security/intel/txt: Don't run SCHECK on CBnT

This functionality only exists on legacy TXT. Change-Id: I4206ba65fafbe3d4dda626a8807e415ce6d64633 Signed-off-by: Arthur Heymans <arthur@aheymans.xyz> Reviewed-on: https://review.coreboot.org/c/coreboot/+/49164 Tested-by: build bot (Jenkins) <no-reply@coreboot.org> Reviewed-by: Christian Walter <christian.walter@9elements.com> Reviewed-by: Angel Pons <th3fanbus@gmail.com>
2021-01-06 14:12:47 +01:00 · 2021-01-06 14:12:47 +01:00 · 66dbd9c31e
parent 597a0ead71
commit 66dbd9c31e
1 changed files with 1 additions and 1 deletions
--- a/src/security/intel/txt/ramstage.c
+++ b/src/security/intel/txt/ramstage.c
@ -171,7 +171,7 @@ static void init_intel_txt(void *unused)
 	}
 	int s3resume = acpi_is_wakeup_s3();
-	if (!s3resume) {
+	if (!s3resume && !CONFIG(INTEL_CBNT_SUPPORT)) {
 		printk(BIOS_INFO, "TEE-TXT: Scheck...\n");
 		if (intel_txt_run_bios_acm(ACMINPUT_SCHECK) < 0) {
 			printk(BIOS_ERR, "TEE-TXT: Error calling BIOS ACM.\n");