Gitiles
Code Review Sign In
review.coreboot.org / coreboot / d77b97dc9aa9e2fe8e1c5fc6adf1cd34550bb832^! / .
commitd77b97dc9aa9e2fe8e1c5fc6adf1cd34550bb832[log] [tgz]
authorMarc Jones <marcjones@sysproconsulting.com>Tue Apr 06 15:28:40 2021 -0600
committerMarc Jones <marc@marcjonesconsulting.com>Wed Apr 21 18:01:16 2021 +0000
treee73be992ce6cfcf5d4ad6768e4feac4c22876e84
parenta5761efd14a20b2eb419f27bb8142ae04f1b326e [diff]
soc/intel/xeon_sp: Set PAM0123 lock

Set the PAM0123 lock as indicated by the Intel documentation.
This is set is finalize to allow any part of coreboot to update
the PAM prior to booting.

Change-Id: I3cdb7fc08eb903d799d585c56107de92f034b186
Signed-off-by: Marc Jones <marcjones@sysproconsulting.com>
Reviewed-on: https://review.coreboot.org/c/coreboot/+/52165
Tested-by: build bot (Jenkins) <no-reply@coreboot.org>
Reviewed-by: Jay Talbott <JayTalbott@sysproconsulting.com>
Reviewed-by: Stefan Reinauer <stefan.reinauer@coreboot.org>
Reviewed-by: Angel Pons <th3fanbus@gmail.com>

diff --git a/src/soc/intel/xeon_sp/cpx/include/soc/pci_devs.h b/src/soc/intel/xeon_sp/cpx/include/soc/pci_devs.h
index 7b16945..7f4a045 100644
--- a/src/soc/intel/xeon_sp/cpx/include/soc/pci_devs.h
+++ b/src/soc/intel/xeon_sp/cpx/include/soc/pci_devs.h

@@ -11,6 +11,7 @@
 #define SAD_ALL_DEV			29
 #define SAD_ALL_FUNC			0
 #define SAD_ALL_PAM0123_CSR		0x40
+#define   PAM_LOCK			BIT(0)
 #define SAD_ALL_PAM456_CSR		0x44
 
 #if !defined(__SIMPLE_DEVICE__)

diff --git a/src/soc/intel/xeon_sp/finalize.c b/src/soc/intel/xeon_sp/finalize.c
index bfcf212..044c1cc 100644
--- a/src/soc/intel/xeon_sp/finalize.c
+++ b/src/soc/intel/xeon_sp/finalize.c

@@ -4,12 +4,30 @@
 #include <console/console.h>
 #include <console/debug.h>
 #include <cpu/x86/smm.h>
+#include <device/pci.h>
+#include <intelpch/lockdown.h>
+#include <soc/pci_devs.h>
+#include <soc/util.h>
+
+#include "chip.h"
+
+static void lock_pam0123(void)
+{
+	const struct device *dev;
+
+	if (get_lockdown_config() != CHIPSET_LOCKDOWN_COREBOOT)
+		return;
+
+	dev = pcidev_path_on_bus(get_stack_busno(1), PCI_DEVFN(SAD_ALL_DEV, SAD_ALL_FUNC));
+	pci_or_config32(dev, SAD_ALL_PAM0123_CSR, PAM_LOCK);
+}
 
 static void soc_finalize(void *unused)
 {
 	printk(BIOS_DEBUG, "Finalizing chipset.\n");
 
 	apm_control(APM_CNT_FINALIZE);
+	lock_pam0123();
 
 	post_code(POST_OS_BOOT);
 }

diff --git a/src/soc/intel/xeon_sp/skx/include/soc/pci_devs.h b/src/soc/intel/xeon_sp/skx/include/soc/pci_devs.h
index 96239ba..01e86e1 100644
--- a/src/soc/intel/xeon_sp/skx/include/soc/pci_devs.h
+++ b/src/soc/intel/xeon_sp/skx/include/soc/pci_devs.h

@@ -24,6 +24,7 @@
 #define SAD_ALL_DEV			29
 #define SAD_ALL_FUNC			0
 #define SAD_ALL_PAM0123_CSR		0x40
+#define   PAM_LOCK			BIT(0)
 #define SAD_ALL_PAM456_CSR		0x44
 
 #if !defined(__SIMPLE_DEVICE__)