From 7bdedcdc338e5043f9670790a4333260b63087aa Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Michael=20Niew=C3=B6hner?= Date: Sun, 1 Sep 2019 16:49:09 +0200 Subject: soc/intel/skylake: lock AES-NI MSR MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Lock AES-NI register to prevent unintended disabling, as suggested by the MSR datasheet. Successfully tested by reading the MSR on X11SSM-F Change-Id: I97a0d3b1b9b0452e929ca07d29c03237b413e521 Signed-off-by: Michael Niewöhner Reviewed-on: https://review.coreboot.org/c/coreboot/+/35188 Reviewed-by: Patrick Georgi Reviewed-by: Nico Huber Tested-by: build bot (Jenkins) --- src/soc/intel/skylake/Kconfig | 1 + src/soc/intel/skylake/cpu.c | 22 ++++++++++++++++++++++ 2 files changed, 23 insertions(+) diff --git a/src/soc/intel/skylake/Kconfig b/src/soc/intel/skylake/Kconfig index 901e5f9b21..8bdd9b56d9 100644 --- a/src/soc/intel/skylake/Kconfig +++ b/src/soc/intel/skylake/Kconfig @@ -31,6 +31,7 @@ config CPU_SPECIFIC_OPTIONS select COMMON_FADT select CPU_INTEL_COMMON select CPU_INTEL_FIRMWARE_INTERFACE_TABLE + select CPU_INTEL_COMMON_HYPERTHREADING select C_ENVIRONMENT_BOOTBLOCK select FSP_M_XIP if MAINBOARD_USES_FSP2_0 select FSP_T_XIP if FSP_CAR diff --git a/src/soc/intel/skylake/cpu.c b/src/soc/intel/skylake/cpu.c index 1f9ecada74..63142b9b3f 100644 --- a/src/soc/intel/skylake/cpu.c +++ b/src/soc/intel/skylake/cpu.c @@ -420,6 +420,25 @@ static void enable_pm_timer_emulation(void) wrmsr(MSR_EMULATE_PM_TIMER, msr); } +/* + * Lock AES-NI (MSR_FEATURE_CONFIG) to prevent unintended disabling + * as suggested in Intel document 325384-070US. + */ +static void cpu_lock_aesni(void) +{ + msr_t msr; + + /* Only run once per core as specified in the MSR datasheet */ + if (intel_ht_sibling()) + return; + + msr = rdmsr(MSR_FEATURE_CONFIG); + if ((msr.lo & 1) == 0) { + msr.lo |= 1; + wrmsr(MSR_FEATURE_CONFIG, msr); + } +} + /* All CPUs including BSP will run the following function. */ void soc_core_init(struct device *cpu) { @@ -444,6 +463,9 @@ void soc_core_init(struct device *cpu) /* Configure Intel Speed Shift */ configure_isst(); + /* Lock AES-NI MSR */ + cpu_lock_aesni(); + /* Enable ACPI Timer Emulation via MSR 0x121 */ enable_pm_timer_emulation(); -- cgit v1.2.3