diff options
author | Jonathan Zhang <jonzhang@meta.com> | 2022-10-26 16:19:40 -0700 |
---|---|---|
committer | Martin L Roth <gaumless@gmail.com> | 2022-12-22 18:48:45 +0000 |
commit | fb2ebbced7f64218667d5647f39c3d49d57a3159 (patch) | |
tree | 356bd540bbbfe5c5e2cbd187b0b4fc0c9a8beab2 /src/soc/intel/xeon_sp | |
parent | 39ede0af15f17bf853d7b3208d301dc623251c29 (diff) |
soc/intel/xeon_sp: Lock down LPC configuration
For LPC, set BIOS interface lock.
Also set the LPC BIOS control to match the SPI BIOS control settings.
BIOS control EISS and WPD are set when the BOOTMEDIA_SMM_BWP config
option is set.
Change-Id: I3e3edc63c0d43b11b0999239ea49304772a05275
Signed-off-by: Marc Jones <marcjones@sysproconsulting.com>
Signed-off-by: Jonathan Zhang <jonzhang@meta.com>
Reviewed-on: https://review.coreboot.org/c/coreboot/+/68876
Tested-by: build bot (Jenkins) <no-reply@coreboot.org>
Reviewed-by: David Hendricks <david.hendricks@gmail.com>
Diffstat (limited to 'src/soc/intel/xeon_sp')
-rw-r--r-- | src/soc/intel/xeon_sp/lockdown.c | 15 |
1 files changed, 15 insertions, 0 deletions
diff --git a/src/soc/intel/xeon_sp/lockdown.c b/src/soc/intel/xeon_sp/lockdown.c index 49f3f5a0ee..7dc1f9834f 100644 --- a/src/soc/intel/xeon_sp/lockdown.c +++ b/src/soc/intel/xeon_sp/lockdown.c @@ -3,11 +3,25 @@ #include <device/mmio.h> #include <device/pci.h> #include <intelblocks/cfg.h> +#include <intelblocks/lpc_lib.h> #include <intelblocks/pmclib.h> #include <intelpch/lockdown.h> #include <soc/pci_devs.h> #include <soc/pm.h> +static void lpc_lockdown_config(void) +{ + /* Set BIOS Interface Lock, BIOS Lock */ + lpc_set_bios_interface_lock_down(); + + /* Only allow writes in SMM */ + if (CONFIG(BOOTMEDIA_SMM_BWP)) { + lpc_set_eiss(); + lpc_enable_wp(); + } + lpc_set_lock_enable(); +} + static void pmc_lockdown_config(int chipset_lockdown) { uint8_t *pmcbase; @@ -36,6 +50,7 @@ static void sata_lockdown_config(int chipset_lockdown) void soc_lockdown_config(int chipset_lockdown) { + lpc_lockdown_config(); pmc_lockdown_config(chipset_lockdown); sata_lockdown_config(chipset_lockdown); } |