From 73505f1f9efff6e1622be8190dcd310fb723aa03 Mon Sep 17 00:00:00 2001 From: Subrata Banik Date: Wed, 27 Dec 2023 21:13:25 +0530 Subject: vendorcode/google/chromeos: Add API to read factory config This code leverages the TPM vendor-specific function tlcl_cr50_get_factory_config() to fetch the device's factory configuration. BUG=b:317880956 TEST=Able to retrieve the factory config from google/screebo. Change-Id: I34f47c9a94972534cda656ef624ef12ed5ddeb06 Signed-off-by: Subrata Banik Reviewed-on: https://review.coreboot.org/c/coreboot/+/79737 Tested-by: build bot (Jenkins) Reviewed-by: Kapil Porwal --- src/vendorcode/google/chromeos/Makefile.inc | 1 + src/vendorcode/google/chromeos/chromeos.h | 6 +++++ .../google/chromeos/tpm_factory_config.c | 31 ++++++++++++++++++++++ 3 files changed, 38 insertions(+) create mode 100644 src/vendorcode/google/chromeos/tpm_factory_config.c (limited to 'src/vendorcode/google') diff --git a/src/vendorcode/google/chromeos/Makefile.inc b/src/vendorcode/google/chromeos/Makefile.inc index fbfd7a4e2f..dce4d9ccf1 100644 --- a/src/vendorcode/google/chromeos/Makefile.inc +++ b/src/vendorcode/google/chromeos/Makefile.inc @@ -9,6 +9,7 @@ ramstage-$(CONFIG_CHROMEOS_DISABLE_PLATFORM_HIERARCHY_ON_RESUME) += tpm2.c ramstage-$(CONFIG_HAVE_REGULATORY_DOMAIN) += wrdd.c ramstage-$(CONFIG_USE_SAR) += sar.c ramstage-$(CONFIG_TPM_GOOGLE) += cr50_enable_update.c +ramstage-$(CONFIG_TPM_GOOGLE) += tpm_factory_config.c romstage-$(CONFIG_CHROMEOS_CSE_BOARD_RESET_OVERRIDE) += cse_board_reset.c ramstage-$(CONFIG_CHROMEOS_CSE_BOARD_RESET_OVERRIDE) += cse_board_reset.c diff --git a/src/vendorcode/google/chromeos/chromeos.h b/src/vendorcode/google/chromeos/chromeos.h index cab855d34e..c14af319f5 100644 --- a/src/vendorcode/google/chromeos/chromeos.h +++ b/src/vendorcode/google/chromeos/chromeos.h @@ -26,6 +26,12 @@ void mainboard_prepare_cr50_reset(void); void cbmem_add_vpd_calibration_data(void); void chromeos_set_me_hash(u32*, int); void chromeos_set_ramoops(void *ram_oops, size_t size); +/* + * The factory config space is a one-time programmable info page. + * For the unprovisioned one, the read will be 0x0. + * Return `-1` in case of error. + */ +int64_t chromeos_get_factory_config(void); /* * Declaration for mainboards to use to generate ACPI-specific ChromeOS needs. diff --git a/src/vendorcode/google/chromeos/tpm_factory_config.c b/src/vendorcode/google/chromeos/tpm_factory_config.c new file mode 100644 index 0000000000..3b68020bd1 --- /dev/null +++ b/src/vendorcode/google/chromeos/tpm_factory_config.c @@ -0,0 +1,31 @@ +/* SPDX-License-Identifier: GPL-2.0-only */ + +#include +#include +#include + +int64_t chromeos_get_factory_config(void) +{ + static int64_t factory_config = -1; + + if (factory_config >= 0) + return factory_config; + + /* Initialize TPM driver. */ + tpm_result_t rc = tlcl_lib_init(); + if (rc != TPM_SUCCESS) { + printk(BIOS_ERR, "%s:%d - tlcl_lib_init() failed: %#x\n", + __func__, __LINE__, rc); + return -1; + } + + rc = tlcl_cr50_get_factory_config((uint64_t *)&factory_config); + + if (rc != TPM_SUCCESS) { + printk(BIOS_ERR, "%s:%d - tlcl_cr50_get_factory_config() failed: %#x\n", + __func__, __LINE__, rc); + return -1; + } + + return factory_config; +} -- cgit v1.2.3