aboutsummaryrefslogtreecommitdiff
path: root/src/soc/intel
diff options
context:
space:
mode:
authorPatrick Rudolph <patrick.rudolph@9elements.com>2024-01-25 15:15:00 +0100
committerLean Sheng Tan <sheng.tan@9elements.com>2024-02-06 08:21:05 +0000
commit7a593ab0bb6ad33db39d49745a07b382996cc4e9 (patch)
tree849a01dcb8df397fa9f1cdffcb476472f52210ed /src/soc/intel
parentfe33b2dd86e41be96a1943e381cadf2b3a722356 (diff)
soc/intel/xeon_sp/smihandler: Lock SMM_FEATURE_CONTROL on all sockets
Remove hardcoded B:D:F numbers for the first socket and pass the PCI addresses to be locked within SMM by using the smm_pci_resource_store. This allows to lock down SMM on all sockets without knowing the actual bus topology or PCI segment group at compile time where the UBOX devices reside on. Tested: SMM is locked on all 4 sockets instead of just one. Change-Id: Ica694911384005681662d3d7bed354a60bf08911 Signed-off-by: Patrick Rudolph <patrick.rudolph@9elements.com> Reviewed-on: https://review.coreboot.org/c/coreboot/+/80247 Reviewed-by: Arthur Heymans <arthur@aheymans.xyz> Tested-by: build bot (Jenkins) <no-reply@coreboot.org>
Diffstat (limited to 'src/soc/intel')
-rw-r--r--src/soc/intel/xeon_sp/Kconfig1
-rw-r--r--src/soc/intel/xeon_sp/cpx/Makefile.mk1
-rw-r--r--src/soc/intel/xeon_sp/cpx/include/soc/pci_devs.h8
-rw-r--r--src/soc/intel/xeon_sp/cpx/soc_smihandler_util.c8
-rw-r--r--src/soc/intel/xeon_sp/include/soc/smmrelocate.h4
-rw-r--r--src/soc/intel/xeon_sp/skx/Makefile.mk1
-rw-r--r--src/soc/intel/xeon_sp/skx/include/soc/pci_devs.h8
-rw-r--r--src/soc/intel/xeon_sp/skx/soc_smihandler_util.c8
-rw-r--r--src/soc/intel/xeon_sp/smihandler.c29
-rw-r--r--src/soc/intel/xeon_sp/smmrelocate.c20
-rw-r--r--src/soc/intel/xeon_sp/spr/Makefile.mk1
-rw-r--r--src/soc/intel/xeon_sp/spr/include/soc/pci_devs.h7
-rw-r--r--src/soc/intel/xeon_sp/spr/soc_smihandler_util.c19
13 files changed, 50 insertions, 65 deletions
diff --git a/src/soc/intel/xeon_sp/Kconfig b/src/soc/intel/xeon_sp/Kconfig
index db3e5ad5eb..18474ec0a6 100644
--- a/src/soc/intel/xeon_sp/Kconfig
+++ b/src/soc/intel/xeon_sp/Kconfig
@@ -33,6 +33,7 @@ config XEON_SP_COMMON_BASE
select SOC_INTEL_COMMON_BLOCK_TCO
select SOC_INTEL_COMMON_PCH_SERVER
select SUPPORT_CPU_UCODE_IN_CBFS
+ select SMM_PCI_RESOURCE_STORE
select TSC_MONOTONIC_TIMER
select TPM_STARTUP_IGNORE_POSTINIT if INTEL_TXT
select UDELAY_TSC
diff --git a/src/soc/intel/xeon_sp/cpx/Makefile.mk b/src/soc/intel/xeon_sp/cpx/Makefile.mk
index 745e032137..911cf66e4a 100644
--- a/src/soc/intel/xeon_sp/cpx/Makefile.mk
+++ b/src/soc/intel/xeon_sp/cpx/Makefile.mk
@@ -12,7 +12,6 @@ romstage-$(CONFIG_DISPLAY_HOBS) += hob_display.c
ramstage-y += chip.c cpu.c soc_util.c soc_acpi.c
ramstage-$(CONFIG_DISPLAY_HOBS) += hob_display.c
ramstage-$(CONFIG_DISPLAY_UPD_DATA) += upd_display.c
-smm-$(CONFIG_HAVE_SMI_HANDLER) += soc_smihandler_util.c
CPPFLAGS_common += -I$(src)/soc/intel/xeon_sp/cpx/include -I$(src)/soc/intel/xeon_sp/cpx
CPPFLAGS_common += -I$(src)/vendorcode/intel/fsp/fsp2_0/cooperlake_sp
diff --git a/src/soc/intel/xeon_sp/cpx/include/soc/pci_devs.h b/src/soc/intel/xeon_sp/cpx/include/soc/pci_devs.h
index 55268a71b7..d64a0d7413 100644
--- a/src/soc/intel/xeon_sp/cpx/include/soc/pci_devs.h
+++ b/src/soc/intel/xeon_sp/cpx/include/soc/pci_devs.h
@@ -86,13 +86,11 @@
#define UBOX_DEV 8
-#define UBOX_PMON_BUS 0
-#define UBOX_PMON_DEV 8
-#define UBOX_PMON_FUNC 1
-#define UBOX_DEV_PMON _UBOX_DEV(UBOX_PMON_FUNC)
+/* Bus: B0, Device: 8, Function: 1 */
#define SMM_FEATURE_CONTROL 0x7c
#define SMM_CODE_CHK_EN BIT(2)
#define SMM_FEATURE_CONTROL_LOCK BIT(0)
+#define UBOX_DFX_DEVID 0x2015
#define UBOX_DECS_BUS 0
@@ -183,6 +181,4 @@
#define IIO_DFX_TSWCTL0 0x30c
#define IIO_DFX_LCK_CTL 0x504
-pci_devfn_t soc_get_ubox_pmon_dev(void);
-
#endif /* _SOC_PCI_DEVS_H_ */
diff --git a/src/soc/intel/xeon_sp/cpx/soc_smihandler_util.c b/src/soc/intel/xeon_sp/cpx/soc_smihandler_util.c
deleted file mode 100644
index 6f772cc210..0000000000
--- a/src/soc/intel/xeon_sp/cpx/soc_smihandler_util.c
+++ /dev/null
@@ -1,8 +0,0 @@
-/* SPDX-License-Identifier: GPL-2.0-only */
-
-#include <soc/pci_devs.h>
-
-pci_devfn_t soc_get_ubox_pmon_dev(void)
-{
- return UBOX_DEV_PMON;
-}
diff --git a/src/soc/intel/xeon_sp/include/soc/smmrelocate.h b/src/soc/intel/xeon_sp/include/soc/smmrelocate.h
index 314ebd49db..b18d05703b 100644
--- a/src/soc/intel/xeon_sp/include/soc/smmrelocate.h
+++ b/src/soc/intel/xeon_sp/include/soc/smmrelocate.h
@@ -3,7 +3,11 @@
#ifndef _SOC_SMMRELOCATE_H_
#define _SOC_SMMRELOCATE_H_
+#include <cpu/x86/smm.h>
+
void get_smm_info(uintptr_t *perm_smbase, size_t *perm_smsize,
size_t *smm_save_state_size);
+void soc_ubox_store_resources(struct smm_pci_resource_info *slots, size_t size);
+
#endif
diff --git a/src/soc/intel/xeon_sp/skx/Makefile.mk b/src/soc/intel/xeon_sp/skx/Makefile.mk
index 0f75eec864..f7599a34c1 100644
--- a/src/soc/intel/xeon_sp/skx/Makefile.mk
+++ b/src/soc/intel/xeon_sp/skx/Makefile.mk
@@ -21,7 +21,6 @@ ramstage-y += cpu.c
ramstage-$(CONFIG_DISPLAY_UPD_DATA) += upd_display.c
ramstage-$(CONFIG_DISPLAY_HOBS) += hob_display.c
ramstage-y += hob_display.c
-smm-$(CONFIG_HAVE_SMI_HANDLER) += soc_smihandler_util.c
CPPFLAGS_common += -I$(src)/soc/intel/xeon_sp/skx/include -I$(src)/soc/intel/xeon_sp/skx
diff --git a/src/soc/intel/xeon_sp/skx/include/soc/pci_devs.h b/src/soc/intel/xeon_sp/skx/include/soc/pci_devs.h
index 3d518fa5e2..a5f2f8e674 100644
--- a/src/soc/intel/xeon_sp/skx/include/soc/pci_devs.h
+++ b/src/soc/intel/xeon_sp/skx/include/soc/pci_devs.h
@@ -81,13 +81,11 @@
#define UBOX_DEV 8
-#define UBOX_PMON_BUS 0
-#define UBOX_PMON_DEV 8
-#define UBOX_PMON_FUNC 1
-#define UBOX_DEV_PMON _UBOX_DEV(UBOX_PMON_FUNC)
+/* Bus: B0, Device: 8, Function: 1 */
#define SMM_FEATURE_CONTROL 0x7c
#define SMM_CODE_CHK_EN BIT(2)
#define SMM_FEATURE_CONTROL_LOCK BIT(0)
+#define UBOX_DFX_DEVID 0x2015
#define UBOX_DECS_BUS 0
#define UBOX_DECS_DEV 8
@@ -164,6 +162,4 @@
#define IIO_DFX_TSWCTL0 0x30c
#define IIO_DFX_LCK_CTL 0x504
-pci_devfn_t soc_get_ubox_pmon_dev(void);
-
#endif /* _SOC_PCI_DEVS_H_ */
diff --git a/src/soc/intel/xeon_sp/skx/soc_smihandler_util.c b/src/soc/intel/xeon_sp/skx/soc_smihandler_util.c
deleted file mode 100644
index 6f772cc210..0000000000
--- a/src/soc/intel/xeon_sp/skx/soc_smihandler_util.c
+++ /dev/null
@@ -1,8 +0,0 @@
-/* SPDX-License-Identifier: GPL-2.0-only */
-
-#include <soc/pci_devs.h>
-
-pci_devfn_t soc_get_ubox_pmon_dev(void)
-{
- return UBOX_DEV_PMON;
-}
diff --git a/src/soc/intel/xeon_sp/smihandler.c b/src/soc/intel/xeon_sp/smihandler.c
index cb8658f694..4362c6a906 100644
--- a/src/soc/intel/xeon_sp/smihandler.c
+++ b/src/soc/intel/xeon_sp/smihandler.c
@@ -5,6 +5,7 @@
#include <console/uart.h>
#include <cpu/x86/smm.h>
#include <device/pci.h>
+#include <device/pci_ids.h>
#include <drivers/uart/uart8250reg.h>
#include <intelblocks/smihandler.h>
#include <soc/pci_devs.h>
@@ -55,18 +56,26 @@ void smm_soc_exit(void)
*/
void smihandler_soc_at_finalize(void)
{
+ const volatile struct smm_pci_resource_info *res_store;
+ size_t res_count, found = 0;
+ u32 val;
+
/* SMM_FEATURE_CONTROL can only be written within SMM. */
- printk(BIOS_DEBUG, "Lock SMM_FEATURE_CONTROL\n");
- pci_devfn_t pcie_offset = soc_get_ubox_pmon_dev();
- if (!pcie_offset) {
- printk(BIOS_ERR, "UBOX PMON is not found, cannot lock SMM_FEATURE_CONTROL!\n");
- return;
- }
+ smm_pci_get_stored_resources(&res_store, &res_count);
+ for (size_t i_slot = 0; i_slot < res_count; i_slot++) {
+ if (res_store[i_slot].vendor_id != PCI_VID_INTEL ||
+ res_store[i_slot].device_id != UBOX_DFX_DEVID) {
+ continue;
+ }
- u32 val;
- val = pci_s_read_config32(pcie_offset, SMM_FEATURE_CONTROL);
- val |= (SMM_CODE_CHK_EN | SMM_FEATURE_CONTROL_LOCK);
- pci_s_write_config32(pcie_offset, SMM_FEATURE_CONTROL, val);
+ val = pci_s_read_config32(res_store[i_slot].pci_addr, SMM_FEATURE_CONTROL);
+ val |= (SMM_CODE_CHK_EN | SMM_FEATURE_CONTROL_LOCK);
+ pci_s_write_config32(res_store[i_slot].pci_addr, SMM_FEATURE_CONTROL, val);
+ found ++;
+ }
+ printk(BIOS_DEBUG, "Locked SMM_FEATURE_CONTROL on %zd sockets\n", found);
+ if (!found)
+ printk(BIOS_ERR, "Failed to lock SMM_FEATURE_CONTROL\n");
}
/*
diff --git a/src/soc/intel/xeon_sp/smmrelocate.c b/src/soc/intel/xeon_sp/smmrelocate.c
index f9d100a600..89f35c2319 100644
--- a/src/soc/intel/xeon_sp/smmrelocate.c
+++ b/src/soc/intel/xeon_sp/smmrelocate.c
@@ -7,9 +7,11 @@
#include <cpu/intel/em64t101_save_state.h>
#include <cpu/intel/smm_reloc.h>
#include <console/console.h>
+#include <device/pci_ids.h>
#include <smp/node.h>
#include <soc/msr.h>
#include <soc/smmrelocate.h>
+#include <soc/pci_devs.h>
static void fill_in_relocation_params(struct smm_relocation_params *params)
{
@@ -137,3 +139,21 @@ void smm_relocation_handler(int cpu, uintptr_t curr_smbase,
if (mtrr_cap.lo & SMRR_SUPPORTED)
write_smrr(relo_params);
}
+
+void soc_ubox_store_resources(struct smm_pci_resource_info *slots, size_t size)
+{
+ struct device *devices[CONFIG_MAX_SOCKET] = {0};
+ size_t devices_count = 0;
+ struct device *dev = NULL;
+
+ /*
+ * Collect all UBOX DFX devices. Depending on the actual socket count
+ * the bus numbers changed and the PCI segment group might be different.
+ * Pass all devices to SMM for platform lockdown.
+ */
+ while ((dev = dev_find_device(PCI_VID_INTEL, UBOX_DFX_DEVID, dev))) {
+ devices[devices_count++] = dev;
+ }
+
+ smm_pci_resource_store_fill_resources(slots, size, (const struct device **)devices, devices_count);
+}
diff --git a/src/soc/intel/xeon_sp/spr/Makefile.mk b/src/soc/intel/xeon_sp/spr/Makefile.mk
index 7a0d9586c5..659e366b4b 100644
--- a/src/soc/intel/xeon_sp/spr/Makefile.mk
+++ b/src/soc/intel/xeon_sp/spr/Makefile.mk
@@ -16,7 +16,6 @@ ramstage-y += chip.c cpu.c soc_util.c ramstage.c soc_acpi.c xhci.c numa.c reset.
ramstage-y += crashlog.c ioat.c
ramstage-$(CONFIG_DISPLAY_HOBS) += hob_display.c
ramstage-$(CONFIG_DISPLAY_UPD_DATA) += upd_display.c
-smm-$(CONFIG_HAVE_SMI_HANDLER) += soc_smihandler_util.c
CPPFLAGS_common += -I$(src)/soc/intel/xeon_sp/spr/include -I$(src)/soc/intel/xeon_sp/spr
endif ## CONFIG_SOC_INTEL_SAPPHIRERAPIDS_SP
diff --git a/src/soc/intel/xeon_sp/spr/include/soc/pci_devs.h b/src/soc/intel/xeon_sp/spr/include/soc/pci_devs.h
index 06ec16c0ec..9bbe540874 100644
--- a/src/soc/intel/xeon_sp/spr/include/soc/pci_devs.h
+++ b/src/soc/intel/xeon_sp/spr/include/soc/pci_devs.h
@@ -20,12 +20,11 @@
#define UNCORE_BUS_0 0
#define UNCORE_BUS_1 1
-/* UBOX Registers [B:30, D:0, F:1] */
-#define UBOX_DECS_DEV 0
-#define UBOX_URACU_FUNC 1
+/* UBOX Registers [U(1), D:0, F:1] */
#define SMM_FEATURE_CONTROL 0x8c
#define SMM_CODE_CHK_EN BIT(2)
#define SMM_FEATURE_CONTROL_LOCK BIT(0)
+#define UBOX_DFX_DEVID 0x3251
/* CHA registers [B:31, D:29, F:0/F:1]
* SAD is the previous xeon_sp register name. Keep defines for shared code.
@@ -188,6 +187,4 @@
#define BIOS_CRASHLOG_CTL 0x158
#define CRASHLOG_CTL_DIS BIT(2)
-pci_devfn_t soc_get_ubox_pmon_dev(void);
-
#endif /* _SOC_PCI_DEVS_H_ */
diff --git a/src/soc/intel/xeon_sp/spr/soc_smihandler_util.c b/src/soc/intel/xeon_sp/spr/soc_smihandler_util.c
deleted file mode 100644
index b2700d5d4a..0000000000
--- a/src/soc/intel/xeon_sp/spr/soc_smihandler_util.c
+++ /dev/null
@@ -1,19 +0,0 @@
-/* SPDX-License-Identifier: GPL-2.0-only */
-
-#include <cpu/x86/msr.h>
-#include <device/pci.h>
-#include <soc/msr.h>
-#include <soc/pci_devs.h>
-
-pci_devfn_t soc_get_ubox_pmon_dev(void)
-{
- msr_t msr = rdmsr(MSR_CPU_BUSNO);
- u16 bus;
-
- if (msr.hi & BUSNO_VALID)
- bus = msr.lo & 0xff;
- else
- return 0;
-
- return PCI_DEV(bus, UBOX_DECS_DEV, UBOX_URACU_FUNC);
-}
generated by cgit v1.2.3 (git 2.39.1) at 2024-09-20 03:36:57 +0000