summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorRaul E Rangel <rrangel@chromium.org>2018-05-11 11:08:07 -0600
committerPhilipp Deppenwiese <zaolin.daisuki@gmail.com>2018-05-13 10:08:42 +0000
commit4c518e18e358d927b1f9080c016c988a67dc4500 (patch)
tree8e2e07201b6e2b57a7462bbcf4ed02c7ee3895a9
parent38686f15dd57745e24f100797db33a84e65f7ec7 (diff)
downloadcoreboot-4c518e18e358d927b1f9080c016c988a67dc4500.tar.xz
timestamp: Add timestamps for TPM communication
On grunt these operations combined take a little over 37ms. BUG=b:64549506 TEST=built on grunt 511:starting TPM PCR extend 301,268 (598) 512:finished TPM PCR extend 326,710 (25,442) 513:starting locking TPM 326,716 (6) 514:finished locking TPM 339,517 (12,801) Change-Id: I05cfb3d0f8463f073e329a035484a340546649e1 Signed-off-by: Raul E Rangel <rrangel@chromium.org> Reviewed-on: https://review.coreboot.org/26218 Reviewed-by: Paul Menzel <paulepanter@users.sourceforge.net> Reviewed-by: Philipp Deppenwiese <zaolin.daisuki@gmail.com> Reviewed-by: Aaron Durbin <adurbin@chromium.org> Tested-by: build bot (Jenkins) <no-reply@coreboot.org>
-rw-r--r--src/commonlib/include/commonlib/timestamp_serialized.h8
-rw-r--r--src/security/vboot/vboot_logic.c5
2 files changed, 13 insertions, 0 deletions
diff --git a/src/commonlib/include/commonlib/timestamp_serialized.h b/src/commonlib/include/commonlib/timestamp_serialized.h
index 42b55bca72..304e43fab9 100644
--- a/src/commonlib/include/commonlib/timestamp_serialized.h
+++ b/src/commonlib/include/commonlib/timestamp_serialized.h
@@ -76,6 +76,10 @@ enum timestamp_id {
TS_DONE_LOADING = 508,
TS_DONE_HASHING = 509,
TS_END_HASH_BODY = 510,
+ TS_START_TPMPCR = 511,
+ TS_END_TPMPCR = 512,
+ TS_START_TPMLOCK = 513,
+ TS_END_TPMLOCK = 514,
TS_START_COPYVPD = 550,
TS_END_COPYVPD_RO = 551,
TS_END_COPYVPD_RW = 552,
@@ -190,6 +194,10 @@ static const struct timestamp_id_to_name {
{ TS_DONE_LOADING, "finished loading body (ignore for x86)" },
{ TS_DONE_HASHING, "finished calculating body hash (SHA2)" },
{ TS_END_HASH_BODY, "finished verifying body signature (RSA)" },
+ { TS_START_TPMPCR, "starting TPM PCR extend" },
+ { TS_END_TPMPCR, "finished TPM PCR extend" },
+ { TS_START_TPMLOCK, "starting locking TPM" },
+ { TS_END_TPMLOCK, "finished locking TPM" },
{ TS_START_COPYVPD, "starting to load Chrome OS VPD" },
{ TS_END_COPYVPD_RO, "finished loading Chrome OS VPD (RO)" },
diff --git a/src/security/vboot/vboot_logic.c b/src/security/vboot/vboot_logic.c
index 9221a12ca2..2600f84945 100644
--- a/src/security/vboot/vboot_logic.c
+++ b/src/security/vboot/vboot_logic.c
@@ -403,6 +403,7 @@ void verstage_main(void)
vboot_reboot();
}
+ timestamp_add_now(TS_START_TPMPCR);
rv = extend_pcrs(&ctx);
if (rv) {
printk(BIOS_WARNING, "Failed to extend TPM PCRs (%#x)\n", rv);
@@ -410,8 +411,11 @@ void verstage_main(void)
save_if_needed(&ctx);
vboot_reboot();
}
+ timestamp_add_now(TS_END_TPMPCR);
/* Lock TPM */
+
+ timestamp_add_now(TS_START_TPMLOCK);
rv = antirollback_lock_space_firmware();
if (rv) {
printk(BIOS_INFO, "Failed to lock TPM (%x)\n", rv);
@@ -419,6 +423,7 @@ void verstage_main(void)
save_if_needed(&ctx);
vboot_reboot();
}
+ timestamp_add_now(TS_END_TPMLOCK);
/* Lock rec hash space if available. */
if (IS_ENABLED(CONFIG_VBOOT_HAS_REC_HASH_SPACE)) {