From fd4214852081e0edc3c591570541781eab5cfc45 Mon Sep 17 00:00:00 2001 From: Matt DeVillier Date: Wed, 20 Sep 2023 11:27:20 -0500 Subject: payloads/edk2: Move TPM disable to separate Kconfig Disabling TPM support in edk2 can actually cause problems booting from USB on some Intel-based boards with a CR50 TPM when using the edk2 GOP driver option, so rather than disable the TPM for all CR50 boards, restrict the default to only AMD boards, where the boot hang with TPM enabled was originally observed. TEST=build/boot Win11, Linux from usb on google/fizz when built with edk2 payload and edk2 GOP driver option selected. Change-Id: I01509fea2dd42b741c00abcf9fb8b936e895b932 Signed-off-by: Matt DeVillier Reviewed-on: https://review.coreboot.org/c/coreboot/+/78031 Reviewed-by: Sean Rhodes Tested-by: build bot (Jenkins) Reviewed-by: Felix Held --- payloads/external/Makefile.inc | 2 +- payloads/external/edk2/Kconfig | 7 +++++++ payloads/external/edk2/Makefile | 2 +- 3 files changed, 9 insertions(+), 2 deletions(-) diff --git a/payloads/external/Makefile.inc b/payloads/external/Makefile.inc index bd1269b1bb..22b1bd38f6 100644 --- a/payloads/external/Makefile.inc +++ b/payloads/external/Makefile.inc @@ -192,7 +192,7 @@ $(obj)/UEFIPAYLOAD.fd: $(DOTCONFIG) CONFIG_EDK2_GOP_DRIVER=$(CONFIG_EDK2_GOP_DRIVER) \ CONFIG_EDK2_GOP_FILE=$(CONFIG_EDK2_GOP_FILE) \ CONFIG_INTEL_GMA_VBT_FILE=$(CONFIG_INTEL_GMA_VBT_FILE) \ - CONFIG_TPM_GOOGLE_CR50=$(CONFIG_TPM_GOOGLE_CR50) \ + CONFIG_EDK2_DISABLE_TPM=$(CONFIG_EDK2_DISABLE_TPM) \ GCC_CC_x86_32=$(GCC_CC_x86_32) \ GCC_CC_x86_64=$(GCC_CC_x86_64) \ GCC_CC_arm=$(GCC_CC_arm) \ diff --git a/payloads/external/edk2/Kconfig b/payloads/external/edk2/Kconfig index cd5b2f614a..76c7a763f4 100644 --- a/payloads/external/edk2/Kconfig +++ b/payloads/external/edk2/Kconfig @@ -278,6 +278,13 @@ config EDK2_GOP_FILE help The name of the GOP driver file passed to edk2. +config EDK2_DISABLE_TPM + bool "Disable TPM support in edk2" + default y if EDK2_REPO_MRCHROMEBOX && TPM_GOOGLE_CR50 && SOC_AMD_COMMON + help + Select this option to disable TPM support in edk2. This is necessary to avoid boot + hangs on some boards with a CR50 TPM, particularly those with an AMD Zen SoC. + config EDK2_CUSTOM_BUILD_PARAMS string "edk2 additional custom build parameters" default "-D VARIABLE_SUPPORT=SMMSTORE" if EDK2_REPO_MRCHROMEBOX && SMMSTORE_V2 diff --git a/payloads/external/edk2/Makefile b/payloads/external/edk2/Makefile index f30d92fee2..b03f1d529e 100644 --- a/payloads/external/edk2/Makefile +++ b/payloads/external/edk2/Makefile @@ -134,7 +134,7 @@ ifeq ($(CONFIG_EDK2_PRIORITIZE_INTERNAL),y) BUILD_STR += -D PRIORITIZE_INTERNAL=TRUE endif # TPM_ENABLE = TRUE -ifeq ($(CONFIG_TPM_GOOGLE_CR50),y) +ifeq ($(CONFIG_EDK2_DISABLE_TPM),y) BUILD_STR += -D TPM_ENABLE=FALSE endif -- cgit v1.2.3