diff options
| author | Angel Pons <th3fanbus@gmail.com> | 2020-10-05 13:58:16 +0200 |
|---|---|---|
| committer | Patrick Georgi <pgeorgi@google.com> | 2020-10-12 08:52:58 +0000 |
| commit | 463e44bedbf3d5f24b8e6e19475b5155b523309a (patch) | |
| tree | fb682224271ad976c42b992c01444a7f64aca31c /src/security/intel/txt/ramstage.c | |
| parent | 52082be9d6065de40d5354868f884c0c454d86dc (diff) | |
security/intel/txt: Add and use DPR register layout
This simplifies operations with this register's bitfields, and can also
be used by TXT-enabled platforms on the register in PCI config space.
Change-Id: I10a26bc8f4457158dd09e91d666fb29ad16a2087
Signed-off-by: Angel Pons <th3fanbus@gmail.com>
Reviewed-on: https://review.coreboot.org/c/coreboot/+/46050
Reviewed-by: Patrick Rudolph <siro@das-labor.org>
Tested-by: build bot (Jenkins) <no-reply@coreboot.org>
Diffstat (limited to 'src/security/intel/txt/ramstage.c')
| -rw-r--r-- | src/security/intel/txt/ramstage.c | 25 |
1 files changed, 13 insertions, 12 deletions
diff --git a/src/security/intel/txt/ramstage.c b/src/security/intel/txt/ramstage.c index fb84777ede..bc30da5c13 100644 --- a/src/security/intel/txt/ramstage.c +++ b/src/security/intel/txt/ramstage.c @@ -64,16 +64,14 @@ void bootmem_platform_add_ranges(void) TXT_PUBLIC_SPACE - TXT_PRIVATE_SPACE, BM_MEM_RESERVED); - const uint32_t txt_dev_memory = read32((void *)TXT_DPR) & - (TXT_DPR_TOP_ADDR_MASK << TXT_DPR_TOP_ADDR_SHIFT); - const uint32_t txt_dev_size = - (read32((void *)TXT_DPR) >> TXT_DPR_LOCK_SIZE_SHIFT) & - TXT_DPR_LOCK_SIZE_MASK; + const union dpr_register dpr = { + .raw = read32((void *)TXT_DPR), + }; + + const uint32_t dpr_base = dpr.top - dpr.size * MiB; /* Chapter 5.5.6 Intel TXT Device Memory */ - bootmem_add_range(txt_dev_memory - txt_dev_size * MiB, - txt_dev_size * MiB, - BM_MEM_RESERVED); + bootmem_add_range(dpr_base, dpr.size * MiB, BM_MEM_RESERVED); } static bool get_wake_error_status(void) @@ -228,12 +226,15 @@ static void lockdown_intel_txt(void *unused) const u8 dpr_capable = !!(read64((void *)TXT_CAPABILITIES) & TXT_CAPABILITIES_DPR); printk(BIOS_INFO, "TEE-TXT: DPR capable %x\n", dpr_capable); - if (dpr_capable) { + if (dpr_capable) { /* Protect 3 MiB below TSEG and lock register */ - write64((void *)TXT_DPR, (TXT_DPR_TOP_ADDR(tseg) | - TXT_DPR_LOCK_SIZE(3) | - TXT_DPR_LOCK_MASK)); + union dpr_register dpr = { + .lock = 1, + .size = 3, + .top = tseg, + }; + write64((void *)TXT_DPR, dpr.raw); // DPR TODO: implement SA_ENABLE_DPR in the intelblocks |