| Age | Commit message (Collapse) | Author |
|---|
|
Now postcar is a standalone stage, add
it as target to all TPM bus drivers.
This is a required for a measured boot.
Change-Id: I758185daf3941a29883c2256b900360e112275e1
Signed-off-by: Philipp Deppenwiese <zaolin.daisuki@gmail.com>
Reviewed-on: https://review.coreboot.org/29546
Reviewed-by: Werner Zeh <werner.zeh@siemens.com>
Reviewed-by: Patrick Georgi <pgeorgi@google.com>
Tested-by: build bot (Jenkins) <no-reply@coreboot.org>
|
|
* Remove 2nd software stack in pc80 drivers directory.
* Create TSPI interface for common usage.
* Refactor TSS / TIS code base.
* Add vendor tss (Cr50) directory.
* Change kconfig options for TPM to TPM1.
* Add user / board configuration with:
* MAINBOARD_HAS_*_TPM # * BUS driver
* MAINBOARD_HAS_TPM1 or MAINBOARD_HAS_TPM2
* Add kconfig TPM user selection (e.g. pluggable TPMs)
* Fix existing headers and function calls.
* Fix vboot for interface usage and antirollback mode.
Change-Id: I7ec277e82a3c20c62a0548a1a2b013e6ce8f5b3f
Signed-off-by: Philipp Deppenwiese <zaolin@das-labor.org>
Reviewed-on: https://review.coreboot.org/24903
Tested-by: build bot (Jenkins) <no-reply@coreboot.org>
Reviewed-by: Aaron Durbin <adurbin@chromium.org>
|
|
The I2C interface for the Atmel AT97SC3204 TPM varies greatly from the
existing I2C TPM support. The Atmel part just passes the commands and
responses from the TIS layer across the I2C interface.
TEST=Build and run on Galileo Gen2 with Crypto Shield and vboot enabled
Change-Id: Ib2ef0ffdfc12b2fc11fe4c55b6414924d4b676dd
Signed-off-by: Lee Leahy <leroy.p.leahy@intel.com>
Reviewed-on: https://review.coreboot.org/18800
Tested-by: build bot (Jenkins)
Reviewed-by: Aaron Durbin <adurbin@chromium.org>
|
|
Originally I thought it would be cleaner to keep this code in one
place, but as things continue to diverge it ends up being easier
to split this into its own driver. This way the different drivers
in coreboot, depthcharge, and the kernel, can all be standalone
and if one is changed it is easier to modify the others.
This change splits out the cr50 driver and brings along the basic
elements from the existing driver with no real change in
functionality. The following commits will modify the code to make
it consistent so it can all be shared with depthcharge and the
linux kernel drivers.
BUG=chrome-os-partner:53336
Change-Id: I3b62b680773d23cc5a7d2217b9754c6c28bccfa7
Signed-off-by: Duncan Laurie <dlaurie@chromium.org>
Reviewed-on: https://review.coreboot.org/16663
Tested-by: build bot (Jenkins)
Reviewed-by: Aaron Durbin <adurbin@chromium.org>
|
|
This reverts commit c565f9910707b91fcc7a27bab28806e558bb474d.
|
|
Originally I thought it would be cleaner to keep this code in one
place, but as things continue to diverge it ends up being easier
to split this into its own driver. This way the different drivers
in coreboot, depthcharge, and the kernel, can all be standalone
and if one is changed it is easier to modify the others.
This change splits out the cr50 driver and brings along the basic
elements from the existing driver with no real change in
functionality. The following commits will modify the code to make
it consistent so it can all be shared with depthcharge and the
linux kernel drivers.
BUG=chrome-os-partner:53336
Change-Id: Ia9a65e72519b95f5739e3b7a16b9c2431d64ebe2
Signed-off-by: Duncan Laurie <dlaurie@chromium.org>
|
|
Add code to generate an ACPI descriptor for an I2C TPM based
on the device as described in devicetree.cb.
This currently requires the devicetree to provide the HID,
since we don't currently talk to the TPM in ramstage and I
didn't want to add yet another init path for it here.
This was tested on a reef board to ensure that the device
is described properly in the SSDT.
Change-Id: I43d7f6192f48e99a4074baa4e52f0a9ee554a250
Signed-off-by: Duncan Laurie <dlaurie@chromium.org>
Reviewed-on: https://review.coreboot.org/16397
Tested-by: build bot (Jenkins)
Reviewed-by: Aaron Durbin <adurbin@chromium.org>
|
|
The many different places to put vboot support in can be confusing.
Instead of using libverstage (which isn't enough since those functions are
sometimes called outside that, too), mention all stages where it can resides
explicitly.
Change-Id: Idddb9f5e2ef7bcc273f429d9f432bd37b4573567
Signed-off-by: Patrick Georgi <pgeorgi@chromium.org>
Reviewed-on: http://review.coreboot.org/10728
Tested-by: build bot (Jenkins)
Reviewed-by: Stefan Reinauer <stefan.reinauer@coreboot.org>
|
|
That way it's available wherever the verstage code ends up, bootblock,
verstage or romstage.
Change-Id: I0665e297f199acd60cff93e1b39812f183115d33
Signed-off-by: Patrick Georgi <pgeorgi@chromium.org>
Reviewed-on: http://review.coreboot.org/10707
Tested-by: build bot (Jenkins)
Reviewed-by: Stefan Reinauer <stefan.reinauer@coreboot.org>
|
|
Change-Id: I0024c4d56f93eb6c9a54103e79c9d8a8b7d8d6fb
Signed-off-by: Patrick Georgi <pgeorgi@chromium.org>
Reviewed-on: http://review.coreboot.org/10043
Reviewed-by: Paul Menzel <paulepanter@users.sourceforge.net>
Tested-by: build bot (Jenkins)
Reviewed-by: Aaron Durbin <adurbin@chromium.org>
|
|
This code ports antirollback module and tpm library from platform/vboot_reference.
names are modified to conform to coreboot's style.
The rollback_index module is split in a bottom half and top half. The top half
contains generic code which hides the underlying storage implementation.
The bottom half implements the storage abstraction.
With this change, the bottom half is moved to coreboot, while the top half stays
in vboot_reference.
TEST=Built with USE=+/-vboot2 for Blaze. Built Samus, Link.
BUG=none
Branch=none
Original-Signed-off-by: Daisuke Nojiri <dnojiri@chromium.org>
Original-Change-Id: I77e3ae1a029e09d3cdefe8fd297a3b432bbb9e9e
Original-Reviewed-on: https://chromium-review.googlesource.com/206065
Original-Reviewed-by: Randall Spangler <rspangler@chromium.org>
Original-Reviewed-by: Luigi Semenzato <semenzato@chromium.org>
(cherry picked from commit 6b66140ac979a991237bf1fe25e0a55244a406d0)
Change-Id: Ia3b8f27d6b1c2055e898ce716c4a93782792599c
Signed-off-by: Aaron Durbin <adurbin@chromium.org>
Signed-off-by: Marc Jones <marc.jones@se-eng.com>
Reviewed-on: http://review.coreboot.org/8615
Tested-by: build bot (Jenkins)
Reviewed-by: Aaron Durbin <adurbin@google.com>
|
|
Drop a lot of u-boot-isms and share common TIS API
between I2C driver and LPC driver.
Signed-off-by: Stefan Reinauer <reinauer@google.com>
Change-Id: I43be8eea0acbdaef58ef256a2bc5336b83368a0e
Reviewed-on: https://chromium-review.googlesource.com/175670
Commit-Queue: Stefan Reinauer <reinauer@chromium.org>
Tested-by: Stefan Reinauer <reinauer@chromium.org>
Reviewed-by: David Hendricks <dhendrix@chromium.org>
(cherry picked from commit 3fc8515b9dcef66998658e1aa5c020d22509810c)
Signed-off-by: Isaac Christensen <isaac.christensen@se-eng.com>
Reviewed-on: http://review.coreboot.org/6855
Tested-by: build bot (Jenkins)
Reviewed-by: Ronald G. Minnich <rminnich@gmail.com>
|
|
On ARM platforms the TPM is not attached through LPC but through I2C.
This patch adds an I2C TPM driver that supports the following chips:
* Infineon SLB9635
* Infineon SLB9645
In order to select the correct TPM implementation cleanly, CONFIG_TPM
is moved to src/Kconfig and does the correct choice.
Old-Change-Id: I2def0e0f86a869d6fcf56fc4ccab0bc935de2bf1
Signed-off-by: Stefan Reinauer <reinauer@google.com>
Reviewed-on: https://chromium-review.googlesource.com/167543
Reviewed-by: ron minnich <rminnich@chromium.org>
(cherry picked from commit b4049a0e96f6335a93877e1e884f9a440487c421)
i2c tpm: Remove mostly useless delay code/tables.
I assume from the code in the TPM driver that the TPM spec defines
different types of delays and timeouts which each have a particular
duration, and that the TPM can tell you how long each type is if you ask
it. There was a large table, some members of a data structure, and a
function or two which managed the timeouts and figured their value for
different operations. The timeout values for the various "ordinals"
were never set in the vendor specific data structure, however, and
always defaulted to 2 minutes. Similarly the timeouts a, b, c, and d
were never overridden from their defaults. This change gets rid of all
the timeout management code and makes the "ordinal" timeout 2 minutes
and the a, b, c, and d timeouts 2 seconds, the larger of the two default
values.
This is a port from depthcharge to coreboot, original change:
https://chromium-review.googlesource.com/#/c/168363/
Signed-off-by: Gabe Black <gabeblack@google.com>
Signed-off-by: Stefan Reinauer <reinauer@google.com>
Old-Change-Id: I79696d6329184ca07f6a1be4f6ca85e1655a7aaf
Reviewed-on: https://chromium-review.googlesource.com/168583
Reviewed-by: Gabe Black <gabeblack@chromium.org>
Tested-by: Stefan Reinauer <reinauer@google.com>
Commit-Queue: Stefan Reinauer <reinauer@google.com>
(cherry picked from commit b22395a73f361c38626911808332a3706b2334fe)
TPM: Stop requesting/releasing the TPM locality.
The locality is requested when the TPM is initialized and released when
it's cleaned up. There's no reason to set it to the same thing again and
restore it back to the same value before and after every transaction.
forward ported from https://chromium-review.googlesource.com/#/c/168400
Old-Change-Id: I291d1f86f220ef0eff6809c6cb00459bf95aa5e0
Signed-off-by: Gabe Black <gabeblack@google.com>
Signed-off-by: Stefan Reinauer <reinauer@google.com>
Reviewed-on: https://chromium-review.googlesource.com/168584
Reviewed-by: Gabe Black <gabeblack@chromium.org>
(cherry picked from commit cc866c20c6f936f349d2f1773dd492dca9bbf0c1)
Squashed three commits for the i2c tpm driver.
Change-Id: Ie7a50c50fda8ee986c02de7fe27551666998229d
Signed-off-by: Isaac Christensen <isaac.christensen@se-eng.com>
Reviewed-on: http://review.coreboot.org/6519
Tested-by: build bot (Jenkins)
Reviewed-by: Ronald G. Minnich <rminnich@gmail.com>
|
