[coreboot-gerrit] Change in coreboot[master]: security: Move TS_{START,END}_TPMINIT out of vboot

2 Jan 2020

Paul Menzel has uploaded this change for review. ( https://review.coreboot.org/c/coreboot/+/38057 )
Change subject: security: Move TS_{START,END}_TPMINIT out of vboot
......................................................................
security: Move TS_{START,END}_TPMINIT out of vboot
These are generic timestamps, and not vboot specific. Therefore, move
them to `tpm_setup()`, so that these timestamps are added in all cases.
(vboot timestamps should be namespaced with VBOOT anyway.)
Change-Id: Ib1048f7b7a5903d186cdd750822b4bc8ea7dc665
Signed-off-by: Paul Menzel pmenzel@molgen.mpg.de
---
M src/security/tpm/tspi/tspi.c
M src/security/vboot/vboot_logic.c
2 files changed, 5 insertions(+), 2 deletions(-)
git pull ssh://review.coreboot.org:29418/coreboot refs/changes/57/38057/1

diff --git a/src/security/tpm/tspi/tspi.c b/src/security/tpm/tspi/tspi.c
index 5fcf92d..9ca9f98 100644
--- a/src/security/tpm/tspi/tspi.c
+++ b/src/security/tpm/tspi/tspi.c
@@ -19,6 +19,7 @@
 #include <console/console.h>
 #include <security/tpm/tspi.h>
 #include <security/tpm/tss.h>
+#include <timestamp.h>
 #if CONFIG(VBOOT)
 #include <vb2_api.h>
 #include <vb2_sha.h>
@@ -127,6 +128,8 @@
 {
    uint32_t result;
+	timestamp_add_now(TS_START_TPMINIT);
+
    result = tlcl_lib_init();
    if (result != TPM_SUCCESS) {
    	printk(BIOS_ERR, "TPM: Can't initialize.\n");
@@ -174,6 +177,8 @@
    result = tpm1_invoke_state_machine();
 #endif
+	timestamp_add_now(TS_END_TPMINIT);
+
    return tpm_setup_epilogue(result);
 }
diff --git a/src/security/vboot/vboot_logic.c b/src/security/vboot/vboot_logic.c
index 1d17a17..c65ea3a 100644
--- a/src/security/vboot/vboot_logic.c
+++ b/src/security/vboot/vboot_logic.c
@@ -320,10 +320,8 @@
    /* Read secdata from TPM. Initialize TPM if secdata not found. We don't
     * check the return value here because vb2api_fw_phase1 will catch
     * invalid secdata and tell us what to do (=reboot). */
-	timestamp_add_now(TS_START_TPMINIT);
    if (vboot_setup_tpm(ctx) == TPM_SUCCESS)
    	antirollback_read_space_firmware(ctx);
-	timestamp_add_now(TS_END_TPMINIT);
/* Enable measured boot mode */
    if (CONFIG(VBOOT_MEASURED_BOOT) &&
-- 
To view, visit https://review.coreboot.org/c/coreboot/+/38057
To unsubscribe, or for help writing mail filters, visit https://review.coreboot.org/settings

Gerrit-Project: coreboot
Gerrit-Branch: master
Gerrit-Change-Id: Ib1048f7b7a5903d186cdd750822b4bc8ea7dc665
Gerrit-Change-Number: 38057
Gerrit-PatchSet: 1
Gerrit-Owner: Paul Menzel paulepanter@users.sourceforge.net
Gerrit-MessageType: newchange



    

2024

2023

2022

2021

2020

2019

2018

2017

2016

2015

2014

2013

[coreboot-gerrit] Change in coreboot[master]: security: Move TS_{START,END}_TPMINIT out of vboot