August 2020 - coreboot-gerrit - mail.coreboot.org

Change in coreboot[4.11_branch]: security/intel/txt: Add Intel TXT support
by Jonathan Zhang (Code Review) Aug. 10, 2020

Aug. 10, 2020

Hello Philipp Deppenwiese, I'd like you to do a code review. Please visit https://review.coreboot.org/c/coreboot/+/42712 to review the following change. Change subject: security/intel/txt: Add Intel TXT support ...................................................................... security/intel/txt: Add Intel TXT support * Add TXT ramstage driver ** Show startup errors ** Check for TXT reset ** Check for Secrets-in-memory ** Add assembly for GETSEC instruction ** Check platform state if GETSEC instruction is supported ** Configure TXT memory regions ** Lock TXT ** Protect TSEG using DMA protected regions ** Place SINIT ACM ** Print information about ACMs * Extend security_clear_dram_request() ** To clear all DRAM if secrets are in memory Tested on OCP Wedge100s and Facebook Watson * Able to enter a Measure Launch Environment using SINIT ACM and TBOOT * Secrets in Memory bit is set on ungraceful shutdown * Memory is cleared after ungraceful shutdown Change-Id: Iaf4be7f016cc12d3971e1e1fe171e6665e44c284 Signed-off-by: Philipp Deppenwiese <zaolin.daisuki(a)gmail.com> --- M src/security/intel/txt/Kconfig M src/security/intel/txt/Makefile.inc A src/security/intel/txt/common.c A src/security/intel/txt/getsec.c A src/security/intel/txt/getsec_enteraccs.S A src/security/intel/txt/logging.c A src/security/intel/txt/ramstage.c A src/security/intel/txt/txt.h A src/security/intel/txt/txt_getsec.h A src/security/intel/txt/txt_register.h M src/security/memory/memory.c 11 files changed, 1,990 insertions(+), 1 deletion(-) git pull ssh://review.coreboot.org:29418/coreboot refs/changes/12/42712/1 diff --git a/src/security/intel/txt/Kconfig b/src/security/intel/txt/Kconfig index 97d24fd..140312a 100644 --- a/src/security/intel/txt/Kconfig +++ b/src/security/intel/txt/Kconfig @@ -22,7 +22,7 @@ depends on (TPM1 || TPM2) depends on CPU_INTEL_FIRMWARE_INTERFACE_TABLE depends on PLATFORM_HAS_DRAM_CLEAR - depends on SOC_INTEL_FSP_BROADWELL_DE || SOC_INTEL_COMMON_BLOCK_SA + depends on SOC_INTEL_FSP_BROADWELL_DE if INTEL_TXT @@ -46,6 +46,12 @@ access to Intel resources. Or for some platforms found inside the blob repository. +config INTEL_TXT_LOGGING + bool "Enable verbose logging" + help + Print more TXT related debug output. + Use in preproduction environments only. + config INTEL_TXT_BIOSACM_ALIGNMENT hex default 0x20000 # 128KB diff --git a/src/security/intel/txt/Makefile.inc b/src/security/intel/txt/Makefile.inc index 38eb65d..4ecde3e 100644 --- a/src/security/intel/txt/Makefile.inc +++ b/src/security/intel/txt/Makefile.inc @@ -1,5 +1,13 @@ ifeq ($(CONFIG_INTEL_TXT),y) +romstage-y += common.c +ramstage-y += common.c +ramstage-y += ramstage.c +ramstage-y += getsec_enteraccs.S +ramstage-y += getsec.c +ramstage-$(CONFIG_INTEL_TXT_LOGGING) += logging.c +romstage-$(CONFIG_INTEL_TXT_LOGGING) += logging.c + cbfs-files-y += txt_bios_acm.bin txt_bios_acm.bin-file := $(CONFIG_INTEL_TXT_BIOSACM_FILE) txt_bios_acm.bin-type := raw diff --git a/src/security/intel/txt/common.c b/src/security/intel/txt/common.c new file mode 100644 index 0000000..61f2034 --- /dev/null +++ b/src/security/intel/txt/common.c @@ -0,0 +1,506 @@ +/* + * This file is part of the coreboot project. + * + * Copyright (C) 2019 9elements Agency GmbH + * Copyright (C) 2019 Facebook Inc. + * + * This program is free software; you can redistribute it and/or modify + * it under the terms of the GNU General Public License as published by + * the Free Software Foundation; version 2 of the License. + * + * This program is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU General Public License for more details. + */ + +#include <arch/mmio.h> +#include <string.h> +#include <console/console.h> +#include <stdint.h> +#include <cbfs.h> +#include <cpu/x86/lapic.h> +#include <cpu/x86/cr.h> +#include <cpu/x86/mp.h> +#include <lib.h> + +#include "txt.h" +#include "txt_register.h" +#include "txt_getsec.h" + +/** + * Dump the ACM error status bits. + * + * @param acm_error The status register to dump + * @return -1 on error (register is not valid) + * 0 on error (Class > 0 and Major > 0) + * 1 on success (Class == 0 and Major == 0 and progress > 0) + */ +int intel_txt_log_acm_error(const uint32_t acm_error) +{ + if (acm_error & ACMERROR_TXT_VALID) { + const uint8_t type = (acm_error & ACMERROR_TXT_TYPE_CODE) + >> ACMERROR_TXT_TYPE_SHIFT; + + switch (type) { + case ACMERROR_TXT_AC_MODULE_TYPE_BIOS: + printk(BIOS_ERR, "BIOSACM"); + break; + case ACMERROR_TXT_AC_MODULE_TYPE_SINIT: + printk(BIOS_ERR, "SINIT"); + break; + default: + printk(BIOS_ERR, "ACM"); + break; + } + printk(BIOS_ERR, ": Error code valid\n"); + + if (acm_error & ACMERROR_TXT_EXTERNAL) + printk(BIOS_ERR, " Caused by: External\n"); + else + printk(BIOS_ERR, " Caused by: Processor\n"); + + const uint32_t class = (acm_error & ACMERROR_TXT_CLASS_CODE) + >> ACMERROR_TXT_CLASS_SHIFT; + const uint32_t major = (acm_error & ACMERROR_TXT_MAJOR_CODE) + >> ACMERROR_TXT_MAJOR_SHIFT; + const uint32_t minor = (acm_error & ACMERROR_TXT_MINOR_CODE) + >> ACMERROR_TXT_MINOR_SHIFT; + const uint32_t progress = (acm_error & ACMERROR_TXT_PROGRESS_CODE) + >> ACMERROR_TXT_PROGRESS_SHIFT; + + if (!minor) { + if (class == 0 && major == 0 && progress > 0) { + printk(BIOS_ERR, " Execution successful\n"); + printk(BIOS_ERR, " Progress code 0x%x\n", + progress); + } else { + printk(BIOS_ERR, " Error Class: %x\n", class); + printk(BIOS_ERR, " Error: %x.%x\n", major, progress); + } + } else { + printk(BIOS_ERR, " ACM didn't start\n"); + printk(BIOS_ERR, " Error Type: 0x%x\n", acm_error & 0xffffff); + return -1; + } + + return (acm_error & ACMERROR_TXT_EXTERNAL) && + class == 0 && + major == 0 && + progress > 0; + } + + return -1; +} + +void intel_txt_log_spad(void) +{ + const uint64_t acm_status = read64((void *)TXT_SPAD); + + printk(BIOS_INFO, "TXT-STS: ACM verification "); + + if (acm_status & ACMSTS_VERIFICATION_ERROR) + printk(BIOS_INFO, "error\n"); + else + printk(BIOS_INFO, "successful\n"); + + printk(BIOS_INFO, "TXT-STS: IBB "); + + if (!(acm_status & ACMSTS_IBB_MEASURED)) + printk(BIOS_INFO, "not measured\n"); + else + printk(BIOS_INFO, "measured\n"); + + printk(BIOS_INFO, "TXT-STS: TXT is "); + + if (acm_status & ACMSTS_TXT_DISABLED) + printk(BIOS_INFO, "disabled\n"); + else + printk(BIOS_INFO, "not disabled\n"); + + printk(BIOS_INFO, "TXT-STS: BIOS is "); + + if (acm_status & ACMSTS_BIOS_TRUSTED) + printk(BIOS_INFO, "trusted\n"); + else + printk(BIOS_INFO, "not trusted\n"); +} + +/* Returns true if secrets might be in memory */ +bool intel_txt_memory_has_secrets(void) +{ + bool ret; + if (!CONFIG(INTEL_TXT)) + return false; + + ret = (read8((void *)TXT_ESTS) & TXT_ESTS_WAKE_ERROR_STS) || + (read64((void *)TXT_E2STS) & TXT_E2STS_SECRET_STS); + + if (ret) + printk(BIOS_CRIT, "TXT-STS: Secrets in memory!\n"); + return ret; +} + +static struct acm_info_table *find_info_table(const void *ptr) +{ + const struct acm_header_v0 *acm_header = (struct acm_header_v0*)ptr; + + return (struct acm_info_table *)(ptr + + (acm_header->header_len + acm_header->scratch_size) * 4); +} + +/** + * Validate that the provided ACM is useable on this platform. + */ +static int validate_acm(const void *ptr) +{ + const struct acm_header_v0 *acm_header = (struct acm_header_v0*)ptr; + uint32_t max_size_acm_area = 0; + + if (acm_header->module_type != CHIPSET_ACM) + return -1; + + /* Seems inconsistent accross generations. */ + if (acm_header->module_sub_type != 0 && acm_header->module_sub_type != 1) + return -2; + + if (acm_header->module_vendor != INTEL_ACM_VENDOR) + return -3; + + if (((acm_header->header_len + acm_header->scratch_size) * 4 + + sizeof(struct acm_info_table)) > (acm_header->size & 0xffffff) * 4) { + return -4; + } + + if (!getsec_parameter(NULL, NULL, &max_size_acm_area, NULL, NULL, NULL)) + return -5; + + /* + * Causes #GP if acm_header->size > processor internal authenticated + * code area capacity. + * SAFER MODE EXTENSIONS REFERENCE. + * Intel 64 and IA-32 Architectures Software Developer Manuals Vol 2D + */ + const size_t acm_len = 1UL << log2_ceil((acm_header->size & 0xffffff) << 2); + if (max_size_acm_area < acm_len) { + printk(BIOS_ERR, "TEE-TXT: BIOS ACM doesn't fit into AC execution region\n"); + return -6; + } + + struct acm_info_table *info = find_info_table(ptr); + if (!info) + return -7; + if (info->chipset_acm_type != BIOS) + return -8; + + static const u8 acm_uuid[] = { + 0xaa, 0x3a, 0xc0, 0x7f, 0xa7, 0x46, 0xdb, 0x18, 0x2e, 0xac, 0x69, 0x8f, 0x8d, + 0x41, 0x7f, 0x5a + }; + if (memcmp(acm_uuid, info->uuid, sizeof(acm_uuid)) != 0) + return -9; + + if ((acm_header->flags & ACM_FORMAT_FLAGS_DEBUG) == + (read64((void *)TXT_VER_FSBIF) & TXT_VER_PRODUCTION_FUSED)) + return -10; + + return 0; +} + +/* + * Test all bits for TXT execution. + * + * @return 0 on success + */ +int intel_txt_run_bios_acm(const u8 input_params) +{ + struct cbfsf file; + void *acm_data; + struct region_device acm; + size_t acm_len; + int ret; + + if (cbfs_boot_locate(&file, TXT_FILE_BIOS_ACM, NULL)) { + printk(BIOS_ERR, "TEE-TXT: Couldn't locate BIOS ACM in CBFS.\n"); + return -1; + } + + cbfs_file_data(&acm, &file); + acm_data = rdev_mmap_full(&acm); + acm_len = region_device_sz(&acm); + if (!acm_data || acm_len == 0) { + printk(BIOS_ERR, "TEE-TXT: Couldn't map BIOS ACM from CBFS.\n"); + return -1; + } + + /* + * CPU enforces only 4KiB alignment. + * Chapter A.1.1 + * Intel TXT Software Development Guide (Document: 315168-015) + */ + if (((uintptr_t)acm_data) % 4096 != 0) { + printk(BIOS_ERR, "TEE-TXT: BIOS ACM isn't mapped at page boundary.\n"); + rdev_munmap(&acm, acm_data); + return -1; + } + + /* + * Causes #GP if not multiple of 64. + * SAFER MODE EXTENSIONS REFERENCE. + * Intel 64 and IA-32 Architectures Software Developer Manuals Vol 2D + */ + if (acm_len % 64 != 0) { + printk(BIOS_ERR, "TEE-TXT: BIOS ACM size isn't multiple of 64.\n"); + rdev_munmap(&acm, acm_data); + return -1; + } + + /* + * The ACM should be aligned to it's size, but that's not possible, as + * some ACMs are not power of two. Use the next power of two for verification. + */ + if ((uintptr_t)acm_data & ((1UL << log2_ceil(acm_len)) - 1)) { + printk(BIOS_ERR, "TEE-TXT: BIOS ACM isn't aligned to its size.\n"); + rdev_munmap(&acm, acm_data); + return -1; + } + + if (CONFIG(INTEL_TXT_LOGGING)) + txt_dump_acm_info(acm_data); + + ret = validate_acm(acm_data); + if (ret < 0) { + printk(BIOS_ERR, "TEE-TXT: Validation of ACM failed with: %d\n", ret); + rdev_munmap(&acm, acm_data); + return ret; + } + + /* Call into assembly which invokes the referenced ACM */ + getsec_enteraccs(input_params, (uintptr_t)acm_data, acm_len); + + rdev_munmap(&acm, acm_data); + + const uint64_t acm_status = read64((void *)TXT_SPAD); + if (acm_status & ACMERROR_TXT_VALID) { + printk(BIOS_ERR, "TEE-TXT: FATAL ACM launch error !\n"); + /* + * WARNING ! + * To clear TXT.BIOSACM.ERRORCODE you must issue a cold reboot ! + */ + intel_txt_log_acm_error(read32((void *)TXT_BIOSACM_ERRORCODE)); + return -1; + } + if (intel_txt_log_acm_error(read32((void *)TXT_BIOSACM_ERRORCODE)) != 1) + return -1; + + return 0; +} + +/* + * Test all bits that are required TXT in general. + * Enables SMX if available. + * + * @return 0 on success + */ +bool intel_txt_prepare_txt_env(void) +{ + bool failure = false; + uint32_t txt_feature_flags = 0; + + unsigned int ecx = cpuid_ecx(1); + + printk(BIOS_DEBUG, "TEE-TXT: CPU supports SMX: "); + if (ecx & CPUID_SMX) { + printk(BIOS_DEBUG, "true\n"); + } else { + printk(BIOS_DEBUG, "false\n"); + failure = true; + } + + printk(BIOS_DEBUG, "TEE-TXT: CPU supports VMX: "); + if (ecx & CPUID_VMX) { + printk(BIOS_DEBUG, "true\n"); + } else { + printk(BIOS_DEBUG, "false\n"); + failure = true; + } + + msr_t msr = rdmsr(IA32_FEATURE_CONTROL); + if (!(msr.lo & (1 << 0))) { + printk(BIOS_ERR, "TEE-TXT: IA32_FEATURE_CONTROL is not locked\n"); + + msr.lo |= FEATURE_ENABLE_VMX; + msr.lo |= (1 << 1); + msr.lo |= 0xff00; + msr.lo |= 1; + + wrmsr(IA32_FEATURE_CONTROL, msr); + msr = rdmsr(IA32_FEATURE_CONTROL); + } + + printk(BIOS_DEBUG, "TEE-TXT: IA32_FEATURE_CONTROL\n"); + printk(BIOS_DEBUG, " VMXON in SMX enable: "); + + if (msr.lo & (1 << 1)) { + printk(BIOS_DEBUG, "true\n"); + } else { + printk(BIOS_DEBUG, "false\n"); + failure = true; + } + + printk(BIOS_DEBUG, " VMXON outside SMX enable: "); + if (msr.lo & FEATURE_ENABLE_VMX) { + printk(BIOS_DEBUG, "true\n"); + } else { + printk(BIOS_DEBUG, "false\n"); + failure = true; + } + + printk(BIOS_DEBUG, " register is locked: "); + if (msr.lo & (1 << 0)) { + printk(BIOS_DEBUG, "true\n"); + } else { + printk(BIOS_DEBUG, "false\n"); + failure = true; + } + + /* IA32_FEATURE_CONTROL enables getsec instructions */ + printk(BIOS_DEBUG, " GETSEC (all instructions) is enabled: "); + if ((msr.lo & 0xff00) == 0xff00) { + printk(BIOS_DEBUG, "true\n"); + } else { + printk(BIOS_DEBUG, "false\n"); + failure = true; + } + + /* Prevent crash and opt out early */ + if (!(ecx & CPUID_SMX) || failure) + return true; + + uint32_t eax = 0; + /* + * GetSec[CAPABILITIES] + * SAFER MODE EXTENSIONS REFERENCE. + * Intel 64 and IA-32 Architectures Software Developer Manuals Vol 2D + * Must check BIT0 of TXT chipset has been detected by CPU. + */ + if (!getsec_capabilities(&eax)) + return true; + + printk(BIOS_DEBUG, "TEE-TXT: GETSEC[CAPABILITIES] returned: \n"); + printk(BIOS_DEBUG, " TXT capabable chipset present: "); + if (eax & (1 << 0)) { + printk(BIOS_DEBUG, "true\n"); + } else { + printk(BIOS_DEBUG, "false\n"); + } + + printk(BIOS_DEBUG, " ENTERACCS available: "); + if (eax & (1 << 2)) { + printk(BIOS_DEBUG, "true\n"); + } else { + printk(BIOS_DEBUG, "false\n"); + } + + printk(BIOS_DEBUG, " EXITAC available: "); + if (eax & (1 << 3)) { + printk(BIOS_DEBUG, "true\n"); + } else { + printk(BIOS_DEBUG, "false\n"); + } + + printk(BIOS_DEBUG, " SENTER available: "); + if (eax & (1 << 4)) { + printk(BIOS_DEBUG, "true\n"); + } else { + printk(BIOS_DEBUG, "false\n"); + } + + printk(BIOS_DEBUG, " SEXIT available: "); + if (eax & (1 << 5)) { + printk(BIOS_DEBUG, "true\n"); + } else { + printk(BIOS_DEBUG, "false\n"); + } + + printk(BIOS_DEBUG, " PARAMETERS available: "); + if (eax & (1 << 6)) { + printk(BIOS_DEBUG, "true\n"); + } else { + printk(BIOS_DEBUG, "false\n"); + } + + /* + * Causes #GP if function is not supported by getsec. + * SAFER MODE EXTENSIONS REFERENCE. + * Intel 64 and IA-32 Architectures Software Developer Manuals Vol 2D + * Order Number: 325383-060US + */ + if ((eax & 0x7d) != 0x7d) + failure = true; + + const uint64_t status = read64((void *)TXT_SPAD); + + if (status & ACMSTS_TXT_DISABLED) { + printk(BIOS_INFO, "TEE-TXT: TXT disabled by policy.\n"); + failure = true; + } + + /* + * Only the BSP must call getsec[ENTERACCS]. + * SAFER MODE EXTENSIONS REFERENCE. + * Intel 64 and IA-32 Architectures Software Developer Manuals Vol 2D + * Order Number: 325383-060US + */ + msr = rdmsr(LAPIC_BASE_MSR); + if (!(msr.lo & LAPIC_BASE_MSR_BOOTSTRAP_PROCESSOR)) { + printk(BIOS_ERR, "TEE-TXT: BSP flag not set in APICBASE_MSR.\n"); + failure = true; + } + + /* + * There must be no MCEs pending. + * Intel 64 and IA-32 Architectures Software Developer Manuals Vol 2D + * Order Number: 325383-060US + */ + msr = rdmsr(0x17a); + if (msr.lo & 0x4) { + printk(BIOS_ERR, "TEE-TXT: IA32_MCG_STATUS.MCIP is set.\n"); + failure = true; + } + + if (!getsec_parameter(NULL, NULL, NULL, NULL, NULL, &txt_feature_flags)) { + failure = true; + } else { + printk(BIOS_DEBUG, "TEE-TXT: Machine Check Register: "); + if (txt_feature_flags & GETSEC_PARAMS_TXT_EXT_MACHINE_CHECK) { + printk(BIOS_DEBUG, "preserved\n"); + } else { + printk(BIOS_DEBUG, "must be clear\n"); + } + } + + if (!(txt_feature_flags & GETSEC_PARAMS_TXT_EXT_MACHINE_CHECK)) { + /* + * Make sure there are no uncorrectable MCE errors. + * Intel 64 and IA-32 Architectures Software Developer Manuals Vol 2D + */ + msr = rdmsr(IA32_MCG_CAP); + size_t max_mc_msr = msr.lo & MCA_BANKS_MASK; + for (size_t i = 0; i < max_mc_msr; i++) { + msr = rdmsr(IA32_MC0_STATUS + 4 * i); + if (!(msr.hi & MCA_STATUS_HI_UC)) + continue; + + printk(BIOS_ERR, "TEE-TXT: IA32_MC%zd_STATUS.UC is set.\n", i); + failure = true; + break; + } + } + + /* Need to park all APs. */ + if (CONFIG(PARALLEL_MP) && CONFIG(PARALLEL_MP_AP_WORK)) + mp_park_aps(); + + return failure; +} diff --git a/src/security/intel/txt/getsec.c b/src/security/intel/txt/getsec.c new file mode 100644 index 0000000..9378e84 --- /dev/null +++ b/src/security/intel/txt/getsec.c @@ -0,0 +1,131 @@ +/* + * This file is part of the coreboot project. + * + * Copyright (C) 2019 9elements Agency GmbH + * Copyright (C) 2019 Facebook Inc. + * + * This program is free software; you can redistribute it and/or modify + * it under the terms of the GNU General Public License as published by + * the Free Software Foundation; version 2 of the License. + * + * This program is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU General Public License for more details. + */ + +#include <stdint.h> +#include <cpu/x86/lapic.h> +#include <cpu/x86/cr.h> +#include <cpu/x86/cache.h> +#include <cpu/x86/mp.h> + +#include "txt_register.h" +#include "txt_getsec.h" + +/** + * Check for SMX support and enable it if possible. + * + * Returns false on error, true on success. + */ +static bool getsec_enabled(void) +{ + unsigned int ecx = cpuid_ecx(1); + /* + * Check if SMX and VMX is supported by CPU. + */ + if (!(ecx & CPUID_SMX) || !(ecx & CPUID_VMX)) + return false; + + /* + * Check if SMX, VMX and GetSec instructions havn't been disabled. + */ + msr_t msr = rdmsr(IA32_FEATURE_CONTROL); + if ((msr.lo & 0xff07) != 0xff07) + return false; + + /* + * Enable SMX. Required to execute GetSec instruction. + * Chapter 2.2.4.3 + * Intel TXT Software Development Guide (Document: 315168-015) + */ + write_cr4(read_cr4() | CR4_SMXE); + + return true; +} + +/** + * Get information as returned by getsec[PARAMETER]. + * Arguments can be set to NULL if not needed. + * + * Returns false on error, true on success. + */ +bool getsec_parameter(uint32_t *version_mask, + uint32_t *version_numbers_supported, + uint32_t *max_size_acm_area, + uint32_t *memory_type_mask, + uint32_t *senter_function_disable, + uint32_t *txt_feature_flags) +{ + uint32_t i, eax, ebx, ecx; + + if (!getsec_enabled()) + return false; + + /* + * SAFER MODE EXTENSIONS REFERENCE. + * Intel 64 and IA-32 Architectures Software Developer Manuals Vol 2D + */ + for(i = 0; i < 0x1f; i++) { + /* Getsec[PARAMETERS] */ + asm volatile ("getsec\n" + : "=a" (eax), "=b" (ebx), "=c" (ecx) + : "a" (IA32_GETSEC_PARAMETERS), "b" (i) :); + switch (eax & 0x1f) { + case 0: /* NULL - Exit marker */ + return true; + case 1: /* Supported AC module versions */ + if (version_mask) + *version_mask = ebx; + if (version_numbers_supported) + *version_numbers_supported = ecx; + break; + case 2: /* Max size of authenticated code execution area */ + if (max_size_acm_area) + *max_size_acm_area = eax & ~0x1f; + break; + case 3: /* External memory types supported during AC mode */ + if (memory_type_mask) + *memory_type_mask = eax; + break; + case 4: /* Selective SENTER functionality control */ + if (senter_function_disable) + *senter_function_disable = eax & (0x3f00); + break; + case 5: /* TXT extensions support */ + if (txt_feature_flags) + *txt_feature_flags = eax & (0x60); + break; + } + } + + return true; +} + +/** + * Get capabilities as returned by getsec[CAPABILITIES]. + * + * Returns false on error, true on success. + */ + +bool getsec_capabilities(uint32_t *eax) +{ + if (!getsec_enabled()) + return false; + + asm volatile ("getsec\n" + : "=a" (*eax) + : "a" (IA32_GETSEC_CAPABILITIES), "b" (0) :); + + return true; +} diff --git a/src/security/intel/txt/getsec_enteraccs.S b/src/security/intel/txt/getsec_enteraccs.S new file mode 100644 index 0000000..82d3ec7 --- /dev/null +++ b/src/security/intel/txt/getsec_enteraccs.S @@ -0,0 +1,322 @@ +/* + * This file is part of the coreboot project. + * + * Copyright (C) 2019 9elements Agency GmbH + * Copyright (C) 2019 Facebook Inc. + * + * This program is free software; you can redistribute it and/or modify + * it under the terms of the GNU General Public License as published by + * the Free Software Foundation; version 2 of the License. + * + * This program is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU General Public License for more details. + */ + +#include <cpu/x86/mtrr.h> +#include <cpu/x86/cr.h> +#include <cpu/x86/msr.h> + +#define MTRR_HIGH_MASK $((1 << (CONFIG_CPU_ADDR_BITS-32)) - 1) + +.macro PUSH_MSR x + movl $(\x), %ecx + rdmsr + push %eax + push %edx +.endm + +.macro POP_MSR x + movl $(\x), %ecx + pop %edx + pop %eax + wrmsr +.endm + +.macro CLEAR_MSR x + movl $(\x), %ecx + movl $0, %edx + movl $0, %eax + wrmsr +.endm + +.macro PUSH_VAR_MTTR x + movl $(MTRR_CAP_MSR), %ecx + rdmsr + andl $(0xff), %eax + cmp $(\x), %eax + jl 1f + PUSH_MSR (0x200 + 2 * (\x)) + PUSH_MSR (0x200 + 2 * (\x) + 1) + 1: +.endm + +.macro POP_VAR_MTTR x + movl $(MTRR_CAP_MSR), %ecx + rdmsr + andl $(0xff), %eax + cmp $(\x), %eax + jl 1f + POP_MSR (0x200 + 2 * (\x) + 1) + POP_MSR (0x200 + 2 * (\x)) + 1: +.endm + +.macro CLEAR_VAR_MTTR x + movl $(MTRR_CAP_MSR), %ecx + rdmsr + andl $(0xff), %eax + cmp $(\x), %eax + jl 1f + CLEAR_MSR (0x200 + 2 * (\x)) + CLEAR_MSR (0x200 + 2 * (\x) + 1) + 1: +.endm + +.align 4 +.text + + +/* + * See "SAFER MODE EXTENSIONS REFERENCE." + * Chapter "GETSEC[ENTERACCS] - Execute Authenticated Chipset Code" for reference. + * Intel 64 and IA-32 Architectures Software Developer Manuals Vol 2D + * + * void getsec_enteraccs(uint32_t esi, + * uint32_t acm_base, + * uint32_t acm_size); + */ +.global getsec_enteraccs +getsec_enteraccs: + + /* Backup current register state */ + pushl %ebp + movl %esp, %ebp + + pushal + + movl %cr0, %eax + pushl %eax + movl %cr4, %eax + pushl %eax + + /* Pushed 10 32bit registers */ + + /* Reserve space on stack for GDT */ + subl $8, %esp + + PUSH_MSR IA32_MISC_ENABLE + PUSH_MSR MTRR_FIX_64K_00000 + PUSH_MSR MTRR_FIX_16K_80000 + PUSH_MSR MTRR_FIX_16K_A0000 + PUSH_MSR MTRR_FIX_4K_C0000 + PUSH_MSR MTRR_FIX_4K_C8000 + PUSH_MSR MTRR_FIX_4K_D0000 + PUSH_MSR MTRR_FIX_4K_D8000 + PUSH_MSR MTRR_FIX_4K_E0000 + PUSH_MSR MTRR_FIX_4K_F0000 + PUSH_MSR MTRR_FIX_4K_F8000 + + PUSH_VAR_MTTR 0 + PUSH_VAR_MTTR 1 + PUSH_VAR_MTTR 2 + PUSH_VAR_MTTR 3 + PUSH_VAR_MTTR 4 + PUSH_VAR_MTTR 5 + PUSH_VAR_MTTR 6 + PUSH_VAR_MTTR 7 + PUSH_VAR_MTTR 8 + PUSH_VAR_MTTR 9 + +1: + /* + * Disable cache. + * Chapter 2.2.4.3 + * Intel TXT Software Development Guide (Document: 315168-015) + */ + movl %cr0, %eax + orl $(CR0_CD | CR0_NW), %eax + movl %eax, %cr0 + + /* Disable fixed MTRRs */ + movl $(MTRR_DEF_TYPE_MSR), %ecx + rdmsr + andl $(~MTRR_DEF_TYPE_FIX_EN), %eax + wrmsr + + /* + * Clear fixed MTRRs. + * Chapter 2.2.5.1 + * Intel TXT Software Development Guide (Document: 315168-015) + */ + CLEAR_MSR MTRR_FIX_64K_00000 + CLEAR_MSR MTRR_FIX_16K_80000 + CLEAR_MSR MTRR_FIX_16K_A0000 + CLEAR_MSR MTRR_FIX_4K_C0000 + CLEAR_MSR MTRR_FIX_4K_C8000 + CLEAR_MSR MTRR_FIX_4K_D0000 + CLEAR_MSR MTRR_FIX_4K_D8000 + CLEAR_MSR MTRR_FIX_4K_E0000 + CLEAR_MSR MTRR_FIX_4K_F0000 + CLEAR_MSR MTRR_FIX_4K_F8000 + + /* + * Clear variable MTRRs + * Chapter 2.2.5.1 + * Intel TXT Software Development Guide (Document: 315168-015) + */ + CLEAR_VAR_MTTR 0 + CLEAR_VAR_MTTR 1 + CLEAR_VAR_MTTR 2 + CLEAR_VAR_MTTR 3 + CLEAR_VAR_MTTR 4 + CLEAR_VAR_MTTR 5 + CLEAR_VAR_MTTR 6 + CLEAR_VAR_MTTR 7 + CLEAR_VAR_MTTR 8 + CLEAR_VAR_MTTR 9 + + /* + * Setup BIOS ACM as WB + * Chapter A.1.1 + * Intel TXT Software Development Guide (Document: 315168-015) + */ + movl $(0x200), %ecx + movl 12(%ebp), %eax /* %eax = acmbase */ + orl $(6), %eax /* MTRR_TYPE_WB */ + movl $0, %edx + wrmsr + + /* Round acmsize to next power of two. Required for MTRR programming. */ + movl $1, %ebx + movl 16(%ebp), %ecx /* %ebx = acmsize */ + dec %ecx + bsr %ecx, %ecx /* find MSB */ + inc %ecx + shl %cl, %ebx + movl $(0x201), %ecx + xorl %eax, %eax + subl %ebx, %eax /* %eax = 4GIB - log2_ceil(ACM SIZE) */ + orl $((1 << 11)), %eax /* MTRR_PHYS_MASK_VALID */ + movl MTRR_HIGH_MASK, %edx + wrmsr + +1: + /* Enable cache - GPE# if not done */ + movl %cr0, %eax + andl $(~(CR0_CD | CR0_NW)), %eax + movl %eax, %cr0 + + /* Enable Numeric error - GPE# if not done */ + movl %cr0, %eax + orl $(CR0_NE), %eax + movl %eax, %cr0 + + /* Enable SMX and FXSTORE - for getsec */ + movl %cr4, %eax + orl $(CR4_SMXE | CR4_OSFXSR), %eax + movl %eax, %cr4 + + /* + * Save GDT + * Chapter A.1.2 + * Intel TXT Software Development Guide (Document: 315168-015) + */ + sgdt -48(%ebp) + + /* Backup stack pointer */ + movd %esp, %xmm0 + movd %ebp, %xmm1 + + /* + * Get function arguments. + * It's important to pass the exact ACM size as it's used by getsec to verify + * the integrity of ACM. Unlike the size for MTRR programming, which needs to + * be power of two. + * + * The following assembly code is based on tboot's tboot/include/txt/smx.h. + */ + movl 8(%ebp), %esi /* flags */ + movl 12(%ebp), %ebx /* acm_base */ + movl 16(%ebp), %ecx /* acm_size */ + + movl $0, %edx /* reserved, must be zero */ + movl $0, %edi /* must be zero */ + movl $2, %eax /* GetSec[ENTERACCS] */ + + getsec + + /* Restore stack pointer */ + movd %xmm0, %esp + movd %xmm1, %ebp + + /* Reload GDT */ + lgdt -48(%ebp) + + /* Set cs */ + ljmp $0x10, $1f +1: + /* Fix segment registers */ + movl $0x18, %eax + movl %eax, %ds + movl %eax, %es + movl %eax, %ss + movl %eax, %fs + movl %eax, %gs + + /* Disable cache */ + movl %cr0, %eax + orl $(CR0_CD | CR0_NW), %eax + movl %eax, %cr0 + + /* Restore MTTRs */ + POP_VAR_MTTR 9 + POP_VAR_MTTR 8 + POP_VAR_MTTR 7 + POP_VAR_MTTR 6 + POP_VAR_MTTR 5 + POP_VAR_MTTR 4 + POP_VAR_MTTR 3 + POP_VAR_MTTR 2 + POP_VAR_MTTR 1 + POP_VAR_MTTR 0 + +1: + POP_MSR MTRR_FIX_4K_F8000 + POP_MSR MTRR_FIX_4K_F0000 + POP_MSR MTRR_FIX_4K_E0000 + POP_MSR MTRR_FIX_4K_D8000 + POP_MSR MTRR_FIX_4K_D0000 + POP_MSR MTRR_FIX_4K_C8000 + POP_MSR MTRR_FIX_4K_C0000 + POP_MSR MTRR_FIX_16K_A0000 + POP_MSR MTRR_FIX_16K_80000 + POP_MSR MTRR_FIX_64K_00000 + POP_MSR IA32_MISC_ENABLE + + /* Enable fixed MTRRs */ + movl $(MTRR_DEF_TYPE_MSR), %ecx + rdmsr + orl $(MTRR_DEF_TYPE_FIX_EN), %eax + wrmsr + + /* Enable cache */ + movl %cr0, %eax + andl $(~(CR0_CD | CR0_NW)), %eax + movl %eax, %cr0 + + /* Pop GDT */ + addl $8, %esp + + popl %eax + movl %eax, %cr4 + popl %eax + movl %eax, %cr0 + + popal + + movl %ebp,%esp + popl %ebp + + ret diff --git a/src/security/intel/txt/logging.c b/src/security/intel/txt/logging.c new file mode 100644 index 0000000..db1c792 --- /dev/null +++ b/src/security/intel/txt/logging.c @@ -0,0 +1,270 @@ +/* + * This file is part of the coreboot project. + * + * Copyright (C) 2019 9elements Agency GmbH + * Copyright (C) 2019 Facebook Inc. + * + * This program is free software; you can redistribute it and/or modify + * it under the terms of the GNU General Public License as published by + * the Free Software Foundation; version 2 of the License. + * + * This program is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU General Public License for more details. + */ + +#include <console/console.h> +#if CONFIG(SOC_INTEL_FSP_BROADWELL_DE) +#include <soc/broadwell_de.h> +#endif +#if CONFIG(SOC_INTEL_COMMON_BLOCK_SA) +#include <intelblocks/systemagent.h> +#endif + +#include <arch/mmio.h> +#include <string.h> + +#include "txt.h" +#include "txt_register.h" + +/** + * Logs microcode or SINIT ACM errors. + * Does not log SBIOS ACM errors. + */ +static void log_txt_error(const char *phase) +{ + const uint64_t txt_error = read64((void *)TXT_ERROR); + + if (txt_error & ACMERROR_TXT_VALID) { + printk(BIOS_ERR, "%s: Error occured\n", phase); + + if (txt_error & ACMERROR_TXT_EXTERNAL) + printk(BIOS_ERR, " Caused by: External\n"); + else + printk(BIOS_ERR, " Caused by: Processor\n"); + + printk(BIOS_ERR, " Type: "); + + switch(txt_error & TXT_ERROR_MASK) { + case 0: + printk(BIOS_ERR, "Legacy Shutdown\n"); + break; + case 5: + printk(BIOS_ERR, "Load memory type error in ACM area\n"); + break; + case 6: + printk(BIOS_ERR, "Unrecognized ACM format\n"); + break; + case 7: + printk(BIOS_ERR, "Failure to authenticate\n"); + break; + case 8: + printk(BIOS_ERR, "Invalid ACM format\n"); + break; + case 9: + printk(BIOS_ERR, "Unexpected Snoop hit\n"); + break; + case 10: + printk(BIOS_ERR, "Invalid event\n"); + break; + case 11: + printk(BIOS_ERR, "Invalid MLE\n"); + break; + case 12: + printk(BIOS_ERR, "Machine check event\n"); + break; + case 13: + printk(BIOS_ERR, "VMXAbort\n"); + break; + case 14: + printk(BIOS_ERR, "AC memory corruption\n"); + break; + case 15: + printk(BIOS_ERR, "Illegal voltage/bus ratio\n"); + break; + default: + printk(BIOS_ERR, "unknown\n"); + break; + } + } +} + +/** + * Dump useful informaation about the BIOS ACM state. + * Should run right after console_init() in romstage. + * Resets the platform if TXT reset is active and MLE cannot be established. + **/ +void intel_txt_log_bios_acm_error(void) +{ + uint32_t bios_acm_error; + uint64_t acm_status; + uint64_t txt_error; + + printk(BIOS_INFO, "TEE-TXT: State of ACM and ucode update:\n"); + + bios_acm_error = read32((void *)TXT_BIOSACM_ERRORCODE); + acm_status = read64((void *)TXT_SPAD); + txt_error = read64((void *)TXT_ERROR); + + /* Errors by BIOS ACM or FIT */ + if ((txt_error & ACMERROR_TXT_VALID) && + (acm_status & ACMERROR_TXT_VALID)) { + intel_txt_log_acm_error(read32((void *)TXT_BIOSACM_ERRORCODE)); + log_txt_error("FIT MICROCODE"); + } + /* Errors by SINIT */ + if ((txt_error & ACMERROR_TXT_VALID) && + !(acm_status & ACMERROR_TXT_VALID)) { + intel_txt_log_acm_error(txt_error); + log_txt_error("SINIT"); + } + + /* Check for fatal ACM error and TXT reset */ + uint8_t error = read8((void *)TXT_ESTS); + if (error & TXT_ESTS_TXT_RESET_STS) { + printk(BIOS_CRIT, "TXT-STS: Intel TXT reset detected\n"); + intel_txt_log_acm_error(read32((void *)TXT_ERROR)); + } +} + +/** + * Dump information about the provided ACM. + */ +void txt_dump_acm_info(const struct acm_header_v0 *acm_header) +{ + const struct acm_info_table *info = NULL; + if (!acm_header) + return; + + printk(BIOS_INFO, "ACM @ %p\n", acm_header); + + const size_t acm_size = (acm_header->size & 0xffffff) << 2; + const size_t info_off = (acm_header->header_len + acm_header->scratch_size) * 4; + + if (acm_size > (info_off + sizeof(struct acm_info_table))) + info = (const struct acm_info_table *) + ((const unsigned char *)acm_header + info_off); + + printk(BIOS_INFO, " ACM: Binary Info\n"); + if (acm_header->module_type == CHIPSET_ACM) + printk(BIOS_INFO, " Type: Chipset ACM\n"); + + if (acm_header->module_sub_type == 0) + printk(BIOS_INFO, " Subtype: undefined\n"); + else if (acm_header->module_sub_type == 1) + printk(BIOS_INFO, " Subtype: Run at reset\n"); + + printk(BIOS_INFO, " Header: v%u.%u\n", acm_header->header_version[0], + acm_header->header_version[1]); + + printk(BIOS_INFO, " Chipset: %u\n", acm_header->chipset_id); + printk(BIOS_INFO, " Size: %u\n", + (acm_header->size & 0xffffff) << 2); + + switch(acm_header->flags) { + case ACM_FORMAT_FLAGS_PW: + printk(BIOS_INFO, " Flags: PW signed (Production Worthy)\n"); + break; + case ACM_FORMAT_FLAGS_NPW: + printk(BIOS_INFO, " Flags: NPW signed (Non Production Worthy)\n"); + break; + case ACM_FORMAT_FLAGS_DEBUG: + printk(BIOS_INFO, " Flags: Debug signed\n"); + break; + } + + if (acm_header->module_vendor == INTEL_ACM_VENDOR) + printk(BIOS_INFO, " Vendor: Intel Cooperation\n"); + + printk(BIOS_INFO, " Date: %x\n", acm_header->date); + + switch (acm_header->size) { + case ACM_FORMAT_SIZE_64KB: + printk(BIOS_INFO, " Size: 64KB\n"); + printk(BIOS_INFO, " CBnT: no\n"); + break; + case ACM_FORMAT_SIZE_128KB: + printk(BIOS_INFO, " Size: 128KB\n"); + printk(BIOS_INFO, " CBnT: no\n"); + break; + case ACM_FORMAT_SIZE_256KB: + printk(BIOS_INFO, " Size: 256KB\n"); + printk(BIOS_INFO, " CBnT: yes\n"); + break; + default: + printk(BIOS_INFO, " Size: 0x%08x\n", acm_header->size); + + break; + } + + printk(BIOS_INFO, " TXT SVN: %u\n", acm_header->txt_svn); + printk(BIOS_INFO, " SE SVN: %u\n", acm_header->se_svn); + + if (!info) + return; + printk(BIOS_INFO, " Table info:\n"); + printk(BIOS_INFO, " UUID: "); + for (size_t i = 0; i < sizeof(info->uuid); i++) + printk(BIOS_INFO, "%02X ", info->uuid[i]); + printk(BIOS_INFO, "\n"); + printk(BIOS_INFO, " Chipset acm type: 0x%x\n", info->chipset_acm_type); + printk(BIOS_INFO, " Capabilities: 0x%x\n", info->capabilities); +} + +/** + * Dump information about the chipset's TXT capabilities. + */ +void txt_dump_chipset_info(void) +{ + printk(BIOS_INFO, "TEE-TXT: Chipset Key Hash 0x"); + for (int i = 0; i < TXT_ACM_KEY_HASH_LEN; i++) { + printk(BIOS_INFO, "%llx", read64((void *)TXT_ACM_KEY_HASH + + (i * sizeof(uint64_t)))); + } + printk(BIOS_INFO, "\n"); + + printk(BIOS_INFO, "TEE-TXT: DIDVID 0x%x\n", read32((void *)TXT_DIDVID)); + printk(BIOS_INFO, "TEE-TXT: production fused chipset: %s\n", + (read64((void *)TXT_VER_FSBIF) & TXT_VER_PRODUCTION_FUSED) ? "true" : "false"); +} + +void txt_dump_regions(void) +{ + struct txt_biosdataregion *bdr = NULL; + uintptr_t tseg = 0; + uint64_t reg64; + + if (CONFIG(SOC_INTEL_FSP_BROADWELL_DE) || + CONFIG(SOC_INTEL_COMMON_BLOCK_SA)) + tseg = sa_get_tseg_base() >> 20; + + + reg64 = read64((void *)TXT_HEAP_BASE); + if ((reg64 != 0 && reg64 != ~0UL) && + (read64((void *)(uintptr_t)reg64) >= (sizeof(*bdr) + sizeof(uint64_t)))) + bdr = (void *)((uintptr_t)reg64 + sizeof(uint64_t)); + + printk(BIOS_DEBUG, "TEE-TXT: TSEG 0x%lx\n", tseg * MiB); + printk(BIOS_DEBUG, "TEE-TXT: TXT.HEAP.SIZE 0x%llx\n", + read64((void *)TXT_HEAP_SIZE)); + printk(BIOS_DEBUG, "TEE-TXT: TXT.HEAP.BASE 0x%llx\n", + read64((void *)TXT_HEAP_BASE)); + printk(BIOS_DEBUG, "TEE-TXT: TXT.SINIT.SIZE 0x%llx\n", + read64((void *)TXT_SINIT_SIZE)); + printk(BIOS_DEBUG, "TEE-TXT: TXT.SINIT.BASE 0x%llx\n", + read64((void *)TXT_SINIT_BASE)); + printk(BIOS_DEBUG, "TEE-TXT: TXT.MSEG.BASE 0x%llx\n", + read64((void *)TXT_MSEG_BASE)); + printk(BIOS_DEBUG, "TEE-TXT: TXT.MSEG.SIZE 0x%llx\n", + read64((void *)TXT_MSEG_SIZE)); + + if (bdr) { + printk(BIOS_DEBUG, "TEE-TXT: BiosDataRegion.bios_sinit_size 0x%x\n", + bdr->bios_sinit_size); + printk(BIOS_DEBUG, "TEE-TXT: BiosDataRegion.lcp_pd_size 0x%llx\n", + bdr->lcp_pd_size); + printk(BIOS_DEBUG, "TEE-TXT: BiosDataRegion.lcp_pd_base 0x%llx\n", + bdr->lcp_pd_base); + } +} diff --git a/src/security/intel/txt/ramstage.c b/src/security/intel/txt/ramstage.c new file mode 100644 index 0000000..2fe45df --- /dev/null +++ b/src/security/intel/txt/ramstage.c @@ -0,0 +1,394 @@ +/* + * This file is part of the coreboot project. + * + * Copyright (C) 2019 9elements Agency GmbH + * Copyright (C) 2019 Facebook Inc. + * + * This program is free software; you can redistribute it and/or modify + * it under the terms of the GNU General Public License as published by + * the Free Software Foundation; version 2 of the License. + * + * This program is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU General Public License for more details. + */ + +#include <arch/mmio.h> +#include <arch/acpi.h> +#include <bootstate.h> +#include <bootmem.h> +#include <console/console.h> +#include <stdint.h> +#include <cbfs.h> +#include <cpu/intel/common/common.h> +#include <cpu/x86/msr.h> + +#include <lib.h> +#if CONFIG(SOC_INTEL_FSP_BROADWELL_DE) +#include <soc/broadwell_de.h> +#include <soc/ramstage.h> +#endif +#include <device/pci_ops.h> + +#include "txt.h" +#include "txt_register.h" +#include "txt_getsec.h" + +/* FIXME: Seems to work only on some platforms */ +static void log_ibb_measurements(void) +{ + const uint64_t mseg_size = read64((void *)TXT_MSEG_SIZE); + uint64_t mseg_base = read64((void *)TXT_MSEG_BASE); + + if (!mseg_size || !mseg_base || mseg_size <= mseg_base) + return; + /* MSEG SIZE and MSEG BASE might contain random values. + * Assume below 4GiB and 8byte aligned. + */ + if (mseg_base & ~0xfffffff8ULL || mseg_size & ~0xfffffff8ULL) + return; + + printk(BIOS_INFO, "TEE-TXT: IBB Hash 0x"); + for (; mseg_base < mseg_size; mseg_base++) { + printk(BIOS_INFO, "%02X", read8((void *)(uintptr_t)mseg_base)); + } + printk(BIOS_INFO, "\n"); +} + +void bootmem_platform_add_ranges(void) +{ + uint64_t status = read64((void *)TXT_SPAD); + + if (status & ACMSTS_TXT_DISABLED) + return; + + /* Chapter 5.5.5 Intel TXT reserved memory */ + bootmem_add_range(TXT_RESERVED_SPACE, + TXT_RESERVED_SPACE_SIZE, + BM_MEM_RESERVED); + + /* Intel TPM decode memory */ + bootmem_add_range(TXT_TPM_DECODE_AREA, + TXT_RESERVED_SPACE - TXT_TPM_DECODE_AREA, + BM_MEM_RESERVED); + + /* Intel TXT public space memory */ + bootmem_add_range(TXT_PUBLIC_SPACE, + TXT_TPM_DECODE_AREA - TXT_PUBLIC_SPACE, + BM_MEM_RESERVED); + + /* Intel TXT private space memory */ + bootmem_add_range(TXT_PRIVATE_SPACE, + TXT_PUBLIC_SPACE - TXT_PRIVATE_SPACE, + BM_MEM_RESERVED); + + const uint32_t txt_dev_memory = read32((void *)TXT_DPR) & + (TXT_DPR_TOP_ADDR_MASK << TXT_DPR_TOP_ADDR_SHIFT); + const uint32_t txt_dev_size = + (read32((void *)TXT_DPR) >> TXT_DPR_LOCK_SIZE_SHIFT) & + TXT_DPR_LOCK_SIZE_MASK; + + /* Chapter 5.5.6 Intel TXT Device Memory */ + bootmem_add_range(txt_dev_memory - txt_dev_size * MiB, + txt_dev_size * MiB, + BM_MEM_RESERVED); +} + +static bool get_wake_error_status(void) +{ + const uint8_t error = read8((void *)TXT_ESTS); + return !!(error & TXT_ESTS_WAKE_ERROR_STS); +} + +static void check_secrets_txt(void *unused) +{ + uint64_t status = read64((void *)TXT_SPAD); + + if (status & ACMSTS_TXT_DISABLED) + return; + + /* Check for fatal ACM error and TXT reset */ + if (get_wake_error_status()) { + /* + * Check if secrets bit needs to be reset. Only platforms that support + * CONFIG_PLATFORM_HAS_DRAM_CLEAR will be able to run this code. + * Assume all memory really was cleared. + * + * TXT will issue a platform reset to come up sobber. + */ + if (intel_txt_memory_has_secrets()) { + printk(BIOS_INFO, "TEE-TXT: Wiping TEE...\n"); + intel_txt_run_bios_acm(ACMINPUT_CLEAR_SECRETS); + + /* Should never reach this point ... */ + intel_txt_log_acm_error(read32((void *)TXT_BIOSACM_ERRORCODE)); + die("Waiting for platform reset...\n"); + } + } +} + +BOOT_STATE_INIT_ENTRY(BS_POST_DEVICE, BS_ON_ENTRY, check_secrets_txt, NULL); + +/** + * Log TXT startup errors, check all bits for TXT, run BIOSACM using + * GETSEC[ENTERACCS]. + * + * If a "TXT reset" is detected or "memory had secrets" is set, then do nothing as + * 1. Running ACMs will cause a TXT-RESET + * 2. Memory will be scrubbed in BS_DEV_INIT + * 3. TXT-RESET will be issued by code above later + * + */ +static void init_intel_txt(void *unused) +{ + const uint64_t status = read64((void *)TXT_SPAD); + + if (status & ACMSTS_TXT_DISABLED) + return; + + printk(BIOS_INFO, "TEE-TXT: Initializing TEE...\n"); + + intel_txt_log_spad(); + + if (CONFIG(INTEL_TXT_LOGGING)) { + intel_txt_log_bios_acm_error(); + txt_dump_chipset_info(); + } + + printk(BIOS_INFO, "TEE-TXT: Validate TEE...\n"); + + if (intel_txt_prepare_txt_env()) { + printk(BIOS_ERR, "TEE-TXT: Failed to prepare TXT environment\n"); + return; + } + + /* Check for fatal ACM error and TXT reset */ + if (get_wake_error_status()) { + /* Can't run ACMs with TXT_ESTS_WAKE_ERROR_STS set */ + printk(BIOS_ERR, "TEE-TXT: Failed to prepare TXT environment\n"); + return; + } + + printk(BIOS_INFO, "TEE-TXT: Testing BIOS ACM calling code...\n"); + + /* + * Test BIOS ACM code. + * ACM should do nothing on reserved functions, and return an error code + * in TXT_BIOSACM_ERRORCODE. Tested show that this is not true. + * Use special function "NOP" that does 'nothing'. + */ + if (intel_txt_run_bios_acm(ACMINPUT_NOP) < 0) { + printk(BIOS_ERR, "TEE-TXT: Error calling BIOS ACM.\n"); + return; + } + + if (status & (ACMSTS_BIOS_TRUSTED | ACMSTS_IBB_MEASURED)) { + log_ibb_measurements(); + + int s3resume = acpi_is_wakeup_s3(); + if (!s3resume) { + printk(BIOS_INFO, "TEE-TXT: Scheck...\n"); + if (intel_txt_run_bios_acm(ACMINPUT_SCHECK) < 0) { + printk(BIOS_ERR, "TEE-TXT: Error calling BIOS ACM.\n"); + return; + } + } + } +} + +BOOT_STATE_INIT_ENTRY(BS_DEV_INIT, BS_ON_EXIT, init_intel_txt, NULL); + +static void push_sinit_heap(u8 **heap_ptr, void *data, size_t data_length) +{ + /* Push size */ + const uint64_t tmp = data_length + 8; + memcpy(*heap_ptr, &tmp, 8); + *heap_ptr += 8; + + if (data_length) { + /* Push data */ + memcpy(*heap_ptr, data, data_length); + *heap_ptr += data_length; + } +} + +/** + * Finalize the TXT device. + * + * - Lock TXT register. + * - Protect TSEG using DMA protected regions. + * - Setup TXT regions. + * - Place SINIT ACM in TXT_SINIT memory segment. + * - Fill TXT BIOSDATA region. + */ +static void lockdown_intel_txt(void *unused) +{ + const uint64_t status = read64((void *)TXT_SPAD); + uintptr_t tseg = 0; + + if (status & ACMSTS_TXT_DISABLED) + return; + + printk(BIOS_INFO, "TEE-TXT: Locking TEE...\n"); + + /* Lock TXT config, unlocks TXT_HEAP_BASE */ + if (intel_txt_run_bios_acm(ACMINPUT_LOCK_CONFIG) < 0) { + printk(BIOS_ERR, "TEE-TXT: Failed to lock registers.\n"); + printk(BIOS_ERR, "TEE-TXT: SINIT won't be supported.\n"); + return; + } + + if (CONFIG(SOC_INTEL_FSP_BROADWELL_DE)) + tseg = sa_get_tseg_base() >> 20; + + /* + * Document Number: 558294 + * Chapter 5.5.6.1 DMA Protection Memory Region + */ + + const u8 dpr_capable = !!(read64((void *)TXT_CAPABILITIES) & + TXT_CAPABILITIES_DPR); + printk(BIOS_INFO, "TEE-TXT: DPR capable %x\n", dpr_capable); + if (dpr_capable) { + + /* Protect 3 MiB below TSEG and lock register */ + write64((void *)TXT_DPR, (TXT_DPR_TOP_ADDR(tseg) | + TXT_DPR_LOCK_SIZE(3) | + TXT_DPR_LOCK_MASK)); + +#if CONFIG(SOC_INTEL_FSP_BROADWELL_DE) + broadwell_de_set_dpr(tseg, 3 * MiB); + broadwell_de_lock_dpr(); +#endif + printk(BIOS_INFO, "TEE-TXT: TXT.DPR 0x%08x\n", + read32((void *)TXT_DPR)); + } + + /* + * Document Number: 558294 + * Chapter 5.5.6.3 Intel TXT Heap Memory Region + */ + write64((void *)TXT_HEAP_SIZE, 0xE0000); + write64((void *)TXT_HEAP_BASE, + ALIGN_DOWN((tseg * MiB) - read64((void *)TXT_HEAP_SIZE), 4096)); + + /* + * Document Number: 558294 + * Chapter 5.5.6.2 SINIT Memory Region + */ + write64((void *)TXT_SINIT_SIZE, 0x20000); + write64((void *)TXT_SINIT_BASE, + ALIGN_DOWN(read64((void *)TXT_HEAP_BASE) - + read64((void *)TXT_SINIT_SIZE), 4096)); + + /* + * BIOS Data Format + * Chapter C.2 + * Intel TXT Software Development Guide (Document: 315168-015) + */ + struct { + struct txt_biosdataregion bdr; + struct txt_heap_acm_element heap_acm; + struct txt_extended_data_element_header end; + } __packed data = {0}; + + /* TPM2.0 requires version 6 of BDT */ + if (CONFIG(TPM2)) + data.bdr.version = 6; + else + data.bdr.version = 5; + + data.bdr.no_logical_procs = dev_count_cpu(); + + void *sinit_base = (void *)(uintptr_t)read64((void *)TXT_SINIT_BASE); + data.bdr.bios_sinit_size = cbfs_boot_load_file(TXT_FILE_SINIT_ACM, + sinit_base, + read64((void *)TXT_SINIT_SIZE), CBFS_TYPE_RAW); + + if (data.bdr.bios_sinit_size) { + printk(BIOS_INFO, "TEE-TXT: Placing SINIT ACM in memory.\n"); + if (CONFIG(INTEL_TXT_LOGGING)) + txt_dump_acm_info(sinit_base); + } else { + printk(BIOS_ERR, "TEE-TXT: Couldn't locate SINIT ACM in" + "CBFS.\n"); + /* Clear memory */ + memset(sinit_base, 0, read64((void *)TXT_SINIT_SIZE)); + } + + struct cbfsf file; + /* The following have been removed from BIOS Data Table in version 6 */ + if (!cbfs_boot_locate(&file, TXT_FILE_LCP_PD_ACM, NULL)) { + struct region_device policy; + + cbfs_file_data(&policy, &file); + void *policy_data = rdev_mmap_full(&policy); + size_t policy_len = region_device_sz(&policy); + + if (policy_data && policy_len) { + /* Point to FIT Type 9 entry in flash */ + data.bdr.lcp_pd_base = (uintptr_t)policy_data; + data.bdr.lcp_pd_size = (uint64_t)policy_len; + rdev_munmap(&policy, policy_data); + } else { + printk(BIOS_ERR, "TEE-TXT: Couldn't map LCP PD Policy from CBFS.\n"); + } + } else { + printk(BIOS_ERR, "TEE-TXT: Couldn't locate LCP PD Policy in CBFS.\n"); + } + + data.bdr.support_acpi_ppi = 0; + data.bdr.platform_type = 0; + + /* Extended elements - ACM addresses */ + data.heap_acm.header.type = HEAP_EXTDATA_TYPE_ACM; + data.heap_acm.header.size = sizeof(data.heap_acm); + if (data.bdr.bios_sinit_size) { + data.heap_acm.num_acms = 2; + data.heap_acm.acm_addrs[1] = (uintptr_t)sinit_base; + } else { + data.heap_acm.num_acms = 1; + } + data.heap_acm.acm_addrs[0] = + (uintptr_t)cbfs_boot_map_with_leak(TXT_FILE_BIOS_ACM, + CBFS_TYPE_RAW, + NULL); + /* Extended elements - End marker */ + data.end.type = HEAP_EXTDATA_TYPE_END; + data.end.size = sizeof(data.end); + + /* Fill TXT.HEAP.BASE with 4 subregions */ + u8 *heap_struct = (void *)((uintptr_t)read64((void *)TXT_HEAP_BASE)); + + /* BiosData */ + push_sinit_heap(&heap_struct, &data, sizeof(data)); + + /* OsMLEData */ + /* FIXME: Does firmware need to write this? */ + push_sinit_heap(&heap_struct, NULL, 0); + + /* OsSinitData */ + /* FIXME: Does firmware need to write this? */ + push_sinit_heap(&heap_struct, NULL, 0); + + /* SinitMLEData */ + /* FIXME: Does firmware need to write this? */ + push_sinit_heap(&heap_struct, NULL, 0); + + /* + * FIXME: Server-TXT capable platforms need to install an STM in SMM and set up MSEG. + */ + + /** + * Chapter 5.10.1 SMM in the Intel TXT for Servers Environment + * Disable MSEG. + */ + write64((void *)TXT_MSEG_SIZE, 0); + write64((void *)TXT_MSEG_BASE, 0); + + if (CONFIG(INTEL_TXT_LOGGING)) + txt_dump_regions(); +} + +BOOT_STATE_INIT_ENTRY(BS_POST_DEVICE, BS_ON_EXIT, lockdown_intel_txt, NULL); diff --git a/src/security/intel/txt/txt.h b/src/security/intel/txt/txt.h new file mode 100644 index 0000000..5daab5a --- /dev/null +++ b/src/security/intel/txt/txt.h @@ -0,0 +1,30 @@ +/* + * This file is part of the coreboot project. + * + * Copyright (C) 2018-2019 Facebook Inc. + * Copyright (C) 2018-2019 9elements Agency GmbH + * + * This program is free software; you can redistribute it and/or modify + * it under the terms of the GNU General Public License as published by + * the Free Software Foundation; version 2 of the License. + * + * This program is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU General Public License for more details. + */ + +#ifndef SECURITY_INTEL_TXT_H_ +#define SECURITY_INTEL_TXT_H_ + +#include <types.h> +#include <stddef.h> + +void intel_txt_log_bios_acm_error(void); +int intel_txt_log_acm_error(const uint32_t acm_error); +void intel_txt_log_spad(void); +bool intel_txt_memory_has_secrets(void); +int intel_txt_run_bios_acm(const u8 input_params); +bool intel_txt_prepare_txt_env(void); + +#endif /* SECURITY_INTEL_TXT_H_ */ diff --git a/src/security/intel/txt/txt_getsec.h b/src/security/intel/txt/txt_getsec.h new file mode 100644 index 0000000..aae13d7 --- /dev/null +++ b/src/security/intel/txt/txt_getsec.h @@ -0,0 +1,34 @@ +/* + * This file is part of the coreboot project. + * + * Copyright (C) 2018-2019 Facebook Inc. + * Copyright (C) 2018-2019 9elements Agency GmbH + * + * This program is free software; you can redistribute it and/or modify + * it under the terms of the GNU General Public License as published by + * the Free Software Foundation; version 2 of the License. + * + * This program is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU General Public License for more details. + */ + +#ifndef SECURITY_INTEL_TXT_GETSEC_H_ +#define SECURITY_INTEL_TXT_GETSEC_H_ + + +bool getsec_parameter(uint32_t *version_mask, + uint32_t *version_numbers_supported, + uint32_t *max_size_acm_area, + uint32_t *memory_type_mask, + uint32_t *senter_function_disable, + uint32_t *txt_feature_flags); + +bool getsec_capabilities(uint32_t *eax); + +void getsec_enteraccs(const uint32_t esi, + const uint32_t acm_base, + const uint32_t acm_size); + +#endif /* SECURITY_INTEL_TXT_REGISTER_H_ */ diff --git a/src/security/intel/txt/txt_register.h b/src/security/intel/txt/txt_register.h new file mode 100644 index 0000000..fefdfec --- /dev/null +++ b/src/security/intel/txt/txt_register.h @@ -0,0 +1,283 @@ +/* + * This file is part of the coreboot project. + * + * Copyright (C) 2018-2019 Facebook Inc. + * Copyright (C) 2018-2019 9elements Agency GmbH + * + * This program is free software; you can redistribute it and/or modify + * it under the terms of the GNU General Public License as published by + * the Free Software Foundation; version 2 of the License. + * + * This program is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU General Public License for more details. + */ + +#ifndef SECURITY_INTEL_TXT_REGISTER_H_ +#define SECURITY_INTEL_TXT_REGISTER_H_ + +#include <types.h> +#include <stddef.h> + +/* + * Document: 315168-016 + * Intel Trusted Execution Technology (Intel TXT) + * Software Development Guide + * Chapter B + */ +#define TXT_BASE 0xfed30000UL + +#define TXT_STS (TXT_BASE + 0) +#define TXT_ESTS (TXT_BASE + 8) +#define TXT_ESTS_TXT_RESET_STS (1 << 0) +/* + * Chapter 6 + * Intel Trusted Execution Technology Lab Handout + */ +#define TXT_ESTS_WAKE_ERROR_STS (1 << 6) + +#define TXT_ERROR (TXT_BASE + 0x30) +#define ACMERROR_TXT_VALID (1ul << 31) +#define ACMERROR_TXT_EXTERNAL (1ul << 30) + +#define ACMERROR_TXT_PROGRESS_SHIFT 16 +#define ACMERROR_TXT_MINOR_SHIFT 15 +#define ACMERROR_TXT_MAJOR_SHIFT 10 +#define ACMERROR_TXT_CLASS_SHIFT 4 +#define ACMERROR_TXT_TYPE_SHIFT 0 + +#define ACMERROR_TXT_PROGRESS_CODE (0xffull << ACMERROR_TXT_PROGRESS_SHIFT) +#define ACMERROR_TXT_MINOR_CODE (1ull << ACMERROR_TXT_MINOR_SHIFT) +#define ACMERROR_TXT_MAJOR_CODE (0x1full << ACMERROR_TXT_MAJOR_SHIFT) +#define ACMERROR_TXT_CLASS_CODE (0x3full << ACMERROR_TXT_CLASS_SHIFT) +#define ACMERROR_TXT_TYPE_CODE (0xfull << ACMERROR_TXT_TYPE_SHIFT) + +#define ACMERROR_TXT_AC_MODULE_TYPE_BIOS 0 +#define ACMERROR_TXT_AC_MODULE_TYPE_SINIT 1 + +#define TXT_ERROR_MASK (0x3ff << 0) + +#define TXT_CMD_RESET (TXT_BASE + 0x38) +#define TXT_CMD_CLOSE_PRIVATE (TXT_BASE + 0x48) + +/* Present in Document Number: 315168-016. */ +#define TXT_SPAD (TXT_BASE + 0xa0) +#define ACMSTS_IBB_MEASURED (1ull << 63) +#define ACMSTS_VERIFICATION_ERROR (1ull << 62) +#define ACMSTS_BG_STARTUP_ERROR (1ull << 61) /* CBnT platforms only */ +#define ACMSTS_TXT_DISABLED (1ull << 60) /* disabled by FIT type 0xA record */ +#define ACMSTS_BIOS_TRUSTED (1ull << 59) +#define ACMSTS_MEM_CLEAR_POWER_DOWN (1ull << 47) +#define ACMSTS_TXT_STARTUP_SUCCESS (1ull << 30) + +#define TXT_VER_FSBIF (TXT_BASE + 0x100) +#define TXT_VER_PRODUCTION_FUSED (1ull << 31) + +#define TXT_DIDVID (TXT_BASE + 0x110) + +/* + * Chapter 6 + * Intel Trusted Execution Technology Lab Handout + */ +#define TXT_CAPABILITIES (TXT_BASE + 0x200) +#define TXT_CAPABILITIES_DPR (1ull << 26) +#define TXT_CAPABILITIES_PMRC (1ull << 19) + +/* Only present in Document Number: 315168-010 and 315168-016 */ +#define TXT_VER_QPIIF (TXT_BASE + 0x200) + +#define TXT_SINIT_BASE (TXT_BASE + 0x270) +#define TXT_SINIT_SIZE (TXT_BASE + 0x278) +#define TXT_MLE_JOIN (TXT_BASE + 0x290) + +#define TXT_HEAP_BASE (TXT_BASE + 0x300) +#define TXT_HEAP_SIZE (TXT_BASE + 0x308) +/* + * Chapter 6 + * Intel Trusted Execution Technology Lab Handout + */ +#define TXT_MSEG_BASE (TXT_BASE + 0x310) +#define TXT_MSEG_SIZE (TXT_BASE + 0x318) + +/* + * Chapter 5.4.2.1 + * Intel Trusted Execution Technology Lab Handout + */ +#define TXT_BIOSACM_ERRORCODE (TXT_BASE + 0x328) + +#define TXT_DPR (TXT_BASE + 0x330) +#define TXT_DPR_LOCK_SHIFT 0 +#define TXT_DPR_LOCK_SIZE_SHIFT 4 +#define TXT_DPR_LOCK_SIZE_MASK 0xff +#define TXT_DPR_TOP_ADDR_SHIFT 20 +#define TXT_DPR_TOP_ADDR_MASK 0xfff + +#define TXT_DPR_LOCK_MASK (1 << TXT_DPR_LOCK_SHIFT) +#define TXT_DPR_LOCK_SIZE(x) ((x) << TXT_DPR_LOCK_SIZE_SHIFT) +#define TXT_DPR_TOP_ADDR(x) ((x) << TXT_DPR_TOP_ADDR_SHIFT) + +#define TXT_ACM_KEY_HASH (TXT_BASE + 0x400) +#define TXT_ACM_KEY_HASH_LEN 0x4 + +#define TXT_E2STS (TXT_BASE + 0x8f0) +#define TXT_E2STS_SECRET_STS (1ull << 1) + +/* + * TXT Memory regions + * Chapter 5.3 + * Intel Trusted Execution Technology Lab Handout + */ +#define TXT_PRIVATE_SPACE 0xfed20000UL +#define TXT_PUBLIC_SPACE 0xfed30000UL +#define TXT_TPM_DECODE_AREA 0xfed40000UL +#define TXT_RESERVED_SPACE 0xfed50000UL +#define TXT_RESERVED_SPACE_SIZE 0x3ffff + +/* ESI flags for GETSEC[ENTERACCS] see Reference Number: 323372-017 */ +#define ACMINPUT_RESET_TPM_AUXILIARY_INDICIES 2 +#define ACMINPUT_NOP 3 +#define ACMINPUT_SCHECK 4 +#define ACMINPUT_CLEAR_SECRETS 5 +#define ACMINPUT_LOCK_CONFIG 6 + +/* CBFS file names */ +#define TXT_FILE_LCP_PD_ACM "txt_bios_policy.bin" +#define TXT_FILE_BIOS_ACM "txt_bios_acm.bin" +#define TXT_FILE_SINIT_ACM "txt_sinit_acm.bin" + +/* + * GetSec EAX value. + * SAFER MODE EXTENSIONS REFERENCE. + * Intel 64 and IA-32 Architectures Software Developer Manuals Vol 2 + * Order Number: 325383-060US + */ +#define IA32_GETSEC_CAPABILITIES 0 +#define IA32_GETSEC_ENTERACCS 2 +#define IA32_GETSEC_SENTER 4 +#define IA32_GETSEC_SEXIT 5 +#define IA32_GETSEC_PARAMETERS 6 +#define IA32_GETSEC_SMCTRL 7 +#define IA32_GETSEC_WAKEUP 8 + +#define GETSEC_PARAMS_TXT_EXT (1ul << 5) +#define GETSEC_PARAMS_TXT_EXT_CRTM_SUPPORT (1ul << 1) +#define GETSEC_PARAMS_TXT_EXT_MACHINE_CHECK (1ul << 6) + +/* ACM defines */ +#define INTEL_ACM_VENDOR 0x00008086 + +#define ACM_FORMAT_FLAGS_PW 0x00000000 +#define ACM_FORMAT_FLAGS_NPW (1 << 14) +#define ACM_FORMAT_FLAGS_DEBUG (1 << 15) + +/* Old ACMs are power of two aligned, newer ACMs are not */ +#define ACM_FORMAT_SIZE_64KB (64*KiB / 4) +#define ACM_FORMAT_SIZE_128KB (128*KiB / 4) +#define ACM_FORMAT_SIZE_256KB (256*KiB / 4) + +typedef enum { + CHIPSET_ACM = 2, +} acm_module_type; + +typedef enum { + BIOS = 0, + SINIT = 1, +} acm_module_sub_type; + +/* + * ACM Header v0.0 without dynamic part + * Chapter A.1 + * Intel TXT Software Development Guide (Document: 315168-015) + */ +struct acm_header_v0 { + uint16_t module_type; + uint16_t module_sub_type; + uint32_t header_len; + uint16_t header_version[2]; + uint16_t chipset_id; + uint16_t flags; + uint32_t module_vendor; + uint32_t date; + uint32_t size; + uint16_t txt_svn; + uint16_t se_svn; + uint32_t code_control; + uint32_t error_entry_point; + uint32_t gdt_limit; + uint32_t gdt_ptr; + uint32_t seg_sel; + uint32_t entry_point; + uint8_t reserved2[64]; + uint32_t key_size; + uint32_t scratch_size; + uint8_t rsa2048_pubkey[256]; + uint32_t pub_exp; + uint8_t rsa2048_sig[256]; + uint32_t scratch[143]; + uint8_t user_area[]; +} __packed; + +struct acm_info_table { + uint8_t uuid[16]; + uint8_t chipset_acm_type; + uint8_t version; + uint16_t length; + uint32_t chipset_id_list; + uint32_t os_sinit_data_ver; + uint32_t min_mle_hdr_ver; + uint32_t capabilities; + uint8_t acm_ver; + uint8_t reserved[3]; +} __packed; + +/* + * Extended Data Elements + * Chapter C.1 + * Intel TXT Software Development Guide (Document: 315168-015) + */ +struct txt_extended_data_element_header { + uint32_t type; + uint32_t size; + uint8_t data[0]; +} __packed; + +#define HEAP_EXTDATA_TYPE_END 0 +#define HEAP_EXTDATA_TYPE_BIOS_SPEC_VER 1 +#define HEAP_EXTDATA_TYPE_ACM 2 +#define HEAP_EXTDATA_TYPE_CUSTOM 4 + +struct txt_heap_acm_element { + struct txt_extended_data_element_header header; + uint32_t num_acms; // must greater 0, smaller than 3 + uint64_t acm_addrs[2]; +} __packed; + +/* + * BIOS Data Format + * Chapter C.2 + * Intel TXT Software Development Guide (Document: 315168-015) + */ +struct txt_biosdataregion { + uint32_t version; + uint32_t bios_sinit_size; + uint64_t lcp_pd_base; + uint64_t lcp_pd_size; + uint32_t no_logical_procs; + uint32_t sinit_flags; + union { + uint32_t mle_flags; + struct { + uint32_t support_acpi_ppi : 1; + uint32_t platform_type : 2; + }; + }; + u8 extended_data_elements[0]; +} __packed; + + +void txt_dump_regions(void); +void txt_dump_chipset_info(void); +void txt_dump_acm_info(const struct acm_header_v0 *acm_header); + +#endif /* SECURITY_INTEL_TXT_REGISTER_H_ */ diff --git a/src/security/memory/memory.c b/src/security/memory/memory.c index c815236..ad00857a 100644 --- a/src/security/memory/memory.c +++ b/src/security/memory/memory.c @@ -15,6 +15,8 @@ */ #include <types.h> +#include <stdint.h> +#include <security/intel/txt/txt.h> #include "memory.h" /** @@ -27,6 +29,9 @@ if (CONFIG(SECURITY_CLEAR_DRAM_ON_REGULAR_BOOT)) return true; + if (CONFIG(INTEL_TXT) && intel_txt_memory_has_secrets()) + return true; + /* TODO: Add TEE environments here */ return false; -- To view, visit https://review.coreboot.org/c/coreboot/+/42712 To unsubscribe, or for help writing mail filters, visit https://review.coreboot.org/settings Gerrit-Project: coreboot Gerrit-Branch: 4.11_branch Gerrit-Change-Id: Iaf4be7f016cc12d3971e1e1fe171e6665e44c284 Gerrit-Change-Number: 42712 Gerrit-PatchSet: 1 Gerrit-Owner: Jonathan Zhang <jonzhang(a)fb.com> Gerrit-Reviewer: Martin Roth <martinroth(a)google.com> Gerrit-Reviewer: Patrick Georgi <pgeorgi(a)google.com> Gerrit-Reviewer: Philipp Deppenwiese <zaolin.daisuki(a)gmail.com> Gerrit-MessageType: newchange

4 28

Change in libgfxinit[master]: Add Bay Trail support
by Name of user not set (Code Review) Aug. 9, 2020

Aug. 9, 2020

Name of user not set #1002789 has posted comments on this change. ( https://review.coreboot.org/c/libgfxinit/+/42359 ) Change subject: Add Bay Trail support ...................................................................... Patch Set 36: Noticed when using this on a Minnowboard Max (also WIP) I get the following error when I resume from S3 that I do not get with the VBIOS: primary A assertion failure (expected off, current on) WARNING: CPU: 0 PID: 1458 at drivers/gpu/drm/i915/display/intel_display.c:1278 assert_plane+0xbf/0xd0 [i915] -- To view, visit https://review.coreboot.org/c/libgfxinit/+/42359 To unsubscribe, or for help writing mail filters, visit https://review.coreboot.org/settings Gerrit-Project: libgfxinit Gerrit-Branch: master Gerrit-Change-Id: If81b1268c69b64fa30384f629f1eb43bda15ef52 Gerrit-Change-Number: 42359 Gerrit-PatchSet: 36 Gerrit-Owner: Angel Pons <th3fanbus(a)gmail.com> Gerrit-Reviewer: Martin Roth <martinroth(a)google.com> Gerrit-Reviewer: Matt DeVillier <matt.devillier(a)gmail.com> Gerrit-Reviewer: Nico Huber <nico.h(a)gmx.de> Gerrit-Reviewer: Patrick Georgi <pgeorgi(a)google.com> Gerrit-CC: Name of user not set #1002789 Gerrit-CC: Paul Menzel <paulepanter(a)users.sourceforge.net> Gerrit-Comment-Date: Sun, 09 Aug 2020 16:50:41 +0000 Gerrit-HasComments: No Gerrit-Has-Labels: No Gerrit-MessageType: comment

1 0

Change in coreboot[master]: mb/razer: Add initial support for the Blade Stealth (late 2019) [ICL]
by Paul Menzel (Code Review) Aug. 9, 2020

Aug. 9, 2020

Paul Menzel has posted comments on this change. ( https://review.coreboot.org/c/coreboot/+/37565 ) Change subject: mb/razer: Add initial support for the Blade Stealth (late 2019) [ICL] ...................................................................... Patch Set 16: Code-Review+1 Would be nice to get this in. But the weather is too good I guess. ;-) -- To view, visit https://review.coreboot.org/c/coreboot/+/37565 To unsubscribe, or for help writing mail filters, visit https://review.coreboot.org/settings Gerrit-Project: coreboot Gerrit-Branch: master Gerrit-Change-Id: I5711cbcd69813832d9bacc9563f651ab8702554a Gerrit-Change-Number: 37565 Gerrit-PatchSet: 16 Gerrit-Owner: Mimoja <coreboot(a)mimoja.de> Gerrit-Reviewer: Angel Pons <th3fanbus(a)gmail.com> Gerrit-Reviewer: Christian Walter <christian.walter(a)9elements.com> Gerrit-Reviewer: Christoph Pomaska <github(a)slrie.de> Gerrit-Reviewer: Daniel Maslowski <info(a)orangecms.org> Gerrit-Reviewer: Jonathan Neuschäfer <j.neuschaefer(a)gmx.net> Gerrit-Reviewer: Martin Roth <martinroth(a)google.com> Gerrit-Reviewer: Mimoja <coreboot(a)mimoja.de> Gerrit-Reviewer: Nico Huber <nico.h(a)gmx.de> Gerrit-Reviewer: Patrick Georgi <pgeorgi(a)google.com> Gerrit-Reviewer: Paul Menzel <paulepanter(a)users.sourceforge.net> Gerrit-Reviewer: Philipp Deppenwiese <zaolin.daisuki(a)gmail.com> Gerrit-Reviewer: build bot (Jenkins) <no-reply(a)coreboot.org> Gerrit-CC: Shaleen jain <shaleen(a)jain.sh> Gerrit-Comment-Date: Sun, 09 Aug 2020 15:47:50 +0000 Gerrit-HasComments: No Gerrit-Has-Labels: Yes Gerrit-MessageType: comment

1 0

Change in coreboot[master]: cpu/intel/model_106cx: Factor out common Kconfig options
by Angel Pons (Code Review) Aug. 9, 2020

Aug. 9, 2020

Angel Pons has uploaded this change for review. ( https://review.coreboot.org/c/coreboot/+/44246 ) Change subject: cpu/intel/model_106cx: Factor out common Kconfig options ...................................................................... cpu/intel/model_106cx: Factor out common Kconfig options Note that selecting SSE2 implicitly selects SSE as well. Change-Id: Ia7b34d19325b7c060ea5d02b49cae890629ccbcc Signed-off-by: Angel Pons <th3fanbus(a)gmail.com> --- M src/cpu/intel/model_106cx/Kconfig M src/cpu/intel/socket_441/Kconfig M src/cpu/intel/socket_FCBGA559/Kconfig 3 files changed, 5 insertions(+), 12 deletions(-) git pull ssh://review.coreboot.org:29418/coreboot refs/changes/46/44246/1 diff --git a/src/cpu/intel/model_106cx/Kconfig b/src/cpu/intel/model_106cx/Kconfig index 29e7a6c..dbe9b0a 100644 --- a/src/cpu/intel/model_106cx/Kconfig +++ b/src/cpu/intel/model_106cx/Kconfig @@ -5,6 +5,11 @@ select ARCH_ROMSTAGE_X86_32 select ARCH_RAMSTAGE_X86_32 select CPU_X86_CACHE + select CPU_X86_LAPIC + select CPU_X86_MTRR + select CPU_X86_SMM + select CPU_X86_TSC + select MMX select SSE2 select UDELAY_TSC select TSC_MONOTONIC_TIMER diff --git a/src/cpu/intel/socket_441/Kconfig b/src/cpu/intel/socket_441/Kconfig index 8b4fdd1..0095c77 100644 --- a/src/cpu/intel/socket_441/Kconfig +++ b/src/cpu/intel/socket_441/Kconfig @@ -6,12 +6,6 @@ config SOCKET_SPECIFIC_OPTIONS # dummy def_bool y select CPU_INTEL_MODEL_106CX - select CPU_X86_LAPIC - select CPU_X86_MTRR - select CPU_X86_SMM - select CPU_X86_TSC - select MMX - select SSE select SETUP_XIP_CACHE config C_ENV_BOOTBLOCK_SIZE diff --git a/src/cpu/intel/socket_FCBGA559/Kconfig b/src/cpu/intel/socket_FCBGA559/Kconfig index 71796ce..a1598220 100644 --- a/src/cpu/intel/socket_FCBGA559/Kconfig +++ b/src/cpu/intel/socket_FCBGA559/Kconfig @@ -8,12 +8,6 @@ config SOCKET_SPECIFIC_OPTIONS def_bool y select CPU_INTEL_MODEL_106CX - select CPU_X86_LAPIC - select CPU_X86_MTRR - select CPU_X86_SMM - select CPU_X86_TSC - select MMX - select SSE select CPU_HAS_L2_ENABLE_MSR config DCACHE_RAM_BASE -- To view, visit https://review.coreboot.org/c/coreboot/+/44246 To unsubscribe, or for help writing mail filters, visit https://review.coreboot.org/settings Gerrit-Project: coreboot Gerrit-Branch: master Gerrit-Change-Id: Ia7b34d19325b7c060ea5d02b49cae890629ccbcc Gerrit-Change-Number: 44246 Gerrit-PatchSet: 1 Gerrit-Owner: Angel Pons <th3fanbus(a)gmail.com> Gerrit-MessageType: newchange

1 2

Change in coreboot[master]: cpu/intel: Remove broken URLs
by Angel Pons (Code Review) Aug. 9, 2020

Aug. 9, 2020

Angel Pons has uploaded this change for review. ( https://review.coreboot.org/c/coreboot/+/44235 ) Change subject: cpu/intel: Remove broken URLs ...................................................................... cpu/intel: Remove broken URLs These links no longer work. Drop them. They still exist in git history. Change-Id: I1083dbde1c9199a56f711b0230a1bfe6d3174be9 Signed-off-by: Angel Pons <th3fanbus(a)gmail.com> --- M src/cpu/intel/model_65x/model_65x_init.c M src/cpu/intel/model_67x/model_67x_init.c M src/cpu/intel/model_68x/model_68x_init.c M src/cpu/intel/model_6bx/model_6bx_init.c M src/cpu/intel/model_6xx/model_6xx_init.c 5 files changed, 0 insertions(+), 62 deletions(-) git pull ssh://review.coreboot.org:29418/coreboot refs/changes/35/44235/1 diff --git a/src/cpu/intel/model_65x/model_65x_init.c b/src/cpu/intel/model_65x/model_65x_init.c index cf1394a..8989eec 100644 --- a/src/cpu/intel/model_65x/model_65x_init.c +++ b/src/cpu/intel/model_65x/model_65x_init.c @@ -28,16 +28,6 @@ .init = model_65x_init, }; -/* - * Intel Pentium II Processor Specification Update - * http://download.intel.com/design/PentiumII/specupdt/24333749.pdf - * - * Mobile Intel Pentium II Processor Specification Update - * http://download.intel.com/design/intarch/specupdt/24388757.pdf - * - * Intel Pentium II Xeon Processor Specification Update - * http://download.intel.com/support/processors/pentiumii/xeon/24377632.pdf - */ static const struct cpu_device_id cpu_table[] = { { X86_VENDOR_INTEL, 0x0650 }, /* PII/Celeron, dA0/mdA0/A0 */ { X86_VENDOR_INTEL, 0x0651 }, /* PII/Celeron, dA1/A1 */ diff --git a/src/cpu/intel/model_67x/model_67x_init.c b/src/cpu/intel/model_67x/model_67x_init.c index 427d658..6cfa96c 100644 --- a/src/cpu/intel/model_67x/model_67x_init.c +++ b/src/cpu/intel/model_67x/model_67x_init.c @@ -31,13 +31,6 @@ .init = model_67x_init, }; -/* - * Intel Pentium III Processor Identification and Package Information - * http://www.intel.com/design/pentiumiii/qit/update.pdf - * - * Intel Pentium III Processor Specification Update - * http://download.intel.com/design/intarch/specupdt/24445358.pdf - */ static const struct cpu_device_id cpu_table[] = { { X86_VENDOR_INTEL, 0x0671 }, { X86_VENDOR_INTEL, 0x0672 }, /* PIII, kB0 */ diff --git a/src/cpu/intel/model_68x/model_68x_init.c b/src/cpu/intel/model_68x/model_68x_init.c index 3402c60..22ce332 100644 --- a/src/cpu/intel/model_68x/model_68x_init.c +++ b/src/cpu/intel/model_68x/model_68x_init.c @@ -35,19 +35,6 @@ .init = model_68x_init, }; -/* - * Intel Celeron Processor Identification Information - * http://www.intel.com/design/celeron/qit/update.pdf - * - * Intel Pentium III Processor Identification and Package Information - * http://www.intel.com/design/pentiumiii/qit/update.pdf - * - * Intel Pentium III Processor Specification Update - * http://download.intel.com/design/intarch/specupdt/24445358.pdf - * - * Mobile Intel Pentium III/III-M Processor Specification Update - * http://download.intel.com/design/intarch/specupdt/24530663.pdf - */ static const struct cpu_device_id cpu_table[] = { { X86_VENDOR_INTEL, 0x0680 }, { X86_VENDOR_INTEL, 0x0681 }, /* PIII, cA2/cA2c/A2/BA2/PA2/MA2 */ diff --git a/src/cpu/intel/model_6bx/model_6bx_init.c b/src/cpu/intel/model_6bx/model_6bx_init.c index 2e7069c..3d633bf 100644 --- a/src/cpu/intel/model_6bx/model_6bx_init.c +++ b/src/cpu/intel/model_6bx/model_6bx_init.c @@ -35,13 +35,6 @@ .init = model_6bx_init, }; -/* - * Pentium III Processor Identification and Package Information. - * http://www.intel.com/design/pentiumiii/qit/update.pdf - * - * Intel Pentium III Processor Specification Update - * http://download.intel.com/design/intarch/specupdt/24445358.pdf - */ static const struct cpu_device_id cpu_table[] = { { X86_VENDOR_INTEL, 0x06b1 }, /* Pentium III/Celeron, tA1/A1/FPA1 */ { X86_VENDOR_INTEL, 0x06b4 }, /* Pentium III, tB1/FPB1 */ diff --git a/src/cpu/intel/model_6xx/model_6xx_init.c b/src/cpu/intel/model_6xx/model_6xx_init.c index 2e93507b..a6944d3 100644 --- a/src/cpu/intel/model_6xx/model_6xx_init.c +++ b/src/cpu/intel/model_6xx/model_6xx_init.c @@ -25,31 +25,6 @@ .init = model_6xx_init, }; -/* - * Intel Pentium Pro Processor Specification Update - * http://download.intel.com/design/archives/processors/pro/docs/24268935.pdf - * - * Intel Pentium II Processor Specification Update - * http://download.intel.com/design/PentiumII/specupdt/24333749.pdf - * - * Mobile Intel Pentium II Processor Specification Update - * http://download.intel.com/design/intarch/specupdt/24388757.pdf - * - * Intel Celeron Processor Identification Information - * http://www.intel.com/design/celeron/qit/update.pdf - * - * Intel Pentium II Xeon Processor Specification Update - * http://download.intel.com/support/processors/pentiumii/xeon/24377632.pdf - * - * Intel Pentium III Processor Identification and Package Information - * http://www.intel.com/design/pentiumiii/qit/update.pdf - * - * Intel Pentium III Processor Specification Update - * http://download.intel.com/design/intarch/specupdt/24445358.pdf - * - * Mobile Intel Pentium III/III-M Processor Specification Update - * http://download.intel.com/design/intarch/specupdt/24530663.pdf - */ static const struct cpu_device_id cpu_table[] = { { X86_VENDOR_INTEL, 0x0611 }, /* Pentium Pro, B0 */ { X86_VENDOR_INTEL, 0x0612 }, /* Pentium Pro, C0 */ -- To view, visit https://review.coreboot.org/c/coreboot/+/44235 To unsubscribe, or for help writing mail filters, visit https://review.coreboot.org/settings Gerrit-Project: coreboot Gerrit-Branch: master Gerrit-Change-Id: I1083dbde1c9199a56f711b0230a1bfe6d3174be9 Gerrit-Change-Number: 44235 Gerrit-PatchSet: 1 Gerrit-Owner: Angel Pons <th3fanbus(a)gmail.com> Gerrit-Reviewer: Patrick Rudolph <siro(a)das-labor.org> Gerrit-MessageType: newchange

4 16

Change in coreboot[master]: cpu/intel/model_6xx: Unify all Slot 1 CPUs
by Angel Pons (Code Review) Aug. 9, 2020

Aug. 9, 2020

Angel Pons has uploaded this change for review. ( https://review.coreboot.org/c/coreboot/+/44241 ) Change subject: cpu/intel/model_6xx: Unify all Slot 1 CPUs ...................................................................... cpu/intel/model_6xx: Unify all Slot 1 CPUs Also remove duplicated CPU IDs across two files. This shaves off 64 bytes from the resulting coreboot image for the Asus P2B-DS. Change-Id: I22092d97c244263eec7e65abbfe2bbeb58680fc8 Signed-off-by: Angel Pons <th3fanbus(a)gmail.com> --- D src/cpu/intel/model_65x_67x/Makefile.inc D src/cpu/intel/model_65x_67x/model_65x_67x_init.c D src/cpu/intel/model_68x_6bx/Makefile.inc D src/cpu/intel/model_68x_6bx/model_68x_6bx_init.c M src/cpu/intel/model_6xx/Makefile.inc M src/cpu/intel/model_6xx/model_6xx_init.c M src/cpu/intel/slot_1/Makefile.inc 7 files changed, 34 insertions(+), 118 deletions(-) git pull ssh://review.coreboot.org:29418/coreboot refs/changes/41/44241/1 diff --git a/src/cpu/intel/model_65x_67x/Makefile.inc b/src/cpu/intel/model_65x_67x/Makefile.inc deleted file mode 100644 index 3b78c4e..0000000 --- a/src/cpu/intel/model_65x_67x/Makefile.inc +++ /dev/null @@ -1,6 +0,0 @@ -## SPDX-License-Identifier: GPL-2.0-or-later - -ramstage-y += model_65x_67x_init.c - -cpu_microcode_bins += $(wildcard 3rdparty/intel-microcode/intel-ucode/06-05-*) -cpu_microcode_bins += $(wildcard 3rdparty/intel-microcode/intel-ucode/06-07-*) diff --git a/src/cpu/intel/model_65x_67x/model_65x_67x_init.c b/src/cpu/intel/model_65x_67x/model_65x_67x_init.c deleted file mode 100644 index 86950e4..0000000 --- a/src/cpu/intel/model_65x_67x/model_65x_67x_init.c +++ /dev/null @@ -1,49 +0,0 @@ -/* SPDX-License-Identifier: GPL-2.0-only */ - -#include <device/device.h> -#include <cpu/cpu.h> -#include <cpu/x86/mtrr.h> -#include <cpu/x86/lapic.h> -#include <cpu/intel/microcode.h> -#include <cpu/x86/cache.h> -#include <cpu/intel/l2_cache.h> - -static void model_65x_67x_init(struct device *cpu) -{ - /* Update the microcode */ - intel_update_microcode_from_cbfs(); - - /* Initialize L2 cache */ - p6_configure_l2_cache(); - - /* Turn on caching if we haven't already */ - x86_enable_cache(); - - /* Setup MTRRs */ - x86_setup_mtrrs(); - x86_mtrr_check(); - - /* Enable the local CPU APICs */ - setup_lapic(); -} - -static struct device_operations cpu_dev_ops = { - .init = model_65x_67x_init, -}; - -static const struct cpu_device_id cpu_table[] = { - { X86_VENDOR_INTEL, 0x0650 }, /* PII/Celeron, dA0/mdA0/A0 */ - { X86_VENDOR_INTEL, 0x0651 }, /* PII/Celeron, dA1/A1 */ - { X86_VENDOR_INTEL, 0x0652 }, /* PII/Celeron/Xeon, dB0/mdB0/B0 */ - { X86_VENDOR_INTEL, 0x0653 }, /* PII/Xeon, dB1/B1 */ - - { X86_VENDOR_INTEL, 0x0671 }, - { X86_VENDOR_INTEL, 0x0672 }, /* PIII, kB0 */ - { X86_VENDOR_INTEL, 0x0673 }, /* PIII, kC0 */ - { 0, 0 }, -}; - -static const struct cpu_driver driver __cpu_driver = { - .ops = &cpu_dev_ops, - .id_table = cpu_table, -}; diff --git a/src/cpu/intel/model_68x_6bx/Makefile.inc b/src/cpu/intel/model_68x_6bx/Makefile.inc deleted file mode 100644 index b12f4d0..0000000 --- a/src/cpu/intel/model_68x_6bx/Makefile.inc +++ /dev/null @@ -1,7 +0,0 @@ -## SPDX-License-Identifier: GPL-2.0-or-later - -ramstage-y += model_68x_6bx_init.c -subdirs-y += ../../x86/name - -cpu_microcode_bins += $(wildcard 3rdparty/intel-microcode/intel-ucode/06-08-*) -cpu_microcode_bins += $(wildcard 3rdparty/intel-microcode/intel-ucode/06-0b-*) diff --git a/src/cpu/intel/model_68x_6bx/model_68x_6bx_init.c b/src/cpu/intel/model_68x_6bx/model_68x_6bx_init.c deleted file mode 100644 index 06ac099..0000000 --- a/src/cpu/intel/model_68x_6bx/model_68x_6bx_init.c +++ /dev/null @@ -1,54 +0,0 @@ -/* SPDX-License-Identifier: GPL-2.0-only */ - -#include <console/console.h> -#include <device/device.h> -#include <cpu/cpu.h> -#include <cpu/x86/mtrr.h> -#include <cpu/x86/lapic.h> -#include <cpu/intel/microcode.h> -#include <cpu/x86/cache.h> -#include <cpu/x86/name.h> - -static void model_68x_6bx_init(struct device *cpu) -{ - char processor_name[49]; - - /* Update the microcode */ - intel_update_microcode_from_cbfs(); - - /* Turn on caching if we haven't already */ - x86_enable_cache(); - - /* Print processor name */ - fill_processor_name(processor_name); - printk(BIOS_INFO, "CPU: %s.\n", processor_name); - - /* Setup MTRRs */ - x86_setup_mtrrs(); - x86_mtrr_check(); - - /* Enable the local CPU APICs */ - setup_lapic(); -} - -static struct device_operations cpu_dev_ops = { - .init = model_68x_6bx_init, -}; - -static const struct cpu_device_id cpu_table[] = { - { X86_VENDOR_INTEL, 0x0680 }, - { X86_VENDOR_INTEL, 0x0681 }, /* PIII, cA2/cA2c/A2/BA2/PA2/MA2 */ - { X86_VENDOR_INTEL, 0x0683 }, /* PIII/Celeron, cB0/cB0c/B0/BB0/PB0/MB0*/ - { X86_VENDOR_INTEL, 0x0686 }, /* PIII/Celeron, cC0/C0/BC0/PC0/MC0 */ - { X86_VENDOR_INTEL, 0x068a }, /* PIII/Celeron, cD0/D0/BD0/PD0 */ - - { X86_VENDOR_INTEL, 0x06b1 }, /* Pentium III/Celeron, tA1/A1/FPA1 */ - { X86_VENDOR_INTEL, 0x06b4 }, /* Pentium III, tB1/FPB1 */ - - { 0, 0 }, -}; - -static const struct cpu_driver driver __cpu_driver = { - .ops = &cpu_dev_ops, - .id_table = cpu_table, -}; diff --git a/src/cpu/intel/model_6xx/Makefile.inc b/src/cpu/intel/model_6xx/Makefile.inc index b2f87ab..83d3dc0 100644 --- a/src/cpu/intel/model_6xx/Makefile.inc +++ b/src/cpu/intel/model_6xx/Makefile.inc @@ -1,3 +1,9 @@ ramstage-y += model_6xx_init.c +subdirs-y += ../../x86/name + +cpu_microcode_bins += $(wildcard 3rdparty/intel-microcode/intel-ucode/06-05-*) cpu_microcode_bins += $(wildcard 3rdparty/intel-microcode/intel-ucode/06-06-*) +cpu_microcode_bins += $(wildcard 3rdparty/intel-microcode/intel-ucode/06-07-*) +cpu_microcode_bins += $(wildcard 3rdparty/intel-microcode/intel-ucode/06-08-*) +cpu_microcode_bins += $(wildcard 3rdparty/intel-microcode/intel-ucode/06-0b-*) diff --git a/src/cpu/intel/model_6xx/model_6xx_init.c b/src/cpu/intel/model_6xx/model_6xx_init.c index 8ebc7ee..b3019c3 100644 --- a/src/cpu/intel/model_6xx/model_6xx_init.c +++ b/src/cpu/intel/model_6xx/model_6xx_init.c @@ -1,20 +1,35 @@ /* SPDX-License-Identifier: GPL-2.0-only */ +#include <console/console.h> #include <device/device.h> #include <cpu/cpu.h> #include <cpu/x86/mtrr.h> #include <cpu/x86/lapic.h> #include <cpu/intel/microcode.h> #include <cpu/x86/cache.h> +#include <cpu/intel/l2_cache.h> +#include <cpu/x86/name.h> static void model_6xx_init(struct device *dev) { /* Update the microcode */ intel_update_microcode_from_cbfs(); + /* Initialize off-die L2 cache */ + if ((dev->device & 0x0ff0) == 0x0650 || (dev->device & 0x0ff0) == 0x0670) + p6_configure_l2_cache(); + /* Turn on caching if we haven't already */ x86_enable_cache(); + /* Print processor name */ + if ((dev->device & 0x0ff0) == 0x0680 || (dev->device & 0x0ff0) == 0x06b0) { + char processor_name[49]; + + fill_processor_name(processor_name); + printk(BIOS_INFO, "CPU: %s.\n", processor_name); + } + /* Setup MTRRs */ x86_setup_mtrrs(); x86_mtrr_check(); @@ -37,10 +52,19 @@ { X86_VENDOR_INTEL, 0x0633 }, /* PII, C0 */ { X86_VENDOR_INTEL, 0x0634 }, /* PII, C1 */ + { X86_VENDOR_INTEL, 0x0650 }, /* PII/Celeron, dA0/mdA0/A0 */ + { X86_VENDOR_INTEL, 0x0651 }, /* PII/Celeron, dA1/A1 */ + { X86_VENDOR_INTEL, 0x0652 }, /* PII/Celeron/Xeon, dB0/mdB0/B0 */ + { X86_VENDOR_INTEL, 0x0653 }, /* PII/Xeon, dB1/B1 */ + { X86_VENDOR_INTEL, 0x0660 }, /* Celeron, A0 */ { X86_VENDOR_INTEL, 0x0665 }, /* Celeron, B0 */ { X86_VENDOR_INTEL, 0x066a }, /* PII, mdxA0/dmmA0 + others */ + { X86_VENDOR_INTEL, 0x0671 }, + { X86_VENDOR_INTEL, 0x0672 }, /* PIII, kB0 */ + { X86_VENDOR_INTEL, 0x0673 }, /* PIII, kC0 */ + { X86_VENDOR_INTEL, 0x0680 }, { X86_VENDOR_INTEL, 0x0681 }, /* PIII, cA2/cA2c/A2/BA2/PA2/MA2 */ { X86_VENDOR_INTEL, 0x0683 }, /* PIII/Celeron, cB0/cB0c/B0/BB0/PB0/MB0*/ @@ -50,6 +74,10 @@ { X86_VENDOR_INTEL, 0x06a0 }, /* PIII, A0 */ { X86_VENDOR_INTEL, 0x06a1 }, /* PIII, A1 */ { X86_VENDOR_INTEL, 0x06a4 }, /* PIII, B0 */ + + { X86_VENDOR_INTEL, 0x06b1 }, /* Pentium III/Celeron, tA1/A1/FPA1 */ + { X86_VENDOR_INTEL, 0x06b4 }, /* Pentium III, tB1/FPB1 */ + { 0, 0 }, }; diff --git a/src/cpu/intel/slot_1/Makefile.inc b/src/cpu/intel/slot_1/Makefile.inc index 593e585..dbdb7c3 100644 --- a/src/cpu/intel/slot_1/Makefile.inc +++ b/src/cpu/intel/slot_1/Makefile.inc @@ -3,8 +3,6 @@ ramstage-y += slot_1.c ramstage-y += l2_cache.c subdirs-y += ../model_6xx -subdirs-y += ../model_65x_67x -subdirs-y += ../model_68x_6bx subdirs-y += ../microcode bootblock-y += ../car/p3/cache_as_ram.S -- To view, visit https://review.coreboot.org/c/coreboot/+/44241 To unsubscribe, or for help writing mail filters, visit https://review.coreboot.org/settings Gerrit-Project: coreboot Gerrit-Branch: master Gerrit-Change-Id: I22092d97c244263eec7e65abbfe2bbeb58680fc8 Gerrit-Change-Number: 44241 Gerrit-PatchSet: 1 Gerrit-Owner: Angel Pons <th3fanbus(a)gmail.com> Gerrit-Reviewer: Martin Roth <martinroth(a)google.com> Gerrit-Reviewer: Patrick Georgi <pgeorgi(a)google.com> Gerrit-Reviewer: Patrick Rudolph <siro(a)das-labor.org> Gerrit-MessageType: newchange

3 14

Change in coreboot[master]: cpu/intel/model_6xx: Align cosmetics
by Angel Pons (Code Review) Aug. 9, 2020

Aug. 9, 2020

Angel Pons has uploaded this change for review. ( https://review.coreboot.org/c/coreboot/+/44240 ) Change subject: cpu/intel/model_6xx: Align cosmetics ...................................................................... cpu/intel/model_6xx: Align cosmetics Add a comment and remove some spaces to align with similar CPUs. Change-Id: I825766a638581b247281df9d16bcfb9c02a43dad Signed-off-by: Angel Pons <th3fanbus(a)gmail.com> --- M src/cpu/intel/model_6xx/model_6xx_init.c 1 file changed, 3 insertions(+), 1 deletion(-) git pull ssh://review.coreboot.org:29418/coreboot refs/changes/40/44240/1 diff --git a/src/cpu/intel/model_6xx/model_6xx_init.c b/src/cpu/intel/model_6xx/model_6xx_init.c index f394b5f..8ebc7ee 100644 --- a/src/cpu/intel/model_6xx/model_6xx_init.c +++ b/src/cpu/intel/model_6xx/model_6xx_init.c @@ -14,6 +14,8 @@ /* Turn on caching if we haven't already */ x86_enable_cache(); + + /* Setup MTRRs */ x86_setup_mtrrs(); x86_mtrr_check(); @@ -22,7 +24,7 @@ }; static struct device_operations cpu_dev_ops = { - .init = model_6xx_init, + .init = model_6xx_init, }; static const struct cpu_device_id cpu_table[] = { -- To view, visit https://review.coreboot.org/c/coreboot/+/44240 To unsubscribe, or for help writing mail filters, visit https://review.coreboot.org/settings Gerrit-Project: coreboot Gerrit-Branch: master Gerrit-Change-Id: I825766a638581b247281df9d16bcfb9c02a43dad Gerrit-Change-Number: 44240 Gerrit-PatchSet: 1 Gerrit-Owner: Angel Pons <th3fanbus(a)gmail.com> Gerrit-Reviewer: Patrick Rudolph <siro(a)das-labor.org> Gerrit-MessageType: newchange

2 5

Change in coreboot[master]: cpu/intel/model_6xx: Update ucode before enabling cache
by Angel Pons (Code Review) Aug. 9, 2020

Aug. 9, 2020

Angel Pons has uploaded this change for review. ( https://review.coreboot.org/c/coreboot/+/44239 ) Change subject: cpu/intel/model_6xx: Update ucode before enabling cache ...................................................................... cpu/intel/model_6xx: Update ucode before enabling cache Other similar CPUs update the microcode first, so do the same here. Change-Id: I66f197cc8cf10eac2815961043e8c343aa3c204d Signed-off-by: Angel Pons <th3fanbus(a)gmail.com> --- M src/cpu/intel/model_6xx/model_6xx_init.c 1 file changed, 3 insertions(+), 3 deletions(-) git pull ssh://review.coreboot.org:29418/coreboot refs/changes/39/44239/1 diff --git a/src/cpu/intel/model_6xx/model_6xx_init.c b/src/cpu/intel/model_6xx/model_6xx_init.c index a6944d3..f394b5f 100644 --- a/src/cpu/intel/model_6xx/model_6xx_init.c +++ b/src/cpu/intel/model_6xx/model_6xx_init.c @@ -9,14 +9,14 @@ static void model_6xx_init(struct device *dev) { + /* Update the microcode */ + intel_update_microcode_from_cbfs(); + /* Turn on caching if we haven't already */ x86_enable_cache(); x86_setup_mtrrs(); x86_mtrr_check(); - /* Update the microcode */ - intel_update_microcode_from_cbfs(); - /* Enable the local CPU APICs */ setup_lapic(); }; -- To view, visit https://review.coreboot.org/c/coreboot/+/44239 To unsubscribe, or for help writing mail filters, visit https://review.coreboot.org/settings Gerrit-Project: coreboot Gerrit-Branch: master Gerrit-Change-Id: I66f197cc8cf10eac2815961043e8c343aa3c204d Gerrit-Change-Number: 44239 Gerrit-PatchSet: 1 Gerrit-Owner: Angel Pons <th3fanbus(a)gmail.com> Gerrit-Reviewer: Patrick Rudolph <siro(a)das-labor.org> Gerrit-MessageType: newchange

3 6

Change in coreboot[master]: cpu/intel/model_68x_6bx: Update ucode before enabling cache
by Angel Pons (Code Review) Aug. 9, 2020

Aug. 9, 2020

Angel Pons has uploaded this change for review. ( https://review.coreboot.org/c/coreboot/+/44238 ) Change subject: cpu/intel/model_68x_6bx: Update ucode before enabling cache ...................................................................... cpu/intel/model_68x_6bx: Update ucode before enabling cache Other similar CPUs update the microcode first, so do the same here. Change-Id: I9dda712043e1d17c3cc860d38b5daf8adfa882fa Signed-off-by: Angel Pons <th3fanbus(a)gmail.com> --- M src/cpu/intel/model_68x_6bx/model_68x_6bx_init.c 1 file changed, 3 insertions(+), 3 deletions(-) git pull ssh://review.coreboot.org:29418/coreboot refs/changes/38/44238/1 diff --git a/src/cpu/intel/model_68x_6bx/model_68x_6bx_init.c b/src/cpu/intel/model_68x_6bx/model_68x_6bx_init.c index dc23a7be..06ac099 100644 --- a/src/cpu/intel/model_68x_6bx/model_68x_6bx_init.c +++ b/src/cpu/intel/model_68x_6bx/model_68x_6bx_init.c @@ -13,12 +13,12 @@ { char processor_name[49]; - /* Turn on caching if we haven't already */ - x86_enable_cache(); - /* Update the microcode */ intel_update_microcode_from_cbfs(); + /* Turn on caching if we haven't already */ + x86_enable_cache(); + /* Print processor name */ fill_processor_name(processor_name); printk(BIOS_INFO, "CPU: %s.\n", processor_name); -- To view, visit https://review.coreboot.org/c/coreboot/+/44238 To unsubscribe, or for help writing mail filters, visit https://review.coreboot.org/settings Gerrit-Project: coreboot Gerrit-Branch: master Gerrit-Change-Id: I9dda712043e1d17c3cc860d38b5daf8adfa882fa Gerrit-Change-Number: 44238 Gerrit-PatchSet: 1 Gerrit-Owner: Angel Pons <th3fanbus(a)gmail.com> Gerrit-Reviewer: Patrick Rudolph <siro(a)das-labor.org> Gerrit-MessageType: newchange

2 5

Change in coreboot[master]: cpu/intel/model_{68x,6bx}: Unify CPU code
by Angel Pons (Code Review) Aug. 9, 2020

Aug. 9, 2020

Angel Pons has uploaded this change for review. ( https://review.coreboot.org/c/coreboot/+/44237 ) Change subject: cpu/intel/model_{68x,6bx}: Unify CPU code ...................................................................... cpu/intel/model_{68x,6bx}: Unify CPU code Both CPU models have the same initialization sequence, so merge them. Apparently, this does not affect the remaining free space in CBFS. Change-Id: Ic7430e9c98741f4bd3dcf3fdd07ca80d307d2159 Signed-off-by: Angel Pons <th3fanbus(a)gmail.com> --- D src/cpu/intel/model_68x/Makefile.inc A src/cpu/intel/model_68x_6bx/Makefile.inc R src/cpu/intel/model_68x_6bx/model_68x_6bx_init.c D src/cpu/intel/model_6bx/Makefile.inc D src/cpu/intel/model_6bx/model_6bx_init.c M src/cpu/intel/slot_1/Makefile.inc 6 files changed, 13 insertions(+), 61 deletions(-) git pull ssh://review.coreboot.org:29418/coreboot refs/changes/37/44237/1 diff --git a/src/cpu/intel/model_68x/Makefile.inc b/src/cpu/intel/model_68x/Makefile.inc deleted file mode 100644 index e9344b4..0000000 --- a/src/cpu/intel/model_68x/Makefile.inc +++ /dev/null @@ -1,6 +0,0 @@ -## SPDX-License-Identifier: GPL-2.0-or-later - -ramstage-y += model_68x_init.c -subdirs-y += ../../x86/name - -cpu_microcode_bins += $(wildcard 3rdparty/intel-microcode/intel-ucode/06-08-*) diff --git a/src/cpu/intel/model_68x_6bx/Makefile.inc b/src/cpu/intel/model_68x_6bx/Makefile.inc new file mode 100644 index 0000000..b12f4d0 --- /dev/null +++ b/src/cpu/intel/model_68x_6bx/Makefile.inc @@ -0,0 +1,7 @@ +## SPDX-License-Identifier: GPL-2.0-or-later + +ramstage-y += model_68x_6bx_init.c +subdirs-y += ../../x86/name + +cpu_microcode_bins += $(wildcard 3rdparty/intel-microcode/intel-ucode/06-08-*) +cpu_microcode_bins += $(wildcard 3rdparty/intel-microcode/intel-ucode/06-0b-*) diff --git a/src/cpu/intel/model_68x/model_68x_init.c b/src/cpu/intel/model_68x_6bx/model_68x_6bx_init.c similarity index 84% rename from src/cpu/intel/model_68x/model_68x_init.c rename to src/cpu/intel/model_68x_6bx/model_68x_6bx_init.c index 22ce332..dc23a7be 100644 --- a/src/cpu/intel/model_68x/model_68x_init.c +++ b/src/cpu/intel/model_68x_6bx/model_68x_6bx_init.c @@ -9,7 +9,7 @@ #include <cpu/x86/cache.h> #include <cpu/x86/name.h> -static void model_68x_init(struct device *cpu) +static void model_68x_6bx_init(struct device *cpu) { char processor_name[49]; @@ -32,7 +32,7 @@ } static struct device_operations cpu_dev_ops = { - .init = model_68x_init, + .init = model_68x_6bx_init, }; static const struct cpu_device_id cpu_table[] = { @@ -42,6 +42,9 @@ { X86_VENDOR_INTEL, 0x0686 }, /* PIII/Celeron, cC0/C0/BC0/PC0/MC0 */ { X86_VENDOR_INTEL, 0x068a }, /* PIII/Celeron, cD0/D0/BD0/PD0 */ + { X86_VENDOR_INTEL, 0x06b1 }, /* Pentium III/Celeron, tA1/A1/FPA1 */ + { X86_VENDOR_INTEL, 0x06b4 }, /* Pentium III, tB1/FPB1 */ + { 0, 0 }, }; diff --git a/src/cpu/intel/model_6bx/Makefile.inc b/src/cpu/intel/model_6bx/Makefile.inc deleted file mode 100644 index 84f4ff0..0000000 --- a/src/cpu/intel/model_6bx/Makefile.inc +++ /dev/null @@ -1,4 +0,0 @@ -ramstage-y += model_6bx_init.c -subdirs-y += ../../x86/name - -cpu_microcode_bins += $(wildcard 3rdparty/intel-microcode/intel-ucode/06-0b-*) diff --git a/src/cpu/intel/model_6bx/model_6bx_init.c b/src/cpu/intel/model_6bx/model_6bx_init.c deleted file mode 100644 index 3d633bf..0000000 --- a/src/cpu/intel/model_6bx/model_6bx_init.c +++ /dev/null @@ -1,47 +0,0 @@ -/* SPDX-License-Identifier: GPL-2.0-only */ - -#include <console/console.h> -#include <device/device.h> -#include <cpu/cpu.h> -#include <cpu/x86/mtrr.h> -#include <cpu/x86/lapic.h> -#include <cpu/intel/microcode.h> -#include <cpu/x86/cache.h> -#include <cpu/x86/name.h> - -static void model_6bx_init(struct device *cpu) -{ - char processor_name[49]; - - /* Turn on caching if we haven't already */ - x86_enable_cache(); - - /* Update the microcode */ - intel_update_microcode_from_cbfs(); - - /* Print processor name */ - fill_processor_name(processor_name); - printk(BIOS_INFO, "CPU: %s.\n", processor_name); - - /* Setup MTRRs */ - x86_setup_mtrrs(); - x86_mtrr_check(); - - /* Enable the local CPU APICs */ - setup_lapic(); -} - -static struct device_operations cpu_dev_ops = { - .init = model_6bx_init, -}; - -static const struct cpu_device_id cpu_table[] = { - { X86_VENDOR_INTEL, 0x06b1 }, /* Pentium III/Celeron, tA1/A1/FPA1 */ - { X86_VENDOR_INTEL, 0x06b4 }, /* Pentium III, tB1/FPB1 */ - { 0, 0 }, -}; - -static const struct cpu_driver driver __cpu_driver = { - .ops = &cpu_dev_ops, - .id_table = cpu_table, -}; diff --git a/src/cpu/intel/slot_1/Makefile.inc b/src/cpu/intel/slot_1/Makefile.inc index 489a3c4..593e585 100644 --- a/src/cpu/intel/slot_1/Makefile.inc +++ b/src/cpu/intel/slot_1/Makefile.inc @@ -4,8 +4,7 @@ ramstage-y += l2_cache.c subdirs-y += ../model_6xx subdirs-y += ../model_65x_67x -subdirs-y += ../model_68x -subdirs-y += ../model_6bx +subdirs-y += ../model_68x_6bx subdirs-y += ../microcode bootblock-y += ../car/p3/cache_as_ram.S -- To view, visit https://review.coreboot.org/c/coreboot/+/44237 To unsubscribe, or for help writing mail filters, visit https://review.coreboot.org/settings Gerrit-Project: coreboot Gerrit-Branch: master Gerrit-Change-Id: Ic7430e9c98741f4bd3dcf3fdd07ca80d307d2159 Gerrit-Change-Number: 44237 Gerrit-PatchSet: 1 Gerrit-Owner: Angel Pons <th3fanbus(a)gmail.com> Gerrit-Reviewer: Martin Roth <martinroth(a)google.com> Gerrit-Reviewer: Patrick Georgi <pgeorgi(a)google.com> Gerrit-Reviewer: Patrick Rudolph <siro(a)das-labor.org> Gerrit-MessageType: newchange

1 4