[coreboot-gerrit] Change in coreboot[master]: soc/intel/common/cpu: Use SoC overrides to drop CPU privilege level

7 Jan 2022

Attention is currently required from: Andrey Petrov, Patrick Rudolph.
Subrata Banik has uploaded this change for review. ( https://review.coreboot.org/c/coreboot/+/60898 )
Change subject: soc/intel/common/cpu: Use SoC overrides to drop CPU privilege level
......................................................................
soc/intel/common/cpu: Use SoC overrides to drop CPU privilege level
This patch implements a SoC overrides to drop CPU privilege level
as the MSRis not unique across different CPUs.
For example: On APL/GLK, its MSR 0x120 and CNL onwards its MSR
0x151.
For now, only APL SoC has implemented the overrides.
Signed-off-by: Subrata Banik subratabanik@google.com
Change-Id: I0b6f39509cc5457089cc15f28956833c36b567ad
---
M src/soc/intel/apollolake/chip.c
M src/soc/intel/apollolake/cpu.c
M src/soc/intel/apollolake/include/soc/msr.h
M src/soc/intel/common/block/cpu/cpulib.c
M src/soc/intel/common/block/include/intelblocks/cpulib.h
M src/soc/intel/common/block/include/intelblocks/msr.h
6 files changed, 29 insertions(+), 20 deletions(-)
git pull ssh://review.coreboot.org:29418/coreboot refs/changes/98/60898/1

diff --git a/src/soc/intel/apollolake/chip.c b/src/soc/intel/apollolake/chip.c
index 651bd84..565504f 100644
--- a/src/soc/intel/apollolake/chip.c
+++ b/src/soc/intel/apollolake/chip.c
@@ -702,10 +702,15 @@
    .final = &soc_final
 };
+static void soc_enable_untrusted_mode(void *unused)
+{
+	cpu_soc_enable_untrusted_mode();
+}
+
 static void drop_privilege_all(void)
 {
    /* Drop privilege level on all the CPUs */
-	if (mp_run_on_all_cpus(&cpu_enable_untrusted_mode, NULL) != CB_SUCCESS)
+	if (mp_run_on_all_cpus(&soc_enable_untrusted_mode, NULL) != CB_SUCCESS)
    	printk(BIOS_ERR, "failed to enable untrusted mode\n");
 }
diff --git a/src/soc/intel/apollolake/cpu.c b/src/soc/intel/apollolake/cpu.c
index af0a6dc..02feb20 100644
--- a/src/soc/intel/apollolake/cpu.c
+++ b/src/soc/intel/apollolake/cpu.c
@@ -47,6 +47,19 @@
    REG_SCRIPT_END
 };
+/*
+ * Set Bit 6 (ENABLE_IA_UNTRUSTED_MODE) of MSR 0x120
+ * UCODE_PCR_POWER_MISC MSR to enter IA Untrusted Mode.
+ */
+void cpu_soc_enable_untrusted_mode(void)
+{
+	msr_t msr;
+
+	msr = rdmsr(MSR_POWER_MISC);
+	msr.lo |= ENABLE_IA_UNTRUSTED;
+	wrmsr(MSR_POWER_MISC, msr);
+}
+
 void soc_core_init(struct device *cpu)
 {
    /* Configure Core PRMRR for SGX. */
diff --git a/src/soc/intel/apollolake/include/soc/msr.h b/src/soc/intel/apollolake/include/soc/msr.h
index e35c881..97c67dd 100644
--- a/src/soc/intel/apollolake/include/soc/msr.h
+++ b/src/soc/intel/apollolake/include/soc/msr.h
@@ -5,4 +5,8 @@
#include <intelblocks/msr.h>
+#define MSR_POWER_MISC		0x120
+#define  ENABLE_IA_UNTRUSTED	(1 << 6)
+#define  FLUSH_DL1_L2		(1 << 8)
+
 #endif
diff --git a/src/soc/intel/common/block/cpu/cpulib.c b/src/soc/intel/common/block/cpu/cpulib.c
index 27ff8cd..6eff231 100644
--- a/src/soc/intel/common/block/cpu/cpulib.c
+++ b/src/soc/intel/common/block/cpu/cpulib.c
@@ -38,6 +38,8 @@
 #define CPUID_STRUCT_EXTENDED_FEATURE_FLAGS	0x7
 #define HYBRID_FEATURE				BIT(15)
+void __weak cpu_soc_enable_untrusted_mode(void) {}
+
 /*
  * Set PERF_CTL MSR (0x199) P_Req with
  * Turbo Ratio which is the Maximum Ratio.
@@ -260,19 +262,6 @@
 }
/*
- * Set Bit 6 (ENABLE_IA_UNTRUSTED_MODE) of MSR 0x120
- * UCODE_PCR_POWER_MISC MSR to enter IA Untrusted Mode.
- */
-void cpu_enable_untrusted_mode(void *unused)
-{
-	msr_t msr;
-
-	msr = rdmsr(MSR_POWER_MISC);
-	msr.lo |= ENABLE_IA_UNTRUSTED;
-	wrmsr(MSR_POWER_MISC, msr);
-}
-
-/*
  * This function fills in the number of Cores(physical) and Threads(virtual)
  * of the CPU in the function arguments. It also returns if the number of cores
  * and number of threads are equal.
diff --git a/src/soc/intel/common/block/include/intelblocks/cpulib.h b/src/soc/intel/common/block/include/intelblocks/cpulib.h
index 094aceb..7c50fce 100644
--- a/src/soc/intel/common/block/include/intelblocks/cpulib.h
+++ b/src/soc/intel/common/block/include/intelblocks/cpulib.h
@@ -112,10 +112,11 @@
 void cpu_set_eist(bool eist_status);
/*
- * Set Bit 6 (ENABLE_IA_UNTRUSTED_MODE) of MSR 0x120
- * UCODE_PCR_POWER_MISC MSR to enter IA Untrusted Mode.
+ * SoC specific implementation:
+ *
+ * Set ENABLE_IA_UNTRUSTED_MODE) of CPU MSR to enter IA Untrusted Mode.
  */
-void cpu_enable_untrusted_mode(void *unused);
+void cpu_soc_enable_untrusted_mode(void);
/*
  * This function fills in the number of Cores(physical) and Threads(virtual)
diff --git a/src/soc/intel/common/block/include/intelblocks/msr.h b/src/soc/intel/common/block/include/intelblocks/msr.h
index e45b34d..4144048 100644
--- a/src/soc/intel/common/block/include/intelblocks/msr.h
+++ b/src/soc/intel/common/block/include/intelblocks/msr.h
@@ -17,9 +17,6 @@
 #define MSR_BIOS_UPGD_TRIG	0x7a
 #define  SGX_ACTIVATE_BIT	(1)
 #define MSR_PMG_IO_CAPTURE_BASE	0xe4
-#define MSR_POWER_MISC		0x120
-#define  ENABLE_IA_UNTRUSTED	(1 << 6)
-#define  FLUSH_DL1_L2		(1 << 8)
 #define MSR_EMULATE_PM_TIMER	0x121
 #define  EMULATE_DELAY_OFFSET_VALUE	20
 #define  EMULATE_PM_TMR_EN	(1 << 16)
-- 
To view, visit https://review.coreboot.org/c/coreboot/+/60898
To unsubscribe, or for help writing mail filters, visit https://review.coreboot.org/settings

Gerrit-Project: coreboot
Gerrit-Branch: master
Gerrit-Change-Id: I0b6f39509cc5457089cc15f28956833c36b567ad
Gerrit-Change-Number: 60898
Gerrit-PatchSet: 1
Gerrit-Owner: Subrata Banik subratabanik@google.com
Gerrit-Reviewer: Andrey Petrov andrey.petrov@gmail.com
Gerrit-Reviewer: Patrick Rudolph siro@das-labor.org
Gerrit-Attention: Andrey Petrov andrey.petrov@gmail.com
Gerrit-Attention: Patrick Rudolph siro@das-labor.org
Gerrit-MessageType: newchange



    

2024

2023

2022

2021

2020

2019

2018

2017

2016

2015

2014

2013

[coreboot-gerrit] Change in coreboot[master]: soc/intel/common/cpu: Use SoC overrides to drop CPU privilege level