payloads/edk2: Move TPM disable to separate Kconfig

Disabling TPM support in edk2 can actually cause problems booting from
USB on some Intel-based boards with a CR50 TPM when using the edk2
GOP driver option, so rather than disable the TPM for all CR50 boards,
restrict the default to only AMD boards, where the boot hang with
TPM enabled was originally observed.

TEST=build/boot Win11, Linux from usb on google/fizz when built
with edk2 payload and edk2 GOP driver option selected.

Change-Id: I01509fea2dd42b741c00abcf9fb8b936e895b932
Signed-off-by: Matt DeVillier <matt.devillier@gmail.com>
Reviewed-on: https://review.coreboot.org/c/coreboot/+/78031
Reviewed-by: Sean Rhodes <sean@starlabs.systems>
Tested-by: build bot (Jenkins) <no-reply@coreboot.org>
Reviewed-by: Felix Held <felix-coreboot@felixheld.de>
This commit is contained in:
Matt DeVillier 2023-09-20 11:27:20 -05:00 committed by Felix Held
parent 00864fdba6
commit fd42148520
3 changed files with 9 additions and 2 deletions

View File

@ -192,7 +192,7 @@ $(obj)/UEFIPAYLOAD.fd: $(DOTCONFIG)
CONFIG_EDK2_GOP_DRIVER=$(CONFIG_EDK2_GOP_DRIVER) \ CONFIG_EDK2_GOP_DRIVER=$(CONFIG_EDK2_GOP_DRIVER) \
CONFIG_EDK2_GOP_FILE=$(CONFIG_EDK2_GOP_FILE) \ CONFIG_EDK2_GOP_FILE=$(CONFIG_EDK2_GOP_FILE) \
CONFIG_INTEL_GMA_VBT_FILE=$(CONFIG_INTEL_GMA_VBT_FILE) \ CONFIG_INTEL_GMA_VBT_FILE=$(CONFIG_INTEL_GMA_VBT_FILE) \
CONFIG_TPM_GOOGLE_CR50=$(CONFIG_TPM_GOOGLE_CR50) \ CONFIG_EDK2_DISABLE_TPM=$(CONFIG_EDK2_DISABLE_TPM) \
GCC_CC_x86_32=$(GCC_CC_x86_32) \ GCC_CC_x86_32=$(GCC_CC_x86_32) \
GCC_CC_x86_64=$(GCC_CC_x86_64) \ GCC_CC_x86_64=$(GCC_CC_x86_64) \
GCC_CC_arm=$(GCC_CC_arm) \ GCC_CC_arm=$(GCC_CC_arm) \

View File

@ -278,6 +278,13 @@ config EDK2_GOP_FILE
help help
The name of the GOP driver file passed to edk2. The name of the GOP driver file passed to edk2.
config EDK2_DISABLE_TPM
bool "Disable TPM support in edk2"
default y if EDK2_REPO_MRCHROMEBOX && TPM_GOOGLE_CR50 && SOC_AMD_COMMON
help
Select this option to disable TPM support in edk2. This is necessary to avoid boot
hangs on some boards with a CR50 TPM, particularly those with an AMD Zen SoC.
config EDK2_CUSTOM_BUILD_PARAMS config EDK2_CUSTOM_BUILD_PARAMS
string "edk2 additional custom build parameters" string "edk2 additional custom build parameters"
default "-D VARIABLE_SUPPORT=SMMSTORE" if EDK2_REPO_MRCHROMEBOX && SMMSTORE_V2 default "-D VARIABLE_SUPPORT=SMMSTORE" if EDK2_REPO_MRCHROMEBOX && SMMSTORE_V2

View File

@ -134,7 +134,7 @@ ifeq ($(CONFIG_EDK2_PRIORITIZE_INTERNAL),y)
BUILD_STR += -D PRIORITIZE_INTERNAL=TRUE BUILD_STR += -D PRIORITIZE_INTERNAL=TRUE
endif endif
# TPM_ENABLE = TRUE # TPM_ENABLE = TRUE
ifeq ($(CONFIG_TPM_GOOGLE_CR50),y) ifeq ($(CONFIG_EDK2_DISABLE_TPM),y)
BUILD_STR += -D TPM_ENABLE=FALSE BUILD_STR += -D TPM_ENABLE=FALSE
endif endif