Arthur Heymans has uploaded this change for review. ( https://review.coreboot.org/c/coreboot/+/51100 )
Change subject: security/intel/txt: Fix logging ......................................................................
security/intel/txt: Fix logging
Many things were just wrong such as semantics of the error register.
Change-Id: If9c7140c7d51605e2708cbbc4a79d3ac37965656 Signed-off-by: Arthur Heymans arthur@aheymans.xyz --- M src/security/intel/txt/common.c M src/security/intel/txt/logging.c M src/security/intel/txt/txt_register.h 3 files changed, 15 insertions(+), 19 deletions(-)
git pull ssh://review.coreboot.org:29418/coreboot refs/changes/00/51100/1
diff --git a/src/security/intel/txt/common.c b/src/security/intel/txt/common.c index 4dd4ad3..6e5f9c6 100644 --- a/src/security/intel/txt/common.c +++ b/src/security/intel/txt/common.c @@ -75,18 +75,12 @@ const uint32_t progress = (acm_error & ACMERROR_TXT_PROGRESS_CODE) >> ACMERROR_TXT_PROGRESS_SHIFT;
- if (!minor) { - if (class == 0 && major == 0 && progress > 0) { - printk(BIOS_ERR, " Execution successful\n"); - printk(BIOS_ERR, " Progress code 0x%x\n", progress); - } else { - printk(BIOS_ERR, " Error Class: %x\n", class); - printk(BIOS_ERR, " Error: %x.%x\n", major, progress); - } + if (class == 0 && major == 0 && progress > 0) { + printk(BIOS_ERR, " Execution successful\n"); + printk(BIOS_ERR, " Progress code 0x%x\n", progress); } else { - printk(BIOS_ERR, " ACM didn't start\n"); - printk(BIOS_ERR, " Error Type: 0x%x\n", acm_error & 0xffffff); - return -1; + printk(BIOS_ERR, " Error Class: %x\n", class); + printk(BIOS_ERR, " Error: %x.%x\n", major, minor); }
return (acm_error & ACMERROR_TXT_EXTERNAL) && class == 0 && major == 0 && progress > 0; diff --git a/src/security/intel/txt/logging.c b/src/security/intel/txt/logging.c index 683247d..e3ccf53 100644 --- a/src/security/intel/txt/logging.c +++ b/src/security/intel/txt/logging.c @@ -87,15 +87,17 @@ acm_status = read64((void *)TXT_SPAD); txt_error = read64((void *)TXT_ERROR);
+ printk(BIOS_DEBUG, "TEE-TXT: BIOSACM_ERRORCODE 0x%x\n", bios_acm_error); + printk(BIOS_DEBUG, "TEE-TXT: TXT_SPAD 0x%llx\n", acm_status); + printk(BIOS_DEBUG, "TEE-TXT: TXT_ERROR 0x%llx\n", txt_error); + /* Errors by BIOS ACM or FIT */ - if ((txt_error & ACMERROR_TXT_VALID) && - (acm_status & ACMERROR_TXT_VALID)) { - intel_txt_log_acm_error(read32((void *)TXT_BIOSACM_ERRORCODE)); + if (bios_acm_error & ACMERROR_TXT_VALID) { + intel_txt_log_acm_error(bios_acm_error); log_txt_error("FIT MICROCODE"); } /* Errors by SINIT */ - if ((txt_error & ACMERROR_TXT_VALID) && - !(acm_status & ACMERROR_TXT_VALID)) { + if ((txt_error & ACMERROR_TXT_VALID)) { intel_txt_log_acm_error(txt_error); log_txt_error("SINIT"); } diff --git a/src/security/intel/txt/txt_register.h b/src/security/intel/txt/txt_register.h index bb735b6..8f903b6 100644 --- a/src/security/intel/txt/txt_register.h +++ b/src/security/intel/txt/txt_register.h @@ -26,14 +26,14 @@ #define ACMERROR_TXT_VALID (1ul << 31) #define ACMERROR_TXT_EXTERNAL (1ul << 30)
-#define ACMERROR_TXT_PROGRESS_SHIFT 16 -#define ACMERROR_TXT_MINOR_SHIFT 15 +#define ACMERROR_TXT_PROGRESS_SHIFT 15 +#define ACMERROR_TXT_MINOR_SHIFT 16 #define ACMERROR_TXT_MAJOR_SHIFT 10 #define ACMERROR_TXT_CLASS_SHIFT 4 #define ACMERROR_TXT_TYPE_SHIFT 0
#define ACMERROR_TXT_PROGRESS_CODE (0xffull << ACMERROR_TXT_PROGRESS_SHIFT) -#define ACMERROR_TXT_MINOR_CODE (0x01ull << ACMERROR_TXT_MINOR_SHIFT) +#define ACMERROR_TXT_MINOR_CODE (0x1ffull << ACMERROR_TXT_MINOR_SHIFT) #define ACMERROR_TXT_MAJOR_CODE (0x1full << ACMERROR_TXT_MAJOR_SHIFT) #define ACMERROR_TXT_CLASS_CODE (0x3full << ACMERROR_TXT_CLASS_SHIFT) #define ACMERROR_TXT_TYPE_CODE (0x0full << ACMERROR_TXT_TYPE_SHIFT)