Shelley Chen has uploaded this change for review. ( https://review.coreboot.org/c/coreboot/+/46510 )
Change subject: mrc_cache: Move mrc_cache_*_hash functions into mrc_cache driver ......................................................................
mrc_cache: Move mrc_cache_*_hash functions into mrc_cache driver
This CL would remove these calls from fsp 2.0.
BUG=b:150502246 BRANCH=None TEST=make sure memory training still works on nami
Change-Id: I3088ca6927c7dbc65386c13e868afa0462086937 Signed-off-by: Shelley Chen shchen@google.com --- M src/drivers/intel/fsp2_0/memory_init.c M src/drivers/mrc_cache/mrc_cache.c 2 files changed, 7 insertions(+), 13 deletions(-)
git pull ssh://review.coreboot.org:29418/coreboot refs/changes/10/46510/1
diff --git a/src/drivers/intel/fsp2_0/memory_init.c b/src/drivers/intel/fsp2_0/memory_init.c index 09aad6b..68cc121 100644 --- a/src/drivers/intel/fsp2_0/memory_init.c +++ b/src/drivers/intel/fsp2_0/memory_init.c @@ -19,18 +19,12 @@ #include <symbols.h> #include <timestamp.h> #include <security/vboot/vboot_common.h> -#include <security/vboot/mrc_cache_hash_tpm.h> #include <security/tpm/tspi.h> #include <vb2_api.h> #include <types.h>
static uint8_t temp_ram[CONFIG_FSP_TEMP_RAM_SIZE] __aligned(sizeof(uint64_t));
-/* TPM MRC hash functionality depends on vboot starting before memory init. */ -_Static_assert(!CONFIG(MRC_SAVE_HASH_IN_TPM) || - CONFIG(VBOOT_STARTS_IN_BOOTBLOCK), - "for TPM MRC hash functionality, vboot must start in bootblock"); - static void save_memory_training_data(bool s3wake, uint32_t fsp_version) { size_t mrc_data_size; @@ -54,9 +48,6 @@ if (mrc_cache_stash_data(MRC_TRAINING_DATA, fsp_version, mrc_data, mrc_data_size) < 0) printk(BIOS_ERR, "Failed to stash MRC data\n"); - - if (CONFIG(MRC_SAVE_HASH_IN_TPM)) - mrc_cache_update_hash(mrc_data, mrc_data_size); }
static void do_fsp_post_memory_init(bool s3wake, uint32_t fsp_version) @@ -121,10 +112,6 @@ if (data == NULL) return;
- if (CONFIG(MRC_SAVE_HASH_IN_TPM) && - !mrc_cache_verify_hash(data, mrc_size)) - return; - /* MRC cache found */ arch_upd->NvsBufferPtr = data;
diff --git a/src/drivers/mrc_cache/mrc_cache.c b/src/drivers/mrc_cache/mrc_cache.c index a083655..30384e8 100644 --- a/src/drivers/mrc_cache/mrc_cache.c +++ b/src/drivers/mrc_cache/mrc_cache.c @@ -10,6 +10,7 @@ #include <fmap.h> #include <ip_checksum.h> #include <region_file.h> +#include <security/vboot/mrc_cache_hash_tpm.h> #include <security/vboot/vboot_common.h> #include <spi_flash.h>
@@ -185,6 +186,10 @@ return -1; }
+ // NOTE: we need to create the hash from both data and metadata values + if (CONFIG(MRC_SAVE_HASH_IN_TPM) && !mrc_cache_verify_hash(data, data_size)) + return -1; + return 0; }
@@ -443,6 +448,8 @@ } else { printk(BIOS_DEBUG, "MRC: updated '%s'.\n", cr->name); log_event_cache_update(cr->elog_slot, UPDATE_SUCCESS); + if (CONFIG(MRC_SAVE_HASH_IN_TPM)) + mrc_cache_update_hash(new_data, new_data_size); } }