x86: make GDT setup optional

For some security scenarios the GDT may already be setup and locked,
in which case the kernel trying to set it again could lead to problems.

Change-Id: I727c1d213479f46a4bb6f0c04a9096131e10b3e7
Signed-off-by: Andrew Boie <andrew.p.boie@intel.com>

arch/x86/core/Kconfig

@@ -92,9 +92,21 @@ config ROM_SIZE
 
 	The default value is specified by the platform.
 
+config SET_GDT
+	bool
+	prompt "Setup GDT as part of boot process"
+	default y
+	help
+	This option sets up the GDT as part of the boot process. However,
+	this may conflict with some security scenarios where the GDT is
+	already appropriately set by an earlier bootloader stage, in which
+	case this should be disabled. If disabled, the global _gdt pointer
+	will not be available.
+
 config GDT_DYNAMIC
 	bool
 	prompt "Store GDT in RAM so that it can be modified"
+	depends on SET_GDT
 	default n
 	help
 	This option stores the GDT in RAM instead of ROM, so that it may

arch/x86/core/crt0.S

@@ -89,8 +89,9 @@ SECTION_FUNC(TEXT_START, __start)
 	 * and a Global Descriptor Table (GDT), the specification encourages
 	 * booted operating systems to setup their own IDT and GDT.
 	 */
-
+#if CONFIG_SET_GDT
 	lgdt	_gdt_rom		/* load 32-bit operand size GDT */
+#endif
 	lidt	_Idt		/* load 32-bit operand size IDT */
 
 
@@ -358,7 +359,7 @@ _Idt:
 	.long	-(0x1BADB002 + 0)
 #endif /* CONFIG_BOOTLOADER_UNKNOWN */
 
-
+#ifdef CONFIG_SET_GDT
 #ifndef CONFIG_GDT_DYNAMIC
 _gdt:
 #endif
@@ -414,3 +415,4 @@ _gdt_rom_entries:
 	.byte   0x00		/* base : 00xxxxxx */
 
 _gdt_rom_end:
+#endif

arch/x86/include/gdt.h

@@ -63,10 +63,12 @@ typedef struct __packed s_gdtHeader
 
 /* externs */
 
+#ifdef CONFIG_SET_GDT
 /* This is either the ROM-based GDT in crt0.S or RAM-based in gdt.c,
  * depending on CONFIG_GDT_DYNAMIC
  */
 extern tGdtHeader _gdt;
+#endif
 
 #endif /* _ASMLANGUAGE */