diff options
author | Frans Hendriks <fhendriks@eltan.com> | 2020-12-22 14:34:23 +0100 |
---|---|---|
committer | Patrick Georgi <pgeorgi@google.com> | 2021-01-15 11:18:58 +0000 |
commit | 70dca08f2559ac7d704a2fadc8af8adc992dc619 (patch) | |
tree | d94a363dd005dfd9b154011f8380660fea2c7460 /src/vendorcode/eltan/security | |
parent | ddedd118ac3c29d4c9f3c772e189304c55a4743b (diff) |
vc/eltan/security/verified_boot/vboot_check.c: Add check PROG_POSTCAR
On Coffee Lake systems prog_locate_hook() is called with PROG_POSTCAR.
For this reason the early check is not executed.
Add check for prog->type == PROG_POSTCAR, but execute
verified_boot_early_check() once.
BUG = N/A
TEST = Build and boot on Facebook FBG1701 and Intel CoffeeLake system
Change-Id: Ia3bd36064bcc8176302834c1e46a225937d61c20
Signed-off-by: Frans Hendriks <fhendriks@eltan.com>
Reviewed-on: https://review.coreboot.org/c/coreboot/+/48852
Reviewed-by: Wim Vervoorn <wvervoorn@eltan.com>
Tested-by: build bot (Jenkins) <no-reply@coreboot.org>
Diffstat (limited to 'src/vendorcode/eltan/security')
-rw-r--r-- | src/vendorcode/eltan/security/verified_boot/vboot_check.c | 7 |
1 files changed, 6 insertions, 1 deletions
diff --git a/src/vendorcode/eltan/security/verified_boot/vboot_check.c b/src/vendorcode/eltan/security/verified_boot/vboot_check.c index 824570e481..0de2f0af55 100644 --- a/src/vendorcode/eltan/security/verified_boot/vboot_check.c +++ b/src/vendorcode/eltan/security/verified_boot/vboot_check.c @@ -345,12 +345,17 @@ int verified_boot_should_run_oprom(struct rom_header *rom_header) int prog_locate_hook(struct prog *prog) { + static int initialized; + if (ENV_BOOTBLOCK) verified_boot_bootblock_check(); if (ENV_ROMSTAGE) { - if (prog->type == PROG_REFCODE) + if (!initialized && ((prog->type == PROG_REFCODE) || + (prog->type == PROG_POSTCAR))) { verified_boot_early_check(); + initialized = 1; + } if (CONFIG(POSTCAR_STAGE) && prog->type == PROG_POSTCAR) process_verify_list(postcar_verify_list); |