Hello build bot (Jenkins), Patrick Georgi, Martin Roth, Jonathan Zhang, Eugene Myers, David Hendricks, Naresh Solanki, Angel Pons, Aaron Durbin, Patrick Rudolph, Ron Minnich, Eugene Myers,
I'd like you to reexamine a change. Please visit
https://review.coreboot.org/c/coreboot/+/41829
to look at the new patch set (#8).
Change subject: cpu/x86/smm: Enable SMM support for Xeon-SP
......................................................................
cpu/x86/smm: Enable SMM support for Xeon-SP
Xeon-SP a Skylake Scalable Processor can have 36 CPU threads(18 cores). Current
coreboot SMM is unable to handle more than ~32 CPU threads. The state save area
begins to encroach upon the entry code and thus the system can hang, reboot,
etc.This patch fixes those issues but it requires changes in common SMM code.
The staggered entry points with simple near jumps will no longer work because
the CPUs have entry points larger than 0xFFFF. Current SMM code architecture
assumes code will be within 0xFFFF (near jumps) before entering protected mode.
Therefore, this patch installs the same stub code for each CPU thread. The
following steps outline the flow and step #1 is now removed. CPUs will enter
right at step #2.
1. jump to smm stub code (step #2)
2. setup a stack (just like before)
2a. enter protected mode (just like before)
2b. jump to common SMI handling code (just like before)
3. resume/exit smm (just like before)
By making the modifications above, this allows the smm module loader to expand
easily as more CPU threads are added. By default all CPUs are relocated one at
a time.
TEST=build for Tiogapass platform under OCP mainboard. Enable the following in
Kconfig.
select CPU_INTEL_COMMON_SMM
select SOC_INTEL_COMMON_BLOCK_SMM
select SMM_TSEG
select HAVE_SMI_HANDLER
select ACPI_INTEL_HARDWARE_SLEEP_VALUE
Debug console will show all 36 cores relocated. Further tested by generating
SMI's to port 0xb2 using XDP/ITP HW debugger and ensured all cores entering and
exiting SMM properly. In addition, booted to Linux 5.4 kernel and observed no
issues during mp init.
Change-Id: I78bd74c11ca42fb430f63711b5ec87d4bfe6ca2a
Signed-off-by: Rocky Phagura <rphagura(a)fb.com>
---
M src/cpu/x86/Makefile.inc
M src/cpu/x86/mp_init.c
M src/cpu/x86/smm/smm_module_loader.c
M src/include/cpu/x86/smm.h
M src/soc/intel/xeon_sp/Makefile.inc
A src/soc/intel/xeon_sp/smmrelocate.c
M src/soc/intel/xeon_sp/uncore.c
M src/southbridge/intel/common/smihandler.c
8 files changed, 578 insertions(+), 159 deletions(-)
git pull ssh://review.coreboot.org:29418/coreboot refs/changes/29/41829/8
--
To view, visit https://review.coreboot.org/c/coreboot/+/41829
To unsubscribe, or for help writing mail filters, visit https://review.coreboot.org/settings
Gerrit-Project: coreboot
Gerrit-Branch: master
Gerrit-Change-Id: I78bd74c11ca42fb430f63711b5ec87d4bfe6ca2a
Gerrit-Change-Number: 41829
Gerrit-PatchSet: 8
Gerrit-Owner: Rocky Phagura
Gerrit-Reviewer: Aaron Durbin <adurbin(a)chromium.org>
Gerrit-Reviewer: Angel Pons <th3fanbus(a)gmail.com>
Gerrit-Reviewer: David Hendricks <david.hendricks(a)gmail.com>
Gerrit-Reviewer: Eugene Myers <cedarhouse1(a)comcast.net>
Gerrit-Reviewer: Eugene Myers <cedarhouse(a)comcast.net>
Gerrit-Reviewer: Jonathan Zhang <jonzhang(a)fb.com>
Gerrit-Reviewer: Martin Roth <martinroth(a)google.com>
Gerrit-Reviewer: Naresh Solanki <naresh.solanki.2011(a)gmail.com>
Gerrit-Reviewer: Patrick Georgi <pgeorgi(a)google.com>
Gerrit-Reviewer: Patrick Rudolph <siro(a)das-labor.org>
Gerrit-Reviewer: Ron Minnich <rminnich(a)google.com>
Gerrit-Reviewer: build bot (Jenkins) <no-reply(a)coreboot.org>
Gerrit-CC: HAOUAS Elyes <ehaouas(a)noos.fr>
Gerrit-CC: Patrick Rudolph <patrick.rudolph(a)9elements.com>
Gerrit-CC: Paul Menzel <paulepanter(a)users.sourceforge.net>
Gerrit-MessageType: newpatchset
Hello build bot (Jenkins), Patrick Georgi, Martin Roth,
I'd like you to reexamine a change. Please visit
https://review.coreboot.org/c/coreboot/+/37016
to look at the new patch set (#7).
Change subject: security/intel/txt: Add Intel TXT support
......................................................................
security/intel/txt: Add Intel TXT support
* Add TXT ramstage driver
** Show startup errors
** Check for TXT reset
** Check for Secrets-in-memory
** Add assembly for GETSEC instruction
** Check platform state if GETSEC instruction is supported
** Configure TXT memory regions
** Lock TXT
** Protect TSEG using DMA protected regions
** Place SINIT ACM
** Print information about ACMs
* Extend security_clear_dram_request()
** To clear all DRAM if secrets are in memory
Tested on OCP Wedge100s and Facebook Watson
* Able to enter a Measure Launch Environment using SINIT ACM and TBOOT
* Secrets in Memory bit is set on ungraceful shutdown
* Memory is cleared after ungraceful shutdown
Change-Id: Iaf4be7f016cc12d3971e1e1fe171e6665e44c284
Signed-off-by: Philipp Deppenwiese <zaolin.daisuki(a)gmail.com>
Signed-off-by: Philipp Deppenwiese <zaolin(a)das-labor.org>
---
M src/security/intel/txt/Kconfig
M src/security/intel/txt/Makefile.inc
A src/security/intel/txt/common.c
A src/security/intel/txt/getsec.c
A src/security/intel/txt/getsec_enteraccs.S
A src/security/intel/txt/logging.c
A src/security/intel/txt/ramstage.c
A src/security/intel/txt/txt.h
A src/security/intel/txt/txt_getsec.h
A src/security/intel/txt/txt_register.h
M src/security/memory/memory.c
11 files changed, 1,853 insertions(+), 1 deletion(-)
git pull ssh://review.coreboot.org:29418/coreboot refs/changes/16/37016/7
--
To view, visit https://review.coreboot.org/c/coreboot/+/37016
To unsubscribe, or for help writing mail filters, visit https://review.coreboot.org/settings
Gerrit-Project: coreboot
Gerrit-Branch: master
Gerrit-Change-Id: Iaf4be7f016cc12d3971e1e1fe171e6665e44c284
Gerrit-Change-Number: 37016
Gerrit-PatchSet: 7
Gerrit-Owner: Philipp Deppenwiese <zaolin.daisuki(a)gmail.com>
Gerrit-Reviewer: Martin Roth <martinroth(a)google.com>
Gerrit-Reviewer: Patrick Georgi <pgeorgi(a)google.com>
Gerrit-Reviewer: Philipp Deppenwiese <zaolin.daisuki(a)gmail.com>
Gerrit-Reviewer: build bot (Jenkins) <no-reply(a)coreboot.org>
Gerrit-CC: Arthur Heymans <arthur(a)aheymans.xyz>
Gerrit-CC: Paul Menzel <paulepanter(a)users.sourceforge.net>
Gerrit-MessageType: newpatchset