sb/intel/*: add option to lockdown chipset on normal boot path
On platforms with a PCH, some registers within host bridge should be
locked down on each normal boot path (done by either coreboot or
payload) and S3 resume (always done by coreboot).
A function to perform such locking is implemented in src/northbridge/
intel/*/finalize.c, and is designed as the handler of an #SMI triggered
with outb(APM_CNT_FINALIZE, APM_CNT), but currently this #SMI is only
triggered during s3 resume, and not on normal boot path. This problem
has beed discussed in
https://mail.coreboot.org/pipermail/coreboot/2017-August/084924.html .
This time, an option "INTEL_CHIPSET_LOCKDOWN" within src/southbridge/
intel/common/Kconfig is added to control the actual locking, which
depends on several compatibility flags, including
"HAVE_INTEL_CHIPSET_LOCKDOWN".
In this commit, "ibexpeak", "bd82x6x", "fsp_bd82x6x", and "lynxpoint"
have the flag "HAVE_INTEL_CHIPSET_LOCKDOWN" selected.
The change is only well tested on Sandy Bridge, my Lenovo x230.
Change-Id: I43d4142291c8737b29738c41e8c484328b297b55
Signed-off-by: Bill XIE <persmule@gmail.com>
Reviewed-on: https://review.coreboot.org/21129
Tested-by: build bot (Jenkins) <no-reply@coreboot.org>
Reviewed-by: Nico Huber <nico.h@gmx.de>
diff --git a/src/southbridge/intel/bd82x6x/lpc.c b/src/southbridge/intel/bd82x6x/lpc.c
index ca26250..901f71b 100644
--- a/src/southbridge/intel/bd82x6x/lpc.c
+++ b/src/southbridge/intel/bd82x6x/lpc.c
@@ -829,9 +829,12 @@
static void lpc_final(struct device *dev)
{
- if (CONFIG_HAVE_SMI_HANDLER && acpi_is_wakeup_s3()) {
- /* Call SMM finalize() handlers before resume */
- outb(0xcb, 0xb2);
+ /* Call SMM finalize() handlers before resume */
+ if (IS_ENABLED(CONFIG_HAVE_SMI_HANDLER)) {
+ if (IS_ENABLED(CONFIG_INTEL_CHIPSET_LOCKDOWN) ||
+ acpi_is_wakeup_s3()) {
+ outb(APM_CNT_FINALIZE, APM_CNT);
+ }
}
}