sec/intel/txt: Add `enable_getsec_or_reset` function

This can be used to enable GETSEC/SMX in the IA32_FEATURE_CONTROL MSR,
and will be put to use on Haswell in subsequent commits.

Change-Id: I5a82e515c6352b6ebbc361c6a53ff528c4b6cdba
Signed-off-by: Angel Pons <th3fanbus@gmail.com>
Reviewed-on: https://review.coreboot.org/c/coreboot/+/46606
Tested-by: build bot (Jenkins) <no-reply@coreboot.org>
Reviewed-by: Arthur Heymans <arthur@aheymans.xyz>

src/security/intel/txt/getsec.c

@@ -1,9 +1,13 @@
 /* SPDX-License-Identifier: GPL-2.0-only */
 
+#include <cf9_reset.h>
+#include <console/console.h>
+#include <cpu/intel/common/common.h>
 #include <cpu/x86/lapic.h>
 #include <cpu/x86/cr.h>
 #include <cpu/x86/cache.h>
 #include <cpu/x86/mp.h>
+#include <cpu/x86/msr.h>
 #include <types.h>
 
 #include "txt_register.h"
@@ -40,6 +44,33 @@ static bool getsec_enabled(void)
 	return true;
 }
 
+void enable_getsec_or_reset(void)
+{
+	msr_t msr = rdmsr(IA32_FEATURE_CONTROL);
+
+	if (!(msr.lo & FEATURE_CONTROL_LOCK_BIT)) {
+		/*
+		 * MSR not locked, enable necessary GETSEC and VMX settings.
+		 * We do not lock this MSR here, though.
+		 */
+		msr.lo |= 0xff06;
+		wrmsr(IA32_FEATURE_CONTROL, msr);
+
+	} else if ((msr.lo & 0xff06) != 0xff06) {
+		/*
+		 * MSR is locked without necessary GETSEC and VMX settings.
+		 * This can happen after internally reflashing a coreboot
+		 * image with different settings, and then doing a warm
+		 * reboot. Perform a full reset in order to unlock the MSR.
+		 */
+		printk(BIOS_NOTICE,
+		       "IA32_FEATURE_CONTROL MSR locked with GETSEC and/or VMX disabled.\n"
+		       "Will perform a full reset to unlock this MSR.\n");
+
+		full_reset();
+	}
+}
+
 /**
  * Get information as returned by getsec[PARAMETER].
  * Arguments can be set to NULL if not needed.

src/security/intel/txt/txt_getsec.h

@@ -5,6 +5,8 @@
 
 #include <types.h>
 
+void enable_getsec_or_reset(void);
+
 bool getsec_parameter(uint32_t *version_mask,
 		      uint32_t *version_numbers_supported,
 		      uint32_t *max_size_acm_area,