From mboxrd@z Thu Jan  1 00:00:00 1970
Return-Path: <zailiang.sun@intel.com>
Received-SPF: Pass (sender SPF authorized) identity=mailfrom;
 client-ip=192.55.52.115; helo=mga14.intel.com;
 envelope-from=zailiang.sun@intel.com; receiver=edk2-devel@lists.01.org 
Received: from mga14.intel.com (mga14.intel.com [192.55.52.115])
 (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits))
 (No client certificate requested)
 by ml01.01.org (Postfix) with ESMTPS id 9A1F9211DBDE0
 for <edk2-devel@lists.01.org>; Tue, 19 Mar 2019 01:55:46 -0700 (PDT)
X-Amp-Result: SKIPPED(no attachment in message)
X-Amp-File-Uploaded: False
Received: from fmsmga005.fm.intel.com ([10.253.24.32])
 by fmsmga103.fm.intel.com with ESMTP/TLS/DHE-RSA-AES256-GCM-SHA384;
 19 Mar 2019 01:55:45 -0700
X-ExtLoop1: 1
X-IronPort-AV: E=Sophos;i="5.58,497,1544515200"; d="scan'208";a="329914195"
Received: from shwdeopenpsi508.ccr.corp.intel.com ([10.239.158.50])
 by fmsmga005.fm.intel.com with ESMTP; 19 Mar 2019 01:55:43 -0700
From: Zailiang Sun <zailiang.sun@intel.com>
To: edk2-devel@lists.01.org
Cc: David Wei <david.wei@intel.com>,
	Yi Qian <yi.qian@intel.com>
Date: Tue, 19 Mar 2019 16:55:30 +0800
Message-Id: <20190319085530.30360-1-zailiang.sun@intel.com>
X-Mailer: git-send-email 2.19.1.windows.1
MIME-Version: 1.0
Subject: [PATCH] Vlv2TbltDevicePkg: Resolved chipsec complains
X-BeenThere: edk2-devel@lists.01.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: EDK II Development  <edk2-devel.lists.01.org>
List-Unsubscribe: <https://lists.01.org/mailman/options/edk2-devel>,
 <mailto:edk2-devel-request@lists.01.org?subject=unsubscribe>
List-Archive: <http://lists.01.org/pipermail/edk2-devel/>
List-Post: <mailto:edk2-devel@lists.01.org>
List-Help: <mailto:edk2-devel-request@lists.01.org?subject=help>
List-Subscribe: <https://lists.01.org/mailman/listinfo/edk2-devel>,
 <mailto:edk2-devel-request@lists.01.org?subject=subscribe>
X-List-Received-Date: Tue, 19 Mar 2019 08:55:46 -0000
Content-Transfer-Encoding: 8bit

https://bugzilla.tianocore.org/show_bug.cgi?id=1335

Set bit in SPI individual lock register to lock down BMWAG, BMRAG, PR0,
PR1, PR2, PR3, SCF, PREOP, OPTYPE and OPMENU.

Contributed-under: TianoCore Contribution Agreement 1.1
Signed-off-by: Zailiang Sun <zailiang.sun@intel.com>
Cc: David Wei <david.wei@intel.com>
Cc: Yi Qian <yi.qian@intel.com>
---
 .../SouthCluster/Include/PchRegs/PchRegsSpi.h |  9 ++++++
 Vlv2TbltDevicePkg/PlatformDxe/Platform.c      | 31 +++++++++++++++++++
 2 files changed, 40 insertions(+)

diff --git a/Vlv2DeviceRefCodePkg/ValleyView2Soc/SouthCluster/Include/PchRegs/PchRegsSpi.h b/Vlv2DeviceRefCodePkg/ValleyView2Soc/SouthCluster/Include/PchRegs/PchRegsSpi.h
index 7062a09b1b..4696ecc486 100644
--- a/Vlv2DeviceRefCodePkg/ValleyView2Soc/SouthCluster/Include/PchRegs/PchRegsSpi.h
+++ b/Vlv2DeviceRefCodePkg/ValleyView2Soc/SouthCluster/Include/PchRegs/PchRegsSpi.h
@@ -90,7 +90,16 @@ Copyright (c) 2011  - 2015, Intel Corporation. All rights reserved
 #define R_PCH_SPI_OPMENU1                    0x9C  // Opcode Menu Configuration 1 (32bits)
 
 #define R_PCH_SPI_IND_LOCK                   0xA4  // Indvidual Lock
+#define B_PCH_SPI_IND_LOCK_BMWAG             BIT0  // BMWAG LockDown
+#define B_PCH_SPI_IND_LOCK_BMRAG             BIT1  // BMRAG LockDown
 #define B_PCH_SPI_IND_LOCK_PR0               BIT2  // PR0 LockDown
+#define B_PCH_SPI_IND_LOCK_PR1               BIT3  // PR1 LockDown
+#define B_PCH_SPI_IND_LOCK_PR2               BIT4  // PR2 LockDown
+#define B_PCH_SPI_IND_LOCK_PR3               BIT5  // PR3 LockDown
+#define B_PCH_SPI_IND_LOCK_SCF               BIT6  // SCF LockDown
+#define B_PCH_SPI_IND_LOCK_PREOP             BIT7  // PREP LockDown
+#define B_PCH_SPI_IND_LOCK_OPTYPE            BIT8  // OPTYPE LockDown
+#define B_PCH_SPI_IND_LOCK_OPMENU            BIT9  // OPMENU LockDown
 
 
 #define R_PCH_SPI_FDOC                       0xB0  // Flash Descriptor Observability Control Register (32 bits)
diff --git a/Vlv2TbltDevicePkg/PlatformDxe/Platform.c b/Vlv2TbltDevicePkg/PlatformDxe/Platform.c
index 02538fd6f0..ec1a1141e6 100644
--- a/Vlv2TbltDevicePkg/PlatformDxe/Platform.c
+++ b/Vlv2TbltDevicePkg/PlatformDxe/Platform.c
@@ -541,6 +541,37 @@ SpiBiosProtectionFunction(
   DEBUG((EFI_D_INFO, "R_PCH_SPI_PR1 \n"));
   DEBUG((EFI_D_INFO, "MmioRead32 (0x%x, 0x%x) = 0x%x \n", (UINTN) SpiBase, (UINT8) R_PCH_SPI_PR1, (UINT32) Data32));
 
+  //
+  // Check and set individual lock
+  //
+  MmioOr16 ((UINTN) (SpiBase + R_PCH_SPI_IND_LOCK),
+    B_PCH_SPI_IND_LOCK_BMWAG |
+    B_PCH_SPI_IND_LOCK_BMRAG |
+    B_PCH_SPI_IND_LOCK_PR0 |
+    B_PCH_SPI_IND_LOCK_PR1 |
+    B_PCH_SPI_IND_LOCK_PR2 |
+    B_PCH_SPI_IND_LOCK_PR3 |
+    B_PCH_SPI_IND_LOCK_SCF |
+    B_PCH_SPI_IND_LOCK_PREOP |
+    B_PCH_SPI_IND_LOCK_OPTYPE |
+    B_PCH_SPI_IND_LOCK_OPMENU);
+  Data16 = MmioRead16 (SpiBase + R_PCH_SPI_IND_LOCK); 
+  S3BootScriptSaveMemWrite (
+    S3BootScriptWidthUint16,
+    (UINTN)(SpiBase + R_PCH_SPI_IND_LOCK),
+    1,
+    &Data16
+  );
+  DEBUG((EFI_D_INFO, "R_PCH_SPI_IND_LOCK \n"));
+  DEBUG((EFI_D_INFO, "MmioRead16 (0x%x, 0x%x) = 0x%x \n", (UINTN) SpiBase, (UINT8) R_PCH_SPI_IND_LOCK, (UINT16) Data16));
+
+  //
+  // Verify if it's really locked.
+  //
+  if ((MmioRead16 (SpiBase + R_PCH_SPI_IND_LOCK) & B_PCH_SPI_IND_LOCK_PR0) == 0) {
+    DEBUG((EFI_D_ERROR, "Failed to lock down individual lock.\n"));
+  }
+  
   //
   //Lock down PRx
   //
-- 
2.19.1.windows.1