From 6e66d7b8ebfd179f3fedd4ead05fe166d4e8e1fe Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Michael=20Niew=C3=B6hner?= Date: Tue, 8 Oct 2019 12:00:24 +0200 Subject: soc/intel: sgx: get rid of UEFI-style usage of global variable MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Rework SGX enable status in a clean way without using a global variable. Change-Id: Ida6458eb46708df8fd238122aed41b57ca48c15b Signed-off-by: Michael Niewöhner Reviewed-on: https://review.coreboot.org/c/coreboot/+/35882 Tested-by: build bot (Jenkins) Reviewed-by: Nico Huber --- src/soc/intel/apollolake/cpu.c | 18 +++++------- .../intel/common/block/include/intelblocks/sgx.h | 8 ------ src/soc/intel/common/block/sgx/sgx.c | 33 +++------------------- src/soc/intel/skylake/acpi.c | 2 +- src/soc/intel/skylake/cpu.c | 17 +++++------ 5 files changed, 19 insertions(+), 59 deletions(-) diff --git a/src/soc/intel/apollolake/cpu.c b/src/soc/intel/apollolake/cpu.c index 33496273d2a3..0022b3a6eaff 100644 --- a/src/soc/intel/apollolake/cpu.c +++ b/src/soc/intel/apollolake/cpu.c @@ -72,10 +72,12 @@ static const struct reg_script core_msr_script[] = { void soc_core_init(struct device *cpu) { + config_t *conf = config_of_soc(); + /* Clear out pending MCEs */ /* TODO(adurbin): Some of these banks are core vs package scope. For now every CPU clears every bank. */ - if (CONFIG(SOC_INTEL_COMMON_BLOCK_SGX) || + if ((CONFIG(SOC_INTEL_COMMON_BLOCK_SGX) && conf->sgx_enable) || acpi_get_sleep_type() == ACPI_S5) mca_configure(); @@ -89,7 +91,7 @@ void soc_core_init(struct device *cpu) enable_pm_timer_emulation(); /* Configure Core PRMRR for SGX. */ - if (CONFIG(SOC_INTEL_COMMON_BLOCK_SGX)) + if (CONFIG(SOC_INTEL_COMMON_BLOCK_SGX) && conf->sgx_enable) prmrr_core_configure(); /* Set Max Non-Turbo ratio if RAPL is disabled. */ @@ -253,9 +255,11 @@ static void relocation_handler(int cpu, uintptr_t curr_smbase, static void post_mp_init(void) { + config_t *conf = config_of_soc(); + smm_southbridge_enable(PWRBTN_EN | GBL_EN); - if (CONFIG(SOC_INTEL_COMMON_BLOCK_SGX)) + if (CONFIG(SOC_INTEL_COMMON_BLOCK_SGX) && conf->sgx_enable) mp_run_on_all_cpus(sgx_configure, NULL); } @@ -293,11 +297,3 @@ void cpu_lock_sgx_memory(void) /* Do nothing because MCHECK while loading microcode and enabling * IA untrusted mode takes care of necessary locking */ } - -int soc_fill_sgx_param(struct sgx_param *sgx_param) -{ - config_t *conf = config_of_soc(); - - sgx_param->enable = conf->sgx_enable; - return 0; -} diff --git a/src/soc/intel/common/block/include/intelblocks/sgx.h b/src/soc/intel/common/block/include/intelblocks/sgx.h index 502483f7e9b1..693dd204e021 100644 --- a/src/soc/intel/common/block/include/intelblocks/sgx.h +++ b/src/soc/intel/common/block/include/intelblocks/sgx.h @@ -18,10 +18,6 @@ #include -struct sgx_param { - uint8_t enable; -}; - /* * Lock SGX memory. * CPU specific code needs to provide the implementation. @@ -40,10 +36,6 @@ void prmrr_core_configure(void); */ void sgx_configure(void *unused); -/* SOC specific API to get SGX params. - * returns 0, if able to get SGX params; otherwise returns -1 */ -int soc_fill_sgx_param(struct sgx_param *sgx_param); - /* Fill GNVS data with SGX status, EPC base and length */ void sgx_fill_gnvs(global_nvs_t *gnvs); diff --git a/src/soc/intel/common/block/sgx/sgx.c b/src/soc/intel/common/block/sgx/sgx.c index 60714d9ce288..0edf50f09b96 100644 --- a/src/soc/intel/common/block/sgx/sgx.c +++ b/src/soc/intel/common/block/sgx/sgx.c @@ -25,9 +25,6 @@ #include #include -static bool sgx_param_valid; -static struct sgx_param g_sgx_param; - static inline uint64_t sgx_resource(uint32_t low, uint32_t high) { uint64_t val; @@ -36,28 +33,6 @@ static inline uint64_t sgx_resource(uint32_t low, uint32_t high) return val; } -static const struct sgx_param *get_sgx_param(void) -{ - if (sgx_param_valid) - return &g_sgx_param; - - memset(&g_sgx_param, 0, sizeof(g_sgx_param)); - if (soc_fill_sgx_param(&g_sgx_param) < 0) { - printk(BIOS_ERR, "SGX : Failed to get soc sgx param\n"); - return NULL; - } - sgx_param_valid = true; - printk(BIOS_INFO, "SGX : param.enable = %d\n", g_sgx_param.enable); - - return &g_sgx_param; -} - -static int soc_sgx_enabled(void) -{ - const struct sgx_param *sgx_param = get_sgx_param(); - return sgx_param ? sgx_param->enable : 0; -} - static int is_sgx_supported(void) { struct cpuid_result cpuid_regs; @@ -79,7 +54,7 @@ void prmrr_core_configure(void) } prmrr_base, prmrr_mask; msr_t msr; - if (!soc_sgx_enabled() || !is_sgx_supported()) + if (!is_sgx_supported()) return; msr = rdmsr(MSR_PRMRR_PHYS_MASK); @@ -204,7 +179,7 @@ void sgx_configure(void *unused) { const void *microcode_patch = intel_mp_current_microcode(); - if (!soc_sgx_enabled() || !is_sgx_supported() || !is_prmrr_set()) { + if (!is_sgx_supported() || !is_prmrr_set()) { printk(BIOS_ERR, "SGX: pre-conditions not met\n"); return; } @@ -234,9 +209,9 @@ void sgx_fill_gnvs(global_nvs_t *gnvs) { struct cpuid_result cpuid_regs; - if (!soc_sgx_enabled() || !is_sgx_supported()) { + if (!is_sgx_supported()) { printk(BIOS_DEBUG, - "SGX: not enabled or not supported. skip gnvs fill\n"); + "SGX: not supported. skip gnvs fill\n"); return; } diff --git a/src/soc/intel/skylake/acpi.c b/src/soc/intel/skylake/acpi.c index de37341a08ef..2af5a5314950 100644 --- a/src/soc/intel/skylake/acpi.c +++ b/src/soc/intel/skylake/acpi.c @@ -205,7 +205,7 @@ static void acpi_create_gnvs(global_nvs_t *gnvs) gnvs->u2we = config->usb2_wake_enable_bitmap; gnvs->u3we = config->usb3_wake_enable_bitmap; - if (CONFIG(SOC_INTEL_COMMON_BLOCK_SGX)) + if (config->sgx_enable) sgx_fill_gnvs(gnvs); } diff --git a/src/soc/intel/skylake/cpu.c b/src/soc/intel/skylake/cpu.c index 5424c91c5839..1f9ecada7457 100644 --- a/src/soc/intel/skylake/cpu.c +++ b/src/soc/intel/skylake/cpu.c @@ -423,6 +423,8 @@ static void enable_pm_timer_emulation(void) /* All CPUs including BSP will run the following function. */ void soc_core_init(struct device *cpu) { + config_t *conf = config_of_soc(); + /* Clear out pending MCEs */ /* TODO(adurbin): This should only be done on a cold boot. Also, some * of these banks are core vs package scope. For now every CPU clears @@ -455,7 +457,8 @@ void soc_core_init(struct device *cpu) enable_turbo(); /* Configure Core PRMRR for SGX. */ - prmrr_core_configure(); + if (conf->sgx_enable) + prmrr_core_configure(); } static void per_cpu_smm_trigger(void) @@ -477,6 +480,7 @@ static void fc_lock_configure(void *unused) static void post_mp_init(void) { int ret = 0; + config_t *conf = config_of_soc(); /* Set Max Ratio */ cpu_set_max_ratio(); @@ -493,7 +497,8 @@ static void post_mp_init(void) ret |= mp_run_on_all_cpus(vmx_configure, NULL); - ret |= mp_run_on_all_cpus(sgx_configure, NULL); + if (conf->sgx_enable) + ret |= mp_run_on_all_cpus(sgx_configure, NULL); ret |= mp_run_on_all_cpus(fc_lock_configure, NULL); @@ -559,11 +564,3 @@ void cpu_lock_sgx_memory(void) wrmsr(MSR_LT_LOCK_MEMORY, msr); } } - -int soc_fill_sgx_param(struct sgx_param *sgx_param) -{ - config_t *conf = config_of_soc(); - - sgx_param->enable = conf->sgx_enable; - return 0; -} -- cgit v1.2.3