summaryrefslogtreecommitdiff
path: root/src/soc
diff options
context:
space:
mode:
authorWerner Zeh <werner.zeh@siemens.com>2022-05-23 13:19:38 +0200
committerFelix Held <felix-coreboot@felixheld.de>2022-05-24 13:48:37 +0000
commitde1459082b08cf17c5e0c82fde5430801eec46ff (patch)
treebb9248d642732ac76341f5d58c177b6167c680c2 /src/soc
parent458cfaea9f9da1c9aa4c70971e607f9cbdff533f (diff)
soc/intel/apollolake: Compare patched FIT pointer with the pre-defined
Since the FIT pointer is patched at runtime there is no guarantee that the pre-defined one will match the patched one. Add a check and print a warning at runtime if both addresses (pre-defined and patched) do not match as in this case an offline computed hash for the bootblock will differ from the runtime one. Change-Id: Ib1b02ec43af183caa9f5b08b3c485879b423c40f Signed-off-by: Werner Zeh <werner.zeh@siemens.com> Reviewed-on: https://review.coreboot.org/c/coreboot/+/64598 Tested-by: build bot (Jenkins) <no-reply@coreboot.org> Reviewed-by: Arthur Heymans <arthur@aheymans.xyz>
Diffstat (limited to 'src/soc')
-rw-r--r--src/soc/intel/apollolake/bootblock/bootblock_measure.c7
-rw-r--r--src/soc/intel/apollolake/bootblock/fit.c4
2 files changed, 10 insertions, 1 deletions
diff --git a/src/soc/intel/apollolake/bootblock/bootblock_measure.c b/src/soc/intel/apollolake/bootblock/bootblock_measure.c
index bd8e5b0105..e34e69b051 100644
--- a/src/soc/intel/apollolake/bootblock/bootblock_measure.c
+++ b/src/soc/intel/apollolake/bootblock/bootblock_measure.c
@@ -7,6 +7,7 @@
#include <stdint.h>
#include <symbols.h>
+extern const uint64_t fit_ptr;
/* This region device covers the shared SRAM that gets mapped at bootblock runtime. */
static const struct mem_region_device sram_rdev =
MEM_REGION_DEV_RO_INIT(SHARED_SRAM_BASE, SHARED_SRAM_SIZE);
@@ -50,5 +51,11 @@ int tspi_soc_measure_bootblock(int pcr_index)
return 1;
if (tpm_measure_region(&ifwi_bootblock, pcr_index, "IFWI: bootblock"))
return 1;
+ printk(BIOS_DEBUG, "FIT pointer patched to 0x%llx by TXE.\n", fit_ptr);
+ /* Check if the patched FIT pointer address matches the pre-defined one. */
+ if (fit_ptr != SHARED_SRAM_BASE) {
+ printk(BIOS_WARNING,
+ "Runtime FIT pointer does not match the pre-defined address!\n");
+ }
return 0;
}
diff --git a/src/soc/intel/apollolake/bootblock/fit.c b/src/soc/intel/apollolake/bootblock/fit.c
index 0728f53cbd..28207be248 100644
--- a/src/soc/intel/apollolake/bootblock/fit.c
+++ b/src/soc/intel/apollolake/bootblock/fit.c
@@ -1,11 +1,13 @@
/* SPDX-License-Identifier: GPL-2.0-only */
#include <stdint.h>
+#include <soc/iomap.h>
/*
* At runtime TXE creates the FIT table in the shared SRAM and patches the bootblock
* at the fixed address 4G - 64 byte with a pointer to this FIT table. In order to be able
* to pre-compute the PCR value for the bootblock this FIT pointer needs to be added to the
* image as well. Since the FIT location is fixed in TXE, this can be done at build time.
+ * TXE places the table right at the start of the shared SRAM.
*/
-__attribute__((used, __section__(".fit_pointer"))) const uint64_t fit_ptr = 0xfffe0000;
+__attribute__((used, __section__(".fit_pointer"))) const uint64_t fit_ptr = SHARED_SRAM_BASE;