diff options
Diffstat (limited to 'src/soc/intel/common/block/cse')
| -rw-r--r-- | src/soc/intel/common/block/cse/Kconfig | 8 | ||||
| -rw-r--r-- | src/soc/intel/common/block/cse/Makefile.inc | 1 | ||||
| -rw-r--r-- | src/soc/intel/common/block/cse/disable_heci.c | 62 |
3 files changed, 71 insertions, 0 deletions
diff --git a/src/soc/intel/common/block/cse/Kconfig b/src/soc/intel/common/block/cse/Kconfig index 321d34ce61..15de0b0536 100644 --- a/src/soc/intel/common/block/cse/Kconfig +++ b/src/soc/intel/common/block/cse/Kconfig @@ -4,3 +4,11 @@ config SOC_INTEL_COMMON_BLOCK_CSE help Driver for communication with Converged Security Engine (CSE) over Host Embedded Controller Interface (HECI) + +config SOC_INTEL_COMMON_BLOCK_HECI_DISABLE_IN_SMM + bool + default y if HECI_DISABLE_USING_SMM + select SOC_INTEL_COMMON_BLOCK_P2SB + help + Use this config to include common CSE block to make HECI function + disable in SMM mode diff --git a/src/soc/intel/common/block/cse/Makefile.inc b/src/soc/intel/common/block/cse/Makefile.inc index 376f00f715..90f76d59b0 100644 --- a/src/soc/intel/common/block/cse/Makefile.inc +++ b/src/soc/intel/common/block/cse/Makefile.inc @@ -1,3 +1,4 @@ bootblock-$(CONFIG_SOC_INTEL_COMMON_BLOCK_CSE) += cse.c romstage-$(CONFIG_SOC_INTEL_COMMON_BLOCK_CSE) += cse.c ramstage-$(CONFIG_SOC_INTEL_COMMON_BLOCK_CSE) += cse.c +smm-$(CONFIG_SOC_INTEL_COMMON_BLOCK_HECI_DISABLE_IN_SMM) += disable_heci.c diff --git a/src/soc/intel/common/block/cse/disable_heci.c b/src/soc/intel/common/block/cse/disable_heci.c new file mode 100644 index 0000000000..f560a37e9d --- /dev/null +++ b/src/soc/intel/common/block/cse/disable_heci.c @@ -0,0 +1,62 @@ +/* + * This file is part of the coreboot project. + * + * Copyright 2020 Intel Inc. + * + * This program is free software; you can redistribute it and/or modify + * it under the terms of the GNU General Public License as published by + * the Free Software Foundation; version 2 of the License. + * + * This program is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU General Public License for more details. + */ + +#include <commonlib/helpers.h> +#include <console/console.h> +#include <device/pci.h> +#include <device/pci_ids.h> +#include <device/pci_ops.h> +#include <intelblocks/cse.h> +#include <intelblocks/p2sb.h> +#include <intelblocks/pcr.h> +#include <soc/pci_devs.h> +#include <soc/pcr_ids.h> +#include <string.h> + +#define CSME0_FBE 0xf +#define CSME0_BAR 0x0 +#define CSME0_FID 0xb0 + +/* Disable HECI using Sideband interface communication */ +void heci_disable(void) +{ + struct pcr_sbi_msg msg = { + .pid = PID_CSME0, + .offset = 0, + .opcode = PCR_WRITE, + .is_posted = false, + .fast_byte_enable = CSME0_FBE, + .bar = CSME0_BAR, + .fid = CSME0_FID + }; + /* Bit 0: Set to make HECI#1 Function disable */ + uint32_t data32 = 1; + uint8_t response; + int status; + + /* unhide p2sb device */ + p2sb_unhide(); + + /* Send SBI command to make HECI#1 function disable */ + status = pcr_execute_sideband_msg(&msg, &data32, &response); + if (status || response) + printk(BIOS_ERR, "Fail to make CSME function disable\n"); + + /* Ensure to Lock SBI interface after this command */ + p2sb_disable_sideband_access(); + + /* hide p2sb device */ + p2sb_hide(); +} |