<p>Marc Jones has uploaded this change for <strong>review</strong>.</p><p><a href="https://review.coreboot.org/21308">View Change</a></p><pre style="font-family: monospace,monospace; white-space: pre-wrap;">WIP stoneyridge: Lock PSP region<br><br>This is a work in progress.<br><br>The call to lock the PSP is currently in romstage for debugging via serial.<br>The call should move to bootblock. Also, WP and SPI flash WP needs to be<br>checked prior to locking the PSP region.<br><br>Write Protect the SI_ALL FMAP area, which includes the AMD PSP, with the<br>ROM_PROTECT in the SPI flash controller.<br><br>SI_ALL@0x0 0xCB000 {<br> UNUSED@0x00000 0x20000<br> AMD_FW@0x20000 0xAB000<br>}<br><br>Change-Id: Ic375033d9942045389a528182daca2cd5288b672<br>Signed-off-by: Marc Jones <marcj303@gmail.com><br>---<br>M src/mainboard/google/kahlee/ec.c<br>M src/soc/amd/stoneyridge/early_setup.c<br>M src/soc/amd/stoneyridge/include/soc/southbridge.h<br>3 files changed, 82 insertions(+), 0 deletions(-)<br><br></pre><pre style="font-family: monospace,monospace; white-space: pre-wrap;">git pull ssh://review.coreboot.org:29418/coreboot refs/changes/08/21308/1</pre><pre style="font-family: monospace,monospace; white-space: pre-wrap;">diff --git a/src/mainboard/google/kahlee/ec.c b/src/mainboard/google/kahlee/ec.c<br>index 75ed1fa..6fe7226 100644<br>--- a/src/mainboard/google/kahlee/ec.c<br>+++ b/src/mainboard/google/kahlee/ec.c<br>@@ -72,4 +72,16 @@<br> ramstage_ec_init();<br> else<br> early_ec_init();<br>+<br>+/*<br>+ * Located here for testing. Move to bootblock_fch_early_init or other<br>+ * correct location before commiting.<br>+ */<br>+#ifdef __PRE_RAM__<br>+ if (IS_ENABLED(CONFIG_CHROMEOS)) {<br>+ /* TODO: Check SPI WP setting before locking */<br>+ if (sb_lock_psp())<br>+ die("ERROR: Could Not WP PSP Region!\n");<br>+ }<br>+#endif<br> }<br>diff --git a/src/soc/amd/stoneyridge/early_setup.c b/src/soc/amd/stoneyridge/early_setup.c<br>index 5166a7f..3618ba5 100644<br>--- a/src/soc/amd/stoneyridge/early_setup.c<br>+++ b/src/soc/amd/stoneyridge/early_setup.c<br>@@ -24,6 +24,7 @@<br> #include <soc/southbridge.h><br> #include <soc/pci_devs.h><br> #include <Fch/Fch.h><br>+#include <fmap.h><br> #include <cpu/x86/msr.h><br> #include <delay.h><br> <br>@@ -342,6 +343,63 @@<br> pci_io_write_config16(dev, 0x6e, 0xffff);<br> }<br> <br>+/*<br>+ * Set the write once SPI ROM Protect registers to protect the PSP.<br>+ *<br>+ * PCU_DEV, LPC_FUNC[5C,58,54,50] ROM Protect 3, 2, 1, 0<br>+ * {RomBase, 000_0000_0000b} <= address[31:0] <= (({RomBase, 000_0000_0000b} +<br>+ * ((Range+1) << (RangeUnit ? 16 : 12) ) ) - 1).<br>+ */<br>+int sb_lock_psp(void)<br>+{<br>+ pci_devfn_t dev;<br>+ struct region r;<br>+ size_t r_offset, r_size;<br>+ u32 reg;<br>+<br>+ dev = PCI_DEV(0, PCU_DEV, LPC_FUNC);<br>+<br>+ /* Locate PSP area in the FMAP */<br>+ if (fmap_locate_area("SI_ALL", &r) != 0 ) {<br>+ assert(0);<br>+ return -1;<br>+ }<br>+<br>+ /* The offset from the bottom of the FLASH ROM. (4GB - ROMSIZE) */<br>+ r_offset = 0xFFFFFFFF - CONFIG_ROM_SIZE + 1 + region_offset(&r);<br>+ r_size = region_sz(&r);<br>+ printk(BIOS_DEBUG, "r_offset: 0x%x r_size:0x%x\n", (u32)r_offset, (u32)r_size);<br>+<br>+ reg = pci_io_read_config32(dev, LPC_ROM_PROTECT0);<br>+<br>+ if (reg != 0) {<br>+ assert(0);<br>+ return -1;<br>+ }<br>+<br>+ /*<br>+ * Determine the 4KB or 64 Region Unit size.<br>+ * The region MUST align with the unit size or it could write<br>+ * protect the next region.<br>+ */<br>+ if (r_size <= (0x100 * 0x1000) && !(r_size % 0x1000)) {<br>+ reg |= (r_size / 0x1000);<br>+ reg |= LPC_ROM_PROTECT_UNIT_4KB;<br>+ } else if (r_size <= (0x100 * 0x10000) && !(r_size % 0x10000)) {<br>+ reg |= (r_size / 0x1000);<br>+ reg |= LPC_ROM_PROTECT_UNIT_64KB;<br>+ } else {<br>+ assert(0); /* region isn't aligned */<br>+ return -1;<br>+ }<br>+<br>+ reg |= r_offset & LPC_ROM_PROTECT_BASE_MASK;<br>+ reg |= LPC_ROM_PROTECT_WP;<br>+ pci_io_write_config32(dev, LPC_ROM_PROTECT0, reg);<br>+ printk(BIOS_DEBUG, "ROM PROTECT0: 0x%x\n", reg); //debug, remove<br>+ return 0;<br>+}<br>+<br> void bootblock_fch_early_init(void)<br> {<br> sb_enable_rom();<br>diff --git a/src/soc/amd/stoneyridge/include/soc/southbridge.h b/src/soc/amd/stoneyridge/include/soc/southbridge.h<br>index de481f0..ee71d14 100644<br>--- a/src/soc/amd/stoneyridge/include/soc/southbridge.h<br>+++ b/src/soc/amd/stoneyridge/include/soc/southbridge.h<br>@@ -120,6 +120,17 @@<br> #define LPC_WIDEIO1_ENABLE BIT(24)<br> #define LPC_WIDEIO0_ENABLE BIT(2)<br> <br>+#define LPC_ROM_PROTECT0 0x50<br>+#define LPC_ROM_PROTECT1 0x54<br>+#define LPC_ROM_PROTECT2 0x58<br>+#define LPC_ROM_PROTECT3 0x5c<br>+#define LPC_ROM_PROTECT_BASE_MASK 0xffffffff << 12<br>+#define LPC_ROM_PROTECT_WP BIT(10)<br>+#define LPC_ROM_PROTECT_RP BIT(9)<br>+#define LPC_ROM_PROTECT_UNIT_4KB 0<br>+#define LPC_ROM_PROTECT_UNIT_64KB BIT(8)<br>+#define LPC_ROM_PROTECT_RANGE_MASK 0xff<br>+<br> #define LPC_WIDEIO_GENERIC_PORT 0x64<br> <br> #define LPC_ALT_WIDEIO_RANGE_ENABLE 0x74<br>@@ -186,6 +197,7 @@<br> void sb_enable(device_t dev);<br> void southbridge_final(void *chip_info);<br> void southbridge_init(void *chip_info);<br>+int sb_lock_psp(void);<br> void sb_lpc_port80(void);<br> void sb_lpc_decode(void);<br> void sb_pci_port80(void);<br></pre><p>To view, visit <a href="https://review.coreboot.org/21308">change 21308</a>. To unsubscribe, visit <a href="https://review.coreboot.org/settings">settings</a>.</p><div itemscope itemtype="http://schema.org/EmailMessage"><div itemscope itemprop="action" itemtype="http://schema.org/ViewAction"><link itemprop="url" href="https://review.coreboot.org/21308"/><meta itemprop="name" content="View Change"/></div></div>
<div style="display:none"> Gerrit-Project: coreboot </div>
<div style="display:none"> Gerrit-Branch: master </div>
<div style="display:none"> Gerrit-MessageType: newchange </div>
<div style="display:none"> Gerrit-Change-Id: Ic375033d9942045389a528182daca2cd5288b672 </div>
<div style="display:none"> Gerrit-Change-Number: 21308 </div>
<div style="display:none"> Gerrit-PatchSet: 1 </div>
<div style="display:none"> Gerrit-Owner: Marc Jones <marc@marcjonesconsulting.com> </div>