summaryrefslogtreecommitdiff
path: root/src/security/vboot
diff options
context:
space:
mode:
authorYu-Ping Wu <yupingso@chromium.org>2024-07-17 10:39:48 +0800
committerYu-Ping Wu <yupingso@google.com>2024-07-19 00:40:21 +0000
commitc0540a3fc2d79328708f34204dbf02df443d9fb8 (patch)
tree0241b9574ea901e5ae959efefbb5c7748160c36b /src/security/vboot
parent1b19d292db79eafc78ad522d43ca44cd3295655c (diff)
security/vboot: Introduce vbnv_platform_init_cmos()
Most x86 platforms use CMOS as the vboot nvdata (VBNV) backend storage. On some platforms such as AMD, certain CMOS registers must be configured before accessing the CMOS RAM which contains VBNV. More precisely, according to AMD's spec [1], the bit 4 of Register A of CMOS is bank selection. Since VBNV is accessed via bank 0 (see the MC146818 driver), the bit must be cleared before the VBNV can be successfully written to CMOS. Saving VBNV to CMOS may fail in verstage, if CMOS has lost power. In that case, all the CMOS registers would contain garbage data. Therefore, for AMD platforms the bit must be cleared in verstage, prior to the first save_vbnv_cmos() call. Introduce vbnv_platform_init_cmos(), which is no-op by default, and can be defined per platform. The function will be called from vbnv_init() if VBOOT_VBNV_CMOS. [1] 48751_16h_bkdg.pdf BUG=b:346716300 TEST=none BRANCH=skyrim Change-Id: Ic899a827bd6bb8ab1473f8c6c03b9fde96ea6823 Signed-off-by: Yu-Ping Wu <yupingso@chromium.org> Reviewed-on: https://review.coreboot.org/c/coreboot/+/83494 Reviewed-by: Bao Zheng <fishbaozi@gmail.com> Reviewed-by: Karthik Ramasubramanian <kramasub@google.com> Tested-by: build bot (Jenkins) <no-reply@coreboot.org>
Diffstat (limited to 'src/security/vboot')
-rw-r--r--src/security/vboot/vbnv.h2
-rw-r--r--src/security/vboot/vbnv_cmos.c6
2 files changed, 8 insertions, 0 deletions
diff --git a/src/security/vboot/vbnv.h b/src/security/vboot/vbnv.h
index c4112a2b29..49d1f12f63 100644
--- a/src/security/vboot/vbnv.h
+++ b/src/security/vboot/vbnv.h
@@ -23,6 +23,8 @@ void vbnv_reset(uint8_t *vbnv_copy);
/* Initialize the vbnv CMOS backing store. The vbnv_copy pointer is used for
optional temporary storage in the init function. */
void vbnv_init_cmos(uint8_t *vbnv_copy);
+/* Platform-specific CMOS init function, called by vbnv_init_cmos(). */
+void vbnv_platform_init_cmos(void);
/* Return non-zero if CMOS power was lost. */
int vbnv_cmos_failed(void);
void read_vbnv_cmos(uint8_t *vbnv_copy);
diff --git a/src/security/vboot/vbnv_cmos.c b/src/security/vboot/vbnv_cmos.c
index 35e4c410da..5073509fc9 100644
--- a/src/security/vboot/vbnv_cmos.c
+++ b/src/security/vboot/vbnv_cmos.c
@@ -67,8 +67,14 @@ void save_vbnv_cmos(const uint8_t *vbnv_copy)
cmos_write(vbnv_copy[i], CONFIG_VBOOT_VBNV_OFFSET + 14 + i);
}
+void __weak vbnv_platform_init_cmos(void)
+{
+}
+
void vbnv_init_cmos(uint8_t *vbnv_copy)
{
+ vbnv_platform_init_cmos();
+
/* If no CMOS failure just defer to the normal read path for checking
vbnv contents' integrity. */
if (!vbnv_cmos_failed())