From 9642e97c19f82d5244858423e921ed699a47de8c Mon Sep 17 00:00:00 2001
From: Arthur Heymans <arthur@aheymans.xyz>
Date: Tue, 17 May 2022 09:57:01 +0200
Subject: security/tpm/crtm.c: Fix !CONFIG_BOOTBLOCK_IN_CBFS measuring

On some platforms the bootblock is not placed in cbfs, but embedded
inside another binary that loads in into DRAM/SRAM.
e8217b11f1 (Kconfig: Add an option to skip adding a cbfs bootblock on
x86) removed adding a cbfs file containing the bootblock in that case.

Change-Id: Id47ecedbc8713ebd5d9814f1c4faf43c52780447
Signed-off-by: Arthur Heymans <arthur@aheymans.xyz>
Signed-off-by: Werner Zeh <werner.zeh@siemens.com>
Reviewed-on: https://review.coreboot.org/c/coreboot/+/64418
Tested-by: build bot (Jenkins) <no-reply@coreboot.org>
---
 src/security/tpm/tspi/crtm.c | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/src/security/tpm/tspi/crtm.c b/src/security/tpm/tspi/crtm.c
index 2d0901dd9d..24b9fbd2d7 100644
--- a/src/security/tpm/tspi/crtm.c
+++ b/src/security/tpm/tspi/crtm.c
@@ -60,7 +60,7 @@ static uint32_t tspi_init_crtm(void)
 				       TPM_CRTM_PCR,
 				       "FMAP: BOOTBLOCK"))
 			return VB2_ERROR_UNKNOWN;
-	} else {
+	} else if (CONFIG(BOOTBLOCK_IN_CBFS)){
 		/* Mapping measures the file. We know we can safely map here because
 		   bootblock-as-a-file is only used on x86, where we don't need cache to map. */
 		enum cbfs_type type = CBFS_TYPE_BOOTBLOCK;
@@ -71,7 +71,7 @@ static uint32_t tspi_init_crtm(void)
 			return VB2_ERROR_UNKNOWN;
 		}
 		cbfs_unmap(mapping);
-	}
+	} /* else: TODO: Add SoC specific measurement methods. */
 
 	return VB2_SUCCESS;
 }
-- 
cgit v1.2.3