[coreboot-gerrit] Patch set updated for coreboot: f9729ed Move TPM code out of chromeos
Vladimir Serbinenko (phcoder@gmail.com)
gerrit at coreboot.org
Wed May 27 22:04:08 CEST 2015
Vladimir Serbinenko (phcoder at gmail.com) just uploaded a new patch set to gerrit, which you can find at http://review.coreboot.org/10269
-gerrit
commit f9729edb49f7d2ac261bd82946dee974c0fe467a
Author: Vladimir Serbinenko <phcoder at gmail.com>
Date: Mon May 18 10:29:06 2015 +0200
Move TPM code out of chromeos
This code is not specific to ChromeOS and is useful outside of it.
Like with small modifications it can be used to disable TPM altogether.
Change-Id: I8c6baf0a1f7c67141f30101a132ea039b0d09819
Signed-off-by: Vladimir Serbinenko <phcoder at gmail.com>
---
src/cpu/intel/haswell/romstage.c | 8 +-
src/drivers/pc80/tpm/Kconfig | 24 ++-
src/drivers/pc80/tpm/Makefile.inc | 1 +
src/drivers/pc80/tpm/romstage.c | 236 ++++++++++++++++++++++++++
src/include/tpm.h | 2 +
src/mainboard/google/bolt/Kconfig | 1 +
src/mainboard/google/butterfly/Kconfig | 1 +
src/mainboard/google/falco/Kconfig | 1 +
src/mainboard/google/link/Kconfig | 1 +
src/mainboard/google/link/romstage.c | 11 +-
src/mainboard/google/panther/Kconfig | 1 +
src/mainboard/google/parrot/Kconfig | 1 +
src/mainboard/google/parrot/romstage.c | 10 +-
src/mainboard/google/peppy/Kconfig | 1 +
src/mainboard/google/rambi/Kconfig | 1 +
src/mainboard/google/samus/Kconfig | 1 +
src/mainboard/google/slippy/Kconfig | 1 +
src/mainboard/google/stout/Kconfig | 1 +
src/mainboard/google/stout/romstage.c | 10 +-
src/mainboard/intel/baskingridge/Kconfig | 1 +
src/mainboard/intel/emeraldlake2/romstage.c | 10 +-
src/mainboard/intel/wtm2/Kconfig | 1 +
src/mainboard/samsung/lumpy/Kconfig | 1 +
src/mainboard/samsung/lumpy/romstage.c | 10 +-
src/mainboard/samsung/stumpy/Kconfig | 1 +
src/mainboard/samsung/stumpy/romstage.c | 10 +-
src/soc/intel/baytrail/romstage/romstage.c | 13 +-
src/soc/intel/braswell/romstage/romstage.c | 13 +-
src/soc/intel/broadwell/romstage/romstage.c | 13 +-
src/vendorcode/google/chromeos/Kconfig | 2 +
src/vendorcode/google/chromeos/Makefile.inc | 1 -
src/vendorcode/google/chromeos/chromeos.h | 4 -
src/vendorcode/google/chromeos/vboot.c | 248 ----------------------------
33 files changed, 320 insertions(+), 321 deletions(-)
diff --git a/src/cpu/intel/haswell/romstage.c b/src/cpu/intel/haswell/romstage.c
index 998f887..0f0890a 100644
--- a/src/cpu/intel/haswell/romstage.c
+++ b/src/cpu/intel/haswell/romstage.c
@@ -45,7 +45,7 @@
#include "northbridge/intel/haswell/raminit.h"
#include "southbridge/intel/lynxpoint/pch.h"
#include "southbridge/intel/lynxpoint/me.h"
-
+#include <tpm.h>
static inline void reset_system(void)
{
@@ -276,9 +276,9 @@ void romstage_common(const struct romstage_params *params)
printk(BIOS_DEBUG, "Romstage handoff structure not added!\n");
post_code(0x3f);
-#if CONFIG_CHROMEOS
- init_chromeos(boot_mode);
-#endif
+ if (CONFIG_LPC_TPM) {
+ init_tpm(wake_from_s3);
+ }
timestamp_add_now(TS_END_ROMSTAGE);
}
diff --git a/src/drivers/pc80/tpm/Kconfig b/src/drivers/pc80/tpm/Kconfig
index 942b6e5..fc9270b 100644
--- a/src/drivers/pc80/tpm/Kconfig
+++ b/src/drivers/pc80/tpm/Kconfig
@@ -1,5 +1,12 @@
+config MAINBOARD_HAS_LPC_TPM
+ bool
+ default n
+ help
+ Board has TPM support
+
config LPC_TPM
- bool
+ bool "Enable TPM support"
+ depends on MAINBOARD_HAS_LPC_TPM
default n
help
Enable this option to enable LPC TPM support in coreboot.
@@ -15,3 +22,18 @@ config TPM_TIS_BASE_ADDRESS
The default is specified by the TCG PC Client Specific TPM
Interface Specification 1.2 and should not be changed unless
the TPM being used does not conform to TPM TIS 1.2.
+
+config TPM_INIT_FAILURE_IS_FATAL
+ bool
+ default n
+ depends on LPC_TPM
+ help
+ What to do if TPM init failed. If true, force a hard reset,
+ otherwise just log error message to console.
+
+config SKIP_TPM_STARTUP_ON_NORMAL_BOOT
+ bool
+ default n
+ depends on LPC_TPM
+ help
+ Skip TPM init on normal boot. Useful if payload does TPM init.
diff --git a/src/drivers/pc80/tpm/Makefile.inc b/src/drivers/pc80/tpm/Makefile.inc
index c900fe8..089d067 100644
--- a/src/drivers/pc80/tpm/Makefile.inc
+++ b/src/drivers/pc80/tpm/Makefile.inc
@@ -1,2 +1,3 @@
romstage-$(CONFIG_LPC_TPM) += tpm.c
ramstage-$(CONFIG_LPC_TPM) += tpm.c
+romstage-$(CONFIG_LPC_TPM) += romstage.c
diff --git a/src/drivers/pc80/tpm/romstage.c b/src/drivers/pc80/tpm/romstage.c
new file mode 100644
index 0000000..5e29e3a
--- /dev/null
+++ b/src/drivers/pc80/tpm/romstage.c
@@ -0,0 +1,236 @@
+/*
+ * This file is part of the coreboot project.
+ *
+ * Copyright (C) 2011 The ChromiumOS Authors. All rights reserved.
+ *
+ * This program is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation; version 2 of the License.
+ *
+ * This program is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with this program; if not, write to the Free Software
+ * Foundation, Inc.
+ */
+
+#include <types.h>
+#include <console/cbmem_console.h>
+#include <console/console.h>
+#include <arch/acpi.h>
+#include <tpm.h>
+#include <reset.h>
+
+//#define EXTRA_LOGGING
+
+#define TPM_LARGE_ENOUGH_COMMAND_SIZE 256 /* saves space in the firmware */
+
+#define TPM_SUCCESS ((u32)0x00000000)
+
+#define TPM_E_IOERROR ((u32)0x0000001f)
+#define TPM_E_COMMUNICATION_ERROR ((u32)0x00005004)
+#define TPM_E_NON_FATAL ((u32)0x00000800)
+#define TPM_E_INVALID_POSTINIT ((u32)0x00000026)
+
+#define TPM_E_NEEDS_SELFTEST ((u32)(TPM_E_NON_FATAL + 1))
+#define TPM_E_DOING_SELFTEST ((u32)(TPM_E_NON_FATAL + 2))
+
+static const struct {
+ u8 buffer[12];
+} tpm_resume_cmd = {
+ { 0x0, 0xc1, 0x0, 0x0, 0x0, 0xc, 0x0, 0x0, 0x0, 0x99, 0x0, 0x2 }
+};
+
+static const struct {
+ u8 buffer[12];
+} tpm_startup_cmd = {
+ {0x0, 0xc1, 0x0, 0x0, 0x0, 0xc, 0x0, 0x0, 0x0, 0x99, 0x0, 0x1 }
+};
+
+static const struct {
+ u8 buffer[10];
+} tpm_continueselftest_cmd = {
+ { 0x0, 0xc1, 0x0, 0x0, 0x0, 0xa, 0x0, 0x0, 0x0, 0x53 }
+};
+
+static inline void FromTpmUint32(const u8 * buffer, u32 * x)
+{
+ *x = ((buffer[0] << 24) |
+ (buffer[1] << 16) | (buffer[2] << 8) | buffer[3]);
+}
+
+static inline int TpmCommandSize(const u8 * buffer)
+{
+ u32 size;
+ FromTpmUint32(buffer + sizeof(u16), &size);
+ return (int)size;
+}
+
+/* Gets the code field of a TPM command. */
+static inline int TpmCommandCode(const u8 * buffer)
+{
+ u32 code;
+ FromTpmUint32(buffer + sizeof(u16) + sizeof(u32), &code);
+ return code;
+}
+
+/* Gets the return code field of a TPM result. */
+static inline int TpmReturnCode(const u8 * buffer)
+{
+ return TpmCommandCode(buffer);
+}
+
+/* Like TlclSendReceive below, but do not retry if NEEDS_SELFTEST or
+ * DOING_SELFTEST errors are returned.
+ */
+static u32 TlclSendReceiveNoRetry(const u8 * request,
+ u8 * response, int max_length)
+{
+ size_t response_length = max_length;
+ u32 result;
+
+#ifdef EXTRA_LOGGING
+ printk(BIOS_DEBUG, "TPM: command: %x%x %x%x%x%x %x%x%x%x\n",
+ request[0], request[1],
+ request[2], request[3], request[4], request[5],
+ request[6], request[7], request[8], request[9]);
+#endif
+
+ result = TPM_SUCCESS;
+ if (tis_sendrecv
+ (request, TpmCommandSize(request), response, &response_length))
+ result = TPM_E_IOERROR;
+
+ if (0 != result) {
+ /* Communication with TPM failed, so response is garbage */
+ printk(BIOS_DEBUG,
+ "TPM: command 0x%x send/receive failed: 0x%x\n",
+ TpmCommandCode(request), result);
+ return TPM_E_COMMUNICATION_ERROR;
+ }
+ /* Otherwise, use the result code from the response */
+ result = TpmReturnCode(response);
+
+/* TODO: add paranoia about returned response_length vs. max_length
+ * (and possibly expected length from the response header). See
+ * crosbug.com/17017 */
+
+#ifdef EXTRA_LOGGING
+ printk(BIOS_DEBUG, "TPM: response: %x%x %x%x%x%x %x%x%x%x\n",
+ response[0], response[1],
+ response[2], response[3], response[4], response[5],
+ response[6], response[7], response[8], response[9]);
+#endif
+
+ printk(BIOS_DEBUG, "TPM: command 0x%x returned 0x%x\n",
+ TpmCommandCode(request), result);
+
+ return result;
+}
+
+static inline u32 TlclContinueSelfTest(void)
+{
+ u8 response[TPM_LARGE_ENOUGH_COMMAND_SIZE];
+ printk(BIOS_DEBUG, "TPM: Continue self test\n");
+ /* Call the No Retry version of SendReceive to avoid recursion. */
+ return TlclSendReceiveNoRetry(tpm_continueselftest_cmd.buffer,
+ response, sizeof(response));
+}
+
+/* Sends a TPM command and gets a response. Returns 0 if success or the TPM
+ * error code if error. In the firmware, waits for the self test to complete
+ * if needed. In the host, reports the first error without retries. */
+static u32 TlclSendReceive(const u8 * request, u8 * response, int max_length)
+{
+ u32 result = TlclSendReceiveNoRetry(request, response, max_length);
+ /* When compiling for the firmware, hide command failures due to the self
+ * test not having run or completed. */
+ /* If the command fails because the self test has not completed, try it
+ * again after attempting to ensure that the self test has completed. */
+ if (result == TPM_E_NEEDS_SELFTEST || result == TPM_E_DOING_SELFTEST) {
+ result = TlclContinueSelfTest();
+ if (result != TPM_SUCCESS) {
+ return result;
+ }
+#if defined(TPM_BLOCKING_CONTINUESELFTEST) || defined(VB_RECOVERY_MODE)
+ /* Retry only once */
+ result = TlclSendReceiveNoRetry(request, response, max_length);
+#else
+ /* This needs serious testing. The TPM specification says:
+ * "iii. The caller MUST wait for the actions of
+ * TPM_ContinueSelfTest to complete before reissuing the
+ * command C1." But, if ContinueSelfTest is non-blocking, how
+ * do we know that the actions have completed other than trying
+ * again? */
+ do {
+ result =
+ TlclSendReceiveNoRetry(request, response,
+ max_length);
+ } while (result == TPM_E_DOING_SELFTEST);
+#endif
+ }
+
+ return result;
+}
+
+void init_tpm(int s3resume)
+{
+ u32 result;
+ u8 response[TPM_LARGE_ENOUGH_COMMAND_SIZE];
+
+ /* Doing TPM startup when we're not coming in on the S3 resume path
+ * saves us roughly 20ms in boot time only. This does not seem to
+ * be worth an API change to vboot_reference-firmware right now, so
+ * let's keep the code around, but just bail out early:
+ */
+ if (s3resume ? CONFIG_NO_TPM_RESUME
+ : CONFIG_SKIP_TPM_STARTUP_ON_NORMAL_BOOT)
+ return;
+
+ printk(BIOS_DEBUG, "TPM initialization.\n");
+
+ printk(BIOS_SPEW, "TPM: Init\n");
+ if (tis_init())
+ return;
+
+ printk(BIOS_SPEW, "TPM: Open\n");
+ if (tis_open())
+ return;
+
+
+ if (s3resume) {
+ /* S3 Resume */
+ printk(BIOS_SPEW, "TPM: Resume\n");
+ result = TlclSendReceive(tpm_resume_cmd.buffer,
+ response, sizeof(response));
+ if (result == TPM_E_INVALID_POSTINIT) {
+ /* We're on a platform where the TPM maintains power
+ * in S3, so it's already initialized.
+ */
+ printk(BIOS_DEBUG, "TPM: Already initialized.\n");
+ return;
+ }
+ } else {
+ printk(BIOS_SPEW, "TPM: Startup\n");
+ result = TlclSendReceive(tpm_startup_cmd.buffer,
+ response, sizeof(response));
+ }
+
+ if (result == TPM_SUCCESS) {
+ printk(BIOS_SPEW, "TPM: OK.\n");
+ return;
+ }
+
+ printk(BIOS_ERR, "TPM: Error code 0x%x.\n", result);
+
+ if (CONFIG_TPM_INIT_FAILURE_IS_FATAL) {
+ printk(BIOS_ERR, "Hard reset!\n");
+ post_code(POST_TPM_FAILURE);
+ if (IS_ENABLED(CONFIG_CONSOLE_CBMEM_DUMP_TO_UART))
+ cbmem_dump_console();
+ hard_reset();
+ }
+}
diff --git a/src/include/tpm.h b/src/include/tpm.h
index 464f32e..9b4db4a 100644
--- a/src/include/tpm.h
+++ b/src/include/tpm.h
@@ -66,4 +66,6 @@ int tis_close(void);
int tis_sendrecv(const u8 *sendbuf, size_t send_size, u8 *recvbuf,
size_t *recv_len);
+void init_tpm(int s3resume);
+
#endif /* TPM_H_ */
diff --git a/src/mainboard/google/bolt/Kconfig b/src/mainboard/google/bolt/Kconfig
index 2239f70..74e1edd 100644
--- a/src/mainboard/google/bolt/Kconfig
+++ b/src/mainboard/google/bolt/Kconfig
@@ -16,6 +16,7 @@ config BOARD_SPECIFIC_OPTIONS # dummy
select MMCONF_SUPPORT
select HAVE_SMI_HANDLER
select MAINBOARD_HAS_CHROMEOS
+ select MAINBOARD_HAS_LPC_TPM
select EXTERNAL_MRC_BLOB
select INTEL_INT15
select CHROMEOS_VBNV_CMOS
diff --git a/src/mainboard/google/butterfly/Kconfig b/src/mainboard/google/butterfly/Kconfig
index 7472c06..b1a64ee 100644
--- a/src/mainboard/google/butterfly/Kconfig
+++ b/src/mainboard/google/butterfly/Kconfig
@@ -13,6 +13,7 @@ config BOARD_SPECIFIC_OPTIONS # dummy
select HAVE_CMOS_DEFAULT
select HAVE_ACPI_RESUME
select MAINBOARD_HAS_CHROMEOS
+ select MAINBOARD_HAS_LPC_TPM
select INTEL_INT15
select CHROMEOS_VBNV_CMOS
diff --git a/src/mainboard/google/falco/Kconfig b/src/mainboard/google/falco/Kconfig
index a8faaab..5b97259 100644
--- a/src/mainboard/google/falco/Kconfig
+++ b/src/mainboard/google/falco/Kconfig
@@ -17,6 +17,7 @@ config BOARD_SPECIFIC_OPTIONS # dummy
select MMCONF_SUPPORT
select HAVE_SMI_HANDLER
select MAINBOARD_HAS_CHROMEOS
+ select MAINBOARD_HAS_LPC_TPM
select EXTERNAL_MRC_BLOB
select MAINBOARD_HAS_NATIVE_VGA_INIT
select MAINBOARD_DO_NATIVE_VGA_INIT
diff --git a/src/mainboard/google/link/Kconfig b/src/mainboard/google/link/Kconfig
index 316434f..0f70925 100644
--- a/src/mainboard/google/link/Kconfig
+++ b/src/mainboard/google/link/Kconfig
@@ -12,6 +12,7 @@ config BOARD_SPECIFIC_OPTIONS # dummy
select HAVE_OPTION_TABLE
select HAVE_ACPI_RESUME
select MAINBOARD_HAS_CHROMEOS
+ select MAINBOARD_HAS_LPC_TPM
select SERIRQ_CONTINUOUS_MODE
select MAINBOARD_HAS_NATIVE_VGA_INIT
select CHROMEOS_VBNV_CMOS
diff --git a/src/mainboard/google/link/romstage.c b/src/mainboard/google/link/romstage.c
index ca8c2bd..b345d5e 100644
--- a/src/mainboard/google/link/romstage.c
+++ b/src/mainboard/google/link/romstage.c
@@ -41,9 +41,7 @@
#include <cpu/x86/msr.h>
#include <halt.h>
#include "gpio.h"
-#if CONFIG_CHROMEOS
-#include <vendorcode/google/chromeos/chromeos.h>
-#endif
+#include <tpm.h>
#include <cbfs.h>
#include <southbridge/intel/bd82x6x/chip.h>
@@ -246,8 +244,9 @@ void main(unsigned long bist)
northbridge_romstage_finalize(boot_mode==2);
post_code(0x3f);
-#if CONFIG_CHROMEOS
- init_chromeos(boot_mode);
-#endif
+ if (CONFIG_LPC_TPM) {
+ init_tpm(boot_mode == 2);
+ }
+
timestamp_add_now(TS_END_ROMSTAGE);
}
diff --git a/src/mainboard/google/panther/Kconfig b/src/mainboard/google/panther/Kconfig
index 31062ed..37a8548 100644
--- a/src/mainboard/google/panther/Kconfig
+++ b/src/mainboard/google/panther/Kconfig
@@ -15,6 +15,7 @@ config BOARD_SPECIFIC_OPTIONS # dummy
select MMCONF_SUPPORT
select HAVE_SMI_HANDLER
select MAINBOARD_HAS_CHROMEOS
+ select MAINBOARD_HAS_LPC_TPM
select EXTERNAL_MRC_BLOB
select INTEL_INT15
select PHYSICAL_REC_SWITCH
diff --git a/src/mainboard/google/parrot/Kconfig b/src/mainboard/google/parrot/Kconfig
index 07405c6..9cf390a 100644
--- a/src/mainboard/google/parrot/Kconfig
+++ b/src/mainboard/google/parrot/Kconfig
@@ -12,6 +12,7 @@ config BOARD_SPECIFIC_OPTIONS # dummy
select HAVE_OPTION_TABLE
select HAVE_ACPI_RESUME
select MAINBOARD_HAS_CHROMEOS
+ select MAINBOARD_HAS_LPC_TPM
select INTEL_INT15
select CHROMEOS_VBNV_CMOS
diff --git a/src/mainboard/google/parrot/romstage.c b/src/mainboard/google/parrot/romstage.c
index d0fab67..a947c48 100644
--- a/src/mainboard/google/parrot/romstage.c
+++ b/src/mainboard/google/parrot/romstage.c
@@ -39,10 +39,8 @@
#include <cpu/x86/msr.h>
#include <halt.h>
#include "gpio.h"
-#if CONFIG_CHROMEOS
-#include <vendorcode/google/chromeos/chromeos.h>
-#endif
#include <cbfs.h>
+#include <tpm.h>
#include "ec/compal/ene932/ec.h"
static void pch_enable_lpc(void)
@@ -197,8 +195,8 @@ void main(unsigned long bist)
northbridge_romstage_finalize(boot_mode==2);
post_code(0x3f);
-#if CONFIG_CHROMEOS
- init_chromeos(boot_mode);
-#endif
+ if (CONFIG_LPC_TPM) {
+ init_tpm(boot_mode == 2);
+ }
timestamp_add_now(TS_END_ROMSTAGE);
}
diff --git a/src/mainboard/google/peppy/Kconfig b/src/mainboard/google/peppy/Kconfig
index d6a208b..2c1560a 100644
--- a/src/mainboard/google/peppy/Kconfig
+++ b/src/mainboard/google/peppy/Kconfig
@@ -17,6 +17,7 @@ config BOARD_SPECIFIC_OPTIONS # dummy
select MMCONF_SUPPORT
select HAVE_SMI_HANDLER
select MAINBOARD_HAS_CHROMEOS
+ select MAINBOARD_HAS_LPC_TPM
select EXTERNAL_MRC_BLOB
select MAINBOARD_HAS_NATIVE_VGA_INIT
select MAINBOARD_DO_NATIVE_VGA_INIT
diff --git a/src/mainboard/google/rambi/Kconfig b/src/mainboard/google/rambi/Kconfig
index 4c9e891..1130d11 100644
--- a/src/mainboard/google/rambi/Kconfig
+++ b/src/mainboard/google/rambi/Kconfig
@@ -12,6 +12,7 @@ config BOARD_SPECIFIC_OPTIONS
select HAVE_OPTION_TABLE
select HAVE_ACPI_RESUME
select MAINBOARD_HAS_CHROMEOS
+ select MAINBOARD_HAS_LPC_TPM
select ALWAYS_LOAD_OPROM
select CHROMEOS_VBNV_CMOS
diff --git a/src/mainboard/google/samus/Kconfig b/src/mainboard/google/samus/Kconfig
index f655b29..06317e9 100644
--- a/src/mainboard/google/samus/Kconfig
+++ b/src/mainboard/google/samus/Kconfig
@@ -15,6 +15,7 @@ config BOARD_SPECIFIC_OPTIONS # dummy
select MMCONF_SUPPORT
select HAVE_SMI_HANDLER
select MAINBOARD_HAS_CHROMEOS
+ select MAINBOARD_HAS_LPC_TPM
select EXTERNAL_MRC_BLOB
select CHROMEOS_RAMOOPS_DYNAMIC
select INTEL_INT15
diff --git a/src/mainboard/google/slippy/Kconfig b/src/mainboard/google/slippy/Kconfig
index fd4cb2f..cfbce5e 100644
--- a/src/mainboard/google/slippy/Kconfig
+++ b/src/mainboard/google/slippy/Kconfig
@@ -16,6 +16,7 @@ config BOARD_SPECIFIC_OPTIONS # dummy
select MMCONF_SUPPORT
select HAVE_SMI_HANDLER
select MAINBOARD_HAS_CHROMEOS
+ select MAINBOARD_HAS_LPC_TPM
select EXTERNAL_MRC_BLOB
select INTEL_DP
select INTEL_DDI
diff --git a/src/mainboard/google/stout/Kconfig b/src/mainboard/google/stout/Kconfig
index ec03d87..eca83da 100644
--- a/src/mainboard/google/stout/Kconfig
+++ b/src/mainboard/google/stout/Kconfig
@@ -13,6 +13,7 @@ config BOARD_SPECIFIC_OPTIONS # dummy
select HAVE_CMOS_DEFAULT
select HAVE_ACPI_RESUME
select MAINBOARD_HAS_CHROMEOS
+ select MAINBOARD_HAS_LPC_TPM
select INTEL_INT15
select CHROMEOS_VBNV_CMOS
diff --git a/src/mainboard/google/stout/romstage.c b/src/mainboard/google/stout/romstage.c
index ee6ca4f..31b61e2 100644
--- a/src/mainboard/google/stout/romstage.c
+++ b/src/mainboard/google/stout/romstage.c
@@ -40,9 +40,7 @@
#include <halt.h>
#include "gpio.h"
#include <bootmode.h>
-#if CONFIG_CHROMEOS
-#include <vendorcode/google/chromeos/chromeos.h>
-#endif
+#include <tpm.h>
#include <cbfs.h>
#include <ec/quanta/it8518/ec.h>
#include "ec.h"
@@ -251,8 +249,8 @@ void main(unsigned long bist)
northbridge_romstage_finalize(boot_mode==2);
post_code(0x3f);
-#if CONFIG_CHROMEOS
- init_chromeos(boot_mode);
-#endif
+ if (CONFIG_LPC_TPM) {
+ init_tpm(boot_mode == 2);
+ }
timestamp_add_now(TS_END_ROMSTAGE);
}
diff --git a/src/mainboard/intel/baskingridge/Kconfig b/src/mainboard/intel/baskingridge/Kconfig
index c3e3361..f916138 100644
--- a/src/mainboard/intel/baskingridge/Kconfig
+++ b/src/mainboard/intel/baskingridge/Kconfig
@@ -11,6 +11,7 @@ config BOARD_SPECIFIC_OPTIONS # dummy
select HAVE_ACPI_RESUME
select HAVE_SMI_HANDLER
select MAINBOARD_HAS_CHROMEOS
+ select MAINBOARD_HAS_LPC_TPM
select INTEL_INT15
select CHROMEOS_VBNV_CMOS
diff --git a/src/mainboard/intel/emeraldlake2/romstage.c b/src/mainboard/intel/emeraldlake2/romstage.c
index c9d5cf1..bcf498b 100644
--- a/src/mainboard/intel/emeraldlake2/romstage.c
+++ b/src/mainboard/intel/emeraldlake2/romstage.c
@@ -39,10 +39,8 @@
#include <cpu/x86/bist.h>
#include <cpu/x86/msr.h>
#include <halt.h>
+#include <tpm.h>
#include "gpio.h"
-#if CONFIG_CHROMEOS
-#include <vendorcode/google/chromeos/chromeos.h>
-#endif
#define SIO_PORT 0x164e
@@ -255,8 +253,8 @@ void main(unsigned long bist)
northbridge_romstage_finalize(boot_mode==2);
post_code(0x3f);
-#if CONFIG_CHROMEOS
- init_chromeos(boot_mode);
-#endif
+ if (CONFIG_LPC_TPM) {
+ init_tpm(boot_mode == 2);
+ }
timestamp_add_now(TS_END_ROMSTAGE);
}
diff --git a/src/mainboard/intel/wtm2/Kconfig b/src/mainboard/intel/wtm2/Kconfig
index 5a064d1..b8f616a 100644
--- a/src/mainboard/intel/wtm2/Kconfig
+++ b/src/mainboard/intel/wtm2/Kconfig
@@ -9,6 +9,7 @@ config BOARD_SPECIFIC_OPTIONS # dummy
select HAVE_ACPI_RESUME
select HAVE_SMI_HANDLER
select MAINBOARD_HAS_CHROMEOS
+ select MAINBOARD_HAS_LPC_TPM
select MAINBOARD_HAS_NATIVE_VGA_INIT
select INTEL_INT15
diff --git a/src/mainboard/samsung/lumpy/Kconfig b/src/mainboard/samsung/lumpy/Kconfig
index 7c9dce4..fed4610 100644
--- a/src/mainboard/samsung/lumpy/Kconfig
+++ b/src/mainboard/samsung/lumpy/Kconfig
@@ -5,6 +5,7 @@ config BOARD_SPECIFIC_OPTIONS # dummy
select SYSTEM_TYPE_LAPTOP
select BOARD_ROMSIZE_KB_8192
select MAINBOARD_HAS_CHROMEOS
+ select MAINBOARD_HAS_LPC_TPM
select CPU_INTEL_SOCKET_RPGA989
select EC_SMSC_MEC1308
select HAVE_ACPI_RESUME
diff --git a/src/mainboard/samsung/lumpy/romstage.c b/src/mainboard/samsung/lumpy/romstage.c
index 9b1a023..ce064bb 100644
--- a/src/mainboard/samsung/lumpy/romstage.c
+++ b/src/mainboard/samsung/lumpy/romstage.c
@@ -32,6 +32,7 @@
#include <cbmem.h>
#include <console/console.h>
#include <bootmode.h>
+#include <tpm.h>
#include <northbridge/intel/sandybridge/sandybridge.h>
#include <northbridge/intel/sandybridge/raminit.h>
#include <southbridge/intel/bd82x6x/pch.h>
@@ -45,9 +46,6 @@
#if CONFIG_DRIVERS_UART_8250IO
#include <superio/smsc/lpc47n207/lpc47n207.h>
#endif
-#if CONFIG_CHROMEOS
-#include <vendorcode/google/chromeos/chromeos.h>
-#endif
static void pch_enable_lpc(void)
{
@@ -273,8 +271,8 @@ void main(unsigned long bist)
}
northbridge_romstage_finalize(boot_mode==2);
post_code(0x3f);
-#if CONFIG_CHROMEOS
- init_chromeos(boot_mode);
-#endif
+ if (CONFIG_LPC_TPM) {
+ init_tpm(boot_mode == 2);
+ }
timestamp_add_now(TS_END_ROMSTAGE);
}
diff --git a/src/mainboard/samsung/stumpy/Kconfig b/src/mainboard/samsung/stumpy/Kconfig
index 1eda8eb..f749c39 100644
--- a/src/mainboard/samsung/stumpy/Kconfig
+++ b/src/mainboard/samsung/stumpy/Kconfig
@@ -4,6 +4,7 @@ config BOARD_SPECIFIC_OPTIONS # dummy
def_bool y
select BOARD_ROMSIZE_KB_8192
select MAINBOARD_HAS_CHROMEOS
+ select MAINBOARD_HAS_LPC_TPM
select CPU_INTEL_SOCKET_RPGA989
select HAVE_ACPI_RESUME
select HAVE_ACPI_TABLES
diff --git a/src/mainboard/samsung/stumpy/romstage.c b/src/mainboard/samsung/stumpy/romstage.c
index 6506c80..161c8d1 100644
--- a/src/mainboard/samsung/stumpy/romstage.c
+++ b/src/mainboard/samsung/stumpy/romstage.c
@@ -41,13 +41,11 @@
#include <cpu/x86/bist.h>
#include <cpu/x86/msr.h>
#include <halt.h>
+#include <tpm.h>
#include "gpio.h"
#if CONFIG_DRIVERS_UART_8250IO
#include <superio/smsc/lpc47n207/lpc47n207.h>
#endif
-#if CONFIG_CHROMEOS
-#include <vendorcode/google/chromeos/chromeos.h>
-#endif
/* Stumpy USB Reset Disable defined in cmos.layout */
#if CONFIG_USE_OPTION_TABLE
@@ -283,8 +281,8 @@ void main(unsigned long bist)
northbridge_romstage_finalize(boot_mode==2);
post_code(0x3f);
-#if CONFIG_CHROMEOS
- init_chromeos(boot_mode);
-#endif
+ if (CONFIG_LPC_TPM) {
+ init_tpm(boot_mode == 2);
+ }
timestamp_add_now(TS_END_ROMSTAGE);
}
diff --git a/src/soc/intel/baytrail/romstage/romstage.c b/src/soc/intel/baytrail/romstage/romstage.c
index bfc8678..a32db02 100644
--- a/src/soc/intel/baytrail/romstage/romstage.c
+++ b/src/soc/intel/baytrail/romstage/romstage.c
@@ -33,6 +33,7 @@
#include <romstage_handoff.h>
#include <stage_cache.h>
#include <timestamp.h>
+#include <tpm.h>
#include <vendorcode/google/chromeos/chromeos.h>
#include <soc/gpio.h>
#include <soc/iomap.h>
@@ -211,14 +212,6 @@ static int chipset_prev_sleep_state(struct chipset_power_state *ps)
return prev_sleep_state;
}
-static inline void chromeos_init(int prev_sleep_state)
-{
-#if CONFIG_CHROMEOS
- /* Normalize the sleep state to what init_chromeos() wants for S3: 2. */
- init_chromeos(prev_sleep_state == 3 ? 2 : 0);
-#endif
-}
-
/* Entry from the mainboard. */
void romstage_common(struct romstage_params *params)
{
@@ -250,7 +243,9 @@ void romstage_common(struct romstage_params *params)
else
printk(BIOS_DEBUG, "Romstage handoff structure not added!\n");
- chromeos_init(prev_sleep_state);
+ if (CONFIG_LPC_TPM) {
+ init_tpm(prev_sleep_state == 3);
+ }
}
void asmlinkage romstage_after_car(void)
diff --git a/src/soc/intel/braswell/romstage/romstage.c b/src/soc/intel/braswell/romstage/romstage.c
index 9c8bbc4..5e5b8be 100644
--- a/src/soc/intel/braswell/romstage/romstage.c
+++ b/src/soc/intel/braswell/romstage/romstage.c
@@ -43,6 +43,7 @@
#include <soc/romstage.h>
#include <soc/smm.h>
#include <soc/spi.h>
+#include <tpm.h>
/* The cache-as-ram assembly file calls romstage_main() after setting up
* cache-as-ram. romstage_main() will then call the mainboards's
@@ -211,14 +212,6 @@ static int chipset_prev_sleep_state(struct chipset_power_state *ps)
return prev_sleep_state;
}
-static inline void chromeos_init(int prev_sleep_state)
-{
-#if CONFIG_CHROMEOS
- /* Normalize the sleep state to what init_chromeos() wants for S3: 2. */
- init_chromeos(prev_sleep_state == 3 ? 2 : 0);
-#endif
-}
-
/* Entry from the mainboard. */
void romstage_common(struct romstage_params *params)
{
@@ -250,7 +243,9 @@ void romstage_common(struct romstage_params *params)
else
printk(BIOS_DEBUG, "Romstage handoff structure not added!\n");
- chromeos_init(prev_sleep_state);
+ if (CONFIG_LPC_TPM) {
+ init_tpm(prev_sleep_state == 3);
+ }
}
void asmlinkage romstage_after_car(void)
diff --git a/src/soc/intel/broadwell/romstage/romstage.c b/src/soc/intel/broadwell/romstage/romstage.c
index 50d5b24..e950b1e 100644
--- a/src/soc/intel/broadwell/romstage/romstage.c
+++ b/src/soc/intel/broadwell/romstage/romstage.c
@@ -29,6 +29,7 @@
#include <cbmem.h>
#include <cpu/x86/mtrr.h>
#include <elog.h>
+#include <tpm.h>
#include <romstage_handoff.h>
#include <stage_cache.h>
#include <timestamp.h>
@@ -89,14 +90,6 @@ void * asmlinkage romstage_main(unsigned long bist,
return setup_stack_and_mttrs();
}
-static inline void chromeos_init(int prev_sleep_state)
-{
-#if CONFIG_CHROMEOS
- /* Normalize the sleep state to what init_chromeos() wants for S3: 2 */
- init_chromeos(prev_sleep_state == SLEEP_STATE_S3 ? 2 : 0);
-#endif
-}
-
/* Entry from the mainboard. */
void romstage_common(struct romstage_params *params)
{
@@ -132,7 +125,9 @@ void romstage_common(struct romstage_params *params)
else
printk(BIOS_DEBUG, "Romstage handoff structure not added!\n");
- chromeos_init(params->power_state->prev_sleep_state);
+#if CONFIG_LPC_TPM
+ init_tpm(prev_sleep_state == SLEEP_STATE_S3);
+#endif
}
void asmlinkage romstage_after_car(void)
diff --git a/src/vendorcode/google/chromeos/Kconfig b/src/vendorcode/google/chromeos/Kconfig
index 4e7fdac..0b0b862 100644
--- a/src/vendorcode/google/chromeos/Kconfig
+++ b/src/vendorcode/google/chromeos/Kconfig
@@ -26,6 +26,8 @@ config CHROMEOS
bool "Build for ChromeOS"
default n
select TPM
+ select TPM_INIT_FAILURE_IS_FATAL
+ select SKIP_TPM_STARTUP_ON_NORMAL_BOOT
select BOOTMODE_STRAPS
select ELOG
help
diff --git a/src/vendorcode/google/chromeos/Makefile.inc b/src/vendorcode/google/chromeos/Makefile.inc
index 67beaba..df24435 100644
--- a/src/vendorcode/google/chromeos/Makefile.inc
+++ b/src/vendorcode/google/chromeos/Makefile.inc
@@ -32,7 +32,6 @@ verstage-$(CONFIG_CHROMEOS_VBNV_FLASH) += vbnv_flash.c
romstage-$(CONFIG_CHROMEOS_VBNV_FLASH) += vbnv_flash.c
ramstage-$(CONFIG_CHROMEOS_VBNV_FLASH) += vbnv_flash.c
-romstage-$(CONFIG_ARCH_ROMSTAGE_X86_32) += vboot.c
ramstage-$(CONFIG_ELOG) += elog.c
ramstage-$(CONFIG_HAVE_ACPI_TABLES) += gnvs.c
ramstage-$(CONFIG_CHROMEOS_RAMOOPS) += ramoops.c
diff --git a/src/vendorcode/google/chromeos/chromeos.h b/src/vendorcode/google/chromeos/chromeos.h
index e495a11..c7048dd 100644
--- a/src/vendorcode/google/chromeos/chromeos.h
+++ b/src/vendorcode/google/chromeos/chromeos.h
@@ -39,9 +39,6 @@ void read_vbnv(uint8_t *vbnv_copy);
void save_vbnv(const uint8_t *vbnv_copy);
#if CONFIG_CHROMEOS
-/* functions implemented in vboot.c */
-void init_chromeos(int bootmode);
-
/* functions implemented in elog.c */
void elog_add_boot_reason(void);
@@ -53,7 +50,6 @@ int vboot_enable_developer(void);
int vboot_enable_recovery(void);
int vboot_skip_display_init(void);
#else
-static inline void init_chromeos(int bootmode) { }
static inline void elog_add_boot_reason(void) { return; }
static inline void elog_add_watchdog_reset(void) { return; }
static inline void reboot_from_watchdog(void) { return; }
diff --git a/src/vendorcode/google/chromeos/vboot.c b/src/vendorcode/google/chromeos/vboot.c
deleted file mode 100644
index 6678aaa..0000000
--- a/src/vendorcode/google/chromeos/vboot.c
+++ /dev/null
@@ -1,248 +0,0 @@
-/*
- * This file is part of the coreboot project.
- *
- * Copyright (C) 2011 The ChromiumOS Authors. All rights reserved.
- *
- * This program is free software; you can redistribute it and/or modify
- * it under the terms of the GNU General Public License as published by
- * the Free Software Foundation; version 2 of the License.
- *
- * This program is distributed in the hope that it will be useful,
- * but WITHOUT ANY WARRANTY; without even the implied warranty of
- * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
- * GNU General Public License for more details.
- *
- * You should have received a copy of the GNU General Public License
- * along with this program; if not, write to the Free Software
- * Foundation, Inc.
- */
-
-#include <types.h>
-#include <console/cbmem_console.h>
-#include <console/console.h>
-#include <arch/acpi.h>
-#include <tpm.h>
-#include <reset.h>
-#include "chromeos.h"
-
-//#define EXTRA_LOGGING
-#define UBOOT_DOES_TPM_STARTUP
-
-#define TPM_LARGE_ENOUGH_COMMAND_SIZE 256 /* saves space in the firmware */
-
-#define TPM_SUCCESS ((u32)0x00000000)
-
-#define TPM_E_IOERROR ((u32)0x0000001f)
-#define TPM_E_COMMUNICATION_ERROR ((u32)0x00005004)
-#define TPM_E_NON_FATAL ((u32)0x00000800)
-#define TPM_E_INVALID_POSTINIT ((u32)0x00000026)
-
-#define TPM_E_NEEDS_SELFTEST ((u32)(TPM_E_NON_FATAL + 1))
-#define TPM_E_DOING_SELFTEST ((u32)(TPM_E_NON_FATAL + 2))
-
-#if CONFIG_NO_TPM_RESUME
-static void init_vboot(int bootmode)
-{
-}
-#else
-static const struct {
- u8 buffer[12];
-} tpm_resume_cmd = {
- { 0x0, 0xc1, 0x0, 0x0, 0x0, 0xc, 0x0, 0x0, 0x0, 0x99, 0x0, 0x2 }
-};
-
-static const struct {
- u8 buffer[12];
-} tpm_startup_cmd = {
- {0x0, 0xc1, 0x0, 0x0, 0x0, 0xc, 0x0, 0x0, 0x0, 0x99, 0x0, 0x1 }
-};
-
-static const struct {
- u8 buffer[10];
-} tpm_continueselftest_cmd = {
- { 0x0, 0xc1, 0x0, 0x0, 0x0, 0xa, 0x0, 0x0, 0x0, 0x53 }
-};
-
-static inline void FromTpmUint32(const u8 * buffer, u32 * x)
-{
- *x = ((buffer[0] << 24) |
- (buffer[1] << 16) | (buffer[2] << 8) | buffer[3]);
-}
-
-static inline int TpmCommandSize(const u8 * buffer)
-{
- u32 size;
- FromTpmUint32(buffer + sizeof(u16), &size);
- return (int)size;
-}
-
-/* Gets the code field of a TPM command. */
-static inline int TpmCommandCode(const u8 * buffer)
-{
- u32 code;
- FromTpmUint32(buffer + sizeof(u16) + sizeof(u32), &code);
- return code;
-}
-
-/* Gets the return code field of a TPM result. */
-static inline int TpmReturnCode(const u8 * buffer)
-{
- return TpmCommandCode(buffer);
-}
-
-/* Like TlclSendReceive below, but do not retry if NEEDS_SELFTEST or
- * DOING_SELFTEST errors are returned.
- */
-static u32 TlclSendReceiveNoRetry(const u8 * request,
- u8 * response, int max_length)
-{
- size_t response_length = max_length;
- u32 result;
-
-#ifdef EXTRA_LOGGING
- printk(BIOS_DEBUG, "TPM: command: %x%x %x%x%x%x %x%x%x%x\n",
- request[0], request[1],
- request[2], request[3], request[4], request[5],
- request[6], request[7], request[8], request[9]);
-#endif
-
- result = TPM_SUCCESS;
- if (tis_sendrecv
- (request, TpmCommandSize(request), response, &response_length))
- result = TPM_E_IOERROR;
-
- if (0 != result) {
- /* Communication with TPM failed, so response is garbage */
- printk(BIOS_DEBUG,
- "TPM: command 0x%x send/receive failed: 0x%x\n",
- TpmCommandCode(request), result);
- return TPM_E_COMMUNICATION_ERROR;
- }
- /* Otherwise, use the result code from the response */
- result = TpmReturnCode(response);
-
-/* TODO: add paranoia about returned response_length vs. max_length
- * (and possibly expected length from the response header). See
- * crosbug.com/17017 */
-
-#ifdef EXTRA_LOGGING
- printk(BIOS_DEBUG, "TPM: response: %x%x %x%x%x%x %x%x%x%x\n",
- response[0], response[1],
- response[2], response[3], response[4], response[5],
- response[6], response[7], response[8], response[9]);
-#endif
-
- printk(BIOS_DEBUG, "TPM: command 0x%x returned 0x%x\n",
- TpmCommandCode(request), result);
-
- return result;
-}
-
-static inline u32 TlclContinueSelfTest(void)
-{
- u8 response[TPM_LARGE_ENOUGH_COMMAND_SIZE];
- printk(BIOS_DEBUG, "TPM: Continue self test\n");
- /* Call the No Retry version of SendReceive to avoid recursion. */
- return TlclSendReceiveNoRetry(tpm_continueselftest_cmd.buffer,
- response, sizeof(response));
-}
-
-/* Sends a TPM command and gets a response. Returns 0 if success or the TPM
- * error code if error. In the firmware, waits for the self test to complete
- * if needed. In the host, reports the first error without retries. */
-static u32 TlclSendReceive(const u8 * request, u8 * response, int max_length)
-{
- u32 result = TlclSendReceiveNoRetry(request, response, max_length);
- /* When compiling for the firmware, hide command failures due to the self
- * test not having run or completed. */
- /* If the command fails because the self test has not completed, try it
- * again after attempting to ensure that the self test has completed. */
- if (result == TPM_E_NEEDS_SELFTEST || result == TPM_E_DOING_SELFTEST) {
- result = TlclContinueSelfTest();
- if (result != TPM_SUCCESS) {
- return result;
- }
-#if defined(TPM_BLOCKING_CONTINUESELFTEST) || defined(VB_RECOVERY_MODE)
- /* Retry only once */
- result = TlclSendReceiveNoRetry(request, response, max_length);
-#else
- /* This needs serious testing. The TPM specification says:
- * "iii. The caller MUST wait for the actions of
- * TPM_ContinueSelfTest to complete before reissuing the
- * command C1." But, if ContinueSelfTest is non-blocking, how
- * do we know that the actions have completed other than trying
- * again? */
- do {
- result =
- TlclSendReceiveNoRetry(request, response,
- max_length);
- } while (result == TPM_E_DOING_SELFTEST);
-#endif
- }
-
- return result;
-}
-
-static void init_vboot(int bootmode)
-{
- u32 result;
- u8 response[TPM_LARGE_ENOUGH_COMMAND_SIZE];
-
-#ifdef UBOOT_DOES_TPM_STARTUP
- /* Doing TPM startup when we're not coming in on the S3 resume path
- * saves us roughly 20ms in boot time only. This does not seem to
- * be worth an API change to vboot_reference-firmware right now, so
- * let's keep the code around, but just bail out early:
- */
- if (bootmode != 2)
- return;
-#endif
-
- printk(BIOS_DEBUG, "Verified boot TPM initialization.\n");
-
- printk(BIOS_SPEW, "TPM: Init\n");
- if (tis_init())
- return;
-
- printk(BIOS_SPEW, "TPM: Open\n");
- if (tis_open())
- return;
-
-
- if (bootmode == 2) {
- /* S3 Resume */
- printk(BIOS_SPEW, "TPM: Resume\n");
- result = TlclSendReceive(tpm_resume_cmd.buffer,
- response, sizeof(response));
- if (result == TPM_E_INVALID_POSTINIT) {
- /* We're on a platform where the TPM maintains power
- * in S3, so it's already initialized.
- */
- printk(BIOS_DEBUG, "TPM: Already initialized.\n");
- return;
- }
- } else {
- printk(BIOS_SPEW, "TPM: Startup\n");
- result = TlclSendReceive(tpm_startup_cmd.buffer,
- response, sizeof(response));
- }
-
- if (result == TPM_SUCCESS) {
- printk(BIOS_SPEW, "TPM: OK.\n");
- return;
- }
-
-#if !MOCK_TPM
- printk(BIOS_ERR, "TPM: Error code 0x%x. Hard reset!\n", result);
- post_code(POST_TPM_FAILURE);
- if (IS_ENABLED(CONFIG_CONSOLE_CBMEM_DUMP_TO_UART))
- cbmem_dump_console();
- hard_reset();
-#endif
-}
-#endif
-
-void init_chromeos(int bootmode)
-{
- init_vboot(bootmode);
-}
More information about the coreboot-gerrit
mailing list