GNUBoot
/
coreboot-kgpe-d16
2
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

soc/intel/skylake: set LT_LOCK_MEMORY at end of POST 

Use the new common function to set LT_LOCK_MEMORY at end of POST to
protect SMM in accordance to Intel BWG.

Tested successfully on X11SSH-M by disabling SGX and running chipsec.

Change-Id: I623e20a34667e4df313aeab49bb57907ec75f8a8
Signed-off-by: Michael Niewöhner <foss@mniewoehner.de>
Reviewed-on: https://review.coreboot.org/c/coreboot/+/36355
Tested-by: build bot (Jenkins) <no-reply@coreboot.org>
Reviewed-by: Nico Huber <nico.h@gmx.de>
This commit is contained in:
Michael Niewöhner 2019-09-22 21:56:17 +02:00 committed by Nico Huber
parent 7253e7a135
commit 48fb573e1f
1 changed files with 4 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
src/soc/intel/skylake/finalize.c
View File

@ -20,6 +20,7 @@
#include <bootstate.h> #include <bootstate.h>
#include <console/console.h> #include <console/console.h>
#include <console/post_codes.h> #include <console/post_codes.h>
#include <cpu/x86/mp.h>
#include <cpu/x86/smm.h> #include <cpu/x86/smm.h>
#include <device/pci.h> #include <device/pci.h>
#include <intelblocks/cpulib.h> #include <intelblocks/cpulib.h>
@ -123,6 +124,9 @@ static void soc_lockdown(struct device *dev)
reg8 |= SMI_LOCK; reg8 |= SMI_LOCK;
pci_write_config8(dev, GEN_PMCON_A, reg8); pci_write_config8(dev, GEN_PMCON_A, reg8);
} }
/* Lock chipset memory registers to protect SMM */
mp_run_on_all_cpus(cpu_lt_lock_memory, NULL);
} }
static void soc_finalize(void *unused) static void soc_finalize(void *unused)