security/intel/stm: Check for processor STM support
Check to ensure that dual monitor mode is supported on the
current processor. Dual monitor mode is normally supported on
any Intel x86 processor that has VTx support. The STM is
a hypervisor that executes in SMM dual monitor mode. This
check should fail only in the rare case were dual monitor mode
is disabled. If the check fails, then the STM will not
be initialized by coreboot.
Original-Signed-off-by: Eugene D. Myers <edmyers@tycho.nsa.gov>
Original-Change-Id: I518bb2aa1bdec94b5b6d5e991d7575257f3dc6e9
Original-Reviewed-on: https://review.coreboot.org/c/coreboot/+/38836
Original-Tested-by: build bot (Jenkins) <no-reply@coreboot.org>
Original-Reviewed-by: Nico Huber <nico.h@gmx.de>
(cherry picked from commit 5544f62746
)
Signed-off-by: Marc Jones <marcjones@sysproconsulting.com>
Change-Id: I312570ca28329490006283251f69dd83ef64af40
Reviewed-on: https://review.coreboot.org/c/coreboot/+/50309
Tested-by: build bot (Jenkins) <no-reply@coreboot.org>
Reviewed-by: Stefan Reinauer <stefan.reinauer@coreboot.org>
Reviewed-by: Jay Talbott <JayTalbott@sysproconsulting.com>
This commit is contained in:
parent
bff4cb0558
commit
c7af5ef509
|
@ -74,6 +74,7 @@
|
||||||
#define MCA_STATUS_LO_ERRCODE_EXT_MASK (0x3f << MCA_STATUS_LO_ERRCODE_EXT_SH)
|
#define MCA_STATUS_LO_ERRCODE_EXT_MASK (0x3f << MCA_STATUS_LO_ERRCODE_EXT_SH)
|
||||||
#define MCA_STATUS_LO_ERRCODE_MASK (0xffff << 0)
|
#define MCA_STATUS_LO_ERRCODE_MASK (0xffff << 0)
|
||||||
#define IA32_VMX_BASIC_MSR 0x480
|
#define IA32_VMX_BASIC_MSR 0x480
|
||||||
|
#define VMX_BASIC_HI_DUAL_MONITOR (1UL << (49 - 32))
|
||||||
#define IA32_VMX_MISC_MSR 0x485
|
#define IA32_VMX_MISC_MSR 0x485
|
||||||
#define MC0_ADDR 0x402
|
#define MC0_ADDR 0x402
|
||||||
#define MC0_MISC 0x403
|
#define MC0_MISC 0x403
|
||||||
|
|
|
@ -159,9 +159,20 @@ void stm_setup(uintptr_t mseg, int cpu, int num_cpus, uintptr_t smbase,
|
||||||
{
|
{
|
||||||
msr_t InitMseg;
|
msr_t InitMseg;
|
||||||
msr_t MsegChk;
|
msr_t MsegChk;
|
||||||
|
msr_t vmx_basic;
|
||||||
|
|
||||||
uintptr_t addr_calc; // used to calculate the stm resource heap area
|
uintptr_t addr_calc; // used to calculate the stm resource heap area
|
||||||
|
|
||||||
printk(BIOS_DEBUG, "STM: set up for cpu %d/%d\n", cpu, num_cpus);
|
printk(BIOS_DEBUG, "STM: set up for cpu %d/%d\n", cpu, num_cpus);
|
||||||
|
|
||||||
|
vmx_basic = rdmsr(IA32_VMX_BASIC_MSR);
|
||||||
|
|
||||||
|
// Does this processor support an STM?
|
||||||
|
if ((vmx_basic.hi & VMX_BASIC_HI_DUAL_MONITOR) != VMX_BASIC_HI_DUAL_MONITOR) {
|
||||||
|
printk(BIOS_WARNING, "STM: not supported on CPU %d\n", cpu);
|
||||||
|
return;
|
||||||
|
}
|
||||||
|
|
||||||
if (cpu == 0) {
|
if (cpu == 0) {
|
||||||
|
|
||||||
// need to create the BIOS resource list once
|
// need to create the BIOS resource list once
|
||||||
|
|
Loading…
Reference in New Issue