GNUBoot
/
coreboot-kgpe-d16
2
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

security/intel/txt: Add weak function to skip TXT lockdown 

RAS error injection requires TXT and other related lockdown steps to
be skipped.

Change-Id: If9193a03be7e1345740ddc705f20dd4d05f3af26
Signed-off-by: Arthur Heymans <arthur@aheymans.xyz>
Reviewed-on: https://review.coreboot.org/c/coreboot/+/50236
Tested-by: build bot (Jenkins) <no-reply@coreboot.org>
Reviewed-by: Angel Pons <th3fanbus@gmail.com>
This commit is contained in:
Arthur Heymans 2021-02-02 19:00:49 +01:00 committed by Angel Pons
parent c423ce2f7f
commit fc6cc717ce
2 changed files with 10 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

8
src/security/intel/txt/ramstage.c
View File

@ -289,6 +289,11 @@ static void txt_initialize_heap(void)
push_sinit_heap(&heap_struct, NULL, 0); push_sinit_heap(&heap_struct, NULL, 0);
} }
__weak bool skip_intel_txt_lockdown(void)
{
return false;
}
/** /**
* Finalize the TXT device. * Finalize the TXT device.
* *
@ -300,6 +305,9 @@ static void txt_initialize_heap(void)
*/ */
static void lockdown_intel_txt(void *unused) static void lockdown_intel_txt(void *unused)
{ {
if (skip_intel_txt_lockdown())
return;
const uint64_t status = read64((void *)TXT_SPAD); const uint64_t status = read64((void *)TXT_SPAD);
uint32_t txt_feature_flags = 0; uint32_t txt_feature_flags = 0;

2
src/security/intel/txt/txt.h
View File

@ -26,5 +26,7 @@ bool intel_txt_memory_has_secrets(void);
void intel_txt_run_sclean(void); void intel_txt_run_sclean(void);
int intel_txt_run_bios_acm(const u8 input_params); int intel_txt_run_bios_acm(const u8 input_params);
bool intel_txt_prepare_txt_env(void); bool intel_txt_prepare_txt_env(void);
/* Allow platform override to skip TXT lockdown, e.g. required for RAS error injection. */
bool skip_intel_txt_lockdown(void);
#endif /* SECURITY_INTEL_TXT_H_ */ #endif /* SECURITY_INTEL_TXT_H_ */