From 1fed53f08a8099e03e352034b1265cc7b2fd427a Mon Sep 17 00:00:00 2001 From: Shelley Chen Date: Fri, 16 Oct 2020 12:30:05 -0700 Subject: [PATCH] mrc_cache: Move mrc_cache_*_hash functions into mrc_cache driver This CL would remove these calls from fsp 2.0. Platforms that select MRC_STASH_TO_CBMEM, updating the TPM NVRAM space is moved from romstage (when data stashed to CBMEM) to ramstage (when data is written back to SPI flash. BUG=b:150502246 BRANCH=None TEST=make sure memory training still works on nami Change-Id: I3088ca6927c7dbc65386c13e868afa0462086937 Signed-off-by: Shelley Chen Reviewed-on: https://review.coreboot.org/c/coreboot/+/46510 Tested-by: build bot (Jenkins) Reviewed-by: Furquan Shaikh Reviewed-by: Julius Werner --- src/drivers/intel/fsp2_0/memory_init.c | 13 ------------- src/drivers/mrc_cache/mrc_cache.c | 11 +++++++++++ src/security/vboot/Makefile.inc | 1 + 3 files changed, 12 insertions(+), 13 deletions(-) diff --git a/src/drivers/intel/fsp2_0/memory_init.c b/src/drivers/intel/fsp2_0/memory_init.c index 09aad6be81..68cc1215a5 100644 --- a/src/drivers/intel/fsp2_0/memory_init.c +++ b/src/drivers/intel/fsp2_0/memory_init.c @@ -19,18 +19,12 @@ #include #include #include -#include #include #include #include static uint8_t temp_ram[CONFIG_FSP_TEMP_RAM_SIZE] __aligned(sizeof(uint64_t)); -/* TPM MRC hash functionality depends on vboot starting before memory init. */ -_Static_assert(!CONFIG(MRC_SAVE_HASH_IN_TPM) || - CONFIG(VBOOT_STARTS_IN_BOOTBLOCK), - "for TPM MRC hash functionality, vboot must start in bootblock"); - static void save_memory_training_data(bool s3wake, uint32_t fsp_version) { size_t mrc_data_size; @@ -54,9 +48,6 @@ static void save_memory_training_data(bool s3wake, uint32_t fsp_version) if (mrc_cache_stash_data(MRC_TRAINING_DATA, fsp_version, mrc_data, mrc_data_size) < 0) printk(BIOS_ERR, "Failed to stash MRC data\n"); - - if (CONFIG(MRC_SAVE_HASH_IN_TPM)) - mrc_cache_update_hash(mrc_data, mrc_data_size); } static void do_fsp_post_memory_init(bool s3wake, uint32_t fsp_version) @@ -121,10 +112,6 @@ static void fsp_fill_mrc_cache(FSPM_ARCH_UPD *arch_upd, uint32_t fsp_version) if (data == NULL) return; - if (CONFIG(MRC_SAVE_HASH_IN_TPM) && - !mrc_cache_verify_hash(data, mrc_size)) - return; - /* MRC cache found */ arch_upd->NvsBufferPtr = data; diff --git a/src/drivers/mrc_cache/mrc_cache.c b/src/drivers/mrc_cache/mrc_cache.c index a083655a2f..95abc4f1f8 100644 --- a/src/drivers/mrc_cache/mrc_cache.c +++ b/src/drivers/mrc_cache/mrc_cache.c @@ -10,6 +10,7 @@ #include #include #include +#include #include #include @@ -82,6 +83,11 @@ static const struct cache_region *cache_regions[] = { &variable_data, }; +/* TPM MRC hash functionality depends on vboot starting before memory init. */ +_Static_assert(!CONFIG(MRC_SAVE_HASH_IN_TPM) || + CONFIG(VBOOT_STARTS_IN_BOOTBLOCK), + "for TPM MRC hash functionality, vboot must start in bootblock"); + static int lookup_region_by_name(const char *name, struct region *r) { if (fmap_locate_area(name, r) == 0) @@ -185,6 +191,9 @@ static int mrc_data_valid(const struct mrc_metadata *md, return -1; } + if (CONFIG(MRC_SAVE_HASH_IN_TPM) && !mrc_cache_verify_hash(data, data_size)) + return -1; + return 0; } @@ -443,6 +452,8 @@ static void update_mrc_cache_by_type(int type, } else { printk(BIOS_DEBUG, "MRC: updated '%s'.\n", cr->name); log_event_cache_update(cr->elog_slot, UPDATE_SUCCESS); + if (CONFIG(MRC_SAVE_HASH_IN_TPM)) + mrc_cache_update_hash(new_data, new_data_size); } } diff --git a/src/security/vboot/Makefile.inc b/src/security/vboot/Makefile.inc index d4dabe2493..4cf809016a 100644 --- a/src/security/vboot/Makefile.inc +++ b/src/security/vboot/Makefile.inc @@ -119,6 +119,7 @@ ramstage-y += common.c postcar-y += common.c romstage-$(CONFIG_MRC_SAVE_HASH_IN_TPM) += mrc_cache_hash_tpm.c +ramstage-$(CONFIG_MRC_SAVE_HASH_IN_TPM) += mrc_cache_hash_tpm.c ifeq ($(CONFIG_VBOOT_SEPARATE_VERSTAGE),y)