From nobody Fri Oct 31 16:00:45 2025 Delivered-To: importer@patchew.org Received-SPF: pass (zohomail.com: domain of lists.xenproject.org designates 192.237.175.120 as permitted sender) client-ip=192.237.175.120; envelope-from=xen-devel-bounces@lists.xenproject.org; helo=lists.xenproject.org; Authentication-Results: mx.zohomail.com; dkim=pass; spf=pass (zohomail.com: domain of lists.xenproject.org designates 192.237.175.120 as permitted sender) smtp.mailfrom=xen-devel-bounces@lists.xenproject.org ARC-Seal: i=1; a=rsa-sha256; t=1748611262; cv=none; d=zohomail.com; s=zohoarc; b=O+e7sERU2qFoCpKWKUwoRG6KIeV//4OPJsjCrDDXzRQClyopi689xRFjvNGywvYH1kV0gXW8gXS1Ej8Xm0Y06swMpGS1MeEdhNYdEYGslR7e7dm6AyZi/o7JOx1J8k863He8zCSB2P7IMF4qxdYI8Lw/aUYmNg3+jYeNv0xZ65Q= ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=zohomail.com; s=zohoarc; t=1748611262; h=Content-Type:Content-Transfer-Encoding:Cc:Cc:Date:Date:From:From:In-Reply-To:List-Subscribe:List-Post:List-Id:List-Help:List-Unsubscribe:MIME-Version:Message-ID:References:Sender:Subject:Subject:To:To:Message-Id:Reply-To; bh=wR1hVbpxxN9SQ0YmcXd59qUIZ1ZgOyrRB96NJpE74ts=; b=Cq4rmgIKwweNryJSJ2tOeF5aS9rReA4mK6LrSMWaEsmiE9ZIIMlqbKkpBNB7OnVXEPgNuottbzU9K8VUZhSGcVMODTnSqT6Jc3/EeReh5NT2/15zx/U1ZlCav0VNfI9rAts0yq/SG92+o0Ne/IkEA6eYp4DaYrSYaxzNjWJYk9Q= ARC-Authentication-Results: i=1; mx.zohomail.com; dkim=pass; spf=pass (zohomail.com: domain of lists.xenproject.org designates 192.237.175.120 as permitted sender) smtp.mailfrom=xen-devel-bounces@lists.xenproject.org Return-Path: Received: from lists.xenproject.org (lists.xenproject.org [192.237.175.120]) by mx.zohomail.com with SMTPS id 1748611262506881.3152192413884; Fri, 30 May 2025 06:21:02 -0700 (PDT) Received: from list by lists.xenproject.org with outflank-mailman.1000975.1381227 (Exim 4.92) (envelope-from ) id 1uKzfF-000730-GY; Fri, 30 May 2025 13:20:49 +0000 Received: by outflank-mailman (output) from mailman id 1000975.1381227; Fri, 30 May 2025 13:20:49 +0000 Received: from localhost ([127.0.0.1] helo=lists.xenproject.org) by lists.xenproject.org with esmtp (Exim 4.92) (envelope-from ) id 1uKzfF-00071l-BQ; Fri, 30 May 2025 13:20:49 +0000 Received: by outflank-mailman (input) for mailman id 1000975; Fri, 30 May 2025 13:20:48 +0000 Received: from se1-gles-sth1-in.inumbo.com ([159.253.27.254] helo=se1-gles-sth1.inumbo.com) by lists.xenproject.org with esmtp (Exim 4.92) (envelope-from ) id 1uKzdO-0008Jy-S3 for xen-devel@lists.xenproject.org; Fri, 30 May 2025 13:18:54 +0000 Received: from 7.mo582.mail-out.ovh.net (7.mo582.mail-out.ovh.net [46.105.59.196]) by se1-gles-sth1.inumbo.com (Halon) with ESMTPS id a217e06e-3d58-11f0-a2ff-13f23c93f187; Fri, 30 May 2025 15:18:53 +0200 (CEST) Received: from director6.ghost.mail-out.ovh.net (unknown [10.109.140.39]) by mo582.mail-out.ovh.net (Postfix) with ESMTP id 4b83j91wPNz1V3B for ; Fri, 30 May 2025 13:18:53 +0000 (UTC) Received: from ghost-submission-5b5ff79f4f-jf7jg (unknown [10.110.96.35]) by director6.ghost.mail-out.ovh.net (Postfix) with ESMTPS id 2563980257; Fri, 30 May 2025 13:18:52 +0000 (UTC) Received: from 3mdeb.com ([37.59.142.106]) by ghost-submission-5b5ff79f4f-jf7jg with ESMTPSA id W9soOzuwOWg3twAAMsIQHg (envelope-from ); Fri, 30 May 2025 13:18:52 +0000 X-Outflank-Mailman: Message body and most headers restored to incoming version X-BeenThere: xen-devel@lists.xenproject.org List-Id: Xen developer discussion List-Unsubscribe: , List-Post: List-Help: List-Subscribe: , Errors-To: xen-devel-bounces@lists.xenproject.org Precedence: list Sender: "Xen-devel" X-Inumbo-ID: a217e06e-3d58-11f0-a2ff-13f23c93f187 Authentication-Results: garm.ovh; auth=pass (GARM-106R00679701ec5-0cea-4536-851d-f45d9eef6760, A4E380CC922F0B59227EC5DCC46884561651840B) smtp.auth=sergii.dmytruk@3mdeb.com X-OVh-ClientIp: 176.111.184.221 From: Sergii Dmytruk To: xen-devel@lists.xenproject.org Cc: Jan Beulich , Andrew Cooper , =?UTF-8?q?Roger=20Pau=20Monn=C3=A9?= , "Daniel P. Smith" , Ross Philipson , trenchboot-devel@googlegroups.com Subject: [PATCH v3 08/22] x86/slaunch: restore boot MTRRs after Intel TXT DRTM Date: Fri, 30 May 2025 16:17:50 +0300 Message-ID: <5b6b9bf165a4fd9444dc53848fb8faa2cea30781.1748611041.git.sergii.dmytruk@3mdeb.com> X-Mailer: git-send-email 2.49.0 In-Reply-To: References: MIME-Version: 1.0 Content-Type: text/plain; charset="utf-8" Content-Transfer-Encoding: quoted-printable X-Ovh-Tracer-Id: 12699306524953392284 X-VR-SPAMSTATE: OK X-VR-SPAMSCORE: -100 X-VR-SPAMCAUSE: gggruggvucftvghtrhhoucdtuddrgeeffedrtddtgddvleduudculddtuddrgeefvddrtddtmdcutefuodetggdotefrodftvfcurfhrohhfihhlvgemucfqggfjpdevjffgvefmvefgnecuuegrihhlohhuthemucehtddtnecusecvtfgvtghiphhivghnthhsucdlqddutddtmdenucfjughrpefhvfevufffkffojghfgggtgfesthekredtredtjeenucfhrhhomhepufgvrhhgihhiucffmhihthhruhhkuceoshgvrhhgihhirdgumhihthhruhhkseefmhguvggsrdgtohhmqeenucggtffrrghtthgvrhhnpeegkeffieeitdevkefhudegffevieeggfelgedvgeehffdtteehfeeuleeiudekvdenucfkphepuddvjedrtddrtddruddpudejiedrudduuddrudekgedrvddvuddpfeejrdehledrudegvddruddtieenucevlhhushhtvghrufhiiigvpedtnecurfgrrhgrmhepihhnvghtpeduvdejrddtrddtrddupdhmrghilhhfrhhomhepshgvrhhgihhirdgumhihthhruhhkseefmhguvggsrdgtohhmpdhnsggprhgtphhtthhopedupdhrtghpthhtohepgigvnhdquggvvhgvlheslhhishhtshdrgigvnhhprhhojhgvtghtrdhorhhgpdfovfetjfhoshhtpehmohehkedvmgdpmhhouggvpehsmhhtphhouhht DKIM-Signature: a=rsa-sha256; bh=wR1hVbpxxN9SQ0YmcXd59qUIZ1ZgOyrRB96NJpE74ts=; c=relaxed/relaxed; d=3mdeb.com; h=From; s=ovhmo3617313-selector1; t=1748611133; v=1; b=PMvC/81ouczRL8OJeS1H4LvnV8SeaCAuNjd/xU5Yh7XEGSmZGOqtbxQJQGVoekhjaZjNWsy7 ywWqXeVEcu/tPro4xHpuUGEuwoHsS1fhuEISU57LwjwhqiyHLhphw8w4nmQtFsWoFXArUajhx24 vs6W6srHf1ZXBrCW7r5IqpJjdjyBGF0jDTa8qu+HDMSGyKj/+mFwwGDN/tx5mVa7/YGNOfWboPK gWLFyZ0/CENTGXGeGRpPVZbN8mw9lXP/S5OQHLrB7slBtHqPXCp+FgeJYh4AK0QSdOJc99osmah z2yWgMo/vIjX3KFbAdqV0r9dPcgbjAfNRiZNl3jNev+nQ== X-ZohoMail-DKIM: pass (identity @3mdeb.com) X-ZM-MESSAGEID: 1748611263647116600 From: Krystian Hebel In preparation for TXT SENTER call, GRUB had to modify MTRR settings to be UC for everything except SINIT ACM. Old values are restored from SLRT where they were saved by the bootloader. Signed-off-by: Krystian Hebel Signed-off-by: Micha=C5=82 =C5=BBygowski Signed-off-by: Sergii Dmytruk --- xen/arch/x86/e820.c | 5 ++ xen/arch/x86/include/asm/intel-txt.h | 3 ++ xen/arch/x86/intel-txt.c | 75 ++++++++++++++++++++++++++++ 3 files changed, 83 insertions(+) diff --git a/xen/arch/x86/e820.c b/xen/arch/x86/e820.c index ca577c0bde..60f00e5259 100644 --- a/xen/arch/x86/e820.c +++ b/xen/arch/x86/e820.c @@ -11,6 +11,8 @@ #include #include #include +#include +#include =20 /* * opt_mem: Limit maximum address of physical RAM. @@ -442,6 +444,9 @@ static uint64_t __init mtrr_top_of_ram(void) ASSERT(paddr_bits); addr_mask =3D ((1ULL << paddr_bits) - 1) & PAGE_MASK; =20 + if ( slaunch_active ) + txt_restore_mtrrs(e820_verbose); + rdmsrl(MSR_MTRRcap, mtrr_cap); rdmsrl(MSR_MTRRdefType, mtrr_def); =20 diff --git a/xen/arch/x86/include/asm/intel-txt.h b/xen/arch/x86/include/as= m/intel-txt.h index ad3c41d86c..0b0bdc1bb2 100644 --- a/xen/arch/x86/include/asm/intel-txt.h +++ b/xen/arch/x86/include/asm/intel-txt.h @@ -426,6 +426,9 @@ void txt_map_mem_regions(void); /* Marks TXT-specific memory as used to avoid its corruption. */ void txt_reserve_mem_regions(void); =20 +/* Restores original MTRR values saved by a bootloader before starting DRT= M. */ +void txt_restore_mtrrs(bool e820_verbose); + #endif /* __ASSEMBLY__ */ =20 #endif /* X86_INTEL_TXT_H */ diff --git a/xen/arch/x86/intel-txt.c b/xen/arch/x86/intel-txt.c index 163383b262..0c14d84486 100644 --- a/xen/arch/x86/intel-txt.c +++ b/xen/arch/x86/intel-txt.c @@ -10,6 +10,8 @@ #include #include #include +#include +#include #include =20 static uint64_t __initdata txt_heap_base, txt_heap_size; @@ -111,3 +113,76 @@ void __init txt_reserve_mem_regions(void) E820_UNUSABLE); BUG_ON(rc =3D=3D 0); } + +void __init txt_restore_mtrrs(bool e820_verbose) +{ + struct slr_entry_intel_info *intel_info; + uint64_t mtrr_cap, mtrr_def, base, mask; + unsigned int i; + uint64_t def_type; + struct mtrr_pausing_state pausing_state; + + rdmsrl(MSR_MTRRcap, mtrr_cap); + rdmsrl(MSR_MTRRdefType, mtrr_def); + + if ( e820_verbose ) + { + printk("MTRRs set previously for SINIT ACM:\n"); + printk(" MTRR cap: %"PRIx64" type: %"PRIx64"\n", mtrr_cap, mtrr_de= f); + + for ( i =3D 0; i < (uint8_t)mtrr_cap; i++ ) + { + rdmsrl(MSR_IA32_MTRR_PHYSBASE(i), base); + rdmsrl(MSR_IA32_MTRR_PHYSMASK(i), mask); + + printk(" MTRR[%d]: base %"PRIx64" mask %"PRIx64"\n", + i, base, mask); + } + } + + intel_info =3D (struct slr_entry_intel_info *) + slr_next_entry_by_tag(slaunch_get_slrt(), NULL, SLR_ENTRY_INTEL_IN= FO); + + if ( (mtrr_cap & 0xFF) !=3D intel_info->saved_bsp_mtrrs.mtrr_vcnt ) + { + printk("Bootloader saved %ld MTRR values, but there should be %ld\= n", + intel_info->saved_bsp_mtrrs.mtrr_vcnt, mtrr_cap & 0xFF); + /* Choose the smaller one to be on the safe side. */ + mtrr_cap =3D (mtrr_cap & 0xFF) > intel_info->saved_bsp_mtrrs.mtrr_= vcnt ? + intel_info->saved_bsp_mtrrs.mtrr_vcnt : mtrr_cap; + } + + def_type =3D intel_info->saved_bsp_mtrrs.default_mem_type; + pausing_state =3D mtrr_pause_caching(); + + for ( i =3D 0; i < (uint8_t)mtrr_cap; i++ ) + { + base =3D intel_info->saved_bsp_mtrrs.mtrr_pair[i].mtrr_physbase; + mask =3D intel_info->saved_bsp_mtrrs.mtrr_pair[i].mtrr_physmask; + wrmsrl(MSR_IA32_MTRR_PHYSBASE(i), base); + wrmsrl(MSR_IA32_MTRR_PHYSMASK(i), mask); + } + + pausing_state.def_type =3D def_type; + mtrr_resume_caching(pausing_state); + + if ( e820_verbose ) + { + printk("Restored MTRRs:\n"); /* Printed by caller, mtrr_top_of_ram= (). */ + + /* If MTRRs are not enabled or WB is not a default type, MTRRs won= 't be printed */ + if ( !test_bit(11, &def_type) || ((uint8_t)def_type =3D=3D X86_MT_= WB) ) + { + for ( i =3D 0; i < (uint8_t)mtrr_cap; i++ ) + { + rdmsrl(MSR_IA32_MTRR_PHYSBASE(i), base); + rdmsrl(MSR_IA32_MTRR_PHYSMASK(i), mask); + printk(" MTRR[%d]: base %"PRIx64" mask %"PRIx64"\n", + i, base, mask); + } + } + } + + /* Restore IA32_MISC_ENABLES */ + wrmsrl(MSR_IA32_MISC_ENABLE, intel_info->saved_misc_enable_msr); +} --=20 2.49.0