From 10bd2a27b9188fdf41021890581b9b8bf91bfb07 Mon Sep 17 00:00:00 2001
From: Pratikkumar Prajapati <pratikkumar.v.prajapati@intel.com>
Date: Mon, 5 Jun 2023 18:18:16 -0700
Subject: soc/intel/meteorlake: Set UPDs for TME exclusion range and new key
 gen

Set UPD params GenerateNewTmeKey, TmeExcludeBase, and TmeExcludeSize
when TME_KEY_REGENERATION_ON_WARM_BOOT config is enabled. These UPDs
are programmed only when INTEL_TME is enabled.

Bug=b:276120526
TEST=Able to build REX platform.

Signed-off-by: Pratikkumar Prajapati <pratikkumar.v.prajapati@intel.com>
Change-Id: Ib8d33f470977ce8db2fd137bab9c63e325b4a32d
Reviewed-on: https://review.coreboot.org/c/coreboot/+/75626
Reviewed-by: Subrata Banik <subratabanik@google.com>
Reviewed-by: Sumeet R Pawnikar <sumeet.r.pawnikar@intel.com>
Reviewed-by: Sridhar Siricilla <sridhar.siricilla@intel.com>
Reviewed-by: Kapil Porwal <kapilporwal@google.com>
Tested-by: build bot (Jenkins) <no-reply@coreboot.org>
---
 src/soc/intel/meteorlake/romstage/fsp_params.c | 21 ++++++++++++++++++++-
 1 file changed, 20 insertions(+), 1 deletion(-)

(limited to 'src')

diff --git a/src/soc/intel/meteorlake/romstage/fsp_params.c b/src/soc/intel/meteorlake/romstage/fsp_params.c
index 40b7c47018..fd634ecae0 100644
--- a/src/soc/intel/meteorlake/romstage/fsp_params.c
+++ b/src/soc/intel/meteorlake/romstage/fsp_params.c
@@ -8,6 +8,7 @@
 #include <drivers/wifi/generic/wifi.h>
 #include <fsp/fsp_debug_event.h>
 #include <fsp/util.h>
+#include <intelbasecode/ramtop.h>
 #include <intelblocks/cpulib.h>
 #include <intelblocks/pcie_rp.h>
 #include <option.h>
@@ -173,12 +174,30 @@ static void fill_fspm_cpu_params(FSP_M_CONFIG *m_cfg,
 	m_cfg->HyperThreading = get_uint_option("hyper_threading", CONFIG(FSP_HYPERTHREADING));
 }
 
+static void fill_tme_params(FSP_M_CONFIG *m_cfg)
+{
+	m_cfg->TmeEnable = CONFIG(INTEL_TME) && is_tme_supported();
+	if (!m_cfg->TmeEnable)
+		return;
+	m_cfg->GenerateNewTmeKey = CONFIG(TME_KEY_REGENERATION_ON_WARM_BOOT);
+	if (m_cfg->GenerateNewTmeKey) {
+		uint32_t ram_top = get_ramtop_addr();
+		if (!ram_top) {
+			printk(BIOS_WARNING, "Invalid exclusion range start address. "
+						"Full memory encryption is enabled.\n");
+			return;
+		}
+		m_cfg->TmeExcludeBase = (ram_top - 16*MiB);
+		m_cfg->TmeExcludeSize = 16*MiB;
+	}
+}
+
 static void fill_fspm_security_params(FSP_M_CONFIG *m_cfg,
 		const struct soc_intel_meteorlake_config *config)
 {
 	/* Disable BIOS Guard */
 	m_cfg->BiosGuard = 0;
-	m_cfg->TmeEnable = CONFIG(INTEL_TME) && is_tme_supported();
+	fill_tme_params(m_cfg);
 }
 
 static void fill_fspm_uart_params(FSP_M_CONFIG *m_cfg,
-- 
cgit v1.2.3