mrc_cache: Add config MRC_SAVE_HASH_IN_TPM

Use this config to specify whether we want to save a hash of the
MRC_CACHE in the TPM NVRAM space.  Replace all uses of
FSP2_0_USES_TPM_MRC_HASH with MRC_SAVE_HASH_IN_TPM and remove the
FSP2_0_USES_TPM_MRC_HASH config.  Note that TPM1 platforms will not
select MRC_SAVE_HASH_IN_TPM as none of them use FSP2.0 and have
recovery MRC_CACHE.

BUG=b:150502246
BRANCH=None
TEST=emerge-nami coreboot chromeos-bootimage

Change-Id: Ic5ffcdba27cb1f09c39c3835029c8d9cc3453af1
Signed-off-by: Shelley Chen <shchen@google.com>
Reviewed-on: https://review.coreboot.org/c/coreboot/+/46509
Tested-by: build bot (Jenkins) <no-reply@coreboot.org>
Reviewed-by: Furquan Shaikh <furquan@google.com>

src/drivers/intel/fsp2_0/Kconfig

@@ -141,23 +141,6 @@ config FSP_TEMP_RAM_SIZE
 	  own stack that will be placed in DRAM and not in CAR, this is the
 	  amount of memory the FSP needs for its stack and heap.
 
-config FSP2_0_USES_TPM_MRC_HASH
-	bool
-	depends on TPM1 || TPM2
-	depends on VBOOT && VBOOT_STARTS_IN_BOOTBLOCK
-	default y if HAS_RECOVERY_MRC_CACHE
-	default n
-	select VBOOT_HAS_REC_HASH_SPACE
-	help
-	  Store hash of trained recovery MRC cache in NVRAM space in TPM.
-	  Use the hash to validate recovery MRC cache before using it.
-	  This hash needs to be updated every time recovery mode training
-	  is recomputed, or if the hash does not match recovery MRC cache.
-	  Selecting this option requires that TPM already be setup by this
-	  point in time.  Thus it is only compatible when the option
-	  VBOOT_STARTS_IN_BOOTBLOCK is selected, which causes verstage and
-	  TPM setup to occur prior to memory initialization.
-
 config FSP_PLATFORM_MEMORY_SETTINGS_VERSIONS
 	bool
 	help

src/drivers/intel/fsp2_0/memory_init.c

@@ -19,15 +19,15 @@
 #include <symbols.h>
 #include <timestamp.h>
 #include <security/vboot/vboot_common.h>
-#include <security/tpm/tspi.h>
 #include <security/vboot/mrc_cache_hash_tpm.h>
+#include <security/tpm/tspi.h>
 #include <vb2_api.h>
 #include <types.h>
 
 static uint8_t temp_ram[CONFIG_FSP_TEMP_RAM_SIZE] __aligned(sizeof(uint64_t));
 
 /* TPM MRC hash functionality depends on vboot starting before memory init. */
-_Static_assert(!CONFIG(FSP2_0_USES_TPM_MRC_HASH) ||
+_Static_assert(!CONFIG(MRC_SAVE_HASH_IN_TPM) ||
 	       CONFIG(VBOOT_STARTS_IN_BOOTBLOCK),
 	       "for TPM MRC hash functionality, vboot must start in bootblock");
 
@@ -55,7 +55,7 @@ static void save_memory_training_data(bool s3wake, uint32_t fsp_version)
 				mrc_data_size) < 0)
 		printk(BIOS_ERR, "Failed to stash MRC data\n");
 
-	if (CONFIG(FSP2_0_USES_TPM_MRC_HASH))
+	if (CONFIG(MRC_SAVE_HASH_IN_TPM))
 		mrc_cache_update_hash(mrc_data, mrc_data_size);
 }
 
@@ -121,7 +121,7 @@ static void fsp_fill_mrc_cache(FSPM_ARCH_UPD *arch_upd, uint32_t fsp_version)
 	if (data == NULL)
 		return;
 
-	if (CONFIG(FSP2_0_USES_TPM_MRC_HASH) &&
+	if (CONFIG(MRC_SAVE_HASH_IN_TPM) &&
 	    !mrc_cache_verify_hash(data, mrc_size))
 		return;
 

src/drivers/mrc_cache/Kconfig

@@ -49,4 +49,12 @@ config MRC_STASH_TO_CBMEM
 	  that need to write back the MRC data in late ramstage boot
 	  states (MRC_WRITE_NV_LATE).
 
+config MRC_SAVE_HASH_IN_TPM
+	bool "Save a hash of the MRC_CACHE data in TPM NVRAM"
+	depends on VBOOT_STARTS_IN_BOOTBLOCK && TPM2 && !TPM1
+	default y
+	help
+	  Store a hash of the MRC_CACHE training data in a TPM NVRAM
+	  space to ensure that it cannot be tampered with.
+
 endif # CACHE_MRC_SETTINGS

src/security/vboot/Kconfig

@@ -159,6 +159,7 @@ config VBOOT_ALWAYS_ALLOW_UDC
 
 config VBOOT_HAS_REC_HASH_SPACE
 	bool
+	default y if MRC_SAVE_HASH_IN_TPM && HAS_RECOVERY_MRC_CACHE
 	default n
 	help
 	  Set this option to indicate to vboot that recovery data hash space

src/security/vboot/Makefile.inc

@@ -118,7 +118,7 @@ romstage-y += common.c
 ramstage-y += common.c
 postcar-y += common.c
 
-romstage-$(CONFIG_FSP2_0_USES_TPM_MRC_HASH) += mrc_cache_hash_tpm.c
+romstage-$(CONFIG_MRC_SAVE_HASH_IN_TPM) += mrc_cache_hash_tpm.c
 
 ifeq ($(CONFIG_VBOOT_SEPARATE_VERSTAGE),y)