1b35295ec2
Add files to introduce a memory clearing framework. Introduce Kconfig PLATFORM_HAS_DRAM_CLEAR that is to be selected by platforms, that are able to clear all DRAM. Introduce Kconfig SECURITY_CLEAR_DRAM_ON_REGULAR_BOOT that is user selectable to always clear DRAM on non S3 boot. The function security_clear_dram_request tells the calling platform when to wipe all DRAM. Will be extended by TEE frameworks. Add Documentation for the new security API. Change-Id: Ifba25bfdd1057049f5cbae8968501bd9be487110 Signed-off-by: Patrick Rudolph <patrick.rudolph@9elements.com> Reviewed-on: https://review.coreboot.org/c/coreboot/+/31548 Tested-by: build bot (Jenkins) <no-reply@coreboot.org> Reviewed-by: Philipp Deppenwiese <zaolin.daisuki@gmail.com> Reviewed-by: Christian Walter <christian.walter@9elements.com>
34 lines
943 B
C
34 lines
943 B
C
/*
|
|
* This file is part of the coreboot project.
|
|
*
|
|
* Copyright (C) 2019 9elements Agency GmbH
|
|
* Copyright (C) 2019 Facebook Inc.
|
|
*
|
|
* This program is free software; you can redistribute it and/or modify
|
|
* it under the terms of the GNU General Public License as published by
|
|
* the Free Software Foundation; version 2 of the License.
|
|
*
|
|
* This program is distributed in the hope that it will be useful,
|
|
* but WITHOUT ANY WARRANTY; without even the implied warranty of
|
|
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
|
|
* GNU General Public License for more details.
|
|
*/
|
|
|
|
#include <stdint.h>
|
|
#include "memory.h"
|
|
|
|
/**
|
|
* To be called after DRAM init.
|
|
* Tells the caller if DRAM must be cleared as requested by the user,
|
|
* firmware or security framework.
|
|
*/
|
|
bool security_clear_dram_request(void)
|
|
{
|
|
if (CONFIG(SECURITY_CLEAR_DRAM_ON_REGULAR_BOOT))
|
|
return true;
|
|
|
|
/* TODO: Add TEE environments here */
|
|
|
|
return false;
|
|
}
|