feat(tdx): parse TDVF and generate UEFI HOB

Signed-off-by: Changyuan Lyu <changyuanl@google.com>

Author: Lencerf

alioth/src/board/board_x86_64/board_x86_64.rs

@@ -20,7 +20,7 @@ use std::collections::HashMap;
 use std::mem::{offset_of, size_of, size_of_val};
 use std::path::Path;
 use std::sync::Arc;
-use std::sync::atomic::AtomicU32;
+use std::sync::atomic::{AtomicU32, AtomicU64};
 
 use parking_lot::Mutex;
 use snafu::ResultExt;
@@ -53,6 +53,7 @@ where
 {
     cpuids: HashMap<CpuidIn, CpuidResult>,
     sev_ap_eip: AtomicU32,
+    tdx_hob: AtomicU64,
     pub(crate) io_apic: Arc<IoApic<V::MsiSender>>,
 }
 
@@ -167,6 +168,7 @@ impl<V: Vm> ArchBoard<V> {
         Ok(Self {
             cpuids,
             sev_ap_eip: AtomicU32::new(0),
+            tdx_hob: AtomicU64::new(0),
             io_apic: Arc::new(IoApic::new(vm.create_msi_sender()?)),
         })
     }
@@ -216,7 +218,7 @@ where
         match coco {
             Coco::AmdSev { policy } => self.setup_sev(fw, *policy),
             Coco::AmdSnp { .. } => self.setup_snp(fw),
-            Coco::IntelTdx { attr } => todo!("Intel TDX {attr:?}"),
+            Coco::IntelTdx { .. } => self.setup_tdx(fw),
         }
     }
 

alioth/src/board/board_x86_64/tdx.rs

@@ -13,11 +13,15 @@
 // limitations under the License.
 
 use std::sync::Arc;
+use std::sync::atomic::Ordering;
 
+use crate::arch::layout::MEM_64_START;
 use crate::arch::tdx::TdAttr;
-use crate::board::{Board, Result};
+use crate::board::{Board, Result, error};
+use crate::firmware::ovmf::tdx::{TdvfSectionType, create_hob, parse_entries};
 use crate::hv::{Vm, VmMemory};
 use crate::mem::MarkPrivateMemory;
+use crate::mem::mapped::ArcMemPages;
 
 impl<V> Board<V>
 where
@@ -29,4 +33,45 @@ where
         self.memory.register_change_callback(mark_private_memory)?;
         Ok(())
     }
+
+    pub(crate) fn create_hob(&self, dst: &mut [u8], mut accepted: Vec<(u64, u64)>) -> Result<u64> {
+        let hob_phys = self.arch.tdx_hob.load(Ordering::Relaxed);
+        let mut entries = self.memory.mem_region_entries();
+        create_hob(dst, hob_phys, &mut entries, &mut accepted)?;
+        Ok(hob_phys)
+    }
+
+    pub(crate) fn setup_tdx(&self, fw: &mut ArcMemPages) -> Result<()> {
+        let data = fw.as_slice();
+        let entries = parse_entries(data)?;
+
+        let fw_gpa = MEM_64_START - data.len() as u64;
+        self.memory
+            .mark_private_memory(fw_gpa, data.len() as _, true)?;
+
+        let mut accepted = Vec::new();
+        let mut hob_ram = None;
+        for entry in entries {
+            match entry.r#type {
+                TdvfSectionType::TD_HOB => {
+                    let p = ArcMemPages::from_anonymous(entry.size as usize, None, None)?;
+                    hob_ram = Some(p);
+                    let tdx_hob = &self.arch.tdx_hob;
+                    tdx_hob.store(entry.address, Ordering::Relaxed);
+                    accepted.push((entry.address, entry.size));
+                }
+                TdvfSectionType::TEMP_MEM => {
+                    accepted.push((entry.address, entry.size));
+                }
+                _ => {}
+            };
+        }
+
+        let Some(hob_ram) = &mut hob_ram else {
+            return error::MissingPayload.fail();
+        };
+        self.create_hob(hob_ram.as_slice_mut(), accepted)?;
+
+        todo!()
+    }
 }

alioth/src/firmware/firmware.rs

@@ -40,6 +40,10 @@ pub enum Error {
     MissingTdvfVersion { got: u32 },
     #[snafu(display("Invalid firmware data layout"))]
     InvalidLayout,
+    #[snafu(display("Uncovered TDVF section"))]
+    UncoveredTdvfSection,
+    #[snafu(display("Failed to write HOB"))]
+    WriteHob { error: std::io::Error },
 }
 
 type Result<T, E = Error> = std::result::Result<T, E>;

alioth/src/firmware/ovmf/ovmf_x86_64/tdx.rs

@@ -12,13 +12,20 @@
 // See the License for the specific language governing permissions and
 // limitations under the License.
 
-use zerocopy::{FromBytes, Immutable, IntoBytes, KnownLayout};
+use std::cmp::min;
+use std::io::Write;
 
-use crate::firmware::ovmf::x86_64::GUID_SIZE;
-use crate::{bitflags, consts};
+use snafu::ResultExt;
+use zerocopy::{FromBytes, Immutable, IntoBytes, KnownLayout};
 
-use crate::firmware::ovmf::x86_64::parse_data;
+use crate::firmware::ovmf::x86_64::{GUID_SIZE, parse_data};
+use crate::firmware::uefi::{
+    HOB_HANDOFF_TABLE_VERSION, HobGenericHeader, HobHandoffInfoTable, HobResourceDesc,
+    HobResourceType, HobType, ResourceAttr,
+};
 use crate::firmware::{Result, error};
+use crate::mem::{MemRegionEntry, MemRegionType};
+use crate::{bitflags, consts};
 
 pub const GUID_TDX_METADATA_OFFSET: [u8; GUID_SIZE] = [
     0x35, 0x65, 0x7a, 0xe4, 0x4a, 0x98, 0x98, 0x47, 0x86, 0x5e, 0x46, 0x85, 0xa7, 0xbf, 0x8e, 0xc2,
@@ -57,9 +64,9 @@ bitflags! {
 #[derive(Debug, Clone, Default, KnownLayout, Immutable, FromBytes, IntoBytes)]
 pub struct TdvfSectionEntry {
     pub data_offset: u32,
-    pub raw_data_size: u32,
-    pub memory_address: u64,
-    pub memory_data_size: u64,
+    pub data_size: u32,
+    pub address: u64,
+    pub size: u64,
     pub r#type: TdvfSectionType,
     pub attributes: TdvfSectionAttr,
 }
@@ -98,3 +105,136 @@ pub fn parse_entries(data: &[u8]) -> Result<&[TdvfSectionEntry]> {
     };
     Ok(entries)
 }
+
+fn create_hob_mem_resources(
+    entries: &[(u64, MemRegionEntry)],
+    accepted: &[(u64, u64)],
+    mut op: impl FnMut(HobResourceDesc) -> Result<()>,
+) -> Result<()> {
+    let tmpl = HobResourceDesc {
+        hdr: HobGenericHeader {
+            r#type: HobType::RESOURCE_DESCRIPTOR,
+            length: size_of::<HobResourceDesc>() as u16,
+            reserved: 0,
+        },
+        owner: [0; 16],
+        attr: ResourceAttr::PRESENT | ResourceAttr::INIT | ResourceAttr::TESTED,
+        ..Default::default()
+    };
+    let mut iter_e = entries.iter();
+    let mut iter_a = accepted.iter();
+    let mut section = iter_a.next().copied();
+    let mut entry = iter_e.next().copied();
+    loop {
+        match (&mut entry, &mut section) {
+            (None, None) => break,
+            (None, Some((start, size))) => {
+                log::error!(
+                    "Section [{start:x}, {:x}) is not covered by system memory",
+                    *start + *size
+                );
+                return error::UncoveredTdvfSection.fail();
+            }
+            (Some((_, e)), _) if e.type_ != MemRegionType::Ram => {
+                entry = iter_e.next().copied();
+                continue;
+            }
+            (Some((s, e)), None) => {
+                op(HobResourceDesc {
+                    r#type: HobResourceType::MEMORY_UNACCEPTED,
+                    address: *s,
+                    len: e.size,
+                    ..tmpl.clone()
+                })?;
+                entry = iter_e.next().copied();
+            }
+            (Some((s, e)), Some((start, size))) => {
+                if let Some(len) = min(*s, *start + *size).checked_sub(*start)
+                    && len > 0
+                {
+                    *size = len;
+                    entry = None;
+                    // Jump to branch (Some, None)
+                    continue;
+                }
+                if let Some(len) = min(*s + e.size, *start).checked_sub(*s)
+                    && len > 0
+                {
+                    op(HobResourceDesc {
+                        r#type: HobResourceType::MEMORY_UNACCEPTED,
+                        address: *s,
+                        len,
+                        ..tmpl.clone()
+                    })?;
+                    *s += len;
+                    e.size -= len;
+                }
+                if let Some(len) = min(*s + e.size, *start + *size).checked_sub(*start)
+                    && len > 0
+                {
+                    op(HobResourceDesc {
+                        r#type: HobResourceType::SYSTEM_MEMORY,
+                        address: *start,
+                        len,
+                        ..tmpl.clone()
+                    })?;
+                    *start += len;
+                    *size -= len;
+                    *s += len;
+                    e.size -= len
+                };
+                if *size == 0 {
+                    section = iter_a.next().copied();
+                };
+                if e.size == 0 {
+                    entry = iter_e.next().copied();
+                }
+            }
+        }
+    }
+    Ok(())
+}
+
+pub fn create_hob(
+    buffer: &mut [u8],
+    hob_phys: u64,
+    entries: &mut [(u64, MemRegionEntry)],
+    accepted: &mut [(u64, u64)],
+) -> Result<()> {
+    entries.sort_by_key(|(s, _)| *s);
+    accepted.sort();
+
+    let Ok((table, mut dst)) = HobHandoffInfoTable::mut_from_prefix(buffer) else {
+        return error::InvalidLayout.fail();
+    };
+
+    let mut desc_size = 0;
+    create_hob_mem_resources(entries, accepted, |d| {
+        desc_size += size_of_val(&d);
+        dst.write_all(d.as_bytes()).context(error::WriteHob)
+    })?;
+
+    let end = HobGenericHeader {
+        r#type: HobType::END_OF_HOB_LIST,
+        length: size_of::<HobGenericHeader>() as u16,
+        reserved: 0,
+    };
+    dst.write_all(end.as_bytes()).context(error::WriteHob)?;
+
+    *table = HobHandoffInfoTable {
+        hdr: HobGenericHeader {
+            r#type: HobType::HANDOFF,
+            length: size_of::<HobHandoffInfoTable>() as u16,
+            reserved: 0,
+        },
+        version: HOB_HANDOFF_TABLE_VERSION,
+        end_of_hob_list: hob_phys + (size_of_val(table) + desc_size + size_of_val(&end)) as u64,
+        ..Default::default()
+    };
+
+    Ok(())
+}
+
+#[cfg(test)]
+#[path = "tdx_test.rs"]
+mod tests;