summaryrefslogtreecommitdiff
path: root/Silicon/Intel/KabylakeSiliconPkg/Hsti/Dxe/SecureIntegratedGraphicsConfiguration.c
diff options
context:
space:
mode:
Diffstat (limited to 'Silicon/Intel/KabylakeSiliconPkg/Hsti/Dxe/SecureIntegratedGraphicsConfiguration.c')
-rw-r--r--Silicon/Intel/KabylakeSiliconPkg/Hsti/Dxe/SecureIntegratedGraphicsConfiguration.c221
1 files changed, 221 insertions, 0 deletions
diff --git a/Silicon/Intel/KabylakeSiliconPkg/Hsti/Dxe/SecureIntegratedGraphicsConfiguration.c b/Silicon/Intel/KabylakeSiliconPkg/Hsti/Dxe/SecureIntegratedGraphicsConfiguration.c
new file mode 100644
index 0000000000..c70ac41cf6
--- /dev/null
+++ b/Silicon/Intel/KabylakeSiliconPkg/Hsti/Dxe/SecureIntegratedGraphicsConfiguration.c
@@ -0,0 +1,221 @@
+/** @file
+ This file contains the tests for the SecureIntegratedGraphics bit
+
+Copyright (c) 2017, Intel Corporation. All rights reserved.<BR>
+This program and the accompanying materials are licensed and made available under
+the terms and conditions of the BSD License that accompanies this distribution.
+The full text of the license may be found at
+http://opensource.org/licenses/bsd-license.php.
+
+THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS,
+WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER EXPRESS OR IMPLIED.
+
+**/
+#include "HstiSiliconDxe.h"
+
+/**
+ Run tests for SecureIntegratedGraphicsConfiguration bit
+**/
+VOID
+CheckSecureIntegratedGraphicsConfiguration (
+ VOID
+ )
+{
+ EFI_STATUS Status;
+ BOOLEAN Result;
+ UINT32 MchBar;
+ UINT16 Ggc;
+ UINT32 Pavpc;
+ UINT32 Bdsm;
+ UINT32 Bgsm;
+ UINT32 Tolud;
+ UINT32 GsmSize;
+ UINT32 DsmSize;
+ UINT32 Data32;
+ UINT32 PcmBase;
+ CHAR16 *HstiErrorString;
+
+ if ((mFeatureImplemented[1] & HSTI_BYTE1_SECURE_INTEGRATED_GRAPHICS_CONFIGURATION) == 0) {
+ return;
+ }
+
+ Result = TRUE;
+
+ MchBar = (UINT32) MmioRead64 (MmPciBase (DEFAULT_PCI_BUS_NUMBER_PCH,SA_MC_DEV,SA_MC_FUN) + R_SA_MCHBAR) & B_SA_MCHBAR_MCHBAR_MASK;
+
+ DEBUG ((DEBUG_INFO, " Table 3-9. Processor Graphics Security Configuration\n"));
+
+ DEBUG ((DEBUG_INFO, " 1. GGC\n"));
+
+ Ggc = MmioRead16 (MmPciBase (DEFAULT_PCI_BUS_NUMBER_PCH,SA_MC_DEV,SA_MC_FUN) + R_SA_GGC);
+ if ((Ggc & B_SA_GGC_GGCLCK_MASK) == 0) {
+ DEBUG ((DEBUG_INFO, "Fail: GGCLCK bit not set\n"));
+
+ HstiErrorString = BuildHstiErrorString (HSTI_BYTE1_SECURE_INTEGRATED_GRAPHICS_CONFIGURATION_ERROR_CODE_1 ,HSTI_PROCESSOR_GRAPHICS_SECURITY_CONFIGURATION, HSTI_BYTE1_SECURE_INTEGRATED_GRAPHICS_CONFIGURATION_ERROR_STRING_1);
+ Status = HstiLibAppendErrorString (
+ PLATFORM_SECURITY_ROLE_PLATFORM_REFERENCE,
+ NULL,
+ HstiErrorString
+ );
+ ASSERT_EFI_ERROR (Status);
+ Result = FALSE;
+ FreePool (HstiErrorString);
+ }
+
+ DEBUG ((DEBUG_INFO, " 2. PAVPC\n"));
+
+ Pavpc = MmioRead32 (MmPciBase (DEFAULT_PCI_BUS_NUMBER_PCH,SA_MC_DEV,SA_MC_FUN) + R_SA_PAVPC);
+ if ((Pavpc & B_SA_PAVPC_PAVPLCK_MASK) == 0) {
+ DEBUG ((DEBUG_INFO, "Fail: PAVPLCK bit not set\n"));
+
+ HstiErrorString = BuildHstiErrorString (HSTI_BYTE1_SECURE_INTEGRATED_GRAPHICS_CONFIGURATION_ERROR_CODE_1 ,HSTI_PROCESSOR_GRAPHICS_SECURITY_CONFIGURATION, HSTI_BYTE1_SECURE_INTEGRATED_GRAPHICS_CONFIGURATION_ERROR_STRING_1);
+ Status = HstiLibAppendErrorString (
+ PLATFORM_SECURITY_ROLE_PLATFORM_REFERENCE,
+ NULL,
+ HstiErrorString
+ );
+ ASSERT_EFI_ERROR (Status);
+ Result = FALSE;
+ FreePool (HstiErrorString);
+ }
+
+ DEBUG ((DEBUG_INFO, " 3. BDSM\n"));
+
+ Bdsm = MmioRead32 (MmPciBase (DEFAULT_PCI_BUS_NUMBER_PCH,SA_MC_DEV,SA_MC_FUN) + R_SA_BDSM);
+ if ((Bdsm & B_SA_BDSM_LOCK_MASK) == 0) {
+ DEBUG ((DEBUG_INFO, "Fail: BDSM not locked \n"));
+
+ HstiErrorString = BuildHstiErrorString (HSTI_BYTE1_SECURE_INTEGRATED_GRAPHICS_CONFIGURATION_ERROR_CODE_1 ,HSTI_PROCESSOR_GRAPHICS_SECURITY_CONFIGURATION, HSTI_BYTE1_SECURE_INTEGRATED_GRAPHICS_CONFIGURATION_ERROR_STRING_1);
+ Status = HstiLibAppendErrorString (
+ PLATFORM_SECURITY_ROLE_PLATFORM_REFERENCE,
+ NULL,
+ HstiErrorString
+ );
+ ASSERT_EFI_ERROR (Status);
+ Result = FALSE;
+ FreePool (HstiErrorString);
+ }
+
+ DEBUG ((DEBUG_INFO, " 4. BGSM\n"));
+
+ Bgsm = MmioRead32 (MmPciBase (DEFAULT_PCI_BUS_NUMBER_PCH,SA_MC_DEV,SA_MC_FUN) + R_SA_BGSM);
+ if ((Bdsm & B_SA_BGSM_LOCK_MASK) == 0) {
+ DEBUG ((DEBUG_INFO, "Fail: BGSM not locked \n"));
+
+ HstiErrorString = BuildHstiErrorString (HSTI_BYTE1_SECURE_INTEGRATED_GRAPHICS_CONFIGURATION_ERROR_CODE_1 ,HSTI_PROCESSOR_GRAPHICS_SECURITY_CONFIGURATION, HSTI_BYTE1_SECURE_INTEGRATED_GRAPHICS_CONFIGURATION_ERROR_STRING_1);
+ Status = HstiLibAppendErrorString (
+ PLATFORM_SECURITY_ROLE_PLATFORM_REFERENCE,
+ NULL,
+ HstiErrorString
+ );
+ ASSERT_EFI_ERROR (Status);
+ Result = FALSE;
+ FreePool (HstiErrorString);
+ }
+
+ DEBUG ((DEBUG_INFO, " 5. PAVP Settings\n"));
+
+ Data32 = MmioRead32 (MchBar + 0x5500);
+ if ((Data32 & BIT0) == 0) {
+ DEBUG ((DEBUG_INFO, "Fail: LockPAVP Settings not set \n"));
+
+ HstiErrorString = BuildHstiErrorString (HSTI_BYTE1_SECURE_INTEGRATED_GRAPHICS_CONFIGURATION_ERROR_CODE_1 ,HSTI_PROCESSOR_GRAPHICS_SECURITY_CONFIGURATION, HSTI_BYTE1_SECURE_INTEGRATED_GRAPHICS_CONFIGURATION_ERROR_STRING_1);
+ Status = HstiLibAppendErrorString (
+ PLATFORM_SECURITY_ROLE_PLATFORM_REFERENCE,
+ NULL,
+ HstiErrorString
+ );
+ ASSERT_EFI_ERROR (Status);
+ Result = FALSE;
+ FreePool (HstiErrorString);
+ }
+
+ DEBUG ((DEBUG_INFO, " 6. IGD stolen memory consistency\n"));
+
+ Tolud = MmioRead32 (MmPciBase (DEFAULT_PCI_BUS_NUMBER_PCH,SA_MC_DEV,SA_MC_FUN) + R_SA_TOLUD);
+
+ switch ((Ggc & B_SKL_SA_GGC_GGMS_MASK) >> N_SKL_SA_GGC_GGMS_OFFSET) {
+ case V_SKL_SA_GGC_GGMS_2MB:
+ GsmSize = SIZE_2MB;
+ break;
+ case V_SKL_SA_GGC_GGMS_4MB:
+ GsmSize = SIZE_4MB;
+ break;
+ case V_SKL_SA_GGC_GGMS_8MB:
+ GsmSize = SIZE_8MB;
+ break;
+ default:
+ GsmSize = 0;
+ break;
+ }
+
+ DsmSize = ((Ggc & B_SKL_SA_GGC_GMS_MASK) >> N_SKL_SA_GGC_GMS_OFFSET) * SIZE_32MB;
+
+ DEBUG ((DEBUG_INFO, "DSM: 0x%08x - 0x%08x\n", Bdsm & B_SA_BDSM_BDSM_MASK, DsmSize));
+ DEBUG ((DEBUG_INFO, "GSM: 0x%08x - 0x%08x\n", Bgsm & B_SA_BGSM_BGSM_MASK, GsmSize));
+ DEBUG ((DEBUG_INFO, "TOLUD: 0x%08x\n", Tolud & B_SA_TOLUD_TOLUD_MASK));
+
+ if ((Bgsm & B_SA_BGSM_BGSM_MASK) != (Bdsm & B_SA_BDSM_BDSM_MASK) - GsmSize) {
+ DEBUG ((DEBUG_INFO, "Fail: BGSM: 0x%x != %x - %x \n",(Bgsm & B_SA_BGSM_BGSM_MASK),(Bdsm & B_SA_BDSM_BDSM_MASK),GsmSize));
+
+ HstiErrorString = BuildHstiErrorString (HSTI_BYTE1_SECURE_INTEGRATED_GRAPHICS_CONFIGURATION_ERROR_CODE_2 ,HSTI_PROCESSOR_GRAPHICS_SECURITY_CONFIGURATION, HSTI_BYTE1_SECURE_INTEGRATED_GRAPHICS_CONFIGURATION_ERROR_STRING_2);
+ Status = HstiLibAppendErrorString (
+ PLATFORM_SECURITY_ROLE_PLATFORM_REFERENCE,
+ NULL,
+ HstiErrorString
+ );
+ ASSERT_EFI_ERROR (Status);
+ Result = FALSE;
+ FreePool (HstiErrorString);
+ }
+ if ((Bdsm & B_SA_BDSM_BDSM_MASK) != (Tolud & B_SA_TOLUD_TOLUD_MASK) - DsmSize) {
+ DEBUG ((DEBUG_INFO, "Fail: BDSM: 0x%x != %x - %x \n",(Bdsm & B_SA_BDSM_BDSM_MASK),(Tolud & B_SA_TOLUD_TOLUD_MASK),DsmSize));
+
+ HstiErrorString = BuildHstiErrorString (HSTI_BYTE1_SECURE_INTEGRATED_GRAPHICS_CONFIGURATION_ERROR_CODE_2 ,HSTI_PROCESSOR_GRAPHICS_SECURITY_CONFIGURATION, HSTI_BYTE1_SECURE_INTEGRATED_GRAPHICS_CONFIGURATION_ERROR_STRING_2);
+ Status = HstiLibAppendErrorString (
+ PLATFORM_SECURITY_ROLE_PLATFORM_REFERENCE,
+ NULL,
+ HstiErrorString
+ );
+ ASSERT_EFI_ERROR (Status);
+ Result = FALSE;
+ FreePool (HstiErrorString);
+ }
+
+ DEBUG ((DEBUG_INFO, " 7. Reserved Check\n"));
+ if ((Pavpc & B_SA_PAVPC_PCME_MASK) != 0) {
+ PcmBase = Pavpc & B_SA_PAVPC_PCMBASE_MASK;
+ DEBUG ((DEBUG_INFO, "PCMBASE: 0x%08x - 0x%08x\n", PcmBase, SIZE_1MB));
+ if ((PcmBase < (Bdsm & B_SA_BDSM_BDSM_MASK)) ||
+ (PcmBase > (Tolud & B_SA_TOLUD_TOLUD_MASK)) ||
+ ((PcmBase + SIZE_1MB) < (Bdsm & B_SA_BDSM_BDSM_MASK)) ||
+ ((PcmBase + SIZE_1MB) > (Tolud & B_SA_TOLUD_TOLUD_MASK))) {
+ DEBUG ((DEBUG_INFO, "Fail: Graphics security reserved check failed \n"));
+
+ HstiErrorString = BuildHstiErrorString (HSTI_BYTE1_SECURE_INTEGRATED_GRAPHICS_CONFIGURATION_ERROR_CODE_3 ,HSTI_PROCESSOR_GRAPHICS_SECURITY_CONFIGURATION, HSTI_BYTE1_SECURE_INTEGRATED_GRAPHICS_CONFIGURATION_ERROR_STRING_3);
+ Status = HstiLibAppendErrorString (
+ PLATFORM_SECURITY_ROLE_PLATFORM_REFERENCE,
+ NULL,
+ HstiErrorString
+ );
+ ASSERT_EFI_ERROR (Status);
+ Result = FALSE;
+ FreePool (HstiErrorString);
+ }
+ }
+
+ //
+ // ALL PASS
+ //
+ if (Result) {
+ Status = HstiLibSetFeaturesVerified (
+ PLATFORM_SECURITY_ROLE_PLATFORM_REFERENCE,
+ NULL,
+ 1,
+ HSTI_BYTE1_SECURE_INTEGRATED_GRAPHICS_CONFIGURATION
+ );
+ ASSERT_EFI_ERROR (Status);
+ }
+
+ return;
+}
generated by cgit v1.2.3 (git 2.25.1) at 2024-11-10 18:17:32 +0000