summaryrefslogtreecommitdiff
path: root/src
diff options
context:
space:
mode:
authorBill XIE <persmule@hardenedlinux.org>2020-03-29 21:40:04 +0800
committerPatrick Georgi <pgeorgi@google.com>2020-04-01 09:21:05 +0000
commit51ce41c0e661fd9cb9207463bcbd920e55b44a62 (patch)
tree8a4de43114a661b60df5510403879c008db416b1 /src
parent5117c27cc18e6a22e71204d911e404f9e27744e8 (diff)
drivers/pc80/rtc: Always load cmos.default if measured boot is enabled
cmos.default used to be loaded only when cmos is needed to be reset, but conditional loading of CBFS files may change the calculated PCRs if measurement is hooked on each loading. In order to resolve this, loadings should be made less conditional, (if a file might be used, it should be loaded and measured) but the use of loaded data remains conditional. Change-Id: If6ea0d1cbaa7d96f7dea7e77b7548ca2b30efe9e Signed-off-by: Bill XIE <persmule@hardenedlinux.org> Reviewed-on: https://review.coreboot.org/c/coreboot/+/39906 Reviewed-by: Angel Pons <th3fanbus@gmail.com> Tested-by: build bot (Jenkins) <no-reply@coreboot.org>
Diffstat (limited to 'src')
-rw-r--r--src/drivers/pc80/rtc/option.c30
1 files changed, 15 insertions, 15 deletions
diff --git a/src/drivers/pc80/rtc/option.c b/src/drivers/pc80/rtc/option.c
index bb697dfba1..dc78dbbf30 100644
--- a/src/drivers/pc80/rtc/option.c
+++ b/src/drivers/pc80/rtc/option.c
@@ -239,25 +239,25 @@ int cmos_lb_cks_valid(void)
return cmos_checksum_valid(LB_CKS_RANGE_START, LB_CKS_RANGE_END, LB_CKS_LOC);
}
-static void cmos_load_defaults(void)
+
+void sanitize_cmos(void)
{
+ const unsigned char *cmos_default;
+ const bool cmos_need_reset =
+ CONFIG(STATIC_OPTION_TABLE) || cmos_error() || !cmos_lb_cks_valid();
size_t length = 128;
size_t i;
- const unsigned char *cmos_default =
- cbfs_boot_map_with_leak("cmos.default",
- CBFS_COMPONENT_CMOS_DEFAULT, &length);
- if (!cmos_default)
- return;
+ if (CONFIG(TPM_MEASURED_BOOT) || cmos_need_reset) {
+ cmos_default = cbfs_boot_map_with_leak("cmos.default",
+ CBFS_COMPONENT_CMOS_DEFAULT, &length);
- u8 control_state = cmos_disable_rtc();
- for (i = 14; i < MIN(128, length); i++)
- cmos_write_inner(cmos_default[i], i);
- cmos_restore_rtc(control_state);
-}
+ if (!cmos_default || !cmos_need_reset)
+ return;
-void sanitize_cmos(void)
-{
- if (cmos_error() || !cmos_lb_cks_valid() || CONFIG(STATIC_OPTION_TABLE))
- cmos_load_defaults();
+ u8 control_state = cmos_disable_rtc();
+ for (i = 14; i < MIN(128, length); i++)
+ cmos_write_inner(cmos_default[i], i);
+ cmos_restore_rtc(control_state);
+ }
}