Attention is currently required from: Andrey Petrov, Patrick Rudolph.

Subrata Banik has uploaded this change for review.

View Change

soc/intel/common/cpu: Use SoC overrides to drop CPU privilegeĀ level

This patch implements a SoC overridesĀ to drop CPU privilege level
as the MSRis not unique across different CPUs.

For example: On APL/GLK, its MSR 0x120 and CNL onwards its MSR
0x151.

For now, only APL SoC has implemented the overrides.

Signed-off-by: Subrata Banik <subratabanik@google.com>
Change-Id: I0b6f39509cc5457089cc15f28956833c36b567ad
---
M src/soc/intel/apollolake/chip.c
M src/soc/intel/apollolake/cpu.c
M src/soc/intel/apollolake/include/soc/msr.h
M src/soc/intel/common/block/cpu/cpulib.c
M src/soc/intel/common/block/include/intelblocks/cpulib.h
M src/soc/intel/common/block/include/intelblocks/msr.h
6 files changed, 29 insertions(+), 20 deletions(-)

git pull ssh://review.coreboot.org:29418/coreboot refs/changes/98/60898/1
diff --git a/src/soc/intel/apollolake/chip.c b/src/soc/intel/apollolake/chip.c
index 651bd84..565504f 100644
--- a/src/soc/intel/apollolake/chip.c
+++ b/src/soc/intel/apollolake/chip.c
@@ -702,10 +702,15 @@
 	.final = &soc_final
 };
 
+static void soc_enable_untrusted_mode(void *unused)
+{
+	cpu_soc_enable_untrusted_mode();
+}
+
 static void drop_privilege_all(void)
 {
 	/* Drop privilege level on all the CPUs */
-	if (mp_run_on_all_cpus(&cpu_enable_untrusted_mode, NULL) != CB_SUCCESS)
+	if (mp_run_on_all_cpus(&soc_enable_untrusted_mode, NULL) != CB_SUCCESS)
 		printk(BIOS_ERR, "failed to enable untrusted mode\n");
 }
 
diff --git a/src/soc/intel/apollolake/cpu.c b/src/soc/intel/apollolake/cpu.c
index af0a6dc..02feb20 100644
--- a/src/soc/intel/apollolake/cpu.c
+++ b/src/soc/intel/apollolake/cpu.c
@@ -47,6 +47,19 @@
 	REG_SCRIPT_END
 };
 
+/*
+ * Set Bit 6 (ENABLE_IA_UNTRUSTED_MODE) of MSR 0x120
+ * UCODE_PCR_POWER_MISC MSR to enter IA Untrusted Mode.
+ */
+void cpu_soc_enable_untrusted_mode(void)
+{
+	msr_t msr;
+
+	msr = rdmsr(MSR_POWER_MISC);
+	msr.lo |= ENABLE_IA_UNTRUSTED;
+	wrmsr(MSR_POWER_MISC, msr);
+}
+
 void soc_core_init(struct device *cpu)
 {
 	/* Configure Core PRMRR for SGX. */
diff --git a/src/soc/intel/apollolake/include/soc/msr.h b/src/soc/intel/apollolake/include/soc/msr.h
index e35c881..97c67dd 100644
--- a/src/soc/intel/apollolake/include/soc/msr.h
+++ b/src/soc/intel/apollolake/include/soc/msr.h
@@ -5,4 +5,8 @@
 
 #include <intelblocks/msr.h>
 
+#define MSR_POWER_MISC		0x120
+#define  ENABLE_IA_UNTRUSTED	(1 << 6)
+#define  FLUSH_DL1_L2		(1 << 8)
+
 #endif
diff --git a/src/soc/intel/common/block/cpu/cpulib.c b/src/soc/intel/common/block/cpu/cpulib.c
index 27ff8cd..6eff231 100644
--- a/src/soc/intel/common/block/cpu/cpulib.c
+++ b/src/soc/intel/common/block/cpu/cpulib.c
@@ -38,6 +38,8 @@
 #define CPUID_STRUCT_EXTENDED_FEATURE_FLAGS	0x7
 #define HYBRID_FEATURE				BIT(15)
 
+void __weak cpu_soc_enable_untrusted_mode(void) {}
+
 /*
  * Set PERF_CTL MSR (0x199) P_Req with
  * Turbo Ratio which is the Maximum Ratio.
@@ -260,19 +262,6 @@
 }
 
 /*
- * Set Bit 6 (ENABLE_IA_UNTRUSTED_MODE) of MSR 0x120
- * UCODE_PCR_POWER_MISC MSR to enter IA Untrusted Mode.
- */
-void cpu_enable_untrusted_mode(void *unused)
-{
-	msr_t msr;
-
-	msr = rdmsr(MSR_POWER_MISC);
-	msr.lo |= ENABLE_IA_UNTRUSTED;
-	wrmsr(MSR_POWER_MISC, msr);
-}
-
-/*
  * This function fills in the number of Cores(physical) and Threads(virtual)
  * of the CPU in the function arguments. It also returns if the number of cores
  * and number of threads are equal.
diff --git a/src/soc/intel/common/block/include/intelblocks/cpulib.h b/src/soc/intel/common/block/include/intelblocks/cpulib.h
index 094aceb..7c50fce 100644
--- a/src/soc/intel/common/block/include/intelblocks/cpulib.h
+++ b/src/soc/intel/common/block/include/intelblocks/cpulib.h
@@ -112,10 +112,11 @@
 void cpu_set_eist(bool eist_status);
 
 /*
- * Set Bit 6 (ENABLE_IA_UNTRUSTED_MODE) of MSR 0x120
- * UCODE_PCR_POWER_MISC MSR to enter IA Untrusted Mode.
+ * SoC specific implementation:
+ *
+ * Set ENABLE_IA_UNTRUSTED_MODE) of CPU MSR to enter IA Untrusted Mode.
  */
-void cpu_enable_untrusted_mode(void *unused);
+void cpu_soc_enable_untrusted_mode(void);
 
 /*
  * This function fills in the number of Cores(physical) and Threads(virtual)
diff --git a/src/soc/intel/common/block/include/intelblocks/msr.h b/src/soc/intel/common/block/include/intelblocks/msr.h
index e45b34d..4144048 100644
--- a/src/soc/intel/common/block/include/intelblocks/msr.h
+++ b/src/soc/intel/common/block/include/intelblocks/msr.h
@@ -17,9 +17,6 @@
 #define MSR_BIOS_UPGD_TRIG	0x7a
 #define  SGX_ACTIVATE_BIT	(1)
 #define MSR_PMG_IO_CAPTURE_BASE	0xe4
-#define MSR_POWER_MISC		0x120
-#define  ENABLE_IA_UNTRUSTED	(1 << 6)
-#define  FLUSH_DL1_L2		(1 << 8)
 #define MSR_EMULATE_PM_TIMER	0x121
 #define  EMULATE_DELAY_OFFSET_VALUE	20
 #define  EMULATE_PM_TMR_EN	(1 << 16)

To view, visit change 60898. To unsubscribe, or for help writing mail filters, visit settings.

Gerrit-Project: coreboot
Gerrit-Branch: master
Gerrit-Change-Id: I0b6f39509cc5457089cc15f28956833c36b567ad
Gerrit-Change-Number: 60898
Gerrit-PatchSet: 1
Gerrit-Owner: Subrata Banik <subratabanik@google.com>
Gerrit-Reviewer: Andrey Petrov <andrey.petrov@gmail.com>
Gerrit-Reviewer: Patrick Rudolph <siro@das-labor.org>
Gerrit-Attention: Andrey Petrov <andrey.petrov@gmail.com>
Gerrit-Attention: Patrick Rudolph <siro@das-labor.org>
Gerrit-MessageType: newchange