diff options
author | Felix Held <felix-coreboot@felixheld.de> | 2021-01-28 22:43:52 +0100 |
---|---|---|
committer | Felix Held <felix-coreboot@felixheld.de> | 2021-01-30 17:20:50 +0000 |
commit | 889959890ca9e5f4db12335f079c5a3de4caae1d (patch) | |
tree | f5bbcacfe1ecf4d36567a3734eccf8f275e67150 /src | |
parent | 564b4c54532db6dee911727899cddbe24d833a43 (diff) |
drivers/intel/fsp2_0: factor out and improve UPD signature check
In case of a mismatch print both the UPD signature in the FSP and the
expected signature and then calls die(), since it shouldn't try calling
into the wrong FSP binary for the platform.
Signed-off-by: Justin Frodsham <justin.frodsham@protonmail.com>
Signed-off-by: Felix Held <felix-coreboot@felixheld.de>
Change-Id: I469836e09db6024ecb448a5261439c66d8e65daf
Reviewed-on: https://review.coreboot.org/c/coreboot/+/50090
Tested-by: build bot (Jenkins) <no-reply@coreboot.org>
Reviewed-by: Marshall Dawson <marshalldawson3rd@gmail.com>
Reviewed-by: Furquan Shaikh <furquan@google.com>
Diffstat (limited to 'src')
-rw-r--r-- | src/drivers/intel/fsp2_0/include/fsp/util.h | 2 | ||||
-rw-r--r-- | src/drivers/intel/fsp2_0/memory_init.c | 4 | ||||
-rw-r--r-- | src/drivers/intel/fsp2_0/silicon_init.c | 4 | ||||
-rw-r--r-- | src/drivers/intel/fsp2_0/util.c | 15 |
4 files changed, 19 insertions, 6 deletions
diff --git a/src/drivers/intel/fsp2_0/include/fsp/util.h b/src/drivers/intel/fsp2_0/include/fsp/util.h index 7393305f0b..253b74a150 100644 --- a/src/drivers/intel/fsp2_0/include/fsp/util.h +++ b/src/drivers/intel/fsp2_0/include/fsp/util.h @@ -97,6 +97,8 @@ const struct hob_header *fsp_next_hob(const struct hob_header *parent); bool fsp_guid_compare(const uint8_t guid1[16], const uint8_t guid2[16]); void fsp_find_bootloader_tolum(struct range_entry *re); void fsp_get_version(char *buf); +/* fsp_verify_upd_header_signature calls die() on signature mismatch */ +void fsp_verify_upd_header_signature(uint64_t upd_signature, uint64_t expected_signature); void lb_string_platform_blob_version(struct lb_header *header); void report_fspt_output(void); void soc_validate_fsp_version(const struct fsp_header *hdr); diff --git a/src/drivers/intel/fsp2_0/memory_init.c b/src/drivers/intel/fsp2_0/memory_init.c index 759bfa40f4..92f3d9d960 100644 --- a/src/drivers/intel/fsp2_0/memory_init.c +++ b/src/drivers/intel/fsp2_0/memory_init.c @@ -239,9 +239,7 @@ static void do_fsp_memory_init(const struct fspm_context *context, bool s3wake) upd = (FSPM_UPD *)(hdr->cfg_region_offset + hdr->image_base); - if (upd->FspUpdHeader.Signature != FSPM_UPD_SIGNATURE) - die_with_post_code(POST_INVALID_VENDOR_BINARY, - "Invalid FSPM signature!\n"); + fsp_verify_upd_header_signature(upd->FspUpdHeader.Signature, FSPM_UPD_SIGNATURE); /* Copy the default values from the UPD area */ memcpy(&fspm_upd, upd, sizeof(fspm_upd)); diff --git a/src/drivers/intel/fsp2_0/silicon_init.c b/src/drivers/intel/fsp2_0/silicon_init.c index 08494603f5..26ff59dbf2 100644 --- a/src/drivers/intel/fsp2_0/silicon_init.c +++ b/src/drivers/intel/fsp2_0/silicon_init.c @@ -88,9 +88,7 @@ static void do_silicon_init(struct fsp_header *hdr) supd = (FSPS_UPD *) (hdr->cfg_region_offset + hdr->image_base); - if (supd->FspUpdHeader.Signature != FSPS_UPD_SIGNATURE) - die_with_post_code(POST_INVALID_VENDOR_BINARY, - "Invalid FSPS signature\n"); + fsp_verify_upd_header_signature(supd->FspUpdHeader.Signature, FSPS_UPD_SIGNATURE); /* Disallow invalid config regions. Default settings are likely bad * choices for coreboot, and different sized UPD from what the region diff --git a/src/drivers/intel/fsp2_0/util.c b/src/drivers/intel/fsp2_0/util.c index 866db586e2..24097f8120 100644 --- a/src/drivers/intel/fsp2_0/util.c +++ b/src/drivers/intel/fsp2_0/util.c @@ -224,6 +224,21 @@ void fsp_get_version(char *buf) revision.rev.minor, revision.rev.revision, revision.rev.bld_num); } +/* Check if the signature in the UPD header matches the expected one. If it doesn't match, the + FSP binaries in CBFS are for a different platform than the platform code trying to use it + in which case the function calls die(). */ +void fsp_verify_upd_header_signature(uint64_t upd_signature, uint64_t expected_signature) +{ + if (upd_signature != expected_signature) { + /* The UPD signatures are non-zero-terminated ASCII stored as a little endian + uint64_t, so this needs some casts. */ + die_with_post_code(POST_INVALID_VENDOR_BINARY, + "Invalid UPD signature! FSP provided \"%8s\", expected was \"%8s\".\n", + (char *)&upd_signature, + (char *)&expected_signature); + } +} + /* Add FSP version to coreboot table LB_TAG_PLATFORM_BLOB_VERSION */ void lb_string_platform_blob_version(struct lb_header *header) { |