From b45b22f6b217d1b7aebe2583188839e7906c0a52 Mon Sep 17 00:00:00 2001 From: Pratik Prajapati Date: Wed, 13 Sep 2017 13:45:31 -0700 Subject: soc/intel/common/sgx: Define and use soc_fill_sgx_param() To remove chip.h dependency from SGX common code - Create API soc_fill_sgx_param() and use it in sgx.c - Implement same API for skylake/kabylake - define sgx_param structure Also include intelblocks/sgx.h instead of soc/msr.h Change-Id: I358f0817bec5dd6cd147a645675b5688969a04e0 Signed-off-by: Pratik Prajapati Reviewed-on: https://review.coreboot.org/21528 Tested-by: build bot (Jenkins) Reviewed-by: Aaron Durbin --- .../intel/common/block/include/intelblocks/sgx.h | 8 ++++ src/soc/intel/common/block/sgx/sgx.c | 49 +++++++++++++--------- src/soc/intel/skylake/cpu.c | 15 +++++++ 3 files changed, 52 insertions(+), 20 deletions(-) (limited to 'src/soc') diff --git a/src/soc/intel/common/block/include/intelblocks/sgx.h b/src/soc/intel/common/block/include/intelblocks/sgx.h index efcad6164b..f1dd8912fe 100644 --- a/src/soc/intel/common/block/include/intelblocks/sgx.h +++ b/src/soc/intel/common/block/include/intelblocks/sgx.h @@ -16,6 +16,10 @@ #ifndef SOC_INTEL_COMMON_BLOCK_SGX_H #define SOC_INTEL_COMMON_BLOCK_SGX_H +struct sgx_param { + uint8_t enable; +}; + /* * Lock SGX memory. * CPU specific code needs to provide the implementation. @@ -34,4 +38,8 @@ void prmrr_core_configure(void); */ void sgx_configure(void); +/* SOC specific API to get SGX params. + * returns 0, if able to get SGX params; otherwise returns -1 */ +int soc_fill_sgx_param(struct sgx_param *sgx_param); + #endif /* SOC_INTEL_COMMON_BLOCK_SGX_H */ diff --git a/src/soc/intel/common/block/sgx/sgx.c b/src/soc/intel/common/block/sgx/sgx.c index ec1b6386df..f12bfb9955 100644 --- a/src/soc/intel/common/block/sgx/sgx.c +++ b/src/soc/intel/common/block/sgx/sgx.c @@ -15,15 +15,40 @@ #include #include -#include #include #include #include #include +#include #include #include -#include #include +#include + +static bool sgx_param_valid; +static struct sgx_param g_sgx_param; + +static const struct sgx_param *get_sgx_param(void) +{ + if (sgx_param_valid) + return &g_sgx_param; + + memset(&g_sgx_param, 0, sizeof(g_sgx_param)); + if (soc_fill_sgx_param(&g_sgx_param) < 0) { + printk(BIOS_ERR, "SGX : Failed to get soc sgx param\n"); + return NULL; + } + sgx_param_valid = true; + printk(BIOS_INFO, "SGX : param.enable = %d\n", g_sgx_param.enable); + + return &g_sgx_param; +} + +static int soc_sgx_enabled(void) +{ + const struct sgx_param *sgx_param = get_sgx_param(); + return sgx_param ? sgx_param->enable : 0; +} static int is_sgx_supported(void) { @@ -40,16 +65,8 @@ void prmrr_core_configure(void) msr_t prmrr_base; msr_t prmrr_mask; msr_t msr; - device_t dev = SA_DEV_ROOT; - assert(dev != NULL); - config_t *conf = dev->chip_info; - - if (!conf) { - printk(BIOS_ERR, "SGX: failed to get chip_info\n"); - return; - } - if (!conf->sgx_enable || !is_sgx_supported()) + if (!soc_sgx_enabled() || !is_sgx_supported()) return; /* PRMRR base and mask are read from the UNCORE PRMRR MSRs @@ -160,17 +177,9 @@ static int is_prmrr_approved(void) void sgx_configure(void) { - device_t dev = SA_DEV_ROOT; - assert(dev != NULL); - config_t *conf = dev->chip_info; const void *microcode_patch = intel_mp_current_microcode(); - if (!conf) { - printk(BIOS_ERR, "SGX: failed to get chip_info\n"); - return; - } - - if (!conf->sgx_enable || !is_sgx_supported() || !is_prmrr_set()) { + if (!soc_sgx_enabled() || !is_sgx_supported() || !is_prmrr_set()) { printk(BIOS_ERR, "SGX: pre-conditions not met\n"); return; } diff --git a/src/soc/intel/skylake/cpu.c b/src/soc/intel/skylake/cpu.c index 1e12c6509f..ca844df07c 100644 --- a/src/soc/intel/skylake/cpu.c +++ b/src/soc/intel/skylake/cpu.c @@ -504,3 +504,18 @@ void cpu_lock_sgx_memory(void) wrmsr(MSR_LT_LOCK_MEMORY, msr); } } + +int soc_fill_sgx_param(struct sgx_param *sgx_param) +{ + device_t dev = SA_DEV_ROOT; + assert(dev != NULL); + config_t *conf = dev->chip_info; + + if (!conf) { + printk(BIOS_ERR, "Failed to get chip_info for SGX param\n"); + return -1; + } + + sgx_param->enable = conf->sgx_enable; + return 0; +} -- cgit v1.2.3