From 980d704b4d08d136275504e7d3fa37354eb29196 Mon Sep 17 00:00:00 2001 From: Patrick Rudolph Date: Thu, 17 Oct 2019 09:47:58 +0200 Subject: cpu/intel/common: Enable GetSec leaves for Intel TXT Similar to VMX and SMX also enable all GetSec leaves for Intel TXT. Change-Id: I89620c2a98cfceaa785b1a798fafbf35cc99a0b2 Signed-off-by: Patrick Rudolph Reviewed-on: https://review.coreboot.org/c/coreboot/+/36092 Tested-by: build bot (Jenkins) Reviewed-by: Philipp Deppenwiese --- src/cpu/intel/common/common_init.c | 7 ++++++- 1 file changed, 6 insertions(+), 1 deletion(-) (limited to 'src') diff --git a/src/cpu/intel/common/common_init.c b/src/cpu/intel/common/common_init.c index 2fff90c690..9819ee7d87 100644 --- a/src/cpu/intel/common/common_init.c +++ b/src/cpu/intel/common/common_init.c @@ -56,8 +56,13 @@ void set_feature_ctrl_vmx(void) if (enable) { msr.lo |= (1 << 2); - if (feature_flag & CPUID_SMX) + if (feature_flag & CPUID_SMX) { msr.lo |= (1 << 1); + if (CONFIG(INTEL_TXT)) { + /* Enable GetSec and all GetSec leaves */ + msr.lo |= (0xff << 8); + } + } } wrmsr(IA32_FEATURE_CONTROL, msr); -- cgit v1.2.3