x86_64: init GDT and TSS. add UEFI example

Author: wangrunji0408

examples/uefi/.cargo/config

@@ -0,0 +1,2 @@
+[build]
+target = "x86_64-unknown-uefi"

examples/uefi/.gitattributes

@@ -0,0 +1 @@
+OVMF.fd filter=lfs diff=lfs merge=lfs -text

examples/uefi/Cargo.toml

@@ -0,0 +1,15 @@
+[package]
+name = "uefi"
+version = "0.1.0"
+authors = ["Runji Wang <[email protected]>"]
+edition = "2018"
+
+# See more keys and their definitions at https://doc.rust-lang.org/cargo/reference/manifest.html
+
+[dependencies]
+log = "0.4"
+x86_64 = "0.8"
+uefi = "0.4.3"
+uefi-services = "0.2.1"
+raw-cpuid = "7.0.3"
+trapframe = { path = "../.." }

examples/uefi/Makefile

@@ -0,0 +1,34 @@
+MODE ?= debug
+EFI := target/x86_64-unknown-uefi/$(MODE)/uefi.efi
+OVMF := OVMF.fd
+ESP := target/esp
+BUILD_ARGS := -Z build-std=core,alloc
+QEMU_ARGS := -net none -nographic -cpu qemu64,fsgsbase
+OBJDUMP := rust-objdump
+
+ifeq (${MODE}, release)
+	BUILD_ARGS += --release
+endif
+
+build:
+	cargo build $(BUILD_ARGS)
+
+run: build
+	mkdir -p $(ESP)/EFI/Boot
+	cp $(EFI) $(ESP)/EFI/Boot/BootX64.efi
+	qemu-system-x86_64 \
+		-bios ${OVMF} \
+		-drive format=raw,file=fat:rw:${ESP} \
+		$(QEMU_ARGS)
+
+clippy:
+	cargo clippy $(BUILD_ARGS)
+
+fix:
+	cargo fix $(BUILD_ARGS) --allow-dirty
+
+header:
+	$(OBJDUMP) -h $(EFI) | less
+
+asm:
+	$(OBJDUMP) -d $(EFI) | less

examples/uefi/OVMF.fd

@@ -0,0 +1,3 @@
+version https://git-lfs.github.com/spec/v1
+oid sha256:a2e2a2b2ff7d5ea1f112557a12436d42e560b71120a610407ba4efc9df12efd7
+size 2097152

examples/uefi/README.md

@@ -0,0 +1,5 @@
+# Example on UEFI Application
+
+```bash
+make run
+```

examples/uefi/src/main.rs

@@ -0,0 +1,95 @@
+#![no_std]
+#![no_main]
+#![feature(abi_efiapi)]
+#![deny(warnings)]
+
+extern crate alloc;
+
+use log::*;
+use trapframe::GeneralRegs;
+use uefi::prelude::*;
+use x86_64::registers::control::*;
+use x86_64::structures::paging::{PageTable, PageTableFlags};
+
+#[entry]
+fn efi_main(_image: Handle, st: SystemTable<Boot>) -> uefi::Status {
+    uefi_services::init(&st).expect_success("Failed to initialize utilities");
+    check_and_set_cpu_features();
+    init_user_code();
+    trapframe::init();
+
+    let mut regs = GeneralRegs {
+        rax: 0,
+        rbx: 1,
+        rcx: 2,
+        rdx: 3,
+        rsi: 4,
+        rdi: 5,
+        rbp: 6,
+        rsp: 7,
+        r8: 8,
+        r9: 9,
+        r10: 10,
+        r11: 11,
+        r12: 12,
+        r13: 13,
+        r14: 14,
+        r15: 15,
+        rip: 0x1000,
+        rflags: 0x202,
+        fsbase: 18,
+        gsbase: 19,
+    };
+
+    info!("go to user");
+    unsafe {
+        trapframe::run_user(&mut regs);
+    }
+    info!("back from user: {:#x?}", regs);
+
+    unimplemented!()
+}
+
+/// Initialize user code at 0x1000.
+fn init_user_code() {
+    allow_user_access(USER_CODE_ADDR);
+    const USER_CODE_ADDR: usize = 0x1000;
+    const SYSCALL_OPCODE: u16 = 0x05_0f;
+    unsafe {
+        (USER_CODE_ADDR as *mut u16).write(SYSCALL_OPCODE);
+    }
+}
+
+/// Set user bit for 4-level PDEs of the `page`.
+/// This is a workaround since `x86_64` crate does not set user bit for PDEs.
+fn allow_user_access(vaddr: usize) {
+    let mut page_table = Cr3::read().0.start_address().as_u64() as *mut PageTable;
+    for level in 0..4 {
+        let index = (vaddr >> (12 + (3 - level) * 9)) & 0o777;
+        let entry = unsafe { &mut (&mut *page_table)[index] };
+        let flags = entry.flags();
+        entry.set_flags(flags | PageTableFlags::USER_ACCESSIBLE);
+        if level == 3 || flags.contains(PageTableFlags::HUGE_PAGE) {
+            return;
+        }
+        page_table = entry.frame().unwrap().start_address().as_u64() as *mut PageTable;
+    }
+}
+
+fn check_and_set_cpu_features() {
+    assert!(raw_cpuid::CpuId::new()
+        .get_extended_feature_info()
+        .unwrap()
+        .has_fsgsbase());
+    unsafe {
+        // Enable NX bit.
+        Efer::update(|f| f.insert(EferFlags::NO_EXECUTE_ENABLE));
+
+        // By default the page of CR3 have write protect.
+        // We have to remove that before editing page table.
+        Cr0::update(|f| f.remove(Cr0Flags::WRITE_PROTECT));
+
+        // Enable `rdfsbase` series instructions.
+        Cr4::update(|f| f.insert(Cr4Flags::FSGSBASE));
+    }
+}

src/arch/x86_64/fast_syscall.rs

@@ -1,45 +1,35 @@
 use super::*;
 use x86_64::registers::model_specific::*;
 
+global_asm!(include_str!("syscall.S"));
+
 pub fn init() {
     unsafe {
+        // enable `syscall` instruction
         Efer::update(|flags| {
             *flags |= EferFlags::SYSTEM_CALL_EXTENSIONS;
         });
 
-        let mut star = Msr::new(0xC0000081); // legacy mode SYSCALL target
+        //        let mut star = Msr::new(0xC0000081); // legacy mode SYSCALL target
         let mut lstar = Msr::new(0xC0000082); // long mode SYSCALL target
         let mut sfmask = Msr::new(0xC0000084); // EFLAGS mask for syscall
 
         // flags to clear on syscall
         // copy from Linux 5.0
         // TF|DF|IF|IOPL|AC|NT
-        let rflags_mask = 0x47700;
+        const RFLAGS_MASK: u64 = 0x47700;
 
-        star.write(core::mem::transmute(STAR));
+        //        star.write(core::mem::transmute(STAR));
         lstar.write(syscall_entry as u64);
-        sfmask.write(rflags_mask);
+        sfmask.write(RFLAGS_MASK);
     }
 }
 
-extern "C" {
+extern "sysv64" {
     fn syscall_entry();
     pub fn run_user(regs: &mut GeneralRegs);
 }
 
-#[repr(packed)]
-struct StarMsr {
-    eip: u32,
-    kernel_cs: u16,
-    user_cs: u16,
-}
-
-const STAR: StarMsr = StarMsr {
-    eip: 0, // ignored in 64 bit mode
-    kernel_cs: KCODE_SELECTOR,
-    user_cs: UCODE_SELECTOR,
-};
-
 #[derive(Debug, Default, Clone, Copy)]
 #[repr(C)]
 pub struct GeneralRegs {

src/arch/x86_64/gdt.rs

@@ -0,0 +1,88 @@
+//! Configure Global Descriptor Table (GDT)
+
+use alloc::boxed::Box;
+use alloc::vec::Vec;
+use core::mem::size_of;
+
+use x86_64::instructions::tables::{lgdt, load_tss};
+use x86_64::registers::model_specific::{GsBase, Msr};
+use x86_64::structures::gdt::{Descriptor, SegmentSelector};
+use x86_64::structures::tss::TaskStateSegment;
+use x86_64::structures::DescriptorTablePointer;
+use x86_64::{PrivilegeLevel, VirtAddr};
+
+/// Init TSS & GDT.
+pub fn init() {
+    // allocate stack for trap from user
+    // set the stack top to TSS
+    // so that when trap from ring3 to ring0, CPU can switch stack correctly
+    let mut tss = Box::new(TaskStateSegment::new());
+    let trap_stack_top = Box::leak(Box::new([0u8; 0x1000])).as_ptr() as u64 + 0x1000;
+    tss.privilege_stack_table[0] = VirtAddr::new(trap_stack_top);
+    let tss: &'static _ = Box::leak(tss);
+    let (tss0, tss1) = match Descriptor::tss_segment(tss) {
+        Descriptor::SystemSegment(tss0, tss1) => (tss0, tss1),
+        _ => unreachable!(),
+    };
+
+    unsafe {
+        // get current GDT
+        let gdtp = sgdt();
+        let entry_count = (gdtp.limit + 1) as usize / size_of::<u64>();
+        let old_gdt = core::slice::from_raw_parts(gdtp.base as *const u64, entry_count);
+
+        // allocate new GDT with 7 more entries
+        //
+        // NOTICE: for fast syscall:
+        //   STAR[47:32] = K_CS   = K_SS - 8
+        //   STAR[63:48] = U_CS32 = U_SS32 - 8 = U_CS - 16
+        let mut gdt = Vec::from(old_gdt);
+        gdt.extend([tss0, tss1, KCODE64, KDATA64, UCODE32, UDATA32, UCODE64].iter());
+        let gdt = Vec::leak(gdt);
+
+        // load new GDT and TSS
+        lgdt(&DescriptorTablePointer {
+            limit: gdt.len() as u16 * 8 - 1,
+            base: gdt.as_ptr() as _,
+        });
+        load_tss(SegmentSelector::new(
+            entry_count as u16,
+            PrivilegeLevel::Ring0,
+        ));
+
+        // for fast syscall:
+        // store address of TSS to kernel_gsbase
+        GsBase::MSR.write(tss as *const _ as u64);
+
+        let mut star = Msr::new(0xC0000081); // legacy mode SYSCALL target
+        star.write(core::mem::transmute(StarMsr {
+            eip: 0,
+            kernel_cs: SegmentSelector::new(entry_count as u16 + 2, PrivilegeLevel::Ring0).0,
+            user_cs: SegmentSelector::new(entry_count as u16 + 4, PrivilegeLevel::Ring3).0,
+        }));
+    }
+}
+
+/// Get current GDT register
+#[inline]
+unsafe fn sgdt() -> DescriptorTablePointer {
+    let mut gdt = DescriptorTablePointer { limit: 0, base: 0 };
+    asm!("sgdt ($0)" :: "r" (&mut gdt) : "memory" : "volatile");
+    gdt
+}
+
+#[allow(dead_code)]
+#[repr(packed)]
+struct StarMsr {
+    /// ignored in 64 bit mode
+    eip: u32,
+    kernel_cs: u16,
+    user_cs: u16,
+}
+
+const KCODE64: u64 = 0x00209800_00000000; // EXECUTABLE | USER_SEGMENT | PRESENT | LONG_MODE
+const UCODE64: u64 = 0x0020F800_00000000; // EXECUTABLE | USER_SEGMENT | USER_MODE | PRESENT | LONG_MODE
+const KDATA64: u64 = 0x00009200_00000000; // DATA_WRITABLE | USER_SEGMENT | PRESENT
+const UDATA64: u64 = 0x0000F200_00000000; // DATA_WRITABLE | USER_SEGMENT | USER_MODE | PRESENT
+const UCODE32: u64 = 0x00cffa00_0000ffff; // EXECUTABLE | USER_SEGMENT | USER_MODE | PRESENT
+const UDATA32: u64 = 0x00cff200_0000ffff; // EXECUTABLE | USER_SEGMENT | USER_MODE | PRESENT