vc/amd/*,soc/amd/*: Add SVC call to get HSP Secure State

Add an SVC call to get the state of Hardware Security Processor (HSP) in
AMD SoCs. This SVC call will be used from PSP verstage to get and
report HSP state.

BUG=b:198711349
TEST=Build Skyrim BIOS image and boot to OS. Ensure that the HSP state
is read and reported in the firmware logs.

Change-Id: I7fe3363d308a80cc09e6bdadd8d0bb1d67f7d2bf
Signed-off-by: Karthikeyan Ramasubramanian <kramasub@google.com>
Reviewed-on: https://review.coreboot.org/c/coreboot/+/71207
Reviewed-by: Martin Roth <martin.roth@amd.corp-partner.google.com>
Tested-by: build bot (Jenkins) <no-reply@coreboot.org>

4 files changed, 30 insertions, 0 deletions

diff --git a/src/soc/amd/common/block/psp/Kconfig b/src/soc/amd/common/block/psp/Kconfig
index 84e021577a93..d59e6fc4bfbf 100644
--- a/src/soc/amd/common/block/psp/Kconfig
+++ b/src/soc/amd/common/block/psp/Kconfig
@@ -48,3 +48,10 @@ config PSP_PLATFORM_SECURE_BOOT
 	  coreboot ROM is properly signed and can not be disabled once fused.
 	  Refer AMD PSB user guide doc# 56654, Revision# 1.00, this document is
 	  only available with NDA customers.
+
+config PSP_INCLUDES_HSP
+	bool
+	depends on SOC_AMD_COMMON_BLOCK_PSP
+	default n
+	help
+	  Select this config to indicate SoC includes Hardware Security Processor(HSP).
diff --git a/src/soc/amd/mendocino/psp_verstage/svc.c b/src/soc/amd/mendocino/psp_verstage/svc.c
index e28aa3c57fb9..ccb60777ba16 100644
--- a/src/soc/amd/mendocino/psp_verstage/svc.c
+++ b/src/soc/amd/mendocino/psp_verstage/svc.c
@@ -225,3 +225,12 @@ uint32_t svc_get_prev_boot_status(uint32_t *boot_status)
 	SVC_CALL2(SVC_VERSTAGE_CMD, CMD_GET_PREV_BOOT_STATUS, (void *)&param, retval);
 	return retval;
 }
+
+uint32_t svc_get_hsp_secure_state(uint32_t *hsp_secure_state)
+{
+	uint32_t retval = 0;
+	struct cmd_param_get_hsp_secure_state param;
+	SVC_CALL2(SVC_VERSTAGE_CMD, CMD_GET_HSP_SECURE_STATE, (void *)&param, retval);
+	*hsp_secure_state = param.hsp_secure_state;
+	return retval;
+}
diff --git a/src/soc/amd/mendocino/psp_verstage/svc.h b/src/soc/amd/mendocino/psp_verstage/svc.h
index 0dc9fb699e5a..437591cef979 100644
--- a/src/soc/amd/mendocino/psp_verstage/svc.h
+++ b/src/soc/amd/mendocino/psp_verstage/svc.h
@@ -98,4 +98,8 @@ struct cmd_param_get_prev_boot_status {
 	unsigned int *ptr_boot_status;
 };
 
+struct cmd_param_get_hsp_secure_state {
+	unsigned int hsp_secure_state;
+};
+
 #endif /* PSP_VERSTAGE_SVC_H */
diff --git a/src/vendorcode/amd/fsp/mendocino/include/bl_uapp/bl_syscall_public.h b/src/vendorcode/amd/fsp/mendocino/include/bl_uapp/bl_syscall_public.h
index 50b2683fe322..88ab1f1e9286 100644
--- a/src/vendorcode/amd/fsp/mendocino/include/bl_uapp/bl_syscall_public.h
+++ b/src/vendorcode/amd/fsp/mendocino/include/bl_uapp/bl_syscall_public.h
@@ -56,6 +56,7 @@ enum verstage_cmd_id {
 	CMD_SET_PLATFORM_BOOT_MODE,
 	CMD_SET_FW_HASH_TABLE,
 	CMD_GET_PREV_BOOT_STATUS,
+	CMD_GET_HSP_SECURE_STATE,
 };
 
 struct mod_exp_params {
@@ -379,6 +380,15 @@ uint32_t svc_set_fw_hash_table(struct psp_fw_hash_table *hash_table);
  */
 uint32_t svc_get_prev_boot_status(uint32_t *boot_status);
 
+/* Get HSP Secure state
+ *
+ * Parameters:
+ *      - hsp_secure_state - Address where the state info is read into
+ *
+ * Return value: BL_OK or error code
+ */
+uint32_t svc_get_hsp_secure_state(uint32_t *hsp_secure_state);
+
 /* C entry point for the Bootloader Userspace Application */
 void Main(void);