[coreboot-gerrit] New patch to review for coreboot: soc/intel/apollolake: Drop CPU privilege mode later on
Andrey Petrov (andrey.petrov@intel.com)
gerrit at coreboot.org
Wed Dec 7 20:19:35 CET 2016
Andrey Petrov (andrey.petrov at intel.com) just uploaded a new patch set to gerrit, which you can find at https://review.coreboot.org/17769
-gerrit
commit bd1f0c7dc6ce3acb3e98da7d65453f4a350db463
Author: Andrey Petrov <andrey.petrov at intel.com>
Date: Wed Dec 7 10:47:46 2016 -0800
soc/intel/apollolake: Drop CPU privilege mode later on
Drop CPU privilege mode later, after all the FSP stages are
complete.
BRANCH=reef
BUG=chrome-os-partner:60657
TEST=iotools rdmsr X 0x121, make sure they can't be read
Change-Id: Ia3a774aee5fbf92805a5c69093bfbd3d7682c3a7
Signed-off-by: Andrey Petrov <andrey.petrov at intel.com>
---
src/soc/intel/apollolake/cpu.c | 17 +++++++++++++++++
1 file changed, 17 insertions(+)
diff --git a/src/soc/intel/apollolake/cpu.c b/src/soc/intel/apollolake/cpu.c
index 8b8f963..d46bcbe 100644
--- a/src/soc/intel/apollolake/cpu.c
+++ b/src/soc/intel/apollolake/cpu.c
@@ -211,3 +211,20 @@ void apollolake_init_cpus(device_t dev)
mtrr_use_temp_range(-CONFIG_ROM_SIZE, CONFIG_ROM_SIZE,
MTRR_TYPE_WRPROT);
}
+
+void soc_coreboot_exit(void)
+{
+ /* Drop privilege level on BSP first */
+ enable_untrusted_mode();
+ /* .. then all APs */
+ if (mp_run_on_aps(&enable_untrusted_mode, 1000) < 0)
+ printk(BIOS_ERR, "failed to enable untrusted mode\n");
+
+ /* Since we use PARALLEL_MP_AP_WORK, park APs */
+ mp_park_aps();
+}
+
+void arch_bootstate_coreboot_exit(void)
+{
+ soc_coreboot_exit();
+}
More information about the coreboot-gerrit
mailing list