Felix Held has submitted this change. ( https://review.coreboot.org/c/coreboot/+/77100?usp=email )

Change subject: security/vboot: Rename Cr50 to GSC when applicable ......................................................................

security/vboot: Rename Cr50 to GSC when applicable

Recent ChromeOS devices use Ti50 instead of Cr50. Therefore, some strings or comments are not accurate anymore. When applicable, rename Cr50 to GSC (Google security chip).

BUG=b:275544927 TEST=./util/abuild/abuild -x -t GOOGLE_TOMATO -a BRANCH=none

Cq-Depend: chromium:4756700 Change-Id: Ie5b9267191a5588830ed99a8382ba1a01933028f Signed-off-by: Yu-Ping Wu yupingso@chromium.org Reviewed-on: https://review.coreboot.org/c/coreboot/+/77100 Tested-by: build bot (Jenkins) no-reply@coreboot.org Reviewed-by: Yidi Lin yidilin@google.com --- M src/security/vboot/bootmode.c M src/security/vboot/secdata_tpm.c M src/security/vboot/vboot_logic.c 3 files changed, 10 insertions(+), 9 deletions(-)

Approvals: build bot (Jenkins): Verified Yidi Lin: Looks good to me, approved

diff --git a/src/security/vboot/bootmode.c b/src/security/vboot/bootmode.c index 3c50e4e..44149af 100644 --- a/src/security/vboot/bootmode.c +++ b/src/security/vboot/bootmode.c @@ -61,8 +61,9 @@ { /* * If board doesn't override this, by default we always assume EC is in - * RW and untrusted. However, newer platforms are supposed to use cr50 - * BOOT_MODE to report this and won't need to override this anymore. + * RW and untrusted. However, newer platforms with Google TPM are supposed + * to use GSC BOOT_MODE to report this and won't need to override this + * anymore. */ return 0; } diff --git a/src/security/vboot/secdata_tpm.c b/src/security/vboot/secdata_tpm.c index bc9d3d5..3229dd0 100644 --- a/src/security/vboot/secdata_tpm.c +++ b/src/security/vboot/secdata_tpm.c @@ -53,7 +53,7 @@ uint8_t size = VB2_SECDATA_KERNEL_SIZE; uint32_t ret;

- /* Start with the version 1.0 size used by all modern cr50-boards. */ + /* Start with the version 1.0 size used by all modern Cr50/Ti50 boards. */ ret = tlcl_read(KERNEL_NV_INDEX, ctx->secdata_kernel, size); if (ret == TPM_E_RANGE) { /* Fallback to version 0.2(minimum) size and re-read. */ @@ -400,8 +400,8 @@ RETURN_ON_FAILURE(setup_fwmp_space(ctx));

/* - * Define and write zero-touch enrollment (ZTE) spaces. For Cr50 devices, - * these are set up elsewhere via TPM vendor commands. + * Define and write zero-touch enrollment (ZTE) spaces. For ChromeOS devices with + * Google TPM, these are set up elsewhere via TPM vendor commands. */ if (CONFIG(CHROMEOS) && !(CONFIG(TPM_GOOGLE))) RETURN_ON_FAILURE(setup_zte_spaces()); diff --git a/src/security/vboot/vboot_logic.c b/src/security/vboot/vboot_logic.c index 53314b2..491615a 100644 --- a/src/security/vboot/vboot_logic.c +++ b/src/security/vboot/vboot_logic.c @@ -212,19 +212,19 @@ rv = tlcl_cr50_get_boot_mode(&boot_mode); switch (rv) { case TPM_E_NO_SUCH_COMMAND: - printk(BIOS_WARNING, "Cr50 does not support GET_BOOT_MODE.\n"); + printk(BIOS_WARNING, "GSC does not support GET_BOOT_MODE.\n"); /* Proceed to legacy boot model. */ return; case TPM_SUCCESS: break; default: printk(BIOS_ERR, - "Communication error in getting Cr50 boot mode.\n"); - vb2api_fail(ctx, VB2_RECOVERY_CR50_BOOT_MODE, rv); + "Communication error in getting GSC boot mode.\n"); + vb2api_fail(ctx, VB2_RECOVERY_GSC_BOOT_MODE, rv); return; }

- printk(BIOS_INFO, "Cr50 says boot_mode is %s(0x%02x).\n", + printk(BIOS_INFO, "GSC says boot_mode is %s(0x%02x).\n", get_boot_mode_string(boot_mode), boot_mode);

if (boot_mode == EC_EFS_BOOT_MODE_UNTRUSTED_RO)