From 8c6528caa1a2abcd30bbb0c4fdb4663dc70cb7d4 Mon Sep 17 00:00:00 2001 From: Youness Alaoui Date: Thu, 22 Feb 2018 20:56:04 -0500 Subject: [PATCH 9/9] Add heads TPM measurements to Skylake/Kabylake --- src/drivers/intel/fsp2_0/memory_init.c | 20 +++++++++++++++++--- 1 file changed, 17 insertions(+), 3 deletions(-) diff --git a/src/drivers/intel/fsp2_0/memory_init.c b/src/drivers/intel/fsp2_0/memory_init.c index 575f277466..4160b997a4 100644 --- a/src/drivers/intel/fsp2_0/memory_init.c +++ b/src/drivers/intel/fsp2_0/memory_init.c @@ -33,6 +33,7 @@ #include #include #include +#include #include #include @@ -150,12 +151,14 @@ static void do_fsp_post_memory_init(bool s3wake, uint32_t fsp_version) /* * Initialize the TPM, unless the TPM was already initialized - * in verstage and used to verify romstage. + * in verstage and used to verify romstage, or for measured boot. */ if (IS_ENABLED(CONFIG_LPC_TPM) && - (!IS_ENABLED(CONFIG_RESUME_PATH_SAME_AS_BOOT) || - !IS_ENABLED(CONFIG_VBOOT_STARTS_IN_BOOTBLOCK))) + (!IS_ENABLED(CONFIG_RESUME_PATH_SAME_AS_BOOT) || + !IS_ENABLED(CONFIG_VBOOT_STARTS_IN_BOOTBLOCK)) && + !IS_ENABLED(CONFIG_MEASURED_BOOT)) init_tpm(s3wake); + printk(BIOS_DEBUG, "%s: romstage complete\n", __FILE__); } static int mrc_cache_verify_tpm_hash(const uint8_t *data, size_t size) @@ -484,6 +487,17 @@ void fsp_memory_init(bool s3wake) if (status != CB_SUCCESS) die("Loading FSPM failed!\n"); + if (IS_ENABLED(CONFIG_MEASURED_BOOT) && IS_ENABLED(CONFIG_LPC_TPM)) { + // we don't know if we are coming out of a resume + // at this point, but want to setup the tpm ASAP + init_tpm(0); + tlcl_lib_init(); + const void * const bootblock = (const void*) 0xFFFFF800; + const unsigned bootblock_size = 0x800; + tlcl_measure(0, bootblock, bootblock_size); + + tlcl_measure(1, _romstage, _eromstage - _romstage); + } /* Signal that FSP component has been loaded. */ prog_segment_loaded(hdr.image_base, hdr.image_size, SEG_FINAL); -- 2.14.3