security/tpm/crtm.c: Fix !CONFIG_BOOTBLOCK_IN_CBFS measuring

On some platforms the bootblock is not placed in cbfs, but embedded inside another binary that loads in into DRAM/SRAM. e8217b11f1 (Kconfig: Add an option to skip adding a cbfs bootblock on x86) removed adding a cbfs file containing the bootblock in that case. Change-Id: Id47ecedbc8713ebd5d9814f1c4faf43c52780447 Signed-off-by: Arthur Heymans <arthur@aheymans.xyz> Signed-off-by: Werner Zeh <werner.zeh@siemens.com> Reviewed-on: https://review.coreboot.org/c/coreboot/+/64418 Tested-by: build bot (Jenkins) <no-reply@coreboot.org>
author: Arthur Heymans <arthur@aheymans.xyz> 2022-05-17 09:57:01 +0200
committer: Felix Held <felix-coreboot@felixheld.de> 2022-05-24 13:03:22 +0000
commit: 9642e97c19f82d5244858423e921ed699a47de8c (patch)
tree: b87b2279be485718b3f3b01a1f39fbaba24e523e
parent: b844e6d434eda26a71db682496dd1c1132ab007e (diff)
1 files changed, 2 insertions, 2 deletions
diff --git a/src/security/tpm/tspi/crtm.c b/src/security/tpm/tspi/crtm.c
index 2d0901dd9d..24b9fbd2d7 100644
--- a/src/security/tpm/tspi/crtm.c
+++ b/src/security/tpm/tspi/crtm.c
@@ -60,7 +60,7 @@ static uint32_t tspi_init_crtm(void)
 				       TPM_CRTM_PCR,
 				       "FMAP: BOOTBLOCK"))
 			return VB2_ERROR_UNKNOWN;
-	} else {
+	} else if (CONFIG(BOOTBLOCK_IN_CBFS)){
 		/* Mapping measures the file. We know we can safely map here because
 		   bootblock-as-a-file is only used on x86, where we don't need cache to map. */
 		enum cbfs_type type = CBFS_TYPE_BOOTBLOCK;
@@ -71,7 +71,7 @@ static uint32_t tspi_init_crtm(void)
 			return VB2_ERROR_UNKNOWN;
 		}
 		cbfs_unmap(mapping);
-	}
+	} /* else: TODO: Add SoC specific measurement methods. */
 
 	return VB2_SUCCESS;
 }
author	Arthur Heymans <arthur@aheymans.xyz>	2022-05-17 09:57:01 +0200
committer	Felix Held <felix-coreboot@felixheld.de>	2022-05-24 13:03:22 +0000
commit	9642e97c19f82d5244858423e921ed699a47de8c (patch)
tree	b87b2279be485718b3f3b01a1f39fbaba24e523e
parent	b844e6d434eda26a71db682496dd1c1132ab007e (diff)