Merge pull request #1818 from tlaurion/pr0_skylake_and_more_recent

WiP: PR0 (SPI write prevention through chipset locking) for nv4x_adl, setting base for other platforms/downstream forks supporting >=Skylake+
2024-12-18 20:47:55 +00:00 · 2024-11-29 13:22:21 -05:00 · 2024-11-29 13:22:21 -05:00 · e31afc58b3
commit e31afc58b3
parent 87732b71ce 03ba3864db
31 changed files with 455 additions and 57 deletions
--- a/boards/UNTESTED_t440p-maximized/UNTESTED_t440p-maximized.config
+++ b/boards/UNTESTED_t440p-maximized/UNTESTED_t440p-maximized.config
@ -22,7 +22,7 @@ CONFIG_TPMTOTP=y

 #platform locking finalization (PR0)
 CONFIG_IO386=y
-export CONFIG_FINALIZE_PLATFORM_LOCKING_PRESKYLAKE=y
+export CONFIG_FINALIZE_PLATFORM_LOCKING=y


 # Dependencies for a graphical menu. Enable CONFIG_SLANG and CONFIG_NEWT instead
--- a/boards/UNTESTED_w541-maximized/UNTESTED_w541-maximized.config
+++ b/boards/UNTESTED_w541-maximized/UNTESTED_w541-maximized.config
@ -22,7 +22,7 @@ CONFIG_TPMTOTP=y

 #platform locking finalization (PR0)
 CONFIG_IO386=y
-export CONFIG_FINALIZE_PLATFORM_LOCKING_PRESKYLAKE=y
+export CONFIG_FINALIZE_PLATFORM_LOCKING=y


 # Dependencies for a graphical menu. Enable CONFIG_SLANG and CONFIG_NEWT instead
--- a/boards/nitropad-ns50/nitropad-ns50.config
+++ b/boards/nitropad-ns50/nitropad-ns50.config
@ -29,7 +29,13 @@ CONFIG_UTIL_LINUX=y
 CONFIG_LVM2=y
 CONFIG_MBEDTLS=y
 CONFIG_PCIUTILS=y
-CONFIG_MSRTOOLS=y
+
+#TODO: readd when tested
+#platform locking finalization (PR0)
+#CONFIG_IO386=y
+#export CONFIG_FINALIZE_PLATFORM_LOCKING=y
+
+
 #Remote attestation support
 # TPM2 requirements
 CONFIG_TPM2_TSS=y
--- a/boards/novacustom_nv4x_adl/novacustom_nv4x_adl.config
+++ b/boards/novacustom_nv4x_adl/novacustom_nv4x_adl.config
@ -29,7 +29,12 @@ CONFIG_UTIL_LINUX=y
 CONFIG_LVM2=y
 CONFIG_MBEDTLS=y
 CONFIG_PCIUTILS=y
-CONFIG_MSRTOOLS=y
+
+#platform locking finalization (PR0)
+CONFIG_IO386=y
+export CONFIG_FINALIZE_PLATFORM_LOCKING=y
+
+
 #Remote attestation support
 # TPM2 requirements
 CONFIG_TPM2_TSS=y
--- a/boards/optiplex-7010_9010-hotp-maximized/optiplex-7010_9010-hotp-maximized.config
+++ b/boards/optiplex-7010_9010-hotp-maximized/optiplex-7010_9010-hotp-maximized.config
@ -49,7 +49,7 @@ CONFIG_HOTPKEY=y
 #platform locking finalization (PR0)
 # This prevents SPI from being writeable outside of Heads
 CONFIG_IO386=y
-export CONFIG_FINALIZE_PLATFORM_LOCKING_PRESKYLAKE=y
+export CONFIG_FINALIZE_PLATFORM_LOCKING=y

 #Nitrokey Storage admin tool (deprecated)
 #CONFIG_NKSTORECLI=n
--- a/boards/optiplex-7010_9010-maximized/optiplex-7010_9010-maximized.config
+++ b/boards/optiplex-7010_9010-maximized/optiplex-7010_9010-maximized.config
@ -49,7 +49,7 @@ CONFIG_TPMTOTP=y
 #platform locking finalization (PR0)
 # This prevents SPI from being writeable outside of Heads
 CONFIG_IO386=y
-export CONFIG_FINALIZE_PLATFORM_LOCKING_PRESKYLAKE=y
+export CONFIG_FINALIZE_PLATFORM_LOCKING=y

 #Nitrokey Storage admin tool (deprecated)
 #CONFIG_NKSTORECLI=n
--- a/boards/optiplex-7010_9010_TXT-hotp-maximized/optiplex-7010_9010_TXT-hotp-maximized.config
+++ b/boards/optiplex-7010_9010_TXT-hotp-maximized/optiplex-7010_9010_TXT-hotp-maximized.config
@ -49,7 +49,7 @@ CONFIG_HOTPKEY=y
 #platform locking finalization (PR0)
 # This prevents SPI from being writeable outside of Heads
 CONFIG_IO386=y
-export CONFIG_FINALIZE_PLATFORM_LOCKING_PRESKYLAKE=y
+export CONFIG_FINALIZE_PLATFORM_LOCKING=y

 #Nitrokey Storage admin tool (deprecated)
 #CONFIG_NKSTORECLI=n
--- a/boards/optiplex-7010_9010_TXT-maximized/optiplex-7010_9010_TXT-maximized.config
+++ b/boards/optiplex-7010_9010_TXT-maximized/optiplex-7010_9010_TXT-maximized.config
@ -49,7 +49,7 @@ CONFIG_TPMTOTP=y
 #platform locking finalization (PR0)
 # This prevents SPI from being writeable outside of Heads
 CONFIG_IO386=y
-export CONFIG_FINALIZE_PLATFORM_LOCKING_PRESKYLAKE=y
+export CONFIG_FINALIZE_PLATFORM_LOCKING=y

 #Nitrokey Storage admin tool (deprecated)
 #CONFIG_NKSTORECLI=n
--- a/boards/t420-hotp-maximized/t420-hotp-maximized.config
+++ b/boards/t420-hotp-maximized/t420-hotp-maximized.config
@ -32,7 +32,7 @@ CONFIG_PCIUTILS=y

 #platform locking finalization (PR0)
 CONFIG_IO386=y
-export CONFIG_FINALIZE_PLATFORM_LOCKING_PRESKYLAKE=y
+export CONFIG_FINALIZE_PLATFORM_LOCKING=y

 #Remote attestation support
 #TPM based requirements
--- a/boards/t420-maximized/t420-maximized.config
+++ b/boards/t420-maximized/t420-maximized.config
@ -31,7 +31,7 @@ CONFIG_PCIUTILS=y

 #platform locking finalization (PR0)
 CONFIG_IO386=y
-export CONFIG_FINALIZE_PLATFORM_LOCKING_PRESKYLAKE=y
+export CONFIG_FINALIZE_PLATFORM_LOCKING=y

 #Remote attestation support
 #TPM based requirements
--- a/boards/t430-hotp-maximized/t430-hotp-maximized.config
+++ b/boards/t430-hotp-maximized/t430-hotp-maximized.config
@ -30,7 +30,7 @@ CONFIG_PCIUTILS=y

 #platform locking finalization (PR0)
 CONFIG_IO386=y
-export CONFIG_FINALIZE_PLATFORM_LOCKING_PRESKYLAKE=y
+export CONFIG_FINALIZE_PLATFORM_LOCKING=y

 #Remote attestation support
 #TPM based requirements
--- a/boards/t430-maximized/t430-maximized.config
+++ b/boards/t430-maximized/t430-maximized.config
@ -30,7 +30,7 @@ CONFIG_PCIUTILS=y

 #platform locking finalization (PR0)
 CONFIG_IO386=y
-export CONFIG_FINALIZE_PLATFORM_LOCKING_PRESKYLAKE=y
+export CONFIG_FINALIZE_PLATFORM_LOCKING=y


 #Remote attestation support
--- a/boards/t530-hotp-maximized/t530-hotp-maximized.config
+++ b/boards/t530-hotp-maximized/t530-hotp-maximized.config
@ -31,7 +31,7 @@ CONFIG_PCIUTILS=y

 #platform locking finalization (PR0)
 CONFIG_IO386=y
-export CONFIG_FINALIZE_PLATFORM_LOCKING_PRESKYLAKE=y
+export CONFIG_FINALIZE_PLATFORM_LOCKING=y


 #Remote attestation support
--- a/boards/t530-maximized/t530-maximized.config
+++ b/boards/t530-maximized/t530-maximized.config
@ -31,7 +31,7 @@ CONFIG_PCIUTILS=y

 #platform locking finalization (PR0)
 CONFIG_IO386=y
-export CONFIG_FINALIZE_PLATFORM_LOCKING_PRESKYLAKE=y
+export CONFIG_FINALIZE_PLATFORM_LOCKING=y


 #Remote attestation support
--- a/boards/w530-hotp-maximized/w530-hotp-maximized.config
+++ b/boards/w530-hotp-maximized/w530-hotp-maximized.config
@ -31,7 +31,7 @@ CONFIG_PCIUTILS=y

 #platform locking finalization (PR0)
 CONFIG_IO386=y
-export CONFIG_FINALIZE_PLATFORM_LOCKING_PRESKYLAKE=y
+export CONFIG_FINALIZE_PLATFORM_LOCKING=y


 #Remote attestation support
--- a/boards/w530-maximized/w530-maximized.config
+++ b/boards/w530-maximized/w530-maximized.config
@ -31,7 +31,7 @@ CONFIG_PCIUTILS=y

 #platform locking finalization (PR0)
 CONFIG_IO386=y
-export CONFIG_FINALIZE_PLATFORM_LOCKING_PRESKYLAKE=y
+export CONFIG_FINALIZE_PLATFORM_LOCKING=y


 #Remote attestation support
--- a/boards/x220-hotp-maximized/x220-hotp-maximized.config
+++ b/boards/x220-hotp-maximized/x220-hotp-maximized.config
@ -32,7 +32,7 @@ CONFIG_PCIUTILS=y

 #platform locking finalization (PR0)
 CONFIG_IO386=y
-export CONFIG_FINALIZE_PLATFORM_LOCKING_PRESKYLAKE=y
+export CONFIG_FINALIZE_PLATFORM_LOCKING=y

 #Remote attestation support
 #TPM based requirements
--- a/boards/x220-maximized/x220-maximized.config
+++ b/boards/x220-maximized/x220-maximized.config
@ -32,7 +32,7 @@ CONFIG_PCIUTILS=y

 #platform locking finalization (PR0)
 CONFIG_IO386=y
-export CONFIG_FINALIZE_PLATFORM_LOCKING_PRESKYLAKE=y
+export CONFIG_FINALIZE_PLATFORM_LOCKING=y

 #Remote attestation support
 #TPM based requirements
--- a/boards/x230-hotp-maximized-fhd_edp/x230-hotp-maximized-fhd_edp.config
+++ b/boards/x230-hotp-maximized-fhd_edp/x230-hotp-maximized-fhd_edp.config
@ -43,7 +43,7 @@ CONFIG_PCIUTILS=y

 #platform locking finalization (PR0)
 CONFIG_IO386=y
-export CONFIG_FINALIZE_PLATFORM_LOCKING_PRESKYLAKE=y
+export CONFIG_FINALIZE_PLATFORM_LOCKING=y


 #Remote attestation support
--- a/boards/x230-hotp-maximized/x230-hotp-maximized.config
+++ b/boards/x230-hotp-maximized/x230-hotp-maximized.config
@ -49,7 +49,7 @@ CONFIG_HOTPKEY=y
 #platform locking finalization (PR0)
 # This prevents SPI from being writeable outside of Heads
 CONFIG_IO386=y
-export CONFIG_FINALIZE_PLATFORM_LOCKING_PRESKYLAKE=y
+export CONFIG_FINALIZE_PLATFORM_LOCKING=y

 #Nitrokey Storage admin tool (deprecated)
 #CONFIG_NKSTORECLI=n
--- a/boards/x230-hotp-maximized_usb-kb/x230-hotp-maximized_usb-kb.config
+++ b/boards/x230-hotp-maximized_usb-kb/x230-hotp-maximized_usb-kb.config
@ -39,7 +39,7 @@ CONFIG_PCIUTILS=y

 #platform locking finalization (PR0)
 CONFIG_IO386=y
-export CONFIG_FINALIZE_PLATFORM_LOCKING_PRESKYLAKE=y
+export CONFIG_FINALIZE_PLATFORM_LOCKING=y


 #Remote attestation support
--- a/boards/x230-maximized-fhd_edp/x230-maximized-fhd_edp.config
+++ b/boards/x230-maximized-fhd_edp/x230-maximized-fhd_edp.config
@ -43,7 +43,7 @@ CONFIG_PCIUTILS=y

 #platform locking finalization (PR0)
 CONFIG_IO386=y
-export CONFIG_FINALIZE_PLATFORM_LOCKING_PRESKYLAKE=y
+export CONFIG_FINALIZE_PLATFORM_LOCKING=y


 #Remote attestation support
--- a/boards/x230-maximized/x230-maximized.config
+++ b/boards/x230-maximized/x230-maximized.config
@ -34,7 +34,7 @@ CONFIG_PCIUTILS=y

 #platform locking finalization (PR0)
 CONFIG_IO386=y
-export CONFIG_FINALIZE_PLATFORM_LOCKING_PRESKYLAKE=y
+export CONFIG_FINALIZE_PLATFORM_LOCKING=y


 #Remote attestation support
--- a/boards/z220-cmt-maximized/z220-cmt-maximized.config
+++ b/boards/z220-cmt-maximized/z220-cmt-maximized.config
@ -43,7 +43,7 @@ CONFIG_TPMTOTP=y

 #platform locking finalization (PR0)
 CONFIG_IO386=y
-export CONFIG_FINALIZE_PLATFORM_LOCKING_PRESKYLAKE=y 
+export CONFIG_FINALIZE_PLATFORM_LOCKING=y 

 # Dependencies for a graphical menu. Enable CONFIG_SLANG and CONFIG_NEWT instead
 # for a console-based menu.
--- a/config/coreboot-nitropad-ns50.config
+++ b/config/coreboot-nitropad-ns50.config
@ -428,6 +428,7 @@ CONFIG_SOC_INTEL_COMMON_BLOCK_XHCI_ELOG=y
 CONFIG_SOC_INTEL_COMMON_PCH_CLIENT=y
 CONFIG_SOC_INTEL_COMMON_PCH_BASE=y
 CONFIG_SOC_INTEL_COMMON_PCH_LOCKDOWN=y
+CONFIG_SOC_INTEL_COMMON_SPI_LOCKDOWN_SMM=y
 CONFIG_PCH_SPECIFIC_BASE_OPTIONS=y
 CONFIG_PCH_SPECIFIC_DISCRETE_OPTIONS=y
 CONFIG_PCH_SPECIFIC_CLIENT_OPTIONS=y
@ -489,8 +490,10 @@ CONFIG_PCIEXP_HOTPLUG=y
 CONFIG_INTEL_DESCRIPTOR_MODE_REQUIRED=y
 CONFIG_SOUTHBRIDGE_INTEL_COMMON_SMBUS=y
 CONFIG_SOUTHBRIDGE_INTEL_COMMON_PIRQ_ACPI_GEN=y
+CONFIG_HAVE_INTEL_CHIPSET_LOCKDOWN=y
 CONFIG_INTEL_DESCRIPTOR_MODE_CAPABLE=y
 # CONFIG_VALIDATE_INTEL_DESCRIPTOR is not set
+# CONFIG_INTEL_CHIPSET_LOCKDOWN is not set
 CONFIG_FIXED_RCBA_MMIO_BASE=0xfed1c000
 CONFIG_RCBA_LENGTH=0x4000

@ -617,6 +620,7 @@ CONFIG_MRC_SETTINGS_PROTECT=y
 CONFIG_SPI_FLASH=y
 CONFIG_BOOT_DEVICE_SPI_FLASH_RW_NOMMAP=y
 CONFIG_BOOT_DEVICE_SPI_FLASH_RW_NOMMAP_EARLY=y
+CONFIG_SPI_FLASH_SMM=y
 # CONFIG_SPI_FLASH_NO_FAST_READ is not set
 CONFIG_TPM_INIT_RAMSTAGE=y
 # CONFIG_TPM_PPI is not set
@ -729,9 +733,11 @@ CONFIG_INTEL_TXT_LIB=y
 # CONFIG_INTEL_TXT is not set
 # CONFIG_STM is not set
 # CONFIG_INTEL_CBNT_SUPPORT is not set
-CONFIG_BOOTMEDIA_LOCK_NONE=y
-# CONFIG_BOOTMEDIA_LOCK_CONTROLLER is not set
+# CONFIG_BOOTMEDIA_LOCK_NONE is not set
+CONFIG_BOOTMEDIA_LOCK_CONTROLLER=y
 # CONFIG_BOOTMEDIA_LOCK_CHIP is not set
+CONFIG_BOOTMEDIA_LOCK_WHOLE_RO=y
+# CONFIG_BOOTMEDIA_LOCK_WHOLE_NO_ACCESS is not set
 # CONFIG_BOOTMEDIA_SMM_BWP is not set
 # end of Security

--- a/config/coreboot-novacustom_nv4x_adl.config
+++ b/config/coreboot-novacustom_nv4x_adl.config
@ -428,6 +428,7 @@ CONFIG_SOC_INTEL_COMMON_BLOCK_XHCI_ELOG=y
 CONFIG_SOC_INTEL_COMMON_PCH_CLIENT=y
 CONFIG_SOC_INTEL_COMMON_PCH_BASE=y
 CONFIG_SOC_INTEL_COMMON_PCH_LOCKDOWN=y
+CONFIG_SOC_INTEL_COMMON_SPI_LOCKDOWN_SMM=y
 CONFIG_PCH_SPECIFIC_BASE_OPTIONS=y
 CONFIG_PCH_SPECIFIC_DISCRETE_OPTIONS=y
 CONFIG_PCH_SPECIFIC_CLIENT_OPTIONS=y
@ -489,8 +490,10 @@ CONFIG_PCIEXP_HOTPLUG=y
 CONFIG_INTEL_DESCRIPTOR_MODE_REQUIRED=y
 CONFIG_SOUTHBRIDGE_INTEL_COMMON_SMBUS=y
 CONFIG_SOUTHBRIDGE_INTEL_COMMON_PIRQ_ACPI_GEN=y
+CONFIG_HAVE_INTEL_CHIPSET_LOCKDOWN=y
 CONFIG_INTEL_DESCRIPTOR_MODE_CAPABLE=y
 # CONFIG_VALIDATE_INTEL_DESCRIPTOR is not set
+# CONFIG_INTEL_CHIPSET_LOCKDOWN is not set
 CONFIG_FIXED_RCBA_MMIO_BASE=0xfed1c000
 CONFIG_RCBA_LENGTH=0x4000

@ -618,6 +621,7 @@ CONFIG_MRC_SETTINGS_PROTECT=y
 CONFIG_SPI_FLASH=y
 CONFIG_BOOT_DEVICE_SPI_FLASH_RW_NOMMAP=y
 CONFIG_BOOT_DEVICE_SPI_FLASH_RW_NOMMAP_EARLY=y
+CONFIG_SPI_FLASH_SMM=y
 # CONFIG_SPI_FLASH_NO_FAST_READ is not set
 CONFIG_TPM_INIT_RAMSTAGE=y
 # CONFIG_TPM_PPI is not set
@ -730,9 +734,11 @@ CONFIG_INTEL_TXT_LIB=y
 # CONFIG_INTEL_TXT is not set
 # CONFIG_STM is not set
 # CONFIG_INTEL_CBNT_SUPPORT is not set
-CONFIG_BOOTMEDIA_LOCK_NONE=y
-# CONFIG_BOOTMEDIA_LOCK_CONTROLLER is not set
+# CONFIG_BOOTMEDIA_LOCK_NONE is not set
+CONFIG_BOOTMEDIA_LOCK_CONTROLLER=y
 # CONFIG_BOOTMEDIA_LOCK_CHIP is not set
+CONFIG_BOOTMEDIA_LOCK_WHOLE_RO=y
+# CONFIG_BOOTMEDIA_LOCK_WHOLE_NO_ACCESS is not set
 # CONFIG_BOOTMEDIA_SMM_BWP is not set
 # end of Security

--- a/initrd/bin/config-gui.sh
+++ b/initrd/bin/config-gui.sh
@ -83,7 +83,7 @@ while true; do
        'Z' " $(get_config_display_action "$CONFIG_DEBUG_OUTPUT") $CONFIG_BRAND_NAME debug and function tracing output"
    )

-    [ "$CONFIG_FINALIZE_PLATFORM_LOCKING_PRESKYLAKE" = "y" ] && dynamic_config_options+=(
+    [ "$CONFIG_FINALIZE_PLATFORM_LOCKING" = "y" ] && dynamic_config_options+=(
        't' ' Deactivate Platform Locking to permit OS write access to firmware'
    )

@ -103,8 +103,8 @@ while true; do

  case "$menu_choice" in
    "t" )
-      unset CONFIG_FINALIZE_PLATFORM_LOCKING_PRESKYLAKE
-      replace_config /etc/config.user "CONFIG_FINALIZE_PLATFORM_LOCKING_PRESKYLAKE" "n"
+      unset CONFIG_FINALIZE_PLATFORM_LOCKING
+      replace_config /etc/config.user "CONFIG_FINALIZE_PLATFORM_LOCKING" "n"
      combine_configs
      . /tmp/config
    ;;
--- a/initrd/bin/kexec-boot
+++ b/initrd/bin/kexec-boot
@ -170,7 +170,7 @@ if [ "$CONFIG_TPM" = "y" ]; then
 	tpmr kexec_finalize
 fi

-if [ -x /bin/io386 -a "$CONFIG_FINALIZE_PLATFORM_LOCKING_PRESKYLAKE" = "y" ]; then
+if [ -x /bin/io386 -a "$CONFIG_FINALIZE_PLATFORM_LOCKING" = "y" ]; then
 	lock_chip
 fi

--- a/initrd/bin/lock_chip
+++ b/initrd/bin/lock_chip
@ -1,41 +1,25 @@
 #!/bin/sh
 # For this to work:
-#  - io386 module needs to be enabled in board config (sandy/ivy/haswell know to work)
-#  - coreboot config need to enable CONFIG_BOOTMEDIA_LOCK_CONTROLLER=y without enabling CONFIG_INTEL_CHIPSET_LOCKDOWN
+#  - io386 module needs to be enabled in board config
+#  - <Skylake: coreboot config need to enable CONFIG_BOOTMEDIA_LOCK_CONTROLLER=y without enabling CONFIG_INTEL_CHIPSET_LOCKDOWN
+#  - >=Skylake: same as above and CONFIG_SOC_INTEL_COMMON_SPI_LOCKDOWN_SMM=y, CONFIG_SPI_FLASH_SMM=y and mode (eg: CONFIG_BOOTMEDIA_LOCK_WHOLE_RO=y)
 #  - Heads is actually doing the CONFIG_INTEL_CHIPSET_LOCKDOWN equivalent here.
-# TODO: If more platforms are able to enable CONFIG_INTEL_CHIPSET_LOCKDOWN in the future, have board config export APM_CNT and FIN_CODE and modify this script accordingly

 #include ash shell functions (TRACE requires it)
 . /etc/ash_functions

 TRACE "Under /bin/lock_chip"
-if [ "$CONFIG_FINALIZE_PLATFORM_LOCKING_PRESKYLAKE" = "y" ]; then
+if [ "$CONFIG_FINALIZE_PLATFORM_LOCKING" = "y" ]; then
 	APM_CNT=0xb2
 	FIN_CODE=0xcb
 fi

 if [ -n "$APM_CNT" -a -n "$FIN_CODE" ]; then
-	# SMI PR0 lockdown is implemented by Intel as part of the SMM Supervisor feature.
-	# SMM Supervisor is a software component that runs in SMM and acts as a gatekeeper
-	# for SMM access.
-	#
-	# It uses the processor’s memory protection and paging mechanisms to restrict what
-	# SMM code can read and write. SMM Supervisor marks critical pages, such as its
-	# own code, data, and page tables, as supervisor pages, which are only accessible
-	# from the most privileged level (CPL0).
-	#
-	# It also marks the rest of the SMM memory as user pages, which are accessible
-	# from any privilege level.
-	#
-	# This way, SMM Supervisor can isolate itself from other SMM code and enforce a policy
-	# that states what resources the SMI handlers (the interrupt handlers that run in SMM)
-	# require access to.
-	#
-	# SMI PR0 lockdown is enabled by setting a lock bit (FLOCKDN) in the SPI controller,
-	# which prevents further changes to the SMM memory and configuration.
-	# Once SMI PR0 lockdown is enabled, it cannot be disabled until the next system reset.
-	# This ensures that malicious code cannot tamper with the SMM Supervisor or the SMI handlers
-	# after the system boots.
+	# PR0 lockdown is enabled by setting a lock bit (FLOCKDN) in the SPI controller,
+	# which prevents further changes to the SPI controller configuration. The flash
+	# will become write protected in the range specified in the PR0 register. Once
+	# the protection is set and locked, it cannot be disabled 
+	# until the next system reset.
 	echo "Finalizing chipset Write Protection through SMI PR0 lockdown call"
 	io386 -o b -b x $APM_CNT $FIN_CODE
 else
--- a/patches/coreboot-dasharo-unreleased/0001-tpm_pirq-not_conditional.patch
+++ b/patches/coreboot-dasharo-unreleased/0001-tpm_pirq-not_conditional.patch
--- a/patches/coreboot-dasharo-unreleased/0002-pr0_chipset_locking-post_skylake.patch
+++ b/patches/coreboot-dasharo-unreleased/0002-pr0_chipset_locking-post_skylake.patch
@ -0,0 +1,391 @@
+From ff22122c229bbe2109de92ded773493428f7ece9 Mon Sep 17 00:00:00 2001
+From: =?UTF-8?q?Micha=C5=82=20=C5=BBygowski?= <michal.zygowski@3mdeb.com>
+Date: Sun, 20 Oct 2024 13:15:19 +0200
+Subject: [PATCH] soc/intel/lockdown: Allow locking down SPI and LPC in SMM
+MIME-Version: 1.0
+Content-Type: text/plain; charset=UTF-8
+Content-Transfer-Encoding: 8bit
+
+Heads payload uses APM_CNT_FINALIZE SMI to set and lock down
+the SPI controller with PR0 flash protection. Add new option
+to skip LPC and FAST SPI lock down in coreboot and move it
+to APM_CNT_FINALIZE SMI handler.
+
+Signed-off-by: Michał Żygowski <michal.zygowski@3mdeb.com>
+---
+ src/soc/intel/alderlake/finalize.c            |  4 ++-
+ src/soc/intel/cannonlake/finalize.c           |  3 +-
+ src/soc/intel/common/block/lpc/Makefile.inc   |  4 +++
+ src/soc/intel/common/block/smm/smihandler.c   | 10 ++++++
+ .../common/pch/include/intelpch/lockdown.h    |  3 ++
+ src/soc/intel/common/pch/lockdown/Kconfig     | 15 ++++++++
+ .../intel/common/pch/lockdown/Makefile.inc    |  5 +++
+ src/soc/intel/common/pch/lockdown/lockdown.c  | 33 +++++------------
+ .../intel/common/pch/lockdown/lockdown_lpc.c  | 23 ++++++++++++
+ .../intel/common/pch/lockdown/lockdown_spi.c  | 35 +++++++++++++++++++
+ src/soc/intel/denverton_ns/lpc.c              |  3 +-
+ src/soc/intel/elkhartlake/finalize.c          |  3 +-
+ src/soc/intel/jasperlake/finalize.c           |  3 +-
+ src/soc/intel/meteorlake/finalize.c           |  3 +-
+ src/soc/intel/skylake/finalize.c              |  3 +-
+ src/soc/intel/tigerlake/finalize.c            |  3 +-
+ src/soc/intel/xeon_sp/finalize.c              |  3 +-
+ 17 files changed, 123 insertions(+), 33 deletions(-)
+ create mode 100644 src/soc/intel/common/pch/lockdown/lockdown_lpc.c
+ create mode 100644 src/soc/intel/common/pch/lockdown/lockdown_spi.c
+
+diff --git a/src/soc/intel/alderlake/finalize.c b/src/soc/intel/alderlake/finalize.c
+index 460c8af174e..9cd9351d96a 100644
+--- a/src/soc/intel/alderlake/finalize.c
+++ b/src/soc/intel/alderlake/finalize.c
+@@ -84,7 +84,9 @@ static void soc_finalize(void *unused)
+ 	printk(BIOS_DEBUG, "Finalizing chipset.\n");
+ 
+ 	pch_finalize();
+-	apm_control(APM_CNT_FINALIZE);
+	if (CONFIG(INTEL_CHIPSET_LOCKDOWN) || acpi_is_wakeup_s3())
+		apm_control(APM_CNT_FINALIZE);
+
+ 	tbt_finalize();
+ 	if (CONFIG(USE_FSP_NOTIFY_PHASE_READY_TO_BOOT) &&
+ 			 CONFIG(USE_FSP_NOTIFY_PHASE_END_OF_FIRMWARE))
+diff --git a/src/soc/intel/cannonlake/finalize.c b/src/soc/intel/cannonlake/finalize.c
+index ba7fc69b552..b5f727e97c7 100644
+--- a/src/soc/intel/cannonlake/finalize.c
+++ b/src/soc/intel/cannonlake/finalize.c
+@@ -87,7 +87,8 @@ static void soc_finalize(void *unused)
+ 	printk(BIOS_DEBUG, "Finalizing chipset.\n");
+ 
+ 	pch_finalize();
+-	apm_control(APM_CNT_FINALIZE);
+	if (CONFIG(INTEL_CHIPSET_LOCKDOWN) || acpi_is_wakeup_s3())
+		apm_control(APM_CNT_FINALIZE);
+ 	if (CONFIG(DISABLE_HECI1_AT_PRE_BOOT) &&
+ 			CONFIG(SOC_INTEL_COMMON_BLOCK_HECI1_DISABLE_USING_PMC_IPC))
+ 		heci1_disable();
+diff --git a/src/soc/intel/common/block/lpc/Makefile.inc b/src/soc/intel/common/block/lpc/Makefile.inc
+index b510cd0ec35..60792654b5a 100644
+--- a/src/soc/intel/common/block/lpc/Makefile.inc
+++ b/src/soc/intel/common/block/lpc/Makefile.inc
+@@ -5,3 +5,7 @@ romstage-$(CONFIG_SOC_INTEL_COMMON_BLOCK_LPC) += lpc_lib.c
+ 
+ ramstage-$(CONFIG_SOC_INTEL_COMMON_BLOCK_LPC) += lpc_lib.c
+ ramstage-$(CONFIG_SOC_INTEL_COMMON_BLOCK_LPC) += lpc.c
+
+ifeq ($(CONFIG_SOC_INTEL_COMMON_SPI_LOCKDOWN_SMM),y)
+smm-$(CONFIG_SOC_INTEL_COMMON_BLOCK_LPC) += lpc_lib.c
+endif
+diff --git a/src/soc/intel/common/block/smm/smihandler.c b/src/soc/intel/common/block/smm/smihandler.c
+index 4bfd17bfd07..dcd74764957 100644
+--- a/src/soc/intel/common/block/smm/smihandler.c
+++ b/src/soc/intel/common/block/smm/smihandler.c
+@@ -15,12 +15,14 @@
+ #include <device/pci_def.h>
+ #include <device/pci_ops.h>
+ #include <elog.h>
+#include <intelblocks/cfg.h>
+ #include <intelblocks/fast_spi.h>
+ #include <intelblocks/oc_wdt.h>
+ #include <intelblocks/pmclib.h>
+ #include <intelblocks/smihandler.h>
+ #include <intelblocks/tco.h>
+ #include <intelblocks/uart.h>
+#include <intelpch/lockdown.h>
+ #include <smmstore.h>
+ #include <soc/nvs.h>
+ #include <soc/pci_devs.h>
+@@ -343,6 +345,14 @@ static void finalize(void)
+ 	}
+ 	finalize_done = 1;
+ 
+	if (CONFIG(SOC_INTEL_COMMON_SPI_LOCKDOWN_SMM)) {
+		/* SPI lock down configuration */
+		fast_spi_lockdown_bios(CHIPSET_LOCKDOWN_COREBOOT);
+
+		/* LPC/eSPI lock down configuration */
+		lpc_lockdown_config(CHIPSET_LOCKDOWN_COREBOOT);
+	}
+
+ 	if (CONFIG(SPI_FLASH_SMM))
+ 		/* Re-init SPI driver to handle locked BAR */
+ 		fast_spi_init();
+diff --git a/src/soc/intel/common/pch/include/intelpch/lockdown.h b/src/soc/intel/common/pch/include/intelpch/lockdown.h
+index b5aba06fe0e..1b96f41a2a4 100644
+--- a/src/soc/intel/common/pch/include/intelpch/lockdown.h
+++ b/src/soc/intel/common/pch/include/intelpch/lockdown.h
+@@ -22,4 +22,7 @@ int get_lockdown_config(void);
+  */
+ void soc_lockdown_config(int chipset_lockdown);
+ 
+void fast_spi_lockdown_bios(int chipset_lockdown);
+void lpc_lockdown_config(int chipset_lockdown);
+
+ #endif /* SOC_INTEL_COMMON_PCH_LOCKDOWN_H */
+diff --git a/src/soc/intel/common/pch/lockdown/Kconfig b/src/soc/intel/common/pch/lockdown/Kconfig
+index 8fce5e785c2..fbeb341e9ac 100644
+--- a/src/soc/intel/common/pch/lockdown/Kconfig
+++ b/src/soc/intel/common/pch/lockdown/Kconfig
+@@ -1,7 +1,22 @@
+ config SOC_INTEL_COMMON_PCH_LOCKDOWN
+ 	bool
+ 	default n
+	select HAVE_INTEL_CHIPSET_LOCKDOWN
+ 	help
+ 	  This option allows to have chipset lockdown for DMI, FAST_SPI and
+ 	  soc_lockdown_config() to implement any additional lockdown as PMC,
+ 	  LPC for supported PCH.
+
+config SOC_INTEL_COMMON_SPI_LOCKDOWN_SMM
+	bool "Lock down SPI controller in SMM"
+	default n
+	depends on HAVE_SMI_HANDLER
+	select SPI_FLASH_SMM
+	help
+	  This option allows to have chipset lockdown for FAST_SPI and LPC for
+	  supported PCH. If selected, coreboot will skip locking down the SPI
+	  and LPC controller. The payload or OS is responsible for locking it
+	  using APM_CNT_FINALIZE SMI. Used by heads to set and lock PR0 flash
+	  protection.
+	  
+	  If unsure, say N.
+\ No newline at end of file
+diff --git a/src/soc/intel/common/pch/lockdown/Makefile.inc b/src/soc/intel/common/pch/lockdown/Makefile.inc
+index 71466f8edd1..64aad562acf 100644
+--- a/src/soc/intel/common/pch/lockdown/Makefile.inc
+++ b/src/soc/intel/common/pch/lockdown/Makefile.inc
+@@ -1,2 +1,7 @@
+ ## SPDX-License-Identifier: GPL-2.0-only
+ ramstage-$(CONFIG_SOC_INTEL_COMMON_PCH_LOCKDOWN) += lockdown.c
+ramstage-$(CONFIG_SOC_INTEL_COMMON_PCH_LOCKDOWN) += lockdown_lpc.c
+ramstage-$(CONFIG_SOC_INTEL_COMMON_PCH_LOCKDOWN) += lockdown_spi.c
+
+smm-$(CONFIG_SOC_INTEL_COMMON_SPI_LOCKDOWN_SMM) += lockdown_lpc.c
+smm-$(CONFIG_SOC_INTEL_COMMON_SPI_LOCKDOWN_SMM) += lockdown_spi.c
+diff --git a/src/soc/intel/common/pch/lockdown/lockdown.c b/src/soc/intel/common/pch/lockdown/lockdown.c
+index 1b1d99cc0c9..7e52fb826fe 100644
+--- a/src/soc/intel/common/pch/lockdown/lockdown.c
+++ b/src/soc/intel/common/pch/lockdown/lockdown.c
+@@ -61,21 +61,24 @@ static void fast_spi_lockdown_cfg(int chipset_lockdown)
+ 	/* Set FAST_SPI opcode menu */
+ 	fast_spi_set_opcode_menu();
+ 
+-	/* Discrete Lock Flash PR registers */
+-	fast_spi_pr_dlock();
+-
+ 	/* Check if SPI transaction is pending */
+ 	fast_spi_cycle_in_progress();
+ 
+ 	/* Clear any outstanding status bits like AEL, FCERR, FDONE, SAF etc. */
+ 	fast_spi_clear_outstanding_status();
+ 
+-	/* Lock FAST_SPIBAR */
+-	fast_spi_lock_bar();
+-
+ 	/* Set Vendor Component Lock (VCL) */
+ 	fast_spi_vscc0_lock();
+ 
+	if (CONFIG(SOC_INTEL_COMMON_SPI_LOCKDOWN_SMM))
+		return;
+
+	/* Discrete Lock Flash PR registers */
+	fast_spi_pr_dlock();
+
+	/* Lock FAST_SPIBAR */
+	fast_spi_lock_bar();
+
+ 	/* Set BIOS Interface Lock, BIOS Lock */
+ 	if (chipset_lockdown == CHIPSET_LOCKDOWN_COREBOOT) {
+ 		/* BIOS Interface Lock */
+@@ -95,24 +98,6 @@ static void fast_spi_lockdown_cfg(int chipset_lockdown)
+ 	}
+ }
+ 
+-static void lpc_lockdown_config(int chipset_lockdown)
+-{
+-	/* Set BIOS Interface Lock, BIOS Lock */
+-	if (chipset_lockdown == CHIPSET_LOCKDOWN_COREBOOT) {
+-		/* BIOS Interface Lock */
+-		lpc_set_bios_interface_lock_down();
+-
+-		/* Only allow writes in SMM */
+-		if (CONFIG(BOOTMEDIA_SMM_BWP) && is_smm_bwp_permitted()) {
+-			lpc_set_eiss();
+-			lpc_enable_wp();
+-		}
+-
+-		/* BIOS Lock */
+-		lpc_set_lock_enable();
+-	}
+-}
+-
+ static void sa_lockdown_config(int chipset_lockdown)
+ {
+ 	if (!CONFIG(SOC_INTEL_COMMON_BLOCK_SA))
+diff --git a/src/soc/intel/common/pch/lockdown/lockdown_lpc.c b/src/soc/intel/common/pch/lockdown/lockdown_lpc.c
+new file mode 100644
+index 00000000000..69278ea343f
+--- /dev/null
+++ b/src/soc/intel/common/pch/lockdown/lockdown_lpc.c
+@@ -0,0 +1,23 @@
+/* SPDX-License-Identifier: GPL-2.0-only */
+
+#include <intelblocks/cfg.h>
+#include <intelblocks/lpc_lib.h>
+#include <intelpch/lockdown.h>
+
+void lpc_lockdown_config(int chipset_lockdown)
+{
+	/* Set BIOS Interface Lock, BIOS Lock */
+	if (chipset_lockdown == CHIPSET_LOCKDOWN_COREBOOT) {
+		/* BIOS Interface Lock */
+		lpc_set_bios_interface_lock_down();
+
+		/* Only allow writes in SMM */
+		if (CONFIG(BOOTMEDIA_SMM_BWP)) {
+			lpc_set_eiss();
+			lpc_enable_wp();
+		}
+
+		/* BIOS Lock */
+		lpc_set_lock_enable();
+	}
+}
+diff --git a/src/soc/intel/common/pch/lockdown/lockdown_spi.c b/src/soc/intel/common/pch/lockdown/lockdown_spi.c
+new file mode 100644
+index 00000000000..fa09cec7c2e
+--- /dev/null
+++ b/src/soc/intel/common/pch/lockdown/lockdown_spi.c
+@@ -0,0 +1,35 @@
+/* SPDX-License-Identifier: GPL-2.0-only */
+
+#include <intelblocks/cfg.h>
+#include <intelblocks/fast_spi.h>
+#include <intelpch/lockdown.h>
+
+void fast_spi_lockdown_bios(int chipset_lockdown)
+{
+	if (!CONFIG(SOC_INTEL_COMMON_BLOCK_FAST_SPI))
+		return;
+
+	/* Discrete Lock Flash PR registers */
+	fast_spi_pr_dlock();
+
+	/* Lock FAST_SPIBAR */
+	fast_spi_lock_bar();
+
+	/* Set BIOS Interface Lock, BIOS Lock */
+	if (chipset_lockdown == CHIPSET_LOCKDOWN_COREBOOT) {
+		/* BIOS Interface Lock */
+		fast_spi_set_bios_interface_lock_down();
+
+		/* Only allow writes in SMM */
+		if (CONFIG(BOOTMEDIA_SMM_BWP)) {
+			fast_spi_set_eiss();
+			fast_spi_enable_wp();
+		}
+
+		/* BIOS Lock */
+		fast_spi_set_lock_enable();
+
+		/* EXT BIOS Lock */
+		fast_spi_set_ext_bios_lock_enable();
+	}
+}
+diff --git a/src/soc/intel/denverton_ns/lpc.c b/src/soc/intel/denverton_ns/lpc.c
+index 7ebca1eb946..8d8acf05088 100644
+--- a/src/soc/intel/denverton_ns/lpc.c
+++ b/src/soc/intel/denverton_ns/lpc.c
+@@ -536,7 +536,8 @@ static const struct pci_driver lpc_driver __pci_driver = {
+ 
+ static void finalize_chipset(void *unused)
+ {
+-	apm_control(APM_CNT_FINALIZE);
+	if (CONFIG(INTEL_CHIPSET_LOCKDOWN) || acpi_is_wakeup_s3())
+		apm_control(APM_CNT_FINALIZE);
+ }
+ 
+ BOOT_STATE_INIT_ENTRY(BS_OS_RESUME, BS_ON_ENTRY, finalize_chipset, NULL);
+diff --git a/src/soc/intel/elkhartlake/finalize.c b/src/soc/intel/elkhartlake/finalize.c
+index 275413b4efa..802d02cb596 100644
+--- a/src/soc/intel/elkhartlake/finalize.c
+++ b/src/soc/intel/elkhartlake/finalize.c
+@@ -43,7 +43,8 @@ static void soc_finalize(void *unused)
+ 	printk(BIOS_DEBUG, "Finalizing chipset.\n");
+ 
+ 	pch_finalize();
+-	apm_control(APM_CNT_FINALIZE);
+	if (CONFIG(INTEL_CHIPSET_LOCKDOWN) || acpi_is_wakeup_s3())
+		apm_control(APM_CNT_FINALIZE);
+ 	if (CONFIG(USE_FSP_NOTIFY_PHASE_READY_TO_BOOT) &&
+ 		 CONFIG(USE_FSP_NOTIFY_PHASE_END_OF_FIRMWARE))
+ 		heci_finalize();
+diff --git a/src/soc/intel/jasperlake/finalize.c b/src/soc/intel/jasperlake/finalize.c
+index 6cff7a80f30..1b68cc51786 100644
+--- a/src/soc/intel/jasperlake/finalize.c
+++ b/src/soc/intel/jasperlake/finalize.c
+@@ -75,7 +75,8 @@ static void soc_finalize(void *unused)
+ 	printk(BIOS_DEBUG, "Finalizing chipset.\n");
+ 
+ 	pch_finalize();
+-	apm_control(APM_CNT_FINALIZE);
+	if (CONFIG(INTEL_CHIPSET_LOCKDOWN) || acpi_is_wakeup_s3())
+		apm_control(APM_CNT_FINALIZE);
+ 
+ 	/* Indicate finalize step with post code */
+ 	post_code(POSTCODE_OS_BOOT);
+diff --git a/src/soc/intel/meteorlake/finalize.c b/src/soc/intel/meteorlake/finalize.c
+index a977b0516e5..951153fa812 100644
+--- a/src/soc/intel/meteorlake/finalize.c
+++ b/src/soc/intel/meteorlake/finalize.c
+@@ -75,7 +75,8 @@ static void soc_finalize(void *unused)
+ 	printk(BIOS_DEBUG, "Finalizing chipset.\n");
+ 
+ 	pch_finalize();
+-	apm_control(APM_CNT_FINALIZE);
+	if (CONFIG(INTEL_CHIPSET_LOCKDOWN) || acpi_is_wakeup_s3())
+		apm_control(APM_CNT_FINALIZE);
+ 	tbt_finalize();
+ 	sa_finalize();
+ 	if (CONFIG(USE_FSP_NOTIFY_PHASE_READY_TO_BOOT) &&
+diff --git a/src/soc/intel/skylake/finalize.c b/src/soc/intel/skylake/finalize.c
+index fd80aeac1a0..a147b62e46f 100644
+--- a/src/soc/intel/skylake/finalize.c
+++ b/src/soc/intel/skylake/finalize.c
+@@ -106,7 +106,8 @@ static void soc_finalize(void *unused)
+ 	pch_finalize_script(dev);
+ 
+ 	soc_lockdown(dev);
+-	apm_control(APM_CNT_FINALIZE);
+	if (CONFIG(INTEL_CHIPSET_LOCKDOWN) || acpi_is_wakeup_s3())
+		apm_control(APM_CNT_FINALIZE);
+ 
+ 	/* Indicate finalize step with post code */
+ 	post_code(POSTCODE_OS_BOOT);
+diff --git a/src/soc/intel/tigerlake/finalize.c b/src/soc/intel/tigerlake/finalize.c
+index cd02745a9e6..06ce243fe72 100644
+--- a/src/soc/intel/tigerlake/finalize.c
+++ b/src/soc/intel/tigerlake/finalize.c
+@@ -55,7 +55,8 @@ static void soc_finalize(void *unused)
+ 	printk(BIOS_DEBUG, "Finalizing chipset.\n");
+ 
+ 	pch_finalize();
+-	apm_control(APM_CNT_FINALIZE);
+	if (CONFIG(INTEL_CHIPSET_LOCKDOWN) || acpi_is_wakeup_s3())
+		apm_control(APM_CNT_FINALIZE);
+ 	tbt_finalize();
+ 	if (CONFIG(DISABLE_HECI1_AT_PRE_BOOT))
+ 		heci1_disable();
+diff --git a/src/soc/intel/xeon_sp/finalize.c b/src/soc/intel/xeon_sp/finalize.c
+index af630fe8127..8e409b8c439 100644
+--- a/src/soc/intel/xeon_sp/finalize.c
+++ b/src/soc/intel/xeon_sp/finalize.c
+@@ -59,7 +59,8 @@ static void soc_finalize(void *unused)
+ 	if (!CONFIG(USE_PM_ACPI_TIMER))
+ 		setbits8(pmc_mmio_regs() + PCH_PWRM_ACPI_TMR_CTL, ACPI_TIM_DIS);
+ 
+-	apm_control(APM_CNT_FINALIZE);
+	if (CONFIG(INTEL_CHIPSET_LOCKDOWN) || acpi_is_wakeup_s3())
+		apm_control(APM_CNT_FINALIZE);
+ 	lock_pam0123();
+ 
+ 	if (CONFIG_MAX_SOCKET > 1) {