[coreboot-gerrit] Change in coreboot[master]: soc/intel/skylake: add SGX initialization

Robbie Zhang (Code Review) gerrit at coreboot.org
Tue Mar 21 23:55:43 CET 2017 

Hello Aaron Durbin, Subrata Banik, Duncan Laurie, Paul Menzel, build bot (Jenkins), Martin Roth, Furquan Shaikh,

I'd like you to reexamine a change.  Please visit

    https://review.coreboot.org/18445

to look at the new patch set (#7).

Change subject: soc/intel/skylake: add SGX initialization
......................................................................

soc/intel/skylake: add SGX initialization

This patch implements SGX initialization steps in corboot per Intel SGX
BWG for Kabylake SoC. If enabled on a Kabylake device, SoC capability and
PRM (processor reserved memory) of desired size (needs to be configured
through PrmrrSize) are provisioned for later software stack to use SGX
(i.e., run SGX enclaves).

One issue is still puzzling and needs to be addressed: by calling
configure_sgx() in cpu_core_init() which is the per-thread function, SGX
is always failing for thread 0 but is successful for other 3 threads.
I had to call configure_sgx() again from soc_init_cpus() which is the
BSP-only function to make it enable on the BSP.

Another pending work is the implementation for the Owner Epoch update
which shall be added later.

BUG=chrome-os-partner:62438
BRANCH=NONE
TEST=Tested on Eve, verified SGX activation is successful on all threads.

Change-Id: I8b64284875eae061fa8e7a01204d48d320a285a9
Signed-off-by: Robbie Zhang <robbie.zhang at intel.com>
---
M src/soc/intel/common/block/include/intelblocks/msr.h
M src/soc/intel/skylake/Makefile.inc
M src/soc/intel/skylake/chip.h
M src/soc/intel/skylake/cpu.c
M src/soc/intel/skylake/include/soc/cpu.h
M src/soc/intel/skylake/include/soc/msr.h
A src/soc/intel/skylake/sgx.c
7 files changed, 213 insertions(+), 17 deletions(-)


  git pull ssh://review.coreboot.org:29418/coreboot refs/changes/45/18445/7
-- 
To view, visit https://review.coreboot.org/18445
To unsubscribe, visit https://review.coreboot.org/settings

Gerrit-MessageType: newpatchset
Gerrit-Change-Id: I8b64284875eae061fa8e7a01204d48d320a285a9
Gerrit-PatchSet: 7
Gerrit-Project: coreboot
Gerrit-Branch: master
Gerrit-Owner: Robbie Zhang <robbie.zhang at intel.com>
Gerrit-Reviewer: Aaron Durbin <adurbin at chromium.org>
Gerrit-Reviewer: Duncan Laurie <dlaurie at chromium.org>
Gerrit-Reviewer: Furquan Shaikh <furquan at google.com>
Gerrit-Reviewer: Martin Roth <martinroth at google.com>
Gerrit-Reviewer: Paul Menzel <paulepanter at users.sourceforge.net>
Gerrit-Reviewer: Robbie Zhang <robbie.zhang at intel.com>
Gerrit-Reviewer: Subrata Banik <subrata.banik at intel.com>
Gerrit-Reviewer: build bot (Jenkins)

More information about the coreboot-gerrit mailing list