diff --git a/src/soc/intel/apollolake/chip.c b/src/soc/intel/apollolake/chip.c index e6904da75f..e70bfa3b2c 100644 --- a/src/soc/intel/apollolake/chip.c +++ b/src/soc/intel/apollolake/chip.c @@ -39,15 +39,16 @@ #include #include #include +#include +#include +#include #include #include -#include #include #include -#include -#include #include #include +#include #include #include "chip.h" @@ -715,8 +716,16 @@ static int check_xdci_enable(void) void platform_fsp_notify_status(enum fsp_notify_phase phase) { if (phase == END_OF_FIRMWARE) { + + /* + * Before hiding P2SB device and dropping privilege level, + * dump CSE status and disable HECI1 interface. + */ + heci_cse_lockdown(); + /* Hide the P2SB device to align with previous behavior. */ p2sb_hide(); + /* * As per guidelines BIOS is recommended to drop CPU privilege * level to IA_UNTRUSTED. After that certain device registers diff --git a/src/soc/intel/apollolake/cse.c b/src/soc/intel/apollolake/cse.c index 9051dc3304..cfb3b8a841 100644 --- a/src/soc/intel/apollolake/cse.c +++ b/src/soc/intel/apollolake/cse.c @@ -19,6 +19,11 @@ #include #include #include +#include +#include +#include +#include +#include #include #include #include @@ -187,7 +192,7 @@ static uint32_t dump_status(int index, int reg_addr) return reg; } -static void dump_cse_state(void *unused) +static void dump_cse_state(void) { uint32_t fwsts1; @@ -218,6 +223,25 @@ static void dump_cse_state(void *unused) } printk(BIOS_DEBUG, "\n"); } + +#define PCR_PSFX_T0_SHDW_PCIEN 0x1C +#define PCR_PSFX_T0_SHDW_PCIEN_FUNDIS (1 << 8) + +static void disable_heci1(void) +{ + pcr_or32(PID_PSF3, PSF3_BASE_ADDRESS + PCR_PSFX_T0_SHDW_PCIEN, + PCR_PSFX_T0_SHDW_PCIEN_FUNDIS); +} + +void heci_cse_lockdown(void) +{ + dump_cse_state(); + + /* + * It is safe to disable HECI1 now since we won't be talking to the ME + * anymore. + */ + disable_heci1(); +} + BOOT_STATE_INIT_ENTRY(BS_DEV_INIT, BS_ON_ENTRY, fpf_blown, NULL); -BOOT_STATE_INIT_ENTRY(BS_OS_RESUME, BS_ON_ENTRY, dump_cse_state, NULL); -BOOT_STATE_INIT_ENTRY(BS_PAYLOAD_LOAD, BS_ON_EXIT, dump_cse_state, NULL); diff --git a/src/soc/intel/apollolake/include/soc/heci.h b/src/soc/intel/apollolake/include/soc/heci.h index ac28b14cee..26d0ea9c77 100644 --- a/src/soc/intel/apollolake/include/soc/heci.h +++ b/src/soc/intel/apollolake/include/soc/heci.h @@ -42,4 +42,7 @@ bool heci_cse_normal(void); /* Returns true if CSE is done with whatever it was doing */ bool heci_cse_done(void); +/* Dump CSE state and lockdown HECI1 interface using P2SB message. */ +void heci_cse_lockdown(void); + #endif diff --git a/src/soc/intel/apollolake/include/soc/iomap.h b/src/soc/intel/apollolake/include/soc/iomap.h index eea1e6199b..b1cf3da88a 100644 --- a/src/soc/intel/apollolake/include/soc/iomap.h +++ b/src/soc/intel/apollolake/include/soc/iomap.h @@ -45,6 +45,7 @@ #define SRAM_SIZE_2 (4 * KiB) #define HECI1_BASE_ADDRESS 0xfed1a000 +#define PSF3_BASE_ADDRESS 0x1e00 /* Temporary BAR for SPI until PCI enumeration assigns a BAR in ramstage. */ #define SPI_BASE_ADDRESS 0xfe010000 diff --git a/src/soc/intel/apollolake/include/soc/pcr_ids.h b/src/soc/intel/apollolake/include/soc/pcr_ids.h index dba69b1ecc..4af8f2c23e 100644 --- a/src/soc/intel/apollolake/include/soc/pcr_ids.h +++ b/src/soc/intel/apollolake/include/soc/pcr_ids.h @@ -35,8 +35,10 @@ #define PID_LPC 0xD2 #define PID_MODPHY 0xA5 -#define PID_AUNIT 0x4d -#define PID_BUNIT 0x4c +#define PID_AUNIT 0x4D +#define PID_BUNIT 0x4C #define PID_TUNIT 0x52 +#define PID_PSF3 0xC6 + #endif /* SOC_INTEL_APL_PCR_H */