Arthur Heymans has uploaded this change for review. ( https://review.coreboot.org/c/coreboot/+/47934 )
Change subject: security/intel/txt/ramstage.c: Fix clearing secrets on CBNT ......................................................................
security/intel/txt/ramstage.c: Fix clearing secrets on CBNT
With CBNT it looks like only the the TXT_E2STS_SECRET_STS should be looked at.
Change-Id: Iff4436501b84f5c209add845b3cd3a62782d17e6 Signed-off-by: Arthur Heymans arthur@aheymans.xyz --- M src/security/intel/txt/ramstage.c 1 file changed, 2 insertions(+), 2 deletions(-)
git pull ssh://review.coreboot.org:29418/coreboot refs/changes/34/47934/1
diff --git a/src/security/intel/txt/ramstage.c b/src/security/intel/txt/ramstage.c index 80bf3f9..4e38d32 100644 --- a/src/security/intel/txt/ramstage.c +++ b/src/security/intel/txt/ramstage.c @@ -90,7 +90,7 @@ return;
/* Check for fatal ACM error and TXT reset */ - if (get_wake_error_status()) { +// if (get_wake_error_status()) { /* * Check if secrets bit needs to be reset. Only platforms that support * CONFIG(PLATFORM_HAS_DRAM_CLEAR) will be able to run this code. @@ -106,7 +106,7 @@ intel_txt_log_acm_error(read32((void *)TXT_BIOSACM_ERRORCODE)); die("Waiting for platform reset...\n"); } - } +// } }
BOOT_STATE_INIT_ENTRY(BS_POST_DEVICE, BS_ON_ENTRY, check_secrets_txt, NULL);