diff options
author | Felix Held <felix-coreboot@felixheld.de> | 2024-09-13 19:35:10 +0200 |
---|---|---|
committer | Felix Held <felix-coreboot@felixheld.de> | 2024-10-28 21:17:48 +0000 |
commit | d5764b8a5ae54204355d11d557d127c41352ffa4 (patch) | |
tree | 8b2b446fef4849035faa33af0ae6503e47fae6e3 /src/mainboard/dell | |
parent | c914e747e7beb6f813ce93c34ca9e0c9467aa5a1 (diff) |
soc/amd/common/psp: add RPMC provisioning code
Add the code to request the provisioning of the RPMC root key from the
PSP. When RPMC hasn't already been provisioned enabled and the PSP has
detected a SPI flash chip that both supports RPMC and has monotonic
counters that can still be provisioned, we send the PSP mailbox command
to request the RPMC provisioning and then reset the system, so the PSP
can do the actual provisioning.
TEST=On an out of tree AMD reference board using the Cezanne SoC code,
provisioning RPMC works as expected when selecting the corresponding
PERFORM_RPMC_PROVISIONING Kconfig option:
1st boot to initiate the RPMC provisioning:
[DEBUG] PSP: Querying PSP capabilities...OK
[DEBUG] PSP: Querying HSTI state...OK
[SPEW ] RPMC isn't provisioned
[SPEW ] SPI flash supports RPMC
[SPEW ] RPMC revision 0
[SPEW ] PSP NVRAM isn't healthy
[SPEW ] PSP NVRAM is using RPMC protection
[SPEW ] SPI flash RPMC counter 0 can still be provisioned
[SPEW ] SPI flash RPMC counter 1 can still be provisioned
[SPEW ] SPI flash RPMC counter 2 can still be provisioned
[SPEW ] SPI flash RPMC counter 3 can still be provisioned
[SPEW ] SPI flash RPMC counter 0 is in use
[SPEW ] SPI flash RPMC counter 1 is not in use
[SPEW ] SPI flash RPMC counter 2 is not in use
[SPEW ] SPI flash RPMC counter 3 is not in use
[SPEW ] SoC RPMC slot 0 can still be provisioned
[SPEW ] SoC RPMC slot 1 can still be provisioned
[SPEW ] SoC RPMC slot 2 can still be provisioned
[SPEW ] SoC RPMC slot 3 can still be provisioned
[DEBUG] RPMC: perform fusing using RPMC counter address 0
[DEBUG] OK
[NOTE ] RPMC: Rebooting
[INFO ] warm_reset() called!
2nd boot after the provisioning is done:
[DEBUG] PSP: Querying PSP capabilities...OK
[DEBUG] PSP: Querying HSTI state...OK
[SPEW ] RPMC is provisioned
[SPEW ] SPI flash supports RPMC
[SPEW ] RPMC revision 0
[SPEW ] PSP NVRAM isn't healthy
[SPEW ] PSP NVRAM is using RPMC protection
[SPEW ] SPI flash RPMC counter 0 has already been provisioned
[SPEW ] SPI flash RPMC counter 1 can still be provisioned
[SPEW ] SPI flash RPMC counter 2 can still be provisioned
[SPEW ] SPI flash RPMC counter 3 can still be provisioned
[SPEW ] SPI flash RPMC counter 0 is in use
[SPEW ] SPI flash RPMC counter 1 is not in use
[SPEW ] SPI flash RPMC counter 2 is not in use
[SPEW ] SPI flash RPMC counter 3 is not in use
[SPEW ] SoC RPMC slot 0 has already been provisioned
[SPEW ] SoC RPMC slot 1 can still be provisioned
[SPEW ] SoC RPMC slot 2 can still be provisioned
[SPEW ] SoC RPMC slot 3 can still be provisioned
Signed-off-by: Felix Held <felix-coreboot@felixheld.de>
Change-Id: Ia7760c0bf7618ca60ef160329d0110ac8109032a
Reviewed-on: https://review.coreboot.org/c/coreboot/+/84707
Reviewed-by: Marshall Dawson <marshalldawson3rd@gmail.com>
Tested-by: build bot (Jenkins) <no-reply@coreboot.org>
Diffstat (limited to 'src/mainboard/dell')
0 files changed, 0 insertions, 0 deletions