soc/intel: sgx: get rid of UEFI-style usage of global variable

Rework SGX enable status in a clean way without using a global variable.

Change-Id: Ida6458eb46708df8fd238122aed41b57ca48c15b
Signed-off-by: Michael Niewöhner <foss@mniewoehner.de>
Reviewed-on: https://review.coreboot.org/c/coreboot/+/35882
Tested-by: build bot (Jenkins) <no-reply@coreboot.org>
Reviewed-by: Nico Huber <nico.h@gmx.de>

src/soc/intel/apollolake/cpu.c

@@ -72,10 +72,12 @@ static const struct reg_script core_msr_script[] = {
 
 void soc_core_init(struct device *cpu)
 {
+	config_t *conf = config_of_soc();
+
 	/* Clear out pending MCEs */
 	/* TODO(adurbin): Some of these banks are core vs package
 			  scope. For now every CPU clears every bank. */
-	if (CONFIG(SOC_INTEL_COMMON_BLOCK_SGX) ||
+	if ((CONFIG(SOC_INTEL_COMMON_BLOCK_SGX) && conf->sgx_enable) ||
 	    acpi_get_sleep_type() == ACPI_S5)
 		mca_configure();
 
@@ -89,7 +91,7 @@ void soc_core_init(struct device *cpu)
 	enable_pm_timer_emulation();
 
 	/* Configure Core PRMRR for SGX. */
-	if (CONFIG(SOC_INTEL_COMMON_BLOCK_SGX))
+	if (CONFIG(SOC_INTEL_COMMON_BLOCK_SGX) && conf->sgx_enable)
 		prmrr_core_configure();
 
 	/* Set Max Non-Turbo ratio if RAPL is disabled. */
@@ -253,9 +255,11 @@ static void relocation_handler(int cpu, uintptr_t curr_smbase,
 
 static void post_mp_init(void)
 {
+	config_t *conf = config_of_soc();
+
 	smm_southbridge_enable(PWRBTN_EN | GBL_EN);
 
-	if (CONFIG(SOC_INTEL_COMMON_BLOCK_SGX))
+	if (CONFIG(SOC_INTEL_COMMON_BLOCK_SGX) && conf->sgx_enable)
 		mp_run_on_all_cpus(sgx_configure, NULL);
 }
 
@@ -293,11 +297,3 @@ void cpu_lock_sgx_memory(void)
 	/* Do nothing because MCHECK while loading microcode and enabling
 	 * IA untrusted mode takes care of necessary locking */
 }
-
-int soc_fill_sgx_param(struct sgx_param *sgx_param)
-{
-	config_t *conf = config_of_soc();
-
-	sgx_param->enable = conf->sgx_enable;
-	return 0;
-}

src/soc/intel/common/block/include/intelblocks/sgx.h

@@ -18,10 +18,6 @@
 
 #include <soc/nvs.h>
 
-struct sgx_param {
-	uint8_t enable;
-};
-
 /*
  * Lock SGX memory.
  * CPU specific code needs to provide the implementation.
@@ -40,10 +36,6 @@ void prmrr_core_configure(void);
  */
 void sgx_configure(void *unused);
 
-/* SOC specific API to get SGX params.
- * returns 0, if able to get SGX params; otherwise returns -1 */
-int soc_fill_sgx_param(struct sgx_param *sgx_param);
-
 /* Fill GNVS data with SGX status, EPC base and length */
 void sgx_fill_gnvs(global_nvs_t *gnvs);
 

src/soc/intel/common/block/sgx/sgx.c

@@ -25,9 +25,6 @@
 #include <soc/pci_devs.h>
 #include <string.h>
 
-static bool sgx_param_valid;
-static struct sgx_param g_sgx_param;
-
 static inline uint64_t sgx_resource(uint32_t low, uint32_t high)
 {
 	uint64_t val;
@@ -36,28 +33,6 @@ static inline uint64_t sgx_resource(uint32_t low, uint32_t high)
 	return val;
 }
 
-static const struct sgx_param *get_sgx_param(void)
-{
-	if (sgx_param_valid)
-		return &g_sgx_param;
-
-	memset(&g_sgx_param, 0, sizeof(g_sgx_param));
-	if (soc_fill_sgx_param(&g_sgx_param) < 0) {
-		printk(BIOS_ERR, "SGX : Failed to get soc sgx param\n");
-		return NULL;
-	}
-	sgx_param_valid = true;
-	printk(BIOS_INFO, "SGX : param.enable = %d\n", g_sgx_param.enable);
-
-	return &g_sgx_param;
-}
-
-static int soc_sgx_enabled(void)
-{
-	const struct sgx_param *sgx_param = get_sgx_param();
-	return sgx_param ? sgx_param->enable : 0;
-}
-
 static int is_sgx_supported(void)
 {
 	struct cpuid_result cpuid_regs;
@@ -79,7 +54,7 @@ void prmrr_core_configure(void)
 	} prmrr_base, prmrr_mask;
 	msr_t msr;
 
-	if (!soc_sgx_enabled() || !is_sgx_supported())
+	if (!is_sgx_supported())
 		return;
 
 	msr = rdmsr(MSR_PRMRR_PHYS_MASK);
@@ -204,7 +179,7 @@ void sgx_configure(void *unused)
 {
 	const void *microcode_patch = intel_mp_current_microcode();
 
-	if (!soc_sgx_enabled() || !is_sgx_supported() || !is_prmrr_set()) {
+	if (!is_sgx_supported() || !is_prmrr_set()) {
 		printk(BIOS_ERR, "SGX: pre-conditions not met\n");
 		return;
 	}
@@ -234,9 +209,9 @@ void sgx_fill_gnvs(global_nvs_t *gnvs)
 {
 	struct cpuid_result cpuid_regs;
 
-	if (!soc_sgx_enabled() || !is_sgx_supported()) {
+	if (!is_sgx_supported()) {
 		printk(BIOS_DEBUG,
-			"SGX: not enabled or not supported. skip gnvs fill\n");
+			"SGX: not supported. skip gnvs fill\n");
 		return;
 	}
 

src/soc/intel/skylake/acpi.c

@@ -205,7 +205,7 @@ static void acpi_create_gnvs(global_nvs_t *gnvs)
 	gnvs->u2we = config->usb2_wake_enable_bitmap;
 	gnvs->u3we = config->usb3_wake_enable_bitmap;
 
-	if (CONFIG(SOC_INTEL_COMMON_BLOCK_SGX))
+	if (config->sgx_enable)
 		sgx_fill_gnvs(gnvs);
 }
 

src/soc/intel/skylake/cpu.c

@@ -423,6 +423,8 @@ static void enable_pm_timer_emulation(void)
 /* All CPUs including BSP will run the following function. */
 void soc_core_init(struct device *cpu)
 {
+	config_t *conf = config_of_soc();
+
 	/* Clear out pending MCEs */
 	/* TODO(adurbin): This should only be done on a cold boot. Also, some
 	 * of these banks are core vs package scope. For now every CPU clears
@@ -455,7 +457,8 @@ void soc_core_init(struct device *cpu)
 	enable_turbo();
 
 	/* Configure Core PRMRR for SGX. */
-	prmrr_core_configure();
+	if (conf->sgx_enable)
+		prmrr_core_configure();
 }
 
 static void per_cpu_smm_trigger(void)
@@ -477,6 +480,7 @@ static void fc_lock_configure(void *unused)
 static void post_mp_init(void)
 {
 	int ret = 0;
+	config_t *conf = config_of_soc();
 
 	/* Set Max Ratio */
 	cpu_set_max_ratio();
@@ -493,7 +497,8 @@ static void post_mp_init(void)
 
 	ret |= mp_run_on_all_cpus(vmx_configure, NULL);
 
-	ret |= mp_run_on_all_cpus(sgx_configure, NULL);
+	if (conf->sgx_enable)
+		ret |= mp_run_on_all_cpus(sgx_configure, NULL);
 
 	ret |= mp_run_on_all_cpus(fc_lock_configure, NULL);
 
@@ -559,11 +564,3 @@ void cpu_lock_sgx_memory(void)
 		wrmsr(MSR_LT_LOCK_MEMORY, msr);
 	}
 }
-
-int soc_fill_sgx_param(struct sgx_param *sgx_param)
-{
-	config_t *conf = config_of_soc();
-
-	sgx_param->enable = conf->sgx_enable;
-	return 0;
-}