mrc_cache: Add config MRC_SAVE_HASH_IN_TPM

Use this config to specify whether we want to save a hash of the
MRC_CACHE in the TPM NVRAM space.  Replace all uses of
FSP2_0_USES_TPM_MRC_HASH with MRC_SAVE_HASH_IN_TPM and remove the
FSP2_0_USES_TPM_MRC_HASH config.  Note that TPM1 platforms will not
select MRC_SAVE_HASH_IN_TPM as none of them use FSP2.0 and have
recovery MRC_CACHE.

BUG=b:150502246
BRANCH=None
TEST=emerge-nami coreboot chromeos-bootimage

Change-Id: Ic5ffcdba27cb1f09c39c3835029c8d9cc3453af1
Signed-off-by: Shelley Chen <shchen@google.com>
Reviewed-on: https://review.coreboot.org/c/coreboot/+/46509
Tested-by: build bot (Jenkins) <no-reply@coreboot.org>
Reviewed-by: Furquan Shaikh <furquan@google.com>
This commit is contained in:
Shelley Chen 2020-10-16 12:20:16 -07:00 committed by Julius Werner
parent 9eabeb53ab
commit 9f8ac64bae
5 changed files with 14 additions and 22 deletions

View file

@ -141,23 +141,6 @@ config FSP_TEMP_RAM_SIZE
own stack that will be placed in DRAM and not in CAR, this is the own stack that will be placed in DRAM and not in CAR, this is the
amount of memory the FSP needs for its stack and heap. amount of memory the FSP needs for its stack and heap.
config FSP2_0_USES_TPM_MRC_HASH
bool
depends on TPM1 || TPM2
depends on VBOOT && VBOOT_STARTS_IN_BOOTBLOCK
default y if HAS_RECOVERY_MRC_CACHE
default n
select VBOOT_HAS_REC_HASH_SPACE
help
Store hash of trained recovery MRC cache in NVRAM space in TPM.
Use the hash to validate recovery MRC cache before using it.
This hash needs to be updated every time recovery mode training
is recomputed, or if the hash does not match recovery MRC cache.
Selecting this option requires that TPM already be setup by this
point in time. Thus it is only compatible when the option
VBOOT_STARTS_IN_BOOTBLOCK is selected, which causes verstage and
TPM setup to occur prior to memory initialization.
config FSP_PLATFORM_MEMORY_SETTINGS_VERSIONS config FSP_PLATFORM_MEMORY_SETTINGS_VERSIONS
bool bool
help help

View file

@ -19,15 +19,15 @@
#include <symbols.h> #include <symbols.h>
#include <timestamp.h> #include <timestamp.h>
#include <security/vboot/vboot_common.h> #include <security/vboot/vboot_common.h>
#include <security/tpm/tspi.h>
#include <security/vboot/mrc_cache_hash_tpm.h> #include <security/vboot/mrc_cache_hash_tpm.h>
#include <security/tpm/tspi.h>
#include <vb2_api.h> #include <vb2_api.h>
#include <types.h> #include <types.h>
static uint8_t temp_ram[CONFIG_FSP_TEMP_RAM_SIZE] __aligned(sizeof(uint64_t)); static uint8_t temp_ram[CONFIG_FSP_TEMP_RAM_SIZE] __aligned(sizeof(uint64_t));
/* TPM MRC hash functionality depends on vboot starting before memory init. */ /* TPM MRC hash functionality depends on vboot starting before memory init. */
_Static_assert(!CONFIG(FSP2_0_USES_TPM_MRC_HASH) || _Static_assert(!CONFIG(MRC_SAVE_HASH_IN_TPM) ||
CONFIG(VBOOT_STARTS_IN_BOOTBLOCK), CONFIG(VBOOT_STARTS_IN_BOOTBLOCK),
"for TPM MRC hash functionality, vboot must start in bootblock"); "for TPM MRC hash functionality, vboot must start in bootblock");
@ -55,7 +55,7 @@ static void save_memory_training_data(bool s3wake, uint32_t fsp_version)
mrc_data_size) < 0) mrc_data_size) < 0)
printk(BIOS_ERR, "Failed to stash MRC data\n"); printk(BIOS_ERR, "Failed to stash MRC data\n");
if (CONFIG(FSP2_0_USES_TPM_MRC_HASH)) if (CONFIG(MRC_SAVE_HASH_IN_TPM))
mrc_cache_update_hash(mrc_data, mrc_data_size); mrc_cache_update_hash(mrc_data, mrc_data_size);
} }
@ -121,7 +121,7 @@ static void fsp_fill_mrc_cache(FSPM_ARCH_UPD *arch_upd, uint32_t fsp_version)
if (data == NULL) if (data == NULL)
return; return;
if (CONFIG(FSP2_0_USES_TPM_MRC_HASH) && if (CONFIG(MRC_SAVE_HASH_IN_TPM) &&
!mrc_cache_verify_hash(data, mrc_size)) !mrc_cache_verify_hash(data, mrc_size))
return; return;

View file

@ -49,4 +49,12 @@ config MRC_STASH_TO_CBMEM
that need to write back the MRC data in late ramstage boot that need to write back the MRC data in late ramstage boot
states (MRC_WRITE_NV_LATE). states (MRC_WRITE_NV_LATE).
config MRC_SAVE_HASH_IN_TPM
bool "Save a hash of the MRC_CACHE data in TPM NVRAM"
depends on VBOOT_STARTS_IN_BOOTBLOCK && TPM2 && !TPM1
default y
help
Store a hash of the MRC_CACHE training data in a TPM NVRAM
space to ensure that it cannot be tampered with.
endif # CACHE_MRC_SETTINGS endif # CACHE_MRC_SETTINGS

View file

@ -159,6 +159,7 @@ config VBOOT_ALWAYS_ALLOW_UDC
config VBOOT_HAS_REC_HASH_SPACE config VBOOT_HAS_REC_HASH_SPACE
bool bool
default y if MRC_SAVE_HASH_IN_TPM && HAS_RECOVERY_MRC_CACHE
default n default n
help help
Set this option to indicate to vboot that recovery data hash space Set this option to indicate to vboot that recovery data hash space

View file

@ -118,7 +118,7 @@ romstage-y += common.c
ramstage-y += common.c ramstage-y += common.c
postcar-y += common.c postcar-y += common.c
romstage-$(CONFIG_FSP2_0_USES_TPM_MRC_HASH) += mrc_cache_hash_tpm.c romstage-$(CONFIG_MRC_SAVE_HASH_IN_TPM) += mrc_cache_hash_tpm.c
ifeq ($(CONFIG_VBOOT_SEPARATE_VERSTAGE),y) ifeq ($(CONFIG_VBOOT_SEPARATE_VERSTAGE),y)