soc/intel/meteorlake: Generate new TME key on each warm boot

Enable config TME_KEY_REGENERATION_ON_WARM_BOOT for Intel Meteor
Lake SOCs. This config allows Intel FSP to programs TME engine to
generate a new key for each warm boot and exclude CBMEM region
from being encrypted by TME.

Bug=b:276120526
TEST= Boot up the system, generate kernel crash using following
commands:

$ echo 1 > /proc/sys/kernel/sysrq
$ echo "c" > /proc/sysrq-trigger

System performs warm boot automatically. Once it is booted,
execute following commands in linux console of the DUT and confirm
ramoops can be read.

$ cat /sys/fs/pstore/console-ramoops-0

S0ix also tested and found working.

Signed-off-by: Pratikkumar Prajapati <pratikkumar.v.prajapati@intel.com>
Change-Id: I3161ab99b83fb7765646be31978942f271ba1f9e
Reviewed-on: https://review.coreboot.org/c/coreboot/+/75627
Tested-by: build bot (Jenkins) <no-reply@coreboot.org>
Reviewed-by: Subrata Banik <subratabanik@google.com>
Reviewed-by: Kapil Porwal <kapilporwal@google.com>
This commit is contained in:
Pratikkumar Prajapati 2023-06-05 18:22:21 -07:00 committed by Subrata Banik
parent 386ef64fb2
commit 5013c60a87
1 changed files with 1 additions and 0 deletions

View File

@ -89,6 +89,7 @@ config SOC_INTEL_METEORLAKE
select SOC_INTEL_MEM_MAPPED_PM_CONFIGURATION select SOC_INTEL_MEM_MAPPED_PM_CONFIGURATION
select SSE2 select SSE2
select SUPPORT_CPU_UCODE_IN_CBFS select SUPPORT_CPU_UCODE_IN_CBFS
select TME_KEY_REGENERATION_ON_WARM_BOOT
select TSC_MONOTONIC_TIMER select TSC_MONOTONIC_TIMER
select UDELAY_TSC select UDELAY_TSC
select UDK_202302_BINDING select UDK_202302_BINDING