summaryrefslogtreecommitdiff
path: root/src/lib
diff options
context:
space:
mode:
authorSridhar Siricilla <sridhar.siricilla@intel.com>2020-12-03 17:56:49 +0530
committerPatrick Georgi <pgeorgi@google.com>2020-12-07 14:06:28 +0000
commit416b828f47655b6306d3f1ae49e3c3227a1296dd (patch)
tree3f557372c92d107176bbfe589de3ae63f7d283ab /src/lib
parente02b62a4f537ef4ad10e22c05b209c045884ef37 (diff)
sb/intel/common: Modify CONFIG_LOCK_MANAGEMENT_ENGINE behavior
The patch modifies KConfig behaviour if CSE Lite SKU is integrated into the coreboot. When the CSE Lite SKU is integrated, the KConfig prevents writing to ME region but keeps read access enabled. Since CSE Lite driver checks the signature of RW partition to identify the interrupted CSE firmware update, so host must have read access to the ME region. Also, the patch modifies the KConfig's help text to reflect the change. When CSE Lite SKU is integrated, master access permissions: FLMSTR1: 0x002007ff (Host CPU/BIOS) EC Region Write Access: disabled Platform Data Region Write Access: disabled GbE Region Write Access: disabled Intel ME Region Write Access: disabled Host CPU/BIOS Region Write Access: enabled Flash Descriptor Write Access: disabled EC Region Read Access: disabled Platform Data Region Read Access: disabled GbE Region Read Access: disabled Intel ME Region Read Access: enabled Host CPU/BIOS Region Read Access: enabled Flash Descriptor Read Access: enabled BUG=b:174118018 TEST=Built and verified the access permissions. Signed-off-by: Sridhar Siricilla <sridhar.siricilla@intel.com> Change-Id: I2f6677ab7b59ddce827d3fcaae61508a30dc1b28 Reviewed-on: https://review.coreboot.org/c/coreboot/+/48267 Tested-by: build bot (Jenkins) <no-reply@coreboot.org> Reviewed-by: Tim Wawrzynczak <twawrzynczak@chromium.org> Reviewed-by: Furquan Shaikh <furquan@google.com> Reviewed-by: Karthik Ramasubramanian <kramasub@google.com> Reviewed-by: Jamie Ryu <jamie.m.ryu@intel.com>
Diffstat (limited to 'src/lib')
0 files changed, 0 insertions, 0 deletions