Martin L Roth has submitted this change. ( https://review.coreboot.org/c/coreboot/+/71209 )
Change subject: soc/amd/mendocino: PSP_INCLUDES_HSP ......................................................................
soc/amd/mendocino: PSP_INCLUDES_HSP
Select HSP config to indicate that the SoC includes Hardware Security Processor. This will allow PSP verstage to get and report the HSP state.
BUG=None TEST=Build Skyrim BIOS image and boot to ChromeOS on Skyrim. Verify that HSP is reported during the boot sequence.
Change-Id: I22446c2bd6202529367da040c09449e6b26f9d7a Signed-off-by: Karthikeyan Ramasubramanian kramasub@google.com Reviewed-on: https://review.coreboot.org/c/coreboot/+/71209 Tested-by: build bot (Jenkins) no-reply@coreboot.org Reviewed-by: Martin L Roth gaumless@gmail.com --- M src/soc/amd/common/psp_verstage/include/psp_verstage.h M src/soc/amd/common/psp_verstage/psp_verstage.c M src/soc/amd/mendocino/Kconfig M src/soc/amd/mendocino/psp_verstage/chipset.c M src/vendorcode/amd/fsp/cezanne/include/bl_uapp/bl_syscall_public.h M src/vendorcode/amd/fsp/picasso/include/bl_uapp/bl_syscall_public.h 6 files changed, 45 insertions(+), 37 deletions(-)
Approvals: build bot (Jenkins): Verified Martin L Roth: Looks good to me, approved
diff --git a/src/soc/amd/common/psp_verstage/include/psp_verstage.h b/src/soc/amd/common/psp_verstage/include/psp_verstage.h index dd3d2b3..c3240fa 100644 --- a/src/soc/amd/common/psp_verstage/include/psp_verstage.h +++ b/src/soc/amd/common/psp_verstage/include/psp_verstage.h @@ -68,6 +68,8 @@
void update_psp_fw_hash_table(const char *fname);
+void report_prev_boot_status_to_vboot(void); + void report_hsp_secure_state(void);
#endif /* PSP_VERSTAGE_H */ diff --git a/src/soc/amd/common/psp_verstage/psp_verstage.c b/src/soc/amd/common/psp_verstage/psp_verstage.c index 33d9218..88d4299 100644 --- a/src/soc/amd/common/psp_verstage/psp_verstage.c +++ b/src/soc/amd/common/psp_verstage/psp_verstage.c @@ -137,25 +137,6 @@ return 0; }
-static void report_prev_boot_status_to_vboot(void) -{ - uint32_t boot_status = 0; - int ret; - struct vb2_context *ctx = vboot_get_context(); - - /* Already in recovery mode. No need to report previous boot status. */ - if (ctx->flags & VB2_CONTEXT_RECOVERY_MODE) - return; - - ret = svc_get_prev_boot_status(&boot_status); - if (ret != BL_OK || boot_status) { - printk(BIOS_ERR, "PSPFW failure in previous boot: %d:%#8x\n", ret, boot_status); - vbnv_init(); - vb2api_previous_boot_fail(ctx, VB2_RECOVERY_FW_VENDOR_BLOB, - boot_status ? (int)boot_status : ret); - } -} - /* * Save workbuf (and soon memory console and timestamps) to the bootloader to pass * back to coreboot. diff --git a/src/soc/amd/mendocino/Kconfig b/src/soc/amd/mendocino/Kconfig index 5286333..7faa479 100644 --- a/src/soc/amd/mendocino/Kconfig +++ b/src/soc/amd/mendocino/Kconfig @@ -24,6 +24,7 @@ select PARALLEL_MP_AP_WORK select PLATFORM_USES_FSP2_0 select PROVIDES_ROM_SHARING + select PSP_INCLUDES_HSP select PSP_SUPPORTS_EFS2_RELATIVE_ADDR if VBOOT_STARTS_BEFORE_BOOTBLOCK select PSP_VERSTAGE_CCP_DMA if VBOOT_STARTS_BEFORE_BOOTBLOCK select RESET_VECTOR_IN_RAM diff --git a/src/soc/amd/mendocino/psp_verstage/chipset.c b/src/soc/amd/mendocino/psp_verstage/chipset.c index c892b19..7572756 100644 --- a/src/soc/amd/mendocino/psp_verstage/chipset.c +++ b/src/soc/amd/mendocino/psp_verstage/chipset.c @@ -2,12 +2,15 @@
/* TODO: Check if this is still correct */
+#include "2api.h" #include <arch/hlt.h> #include <bl_uapp/bl_errorcodes_public.h> #include <bl_uapp/bl_syscall_public.h> #include <cbfs.h> #include <console/console.h> #include <psp_verstage.h> +#include <security/vboot/misc.h> +#include <security/vboot/vbnv.h>
/* * We can't pass pointer to hash table in the SPI. @@ -116,6 +119,25 @@ svc_set_platform_boot_mode(CHROME_BOOK_BOOT_MODE_NORMAL); }
+void report_prev_boot_status_to_vboot(void) +{ + uint32_t boot_status = 0; + int ret; + struct vb2_context *ctx = vboot_get_context(); + + /* Already in recovery mode. No need to report previous boot status. */ + if (ctx->flags & VB2_CONTEXT_RECOVERY_MODE) + return; + + ret = svc_get_prev_boot_status(&boot_status); + if (ret != BL_OK || boot_status) { + printk(BIOS_ERR, "PSPFW failure in previous boot: %d:%#8x\n", ret, boot_status); + vbnv_init(); + vb2api_previous_boot_fail(ctx, VB2_RECOVERY_FW_VENDOR_BLOB, + boot_status ? (int)boot_status : ret); + } +} + void report_hsp_secure_state(void) { uint32_t hsp_secure_state; diff --git a/src/vendorcode/amd/fsp/cezanne/include/bl_uapp/bl_syscall_public.h b/src/vendorcode/amd/fsp/cezanne/include/bl_uapp/bl_syscall_public.h index 1468e5b..d88bfe1 100644 --- a/src/vendorcode/amd/fsp/cezanne/include/bl_uapp/bl_syscall_public.h +++ b/src/vendorcode/amd/fsp/cezanne/include/bl_uapp/bl_syscall_public.h @@ -343,15 +343,6 @@ -----------------------------------------------------------------------------*/ uint32_t svc_set_platform_boot_mode(enum chrome_platform_boot_mode boot_mode);
-/* Get the previous boot status. - * - * Parameters: - * - boot_status - Address where the boot status is read into - * - * Return value: BL_OK or error code - */ -uint32_t svc_get_prev_boot_status(uint32_t *boot_status); - /* C entry point for the Bootloader Userspace Application */ void Main(void);
diff --git a/src/vendorcode/amd/fsp/picasso/include/bl_uapp/bl_syscall_public.h b/src/vendorcode/amd/fsp/picasso/include/bl_uapp/bl_syscall_public.h index 20cebe6..0c168a9 100644 --- a/src/vendorcode/amd/fsp/picasso/include/bl_uapp/bl_syscall_public.h +++ b/src/vendorcode/amd/fsp/picasso/include/bl_uapp/bl_syscall_public.h @@ -410,15 +410,6 @@ return BL_ERR_UNSUPPORTED_PLATFORM; }
-/* Get the previous boot status. - * - * Parameters: - * - boot_status - Address where the boot status is read into - * - * Return value: BL_OK or error code - */ -uint32_t svc_get_prev_boot_status(uint32_t *boot_status); - /* C entry point for the Bootloader Userspace Application */ void Main(void);
-
Martin L Roth (Code Review)