diff options
| -rw-r--r-- | src/soc/intel/broadwell/pch/Kconfig | 8 | ||||
| -rw-r--r-- | src/soc/intel/broadwell/pch/me.c | 5 |
2 files changed, 12 insertions, 1 deletions
diff --git a/src/soc/intel/broadwell/pch/Kconfig b/src/soc/intel/broadwell/pch/Kconfig index 4800f3f804..5a80d32191 100644 --- a/src/soc/intel/broadwell/pch/Kconfig +++ b/src/soc/intel/broadwell/pch/Kconfig @@ -66,3 +66,11 @@ config SERIALIO_UART_CONSOLE config CONSOLE_UART_BASE_ADDRESS default 0xd6000000 if SERIALIO_UART_CONSOLE + +config DISABLE_ME_PCI + bool "Disable Intel ME PCI interface (MEI1)" + default y + help + Disable and hide the ME PCI interface during finalize stage of boot. + This will prevent the OS (and userspace apps) from interacting with + the ME via the PCI interface after boot. diff --git a/src/soc/intel/broadwell/pch/me.c b/src/soc/intel/broadwell/pch/me.c index f1750d2b22..08917fd6bb 100644 --- a/src/soc/intel/broadwell/pch/me.c +++ b/src/soc/intel/broadwell/pch/me.c @@ -601,6 +601,9 @@ static void intel_me_finalize(struct device *dev) if (!mei_base_address || mei_base_address == (u8 *)0xfffffff0) return; + if (!CONFIG(DISABLE_ME_PCI)) + return; + /* Make sure IO is disabled */ reg16 = pci_read_config16(dev, PCI_COMMAND); reg16 &= ~(PCI_COMMAND_MASTER | @@ -1023,7 +1026,7 @@ static void intel_me_init(struct device *dev) static void intel_me_enable(struct device *dev) { /* Avoid talking to the device in S3 path */ - if (acpi_is_wakeup_s3()) { + if (acpi_is_wakeup_s3() && CONFIG(DISABLE_ME_PCI)) { dev->enabled = 0; pch_disable_devfn(dev); } |