Patrick Georgi submitted this change.
soc/intel/car: Add support for bootguard CAR
Bootguard sets up CAR/NEM on its own so the only thing needed is to
find free MTRRs for our own CAR region and clear that area to fill in
cache lines.
TESTED on prodrive/hermes with bootguard enabled.
Change-Id: Ifac5267f8f4b820a61519fb4a497e2ce7075cc40
Signed-off-by: Arthur Heymans <arthur@aheymans.xyz>
Reviewed-on: https://review.coreboot.org/c/coreboot/+/36682
Tested-by: build bot (Jenkins) <no-reply@coreboot.org>
Reviewed-by: Angel Pons <th3fanbus@gmail.com>
Reviewed-by: Michael Niewöhner <foss@mniewoehner.de>
Reviewed-by: Patrick Rudolph <siro@das-labor.org>
---
M src/include/cpu/intel/msr.h
M src/soc/intel/common/block/cpu/car/cache_as_ram.S
2 files changed, 31 insertions(+), 0 deletions(-)
diff --git a/src/include/cpu/intel/msr.h b/src/include/cpu/intel/msr.h
index 6b2db88..8efe4e2 100644
--- a/src/include/cpu/intel/msr.h
+++ b/src/include/cpu/intel/msr.h
@@ -12,6 +12,9 @@
#define MSR_PLATFORM_INFO 0xce
+#define MSR_BC_PBEC 0x139
+#define B_STOP_PBET (1 << 0)
+
#define MSR_BOOT_GUARD_SACM_INFO 0x13a
#define V_TPM_PRESENT_MASK 0x06
#define B_BOOT_GUARD_SACM_INFO_NEM_ENABLED (1 << 0)
diff --git a/src/soc/intel/common/block/cpu/car/cache_as_ram.S b/src/soc/intel/common/block/cpu/car/cache_as_ram.S
index 5da453b..60ec6c5 100644
--- a/src/soc/intel/common/block/cpu/car/cache_as_ram.S
+++ b/src/soc/intel/common/block/cpu/car/cache_as_ram.S
@@ -1,6 +1,7 @@
/* SPDX-License-Identifier: GPL-2.0-only */
#include <commonlib/helpers.h>
+#include <cpu/intel/msr.h>
#include <cpu/x86/cache.h>
#include <cpu/x86/cr.h>
#include <cpu/x86/msr.h>
@@ -63,6 +64,22 @@
post_code(0x20)
+/* Bootguard sets up its own CAR and needs separate handling */
+check_boot_guard:
+ movl $MSR_BOOT_GUARD_SACM_INFO, %ecx
+ rdmsr
+ andl $B_BOOT_GUARD_SACM_INFO_NEM_ENABLED, %eax
+ jz no_bootguard
+
+ /* Disable PBE timer */
+ movl $MSR_BC_PBEC, %ecx
+ movl $B_STOP_PBET, %eax
+ xorl %edx, %edx
+ wrmsr
+
+ jmp setup_car_mtrr
+
+no_bootguard:
movl $no_reset, %esp /* return address */
jmp check_mtrr /* Check if CPU properly reset */
@@ -108,6 +125,7 @@
MTRR_DEF_TYPE_FIX_EN), %eax
wrmsr
+setup_car_mtrr:
/* Configure MTRR_PHYS_MASK_HIGH for proper addressing above 4GB
* based on the physical address size supported for this processor
* This is based on read from CPUID EAX = 080000008h, EAX bits [7:0]
@@ -186,6 +204,16 @@
#endif
post_code(0x25)
+ movl $MSR_BOOT_GUARD_SACM_INFO, %ecx
+ rdmsr
+ andl $B_BOOT_GUARD_SACM_INFO_NEM_ENABLED, %eax
+ jz no_bootguard_car_continue
+
+ clear_car
+
+ jmp car_init_done
+
+no_bootguard_car_continue:
/* Enable variable MTRRs */
mov $MTRR_DEF_TYPE_MSR, %ecx
rdmsr
To view, visit change 36682. To unsubscribe, or for help writing mail filters, visit settings.