Re: [PATCH v8 19/19] hvf: arm: Handle Windows 10 SMC call

qemu-devel

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [PATCH v8 19/19] hvf: arm: Handle Windows 10 SMC call

From:	Alexander Graf
Subject:	Re: [PATCH v8 19/19] hvf: arm: Handle Windows 10 SMC call
Date:	Sun, 27 Jun 2021 23:07:55 +0200
User-agent:	Mozilla/5.0 (Macintosh; Intel Mac OS X 10.15; rv:78.0) Gecko/20100101 Thunderbird/78.11.0

On 15.06.21 11:31, Peter Maydell wrote:
> On Wed, 19 May 2021 at 21:23, Alexander Graf <agraf@csgraf.de> wrote:
>> Windows 10 calls an SMCCC call via SMC unconditionally on boot. It lives
>> in the trusted application call number space, but its purpose is unknown.
>>
>> In our current SMC implementation, we inject a UDEF for unknown SMC calls,
>> including this one. However, Windows breaks on boot when we do this. Instead,
>> let's return an error code.
>>
>> With this patch applied I can successfully boot the current Windows 10
>> Insider Preview in HVF.
>>
>> Signed-off-by: Alexander Graf <agraf@csgraf.de>
>>
>> ---
>>
>> v7 -> v8:
>>
>>   - fix checkpatch
>> ---
>>  target/arm/hvf/hvf.c | 4 ++++
>>  1 file changed, 4 insertions(+)
>>
>> diff --git a/target/arm/hvf/hvf.c b/target/arm/hvf/hvf.c
>> index 65c33e2a14..be670af578 100644
>> --- a/target/arm/hvf/hvf.c
>> +++ b/target/arm/hvf/hvf.c
>> @@ -931,6 +931,10 @@ int hvf_vcpu_exec(CPUState *cpu)
>>          cpu_synchronize_state(cpu);
>>          if (!hvf_handle_psci_call(cpu)) {
>>              advance_pc = true;
>> +        } else if (env->xregs[0] == QEMU_SMCCC_TC_WINDOWS10_BOOT) {
>> +            /* This special SMC is called by Windows 10 on boot. Return 
>> error */
>> +            env->xregs[0] = -1;
>> +            advance_pc = true;
>>          } else {
>>              trace_hvf_unknown_smc(env->xregs[0]);
>>              hvf_raise_exception(env, EXCP_UDEF, syn_uncategorized());
> Where can I find documentation on what this SMC call is and what
> it's supposed to do ?


It's 0xc3000001 which according to the SMCCC spec [1] means OR'ed values
of the following:

0x80000000 = Fast Call
0x40000000 = SMC64
0x03000000 = OEM Service Calls
0x00000001 = Function number 1

So, uh. I'm not sure how to answer the question above. I don't have
source level access to Windows to read what the call is supposed to do
:). But it's definitely calling something OEM specific that it really
shouldn't be callling.

Reading the SMCCC spec section 5.2, unknown SMCCC calls should return
-1. It advises against probing by just calling them, but does not
specify any other fault behavior than the -1 return (such as the #UDEF
we inject in TCG).


Alex

[1] https://developer.arm.com/documentation/den0028/latest

[Prev in Thread]

Current Thread

[Next in Thread]

Re: [PATCH v8 19/19] hvf: arm: Handle Windows 10 SMC call, Peter Maydell, 2021/06/15
- Re: [PATCH v8 19/19] hvf: arm: Handle Windows 10 SMC call, Alexander Graf <=

Prev by Date: Re: [PATCH v8 13/19] hvf: Add Apple Silicon support
Next by Date: Re: [PATCH v8 18/19] arm: Enable Windows 10 trusted SMCCC boot call
Previous by thread: Re: [PATCH v8 19/19] hvf: arm: Handle Windows 10 SMC call
Next by thread: Re: [PATCH v8 13/19] hvf: Add Apple Silicon support
Index(es):
- Date
- Thread