Patrick Rudolph has submitted this change. ( https://review.coreboot.org/c/coreboot/+/51796 )

Change subject: soc/intel/common: Add InSMM.STS support ......................................................................

soc/intel/common: Add InSMM.STS support

Tested on HP 280 G2, SMMSTORE v1 and v2 still work.

Other tests: - If one does not set BIOS_CONTROL bit WPD, SMMSTORE breaks. - If one does not write the magic MSR `or 1`, SMMSTORE breaks.

Change-Id: Ia90c0e3f8ccf895bfb6d46ffe26750393dab95fb Signed-off-by: Angel Pons th3fanbus@gmail.com Reviewed-on: https://review.coreboot.org/c/coreboot/+/51796 Tested-by: build bot (Jenkins) no-reply@coreboot.org Reviewed-by: Patrick Rudolph patrick.rudolph@9elements.com Reviewed-by: Patrick Rudolph siro@das-labor.org --- M src/include/cpu/intel/msr.h M src/soc/intel/common/block/smm/smihandler.c M src/soc/intel/common/pch/lockdown/lockdown.c 3 files changed, 28 insertions(+), 3 deletions(-)

Approvals: build bot (Jenkins): Verified Patrick Rudolph: Looks good to me, approved Patrick Rudolph: Looks good to me, but someone else must approve

diff --git a/src/include/cpu/intel/msr.h b/src/include/cpu/intel/msr.h index 097ddb6..6b2db88 100644 --- a/src/include/cpu/intel/msr.h +++ b/src/include/cpu/intel/msr.h @@ -26,6 +26,8 @@ #define AESNI_DISABLE (1 << 1) #define AESNI_LOCK (1 << 0)

+#define MSR_SPCL_CHIPSET_USAGE 0x1fe + #define MSR_PKG_C10_RESIDENCY 0x632

#endif /* CPU_INTEL_MSR_H */ diff --git a/src/soc/intel/common/block/smm/smihandler.c b/src/soc/intel/common/block/smm/smihandler.c index 5789b48..e1eadb6 100644 --- a/src/soc/intel/common/block/smm/smihandler.c +++ b/src/soc/intel/common/block/smm/smihandler.c @@ -2,12 +2,15 @@

#include <arch/hlt.h> #include <arch/io.h> +#include <arch/mmio.h> #include <device/pci_ops.h> #include <console/console.h> #include <cpu/x86/cache.h> +#include <cpu/x86/msr.h> #include <cpu/x86/smm.h> #include <cpu/intel/em64t100_save_state.h> #include <cpu/intel/em64t101_save_state.h> +#include <cpu/intel/msr.h> #include <delay.h> #include <device/pci_def.h> #include <elog.h> @@ -260,6 +263,20 @@ save_state_ops->set_reg(io_smi, RAX, ret); }

+static void set_insmm_sts(const bool enable_writes) +{ + msr_t msr = { + .lo = read32p(0xfed30880), + .hi = 0, + }; + if (enable_writes) + msr.lo |= 1; + else + msr.lo &= ~1; + + wrmsr(MSR_SPCL_CHIPSET_USAGE, msr); +} + static void southbridge_smi_store( const struct smm_save_state_ops *save_state_ops) { @@ -278,6 +295,7 @@

const bool wp_enabled = !fast_spi_wpd_status(); if (wp_enabled) { + set_insmm_sts(true); fast_spi_disable_wp(); /* Not clearing SPI sync SMI status here results in hangs */ fast_spi_clear_sync_smi_status(); @@ -287,8 +305,10 @@ ret = smmstore_exec(sub_command, (void *)(uintptr_t)reg_ebx); save_state_ops->set_reg(io_smi, RAX, ret);

- if (wp_enabled) + if (wp_enabled) { fast_spi_enable_wp(); + set_insmm_sts(false); + } }

static void finalize(void) @@ -305,8 +325,10 @@ /* Re-init SPI driver to handle locked BAR */ fast_spi_init();

- if (CONFIG(BOOTMEDIA_SMM_BWP)) + if (CONFIG(BOOTMEDIA_SMM_BWP)) { fast_spi_enable_wp(); + set_insmm_sts(false); + }

/* * HECI is disabled in smihandler_soc_at_finalize() which also locks down the side band @@ -403,6 +425,7 @@ */ printk(BIOS_DEBUG, "Switching SPI back to RO\n"); fast_spi_enable_wp(); + set_insmm_sts(false); }

/* Any TCO event? */ diff --git a/src/soc/intel/common/pch/lockdown/lockdown.c b/src/soc/intel/common/pch/lockdown/lockdown.c index 87f36fc..374e3e6 100644 --- a/src/soc/intel/common/pch/lockdown/lockdown.c +++ b/src/soc/intel/common/pch/lockdown/lockdown.c @@ -67,7 +67,7 @@

/* Only allow writes in SMM */ if (CONFIG(BOOTMEDIA_SMM_BWP)) { - //fast_spi_set_eiss(); /* TODO */ + fast_spi_set_eiss(); fast_spi_enable_wp(); }