Michał Żygowski has uploaded this change for review. ( https://review.coreboot.org/c/coreboot/+/43395 )
Change subject: cpu/x86/16bit/entry16.inc: Stop PBET timer on Boot Guard platforms ......................................................................
cpu/x86/16bit/entry16.inc: Stop PBET timer on Boot Guard platforms
PBET timer has to be stopped before APs are launched and initialized. Otherwise the platform will reset. The PBET expiration time may be very low so stop timer as quickly as possible. The expiration time is defined in Boot Guard manifests.
Signed-off-by: Michał Żygowski michal.zygowski@3mdeb.com Change-Id: I545a36d60597fe37a30b8207336ae7fa7831674d --- M src/cpu/x86/16bit/entry16.inc 1 file changed, 9 insertions(+), 0 deletions(-)
git pull ssh://review.coreboot.org:29418/coreboot refs/changes/95/43395/1
diff --git a/src/cpu/x86/16bit/entry16.inc b/src/cpu/x86/16bit/entry16.inc index babed02..c555c5c 100644 --- a/src/cpu/x86/16bit/entry16.inc +++ b/src/cpu/x86/16bit/entry16.inc @@ -29,6 +29,7 @@ #include <cpu/x86/post_code.h>
#define BOOTGUARD_SACM_INFO 0x13a +#define BOOTGUARD_PBEC 0x139
/* Symbol _start16bit must be aligned to 4kB to start AP CPUs with * Startup IPI message without RAM. @@ -118,6 +119,14 @@ andl $0x7FFAFFD1, %ebx /* PG,AM,WP,NE,TS,EM,MP = 0 */ orl $0x60000001, %ebx /* CD, NW, PE = 1 */ #if CONFIG(INTEL_BOOTGUARD) + /* + * Stop PBET timer. It is recommended to stop the PBET timer + * regardless of Boot Guard status. + */ + movl $BOOTGUARD_PBEC, %ecx + movl $0, %edx + movl $1, %eax + wrmsr
/* DO NOT disable cache if Intel BootGuard is supported */ movl $BOOTGUARD_SACM_INFO, %ecx