Arthur Heymans has uploaded this change for review. ( https://review.coreboot.org/c/coreboot/+/49164 )
Change subject: security/intel/txt: Don't run SCHECK on CBnT ......................................................................
security/intel/txt: Don't run SCHECK on CBnT
This functionality only exists on legacy TXT.
Change-Id: I4206ba65fafbe3d4dda626a8807e415ce6d64633 Signed-off-by: Arthur Heymans arthur@aheymans.xyz --- M src/security/intel/txt/ramstage.c 1 file changed, 1 insertion(+), 1 deletion(-)
git pull ssh://review.coreboot.org:29418/coreboot refs/changes/64/49164/1
diff --git a/src/security/intel/txt/ramstage.c b/src/security/intel/txt/ramstage.c index cbc3a41..3401aef 100644 --- a/src/security/intel/txt/ramstage.c +++ b/src/security/intel/txt/ramstage.c @@ -171,7 +171,7 @@ }
int s3resume = acpi_is_wakeup_s3(); - if (!s3resume) { + if (!s3resume && !CONFIG(INTEL_CBNT_SUPPORT)) { printk(BIOS_INFO, "TEE-TXT: Scheck...\n"); if (intel_txt_run_bios_acm(ACMINPUT_SCHECK) < 0) { printk(BIOS_ERR, "TEE-TXT: Error calling BIOS ACM.\n");