From 17cb5becca3972525e53aa36fe9abdb5d5b8d782 Mon Sep 17 00:00:00 2001 From: Arthur Heymans Date: Mon, 14 Jun 2021 09:17:49 +0200 Subject: [PATCH] security/tpm/tspi: Reduce scope of tspi_init_crtm This is only called locally. Change-Id: Ie3eaf659a2868eee1d4688885495c413f94f42e2 Signed-off-by: Arthur Heymans Reviewed-on: https://review.coreboot.org/c/coreboot/+/55469 Tested-by: build bot (Jenkins) Reviewed-by: Johnny Lin Reviewed-by: Angel Pons Reviewed-by: Christian Walter --- src/security/tpm/tspi/crtm.c | 18 +++++++++++++++++- src/security/tpm/tspi/crtm.h | 18 ------------------ 2 files changed, 17 insertions(+), 19 deletions(-) diff --git a/src/security/tpm/tspi/crtm.c b/src/security/tpm/tspi/crtm.c index 147fc76bbf..1559838430 100644 --- a/src/security/tpm/tspi/crtm.c +++ b/src/security/tpm/tspi/crtm.c @@ -46,7 +46,23 @@ static inline int tcpa_log_available(void) return 1; } -uint32_t tspi_init_crtm(void) +/* + * Initializes the Core Root of Trust for Measurements + * in coreboot. The initial code in a chain of trust must measure + * itself. + * + * Summary: + * + Measures the FMAP FMAP partition. + * + Measures bootblock in CBFS or BOOTBLOCK FMAP partition. + * + If vboot starts in romstage, it measures the romstage + * in CBFS. + * + Measure the verstage if it is compiled as separate + * stage. + * + * Takes the current vboot context as parameter for s3 checks. + * returns on success VB2_SUCCESS, else a vboot error. + */ +static uint32_t tspi_init_crtm(void) { struct prog bootblock = PROG_INIT(PROG_BOOTBLOCK, "bootblock"); diff --git a/src/security/tpm/tspi/crtm.h b/src/security/tpm/tspi/crtm.h index f857ca7460..011fa26ad7 100644 --- a/src/security/tpm/tspi/crtm.h +++ b/src/security/tpm/tspi/crtm.h @@ -16,24 +16,6 @@ */ #define TPM_RUNTIME_DATA_PCR 3 -/* - * Initializes the Core Root of Trust for Measurements - * in coreboot. The initial code in a chain of trust must measure - * itself. - * - * Summary: - * + Measures the FMAP FMAP partition. - * + Measures bootblock in CBFS or BOOTBLOCK FMAP partition. - * + If vboot starts in romstage, it measures the romstage - * in CBFS. - * + Measure the verstage if it is compiled as separate - * stage. - * - * Takes the current vboot context as parameter for s3 checks. - * returns on success VB2_SUCCESS, else a vboot error. - */ -uint32_t tspi_init_crtm(void); - /** * Measure digests cached in TCPA log entries into PCRs */