diff options
author | Pratikkumar Prajapati <pratikkumar.v.prajapati@intel.com> | 2023-06-05 18:18:16 -0700 |
---|---|---|
committer | Sridhar Siricilla <sridhar.siricilla@intel.com> | 2023-08-03 14:18:49 +0000 |
commit | 10bd2a27b9188fdf41021890581b9b8bf91bfb07 (patch) | |
tree | bdf2555e386549518296939d8df36eefaacb9f1b /src | |
parent | 62ceabc4d1b8be85c8499e484b5b3f2abdb2467f (diff) |
soc/intel/meteorlake: Set UPDs for TME exclusion range and new key gen
Set UPD params GenerateNewTmeKey, TmeExcludeBase, and TmeExcludeSize
when TME_KEY_REGENERATION_ON_WARM_BOOT config is enabled. These UPDs
are programmed only when INTEL_TME is enabled.
Bug=b:276120526
TEST=Able to build REX platform.
Signed-off-by: Pratikkumar Prajapati <pratikkumar.v.prajapati@intel.com>
Change-Id: Ib8d33f470977ce8db2fd137bab9c63e325b4a32d
Reviewed-on: https://review.coreboot.org/c/coreboot/+/75626
Reviewed-by: Subrata Banik <subratabanik@google.com>
Reviewed-by: Sumeet R Pawnikar <sumeet.r.pawnikar@intel.com>
Reviewed-by: Sridhar Siricilla <sridhar.siricilla@intel.com>
Reviewed-by: Kapil Porwal <kapilporwal@google.com>
Tested-by: build bot (Jenkins) <no-reply@coreboot.org>
Diffstat (limited to 'src')
-rw-r--r-- | src/soc/intel/meteorlake/romstage/fsp_params.c | 21 |
1 files changed, 20 insertions, 1 deletions
diff --git a/src/soc/intel/meteorlake/romstage/fsp_params.c b/src/soc/intel/meteorlake/romstage/fsp_params.c index 40b7c47018..fd634ecae0 100644 --- a/src/soc/intel/meteorlake/romstage/fsp_params.c +++ b/src/soc/intel/meteorlake/romstage/fsp_params.c @@ -8,6 +8,7 @@ #include <drivers/wifi/generic/wifi.h> #include <fsp/fsp_debug_event.h> #include <fsp/util.h> +#include <intelbasecode/ramtop.h> #include <intelblocks/cpulib.h> #include <intelblocks/pcie_rp.h> #include <option.h> @@ -173,12 +174,30 @@ static void fill_fspm_cpu_params(FSP_M_CONFIG *m_cfg, m_cfg->HyperThreading = get_uint_option("hyper_threading", CONFIG(FSP_HYPERTHREADING)); } +static void fill_tme_params(FSP_M_CONFIG *m_cfg) +{ + m_cfg->TmeEnable = CONFIG(INTEL_TME) && is_tme_supported(); + if (!m_cfg->TmeEnable) + return; + m_cfg->GenerateNewTmeKey = CONFIG(TME_KEY_REGENERATION_ON_WARM_BOOT); + if (m_cfg->GenerateNewTmeKey) { + uint32_t ram_top = get_ramtop_addr(); + if (!ram_top) { + printk(BIOS_WARNING, "Invalid exclusion range start address. " + "Full memory encryption is enabled.\n"); + return; + } + m_cfg->TmeExcludeBase = (ram_top - 16*MiB); + m_cfg->TmeExcludeSize = 16*MiB; + } +} + static void fill_fspm_security_params(FSP_M_CONFIG *m_cfg, const struct soc_intel_meteorlake_config *config) { /* Disable BIOS Guard */ m_cfg->BiosGuard = 0; - m_cfg->TmeEnable = CONFIG(INTEL_TME) && is_tme_supported(); + fill_tme_params(m_cfg); } static void fill_fspm_uart_params(FSP_M_CONFIG *m_cfg, |