GNUBoot
/
coreboot-kgpe-d16
2
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

security/tpm/crtm.c: Fix !CONFIG_BOOTBLOCK_IN_CBFS measuring 

On some platforms the bootblock is not placed in cbfs, but embedded
inside another binary that loads in into DRAM/SRAM.
e8217b11f1 (Kconfig: Add an option to skip adding a cbfs bootblock on
x86) removed adding a cbfs file containing the bootblock in that case.

Change-Id: Id47ecedbc8713ebd5d9814f1c4faf43c52780447
Signed-off-by: Arthur Heymans <arthur@aheymans.xyz>
Signed-off-by: Werner Zeh <werner.zeh@siemens.com>
Reviewed-on: https://review.coreboot.org/c/coreboot/+/64418
Tested-by: build bot (Jenkins) <no-reply@coreboot.org>
This commit is contained in:
Arthur Heymans 2022-05-17 09:57:01 +02:00 committed by Felix Held
parent b844e6d434
commit 9642e97c19
1 changed files with 2 additions and 2 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
src/security/tpm/tspi/crtm.c
View File

@ -60,7 +60,7 @@ static uint32_t tspi_init_crtm(void)
TPM_CRTM_PCR, TPM_CRTM_PCR,
"FMAP: BOOTBLOCK")) "FMAP: BOOTBLOCK"))
return VB2_ERROR_UNKNOWN; return VB2_ERROR_UNKNOWN;
} else { } else if (CONFIG(BOOTBLOCK_IN_CBFS)){
/* Mapping measures the file. We know we can safely map here because /* Mapping measures the file. We know we can safely map here because
bootblock-as-a-file is only used on x86, where we don't need cache to map. */ bootblock-as-a-file is only used on x86, where we don't need cache to map. */
enum cbfs_type type = CBFS_TYPE_BOOTBLOCK; enum cbfs_type type = CBFS_TYPE_BOOTBLOCK;
@ -71,7 +71,7 @@ static uint32_t tspi_init_crtm(void)
return VB2_ERROR_UNKNOWN; return VB2_ERROR_UNKNOWN;
} }
cbfs_unmap(mapping); cbfs_unmap(mapping);
} } /* else: TODO: Add SoC specific measurement methods. */
return VB2_SUCCESS; return VB2_SUCCESS;
} }