* [PATCH] Vlv2TbltDevicePkg: Resolved chipsec complains
@ 2019-03-19 8:55 Zailiang Sun
2019-03-19 9:01 ` Qian, Yi
0 siblings, 1 reply; 2+ messages in thread
From: Zailiang Sun @ 2019-03-19 8:55 UTC (permalink / raw)
To: edk2-devel; +Cc: David Wei, Yi Qian
https://bugzilla.tianocore.org/show_bug.cgi?id=1335
Set bit in SPI individual lock register to lock down BMWAG, BMRAG, PR0,
PR1, PR2, PR3, SCF, PREOP, OPTYPE and OPMENU.
Contributed-under: TianoCore Contribution Agreement 1.1
Signed-off-by: Zailiang Sun <zailiang.sun@intel.com>
Cc: David Wei <david.wei@intel.com>
Cc: Yi Qian <yi.qian@intel.com>
---
.../SouthCluster/Include/PchRegs/PchRegsSpi.h | 9 ++++++
Vlv2TbltDevicePkg/PlatformDxe/Platform.c | 31 +++++++++++++++++++
2 files changed, 40 insertions(+)
diff --git a/Vlv2DeviceRefCodePkg/ValleyView2Soc/SouthCluster/Include/PchRegs/PchRegsSpi.h b/Vlv2DeviceRefCodePkg/ValleyView2Soc/SouthCluster/Include/PchRegs/PchRegsSpi.h
index 7062a09b1b..4696ecc486 100644
--- a/Vlv2DeviceRefCodePkg/ValleyView2Soc/SouthCluster/Include/PchRegs/PchRegsSpi.h
+++ b/Vlv2DeviceRefCodePkg/ValleyView2Soc/SouthCluster/Include/PchRegs/PchRegsSpi.h
@@ -90,7 +90,16 @@ Copyright (c) 2011 - 2015, Intel Corporation. All rights reserved
#define R_PCH_SPI_OPMENU1 0x9C // Opcode Menu Configuration 1 (32bits)
#define R_PCH_SPI_IND_LOCK 0xA4 // Indvidual Lock
+#define B_PCH_SPI_IND_LOCK_BMWAG BIT0 // BMWAG LockDown
+#define B_PCH_SPI_IND_LOCK_BMRAG BIT1 // BMRAG LockDown
#define B_PCH_SPI_IND_LOCK_PR0 BIT2 // PR0 LockDown
+#define B_PCH_SPI_IND_LOCK_PR1 BIT3 // PR1 LockDown
+#define B_PCH_SPI_IND_LOCK_PR2 BIT4 // PR2 LockDown
+#define B_PCH_SPI_IND_LOCK_PR3 BIT5 // PR3 LockDown
+#define B_PCH_SPI_IND_LOCK_SCF BIT6 // SCF LockDown
+#define B_PCH_SPI_IND_LOCK_PREOP BIT7 // PREP LockDown
+#define B_PCH_SPI_IND_LOCK_OPTYPE BIT8 // OPTYPE LockDown
+#define B_PCH_SPI_IND_LOCK_OPMENU BIT9 // OPMENU LockDown
#define R_PCH_SPI_FDOC 0xB0 // Flash Descriptor Observability Control Register (32 bits)
diff --git a/Vlv2TbltDevicePkg/PlatformDxe/Platform.c b/Vlv2TbltDevicePkg/PlatformDxe/Platform.c
index 02538fd6f0..ec1a1141e6 100644
--- a/Vlv2TbltDevicePkg/PlatformDxe/Platform.c
+++ b/Vlv2TbltDevicePkg/PlatformDxe/Platform.c
@@ -541,6 +541,37 @@ SpiBiosProtectionFunction(
DEBUG((EFI_D_INFO, "R_PCH_SPI_PR1 \n"));
DEBUG((EFI_D_INFO, "MmioRead32 (0x%x, 0x%x) = 0x%x \n", (UINTN) SpiBase, (UINT8) R_PCH_SPI_PR1, (UINT32) Data32));
+ //
+ // Check and set individual lock
+ //
+ MmioOr16 ((UINTN) (SpiBase + R_PCH_SPI_IND_LOCK),
+ B_PCH_SPI_IND_LOCK_BMWAG |
+ B_PCH_SPI_IND_LOCK_BMRAG |
+ B_PCH_SPI_IND_LOCK_PR0 |
+ B_PCH_SPI_IND_LOCK_PR1 |
+ B_PCH_SPI_IND_LOCK_PR2 |
+ B_PCH_SPI_IND_LOCK_PR3 |
+ B_PCH_SPI_IND_LOCK_SCF |
+ B_PCH_SPI_IND_LOCK_PREOP |
+ B_PCH_SPI_IND_LOCK_OPTYPE |
+ B_PCH_SPI_IND_LOCK_OPMENU);
+ Data16 = MmioRead16 (SpiBase + R_PCH_SPI_IND_LOCK);
+ S3BootScriptSaveMemWrite (
+ S3BootScriptWidthUint16,
+ (UINTN)(SpiBase + R_PCH_SPI_IND_LOCK),
+ 1,
+ &Data16
+ );
+ DEBUG((EFI_D_INFO, "R_PCH_SPI_IND_LOCK \n"));
+ DEBUG((EFI_D_INFO, "MmioRead16 (0x%x, 0x%x) = 0x%x \n", (UINTN) SpiBase, (UINT8) R_PCH_SPI_IND_LOCK, (UINT16) Data16));
+
+ //
+ // Verify if it's really locked.
+ //
+ if ((MmioRead16 (SpiBase + R_PCH_SPI_IND_LOCK) & B_PCH_SPI_IND_LOCK_PR0) == 0) {
+ DEBUG((EFI_D_ERROR, "Failed to lock down individual lock.\n"));
+ }
+
//
//Lock down PRx
//
--
2.19.1.windows.1
^ permalink raw reply related [flat|nested] 2+ messages in thread
* Re: [PATCH] Vlv2TbltDevicePkg: Resolved chipsec complains
2019-03-19 8:55 [PATCH] Vlv2TbltDevicePkg: Resolved chipsec complains Zailiang Sun
@ 2019-03-19 9:01 ` Qian, Yi
0 siblings, 0 replies; 2+ messages in thread
From: Qian, Yi @ 2019-03-19 9:01 UTC (permalink / raw)
To: Sun, Zailiang, edk2-devel@lists.01.org; +Cc: Wei, David
Reviewed by Qian, Yi <yi.qian@intel.com>
Thanks
Qian Yi
> -----Original Message-----
> From: Sun, Zailiang
> Sent: Tuesday, March 19, 2019 4:56 PM
> To: edk2-devel@lists.01.org
> Cc: Wei, David <david.wei@intel.com>; Qian, Yi <yi.qian@intel.com>
> Subject: [PATCH] Vlv2TbltDevicePkg: Resolved chipsec complains
>
> https://bugzilla.tianocore.org/show_bug.cgi?id=1335
>
> Set bit in SPI individual lock register to lock down BMWAG, BMRAG, PR0, PR1,
> PR2, PR3, SCF, PREOP, OPTYPE and OPMENU.
>
> Contributed-under: TianoCore Contribution Agreement 1.1
> Signed-off-by: Zailiang Sun <zailiang.sun@intel.com>
> Cc: David Wei <david.wei@intel.com>
> Cc: Yi Qian <yi.qian@intel.com>
> ---
> .../SouthCluster/Include/PchRegs/PchRegsSpi.h | 9 ++++++
> Vlv2TbltDevicePkg/PlatformDxe/Platform.c | 31 +++++++++++++++++++
> 2 files changed, 40 insertions(+)
>
> diff --git
> a/Vlv2DeviceRefCodePkg/ValleyView2Soc/SouthCluster/Include/PchRegs/Pc
> hRegsSpi.h
> b/Vlv2DeviceRefCodePkg/ValleyView2Soc/SouthCluster/Include/PchRegs/P
> chRegsSpi.h
> index 7062a09b1b..4696ecc486 100644
> ---
> a/Vlv2DeviceRefCodePkg/ValleyView2Soc/SouthCluster/Include/PchRegs/Pc
> hRegsSpi.h
> +++
> b/Vlv2DeviceRefCodePkg/ValleyView2Soc/SouthCluster/Include/PchRegs/P
> +++ chRegsSpi.h
> @@ -90,7 +90,16 @@ Copyright (c) 2011 - 2015, Intel Corporation. All rights
> reserved
> #define R_PCH_SPI_OPMENU1 0x9C // Opcode Menu
> Configuration 1 (32bits)
>
> #define R_PCH_SPI_IND_LOCK 0xA4 // Indvidual Lock
> +#define B_PCH_SPI_IND_LOCK_BMWAG BIT0 // BMWAG LockDown
> +#define B_PCH_SPI_IND_LOCK_BMRAG BIT1 // BMRAG LockDown
> #define B_PCH_SPI_IND_LOCK_PR0 BIT2 // PR0 LockDown
> +#define B_PCH_SPI_IND_LOCK_PR1 BIT3 // PR1 LockDown
> +#define B_PCH_SPI_IND_LOCK_PR2 BIT4 // PR2 LockDown
> +#define B_PCH_SPI_IND_LOCK_PR3 BIT5 // PR3 LockDown
> +#define B_PCH_SPI_IND_LOCK_SCF BIT6 // SCF LockDown
> +#define B_PCH_SPI_IND_LOCK_PREOP BIT7 // PREP LockDown
> +#define B_PCH_SPI_IND_LOCK_OPTYPE BIT8 // OPTYPE LockDown
> +#define B_PCH_SPI_IND_LOCK_OPMENU BIT9 // OPMENU
> LockDown
>
>
> #define R_PCH_SPI_FDOC 0xB0 // Flash Descriptor Observability
> Control Register (32 bits)
> diff --git a/Vlv2TbltDevicePkg/PlatformDxe/Platform.c
> b/Vlv2TbltDevicePkg/PlatformDxe/Platform.c
> index 02538fd6f0..ec1a1141e6 100644
> --- a/Vlv2TbltDevicePkg/PlatformDxe/Platform.c
> +++ b/Vlv2TbltDevicePkg/PlatformDxe/Platform.c
> @@ -541,6 +541,37 @@ SpiBiosProtectionFunction(
> DEBUG((EFI_D_INFO, "R_PCH_SPI_PR1 \n"));
> DEBUG((EFI_D_INFO, "MmioRead32 (0x%x, 0x%x) = 0x%x \n", (UINTN)
> SpiBase, (UINT8) R_PCH_SPI_PR1, (UINT32) Data32));
>
> + //
> + // Check and set individual lock
> + //
> + MmioOr16 ((UINTN) (SpiBase + R_PCH_SPI_IND_LOCK),
> + B_PCH_SPI_IND_LOCK_BMWAG |
> + B_PCH_SPI_IND_LOCK_BMRAG |
> + B_PCH_SPI_IND_LOCK_PR0 |
> + B_PCH_SPI_IND_LOCK_PR1 |
> + B_PCH_SPI_IND_LOCK_PR2 |
> + B_PCH_SPI_IND_LOCK_PR3 |
> + B_PCH_SPI_IND_LOCK_SCF |
> + B_PCH_SPI_IND_LOCK_PREOP |
> + B_PCH_SPI_IND_LOCK_OPTYPE |
> + B_PCH_SPI_IND_LOCK_OPMENU);
> + Data16 = MmioRead16 (SpiBase + R_PCH_SPI_IND_LOCK);
> + S3BootScriptSaveMemWrite (
> + S3BootScriptWidthUint16,
> + (UINTN)(SpiBase + R_PCH_SPI_IND_LOCK),
> + 1,
> + &Data16
> + );
> + DEBUG((EFI_D_INFO, "R_PCH_SPI_IND_LOCK \n")); DEBUG((EFI_D_INFO,
> + "MmioRead16 (0x%x, 0x%x) = 0x%x \n", (UINTN) SpiBase, (UINT8)
> + R_PCH_SPI_IND_LOCK, (UINT16) Data16));
> +
> + //
> + // Verify if it's really locked.
> + //
> + if ((MmioRead16 (SpiBase + R_PCH_SPI_IND_LOCK) &
> B_PCH_SPI_IND_LOCK_PR0) == 0) {
> + DEBUG((EFI_D_ERROR, "Failed to lock down individual lock.\n")); }
> +
> //
> //Lock down PRx
> //
> --
> 2.19.1.windows.1
^ permalink raw reply [flat|nested] 2+ messages in thread
end of thread, other threads:[~2019-03-19 9:01 UTC | newest]
Thread overview: 2+ messages (download: mbox.gz follow: Atom feed
-- links below jump to the message on this page --
2019-03-19 8:55 [PATCH] Vlv2TbltDevicePkg: Resolved chipsec complains Zailiang Sun
2019-03-19 9:01 ` Qian, Yi
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox