[coreboot-gerrit] New patch to review for coreboot: sb/intel/bd82x6x: Add TCO_Lock in finalize step

Nico Huber (nico.h@gmx.de) gerrit at coreboot.org
Thu Nov 10 12:05:33 CET 2016 

Nico Huber (nico.h at gmx.de) just uploaded a new patch set to gerrit, which you can find at https://review.coreboot.org/17351

-gerrit

commit 97088aa7f9ce2a853f7f8fa656634e8616601941
Author: Dennis Wassenberg <dennis.wassenberg at secunet.com>
Date:   Thu Sep 10 12:03:45 2015 +0200

    sb/intel/bd82x6x: Add TCO_Lock in finalize step
    
    CHIPSEC found that the TCO_Lock was not set.
    This is used to prevent changing the TCO_EN bit.
    
    Change-Id: I42364dbef2511e656662566cf94591e76c6847ed
    Signed-off-by: Dennis Wassenberg <dennis.wassenberg at secunet.com>
---
 src/southbridge/intel/bd82x6x/finalize.c | 10 ++++++++++
 src/southbridge/intel/bd82x6x/pch.h      |  3 +++
 2 files changed, 13 insertions(+)

diff --git a/src/southbridge/intel/bd82x6x/finalize.c b/src/southbridge/intel/bd82x6x/finalize.c
index 90932e1..c9296fd 100644
--- a/src/southbridge/intel/bd82x6x/finalize.c
+++ b/src/southbridge/intel/bd82x6x/finalize.c
@@ -16,11 +16,15 @@
 
 #include <arch/io.h>
 #include <console/post_codes.h>
+#include <cpu/x86/smm.h>
 #include "pch.h"
 #include <spi-generic.h>
 
 void intel_pch_finalize_smm(void)
 {
+	u16 tco1_cnt;
+	u16 pmbase;
+
 	if (CONFIG_LOCK_SPI_ON_RESUME_RO || CONFIG_LOCK_SPI_ON_RESUME_NO_ACCESS) {
 		/* Copy flash regions from FREG0-4 to PR0-4
 		   and enable write protection bit31 */
@@ -66,6 +70,12 @@ void intel_pch_finalize_smm(void)
 	pci_write_config32(PCI_DEV(0, 27, 0), 0x74,
 		    pci_read_config32(PCI_DEV(0, 27, 0), 0x74));
 
+	/* TCO_Lock */
+	pmbase = smm_get_pmbase();
+	tco1_cnt = inw(pmbase + TCO1_CNT);
+	tco1_cnt |= TCO_LOCK;
+	outw(tco1_cnt, pmbase + TCO1_CNT);
+
 	/* Indicate finalize step with post code */
 	outb(POST_OS_BOOT, 0x80);
 }
diff --git a/src/southbridge/intel/bd82x6x/pch.h b/src/southbridge/intel/bd82x6x/pch.h
index 1977c8f..8b22fca 100644
--- a/src/southbridge/intel/bd82x6x/pch.h
+++ b/src/southbridge/intel/bd82x6x/pch.h
@@ -534,6 +534,9 @@ early_usb_init (const struct southbridge_usb_port *portmap);
 #define TCO1_STS	0x64
 #define   DMISCI_STS	(1 << 9)
 #define TCO2_STS	0x66
+#define TCO1_CNT	0x68
+#define   TCO_LOCK	(1 << 12)
+#define TCO2_CNT	0x6a
 
 /*
  * SPI Opcode Menu setup for SPIBAR lockdown

More information about the coreboot-gerrit mailing list