You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
There is some traction revisiting SMI platform locking on post-skylake.
Here is anchor of past work, feel free to document your findings
@tlaurion it's simply not going to work on newer platforms where FSP locks those registers regardless of any coreboot settings. They simply can't be set by the payload, even in SMM.
CONFIG_INTEL_CHIPSET_LOCKDOWN has no effect on Skylake and newer.
CONFIG_BOOTMEDIA_LOCK_CONTROLLER, I don't understand how it's not locking things prior to the payload execution on older platforms. I'd want to see a cbmem log from an x230 (eg) with SMM logging enabled to try and make sense of it
There is some traction revisiting SMI platform locking on post-skylake.
Here is anchor of past work, feel free to document your findings
Originally posted by @MrChromebox in #326 (comment)
Originally posted by @tlaurion in #1373 (comment)
The text was updated successfully, but these errors were encountered: