From nobody Fri Oct 31 16:19:12 2025 Delivered-To: importer@patchew.org Received-SPF: pass (zohomail.com: domain of lists.xenproject.org designates 192.237.175.120 as permitted sender) client-ip=192.237.175.120; envelope-from=xen-devel-bounces@lists.xenproject.org; helo=lists.xenproject.org; Authentication-Results: mx.zohomail.com; dkim=pass; spf=pass (zohomail.com: domain of lists.xenproject.org designates 192.237.175.120 as permitted sender) smtp.mailfrom=xen-devel-bounces@lists.xenproject.org ARC-Seal: i=1; a=rsa-sha256; t=1748611329; cv=none; d=zohomail.com; s=zohoarc; b=C7seMIi2V0LV5Gjm3EIZIv3FidZDfy/BdmRiptrwg7WPSbdtbqDS6+3tLf2zxVvCMnXoUz20qDdD4m0g3LCTDURlLCbFjvBeVWuOty72qY8NgOc3wKtHiarsDFiZUuml0JducDs1YnE6Vj/6etVlOPpuLNSyusluVaghswBu0lA= ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=zohomail.com; s=zohoarc; t=1748611329; h=Content-Transfer-Encoding:Cc:Cc:Date:Date:From:From:In-Reply-To:List-Subscribe:List-Post:List-Id:List-Help:List-Unsubscribe:MIME-Version:Message-ID:References:Sender:Subject:Subject:To:To:Message-Id:Reply-To; bh=6b/MBAdcX7V7P2Nt96V761xn41jitI/g+aKn4sKLesI=; b=kXiBjzEwBbuhFCEZ6jr6XznT8g1svVbabE7Vam5MpsLFo+suCMPgjdXLyteAWgoEEK0OTkWK3iLDbK2Pm5DA4GjulxnVCIWDsPQ+opPJhkN9W3IVm+oDkBG54WUTTegD0CXV1jMRVQqN0tfxrrItVoidobUZw5qqYpC5/bTDhag= ARC-Authentication-Results: i=1; mx.zohomail.com; dkim=pass; spf=pass (zohomail.com: domain of lists.xenproject.org designates 192.237.175.120 as permitted sender) smtp.mailfrom=xen-devel-bounces@lists.xenproject.org Return-Path: Received: from lists.xenproject.org (lists.xenproject.org [192.237.175.120]) by mx.zohomail.com with SMTPS id 1748611329015741.0144020084191; Fri, 30 May 2025 06:22:09 -0700 (PDT) Received: from list by lists.xenproject.org with outflank-mailman.1001022.1381296 (Exim 4.92) (envelope-from ) id 1uKzgK-0002Pd-Ha; Fri, 30 May 2025 13:21:56 +0000 Received: by outflank-mailman (output) from mailman id 1001022.1381296; Fri, 30 May 2025 13:21:56 +0000 Received: from localhost ([127.0.0.1] helo=lists.xenproject.org) by lists.xenproject.org with esmtp (Exim 4.92) (envelope-from ) id 1uKzgK-0002PW-EI; Fri, 30 May 2025 13:21:56 +0000 Received: by outflank-mailman (input) for mailman id 1001022; Fri, 30 May 2025 13:21:56 +0000 Received: from se1-gles-sth1-in.inumbo.com ([159.253.27.254] helo=se1-gles-sth1.inumbo.com) by lists.xenproject.org with esmtp (Exim 4.92) (envelope-from ) id 1uKzdu-0008Jy-Lm for xen-devel@lists.xenproject.org; Fri, 30 May 2025 13:19:26 +0000 Received: from 5.mo583.mail-out.ovh.net (5.mo583.mail-out.ovh.net [87.98.173.103]) by se1-gles-sth1.inumbo.com (Halon) with ESMTPS id b3afa57d-3d58-11f0-a2ff-13f23c93f187; Fri, 30 May 2025 15:19:23 +0200 (CEST) Received: from director4.ghost.mail-out.ovh.net (unknown [10.108.25.4]) by mo583.mail-out.ovh.net (Postfix) with ESMTP id 4b83jk5Jg2z1kgy for ; Fri, 30 May 2025 13:19:22 +0000 (UTC) Received: from ghost-submission-5b5ff79f4f-7mj9p (unknown [10.110.168.40]) by director4.ghost.mail-out.ovh.net (Postfix) with ESMTPS id 0E7EFC57BA; Fri, 30 May 2025 13:19:21 +0000 (UTC) Received: from 3mdeb.com ([37.59.142.104]) by ghost-submission-5b5ff79f4f-7mj9p with ESMTPSA id lFyANFmwOWgz4wAAMDjBXw (envelope-from ); Fri, 30 May 2025 13:19:21 +0000 X-Outflank-Mailman: Message body and most headers restored to incoming version X-BeenThere: xen-devel@lists.xenproject.org List-Id: Xen developer discussion List-Unsubscribe: , List-Post: List-Help: List-Subscribe: , Errors-To: xen-devel-bounces@lists.xenproject.org Precedence: list Sender: "Xen-devel" X-Inumbo-ID: b3afa57d-3d58-11f0-a2ff-13f23c93f187 Authentication-Results: garm.ovh; auth=pass (GARM-104R00545eb1c88-6e30-4b42-870d-eb4a1160ce4c, A4E380CC922F0B59227EC5DCC46884561651840B) smtp.auth=sergii.dmytruk@3mdeb.com X-OVh-ClientIp: 176.111.184.221 From: Sergii Dmytruk To: xen-devel@lists.xenproject.org Cc: Jan Beulich , Andrew Cooper , =?UTF-8?q?Roger=20Pau=20Monn=C3=A9?= , "Daniel P. Smith" , Ross Philipson , trenchboot-devel@googlegroups.com Subject: [PATCH v3 18/22] x86/boot/slaunch-early: find MBI and SLRT on AMD Date: Fri, 30 May 2025 16:18:00 +0300 Message-ID: <7272ac988ae672f0a05486775e805a9513e86950.1748611041.git.sergii.dmytruk@3mdeb.com> X-Mailer: git-send-email 2.49.0 In-Reply-To: References: MIME-Version: 1.0 Content-Transfer-Encoding: quoted-printable X-Ovh-Tracer-Id: 12707469300486354076 X-VR-SPAMSTATE: OK X-VR-SPAMSCORE: -100 X-VR-SPAMCAUSE: gggruggvucftvghtrhhoucdtuddrgeeffedrtddtgddvleduudculddtuddrgeefvddrtddtmdcutefuodetggdotefrodftvfcurfhrohhfihhlvgemucfqggfjpdevjffgvefmvefgnecuuegrihhlohhuthemucehtddtnecusecvtfgvtghiphhivghnthhsucdlqddutddtmdenucfjughrpefhvfevufffkffojghfggfgsedtkeertdertddtnecuhfhrohhmpefuvghrghhiihcuffhmhihtrhhukhcuoehsvghrghhiihdrughmhihtrhhukhesfehmuggvsgdrtghomheqnecuggftrfgrthhtvghrnhepkedugeefudeigeduieejleelkeefvddvhfehheevhfdukeejieefgedtudevhedtnecuffhomhgrihhnpehhvggrugdrshgsnecukfhppeduvdejrddtrddtrddupddujeeirdduuddurddukeegrddvvddupdefjedrheelrddugedvrddutdegnecuvehluhhsthgvrhfuihiivgepudenucfrrghrrghmpehinhgvthepuddvjedrtddrtddruddpmhgrihhlfhhrohhmpehsvghrghhiihdrughmhihtrhhukhesfehmuggvsgdrtghomhdpnhgspghrtghpthhtohepuddprhgtphhtthhopeigvghnqdguvghvvghlsehlihhsthhsrdigvghnphhrohhjvggtthdrohhrghdpoffvtefjohhsthepmhhoheekfegmpdhmohguvgepshhmthhpohhuth DKIM-Signature: a=rsa-sha256; bh=6b/MBAdcX7V7P2Nt96V761xn41jitI/g+aKn4sKLesI=; c=relaxed/relaxed; d=3mdeb.com; h=From; s=ovhmo3617313-selector1; t=1748611162; v=1; b=RLVB/6EW7AX63X7XuboL0LJKFS1pB903Pl9pBA8I+sF6xEp+DiyWfHfvyC28iGPCi9fXbnNN dPlLSd5sfq7yAmN/Nan4hJvHqsa/Pk1vGJAtYyf5EkoQ5xI7wGsTCKUwGcuy5Ic0VH2PwOYsDwe +JoaPDGFketeAwhzz15C04F5uyP3q8jsxBrr0xqtWQNDMEzVCAKBq4N9ZVJcolGKzvwTq1qDSR/ JfpsOLV1YhXJ3dwlw97i+yH09bkHxmuqFLhV4iC+2Gy8wiRO9/f0uF0JAHb6h9MrKgGaarSyp6v JC0TN191+SlBGDM5dHDW+1bC6q7regUIvkGz3hK/9RrGw== X-ZohoMail-DKIM: pass (identity @3mdeb.com) X-ZM-MESSAGEID: 1748611330475116600 Content-Type: text/plain; charset="utf-8" Use slr_entry_amd_info::boot_params_base on AMD with SKINIT to get MBI location. Another thing of interest is the location of SLRT which is bootloader's data after SKL. Signed-off-by: Krystian Hebel Signed-off-by: Sergii Dmytruk --- xen/arch/x86/boot/head.S | 38 ++++++++++++++++---- xen/arch/x86/boot/slaunch-early.c | 58 +++++++++++++++++++++++++++++++ 2 files changed, 90 insertions(+), 6 deletions(-) diff --git a/xen/arch/x86/boot/head.S b/xen/arch/x86/boot/head.S index 7376fa85d5..66e1a21033 100644 --- a/xen/arch/x86/boot/head.S +++ b/xen/arch/x86/boot/head.S @@ -354,10 +354,12 @@ cs32_switch: jmp *%edi =20 /* - * Entry point for TrenchBoot Secure Launch on Intel TXT platforms. + * Entry point for TrenchBoot Secure Launch, common for Intel TXT = and + * AMD Secure Startup, but state is slightly different. * + * On Intel: * CPU is in 32b protected mode with paging disabled. On entry: - * - %ebx =3D %eip =3D MLE entry point, + * - %ebx =3D %eip =3D this entry point, * - stack pointer is undefined, * - CS is flat 4GB code segment, * - DS, ES, SS, FS and GS are undefined according to TXT SDG, but= this @@ -375,13 +377,34 @@ cs32_switch: * - trying to enter real mode results in reset * - APs must be brought up by MONITOR or GETSEC[WAKEUP], dependin= g on * which is supported by a given SINIT ACM + * + * On AMD (as implemented by TrenchBoot's SKL): + * CPU is in 32b protected mode with paging disabled. On entry: + * - %ebx =3D %eip =3D this entry point, + * - %ebp holds base address of SKL + * - stack pointer is treated as undefined for parity with TXT, + * - CS is flat 4GB code segment, + * - DS, ES, SS are flat 4GB data segments, but treated as undefin= ed for + * parity with TXT. + * + * Additional restrictions: + * - interrupts (including NMIs and SMIs) are disabled and must be + * enabled later + * - APs must be brought up by SIPI without an INIT */ slaunch_stub_entry: /* Calculate the load base address. */ mov %ebx, %esi sub $sym_offs(slaunch_stub_entry), %esi =20 - /* Mark Secure Launch boot protocol and jump to common entry. */ + /* On AMD, %ebp holds the base address of SLB, save it for later. = */ + mov %ebp, %ebx + + /* + * Mark Secure Launch boot protocol and jump to common entry. Note= that + * all general purpose registers except %ebx and %esi are clobbered + * between here and .Lslaunch_proto. + */ mov $SLAUNCH_BOOTLOADER_MAGIC, %eax jmp .Lset_stack =20 @@ -508,15 +531,18 @@ __start: sub $8, %esp =20 push %esp /* pointer to output stru= cture */ + push %ebx /* Slaunch parameter on A= MD */ lea sym_offs(__2M_rwdata_end), %ecx /* end of target image */ lea sym_offs(_start), %edx /* target base address */ mov %esi, %eax /* load base address */ /* - * slaunch_early_init(load/eax, tgt/edx, tgt_end/ecx, ret/stk) usi= ng - * fastcall calling convention. + * slaunch_early_init(load/eax, tgt/edx, tgt_end/ecx, + * slaunch/stk, ret/stk) + * + * Uses fastcall calling convention. */ call slaunch_early_init - add $4, %esp /* pop the fourth paramet= er */ + add $8, %esp /* pop last two parameter= s */ =20 /* Move outputs of slaunch_early_init() from stack into registers.= */ pop %eax /* physical MBI address */ diff --git a/xen/arch/x86/boot/slaunch-early.c b/xen/arch/x86/boot/slaunch-= early.c index 662144e42f..ac4c294e61 100644 --- a/xen/arch/x86/boot/slaunch-early.c +++ b/xen/arch/x86/boot/slaunch-early.c @@ -7,6 +7,20 @@ #include #include #include +#include + +/* + * The AMD-defined structure layout for the SLB. The last two fields are + * SL-specific. + */ +struct skinit_sl_header +{ + uint16_t skl_entry_point; + uint16_t length; + uint8_t reserved[62]; + uint16_t skl_info_offset; + uint16_t bootloader_data_offset; +} __packed; =20 struct early_init_results { @@ -14,9 +28,25 @@ struct early_init_results uint32_t slrt_pa; } __packed; =20 +static bool is_intel_cpu(void) +{ + /* + * asm/processor.h can't be included in early code, which means neither + * cpuid() function nor boot_cpu_data can be used here. + */ + uint32_t eax, ebx, ecx, edx; + asm volatile ( "cpuid" + : "=3Da" (eax), "=3Db" (ebx), "=3Dc" (ecx), "=3Dd" (edx) + : "0" (0), "c" (0) ); + return ebx =3D=3D X86_VENDOR_INTEL_EBX + && ecx =3D=3D X86_VENDOR_INTEL_ECX + && edx =3D=3D X86_VENDOR_INTEL_EDX; +} + void asmlinkage slaunch_early_init(uint32_t load_base_addr, uint32_t tgt_base_addr, uint32_t tgt_end_addr, + uint32_t slaunch_param, struct early_init_results *result) { void *txt_heap; @@ -26,6 +56,34 @@ void asmlinkage slaunch_early_init(uint32_t load_base_ad= dr, const struct slr_entry_intel_info *intel_info; uint32_t size =3D tgt_end_addr - tgt_base_addr; =20 + if ( !is_intel_cpu() ) + { + /* + * Not an Intel CPU. Currently the only other option is AMD with S= KINIT + * and secure-kernel-loader (SKL). + */ + const struct slr_entry_amd_info *amd_info; + const struct skinit_sl_header *sl_header =3D (void *)slaunch_param; + + /* + * slaunch_param holds a physical address of SLB. + * Bootloader's data is SLRT. + */ + result->slrt_pa =3D slaunch_param + sl_header->bootloader_data_off= set; + result->mbi_pa =3D 0; + + slrt =3D (struct slr_table *)(uintptr_t)result->slrt_pa; + + amd_info =3D (const struct slr_entry_amd_info *) + slr_next_entry_by_tag(slrt, NULL, SLR_ENTRY_AMD_INFO); + /* Basic checks only, SKL checked and consumed the rest. */ + if ( amd_info =3D=3D NULL || amd_info->hdr.size !=3D sizeof(*amd_i= nfo) ) + return; + + result->mbi_pa =3D amd_info->boot_params_base; + return; + } + txt_heap =3D txt_init(); os_mle =3D txt_os_mle_data_start(txt_heap); os_sinit =3D txt_os_sinit_data_start(txt_heap); --=20 2.49.0