soc/amd/mendocino: Add GSVCD range

Add region/range of SPI ROM to be verified by Google Security Chip
(GSC).

BUG=b:227809919
TEST=Build and boot to OS in Skyrim with CBFS verification enabled.

Change-Id: If8a766d9a7ef26f94e3ab002a9384ba9d444dd1f
Signed-off-by: Karthikeyan Ramasubramanian <kramasub@google.com>
Reviewed-on: https://review.coreboot.org/c/coreboot/+/66945
Tested-by: build bot (Jenkins) <no-reply@coreboot.org>
Reviewed-by: Raul Rangel <rrangel@chromium.org>
This commit is contained in:
Karthikeyan Ramasubramanian 2022-08-16 17:42:57 -06:00 committed by Raul Rangel
parent 0a0e7514bb
commit d1130b7ec0
2 changed files with 25 additions and 0 deletions

View File

@ -28,6 +28,18 @@ endif # ifeq ($(CONFIG_RESET_VECTOR_IN_RAM),y)
ifeq ($(CONFIG_VBOOT_GSCVD),y) ifeq ($(CONFIG_VBOOT_GSCVD),y)
build_complete:: $(AMDFWREAD) build_complete:: $(AMDFWREAD)
amdfwread-offset-size-cmd = $(AMDFWREAD) --ro-list $(obj)/coreboot.rom | \
awk --non-decimal-data '/$(1)/ {printf "%x:%x", $$3, $$4}'
amdfwread-range-cmd = $(shell ( \
range=$$($(call amdfwread-offset-size-cmd,$(1))) ;\
if [ -n "$$range" ]; then \
printf $$range ;\
else \
printf "error" ;\
fi ;\
))
endif # ifeq ($(CONFIG_VBOOT_GSCVD),y) endif # ifeq ($(CONFIG_VBOOT_GSCVD),y)
endif endif

View File

@ -327,4 +327,17 @@ build_complete:: $(obj)/amdfw_a.rom $(obj)/amdfw_b.rom
-n apu/amdfw_b_hash -t raw -n apu/amdfw_b_hash -t raw
endif endif
# Add ranges for all components up until the first segment of BIOS to be verified by GSC
ifeq ($(CONFIG_VBOOT_GSCVD),y)
# Adding range for Bootblock
vboot-gscvd-ranges += $(call amdfwread-range-cmd,BIOSL2: 0x62)
# Adding range for PSP Stage1 Bootloader
vboot-gscvd-ranges += $(call amdfwread-range-cmd,PSPL2: 0x01)
ifeq ($(CONFIG_VBOOT_STARTS_BEFORE_BOOTBLOCK),y)
# Adding range for PSP Verstage
vboot-gscvd-ranges += $(call amdfwread-range-cmd,PSPL2: 0x52)
endif # ifeq ($(CONFIG_VBOOT_STARTS_BEFORE_BOOTBLOCK),y)
endif # ifeq ($(CONFIG_VBOOT_GSCVD),y)
endif # ($(CONFIG_SOC_AMD_MENDOCINO),y) endif # ($(CONFIG_SOC_AMD_MENDOCINO),y)