diff options
author | Julius Werner <jwerner@chromium.org> | 2021-02-05 16:51:25 -0800 |
---|---|---|
committer | Patrick Georgi <pgeorgi@google.com> | 2021-03-17 08:10:20 +0000 |
commit | 77639e4537cc9e56e65880e022e154af6d042453 (patch) | |
tree | fea2b411d9d1d7a52d53630efaef5fd4363809c2 /src/security | |
parent | 81dc20e744aa1762c17dcf5aac5c37643d62a983 (diff) |
cbfs: Replace more instances of cbfs_boot_locate() with newer APIs
In pursuit of the eventual goal of removing cbfs_boot_locate() (and
direct rdev access) from CBFS APIs, this patch replaces all remaining
"simple" uses of the function call that can easily be replaced by the
newer APIs (like cbfs_load() or cbfs_map()). Some cases of
cbfs_boot_locate() remain that will be more complicated to solve.
Signed-off-by: Julius Werner <jwerner@chromium.org>
Change-Id: Icd0f21e2fa49c7cc834523578b7b45b5482cb1a8
Reviewed-on: https://review.coreboot.org/c/coreboot/+/50348
Tested-by: build bot (Jenkins) <no-reply@coreboot.org>
Reviewed-by: Aaron Durbin <adurbin@chromium.org>
Diffstat (limited to 'src/security')
-rw-r--r-- | src/security/intel/txt/common.c | 22 | ||||
-rw-r--r-- | src/security/intel/txt/ramstage.c | 23 |
2 files changed, 14 insertions, 31 deletions
diff --git a/src/security/intel/txt/common.c b/src/security/intel/txt/common.c index 4dd4ad3ddf..437c55edd8 100644 --- a/src/security/intel/txt/common.c +++ b/src/security/intel/txt/common.c @@ -215,25 +215,17 @@ static int validate_acm(const void *ptr) */ static void *intel_txt_prepare_bios_acm(struct region_device *acm, size_t *acm_len) { - struct cbfsf file; void *acm_data = NULL; if (!acm || !acm_len) return NULL; - if (cbfs_boot_locate(&file, CONFIG_INTEL_TXT_CBFS_BIOS_ACM, NULL)) { + acm_data = cbfs_map(CONFIG_INTEL_TXT_CBFS_BIOS_ACM, acm_len); + if (!acm_data) { printk(BIOS_ERR, "TEE-TXT: Couldn't locate BIOS ACM in CBFS.\n"); return NULL; } - cbfs_file_data(acm, &file); - acm_data = rdev_mmap_full(acm); - *acm_len = region_device_sz(acm); - if (!acm_data || *acm_len == 0) { - printk(BIOS_ERR, "TEE-TXT: Couldn't map BIOS ACM from CBFS.\n"); - return NULL; - } - /* * CPU enforces only 4KiB alignment. * Chapter A.1.1 @@ -241,7 +233,7 @@ static void *intel_txt_prepare_bios_acm(struct region_device *acm, size_t *acm_l */ if (!IS_ALIGNED((uintptr_t)acm_data, 4096)) { printk(BIOS_ERR, "TEE-TXT: BIOS ACM isn't mapped at page boundary.\n"); - rdev_munmap(acm, acm_data); + cbfs_unmap(acm_data); return NULL; } @@ -252,7 +244,7 @@ static void *intel_txt_prepare_bios_acm(struct region_device *acm, size_t *acm_l */ if (!IS_ALIGNED(*acm_len, 64)) { printk(BIOS_ERR, "TEE-TXT: BIOS ACM size isn't multiple of 64.\n"); - rdev_munmap(acm, acm_data); + cbfs_unmap(acm_data); return NULL; } @@ -262,7 +254,7 @@ static void *intel_txt_prepare_bios_acm(struct region_device *acm, size_t *acm_l */ if (!IS_ALIGNED((uintptr_t)acm_data, (1UL << log2_ceil(*acm_len)))) { printk(BIOS_ERR, "TEE-TXT: BIOS ACM isn't aligned to its size.\n"); - rdev_munmap(acm, acm_data); + cbfs_unmap(acm_data); return NULL; } @@ -273,7 +265,7 @@ static void *intel_txt_prepare_bios_acm(struct region_device *acm, size_t *acm_l */ if (popcnt(ALIGN_UP(*acm_len, 4096)) > get_var_mtrr_count()) { printk(BIOS_ERR, "TEE-TXT: Not enough MTRRs to cache this BIOS ACM's size.\n"); - rdev_munmap(acm, acm_data); + cbfs_unmap(acm_data); return NULL; } @@ -283,7 +275,7 @@ static void *intel_txt_prepare_bios_acm(struct region_device *acm, size_t *acm_l const int ret = validate_acm(acm_data); if (ret < 0) { printk(BIOS_ERR, "TEE-TXT: Validation of ACM failed with: %d\n", ret); - rdev_munmap(acm, acm_data); + cbfs_unmap(acm_data); return NULL; } diff --git a/src/security/intel/txt/ramstage.c b/src/security/intel/txt/ramstage.c index 3401aef336..c830f975a6 100644 --- a/src/security/intel/txt/ramstage.c +++ b/src/security/intel/txt/ramstage.c @@ -233,23 +233,14 @@ static void txt_initialize_heap(void) memset(sinit_base, 0, read64((void *)TXT_SINIT_SIZE)); } - struct cbfsf file; /* The following have been removed from BIOS Data Table in version 6 */ - if (!cbfs_boot_locate(&file, CONFIG_INTEL_TXT_CBFS_BIOS_POLICY, NULL)) { - struct region_device policy; - - cbfs_file_data(&policy, &file); - void *policy_data = rdev_mmap_full(&policy); - size_t policy_len = region_device_sz(&policy); - - if (policy_data && policy_len) { - /* Point to FIT Type 9 entry in flash */ - data.bdr.lcp_pd_base = (uintptr_t)policy_data; - data.bdr.lcp_pd_size = (uint64_t)policy_len; - rdev_munmap(&policy, policy_data); - } else { - printk(BIOS_ERR, "TEE-TXT: Couldn't map LCP PD Policy from CBFS.\n"); - } + size_t policy_len; + void *policy_data = cbfs_map(CONFIG_INTEL_TXT_CBFS_BIOS_POLICY, &policy_len); + if (policy_data) { + /* Point to FIT Type 9 entry in flash */ + data.bdr.lcp_pd_base = (uintptr_t)policy_data; + data.bdr.lcp_pd_size = (uint64_t)policy_len; + cbfs_unmap(policy_data); } else { printk(BIOS_ERR, "TEE-TXT: Couldn't locate LCP PD Policy in CBFS.\n"); } |