Change in coreboot[master]: intel/stm: Add platform opt-in Kconfig

List overview All Threads
Download

newer

older

Change in coreboot[master]: [WIP]...

Change in coreboot[master]:...

Nico Huber (Code Review)

7 Feb 2020 7 Feb '20

7:13 p.m.

Hello Kyösti Mälkki, Aaron Durbin, Arthur Heymans, cedarhouse1@comcast.net,

I'd like you to do a code review. Please visit

https://review.coreboot.org/c/coreboot/+/38764

to review the following change.

Change subject: intel/stm: Add platform opt-in Kconfig ......................................................................

intel/stm: Add platform opt-in Kconfig

Selecting STM on an arbitrary platform would likely result in a brick, so let's hide the prompt by default.

Change-Id: I50f2106ac05c3efb7f92fccb1e6edfbf961b68b8 Signed-off-by: Nico Huber nico.h@gmx.de --- M src/security/intel/stm/Kconfig M src/soc/intel/skylake/Kconfig 2 files changed, 5 insertions(+), 1 deletion(-)

git pull ssh://review.coreboot.org:29418/coreboot refs/changes/64/38764/1

diff --git a/src/security/intel/stm/Kconfig b/src/security/intel/stm/Kconfig index a74eba8..144deed 100644 --- a/src/security/intel/stm/Kconfig +++ b/src/security/intel/stm/Kconfig @@ -1,9 +1,12 @@

+config PLATFORM_SUPPORTS_STM + bool + depends on SMM_TSEG

config STM bool "Enable STM" default n - depends on SMM_TSEG + depends on PLATFORM_SUPPORTS_STM select USE_BLOBS

help diff --git a/src/soc/intel/skylake/Kconfig b/src/soc/intel/skylake/Kconfig index 6277cea..ae60a63 100644 --- a/src/soc/intel/skylake/Kconfig +++ b/src/soc/intel/skylake/Kconfig @@ -44,6 +44,7 @@ select NO_FIXED_XIP_ROM_SIZE select PARALLEL_MP select PARALLEL_MP_AP_WORK + select PLATFORM_SUPPORTS_STM select PLATFORM_USES_FSP2_0 select REG_SCRIPT select SA_ENABLE_DPR

Attachments:

attachment.htm (text/html — 3.8 KB)

Show replies by date

Name of user not set (Code Review)

7 Feb 7 Feb

8:27 p.m.

cedarhouse1@comcast.net has posted comments on this change. ( https://review.coreboot.org/c/coreboot/+/38764 )

Change subject: intel/stm: Add platform opt-in Kconfig ......................................................................

Patch Set 1: Code-Review+1

-- To view, visit https://review.coreboot.org/c/coreboot/+/38764 To unsubscribe, or for help writing mail filters, visit https://review.coreboot.org/settings Gerrit-Project: coreboot Gerrit-Branch: master Gerrit-Change-Id: I50f2106ac05c3efb7f92fccb1e6edfbf961b68b8 Gerrit-Change-Number: 38764 Gerrit-PatchSet: 1 Gerrit-Owner: Nico Huber nico.h@gmx.de Gerrit-Reviewer: Aaron Durbin adurbin@chromium.org Gerrit-Reviewer: Arthur Heymans arthur@aheymans.xyz Gerrit-Reviewer: Kyösti Mälkki kyosti.malkki@gmail.com Gerrit-Reviewer: Nico Huber nico.h@gmx.de Gerrit-Reviewer: Patrick Rudolph siro@das-labor.org Gerrit-Reviewer: build bot (Jenkins) no-reply@coreboot.org Gerrit-Reviewer: cedarhouse1@comcast.net Gerrit-Comment-Date: Fri, 07 Feb 2020 20:27:44 +0000 Gerrit-HasComments: No Gerrit-Has-Labels: Yes Gerrit-MessageType: comment

Angel Pons (Code Review)

8 Feb 8 Feb

6:21 p.m.

Angel Pons has posted comments on this change. ( https://review.coreboot.org/c/coreboot/+/38764 )

Change subject: intel/stm: Add platform opt-in Kconfig ......................................................................

Patch Set 1: Code-Review+2

Platform... Why don't we use that concept more often?

-- To view, visit https://review.coreboot.org/c/coreboot/+/38764 To unsubscribe, or for help writing mail filters, visit https://review.coreboot.org/settings Gerrit-Project: coreboot Gerrit-Branch: master Gerrit-Change-Id: I50f2106ac05c3efb7f92fccb1e6edfbf961b68b8 Gerrit-Change-Number: 38764 Gerrit-PatchSet: 1 Gerrit-Owner: Nico Huber nico.h@gmx.de Gerrit-Reviewer: Aaron Durbin adurbin@chromium.org Gerrit-Reviewer: Angel Pons th3fanbus@gmail.com Gerrit-Reviewer: Arthur Heymans arthur@aheymans.xyz Gerrit-Reviewer: Kyösti Mälkki kyosti.malkki@gmail.com Gerrit-Reviewer: Nico Huber nico.h@gmx.de Gerrit-Reviewer: Patrick Rudolph siro@das-labor.org Gerrit-Reviewer: build bot (Jenkins) no-reply@coreboot.org Gerrit-Reviewer: cedarhouse1@comcast.net Gerrit-Comment-Date: Sat, 08 Feb 2020 18:21:47 +0000 Gerrit-HasComments: No Gerrit-Has-Labels: Yes Gerrit-MessageType: comment

Name of user not set (Code Review)

11:57 p.m.

cedarhouse1@comcast.net has posted comments on this change. ( https://review.coreboot.org/c/coreboot/+/38764 )

Change subject: intel/stm: Add platform opt-in Kconfig ......................................................................

Patch Set 1:

Need to also add this to the other Intel processor families Kconfig's as well. Generally, if the processor supports VTX it supports the STM. My oldest platform running an STM is a Sandybridge. And we were working on the family proceeding Sandybridge as well.

Also, I will also all an additional feature MSR (in stm_setup) check that indicates if that particular processor supports an STM. In any case, if the STM setup is not successful, IA32_SMM_MONITOR_VALID does not get set in the IA32_SMM_MONITOR_CTL_MSR.

-- To view, visit https://review.coreboot.org/c/coreboot/+/38764 To unsubscribe, or for help writing mail filters, visit https://review.coreboot.org/settings Gerrit-Project: coreboot Gerrit-Branch: master Gerrit-Change-Id: I50f2106ac05c3efb7f92fccb1e6edfbf961b68b8 Gerrit-Change-Number: 38764 Gerrit-PatchSet: 1 Gerrit-Owner: Nico Huber nico.h@gmx.de Gerrit-Reviewer: Aaron Durbin adurbin@chromium.org Gerrit-Reviewer: Angel Pons th3fanbus@gmail.com Gerrit-Reviewer: Arthur Heymans arthur@aheymans.xyz Gerrit-Reviewer: Kyösti Mälkki kyosti.malkki@gmail.com Gerrit-Reviewer: Nico Huber nico.h@gmx.de Gerrit-Reviewer: Patrick Rudolph siro@das-labor.org Gerrit-Reviewer: build bot (Jenkins) no-reply@coreboot.org Gerrit-Reviewer: cedarhouse1@comcast.net Gerrit-CC: Paul Menzel paulepanter@users.sourceforge.net Gerrit-Comment-Date: Sat, 08 Feb 2020 23:57:33 +0000 Gerrit-HasComments: No Gerrit-Has-Labels: No Gerrit-MessageType: comment

Nico Huber (Code Review)

9 Feb 9 Feb

5:52 p.m.

Nico Huber has posted comments on this change. ( https://review.coreboot.org/c/coreboot/+/38764 )

Change subject: intel/stm: Add platform opt-in Kconfig ......................................................................

Patch Set 1:

...

Need to also add this to the other Intel processor families Kconfig's as well. Generally, if the processor supports VTX it supports the STM. My oldest platform running an STM is a Sandybridge. And we were working on the family proceeding Sandybridge as well.

Right, maybe we should just figure out a good `default y` line for this maybe `if PARALLEL_MP && INTEL` (we don't have `INTEL`, though).

-- To view, visit https://review.coreboot.org/c/coreboot/+/38764 To unsubscribe, or for help writing mail filters, visit https://review.coreboot.org/settings Gerrit-Project: coreboot Gerrit-Branch: master Gerrit-Change-Id: I50f2106ac05c3efb7f92fccb1e6edfbf961b68b8 Gerrit-Change-Number: 38764 Gerrit-PatchSet: 1 Gerrit-Owner: Nico Huber nico.h@gmx.de Gerrit-Reviewer: Aaron Durbin adurbin@chromium.org Gerrit-Reviewer: Angel Pons th3fanbus@gmail.com Gerrit-Reviewer: Arthur Heymans arthur@aheymans.xyz Gerrit-Reviewer: Kyösti Mälkki kyosti.malkki@gmail.com Gerrit-Reviewer: Nico Huber nico.h@gmx.de Gerrit-Reviewer: Patrick Rudolph siro@das-labor.org Gerrit-Reviewer: build bot (Jenkins) no-reply@coreboot.org Gerrit-Reviewer: cedarhouse1@comcast.net Gerrit-CC: Paul Menzel paulepanter@users.sourceforge.net Gerrit-Comment-Date: Sun, 09 Feb 2020 17:52:44 +0000 Gerrit-HasComments: No Gerrit-Has-Labels: No Gerrit-MessageType: comment

Patrick Georgi (Code Review)

7:36 p.m.

Patrick Georgi has submitted this change. ( https://review.coreboot.org/c/coreboot/+/38764 )

Change subject: intel/stm: Add platform opt-in Kconfig ......................................................................

intel/stm: Add platform opt-in Kconfig

Selecting STM on an arbitrary platform would likely result in a brick, so let's hide the prompt by default.

Change-Id: I50f2106ac05c3efb7f92fccb1e6edfbf961b68b8 Signed-off-by: Nico Huber nico.h@gmx.de Reviewed-on: https://review.coreboot.org/c/coreboot/+/38764 Tested-by: build bot (Jenkins) no-reply@coreboot.org Reviewed-by: cedarhouse1@comcast.net Reviewed-by: Angel Pons th3fanbus@gmail.com --- M src/security/intel/stm/Kconfig M src/soc/intel/skylake/Kconfig 2 files changed, 5 insertions(+), 1 deletion(-)

Approvals: build bot (Jenkins): Verified Angel Pons: Looks good to me, approved cedarhouse1@comcast.net: Looks good to me, but someone else must approve

diff --git a/src/security/intel/stm/Kconfig b/src/security/intel/stm/Kconfig index a74eba8..144deed 100644 --- a/src/security/intel/stm/Kconfig +++ b/src/security/intel/stm/Kconfig @@ -1,9 +1,12 @@

+config PLATFORM_SUPPORTS_STM + bool + depends on SMM_TSEG

config STM bool "Enable STM" default n - depends on SMM_TSEG + depends on PLATFORM_SUPPORTS_STM select USE_BLOBS

-- To view, visit https://review.coreboot.org/c/coreboot/+/38764 To unsubscribe, or for help writing mail filters, visit https://review.coreboot.org/settings Gerrit-Project: coreboot Gerrit-Branch: master Gerrit-Change-Id: I50f2106ac05c3efb7f92fccb1e6edfbf961b68b8 Gerrit-Change-Number: 38764 Gerrit-PatchSet: 2 Gerrit-Owner: Nico Huber nico.h@gmx.de Gerrit-Reviewer: Aaron Durbin adurbin@chromium.org Gerrit-Reviewer: Angel Pons th3fanbus@gmail.com Gerrit-Reviewer: Arthur Heymans arthur@aheymans.xyz Gerrit-Reviewer: Kyösti Mälkki kyosti.malkki@gmail.com Gerrit-Reviewer: Nico Huber nico.h@gmx.de Gerrit-Reviewer: Patrick Georgi pgeorgi@google.com Gerrit-Reviewer: Patrick Rudolph siro@das-labor.org Gerrit-Reviewer: build bot (Jenkins) no-reply@coreboot.org Gerrit-Reviewer: cedarhouse1@comcast.net Gerrit-CC: Paul Menzel paulepanter@users.sourceforge.net Gerrit-MessageType: merged

9elements QA (Code Review)

7:54 p.m.

9elements QA has posted comments on this change. ( https://review.coreboot.org/c/coreboot/+/38764 )

Change subject: intel/stm: Add platform opt-in Kconfig ......................................................................

Patch Set 2:

Automatic boot test returned (PASS/FAIL/TOTAL): 3/0/3 Emulation targets: EMULATION_QEMU_X86_Q35 using payload TianoCore : SUCCESS : https://lava.9esec.io/r/526 EMULATION_QEMU_X86_Q35 using payload SeaBIOS : SUCCESS : https://lava.9esec.io/r/525 EMULATION_QEMU_X86_I440FX using payload SeaBIOS : SUCCESS : https://lava.9esec.io/r/524

Please note: This test is under development and might not be accurate at all!

-- To view, visit https://review.coreboot.org/c/coreboot/+/38764 To unsubscribe, or for help writing mail filters, visit https://review.coreboot.org/settings Gerrit-Project: coreboot Gerrit-Branch: master Gerrit-Change-Id: I50f2106ac05c3efb7f92fccb1e6edfbf961b68b8 Gerrit-Change-Number: 38764 Gerrit-PatchSet: 2 Gerrit-Owner: Nico Huber nico.h@gmx.de Gerrit-Reviewer: Aaron Durbin adurbin@chromium.org Gerrit-Reviewer: Angel Pons th3fanbus@gmail.com Gerrit-Reviewer: Arthur Heymans arthur@aheymans.xyz Gerrit-Reviewer: Kyösti Mälkki kyosti.malkki@gmail.com Gerrit-Reviewer: Nico Huber nico.h@gmx.de Gerrit-Reviewer: Patrick Georgi pgeorgi@google.com Gerrit-Reviewer: Patrick Rudolph siro@das-labor.org Gerrit-Reviewer: build bot (Jenkins) no-reply@coreboot.org Gerrit-Reviewer: cedarhouse1@comcast.net Gerrit-CC: 9elements QA hardwaretestrobot@gmail.com Gerrit-CC: Paul Menzel paulepanter@users.sourceforge.net Gerrit-Comment-Date: Sun, 09 Feb 2020 19:54:52 +0000 Gerrit-HasComments: No Gerrit-Has-Labels: No Gerrit-MessageType: comment

1563

days inactive

1565

days old

coreboot-gerrit@coreboot.org

6 comments

5 participants

tags (0)

participants (5)

9elements QA (Code Review)
Angel Pons (Code Review)
Name of user not set (Code Review)
Nico Huber (Code Review)
Patrick Georgi (Code Review)