soc/intel/common: Add check before sending HMRFPO_ENABLE command
This patch adds a check to determine if the CSE's current operation mode is ME_HFS1_COM_SECOVER_MEI_MSG or not before sending HMRFPO_ENABLE command to CSE. If CSE is already in the ME_HFS1_COM_SECOVER_MEI_MSG, coreboot skips sending HMRFPO_ENABLE command to CSE to unlock the CSE RW partition. TEST=Verify sending HMRFPO_ENABLE command on Brya system. Signed-off-by: Sridhar Siricilla <sridhar.siricilla@intel.com> Change-Id: I387ac7c7296ab06b9bb440d5d40c3286bf879d3b Reviewed-on: https://review.coreboot.org/c/coreboot/+/59698 Tested-by: build bot (Jenkins) <no-reply@coreboot.org> Reviewed-by: Tim Wawrzynczak <twawrzynczak@chromium.org>
This commit is contained in:
parent
b9277bad50
commit
49c25f2cef
|
@ -744,6 +744,12 @@ int cse_hmrfpo_enable(void)
|
||||||
struct hmrfpo_enable_resp resp;
|
struct hmrfpo_enable_resp resp;
|
||||||
size_t resp_size = sizeof(struct hmrfpo_enable_resp);
|
size_t resp_size = sizeof(struct hmrfpo_enable_resp);
|
||||||
|
|
||||||
|
if (cse_is_hfs1_com_secover_mei_msg()) {
|
||||||
|
printk(BIOS_DEBUG, "HECI: CSE is already in security override mode, "
|
||||||
|
"skip sending HMRFPO_ENABLE command to CSE\n");
|
||||||
|
return 1;
|
||||||
|
}
|
||||||
|
|
||||||
printk(BIOS_DEBUG, "HECI: Send HMRFPO Enable Command\n");
|
printk(BIOS_DEBUG, "HECI: Send HMRFPO Enable Command\n");
|
||||||
|
|
||||||
if (!cse_is_hmrfpo_enable_allowed()) {
|
if (!cse_is_hmrfpo_enable_allowed()) {
|
||||||
|
|
Loading…
Reference in New Issue