Attention is currently required from: Felix Singer, Benjamin Doron, Subrata Banik. Nico Huber has posted comments on this change. ( https://review.coreboot.org/c/coreboot/+/50053 )

Change subject: mb/{asrock,intel,siemens}: Define `.chipset_lockdown` ......................................................................

Patch Set 6:

(1 comment)

File src/mainboard/siemens/chili/variants/chili/devicetree.cb:

https://review.coreboot.org/c/coreboot/+/50053/comment/058a2901_dd8934c4 PS6, Line 13: .chipset_lockdown = CHIPSET_LOCKDOWN_COREBOOT, IIRC, we didn't set it on purpose. The coreboot path seemed unfinished and I don't see that anything changed. There are functions like * rtc_conf_set_bios_interface_lockdown() * lpc_set_bios_interface_lock_down() but they are not called, AFAICS. The former probably shouldn't be called, but then why is `PchLockDownRtcMemoryLock = 1` when this is not set to coreboot?

IMHO, if we want to be responsible for the locking, we should carefully define, document and implement the wanted state first. Then switch main- boards.