From 7ce343d7a007f64f6bbf8d1d963cb5c4835e326e Mon Sep 17 00:00:00 2001 From: Yu-Ping Wu Date: Wed, 9 Aug 2023 09:39:50 +0800 Subject: security/vboot: Rename Cr50 to GSC when applicable Recent ChromeOS devices use Ti50 instead of Cr50. Therefore, some strings or comments are not accurate anymore. When applicable, rename Cr50 to GSC (Google security chip). BUG=b:275544927 TEST=./util/abuild/abuild -x -t GOOGLE_TOMATO -a BRANCH=none Cq-Depend: chromium:4756700 Change-Id: Ie5b9267191a5588830ed99a8382ba1a01933028f Signed-off-by: Yu-Ping Wu Reviewed-on: https://review.coreboot.org/c/coreboot/+/77100 Tested-by: build bot (Jenkins) Reviewed-by: Yidi Lin --- src/security/vboot/bootmode.c | 5 +++-- src/security/vboot/secdata_tpm.c | 6 +++--- src/security/vboot/vboot_logic.c | 8 ++++---- 3 files changed, 10 insertions(+), 9 deletions(-) (limited to 'src/security') diff --git a/src/security/vboot/bootmode.c b/src/security/vboot/bootmode.c index 3c50e4ef83..44149af048 100644 --- a/src/security/vboot/bootmode.c +++ b/src/security/vboot/bootmode.c @@ -61,8 +61,9 @@ int __weak get_ec_is_trusted(void) { /* * If board doesn't override this, by default we always assume EC is in - * RW and untrusted. However, newer platforms are supposed to use cr50 - * BOOT_MODE to report this and won't need to override this anymore. + * RW and untrusted. However, newer platforms with Google TPM are supposed + * to use GSC BOOT_MODE to report this and won't need to override this + * anymore. */ return 0; } diff --git a/src/security/vboot/secdata_tpm.c b/src/security/vboot/secdata_tpm.c index bc9d3d5070..3229dd022f 100644 --- a/src/security/vboot/secdata_tpm.c +++ b/src/security/vboot/secdata_tpm.c @@ -53,7 +53,7 @@ uint32_t antirollback_read_space_kernel(struct vb2_context *ctx) uint8_t size = VB2_SECDATA_KERNEL_SIZE; uint32_t ret; - /* Start with the version 1.0 size used by all modern cr50-boards. */ + /* Start with the version 1.0 size used by all modern Cr50/Ti50 boards. */ ret = tlcl_read(KERNEL_NV_INDEX, ctx->secdata_kernel, size); if (ret == TPM_E_RANGE) { /* Fallback to version 0.2(minimum) size and re-read. */ @@ -400,8 +400,8 @@ static uint32_t _factory_initialize_tpm(struct vb2_context *ctx) RETURN_ON_FAILURE(setup_fwmp_space(ctx)); /* - * Define and write zero-touch enrollment (ZTE) spaces. For Cr50 devices, - * these are set up elsewhere via TPM vendor commands. + * Define and write zero-touch enrollment (ZTE) spaces. For ChromeOS devices with + * Google TPM, these are set up elsewhere via TPM vendor commands. */ if (CONFIG(CHROMEOS) && !(CONFIG(TPM_GOOGLE))) RETURN_ON_FAILURE(setup_zte_spaces()); diff --git a/src/security/vboot/vboot_logic.c b/src/security/vboot/vboot_logic.c index 53314b2143..491615a4db 100644 --- a/src/security/vboot/vboot_logic.c +++ b/src/security/vboot/vboot_logic.c @@ -212,19 +212,19 @@ static void check_boot_mode(struct vb2_context *ctx) rv = tlcl_cr50_get_boot_mode(&boot_mode); switch (rv) { case TPM_E_NO_SUCH_COMMAND: - printk(BIOS_WARNING, "Cr50 does not support GET_BOOT_MODE.\n"); + printk(BIOS_WARNING, "GSC does not support GET_BOOT_MODE.\n"); /* Proceed to legacy boot model. */ return; case TPM_SUCCESS: break; default: printk(BIOS_ERR, - "Communication error in getting Cr50 boot mode.\n"); - vb2api_fail(ctx, VB2_RECOVERY_CR50_BOOT_MODE, rv); + "Communication error in getting GSC boot mode.\n"); + vb2api_fail(ctx, VB2_RECOVERY_GSC_BOOT_MODE, rv); return; } - printk(BIOS_INFO, "Cr50 says boot_mode is %s(0x%02x).\n", + printk(BIOS_INFO, "GSC says boot_mode is %s(0x%02x).\n", get_boot_mode_string(boot_mode), boot_mode); if (boot_mode == EC_EFS_BOOT_MODE_UNTRUSTED_RO) -- cgit v1.2.3