From 34cf0732209e7b9fefc115536719473155e430ea Mon Sep 17 00:00:00 2001 From: Julius Werner Date: Tue, 8 Dec 2020 14:21:43 -0800 Subject: cbfs: Allow mcache to be found after the first lookup This patch addresses the same problem as CB:48429, but hopefully this time correctly. Since the mcache is not guaranteed to be available on the first CBFS lookup for some special cases, we can no longer treat it as a one-time fire-and-forget initialization. Instead, we test cbd->mcache_size to check if the mcache has been initialized yet, and keep trying on every lookup if we don't find it the first time. Since the mcache is a hard requirement for TOCTOU safety, also make it more clear in Kconfig that configurations known to do CBFS accesses before CBMEM init are incompatbile with that, and make sure we die() rather than do something unsafe if there's a case that Kconfig didn't catch. Signed-off-by: Julius Werner Change-Id: I4e01e9a9905f7dcba14eaf05168495201ed5de60 Reviewed-on: https://review.coreboot.org/c/coreboot/+/48482 Tested-by: build bot (Jenkins) Reviewed-by: Arthur Heymans Reviewed-by: Christian Walter Reviewed-by: Angel Pons --- src/lib/Kconfig.cbfs_verification | 1 + 1 file changed, 1 insertion(+) (limited to 'src/lib/Kconfig.cbfs_verification') diff --git a/src/lib/Kconfig.cbfs_verification b/src/lib/Kconfig.cbfs_verification index 34993458cd..4e2ed8cf01 100644 --- a/src/lib/Kconfig.cbfs_verification +++ b/src/lib/Kconfig.cbfs_verification @@ -19,6 +19,7 @@ config TOCTOU_SAFETY depends on CBFS_VERIFICATION depends on !NO_FMAP_CACHE depends on !NO_CBFS_MCACHE + depends on !USE_OPTION_TABLE && !FSP_CAR # Known to access CBFS before CBMEM init help Work in progress. Not actually TOCTOU safe yet. Do not use. -- cgit v1.2.3