soc/intel/cannonlake: set MSR LT_LOCK_MEMORY at end of POST

FSP does not set the MSR LT_LOCK_MEMORY when SkipMpInit=1. Therefore, set LT_LOCK_MEMORY at end of POST, when native MP init is used, to protect SMM in accordance to Intel BWG. Test on clevo/cml-u: chipsec says LT_LOCK_MEMORY is locked. Change-Id: Iaadd4996653c4f27d268b1c4773c1e2e86114912 Signed-off-by: Michael Niewöhner <foss@mniewoehner.de> Reviewed-on: https://review.coreboot.org/c/coreboot/+/36356 Reviewed-by: Angel Pons <th3fanbus@gmail.com> Reviewed-by: Tim Wawrzynczak <twawrzynczak@chromium.org> Tested-by: build bot (Jenkins) <no-reply@coreboot.org>
2019-09-22 21:56:17 +02:00 · 2019-09-22 21:56:17 +02:00 · 305b6488e4
parent 348f2a6370
commit 305b6488e4
1 changed files with 9 additions and 0 deletions
--- a/src/soc/intel/cannonlake/finalize.c
+++ b/src/soc/intel/cannonlake/finalize.c
@ -6,6 +6,7 @@
 #include <console/post_codes.h>
 #include <cpu/x86/smm.h>
 #include <device/pci.h>
+#include <intelblocks/cpulib.h>
 #include <intelblocks/lpc_lib.h>
 #include <intelblocks/pcr.h>
 #include <intelblocks/pmclib.h>
@ -69,6 +70,14 @@ static void pch_finalize(void)
 	pch_handle_sideband(config);

 	pmc_clear_pmcon_sts();
+
+	/*
+	 * Lock chipset memory registers to protect SMM.
+	 * When SkipMpInit=0, this is done by FSP.
+	 */
+	if (!CONFIG(USE_INTEL_FSP_MP_INIT))
+		cpu_lt_lock_memory();
+
 }

 static void soc_finalize(void *unused)