI0bBT+lbe?= =?us-ascii?Q?jc9sjlx+ZYlc5xlonC3aNmXcKFWsxmsqoMrlq0kXnwNMeR2VB/q/qj6UHJjs?= =?us-ascii?Q?I13ATKkAOU7Z96qb3dGJTzk7pYUReMvSbgKyw7HRtRadz4HVmU9AE/EvEHnm?= =?us-ascii?Q?UzU79HP6a513uWnyxiwsw/SjKJ7OnUpQUcNK4niZTEzBbl1NReDil1IbB+/d?= =?us-ascii?Q?/BuiMfRkF1z0O7Na5xqzG+nHdKl6PihSoKnDpUReeAthcjzAyOb18UULLT4L?= =?us-ascii?Q?UMTvg2Sagy97I3g+w50ErKiPN20Srl3EdObXCNpiAZPvEdemXZWp6pFKiCMY?= =?us-ascii?Q?XlkSfE0Nnxs0N5NgJUALxqLpA/cCuYiS7prhaEKZiO9M9oGE3ha//XLXmbPy?= =?us-ascii?Q?QRPiDuIxB+QATMqFd5gkvTaO8hfiUFyyfpFqYDfM2GqBEaaYCwLTyJnvHL5s?= =?us-ascii?Q?V+1ogK4swe79yat/mW9vZ3HQO+NdtcZOItQfcKz9NGRPsZZ+g1rCray/qr5P?= =?us-ascii?Q?/n51YYnlq5PyMwt6rEYh0e9VcdYsS9ljb0mOc/Kb9LfXEY5j3ytL8FA/vsJ2?= =?us-ascii?Q?IDDJWhbOZj921GEFTD7yiY6MMr8YlsXcC4npijefG8K7Z7aZvxTYPQFK+keA?= =?us-ascii?Q?ALz0EAGZ1tyw0zW+k1ArrtSXtfAFopu/fGzz9wtZEgmOtqyaYrJxHgmeWDIg?= =?us-ascii?Q?XOvLJdAg4MZFYsKuvCVX9N7SL0vOvPTnuNHUWcOI5vyHtr44V6Vk39eS4lhx?= =?us-ascii?Q?xyG12X6PPhli3SOPEUuviQ0=3D?= MIME-Version: 1.0 X-MS-Exchange-CrossTenant-AuthAs: Internal X-MS-Exchange-CrossTenant-AuthSource: PH0PR11MB5064.namprd11.prod.outlook.com X-MS-Exchange-CrossTenant-Network-Message-Id: b4e071be-b927-4cfe-47bd-08d9f66fe295 X-MS-Exchange-CrossTenant-originalarrivaltime: 23 Feb 2022 01:57:45.1622 (UTC) X-MS-Exchange-CrossTenant-fromentityheader: Hosted X-MS-Exchange-CrossTenant-id: 46c98d88-e344-4ed4-8496-4ed7712e255d X-MS-Exchange-CrossTenant-mailboxtype: HOSTED X-MS-Exchange-CrossTenant-userprincipalname: BEjHjlLZT0vuWofxuXjJGaD0u5CMiKPx6ciO3H3beaScvGqlQIXAJgOaqELf7PeOV6DA7FZMKZ8+1ddxMM3CAw== X-MS-Exchange-Transport-CrossTenantHeadersStamped: MN2PR11MB3694 Return-Path: min.m.xu@intel.com X-OriginatorOrg: intel.com Content-Language: en-US Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: quoted-printable Hi, Michael & Liming & Zhiguang I am doing the TDVF upstreaming and this commit is in MdeModulePkg. You're = the maintainer/reviewer of MdeModulePkg.=20 Your comments to this patch is great helpful. The complete code is at: https://github.com/mxu9/edk2/tree/tdvf_wave2.v6 Thanks Min > RFC: https://bugzilla.tianocore.org/show_bug.cgi?id=3D3429 >=20 > Introduce basic Tdx functions in BaseLib: > - TdCall () > - TdVmCall () > - TdIsEnabled () >=20 > Cc: Michael D Kinney > Cc: Liming Gao > Cc: Zhiguang Liu > Cc: Brijesh Singh > Cc: Erdem Aktas > Cc: James Bottomley > Cc: Jiewen Yao > Cc: Tom Lendacky > Cc: Gerd Hoffmann > Acked-by: Gerd Hoffmann > Signed-off-by: Min Xu > --- > MdePkg/Include/Library/BaseLib.h | 62 ++++++++++ > MdePkg/Library/BaseLib/BaseLib.inf | 11 ++ > MdePkg/Library/BaseLib/IntelTdxNull.c | 83 +++++++++++++ > MdePkg/Library/BaseLib/X64/TdCall.nasm | 85 +++++++++++++ > MdePkg/Library/BaseLib/X64/TdProbe.c | 62 ++++++++++ > MdePkg/Library/BaseLib/X64/TdVmcall.nasm | 145 > +++++++++++++++++++++++ > 6 files changed, 448 insertions(+) > create mode 100644 MdePkg/Library/BaseLib/IntelTdxNull.c > create mode 100644 MdePkg/Library/BaseLib/X64/TdCall.nasm > create mode 100644 MdePkg/Library/BaseLib/X64/TdProbe.c > create mode 100644 MdePkg/Library/BaseLib/X64/TdVmcall.nasm >=20 > diff --git a/MdePkg/Include/Library/BaseLib.h > b/MdePkg/Include/Library/BaseLib.h > index 6aa0d972186e..bd762843198f 100644 > --- a/MdePkg/Include/Library/BaseLib.h > +++ b/MdePkg/Include/Library/BaseLib.h > @@ -4759,6 +4759,68 @@ SpeculationBarrier ( > VOID > ); >=20 > +/** > + The TDCALL instruction causes a VM exit to the Intel TDX module. It > +is > + used to call guest-side Intel TDX functions, either local or a TD > +exit > + to the host VMM, as selected by Leaf. > + > + @param[in] Leaf Leaf number of TDCALL instruction > + @param[in] Arg1 Arg1 > + @param[in] Arg2 Arg2 > + @param[in] Arg3 Arg3 > + @param[in,out] Results Returned result of the Leaf function > + > + @return EFI_SUCCESS > + @return Other See individual leaf functions > +**/ > +UINTN > +EFIAPI > +TdCall ( > + IN UINT64 Leaf, > + IN UINT64 Arg1, > + IN UINT64 Arg2, > + IN UINT64 Arg3, > + IN OUT VOID *Results > + ); > + > +/** > + TDVMALL is a leaf function 0 for TDCALL. It helps invoke services > +from the > + host VMM to pass/receive information. > + > + @param[in] Leaf Number of sub-functions > + @param[in] Arg1 Arg1 > + @param[in] Arg2 Arg2 > + @param[in] Arg3 Arg3 > + @param[in] Arg4 Arg4 > + @param[in,out] Results Returned result of the sub-function > + > + @return EFI_SUCCESS > + @return Other See individual sub-functions > + > +**/ > +UINTN > +EFIAPI > +TdVmCall ( > + IN UINT64 Leaf, > + IN UINT64 Arg1, > + IN UINT64 Arg2, > + IN UINT64 Arg3, > + IN UINT64 Arg4, > + IN OUT VOID *Results > + ); > + > +/** > + Probe if TD is enabled. > + > + @return TRUE TD is enabled. > + @return FALSE TD is not enabled. > +**/ > +BOOLEAN > +EFIAPI > +TdIsEnabled ( > + VOID > + ); > + > #if defined (MDE_CPU_X64) > // > // The page size for the PVALIDATE instruction diff --git > a/MdePkg/Library/BaseLib/BaseLib.inf b/MdePkg/Library/BaseLib/BaseLib.inf > index cebda3b210c1..1185f13204df 100644 > --- a/MdePkg/Library/BaseLib/BaseLib.inf > +++ b/MdePkg/Library/BaseLib/BaseLib.inf > @@ -210,6 +210,7 @@ > X86RdRand.c > X86PatchInstruction.c > X86SpeculationBarrier.c > + IntelTdxNull.c >=20 > [Sources.X64] > X64/Thunk16.nasm > @@ -293,6 +294,9 @@ > X64/ReadCr0.nasm| MSFT > X64/ReadEflags.nasm| MSFT >=20 > + X64/TdCall.nasm > + X64/TdVmcall.nasm > + X64/TdProbe.c >=20 > X64/Non-existing.c > Math64.c > @@ -333,6 +337,7 @@ > Ebc/SpeculationBarrier.c > Unaligned.c > Math64.c > + IntelTdxNull.c >=20 > [Sources.ARM] > Arm/InternalSwitchStack.c > @@ -370,6 +375,8 @@ > Arm/MemoryFence.S | GCC > Arm/SpeculationBarrier.S | GCC >=20 > + IntelTdxNull.c > + > [Sources.AARCH64] > Arm/InternalSwitchStack.c > Arm/Unaligned.c > @@ -393,6 +400,8 @@ > AArch64/CpuBreakpoint.asm | MSFT > AArch64/SpeculationBarrier.asm | MSFT >=20 > + IntelTdxNull.c > + > [Sources.RISCV64] > Math64.c > Unaligned.c > @@ -409,6 +418,8 @@ > RiscV64/RiscVInterrupt.S | GCC > RiscV64/FlushCache.S | GCC >=20 > + IntelTdxNull.c > + > [Packages] > MdePkg/MdePkg.dec >=20 > diff --git a/MdePkg/Library/BaseLib/IntelTdxNull.c > b/MdePkg/Library/BaseLib/IntelTdxNull.c > new file mode 100644 > index 000000000000..ec95470bd43e > --- /dev/null > +++ b/MdePkg/Library/BaseLib/IntelTdxNull.c > @@ -0,0 +1,83 @@ > +/** @file > + > + Null stub of TdxLib > + > + Copyright (c) 2021, Intel Corporation. All rights reserved.
> + SPDX-License-Identifier: BSD-2-Clause-Patent > + > +**/ > + > +#include > +#include > + > +/** > + The TDCALL instruction causes a VM exit to the Intel TDX module. It > +is > + used to call guest-side Intel TDX functions, either local or a TD > +exit > + to the host VMM, as selected by Leaf. > + Leaf functions are described at + www/us/en/develop/articles/intel-trust-domain-extensions.html> > + > + @param[in] Leaf Leaf number of TDCALL instruction > + @param[in] Arg1 Arg1 > + @param[in] Arg2 Arg2 > + @param[in] Arg3 Arg3 > + @param[in,out] Results Returned result of the Leaf function > + > + @return EFI_SUCCESS > + @return Other See individual leaf functions > +**/ > +UINTN > +EFIAPI > +TdCall ( > + IN UINT64 Leaf, > + IN UINT64 Arg1, > + IN UINT64 Arg2, > + IN UINT64 Arg3, > + IN OUT VOID *Results > + ) > +{ > + return EFI_UNSUPPORTED; > +} > + > +/** > + TDVMALL is a leaf function 0 for TDCALL. It helps invoke services > +from the > + host VMM to pass/receive information. > + > + @param[in] Leaf Number of sub-functions > + @param[in] Arg1 Arg1 > + @param[in] Arg2 Arg2 > + @param[in] Arg3 Arg3 > + @param[in] Arg4 Arg4 > + @param[in,out] Results Returned result of the sub-function > + > + @return EFI_SUCCESS > + @return Other See individual sub-functions > + > +**/ > +UINTN > +EFIAPI > +TdVmCall ( > + IN UINT64 Leaf, > + IN UINT64 Arg1, > + IN UINT64 Arg2, > + IN UINT64 Arg3, > + IN UINT64 Arg4, > + IN OUT VOID *Results > + ) > +{ > + return EFI_UNSUPPORTED; > +} > + > +/** > + Probe if TD is enabled. > + > + @return TRUE TD is enabled. > + @return FALSE TD is not enabled. > +**/ > +BOOLEAN > +EFIAPI > +TdIsEnabled ( > + ) > +{ > + return FALSE; > +} > diff --git a/MdePkg/Library/BaseLib/X64/TdCall.nasm > b/MdePkg/Library/BaseLib/X64/TdCall.nasm > new file mode 100644 > index 000000000000..e8a094b0eb3f > --- /dev/null > +++ b/MdePkg/Library/BaseLib/X64/TdCall.nasm > @@ -0,0 +1,85 @@ > +;---------------------------------------------------------------------- > +-------- > +;* > +;* Copyright (c) 2020 - 2021, Intel Corporation. All rights > +reserved.
> +;* SPDX-License-Identifier: BSD-2-Clause-Patent > +;* > +;* > +;---------------------------------------------------------------------- > +-------- > + > +DEFAULT REL > +SECTION .text > + > +%macro tdcall 0 > + db 0x66,0x0f,0x01,0xcc > +%endmacro > + > +%macro tdcall_push_regs 0 > + push rbp > + mov rbp, rsp > + push r15 > + push r14 > + push r13 > + push r12 > + push rbx > + push rsi > + push rdi > +%endmacro > + > +%macro tdcall_pop_regs 0 > + pop rdi > + pop rsi > + pop rbx > + pop r12 > + pop r13 > + pop r14 > + pop r15 > + pop rbp > +%endmacro > + > +%define number_of_regs_pushed 8 > +%define number_of_parameters 4 > + > +; > +; Keep these in sync for push_regs/pop_regs, code below ; uses them to > +find 5th or greater parameters ; %define first_variable_on_stack_offset > +\ > + ((number_of_regs_pushed * 8) + (number_of_parameters * 8) + 8) > +%define second_variable_on_stack_offset \ > + ((first_variable_on_stack_offset) + 8) > + > +; TdCall ( > +; UINT64 Leaf, // Rcx > +; UINT64 P1, // Rdx > +; UINT64 P2, // R8 > +; UINT64 P3, // R9 > +; UINT64 Results, // rsp + 0x28 > +; ) > +global ASM_PFX(TdCall) > +ASM_PFX(TdCall): > + tdcall_push_regs > + > + mov rax, rcx > + mov rcx, rdx > + mov rdx, r8 > + mov r8, r9 > + > + tdcall > + > + ; exit if tdcall reports failure. > + test rax, rax > + jnz .exit > + > + ; test if caller wanted results > + mov r12, [rsp + first_variable_on_stack_offset ] > + test r12, r12 > + jz .exit > + mov [r12 + 0 ], rcx > + mov [r12 + 8 ], rdx > + mov [r12 + 16], r8 > + mov [r12 + 24], r9 > + mov [r12 + 32], r10 > + mov [r12 + 40], r11 > +.exit: > + tdcall_pop_regs > + ret > diff --git a/MdePkg/Library/BaseLib/X64/TdProbe.c > b/MdePkg/Library/BaseLib/X64/TdProbe.c > new file mode 100644 > index 000000000000..a1cf02717bf2 > --- /dev/null > +++ b/MdePkg/Library/BaseLib/X64/TdProbe.c > @@ -0,0 +1,62 @@ > +/** @file > + > + Copyright (c) 2020-2021, Intel Corporation. All rights reserved.
> + SPDX-License-Identifier: BSD-2-Clause-Patent > + > +**/ > + > +#include > +#include > + > +/** > + Probe if TD is enabled. > + > + @return TRUE TD is enabled. > + @return FALSE TD is not enabled. > +**/ > +BOOLEAN > +EFIAPI > +TdIsEnabled ( > + ) > +{ > + UINT32 Eax; > + UINT32 Ebx; > + UINT32 Ecx; > + UINT32 Edx; > + UINT32 LargestEax; > + BOOLEAN TdEnabled; > + > + TdEnabled =3D FALSE; > + > + do { > + AsmCpuid (CPUID_SIGNATURE, &LargestEax, &Ebx, &Ecx, &Edx); > + > + if ( (Ebx !=3D CPUID_SIGNATURE_GENUINE_INTEL_EBX) > + || (Edx !=3D CPUID_SIGNATURE_GENUINE_INTEL_EDX) > + || (Ecx !=3D CPUID_SIGNATURE_GENUINE_INTEL_ECX)) > + { > + break; > + } > + > + AsmCpuid (CPUID_VERSION_INFO, NULL, NULL, &Ecx, NULL); > + if ((Ecx & BIT31) =3D=3D 0) { > + break; > + } > + > + if (LargestEax < 0x21) { > + break; > + } > + > + AsmCpuidEx (0x21, 0, &Eax, &Ebx, &Ecx, &Edx); > + if ( (Ebx !=3D SIGNATURE_32 ('I', 'n', 't', 'e')) > + || (Edx !=3D SIGNATURE_32 ('l', 'T', 'D', 'X')) > + || (Ecx !=3D SIGNATURE_32 (' ', ' ', ' ', ' '))) > + { > + break; > + } > + > + TdEnabled =3D TRUE; > + } while (FALSE); > + > + return TdEnabled; > +} > diff --git a/MdePkg/Library/BaseLib/X64/TdVmcall.nasm > b/MdePkg/Library/BaseLib/X64/TdVmcall.nasm > new file mode 100644 > index 000000000000..5ecc10b17193 > --- /dev/null > +++ b/MdePkg/Library/BaseLib/X64/TdVmcall.nasm > @@ -0,0 +1,145 @@ > +;---------------------------------------------------------------------- > +-------- > +;* > +;* Copyright (c) 2020 - 2021, Intel Corporation. All rights > +reserved.
> +;* SPDX-License-Identifier: BSD-2-Clause-Patent > +;* > +;* > +;---------------------------------------------------------------------- > +-------- > + > +DEFAULT REL > +SECTION .text > + > +%define TDVMCALL_EXPOSE_REGS_MASK 0xffec > +%define TDVMCALL 0x0 > + > +%macro tdcall 0 > + db 0x66,0x0f,0x01,0xcc > +%endmacro > + > +%macro tdcall_push_regs 0 > + push rbp > + mov rbp, rsp > + push r15 > + push r14 > + push r13 > + push r12 > + push rbx > + push rsi > + push rdi > +%endmacro > + > +%macro tdcall_pop_regs 0 > + pop rdi > + pop rsi > + pop rbx > + pop r12 > + pop r13 > + pop r14 > + pop r15 > + pop rbp > +%endmacro > + > +%define number_of_regs_pushed 8 > +%define number_of_parameters 4 > + > +; > +; Keep these in sync for push_regs/pop_regs, code below ; uses them to > +find 5th or greater parameters ; %define first_variable_on_stack_offset > +\ > + ((number_of_regs_pushed * 8) + (number_of_parameters * 8) + 8) > +%define second_variable_on_stack_offset \ > + ((first_variable_on_stack_offset) + 8) > + > +%macro tdcall_regs_preamble 2 > + mov rax, %1 > + > + xor rcx, rcx > + mov ecx, %2 > + > + ; R10 =3D 0 (standard TDVMCALL) > + > + xor r10d, r10d > + > + ; Zero out unused (for standard TDVMCALL) registers to avoid leaking > + ; secrets to the VMM. > + > + xor ebx, ebx > + xor esi, esi > + xor edi, edi > + > + xor edx, edx > + xor ebp, ebp > + xor r8d, r8d > + xor r9d, r9d > +%endmacro > + > +%macro tdcall_regs_postamble 0 > + xor ebx, ebx > + xor esi, esi > + xor edi, edi > + > + xor ecx, ecx > + xor edx, edx > + xor r8d, r8d > + xor r9d, r9d > + xor r10d, r10d > + xor r11d, r11d > +%endmacro > + > +;-----------------------------------------------------------------------= ------- > +; 0 =3D> RAX =3D TDCALL leaf > +; M =3D> RCX =3D TDVMCALL register behavior > +; 1 =3D> R10 =3D standard vs. vendor > +; RDI =3D> R11 =3D TDVMCALL function / nr > +; RSI =3D R12 =3D p1 > +; RDX =3D> R13 =3D p2 > +; RCX =3D> R14 =3D p3 > +; R8 =3D> R15 =3D p4 > + > +; UINT64 > +; EFIAPI > +; TdVmCall ( > +; UINT64 Leaf, // Rcx > +; UINT64 P1, // Rdx > +; UINT64 P2, // R8 > +; UINT64 P3, // R9 > +; UINT64 P4, // rsp + 0x28 > +; UINT64 *Val // rsp + 0x30 > +; ) > +global ASM_PFX(TdVmCall) > +ASM_PFX(TdVmCall): > + tdcall_push_regs > + > + mov r11, rcx > + mov r12, rdx > + mov r13, r8 > + mov r14, r9 > + mov r15, [rsp + first_variable_on_stack_offset ] > + > + tdcall_regs_preamble TDVMCALL, TDVMCALL_EXPOSE_REGS_MASK > + > + tdcall > + > + ; ignore return dataif TDCALL reports failure. > + test rax, rax > + jnz .no_return_data > + > + ; Propagate TDVMCALL success/failure to return value. > + mov rax, r10 > + > + ; Retrieve the Val pointer. > + mov r9, [rsp + second_variable_on_stack_offset ] > + test r9, r9 > + jz .no_return_data > + > + ; On success, propagate TDVMCALL output value to output param > + test rax, rax > + jnz .no_return_data > + mov [r9], r11 > +.no_return_data: > + tdcall_regs_postamble > + > + tdcall_pop_regs > + > + ret > -- > 2.29.2.windows.2