|
|
|
|
@ -1,396 +0,0 @@
|
|
|
|
|
/* SPDX-License-Identifier: GPL-2.0-only */
|
|
|
|
|
|
|
|
|
|
#include <stdint.h>
|
|
|
|
|
#include <string.h>
|
|
|
|
|
#include <acpi/acpi_gnvs.h>
|
|
|
|
|
#include <rmodule.h>
|
|
|
|
|
#include <cpu/x86/smm.h>
|
|
|
|
|
#include <commonlib/helpers.h>
|
|
|
|
|
#include <console/console.h>
|
|
|
|
|
#include <security/intel/stm/SmmStm.h>
|
|
|
|
|
|
|
|
|
|
#define FXSAVE_SIZE 512
|
|
|
|
|
|
|
|
|
|
/* FXSAVE area during relocation. While it may not be strictly needed the
|
|
|
|
|
SMM stub code relies on the FXSAVE area being non-zero to enable SSE
|
|
|
|
|
instructions within SMM mode. */
|
|
|
|
|
static uint8_t fxsave_area_relocation[CONFIG_MAX_CPUS][FXSAVE_SIZE]
|
|
|
|
|
__attribute__((aligned(16)));
|
|
|
|
|
|
|
|
|
|
/*
|
|
|
|
|
* Components that make up the SMRAM:
|
|
|
|
|
* 1. Save state - the total save state memory used
|
|
|
|
|
* 2. Stack - stacks for the CPUs in the SMM handler
|
|
|
|
|
* 3. Stub - SMM stub code for calling into handler
|
|
|
|
|
* 4. Handler - C-based SMM handler.
|
|
|
|
|
*
|
|
|
|
|
* The components are assumed to consist of one consecutive region.
|
|
|
|
|
*/
|
|
|
|
|
|
|
|
|
|
/*
|
|
|
|
|
* The stub is the entry point that sets up protected mode and stacks for each
|
|
|
|
|
* CPU. It then calls into the SMM handler module. It is encoded as an rmodule.
|
|
|
|
|
*/
|
|
|
|
|
extern unsigned char _binary_smmstub_start[];
|
|
|
|
|
|
|
|
|
|
/* Per CPU minimum stack size. */
|
|
|
|
|
#define SMM_MINIMUM_STACK_SIZE 32
|
|
|
|
|
|
|
|
|
|
/*
|
|
|
|
|
* The smm_entry_ins consists of 3 bytes. It is used when staggering SMRAM entry
|
|
|
|
|
* addresses across CPUs.
|
|
|
|
|
*
|
|
|
|
|
* 0xe9 <16-bit relative target> ; jmp <relative-offset>
|
|
|
|
|
*/
|
|
|
|
|
struct smm_entry_ins {
|
|
|
|
|
char jmp_rel;
|
|
|
|
|
uint16_t rel16;
|
|
|
|
|
} __packed;
|
|
|
|
|
|
|
|
|
|
/*
|
|
|
|
|
* Place the entry instructions for num entries beginning at entry_start with
|
|
|
|
|
* a given stride. The entry_start is the highest entry point's address. All
|
|
|
|
|
* other entry points are stride size below the previous.
|
|
|
|
|
*/
|
|
|
|
|
static void smm_place_jmp_instructions(void *entry_start, size_t stride,
|
|
|
|
|
size_t num, void *jmp_target)
|
|
|
|
|
{
|
|
|
|
|
size_t i;
|
|
|
|
|
char *cur;
|
|
|
|
|
struct smm_entry_ins entry = { .jmp_rel = 0xe9 };
|
|
|
|
|
|
|
|
|
|
/* Each entry point has an IP value of 0x8000. The SMBASE for each
|
|
|
|
|
* CPU is different so the effective address of the entry instruction
|
|
|
|
|
* is different. Therefore, the relative displacement for each entry
|
|
|
|
|
* instruction needs to be updated to reflect the current effective
|
|
|
|
|
* IP. Additionally, the IP result from the jmp instruction is
|
|
|
|
|
* calculated using the next instruction's address so the size of
|
|
|
|
|
* the jmp instruction needs to be taken into account. */
|
|
|
|
|
cur = entry_start;
|
|
|
|
|
for (i = 0; i < num; i++) {
|
|
|
|
|
uint32_t disp = (uintptr_t)jmp_target;
|
|
|
|
|
|
|
|
|
|
disp -= sizeof(entry) + (uintptr_t)cur;
|
|
|
|
|
printk(BIOS_DEBUG,
|
|
|
|
|
"SMM Module: placing jmp sequence at %p rel16 0x%04x\n",
|
|
|
|
|
cur, disp);
|
|
|
|
|
entry.rel16 = disp;
|
|
|
|
|
memcpy(cur, &entry, sizeof(entry));
|
|
|
|
|
cur -= stride;
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
/* Place stacks in base -> base + size region, but ensure the stacks don't
|
|
|
|
|
* overlap the staggered entry points. */
|
|
|
|
|
static void *smm_stub_place_stacks(char *base, size_t size,
|
|
|
|
|
struct smm_loader_params *params)
|
|
|
|
|
{
|
|
|
|
|
size_t total_stack_size;
|
|
|
|
|
char *stacks_top;
|
|
|
|
|
|
|
|
|
|
if (params->stack_top != NULL)
|
|
|
|
|
return params->stack_top;
|
|
|
|
|
|
|
|
|
|
/* If stack space is requested assume the space lives in the lower
|
|
|
|
|
* half of SMRAM. */
|
|
|
|
|
total_stack_size = params->per_cpu_stack_size *
|
|
|
|
|
params->num_concurrent_stacks;
|
|
|
|
|
|
|
|
|
|
/* There has to be at least one stack user. */
|
|
|
|
|
if (params->num_concurrent_stacks < 1)
|
|
|
|
|
return NULL;
|
|
|
|
|
|
|
|
|
|
/* Total stack size cannot fit. */
|
|
|
|
|
if (total_stack_size > size)
|
|
|
|
|
return NULL;
|
|
|
|
|
|
|
|
|
|
/* Stacks extend down to SMBASE */
|
|
|
|
|
stacks_top = &base[total_stack_size];
|
|
|
|
|
|
|
|
|
|
return stacks_top;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
/* Place the staggered entry points for each CPU. The entry points are
|
|
|
|
|
* staggered by the per CPU SMM save state size extending down from
|
|
|
|
|
* SMM_ENTRY_OFFSET. */
|
|
|
|
|
static void smm_stub_place_staggered_entry_points(char *base,
|
|
|
|
|
const struct smm_loader_params *params, const struct rmodule *smm_stub)
|
|
|
|
|
{
|
|
|
|
|
size_t stub_entry_offset;
|
|
|
|
|
|
|
|
|
|
stub_entry_offset = rmodule_entry_offset(smm_stub);
|
|
|
|
|
|
|
|
|
|
/* If there are staggered entry points or the stub is not located
|
|
|
|
|
* at the SMM entry point then jmp instructions need to be placed. */
|
|
|
|
|
if (params->num_concurrent_save_states > 1 || stub_entry_offset != 0) {
|
|
|
|
|
size_t num_entries;
|
|
|
|
|
|
|
|
|
|
base += SMM_ENTRY_OFFSET;
|
|
|
|
|
num_entries = params->num_concurrent_save_states;
|
|
|
|
|
/* Adjust beginning entry and number of entries down since
|
|
|
|
|
* the initial entry point doesn't need a jump sequence. */
|
|
|
|
|
if (stub_entry_offset == 0) {
|
|
|
|
|
base -= params->per_cpu_save_state_size;
|
|
|
|
|
num_entries--;
|
|
|
|
|
}
|
|
|
|
|
smm_place_jmp_instructions(base,
|
|
|
|
|
params->per_cpu_save_state_size,
|
|
|
|
|
num_entries,
|
|
|
|
|
rmodule_entry(smm_stub));
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
/*
|
|
|
|
|
* The stub setup code assumes it is completely contained within the
|
|
|
|
|
* default SMRAM size (0x10000). There are potentially 3 regions to place
|
|
|
|
|
* within the default SMRAM size:
|
|
|
|
|
* 1. Save state areas
|
|
|
|
|
* 2. Stub code
|
|
|
|
|
* 3. Stack areas
|
|
|
|
|
*
|
|
|
|
|
* The save state and stack areas are treated as contiguous for the number of
|
|
|
|
|
* concurrent areas requested. The save state always lives at the top of SMRAM
|
|
|
|
|
* space, and the entry point is at offset 0x8000.
|
|
|
|
|
*/
|
|
|
|
|
static int smm_module_setup_stub(void *smbase, size_t smm_size,
|
|
|
|
|
struct smm_loader_params *params,
|
|
|
|
|
void *fxsave_area)
|
|
|
|
|
{
|
|
|
|
|
size_t total_save_state_size;
|
|
|
|
|
size_t smm_stub_size;
|
|
|
|
|
size_t stub_entry_offset;
|
|
|
|
|
char *smm_stub_loc;
|
|
|
|
|
void *stacks_top;
|
|
|
|
|
size_t size;
|
|
|
|
|
char *base;
|
|
|
|
|
size_t i;
|
|
|
|
|
struct smm_stub_params *stub_params;
|
|
|
|
|
struct rmodule smm_stub;
|
|
|
|
|
|
|
|
|
|
base = smbase;
|
|
|
|
|
size = SMM_DEFAULT_SIZE;
|
|
|
|
|
|
|
|
|
|
/* The number of concurrent stacks cannot exceed CONFIG_MAX_CPUS. */
|
|
|
|
|
if (params->num_concurrent_stacks > CONFIG_MAX_CPUS)
|
|
|
|
|
return -1;
|
|
|
|
|
|
|
|
|
|
/* Fail if can't parse the smm stub rmodule. */
|
|
|
|
|
if (rmodule_parse(&_binary_smmstub_start, &smm_stub))
|
|
|
|
|
return -1;
|
|
|
|
|
|
|
|
|
|
/* Adjust remaining size to account for save state. */
|
|
|
|
|
total_save_state_size = params->per_cpu_save_state_size *
|
|
|
|
|
params->num_concurrent_save_states;
|
|
|
|
|
if (total_save_state_size > size)
|
|
|
|
|
return -1;
|
|
|
|
|
size -= total_save_state_size;
|
|
|
|
|
|
|
|
|
|
/* The save state size encroached over the first SMM entry point. */
|
|
|
|
|
if (size <= SMM_ENTRY_OFFSET)
|
|
|
|
|
return -1;
|
|
|
|
|
|
|
|
|
|
/* Need a minimum stack size and alignment. */
|
|
|
|
|
if (params->per_cpu_stack_size <= SMM_MINIMUM_STACK_SIZE ||
|
|
|
|
|
(params->per_cpu_stack_size & 3) != 0)
|
|
|
|
|
return -1;
|
|
|
|
|
|
|
|
|
|
smm_stub_loc = NULL;
|
|
|
|
|
smm_stub_size = rmodule_memory_size(&smm_stub);
|
|
|
|
|
stub_entry_offset = rmodule_entry_offset(&smm_stub);
|
|
|
|
|
|
|
|
|
|
/* Assume the stub is always small enough to live within upper half of
|
|
|
|
|
* SMRAM region after the save state space has been allocated. */
|
|
|
|
|
smm_stub_loc = &base[SMM_ENTRY_OFFSET];
|
|
|
|
|
|
|
|
|
|
/* Adjust for jmp instruction sequence. */
|
|
|
|
|
if (stub_entry_offset != 0) {
|
|
|
|
|
size_t entry_sequence_size = sizeof(struct smm_entry_ins);
|
|
|
|
|
/* Align up to 16 bytes. */
|
|
|
|
|
entry_sequence_size = ALIGN_UP(entry_sequence_size, 16);
|
|
|
|
|
smm_stub_loc += entry_sequence_size;
|
|
|
|
|
smm_stub_size += entry_sequence_size;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
/* Stub is too big to fit. */
|
|
|
|
|
if (smm_stub_size > (size - SMM_ENTRY_OFFSET))
|
|
|
|
|
return -1;
|
|
|
|
|
|
|
|
|
|
/* The stacks, if requested, live in the lower half of SMRAM space. */
|
|
|
|
|
size = SMM_ENTRY_OFFSET;
|
|
|
|
|
|
|
|
|
|
/* Ensure stacks don't encroach onto staggered SMM
|
|
|
|
|
* entry points. The staggered entry points extend
|
|
|
|
|
* below SMM_ENTRY_OFFSET by the number of concurrent
|
|
|
|
|
* save states - 1 and save state size. */
|
|
|
|
|
if (params->num_concurrent_save_states > 1) {
|
|
|
|
|
size -= total_save_state_size;
|
|
|
|
|
size += params->per_cpu_save_state_size;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
/* Place the stacks in the lower half of SMRAM. */
|
|
|
|
|
stacks_top = smm_stub_place_stacks(base, size, params);
|
|
|
|
|
if (stacks_top == NULL)
|
|
|
|
|
return -1;
|
|
|
|
|
|
|
|
|
|
/* Load the stub. */
|
|
|
|
|
if (rmodule_load(smm_stub_loc, &smm_stub))
|
|
|
|
|
return -1;
|
|
|
|
|
|
|
|
|
|
/* Place staggered entry points. */
|
|
|
|
|
smm_stub_place_staggered_entry_points(base, params, &smm_stub);
|
|
|
|
|
|
|
|
|
|
/* Setup the parameters for the stub code. */
|
|
|
|
|
stub_params = rmodule_parameters(&smm_stub);
|
|
|
|
|
stub_params->stack_top = (uintptr_t)stacks_top;
|
|
|
|
|
stub_params->stack_size = params->per_cpu_stack_size;
|
|
|
|
|
stub_params->c_handler = (uintptr_t)params->handler;
|
|
|
|
|
stub_params->fxsave_area = (uintptr_t)fxsave_area;
|
|
|
|
|
stub_params->fxsave_area_size = FXSAVE_SIZE;
|
|
|
|
|
|
|
|
|
|
/* Initialize the APIC id to CPU number table to be 1:1 */
|
|
|
|
|
for (i = 0; i < params->num_concurrent_stacks; i++)
|
|
|
|
|
stub_params->apic_id_to_cpu[i] = i;
|
|
|
|
|
|
|
|
|
|
/* Allow the initiator to manipulate SMM stub parameters. */
|
|
|
|
|
params->stub_params = stub_params;
|
|
|
|
|
|
|
|
|
|
printk(BIOS_DEBUG, "SMM Module: stub loaded at %p. Will call %p\n",
|
|
|
|
|
smm_stub_loc, params->handler);
|
|
|
|
|
|
|
|
|
|
return 0;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
/*
|
|
|
|
|
* smm_setup_relocation_handler assumes the callback is already loaded in
|
|
|
|
|
* memory. i.e. Another SMM module isn't chained to the stub. The other
|
|
|
|
|
* assumption is that the stub will be entered from the default SMRAM
|
|
|
|
|
* location: 0x30000 -> 0x40000.
|
|
|
|
|
*/
|
|
|
|
|
int smm_setup_relocation_handler(void *const perm_smram, struct smm_loader_params *params)
|
|
|
|
|
{
|
|
|
|
|
void *smram = (void *)SMM_DEFAULT_BASE;
|
|
|
|
|
|
|
|
|
|
/* There can't be more than 1 concurrent save state for the relocation
|
|
|
|
|
* handler because all CPUs default to 0x30000 as SMBASE. */
|
|
|
|
|
if (params->num_concurrent_save_states > 1)
|
|
|
|
|
return -1;
|
|
|
|
|
|
|
|
|
|
/* A handler has to be defined to call for relocation. */
|
|
|
|
|
if (params->handler == NULL)
|
|
|
|
|
return -1;
|
|
|
|
|
|
|
|
|
|
/* Since the relocation handler always uses stack, adjust the number
|
|
|
|
|
* of concurrent stack users to be CONFIG_MAX_CPUS. */
|
|
|
|
|
if (params->num_concurrent_stacks == 0)
|
|
|
|
|
params->num_concurrent_stacks = CONFIG_MAX_CPUS;
|
|
|
|
|
|
|
|
|
|
return smm_module_setup_stub(smram, SMM_DEFAULT_SIZE,
|
|
|
|
|
params, fxsave_area_relocation);
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
/* The SMM module is placed within the provided region in the following
|
|
|
|
|
* manner:
|
|
|
|
|
* +-----------------+ <- smram + size
|
|
|
|
|
* | BIOS resource |
|
|
|
|
|
* | list (STM) |
|
|
|
|
|
* +-----------------+ <- smram + size - CONFIG_BIOS_RESOURCE_LIST_SIZE
|
|
|
|
|
* | stacks |
|
|
|
|
|
* +-----------------+ <- .. - total_stack_size
|
|
|
|
|
* | fxsave area |
|
|
|
|
|
* +-----------------+ <- .. - total_stack_size - fxsave_size
|
|
|
|
|
* | ... |
|
|
|
|
|
* +-----------------+ <- smram + handler_size + SMM_DEFAULT_SIZE
|
|
|
|
|
* | handler |
|
|
|
|
|
* +-----------------+ <- smram + SMM_DEFAULT_SIZE
|
|
|
|
|
* | stub code |
|
|
|
|
|
* +-----------------+ <- smram
|
|
|
|
|
*
|
|
|
|
|
* It should be noted that this algorithm will not work for
|
|
|
|
|
* SMM_DEFAULT_SIZE SMRAM regions such as the A segment. This algorithm
|
|
|
|
|
* expects a region large enough to encompass the handler and stacks
|
|
|
|
|
* as well as the SMM_DEFAULT_SIZE.
|
|
|
|
|
*/
|
|
|
|
|
int smm_load_module(void *smram, size_t size, struct smm_loader_params *params)
|
|
|
|
|
{
|
|
|
|
|
struct rmodule smm_mod;
|
|
|
|
|
struct smm_runtime *handler_mod_params;
|
|
|
|
|
size_t total_stack_size;
|
|
|
|
|
size_t handler_size;
|
|
|
|
|
size_t module_alignment;
|
|
|
|
|
size_t alignment_size;
|
|
|
|
|
size_t fxsave_size;
|
|
|
|
|
void *fxsave_area;
|
|
|
|
|
size_t total_size;
|
|
|
|
|
char *base;
|
|
|
|
|
|
|
|
|
|
if (size <= SMM_DEFAULT_SIZE)
|
|
|
|
|
return -1;
|
|
|
|
|
|
|
|
|
|
/* Fail if can't parse the smm rmodule. */
|
|
|
|
|
if (rmodule_parse(&_binary_smm_start, &smm_mod))
|
|
|
|
|
return -1;
|
|
|
|
|
|
|
|
|
|
/* Clear SMM region */
|
|
|
|
|
if (CONFIG(DEBUG_SMI))
|
|
|
|
|
memset(smram, 0xcd, size);
|
|
|
|
|
|
|
|
|
|
total_stack_size = params->per_cpu_stack_size *
|
|
|
|
|
params->num_concurrent_stacks;
|
|
|
|
|
|
|
|
|
|
/* Stacks start at the top of the region. */
|
|
|
|
|
base = smram;
|
|
|
|
|
base += size;
|
|
|
|
|
|
|
|
|
|
if (CONFIG(STM))
|
|
|
|
|
base -= CONFIG_MSEG_SIZE + CONFIG_BIOS_RESOURCE_LIST_SIZE;
|
|
|
|
|
|
|
|
|
|
params->stack_top = base;
|
|
|
|
|
|
|
|
|
|
/* SMM module starts at offset SMM_DEFAULT_SIZE with the load alignment
|
|
|
|
|
* taken into account. */
|
|
|
|
|
base = smram;
|
|
|
|
|
base += SMM_DEFAULT_SIZE;
|
|
|
|
|
handler_size = rmodule_memory_size(&smm_mod);
|
|
|
|
|
module_alignment = rmodule_load_alignment(&smm_mod);
|
|
|
|
|
alignment_size = module_alignment -
|
|
|
|
|
((uintptr_t)base % module_alignment);
|
|
|
|
|
if (alignment_size != module_alignment) {
|
|
|
|
|
handler_size += alignment_size;
|
|
|
|
|
base += alignment_size;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
if (CONFIG(SSE)) {
|
|
|
|
|
fxsave_size = FXSAVE_SIZE * params->num_concurrent_stacks;
|
|
|
|
|
/* FXSAVE area below all the stacks stack. */
|
|
|
|
|
fxsave_area = params->stack_top;
|
|
|
|
|
fxsave_area -= total_stack_size + fxsave_size;
|
|
|
|
|
} else {
|
|
|
|
|
fxsave_size = 0;
|
|
|
|
|
fxsave_area = NULL;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
/* Does the required amount of memory exceed the SMRAM region size? */
|
|
|
|
|
total_size = total_stack_size + handler_size;
|
|
|
|
|
total_size += fxsave_size + SMM_DEFAULT_SIZE;
|
|
|
|
|
|
|
|
|
|
if (total_size > size)
|
|
|
|
|
return -1;
|
|
|
|
|
|
|
|
|
|
if (rmodule_load(base, &smm_mod))
|
|
|
|
|
return -1;
|
|
|
|
|
|
|
|
|
|
params->handler = rmodule_entry(&smm_mod);
|
|
|
|
|
handler_mod_params = rmodule_parameters(&smm_mod);
|
|
|
|
|
handler_mod_params->smbase = (uintptr_t)smram;
|
|
|
|
|
handler_mod_params->smm_size = size;
|
|
|
|
|
handler_mod_params->save_state_size = params->real_cpu_save_state_size;
|
|
|
|
|
handler_mod_params->num_cpus = params->num_concurrent_stacks;
|
|
|
|
|
handler_mod_params->gnvs_ptr = (uintptr_t)acpi_get_gnvs();
|
|
|
|
|
|
|
|
|
|
for (int i = 0; i < CONFIG_MAX_CPUS; i++) {
|
|
|
|
|
handler_mod_params->save_state_top[i] = (uintptr_t)smram + SMM_DEFAULT_SIZE
|
|
|
|
|
- params->per_cpu_save_state_size * i;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
return smm_module_setup_stub(smram, size, params, fxsave_area);
|
|
|
|
|
}
|
Arthur Heymans