summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorArthur Heymans <arthur@aheymans.xyz>2021-01-06 14:12:47 +0100
committerArthur Heymans <arthur@aheymans.xyz>2021-01-07 17:21:28 +0000
commit66dbd9c31e6bf43ea2ad982652d36531aeefeae2 (patch)
treea365d3a6f870efaa52188e0f908f76a64a643752
parent597a0ead710f43925504b2e7b2ad764195b65e08 (diff)
security/intel/txt: Don't run SCHECK on CBnT
This functionality only exists on legacy TXT. Change-Id: I4206ba65fafbe3d4dda626a8807e415ce6d64633 Signed-off-by: Arthur Heymans <arthur@aheymans.xyz> Reviewed-on: https://review.coreboot.org/c/coreboot/+/49164 Tested-by: build bot (Jenkins) <no-reply@coreboot.org> Reviewed-by: Christian Walter <christian.walter@9elements.com> Reviewed-by: Angel Pons <th3fanbus@gmail.com>
-rw-r--r--src/security/intel/txt/ramstage.c2
1 files changed, 1 insertions, 1 deletions
diff --git a/src/security/intel/txt/ramstage.c b/src/security/intel/txt/ramstage.c
index cbc3a41bb7..3401aef336 100644
--- a/src/security/intel/txt/ramstage.c
+++ b/src/security/intel/txt/ramstage.c
@@ -171,7 +171,7 @@ static void init_intel_txt(void *unused)
}
int s3resume = acpi_is_wakeup_s3();
- if (!s3resume) {
+ if (!s3resume && !CONFIG(INTEL_CBNT_SUPPORT)) {
printk(BIOS_INFO, "TEE-TXT: Scheck...\n");
if (intel_txt_run_bios_acm(ACMINPUT_SCHECK) < 0) {
printk(BIOS_ERR, "TEE-TXT: Error calling BIOS ACM.\n");