UefiCpuPkg/CommonFeature: Always set FEATURE_CONTROL.Lock

REF: https://bugzilla.tianocore.org/show_bug.cgi?id=1305

The patch reverts commit 1ed6498c4a0210204bf4b95cc0c0cd6623ad6a0b
* UefiCpuPkg/CommonFeature: Skip locking when the feature is disabled

FEATURE_CONTROL.Lock bit is controlled by feature
CPU_FEATURE_LOCK_FEATURE_CONTROL_REGISTER. The commit 1ed649 fixes
a bug that when the feature is disabled, the Lock bit is cleared.
But it's a security hole if the bit is cleared when booting OS.
We can argue that platform needs to make sure the value
of PcdCpuFeaturesUserConfiguration should be set properly to make
sure feature CPU_FEATURE_LOCK_FEATURE_CONTROL_REGISTER is enabled.

But it's better to guarantee this in the generic core code.

Contributed-under: TianoCore Contribution Agreement 1.1
Signed-off-by: Ruiyu Ni <ruiyu.ni@intel.com>
Reviewed-by: Eric Dong <eric.dong@intel.com>
Acked-by: Laszlo Ersek <lersek@redhat.com>
Cc: Andrew Fish <afish@apple.com>
Cc: Leif Lindholm <leif.lindholm@linaro.org>
Cc: Michael D Kinney <michael.d.kinney@intel.com>
1 file changed
tree: 5a948f9bad2ab4fc7c74bc7ec47f6757aa06a106
  1. .gitignore
  2. .gitmodules
  3. AppPkg/
  4. ArmPkg/
  5. ArmPlatformPkg/
  6. ArmVirtPkg/
  7. BaseTools/
  8. BeagleBoardPkg/
  9. BuildNotes2.txt
  10. Conf/
  11. Contributions.txt
  12. CorebootModulePkg/
  13. CorebootPayloadPkg/
  14. CryptoPkg/
  15. DuetPkg/
  16. EdkCompatibilityPkg/
  17. EdkShellBinPkg/
  18. EdkShellPkg/
  19. EmbeddedPkg/
  20. EmulatorPkg/
  21. FatPkg/
  22. FmpDevicePkg/
  23. IntelFrameworkModulePkg/
  24. IntelFrameworkPkg/
  25. IntelFsp2Pkg/
  26. IntelFsp2WrapperPkg/
  27. IntelFspPkg/
  28. IntelFspWrapperPkg/
  29. IntelSiliconPkg/
  30. License.txt
  31. Maintainers.txt
  32. MdeModulePkg/
  33. MdePkg/
  34. NetworkPkg/
  35. Nt32Pkg/
  36. Omap35xxPkg/
  37. OptionRomPkg/
  38. OvmfPkg/
  39. PcAtChipsetPkg/
  40. QuarkPlatformPkg/
  41. QuarkSocPkg/
  42. Readme.md
  43. SecurityPkg/
  44. ShellBinPkg/
  45. ShellPkg/
  46. SignedCapsulePkg/
  47. SourceLevelDebugPkg/
  48. StandaloneMmPkg/
  49. StdLib/
  50. StdLibPrivateInternalFiles/
  51. UefiCpuPkg/
  52. UnixPkg/
  53. Vlv2DeviceRefCodePkg/
  54. Vlv2TbltDevicePkg/
  55. edksetup.bat
  56. edksetup.sh
Readme.md

EDK II Project

A modern, feature-rich, cross-platform firmware development environment for the UEFI and PI specifications from www.uefi.org.

Contributions to the EDK II open source project are covered by the TianoCore Contribution Agreement 1.1

The majority of the content in the EDK II open source project uses a BSD 2-Clause License. The EDK II open source project contains the following components that are covered by additional licenses:

The EDK II Project is composed of packages. The maintainers for each package are listed in Maintainers.txt.

Resources