[coreboot] [PATCH] nb/intel/nehalem/raminit.c: Add timeouts when waiting for heci.
Andrey Petrov
andrey.petrov at intel.com
Mon Mar 27 23:33:23 CEST 2017
Hi,
On 03/27/2017 01:05 PM, Denis 'GNUtoo' Carikli wrote:
> Since until now, the code running on the management engine is:
> - Signed by its manufacturer
> - Proprietary software, without corresponding source code
> It can desirable to run the least ammount possible of such
> code, which is what me_cleaner[1] enables.
>
> It does it by removing partitions of the management engine
> firmwares, however when doing so, the HECI interface might
> not be present anymore.
>
> So it is desirable not to have the RAM initialisation code
> wait forever for the HECI interface to appear.
I do not know how ME cleaner operates but I believe security engine may
be going into "recovery mode". This means it may never indicate
readyness status. However the fact it is in recovery mode can be figured
out programmatically as one of FWSTS registers. So you can try checking
if security engine is in recovery and just skip waiting altogether. Try
looking at "Current state" bits or "OP mode" bits. I suspect either of
them will change after ME cleaner. FWSTS sits in ME PCI device config
space and should be easily accessible. Typically FWSTS registers they
sit in offset 0x40,0x48,0x60 and so on. Please try to compare them
before and after ME cleaner.
Best,
Andrey
More information about the coreboot
mailing list