From mboxrd@z Thu Jan 1 00:00:00 1970 Received: from mga14.intel.com (mga14.intel.com [192.55.52.115]) by mx.groups.io with SMTP id smtpd.web08.15498.1627199437974586999 for ; Sun, 25 Jul 2021 00:50:38 -0700 Authentication-Results: mx.groups.io; dkim=pass header.i=@intel.onmicrosoft.com header.s=selector2-intel-onmicrosoft-com header.b=IxDiWuf2; spf=pass (domain: intel.com, ip: 192.55.52.115, mailfrom: min.m.xu@intel.com) X-IronPort-AV: E=McAfee;i="6200,9189,10055"; a="211799257" X-IronPort-AV: E=Sophos;i="5.84,266,1620716400"; d="scan'208";a="211799257" Received: from fmsmga003.fm.intel.com ([10.253.24.29]) by fmsmga103.fm.intel.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384; 25 Jul 2021 00:50:37 -0700 X-ExtLoop1: 1 X-IronPort-AV: E=Sophos;i="5.84,266,1620716400"; d="scan'208";a="503328133" Received: from fmsmsx606.amr.corp.intel.com ([10.18.126.86]) by FMSMGA003.fm.intel.com with ESMTP; 25 Jul 2021 00:50:37 -0700 Received: from fmsmsx608.amr.corp.intel.com (10.18.126.88) by fmsmsx606.amr.corp.intel.com (10.18.126.86) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.1.2242.10; Sun, 25 Jul 2021 00:50:37 -0700 Received: from fmsmsx612.amr.corp.intel.com (10.18.126.92) by fmsmsx608.amr.corp.intel.com (10.18.126.88) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.1.2242.10; Sun, 25 Jul 2021 00:50:36 -0700 Received: from fmsedg601.ED.cps.intel.com (10.1.192.135) by fmsmsx612.amr.corp.intel.com (10.18.126.92) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.1.2242.10 via Frontend Transport; Sun, 25 Jul 2021 00:50:36 -0700 Received: from NAM10-DM6-obe.outbound.protection.outlook.com (104.47.58.109) by edgegateway.intel.com (192.55.55.70) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.1.2242.10; Sun, 25 Jul 2021 00:50:36 -0700 ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=Mql0oq6JnPjTKwvjNzGmX6KVE9WphSqrgpwfSl56036nCZ1lfEtoTpAye2R2hiNHtLe3sml47XtoSuEMvgfwfPYiFntyCJwTKCCWfA/7yxJnS1SmpqyLpbskearjZ6hQin8xrglxwjtNitUnwZsI9bz2SZor8LeqX533DkwDy7gXxh/IXYFnT9Z9qIyO6ST9wN2DplBhT1SMAtwEOjXFsj90Rncx9nGJp4p2KKuNgPPCwiVqoBOfh6s1zFqBao/x1u4ajScG1iQx9v5969psboKTFIzkWw/+e7XKdI3TSN0YyBSkCQcwxUY0B3fdZ64g9zlyoNdZxG0uNZRYU01aIA== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=2MWTh/JAujlfgjQRGdtNjyrmQ6EbLmofA+piVyAX27k=; b=nbzWsRMuHSfF98QQwa4FEt8yPH8JgvlfRkTpMiyy5q0EkqyDsl50B36eSqPVALAZ6y5spb2e60pUgUTJOZ9zBrrQjXG1KAndrWZ2iizjfmUKm0WtforbejJiMx8EcbJnWtZ3F6Eu1XAzeeh3SLFj7f9GNxfbcwsjdkygch4+hHpnKl0UwHZWirZQVsgDVTxG1bxcaOvCvi0pAau7NnwsV7Az64HIK7uSnnJVCtCIA20gPrjQS7pGlrEuzNBoWDcCaEyxLmgAS/FylBU9uyIxSSnnQ2ouqwYNVma+5JF8dW9Kch8CkhN2fIvFmmf4Lm+vZgitnCzYUrvlkKYkmyJaZw== ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=intel.com; dmarc=pass action=none header.from=intel.com; dkim=pass header.d=intel.com; arc=none DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=intel.onmicrosoft.com; s=selector2-intel-onmicrosoft-com; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=2MWTh/JAujlfgjQRGdtNjyrmQ6EbLmofA+piVyAX27k=; b=IxDiWuf2KZX9LwVpPKP6NtpYAFcRsiiskkIgJDwv2h77HGdvpVsR95V7M92wkzQcnVBgdAM5zSBuHR2nYwwR5A8vhxhg3tFVIJPxSld8+P6axfI5o4oVmbIThaLhoVedIbqUxmt7hSUoIaGD/wR/jUvP6Gyv9mqAlGTE1tNLpYs= Received: from PH0PR11MB5064.namprd11.prod.outlook.com (2603:10b6:510:3b::15) by PH0PR11MB4808.namprd11.prod.outlook.com (2603:10b6:510:39::9) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.4352.25; Sun, 25 Jul 2021 07:50:33 +0000 Received: from PH0PR11MB5064.namprd11.prod.outlook.com ([fe80::b4be:3994:dd4d:7b9d]) by PH0PR11MB5064.namprd11.prod.outlook.com ([fe80::b4be:3994:dd4d:7b9d%7]) with mapi id 15.20.4331.035; Sun, 25 Jul 2021 07:50:33 +0000 From: "Min Xu" To: "Yao, Jiewen" , "devel@edk2.groups.io" CC: Ard Biesheuvel , Brijesh Singh , Erdem Aktas , James Bottomley , Tom Lendacky Subject: Re: [PATCH V2 4/4] OvmfPkg/ResetVector: Update ResetVector to support Tdx Thread-Topic: [PATCH V2 4/4] OvmfPkg/ResetVector: Update ResetVector to support Tdx Thread-Index: AQHXfr3fj0bLwyOvz0C+o4Nx/VqJsatTN1yAgAAdmAA= Date: Sun, 25 Jul 2021 07:50:33 +0000 Message-ID: References: <0e28e0d01b2db776c5c00469bac5097a326c3ed9.1626931332.git.min.m.xu@intel.com> In-Reply-To: Accept-Language: en-US X-MS-Has-Attach: X-MS-TNEF-Correlator: dlp-product: dlpe-windows dlp-reaction: no-action dlp-version: 11.5.1.3 authentication-results: intel.com; dkim=none (message not signed) header.d=none;intel.com; dmarc=none action=none header.from=intel.com; x-ms-publictraffictype: Email x-ms-office365-filtering-correlation-id: db12ab85-44b8-4e54-e557-08d94f40e1fc x-ms-traffictypediagnostic: PH0PR11MB4808: x-ms-exchange-transport-forked: True x-microsoft-antispam-prvs: x-ms-oob-tlc-oobclassifiers: OLM:10000; x-ms-exchange-senderadcheck: 1 x-ms-exchange-antispam-relay: 0 x-microsoft-antispam: BCL:0; x-microsoft-antispam-message-info: 4e7kpokNqd44on22uK6yhxY1hpSub7FKGRlZ4ZKdvOzyul29CRrDsp9pSLcA9YFGgejBvpNB3uMoVWkzvni2myeFbIe8tfpVhSbbjm4oSnMVT6Ajf6Q8ghGJODBRdp3242UpH2ntqXOpVbUu/ffrpOpXUaW13aGXVmxA0faJiClkowznl9q1ZtVOKfg3EfJvZv9cBMpzGndjTJQ9j6HvPCmIECap0aIKWo7JvPSu+IWI5p4oNldoiiDS/N0gL3QFcXoMYuaPZWjtErHfmHtD5sY18y0Q+F5UWX2wX/WstqfXz1BTVgNJCx2IDlIgYpXGGBy6rtQogBigEOHEdelbFrbKeli3pRWCyLTklmwB/ezV50vvxH0D/N3KMa2ryDO7HSeOc5aSutoFEsdqMufgjKOBqO+YieE1UycP5X+iRrvT/M47HWl+5QRPMWPw17vbOW5DIG/UvHdxJFYfU0r/l7z+DyrWGQYk0/0J5Gl6uvynG/Pnuu7fkZKF2xnaSK7TRKj4VjapWI1AxHcXZhIN/GE9ClFolLvRMscwrDBaUyH22jiLi9t2aYG4wSQQlNiQAWNtENV36VfTaW5zgJcZZv/8ZLp3NkyABvBSc8jykSm2NmdZRxEAzndyD+iF2kKS48SK3hi8LBMQj6i7+tCjvXpeYmHDVmqaQtzdDn+vGXmsInWxu5Wwt0xVbRcz5ZPyQiZd3aOACK4v8SyQpw/CvSYAZlziF6a8mEOOb6N2XsP70vubtVn0gP5s4EEf7t6n89G9w6lhsPbdTo55OHs4wDNrgA9PwIpxx4qTsjPhZmU= x-forefront-antispam-report: CIP:255.255.255.255;CTRY:;LANG:en;SCL:1;SRV:;IPV:NLI;SFV:NSPM;H:PH0PR11MB5064.namprd11.prod.outlook.com;PTR:;CAT:NONE;SFS:(4636009)(376002)(136003)(366004)(346002)(39860400002)(396003)(316002)(54906003)(5660300002)(478600001)(53546011)(6506007)(9686003)(86362001)(7696005)(110136005)(2906002)(30864003)(26005)(55016002)(966005)(8936002)(8676002)(15650500001)(71200400001)(83380400001)(64756008)(66556008)(66446008)(66476007)(76116006)(4326008)(66946007)(33656002)(38100700002)(19627235002)(122000001)(186003)(52536014)(38070700004);DIR:OUT;SFP:1102; x-ms-exchange-antispam-messagedata-chunkcount: 1 x-ms-exchange-antispam-messagedata-0: =?us-ascii?Q?dmoW334iqx7vjKkXRjLcUukVy0MzoqxYiTNeujHNOoUzqfsis92tugnfHTa8?= =?us-ascii?Q?Jf+4Rks5DBWZXfaDkhgOgaH1CnmWhGqVg9A0AwK/SVi848z/K31px8HW5O30?= =?us-ascii?Q?zeaf0Ho/nLqwqDqa50FeGXP4CVtUUk5q6kqPy/zkoZLg7NN3Dh18rMn5CwbF?= =?us-ascii?Q?fwfPj5zdB/a6MXMdIiRA5pB0VPeyHlJZ6ciJ/zOs8RXCSEG6r/lI+nNYNU6q?= =?us-ascii?Q?XuFkys3zngojP3m8t/2q5j9ntKYUtBNentsKOe30iLpDBtwD2EFBo0ShuH0Z?= =?us-ascii?Q?5f4+/8sQeqSd/+1MImd1suKLP5/RSNAT3cuZaXHcJmENJY0b1HneYZhILihp?= =?us-ascii?Q?zdXh4OHCkiY3BdV6GoPivNTCIZ4CVp69Bvg8myQGsO54m9B0SiSKy8M7zETW?= =?us-ascii?Q?5+w6I7CUMnGV2iIxjP1NhDziBPrxxSNMGBFOs8Qwd1BZw2Ns7R9HinAW9jJ7?= =?us-ascii?Q?hkffvDKMnTDplOIc+YtFK/wvtm3fTOQfQoGZ69l683T4SrhcSXvCuqvnKNvE?= =?us-ascii?Q?/zPYfL22rv41UqZugSQ1SFAkt3R4QhZjzCYASwX35NHvfvSkJDGKuQnTgJNw?= =?us-ascii?Q?Okf3Nq2/e+CJLwTFvTNzI+nBXtnTph+NzeEPGojmvxqyPqCGv8xJ/gsQWT9D?= =?us-ascii?Q?oDwqYOHVv0ViJDWI3wRe8fKXgl3N5ftIe/1pO7RCR0EqHErw5WloU905llRl?= =?us-ascii?Q?0n4Jg0SfvIMypq6xIs2aq02QLtjcdm3vb9f26w3lUFlS7tDPq5E+/gIoqxl4?= =?us-ascii?Q?cQYvnf9vLCTXPS+x5vIBSgoGBMbWaPYwnr5qe6spWZ1ldTlDYqb4vzGSAO28?= =?us-ascii?Q?B//qxuEC4bsBJDkx9Rr2OLOrlAEgnt+g8w/4dwG2lvJOzsqIjQpCkGLpvG4J?= =?us-ascii?Q?PiwtePQ9obOnVcOJGqiMXHLqSNa+gfsavdhaRRB+kIR/qDR+p/Ff767k8iM+?= =?us-ascii?Q?sTt3s/G0pbq8w4rw+6JGtLDvnSYO8yfq4pebbYt1oqrWXHm8rEdt1ZpKHtYj?= =?us-ascii?Q?MDXGvuhQdL3EXWrQkYn99cUh6prv1NnxABjUVeDkruV2knzO+71RegjZbV11?= =?us-ascii?Q?wLnum+8X+WM5guuiLnsN1Wowlv6qNYDdTvhgSXQp/kZ+y2FrWhk3AanizlCa?= =?us-ascii?Q?I88ODtJUP+21DhhX5QCD9Ejqs3ejEbIJFDg5/iPij9uiSbM9OCfIYKdcFWEN?= =?us-ascii?Q?0PPEoe4r2/tskoFJrZdOEFvn3w6BQpmF2CJe2jcHiVrFm54kU+aEsmY4Vg1m?= =?us-ascii?Q?M8gNy0YEjkVlTst73P90SLGpIxo38yBcQwZ6rPMeZFIOfths1b7Y/O+H5DcG?= =?us-ascii?Q?gFmWddHz2gOZHm44xFHmuFZT?= MIME-Version: 1.0 X-MS-Exchange-CrossTenant-AuthAs: Internal X-MS-Exchange-CrossTenant-AuthSource: PH0PR11MB5064.namprd11.prod.outlook.com X-MS-Exchange-CrossTenant-Network-Message-Id: db12ab85-44b8-4e54-e557-08d94f40e1fc X-MS-Exchange-CrossTenant-originalarrivaltime: 25 Jul 2021 07:50:33.6718 (UTC) X-MS-Exchange-CrossTenant-fromentityheader: Hosted X-MS-Exchange-CrossTenant-id: 46c98d88-e344-4ed4-8496-4ed7712e255d X-MS-Exchange-CrossTenant-mailboxtype: HOSTED X-MS-Exchange-CrossTenant-userprincipalname: LvvQUVgqr2KUX5gJrZovbhc1764iFfOmoP86G8XShky9ywoF+ch+78YSJ/sVONEJ+FtQ/b1h6whRcx/aAkbeOw== X-MS-Exchange-Transport-CrossTenantHeadersStamped: PH0PR11MB4808 Return-Path: min.m.xu@intel.com X-OriginatorOrg: intel.com Content-Language: en-US Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: quoted-printable Agree. I will update the patch set based upon your suggestions. Thanks! Xu, Min > -----Original Message----- > From: Yao, Jiewen > Sent: Sunday, July 25, 2021 2:01 PM > To: Xu, Min M ; devel@edk2.groups.io > Cc: Ard Biesheuvel ; Brijesh Singh > ; Erdem Aktas ; James > Bottomley ; Tom Lendacky > > Subject: RE: [PATCH V2 4/4] OvmfPkg/ResetVector: Update ResetVector to > support Tdx >=20 > Hi Min, Brijesh, James > I feel very frustrated when I review the existing OVMF reset vector. >=20 > A big problem is that this code mixed too many SEV stuff, and we are tryi= ng > to add more TDX stuff in *one* file, without clear isolation. >=20 > Take PageTables64.asm as example, here are the symbols. (* means it is > newly added.) =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D > CheckSevFeatures: > GetSevEncBit: > SevEncBitLowHlt: > SevSaveMask: > NoSev: > NoSevEsVcHlt: > NoSevPass: > SevExit: > IsSevEsEnabled: > SevEsDisabled: > SetCr3ForPageTables64: > CheckSev: (*) > SevNotActive: > clearPageTablesMemoryLoop: > pageTableEntriesLoop: > tdClearTdxPageTablesMemoryLoop: (*) > IsSevEs: (*) > pageTableEntries4kLoop: > clearGhcbMemoryLoop: > SetCr3: > SevEsIdtNotCpuid: > SevEsIdtNoCpuidResponse: > SevEsIdtTerminate: > SevEsIdtHlt: > SevEsIdtVmmComm: > NextReg: > VmmDone: > =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D >=20 > In order to better maintain the ResetVector, may I propose some refinemen= t: > 1) The main function only contains the non-TEE function, where TEE =3D=3D= SEV + > TDX. > 2) The TEE related code is moved to TEE specific standalone file, such > *Sev.asm and *Tdx.Asm. >=20 > 3) We need handle different cases with different pattern. > I hope the patter can be used consistently. As such, the reviewer can eas= ily > understand what it is for. >=20 > 3.1) If TEE function is a hook, then the main function calls TEE function > directly. The TEE function need implement a TEE check function (such as > IsSev, or IsTdx). For example: > =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D > OneTimeCall PreMainFunctionHookSev > OneTimeCall PreMainFunctionHookTdx > MainFunction: > XXXXXX > OneTimeCall PostMainFunctionHookSev > OneTimeCall PostMainFunctionHookTdx > =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D > 3.2) If TEE function is a replacement for non-TEE function. The main func= tion > can call TEE replacement function, then check the return status to decide > next step. For example: > =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D > OneTimeCall MainFunctionSev > Jz MainFunctionEnd > OneTimeCall MainFunctionTdx > Jz MainFunctionEnd > MainFunction: > XXXXXX > MainFunctionEnd: > =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D >=20 > 4) If we found it is too hard to write code in above patter, we can discu= ss > case by case. >=20 >=20 >=20 >=20 > > -----Original Message----- > > From: Xu, Min M > > Sent: Thursday, July 22, 2021 1:52 PM > > To: devel@edk2.groups.io > > Cc: Xu, Min M ; Ard Biesheuvel > > ; Brijesh Singh ; > > Erdem Aktas ; James Bottomley > > ; Yao, Jiewen ; Tom > Lendacky > > > > Subject: [PATCH V2 4/4] OvmfPkg/ResetVector: Update ResetVector to > > support Tdx > > > > RFC: https://bugzilla.tianocore.org/show_bug.cgi?id=3D3429 > > > > In Tdx all CPUs "reset" to run on 32-bit protected mode with flat > > descriptor (paging disabled). But in Non-Td guest the initial state of > > CPUs is 16-bit real mode. To resolve this conflict, BITS 16/32 is used > > in the very beginning of ResetVector. It will check the 32-bit > > protected mode or 16-bit real mode, then jump to the corresponding entr= y > point. > > This is done in OvmfPkg/ResetVector/Ia16/ResetVectorVtf0.asm. > > > > ReloadFlat32.asm load the GDT and set the CR0, then jump to Flat-32 > mode. > > > > InitTdx.asm is called to record the Tdx signature ('TDXG') and other > > tdx information in a TDX_WORK_AREA which can be used by the other > > routines in ResetVector. > > > > Init32.asm is 32-bit initialization code in OvmfPkg. It puts above > > ReloadFlat32 and InitTdx together to do the initializaiton for Tdx. > > > > After that Tdx jumps to 64-bit long mode by doing following tasks: > > 1. SetCr3ForPageTables64 > > For OVMF, some initial page tables is built at: > > PcdOvmfSecPageTablesBase - (PcdOvmfSecPageTablesBase + 0x6000) > > This page table supports the 4-level page table. > > But Tdx support 4-level and 5-level page table based on the CPU GPA > width. > > 48bit is 4-level paging, 52-bit is 5-level paging. > > If 5-level page table is supported (GPAW is 52), then a top level > > page directory pointers (1 * 256TB entry) is generated in the > > TdxPageTable. > > 2. Set Cr4 > > Enable PAE. > > 3. Adjust Cr3 > > If GPAW is 48, then Cr3 is PT_ADDR (0). If GPAW is 52, then Cr3 is > > TDX_PT_ADDR (0). > > > > Tdx MailBox [0x10, 0x800] is reserved for OS. So we initialize piece > > of this area ([0x10, 0x20]) to record the Tdx flag ('TDXG') and other > > Tdx info so that they can be used in the following flow. > > > > After all above is successfully done, Tdx jump to SecEntry. > > > > Cc: Ard Biesheuvel > > Cc: Brijesh Singh > > Cc: Erdem Aktas > > Cc: James Bottomley > > Cc: Jiewen Yao > > Cc: Tom Lendacky > > Signed-off-by: Min Xu > > --- > > OvmfPkg/ResetVector/Ia16/ResetVectorVtf0.asm | 21 ++++++++ > > OvmfPkg/ResetVector/Ia32/Flat32ToFlat64.asm | 47 ++++++++++++++++ > > OvmfPkg/ResetVector/Ia32/Init32.asm | 34 ++++++++++++ > > OvmfPkg/ResetVector/Ia32/InitTdx.asm | 57 ++++++++++++++++++++ > > OvmfPkg/ResetVector/Ia32/PageTables64.asm | 41 ++++++++++++++ > > OvmfPkg/ResetVector/Ia32/ReloadFlat32.asm | 44 +++++++++++++++ > > OvmfPkg/ResetVector/ResetVector.nasmb | 18 +++++++ > > 7 files changed, 262 insertions(+) > > create mode 100644 OvmfPkg/ResetVector/Ia32/Init32.asm > > create mode 100644 OvmfPkg/ResetVector/Ia32/InitTdx.asm > > create mode 100644 OvmfPkg/ResetVector/Ia32/ReloadFlat32.asm > > > > diff --git a/OvmfPkg/ResetVector/Ia16/ResetVectorVtf0.asm > > b/OvmfPkg/ResetVector/Ia16/ResetVectorVtf0.asm > > index ac86ce69ebe8..a390ed81d021 100644 > > --- a/OvmfPkg/ResetVector/Ia16/ResetVectorVtf0.asm > > +++ b/OvmfPkg/ResetVector/Ia16/ResetVectorVtf0.asm > > @@ -155,10 +155,31 @@ resetVector: > > ; > > ; This is where the processor will begin execution ; > > +; In IA32 we follow the standard reset vector flow. While in X64, Td > > +guest ; may be supported. Td guest requires the startup mode to be > > +32-bit ; protected mode but the legacy VM startup mode is 16-bit real > mode. > > +; To make NASM generate such shared entry code that behaves correctly > > +in ; both 16-bit and 32-bit mode, more BITS directives are added. > > +; > > +%ifdef ARCH_IA32 > > + > > nop > > nop > > jmp EarlyBspInitReal16 > > > > +%else > > + > > + smsw ax > > + test al, 1 > > + jz .Real > > +BITS 32 > > + jmp Main32 > > +BITS 16 > > +.Real: > > + jmp EarlyBspInitReal16 > > + > > +%endif > > + > > ALIGN 16 > > > > fourGigabytes: > > diff --git a/OvmfPkg/ResetVector/Ia32/Flat32ToFlat64.asm > > b/OvmfPkg/ResetVector/Ia32/Flat32ToFlat64.asm > > index c6d0d898bcd1..2206ca719593 100644 > > --- a/OvmfPkg/ResetVector/Ia32/Flat32ToFlat64.asm > > +++ b/OvmfPkg/ResetVector/Ia32/Flat32ToFlat64.asm > > @@ -17,6 +17,9 @@ Transition32FlatTo64Flat: > > > > OneTimeCall SetCr3ForPageTables64 > > > > + cmp dword[TDX_WORK_AREA], 0x47584454 ; 'TDXG' > > + jz TdxTransition32FlatTo64Flat > > + > > mov eax, cr4 > > bts eax, 5 ; enable PAE > > mov cr4, eax > > @@ -65,10 +68,54 @@ EnablePaging: > > bts eax, 31 ; set PG > > mov cr0, eax ; enable paging > > > > + jmp _jumpTo64Bit > > + > > +; > > +; Tdx Transition from 32Flat to 64Flat ; > > +TdxTransition32FlatTo64Flat: > > + > > + mov eax, cr4 > > + bts eax, 5 ; enable PAE > > + > > + ; > > + ; byte[TDX_WORK_AREA_PAGELEVEL5] holds the indicator whether > > + 52bit is > > supported. > > + ; if it is the case, need to set LA57 and use 5-level paging > > + ; > > + cmp byte[TDX_WORK_AREA_PAGELEVEL5], 0 > > + jz .set_cr4 > > + bts eax, 12 > > +.set_cr4: > > + mov cr4, eax > > + mov ebx, cr3 > > + > > + ; > > + ; if la57 is not set, we are ok > > + ; if using 5-level paging, adjust top-level page directory > > + ; > > + bt eax, 12 > > + jnc .set_cr3 > > + mov ebx, TDX_PT_ADDR (0) > > +.set_cr3: > > + mov cr3, ebx > > + > > + mov eax, cr0 > > + bts eax, 31 ; set PG > > + mov cr0, eax ; enable paging > > + > > +_jumpTo64Bit: > > jmp LINEAR_CODE64_SEL:ADDR_OF(jumpTo64BitAndLandHere) > > + > > BITS 64 > > jumpTo64BitAndLandHere: > > > > + ; > > + ; For Td guest we are done and jump to the end > > + ; > > + mov eax, TDX_WORK_AREA > > + cmp dword [eax], 0x47584454 ; 'TDXG' > > + jz GoodCompare > > + > > ; > > ; Check if the second step of the SEV-ES mitigation is to be perfo= rmed. > > ; > > diff --git a/OvmfPkg/ResetVector/Ia32/Init32.asm > > b/OvmfPkg/ResetVector/Ia32/Init32.asm > > new file mode 100644 > > index 000000000000..772adc51e531 > > --- /dev/null > > +++ b/OvmfPkg/ResetVector/Ia32/Init32.asm > > @@ -0,0 +1,34 @@ > > +;-------------------------------------------------------------------- > > +---------- > > +; @file > > +; 32-bit initialization for Tdx > > +; > > +; Copyright (c) 2021, Intel Corporation. All rights reserved.
; > > +SPDX-License-Identifier: BSD-2-Clause-Patent ; > > +;-------------------------------------------------------------------- > > +---------- > > + > > +BITS 32 > > + > > +; > > +; Modified: EBP > > +; > > +; @param[in] EBX [6:0] CPU supported GPA width > > +; [7:7] 5 level page table support > > +; @param[in] ECX [31:0] TDINITVP - Untrusted Configuration > > +; @param[in] EDX [31:0] VCPUID > > +; @param[in] ESI [31:0] VCPU_Index > > +; > > +Init32: > > + ; > > + ; Save EBX in EBP because EBX will be changed in ReloadFlat32 > > + ; > > + mov ebp, ebx > > + > > + OneTimeCall ReloadFlat32 > > + > > + ; > > + ; Init Tdx > > + ; > > + OneTimeCall InitTdx > > + > > + OneTimeCallRet Init32 > > diff --git a/OvmfPkg/ResetVector/Ia32/InitTdx.asm > > b/OvmfPkg/ResetVector/Ia32/InitTdx.asm > > new file mode 100644 > > index 000000000000..de8273da6a0c > > --- /dev/null > > +++ b/OvmfPkg/ResetVector/Ia32/InitTdx.asm > > @@ -0,0 +1,57 @@ > > +;-------------------------------------------------------------------- > > +---------- > > +; @file > > +; Initialize TDX_WORK_AREA to record the Tdx flag ('TDXG') and other > Tdx info > > +; so that the following codes can use these information. > > +; > > +; Copyright (c) 2021, Intel Corporation. All rights reserved.
; > > +SPDX-License-Identifier: BSD-2-Clause-Patent ; > > +;-------------------------------------------------------------------- > > +---------- > > + > > +BITS 32 > > + > > +; > > +; Modified: EBP > > +; > > +InitTdx: > > + ; > > + ; In Td guest, BSP/AP shares the same entry point > > + ; BSP builds up the page table, while APs shouldn't do the same ta= sk. > > + ; Instead, APs just leverage the page table which is built by BSP. > > + ; APs will wait until the page table is ready. > > + ; In Td guest, vCPU 0 is treated as the BSP, the others are APs. > > + ; ESI indicates the vCPU ID. > > + ; > > + cmp esi, 0 > > + je tdBspEntry > > + > > +apWait: > > + cmp byte[TDX_WORK_AREA_PGTBL_READY], 0 > > + je apWait > > + jmp doneTdxInit > > + > > +tdBspEntry: > > + ; > > + ; It is of Tdx Guest > > + ; Save the Tdx info in TDX_WORK_AREA so that the following code ca= n > use > > + ; these information. > > + ; > > + mov dword [TDX_WORK_AREA], 0x47584454 ; 'TDXG' > > + > > + ; > > + ; EBP[6:0] CPU supported GPA width > > + ; > > + and ebp, 0x3f > > + cmp ebp, 52 > > + jl NotPageLevel5 > > + mov byte[TDX_WORK_AREA_PAGELEVEL5], 1 > > + > > +NotPageLevel5: > > + ; > > + ; ECX[31:0] TDINITVP - Untrusted Configuration > > + ; > > + mov DWORD[TDX_WORK_AREA_INITVP], ecx > > + mov DWORD[TDX_WORK_AREA_INFO], ebp > > + > > +doneTdxInit: > > + OneTimeCallRet InitTdx > > diff --git a/OvmfPkg/ResetVector/Ia32/PageTables64.asm > > b/OvmfPkg/ResetVector/Ia32/PageTables64.asm > > index 5fae8986d9da..508df6cf5967 100644 > > --- a/OvmfPkg/ResetVector/Ia32/PageTables64.asm > > +++ b/OvmfPkg/ResetVector/Ia32/PageTables64.asm > > @@ -218,6 +218,24 @@ SevEsDisabled: > > ; > > SetCr3ForPageTables64: > > > > + ; > > + ; Check Td guest > > + ; > > + cmp dword[TDX_WORK_AREA], 0x47584454 ; 'TDXG' > > + jnz CheckSev > > + > > + xor edx, edx > > + > > + ; > > + ; In Td guest, BSP builds the page table and set the flag of > > + ; TDX_WORK_AREA_PGTBL_READY. APs check this flag and then set > > + ; cr3 directly. > > + ; > > + cmp byte[TDX_WORK_AREA_PGTBL_READY], 1 > > + jz SetCr3 > > + jmp SevNotActive > > + > > +CheckSev: > > OneTimeCall CheckSevFeatures > > xor edx, edx > > test eax, eax > > @@ -277,6 +295,29 @@ pageTableEntriesLoop: > > mov [(ecx * 8 + PT_ADDR (0x2000 - 8)) + 4], edx > > loop pageTableEntriesLoop > > > > + ; > > + ; If it is Td guest, TdxExtraPageTable should be initialized as we= ll > > + ; > > + cmp dword[TDX_WORK_AREA], 0x47584454 ; 'TDXG' > > + jnz IsSevEs > > + > > + xor eax, eax > > + mov ecx, 0x400 > > +tdClearTdxPageTablesMemoryLoop: > > + mov dword [ecx * 4 + TDX_PT_ADDR (0) - 4], eax > > + loop tdClearTdxPageTablesMemoryLoop > > + > > + xor edx, edx > > + ; > > + ; Top level Page Directory Pointers (1 * 256TB entry) > > + ; > > + mov dword[TDX_PT_ADDR (0)], PT_ADDR (0) + PAGE_PDP_ATTR > > + mov dword[TDX_PT_ADDR (4)], edx > > + > > + mov byte[TDX_WORK_AREA_PGTBL_READY], 1 > > + jmp SetCr3 > > + > > +IsSevEs: > > OneTimeCall IsSevEsEnabled > > test eax, eax > > jz SetCr3 > > diff --git a/OvmfPkg/ResetVector/Ia32/ReloadFlat32.asm > > b/OvmfPkg/ResetVector/Ia32/ReloadFlat32.asm > > new file mode 100644 > > index 000000000000..06d44142625a > > --- /dev/null > > +++ b/OvmfPkg/ResetVector/Ia32/ReloadFlat32.asm > > @@ -0,0 +1,44 @@ > > +;-------------------------------------------------------------------- > > +---------- > > +; @file > > +; Load the GDT and set the CR0/CR4, then jump to Flat 32 protected > mode. > > +; > > +; Copyright (c) 2021, Intel Corporation. All rights reserved.
; > > +SPDX-License-Identifier: BSD-2-Clause-Patent ; > > +;-------------------------------------------------------------------- > > +---------- > > + > > +%define SEC_DEFAULT_CR0 0x00000023 > > +%define SEC_DEFAULT_CR4 0x640 > > + > > +BITS 32 > > + > > +; > > +; Modified: EAX, EBX, CR0, CR4, DS, ES, FS, GS, SS ; > > +ReloadFlat32: > > + > > + cli > > + mov ebx, ADDR_OF(gdtr) > > + lgdt [ebx] > > + > > + mov eax, SEC_DEFAULT_CR0 > > + mov cr0, eax > > + > > + jmp LINEAR_CODE_SEL:dword > ADDR_OF(jumpToFlat32BitAndLandHere) > > +BITS 32 > > +jumpToFlat32BitAndLandHere: > > + > > + mov eax, SEC_DEFAULT_CR4 > > + mov cr4, eax > > + > > + debugShowPostCode POSTCODE_32BIT_MODE > > + > > + mov ax, LINEAR_SEL > > + mov ds, ax > > + mov es, ax > > + mov fs, ax > > + mov gs, ax > > + mov ss, ax > > + > > + OneTimeCallRet ReloadFlat32 > > + > > diff --git a/OvmfPkg/ResetVector/ResetVector.nasmb > > b/OvmfPkg/ResetVector/ResetVector.nasmb > > index b653fe87abd6..3ec163613477 100644 > > --- a/OvmfPkg/ResetVector/ResetVector.nasmb > > +++ b/OvmfPkg/ResetVector/ResetVector.nasmb > > @@ -106,6 +106,21 @@ > > %define TDX_EXTRA_PAGE_TABLE_BASE FixedPcdGet32 > > (PcdOvmfSecGhcbPageTableBase) > > %define TDX_EXTRA_PAGE_TABLE_SIZE FixedPcdGet32 > > (PcdOvmfSecGhcbPageTableSize) > > > > + ; > > + ; TdMailboxBase [0x10, 0x800] is reserved for OS. > > + ; Td guest initialize piece of this area (TdMailboxBase > > + [0x10,0x20]) to ; record the Td guest info so that this information > > + can be used in the ; following ResetVector flow. > > + ; > > + %define TD_MAILBOX_WORKAREA_OFFSET 0x10 > > + %define TDX_WORK_AREA (TDX_MAILBOX_MEMORY_BASE + > > TD_MAILBOX_WORKAREA_OFFSET) > > + %define TDX_WORK_AREA_PAGELEVEL5 (TDX_WORK_AREA + 4) > > + %define TDX_WORK_AREA_PGTBL_READY (TDX_WORK_AREA + 5) > > + %define TDX_WORK_AREA_INITVP (TDX_WORK_AREA + 8) > > + %define TDX_WORK_AREA_INFO (TDX_WORK_AREA + 8 + 4) > > + > > + %define TDX_PT_ADDR(Offset) (TDX_EXTRA_PAGE_TABLE_BASE + > (Offset)) > > + > > %define PT_ADDR(Offset) (FixedPcdGet32 (PcdOvmfSecPageTablesBase) > + > > (Offset)) > > > > %define GHCB_PT_ADDR (FixedPcdGet32 > (PcdOvmfSecGhcbPageTableBase)) > > @@ -117,6 +132,9 @@ > > %define SEV_ES_VC_TOP_OF_STACK (FixedPcdGet32 > > (PcdOvmfSecPeiTempRamBase) + FixedPcdGet32 > (PcdOvmfSecPeiTempRamSize)) > > > > %include "X64/TdxMetadata.asm" > > + %include "Ia32/Init32.asm" > > + %include "Ia32/InitTdx.asm" > > + %include "Ia32/ReloadFlat32.asm" > > > > %include "Ia32/Flat32ToFlat64.asm" > > %include "Ia32/PageTables64.asm" > > -- > > 2.29.2.windows.2