soc/amd/picasso/bootblock: Write EIP to secure S3

This change is required so we have a defined entry point on S3. Without
this, the S3_RESUME_EIP_MSR register could in theory be written to
later which would be a security risk.

BUG=b:147042464
TEST=Resume trembyle and see bootblock start.

coreboot-4.12-512-g65779ebcf73f-dirty Thu Jun  4 22:38:17 UTC 2020 smm starting (log level: 8)...

SMI# #6
SMI#: SLP = 0x0c01
Chrome EC: Set SMI mask to 0x0000000000000000
Chrome EC: Set SCI mask to 0x0000000000000000
Clearing pending EC events. Error code EC_RES_UNAVAILABLE(9) is expected.
EC returned error result code 9
SMI#: Entering S3 (Suspend-To-RAM)
PSP: Prepare to enter sleep state 3... OK
SMU: Put system into S3/S4/S5
Timestamp - start of bootblock: 18446744070740509170

coreboot-4.12-512-g65779ebcf73f-dirty Thu Jun  4 22:38:17 UTC 2020 bootblock starting (log level: 8)...
Family_Model: 00810f81
PMxC0 STATUS: 0x200800 SleepReset BIT11
I2C bus 3 version 0x3132322a
DW I2C bus 3 at 0xfedc5000 (400 KHz)
Timestamp - end of bootblock: 18446744070804450274
VBOOT: Loading verstage.
FMAP: area COREBOOT found @ c75000 (3715072 bytes)
CBFS: Locating 'fallback/verstage'
CBFS: Found @ offset 61b80 size cee4
PROG_RUN: Setting MTRR to cache stage. base: 0x04000000, size: 0x00010000

Signed-off-by: Raul E Rangel <rrangel@chromium.org>
Change-Id: I4b0b0d0d576fc42b1628a4547a5c9a10bcbe9d37
Reviewed-on: https://review.coreboot.org/c/coreboot/+/42088
Tested-by: build bot (Jenkins) <no-reply@coreboot.org>
Reviewed-by: Aaron Durbin <adurbin@chromium.org>
Reviewed-by: Marshall Dawson <marshalldawson3rd@gmail.com>

3 files changed, 33 insertions, 0 deletions

diff --git a/src/include/cpu/amd/msr.h b/src/include/cpu/amd/msr.h
index 606ea23bc0..e466e7bbf2 100644
--- a/src/include/cpu/amd/msr.h
+++ b/src/include/cpu/amd/msr.h
@@ -72,6 +72,7 @@
 #define EX_CFG_MSR			0xC001102C
 #define LS_CFG2_MSR			0xC001102D
 #define IBS_OP_DATA3_MSR		0xC0011037
+#define S3_RESUME_EIP_MSR		0xC00110E0
 
 #define MSR_PATCH_LEVEL			0x0000008B
 #define CORE_PERF_BOOST_CTRL		0x15c
diff --git a/src/soc/amd/picasso/bootblock/bootblock.c b/src/soc/amd/picasso/bootblock/bootblock.c
index 606440bfc1..a3935cc7aa 100644
--- a/src/soc/amd/picasso/bootblock/bootblock.c
+++ b/src/soc/amd/picasso/bootblock/bootblock.c
@@ -12,6 +12,9 @@
 #include <soc/southbridge.h>
 #include <soc/i2c.h>
 #include <amdblocks/amd_pci_mmconf.h>
+#include <acpi/acpi.h>
+
+asmlinkage void bootblock_resume_entry(void);
 
 /* PSP performs the memory training and setting up DRAM map prior to x86 cores
    being released. Honor TOP_MEM and set up caching from 0 til TOP_MEM. Likewise,
@@ -84,9 +87,27 @@ static void set_caching(void)
 	enable_cache();
 }
 
+static void write_resume_eip(void)
+{
+	msr_t s3_resume_entry = {
+		.hi = (uint64_t)(uintptr_t)bootblock_resume_entry >> 32,
+		.lo = (uintptr_t)bootblock_resume_entry & 0xffffffff,
+	};
+
+	/*
+	 * Writing to the EIP register can only be done once, otherwise a fault is triggered.
+	 * When this register is written, it will trigger the microcode to stash the CPU state
+	 * (crX , mtrrs, registers, etc) into the CC6 save area. On resume, the state will be
+	 * restored and execution will continue at the EIP.
+	 */
+	if (!acpi_is_wakeup_s3())
+		wrmsr(S3_RESUME_EIP_MSR, s3_resume_entry);
+}
+
 asmlinkage void bootblock_c_entry(uint64_t base_timestamp)
 {
 	set_caching();
+	write_resume_eip();
 	enable_pci_mmconf();
 
 	bootblock_main_with_basetime(base_timestamp);
diff --git a/src/soc/amd/picasso/bootblock/pre_c.S b/src/soc/amd/picasso/bootblock/pre_c.S
index 5c186f1062..83e5491cd5 100644
--- a/src/soc/amd/picasso/bootblock/pre_c.S
+++ b/src/soc/amd/picasso/bootblock/pre_c.S
@@ -2,6 +2,17 @@
 
 #include <cpu/x86/post_code.h>
 
+.global bootblock_resume_entry
+bootblock_resume_entry:
+	post_code(0xb0)
+
+	/* Get an early timestamp */
+	rdtsc
+	movd	%eax, %mm1
+	movd	%edx, %mm2
+
+	/* Fall through to bootblock_pre_c_entry */
+
 /*
  * on entry:
  *   mm0: BIST (ignored)