Commit graph

159 commits

Author SHA1 Message Date
Bill XIE
135a75826b drivers/pc80/tpm: Remove flag TPM_RDRESP_NEED_DELAY
After CB:76315, TPM_RDRESP_NEED_DELAY, whose historical mission has
ended, could be removed.

Signed-off-by: Bill XIE <persmule@hardenedlinux.org>
Change-Id: I51e046fb738d2ff7a23225739de62a1a7780bc1c
Reviewed-on: https://review.coreboot.org/c/coreboot/+/84717
Tested-by: build bot (Jenkins) <no-reply@coreboot.org>
Reviewed-by: Tim Crawford <tcrawford@system76.com>
2024-10-14 15:26:11 +00:00
Elyes Haouas
bdd03c20d5 tree: Use <stdio.h> for snprintf
<stdio.h> header is used for input/output operations (such as printf,
scanf, fopen, etc.). Although some input/output functions can manipulate
strings, they do not need to directly include <string.h> because they
are declared independently.

Change-Id: Ibe2a4ff6f68843a6d99cfdfe182cf2dd922802aa
Signed-off-by: Elyes Haouas <ehaouas@noos.fr>
Reviewed-on: https://review.coreboot.org/c/coreboot/+/82665
Reviewed-by: Yidi Lin <yidilin@google.com>
Tested-by: build bot (Jenkins) <no-reply@coreboot.org>
2024-05-29 10:33:54 +00:00
Tyler Wang
557aad1df9 cr50: Replace "cr50" to "GSC" in debug messages
The cr50.c file currently prints "cr50" in debug messages no
matter the system is using Cr50 or Ti50. This can be confusing
for developers.

This patch replaces "cr50" with "GSC" in debug messages. Using
"GSC" makes the messages more clear and easier to search via
`grep`.

BUG=none
TEST=Build and test on karis

Change-Id: I21f66cf8b608ca4e4dc82d7a55a851ec996c8bb3
Signed-off-by: Tyler Wang <tyler.wang@quanta.corp-partner.google.com>
Reviewed-on: https://review.coreboot.org/c/coreboot/+/82420
Reviewed-by: Eric Lai <ericllai@google.com>
Tested-by: build bot (Jenkins) <no-reply@coreboot.org>
Reviewed-by: Yu-Ping Wu <yupingso@google.com>
Reviewed-by: Jon Murphy <jpmurphy@google.com>
2024-05-17 12:50:28 +00:00
Naveen R. Iyer
93cbbbfc7f security/tpm/tspi/crtm.c: Fix space required before open brace error
Fix checkpatch error.

Change-Id: I890fcfa4ad7b7abe032248b435271514e8e264f3
Signed-off-by: Naveen R. Iyer <iyernaveenr@gmail.com>
Reviewed-on: https://review.coreboot.org/c/coreboot/+/82001
Reviewed-by: Felix Singer <service+coreboot-gerrit@felixsinger.de>
Tested-by: build bot (Jenkins) <no-reply@coreboot.org>
2024-04-21 03:39:12 +00:00
Sergii Dmytruk
3e5cefcc45 security/tpm: support compiling in multiple TPM drivers
Starting from here CONFIG_TPM1 and CONFIG_TPM2 are no longer mutually
exclusive.

Change-Id: I44c5a1d825afe414c2f5c2c90f4cfe41ba9bef5f
Ticket: https://ticket.coreboot.org/issues/433
Signed-off-by: Sergii Dmytruk <sergii.dmytruk@3mdeb.com>
Reviewed-on: https://review.coreboot.org/c/coreboot/+/69162
Reviewed-by: Julius Werner <jwerner@chromium.org>
Tested-by: build bot (Jenkins) <no-reply@coreboot.org>
2024-04-16 13:52:14 +00:00
Sergii Dmytruk
47e9e8cde1 security/tpm: replace CONFIG(TPMx) checks with runtime check
This prepares the code for enabling both CONFIG_TPM1 and CONFIG_TPM2
during compilation, in which case actual TPM family in use can be
determined at runtime.

In some places both compile-time and runtime checks are necessary.
Yet in places like probe functions runtime state checks don't make sense
as runtime state is defined by results of probing.

Change-Id: Id9cc25aad8d1d7bfad12b7a92059b1b3641bbfa9
Ticket: https://ticket.coreboot.org/issues/433
Signed-off-by: Sergii Dmytruk <sergii.dmytruk@3mdeb.com>
Reviewed-on: https://review.coreboot.org/c/coreboot/+/69161
Reviewed-by: Jérémy Compostella <jeremy.compostella@intel.com>
Reviewed-by: Julius Werner <jwerner@chromium.org>
Tested-by: build bot (Jenkins) <no-reply@coreboot.org>
2024-03-28 15:18:04 +00:00
Sergii Dmytruk
094a051732 security/tpm: resolve conflicts in TSS implementations
No functional changes.  Refactor code such that there won't be any
compiler or linker errors if TSS 1.2 and TSS 2.0 were both compiled
in.

One might want to support both TPM families for example if TPM is
pluggable, while currently one has to reflash firmware along with
switching TPM device.

Change-Id: Ia0ea5a917c46ada9fc3274f17240e12bca98db6a
Ticket: https://ticket.coreboot.org/issues/433
Signed-off-by: Sergii Dmytruk <sergii.dmytruk@3mdeb.com>
Reviewed-on: https://review.coreboot.org/c/coreboot/+/69160
Tested-by: build bot (Jenkins) <no-reply@coreboot.org>
Reviewed-by: Julius Werner <jwerner@chromium.org>
2024-03-28 15:16:19 +00:00
Sergii Dmytruk
febf9b9f24 security/tpm: make tis_probe() return tpm_family
Via an out parameter. This is needed to be able to dynamically pick TSS
implementation based on the information discovered on probing.

Change-Id: I5006e0cdfef76ff79ce9e1cf280fcd5515ae01b0
Ticket: https://ticket.coreboot.org/issues/433
Signed-off-by: Sergii Dmytruk <sergii.dmytruk@3mdeb.com>
Reviewed-on: https://review.coreboot.org/c/coreboot/+/69159
Reviewed-by: Martin L Roth <gaumless@gmail.com>
Reviewed-by: Jérémy Compostella <jeremy.compostella@intel.com>
Reviewed-by: Julius Werner <jwerner@chromium.org>
Reviewed-by: Christian Walter <christian.walter@9elements.com>
Tested-by: build bot (Jenkins) <no-reply@coreboot.org>
2024-03-28 15:12:32 +00:00
Sergii Dmytruk
7608699a9e drivers/pc80/tpm: probe for TPM family of a device
At the moment this is to handle the situation when device ID is the
same for TPM1 and TPM2 versions of a device.  Later this TPM family will
be returned to the caller.

Change-Id: I23b85e6da0e02999704f3ec30412db0bdce2dd8a
Ticket: https://ticket.coreboot.org/issues/433
Signed-off-by: Sergii Dmytruk <sergii.dmytruk@3mdeb.com>
Reviewed-on: https://review.coreboot.org/c/coreboot/+/76955
Tested-by: build bot (Jenkins) <no-reply@coreboot.org>
Reviewed-by: Julius Werner <jwerner@chromium.org>
2024-02-07 12:20:25 +00:00
Martin Roth
fd96da95c4 device, security: Rename Makefiles from .inc to .mk
The .inc suffix is confusing to various tools as it's not specific to
Makefiles. This means that editors don't recognize the files, and don't
open them with highlighting and any other specific editor functionality.

This issue is also seen in the release notes generation script where
Makefiles get renamed before running cloc.

Signed-off-by: Martin Roth <gaumless@gmail.com>
Change-Id: I41f8a9b5d1bdb647a915da1a5e95161b2e34df28
Reviewed-on: https://review.coreboot.org/c/coreboot/+/80082
Reviewed-by: Michael Niewöhner <foss@mniewoehner.de>
Reviewed-by: Maximilian Brune <maximilian.brune@9elements.com>
Reviewed-by: Felix Singer <service+coreboot-gerrit@felixsinger.de>
Tested-by: build bot (Jenkins) <no-reply@coreboot.org>
2024-01-24 10:13:21 +00:00
Yi Chou
0f910e7db9 vboot: Add firmware PCR support
To verify the boot chain, we will need to extend the PCR with the
firmware version. And the server will be able to attest the firmware
version of devices.

The "firmware version" here is the RW firmware anti-rollback version,
determined by the ChromeOS's signing infra, and will be verified in
vb2api_fw_phase3, by comparing it with the version stored in the TPM.
This version will be increased when there is critical vulnerability
in the RW firmware.

According to [1], PCRs 8-15 usage is defined by Static OS. Therefore
PCR_FW_VER is chosen to be within that range. Ideally the existing
PCR_BOOT_MODE and PCR_HWID should also be allocated in the same range,
but unfortunately it's too late to fix them. Because PCRs 11 and 13
have been used for other purposes in ChromeOS, here PCR_FW_VER is set
to 10.

[1] https://trustedcomputinggroup.org/wp-content/uploads/TCG_PCClient_PFP_r1p05_05_3feb20.pdf

BUG=b:248610274
TEST=Boot the device, and check the PCR 10
BRANCH=none

Signed-off-by: Yi Chou <yich@google.com>
Change-Id: I601ad31e8c893a8e9ae1a9cdd27193edce10ec61
Reviewed-on: https://review.coreboot.org/c/coreboot/+/79437
Reviewed-by: Julius Werner <jwerner@chromium.org>
Reviewed-by: Yu-Ping Wu <yupingso@google.com>
Tested-by: build bot (Jenkins) <no-reply@coreboot.org>
2024-01-04 14:30:33 +00:00
Subrata Banik
0f90c5d5f9 security/tpm: Retrieve factory configuration for device w/ Google TPM
This patch enables retrieval of factory configuration data from
Google TPM devices (both Cr50 and Ti50).

This patch utilizes vendor-specific command
TPM2_CR50_SUB_CMD_GET_FACTORY_CONFIG (68).

The factory config space is a 64-bit, one-time programmable.
For the unprovisioned one, the read will be 0x0.

BUG=b:317880956
TEST=Able to retrieve the factory config from google/screebo.

Change-Id: Ifd0e850770152a03aa46d7f8bbb76f7520a59081
Signed-off-by: Subrata Banik <subratabanik@google.com>
Reviewed-on: https://review.coreboot.org/c/coreboot/+/79736
Reviewed-by: Kapil Porwal <kapilporwal@google.com>
Tested-by: build bot (Jenkins) <no-reply@coreboot.org>
2023-12-31 03:18:42 +00:00
Sergii Dmytruk
963f7b9e5e security/tpm/: turn tis_{init,open} into tis_probe
init() was always followed by open() and after successful initialization
we only need send-receive function which is now returned by tis_probe()
on success, thus further reducing number of functions to export from
drivers.

This also removes check for opening TIS twice that seems to have no
value.

Change-Id: I52ad8d69d50d449f031c36b15bf70ef07986946c
Ticket: https://ticket.coreboot.org/issues/433
Signed-off-by: Sergii Dmytruk <sergii.dmytruk@3mdeb.com>
Reviewed-on: https://review.coreboot.org/c/coreboot/+/76954
Reviewed-by: Julius Werner <jwerner@chromium.org>
Tested-by: build bot (Jenkins) <no-reply@coreboot.org>
2023-11-13 14:17:38 +00:00
Arthur Heymans
b7cbb7c431 cbmem.h: Drop cbmem_possible_online in favor of ENV_HAS_CBMEM
The macro ENV_HAS_CBMEM achieves the same as this inline function.

Signed-off-by: Arthur Heymans <arthur@aheymans.xyz>
Change-Id: I6d65ca51c863abe2106f794398ddd7d7d9ac4b5e
Reviewed-on: https://review.coreboot.org/c/coreboot/+/77166
Reviewed-by: Yu-Ping Wu <yupingso@google.com>
Tested-by: build bot (Jenkins) <no-reply@coreboot.org>
Reviewed-by: Jakub Czapiga <czapiga@google.com>
2023-10-25 13:58:02 +00:00
Jon Murphy
3aa7bb0d32 security/tpm: Enable Hibernate on setup failure
Set default to enabled for hibernate on setup failure for all devices
using a Google EC.  This will have no impact on devices that don't
bring the GSC down on hibernate, but will provide a recovery path
for all devices that do.

BUG=b:296439237
TEST=Force error on Skyrim with custom build, boot normally with
normal build

Change-Id: I2d9e8f75b25fb6c530a333024c342bea871eb85d
Signed-off-by: Jon Murphy <jpmurphy@google.com>
Reviewed-on: https://review.coreboot.org/c/coreboot/+/78098
Reviewed-by: Karthik Ramasubramanian <kramasub@google.com>
Tested-by: build bot (Jenkins) <no-reply@coreboot.org>
2023-10-02 17:06:32 +00:00
Jon Murphy
a2f08aa5c4 drivers/tpm: Add tpm failure handling
Add additional failure mode logic for the TPM to enable an
automated recovery mode for GSC hangs.

BUG=b:296439237
TEST=Force the error by hard coding the return code and observe the
device entering hibernate.
BRANCH=None

Change-Id: Ieec7e9227d538130354dea8b772d0306cdda1237
Signed-off-by: Jon Murphy <jpmurphy@google.com>
Reviewed-on: https://review.coreboot.org/c/coreboot/+/77667
Reviewed-by: Eric Lai <eric_lai@quanta.corp-partner.google.com>
Reviewed-by: Julius Werner <jwerner@chromium.org>
Tested-by: build bot (Jenkins) <no-reply@coreboot.org>
2023-09-28 16:55:03 +00:00
Jon Murphy
d7b8dc9cf5 treewide: convert to tpm_result_t
Convert TPM functions to return TPM error codes(referred to as
tpm_result_t) values to match the TCG standard.

BUG=b:296439237
TEST=build and boot to Skyrim
BRANCH=None

Change-Id: Ifdf9ff6c2a1f9b938dbb04d245799391115eb6b1
Signed-off-by: Jon Murphy <jpmurphy@google.com>
Reviewed-on: https://review.coreboot.org/c/coreboot/+/77666
Reviewed-by: Raul Rangel <rrangel@chromium.org>
Reviewed-by: Matt DeVillier <matt.devillier@amd.corp-partner.google.com>
Tested-by: build bot (Jenkins) <no-reply@coreboot.org>
2023-09-28 16:54:37 +00:00
Jon Murphy
53fc667943 treewide: convert to %#x hex prints
Convert hex print values to use the %#x qualifier to print 0x{value}.

BUG=b:296439237
TEST=build and boot to Skyrim
BRANCH=None

Change-Id: I0d1ac4b920530635fb758c5165a6a99c11b414c8
Signed-off-by: Jon Murphy <jpmurphy@google.com>
Reviewed-on: https://review.coreboot.org/c/coreboot/+/78183
Reviewed-by: Raul Rangel <rrangel@chromium.org>
Reviewed-by: Karthik Ramasubramanian <kramasub@google.com>
Tested-by: build bot (Jenkins) <no-reply@coreboot.org>
2023-09-28 16:54:31 +00:00
Jon Murphy
056952ef14 treewide: Adopt TCG standard naming
Adopt TCG standard naming and definitions for TPM Return codes.

BUG=b:296439237
TEST=Build and boot to OS on skyrim
BRANCH=None

Change-Id: I60755723262ec205a4c134948b0250aac4974d35
Signed-off-by: Jon Murphy <jpmurphy@google.com>
Reviewed-on: https://review.coreboot.org/c/coreboot/+/77665
Reviewed-by: Julius Werner <jwerner@chromium.org>
Tested-by: build bot (Jenkins) <no-reply@coreboot.org>
2023-09-25 14:05:36 +00:00
Jon Murphy
cce6d13aa7 security/tpm: Remove unnecessary tss_common.h
Remove the unnecessary tss_common.h header from the repo.
tss_errors.h is a more appropriate place for the TPM_SUCCESS
value, and the other define is only used by tpm_common.c and
can be placed there.

BUG=b:296439237
TEST=Builds

Change-Id: I99cf90f244a75c1eeab5e9e1500e05c24ae0a8e5
Signed-off-by: Jon Murphy <jpmurphy@google.com>
Reviewed-on: https://review.coreboot.org/c/coreboot/+/78033
Reviewed-by: Tim Van Patten <timvp@google.com>
Tested-by: build bot (Jenkins) <no-reply@coreboot.org>
Reviewed-by: Julius Werner <jwerner@chromium.org>
2023-09-22 18:41:35 +00:00
Jon Murphy
2460481025 drivers/tpm: Make temp test value naming consistent
Make naming convention consistent across all functions return values.

BUG=b:296439237
TEST=Boot to OS on Skyrim
BRANCH=None

Change-Id: If86805b39048800276ab90b7687644ec2a0d4bee
Signed-off-by: Jon Murphy <jpmurphy@google.com>
Reviewed-on: https://review.coreboot.org/c/coreboot/+/77536
Reviewed-by: Yu-Ping Wu <yupingso@google.com>
Tested-by: build bot (Jenkins) <no-reply@coreboot.org>
Reviewed-by: Karthik Ramasubramanian <kramasub@google.com>
Reviewed-by: Eric Lai <eric_lai@quanta.corp-partner.google.com>
2023-09-18 16:20:09 +00:00
Derek Huang
c6f4738f98 vc/google/chromeos: Move clear_ec_ap_idle() to common code
Previously the clear_ec_ap_idle() is implemented in
cr50_enable_update.c and be called in the file. Move it to
common code so that it can be called in cse_board_reset.c

TEST=emerge-brask coreboot

Change-Id: I2dbe41b01e70f7259f75d967e6df694a3e0fac23
Signed-off-by: Derek Huang <derekhuang@google.com>
Reviewed-on: https://review.coreboot.org/c/coreboot/+/77631
Reviewed-by: Eric Lai <eric_lai@quanta.corp-partner.google.com>
Tested-by: build bot (Jenkins) <no-reply@coreboot.org>
Reviewed-by: Subrata Banik <subratabanik@google.com>
Reviewed-by: Reka Norman <rekanorman@chromium.org>
2023-09-14 01:53:22 +00:00
Martin Roth
f362bbd5c7 commonlib,console,nb,sb,security: Add SPDX licenses to Makefiles
To help identify the licenses of the various files contained in the
coreboot source, we've added SPDX headers to the top of all of the
.c and .h files. This extends that practice to Makefiles.

Any file in the coreboot project without a specific license is bound
to the license of the overall coreboot project, GPL Version 2.

This patch adds the GPL V2 license identifier to the top of all
makefiles in the commonlib, console, northbridge, security, and
southbridge directories that don't already have an SPDX license line
at the top.

Signed-off-by: Martin Roth <gaumless@gmail.com>
Change-Id: I02804a10d0b0355e41271a035613d9f3dfb122f8
Reviewed-on: https://review.coreboot.org/c/coreboot/+/68985
Tested-by: build bot (Jenkins) <no-reply@coreboot.org>
Reviewed-by: Felix Singer <service+coreboot-gerrit@felixsinger.de>
Reviewed-by: Elyes Haouas <ehaouas@noos.fr>
2023-08-14 15:14:45 +00:00
Elyes Haouas
16f08cfeaf security/tpm/tpm{1,2}_log_serialized.h: Use C99 flexible arrays
Use C99 flexible arrays instead of older style of one-element or
zero-length arrays.
It allows the compiler to generate errors when the flexible array does
not occur at the end in the structure.

Change-Id: I79e4b34fe682f5f21415cb93cf65394881173b34
Signed-off-by: Elyes Haouas <ehaouas@noos.fr>
Reviewed-on: https://review.coreboot.org/c/coreboot/+/76842
Reviewed-by: Felix Singer <service+coreboot-gerrit@felixsinger.de>
Tested-by: build bot (Jenkins) <no-reply@coreboot.org>
2023-08-01 12:41:14 +00:00
Jeremy Soller
f501128536 security/tpm: Respect CBMEM TPM log size
The preram TPM log was being copied to the end of the CBMEM TPM log no
matter what the size of the CBMEM TPM log was. Eventually, it would
overwrite anything else in CBMEM beyond the TPM log.

This can currently be reproduced by enabling TPM_MEASURED_BOOT and
performing multiple S3 suspends, as coreboot is incorrectly performing
TPM measurements on S3 resume.

Change-Id: If76299e68eb5ed2ed20c947be35cea46c51fcdec
Signed-off-by: Jeremy Soller <jeremy@system76.com>
Signed-off-by: Tim Crawford <tcrawford@system76.com>
Reviewed-on: https://review.coreboot.org/c/coreboot/+/73297
Reviewed-by: Martin L Roth <gaumless@gmail.com>
Tested-by: build bot (Jenkins) <no-reply@coreboot.org>
2023-07-18 14:58:34 +00:00
Grzegorz Bernacki
7758b47e3b drivers/tpm: Move tis_plat_irq_status to cr50 driver
tis_plat_irq_status() function is used only by Google TPM. It should
be moved to drivers/tpm/cr50.c. The name of the function was changed
to cr50_plat_irq_status().

BUG=b:277787305
TEST=Build all affected platforms

Change-Id: I78dc39f2c7b44232b06947d3dfe6afa52807ced8
Signed-off-by: Grzegorz Bernacki <bernacki@google.com>
Reviewed-on: https://review.coreboot.org/c/coreboot/+/75917
Reviewed-by: Yu-Ping Wu <yupingso@google.com>
Tested-by: build bot (Jenkins) <no-reply@coreboot.org>
Reviewed-by: Eric Lai <eric_lai@quanta.corp-partner.google.com>
Reviewed-by: Raul Rangel <rrangel@chromium.org>
2023-07-06 16:16:43 +00:00
lilacious
40cb3fe94d commonlib/console/post_code.h: Change post code prefix to POSTCODE
The prefix POSTCODE makes it clear that the macro is a post code.
Hence, replace related macros starting with POST to POSTCODE and
also replace every instance the macros are invoked with the new
name.

The files was changed by running the following bash script from the
top level directory.

  sed -i'' '30,${s/#define POST/#define POSTCODE/g;}' \
  src/commonlib/include/commonlib/console/post_codes.h;
  myArray=`grep -e "^#define POSTCODE_" \
  src/commonlib/include/commonlib/console/post_codes.h | \
  grep -v "POST_CODES_H" | tr '\t' ' ' | cut -d ' ' -f 2`;

  for str in ${myArray[@]}; do
    splitstr=`echo $str | cut -d '_' -f2-`
    grep -r POST_$splitstr src | \
    cut -d ':' -f 1 | xargs sed -i'' -e "s/POST_$splitstr/$str/g";
    grep -r "POST_$splitstr" util/cbfstool | \
    cut -d ':' -f 1 | xargs sed -i'' -e "s/POST_$splitstr/$str/g";
  done

Change-Id: I25db79fa15f032c08678f66d86c10c928b7de9b8
Signed-off-by: lilacious <yuchenhe126@gmail.com>
Reviewed-on: https://review.coreboot.org/c/coreboot/+/76043
Tested-by: build bot (Jenkins) <no-reply@coreboot.org>
Reviewed-by: Subrata Banik <subratabanik@google.com>
2023-06-23 15:06:04 +00:00
Sergii Dmytruk
4129c2614c security/tpm: make usage of PCRs configurable via Kconfig
At this moment, only GBB flags are moved from PCR-0 to PCR-1 when
vboot-compatibility is not enabled.

Change-Id: Ib3a192d902072f6f8d415c2952a36522b5bf09f9
Ticket: https://ticket.coreboot.org/issues/424
Signed-off-by: Sergii Dmytruk <sergii.dmytruk@3mdeb.com>
Reviewed-on: https://review.coreboot.org/c/coreboot/+/68750
Tested-by: build bot (Jenkins) <no-reply@coreboot.org>
Reviewed-by: Michał Żygowski <michal.zygowski@3mdeb.com>
2023-04-10 04:01:08 +00:00
Jeremy Soller
c77c7f0a7d security/tpm/tspi: Fix preram TPM log max entries
Pre-RAM TPM logs use a separate define for the max number of logs. This
one fits into the 2 KiB region assigned to TPM_LOG in the CAR linker
script.

Change-Id: Idda08a33c4a29fcb50085ca93487585dedf11012
Signed-off-by: Jeremy Soller <jeremy@system76.com>
Signed-off-by: Tim Crawford <tcrawford@system76.com>
Reviewed-on: https://review.coreboot.org/c/coreboot/+/73296
Tested-by: build bot (Jenkins) <no-reply@coreboot.org>
Reviewed-by: Matt DeVillier <matt.devillier@gmail.com>
Reviewed-by: Arthur Heymans <arthur@aheymans.xyz>
2023-03-22 19:26:37 +00:00
Sergii Dmytruk
53db677586 security/tpm: add TPM log format as per 2.0 spec
Used by default for all boards with TPM2 which don't specify log
format explicitly.

Change-Id: I0fac386bebab1b7104378ae3424957c6497e84e1
Ticket: https://ticket.coreboot.org/issues/422
Ticket: https://ticket.coreboot.org/issues/423
Signed-off-by: Michał Żygowski <michal.zygowski@3mdeb.com>
Signed-off-by: Sergii Dmytruk <sergii.dmytruk@3mdeb.com>
Reviewed-on: https://review.coreboot.org/c/coreboot/+/68748
Tested-by: build bot (Jenkins) <no-reply@coreboot.org>
Reviewed-by: Julius Werner <jwerner@chromium.org>
2023-03-04 02:01:48 +00:00
Sergii Dmytruk
4191dbf0c9 security/tpm: add TPM log format as per 1.2 spec
Used by default for all boards with TPM1 which don't specify log format
explicitly.

Ticket: https://ticket.coreboot.org/issues/423
Change-Id: I89720615a75573d44dd0a39ad3d7faa78f125843
Signed-off-by: Michał Żygowski <michal.zygowski@3mdeb.com>
Signed-off-by: Sergii Dmytruk <sergii.dmytruk@3mdeb.com>
Reviewed-on: https://review.coreboot.org/c/coreboot/+/68747
Tested-by: build bot (Jenkins) <no-reply@coreboot.org>
Reviewed-by: Julius Werner <jwerner@chromium.org>
2023-03-04 02:00:58 +00:00
Sergii Dmytruk
c807d55798 security/tpm/tspi/log.c: fix strncpy() usage
Change-Id: Ib24129829bef3764a8ba1e2c0d92bc42c5cfbc8d
Signed-off-by: Sergii Dmytruk <sergii.dmytruk@3mdeb.com>
Reviewed-on: https://review.coreboot.org/c/coreboot/+/69708
Tested-by: build bot (Jenkins) <no-reply@coreboot.org>
Reviewed-by: Julius Werner <jwerner@chromium.org>
2023-01-11 16:03:49 +00:00
Sergii Dmytruk
26203e7292 security/tpm: make tspi/crtm.c agnostic to log format
Change-Id: I3013bd5f29f1412fbe646dc74d8946704b750a66
Ticket: https://ticket.coreboot.org/issues/423
Signed-off-by: Sergii Dmytruk <sergii.dmytruk@3mdeb.com>
Reviewed-on: https://review.coreboot.org/c/coreboot/+/69445
Tested-by: build bot (Jenkins) <no-reply@coreboot.org>
Reviewed-by: Julius Werner <jwerner@chromium.org>
2023-01-11 16:03:22 +00:00
Sergii Dmytruk
2710df765b treewide: stop calling custom TPM log "TCPA"
TCPA usually refers to log described by TPM 1.2 specification.

Change-Id: I896bd94f18b34d6c4b280f58b011d704df3d4022
Ticket: https://ticket.coreboot.org/issues/423
Signed-off-by: Sergii Dmytruk <sergii.dmytruk@3mdeb.com>
Reviewed-on: https://review.coreboot.org/c/coreboot/+/69444
Tested-by: build bot (Jenkins) <no-reply@coreboot.org>
Reviewed-by: Julius Werner <jwerner@chromium.org>
2023-01-11 16:00:55 +00:00
Derek Huang
da3812208e chromeos/cr50_enable_update.c: Clear EC AP_IDLE flag
When AP boots up after Cr50 firmware update and reboot, AP finds
that Cr50 reset is required for Cr50 to pick the new firmware so
it trigger Cr50 reset and power off the system, AP expects system
will power on automatically after Cr50 reset. However this is not
the case for Chromebox, Chromebox EC set AP_IDLE flag when system
is shutting down, when AP_IDLE flag is set in EC, the system stays
at S5/G3 and wait for power button presssend. It cause an issue in
factory that the operator needs to press power button to power on
the DUT after Cr50 firmware update.

This patch sends EC command to direct EC to clear AP_IDLE flag
after AP shutdown so AP can boot up when Cr50 reset.

BUG=b:261119366
BRANCH=firmware-brya-14505.B
TEST=DUT boots up after Cr50 firmware update in factory test flow

Change-Id: If97ffbe65f4783f17f4747a87b0bf89a2b021a3b
Signed-off-by: Derek Huang <derekhuang@google.com>
Reviewed-on: https://review.coreboot.org/c/coreboot/+/70773
Reviewed-by: Subrata Banik <subratabanik@google.com>
Reviewed-by: Eric Lai <eric_lai@quanta.corp-partner.google.com>
Tested-by: build bot (Jenkins) <no-reply@coreboot.org>
2023-01-10 09:33:47 +00:00
Sergii Dmytruk
4ee03170e0 Revert "security/tpm/: turn tis_{init,open} into tis_probe"
This reverts commit d43154486d.

From CB:68991: This causes CraterLake boot up process to die.
Investigation in progress.

Change-Id: I4a6c11b0e638a891108fe230bdaea92d5fbca020
Signed-off-by: Sergii Dmytruk <sergii.dmytruk@3mdeb.com>
Reviewed-on: https://review.coreboot.org/c/coreboot/+/71205
Tested-by: build bot (Jenkins) <no-reply@coreboot.org>
Reviewed-by: Werner Zeh <werner.zeh@siemens.com>
Tested-by: siemens-bot
Reviewed-by: Felix Held <felix-coreboot@felixheld.de>
2022-12-23 21:31:11 +00:00
Elyes Haouas
a012136fc8 treewide: Remove duplicated includes
<types.h> provides <commonlib/bsd/cb_err.h>, <stdint.h> and <stddef.h>.

Change-Id: I966303336e604b1b945df77e5d4c3cccbf045c56
Signed-off-by: Elyes Haouas <ehaouas@noos.fr>
Reviewed-on: https://review.coreboot.org/c/coreboot/+/71149
Tested-by: build bot (Jenkins) <no-reply@coreboot.org>
Reviewed-by: Tarun Tuli <taruntuli@google.com>
Reviewed-by: Sridhar Siricilla <sridhar.siricilla@intel.com>
2022-12-21 21:33:40 +00:00
Sergii Dmytruk
d43154486d security/tpm/: turn tis_{init,open} into tis_probe
Init was always followed by open and after successful initialization we
need only send-receive function, which is now returned by tis_probe on
success further reducing number of functions to export from drivers.

Change-Id: Ib4ce35ada24e3959ea1a518c29d431b4ae123809
Ticket: https://ticket.coreboot.org/issues/433
Signed-off-by: Sergii Dmytruk <sergii.dmytruk@3mdeb.com>
Reviewed-on: https://review.coreboot.org/c/coreboot/+/68991
Reviewed-by: Julius Werner <jwerner@chromium.org>
Tested-by: build bot (Jenkins) <no-reply@coreboot.org>
2022-12-21 14:48:00 +00:00
Sergii Dmytruk
0a89d5237e security/tpm: remove tis_close()
This function was never called from outside of drivers and
src/drivers/pc80/tpm/tis.c was the only one doing it in a questionable
way.

tpm_vendor_cleanup() also isn't needed as one of tis_close() functions
was its only caller.

Change-Id: I9df76adfc21fca9fa1d1af7c40635ec0684ceb0f
Ticket: https://ticket.coreboot.org/issues/433
Signed-off-by: Sergii Dmytruk <sergii.dmytruk@3mdeb.com>
Reviewed-on: https://review.coreboot.org/c/coreboot/+/68989
Tested-by: build bot (Jenkins) <no-reply@coreboot.org>
Reviewed-by: Julius Werner <jwerner@chromium.org>
2022-12-05 14:46:43 +00:00
Elyes Haouas
b538d71e32 security: Remove unnecessary space after casts
Change-Id: Ibd41382d0e0ef58498ac925dc9e10b54a76a798a
Signed-off-by: Elyes Haouas <ehaouas@noos.fr>
Reviewed-on: https://review.coreboot.org/c/coreboot/+/69800
Reviewed-by: Yu-Ping Wu <yupingso@google.com>
Reviewed-by: Eric Lai <eric_lai@quanta.corp-partner.google.com>
Tested-by: build bot (Jenkins) <no-reply@coreboot.org>
2022-11-22 12:55:26 +00:00
Sergii Dmytruk
97fe17ff59 security/tpm: make log format configurable via Kconfig
This commit doesn't add any new format options, just makes selecting
existing format explicit.

Ticket: https://ticket.coreboot.org/issues/422
Change-Id: I3903aff54e01093bc9ea75862bbf5989cc6e6c55
Signed-off-by: Sergii Dmytruk <sergii.dmytruk@3mdeb.com>
Reviewed-on: https://review.coreboot.org/c/coreboot/+/68746
Tested-by: build bot (Jenkins) <no-reply@coreboot.org>
Reviewed-by: Michał Żygowski <michal.zygowski@3mdeb.com>
2022-11-19 15:11:09 +00:00
Sergii Dmytruk
7221a6cfc5 security/tpm: improve tlcl_extend() signature
Until now tcg-2.0/tss.c was just assuming certain buffer size and
hash algorithm. Change it to accept digest type, which the call sites
know.

Also drop `uint8_t *out_digest` parameter which was always `NULL`
and was handled only by tcg-1.2 code.

Change-Id: I944302b502e3424c5041b17c713a867b0fc535c4
Signed-off-by: Sergii Dmytruk <sergii.dmytruk@3mdeb.com>
Reviewed-on: https://review.coreboot.org/c/coreboot/+/68745
Reviewed-by: Julius Werner <jwerner@chromium.org>
Tested-by: build bot (Jenkins) <no-reply@coreboot.org>
Reviewed-by: Frans Hendriks <fhendriks@eltan.com>
2022-11-12 23:16:07 +00:00
Michał Żygowski
283e5876b5 drivers/crb: Add SMBIOS hook to generate type 43 TPM Device
Example for Alder Lake PTT:

Handle 0x004C, DMI type 43, 31 bytes
TPM Device
	Vendor ID: INTC
	Specification Version: 2.0
	Firmware Revision: 600.18
	Description: Intel iTPM
	Characteristics:
		TPM Device characteristics not supported
	OEM-specific Information: 0x00000000

TEST=Execute dmidecode and see the type 43 is populated with PTT
on MSI PRO Z690-A WIFI DDR4

Signed-off-by: Michał Żygowski <michal.zygowski@3mdeb.com>
Change-Id: I05289f98969bd431017aff1aa77be5806d6f1838
Reviewed-on: https://review.coreboot.org/c/coreboot/+/64049
Tested-by: build bot (Jenkins) <no-reply@coreboot.org>
Reviewed-by: Christian Walter <christian.walter@9elements.com>
2022-09-30 08:21:01 +00:00
Elyes Haouas
aebccac7e1 src/security: Use "if (!ptr)" in preference to "if (ptr == NULL)"
Signed-off-by: Elyes Haouas <ehaouas@noos.fr>
Change-Id: I3def65c016015d8213824e6b8561d8a67b6d5cf0
Reviewed-on: https://review.coreboot.org/c/coreboot/+/67579
Tested-by: build bot (Jenkins) <no-reply@coreboot.org>
Reviewed-by: Yu-Ping Wu <yupingso@google.com>
2022-09-15 13:02:33 +00:00
Julius Werner
d96ca24652 cbfs/vboot: Adapt to new vb2_digest API
CL:3825558 changes all vb2_digest and vb2_hash functions to take a new
hwcrypto_allowed argument, to potentially let them try to call the
vb2ex_hwcrypto API for hash calculation. This change will open hardware
crypto acceleration up to all hash calculations in coreboot (most
notably CBFS verification). As part of this change, the
vb2_digest_buffer() function has been removed, so replace existing
instances in coreboot with the newer vb2_hash_calculate() API.

Due to the circular dependency of these changes with vboot, this patch
also needs to update the vboot submodule:

Updating from commit id 18cb85b5:
    2load_kernel.c: Expose load kernel as vb2_api

to commit id b827ddb9:
    tests: Ensure auxfw sync runs after EC sync

This brings in 15 new commits.

Signed-off-by: Julius Werner <jwerner@chromium.org>
Change-Id: I287d8dac3c49ad7ea3e18a015874ce8d610ec67e
Reviewed-on: https://review.coreboot.org/c/coreboot/+/66561
Tested-by: build bot (Jenkins) <no-reply@coreboot.org>
Reviewed-by: Jakub Czapiga <jacz@semihalf.com>
2022-09-02 23:51:29 +00:00
Reka Norman
39564922a5 drivers/i2c/tpm: Remove TI50_FIRMWARE_VERSION_NOT_SUPPORTED
This workaround was added since reading the firmware version on Ti50
versions < 0.0.15 will cause the Ti50 to become unresponsive. No one is
using Ti50 this old anymore, so remove the workaround.

BUG=b:224650720,b:236911319
TEST=Boot to OS on nivviks with Ti50 0.22.4. Check the log contains the
firmware version:
[INFO ]  Firmware version: Ti50/D3C1 RO_B:0.0.26/- RW_B:0.22.4/ti50_common:v095c

Change-Id: I3628b799e436a80d0512dabd356c4b2566ed600a
Signed-off-by: Reka Norman <rekanorman@chromium.org>
Reviewed-on: https://review.coreboot.org/c/coreboot/+/67138
Tested-by: build bot (Jenkins) <no-reply@coreboot.org>
Reviewed-by: Kangheui Won <khwon@chromium.org>
Reviewed-by: Subrata Banik <subratabanik@google.com>
Reviewed-by: Kapil Porwal <kapilporwal@google.com>
2022-08-29 04:57:37 +00:00
Yu-Ping Wu
28f1729f15 tpm: Correct TI50_FIRMWARE_VERSION_NOT_SUPPORTED help text
Reading firmware_version register is supported on Ti50 version
0.22.4. Therefore correct the help text of the Kconfig option
TI50_FIRMWARE_VERSION_NOT_SUPPORTED.

Also change the message level to BIOS_WARNING.

BUG=b:234533588
TEST=emerge-corsola coreboot
BRANCH=none

Change-Id: I66a0ef896c9dc4cd0f586555a55dbcd1cfd863f9
Signed-off-by: Yu-Ping Wu <yupingso@chromium.org>
Reviewed-on: https://review.coreboot.org/c/coreboot/+/66906
Reviewed-by: Yidi Lin <yidilin@chromium.org>
Tested-by: build bot (Jenkins) <no-reply@coreboot.org>
Reviewed-by: Andrey Pronin <apronin@google.com>
Reviewed-by: Hung-Te Lin <hungte@chromium.org>
2022-08-21 15:01:19 +00:00
Yu-Ping Wu
ae1e702e7b drivers/tpm/cr50: Add TPM IRQ timeout Kconfig option
The current 10ms timeout for SPI TPM IRQ is not enough for platforms
using ti50 (such as corsola). Therefore, introduce a new Kconfig option
'GOOGLE_TPM_IRQ_TIMEOUT_MS'.

For platforms using cr50, we need to support legacy pre-ready-IRQ cr50
factory images during the initial boot, so the timeout remains 100ms for
I2C TPM and 10ms for SPI TPM. For all the other platforms using ti50,
the default timeout is increased to 750ms, as suggested by the ti50 team
(apronin@google.com).

BUG=b:232327704
TEST=emerge-corsola coreboot
BRANCH=none

Change-Id: I8dbb919e4a421a99a994913613a33738a49f5956
Signed-off-by: Yu-Ping Wu <yupingso@chromium.org>
Reviewed-on: https://review.coreboot.org/c/coreboot/+/64412
Tested-by: build bot (Jenkins) <no-reply@coreboot.org>
Reviewed-by: Hung-Te Lin <hungte@chromium.org>
Reviewed-by: Julius Werner <jwerner@chromium.org>
2022-06-08 00:28:27 +00:00
Julius Werner
0057262b38 cbfs: Rename TYPE_FIT to TYPE_FIT_PAYLOAD
There are too many "FIT" in firmware land. In order to reduce possible
confusion of CBFS_TYPE_FIT with the Intel Firmware Interface Table, this
patch renames it to CBFS_TYPE_FIT_PAYLOAD (including the cbfstool
argument, so calling scripts will now need to replace `-t fit` with `-t
fit_payload`).

Signed-off-by: Julius Werner <jwerner@chromium.org>
Change-Id: I826cefce54ade06c6612c8a7bb53e02092e7b11a
Reviewed-on: https://review.coreboot.org/c/coreboot/+/64735
Tested-by: build bot (Jenkins) <no-reply@coreboot.org>
Reviewed-by: Yu-Ping Wu <yupingso@google.com>
2022-06-01 19:45:08 +00:00
Werner Zeh
5c808e03e2 security/tpm/crtm: Add a function to measure the bootblock on SoC level
On platforms where the bootblock is not included in CBFS anymore
(because it is part of another firmware section (IFWI or a different
CBFS), the CRTM measurement fails.

This patch adds a new function to provide a way at SoC level to measure
the bootblock. Following patches will add functionality to retrieve the
bootblock from the SoC related location and measure it from there.
In this way the really executed code will be measured.

Change-Id: I6d0da1e95a9588eb5228f63151bb04bfccfcf04b
Signed-off-by: Werner Zeh <werner.zeh@siemens.com>
Reviewed-on: https://review.coreboot.org/c/coreboot/+/64492
Tested-by: build bot (Jenkins) <no-reply@coreboot.org>
Reviewed-by: Arthur Heymans <arthur@aheymans.xyz>
2022-05-24 13:44:28 +00:00