diff options
author | Michał Żygowski <michal.zygowski@3mdeb.com> | 2022-05-09 18:22:39 +0200 |
---|---|---|
committer | Felix Held <felix-coreboot@felixheld.de> | 2022-06-24 21:56:01 +0000 |
commit | b5e729c129ab505d3ae74474d8b67a64f5231431 (patch) | |
tree | c54ba3cbc4e0737a6a23c385550f8ec45a00e65a /src | |
parent | be5e7851b8755aad9c63086a853bd72175158b85 (diff) |
drivers/mrc_cache: Do not verify TPM MRC hash if secdata is mocked
Having PTT means mocking secdata, so saving/reading the hash always
succeeds, but there is no data stored/read from/to TPM. The code
comparing MRC hashes did not care if secdata mocking was enabled
and failed during hash comparison with invalid data. This broke the
fastboot even if the MRC cache data was filled and correctly
checksummed. If mocking is enabled simply fallback to checksum
computing to proceed with fastboot.
TEST=Boot MSI PRO Z690-A WIFI DDR4 in fastboot mode with PTT and vboot
enabled.
Signed-off-by: Michał Żygowski <michal.zygowski@3mdeb.com>
Change-Id: Ic0cf04b129fe1c5e94cd8a803bb21aa350c3f8da
Reviewed-on: https://review.coreboot.org/c/coreboot/+/64221
Tested-by: build bot (Jenkins) <no-reply@coreboot.org>
Reviewed-by: Julius Werner <jwerner@chromium.org>
Diffstat (limited to 'src')
-rw-r--r-- | src/drivers/mrc_cache/Kconfig | 2 |
1 files changed, 1 insertions, 1 deletions
diff --git a/src/drivers/mrc_cache/Kconfig b/src/drivers/mrc_cache/Kconfig index df6973b0a4..616e5f5e09 100644 --- a/src/drivers/mrc_cache/Kconfig +++ b/src/drivers/mrc_cache/Kconfig @@ -46,7 +46,7 @@ config MRC_STASH_TO_CBMEM config MRC_SAVE_HASH_IN_TPM bool "Save a hash of the MRC_CACHE data in TPM NVRAM" - depends on VBOOT_STARTS_IN_BOOTBLOCK && TPM2 && !TPM1 + depends on VBOOT_STARTS_IN_BOOTBLOCK && TPM2 && !TPM1 && !VBOOT_MOCK_SECDATA default y help Store a hash of the MRC_CACHE training data in a TPM NVRAM |