We don't need flashrom support just for vboot payloads. The current
default (USE_FLASHROM=1) is mostly harmless, especially if libflashrom
is not present (the autodetection in vboot_reference just spits out a
pkg-config error but doesn't actually fail the build), but it's better
to be clear we don't need it.
BUG=b:172225709
TEST=build
Change-Id: I53bcc2d1e7666646ddad58ba3717cfdd321014e8
Signed-off-by: Brian Norris <briannorris@chromium.org>
Reviewed-on: https://review.coreboot.org/c/coreboot/+/72716
Reviewed-by: Jack Rosenthal <jrosenth@chromium.org>
Tested-by: build bot (Jenkins) <no-reply@coreboot.org>
Reviewed-by: Raul Rangel <rrangel@chromium.org>
Reviewed-by: Yu-Ping Wu <yupingso@google.com>
This avoids runtime failures of lacking a RW_NVRAM section in fmap or
one having a size too small.
Change-Id: I3415bd719428a23b21210eb2176dbe15fa44eb9c
Signed-off-by: Arthur Heymans <arthur@aheymans.xyz>
Reviewed-on: https://review.coreboot.org/c/coreboot/+/71868
Reviewed-by: Paul Menzel <paulepanter@mailbox.org>
Tested-by: build bot (Jenkins) <no-reply@coreboot.org>
Reviewed-by: Julius Werner <jwerner@chromium.org>
Reviewed-by: Yu-Ping Wu <yupingso@google.com>
It's true that vbnv_udc_enable_flag() is called after vbnv_init()
(that's why the assertion was added). However, the former is called in
the ramstage, while the latter in verstage. This means that
vbnv_initialized will be false in ramstage, which leads
to the assertion failure:
[EMERG] ASSERTION ERROR: file 'src/security/vboot/vbnv.c', line 88
Since the ctx->nvdata will be restored in ramstage (by vb2api_reinit()),
simply remove the assertion. So, the patch drops assert call from
vbnv_udc_enable_flag() function.
TEST=Verify Rex system boots to OS without assert error.
Signed-off-by: Sridhar Siricilla <sridhar.siricilla@intel.com>
Change-Id: I49022155239febd5c5be5cf2c5eca2019ca61c12
Reviewed-on: https://review.coreboot.org/c/coreboot/+/71097
Tested-by: build bot (Jenkins) <no-reply@coreboot.org>
Reviewed-by: Yu-Ping Wu <yupingso@google.com>
Reviewed-by: Karthik Ramasubramanian <kramasub@google.com>
If the temporary nvdata storage inside the vboot context is already
initialized then return immediately without reinitializing from the
backup NV storage. This allows vbnv_init to be called more than once.
Also the check to enable USB Device Controller (UDC) happens after
NVdata is initialized. Hence the nvdata in vboot context can be used
instead of reading from the backup storage again.
BUG=b:242825052
TEST=Build Skyrim BIOS image and boot to OS in Skyrim.
Change-Id: Id72709e2fc3fe6a12ee96df8df25e55cf11e50a7
Signed-off-by: Karthikeyan Ramasubramanian <kramasub@google.com>
Reviewed-on: https://review.coreboot.org/c/coreboot/+/70380
Tested-by: build bot (Jenkins) <no-reply@coreboot.org>
Reviewed-by: Yu-Ping Wu <yupingso@google.com>
Reviewed-by: Julius Werner <jwerner@chromium.org>
CONFIG_VBOOT_CBFS_INTEGRATION images are signed differently than normal
images. futility needs to be able to tell this difference, and it parses
the `config` file included in CBFS to do this. This change codifies that
dependency in Kconfig so that nobody can accidentally break this by
turning off config file inclusion.
Signed-off-by: Julius Werner <jwerner@chromium.org>
Change-Id: I2b2d245b850bc65abb4e72f20b4e360312c828f7
Reviewed-on: https://review.coreboot.org/c/coreboot/+/70157
Reviewed-by: Yu-Ping Wu <yupingso@google.com>
Reviewed-by: Jakub Czapiga <jacz@semihalf.com>
Tested-by: build bot (Jenkins) <no-reply@coreboot.org>
Adjust asserts to allow to store and compare (at S3 resume) hashes
without padding to maximum hash length / slot size.
Signed-off-by: Jakub Czapiga <jacz@semihalf.com>
Change-Id: If6d46e0b58dbca86af56221b7ff2606ab2d1799a
Reviewed-on: https://review.coreboot.org/c/coreboot/+/69762
Tested-by: build bot (Jenkins) <no-reply@coreboot.org>
Reviewed-by: Julius Werner <jwerner@chromium.org>
Reviewed-by: Yu-Ping Wu <yupingso@google.com>
Reviewed-by: Eric Lai <eric_lai@quanta.corp-partner.google.com>
Compilers are not optimizing-out code correctly. This patch fixes
incorrect behavior by splitting if statement and extracting code to
another function, this allowing for better code size optimization and
reduction of undefined references.
Signed-off-by: Jakub Czapiga <jacz@semihalf.com>
Change-Id: Ia5330efeeb4cfd7477cf8f7f64c6abed68281e30
Reviewed-on: https://review.coreboot.org/c/coreboot/+/69761
Reviewed-by: Yu-Ping Wu <yupingso@google.com>
Reviewed-by: Eric Lai <eric_lai@quanta.corp-partner.google.com>
Tested-by: build bot (Jenkins) <no-reply@coreboot.org>
Reviewed-by: Julius Werner <jwerner@chromium.org>
This removes the dev_index argument from the google_chromeec_reboot
API. It's always set to 0, so don't bother passing it.
BUG=b:258126464
BRANCH=none
TEST=none
Change-Id: Iadc3d7c6c1e048e4b1ab8f8cec3cb8eb8db38e6a
Signed-off-by: Caveh Jalali <caveh@chromium.org>
Reviewed-on: https://review.coreboot.org/c/coreboot/+/69373
Reviewed-by: Yu-Ping Wu <yupingso@google.com>
Tested-by: build bot (Jenkins) <no-reply@coreboot.org>
This patch introduces support signing and verification of firmware
slots using CBFS metadata hash verification method for faster initial
verification. To have complete verification, CBFS_VERIFICATION should
also be enabled, as metadata hash covers only files metadata, not their
contents.
This patch also adapts mainboards and SoCs to new vboot reset
requirements.
TEST=Google Volteer/Voxel boots with VBOOT_CBFS_INTEGRATION enabled
Signed-off-by: Jakub Czapiga <jacz@semihalf.com>
Change-Id: I40ae01c477c4e4f7a1c90e4026a8a868ae64b5ca
Reviewed-on: https://review.coreboot.org/c/coreboot/+/66909
Reviewed-by: Yu-Ping Wu <yupingso@google.com>
Tested-by: build bot (Jenkins) <no-reply@coreboot.org>
This patch groups vboot context, recovery reason and subcode saving, and
reboot calls into two handy functions:
- vboot_save_and_reboot() - save context and reboot
- vboot_fail_and_reboot() - store recovery reason and call function
above
Signed-off-by: Jakub Czapiga <jacz@semihalf.com>
Change-Id: Ie29410e8985e7cf19bd8d4cccc393b050ca1f1c5
Reviewed-on: https://review.coreboot.org/c/coreboot/+/69208
Reviewed-by: Angel Pons <th3fanbus@gmail.com>
Tested-by: build bot (Jenkins) <no-reply@coreboot.org>
Reviewed-by: Eric Lai <eric_lai@quanta.corp-partner.google.com>
Reviewed-by: Yu-Ping Wu <yupingso@google.com>
Currently build rules allow using x86 SHA extensions for all coreboot
stages when enabled. On some SoCs where verstage can run in non-x86
environment, x86 SHA extension cannot be used. Update build rules
accordingly such that x86 SHA extensions can be used in AMD SoCs. This
is particularly useful when CBFS verificiation is enabled which verifies
the hash of the CBFS file being loaded.
BUG=b:227809919
TEST=Build and boot to OS in Skyrim. Observe that hardware acceleration
is used when a CBFS file is loaded and observe an overall improvement of
10 ms.
Change-Id: I4f388e963eb82990cda41d3880e66ad937334908
Signed-off-by: Karthikeyan Ramasubramanian <kramasub@google.com>
Reviewed-on: https://review.coreboot.org/c/coreboot/+/68953
Reviewed-by: Raul Rangel <rrangel@chromium.org>
Tested-by: build bot (Jenkins) <no-reply@coreboot.org>
Reviewed-by: Kangheui Won <khwon@chromium.org>
Reviewed-by: Yu-Ping Wu <yupingso@google.com>
Create an NVRAM space in TPM 2.0 that survives owner clear and can be
read and written without authorization. This space allows to seal data
with the TPM that can only be unsealed before the space was cleared.
It will be used during ChromeOS enterprise rollback to securely
carry data across a TPM clear.
Public documentation on the rollback feature:
https://source.chromium.org/chromium/chromiumos/platform2/+/main:oobe_config/README.md
BUG=b/233746744
Signed-off-by: Miriam Polzer <mpolzer@google.com>
Change-Id: I59ca0783b41a6f9ecd5b72f07de6fb403baf2820
Reviewed-on: https://review.coreboot.org/c/coreboot/+/66623
Tested-by: build bot (Jenkins) <no-reply@coreboot.org>
Reviewed-by: Julius Werner <jwerner@chromium.org>
Since mono_time is now 64-bit, the utility functions interfacing with
mono_time should also be 64-bit so precision isn't lost.
Fixed build errors related to printing the now int64_t result of
stopwatch_duration_[m|u]secs in various places.
BUG=b:237082996
BRANCH=All
TEST=Boot dewatt
Change-Id: I169588f5e14285557f2d03270f58f4c07c0154d5
Signed-off-by: Rob Barnes <robbarnes@google.com>
Reviewed-on: https://review.coreboot.org/c/coreboot/+/66170
Tested-by: build bot (Jenkins) <no-reply@coreboot.org>
Reviewed-by: Werner Zeh <werner.zeh@siemens.com>
Reviewed-by: Raul Rangel <rrangel@chromium.org>
Reviewed-by: Yu-Ping Wu <yupingso@google.com>
For TPM2, vb2api_secdata_firmware_create() is already called from
setup_firmware_space() from _factory_initialize_tpm(). Therefore move
the duplicate call from factory_initialize_tpm() to TPM1's
_factory_initialize_tpm().
Change-Id: I892df65c847e1aeeabef8a7578bec743b639a127
Signed-off-by: Yu-Ping Wu <yupingso@chromium.org>
Reviewed-on: https://review.coreboot.org/c/coreboot/+/67219
Tested-by: build bot (Jenkins) <no-reply@coreboot.org>
Reviewed-by: Aseda Aboagye <aaboagye@google.com>
Reviewed-by: Julius Werner <jwerner@chromium.org>
Intel platforms have soft straps stored in the SI_DESC FMAP section
which can alter boot behavior and may open up a security risk if they
can be modified by an attacker. This patch adds the SI_DESC region to
the list of ranges covered by GSC verification (CONFIG_VBOOT_GSCVD).
Signed-off-by: Julius Werner <jwerner@chromium.org>
Change-Id: I0f1b297e207d3c6152bf99ec5a5b0983f01b2d0b
Reviewed-on: https://review.coreboot.org/c/coreboot/+/66346
Reviewed-by: Yu-Ping Wu <yupingso@google.com>
Tested-by: build bot (Jenkins) <no-reply@coreboot.org>
CL:3825558 changes all vb2_digest and vb2_hash functions to take a new
hwcrypto_allowed argument, to potentially let them try to call the
vb2ex_hwcrypto API for hash calculation. This change will open hardware
crypto acceleration up to all hash calculations in coreboot (most
notably CBFS verification). As part of this change, the
vb2_digest_buffer() function has been removed, so replace existing
instances in coreboot with the newer vb2_hash_calculate() API.
Due to the circular dependency of these changes with vboot, this patch
also needs to update the vboot submodule:
Updating from commit id 18cb85b5:
2load_kernel.c: Expose load kernel as vb2_api
to commit id b827ddb9:
tests: Ensure auxfw sync runs after EC sync
This brings in 15 new commits.
Signed-off-by: Julius Werner <jwerner@chromium.org>
Change-Id: I287d8dac3c49ad7ea3e18a015874ce8d610ec67e
Reviewed-on: https://review.coreboot.org/c/coreboot/+/66561
Tested-by: build bot (Jenkins) <no-reply@coreboot.org>
Reviewed-by: Jakub Czapiga <jacz@semihalf.com>
Firmware is typically delivered as one large binary image that gets
flashed. Since this final image consists of binaries and data from
a vast number of different people and companies, it's hard to
determine what all the small parts included in it are. The goal of
the software bill of materials (SBOM) is to take a firmware image
and make it easy to find out what it consists of and where those
pieces came from. Basically, this answers the question, who supplied
the code that's running on my system right now? For example, buyers
of a system can use an SBOM to perform an automated vulnerability
check or license analysis, both of which can be used to evaluate
risk in a product. Furthermore, one can quickly check to see if the
firmware is subject to a new vulnerability included in one of the
software parts (with the specified version) of the firmware.
Further reference:
https://web.archive.org/web/20220310104905/https://blogs.gnome.org/hughsie/2022/03/10/firmware-software-bill-of-materials/
- Add Makefile.inc to generate and build coswid tags
- Add templates for most payloads, coreboot, intel-microcode,
amd-microcode. intel FSP-S/M/T, EC, BIOS_ACM, SINIT_ACM,
intel ME and compiler (gcc,clang,other)
- Add Kconfig entries to optionally supply a path to CoSWID tags
instead of using the default CoSWID tags
- Add CBFS entry called SBOM to each build via Makefile.inc
- Add goswid utility tool to generate SBOM data
Signed-off-by: Maximilian Brune <maximilian.brune@9elements.com>
Change-Id: Icb7481d4903f95d200eddbfed7728fbec51819d0
Reviewed-on: https://review.coreboot.org/c/coreboot/+/63639
Tested-by: build bot (Jenkins) <no-reply@coreboot.org>
Reviewed-by: Martin Roth <martin.roth@amd.corp-partner.google.com>
futility now supports image truncation and signing of whole images with
a single command invocation. Use it for vboot-enabled coreboot images.
TEST=Build and run coreboot on google/volteer
Signed-off-by: Jakub Czapiga <jacz@semihalf.com>
Change-Id: I49eb7e977b635ccb9f6c1b76e53c36e82be1d795
Reviewed-on: https://review.coreboot.org/c/coreboot/+/66127
Tested-by: build bot (Jenkins) <no-reply@coreboot.org>
Reviewed-by: Julius Werner <jwerner@chromium.org>
Reviewed-by: Yu-Ping Wu <yupingso@google.com>
Branding changes to unify and update Chrome OS to ChromeOS (removing the
space).
This CL also includes changing Chromium OS to ChromiumOS as well.
BUG=None
TEST=N/A
Change-Id: I39af9f1069b62747dbfeebdd62d85fabfa655dcd
Signed-off-by: Jon Murphy <jpmurphy@google.com>
Reviewed-on: https://review.coreboot.org/c/coreboot/+/65479
Reviewed-by: Jack Rosenthal <jrosenth@chromium.org>
Tested-by: build bot (Jenkins) <no-reply@coreboot.org>
Reviewed-by: Felix Singer <felixsinger@posteo.net>
Boards using VBOOT_VBNV_EC (nyan, daisy, veyron, peach_pit) are all
ChromeOS devices and they've reached the end of life since Feb 2022.
Therefore, remove VBOOT_VBNV_EC for them, each with different
replacement.
- nyan (nyan, nyan_big, nyan_blaze): Add RW_NVRAM to their FMAP (by
reducing the size of RW_VPD), and replace VBOOT_VBNV_EC with
VBOOT_VBNV_FLASH.
- veyron: Add RW_NVRAM to their FMAP (by reducing the size of
SHARED_DATA), and replace VBOOT_VBNV_EC with VBOOT_VBNV_FLASH. Also
enlarge the OVERLAP_VERSTAGE_ROMSTAGE section for rk3288 (by reducing
the size of PRERAM_CBMEM_CONSOLE), so that verstage won't exceed its
allotted size.
- daisy: Because BOOT_DEVICE_SPI_FLASH is not set, which is required for
VBOOT_VBNV_FLASH, disable MAINBOARD_HAS_CHROMEOS and VBOOT configs.
- peach_pit: As VBOOT is not set, simply remove the unused VBOOT_VBNV_EC
option.
Remove the VBOOT_VBNV_EC Kconfig option as well as related code, leaving
VBOOT_VBNV_FLASH and VBOOT_VBNV_CMOS as the only two backend options for
vboot nvdata (VBNV).
Also add a check in read_vbnv() and save_vbnv() for VBNV options.
BUG=b:178689388
TEST=util/abuild/abuild -t GOOGLE_NYAN -x -a
TEST=util/abuild/abuild -t GOOGLE_VEYRON_JAQ -x -a
TEST=util/abuild/abuild -t GOOGLE_DAISY -a
TEST=util/abuild/abuild -t GOOGLE_PEACH_PIT -a
BRANCH=none
Change-Id: Ic67d69e694cff3176dbee12d4c6311bc85295863
Signed-off-by: Yu-Ping Wu <yupingso@chromium.org>
Reviewed-on: https://review.coreboot.org/c/coreboot/+/65012
Tested-by: build bot (Jenkins) <no-reply@coreboot.org>
Reviewed-by: Julius Werner <jwerner@chromium.org>
This patch adds a new CONFIG_VBOOT_GSCVD option that will be enabled by
default for TPM_GOOGLE_TI50 devices. It makes the build system run the
`futility gscvd` command to create a GSCVD (GSC verification data) which
signs the CBFS trust anchor (bootblock and GBB). In order for this to
work, boards will need to have an RO_GSCVD section in their FMAP, and
production boards should override the CONFIG_VBOOT_GSC_BOARD_ID option
with the correct ID for each variant.
BUG=b:229015103
Signed-off-by: Julius Werner <jwerner@chromium.org>
Change-Id: I1cf86e90b2687e81edadcefa5a8826b02fbc8b24
Reviewed-on: https://review.coreboot.org/c/coreboot/+/64707
Tested-by: build bot (Jenkins) <no-reply@coreboot.org>
Reviewed-by: Yu-Ping Wu <yupingso@google.com>
There are efforts to have bootflows that do not follow a traditional
bootblock-romstage-postcar-ramstage model. As part of that CBMEM
initialisation hooks will need to move from romstage to bootblock.
The interface towards platforms and drivers will change to use one of
CBMEM_CREATION_HOOK() or CBMEM_READY_HOOK(). Former will only be called
in the first stage with CBMEM available.
Change-Id: Ie24bf4e818ca69f539196c3a814f3c52d4103d7e
Signed-off-by: Kyösti Mälkki <kyosti.malkki@gmail.com>
Reviewed-on: https://review.coreboot.org/c/coreboot/+/63375
Tested-by: build bot (Jenkins) <no-reply@coreboot.org>
Reviewed-by: Arthur Heymans <arthur@aheymans.xyz>
Reviewed-by: Julius Werner <jwerner@chromium.org>
Reviewed-by: Raul Rangel <rrangel@chromium.org>
The makefiles don't like cbfs file names with spaces in them so update
the file name with '_' instead of spaces. To keep the master header at
the top of cbfs, add a placeholder.
This removes the need to handle the cbfs master header in cbfstool.
This functionality will be dropped in a later CL.
On x86 reserve some space in the linker script to add the pointer.
On non-x86 generate a pointer inside a C struct file.
As a bonus this would actually fix the master header pointer mechanism
on Intel/APL as only the bootblock inside IFWI gets memory mapped.
TESTED on thinkpad X201: SeaBIOS correctly finds the cbfs master
header.
Change-Id: I3ba01be7da1f09a8cac287751497c18cda97d293
Signed-off-by: Arthur Heymans <arthur@aheymans.xyz>
Reviewed-on: https://review.coreboot.org/c/coreboot/+/59132
Tested-by: build bot (Jenkins) <no-reply@coreboot.org>
Reviewed-by: Raul Rangel <rrangel@chromium.org>
Break TPM related Kconfig into the following dimensions:
TPM transport support:
config CRB_TPM
config I2C_TPM
config SPI_TPM
config MEMORY_MAPPED_TPM (new)
TPM brand, not defining any of these is valid, and result in "generic" support:
config TPM_ATMEL (new)
config TPM_GOOGLE (new)
config TPM_GOOGLE_CR50 (new, implies TPM_GOOGLE)
config TPM_GOOGLE_TI50 (new to be used later, implies TPM_GOOGLE)
What protocol the TPM chip supports:
config MAINBOARD_HAS_TPM1
config MAINBOARD_HAS_TPM2
What the user chooses to compile (restricted by the above):
config NO_TPM
config TPM1
config TPM2
The following Kconfigs will be replaced as indicated:
config TPM_CR50 -> TPM_GOOGLE
config MAINBOARD_HAS_CRB_TPM -> CRB_TPM
config MAINBOARD_HAS_I2C_TPM_ATMEL -> I2C_TPM && TPM_ATMEL
config MAINBOARD_HAS_I2C_TPM_CR50 -> I2C_TPM && TPM_GOOGLE
config MAINBOARD_HAS_I2C_TPM_GENERIC -> I2C_TPM && !TPM_GOOGLE && !TPM_ATMEL
config MAINBOARD_HAS_LPC_TPM -> MEMORY_MAPPED_TPM
config MAINBOARD_HAS_SPI_TPM -> SPI_TPM && !TPM_GOOGLE && !TPM_ATMEL
config MAINBOARD_HAS_SPI_TPM_CR50 -> SPI_TPM && TPM_GOOGLE
Signed-off-by: Jes B. Klinke <jbk@chromium.org>
Change-Id: I4656b2b90363b8dfd008dc281ad591862fe2cc9e
Reviewed-on: https://review.coreboot.org/c/coreboot/+/63424
Tested-by: build bot (Jenkins) <no-reply@coreboot.org>
Reviewed-by: Yu-Ping Wu <yupingso@google.com>
Reviewed-by: Tim Wawrzynczak <twawrzynczak@chromium.org>
Reviewed-by: Julius Werner <jwerner@chromium.org>
cb_err_t was meant to be used in place of `enum cb_err` in all
situations, but the choice to use a typedef here seems to be
controversial. We should not be arbitrarily using two different
identifiers for the same thing across the codebase, so since there are
no use cases for serializing enum cb_err at the moment (which would be
the primary reason to typedef a fixed-width integer instead), remove
cb_err_t again for now.
Signed-off-by: Julius Werner <jwerner@chromium.org>
Change-Id: Iaec36210d129db26d51f0a105d3de070c03b686b
Reviewed-on: https://review.coreboot.org/c/coreboot/+/62600
Tested-by: build bot (Jenkins) <no-reply@coreboot.org>
Reviewed-by: Yu-Ping Wu <yupingso@google.com>
Reviewed-by: Tim Wawrzynczak <twawrzynczak@chromium.org>
This patch aims to make timestamps more consistent in naming,
to follow one pattern. Until now there were many naming patterns:
- TS_START_*/TS_END_*
- TS_BEFORE_*/TS_AFTER_*
- TS_*_START/TS_*_END
This change also aims to indicate, that these timestamps can be used
to create time-ranges, e.g. from TS_BOOTBLOCK_START to TS_BOOTBLOCK_END.
Signed-off-by: Jakub Czapiga <jacz@semihalf.com>
Change-Id: I533e32392224d9b67c37e6a67987b09bf1cf51c6
Reviewed-on: https://review.coreboot.org/c/coreboot/+/62019
Tested-by: build bot (Jenkins) <no-reply@coreboot.org>
Reviewed-by: Tim Wawrzynczak <twawrzynczak@chromium.org>
Reviewed-by: Yu-Ping Wu <yupingso@google.com>
Reviewed-by: Raul Rangel <rrangel@chromium.org>
This function actually dumps cbmem to the UART. This change renames the
function to make that clear.
BUG=b:213828947
TEST=Build guybrush
Signed-off-by: Raul E Rangel <rrangel@chromium.org>
Change-Id: Icc314c530125e5303a06b92aab48c1e1122fd18c
Reviewed-on: https://review.coreboot.org/c/coreboot/+/61010
Tested-by: build bot (Jenkins) <no-reply@coreboot.org>
Reviewed-by: Julius Werner <jwerner@chromium.org>
This patch removes all remaining pieces of the old CBFS API, now that
the last straggling use cases of it have been ported to the new one
(meaning cbfs_map()/cbfs_load()/etc... see CB:39304 and CB:38421).
Signed-off-by: Julius Werner <jwerner@chromium.org>
Change-Id: I1cec0ca2d9d311626a087318d1d78163243bfc3c
Reviewed-on: https://review.coreboot.org/c/coreboot/+/59682
Tested-by: build bot (Jenkins) <no-reply@coreboot.org>
Reviewed-by: Raul Rangel <rrangel@chromium.org>
Reviewed-by: Yu-Ping Wu <yupingso@google.com>
Reviewed-by: Werner Zeh <werner.zeh@siemens.com>
High Definition (HD) protected content playback requires secure counters
that are updated at regular interval while the protected content is
playing. To support similar use-cases, define space for secure counters
in TPM NVRAM and initialize them. These counters are defined once during
the factory initialization stage. Also add
VBOOT_DEFINE_WIDEVINE_COUNTERS config item to enable these secure
counters only on the mainboard where they are required/used.
BUG=b:205261728
TEST=Build and boot to OS in guybrush. Ensure that the secure counters
are defined successfully in TPM NVRAM space.
tlcl_define_space: response is 0
tlcl_define_space: response is 0
tlcl_define_space: response is 0
tlcl_define_space: response is 0
On reboot if forced to redefine the space, it is identified as already
defined.
tlcl_define_space: response is 14c
define_space():219: define_space: Secure Counter space already exists
tlcl_define_space: response is 14c
define_space():219: define_space: Secure Counter space already exists
tlcl_define_space: response is 14c
define_space():219: define_space: Secure Counter space already exists
tlcl_define_space: response is 14c
define_space():219: define_space: Secure Counter space already exists
Change-Id: I915fbdada60e242d911b748ad5dc28028de9b657
Signed-off-by: Karthikeyan Ramasubramanian <kramasub@google.com>
Reviewed-on: https://review.coreboot.org/c/coreboot/+/59476
Tested-by: build bot (Jenkins) <no-reply@coreboot.org>
Reviewed-by: Raul Rangel <rrangel@chromium.org>
Reviewed-by: Julius Werner <jwerner@chromium.org>
Create an NVRAM counter in TPM 2.0 that survives owner clear and can be
read and written without authorization. This counter allows to seal data
with the TPM that can only be unsealed before the counter was
incremented. It will be used during Chrome OS rollback to securely carry
data across a TPM clear.
Signed-off-by: Miriam Polzer <mpolzer@google.com>
Change-Id: I511dba3b3461713ce20fb2bda9fced0fee6517e1
Reviewed-on: https://review.coreboot.org/c/coreboot/+/59097
Tested-by: build bot (Jenkins) <no-reply@coreboot.org>
Reviewed-by: Julius Werner <jwerner@chromium.org>
When fetching antirollback information for the kernel, it is not always
known ahead of time what the current size of the kernel secdata area
is. If the incorrect size is passed, the TPM will return back the
correct size, but at the cost of an extra transaction; when using cr50
over I2C, this can be as much as 20ms. Currently, the first attempt uses
the minimium size (aka version 0 or 0.2), and if another size is used
(which is the case for all modern cr50-based boards, version 1 or 1.0),
then a transaction is wasted on every boot.
Therefore, change the default size sent to the TPM to be the default one
used in the VB2 API instead of the minimum one.
BUG=b:201304784
TEST=verify TPM initialization time drops by ~20ms. Also the Kernel NV
Index is read correctly in the BIOS logs.
src/security/tpm/tss/tcg-2.0/tss.c:231 index 0x1007 return code 0
src/security/tpm/tss/tcg-2.0/tss.c:231 index 0x1008 return code 0
504:finished TPM initialization 99,953 (65,606)
Change-Id: I22d9c0079bb1175f24ff7317d116e79aa5ba08ed
Signed-off-by: Tim Wawrzynczak <twawrzynczak@chromium.org>
Signed-off-by: Karthikeyan Ramasubramanian <kramasub@google.com>
Reviewed-on: https://review.coreboot.org/c/coreboot/+/58669
Tested-by: build bot (Jenkins) <no-reply@coreboot.org>
Reviewed-by: Yu-Ping Wu <yupingso@google.com>
Reviewed-by: Julius Werner <jwerner@chromium.org>
Reviewed-by: Raul Rangel <rrangel@chromium.org>
This reverts commit adb393bdd6.
This relands commit 6260bf712a.
Reason for revert:
The original CL did not handle some devices correctly.
With the fixes:
* commit 36721a4 (mb/google/brya: Add GPIO_IN_RW to all variants'
early GPIO tables)
* commit 3bfe46c (mb/google/guybrush: Add GPIO EC in RW to early
GPIO tables)
* commit 3a30cf9 (mb/google/guybrush: Build chromeos.c in verstage
This CL also fix the following platforms:
* Change to always trusted: cyan.
* Add to early GPIO table: dedede, eve, fizz, glados, hatch, octopus,
poppy, reef, volteer.
* Add to both Makefile and early GPIO table: zork.
For mb/intel:
* adlrvp: Add support for get_ec_is_trusted().
* glkrvp: Add support for get_ec_is_trusted() with always trusted.
* kblrvp: Add support for get_ec_is_trusted() with always trusted.
* kunimitsu: Add support for get_ec_is_trusted() and initialize it as
early GPIO.
* shadowmountain: Add support for get_ec_is_trusted() and initialize
it as early GPIO.
* tglrvp: Add support for get_ec_is_trusted() with always trusted.
For qemu-q35: Add support for get_ec_is_trusted() with always trusted.
We could attempt another land.
Change-Id: I66b8b99d6e6bf259b18573f9f6010f9254357bf9
Signed-off-by: Hsuan Ting Chen <roccochen@chromium.org>
Reviewed-on: https://review.coreboot.org/c/coreboot/+/58253
Tested-by: build bot (Jenkins) <no-reply@coreboot.org>
Reviewed-by: Karthik Ramasubramanian <kramasub@google.com>
Reviewed-by: Tim Wawrzynczak <twawrzynczak@chromium.org>
Reviewed-by: Yu-Ping Wu <yupingso@google.com>
This reverts commit 6260bf712a.
Reason for revert: This CL did not handle Intel GPIO correctly. We need
to add GPIO_EC_IN_RW into early_gpio_table for platforms using Intel
SoC.
Signed-off-by: Hsuan Ting Chen <roccochen@chromium.org>
Change-Id: Iaeb1bf598047160f01e33ad0d9d004cad59e3f75
Reviewed-on: https://review.coreboot.org/c/coreboot/+/57951
Reviewed-by: Yu-Ping Wu <yupingso@google.com>
Tested-by: build bot (Jenkins) <no-reply@coreboot.org>
Now that the vb2ex_hwcrypto_* stub functions are included in vboot fwlib
(CL:2353775), we can remove the same stubs from coreboot.
BUG=none
TEST=emerge-brya coreboot
TEST=emerge-cherry coreboot
BRANCH=none
Change-Id: I62bdc647eb3e34c581cc1b8d15e7f271211e6156
Signed-off-by: Yu-Ping Wu <yupingso@chromium.org>
Reviewed-on: https://review.coreboot.org/c/coreboot/+/58095
Tested-by: build bot (Jenkins) <no-reply@coreboot.org>
Reviewed-by: Julius Werner <jwerner@chromium.org>
Reviewed-by: Werner Zeh <werner.zeh@siemens.com>
vboot_reference is introducing a new field (ctx) to store the current
boot mode in crrev/c/2944250 (ctx->bootmode), which will be leveraged
in both vboot flow and elog_add_boot_reason in coreboot.
In current steps of deciding bootmode, a function vb2ex_ec_trusted
is required. This function checks gpio EC_IN_RW pin and will return
'trusted' only if EC is not in RW. Therefore, we need to implement
similar utilities in coreboot.
We will deprecate vb2ex_ec_trusted and use the flag,
VB2_CONTEXT_EC_TRUSTED, in vboot, vb2api_fw_phase1 and set that flag
in coreboot, verstage_main.
Also add a help function get_ec_is_trusted which needed to be
implemented per mainboard.
BUG=b:177196147, b:181931817
BRANCH=none
TEST=Test on trogdor if manual recovery works
Signed-off-by: Hsuan Ting Chen <roccochen@chromium.org>
Change-Id: I479c8f80e45cc524ba87db4293d19b29bdfa2192
Reviewed-on: https://review.coreboot.org/c/coreboot/+/57048
Reviewed-by: Yu-Ping Wu <yupingso@google.com>
Reviewed-by: Tim Wawrzynczak <twawrzynczak@chromium.org>
Tested-by: build bot (Jenkins) <no-reply@coreboot.org>
Currently, check_boot_mode is called after vb2api_fw_phase1, which
makes verstage_main exit before reaching check_boot_mode if recovery
mode is manually requested. Thus, recovery mode isn't able to test
whether VB2_CONTEXT_EC_TRUSTED is set or not.
This patch makes verstage_main call check_boot_mode before
vb2api_fw_phase1 to fix the issue.
BUG=b:180927027, b:187871195
BRANCH=none
TEST=build
Change-Id: If8524d1513b13fd79320a116a83f6729a820f61f
Signed-off-by: Daisuke Nojiri <dnojiri@chromium.org>
Reviewed-on: https://review.coreboot.org/c/coreboot/+/57623
Tested-by: build bot (Jenkins) <no-reply@coreboot.org>
Reviewed-by: Julius Werner <jwerner@chromium.org>
It can be nice to update the TPM firmware without having to clear the
TPM owner. However, in order to do so would require platformHierarchy
to be enabled which would leave the kernel antirollback space a bit
vulnerable. To protect the kernel antirollback space from being written
to by the OS, we can use the WriteLock command. In order to do so we
need to add the WRITE_STCLEAR TPM attribute.
This commit adds the WRITE_STCLEAR TPM attribute to the rw antirollback
spaces. This includes the kernel antirollback space along with the MRC
space. When an STCLEAR attribute is set, this indicates that the TPM
object will need to be reloaded after any TPM Startup (CLEAR).
BUG=b:186029006
BRANCH=None
TEST=Build and flash a chromebook with no kernel antirollback space set
up, boot to Chrome OS, run `tpm_manager_client get_space_info
--index=0x1007` and verify that the WRITE_STCLEAR attribute is present.
Signed-off-by: Aseda Aboagye <aaboagye@google.com>
Change-Id: I3181b4c18acd908e924ad858b677e891312423fe
Reviewed-on: https://review.coreboot.org/c/coreboot/+/56358
Reviewed-by: Julius Werner <jwerner@chromium.org>
Tested-by: build bot (Jenkins) <no-reply@coreboot.org>
Add Kconfig option for VBOOT_X86_SHA256_ACCELERATION, which will
use x86-sha extension for SHA256 instead of software implementation.
TEST=Able to call vb2ex_hwcrypto_digest_init() and perform SHA
using HW crypto engine.
Change-Id: Idc8be8711c69f4ebc489cd37cc3749c0b257c610
Signed-off-by: Subrata Banik <subrata.banik@intel.com>
Reviewed-on: https://review.coreboot.org/c/coreboot/+/55611
Tested-by: build bot (Jenkins) <no-reply@coreboot.org>
Reviewed-by: Julius Werner <jwerner@chromium.org>
We are not currently tracking how long it takes to load verstage. The
enum values already exist, they just weren't used.
BUG=b:179092979
TEST=Dump timestamps
501:starting to load verstage 2,280,656 (1)
502:finished loading verstage 2,340,845 (60,189)
Signed-off-by: Raul E Rangel <rrangel@chromium.org>
Change-Id: I2cde58cb8aa796829a4e054e6925e2394973484b
Reviewed-on: https://review.coreboot.org/c/coreboot/+/55370
Tested-by: build bot (Jenkins) <no-reply@coreboot.org>
Reviewed-by: Julius Werner <jwerner@chromium.org>
Reviewed-by: Angel Pons <th3fanbus@gmail.com>
This commit adds support for the Chrome OS Zero-Touch Enrollment related
spaces. For TPM 2.0 devices which don't use Cr50, coreboot will define
the RMA+SN Bits, Board ID, and RMA Bytes counter spaces.
The RMA+SN Bits space is 16 bytes initialized to all 0xFFs.
The Board ID space is 12 bytes initialized to all 0xFFs.
The RMA Bytes counter space is 8 bytes intialized to 0.
BUG=b:184676425
BRANCH=None
TEST=Build and flash lalala, verify that the ZTE spaces are created
successfully by undefining the firmware antirollback space in the TPM
such that the TPM undergoes factory initialization in coreboot. Reboot
the DUT. Boot to CrOS and run `tpm_manager_client list_spaces` and
verify that the ZTE spaces are listed. Run `tpm_manager_client
read_space` with the various indices and verify that the sizes and
initial values of the spaces are correct.
TEST=Attempt to undefine the ZTE spaces and verify that it fails due to
the unsatisfiable policy.
Signed-off-by: Aseda Aboagye <aaboagye@google.com>
Change-Id: I97e3ae7e18fc9ee9a02afadbbafeb226b41af0eb
Reviewed-on: https://review.coreboot.org/c/coreboot/+/55242
Reviewed-by: Julius Werner <jwerner@chromium.org>
Tested-by: build bot (Jenkins) <no-reply@coreboot.org>
This patch assings 2 to EC_EFS_BOOT_MODE_TRUSTED_RO to make coreboot
set VB2_CONTEXT_EC_TRUSTED when the GSC reports TRUSTED_RO.
Old GSC doesn't use 2. So, the new BIOS won't mistakenly set
VB2_CONTEXT_EC_TRUSTED.
BUG=b:180927027, b:187871195
BRANCH=none
TEST=build
Change-Id: I11a09d0035a4bd59f80018c647ca17e3318be81e
Signed-off-by: Daisuke Nojiri <dnojiri@chromium.org>
Reviewed-on: https://review.coreboot.org/c/coreboot/+/55373
Reviewed-by: Julius Werner <jwerner@chromium.org>
Tested-by: build bot (Jenkins) <no-reply@coreboot.org>
This patch makes coreboot set VB2_CONTEXT_EC_TRUSTED based on the EC"s
boot mode. Vboot will check VB2_CONTEXT_EC_TRUSTED to determine
whether it can enter recovery mode or not.
BUG=b:180927027, b:187871195
BRANCH=none
TEST=build
Signed-off-by: Daisuke Nojiri <dnojiri@chromium.org>
Change-Id: I9fa09dd7ae5baa1efb4e1ed4f0fe9a6803167c93
Reviewed-on: https://review.coreboot.org/c/coreboot/+/54099
Tested-by: build bot (Jenkins) <no-reply@coreboot.org>
Reviewed-by: Julius Werner <jwerner@chromium.org>
Reviewed-by: Furquan Shaikh <furquan@google.com>
The new kernel secdata v1 stores the last read EC hash, and reboots the
device during EC software sync when that hash didn't match the currently
active hash on the EC (this is used with TPM_CR50 to support EC-EFS2 and
pretty much a no-op for other devices). Generally, of course the whole
point of secdata is always that it persists across reboots, but with
MOCK_SECDATA we can't do that. Previously we always happened to somewhat
get away with presenting freshly-reinitialized data for MOCK_SECDATA on
every boot, but with the EC hash feature in secdata v1, that would cause
a reboot loop. The simplest solution is to just pretend we're a secdata
v0 device when using MOCK_SECDATA.
This was encountered on using a firmware built with MOCK_SECDATA but had
EC software sync enabled.
BUG=b:187843114
BRANCH=None
TEST=`USE=mocktpm cros build-ap -b keeby`; Flash keeby device, verify
that DUT does not continuously reboot with EC software sync enabled.
Signed-off-by: Aseda Aboagye <aaboagye@google.com>
Change-Id: Id8e81afcddadf27d9eec274f7f85ff1520315aaa
Reviewed-on: https://review.coreboot.org/c/coreboot/+/54304
Tested-by: build bot (Jenkins) <no-reply@coreboot.org>
Reviewed-by: Julius Werner <jwerner@chromium.org>
