soc/intel/apollolake: Move privilege drop to later stage

Previously privilege drop was happening "too early" and that caused some PMC IPC programming (performed in FSP) to fail because sideband was already locked out. This change set moves privilege drop to later stage, after last FSP notify call. BRANCH=reef BUG=chrome-os-partner:60657 TEST=iotools rdmsr X 0x121, make sure they can't be read. Also dmesg|grep -i IPC to make sure there are no errors related Change-Id: Ia3a774aee5fbf92805a5c69093bfbd3d7682c3a7 Signed-off-by: Andrey Petrov <andrey.petrov@intel.com> Reviewed-on: https://review.coreboot.org/17769 Tested-by: build bot (Jenkins) Reviewed-by: Aaron Durbin <adurbin@chromium.org>
2016-12-07 10:47:46 -08:00
parent b21e362e93
commit a697c19640
4 changed files with 21 additions and 5 deletions
--- a/src/soc/intel/apollolake/chip.c
+++ b/src/soc/intel/apollolake/chip.c
@@ -21,6 +21,7 @@
 #include <cbmem.h>
 #include <console/console.h>
 #include <cpu/cpu.h>
+#include <cpu/x86/mp.h>
 #include <device/device.h>
 #include <device/pci.h>
 #include <fsp/api.h>
@@ -499,11 +500,26 @@ struct chip_operations soc_intel_apollolake_ops = {
 	.final = &soc_final
 };

+static void drop_privilege_all(void)
+{
+	/* Drop privilege level on all the CPUs */
+	if (mp_run_on_all_cpus(&enable_untrusted_mode, 1000) < 0)
+		printk(BIOS_ERR, "failed to enable untrusted mode\n");
+}
+
 void platform_fsp_notify_status(enum fsp_notify_phase phase)
 {
-	/* Hide the P2SB device to align with previous behavior. */
-	if (phase == END_OF_FIRMWARE)
+	if (phase == END_OF_FIRMWARE) {
+		/* Hide the P2SB device to align with previous behavior. */
 		p2sb_hide();
+		/*
+		 * As per guidelines BIOS is recommended to drop CPU privilege
+		 * level to IA_UNTRUSTED. After that certain device registers
+		 * and MSRs become inaccessible supposedly increasing system
+		 * security.
+		 */
+		drop_privilege_all();
+	}
 }

 /*