[RFC PATCH 4/7] slaunch/psp: Setup TMRs to protect RAM from DMA

Wed, 18 Dec 2024 11:09:05 -0800 

From: Alec Brown <alec.r.br...@oracle.com>

TMRs are setup and used to protect ranges of memory from outside
access like DMA. Setting them up to cover all memory protects from
DMA during the establishment of the DRTM environment.

Signed-off-by: Alec Brown <alec.r.br...@oracle.com>
Signed-off-by: Sergii Dmytruk <sergii.dmyt...@3mdeb.com>
---
 grub-core/loader/slaunch/psp.c | 56 ++++++++++++++++++++++++++++++++++
 include/grub/i386/psp.h        |  1 +
 2 files changed, 57 insertions(+)

diff --git a/grub-core/loader/slaunch/psp.c b/grub-core/loader/slaunch/psp.c
index 2bbb4c685..553e53ed4 100644
--- a/grub-core/loader/slaunch/psp.c
+++ b/grub-core/loader/slaunch/psp.c
@@ -36,6 +36,9 @@
 #include <grub/mm.h>
 #include <grub/time.h>
 #include <grub/pci.h>
+#include <grub/efi/efi.h>
+#include <grub/efi/api.h>
+#include <grub/i386/linux.h>
 #include <grub/i386/pci.h>
 #include <grub/i386/psp.h>
 
@@ -362,3 +365,56 @@ grub_drtm_get_capability (void)
 
   return GRUB_ERR_NONE;
 }
+
+/**
+ * Setup Trusted Memory Region (TMR). The PSP supports only
+ * 1 TMR - as such all of the sysmem region is covered in
+ * a single TMR.
+ *
+ * Walk the E820 MB2 memory map table to figure out the end
+ * of the memory addresses. Setup the TMR to cover address
+ * ranges from 0x0 to the end calculated during the walk.
+ */
+int
+grub_drtm_setup_tmrs (grub_uint64_t tmr_end)
+{
+  grub_uint64_t tmr_count = 0;
+  grub_uint64_t rem = 0;
+  grub_uint32_t status = 0;
+
+  tmr_count = grub_divmod64 (tmr_end, drtm_capability.tmr_alignment, &rem);
+  if (rem != 0)
+    tmr_count++;
+
+  if (tmr_count > GRUB_UINT_MAX)
+    {
+      grub_error (GRUB_ERR_BAD_DEVICE, N_("DRTM: %s: memory region bigger than 
TMR\n"), __func__);
+      return -1;
+    }
+
+  /*
+   * Setup TMR for address range 0x0 to tmr_end. Size is in
+   * multiples of tmr_alignment.
+   */
+  *psp_drtm.c2pmsg_93 = (grub_uint32_t)tmr_count;
+  *psp_drtm.c2pmsg_94 = 0;
+  *psp_drtm.c2pmsg_95 = 0;
+
+  *psp_drtm.c2pmsg_72 = (DRTM_TMR_INDEX_0 << 24) |
+                       (DRTM_CMD_TMR_SETUP << DRTM_MBOX_CMD_SHIFT);
+
+  if (!drtm_wait_for_psp_ready (&status))
+    {
+      grub_error (GRUB_ERR_TIMEOUT, N_("DRTM: %s: failed to get a response 
from PSP\n"), __func__);
+      return -1;
+    }
+
+  if (status != DRTM_NO_ERROR)
+    {
+      grub_error (GRUB_ERR_BAD_DEVICE, N_("DRTM: %s: failed to setup TMRs - 
%s\n"),
+                 __func__, drtm_status_string (status));
+      return -1;
+    }
+
+  return 0;
+}
diff --git a/include/grub/i386/psp.h b/include/grub/i386/psp.h
index 915435311..4df31735d 100644
--- a/include/grub/i386/psp.h
+++ b/include/grub/i386/psp.h
@@ -86,5 +86,6 @@ extern grub_err_t grub_psp_discover (void);
 extern grub_uint16_t grub_psp_version (void);
 extern void grub_drtm_kick_psp (void);
 extern grub_err_t grub_drtm_get_capability (void);
+extern int grub_drtm_setup_tmrs (grub_uint64_t tmr_end);
 
 #endif /* __PSP_H__ */
-- 
2.47.1


_______________________________________________
Grub-devel mailing list
Grub-devel@gnu.org
https://lists.gnu.org/mailman/listinfo/grub-devel

Reply via email to