From: Ross Philipson <ross.philip...@oracle.com> Some of the commands declared in header files will be implemented in the follow-up commits.
Signed-off-by: Ross Philipson <ross.philip...@oracle.com> Signed-off-by: Daniel Kiper <daniel.ki...@oracle.com> Signed-off-by: Krystian Hebel <krystian.he...@3mdeb.com> Signed-off-by: Sergii Dmytruk <sergii.dmyt...@3mdeb.com> --- include/grub/i386/cpuid.h | 12 ++++ include/grub/i386/crfr.h | 127 ++++++++++++++++++++++++++++++++++++ include/grub/i386/mmio.h | 72 ++++++++++++++++++++ include/grub/i386/msr.h | 63 ++++++++++++++++++ include/grub/i386/slaunch.h | 77 ++++++++++++++++++++++ 5 files changed, 351 insertions(+) create mode 100644 include/grub/i386/crfr.h create mode 100644 include/grub/i386/mmio.h create mode 100644 include/grub/i386/slaunch.h diff --git a/include/grub/i386/cpuid.h b/include/grub/i386/cpuid.h index f7ae4b0a4..0ddd87b15 100644 --- a/include/grub/i386/cpuid.h +++ b/include/grub/i386/cpuid.h @@ -19,6 +19,18 @@ #ifndef GRUB_CPU_CPUID_HEADER #define GRUB_CPU_CPUID_HEADER 1 +/* General */ +#define GRUB_X86_CPUID_VENDOR 0x00000000 +#define GRUB_X86_CPUID_FEATURES 0x00000001 +/* Intel */ +#define GRUB_X86_CPUID_FEATURES_ECX_VMX (1<<5) +#define GRUB_X86_CPUID_FEATURES_ECX_SMX (1<<6) + +/* AMD */ +#define GRUB_AMD_CPUID_FEATURES 0x80000001 +#define GRUB_AMD_CPUID_FEATURES_ECX_SVM (1<<2) +#define GRUB_AMD_CPUID_FUNC 0x8000000a + extern unsigned char grub_cpuid_has_longmode; extern unsigned char grub_cpuid_has_pae; diff --git a/include/grub/i386/crfr.h b/include/grub/i386/crfr.h new file mode 100644 index 000000000..881a4dad4 --- /dev/null +++ b/include/grub/i386/crfr.h @@ -0,0 +1,127 @@ +/* + * GRUB -- GRand Unified Bootloader + * Copyright (C) 2020 Oracle and/or its affiliates. + * + * GRUB is free software: you can redistribute it and/or modify + * it under the terms of the GNU General Public License as published by + * the Free Software Foundation, either version 3 of the License, or + * (at your option) any later version. + * + * GRUB is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU General Public License for more details. + * + * You should have received a copy of the GNU General Public License + * along with GRUB. If not, see <https://www.gnu.org/licenses/>. + */ + +#ifndef GRUB_CRFR_H +#define GRUB_CRFR_H 1 + +#include <grub/types.h> + +/* Routines for R/W of control and flags registers */ + +#define GRUB_CR0_X86_PE 0x00000001 /* Enable Protected Mode */ +#define GRUB_CR0_X86_MP 0x00000002 /* "Math" (FPU) Present */ +#define GRUB_CR0_X86_EM 0x00000004 /* EMulate FPU */ +#define GRUB_CR0_X86_TS 0x00000008 /* Task Switched */ +#define GRUB_CR0_X86_PG 0x80000000 /* Enable PaGing */ + +#define GRUB_CR0_X86_NE 0x00000020 /* Numeric Error enable (EX16 vs IRQ13) */ +#define GRUB_CR0_X86_WP 0x00010000 /* Write Protect */ +#define GRUB_CR0_X86_AM 0x00040000 /* Alignment Mask */ +#define GRUB_CR0_X86_NW 0x20000000 /* Not Write-through */ +#define GRUB_CR0_X86_CD 0x40000000 /* Cache Disable */ + +#define GRUB_CR4_X86_VME 0x00000001 /* Virtual 8086 mode extensions */ +#define GRUB_CR4_X86_PVI 0x00000002 /* Protected-mode virtual interrupts */ +#define GRUB_CR4_X86_TSD 0x00000004 /* Time stamp disable */ +#define GRUB_CR4_X86_DE 0x00000008 /* Debugging extensions */ +#define GRUB_CR4_X86_PSE 0x00000010 /* Page size extensions */ +#define GRUB_CR4_X86_PAE 0x00000020 /* Physical address extension */ +#define GRUB_CR4_X86_MCE 0x00000040 /* Enable Machine check enable */ +#define GRUB_CR4_X86_PGE 0x00000080 /* Enable Page global */ +#define GRUB_CR4_X86_PCE 0x00000100 /* Enable Performance monitoring counter */ +#define GRUB_CR4_X86_FXSR 0x00000200 /* Fast FPU save/restore */ +#define GRUB_CR4_X86_XMM 0x00000400 /* Generate #XM instead of #UD for SIMD */ +#define GRUB_CR4_X86_VMXE 0x00002000 /* Enable VMX */ +#define GRUB_CR4_X86_SMXE 0x00004000 /* Enable SMX */ +#define GRUB_CR4_X86_PCIDE 0x00020000 /* Enable PCID */ + +static inline unsigned long +grub_read_cr0 (void) +{ + unsigned long val; + + asm volatile ("mov %%cr0, %0" : "=r" (val) : : "memory"); + + return val; +} + +static inline void +grub_write_cr0 (unsigned long val) +{ + asm volatile ("mov %0, %%cr0" : : "r" (val) : "memory"); +} + +static inline unsigned long +grub_read_cr4 (void) +{ + unsigned long val; + + asm volatile ("mov %%cr4, %0" : "=r" (val) : : "memory"); + + return val; +} + +static inline void +grub_write_cr4 (unsigned long val) +{ + asm volatile ("mov %0, %%cr4" : : "r" (val) : "memory"); +} + +#define GRUB_EFLAGS_X86_CF 0x00000001 /* Carry Flag */ +#define GRUB_EFLAGS_X86_PF 0x00000004 /* Parity Flag */ +#define GRUB_EFLAGS_X86_AF 0x00000010 /* Auxillary carry Flag */ +#define GRUB_EFLAGS_X86_ZF 0x00000040 /* Zero Flag */ +#define GRUB_EFLAGS_X86_SF 0x00000080 /* Sign Flag */ +#define GRUB_EFLAGS_X86_TF 0x00000100 /* Trap Flag */ +#define GRUB_EFLAGS_X86_IF 0x00000200 /* Interrupt Flag */ +#define GRUB_EFLAGS_X86_DF 0x00000400 /* Direction Flag */ +#define GRUB_EFLAGS_X86_OF 0x00000800 /* Overflow Flag */ +#define GRUB_EFLAGS_X86_IOPL 0x00003000 /* IOPL mask */ +#define GRUB_EFLAGS_X86_NT 0x00004000 /* Nested Task */ +#define GRUB_EFLAGS_X86_RF 0x00010000 /* Resume Flag */ +#define GRUB_EFLAGS_X86_VM 0x00020000 /* Virtual Mode */ +#define GRUB_EFLAGS_X86_AC 0x00040000 /* Alignment Check */ +#define GRUB_EFLAGS_X86_VIF 0x00080000 /* Virtual Interrupt Flag */ +#define GRUB_EFLAGS_X86_VIP 0x00100000 /* Virtual Interrupt Pending */ +#define GRUB_EFLAGS_X86_ID 0x00200000 /* CPUID detection flag */ + +static inline unsigned long +grub_read_flags_register (void) +{ + unsigned long flags; + +#ifdef __x86_64__ + asm volatile ("pushfq; popq %0" : "=r" (flags)); +#else + asm volatile ("pushfl; popl %0" : "=r" (flags)); +#endif + + return flags; +} + +static inline void +grub_write_flags_register (unsigned long flags) +{ +#ifdef __x86_64__ + asm volatile ("pushq %0; popfq" : : "r" (flags)); +#else + asm volatile ("pushl %0; popfl" : : "r" (flags)); +#endif +} + +#endif diff --git a/include/grub/i386/mmio.h b/include/grub/i386/mmio.h new file mode 100644 index 000000000..97a30f7d8 --- /dev/null +++ b/include/grub/i386/mmio.h @@ -0,0 +1,72 @@ +/* + * GRUB -- GRand Unified Bootloader + * Copyright (C) 2020 Oracle and/or its affiliates. + * + * GRUB is free software: you can redistribute it and/or modify + * it under the terms of the GNU General Public License as published by + * the Free Software Foundation, either version 3 of the License, or + * (at your option) any later version. + * + * GRUB is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU General Public License for more details. + * + * You should have received a copy of the GNU General Public License + * along with GRUB. If not, see <https://www.gnu.org/licenses/>. + */ + +#ifndef GRUB_I386_MMIO_H +#define GRUB_I386_MMIO_H 1 + +#include <grub/types.h> + +static inline grub_uint8_t +grub_read8 (const grub_addr_t addr) +{ + grub_uint8_t val; + + val = (*(volatile grub_uint8_t *) (addr)); + + return val; +} + +static inline grub_uint32_t +grub_read32 (const grub_addr_t addr) +{ + grub_uint32_t val; + + val = (*(volatile grub_uint32_t *) (addr)); + + return val; +} + +static inline grub_uint64_t +grub_read64 (const grub_addr_t addr) +{ + grub_uint64_t val; + + val = (*(volatile grub_uint64_t *) (addr)); + + return val; +} + +static inline void +grub_write8 (grub_uint8_t val, grub_addr_t addr) +{ + (*(volatile grub_uint8_t *) (addr)) = val; +} + +static inline void +grub_write32 (grub_uint32_t val, grub_addr_t addr) +{ + (*(volatile grub_uint32_t *) (addr)) = val; +} + +static inline void +grub_write64 (grub_uint64_t val, grub_addr_t addr) +{ + (*(volatile grub_uint64_t *) (addr)) = val; +} + +#endif /* GRUB_I386_MMIO_H */ diff --git a/include/grub/i386/msr.h b/include/grub/i386/msr.h index 1e838c022..52c923ab9 100644 --- a/include/grub/i386/msr.h +++ b/include/grub/i386/msr.h @@ -2,6 +2,9 @@ * GRUB -- GRand Unified Bootloader * Copyright (C) 2019 Free Software Foundation, Inc. * + * Some definitions in this header are extracted from the Trusted Computing + * Group's "TPM Main Specification", Parts 1-3. + * * GRUB is free software: you can redistribute it and/or modify * it under the terms of the GNU General Public License as published by * the Free Software Foundation, either version 3 of the License, or @@ -19,6 +22,64 @@ #ifndef GRUB_I386_MSR_H #define GRUB_I386_MSR_H 1 +/* General */ +#define GRUB_MSR_X86_PLATFORM_ID 0x00000017 + +#define GRUB_MSR_X86_APICBASE 0x0000001b +#define GRUB_MSR_X86_APICBASE_BSP (1<<8) +#define GRUB_MSR_X86_APICBASE_ENABLE (1<<11) +#define GRUB_MSR_X86_APICBASE_BASE (0xfffff<<12) /* Mask for APIC base address */ + +#define GRUB_MSR_X86_FEATURE_CONTROL 0x0000003a +#define GRUB_MSR_X86_FEATURE_CTRL_LOCK (1<<0) /* Lock writes to this register */ +#define GRUB_MSR_X86_ENABLE_VMX_IN_SMX (1<<1) /* Enable VMX inside SMX */ +#define GRUB_MSR_X86_ENABLE_VMX_OUT_SMX (1<<2) /* Enable VMX outside SMX */ +#define GRUB_MSR_X86_SENTER_FUNCTIONS (0x7f<<8) /* Bitmap of SENTER function enables */ +#define GRUB_MSR_X86_SENTER_ENABLE (1<<15) /* SENTER global enable */ + +#define GRUB_MSR_X86_MTRRCAP 0x000000fe +#define GRUB_MSR_X86_VCNT_MASK 0xff /* Number of variable MTRRs */ + +#define GRUB_MSR_X86_MCG_CAP 0x00000179 +#define GRUB_MSR_MCG_BANKCNT_MASK 0xff /* Number of banks */ +#define GRUB_MSR_X86_MCG_STATUS 0x0000017a +#define GRUB_MSR_MCG_STATUS_MCIP (1ULL<<2) /* MC in progress */ + +#define GRUB_MSR_X86_MISC_ENABLE 0x000001a0 +#define GRUB_MSR_X86_ENABLE_MONITOR_FSM (1<<18) + +#define GRUB_MSR_X86_MTRR_PHYSBASE0 0x00000200 +#define GRUB_MSR_X86_MTRR_PHYSMASK0 0x00000201 +#define GRUB_MSR_X86_MTRR_PHYSBASE(n) (GRUB_MSR_X86_MTRR_PHYSBASE0 + 2 * (n)) +#define GRUB_MSR_X86_MTRR_PHYSMASK(n) (GRUB_MSR_X86_MTRR_PHYSMASK0 + 2 * (n)) +#define GRUB_MSR_X86_BASE_DEF_TYPE_MASK 0xff +#define GRUB_MSR_X86_MASK_VALID (1<<11) + +#define GRUB_MSR_X86_MTRR_DEF_TYPE 0x000002ff +#define GRUB_MSR_X86_DEF_TYPE_MASK 0xff +#define GRUB_MSR_X86_MTRR_ENABLE_FIXED (1<<10) +#define GRUB_MSR_X86_MTRR_ENABLE (1<<11) + +#define GRUB_MSR_X86_MC0_STATUS 0x00000401 + +#define GRUB_MSR_X86_EFER 0xc0000080 /* Extended features */ +#define GRUB_MSR_EFER_LME (1<<8) /* Enable Long Mode/IA-32e */ +#define GRUB_MSR_EFER_LMA (1<<10) /* Long Mode/IA-32e Active */ +#define GRUB_MSR_EFER_SVME (1<<12) /* Enable SVM (AMD-V) */ + +/* AMD Specific */ +#define GRUB_MSR_AMD64_VM_CR 0xc0010114 /* SVM control register */ +#define GRUB_MSR_SVM_VM_CR_SVM_DISABLE (1<<4) /* Disable writes to EFER.SVME */ + +/* MTRR Specific */ +#define GRUB_MTRR_MEMORY_TYPE_UC 0 +#define GRUB_MTRR_MEMORY_TYPE_WC 1 +#define GRUB_MTRR_MEMORY_TYPE_WT 4 +#define GRUB_MTRR_MEMORY_TYPE_WP 5 +#define GRUB_MTRR_MEMORY_TYPE_WB 6 + +#ifndef ASM_FILE + #include <grub/err.h> #include <grub/i386/cpuid.h> #include <grub/types.h> @@ -71,4 +132,6 @@ grub_wrmsr (grub_uint32_t msr_id, grub_uint64_t msr_value) asm volatile ("wrmsr" : : "c" (msr_id), "a" (low), "d" (high)); } +#endif /* ASM_FILE */ + #endif /* GRUB_I386_MSR_H */ diff --git a/include/grub/i386/slaunch.h b/include/grub/i386/slaunch.h new file mode 100644 index 000000000..1574b3a1c --- /dev/null +++ b/include/grub/i386/slaunch.h @@ -0,0 +1,77 @@ +/* + * GRUB -- GRand Unified Bootloader + * Copyright (C) 2020 Oracle and/or its affiliates. + * + * GRUB is free software: you can redistribute it and/or modify + * it under the terms of the GNU General Public License as published by + * the Free Software Foundation, either version 3 of the License, or + * (at your option) any later version. + * + * GRUB is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU General Public License for more details. + * + * You should have received a copy of the GNU General Public License + * along with GRUB. If not, see <http://www.gnu.org/licenses/>. + * + * Main secure launch definitions header file. + */ + +#ifndef GRUB_I386_SLAUNCH_H +#define GRUB_I386_SLAUNCH_H 1 + +/* Secure launch platform types. */ +#define SLP_NONE 0 +#define SLP_INTEL_TXT 1 + +/* PCRs used by Secure launch. */ +#define GRUB_SLAUNCH_CODE_PCR 17 +#define GRUB_SLAUNCH_DATA_PCR 18 + +#define GRUB_SLAUNCH_TPM_EVT_LOG_SIZE (8 * GRUB_PAGE_SIZE) + +#ifndef ASM_FILE + +#include <grub/i386/linux.h> +#include <grub/types.h> + +struct grub_slaunch_params +{ + grub_uint32_t boot_params_addr; + grub_uint64_t slr_table_base; + /* This is size of SLRT buffer, so maximum size of the table. */ + grub_uint32_t slr_table_size; + void *slr_table_mem; + grub_uint32_t mle_start; + grub_uint32_t mle_size; + void *mle_mem; + grub_uint64_t mle_ptab_target; + grub_uint32_t mle_ptab_size; + void *mle_ptab_mem; + grub_uint32_t mle_header_offset; + grub_uint32_t ap_wake_block; + grub_uint32_t ap_wake_block_size; + grub_uint32_t dce_base; + grub_uint32_t dce_size; + grub_uint64_t tpm_evt_log_base; + grub_uint32_t tpm_evt_log_size; +}; + +extern grub_uint32_t grub_slaunch_platform_type (void); +extern void *grub_slaunch_module (void); +extern struct grub_slaunch_params *grub_slaunch_params (void); + +extern void grub_slaunch_init_slrt_storage (int arch); +extern void grub_slaunch_add_slrt_policy_entries (void); +extern void grub_slaunch_add_slrt_policy_entry (grub_uint16_t pcr, + grub_uint16_t entity_type, + grub_uint16_t flags, + grub_uint64_t entity, + grub_uint64_t size, + const char *evt_info); +extern void grub_slaunch_finish_slr_table (void); + +#endif /* ASM_FILE */ + +#endif /* GRUB_I386_SLAUNCH_H */ -- 2.46.0 _______________________________________________ Grub-devel mailing list Grub-devel@gnu.org https://lists.gnu.org/mailman/listinfo/grub-devel
