Change in coreboot[4.11_branch]: mainboard/ocp/monolake: If memory is locked down, clear TPM and reset
Hello Andrey Petrov,
I'd like you to do a code review. Please visit
https://review.coreboot.org/c/coreboot/+/42711
to review the following change.
Change subject: mainboard/ocp/monolake: If memory is locked down, clear TPM and reset ......................................................................
mainboard/ocp/monolake: If memory is locked down, clear TPM and reset
Under certain conditions TXT can force system to come out of reset with "locked" memory configuration. This manifests itself in IMC's SMBus controller not being able to read and SPD. FSP does not seem to detect this condition and simply fails with "no memory found" error. It turned out IBB measurements are stored in PCR-0 on TPM and that is what TXT fw seems to be using to determine if locking needs to be enforced.
This patch detects the locked condition and tries to clear TPM and reboot the system.
TEST=take an OCP monolake running vendor BIOS that uses TXT. Ungracefully shut down the system and reflash with coreboot image. With this patch system manages to get out of bricked state.
Change-Id: I89f87f6ce187c50334c2d3c477d3042528e27fbe Signed-off-by: Andrey Petrov anpetrov@fb.com --- M src/mainboard/ocp/monolake/romstage.c 1 file changed, 21 insertions(+), 0 deletions(-)
git pull ssh://review.coreboot.org:29418/coreboot refs/changes/11/42711/1
diff --git a/src/mainboard/ocp/monolake/romstage.c b/src/mainboard/ocp/monolake/romstage.c index ef41b77..d4cd0ad 100644 --- a/src/mainboard/ocp/monolake/romstage.c +++ b/src/mainboard/ocp/monolake/romstage.c @@ -17,6 +17,7 @@
#include <stddef.h> #include <soc/romstage.h> +#include <soc/memory.h> #include <drivers/intel/fsp1_0/fsp_util.h> #include <drivers/vpd/vpd.h> #include <cpu/x86/msr.h> @@ -26,6 +27,9 @@ #include <soc/pci_devs.h> #include <soc/lpc.h> #include <soc/gpio.h> +#include <security/tpm/tspi.h> +#include <security/tpm/tis.h> +
/* Define the strings for UPD variables that could be customized */ @@ -207,6 +211,23 @@ printk(BIOS_EMERG, "Detected broken platform state. Issuing full reset\n"); full_reset(); } + + /* + * If system have been using TXT and has been ungracefully shutdown and reflashed, + * on next boot TXT fw compares IBB hash against PCR0 in TPM. On mismatch memory + * configuration is locked as a security measure. If we detect this condition we + * can try resetting and clearing TPM, which makes system usable again. + */ + if (memory_config_is_locked()) { + console_init(); + printk(BIOS_EMERG, "Memory configuration is locked! Clearing TPM.\n"); + tpm_setup(false); + if (tpm_clear_and_reenable() != TPM_SUCCESS) { + printk(BIOS_EMERG, "TPM clear success, resetting\n"); + full_reset(); + } + die("TPM reset failed. Giving up\n"); + } }
/**
Patrick Rudolph has posted comments on this change. ( https://review.coreboot.org/c/coreboot/+/42711 )
Change subject: mainboard/ocp/monolake: If memory is locked down, clear TPM and reset ......................................................................
Patch Set 1:
According to the txt spec if "secrets in memory" and ungraceful shutdown happened, you need to either boot with a trusted IBB that can scrub memory or if the IBB isn't trusted any more pull the CMOS battery to clear the sticky bit.
If clearing the TPM 'fixes' that for you that's a hardware bug.
Angel Pons has posted comments on this change. ( https://review.coreboot.org/c/coreboot/+/42711 )
Change subject: mainboard/ocp/monolake: If memory is locked down, clear TPM and reset ......................................................................
Patch Set 3: Code-Review+1
Jonathan Zhang has abandoned this change. ( https://review.coreboot.org/c/coreboot/+/42711 )
Change subject: mainboard/ocp/monolake: If memory is locked down, clear TPM and reset ......................................................................
Abandoned
MonoLake work is not active now.
-
Angel Pons (Code Review) -
Jonathan Zhang (Code Review)
-
Patrick Rudolph (Code Review)