1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
263
264
265
266
267
268
269
270
271
272
273
274
|
/** @file
OVMF support for QEMU system firmware flash device
Copyright (c) 2009 - 2013, Intel Corporation. All rights reserved.<BR>
SPDX-License-Identifier: BSD-2-Clause-Patent
**/
#include <Library/BaseMemoryLib.h>
#include <Library/DebugLib.h>
#include <Library/MemEncryptSevLib.h>
#include <Library/PcdLib.h>
#include "QemuFlash.h"
#define WRITE_BYTE_CMD 0x10
#define BLOCK_ERASE_CMD 0x20
#define CLEAR_STATUS_CMD 0x50
#define READ_STATUS_CMD 0x70
#define READ_DEVID_CMD 0x90
#define BLOCK_ERASE_CONFIRM_CMD 0xd0
#define READ_ARRAY_CMD 0xff
#define CLEARED_ARRAY_STATUS 0x00
UINT8 *mFlashBase;
STATIC UINTN mFdBlockSize = 0;
STATIC UINTN mFdBlockCount = 0;
STATIC
volatile UINT8 *
QemuFlashPtr (
IN EFI_LBA Lba,
IN UINTN Offset
)
{
return mFlashBase + ((UINTN)Lba * mFdBlockSize) + Offset;
}
/**
Determines if the QEMU flash memory device is present.
@retval FALSE The QEMU flash device is not present.
@retval TRUE The QEMU flash device is present.
**/
STATIC
BOOLEAN
QemuFlashDetected (
VOID
)
{
BOOLEAN FlashDetected;
volatile UINT8 *Ptr;
UINTN Offset;
UINT8 OriginalUint8;
UINT8 ProbeUint8;
FlashDetected = FALSE;
Ptr = QemuFlashPtr (0, 0);
for (Offset = 0; Offset < mFdBlockSize; Offset++) {
Ptr = QemuFlashPtr (0, Offset);
ProbeUint8 = *Ptr;
if ((ProbeUint8 != CLEAR_STATUS_CMD) &&
(ProbeUint8 != READ_STATUS_CMD) &&
(ProbeUint8 != CLEARED_ARRAY_STATUS))
{
break;
}
}
if (Offset >= mFdBlockSize) {
DEBUG ((DEBUG_INFO, "QEMU Flash: Failed to find probe location\n"));
return FALSE;
}
DEBUG ((DEBUG_INFO, "QEMU Flash: Attempting flash detection at %p\n", Ptr));
if (MemEncryptSevEsIsEnabled ()) {
//
// When SEV-ES is enabled, the check below can result in an infinite
// loop with respect to a nested page fault. When the memslot is mapped
// read-only, the nested page table entry is read-only. The check below
// will cause a nested page fault that cannot be emulated, causing
// the instruction to retried over and over. For SEV-ES, acknowledge that
// the FD appears as ROM and not as FLASH, but report FLASH anyway because
// FLASH behavior can be simulated using VMGEXIT.
//
DEBUG ((
DEBUG_INFO,
"QEMU Flash: SEV-ES enabled, assuming FD behaves as FLASH\n"
));
return TRUE;
}
OriginalUint8 = *Ptr;
*Ptr = CLEAR_STATUS_CMD;
ProbeUint8 = *Ptr;
if ((OriginalUint8 != CLEAR_STATUS_CMD) &&
(ProbeUint8 == CLEAR_STATUS_CMD))
{
DEBUG ((DEBUG_INFO, "QemuFlashDetected => FD behaves as RAM\n"));
*Ptr = OriginalUint8;
} else {
*Ptr = READ_STATUS_CMD;
ProbeUint8 = *Ptr;
if (ProbeUint8 == OriginalUint8) {
DEBUG ((DEBUG_INFO, "QemuFlashDetected => FD behaves as ROM\n"));
} else if (ProbeUint8 == READ_STATUS_CMD) {
DEBUG ((DEBUG_INFO, "QemuFlashDetected => FD behaves as RAM\n"));
*Ptr = OriginalUint8;
} else if (ProbeUint8 == CLEARED_ARRAY_STATUS) {
DEBUG ((DEBUG_INFO, "QemuFlashDetected => FD behaves as FLASH\n"));
FlashDetected = TRUE;
*Ptr = READ_ARRAY_CMD;
}
}
DEBUG ((
DEBUG_INFO,
"QemuFlashDetected => %a\n",
FlashDetected ? "Yes" : "No"
));
return FlashDetected;
}
/**
Read from QEMU Flash
@param[in] Lba The starting logical block index to read from.
@param[in] Offset Offset into the block at which to begin reading.
@param[in] NumBytes On input, indicates the requested read size. On
output, indicates the actual number of bytes read
@param[in] Buffer Pointer to the buffer to read into.
**/
EFI_STATUS
QemuFlashRead (
IN EFI_LBA Lba,
IN UINTN Offset,
IN UINTN *NumBytes,
IN UINT8 *Buffer
)
{
UINT8 *Ptr;
//
// Only write to the first 64k. We don't bother saving the FTW Spare
// block into the flash memory.
//
if (Lba >= mFdBlockCount) {
return EFI_INVALID_PARAMETER;
}
//
// Get flash address
//
Ptr = (UINT8 *)QemuFlashPtr (Lba, Offset);
CopyMem (Buffer, Ptr, *NumBytes);
return EFI_SUCCESS;
}
/**
Write to QEMU Flash
@param[in] Lba The starting logical block index to write to.
@param[in] Offset Offset into the block at which to begin writing.
@param[in] NumBytes On input, indicates the requested write size. On
output, indicates the actual number of bytes written
@param[in] Buffer Pointer to the data to write.
**/
EFI_STATUS
QemuFlashWrite (
IN EFI_LBA Lba,
IN UINTN Offset,
IN UINTN *NumBytes,
IN UINT8 *Buffer
)
{
volatile UINT8 *Ptr;
UINTN Loop;
//
// Only write to the first 64k. We don't bother saving the FTW Spare
// block into the flash memory.
//
if (Lba >= mFdBlockCount) {
return EFI_INVALID_PARAMETER;
}
//
// Program flash
//
Ptr = QemuFlashPtr (Lba, Offset);
for (Loop = 0; Loop < *NumBytes; Loop++) {
QemuFlashPtrWrite (Ptr, WRITE_BYTE_CMD);
QemuFlashPtrWrite (Ptr, Buffer[Loop]);
Ptr++;
}
//
// Restore flash to read mode
//
if (*NumBytes > 0) {
QemuFlashPtrWrite (Ptr - 1, READ_ARRAY_CMD);
}
return EFI_SUCCESS;
}
/**
Erase a QEMU Flash block
@param Lba The logical block index to erase.
**/
EFI_STATUS
QemuFlashEraseBlock (
IN EFI_LBA Lba
)
{
volatile UINT8 *Ptr;
if (Lba >= mFdBlockCount) {
return EFI_INVALID_PARAMETER;
}
Ptr = QemuFlashPtr (Lba, 0);
QemuFlashPtrWrite (Ptr, BLOCK_ERASE_CMD);
QemuFlashPtrWrite (Ptr, BLOCK_ERASE_CONFIRM_CMD);
return EFI_SUCCESS;
}
/**
Initializes QEMU flash memory support
@retval EFI_WRITE_PROTECTED The QEMU flash device is not present.
@retval EFI_SUCCESS The QEMU flash device is supported.
**/
EFI_STATUS
QemuFlashInitialize (
VOID
)
{
mFlashBase = (UINT8 *)(UINTN)PcdGet32 (PcdOvmfFdBaseAddress);
mFdBlockSize = PcdGet32 (PcdOvmfFirmwareBlockSize);
ASSERT (PcdGet32 (PcdOvmfFirmwareFdSize) % mFdBlockSize == 0);
mFdBlockCount = PcdGet32 (PcdOvmfFirmwareFdSize) / mFdBlockSize;
//
// execute module specific hooks before probing the flash
//
QemuFlashBeforeProbe (
(EFI_PHYSICAL_ADDRESS)(UINTN)mFlashBase,
mFdBlockSize,
mFdBlockCount
);
if (!QemuFlashDetected ()) {
ASSERT (!FeaturePcdGet (PcdSmmSmramRequire));
return EFI_WRITE_PROTECTED;
}
return EFI_SUCCESS;
}
|