security/intel/txt: Use `smm_region()` to get TSEG base
This function is available for all TXT-capable platforms. Use it. As it also provides the size of TSEG, display it when logging is on. Change-Id: I4b3dcbc61854fbdd42275bf9456eaa5ce783e8aa Signed-off-by: Angel Pons <th3fanbus@gmail.com> Reviewed-on: https://review.coreboot.org/c/coreboot/+/46055 Tested-by: build bot (Jenkins) <no-reply@coreboot.org> Reviewed-by: Arthur Heymans <arthur@aheymans.xyz>
This commit is contained in:
parent
adcb870837
commit
11334729c9
|
@ -2,6 +2,7 @@
|
||||||
|
|
||||||
#include <arch/mmio.h>
|
#include <arch/mmio.h>
|
||||||
#include <console/console.h>
|
#include <console/console.h>
|
||||||
|
#include <cpu/x86/smm.h>
|
||||||
#include <string.h>
|
#include <string.h>
|
||||||
#include <types.h>
|
#include <types.h>
|
||||||
|
|
||||||
|
@ -211,7 +212,12 @@ void txt_dump_chipset_info(void)
|
||||||
void txt_dump_regions(void)
|
void txt_dump_regions(void)
|
||||||
{
|
{
|
||||||
struct txt_biosdataregion *bdr = NULL;
|
struct txt_biosdataregion *bdr = NULL;
|
||||||
uintptr_t tseg = 0;
|
|
||||||
|
uintptr_t tseg_base;
|
||||||
|
size_t tseg_size;
|
||||||
|
|
||||||
|
smm_region(&tseg_base, &tseg_size);
|
||||||
|
|
||||||
uint64_t reg64;
|
uint64_t reg64;
|
||||||
|
|
||||||
reg64 = read64((void *)TXT_HEAP_BASE);
|
reg64 = read64((void *)TXT_HEAP_BASE);
|
||||||
|
@ -219,7 +225,7 @@ void txt_dump_regions(void)
|
||||||
(read64((void *)(uintptr_t)reg64) >= (sizeof(*bdr) + sizeof(uint64_t))))
|
(read64((void *)(uintptr_t)reg64) >= (sizeof(*bdr) + sizeof(uint64_t))))
|
||||||
bdr = (void *)((uintptr_t)reg64 + sizeof(uint64_t));
|
bdr = (void *)((uintptr_t)reg64 + sizeof(uint64_t));
|
||||||
|
|
||||||
printk(BIOS_DEBUG, "TEE-TXT: TSEG 0x%lx\n", tseg * MiB);
|
printk(BIOS_DEBUG, "TEE-TXT: TSEG 0x%lx, size %zu MiB\n", tseg_base, tseg_size / MiB);
|
||||||
printk(BIOS_DEBUG, "TEE-TXT: TXT.HEAP.BASE 0x%llx\n", read64((void *)TXT_HEAP_BASE));
|
printk(BIOS_DEBUG, "TEE-TXT: TXT.HEAP.BASE 0x%llx\n", read64((void *)TXT_HEAP_BASE));
|
||||||
printk(BIOS_DEBUG, "TEE-TXT: TXT.HEAP.SIZE 0x%llx\n", read64((void *)TXT_HEAP_SIZE));
|
printk(BIOS_DEBUG, "TEE-TXT: TXT.HEAP.SIZE 0x%llx\n", read64((void *)TXT_HEAP_SIZE));
|
||||||
printk(BIOS_DEBUG, "TEE-TXT: TXT.SINIT.BASE 0x%llx\n", read64((void *)TXT_SINIT_BASE));
|
printk(BIOS_DEBUG, "TEE-TXT: TXT.SINIT.BASE 0x%llx\n", read64((void *)TXT_SINIT_BASE));
|
||||||
|
|
|
@ -8,6 +8,7 @@
|
||||||
#include <console/console.h>
|
#include <console/console.h>
|
||||||
#include <cpu/intel/common/common.h>
|
#include <cpu/intel/common/common.h>
|
||||||
#include <cpu/x86/msr.h>
|
#include <cpu/x86/msr.h>
|
||||||
|
#include <cpu/x86/smm.h>
|
||||||
#include <device/pci_ops.h>
|
#include <device/pci_ops.h>
|
||||||
#include <types.h>
|
#include <types.h>
|
||||||
|
|
||||||
|
@ -204,7 +205,11 @@ static void push_sinit_heap(u8 **heap_ptr, void *data, size_t data_length)
|
||||||
static void lockdown_intel_txt(void *unused)
|
static void lockdown_intel_txt(void *unused)
|
||||||
{
|
{
|
||||||
const uint64_t status = read64((void *)TXT_SPAD);
|
const uint64_t status = read64((void *)TXT_SPAD);
|
||||||
uintptr_t tseg = 0;
|
|
||||||
|
uintptr_t tseg_base;
|
||||||
|
size_t tseg_size;
|
||||||
|
|
||||||
|
smm_region(&tseg_base, &tseg_size);
|
||||||
|
|
||||||
if (status & ACMSTS_TXT_DISABLED)
|
if (status & ACMSTS_TXT_DISABLED)
|
||||||
return;
|
return;
|
||||||
|
@ -232,7 +237,7 @@ static void lockdown_intel_txt(void *unused)
|
||||||
union dpr_register dpr = {
|
union dpr_register dpr = {
|
||||||
.lock = 1,
|
.lock = 1,
|
||||||
.size = 3,
|
.size = 3,
|
||||||
.top = tseg,
|
.top = tseg_base / MiB,
|
||||||
};
|
};
|
||||||
write64((void *)TXT_DPR, dpr.raw);
|
write64((void *)TXT_DPR, dpr.raw);
|
||||||
|
|
||||||
|
@ -248,7 +253,7 @@ static void lockdown_intel_txt(void *unused)
|
||||||
*/
|
*/
|
||||||
write64((void *)TXT_HEAP_SIZE, 0xE0000);
|
write64((void *)TXT_HEAP_SIZE, 0xE0000);
|
||||||
write64((void *)TXT_HEAP_BASE,
|
write64((void *)TXT_HEAP_BASE,
|
||||||
ALIGN_DOWN((tseg * MiB) - read64((void *)TXT_HEAP_SIZE), 4096));
|
ALIGN_DOWN(tseg_base - read64((void *)TXT_HEAP_SIZE), 4096));
|
||||||
|
|
||||||
/*
|
/*
|
||||||
* Document Number: 558294
|
* Document Number: 558294
|
||||||
|
|
Loading…
Reference in New Issue