Yu-Ping Wu has submitted this change. ( https://review.coreboot.org/c/coreboot/+/83494?usp=email )
Change subject: security/vboot: Introduce vbnv_platform_init_cmos() ......................................................................
security/vboot: Introduce vbnv_platform_init_cmos()
Most x86 platforms use CMOS as the vboot nvdata (VBNV) backend storage. On some platforms such as AMD, certain CMOS registers must be configured before accessing the CMOS RAM which contains VBNV. More precisely, according to AMD's spec [1], the bit 4 of Register A of CMOS is bank selection. Since VBNV is accessed via bank 0 (see the MC146818 driver), the bit must be cleared before the VBNV can be successfully written to CMOS. Saving VBNV to CMOS may fail in verstage, if CMOS has lost power. In that case, all the CMOS registers would contain garbage data. Therefore, for AMD platforms the bit must be cleared in verstage, prior to the first save_vbnv_cmos() call.
Introduce vbnv_platform_init_cmos(), which is no-op by default, and can be defined per platform. The function will be called from vbnv_init() if VBOOT_VBNV_CMOS.
[1] 48751_16h_bkdg.pdf
BUG=b:346716300 TEST=none BRANCH=skyrim
Change-Id: Ic899a827bd6bb8ab1473f8c6c03b9fde96ea6823 Signed-off-by: Yu-Ping Wu yupingso@chromium.org Reviewed-on: https://review.coreboot.org/c/coreboot/+/83494 Reviewed-by: Bao Zheng fishbaozi@gmail.com Reviewed-by: Karthik Ramasubramanian kramasub@google.com Tested-by: build bot (Jenkins) no-reply@coreboot.org --- M src/security/vboot/vbnv.h M src/security/vboot/vbnv_cmos.c 2 files changed, 8 insertions(+), 0 deletions(-)
Approvals: Karthik Ramasubramanian: Looks good to me, approved build bot (Jenkins): Verified Bao Zheng: Looks good to me, but someone else must approve
diff --git a/src/security/vboot/vbnv.h b/src/security/vboot/vbnv.h index c4112a2..49d1f12 100644 --- a/src/security/vboot/vbnv.h +++ b/src/security/vboot/vbnv.h @@ -23,6 +23,8 @@ /* Initialize the vbnv CMOS backing store. The vbnv_copy pointer is used for optional temporary storage in the init function. */ void vbnv_init_cmos(uint8_t *vbnv_copy); +/* Platform-specific CMOS init function, called by vbnv_init_cmos(). */ +void vbnv_platform_init_cmos(void); /* Return non-zero if CMOS power was lost. */ int vbnv_cmos_failed(void); void read_vbnv_cmos(uint8_t *vbnv_copy); diff --git a/src/security/vboot/vbnv_cmos.c b/src/security/vboot/vbnv_cmos.c index 35e4c41..5073509 100644 --- a/src/security/vboot/vbnv_cmos.c +++ b/src/security/vboot/vbnv_cmos.c @@ -67,8 +67,14 @@ cmos_write(vbnv_copy[i], CONFIG_VBOOT_VBNV_OFFSET + 14 + i); }
+void __weak vbnv_platform_init_cmos(void) +{ +} + void vbnv_init_cmos(uint8_t *vbnv_copy) { + vbnv_platform_init_cmos(); + /* If no CMOS failure just defer to the normal read path for checking vbnv contents' integrity. */ if (!vbnv_cmos_failed())