Attention is currently required from: Michał Żygowski, Patrick Rudolph. Angel Pons has posted comments on this change. ( https://review.coreboot.org/c/coreboot/+/59521 )

Change subject: security/intel/txt/romstage.c: Unlock memory when SCLEAN not needed ......................................................................

Patch Set 3:

(4 comments)

Commit Message:

https://review.coreboot.org/c/coreboot/+/59521/comment/b05a758f_d67dccb0 PS2, Line 10: memory on a TXT enabled platform. Previosuly on Sandybridge raminit the

Since TXT is optional, we would still need to have this fragment just in case the memory controller […]

I'm pretty sure the MSR always needs to be written.

Commit Message:

https://review.coreboot.org/c/coreboot/+/59521/comment/7125cba7_73a86dab PS3, Line 10: Previosuly typo: Previously

File src/security/intel/txt/romstage.c:

https://review.coreboot.org/c/coreboot/+/59521/comment/5d22eaa2_96397c09 PS3, Line 134: } else if (!establishment) { If TPM establishment is asserted but there's no TXT wake error, this function won't unlock memory.

https://review.coreboot.org/c/coreboot/+/59521/comment/91b925e5_56031c01 PS3, Line 138: wrmsr(TXT_UNLOCK_MEMORY_MSR, msr); Doesn't native raminit already do this?

src/northbridge/intel/sandybridge/raminit.c: wrmsr(0x2e6, (msr_t) { .lo = 0, .hi = 0 });