diff options
Diffstat (limited to 'src/security')
-rw-r--r-- | src/security/intel/txt/common.c | 22 | ||||
-rw-r--r-- | src/security/intel/txt/ramstage.c | 23 |
2 files changed, 14 insertions, 31 deletions
diff --git a/src/security/intel/txt/common.c b/src/security/intel/txt/common.c index 4dd4ad3ddf..437c55edd8 100644 --- a/src/security/intel/txt/common.c +++ b/src/security/intel/txt/common.c @@ -215,25 +215,17 @@ static int validate_acm(const void *ptr) */ static void *intel_txt_prepare_bios_acm(struct region_device *acm, size_t *acm_len) { - struct cbfsf file; void *acm_data = NULL; if (!acm || !acm_len) return NULL; - if (cbfs_boot_locate(&file, CONFIG_INTEL_TXT_CBFS_BIOS_ACM, NULL)) { + acm_data = cbfs_map(CONFIG_INTEL_TXT_CBFS_BIOS_ACM, acm_len); + if (!acm_data) { printk(BIOS_ERR, "TEE-TXT: Couldn't locate BIOS ACM in CBFS.\n"); return NULL; } - cbfs_file_data(acm, &file); - acm_data = rdev_mmap_full(acm); - *acm_len = region_device_sz(acm); - if (!acm_data || *acm_len == 0) { - printk(BIOS_ERR, "TEE-TXT: Couldn't map BIOS ACM from CBFS.\n"); - return NULL; - } - /* * CPU enforces only 4KiB alignment. * Chapter A.1.1 @@ -241,7 +233,7 @@ static void *intel_txt_prepare_bios_acm(struct region_device *acm, size_t *acm_l */ if (!IS_ALIGNED((uintptr_t)acm_data, 4096)) { printk(BIOS_ERR, "TEE-TXT: BIOS ACM isn't mapped at page boundary.\n"); - rdev_munmap(acm, acm_data); + cbfs_unmap(acm_data); return NULL; } @@ -252,7 +244,7 @@ static void *intel_txt_prepare_bios_acm(struct region_device *acm, size_t *acm_l */ if (!IS_ALIGNED(*acm_len, 64)) { printk(BIOS_ERR, "TEE-TXT: BIOS ACM size isn't multiple of 64.\n"); - rdev_munmap(acm, acm_data); + cbfs_unmap(acm_data); return NULL; } @@ -262,7 +254,7 @@ static void *intel_txt_prepare_bios_acm(struct region_device *acm, size_t *acm_l */ if (!IS_ALIGNED((uintptr_t)acm_data, (1UL << log2_ceil(*acm_len)))) { printk(BIOS_ERR, "TEE-TXT: BIOS ACM isn't aligned to its size.\n"); - rdev_munmap(acm, acm_data); + cbfs_unmap(acm_data); return NULL; } @@ -273,7 +265,7 @@ static void *intel_txt_prepare_bios_acm(struct region_device *acm, size_t *acm_l */ if (popcnt(ALIGN_UP(*acm_len, 4096)) > get_var_mtrr_count()) { printk(BIOS_ERR, "TEE-TXT: Not enough MTRRs to cache this BIOS ACM's size.\n"); - rdev_munmap(acm, acm_data); + cbfs_unmap(acm_data); return NULL; } @@ -283,7 +275,7 @@ static void *intel_txt_prepare_bios_acm(struct region_device *acm, size_t *acm_l const int ret = validate_acm(acm_data); if (ret < 0) { printk(BIOS_ERR, "TEE-TXT: Validation of ACM failed with: %d\n", ret); - rdev_munmap(acm, acm_data); + cbfs_unmap(acm_data); return NULL; } diff --git a/src/security/intel/txt/ramstage.c b/src/security/intel/txt/ramstage.c index 3401aef336..c830f975a6 100644 --- a/src/security/intel/txt/ramstage.c +++ b/src/security/intel/txt/ramstage.c @@ -233,23 +233,14 @@ static void txt_initialize_heap(void) memset(sinit_base, 0, read64((void *)TXT_SINIT_SIZE)); } - struct cbfsf file; /* The following have been removed from BIOS Data Table in version 6 */ - if (!cbfs_boot_locate(&file, CONFIG_INTEL_TXT_CBFS_BIOS_POLICY, NULL)) { - struct region_device policy; - - cbfs_file_data(&policy, &file); - void *policy_data = rdev_mmap_full(&policy); - size_t policy_len = region_device_sz(&policy); - - if (policy_data && policy_len) { - /* Point to FIT Type 9 entry in flash */ - data.bdr.lcp_pd_base = (uintptr_t)policy_data; - data.bdr.lcp_pd_size = (uint64_t)policy_len; - rdev_munmap(&policy, policy_data); - } else { - printk(BIOS_ERR, "TEE-TXT: Couldn't map LCP PD Policy from CBFS.\n"); - } + size_t policy_len; + void *policy_data = cbfs_map(CONFIG_INTEL_TXT_CBFS_BIOS_POLICY, &policy_len); + if (policy_data) { + /* Point to FIT Type 9 entry in flash */ + data.bdr.lcp_pd_base = (uintptr_t)policy_data; + data.bdr.lcp_pd_size = (uint64_t)policy_len; + cbfs_unmap(policy_data); } else { printk(BIOS_ERR, "TEE-TXT: Couldn't locate LCP PD Policy in CBFS.\n"); } |