[coreboot-gerrit] [S] Change in coreboot[master]: security/intel/txt: Add helper function to disable TXT

Attention is currently required from: Subrata Banik, Jérémy Compostella, Sridhar Siricilla, Angel Pons, Lean Sheng Tan, Werner Zeh.

Hello build bot (Jenkins), Tarun Tuli, Jérémy Compostella, Sridhar Siricilla, Angel Pons, Arthur Heymans, Lean Sheng Tan, Werner Zeh,

I'd like you to reexamine a change. Please visit

https://review.coreboot.org/c/coreboot/+/71574

to look at the new patch set (#7).

Change subject: security/intel/txt: Add helper function to disable TXT ......................................................................

security/intel/txt: Add helper function to disable TXT

Add a function to disable TXT as per TXT BIOS spec Section 6.2.5. AP firmware can disable TXT if TXT fails or TPM is already enabled.

On platforms with TXT disabled, the memory can be unlocked using MSR 0x2e6.

TEST=Able to perform disable_txt on SoC SKUs with TXT enabled.

Signed-off-by: Subrata Banik subratabanik@google.com Change-Id: I27f613428e82a1dd924172eab853d2ce9c32b473 --- M src/include/cpu/x86/msr.h M src/security/intel/txt/txt.h M src/security/intel/txt/txtlib.c 3 files changed, 46 insertions(+), 0 deletions(-)

git pull ssh://review.coreboot.org:29418/coreboot refs/changes/74/71574/7