Change in coreboot[master]: soc/intel/tigerlake: Lock PAM registers in finalize - coreboot-gerrit

25 Aug 2021

Attention is currently required from: Patrick Rudolph.
Tim Wawrzynczak has uploaded this change for review. ( https://review.coreboot.org/c/coreboot/+/57147 )
Change subject: soc/intel/tigerlake: Lock PAM registers in finalize
......................................................................
soc/intel/tigerlake: Lock PAM registers in finalize
Use the support from the previous patch to have coreboot lock the PAM
registers instead of the FSP when the lockdown configuration is set to
coreboot.
Change-Id: Ice4c727f2b75893cd012345a556fd21d9807dfaa
Signed-off-by: Tim Wawrzynczak twawrzynczak@chromium.org
---
M src/soc/intel/tigerlake/finalize.c
M src/soc/intel/tigerlake/fsp_params.c
2 files changed, 10 insertions(+), 0 deletions(-)
git pull ssh://review.coreboot.org:29418/coreboot refs/changes/47/57147/1

diff --git a/src/soc/intel/tigerlake/finalize.c b/src/soc/intel/tigerlake/finalize.c
index a28dccd..6ed60e7 100644
--- a/src/soc/intel/tigerlake/finalize.c
+++ b/src/soc/intel/tigerlake/finalize.c
@@ -15,8 +15,10 @@
 #include <intelblocks/lpc_lib.h>
 #include <intelblocks/pcr.h>
 #include <intelblocks/pmclib.h>
+#include <intelblocks/systemagent.h>
 #include <intelblocks/tco.h>
 #include <intelblocks/thermal.h>
+#include <intelpch/lockdown.h>
 #include <soc/p2sb.h>
 #include <soc/pci_devs.h>
 #include <soc/pcr_ids.h>
@@ -66,6 +68,12 @@
    }
 }
+static void sa_finalize(void)
+{
+	if (get_lockdown_config() == CHIPSET_LOCKDOWN_COREBOOT)
+		sa_lock_pam();
+}
+
 static void soc_finalize(void *unused)
 {
    printk(BIOS_DEBUG, "Finalizing chipset.\n");
@@ -73,6 +81,7 @@
    pch_finalize();
    apm_control(APM_CNT_FINALIZE);
    tbt_finalize();
+	sa_finalize();
/* Indicate finalize step with post code */
    post_code(POST_OS_BOOT);
diff --git a/src/soc/intel/tigerlake/fsp_params.c b/src/soc/intel/tigerlake/fsp_params.c
index 1d7db64..15ba280 100644
--- a/src/soc/intel/tigerlake/fsp_params.c
+++ b/src/soc/intel/tigerlake/fsp_params.c
@@ -398,6 +398,7 @@
    params->PchLockDownBiosInterface = lockdown_by_fsp;
    params->PchUnlockGpioPads = !lockdown_by_fsp;
    params->RtcMemoryLock = lockdown_by_fsp;
+	params->SkipPamLock = !lockdown_by_fsp;
/* coreboot will send EOP before loading payload */
    params->EndOfPostMessage = EOP_DISABLE;
-- 
To view, visit https://review.coreboot.org/c/coreboot/+/57147
To unsubscribe, or for help writing mail filters, visit https://review.coreboot.org/settings

Gerrit-Project: coreboot
Gerrit-Branch: master
Gerrit-Change-Id: Ice4c727f2b75893cd012345a556fd21d9807dfaa
Gerrit-Change-Number: 57147
Gerrit-PatchSet: 1
Gerrit-Owner: Tim Wawrzynczak twawrzynczak@chromium.org
Gerrit-Reviewer: Patrick Rudolph siro@das-labor.org
Gerrit-Attention: Patrick Rudolph siro@das-labor.org
Gerrit-MessageType: newchange



    