drivers/intel/fsp2_0: fix TPM setup and MRC cache hash logic

When VBOOT_STARTS_IN_BOOTBLOCK is selected, the tpm_setup call in memory_init.c is not used. When VBOOT_STARTS_IN_ROMSTAGE is selected, the tpm_setup call in memory_init.c is triggered. However, when verstage runs, tpm_setup is called yet again, and an error is triggered from the multiple initialization calls. Since there are currently no boards using VBOOT_STARTS_IN_ROMSTAGE + FSP2_0_USES_TPM_MRC_HASH, disable this combination via Kconfig, and remove the tpm_setup call from Intel FSP memory initializion code. * VBOOT=y VBOOT_STARTS_IN_BOOTBLOCK=y vboot is enabled, and TPM is setup prior to Intel FSP memory initialization. Allow FSP2_0_USES_TPM_MRC_HASH option. * VBOOT=y VBOOT_STARTS_IN_BOOTBLOCK=n vboot is enabled, but TPM is setup in romstage, after Intel FSP memory initialization. Disallow FSP2_0_USES_TPM_MRC_HASH option. * VBOOT=n vboot is disabled. Disallow FSP2_0_USES_TPM_MRC_HASH option. See bug for more information: https://bugs.chromium.org/p/chromium/issues/detail?id=940377 BUG=chromium:940377 TEST=util/lint/checkpatch.pl -g origin/master..HEAD TEST=util/abuild/abuild -B -e -y -c 50 -p none -x TEST=make clean && make test-abuild BRANCH=none Change-Id: I4ba91c275c33245be61041cb592e52f861dbafe6 Signed-off-by: Joel Kitching <kitching@google.com> Reviewed-on: https://review.coreboot.org/c/coreboot/+/31837 Reviewed-by: Furquan Shaikh <furquan@google.com> Tested-by: build bot (Jenkins) <no-reply@coreboot.org>
2019-03-11 17:47:24 +08:00 · 2019-03-11 17:47:24 +08:00 · 2c8243cf6d
parent 6e401cf7e6
commit 2c8243cf6d
2 changed files with 15 additions and 9 deletions
--- a/src/drivers/intel/fsp2_0/Kconfig
+++ b/src/drivers/intel/fsp2_0/Kconfig
@ -159,10 +159,19 @@ config DISPLAY_FSP_VERSION_INFO
 config FSP2_0_USES_TPM_MRC_HASH
 	bool
 	depends on TPM1 || TPM2
-	depends on VBOOT
+	depends on VBOOT && VBOOT_STARTS_IN_BOOTBLOCK
 	default y if HAS_RECOVERY_MRC_CACHE
 	default n
 	select VBOOT_HAS_REC_HASH_SPACE
+	help
+	  Store hash of trained recovery MRC cache in NVRAM space in TPM.
+	  Use the hash to validate recovery MRC cache before using it.
+	  This hash needs to be updated every time recovery mode training
+	  is recomputed, or if the hash does not match recovery MRC cache.
+	  Selecting this option requires that TPM already be setup by this
+	  point in time.  Thus it is only compatible when the option
+	  VBOOT_STARTS_IN_BOOTBLOCK is selected, which causes verstage and
+	  TPM setup to occur prior to memory initialization.

 config FSP_PLATFORM_MEMORY_SETTINGS_VERSIONS
 	bool
--- a/src/drivers/intel/fsp2_0/memory_init.c
+++ b/src/drivers/intel/fsp2_0/memory_init.c
@ -33,6 +33,11 @@
 #include <vb2_api.h>
 #include <fsp/memory_init.h>

+/* TPM MRC hash functionality depends on vboot starting before memory init. */
+_Static_assert(!CONFIG(FSP2_0_USES_TPM_MRC_HASH) ||
+	       CONFIG(VBOOT_STARTS_IN_BOOTBLOCK),
+	       "for TPM MRC hash functionality, vboot must start in bootblock");
+
 static void save_memory_training_data(bool s3wake, uint32_t fsp_version)
 {
 	size_t  mrc_data_size;
@ -92,14 +97,6 @@ static void do_fsp_post_memory_init(bool s3wake, uint32_t fsp_version)

 	/* Create romstage handof information */
 	romstage_handoff_init(s3wake);
-
-	/*
-	 * Initialize the TPM, unless the TPM was already initialized
-	 * in verstage and used to verify romstage.
-	 */
-	if ((CONFIG(TPM1) || CONFIG(TPM2)) &&
-	    !CONFIG(VBOOT_STARTS_IN_BOOTBLOCK))
-		tpm_setup(s3wake);
 }

 static void fsp_fill_mrc_cache(FSPM_ARCH_UPD *arch_upd, uint32_t fsp_version)