[coreboot-gerrit] Change in coreboot[master]: security/tpm: Drop CAR_GLOBAL_MIGRATION support

20 Nov 2019

Arthur Heymans has uploaded this change for review. ( https://review.coreboot.org/c/coreboot/+/37029 )
Change subject: security/tpm: Drop CAR_GLOBAL_MIGRATION support
......................................................................
security/tpm: Drop CAR_GLOBAL_MIGRATION support
Change-Id: I1c09eda6164efb390de4626f52aafba59962f9c4
Signed-off-by: Arthur Heymans arthur@aheymans.xyz
---
M src/drivers/crb/tis.c
M src/drivers/crb/tpm.c
M src/drivers/i2c/tpm/cr50.c
M src/drivers/i2c/tpm/tis.c
M src/drivers/i2c/tpm/tis_atmel.c
M src/drivers/i2c/tpm/tpm.c
M src/drivers/pc80/tpm/tis.c
M src/security/tpm/tspi/log.c
M src/security/tpm/tss/tcg-1.2/tss.c
M src/security/tpm/tss/tcg-2.0/tss.c
M src/security/tpm/tss/tcg-2.0/tss_marshaling.c
M src/security/tpm/tss/vendor/cr50/cr50.c
12 files changed, 98 insertions(+), 130 deletions(-)
git pull ssh://review.coreboot.org:29418/coreboot refs/changes/29/37029/1

diff --git a/src/drivers/crb/tis.c b/src/drivers/crb/tis.c
index 94bfb9e..17302cc 100644
--- a/src/drivers/crb/tis.c
+++ b/src/drivers/crb/tis.c
@@ -11,7 +11,6 @@
  * GNU General Public License for more details.
  */
-#include <arch/early_variables.h>
 #include <console/console.h>
 #include <security/tpm/tis.h>
 #include <arch/acpigen.h>
@@ -21,7 +20,7 @@
 #include "tpm.h"
 #include "chip.h"
-static unsigned tpm_is_open CAR_GLOBAL;
+static unsigned tpm_is_open;
static const struct {
    uint16_t vid;
@@ -45,7 +44,7 @@
int tis_open(void)
 {
-	if (car_get_var(tpm_is_open)) {
+	if (tpm_is_open) {
    	printk(BIOS_ERR, "%s called twice.\n", __func__);
    	return -1;
    }
@@ -63,13 +62,13 @@
int tis_close(void)
 {
-	if (car_get_var(tpm_is_open)) {
+	if (tpm_is_open) {
/*
    	 * Do we need to do something here, like waiting for a
    	 * transaction to stop?
    	 */
-		car_set_var(tpm_is_open, 0);
+	        tpm_is_open = 0;
    }
return 0;
diff --git a/src/drivers/crb/tpm.c b/src/drivers/crb/tpm.c
index 0393417..f2b7903 100644
--- a/src/drivers/crb/tpm.c
+++ b/src/drivers/crb/tpm.c
@@ -15,7 +15,6 @@
  */
#include <timer.h>
-#include <arch/early_variables.h>
 #include <console/console.h>
 #include <arch/mmio.h>
 #include <delay.h>
diff --git a/src/drivers/i2c/tpm/cr50.c b/src/drivers/i2c/tpm/cr50.c
index 6714bd4..5f016e4 100644
--- a/src/drivers/i2c/tpm/cr50.c
+++ b/src/drivers/i2c/tpm/cr50.c
@@ -27,7 +27,6 @@
  *   instead of just reading header and determining the remainder
  */
-#include <arch/early_variables.h>
 #include <commonlib/endian.h>
 #include <string.h>
 #include <types.h>
@@ -55,15 +54,15 @@
    uint8_t buf[CR50_MAX_BUFSIZE + sizeof(uint8_t)];
 };
-static struct tpm_inf_dev g_tpm_dev CAR_GLOBAL;
+static struct tpm_inf_dev g_tpm_dev;
__weak int tis_plat_irq_status(void)
 {
-	static int warning_displayed CAR_GLOBAL;
+	static int warning_displayed ;
-	if (!car_get_var(warning_displayed)) {
+	if (!warning_displayed) {
    	printk(BIOS_WARNING, "WARNING: tis_plat_irq_status() not implemented, wasting 20ms to wait on Cr50!\n");
-		car_set_var(warning_displayed, 1);
+		warning_displayed = 1;
    }
    mdelay(CR50_TIMEOUT_NOIRQ_MS);
@@ -101,16 +100,14 @@
 static int cr50_i2c_read(struct tpm_chip *chip, uint8_t addr,
    		 uint8_t *buffer, size_t len)
 {
-	struct tpm_inf_dev *tpm_dev = car_get_var_ptr(&g_tpm_dev);
-
-	if (tpm_dev->addr == 0)
+	if (g_tpm_dev.addr == 0)
    	return -1;
/* Clear interrupt before starting transaction */
    tis_plat_irq_status();
/* Send the register address byte to the TPM */
-	if (i2c_write_raw(tpm_dev->bus, tpm_dev->addr, &addr, 1)) {
+	if (i2c_write_raw(g_tpm_dev.bus, g_tpm_dev.addr, &addr, 1)) {
    	printk(BIOS_ERR, "%s: Address write failed\n", __func__);
    	return -1;
    }
@@ -120,7 +117,7 @@
    	return -1;
/* Read response data from the TPM */
-	if (i2c_read_raw(tpm_dev->bus, tpm_dev->addr, buffer, len)) {
+	if (i2c_read_raw(g_tpm_dev.bus, g_tpm_dev.addr, buffer, len)) {
    	printk(BIOS_ERR, "%s: Read response failed\n", __func__);
    	return -1;
    }
@@ -145,22 +142,20 @@
 static int cr50_i2c_write(struct tpm_chip *chip,
    		  uint8_t addr, uint8_t *buffer, size_t len)
 {
-	struct tpm_inf_dev *tpm_dev = car_get_var_ptr(&g_tpm_dev);
-
-	if (tpm_dev->addr == 0)
+	if (g_tpm_dev.addr == 0)
    	return -1;
    if (len > CR50_MAX_BUFSIZE)
    	return -1;
/* Prepend the 'register address' to the buffer */
-	tpm_dev->buf[0] = addr;
-	memcpy(tpm_dev->buf + 1, buffer, len);
+	g_tpm_dev.buf[0] = addr;
+	memcpy(g_tpm_dev.buf + 1, buffer, len);
/* Clear interrupt before starting transaction */
    tis_plat_irq_status();
/* Send write request buffer with address */
-	if (i2c_write_raw(tpm_dev->bus, tpm_dev->addr, tpm_dev->buf, len + 1)) {
+	if (i2c_write_raw(g_tpm_dev.bus, g_tpm_dev.addr, g_tpm_dev.buf, len + 1)) {
    	printk(BIOS_ERR, "%s: Error writing to TPM\n", __func__);
    	return -1;
    }
@@ -491,7 +486,6 @@
int tpm_vendor_init(struct tpm_chip *chip, unsigned int bus, uint32_t dev_addr)
 {
-	struct tpm_inf_dev *tpm_dev = car_get_var_ptr(&g_tpm_dev);
    uint32_t did_vid = 0;
if (dev_addr == 0) {
@@ -499,8 +493,8 @@
    	return -1;
    }
-	tpm_dev->bus = bus;
-	tpm_dev->addr = dev_addr;
+	g_tpm_dev.bus = bus;
+	g_tpm_dev.addr = dev_addr;
cr50_vendor_init(chip);
diff --git a/src/drivers/i2c/tpm/tis.c b/src/drivers/i2c/tpm/tis.c
index e466c45..aa8cc4b 100644
--- a/src/drivers/i2c/tpm/tis.c
+++ b/src/drivers/i2c/tpm/tis.c
@@ -12,7 +12,6 @@
  * GNU General Public License for more details.
  */
-#include <arch/early_variables.h>
 #include <stdint.h>
 #include <string.h>
 #include <assert.h>
@@ -27,25 +26,24 @@
 #include "tpm.h"
/* global structure for tpm chip data */
-static struct tpm_chip g_chip CAR_GLOBAL;
+static struct tpm_chip g_chip;
#define TPM_CMD_COUNT_BYTE 2
 #define TPM_CMD_ORDINAL_BYTE 6
int tis_open(void)
 {
-	struct tpm_chip *chip = car_get_var_ptr(&g_chip);
    int rc;
-	if (chip->is_open) {
+	if (g_chip.is_open) {
    	printk(BIOS_DEBUG, "tis_open() called twice.\n");
    	return -1;
    }
-	rc = tpm_vendor_init(chip, CONFIG_DRIVER_TPM_I2C_BUS,
+	rc = tpm_vendor_init(&g_chip, CONFIG_DRIVER_TPM_I2C_BUS,
    		     CONFIG_DRIVER_TPM_I2C_ADDR);
    if (rc < 0)
-		chip->is_open = 0;
+		g_chip.is_open = 0;
if (rc)
    	return -1;
@@ -55,11 +53,9 @@
int tis_close(void)
 {
-	struct tpm_chip *chip = car_get_var_ptr(&g_chip);
-
-	if (chip->is_open) {
-		tpm_vendor_cleanup(chip);
-		chip->is_open = 0;
+	if (g_chip.is_open) {
+		tpm_vendor_cleanup(&g_chip);
+		g_chip.is_open = 0;
    }
return 0;
@@ -76,12 +72,11 @@
 {
    int rc;
    uint32_t count;
-	struct tpm_chip *chip = car_get_var_ptr(&g_chip);
memcpy(&count, sbuf + TPM_CMD_COUNT_BYTE, sizeof(count));
    count = be32_to_cpu(count);
-	if (!chip->vendor.send || !chip->vendor.status || !chip->vendor.cancel)
+	if (!g_chip.vendor.send || !g_chip.vendor.status || !g_chip.vendor.cancel)
    	return -1;
if (count == 0) {
@@ -94,8 +89,8 @@
    	return -1;
    }
-	ASSERT(chip->vendor.send);
-	rc = chip->vendor.send(chip, (uint8_t *) sbuf, count);
+	ASSERT(g_chip.vendor.send);
+	rc = g_chip.vendor.send(chip, (uint8_t *) sbuf, count);
    if (rc < 0) {
    	printk(BIOS_DEBUG, "tpm_transmit: tpm_send error\n");
    	goto out;
@@ -103,14 +98,14 @@
int timeout = 2 * 60 * 1000; /* two minutes timeout */
    while (timeout) {
-		ASSERT(chip->vendor.status);
-		uint8_t status = chip->vendor.status(chip);
-		if ((status & chip->vendor.req_complete_mask) ==
-		    chip->vendor.req_complete_val) {
+		ASSERT(g_chip.vendor.status);
+		uint8_t status = g_chip.vendor.status(&g_chip);
+		if ((status & g_chip.vendor.req_complete_mask) ==
+		    g_chip.vendor.req_complete_val) {
    		goto out_recv;
    	}
-		if (status == chip->vendor.req_canceled) {
+		if (status == g_chip.vendor.req_canceled) {
    		printk(BIOS_DEBUG,
    			"tpm_transmit: Operation Canceled\n");
    		rc = -1;
@@ -120,15 +115,15 @@
    	timeout--;
    }
-	ASSERT(chip->vendor.cancel);
-	chip->vendor.cancel(chip);
+	ASSERT(g_chip.vendor.cancel);
+	g_chip.vendor.cancel(&g_chip);
    printk(BIOS_DEBUG, "tpm_transmit: Operation Timed out\n");
    rc = -1; //ETIME;
    goto out;
out_recv:
-	rc = chip->vendor.recv(chip, (uint8_t *) rbuf, rbufsiz);
+	rc = g_chip.vendor.recv(chip, (uint8_t *) rbuf, rbufsiz);
    if (rc < 0)
    	printk(BIOS_DEBUG, "tpm_transmit: tpm_recv: error %d\n", rc);
 out:
diff --git a/src/drivers/i2c/tpm/tis_atmel.c b/src/drivers/i2c/tpm/tis_atmel.c
index 42df292..793418a 100644
--- a/src/drivers/i2c/tpm/tis_atmel.c
+++ b/src/drivers/i2c/tpm/tis_atmel.c
@@ -12,7 +12,6 @@
  * GNU General Public License for more details.
  */
-#include <arch/early_variables.h>
 #include <assert.h>
 #include <commonlib/endian.h>
 #include <console/console.h>
diff --git a/src/drivers/i2c/tpm/tpm.c b/src/drivers/i2c/tpm/tpm.c
index e095084..dbf834b 100644
--- a/src/drivers/i2c/tpm/tpm.c
+++ b/src/drivers/i2c/tpm/tpm.c
@@ -28,7 +28,6 @@
  */
-#include <arch/early_variables.h>
 #include <commonlib/endian.h>
 #include <stdint.h>
 #include <string.h>
@@ -81,7 +80,7 @@
    enum i2c_chip_type chip_type;
 };
-static struct tpm_inf_dev g_tpm_dev CAR_GLOBAL;
+static struct tpm_inf_dev g_tpm_dev ;
/*
  * iic_tpm_read() - read from TPM register
@@ -99,24 +98,23 @@
  */
 static int iic_tpm_read(uint8_t addr, uint8_t *buffer, size_t len)
 {
-	struct tpm_inf_dev *tpm_dev = car_get_var_ptr(&g_tpm_dev);
    int rc;
    int count;
-	if (tpm_dev->addr == 0)
+	if (g_tpm_dev.addr == 0)
    	return -1;
-	switch (tpm_dev->chip_type) {
+	switch (g_tpm_dev.chip_type) {
    case SLB9635:
    case UNKNOWN:
    	/* slb9635 protocol should work in both cases */
    	for (count = 0; count < MAX_COUNT; count++) {
-			rc = i2c_write_raw(tpm_dev->bus, tpm_dev->addr,
+			rc = i2c_write_raw(g_tpm_dev.bus, g_tpm_dev.addr,
    				   &addr, 1);
    		if (rc == 0)
    			break;  /* success, break to skip sleep */
-			udelay(tpm_dev->sleep_short);
+			udelay(g_tpm_dev.sleep_short);
    	}
if (rc)
@@ -127,8 +125,8 @@
    	 * retrieving the data
    	 */
    	for (count = 0; count < MAX_COUNT; count++) {
-			udelay(tpm_dev->sleep_short);
-			rc = i2c_read_raw(tpm_dev->bus, tpm_dev->addr,
+			udelay(g_tpm_dev.sleep_short);
+			rc = i2c_read_raw(g_tpm_dev.bus, g_tpm_dev.addr,
    				  buffer, len);
    		if (rc == 0)
    			break;  /* success, break to skip sleep */
@@ -144,23 +142,23 @@
    	 * retries should usually not be needed, but are kept just to
    	 * be safe on the safe side.
    	 */
-		struct i2c_msg aseg = { .flags = 0, .slave = tpm_dev->addr,
+		struct i2c_msg aseg = { .flags = 0, .slave = g_tpm_dev.addr,
    				.buf = &addr, .len = 1 };
    	struct i2c_msg dseg = { .flags = I2C_M_RD,
-					.slave = tpm_dev->addr,
+					.slave = g_tpm_dev.addr,
    				.buf = buffer, .len = len };
    	for (count = 0; count < MAX_COUNT; count++) {
-			rc = i2c_transfer(tpm_dev->bus, &aseg, 1) ||
-			     i2c_transfer(tpm_dev->bus, &dseg, 1);
+			rc = i2c_transfer(g_tpm_dev.bus, &aseg, 1) ||
+			     i2c_transfer(g_tpm_dev.bus, &dseg, 1);
    		if (rc == 0)
    			break;  /* break here to skip sleep */
-			udelay(tpm_dev->sleep_short);
+			udelay(g_tpm_dev.sleep_short);
    	}
    }
    }
/* take care of 'guard time' */
-	udelay(tpm_dev->sleep_short);
+	udelay(g_tpm_dev.sleep_short);
    if (rc)
    	return -1;
@@ -171,7 +169,6 @@
    			unsigned int sleep_time,
    			uint8_t max_count)
 {
-	struct tpm_inf_dev *tpm_dev = car_get_var_ptr(&g_tpm_dev);
    int rc = 0;
    int count;
@@ -182,14 +179,14 @@
    }
/* prepare send buffer */
-	tpm_dev->buf[0] = addr;
-	memcpy(&(tpm_dev->buf[1]), buffer, len);
+	g_tpm_dev.buf[0] = addr;
+	memcpy(&(g_tpm_dev.buf[1]), buffer, len);
-	if (tpm_dev->addr == 0)
+	if (g_tpm_dev.addr == 0)
    	return -1;
    for (count = 0; count < max_count; count++) {
-		rc = i2c_write_raw(tpm_dev->bus, tpm_dev->addr,
-				   tpm_dev->buf, len + 1);
+		rc = i2c_write_raw(g_tpm_dev.bus, g_tpm_dev.addr,
+				   g_tpm_dev.buf, len + 1);
    	if (rc == 0)
    		break;  /* success, break to skip sleep */
@@ -197,7 +194,7 @@
    }
/* take care of 'guard time' */
-	udelay(tpm_dev->sleep_short);
+	udelay(g_tpm_dev.sleep_short);
    if (rc)
    	return -1;
@@ -222,8 +219,7 @@
  */
 static int iic_tpm_write(uint8_t addr, uint8_t *buffer, size_t len)
 {
-	struct tpm_inf_dev *tpm_dev = car_get_var_ptr(&g_tpm_dev);
-	return iic_tpm_write_generic(addr, buffer, len, tpm_dev->sleep_short,
+	return iic_tpm_write_generic(addr, buffer, len, g_tpm_dev.sleep_short,
    		MAX_COUNT);
 }
@@ -233,8 +229,7 @@
  * */
 static int iic_tpm_write_long(uint8_t addr, uint8_t *buffer, size_t len)
 {
-	struct tpm_inf_dev *tpm_dev = car_get_var_ptr(&g_tpm_dev);
-	return iic_tpm_write_generic(addr, buffer, len, tpm_dev->sleep_long,
+	return iic_tpm_write_generic(addr, buffer, len, g_tpm_dev.sleep_long,
    		MAX_COUNT_LONG);
 }
@@ -479,17 +474,16 @@
int tpm_vendor_probe(unsigned int bus, uint32_t addr)
 {
-	struct tpm_inf_dev *tpm_dev = car_get_var_ptr(&g_tpm_dev);
    struct stopwatch sw;
    uint8_t buf = 0;
    int ret;
    long sw_run_duration = SLEEP_DURATION_PROBE_MS;
-	tpm_dev->chip_type = UNKNOWN;
-	tpm_dev->bus = bus;
-	tpm_dev->addr = addr;
-	tpm_dev->sleep_short = SLEEP_DURATION;
-	tpm_dev->sleep_long = SLEEP_DURATION_LONG;
+	g_tpm_dev.chip_type = UNKNOWN;
+	g_tpm_dev.bus = bus;
+	g_tpm_dev.addr = addr;
+	g_tpm_dev.sleep_short = SLEEP_DURATION;
+	g_tpm_dev.sleep_long = SLEEP_DURATION_LONG;
/*
     * Probe TPM. Check if the TPM_ACCESS register's ValidSts bit is set(1)
@@ -521,7 +515,6 @@
int tpm_vendor_init(struct tpm_chip *chip, unsigned int bus, uint32_t dev_addr)
 {
-	struct tpm_inf_dev *tpm_dev = car_get_var_ptr(&g_tpm_dev);
    uint32_t vendor;
if (dev_addr == 0) {
@@ -529,11 +522,11 @@
    	return -1;
    }
-	tpm_dev->chip_type = UNKNOWN;
-	tpm_dev->bus = bus;
-	tpm_dev->addr = dev_addr;
-	tpm_dev->sleep_short = SLEEP_DURATION;
-	tpm_dev->sleep_long = SLEEP_DURATION_LONG;
+	g_tpm_dev.chip_type = UNKNOWN;
+	g_tpm_dev.bus = bus;
+	g_tpm_dev.addr = dev_addr;
+	g_tpm_dev.sleep_short = SLEEP_DURATION;
+	g_tpm_dev.sleep_long = SLEEP_DURATION_LONG;
memset(&chip->vendor, 0, sizeof(struct tpm_vendor_specific));
    chip->is_open = 1;
@@ -554,9 +547,9 @@
    	goto out_err;
if (vendor == TPM_TIS_I2C_DID_VID_9645) {
-		tpm_dev->chip_type = SLB9645;
+		g_tpm_dev.chip_type = SLB9645;
    } else if (be32_to_cpu(vendor) == TPM_TIS_I2C_DID_VID_9635) {
-		tpm_dev->chip_type = SLB9635;
+		g_tpm_dev.chip_type = SLB9635;
    } else {
    	printk(BIOS_DEBUG, "Vendor ID 0x%08x not recognized.\n",
    		vendor);
@@ -564,8 +557,8 @@
    }
printk(BIOS_DEBUG, "I2C TPM %u:%02x (chip type %s device-id 0x%X)\n",
-	       tpm_dev->bus, tpm_dev->addr,
-	       chip_name[tpm_dev->chip_type], vendor >> 16);
+	       g_tpm_dev.bus, g_tpm_dev.addr,
+	       chip_name[g_tpm_dev.chip_type], vendor >> 16);
/*
     * A timeout query to TPM can be placed here.
diff --git a/src/drivers/pc80/tpm/tis.c b/src/drivers/pc80/tpm/tis.c
index 5927377..98bf244 100644
--- a/src/drivers/pc80/tpm/tis.c
+++ b/src/drivers/pc80/tpm/tis.c
@@ -31,7 +31,6 @@
 #include <device/device.h>
 #include <console/console.h>
 #include <security/tpm/tis.h>
-#include <arch/early_variables.h>
 #include <device/pnp.h>
 #include "chip.h"
@@ -162,7 +161,7 @@
  * Cached vendor/device ID pair to indicate that the device has been already
  * discovered
  */
-static u32 vendor_dev_id CAR_GLOBAL;
+static u32 vendor_dev_id ;
static inline u8 tpm_read_status(int locality)
 {
@@ -402,7 +401,7 @@
    u16 vid, did;
    int i;
-	if (car_get_var(vendor_dev_id))
+	if (vendor_dev_id)
    	return 0;  /* Already probed. */
didvid = tpm_read_did_vid(0);
@@ -411,7 +410,7 @@
    	return TPM_DRIVER_ERR;
    }
-	car_set_var(vendor_dev_id, didvid);
+	vendor_dev_id = didvid;
vid = didvid & 0xffff;
    did = (didvid >> 16) & 0xffff;
diff --git a/src/security/tpm/tspi/log.c b/src/security/tpm/tspi/log.c
index 9986d9a..8a9cc88 100644
--- a/src/security/tpm/tspi/log.c
+++ b/src/security/tpm/tspi/log.c
@@ -15,7 +15,6 @@
#include <console/console.h>
 #include <security/tpm/tspi.h>
-#include <arch/early_variables.h>
 #include <region_file.h>
 #include <string.h>
 #include <security/vboot/symbols.h>
diff --git a/src/security/tpm/tss/tcg-1.2/tss.c b/src/security/tpm/tss/tcg-1.2/tss.c
index b11d6a3..9bc72d2 100644
--- a/src/security/tpm/tss/tcg-1.2/tss.c
+++ b/src/security/tpm/tss/tcg-1.2/tss.c
@@ -14,7 +14,6 @@
  * time.
  */
-#include <arch/early_variables.h>
 #include <assert.h>
 #include <string.h>
 #include <security/tpm/tis.h>
@@ -148,12 +147,11 @@
/* Exported functions. */
-static uint8_t tlcl_init_done CAR_GLOBAL;
+static uint8_t tlcl_init_done;
uint32_t tlcl_lib_init(void)
 {
-	uint8_t done = car_get_var(tlcl_init_done);
-	if (done)
+	if (tlcl_init_done)
    	return VB2_SUCCESS;
if (tis_init())
@@ -161,7 +159,7 @@
    if (tis_open())
    	return VB2_ERROR_UNKNOWN;
-	car_set_var(tlcl_init_done, 1);
+	tlcl_init_done = 1;
return VB2_SUCCESS;
 }
diff --git a/src/security/tpm/tss/tcg-2.0/tss.c b/src/security/tpm/tss/tcg-2.0/tss.c
index 16e40fe..6bc3096 100644
--- a/src/security/tpm/tss/tcg-2.0/tss.c
+++ b/src/security/tpm/tss/tcg-2.0/tss.c
@@ -5,7 +5,6 @@
  * found in the LICENSE file.
  */
-#include <arch/early_variables.h>
 #include <console/console.h>
 #include <endian.h>
 #include <string.h>
@@ -30,11 +29,9 @@
    size_t in_size;
    const uint8_t *sendb;
    /* Command/response buffer. */
-	static uint8_t cr_buffer[TPM_BUFFER_SIZE] CAR_GLOBAL;
+	static uint8_t cr_buffer[TPM_BUFFER_SIZE];
-	uint8_t *cr_buffer_ptr = car_get_var_ptr(cr_buffer);
-
-	obuf_init(&ob, cr_buffer_ptr, sizeof(cr_buffer));
+	obuf_init(&ob, cr_buffer, sizeof(cr_buffer));
if (tpm_marshal_command(command, command_body, &ob) < 0) {
    	printk(BIOS_ERR, "command %#x\n", command);
@@ -44,12 +41,12 @@
    sendb = obuf_contents(&ob, &out_size);
in_size = sizeof(cr_buffer);
-	if (tis_sendrecv(sendb, out_size, cr_buffer_ptr, &in_size)) {
+	if (tis_sendrecv(sendb, out_size, cr_buffer, &in_size)) {
    	printk(BIOS_ERR, "tpm transaction failed\n");
    	return NULL;
    }
-	ibuf_init(&ib, cr_buffer_ptr, in_size);
+	ibuf_init(&ib, cr_buffer, in_size);
return tpm_unmarshal_response(command, &ib);
 }
@@ -173,13 +170,12 @@
    return TPM_SUCCESS;
 }
-static uint8_t tlcl_init_done CAR_GLOBAL;
+static uint8_t tlcl_init_done;
/* This function is called directly by vboot, uses vboot return types. */
 uint32_t tlcl_lib_init(void)
 {
-	uint8_t done = car_get_var(tlcl_init_done);
-	if (done)
+	if (tlcl_init_done)
    	return VB2_SUCCESS;
if (tis_init()) {
@@ -192,7 +188,7 @@
    	return VB2_ERROR_UNKNOWN;
    }
-	car_set_var(tlcl_init_done, 1);
+	tlcl_init_done = 1;
return VB2_SUCCESS;
 }
diff --git a/src/security/tpm/tss/tcg-2.0/tss_marshaling.c b/src/security/tpm/tss/tcg-2.0/tss_marshaling.c
index 1bf211a..e8ea947 100644
--- a/src/security/tpm/tss/tcg-2.0/tss_marshaling.c
+++ b/src/security/tpm/tss/tcg-2.0/tss_marshaling.c
@@ -5,7 +5,6 @@
  * found in the LICENSE file.
  */
-#include <arch/early_variables.h>
 #include <commonlib/iobuf.h>
 #include <console/console.h>
 #include <stdlib.h>
@@ -15,7 +14,7 @@
 #include <security/tpm/tss/vendor/cr50/cr50.h>
 #include <security/tpm/tss.h>
-static uint16_t tpm_tag CAR_GLOBAL;  /* Depends on the command type. */
+static uint16_t tpm_tag;  /* Depends on the command type. */
#define unmarshal_TPM_CAP(a, b) ibuf_read_be32(a, b)
 #define unmarshal_TPM_CC(a, b) ibuf_read_be32(a, b)
@@ -165,7 +164,7 @@
    struct tpm2_session_header session_header;
    int rc = 0;
-	car_set_var(tpm_tag, TPM_ST_SESSIONS);
+	tpm_tag = TPM_ST_SESSIONS;
for (i = 0; i < handle_count; i++)
    	rc |= marshal_TPM_HANDLE(ob, handles[i]);
@@ -270,7 +269,7 @@
    int rc = 0;
    struct tpm2_session_header session_header;
-	car_set_var(tpm_tag, TPM_ST_SESSIONS);
+	tpm_tag = TPM_ST_SESSIONS;
rc |= marshal_TPM_HANDLE(ob, TPM_RH_PLATFORM);
    memset(&session_header, 0, sizeof(session_header));
@@ -335,7 +334,7 @@
    const size_t hdr_sz = sizeof(uint16_t) + 2 * sizeof(uint32_t);
    int rc = 0;
-	car_set_var(tpm_tag, TPM_ST_NO_SESSIONS);
+	tpm_tag = TPM_ST_NO_SESSIONS;
if (obuf_splice_current(ob, &ob_hdr, hdr_sz) < 0)
    	return -1;
@@ -407,7 +406,7 @@
    	return rc;
/* Fix up the command header with known values. */
-	rc |= obuf_write_be16(&ob_hdr, car_get_var(tpm_tag));
+	rc |= obuf_write_be16(&ob_hdr, tpm_tag);
    rc |= obuf_write_be32(&ob_hdr, obuf_nr_written(ob));
return rc;
@@ -552,19 +551,18 @@
struct tpm2_response *tpm_unmarshal_response(TPM_CC command, struct ibuf *ib)
 {
-	static struct tpm2_response tpm2_static_resp CAR_GLOBAL;
-	struct tpm2_response *tpm2_resp = car_get_var_ptr(&tpm2_static_resp);
+	static struct tpm2_response tpm2_static_resp;
    int rc = 0;
-	rc |= ibuf_read_be16(ib, &tpm2_resp->hdr.tpm_tag);
-	rc |= ibuf_read_be32(ib, &tpm2_resp->hdr.tpm_size);
-	rc |= unmarshal_TPM_CC(ib, &tpm2_resp->hdr.tpm_code);
+	rc |= ibuf_read_be16(ib, &tpm2_static_resp.hdr.tpm_tag);
+	rc |= ibuf_read_be32(ib, &tpm2_static_resp.hdr.tpm_size);
+	rc |= unmarshal_TPM_CC(ib, &tpm2_static_resp.hdr.tpm_code);
if (rc != 0)
    	return NULL;
if (ibuf_remaining(ib) == 0) {
-		if (tpm2_resp->hdr.tpm_size != ibuf_nr_read(ib))
+		if (tpm2_static_resp.hdr.tpm_size != ibuf_nr_read(ib))
    		printk(BIOS_ERR,
    		       "%s: size mismatch in response to command %#x\n",
    		       __func__, command);
@@ -577,11 +575,11 @@
    	break;
case TPM2_GetCapability:
-		rc |= unmarshal_get_capability(ib, &tpm2_resp->gc);
+		rc |= unmarshal_get_capability(ib, &tpm2_static_resp.gc);
    	break;
case TPM2_NV_Read:
-		rc |= unmarshal_nv_read(ib, &tpm2_resp->nvr);
+		rc |= unmarshal_nv_read(ib, &tpm2_static_resp.nvr);
    	break;
case TPM2_Hierarchy_Control:
@@ -595,7 +593,7 @@
    	break;
case TPM2_CR50_VENDOR_COMMAND:
-		rc |= unmarshal_vendor_command(ib, &tpm2_resp->vcr);
+		rc |= unmarshal_vendor_command(ib, &tpm2_static_resp.vcr);
    	break;
default:
@@ -608,7 +606,7 @@
    		       "Request to unmarshal unexpected command %#x,"
    		       " code %#x",
    		       __func__, __LINE__, command,
-			       tpm2_resp->hdr.tpm_code);
+			       tpm2_static_resp.hdr.tpm_code);
sz_left = ibuf_remaining(ib);
    		data = ibuf_oob_drain(ib, sz_left);
@@ -627,7 +625,7 @@
    	printk(BIOS_INFO,
    	       "%s:%d got %d bytes back in response to %#x,"
    	       " failed to parse (%zd)\n",
-		       __func__, __LINE__, tpm2_resp->hdr.tpm_size,
+		       __func__, __LINE__, tpm2_static_resp.hdr.tpm_size,
    	       command, ibuf_remaining(ib));
    	return NULL;
    }
diff --git a/src/security/tpm/tss/vendor/cr50/cr50.c b/src/security/tpm/tss/vendor/cr50/cr50.c
index 4f128dc..ec69df4 100644
--- a/src/security/tpm/tss/vendor/cr50/cr50.c
+++ b/src/security/tpm/tss/vendor/cr50/cr50.c
@@ -4,7 +4,6 @@
  * found in the LICENSE file.
  */
-#include <arch/early_variables.h>
 #include <console/console.h>
 #include <endian.h>
 #include <vb2_api.h>
-- 
To view, visit https://review.coreboot.org/c/coreboot/+/37029
To unsubscribe, or for help writing mail filters, visit https://review.coreboot.org/settings

Gerrit-Project: coreboot
Gerrit-Branch: master
Gerrit-Change-Id: I1c09eda6164efb390de4626f52aafba59962f9c4
Gerrit-Change-Number: 37029
Gerrit-PatchSet: 1
Gerrit-Owner: Arthur Heymans arthur@aheymans.xyz
Gerrit-Reviewer: Arthur Heymans arthur@aheymans.xyz
Gerrit-Reviewer: Philipp Deppenwiese zaolin.daisuki@gmail.com
Gerrit-MessageType: newchange



    

2025

2024

2023

2022

2021

2020

2019

2018

2017

2016

2015

2014

2013

[coreboot-gerrit] Change in coreboot[master]: security/tpm: Drop CAR_GLOBAL_MIGRATION support