GNUBoot
/
coreboot-kgpe-d16
2
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

libpayload: Enable vboot integration 

This patch introduces building and linking of 3rdparty/vboot with
libpayload. VBoot can be enabled by setting CONFIG_LP_VBOOT_LIB.
Moreover it can be configured to use either TPM or TPM 2.0 mode,
and whether to use SHA256 processor extension instructions on x86.

Change-Id: I2d9d766a461edaa0081041c020ecf580fd2ca64e
Signed-off-by: Jakub Czapiga <jacz@semihalf.com>
Reviewed-on: https://review.coreboot.org/c/coreboot/+/60080
Tested-by: build bot (Jenkins) <no-reply@coreboot.org>
Reviewed-by: Julius Werner <jwerner@chromium.org>
This commit is contained in:
Jakub Czapiga 2021-12-06 09:01:50 +00:00 committed by Felix Held
parent b7d1b35175
commit 1fa3da4d9b
5 changed files with 85 additions and 4 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

3
payloads/libpayload/Kconfig
View File

@ -227,6 +227,9 @@ config LZ4
help help
Decoder implementation for the LZ4 compression algorithm. Decoder implementation for the LZ4 compression algorithm.
Adds standalone functions (CBFS support coming soon). Adds standalone functions (CBFS support coming soon).
source "vboot/Kconfig"
endmenu endmenu
menu "Console Options" menu "Console Options"

4
payloads/libpayload/Makefile
View File

@ -326,7 +326,7 @@ src-to-obj=\
$(basename \ $(basename \
$(addprefix $(obj)/,\ $(addprefix $(obj)/,\
$(subst $(coreboottop)/,coreboot/,$(2))))) $(subst $(coreboottop)/,coreboot/,$(2)))))
$(foreach class,$(classes),$(eval $(class)-objs:=$(call src-to-obj,$(class),$($(class)-srcs)))) $(foreach class,$(classes),$(eval $(class)-objs+=$(call src-to-obj,$(class),$($(class)-srcs))))
allsrcs:=$(foreach var, $(addsuffix -srcs,$(classes)), $($(var))) allsrcs:=$(foreach var, $(addsuffix -srcs,$(classes)), $($(var)))
allobjs:=$(foreach var, $(addsuffix -objs,$(classes)), $($(var))) allobjs:=$(foreach var, $(addsuffix -objs,$(classes)), $($(var)))
@ -355,7 +355,7 @@ $(foreach class,$(classes), \
foreach-src=$(foreach file,$($(1)-srcs),$(eval $(call $(1)-objs_$(subst .,,$(suffix $(file)))_template,$(basename $(file))))) foreach-src=$(foreach file,$($(1)-srcs),$(eval $(call $(1)-objs_$(subst .,,$(suffix $(file)))_template,$(basename $(file)))))
$(eval $(foreach class,$(classes),$(call foreach-src,$(class)))) $(eval $(foreach class,$(classes),$(call foreach-src,$(class))))
DEPENDENCIES = $(allobjs:.o=.d) DEPENDENCIES = $($(filter %.o,%(allobjs)):.o=.d)
-include $(DEPENDENCIES) -include $(DEPENDENCIES)
printall: printall:

9
payloads/libpayload/Makefile.inc
View File

@ -46,6 +46,8 @@ classes-$(CONFIG_LP_CBFS) += libcbfs
classes-$(CONFIG_LP_LZMA) += liblzma classes-$(CONFIG_LP_LZMA) += liblzma
classes-$(CONFIG_LP_LZ4) += liblz4 classes-$(CONFIG_LP_LZ4) += liblz4
classes-$(CONFIG_LP_REMOTEGDB) += libgdb classes-$(CONFIG_LP_REMOTEGDB) += libgdb
classes-$(CONFIG_LP_VBOOT_LIB) += vboot_fw
classes-$(CONFIG_LP_VBOOT_LIB) += tlcl
libraries := $(classes-y) libraries := $(classes-y)
classes-y += head.o classes-y += head.o
@ -55,6 +57,7 @@ subdirs-$(CONFIG_LP_CURSES) += curses
subdirs-$(CONFIG_LP_CBFS) += libcbfs subdirs-$(CONFIG_LP_CBFS) += libcbfs
subdirs-$(CONFIG_LP_LZMA) += liblzma subdirs-$(CONFIG_LP_LZMA) += liblzma
subdirs-$(CONFIG_LP_LZ4) += liblz4 subdirs-$(CONFIG_LP_LZ4) += liblz4
subdirs-$(CONFIG_LP_VBOOT_LIB) += vboot
INCLUDES := -Iinclude -Iinclude/$(ARCHDIR-y) -I$(obj) INCLUDES := -Iinclude -Iinclude/$(ARCHDIR-y) -I$(obj)
INCLUDES += -include include/kconfig.h -include include/compiler.h INCLUDES += -include include/kconfig.h -include include/compiler.h
@ -91,11 +94,13 @@ includes-handler= \
$(obj)/libpayload.a: $(foreach class,$(libraries),$$($(class)-objs)) $(obj)/libpayload.a: $(foreach class,$(libraries),$$($(class)-objs))
printf " AR $(subst $(CURDIR)/,,$(@))\n" printf " AR $(subst $(CURDIR)/,,$(@))\n"
$(AR) rc $@ $^ $(AR) rc $@ $(filter-out %.a,$^)
printf "open $@\n$(foreach lib,$(filter %.a,$^),addlib $(lib)\n)save\nend\n" | $(AR) -M
$(obj)/%.a: $$(%-objs) $(obj)/%.a: $$(%-objs)
printf " AR $(subst $(CURDIR)/,,$(@))\n" printf " AR $(subst $(CURDIR)/,,$(@))\n"
$(AR) rc $@ $^ $(AR) rc $@ $(filter-out %.a,$^)
printf "open $@\n$(foreach lib,$(filter %.a,$^),addlib $(lib)\n)save\nend\n" | $(AR) -M
$(obj)/head.o: $(obj)/arch/$(ARCHDIR-y)/head.head.o.o $(obj)/head.o: $(obj)/arch/$(ARCHDIR-y)/head.head.o.o
printf " CP $(subst $(CURDIR)/,,$(@))\n" printf " CP $(subst $(CURDIR)/,,$(@))\n"

25
payloads/libpayload/vboot/Kconfig Normal file
View File

@ -0,0 +1,25 @@
# SPDX-License-Identifier: BSD-3-Clause
config VBOOT_LIB
bool "Compile verified boot (vboot) library"
default n
help
This option enables compiling and building vboot libraries vboot_fw and tlcl.
if VBOOT_LIB
config VBOOT_TPM2_MODE
bool "TPM2 Mode"
default y
help
This option enables TPM 2.0 support in vboot. Disabling it allows using TPM 1.2.
config VBOOT_X86_SHA_EXT
bool "x86 SHA Extension"
default n
depends on ARCH_X86
help
This option enables SHA256 implementation using x86 SHA processor extension
instructions: sha256msg1, sha256msg2, sha256rnds2.
endif

48
payloads/libpayload/vboot/Makefile.inc Normal file
View File

@ -0,0 +1,48 @@
# SPDX-License-Identifier: BSD-3-Clause
VBOOT_SOURCE ?= $(coreboottop)/3rdparty/vboot
VBOOT_BUILD_DIR ?= $(abspath $(obj)/external/vboot)
VBOOT_FW_LIB = $(VBOOT_BUILD_DIR)/vboot_fw.a
TLCL_LIB = $(VBOOT_BUILD_DIR)/tlcl.a
vboot_fw-objs += $(VBOOT_FW_LIB)
tlcl-objs += $(TLCL_LIB)
kconfig-to-binary=$(if $(1),1,0)
vboot-fixup-includes = $(patsubst -I%,-I$(top)/%,\
$(patsubst include/%.h,$(top)/include/%.h,\
$(filter-out -I$(obj),$(1))))
ifeq ($(CONFIG_LP_ARCH_MOCK),)
VBOOT_CFLAGS += $(call vboot-fixup-includes,$(CFLAGS))
VBOOT_CFLAGS += -I$(abspath $(obj))
endif
# Enable vboot debug by default
VBOOT_CFLAGS += -DVBOOT_DEBUG
VBOOT_FIRMWARE_ARCH-$(CONFIG_LP_ARCH_ARM) := arm
VBOOT_FIRMWARE_ARCH-$(CONFIG_LP_ARCH_X86) := x86
VBOOT_FIRMWARE_ARCH-$(CONFIG_LP_ARCH_ARM64) := arm64
ifeq ($(CONFIG_LP_ARCH_MOCK)$(VBOOT_FIRMWARE_ARCH-y),)
$(error vboot requires architecture to be set in the configuration)
endif
$(VBOOT_FW_LIB): $(obj)/libpayload-config.h
@printf " MAKE $(subst $(obj)/,,$(@))\n"
+$(Q) FIRMWARE_ARCH=$(VBOOT_FIRMWARE_ARCH-y) \
CC=$(CC) \
CFLAGS="$(VBOOT_CFLAGS)" \
$(MAKE) -C "$(VBOOT_SOURCE)" \
TPM2_MODE=$(call kconfig-to-binary, $(CONFIG_LP_VBOOT_TPM2_MODE)) \
X86_SHA_EXT=$(call kconfig-to-binary, $(CONFIG_LP_VBOOT_X86_SHA_EXT)) \
UNROLL_LOOPS=1 \
BUILD=$(VBOOT_BUILD_DIR) \
V=$(V) \
$(VBOOT_BUILD_DIR)/vboot_fw.a tlcl
$(TLCL_LIB): $(VBOOT_FW_LIB)
.PHONY: $(VBOOT_FW_LIB) $(TLCL_LIB)