[coreboot-gerrit] Patch merged into coreboot/master: soc/intel/apollolake: Drop privilege level to IA_UNTRUSTED

Fri Dec 2 16:40:02 CET 2016

the following patch was just integrated into master:
commit 89e39b5c55cd7612c70cb25d2b2000965cc25539
Author: Andrey Petrov <andrey.petrov at intel.com>
Date:   Wed Nov 30 17:58:38 2016 -0800

    soc/intel/apollolake: Drop privilege level to IA_UNTRUSTED

    As per guidelines CPU security level should be dropped before OS start,
    so that certain MSRs are locked out. Drop privilege levels on all logical
    CPUs.

    BUG=chrome-os-partner:60454
    TEST=iotools rdmsr x 0x120, make sure bit 6 is set, rdmsr x 0x121 results
    in io error.

    Change-Id: I67540f6da16f58b822db9160d00b7a5e235188db
    Signed-off-by: Andrey Petrov <andrey.petrov at intel.com>
    Reviewed-on: https://review.coreboot.org/17665
    Reviewed-by: Aaron Durbin <adurbin at chromium.org>
    Tested-by: build bot (Jenkins)

See https://review.coreboot.org/17665 for details.

-gerrit