Check to ensure that dual monitor mode is supported on the
current processor. Dual monitor mode is normally supported on
any Intel x86 processor that has VTx support. The STM is
a hypervisor that executes in SMM dual monitor mode. This
check should fail only in the rare case were dual monitor mode
is disabled. If the check fails, then the STM will not
be initialized by coreboot.
Signed-off-by: Eugene D. Myers <edmyers@tycho.nsa.gov>
Change-Id: I518bb2aa1bdec94b5b6d5e991d7575257f3dc6e9
Reviewed-on: https://review.coreboot.org/c/coreboot/+/38836
Tested-by: build bot (Jenkins) <no-reply@coreboot.org>
Reviewed-by: Nico Huber <nico.h@gmx.de>
This update is a combination of all four of the patches so that the
commit can be done without breaking parts of coreboot. This possible
breakage is because of the cross-dependencies between the original
separate patches would cause failure because of data structure changes.
security/intel/stm
This directory contains the functions that check and move the STM to the
MSEG, create its page tables, and create the BIOS resource list.
The STM page tables is a six page region located in the MSEG and are
pointed to by the CR3 Offset field in the MSEG header. The initial
page tables will identity map all memory between 0-4G. The STM starts
in IA32e mode, which requires page tables to exist at startup.
The BIOS resource list defines the resources that the SMI Handler is
allowed to access. This includes the SMM memory area where the SMI
handler resides and other resources such as I/O devices. The STM uses
the BIOS resource list to restrict the SMI handler's accesses.
The BIOS resource list is currently located in the same area as the
SMI handler. This location is shown in the comment section before
smm_load_module in smm_module_loader.c
Note: The files within security/intel/stm come directly from their
Tianocore counterparts. Unnecessary code has been removed and the
remaining code has been converted to meet coreboot coding requirements.
For more information see:
SMI Transfer Monitor (STM) User Guide, Intel Corp.,
August 2015, Rev 1.0, can be found at firmware.intel.com
include/cpu/x86:
Addtions to include/cpu/x86 for STM support.
cpu/x86:
STM Set up - The STM needs to be loaded into the MSEG during BIOS
initialization and the SMM Monitor Control MSR be set to indicate
that an STM is in the system.
cpu/x86/smm:
SMI module loader modifications needed to set up the
SMM descriptors used by the STM during its initialization
Change-Id: If4adcd92c341162630ce1ec357ffcf8a135785ec
Signed-off-by: Eugene D. Myers <edmyers@tycho.nsa.gov>
Reviewed-on: https://review.coreboot.org/c/coreboot/+/33234
Tested-by: build bot (Jenkins) <no-reply@coreboot.org>
Reviewed-by: Patrick Georgi <pgeorgi@google.com>
Reviewed-by: ron minnich <rminnich@gmail.com>
This reverts commit 297b6b862a.
Reason for revert: breaks smm. No code is using these fields. Original patch incomplete.
Change-Id: I6acf15dc9d77ed8a83b98f086f2a0b306c584a9b
Signed-off-by: Aaron Durbin <adurbin@chromium.org>
Reviewed-on: https://review.coreboot.org/c/coreboot/+/37096
Reviewed-by: ron minnich <rminnich@gmail.com>
Reviewed-by: Werner Zeh <werner.zeh@siemens.com>
Reviewed-by: Kyösti Mälkki <kyosti.malkki@gmail.com>
Tested-by: build bot (Jenkins) <no-reply@coreboot.org>
Addtions to include/cpu/x86 include for STM support.
Change-Id: I2b8e68b2928aefc7996b6a9560c52f71c7c0e1d0
Signed-off-by: Eugene D. Myers <edmyers@tycho.nsa.gov>
Reviewed-on: https://review.coreboot.org/c/coreboot/+/33985
Tested-by: build bot (Jenkins) <no-reply@coreboot.org>
Reviewed-by: Martin Roth <martinroth@google.com>
Reviewed-by: ron minnich <rminnich@gmail.com>
This simplifies transition and reviews towards C environment
bootblock by allowing single cache_as_ram.S file to be used.
Change-Id: I231972982e5ca6d0c08437693edf926b0eaf9ee1
Signed-off-by: Kyösti Mälkki <kyosti.malkki@gmail.com>
Reviewed-on: https://review.coreboot.org/c/coreboot/+/37352
Reviewed-by: Angel Pons <th3fanbus@gmail.com>
Reviewed-by: Michał Żygowski <michal.zygowski@3mdeb.com>
Tested-by: build bot (Jenkins) <no-reply@coreboot.org>
For BSP CPU, set up stack location to match the symbol from car.ld.
For AP CPUs the stack is located outside _car_region and is currently
not accounted for in the linker scripts.
Change-Id: I0ec84ae4e73ecca5034f799cdc2a5c1056ad8b74
Signed-off-by: Michał Żygowski <michal.zygowski@3mdeb.com>
Signed-off-by: Kyösti Mälkki <kyosti.malkki@gmail.com>
Reviewed-on: https://review.coreboot.org/c/coreboot/+/37351
Tested-by: build bot (Jenkins) <no-reply@coreboot.org>
Reviewed-by: Patrick Georgi <pgeorgi@google.com>
BSP and AP have two distinct execution paths for romstage.
Change-Id: Id013b165f1345509fe6b74cef2bf8c3b420f84a4
Signed-off-by: Kyösti Mälkki <kyosti.malkki@gmail.com>
Reviewed-on: https://review.coreboot.org/c/coreboot/+/37326
Reviewed-by: Angel Pons <th3fanbus@gmail.com>
Reviewed-by: Arthur Heymans <arthur@aheymans.xyz>
Reviewed-by: Michał Żygowski <michal.zygowski@3mdeb.com>
Tested-by: build bot (Jenkins) <no-reply@coreboot.org>
This was implemented to make sure it gets called before
attempting any PCI MMIO access. Now that we have one
central romstage_main() implementation this extra precaution
is no longer useful.
Change-Id: I09b24da827e00d7a9ba0a51d5eef36f174b893a6
Signed-off-by: Kyösti Mälkki <kyosti.malkki@gmail.com>
Reviewed-on: https://review.coreboot.org/c/coreboot/+/37203
Tested-by: build bot (Jenkins) <no-reply@coreboot.org>
Reviewed-by: Arthur Heymans <arthur@aheymans.xyz>
Reviewed-by: Michał Żygowski <michal.zygowski@3mdeb.com>
Drop all the sources that were guarded with this.
Change-Id: I6c6fd19875cb57f0caf42a1a94f59efed83bfe0d
Signed-off-by: Kyösti Mälkki <kyosti.malkki@gmail.com>
Reviewed-on: https://review.coreboot.org/c/coreboot/+/19275
Tested-by: build bot (Jenkins) <no-reply@coreboot.org>
Reviewed-by: Michał Żygowski <michal.zygowski@3mdeb.com>
This save state is just plainly wrong in many regards and em64t100
should be used.
Checked with a model 0x17 core2 CPU.
Change-Id: I4d89691e87c91dd12b34a44b74849b18b4ac5369
Signed-off-by: Arthur Heymans <arthur@aheymans.xyz>
Reviewed-on: https://review.coreboot.org/c/coreboot/+/36660
Tested-by: build bot (Jenkins) <no-reply@coreboot.org>
Reviewed-by: Kyösti Mälkki <kyosti.malkki@gmail.com>
Reviewed-by: Angel Pons <th3fanbus@gmail.com>
Pull in all copies of smm_relocation_params structs defined
for intel platforms.
Pull in all the inlined MSR accessors to the header file.
Change-Id: I39c6cffee95433aea1a3c783b869eedfff094413
Signed-off-by: Kyösti Mälkki <kyosti.malkki@gmail.com>
Reviewed-on: https://review.coreboot.org/c/coreboot/+/34840
Tested-by: build bot (Jenkins) <no-reply@coreboot.org>
Reviewed-by: Aaron Durbin <adurbin@chromium.org>
The x86 timers are a bit of a mess. Cases where different stages use
different counters and timestamps use different counters from udelays.
The original intention was to only flip TSC_CONSTANT_RATE Kconfig
to NOT_CONSTANT_TSC_RATE. The name would be incorrect though, those
counters do run with a constant rate but we just lack tsc_freq_mhz()
implementation for three platforms.
Note that for boards with UNKNOWN_TSC_RATE=y, each stage will have a
slow run of calibrate_tsc_with_pit(). This is easy enough to fix with
followup implementation of tsc_freq_mhz() for the platforms.
Implementations with LAPIC_MONOTONIC_TIMER typically will not have
tsc_freq_mhz() implemented and default to UNKNOWN_TSC_RATE. However,
as they don't use TSC for udelay() the slow calibrate_tsc_with_pit()
is avoided.
Because x86/tsc_delay.tsc was using two different guards and nb/via/vx900
claimed UDELAY_TSC, but pulled UDELAY_IO implementation, we also switch
that romstage to use UDELAY_TSC.
Change-Id: I1690cb80295d6b006b75ed69edea28899b674b68
Signed-off-by: Kyösti Mälkki <kyosti.malkki@gmail.com>
Reviewed-on: https://review.coreboot.org/c/coreboot/+/33928
Tested-by: build bot (Jenkins) <no-reply@coreboot.org>
Reviewed-by: Aaron Durbin <adurbin@chromium.org>
Haswell and model_2065 implement a static set_msr_bit helper which
should be publicly available instead. Move it to cpu/x86.
Change-Id: I68b314c917f15fc6e5351de1c539d5a3ae646df8
Signed-off-by: Michael Niewöhner <foss@mniewoehner.de>
Reviewed-on: https://review.coreboot.org/c/coreboot/+/36338
Reviewed-by: Arthur Heymans <arthur@aheymans.xyz>
Reviewed-by: Nico Huber <nico.h@gmx.de>
Tested-by: build bot (Jenkins) <no-reply@coreboot.org>
Make intel_ht_sibling() available on all platforms.
Will be used in MP init to only write "Core" MSRs from one thread
on HyperThreading enabled platforms, to prevent race conditions and
resulting #GP if MSRs are written twice or are already locked.
Change-Id: I5d000b34ba4c6536dc866fbaf106b78e905e3e35
Signed-off-by: Patrick Rudolph <patrick.rudolph@9elements.com>
Reviewed-on: https://review.coreboot.org/c/coreboot/+/35619
Tested-by: build bot (Jenkins) <no-reply@coreboot.org>
Reviewed-by: Aaron Durbin <adurbin@chromium.org>
This provides stack guards with checking and common
entry into postcar.
The code in cpu/intel/car/romstage.c is candidate
for becoming architectural so function prototype
is moved to <arch/romstage.h>.
Change-Id: I4c5a9789e7cf3f7f49a4a33e21dac894320a9639
Signed-off-by: Kyösti Mälkki <kyosti.malkki@gmail.com>
Reviewed-on: https://review.coreboot.org/c/coreboot/+/34893
Reviewed-by: Aaron Durbin <adurbin@chromium.org>
Tested-by: build bot (Jenkins) <no-reply@coreboot.org>
When entry to romstage is via cpu/intel/car/romstage.c
BIST has not been passed down the path for sometime.
Change-Id: I345975c53014902269cee21fc393331d33a84dce
Signed-off-by: Kyösti Mälkki <kyosti.malkki@gmail.com>
Reviewed-on: https://review.coreboot.org/c/coreboot/+/34908
Tested-by: build bot (Jenkins) <no-reply@coreboot.org>
Reviewed-by: Arthur Heymans <arthur@aheymans.xyz>
Some timeouts given were too small when serial console is enabled due to
its spinlock making code runtime worse with every AP present.
In addition we usually don't know how long specific code runs and how
long ago it was sent to the APs.
Remove the timeout argument from mp_run_on_all_cpus and instead wait up
to 1 second, to prevent possible crashing of secondary APs still
processing the old job.
Tested on Supermicro X11SSH-TF.
Change-Id: I456be647b159f7a2ea7d94986a24424e56dcc8c4
Signed-off-by: Patrick Rudolph <patrick.rudolph@9elements.com>
Reviewed-on: https://review.coreboot.org/c/coreboot/+/34587
Tested-by: build bot (Jenkins) <no-reply@coreboot.org>
Reviewed-by: Paul Menzel <paulepanter@users.sourceforge.net>
Reviewed-by: Philipp Deppenwiese <zaolin.daisuki@gmail.com>
There are benefits in placing the postcar_frame structure
in .bss and returning control to romstage_main().
Change-Id: I0418a2abc74f749203c587b2763c5f8a5960e4f9
Signed-off-by: Kyösti Mälkki <kyosti.malkki@gmail.com>
Reviewed-on: https://review.coreboot.org/c/coreboot/+/34808
Tested-by: build bot (Jenkins) <no-reply@coreboot.org>
Reviewed-by: Aaron Durbin <adurbin@chromium.org>
We mostly discourage typedefs for structs. Hide
smm_save_state_area_t in the single file that still
uses it.
Change-Id: I163322deab58126cc66d416987eaf7dca9ce8220
Signed-off-by: Kyösti Mälkki <kyosti.malkki@gmail.com>
Reviewed-on: https://review.coreboot.org/c/coreboot/+/34823
Tested-by: build bot (Jenkins) <no-reply@coreboot.org>
Reviewed-by: Aaron Durbin <adurbin@chromium.org>
Any platform should need just one of these.
Change-Id: Ia0ff8eff152cbd3d82e8b372ec662d3737078d35
Signed-off-by: Kyösti Mälkki <kyosti.malkki@gmail.com>
Reviewed-on: https://review.coreboot.org/c/coreboot/+/34820
Reviewed-by: Aaron Durbin <adurbin@chromium.org>
Reviewed-by: Angel Pons <th3fanbus@gmail.com>
Tested-by: build bot (Jenkins) <no-reply@coreboot.org>
Do this to avoid some amount of explicit typecasting
that would be required otherwise.
Change-Id: I5bc2c3c1dd579f7c6c3d3354c0691e4ba3c778e1
Signed-off-by: Kyösti Mälkki <kyosti.malkki@gmail.com>
Reviewed-on: https://review.coreboot.org/c/coreboot/+/34706
Tested-by: build bot (Jenkins) <no-reply@coreboot.org>
Reviewed-by: Arthur Heymans <arthur@aheymans.xyz>
No need to limit these declarations to FSP. Both
PARALLEL_MP_INIT smm_relocate() and TSEG_STAGE_CACHE
can be built on top of this.
Change-Id: I7b0b9b8c8bee03aabe251c50c47dc42f6596e169
Signed-off-by: Kyösti Mälkki <kyosti.malkki@gmail.com>
Reviewed-on: https://review.coreboot.org/c/coreboot/+/34701
Tested-by: build bot (Jenkins) <no-reply@coreboot.org>
Reviewed-by: Arthur Heymans <arthur@aheymans.xyz>
While common to many Intel CPUs, this is not an architectural
MSR that should be globally defined for all x86.
Change-Id: Ibeed022dc2ba2e90f71511f9bd2640a7cafa5292
Signed-off-by: Kyösti Mälkki <kyosti.malkki@gmail.com>
Reviewed-on: https://review.coreboot.org/c/coreboot/+/34090
Tested-by: build bot (Jenkins) <no-reply@coreboot.org>
Reviewed-by: HAOUAS Elyes <ehaouas@noos.fr>
Reviewed-by: David Guckian
MMIO_BUS_RANGE_SHIFT is a numerical value and not a bit field.
Change it to simply 2. Otherwise its usage winds up evaluating
to BusRange << (1 << 1).
Signed-off-by: Marshall Dawson <marshalldawson3rd@gmail.com>
Change-Id: I2a6ecfc9fbfd45f69194b8daef43ff84a1dfd5fc
Reviewed-on: https://review.coreboot.org/c/coreboot/+/33942
Tested-by: build bot (Jenkins) <no-reply@coreboot.org>
Reviewed-by: Paul Menzel <paulepanter@users.sourceforge.net>
Reviewed-by: Richard Spiegel <richard.spiegel@silverbackltd.com>
Reviewed-by: HAOUAS Elyes <ehaouas@noos.fr>
To clear all DRAM on x86_32, add a new method that uses PAE to access
more than 32bit of address space.
Add Documentation as well.
Required for clearing all system memory as part of security API.
Tested on wedge100s:
Takes less than 2 seconds to clear 8GiB of DRAM.
Tested on P8H61M-Pro:
Takes less than 1 second to clear 4GiB of DRAM.
Change-Id: I00f7ecf87b5c9227a9d58a0b61eecc38007e1a57
Signed-off-by: Patrick Rudolph <patrick.rudolph@9elements.com>
Reviewed-on: https://review.coreboot.org/c/coreboot/+/31549
Reviewed-by: Philipp Deppenwiese <zaolin.daisuki@gmail.com>
Tested-by: build bot (Jenkins) <no-reply@coreboot.org>
