mb/siemens/mc_rpl1: Configure SPI and implement TPM support

Configure SPI according to the mainboard wiring. Disable GSPI completely as it is unused on this platform. Enable FSPI and configure it to interface with the TPM device. Implement TPM measured boot functionality starting from bootblock to ensure secure boot chain validation from the earliest boot stage. Change-Id: I89b60101c94393816b51154459f39bb22d5b976d Signed-off-by: Kilian Krause <kilian.krause@siemens.com> Reviewed-on: https://review.coreboot.org/c/coreboot/+/88886 Tested-by: build bot (Jenkins) <no-reply@coreboot.org> Reviewed-by: Mario Scheithauer <mario.scheithauer@siemens.com>
2025-06-10 12:15:51 +02:00 · 2025-06-10 12:15:51 +02:00 · 2b26ea0eda
commit 2b26ea0eda
parent 2bcd7f1522
4 changed files with 16 additions and 41 deletions
--- a/src/mainboard/siemens/mc_rpl/Kconfig
+++ b/src/mainboard/siemens/mc_rpl/Kconfig
@ -51,9 +51,6 @@ config DIMM_SPD_SIZE
 	int
 	default 256

-config DRIVER_TPM_SPI_BUS
-	default 0x2 if BOARD_SIEMENS_MC_RPL1
-
 config USE_PM_ACPI_TIMER
 	default n if BOARD_SIEMENS_MC_RPL1
 endif
--- a/src/mainboard/siemens/mc_rpl/devicetree.cb
+++ b/src/mainboard/siemens/mc_rpl/devicetree.cb
@ -32,35 +32,6 @@ chip soc/intel/alderlake
 	register "s0ix_enable" = "true"
 	register "dptf_enable" = "true"

-	register "serial_io_gspi_mode" = "{
-		[PchSerialIoIndexGSPI0] = PchSerialIoPci,
-		[PchSerialIoIndexGSPI1] = PchSerialIoPci,
-		[PchSerialIoIndexGSPI2] = PchSerialIoDisabled,
-		[PchSerialIoIndexGSPI3] = PchSerialIoDisabled,
-	}"
-
-	register "serial_io_gspi_cs_mode" = "{
-		[PchSerialIoIndexGSPI0] = 0,
-		[PchSerialIoIndexGSPI1] = 1,
-		[PchSerialIoIndexGSPI2] = 0,
-		[PchSerialIoIndexGSPI3] = 0,
-	}"
-
-	register "serial_io_gspi_cs_state" = "{
-		[PchSerialIoIndexGSPI0] = 0,
-		[PchSerialIoIndexGSPI1] = 0,
-		[PchSerialIoIndexGSPI2] = 0,
-		[PchSerialIoIndexGSPI3] = 0,
-	}"
-
-	# Intel Common SoC Config
-	register "common_soc_config" = "{
-		.gspi[1] = {
-			.speed_mhz = 1,
-			.early_init = 1,
-		},
-	}"
-
 	device domain 0 on
 		device ref igpu on end
 		device ref dtt on
@ -160,16 +131,7 @@ chip soc/intel/alderlake
 		end
 		device ref crashlog off end
 		device ref sata on end
-		device ref gspi0 on end
 		device ref p2sb on end
-		device ref gspi1 on
-			chip drivers/spi/acpi
-				register "hid" = "ACPI_DT_NAMESPACE_HID"
-				register "compat_string" = ""google,cr50""
-				register "irq" = "ACPI_IRQ_EDGE_LOW(GPP_E3_IRQ)"
-				device spi 0 on end
-			end
-		end
 		device ref smbus on end
 	end
 end
--- a/src/mainboard/siemens/mc_rpl/variants/mc_rpl1/Kconfig
+++ b/src/mainboard/siemens/mc_rpl/variants/mc_rpl1/Kconfig
@ -5,6 +5,10 @@ if BOARD_SIEMENS_MC_RPL1
 config BOARD_SPECIFIC_OPTIONS
 	def_bool y
 	select INTEL_LPSS_UART_FOR_CONSOLE
+	select MAINBOARD_HAS_TPM2
+	select MEMORY_MAPPED_TPM
+	select TPM_MEASURED_BOOT
+	select TPM_MEASURED_BOOT_INIT_BOOTBLOCK

 config UART_FOR_CONSOLE
 	int
--- a/src/mainboard/siemens/mc_rpl/variants/mc_rpl1/overridetree.cb
+++ b/src/mainboard/siemens/mc_rpl/variants/mc_rpl1/overridetree.cb
@ -19,6 +19,13 @@ chip soc/intel/alderlake
 	register "usb3_ports[2]" = "USB3_PORT_EMPTY"		# Port is unused
 	register "usb3_ports[3]" = "USB3_PORT_EMPTY"		# Port is unused

+	register "serial_io_gspi_mode" = "{
+		[PchSerialIoIndexGSPI0] = PchSerialIoDisabled,
+		[PchSerialIoIndexGSPI1] = PchSerialIoDisabled,
+		[PchSerialIoIndexGSPI2] = PchSerialIoDisabled,
+		[PchSerialIoIndexGSPI3] = PchSerialIoDisabled,
+	}"
+
 	register "serial_io_i2c_mode" = "{
 		[PchSerialIoIndexI2C0] = PchSerialIoPci,
 		[PchSerialIoIndexI2C1] = PchSerialIoPci,
@ -116,5 +123,10 @@ chip soc/intel/alderlake
 		device ref uart0 on end
 		device ref uart1 on end
 		device ref uart2 on end
+		device ref fast_spi on
+			chip drivers/pc80/tpm   # SPI TPM header
+				device pnp 0c31.0 on end
+			end
+		end
 	end
 end