summaryrefslogtreecommitdiff
path: root/src
diff options
context:
space:
mode:
authorPratikkumar Prajapati <pratikkumar.v.prajapati@intel.com>2023-06-05 18:22:21 -0700
committerSubrata Banik <subratabanik@google.com>2023-08-04 04:33:42 +0000
commit5013c60a871af8fbce8c38a1c342c454e5b8452f (patch)
treef06dc54292093fa2db032a080399359d2e2f6e67 /src
parent386ef64fb2ac84b88b948fcc0d16096d9325e7a3 (diff)
soc/intel/meteorlake: Generate new TME key on each warm boot
Enable config TME_KEY_REGENERATION_ON_WARM_BOOT for Intel Meteor Lake SOCs. This config allows Intel FSP to programs TME engine to generate a new key for each warm boot and exclude CBMEM region from being encrypted by TME. Bug=b:276120526 TEST= Boot up the system, generate kernel crash using following commands: $ echo 1 > /proc/sys/kernel/sysrq $ echo "c" > /proc/sysrq-trigger System performs warm boot automatically. Once it is booted, execute following commands in linux console of the DUT and confirm ramoops can be read. $ cat /sys/fs/pstore/console-ramoops-0 S0ix also tested and found working. Signed-off-by: Pratikkumar Prajapati <pratikkumar.v.prajapati@intel.com> Change-Id: I3161ab99b83fb7765646be31978942f271ba1f9e Reviewed-on: https://review.coreboot.org/c/coreboot/+/75627 Tested-by: build bot (Jenkins) <no-reply@coreboot.org> Reviewed-by: Subrata Banik <subratabanik@google.com> Reviewed-by: Kapil Porwal <kapilporwal@google.com>
Diffstat (limited to 'src')
-rw-r--r--src/soc/intel/meteorlake/Kconfig1
1 files changed, 1 insertions, 0 deletions
diff --git a/src/soc/intel/meteorlake/Kconfig b/src/soc/intel/meteorlake/Kconfig
index 2eb140584a..3fa1347e82 100644
--- a/src/soc/intel/meteorlake/Kconfig
+++ b/src/soc/intel/meteorlake/Kconfig
@@ -89,6 +89,7 @@ config SOC_INTEL_METEORLAKE
select SOC_INTEL_MEM_MAPPED_PM_CONFIGURATION
select SSE2
select SUPPORT_CPU_UCODE_IN_CBFS
+ select TME_KEY_REGENERATION_ON_WARM_BOOT
select TSC_MONOTONIC_TIMER
select UDELAY_TSC
select UDK_202302_BINDING