soc/intel/common/cpu: Use SoC overrides to get CPU privilege level

This patch implements a SoC overrides to check CPU privilege level as the MSR is not consistent across platforms. For example: On APL/GLK/DNV, it's MSR 0x120 and CNL onwards it's MSR 0x151. BUG=b:211573253, b:211950520 Signed-off-by: Subrata Banik <subratabanik@google.com> Change-Id: I515f0a3548bc5d6250e30f963d46f28f3c1b90b3 Reviewed-on: https://review.coreboot.org/c/coreboot/+/60900 Tested-by: build bot (Jenkins) <no-reply@coreboot.org> Reviewed-by: Angel Pons <th3fanbus@gmail.com>
2022-01-07 13:40:19 +00:00
parent 6ac5dc2ca6
commit 56ab8e2aae
20 changed files with 116 additions and 4 deletions
--- a/src/soc/intel/alderlake/cpu.c
+++ b/src/soc/intel/alderlake/cpu.c
@@ -25,6 +25,14 @@
 #include <soc/soc_chip.h>
 #include <types.h>
 bool cpu_soc_is_in_untrusted_mode(void)
 {
 	msr_t msr;
 	msr = rdmsr(MSR_BIOS_DONE);
 	return !!(msr.lo & ENABLE_IA_UNTRUSTED);
 }
 static void soc_fsp_load(void)
 {
 	fsps_load();
--- a/src/soc/intel/alderlake/include/soc/msr.h
+++ b/src/soc/intel/alderlake/include/soc/msr.h
@@ -5,6 +5,8 @@
 #include <intelblocks/msr.h>
 #define MSR_BIOS_DONE		0x151
 #define  ENABLE_IA_UNTRUSTED	(1 << 0)
 #define MSR_VR_MISC_CONFIG2	0x636
 #endif
--- a/src/soc/intel/apollolake/cpu.c
+++ b/src/soc/intel/apollolake/cpu.c
@@ -47,6 +47,14 @@ static const struct reg_script core_msr_script[] = {
 	REG_SCRIPT_END
 };
 bool cpu_soc_is_in_untrusted_mode(void)
 {
 	msr_t msr;
 	msr = rdmsr(MSR_POWER_MISC);
 	return !!(msr.lo & ENABLE_IA_UNTRUSTED);
 }
 void soc_core_init(struct device *cpu)
 {
 	/* Configure Core PRMRR for SGX. */
--- a/src/soc/intel/cannonlake/cpu.c
+++ b/src/soc/intel/cannonlake/cpu.c
@@ -20,6 +20,14 @@
 #include "chip.h"
 bool cpu_soc_is_in_untrusted_mode(void)
 {
 	msr_t msr;
 	msr = rdmsr(MSR_BIOS_DONE);
 	return !!(msr.lo & ENABLE_IA_UNTRUSTED);
 }
 static void soc_fsp_load(void)
 {
 	fsps_load();
--- a/src/soc/intel/cannonlake/include/soc/msr.h
+++ b/src/soc/intel/cannonlake/include/soc/msr.h
@@ -5,6 +5,8 @@
 #include <intelblocks/msr.h>
 #define MSR_BIOS_DONE			0x151
 #define  ENABLE_IA_UNTRUSTED		(1 << 0)
 #define MSR_VR_CURRENT_CONFIG		0x601
 #define MSR_PL3_CONTROL			0x615
 #define MSR_VR_MISC_CONFIG2		0x636
--- a/src/soc/intel/common/block/include/intelblocks/cpulib.h
+++ b/src/soc/intel/common/block/include/intelblocks/cpulib.h
@@ -111,6 +111,15 @@ void cpu_burst_mode(bool burst_mode_status);
 */
 void cpu_set_eist(bool eist_status);
 /*
 * SoC specific implementation:
 *
 * Check CPU security level using ENABLE_IA_UNTRUSTED_MODE of CPU MSR.
 * If bit is set, meaning CPU has dropped its security level by entering
 * into `untrusted mode`. Otherwise, it's in `trusted mode`.
 */
 bool cpu_soc_is_in_untrusted_mode(void);
 /*
 * This function fills in the number of Cores(physical) and Threads(virtual)
 * of the CPU in the function arguments. It also returns if the number of cores
--- a/src/soc/intel/denverton_ns/cpu.c
+++ b/src/soc/intel/denverton_ns/cpu.c
@@ -23,6 +23,14 @@
 #include <soc/soc_util.h>
 #include <types.h>
 bool cpu_soc_is_in_untrusted_mode(void)
 {
 	msr_t msr;
 	msr = rdmsr(MSR_POWER_MISC);
 	return !!(msr.lo & ENABLE_IA_UNTRUSTED);
 }
 static struct smm_relocation_attrs relo_attrs;
 static void dnv_configure_mca(void)
--- a/src/soc/intel/denverton_ns/include/soc/msr.h
+++ b/src/soc/intel/denverton_ns/include/soc/msr.h
@@ -10,6 +10,8 @@
 #define MSR_FEATURE_CONFIG 0x13c
 #define   FEATURE_CONFIG_RESERVED_MASK	0x3ULL
 #define   FEATURE_CONFIG_LOCK	(1 << 0)
 #define MSR_POWER_MISC		0x120
 #define  ENABLE_IA_UNTRUSTED	(1 << 6)
 #define IA32_MCG_CAP			0x179
 #define  IA32_MCG_CAP_COUNT_MASK	0xff
 #define  IA32_MCG_CAP_CTL_P_BIT		8
--- a/src/soc/intel/elkhartlake/cpu.c
+++ b/src/soc/intel/elkhartlake/cpu.c
@@ -17,6 +17,14 @@
 #include <soc/soc_chip.h>
 #include <types.h>
 bool cpu_soc_is_in_untrusted_mode(void)
 {
 	msr_t msr;
 	msr = rdmsr(MSR_BIOS_DONE);
 	return !!(msr.lo & ENABLE_IA_UNTRUSTED);
 }
 static void soc_fsp_load(void)
 {
 	fsps_load();
--- a/src/soc/intel/elkhartlake/include/soc/msr.h
+++ b/src/soc/intel/elkhartlake/include/soc/msr.h
@@ -5,6 +5,8 @@
 #include <intelblocks/msr.h>
 #define MSR_BIOS_DONE		0x151
 #define  ENABLE_IA_UNTRUSTED	(1 << 0)
 #define MSR_VR_MISC_CONFIG2	0x636
 #endif
--- a/src/soc/intel/icelake/cpu.c
+++ b/src/soc/intel/icelake/cpu.c
@@ -17,6 +17,14 @@
 #include <soc/soc_chip.h>
 #include <types.h>
 bool cpu_soc_is_in_untrusted_mode(void)
 {
 	msr_t msr;
 	msr = rdmsr(MSR_BIOS_DONE);
 	return !!(msr.lo & ENABLE_IA_UNTRUSTED);
 }
 static void soc_fsp_load(void)
 {
 	fsps_load();
--- a/src/soc/intel/icelake/include/soc/msr.h
+++ b/src/soc/intel/icelake/include/soc/msr.h
@@ -5,6 +5,8 @@
 #include <intelblocks/msr.h>
 #define MSR_BIOS_DONE			0x151
 #define  ENABLE_IA_UNTRUSTED		(1 << 0)
 #define MSR_VR_MISC_CONFIG2		0x636
 #endif
--- a/src/soc/intel/jasperlake/cpu.c
+++ b/src/soc/intel/jasperlake/cpu.c
@@ -17,6 +17,14 @@
 #include <soc/soc_chip.h>
 #include <types.h>
 bool cpu_soc_is_in_untrusted_mode(void)
 {
 	msr_t msr;
 	msr = rdmsr(MSR_BIOS_DONE);
 	return !!(msr.lo & ENABLE_IA_UNTRUSTED);
 }
 static void soc_fsp_load(void)
 {
 	fsps_load();
--- a/src/soc/intel/jasperlake/include/soc/msr.h
+++ b/src/soc/intel/jasperlake/include/soc/msr.h
@@ -5,6 +5,8 @@
 #include <intelblocks/msr.h>
 #define MSR_BIOS_DONE		0x151
 #define  ENABLE_IA_UNTRUSTED	(1 << 0)
 #define MSR_VR_MISC_CONFIG2	0x636
 #endif
--- a/src/soc/intel/skylake/cpu.c
+++ b/src/soc/intel/skylake/cpu.c
@@ -26,6 +26,16 @@
 #include "chip.h"
 bool cpu_soc_is_in_untrusted_mode(void)
 {
 	if (!CONFIG(MAINBOARD_SUPPORTS_COFFEELAKE_CPU))
 		return false;
 	/* IA_UNTRUSTED_MODE is not supported in Sky Lake */
 	msr_t msr = rdmsr(MSR_BIOS_DONE);
 	return !!(msr.lo & ENABLE_IA_UNTRUSTED);
 }
 static void configure_misc(void)
 {
 	config_t *conf = config_of_soc();
--- a/src/soc/intel/skylake/include/soc/msr.h
+++ b/src/soc/intel/skylake/include/soc/msr.h
@@ -5,6 +5,9 @@
 #include <intelblocks/msr.h>
 /* IA_UNTRUSTED_MODE is not supported in Sky Lake */
 #define MSR_BIOS_DONE		0x151
 #define  ENABLE_IA_UNTRUSTED	(1 << 0)
 #define MSR_LT_LOCK_MEMORY		0x2e7
 #define MSR_UNCORE_PRMRR_PHYS_BASE	0x2f4
 #define MSR_UNCORE_PRMRR_PHYS_MASK	0x2f5
--- a/src/soc/intel/tigerlake/cpu.c
+++ b/src/soc/intel/tigerlake/cpu.c
@@ -23,6 +23,14 @@
 #include <soc/soc_chip.h>
 #include <types.h>
 bool cpu_soc_is_in_untrusted_mode(void)
 {
 	msr_t msr;
 	msr = rdmsr(MSR_BIOS_DONE);
 	return !!(msr.lo & ENABLE_IA_UNTRUSTED);
 }
 static void soc_fsp_load(void)
 {
 	fsps_load();
--- a/src/soc/intel/tigerlake/include/soc/msr.h
+++ b/src/soc/intel/tigerlake/include/soc/msr.h
@@ -5,6 +5,8 @@
 #include <intelblocks/msr.h>
 #define MSR_BIOS_DONE		0x151
 #define  ENABLE_IA_UNTRUSTED	(1 << 0)
 #define MSR_VR_MISC_CONFIG2	0x636
 #endif
--- a/src/soc/intel/xeon_sp/cpx/cpu.c
+++ b/src/soc/intel/xeon_sp/cpx/cpu.c
@@ -32,6 +32,12 @@ static const void *microcode_patch;
 static const config_t *chip_config = NULL;
 bool cpu_soc_is_in_untrusted_mode(void)
 {
 	/* IA_UNTRUSTED_MODE is not supported in Cooper Lake */
 	return false;
 }
 static void xeon_configure_mca(void)
 {
 	msr_t msr;
--- a/src/soc/intel/xeon_sp/skx/cpu.c
+++ b/src/soc/intel/xeon_sp/skx/cpu.c
@@ -20,6 +20,12 @@
 static const config_t *chip_config = NULL;
 bool cpu_soc_is_in_untrusted_mode(void)
 {
 	/* IA_UNTRUSTED_MODE is not supported in Skylake */
 	return false;
 }
 static void xeon_configure_mca(void)
 {
 	msr_t msr;