From 4130eb5f04ad876e8bf488935861edd6113ee98a Mon Sep 17 00:00:00 2001 From: Julien Viard de Galbert Date: Thu, 8 Mar 2018 16:57:47 +0100 Subject: soc/intel/denverton_ns: Implement AES-NI Lock Change-Id: I6cf3484e46eebd3dc753d0903ea8555712b99b7e Signed-off-by: Julien Viard de Galbert Reviewed-on: https://review.coreboot.org/c/coreboot/+/25440 Reviewed-by: Angel Pons Reviewed-by: Steve Mooney Reviewed-by: David Guckian Tested-by: build bot (Jenkins) --- src/soc/intel/denverton_ns/cpu.c | 7 +++++++ src/soc/intel/denverton_ns/include/soc/msr.h | 2 ++ 2 files changed, 9 insertions(+) (limited to 'src') diff --git a/src/soc/intel/denverton_ns/cpu.c b/src/soc/intel/denverton_ns/cpu.c index e99641330a..036a47a42b 100644 --- a/src/soc/intel/denverton_ns/cpu.c +++ b/src/soc/intel/denverton_ns/cpu.c @@ -74,6 +74,13 @@ static void denverton_core_init(struct device *cpu) msr.lo |= FAST_STRINGS_ENABLE_BIT; wrmsr(IA32_MISC_ENABLE, msr); + /* Lock AES-NI only if supported */ + if (cpuid_ecx(1) & (1 << 25)) { + msr = rdmsr(MSR_FEATURE_CONFIG); + msr.lo |= FEATURE_CONFIG_LOCK; /* Lock AES-NI */ + wrmsr(MSR_FEATURE_CONFIG, msr); + } + /* Enable Turbo */ enable_turbo(); diff --git a/src/soc/intel/denverton_ns/include/soc/msr.h b/src/soc/intel/denverton_ns/include/soc/msr.h index 7213c15a36..f7657270de 100644 --- a/src/soc/intel/denverton_ns/include/soc/msr.h +++ b/src/soc/intel/denverton_ns/include/soc/msr.h @@ -23,6 +23,8 @@ #define MSR_PKG_CST_CONFIG_CONTROL 0xe2 #define MSR_PMG_IO_CAPTURE_BASE 0xe4 #define MSR_FEATURE_CONFIG 0x13c +#define FEATURE_CONFIG_RESERVED_MASK 0x3ULL +#define FEATURE_CONFIG_LOCK (1 << 0) #define IA32_MCG_CAP 0x179 #define IA32_MCG_CAP_COUNT_MASK 0xff #define IA32_MCG_CAP_CTL_P_BIT 8 -- cgit v1.2.3