GNUBoot
/
coreboot-kgpe-d16
2
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

vc/eltan/security/verified_boot/vboot_check.c: Add check PROG_POSTCAR 

On Coffee Lake systems prog_locate_hook() is called with PROG_POSTCAR.
For this reason the early check is not executed.

Add check for prog->type == PROG_POSTCAR, but execute
verified_boot_early_check() once.

BUG  = N/A
TEST = Build and boot on Facebook FBG1701 and Intel CoffeeLake system

Change-Id: Ia3bd36064bcc8176302834c1e46a225937d61c20
Signed-off-by: Frans Hendriks <fhendriks@eltan.com>
Reviewed-on: https://review.coreboot.org/c/coreboot/+/48852
Reviewed-by: Wim Vervoorn <wvervoorn@eltan.com>
Tested-by: build bot (Jenkins) <no-reply@coreboot.org>
This commit is contained in:
Frans Hendriks 2020-12-22 14:34:23 +01:00 committed by Patrick Georgi
parent ddedd118ac
commit 70dca08f25
1 changed files with 6 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

7
src/vendorcode/eltan/security/verified_boot/vboot_check.c
View File

@ -345,12 +345,17 @@ int verified_boot_should_run_oprom(struct rom_header *rom_header)
int prog_locate_hook(struct prog *prog)
{
static int initialized;
if (ENV_BOOTBLOCK)
verified_boot_bootblock_check();
if (ENV_ROMSTAGE) {
if (prog->type == PROG_REFCODE)
if (!initialized && ((prog->type == PROG_REFCODE) ||
(prog->type == PROG_POSTCAR))) {
verified_boot_early_check();
initialized = 1;
}
if (CONFIG(POSTCAR_STAGE) && prog->type == PROG_POSTCAR)
process_verify_list(postcar_verify_list);