summaryrefslogtreecommitdiff
path: root/src/security/vboot
AgeCommit message (Collapse)Author
2019-05-20security/vboot/vboot_crtm.h: Remove ENV_ for vboot_measure_cbfs_hook()Frans Hendriks
vboot_measure_cbfs_hook() is included when CONFIG_VBOOT_MEASURED_BOOT is enabled, but this function is defined as 0 in vboot_crtm.h using ENV_ Remove ENV_ for vboot_measure_cbfs_hook() function definition. This function is added to bootblock stage also. BUG=NA TEST=Build Google Banon and Google Cyan Change-Id: Ic62c18db09c119dfb85340a6b7f36bfd148aaa45 Signed-off-by: Frans Hendriks <fhendriks@eltan.com> Reviewed-on: https://review.coreboot.org/c/coreboot/+/32532 Tested-by: build bot (Jenkins) <no-reply@coreboot.org> Reviewed-by: Patrick Rudolph <siro@das-labor.org> Reviewed-by: Furquan Shaikh <furquan@google.com> Reviewed-by: Julius Werner <jwerner@chromium.org>
2019-05-20vboot: save whether developer mode is enabledJoel Kitching
Save whether or not vboot has selected developer mode as a flag in vboot_working_data. Other coreboot code may access this flag without needing to consult vboot_handoff (which is in the process of being deprecated). BUG=b:124141368, b:124192753 TEST=make clean && make test-abuild BRANCH=none Change-Id: Ieb6ac4937c943aea78ddc762595a05387d2b8114 Signed-off-by: Joel Kitching <kitching@google.com> Reviewed-on: https://review.coreboot.org/c/coreboot/+/32843 Tested-by: build bot (Jenkins) <no-reply@coreboot.org> Reviewed-by: Patrick Georgi <pgeorgi@google.com> Reviewed-by: Julius Werner <jwerner@chromium.org>
2019-05-15vboot: remove OPROM-related codeJoel Kitching
As of CL:1605641, vboot2 code should be used for setting and checking display init state. Remove all vboot1 OPROM-related code, and use the vboot2 display init code which has already been added in previous commits. coreboot should not be reading vboot NVRAM flags directly. Remove the function vboot_wants_oprom(), and instead rely on display_init_required(), which uses the VBOOT_WD_FLAG_DISPLAY_INIT value stored in vboot_working_data.flags, initialized during verstage. Note that this means in the case of CONFIG_VBOOT=y, the return value of display_init_required() can only be trusted after verstage has been executed. This should not be a problem assuming that all display initialization occurs in ramstage. BUG=b:124141368, b:124192753, chromium:948529 TEST=Build locally TEST=make clean && make test-abuild BRANCH=none Change-Id: Ic8f9dc5a3c7f1546a8fed82bde02be4d04568f8d Signed-off-by: Joel Kitching <kitching@google.com> Cq-Depend: chromium:1605641, chromium:1605525 Reviewed-on: https://review.coreboot.org/c/coreboot/+/32723 Reviewed-by: Furquan Shaikh <furquan@google.com> Reviewed-by: Paul Menzel <paulepanter@users.sourceforge.net> Reviewed-by: Julius Werner <jwerner@chromium.org> Tested-by: build bot (Jenkins) <no-reply@coreboot.org>
2019-05-15vboot: rename BOOT_OPROM_NEEDED to BOOT_DISPLAY_REQUESTJoel Kitching
Verified Boot OPROM code is being refactored. OPROM is being generalized into "display initialization". As such, the NVRAM request flag is being renamed from OPROM_NEEDED to DISPLAY_REQUEST. BUG=b:124141368, b:124192753, chromium:948529 TEST=make clean && make test-abuild BRANCH=none Change-Id: I74374abf7d1deb594c073f7a4a76c9de46092143 Signed-off-by: Joel Kitching <kitching@google.com> Cq-Depend: chromium:1605640 Reviewed-on: https://review.coreboot.org/c/coreboot/+/32720 Tested-by: build bot (Jenkins) <no-reply@coreboot.org> Reviewed-by: Furquan Shaikh <furquan@google.com> Reviewed-by: Paul Menzel <paulepanter@users.sourceforge.net> Reviewed-by: Julius Werner <jwerner@chromium.org>
2019-05-10vboot: Turn vboot_logic_executed() into a static inlineJulius Werner
This patch moves vboot_logic_executed() (and its dependencies) into a header and turns it into a static inline function. The function is used to guard larger amounts of code in several places, so this should allow us to save some more space through compile-time elimination (and also makes it easier to avoid undefined reference issues in some cases). Change-Id: I193f608882cbfe07dc91ee90d02fafbd67a3c324 Signed-off-by: Julius Werner <jwerner@chromium.org> Reviewed-on: https://review.coreboot.org/c/coreboot/+/32716 Tested-by: build bot (Jenkins) <no-reply@coreboot.org> Reviewed-by: Aaron Durbin <adurbin@chromium.org> Reviewed-by: Frans Hendriks <fhendriks@eltan.com>
2019-05-10vboot: Make vboot_logic_executed() a bit more preciseJulius Werner
This patch adds another check to vboot_logic_executed() to make sure we only do a runtime check for verstage_should_load() if CONFIG_VBOOT_RETURN_FROM_VERSTAGE is enabled. That's the only case where the stage that's loading the verstage can execute after verification has run (because the verstage will return to it when it's done). In the other case, the stage that loads verstage really just loads it and will never do anything again after hand-off, so it's guaranteed to always execute before verification. This change may allow extra dead-code elimination in some cases. Change-Id: I7019b6f7b0acfbf0a8173914b53364751b08f2cf Signed-off-by: Julius Werner <jwerner@chromium.org> Reviewed-on: https://review.coreboot.org/c/coreboot/+/32714 Tested-by: build bot (Jenkins) <no-reply@coreboot.org> Reviewed-by: Aaron Durbin <adurbin@chromium.org>
2019-05-09vboot: include vb2_sha.h when requiredJoel Kitching
Should include vb2_sha.h header when SHA library functions or constants are required. This replaces NEED_VB2_SHA_LIBRARY. BUG=b:124141368, chromium:956474 TEST=make clean && make test-abuild BRANCH=none Change-Id: I9f32174dbf3de05fbe5279cb8017888757abf368 Signed-off-by: Joel Kitching <kitching@google.com> Cq-Depend: chromium:1583820 Reviewed-on: https://review.coreboot.org/c/coreboot/+/32454 Tested-by: build bot (Jenkins) <no-reply@coreboot.org> Reviewed-by: Julius Werner <jwerner@chromium.org>
2019-05-09vboot: communicate display requirements with vb2api_fw_phase1Joel Kitching
Input: tell vb2api_fw_phase1 if display unconditionally available Output: vb2api_fw_phase1 may request coreboot to initialize display, if needed based on some internal request Move setting the VBOOT_FLAG_DISPLAY_REQUESTED flag into verstage_main. BUG=b:124141368, b:124192753, chromium:948529 TEST=make clean && make test-abuild BRANCH=none Change-Id: I81c82c46303564b63b8a32e7f80beb9d891a4628 Cq-Depend: chromium:1564232 Signed-off-by: Joel Kitching <kitching@google.com> Reviewed-on: https://review.coreboot.org/c/coreboot/+/32324 Tested-by: build bot (Jenkins) <no-reply@coreboot.org> Reviewed-by: Julius Werner <jwerner@chromium.org>
2019-05-09vboot: remove use of VbInitParamsJoel Kitching
The VbInitParams struct will be deprecated. Remove its use in preparation. Additionally, remove use of the flag VB_INIT_OUT_ENABLE_USB_STORAGE, which is no longer used downstream since vboot_reference CL:347257. BUG=b:124141368, chromium:960226 TEST=make clean && make test-abuild BRANCH=none Change-Id: Ibe02cb6ba639de0d7cbdf79fc4dbf49044c92278 Signed-off-by: Joel Kitching <kitching@google.com> Cq-Depend: chromium:1583943 Reviewed-on: https://review.coreboot.org/c/coreboot/+/32664 Reviewed-by: Furquan Shaikh <furquan@google.com> Tested-by: build bot (Jenkins) <no-reply@coreboot.org>
2019-05-06vboot: remove use of GoogleBinaryBlockHeaderJoel Kitching
Remove use of deprecated GoogleBinaryBlockHeader struct, and replace with vb2_gbb_header. BUG=b:124141368, chromium:954774 TEST=make clean && make test-abuild BRANCH=none Change-Id: Iee3bd877cb1791a689efdeabda324f43f7d0c6f2 Signed-off-by: Joel Kitching <kitching@google.com> Reviewed-on: https://review.coreboot.org/c/coreboot/+/32455 Tested-by: build bot (Jenkins) <no-reply@coreboot.org> Reviewed-by: Julius Werner <jwerner@chromium.org>
2019-04-30vboot: refactor OPROM codeJoel Kitching
The name OPROM is somewhat inaccurate, since other steps to bring up display and graphics are needed depending on mainboard/SoC. This patch cleans up OPROM code nomenclature, and works towards the goal of deprecating vboot1: * Rename CONFIG_VBOOT_OPROM_MATTERS to CONFIG_VBOOT_MUST_REQUEST_DISPLAY and clarify Kconfig description * Remove function vboot_handoff_skip_display_init * Remove use of the VbInit oflag VB_INIT_OUT_ENABLE_DISPLAY * Add |flags| field to vboot_working_data struct * Create VBOOT_FLAG_DISPLAY_REQUESTED and set in vboot_handoff BUG=b:124141368, b:124192753, chromium:948529 TEST=make clean && make test-abuild TEST=build and flash eve device; attempt loading dev/rec modes BRANCH=none Change-Id: Idf111a533c3953448b4b9084885a9a65a2432a8b Signed-off-by: Joel Kitching <kitching@google.com> Reviewed-on: https://review.coreboot.org/c/coreboot/+/32262 Tested-by: build bot (Jenkins) <no-reply@coreboot.org> Reviewed-by: Julius Werner <jwerner@chromium.org>
2019-04-29vboot: specify NEED_VB20_INTERNALS when neededJoel Kitching
NEED_VB20_INTERNALS should always be specified when peeking into vboot internal data structures. BUG=b:124141368, chromium:956474 TEST=make clean && make test-abuild BRANCH=none Change-Id: I5a47a28350fd5a68efeff0d06ca150c1ae145412 Signed-off-by: Joel Kitching <kitching@google.com> Reviewed-on: https://review.coreboot.org/c/coreboot/+/32452 Tested-by: build bot (Jenkins) <no-reply@coreboot.org> Reviewed-by: Julius Werner <jwerner@chromium.org>
2019-04-23src: include <assert.h> when appropriateElyes HAOUAS
Change-Id: Ib843eb7144b7dc2932931b9e8f3f1d816bcc1e1a Signed-off-by: Elyes HAOUAS <ehaouas@noos.fr> Reviewed-on: https://review.coreboot.org/c/coreboot/+/26796 Tested-by: build bot (Jenkins) <no-reply@coreboot.org> Reviewed-by: Stefan Reinauer <stefan.reinauer@coreboot.org> Reviewed-by: David Guckian
2019-04-11vboot: do not set VBSD_BOOT_FIRMWARE_WP_ENABLED flagJoel Kitching
The value of "write protect" GPIO shall be read in depthcharge, and the flag shall be set there instead. BUG=b:124141368, b:124192753, chromium:1556855 TEST=Build locally CQ-DEPEND=CL:1556855 BRANCH=none Change-Id: I4d24a057b1385244a836a67c565ee6726a894fdc Signed-off-by: Joel Kitching <kitching@google.com> Reviewed-on: https://review.coreboot.org/c/coreboot/+/32234 Tested-by: build bot (Jenkins) <no-reply@coreboot.org> Reviewed-by: Furquan Shaikh <furquan@google.com> Reviewed-by: Julius Werner <jwerner@chromium.org>
2019-04-06src: Use include <delay.h> when appropriateElyes HAOUAS
Change-Id: I23bc0191ca8fcd88364e5c08be7c90195019e399 Signed-off-by: Elyes HAOUAS <ehaouas@noos.fr> Reviewed-on: https://review.coreboot.org/c/coreboot/+/32012 Tested-by: build bot (Jenkins) <no-reply@coreboot.org> Reviewed-by: Werner Zeh <werner.zeh@siemens.com> Reviewed-by: David Guckian
2019-04-04vboot: remove Kconfig option VBOOT_PHYSICAL_REC_SWITCHJoel Kitching
This option is duplicated in depthcharge: https://crrev.com/c/1545144 BUG=b:124141368, b:124192753, chromium:943150 TEST=make clean && make test-abuild CQ-DEPEND=CL:1545144 BRANCH=none Change-Id: I48e20ad21cdcb948a23387d3e5fcf142723b0c82 Signed-off-by: Joel Kitching <kitching@google.com> Reviewed-on: https://review.coreboot.org/c/coreboot/+/32135 Tested-by: build bot (Jenkins) <no-reply@coreboot.org> Reviewed-by: Simon Glass <sjg@chromium.org> Reviewed-by: Julius Werner <jwerner@chromium.org> Reviewed-by: Paul Menzel <paulepanter@users.sourceforge.net>
2019-04-01vboot: Select CONFIG_VBOOT_OPROM_MATTERS in more casesJulius Werner
This patch enables CONFIG_VBOOT_OPROM_MATTERS in a few more cases where I think(?) it should be. Haswell, Broadwell and Baytrail Chromebooks have this enabled in their old depthcharge firmware branches -- we presumably just forgot to move it over when vboot2 migrated the option to coreboot. Braswell didn't, but it seems like this requirement was added when it was migrated to FSP 1.1...? (Not very sure about that one, but it does call load_vbt() right now which executes things based on display_init_required().) Additionally, it seems to make sense to enable it whenever the user explicitly selects VGA_ROM_RUN in menuconfig (like one of the Intel defconfigs does). Once we have all this, one could take a step back and ask whether this option still makes sense at all anymore. It's enabled for almost all devices (that work with vboot at all), it will presumably be enabled for all future devices, and it seems that most devices that don't enable it use libgfxinit, which as far as I can tell isn't gated on display_init_required() but probably should be. Realistically, whatever kind of display init a board needs to do (native or option ROM), it's probably expensive enough that it's worth skipping on a normal mode vboot boot, and we'd want to have this enabled by default on everything except boards that actually don't have a display. So maybe we should flip it around to CONFIG_VBOOT_OPROM_DOESNT_MATTER, but doing that would probably lead to nobody ever selecting it at all. Not sure what the best solution there is yet, but I think this patch at least moves things in the more correct direction. Change-Id: Id96a88296ddb9cfbb58ea67d93e1638d95570e2c Signed-off-by: Julius Werner <jwerner@chromium.org> Reviewed-on: https://review.coreboot.org/c/coreboot/+/32114 Tested-by: build bot (Jenkins) <no-reply@coreboot.org> Reviewed-by: Paul Menzel <paulepanter@users.sourceforge.net> Reviewed-by: Patrick Georgi <pgeorgi@google.com>
2019-03-29src: Use include <reset.h> when appropriateElyes HAOUAS
Change-Id: I3b852cae4ef84d257bf1e5486447583bdd16b441 Signed-off-by: Elyes HAOUAS <ehaouas@noos.fr> Reviewed-on: https://review.coreboot.org/c/coreboot/+/29301 Tested-by: build bot (Jenkins) <no-reply@coreboot.org> Reviewed-by: Nico Huber <nico.h@gmx.de>
2019-03-27vboot_handoff: do not set VBSD_HONOR_VIRT_DEV_SWITCHJoel Kitching
As part of chromium:942901, physical dev switch functionality is being deprecated. This flag is no longer read after CL:1526070, and thus does not need to be set here. coreboot's vboot subrepository needs to be updated to include CL:1526070 before this CL can be merged. BUG=b:124141368, b:124192753, chromium:942901 TEST=Build and deploy to eve TEST=util/lint/checkpatch.pl -g origin/master..HEAD TEST=make clean && make test-abuild CQ-DEPEND=CL:1526070 BRANCH=none Change-Id: Ie5849f9e0fcb8e4e6d35d542a141bf635e751af4 Signed-off-by: Joel Kitching <kitching@google.com> Reviewed-on: https://review.coreboot.org/c/coreboot/+/31952 Reviewed-by: Simon Glass <sjg@chromium.org> Reviewed-by: Julius Werner <jwerner@chromium.org> Tested-by: build bot (Jenkins) <no-reply@coreboot.org>
2019-03-27vboot: deprecate physical dev switchJoel Kitching
Currently only two devices make use of physical dev switch: stumpy, lumpy Deprecate this switch. If these devices are flashed to ToT, they may still make use of virtual dev switch, activated via recovery screen. BUG=b:124141368, b:124192753, chromium:942901 TEST=util/lint/checkpatch.pl -g origin/master..HEAD TEST=util/abuild/abuild -B -e -y -c 50 -p none -x TEST=make clean && make test-abuild BRANCH=none Change-Id: I87ec0db6148c1727b95475d94e3e3f6e7ec83193 Signed-off-by: Joel Kitching <kitching@google.com> Reviewed-on: https://review.coreboot.org/c/coreboot/+/31943 Reviewed-by: Simon Glass <sjg@chromium.org> Reviewed-by: Kyösti Mälkki <kyosti.malkki@gmail.com> Reviewed-by: Julius Werner <jwerner@chromium.org> Tested-by: build bot (Jenkins) <no-reply@coreboot.org>
2019-03-26vboot: remove VBOOT_EC_SOFTWARE_SYNC Kconfig optionJoel Kitching
This option is duplicated in depthcharge: https://crrev.com/c/1524811 BUG=b:124141368, b:124192753, b:128737909 TEST=Build and deploy to eve TEST=util/lint/checkpatch.pl -g origin/master..HEAD TEST=util/abuild/abuild -B -e -y -c 50 -p none -x TEST=make clean && make test-abuild CQ-DEPEND=CL:1524811 BRANCH=none Change-Id: Id8c207ec4ad5a476e24eee1ceb9e40f24d55e725 Signed-off-by: Joel Kitching <kitching@google.com> Reviewed-on: https://review.coreboot.org/c/coreboot/+/31926 Reviewed-by: Simon Glass <sjg@chromium.org> Reviewed-by: Furquan Shaikh <furquan@google.com> Tested-by: build bot (Jenkins) <no-reply@coreboot.org>
2019-03-25vboot: remove VBOOT_EC_SLOW_UPDATE Kconfig optionJoel Kitching
This option has been relocated to depthcharge: https://crrev.com/c/1524806 BUG=b:124141368, b:124192753 TEST=Build and deploy to eve TEST=util/lint/checkpatch.pl -g origin/master..HEAD TEST=util/abuild/abuild -B -e -y -c 50 -p none -x TEST=make clean && make test-abuild CQ-DEPEND=CL:1524806 BRANCH=none Change-Id: Ib4a83af2ba143577a064fc0d72c9bc318db56adc Signed-off-by: Joel Kitching <kitching@google.com> Reviewed-on: https://review.coreboot.org/c/coreboot/+/31909 Reviewed-by: Julius Werner <jwerner@chromium.org> Reviewed-by: Furquan Shaikh <furquan@google.com> Tested-by: build bot (Jenkins) <no-reply@coreboot.org>
2019-03-21vboot: remove VBOOT_EC_EFS Kconfig optionJoel Kitching
This option has been relocated to depthcharge: https://crrev.com/c/1523248 BUG=b:124141368, b:124192753, chromium:943511 TEST=Build and deploy to eve TEST=util/lint/checkpatch.pl -g origin/master..HEAD TEST=util/abuild/abuild -B -e -y -c 50 -p none -x TEST=make clean && make test-abuild CQ-DEPEND=CL:1523248, CL:1525647 BRANCH=none Change-Id: I8b3740c8301f9a193f4fce2c6492d9382730faa1 Signed-off-by: Joel Kitching <kitching@google.com> Reviewed-on: https://review.coreboot.org/c/coreboot/+/31897 Reviewed-by: Julius Werner <jwerner@chromium.org> Reviewed-by: Furquan Shaikh <furquan@google.com> Tested-by: build bot (Jenkins) <no-reply@coreboot.org>
2019-03-21vboot: standardize on working data sizeJoel Kitching
Previously, the size of memory made for vboot_working_data through the macro VBOOT2_WORK was always specified in each individual memlayout file. However, there is effectively no reason to provide this customizability -- the workbuf size required for verifying firmware has never been more than 12K. (This could potentially increase in the future if key sizes or algorithms are changed, but this could be applied globally rather than for each individual platform.) This CL binds the VBOOT2_WORK macro to directly use the VB2_WORKBUF_RECOMMENDED_DATA_SIZE constant as defined by vboot API. Since the constant needs to be used in a linker script, we may not include the full vboot API, and must instead directly include the vb2_constants.h header. BUG=b:124141368, b:124192753 TEST=Build locally for eve TEST=util/lint/checkpatch.pl -g origin/master..HEAD TEST=util/abuild/abuild -B -e -y -c 50 -p none -x TEST=make clean && make test-abuild BRANCH=none CQ-DEPEND=CL:1504490 Change-Id: Id71a8ab2401efcc0194d48c8af9017fc90513cb8 Signed-off-by: Joel Kitching <kitching@google.com> Reviewed-on: https://review.coreboot.org/c/coreboot/+/31474 Tested-by: build bot (Jenkins) <no-reply@coreboot.org> Reviewed-by: Patrick Georgi <pgeorgi@google.com>
2019-03-20src: Use 'include <string.h>' when appropriateElyes HAOUAS
Drop 'include <string.h>' when it is not used and add it when it is missing. Also extra lines removed, or added just before local includes. Change-Id: Iccac4dbaa2dd4144fc347af36ecfc9747da3de20 Signed-off-by: Elyes HAOUAS <ehaouas@noos.fr> Reviewed-on: https://review.coreboot.org/c/coreboot/+/31966 Tested-by: build bot (Jenkins) <no-reply@coreboot.org> Reviewed-by: Werner Zeh <werner.zeh@siemens.com> Reviewed-by: Kyösti Mälkki <kyosti.malkki@gmail.com>
2019-03-19vboot: make vboot workbuf available to payloadJoel Kitching
Create a new cbtable entry called VBOOT_WORKBUF for storing a pointer to the vboot workbuf within the vboot_working_data structure. BUG=b:124141368, b:124192753 TEST=Build and deploy to eve TEST=util/lint/checkpatch.pl -g origin/master..HEAD TEST=util/abuild/abuild -B -e -y -c 50 -p none -x BRANCH=none Change-Id: Id68f43c282939d9e1b419e927a14fe8baa290d91 Signed-off-by: Joel Kitching <kitching@google.com> Reviewed-on: https://review.coreboot.org/c/coreboot/+/31887 Reviewed-by: Simon Glass <sjg@chromium.org> Reviewed-by: Simon Glass <sjg@chromium.org> Reviewed-by: Julius Werner <jwerner@chromium.org> Tested-by: build bot (Jenkins) <no-reply@coreboot.org>
2019-03-19src: Drop unused 'include <cbfs.h>'Elyes HAOUAS
Change-Id: If5c5ebacd103d7e1f09585cc4c52753b11ce84d0 Signed-off-by: Elyes HAOUAS <ehaouas@noos.fr> Reviewed-on: https://review.coreboot.org/c/coreboot/+/31953 Tested-by: build bot (Jenkins) <no-reply@coreboot.org> Reviewed-by: Kyösti Mälkki <kyosti.malkki@gmail.com>
2019-03-18vboot: move assert in vboot_migrate_cbmemJoel Kitching
Fix a potential null pointer dereference when calling memcpy. assert should be before the memcpy call, and not after. BUG=b:124141368, b:124192753 TEST=util/lint/checkpatch.pl -g origin/master..HEAD TEST=util/abuild/abuild -B -e -y -c 50 -p none -x TEST=make clean && make test-abuild BRANCH=none Change-Id: I5a2a99e906b9aa3bb33e1564d8d33a0aca7d06ac Signed-off-by: Joel Kitching <kitching@google.com> Reviewed-on: https://review.coreboot.org/c/coreboot/+/31923 Reviewed-by: Furquan Shaikh <furquan@google.com> Tested-by: build bot (Jenkins) <no-reply@coreboot.org>
2019-03-15vboot: rename symbols for better consistencyJoel Kitching
Symbols prefixed with vb2_ should be reserved for internal vboot library use. Anything outside of that may choose some other prefix. Here, we choose vboot_ instead. Also, add some documentation to security/vboot/misc.h, which provides headers for a number of different C files. BUG=b:124141368 TEST=Build and deploy to eve TEST=util/lint/checkpatch.pl -g origin/master..HEAD TEST=util/abuild/abuild -B -e -y -c 50 -p none -x TEST=make clean && make test-abuild BRANCH=none Change-Id: I5d9154fd2d5df25ee254bd5ce4a173afaa6588be Signed-off-by: Joel Kitching <kitching@google.com> Reviewed-on: https://review.coreboot.org/c/coreboot/+/31886 Reviewed-by: Julius Werner <jwerner@chromium.org> Tested-by: build bot (Jenkins) <no-reply@coreboot.org>
2019-03-14vboot: copy data structures to CBMEM for downstream useJoel Kitching
For platforms that do not employ VBOOT_STARTS_IN_ROMSTAGE, vboot verification occurs before CBMEM is brought online. In order to make vboot data structures available downstream, copy vb2_working_data from CAR/SRAM into CBMEM when CBMEM comes online. Create VBOOT_MIGRATE_WORKING_DATA config option to toggle this functionality. BUG=b:124141368, b:124192753 TEST=Built and deployed on eve with STARTS_IN_BOOTBLOCK TEST=Built and deployed on eve with STARTS_IN_ROMSTAGE TEST=util/lint/checkpatch.pl -g origin/master..HEAD TEST=util/abuild/abuild -B -e -y -c 50 -p none -x BRANCH=none Change-Id: I62c11268a83927bc00ae9bd93b1b31363b38e8cf Signed-off-by: Joel Kitching <kitching@google.com> Reviewed-on: https://review.coreboot.org/c/coreboot/+/31329 Tested-by: build bot (Jenkins) <no-reply@coreboot.org> Reviewed-by: Julius Werner <jwerner@chromium.org>
2019-03-08coreboot: Replace all IS_ENABLED(CONFIG_XXX) with CONFIG(XXX)Julius Werner
This patch is a raw application of find src/ -type f | xargs sed -i -e 's/IS_ENABLED\s*(CONFIG_/CONFIG(/g' Change-Id: I6262d6d5c23cabe23c242b4f38d446b74fe16b88 Signed-off-by: Julius Werner <jwerner@chromium.org> Reviewed-on: https://review.coreboot.org/c/coreboot/+/31774 Tested-by: build bot (Jenkins) <no-reply@coreboot.org> Reviewed-by: Patrick Georgi <pgeorgi@google.com>
2019-03-07vboot: rename VB2_DISABLE_DEVELOPER_MODEJoel Kitching
Rename VB2_DISABLE_DEVELOPER_MODE to VB2_CONTEXT_DISABLE_DEVELOPER_MODE. See CL in CQ-DEPEND for details. BUG=b:124141368 TEST=Build locally CQ-DEPEND=CL:1460645 BRANCH=none Change-Id: Ib9754425dc2f346e8edac584c4d076d13ae31d2d Signed-off-by: Joel Kitching <kitching@google.com> Reviewed-on: https://review.coreboot.org/c/coreboot/+/31298 Tested-by: build bot (Jenkins) <no-reply@coreboot.org> Reviewed-by: Julius Werner <jwerner@chromium.org>
2019-03-07vboot: rename VB2_SD_DEV_MODE_ENABLEDJoel Kitching
Rename VB2_SD_DEV_MODE_ENABLED to VB2_SD_FLAG_DEV_MODE_ENABLED. See CL in CQ-DEPEND for details. BUG=b:124141368 TEST=Build locally CQ-DEPEND=CL:1460644 BRANCH=none Change-Id: I298cd3a5026055e439de1ce409e61f1feb24369b Signed-off-by: Joel Kitching <kitching@google.com> Reviewed-on: https://review.coreboot.org/c/coreboot/+/31297 Tested-by: build bot (Jenkins) <no-reply@coreboot.org> Reviewed-by: Julius Werner <jwerner@chromium.org>
2019-03-07src: Drop unused include <timestamp.h>Elyes HAOUAS
Change-Id: I7e181111cd1b837382929071a350b94c3afc1aaa Signed-off-by: Elyes HAOUAS <ehaouas@noos.fr> Reviewed-on: https://review.coreboot.org/c/coreboot/+/31784 Tested-by: build bot (Jenkins) <no-reply@coreboot.org> Reviewed-by: Werner Zeh <werner.zeh@siemens.com>
2019-03-07security/tpm: Fix TCPA log featurePhilipp Deppenwiese
Until now the TCPA log wasn't working correctly. * Refactor TCPA log code. * Add TCPA log dump fucntion. * Make TCPA log available in bootblock. * Fix TCPA log formatting. * Add x86 and Cavium memory for early log. Change-Id: Ic93133531b84318f48940d34bded48cbae739c44 Signed-off-by: Philipp Deppenwiese <zaolin.daisuki@gmail.com> Reviewed-on: https://review.coreboot.org/c/coreboot/+/29563 Tested-by: build bot (Jenkins) <no-reply@coreboot.org> Reviewed-by: Patrick Rudolph <siro@das-labor.org>
2019-02-27console: Refactor printk() varargs prototypesKyösti Mälkki
Change-Id: I816641c2223c3079ad9c95c1380d4b250898ef93 Signed-off-by: Kyösti Mälkki <kyosti.malkki@gmail.com> Reviewed-on: https://review.coreboot.org/c/31491 Tested-by: build bot (Jenkins) <no-reply@coreboot.org> Reviewed-by: Julius Werner <jwerner@chromium.org>
2019-02-25security/vboot: Add measured boot modePhilipp Deppenwiese
* Introduce a measured boot mode into vboot. * Add hook for stage measurements in prog_loader and cbfs. * Implement and hook-up CRTM in vboot and check for suspend. Change-Id: I339a2f1051e44f36aba9f99828f130592a09355e Signed-off-by: Philipp Deppenwiese <zaolin.daisuki@gmail.com> Signed-off-by: Werner Zeh <werner.zeh@siemens.com> Reviewed-on: https://review.coreboot.org/c/29547 Tested-by: build bot (Jenkins) <no-reply@coreboot.org>
2019-02-22vboot: fix STARTS_IN_BOOTBLOCK/_ROMSTAGE logicJoel Kitching
Fix up the logic of when to include VBOOT2_WORK symbols on x86, which are only needed when VBOOT_STARTS_IN_BOOTBLOCK is enabled. Also correct the value of the __PRE_RAM__ macro in the case that VBOOT_STARTS_IN_ROMSTAGE is selected. In this case, DRAM is already up and verstage should not be considered pre-ram. BUG=b:124141368, b:124192753 TEST=Build locally for eve TEST=util/lint/checkpatch.pl -g origin/master..HEAD TEST=util/abuild/abuild -B -e -y -c 50 -p none -x TEST=make clean && make test-abuild BRANCH=none Change-Id: Ie51e8f93b99ab230f3caeede2a33ec8b443e3d7a Signed-off-by: Joel Kitching <kitching@google.com> Reviewed-on: https://review.coreboot.org/c/31541 Tested-by: build bot (Jenkins) <no-reply@coreboot.org> Reviewed-by: Julius Werner <jwerner@chromium.org> Reviewed-by: Furquan Shaikh <furquan@google.com>
2019-02-22symbols.h: Add macro to define memlayout region symbolsJulius Werner
When <symbols.h> was first introduced, it only declared a handful of regions and we didn't expect that too many architectures and platforms would need to add their own later. However, our amount of platforms has greatly expanded since, and with them the need for more special memory regions. The amount of code duplication is starting to get unsightly, and platforms keep defining their own <soc/symbols.h> files that need this as well. This patch adds another macro to cut down the definition boilerplate. Unfortunately, macros cannot define other macros when they're called, so referring to region sizes as _name_size doesn't work anymore. This patch replaces the scheme with REGION_SIZE(name). Not touching the regions in the x86-specific <arch/symbols.h> yet since they don't follow the standard _region/_eregion naming scheme. They can be converted later if desired. Change-Id: I44727d77d1de75882c72a94f29bd7e2c27741dd8 Signed-off-by: Julius Werner <jwerner@chromium.org> Reviewed-on: https://review.coreboot.org/c/31539 Tested-by: build bot (Jenkins) <no-reply@coreboot.org> Reviewed-by: Aaron Durbin <adurbin@chromium.org>
2019-01-28vboot: Makefile: Also apply CPPFLAGS include path fixups to ccoptsJulius Werner
In some cases (e.g. Arm architecture variants), include paths are stuck into <stage>-generic-ccopts rather than CPPFLAGS_<stage> (in fact, the whole redundancy between these two is kinda stupid and we should probably eliminate the latter, but I don't want to get into that right now). This patch makes sure those paths are also correctly translated when invoking $(MAKE) for vboot. Change-Id: I37f09b88e555567590664e0e6fac23c34fd887df Signed-off-by: Julius Werner <jwerner@chromium.org> Reviewed-on: https://review.coreboot.org/c/31084 Tested-by: build bot (Jenkins) <no-reply@coreboot.org> Reviewed-by: Nico Huber <nico.h@gmx.de>
2019-01-16buildsystem: Promote rules.h to default includeKyösti Mälkki
Does not fix 3rdparty/, *.S or *.ld or yet. Change-Id: I66b48013dd89540b35ab219d2b64bc13f5f19cda Signed-off-by: Kyösti Mälkki <kyosti.malkki@gmail.com> Reviewed-on: https://review.coreboot.org/c/17656 Tested-by: build bot (Jenkins) <no-reply@coreboot.org> Reviewed-by: Nico Huber <nico.h@gmx.de>
2018-11-28security/vboot: Add VB2_LIB to romstage sources without dependenciesWerner Zeh
The coming feature "measured boot" relies on VB2_LIB in romstage. In the case where there is no separate verstage, compile the library just for romstage as it will then be shared across verstage and romstage code. If there is a separate verstage, compile the library separately for verstage and romstage. Change-Id: I8126c21b8fbe8dd65d95af49cbe2ad776b8ef605 Signed-off-by: Werner Zeh <werner.zeh@siemens.com> Reviewed-on: https://review.coreboot.org/c/29827 Tested-by: build bot (Jenkins) <no-reply@coreboot.org> Reviewed-by: Philipp Deppenwiese <zaolin.daisuki@gmail.com>
2018-11-16src: Remove unneeded include <cbmem.h>Elyes HAOUAS
Change-Id: I89e03b6def5c78415bf73baba55941953a70d8de Signed-off-by: Elyes HAOUAS <ehaouas@noos.fr> Reviewed-on: https://review.coreboot.org/29302 Reviewed-by: Patrick Georgi <pgeorgi@google.com> Tested-by: build bot (Jenkins) <no-reply@coreboot.org>
2018-11-16src: Remove unneeded include <cbfs.h>Elyes HAOUAS
Change-Id: Iab0bd1c5482331a0c048a05ab806bf5c4dbda780 Signed-off-by: Elyes HAOUAS <ehaouas@noos.fr> Reviewed-on: https://review.coreboot.org/29303 Reviewed-by: Patrick Georgi <pgeorgi@google.com> Tested-by: build bot (Jenkins) <no-reply@coreboot.org>
2018-11-16src: Remove unneeded include <console/console.h>Elyes HAOUAS
Change-Id: I40f8b4c7cbc55e16929b1f40d18bb5a9c19845da Signed-off-by: Elyes HAOUAS <ehaouas@noos.fr> Reviewed-on: https://review.coreboot.org/29289 Tested-by: build bot (Jenkins) <no-reply@coreboot.org> Reviewed-by: Patrick Georgi <pgeorgi@google.com>
2018-11-16src: Get rid of duplicated includesElyes HAOUAS
Change-Id: I252a1cd77bf647477edb7dddadb7e527de872439 Signed-off-by: Elyes HAOUAS <ehaouas@noos.fr> Reviewed-on: https://review.coreboot.org/29582 Tested-by: build bot (Jenkins) <no-reply@coreboot.org> Reviewed-by: Marshall Dawson <marshalldawson3rd@gmail.com>
2018-11-08security/vboot: Add selection for firmware slots used by VBOOTPhilipp Deppenwiese
Make the firmware slot configuration in VBOOT selectable. The following three modes are available: -RO only -RO + RW_A -RO + RW_A + RW_B The mode "RO only" is the lowest mode with no safety during update. You can select either RW_A or RW_AB via Kconfig which will add the selected parttions to the final image. Change-Id: I278fc060522b13048b00090b8e5261c14496f56e Signed-off-by: Philipp Deppenwiese <zaolin@das-labor.org> Signed-off-by: Werner Zeh <werner.zeh@siemens.com> Reviewed-on: https://review.coreboot.org/27714 Tested-by: build bot (Jenkins) <no-reply@coreboot.org> Reviewed-by: Aaron Durbin <adurbin@chromium.org> Reviewed-by: Philipp Deppenwiese <zaolin.daisuki@gmail.com>
2018-11-08security/vboot: Add VB2_LIB to postcar stage if availableWerner Zeh
VB2_LIB will be used across all stages to hash data. Add it to postcar stage sources so that it is compiled if postcar exists. In this way the new function tpm_measure_region() introduced in commit 61322d7 (security/tpm: Add function to measure a region device) can be used in every stage. Change-Id: I933d33b0188d1b123bb4735722b6086e7786624f Signed-off-by: Werner Zeh <werner.zeh@siemens.com> Reviewed-on: https://review.coreboot.org/29465 Tested-by: build bot (Jenkins) <no-reply@coreboot.org> Reviewed-by: Julius Werner <jwerner@chromium.org> Reviewed-by: Philipp Deppenwiese <zaolin.daisuki@gmail.com>
2018-10-31reset: Finalize move to new APINico Huber
Move soft_reset() to `southbridge/amd/common/` it's only used for amdfam10 now. Drop hard_reset() for good. Change-Id: Ifdc5791160653c5578007f6c1b96015efe2b3e1e Signed-off-by: Nico Huber <nico.h@gmx.de> Reviewed-on: https://review.coreboot.org/29059 Tested-by: build bot (Jenkins) <no-reply@coreboot.org> Reviewed-by: Aaron Durbin <adurbin@chromium.org>
2018-10-31security/tpm: Add function to measure a region deviceWerner Zeh
Add a new function which can hash a given region device and extend a PCR in the TPM with the result. The needed SHA algorithms are included from 3rdparty/vboot and thus not duplicated in the coreboot tree. For now VB2_LIB is not usable in postcar stage. Follow-up commits will add the ability to use the lib in postcar as well. Once this feature is ready, the library will be included in postcar stage to make this function available in every stage. Change-Id: I126cc3500fd039d63743db78002a04d201ab18aa Signed-off-by: Werner Zeh <werner.zeh@siemens.com> Reviewed-on: https://review.coreboot.org/29234 Tested-by: build bot (Jenkins) <no-reply@coreboot.org> Reviewed-by: Philipp Deppenwiese <zaolin.daisuki@gmail.com>
2018-10-31security/vboot: build vboot_fw20.a per stagePatrick Georgi
When used more widely across the tree, we don't want to have to worry if all its users are on the same architecture (eg. aarch32 vs aarch64), so just build their own library for each stage. Change-Id: Ib6807ff73c2713f3b23f43055325b2c40ff1a17d Signed-off-by: Patrick Georgi <pgeorgi@google.com> Reviewed-on: https://review.coreboot.org/29253 Tested-by: build bot (Jenkins) <no-reply@coreboot.org> Reviewed-by: Werner Zeh <werner.zeh@siemens.com> Reviewed-by: Paul Menzel <paulepanter@users.sourceforge.net>
2018-10-24vboot: fix CONFIG_RESUME_PATH_SAME_AS_BOOT S3 resume logicJoel Kitching
- should not check VBOOT_STARTS_IN_BOOTBLOCK to set context flag - implement vboot_platform_is_resuming on platforms missing it - add ACPI_INTEL_HARDWARE_SLEEP_VALUES to two intel southbridges [ originally https://review.coreboot.org/c/coreboot/+/28750 ] BUG=b:114018226 TEST=compile coreboot Change-Id: I1ef0bcdfd01746198f8140f49698b58065d820b9 Signed-off-by: Joel Kitching <kitching@google.com> Reviewed-on: https://review.coreboot.org/29060 Tested-by: build bot (Jenkins) <no-reply@coreboot.org> Reviewed-by: Aaron Durbin <adurbin@chromium.org> Reviewed-by: Philipp Deppenwiese <zaolin.daisuki@gmail.com>
2018-10-22reset: Provide new single-function reset APINico Huber
board_reset() replaces the existing common reset API. There is no common distinction between reset types across platforms, hence, common code could never decide which one to call. Currently only hard_reset() is used by common code. We replace these calls and provide a fall-back to the current hard_reset() implemen- tation. The fall-back will be removed along with hard_reset() after the transition of all boards. Change-Id: I274a8cee9cb38226b5a0bdff6a847c74ef0b3128 Signed-off-by: Nico Huber <nico.h@gmx.de> Reviewed-on: https://review.coreboot.org/29047 Tested-by: build bot (Jenkins) <no-reply@coreboot.org> Reviewed-by: Julius Werner <jwerner@chromium.org> Reviewed-by: Aaron Durbin <adurbin@chromium.org>
2018-10-17vboot: do not extend PCRs on resume from S3Joel Kitching
BUG=b:114018226,chromium:873099 TEST=compile coreboot Change-Id: I6840c45604535089fa8410f03c69702bec91218f Signed-off-by: Joel Kitching <kitching@google.com> Reviewed-on: https://review.coreboot.org/28750 Tested-by: build bot (Jenkins) <no-reply@coreboot.org> Reviewed-by: Aaron Durbin <adurbin@chromium.org> Reviewed-by: Furquan Shaikh <furquan@google.com>
2018-10-08Move compiler.h to commonlibNico Huber
Its spreading copies got out of sync. And as it is not a standard header but used in commonlib code, it belongs into commonlib. While we are at it, always include it via GCC's `-include` switch. Some Windows and BSD quirk handling went into the util copies. We always guard from redefinitions now to prevent further issues. Change-Id: I850414e6db1d799dce71ff2dc044e6a000ad2552 Signed-off-by: Nico Huber <nico.h@gmx.de> Reviewed-on: https://review.coreboot.org/28927 Tested-by: build bot (Jenkins) <no-reply@coreboot.org> Reviewed-by: Aaron Durbin <adurbin@chromium.org>
2018-08-13security/vboot/Makefile: Use shell cat instead of make file commandRaul E Rangel
The make `file` command is apparently a v4.2 feature only. Replace it with a shell cat. BUG=none TEST=verified fwid.region was created correctly Change-Id: I5e32a521ad3e6759853f0cde2e4c4db6e564d3be Signed-off-by: Raul E Rangel <rrangel@chromium.org> Reviewed-on: https://review.coreboot.org/27990 Tested-by: build bot (Jenkins) <no-reply@coreboot.org> Reviewed-by: Aaron Durbin <adurbin@chromium.org> Reviewed-by: Philipp Deppenwiese <zaolin.daisuki@gmail.com> Reviewed-by: Paul Menzel <paulepanter@users.sourceforge.net> Reviewed-by: Julius Werner <jwerner@chromium.org>
2018-08-09src/security/vboot: Fix typoElyes HAOUAS
Change-Id: Ie98ee00a83d837b6d6491fed3a474048dc23e104 Signed-off-by: Elyes HAOUAS <ehaouas@noos.fr> Reviewed-on: https://review.coreboot.org/27910 Tested-by: build bot (Jenkins) <no-reply@coreboot.org> Reviewed-by: Martin Roth <martinroth@google.com>
2018-08-08security/vboot: Split fwid.region build targetRaul E Rangel
Add the ability to specify the fwid version via a file instead of via config. This makes it so when doing an incremental build all objects are not invalidated when bumping the fwid. The coreboot ebuild will create this file to pass the latest version. BUG=b:112267918 TEST=ran dmidecide -t 0 and verified version was present Change-Id: I955106efd648a75a1311f24ede46bd238d1517e0 Signed-off-by: Raul E Rangel <rrangel@chromium.org> Reviewed-on: https://review.coreboot.org/27884 Tested-by: build bot (Jenkins) <no-reply@coreboot.org> Reviewed-by: Julius Werner <jwerner@chromium.org>
2018-08-03security/tpm: Improve TCPA log generationPhilipp Deppenwiese
* Make tcpa_log_init static and move init code into the tcpa_log_add_table_entry routine. * Add more checks for log initialization. * Fix minor issues Change-Id: I215d79eed7ad17c6ab87f0c4b14a282e519ef07d Signed-off-by: Philipp Deppenwiese <zaolin@das-labor.org> Reviewed-on: https://review.coreboot.org/27769 Reviewed-by: Julius Werner <jwerner@chromium.org> Tested-by: build bot (Jenkins) <no-reply@coreboot.org>
2018-07-30security/vboot: Enable TCPA log extensionPhilipp Deppenwiese
* Implement TCPA log for tspi extend function. * Hook tcpa_log_init into vboot tpm_setup function. * Add TCPA log output for vboot GBB flags and HWID Change-Id: I22b1aa8da1a95380c39715727615ce5ce4c9443f Signed-off-by: Philipp Deppenwiese <zaolin@das-labor.org> Reviewed-on: https://review.coreboot.org/27727 Tested-by: build bot (Jenkins) <no-reply@coreboot.org> Reviewed-by: Patrick Rudolph <siro@das-labor.org>
2018-07-18security/vboot: fix typoRaul E Rangel
BUG=none TEST=none Change-Id: I7027abee66ccdf9b2d37df60ca7f4dbbbae2f9e4 Signed-off-by: Raul E Rangel <rrangel@chromium.org> Reviewed-on: https://review.coreboot.org/27517 Reviewed-by: Paul Menzel <paulepanter@users.sourceforge.net> Reviewed-by: Furquan Shaikh <furquan@google.com> Reviewed-by: Martin Roth <martinroth@google.com> Tested-by: build bot (Jenkins) <no-reply@coreboot.org>
2018-07-17security/vboot: Add interface for FSP 2.0 mrc cachingPhilipp Deppenwiese
* Move vboot/tpm specific implementation to vboot. * Only call functions if CONFIG_FSP2_0_USES_TPM_MRC_HASH is set. * Preparation for software hash function support, no logic changed. Change-Id: I41a458186c7981adaf3fea8974adec2ca8668f14 Signed-off-by: Philipp Deppenwiese <zaolin@das-labor.org> Reviewed-on: https://review.coreboot.org/24904 Reviewed-by: Aaron Durbin <adurbin@chromium.org> Reviewed-by: Philipp Deppenwiese <zaolin.daisuki@gmail.com> Tested-by: build bot (Jenkins) <no-reply@coreboot.org>
2018-07-06src: Add missing license headersMartin Roth
These two files were added before I was able to get the updated linter committed. Updated/Add the headers so the stable header lint check can be updated. Change-Id: I464ddecb5eebe8c5b907f3dcfeab1b06501af6ab Signed-off-by: Martin Roth <martinroth@google.com> Reviewed-on: https://review.coreboot.org/27362 Tested-by: build bot (Jenkins) <no-reply@coreboot.org> Reviewed-by: Werner Zeh <werner.zeh@siemens.com> Reviewed-by: Paul Menzel <paulepanter@users.sourceforge.net>
2018-06-28vboot: Fix linking error with USE_OPTION_TABLE enabledPatrick Rudolph
Fix a linking problem with VBOOT and USE_OPTION_TABLE enabled. Make use of cbfs_locate_file_in_region() and always search the cmos_layout.bin in the 'COREBOOT' region. With this change applied there's no need to include the vboot_locator in SMM any more, we can't break NVRAM with different CMOS layouts, and we keep VBOOT and non VBOOT behaviour the same. Only include cmos_layout.bin and cmos.default in RO region. Add notes explaining the decisions. Tested on Intel Sandybridge, builds and boots with vboot enabled. Change-Id: I10ae94d7936581bbb5ea49384122062bd4934ea5 Signed-off-by: Patrick Rudolph <patrick.rudolph@9elements.com> Reviewed-on: https://review.coreboot.org/26863 Tested-by: build bot (Jenkins) <no-reply@coreboot.org> Reviewed-by: Aaron Durbin <adurbin@chromium.org>
2018-06-04security/tpm: Unify the coreboot TPM software stackPhilipp Deppenwiese
* Remove 2nd software stack in pc80 drivers directory. * Create TSPI interface for common usage. * Refactor TSS / TIS code base. * Add vendor tss (Cr50) directory. * Change kconfig options for TPM to TPM1. * Add user / board configuration with: * MAINBOARD_HAS_*_TPM # * BUS driver * MAINBOARD_HAS_TPM1 or MAINBOARD_HAS_TPM2 * Add kconfig TPM user selection (e.g. pluggable TPMs) * Fix existing headers and function calls. * Fix vboot for interface usage and antirollback mode. Change-Id: I7ec277e82a3c20c62a0548a1a2b013e6ce8f5b3f Signed-off-by: Philipp Deppenwiese <zaolin@das-labor.org> Reviewed-on: https://review.coreboot.org/24903 Tested-by: build bot (Jenkins) <no-reply@coreboot.org> Reviewed-by: Aaron Durbin <adurbin@chromium.org>
2018-05-14security/vboot: Remove redundent _verstage/_everstage/_verstage_size symbolsSubrata Banik
All those symbols are part of /include/symbols.h file hence removing from /security/vboot/symbols.h Change-Id: Id968186e28d6b772a1a6bca200a852407324d6e3 Signed-off-by: Subrata Banik <subrata.banik@intel.com> Reviewed-on: https://review.coreboot.org/26274 Tested-by: build bot (Jenkins) <no-reply@coreboot.org> Reviewed-by: Patrick Georgi <pgeorgi@google.com> Reviewed-by: Aaron Durbin <adurbin@chromium.org> Reviewed-by: Furquan Shaikh <furquan@google.com>
2018-05-13timestamp: Add timestamps for TPM communicationRaul E Rangel
On grunt these operations combined take a little over 37ms. BUG=b:64549506 TEST=built on grunt 511:starting TPM PCR extend 301,268 (598) 512:finished TPM PCR extend 326,710 (25,442) 513:starting locking TPM 326,716 (6) 514:finished locking TPM 339,517 (12,801) Change-Id: I05cfb3d0f8463f073e329a035484a340546649e1 Signed-off-by: Raul E Rangel <rrangel@chromium.org> Reviewed-on: https://review.coreboot.org/26218 Reviewed-by: Paul Menzel <paulepanter@users.sourceforge.net> Reviewed-by: Philipp Deppenwiese <zaolin.daisuki@gmail.com> Reviewed-by: Aaron Durbin <adurbin@chromium.org> Tested-by: build bot (Jenkins) <no-reply@coreboot.org>
2018-05-03security/vboot: make vboot starts in bootblock depend on c envAaron Durbin
coreboot on skylake originally did ship with romcc bootblock and verstage running after it. However, that configuration makes boot flows very complicated. No platform in the current code base uses this combination. Make VBOOT_STARTS_IN_BOOTBLOCK depend on C_ENVIRONMENT_BOOTBLOCK. BUG=b:78656686 Change-Id: Ia9446f209521f71c91b83d579b9e2d89744292bc Signed-off-by: Aaron Durbin <adurbin@chromium.org> Reviewed-on: https://review.coreboot.org/25984 Tested-by: build bot (Jenkins) <no-reply@coreboot.org> Reviewed-by: Furquan Shaikh <furquan@google.com> Reviewed-by: Subrata Banik <subrata.banik@intel.com> Reviewed-by: Justin TerAvest <teravest@chromium.org> Reviewed-by: Hannah Williams <hannah.williams@intel.com>
2018-04-27security/vboot: Add function to check if UDC can be enabledFurquan Shaikh
Add a function that will check the various requirements to enable USB Device Controller (UDC): - developer mode enabled - GBB flag set or VBNV flag set If VBOOT is not enabled, then default is to allow UDC enabling. BUG=b:78577893 BRANCH=poppy Change-Id: Id146ac1065f209865372aeb423f66ae734702954 Signed-off-by: Duncan Laurie <dlaurie@google.com> Signed-off-by: Furquan Shaikh <furquan@google.com> Reviewed-on: https://review.coreboot.org/25847 Reviewed-by: Aaron Durbin <adurbin@chromium.org> Tested-by: build bot (Jenkins) <no-reply@coreboot.org>
2018-04-27security/vboot: Add function to read UDC enable flagFurquan Shaikh
This change adds a helper function to read USB Device Controller (UDC) enable flag from VBNV. BUG=b:78577893 BRANCH=poppy Change-Id: Ifd1e9b0781ffee242d695b72287632bc944a50c7 Signed-off-by: Duncan Laurie <dlaurie@google.com> Signed-off-by: Furquan Shaikh <furquan@google.com> Reviewed-on: https://review.coreboot.org/25846 Tested-by: build bot (Jenkins) <no-reply@coreboot.org> Reviewed-by: Aaron Durbin <adurbin@chromium.org>
2018-04-24compiler.h: add __weak macroAaron Durbin
Instead of writing out '__attribute__((weak))' use a shorter form. Change-Id: If418a1d55052780077febd2d8f2089021f414b91 Signed-off-by: Aaron Durbin <adurbin@chromium.org> Reviewed-on: https://review.coreboot.org/25767 Tested-by: build bot (Jenkins) <no-reply@coreboot.org> Reviewed-by: Arthur Heymans <arthur@aheymans.xyz> Reviewed-by: Justin TerAvest <teravest@chromium.org>
2018-04-09vboot: Add support for reading GBB flagsFurquan Shaikh
This change adds basic support for reading flags from GBB header located in "GBB" section on SPI flash. Change-Id: I35ecb5ba964511379baa4e9f458ba2e8c6b74b4e Signed-off-by: Furquan Shaikh <furquan@google.com> Reviewed-on: https://review.coreboot.org/25459 Tested-by: build bot (Jenkins) <no-reply@coreboot.org> Reviewed-by: Aaron Durbin <adurbin@chromium.org>
2018-03-26vboot: Update to most recent GBB flag usageJulius Werner
This patch changes the GBB flag configuration to the latest usage in upstream vboot (as of https://chromium-review.googlesource.com/976660). Change-Id: I585d662d7de34b4964d028e3d06b4df5665fbe9e Signed-off-by: Julius Werner <jwerner@chromium.org> Reviewed-on: https://review.coreboot.org/25346 Tested-by: build bot (Jenkins) <no-reply@coreboot.org> Reviewed-by: Aaron Durbin <adurbin@chromium.org>
2018-02-07security/vboot: overwrite existing spaces during factory init for tpm2Andrey Pronin
In TPM 2.0 case, if the factory initialization is interrupted after defining, say, the kernel tpm nvram space but before writing to this space, the following will happen upon reboot when the factory initialization will be re-attempted. Writing to this space will be skipped, and coreboot will finish the factory initialization with this space remained unwritten. At a later stage, when the rollback logic will attempt to check the version in the kernel space, it will fail (TPM2.0 returns an error when reading from unwritten spaces), and the system will go into recovery with no way out (since the kernel space will never be written). This change fixes that by always writing to the kernel, MRC hash and firmware spaces during factory initialization, even if the space already existed by that time. BUG=b:71884828 TEST=delete, define, but not write to the kernel space; trigger factory initialization; coreboot should fill the kernel space and continue booting. Change-Id: I48d8bb4f9fc0e5276e6ec81247b3b6768ec9fa3b Signed-off-by: Andrey Pronin <apronin@google.com> Reviewed-on: https://review.coreboot.org/23456 Reviewed-by: Aaron Durbin <adurbin@chromium.org> Tested-by: build bot (Jenkins) <no-reply@coreboot.org> Reviewed-by: Julius Werner <jwerner@chromium.org> Reviewed-by: Vadim Bendebury <vbendeb@chromium.org>
2018-01-18security/tpm: Change TPM naming for different layers.Philipp Deppenwiese
* Rename tlcl* to tss* as tpm software stack layer. * Fix inconsistent naming. Change-Id: I206dd6a32dbd303a6d4d987e424407ebf5c518fa Signed-off-by: Philipp Deppenwiese <zaolin@das-labor.org> Reviewed-on: https://review.coreboot.org/22104 Tested-by: build bot (Jenkins) <no-reply@coreboot.org> Reviewed-by: Stefan Reinauer <stefan.reinauer@coreboot.org>
2018-01-18security/tpm: Move tpm TSS and TSPI layer to security sectionPhilipp Deppenwiese
* Move code from src/lib and src/include into src/security/tpm * Split TPM TSS 1.2 and 2.0 * Fix header includes * Add a new directory structure with kconfig and makefile includes Change-Id: Id15a9aa6bd367560318dfcfd450bf5626ea0ec2b Signed-off-by: Philipp Deppenwiese <zaolin@das-labor.org> Reviewed-on: https://review.coreboot.org/22103 Tested-by: build bot (Jenkins) <no-reply@coreboot.org> Reviewed-by: Stefan Reinauer <stefan.reinauer@coreboot.org>
2018-01-17security/vboot: Add two weak methods for vboot2Philipp Deppenwiese
In order to make VBOOT2 independent from the CHROMEOS kconfig option a weak method for get_write_protect_state and get_recovery_mode_switch() is required. Introduce a kconfig option for controlling this behaviour. This is a temporary fix and will be removed afterwards. Change-Id: I3b1555bd93e1605e04d5c3ea6a752eb1459e426e Signed-off-by: Philipp Deppenwiese <zaolin@das-labor.org> Reviewed-on: https://review.coreboot.org/22102 Tested-by: build bot (Jenkins) <no-reply@coreboot.org> Reviewed-by: Martin Roth <martinroth@google.com>
2017-12-07security/vboot: Remove unused include of vboot_nvstorage.hRandall Spangler
This include is not needed, and the header file is going away in vboot_reference. So, remove it. BUG=chromium:789276 BRANCH=none TEST=emerge-reef coreboot Change-Id: Ie0b37ae3d2f979f79060a15ca3f7157f49c89785 Signed-off-by: Randall Spangler <rspangler@chromium.org> Signed-off-by: Randall Spangler <randall@spanglers.com> Reviewed-on: https://review.coreboot.org/22733 Tested-by: build bot (Jenkins) <no-reply@coreboot.org> Reviewed-by: Julius Werner <jwerner@chromium.org> Reviewed-by: Paul Menzel <paulepanter@users.sourceforge.net> Reviewed-by: Stefan Reinauer <stefan.reinauer@coreboot.org>
2017-10-22security/vboot: Move vboot2 to security kconfig sectionPhilipp Deppenwiese
This commit just moves the vboot sources into the security directory and fixes kconfig/makefile paths. Fix vboot2 headers Change-Id: Icd87f95640186f7a625242a3937e1dd13347eb60 Signed-off-by: Philipp Deppenwiese <zaolin@das-labor.org> Reviewed-on: https://review.coreboot.org/22074 Tested-by: build bot (Jenkins) <no-reply@coreboot.org> Reviewed-by: Martin Roth <martinroth@google.com>