Julius Werner has submitted this change and it was merged. ( https://review.coreboot.org/c/coreboot/+/31837 )
Change subject: drivers/intel/fsp2_0: fix TPM setup and MRC cache hash logic ......................................................................
drivers/intel/fsp2_0: fix TPM setup and MRC cache hash logic
When VBOOT_STARTS_IN_BOOTBLOCK is selected, the tpm_setup call in memory_init.c is not used.
When VBOOT_STARTS_IN_ROMSTAGE is selected, the tpm_setup call in memory_init.c is triggered. However, when verstage runs, tpm_setup is called yet again, and an error is triggered from the multiple initialization calls.
Since there are currently no boards using VBOOT_STARTS_IN_ROMSTAGE + FSP2_0_USES_TPM_MRC_HASH, disable this combination via Kconfig, and remove the tpm_setup call from Intel FSP memory initializion code.
* VBOOT=y VBOOT_STARTS_IN_BOOTBLOCK=y vboot is enabled, and TPM is setup prior to Intel FSP memory initialization. Allow FSP2_0_USES_TPM_MRC_HASH option.
* VBOOT=y VBOOT_STARTS_IN_BOOTBLOCK=n vboot is enabled, but TPM is setup in romstage, after Intel FSP memory initialization. Disallow FSP2_0_USES_TPM_MRC_HASH option.
* VBOOT=n vboot is disabled. Disallow FSP2_0_USES_TPM_MRC_HASH option.
See bug for more information: https://bugs.chromium.org/p/chromium/issues/detail?id=940377
BUG=chromium:940377 TEST=util/lint/checkpatch.pl -g origin/master..HEAD TEST=util/abuild/abuild -B -e -y -c 50 -p none -x TEST=make clean && make test-abuild BRANCH=none
Change-Id: I4ba91c275c33245be61041cb592e52f861dbafe6 Signed-off-by: Joel Kitching kitching@google.com Reviewed-on: https://review.coreboot.org/c/coreboot/+/31837 Reviewed-by: Furquan Shaikh furquan@google.com Tested-by: build bot (Jenkins) no-reply@coreboot.org --- M src/drivers/intel/fsp2_0/Kconfig M src/drivers/intel/fsp2_0/memory_init.c 2 files changed, 15 insertions(+), 9 deletions(-)
Approvals: build bot (Jenkins): Verified Furquan Shaikh: Looks good to me, approved Joel Kitching: Looks good to me, but someone else must approve
diff --git a/src/drivers/intel/fsp2_0/Kconfig b/src/drivers/intel/fsp2_0/Kconfig index 3951e9a..2b98542 100644 --- a/src/drivers/intel/fsp2_0/Kconfig +++ b/src/drivers/intel/fsp2_0/Kconfig @@ -159,10 +159,19 @@ config FSP2_0_USES_TPM_MRC_HASH bool depends on TPM1 || TPM2 - depends on VBOOT + depends on VBOOT && VBOOT_STARTS_IN_BOOTBLOCK default y if HAS_RECOVERY_MRC_CACHE default n select VBOOT_HAS_REC_HASH_SPACE + help + Store hash of trained recovery MRC cache in NVRAM space in TPM. + Use the hash to validate recovery MRC cache before using it. + This hash needs to be updated every time recovery mode training + is recomputed, or if the hash does not match recovery MRC cache. + Selecting this option requires that TPM already be setup by this + point in time. Thus it is only compatible when the option + VBOOT_STARTS_IN_BOOTBLOCK is selected, which causes verstage and + TPM setup to occur prior to memory initialization.
config FSP_PLATFORM_MEMORY_SETTINGS_VERSIONS bool diff --git a/src/drivers/intel/fsp2_0/memory_init.c b/src/drivers/intel/fsp2_0/memory_init.c index 3dafcf8..f7cf0dd 100644 --- a/src/drivers/intel/fsp2_0/memory_init.c +++ b/src/drivers/intel/fsp2_0/memory_init.c @@ -33,6 +33,11 @@ #include <vb2_api.h> #include <fsp/memory_init.h>
+/* TPM MRC hash functionality depends on vboot starting before memory init. */ +_Static_assert(!CONFIG(FSP2_0_USES_TPM_MRC_HASH) || + CONFIG(VBOOT_STARTS_IN_BOOTBLOCK), + "for TPM MRC hash functionality, vboot must start in bootblock"); + static void save_memory_training_data(bool s3wake, uint32_t fsp_version) { size_t mrc_data_size; @@ -92,14 +97,6 @@
/* Create romstage handof information */ romstage_handoff_init(s3wake); - - /* - * Initialize the TPM, unless the TPM was already initialized - * in verstage and used to verify romstage. - */ - if ((CONFIG(TPM1) || CONFIG(TPM2)) && - !CONFIG(VBOOT_STARTS_IN_BOOTBLOCK)) - tpm_setup(s3wake); }
static void fsp_fill_mrc_cache(FSPM_ARCH_UPD *arch_upd, uint32_t fsp_version)