soc/intel/cnl: lock AES-NI feature if selected
Lock AES-NI (MSR_FEATURE_CONFIG) to prevent unintended changes of AES-NI enablement as precaution, as suggested in Intel document 325384-070US. Locking is enabled by default (as already done in SKL and Arrandale) and may be disabled by the newly introduced Kconfig in the parent change. Tested by checking the MSR. Change-Id: I79495bfbd3ebf3b712ce9ecf2040cecfd954178d Signed-off-by: Michael Niewöhner <foss@mniewoehner.de> Reviewed-on: https://review.coreboot.org/c/coreboot/+/46273 Tested-by: build bot (Jenkins) <no-reply@coreboot.org> Reviewed-by: Tim Wawrzynczak <twawrzynczak@chromium.org> Reviewed-by: Nico Huber <nico.h@gmx.de>
This commit is contained in:
parent
2ffd219886
commit
5611cfd55f
1 changed files with 2 additions and 0 deletions
|
@ -199,6 +199,8 @@ void soc_core_init(struct device *cpu)
|
|||
/* Configure Intel Speed Shift */
|
||||
configure_isst();
|
||||
|
||||
set_aesni_lock();
|
||||
|
||||
/* Enable ACPI Timer Emulation via MSR 0x121 */
|
||||
enable_pm_timer_emulation();
|
||||
|
||||
|
|
Loading…
Reference in a new issue