UEFI payload implementation for AMD #69
Description
This task will implement support for performing DRTM between coreboot and its payload, in this case edk2. While the implementation of dynamic launch will be in coreboot, the payload must be able to handle unusual state after the hand-off. It also has to carefully manage the access to memory, as well as control when and how other cores are allowed to be started. Finally, the payload binary must contain information that would tell coreboot that it can be started through dynamic launch.
The implementation may reuse parts of PoC.
- Enable interrupts by setting Global Interrupts Flag
- APs brough online with SIPI (custom SMP protocol?)
- IOMMU driver, including disabling existing protections (DEV, TMR)
- Early DMA protection (common with Intel, assuming compatible API for IOMMU driver)
- DRTM TPM event log (common with Intel, but different ways of locating it)
- UEFI extends SRTM PCRs as usual, but it has to preserve and expose DRTM log to OS
- If Dasharo gains support for newer AMD platforms: changes required for PSP involvement in SKINIT - discovery, implementation (edk2) and documentation (coreboot)
Form: PR to https://github.com/Dasharo/edk2
Proof: logs from booting up to bootloader