Nico Huber submitted this change.
sb/intel/{bd82x6x,ibexpeak}: hide MEI if ME inoperable
- Add Kconfig option to hide the Management Engine Interface device so
the OS doesn't try to access it, if the Management Engine is in an
inoperable mode, e.g. if me_cleaner is used.
- Also hide the MEI if the ME is in Soft Temp Disable mode.
Change-Id: Ie4a35bf5fc196e0a02b7591cdb8633d38f0c7f3e
Signed-off-by: James Ye <jye836@gmail.com>
Signed-off-by: Evgeny Zinoviev <me@ch1p.io>
Reviewed-on: https://review.coreboot.org/c/coreboot/+/39074
Reviewed-by: Nico Huber <nico.h@gmx.de>
Reviewed-by: Angel Pons <th3fanbus@gmail.com>
Tested-by: build bot (Jenkins) <no-reply@coreboot.org>
---
M src/southbridge/intel/bd82x6x/Kconfig
M src/southbridge/intel/bd82x6x/me.c
M src/southbridge/intel/bd82x6x/me_8.x.c
M src/southbridge/intel/ibexpeak/Kconfig
M src/southbridge/intel/ibexpeak/me.c
5 files changed, 34 insertions(+), 3 deletions(-)
diff --git a/src/southbridge/intel/bd82x6x/Kconfig b/src/southbridge/intel/bd82x6x/Kconfig
index 21816e5..e3ad885 100644
--- a/src/southbridge/intel/bd82x6x/Kconfig
+++ b/src/southbridge/intel/bd82x6x/Kconfig
@@ -56,4 +56,12 @@
hex
default 0x80
+config HIDE_MEI_ON_ERROR
+ bool "Hide MEI device on error"
+ default n
+ help
+ If you enable this option, the Management Engine Interface
+ device will be hidden when ME is in an inoperable mode, e.g.
+ if me_cleaner was used.
+
endif
diff --git a/src/southbridge/intel/bd82x6x/me.c b/src/southbridge/intel/bd82x6x/me.c
index 2adfbd5..fe2a37c 100644
--- a/src/southbridge/intel/bd82x6x/me.c
+++ b/src/southbridge/intel/bd82x6x/me.c
@@ -254,6 +254,10 @@
switch (path) {
case ME_S3WAKE_BIOS_PATH:
+ case ME_DISABLE_BIOS_PATH:
+#if CONFIG(HIDE_MEI_ON_ERROR)
+ case ME_ERROR_BIOS_PATH:
+#endif
intel_me_hide(dev);
break;
@@ -279,9 +283,10 @@
*/
break;
+#if !CONFIG(HIDE_MEI_ON_ERROR)
case ME_ERROR_BIOS_PATH:
+#endif
case ME_RECOVERY_BIOS_PATH:
- case ME_DISABLE_BIOS_PATH:
case ME_FIRMWARE_UPDATE_BIOS_PATH:
break;
}
diff --git a/src/southbridge/intel/bd82x6x/me_8.x.c b/src/southbridge/intel/bd82x6x/me_8.x.c
index b0226a6..f5a39ec 100644
--- a/src/southbridge/intel/bd82x6x/me_8.x.c
+++ b/src/southbridge/intel/bd82x6x/me_8.x.c
@@ -242,6 +242,10 @@
switch (path) {
case ME_S3WAKE_BIOS_PATH:
+ case ME_DISABLE_BIOS_PATH:
+#if CONFIG(HIDE_MEI_ON_ERROR)
+ case ME_ERROR_BIOS_PATH:
+#endif
intel_me_hide(dev);
break;
@@ -268,9 +272,10 @@
*/
break;
+#if !CONFIG(HIDE_MEI_ON_ERROR)
case ME_ERROR_BIOS_PATH:
+#endif
case ME_RECOVERY_BIOS_PATH:
- case ME_DISABLE_BIOS_PATH:
case ME_FIRMWARE_UPDATE_BIOS_PATH:
break;
}
diff --git a/src/southbridge/intel/ibexpeak/Kconfig b/src/southbridge/intel/ibexpeak/Kconfig
index f172bf1..34ae2f1 100644
--- a/src/southbridge/intel/ibexpeak/Kconfig
+++ b/src/southbridge/intel/ibexpeak/Kconfig
@@ -53,4 +53,12 @@
hex
default 0x80
+config HIDE_MEI_ON_ERROR
+ bool "Hide MEI device on error"
+ default n
+ help
+ If you enable this option, the Management Engine Interface
+ device will be hidden when ME is in an inoperable mode, e.g.
+ if me_cleaner was used.
+
endif
diff --git a/src/southbridge/intel/ibexpeak/me.c b/src/southbridge/intel/ibexpeak/me.c
index 6a45fb4..20b8aac 100644
--- a/src/southbridge/intel/ibexpeak/me.c
+++ b/src/southbridge/intel/ibexpeak/me.c
@@ -476,6 +476,10 @@
switch (path) {
case ME_S3WAKE_BIOS_PATH:
+ case ME_DISABLE_BIOS_PATH:
+#if CONFIG(HIDE_MEI_ON_ERROR)
+ case ME_ERROR_BIOS_PATH:
+#endif
intel_me_hide(dev);
break;
@@ -494,9 +498,10 @@
*/
break;
+#if !CONFIG(HIDE_MEI_ON_ERROR)
case ME_ERROR_BIOS_PATH:
+#endif
case ME_RECOVERY_BIOS_PATH:
- case ME_DISABLE_BIOS_PATH:
case ME_FIRMWARE_UPDATE_BIOS_PATH:
break;
}
To view, visit change 39074. To unsubscribe, or for help writing mail filters, visit settings.