From 73505f1f9efff6e1622be8190dcd310fb723aa03 Mon Sep 17 00:00:00 2001
From: Subrata Banik <subratabanik@google.com>
Date: Wed, 27 Dec 2023 21:13:25 +0530
Subject: vendorcode/google/chromeos: Add API to read factory config

This code leverages the TPM vendor-specific function
tlcl_cr50_get_factory_config() to fetch the device's factory
configuration.

BUG=b:317880956
TEST=Able to retrieve the factory config from google/screebo.

Change-Id: I34f47c9a94972534cda656ef624ef12ed5ddeb06
Signed-off-by: Subrata Banik <subratabanik@google.com>
Reviewed-on: https://review.coreboot.org/c/coreboot/+/79737
Tested-by: build bot (Jenkins) <no-reply@coreboot.org>
Reviewed-by: Kapil Porwal <kapilporwal@google.com>
---
 src/vendorcode/google/chromeos/Makefile.inc        |  1 +
 src/vendorcode/google/chromeos/chromeos.h          |  6 +++++
 .../google/chromeos/tpm_factory_config.c           | 31 ++++++++++++++++++++++
 3 files changed, 38 insertions(+)
 create mode 100644 src/vendorcode/google/chromeos/tpm_factory_config.c

(limited to 'src/vendorcode')

diff --git a/src/vendorcode/google/chromeos/Makefile.inc b/src/vendorcode/google/chromeos/Makefile.inc
index fbfd7a4e2f..dce4d9ccf1 100644
--- a/src/vendorcode/google/chromeos/Makefile.inc
+++ b/src/vendorcode/google/chromeos/Makefile.inc
@@ -9,6 +9,7 @@ ramstage-$(CONFIG_CHROMEOS_DISABLE_PLATFORM_HIERARCHY_ON_RESUME) += tpm2.c
 ramstage-$(CONFIG_HAVE_REGULATORY_DOMAIN) += wrdd.c
 ramstage-$(CONFIG_USE_SAR) += sar.c
 ramstage-$(CONFIG_TPM_GOOGLE) += cr50_enable_update.c
+ramstage-$(CONFIG_TPM_GOOGLE) += tpm_factory_config.c
 
 romstage-$(CONFIG_CHROMEOS_CSE_BOARD_RESET_OVERRIDE) += cse_board_reset.c
 ramstage-$(CONFIG_CHROMEOS_CSE_BOARD_RESET_OVERRIDE) += cse_board_reset.c
diff --git a/src/vendorcode/google/chromeos/chromeos.h b/src/vendorcode/google/chromeos/chromeos.h
index cab855d34e..c14af319f5 100644
--- a/src/vendorcode/google/chromeos/chromeos.h
+++ b/src/vendorcode/google/chromeos/chromeos.h
@@ -26,6 +26,12 @@ void mainboard_prepare_cr50_reset(void);
 void cbmem_add_vpd_calibration_data(void);
 void chromeos_set_me_hash(u32*, int);
 void chromeos_set_ramoops(void *ram_oops, size_t size);
+/*
+ * The factory config space is a one-time programmable info page.
+ * For the unprovisioned one, the read will be 0x0.
+ * Return `-1` in case of error.
+ */
+int64_t chromeos_get_factory_config(void);
 
 /*
  * Declaration for mainboards to use to generate ACPI-specific ChromeOS needs.
diff --git a/src/vendorcode/google/chromeos/tpm_factory_config.c b/src/vendorcode/google/chromeos/tpm_factory_config.c
new file mode 100644
index 0000000000..3b68020bd1
--- /dev/null
+++ b/src/vendorcode/google/chromeos/tpm_factory_config.c
@@ -0,0 +1,31 @@
+/* SPDX-License-Identifier: GPL-2.0-only */
+
+#include <console/console.h>
+#include <security/tpm/tss.h>
+#include <vendorcode/google/chromeos/chromeos.h>
+
+int64_t chromeos_get_factory_config(void)
+{
+	static int64_t factory_config = -1;
+
+	if (factory_config >= 0)
+		return factory_config;
+
+	/* Initialize TPM driver. */
+	tpm_result_t rc = tlcl_lib_init();
+	if (rc != TPM_SUCCESS) {
+		printk(BIOS_ERR, "%s:%d - tlcl_lib_init() failed: %#x\n",
+		       __func__, __LINE__, rc);
+		return -1;
+	}
+
+	rc = tlcl_cr50_get_factory_config((uint64_t *)&factory_config);
+
+	if (rc != TPM_SUCCESS) {
+		printk(BIOS_ERR, "%s:%d - tlcl_cr50_get_factory_config() failed: %#x\n",
+		       __func__, __LINE__, rc);
+		return -1;
+	}
+
+	return factory_config;
+}
-- 
cgit v1.2.3