summaryrefslogtreecommitdiff
path: root/src
diff options
context:
space:
mode:
authorPratikkumar Prajapati <pratikkumar.v.prajapati@intel.com>2023-06-05 18:18:16 -0700
committerSridhar Siricilla <sridhar.siricilla@intel.com>2023-08-03 14:18:49 +0000
commit10bd2a27b9188fdf41021890581b9b8bf91bfb07 (patch)
treebdf2555e386549518296939d8df36eefaacb9f1b /src
parent62ceabc4d1b8be85c8499e484b5b3f2abdb2467f (diff)
soc/intel/meteorlake: Set UPDs for TME exclusion range and new key gen
Set UPD params GenerateNewTmeKey, TmeExcludeBase, and TmeExcludeSize when TME_KEY_REGENERATION_ON_WARM_BOOT config is enabled. These UPDs are programmed only when INTEL_TME is enabled. Bug=b:276120526 TEST=Able to build REX platform. Signed-off-by: Pratikkumar Prajapati <pratikkumar.v.prajapati@intel.com> Change-Id: Ib8d33f470977ce8db2fd137bab9c63e325b4a32d Reviewed-on: https://review.coreboot.org/c/coreboot/+/75626 Reviewed-by: Subrata Banik <subratabanik@google.com> Reviewed-by: Sumeet R Pawnikar <sumeet.r.pawnikar@intel.com> Reviewed-by: Sridhar Siricilla <sridhar.siricilla@intel.com> Reviewed-by: Kapil Porwal <kapilporwal@google.com> Tested-by: build bot (Jenkins) <no-reply@coreboot.org>
Diffstat (limited to 'src')
-rw-r--r--src/soc/intel/meteorlake/romstage/fsp_params.c21
1 files changed, 20 insertions, 1 deletions
diff --git a/src/soc/intel/meteorlake/romstage/fsp_params.c b/src/soc/intel/meteorlake/romstage/fsp_params.c
index 40b7c47018..fd634ecae0 100644
--- a/src/soc/intel/meteorlake/romstage/fsp_params.c
+++ b/src/soc/intel/meteorlake/romstage/fsp_params.c
@@ -8,6 +8,7 @@
#include <drivers/wifi/generic/wifi.h>
#include <fsp/fsp_debug_event.h>
#include <fsp/util.h>
+#include <intelbasecode/ramtop.h>
#include <intelblocks/cpulib.h>
#include <intelblocks/pcie_rp.h>
#include <option.h>
@@ -173,12 +174,30 @@ static void fill_fspm_cpu_params(FSP_M_CONFIG *m_cfg,
m_cfg->HyperThreading = get_uint_option("hyper_threading", CONFIG(FSP_HYPERTHREADING));
}
+static void fill_tme_params(FSP_M_CONFIG *m_cfg)
+{
+ m_cfg->TmeEnable = CONFIG(INTEL_TME) && is_tme_supported();
+ if (!m_cfg->TmeEnable)
+ return;
+ m_cfg->GenerateNewTmeKey = CONFIG(TME_KEY_REGENERATION_ON_WARM_BOOT);
+ if (m_cfg->GenerateNewTmeKey) {
+ uint32_t ram_top = get_ramtop_addr();
+ if (!ram_top) {
+ printk(BIOS_WARNING, "Invalid exclusion range start address. "
+ "Full memory encryption is enabled.\n");
+ return;
+ }
+ m_cfg->TmeExcludeBase = (ram_top - 16*MiB);
+ m_cfg->TmeExcludeSize = 16*MiB;
+ }
+}
+
static void fill_fspm_security_params(FSP_M_CONFIG *m_cfg,
const struct soc_intel_meteorlake_config *config)
{
/* Disable BIOS Guard */
m_cfg->BiosGuard = 0;
- m_cfg->TmeEnable = CONFIG(INTEL_TME) && is_tme_supported();
+ fill_tme_params(m_cfg);
}
static void fill_fspm_uart_params(FSP_M_CONFIG *m_cfg,