soc/intel/meteorlake: Generate new TME key on each warm boot
Enable config TME_KEY_REGENERATION_ON_WARM_BOOT for Intel Meteor Lake SOCs. This config allows Intel FSP to programs TME engine to generate a new key for each warm boot and exclude CBMEM region from being encrypted by TME. Bug=b:276120526 TEST= Boot up the system, generate kernel crash using following commands: $ echo 1 > /proc/sys/kernel/sysrq $ echo "c" > /proc/sysrq-trigger System performs warm boot automatically. Once it is booted, execute following commands in linux console of the DUT and confirm ramoops can be read. $ cat /sys/fs/pstore/console-ramoops-0 S0ix also tested and found working. Signed-off-by: Pratikkumar Prajapati <pratikkumar.v.prajapati@intel.com> Change-Id: I3161ab99b83fb7765646be31978942f271ba1f9e Reviewed-on: https://review.coreboot.org/c/coreboot/+/75627 Tested-by: build bot (Jenkins) <no-reply@coreboot.org> Reviewed-by: Subrata Banik <subratabanik@google.com> Reviewed-by: Kapil Porwal <kapilporwal@google.com>
This commit is contained in:
parent
386ef64fb2
commit
5013c60a87
|
@ -89,6 +89,7 @@ config SOC_INTEL_METEORLAKE
|
||||||
select SOC_INTEL_MEM_MAPPED_PM_CONFIGURATION
|
select SOC_INTEL_MEM_MAPPED_PM_CONFIGURATION
|
||||||
select SSE2
|
select SSE2
|
||||||
select SUPPORT_CPU_UCODE_IN_CBFS
|
select SUPPORT_CPU_UCODE_IN_CBFS
|
||||||
|
select TME_KEY_REGENERATION_ON_WARM_BOOT
|
||||||
select TSC_MONOTONIC_TIMER
|
select TSC_MONOTONIC_TIMER
|
||||||
select UDELAY_TSC
|
select UDELAY_TSC
|
||||||
select UDK_202302_BINDING
|
select UDK_202302_BINDING
|
||||||
|
|
Loading…
Reference in New Issue