From mboxrd@z Thu Jan  1 00:00:00 1970
Return-Path: <yi.qian@intel.com>
Received-SPF: Pass (sender SPF authorized) identity=mailfrom;
 client-ip=134.134.136.65; helo=mga03.intel.com;
 envelope-from=yi.qian@intel.com; receiver=edk2-devel@lists.01.org 
Received: from mga03.intel.com (mga03.intel.com [134.134.136.65])
 (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits))
 (No client certificate requested)
 by ml01.01.org (Postfix) with ESMTPS id A3B60211DCD85
 for <edk2-devel@lists.01.org>; Tue, 19 Mar 2019 02:01:11 -0700 (PDT)
X-Amp-Result: SKIPPED(no attachment in message)
X-Amp-File-Uploaded: False
Received: from orsmga002.jf.intel.com ([10.7.209.21])
 by orsmga103.jf.intel.com with ESMTP/TLS/DHE-RSA-AES256-GCM-SHA384;
 19 Mar 2019 02:01:08 -0700
X-ExtLoop1: 1
X-IronPort-AV: E=Sophos;i="5.58,497,1544515200"; d="scan'208";a="143231172"
Received: from fmsmsx106.amr.corp.intel.com ([10.18.124.204])
 by orsmga002.jf.intel.com with ESMTP; 19 Mar 2019 02:01:08 -0700
Received: from FMSMSX109.amr.corp.intel.com (10.18.116.9) by
 FMSMSX106.amr.corp.intel.com (10.18.124.204) with Microsoft SMTP Server (TLS)
 id 14.3.408.0; Tue, 19 Mar 2019 02:01:08 -0700
Received: from shsmsx107.ccr.corp.intel.com (10.239.4.96) by
 fmsmsx109.amr.corp.intel.com (10.18.116.9) with Microsoft SMTP Server (TLS)
 id 14.3.408.0; Tue, 19 Mar 2019 02:01:07 -0700
Received: from shsmsx102.ccr.corp.intel.com ([169.254.2.163]) by
 SHSMSX107.ccr.corp.intel.com ([169.254.9.252]) with mapi id 14.03.0415.000;
 Tue, 19 Mar 2019 17:01:05 +0800
From: "Qian, Yi" <yi.qian@intel.com>
To: "Sun, Zailiang" <zailiang.sun@intel.com>, "edk2-devel@lists.01.org"
 <edk2-devel@lists.01.org>
CC: "Wei, David" <david.wei@intel.com>
Thread-Topic: [PATCH] Vlv2TbltDevicePkg: Resolved chipsec complains
Thread-Index: AQHU3jGRDEz1FIdMQUaQmtrYGioOv6YSqCcA
Date: Tue, 19 Mar 2019 09:01:05 +0000
Message-ID: <A6DBF04CB9C4D045926EB50EBFFE5A295089E23B@shsmsx102.ccr.corp.intel.com>
References: <20190319085530.30360-1-zailiang.sun@intel.com>
In-Reply-To: <20190319085530.30360-1-zailiang.sun@intel.com>
Accept-Language: en-US
X-MS-Has-Attach: 
X-MS-TNEF-Correlator: 
x-originating-ip: [10.239.127.40]
MIME-Version: 1.0
Subject: Re: [PATCH] Vlv2TbltDevicePkg: Resolved chipsec complains
X-BeenThere: edk2-devel@lists.01.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: EDK II Development  <edk2-devel.lists.01.org>
List-Unsubscribe: <https://lists.01.org/mailman/options/edk2-devel>,
 <mailto:edk2-devel-request@lists.01.org?subject=unsubscribe>
List-Archive: <http://lists.01.org/pipermail/edk2-devel/>
List-Post: <mailto:edk2-devel@lists.01.org>
List-Help: <mailto:edk2-devel-request@lists.01.org?subject=help>
List-Subscribe: <https://lists.01.org/mailman/listinfo/edk2-devel>,
 <mailto:edk2-devel-request@lists.01.org?subject=subscribe>
X-List-Received-Date: Tue, 19 Mar 2019 09:01:12 -0000
Content-Language: en-US
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: quoted-printable

Reviewed by Qian, Yi <yi.qian@intel.com>

Thanks
Qian Yi

> -----Original Message-----
> From: Sun, Zailiang
> Sent: Tuesday, March 19, 2019 4:56 PM
> To: edk2-devel@lists.01.org
> Cc: Wei, David <david.wei@intel.com>; Qian, Yi <yi.qian@intel.com>
> Subject: [PATCH] Vlv2TbltDevicePkg: Resolved chipsec complains
>=20
> https://bugzilla.tianocore.org/show_bug.cgi?id=3D1335
>=20
> Set bit in SPI individual lock register to lock down BMWAG, BMRAG, PR0, P=
R1,
> PR2, PR3, SCF, PREOP, OPTYPE and OPMENU.
>=20
> Contributed-under: TianoCore Contribution Agreement 1.1
> Signed-off-by: Zailiang Sun <zailiang.sun@intel.com>
> Cc: David Wei <david.wei@intel.com>
> Cc: Yi Qian <yi.qian@intel.com>
> ---
>  .../SouthCluster/Include/PchRegs/PchRegsSpi.h |  9 ++++++
>  Vlv2TbltDevicePkg/PlatformDxe/Platform.c      | 31 +++++++++++++++++++
>  2 files changed, 40 insertions(+)
>=20
> diff --git
> a/Vlv2DeviceRefCodePkg/ValleyView2Soc/SouthCluster/Include/PchRegs/Pc
> hRegsSpi.h
> b/Vlv2DeviceRefCodePkg/ValleyView2Soc/SouthCluster/Include/PchRegs/P
> chRegsSpi.h
> index 7062a09b1b..4696ecc486 100644
> ---
> a/Vlv2DeviceRefCodePkg/ValleyView2Soc/SouthCluster/Include/PchRegs/Pc
> hRegsSpi.h
> +++
> b/Vlv2DeviceRefCodePkg/ValleyView2Soc/SouthCluster/Include/PchRegs/P
> +++ chRegsSpi.h
> @@ -90,7 +90,16 @@ Copyright (c) 2011  - 2015, Intel Corporation. All rig=
hts
> reserved
>  #define R_PCH_SPI_OPMENU1                    0x9C  // Opcode Menu
> Configuration 1 (32bits)
>=20
>  #define R_PCH_SPI_IND_LOCK                   0xA4  // Indvidual Lock
> +#define B_PCH_SPI_IND_LOCK_BMWAG             BIT0  // BMWAG LockDown
> +#define B_PCH_SPI_IND_LOCK_BMRAG             BIT1  // BMRAG LockDown
>  #define B_PCH_SPI_IND_LOCK_PR0               BIT2  // PR0 LockDown
> +#define B_PCH_SPI_IND_LOCK_PR1               BIT3  // PR1 LockDown
> +#define B_PCH_SPI_IND_LOCK_PR2               BIT4  // PR2 LockDown
> +#define B_PCH_SPI_IND_LOCK_PR3               BIT5  // PR3 LockDown
> +#define B_PCH_SPI_IND_LOCK_SCF               BIT6  // SCF LockDown
> +#define B_PCH_SPI_IND_LOCK_PREOP             BIT7  // PREP LockDown
> +#define B_PCH_SPI_IND_LOCK_OPTYPE            BIT8  // OPTYPE LockDown
> +#define B_PCH_SPI_IND_LOCK_OPMENU            BIT9  // OPMENU
> LockDown
>=20
>=20
>  #define R_PCH_SPI_FDOC                       0xB0  // Flash Descriptor O=
bservability
> Control Register (32 bits)
> diff --git a/Vlv2TbltDevicePkg/PlatformDxe/Platform.c
> b/Vlv2TbltDevicePkg/PlatformDxe/Platform.c
> index 02538fd6f0..ec1a1141e6 100644
> --- a/Vlv2TbltDevicePkg/PlatformDxe/Platform.c
> +++ b/Vlv2TbltDevicePkg/PlatformDxe/Platform.c
> @@ -541,6 +541,37 @@ SpiBiosProtectionFunction(
>    DEBUG((EFI_D_INFO, "R_PCH_SPI_PR1 \n"));
>    DEBUG((EFI_D_INFO, "MmioRead32 (0x%x, 0x%x) =3D 0x%x \n", (UINTN)
> SpiBase, (UINT8) R_PCH_SPI_PR1, (UINT32) Data32));
>=20
> +  //
> +  // Check and set individual lock
> +  //
> +  MmioOr16 ((UINTN) (SpiBase + R_PCH_SPI_IND_LOCK),
> +    B_PCH_SPI_IND_LOCK_BMWAG |
> +    B_PCH_SPI_IND_LOCK_BMRAG |
> +    B_PCH_SPI_IND_LOCK_PR0 |
> +    B_PCH_SPI_IND_LOCK_PR1 |
> +    B_PCH_SPI_IND_LOCK_PR2 |
> +    B_PCH_SPI_IND_LOCK_PR3 |
> +    B_PCH_SPI_IND_LOCK_SCF |
> +    B_PCH_SPI_IND_LOCK_PREOP |
> +    B_PCH_SPI_IND_LOCK_OPTYPE |
> +    B_PCH_SPI_IND_LOCK_OPMENU);
> +  Data16 =3D MmioRead16 (SpiBase + R_PCH_SPI_IND_LOCK);
> + S3BootScriptSaveMemWrite (
> +    S3BootScriptWidthUint16,
> +    (UINTN)(SpiBase + R_PCH_SPI_IND_LOCK),
> +    1,
> +    &Data16
> +  );
> +  DEBUG((EFI_D_INFO, "R_PCH_SPI_IND_LOCK \n"));  DEBUG((EFI_D_INFO,
> + "MmioRead16 (0x%x, 0x%x) =3D 0x%x \n", (UINTN) SpiBase, (UINT8)
> + R_PCH_SPI_IND_LOCK, (UINT16) Data16));
> +
> +  //
> +  // Verify if it's really locked.
> +  //
> +  if ((MmioRead16 (SpiBase + R_PCH_SPI_IND_LOCK) &
> B_PCH_SPI_IND_LOCK_PR0) =3D=3D 0) {
> +    DEBUG((EFI_D_ERROR, "Failed to lock down individual lock.\n"));  }
> +
>    //
>    //Lock down PRx
>    //
> --
> 2.19.1.windows.1