summaryrefslogtreecommitdiff
path: root/src/security
AgeCommit message (Collapse)Author
2020-09-21src/security: Drop unneeded empty linesElyes HAOUAS
Change-Id: Icb6057ac73fcc038981ef95a648420ac00b3c106 Signed-off-by: Elyes HAOUAS <ehaouas@noos.fr> Reviewed-on: https://review.coreboot.org/c/coreboot/+/44808 Tested-by: build bot (Jenkins) <no-reply@coreboot.org> Reviewed-by: Michael Niewöhner <foss@mniewoehner.de>
2020-09-21security/tpm/tss/tcg-2.0: add const to marshalling functionsCaveh Jalali
This adds the const qualifier to inputs of marshalling functions as they are intended to be read-only. Change-Id: I099bf46c928733aff2c1d1c134deec35da6309ba Signed-off-by: Caveh Jalali <caveh@chromium.org> Reviewed-on: https://review.coreboot.org/c/coreboot/+/45409 Tested-by: build bot (Jenkins) <no-reply@coreboot.org> Reviewed-by: Tim Wawrzynczak <twawrzynczak@chromium.org> Reviewed-by: Julius Werner <jwerner@chromium.org>
2020-08-30security/intel/txt/getsec.c: Do not check lock bitAngel Pons
This allows calling GETSEC[CAPABILITIES] during early init, when the MSR isn't locked yet. Change-Id: I2253b5f2c8401c9aed8e32671eef1727363d00cc Signed-off-by: Angel Pons <th3fanbus@gmail.com> Reviewed-on: https://review.coreboot.org/c/coreboot/+/44883 Tested-by: build bot (Jenkins) <no-reply@coreboot.org> Reviewed-by: Patrick Rudolph <siro@das-labor.org>
2020-08-30security/intel/txt: Add missing definitionsAngel Pons
Change-Id: I3ca585429df318c31c2ffd484ec91a7971f18f27 Signed-off-by: Angel Pons <th3fanbus@gmail.com> Reviewed-on: https://review.coreboot.org/c/coreboot/+/44882 Reviewed-by: Michael Niewöhner Reviewed-by: Patrick Rudolph <siro@das-labor.org> Tested-by: build bot (Jenkins) <no-reply@coreboot.org>
2020-08-20drivers/spi/tpm: Enable long cr50 ready pulses for Tiger Lake systemsJes Klinke
For Volteer (and future Tiger Lake boards) we can enable mode S0i3.4 only if we know that the Cr50 is generating 100us interrupt pulses. We have to do so, because the SoC is not guaranteed to detect pulses shorter than 100us in S0i3.4 substate. A new Kconfig setting CR50_USE_LONG_INTERRUPT_PULSES controls new code running in verstage, which will program a new Cr50 register, provided that Cr50 firmware is new enough to support the register. BUG=b:154333137 TEST=util/abuild/abuild -t GOOGLE_VOLTEER -c max -x Signed-off-by: Jes Bodi Klinke <jbk@chromium.org> Change-Id: If83188fd09fe69c2cda4ce1a8bf5b2efe1ca86da Reviewed-on: https://review.coreboot.org/c/coreboot/+/43741 Tested-by: build bot (Jenkins) <no-reply@coreboot.org> Reviewed-by: Furquan Shaikh <furquan@google.com> Reviewed-by: Julius Werner <jwerner@chromium.org>
2020-08-18src: Remove unused 'include <lib.h>'Elyes HAOUAS
Change-Id: Ic09fc4ff4ee5524d89366e28d1d22900dd0c5b4d Signed-off-by: Elyes HAOUAS <ehaouas@noos.fr> Reviewed-on: https://review.coreboot.org/c/coreboot/+/44100 Tested-by: build bot (Jenkins) <no-reply@coreboot.org> Reviewed-by: Patrick Georgi <pgeorgi@google.com>
2020-08-18src: Remove unused 'include <boot_device.h>'Elyes HAOUAS
Change-Id: I5589fdeade7f69995adf1c983ced13773472be74 Signed-off-by: Elyes HAOUAS <ehaouas@noos.fr> Reviewed-on: https://review.coreboot.org/c/coreboot/+/42349 Reviewed-by: Patrick Georgi <pgeorgi@google.com> Tested-by: build bot (Jenkins) <no-reply@coreboot.org>
2020-08-13security/vboot/Makefile.inc: Update regions-for-file functionSridhar Siricilla
This patch updates regions-for-file function in the security/vboot/Makefile.inc to support adding a CBFS file into required FMAP REGIONs in a flexible manner. The file that needs to be added to specific REGIONs, those regions list should be specified in the regions-for-file-{CBFS_FILE_TO_BE_ADDED} variable. For example, if a file foo.bin needs to be added in FW_MAIN_B and COREBOOT, then below code needs to be added in a Makefile.inc. regions-for-file-foo := FW_MAIN_B,COREBOOT cbfs-file-y := foo foo-file := foo.bin foo-type := raw TEST=Verified on hatch Signed-off-by: Sridhar Siricilla <sridhar.siricilla@intel.com> Change-Id: I1f5c22b3d9558ee3c5daa2781a115964f8d2d83b Reviewed-on: https://review.coreboot.org/c/coreboot/+/43766 Tested-by: build bot (Jenkins) <no-reply@coreboot.org> Reviewed-by: Tim Wawrzynczak <twawrzynczak@chromium.org>
2020-08-07security/intel/txt: Fix variable MTRR handlingAngel Pons
The MSR macros were treated as memory addresses and the loops had off-by-one errors. This resulted in a CPU exception before GETSEC, and another exception after GETSEC (once the first exception was fixed). Tested on Asrock B85M Pro4, ACM complains about the missing TPM and resets the platform. When the `getsec` instruction is commented-out, the board is able to boot normally, without any exceptions nor corruption. Change-Id: Ib5d23cf9885401f3ec69b0f14cea7bad77eee19a Signed-off-by: Angel Pons <th3fanbus@gmail.com> Reviewed-on: https://review.coreboot.org/c/coreboot/+/44183 Tested-by: build bot (Jenkins) <no-reply@coreboot.org> Reviewed-by: Philipp Deppenwiese <zaolin.daisuki@gmail.com>
2020-08-07security/intel/txt: Allow using CF9 reset, tooAngel Pons
Soften the hard dependency on SOC_INTEL_COMMON_BLOCK_SA by allowing CF9 resets to be used in place of global resets. If both types of reset are available, prefer a global reset. This preserves current behavior, and allows more platforms to use the TXT support code, such as Haswell. Change-Id: I034fa0b342135e7101c21646be8fd6b5d3252d9e Signed-off-by: Angel Pons <th3fanbus@gmail.com> Reviewed-on: https://review.coreboot.org/c/coreboot/+/44181 Tested-by: build bot (Jenkins) <no-reply@coreboot.org> Reviewed-by: Philipp Deppenwiese <zaolin.daisuki@gmail.com>
2020-08-06security/intel/txt: Avoid shifting by a negative valueJohn Zhao
Coverity detects an integer handling issue with BAD_SHIFT. The inline function log2_ceil(u32 x) { return (x == 0) ? -1 : log2(x * 2 - 1); } could return -1, which causes shifting by a negative amount value and has undefined behavior. Add sanity check for the acm_header->size to avoid shifting negative value. Found-by: Coverity CID 1431124 TEST=None Signed-off-by: John Zhao <john.zhao@intel.com> Change-Id: Ic687349b14917e39d2a8186968037ca2521c7cdc Reviewed-on: https://review.coreboot.org/c/coreboot/+/44186 Tested-by: build bot (Jenkins) <no-reply@coreboot.org> Reviewed-by: Tim Wawrzynczak <twawrzynczak@chromium.org> Reviewed-by: Angel Pons <th3fanbus@gmail.com>
2020-07-31security/intel/txt: Add Intel TXT supportPhilipp Deppenwiese
Add TXT ramstage driver: * Show startup errors * Check for TXT reset * Check for Secrets-in-memory * Add assembly for GETSEC instruction * Check platform state if GETSEC instruction is supported * Configure TXT memory regions * Lock TXT * Protect TSEG using DMA protected regions * Place SINIT ACM * Print information about ACMs Extend the `security_clear_dram_request()` function: * Clear all DRAM if secrets are in memory Add a config so that the code gets build-tested. Since BIOS and SINIT ACM binaries are not available, use the STM binary as a placeholder. Tested on OCP Wedge100s and Facebook Watson * Able to enter a Measured Launch Environment using SINIT ACM and TBOOT * Secrets in Memory bit is set on ungraceful shutdown * Memory is cleared after ungraceful shutdown Change-Id: Iaf4be7f016cc12d3971e1e1fe171e6665e44c284 Signed-off-by: Philipp Deppenwiese <zaolin@das-labor.org> Reviewed-on: https://review.coreboot.org/c/coreboot/+/37016 Tested-by: build bot (Jenkins) <no-reply@coreboot.org> Reviewed-by: Christian Walter <christian.walter@9elements.com>
2020-07-26src: Change BOOL CONFIG_ to CONFIG() in comments & stringsMartin Roth
The Kconfig lint tool checks for cases of the code using BOOL type Kconfig options directly instead of with CONFIG() and will print out warnings about it. It gets confused by these references in comments and strings. To fix it so that it can find the real issues, just update these as we would with real issues. Signed-off-by: Martin Roth <martin@coreboot.org> Change-Id: I5c37f0ee103721c97483d07a368c0b813e3f25c0 Reviewed-on: https://review.coreboot.org/c/coreboot/+/43824 Tested-by: build bot (Jenkins) <no-reply@coreboot.org> Reviewed-by: Aaron Durbin <adurbin@chromium.org> Reviewed-by: Angel Pons <th3fanbus@gmail.com>
2020-07-26src: Remove unused 'include <cbmem.h>'Elyes HAOUAS
Change-Id: Ib41341b42904dc3050a97b70966dde7e46057d6b Signed-off-by: Elyes HAOUAS <ehaouas@noos.fr> Reviewed-on: https://review.coreboot.org/c/coreboot/+/43362 Tested-by: build bot (Jenkins) <no-reply@coreboot.org> Reviewed-by: Angel Pons <th3fanbus@gmail.com>
2020-07-21security/intel/stm: Add missing <stdbool.h>Angel Pons
Jenkins does not build `config.stm` because the file name lacks the mainboard name. So, the code was not being build-tested, and it does not build because several files lacked the definition for `bool`. Add the missing #include directives. Renaming the config file so that Jenkins build-tests it is done in a follow-up. Change-Id: Idf012b7ace0648027ef6e901d821ca6682cee198 Signed-off-by: Angel Pons <th3fanbus@gmail.com> Reviewed-on: https://review.coreboot.org/c/coreboot/+/43622 Reviewed-by: Paul Menzel <paulepanter@users.sourceforge.net> Reviewed-by: HAOUAS Elyes <ehaouas@noos.fr> Reviewed-by: Eugene Myers <cedarhouse1@comcast.net> Tested-by: build bot (Jenkins) <no-reply@coreboot.org>
2020-07-15security/vboot: ensure that NVMEM is saved on every kernel space writeJett Rink
If the AP actually needs to write to the TPM, then it is important and the TPM should commit those changes to NVMEM immediately in case there is an unexpected power loss (e.g. from a USB-C port partner reset upon cold reboot request). BRANCH=none BUG=b:160913048 TEST=Verify that puff will no longer reboot loop when coreboot writes a new Hmir (Hash mirror) in the TPM Change-Id: I9597a55891d11bdf040d70f38b4c5a59c7888b8a Signed-off-by: Jett Rink <jettrink@chromium.org> Reviewed-on: https://review.coreboot.org/c/coreboot/+/43414 Reviewed-by: Angel Pons <th3fanbus@gmail.com> Tested-by: build bot (Jenkins) <no-reply@coreboot.org>
2020-07-14src: Remove unused 'include <cpu/x86/msr.h>'Elyes HAOUAS
Found using: diff <(git grep -l '#include <cpu/x86/msr.h>' -- src/) <(git grep -l 'IA32_EFER\|EFER_\|TSC_MSR\|IA32_\|FEATURE_CONTROL_LOCK_BIT\|FEATURE_ENABLE_VMX\|SMRR_ENABLE\|CPUID_\|SGX_GLOBAL_ENABLE\|PLATFORM_INFO_SET_TDP\|SMBASE_RO_MSR\|MCG_CTL_P\|MCA_BANKS_MASK\|FAST_STRINGS_ENABLE_BIT\|SPEED_STEP_ENABLE_BIT\|ENERGY_POLICY_\|SMRR_PHYSMASK_\|MCA_STATUS_\|VMX_BASIC_HI_DUAL_MONITOR\|MC0_ADDR\|MC0_MISC\|MC0_CTL_MASK\|msr_struct\|msrinit_struct\|soc_msr_read\|soc_msr_write\|rdmsr\|wrmsr\|mca_valid\|mca_over\|mca_uc\|mca_en\|mca_miscv\|mca_addrv\|mca_pcc\|mca_idv\|mca_cecc\|mca_uecc\|mca_defd\|mca_poison\|mca_sublink\|mca_err_code\|mca_err_extcode\|MCA_ERRCODE_\|MCA_BANK_\|MCA_ERRTYPE_\|mca_err_type\|msr_set_bit\|msr_t\|msrinit_t' -- src/) |grep '<' Change-Id: I45a41e77e5269969280e9f95cfc0effe7f117a40 Signed-off-by: Elyes HAOUAS <ehaouas@noos.fr> Reviewed-on: https://review.coreboot.org/c/coreboot/+/41969 Reviewed-by: Patrick Georgi <pgeorgi@google.com> Tested-by: build bot (Jenkins) <no-reply@coreboot.org>
2020-07-14src: Remove unused 'include <stdint.h>Elyes HAOUAS
Found using: diff <(git grep -l '#include <stdint.h>' -- src/) <(git grep -l 'int8_t\|int16_t\|int32_t\|int64_t\|intptr_t\|intmax_t\|s8\|u8\|s16\|u16\|s32\|u32\|s64\|u64\|INT8_MIN\|INT8_MAX\|INT16_MIN\|INT16_MAX\|INT32_MIN\|INT32_MAX\|INT64_MIN\|INT64_MAX\|INTMAX_MIN\|INTMAX_MAX' -- src/) |grep -v vendorcode |grep '<' Change-Id: I5e14bf4887c7d2644a64f4d58c6d8763eb74d2ed Signed-off-by: Elyes HAOUAS <ehaouas@noos.fr> Reviewed-on: https://review.coreboot.org/c/coreboot/+/41827 Reviewed-by: Patrick Georgi <pgeorgi@google.com> Tested-by: build bot (Jenkins) <no-reply@coreboot.org>
2020-07-09security/vboot/secdata_tpm.c: Drop dead codeAngel Pons
This code is not even being build-tested. Drop it before it grows moss. Change-Id: Ie01d65f80caf32a8318d5109ad48321661c5a87b Signed-off-by: Angel Pons <th3fanbus@gmail.com> Reviewed-on: https://review.coreboot.org/c/coreboot/+/43213 Reviewed-by: Julius Werner <jwerner@chromium.org> Reviewed-by: Michael Niewöhner Tested-by: build bot (Jenkins) <no-reply@coreboot.org>
2020-07-09security/tpm/tss/tcg-1.2/tss.c: Drop dead codeAngel Pons
This code is not even being build-tested. Drop it before it grows moss. Change-Id: Ifda2bbd87cd8ef5ec8e449d2c4d303be37b4d7c7 Signed-off-by: Angel Pons <th3fanbus@gmail.com> Reviewed-on: https://review.coreboot.org/c/coreboot/+/43212 Reviewed-by: Julius Werner <jwerner@chromium.org> Reviewed-by: Michael Niewöhner Tested-by: build bot (Jenkins) <no-reply@coreboot.org>
2020-07-08security/vboot: Allow files to go into only RW-A or RW-B regionMartin Roth
The AMD firmware package created by amdfwtool contains pointers to the various binaries and settings. This means that we need different copies of the package in each region. This change allows for the different files in each of the 3 vboot regions. BUG=b:158124527 TEST=Build trembyle; see the correct versions of the files getting built into the RW-A & RW-B regions. Signed-off-by: Martin Roth <martin@coreboot.org> Change-Id: I45ff69dbc2266a67e05597bbe721fbf95cf41777 Reviewed-on: https://review.coreboot.org/c/coreboot/+/42822 Tested-by: build bot (Jenkins) <no-reply@coreboot.org> Reviewed-by: Raul Rangel <rrangel@chromium.org>
2020-07-06arch/x86: Remove RELOCATABLE_RAMSTAGEKyösti Mälkki
We always have it, no need to support opting-out. For PLATFORM_HAS_DRAM_CLEAR there is a dependency of ramstage located inside CBMEM, which is only true with ARCH_X86. Change-Id: I5cbf4063c69571db92de2d321c14d30c272e8098 Signed-off-by: Kyösti Mälkki <kyosti.malkki@gmail.com> Reviewed-on: https://review.coreboot.org/c/coreboot/+/43014 Reviewed-by: Aaron Durbin <adurbin@chromium.org> Reviewed-by: Nico Huber <nico.h@gmx.de> Tested-by: build bot (Jenkins) <no-reply@coreboot.org>
2020-07-04drivers/pc80/tpm: Remove LPC_TPMKyösti Mälkki
Replace uses with MAINBOARD_HAS_LPC_TPM, if drivers/pc80/tpm is present in devicetree.cb it is necessary to always include the driver in the build. Change-Id: I9ab921ab70f7b527a52fbf5f775aa063d9a706ce Signed-off-by: Kyösti Mälkki <kyosti.malkki@gmail.com> Reviewed-on: https://review.coreboot.org/c/coreboot/+/41872 Tested-by: build bot (Jenkins) <no-reply@coreboot.org> Reviewed-by: Paul Menzel <paulepanter@users.sourceforge.net> Reviewed-by: Angel Pons <th3fanbus@gmail.com> Reviewed-by: Michael Niewöhner
2020-06-22lockdown: Add hint for how to check for lockdown support in boot logDaniel Gröber
Change-Id: Iaceb2e82f900e52efcce702486e18d0483665640 Signed-off-by: Daniel Gröber <dxld@darkboxed.org> Reviewed-on: https://review.coreboot.org/c/coreboot/+/41749 Reviewed-by: Patrick Rudolph <siro@das-labor.org> Reviewed-by: Paul Menzel <paulepanter@users.sourceforge.net> Tested-by: build bot (Jenkins) <no-reply@coreboot.org>
2020-06-22lockdown: Add Kconfigs for SPI media protection modeDaniel Gröber
SPI_WRITE_PROTECTION_REBOOT seems to be a Winbond thing, other vendors such as Macronix only support permanent protection but conditional on the WP# pin state. Change-Id: Iba7c1229c82c86e1303d74c7bc8f89662b5bb58c Signed-off-by: Daniel Gröber <dxld@darkboxed.org> Reviewed-on: https://review.coreboot.org/c/coreboot/+/41747 Reviewed-by: Paul Menzel <paulepanter@users.sourceforge.net> Reviewed-by: Patrick Rudolph <siro@das-labor.org> Tested-by: build bot (Jenkins) <no-reply@coreboot.org>
2020-06-19Kconfig: Escape variable to accommodate new Kconfig versionsPatrick Georgi
Kconfig 4.17 started using the $(..) syntax for environment variable expansion while we want to keep expansion to the build system. Older Kconfig versions (like ours) simply drop the escapes, not changing the behavior. While we could let Kconfig expand some of the variables, that only splits the handling in two places, making debugging harder and potentially messing with reproducible builds (e.g. when paths end up in configs), so escape them all. Change-Id: Ibc4087fdd76089352bd8dd0edb1351ec79ea4faa Signed-off-by: Patrick Georgi <pgeorgi@google.com> Reviewed-on: https://review.coreboot.org/c/coreboot/+/42481 Tested-by: build bot (Jenkins) <no-reply@coreboot.org> Reviewed-by: Werner Zeh <werner.zeh@siemens.com> Reviewed-by: Paul Menzel <paulepanter@users.sourceforge.net> Reviewed-by: Frans Hendriks <fhendriks@eltan.com> Reviewed-by: Wim Vervoorn <wvervoorn@eltan.com>
2020-06-17security/tpm: Change wording of variable namesDuncan Laurie
Change the name of these variables to 'allowlist'. Change-Id: I9d5553988a1c9972b8f1ebaeee20878b23a8aa9b Signed-off-by: Duncan Laurie <dlaurie@google.com> Reviewed-on: https://review.coreboot.org/c/coreboot/+/42316 Reviewed-by: Angel Pons <th3fanbus@gmail.com> Reviewed-by: Patrick Georgi <pgeorgi@google.com> Reviewed-by: Paul Menzel <paulepanter@users.sourceforge.net> Tested-by: build bot (Jenkins) <no-reply@coreboot.org>
2020-06-17treewide: Replace CONFIG(ARCH_xx) testsKyösti Mälkki
Once we support building stages for different architectures, such CONFIG(ARCH_xx) tests do not evaluate correctly anymore. Change-Id: I599995b3ed5c4dfd578c87067fe8bfc8c75b9d43 Signed-off-by: Kyösti Mälkki <kyosti.malkki@gmail.com> Reviewed-on: https://review.coreboot.org/c/coreboot/+/42183 Reviewed-by: Raul Rangel <rrangel@chromium.org> Reviewed-by: Furquan Shaikh <furquan@google.com> Reviewed-by: Angel Pons <th3fanbus@gmail.com> Reviewed-by: Aaron Durbin <adurbin@chromium.org> Tested-by: build bot (Jenkins) <no-reply@coreboot.org>
2020-06-15security/vboot: Add option to run verstage before bootblockMartin Roth
For AMD's family 17h, verstage can run as a userspace app in the PSP before the X86 is released. The flags for this have been made generic to support any other future systems that might run verstage before the main processor starts. Although an attempt has been made to make things somewhat generic, since this is the first and currently only chip to support verstage before bootblock, there are a number of options which might ultimately be needed which have currently been left out for simplicity. Examples of this are: - PCI is not currently supported - this is currently just a given instead of making a separate Kconfig option for it. - The PSP uses an ARM v7 processor, so that's the only processor that is getting updated for the verstage-before-bootblock option. BUG=b:158124527 TEST=Build with following patches Signed-off-by: Martin Roth <martin@coreboot.org> Change-Id: I4849777cb7ba9f90fe8428b82c21884d1e662b96 Reviewed-on: https://review.coreboot.org/c/coreboot/+/41814 Tested-by: build bot (Jenkins) <no-reply@coreboot.org> Reviewed-by: Raul Rangel <rrangel@chromium.org>
2020-06-02src: Remove unused 'include <fmap.h>'Elyes HAOUAS
Change-Id: I79eea0a00c2de54f82b372229381534707a295bb Signed-off-by: Elyes HAOUAS <ehaouas@noos.fr> Reviewed-on: https://review.coreboot.org/c/coreboot/+/41681 Reviewed-by: Angel Pons <th3fanbus@gmail.com> Reviewed-by: Aaron Durbin <adurbin@chromium.org> Tested-by: build bot (Jenkins) <no-reply@coreboot.org>
2020-06-02src: Remove redundant includesElyes HAOUAS
<types.h> is supposed to provide <commonlib/bsd/cb_err.h>, <stdbool.h>,<stdint.h> and <stddef.h>. So remove those includes each time when <types.h> is included. Change-Id: I886f02255099f3005852a2e6095b21ca86a940ed Signed-off-by: Elyes HAOUAS <ehaouas@noos.fr> Reviewed-on: https://review.coreboot.org/c/coreboot/+/41817 Tested-by: build bot (Jenkins) <no-reply@coreboot.org> Reviewed-by: Julius Werner <jwerner@chromium.org> Reviewed-by: Paul Menzel <paulepanter@users.sourceforge.net>
2020-06-02src: Remove unused 'include <symbols.h>'Elyes HAOUAS
Change-Id: Ica355292eeda9c386b49db97f021566d52943d40 Signed-off-by: Elyes HAOUAS <ehaouas@noos.fr> Reviewed-on: https://review.coreboot.org/c/coreboot/+/41673 Reviewed-by: Angel Pons <th3fanbus@gmail.com> Reviewed-by: Aaron Durbin <adurbin@chromium.org> Tested-by: build bot (Jenkins) <no-reply@coreboot.org>
2020-06-02lockdown: Fix missing spaces in boot logDaniel Gröber
Change-Id: I414703c53d356c6a69be515596c178997eed82e3 Signed-off-by: Daniel Gröber <dxld@darkboxed.org> Reviewed-on: https://review.coreboot.org/c/coreboot/+/41748 Reviewed-by: Arthur Heymans <arthur@aheymans.xyz> Reviewed-by: Paul Menzel <paulepanter@users.sourceforge.net> Tested-by: build bot (Jenkins) <no-reply@coreboot.org>
2020-05-26Remove MAYBE_STATIC_BSS and ENV_STAGE_HAS_BSS_SECTIONKyösti Mälkki
After removal of CAR_MIGRATION there are no more reasons to carry around ENV_STAGE_HAS_BSS_SECTION=n case. Replace 'MAYBE_STATIC_BSS' with 'static' and remove explicit zero-initializers. Change-Id: I14dd9f52da5b06f0116bd97496cf794e5e71bc37 Signed-off-by: Kyösti Mälkki <kyosti.malkki@gmail.com> Reviewed-on: https://review.coreboot.org/c/coreboot/+/40535 Tested-by: build bot (Jenkins) <no-reply@coreboot.org> Reviewed-by: Arthur Heymans <arthur@aheymans.xyz> Reviewed-by: Duncan Laurie <dlaurie@chromium.org> Reviewed-by: Julius Werner <jwerner@chromium.org> Reviewed-by: Furquan Shaikh <furquan@google.com>
2020-05-25security/tpm: Use SPDX identifiersJacob Garber
Also adjust a few comments to follow the style guide. Change-Id: I22001320f2ce1f0db348e0f7fabc5a65b50ba53e Signed-off-by: Jacob Garber <jgarber1@ualberta.ca> Reviewed-on: https://review.coreboot.org/c/coreboot/+/41600 Tested-by: build bot (Jenkins) <no-reply@coreboot.org> Reviewed-by: Angel Pons <th3fanbus@gmail.com>
2020-05-19security/tpm/tspi: Fix handling of white space delimited listharshit
The current implementation uses strcmp() without splitting the list and therefore returns false even when the string pointed to by 'name' is a part of 'whitelist'. The patch fixes this problem. Also, update help text of CONFIG_TPM_MEASURED_BOOT_RUNTIME_DATA to space delimited list to align it with the other lists we use. Change-Id: Ifd285162ea6e562a5bb18325a1b767ac2e4276f3 Signed-off-by: Harshit Sharma <harshitsharmajs@gmail.com> Reviewed-on: https://review.coreboot.org/c/coreboot/+/41280 Tested-by: build bot (Jenkins) <no-reply@coreboot.org> Reviewed-by: Nico Huber <nico.h@gmx.de> Reviewed-by: Werner Zeh <werner.zeh@siemens.com>
2020-05-18src: Remove unused 'include <string.h>'Elyes HAOUAS
Unused includes found using following commande: diff <(git grep -l '#include <string.h>' -- src/) <(git grep -l 'memcpy\|memmove\|memset\|memcmp\|memchr\|strdup\|strconcat\|strnlen\|strlen\|strchr\|strncpy\|strcpy\|strcmp\|strncmp\|strspn\|strcspn\|atol\|strrchr\|skip_atoi\|STRINGIFY' -- src/) |grep -v vendorcode |grep '<' Change-Id: Ibaeec213b6019dfa9c45e3424b38af0e094d0c51 Signed-off-by: Elyes HAOUAS <ehaouas@noos.fr> Reviewed-on: https://review.coreboot.org/c/coreboot/+/41242 Tested-by: build bot (Jenkins) <no-reply@coreboot.org> Reviewed-by: Wim Vervoorn <wvervoorn@eltan.com>
2020-05-18src: Remove unused 'include <lib.h>'Elyes HAOUAS
Change-Id: Iad5540e791075270453a136a058823c28647f93a Signed-off-by: Elyes HAOUAS <ehaouas@noos.fr> Reviewed-on: https://review.coreboot.org/c/coreboot/+/41245 Tested-by: build bot (Jenkins) <no-reply@coreboot.org> Reviewed-by: Frans Hendriks <fhendriks@eltan.com> Reviewed-by: Wim Vervoorn <wvervoorn@eltan.com>
2020-05-18src: Remove leading blank lines from SPDX headerElyes HAOUAS
Change-Id: I8a207e30a73d10fe67c0474ff11324ae99e2cec6 Signed-off-by: Elyes HAOUAS <ehaouas@noos.fr> Reviewed-on: https://review.coreboot.org/c/coreboot/+/41360 Reviewed-by: Wim Vervoorn <wvervoorn@eltan.com> Reviewed-by: Angel Pons <th3fanbus@gmail.com> Tested-by: build bot (Jenkins) <no-reply@coreboot.org>
2020-05-13src: Remove unused '#include <stddef.h>'Elyes HAOUAS
Unused includes found using following commande: diff <(git grep -l '#include <stddef.h>' -- src/) <(git grep -l 'size_t\|ssize_t\|wchar_t\|wint_t\|NULL\|DEVTREE_EARLY\|DEVTREE_CONST\ |MAYBE_STATIC_NONZERO\|MAYBE_STATIC_BSS\|zeroptr' -- src/)|grep '<' |grep -v vendor |grep -vF '.h' Change-Id: Ic54b1db995fe7c61b416fa5e1c4022238e4a6ad5 Signed-off-by: Elyes HAOUAS <ehaouas@noos.fr> Reviewed-on: https://review.coreboot.org/c/coreboot/+/41150 Reviewed-by: Patrick Georgi <pgeorgi@google.com> Tested-by: build bot (Jenkins) <no-reply@coreboot.org>
2020-05-13src: Remove unused '#include <stdint.h>'Elyes HAOUAS
unused includes of <stdin.h> found using following commande: diff <(git grep -l '#include <stdint.h>' -- src/) <(git grep -l 'int8_t\|uint8_t\|int16_t\|uint16_t\|int32_t\|uint32_t\|int64_t\| uint64_t\|intptr_t\|uintptr_t\|intmax_t\|uintmax_t\|s8\|u8\|s16\| u16\|s32\|u32\|s64\|u64\|INT8_MIN\|INT8_MAX\|UINT8_MAX\|INT16_MIN\ |INT16_MAX\|UINT16_MAX\|INT32_MIN\|INT32_MAX\|UINT32_MAX\|INT64_MIN\ |INT64_MAX\|UINT64_MAX\|INTMAX_MIN\|INTMAX_MAX\|UINTMAX_MAX' -- src/) |grep '<' |grep -v vendor |grep -vF '.h' Change-Id: Icb9b54c6abfb18d1e263665981968a4d7cccabeb Signed-off-by: Elyes HAOUAS <ehaouas@noos.fr> Reviewed-on: https://review.coreboot.org/c/coreboot/+/41148 Reviewed-by: Patrick Georgi <pgeorgi@google.com> Reviewed-by: Paul Menzel <paulepanter@users.sourceforge.net> Tested-by: build bot (Jenkins) <no-reply@coreboot.org>
2020-05-11treewide: Convert more license headers to SPDX stylePatrick Georgi
Change-Id: Ia3de79c7d71049da00ed108829eac6cb49ff3ed6 Signed-off-by: Patrick Georgi <pgeorgi@google.com> Reviewed-on: https://review.coreboot.org/c/coreboot/+/41205 Reviewed-by: HAOUAS Elyes <ehaouas@noos.fr> Tested-by: build bot (Jenkins) <no-reply@coreboot.org>
2020-05-11treewide: Remove "this file is part of" linesPatrick Georgi
Stefan thinks they don't add value. Command used: sed -i -e '/file is part of /d' $(git grep "file is part of " |egrep ":( */\*.*\*/\$|#|;#|-- | *\* )" | cut -d: -f1 |grep -v crossgcc |grep -v gcov | grep -v /elf.h |grep -v nvramtool) The exceptions are for: - crossgcc (patch file) - gcov (imported from gcc) - elf.h (imported from GNU's libc) - nvramtool (more complicated header) The removed lines are: - fmt.Fprintln(f, "/* This file is part of the coreboot project. */") -# This file is part of a set of unofficial pre-commit hooks available -/* This file is part of coreboot */ -# This file is part of msrtool. -/* This file is part of msrtool. */ - * This file is part of ncurses, designed to be appended after curses.h.in -/* This file is part of pgtblgen. */ - * This file is part of the coreboot project. - /* This file is part of the coreboot project. */ -# This file is part of the coreboot project. -# This file is part of the coreboot project. -## This file is part of the coreboot project. --- This file is part of the coreboot project. -/* This file is part of the coreboot project */ -/* This file is part of the coreboot project. */ -;## This file is part of the coreboot project. -# This file is part of the coreboot project. It originated in the - * This file is part of the coreinfo project. -## This file is part of the coreinfo project. - * This file is part of the depthcharge project. -/* This file is part of the depthcharge project. */ -/* This file is part of the ectool project. */ - * This file is part of the GNU C Library. - * This file is part of the libpayload project. -## This file is part of the libpayload project. -/* This file is part of the Linux kernel. */ -## This file is part of the superiotool project. -/* This file is part of the superiotool project */ -/* This file is part of uio_usbdebug */ Change-Id: I82d872b3b337388c93d5f5bf704e9ee9e53ab3a9 Signed-off-by: Patrick Georgi <pgeorgi@google.com> Reviewed-on: https://review.coreboot.org/c/coreboot/+/41194 Reviewed-by: HAOUAS Elyes <ehaouas@noos.fr> Tested-by: build bot (Jenkins) <no-reply@coreboot.org>
2020-05-09src/: Replace GPL boilerplate with SPDX headersPatrick Georgi
Used commands: perl -i -p0e 's|\/\*[\s*]*.*is free software[:;][\s*]*you[\s*]*can[\s*]*redistribute[\s*]*it[\s*]*and\/or[\s*]*modify[\s*]*it[\s*]*under[\s*]*the[\s*]*terms[\s*]*of[\s*]*the[\s*]*GNU[\s*]*General[\s*]*Public[\s*]*License[\s*]*as[\s*]*published[\s*]*by[\s*]*the[\s*]*Free[\s*]*Software[\s*]*Foundation[;,][\s*]*version[\s*]*2[\s*]*of[\s*]*the[\s*]*License.[\s*]*This[\s*]*program[\s*]*is[\s*]*distributed[\s*]*in[\s*]*the[\s*]*hope[\s*]*that[\s*]*it[\s*]*will[\s*]*be[\s*]*useful,[\s*]*but[\s*]*WITHOUT[\s*]*ANY[\s*]*WARRANTY;[\s*]*without[\s*]*even[\s*]*the[\s*]*implied[\s*]*warranty[\s*]*of[\s*]*MERCHANTABILITY[\s*]*or[\s*]*FITNESS[\s*]*FOR[\s*]*A[\s*]*PARTICULAR[\s*]*PURPOSE.[\s*]*See[\s*]*the[\s*]*GNU[\s*]*General[\s*]*Public[\s*]*License[\s*]*for[\s*]*more[\s*]*details.[\s*]*\*\/|/* SPDX-License-Identifier: GPL-2.0-only */|' $(cat filelist) perl -i -p0e 's|\/\*[\s*]*.*is[\s*]*free[\s*]*software[:;][\s*]*you[\s*]*can[\s*]*redistribute[\s*]*it[\s*]*and/or[\s*]*modify[\s*]*it[\s*]*under[\s*]*the[\s*]*terms[\s*]*of[\s*]*the[\s*]*GNU[\s*]*General[\s*]*Public[\s*]*License[\s*]*as[\s*]*published[\s*]*by[\s*]*the[\s*]*Free[\s*]*Software[\s*]*Foundation[;,][\s*]*either[\s*]*version[\s*]*2[\s*]*of[\s*]*the[\s*]*License,[\s*]*or[\s*]*.at[\s*]*your[\s*]*option.[\s*]*any[\s*]*later[\s*]*version.[\s*]*This[\s*]*program[\s*]*is[\s*]*distributed[\s*]*in[\s*]*the[\s*]*hope[\s*]*that[\s*]*it[\s*]*will[\s*]*be[\s*]*useful,[\s*]*but[\s*]*WITHOUT[\s*]*ANY[\s*]*WARRANTY;[\s*]*without[\s*]*even[\s*]*the[\s*]*implied[\s*]*warranty[\s*]*of[\s*]*MERCHANTABILITY[\s*]*or[\s*]*FITNESS[\s*]*FOR[\s*]*A[\s*]*PARTICULAR[\s*]*PURPOSE.[\s*]*See[\s*]*the[\s*]*GNU[\s*]*General[\s*]*Public[\s*]*License[\s*]*for[\s*]*more[\s*]*details.[\s*]*\*\/|/* SPDX-License-Identifier: GPL-2.0-or-later */|' $(cat filelist) perl -i -p0e 's|\/\*[\s*]*.*is[\s*#]*free[\s*#]*software[;:,][\s*#]*you[\s*#]*can[\s*#]*redistribute[\s*#]*it[\s*#]*and/or[\s*#]*modify[\s*#]*it[\s*#]*under[\s*#]*the[\s*#]*terms[\s*#]*of[\s*#]*the[\s*#]*GNU[\s*#]*General[\s*#]*Public[\s*#]*License[\s*#]*as[\s*#]*published[\s*#]*by[\s*#]*the[\s*#]*Free[\s*#]*Software[\s*#]*Foundation[;:,][\s*#]*either[\s*#]*version[\s*#]*3[\s*#]*of[\s*#]*the[\s*#]*License[;:,][\s*#]*or[\s*#]*.at[\s*#]*your[\s*#]*option.[\s*#]*any[\s*#]*later[\s*#]*version.[\s*#]*This[\s*#]*program[\s*#]*is[\s*#]*distributed[\s*#]*in[\s*#]*the[\s*#]*hope[\s*#]*that[\s*#]*it[\s*#]*will[\s*#]*be[\s*#]*useful[;:,][\s*#]*but[\s*#]*WITHOUT[\s*#]*ANY[\s*#]*WARRANTY[;:,][\s*#]*without[\s*#]*even[\s*#]*the[\s*#]*implied[\s*#]*warranty[\s*#]*of[\s*#]*MERCHANTABILITY[\s*#]*or[\s*#]*FITNESS[\s*#]*FOR[\s*#]*A[\s*#]*PARTICULAR[\s*#]*PURPOSE.[\s*#]*See[\s*#]*the[\s*#]*GNU[\s*#]*General[\s*#]*Public[\s*#]*License[\s*#]*for[\s*#]*more[\s*#]*details.[\s*]*\*\/|/* SPDX-License-Identifier: GPL-3.0-or-later */|' $(cat filelist) perl -i -p0e 's|(\#\#*)[\w]*.*is free software[:;][\#\s]*you[\#\s]*can[\#\s]*redistribute[\#\s]*it[\#\s]*and\/or[\#\s]*modify[\#\s]*it[\s\#]*under[\s \#]*the[\s\#]*terms[\s\#]*of[\s\#]*the[\s\#]*GNU[\s\#]*General[\s\#]*Public[\s\#]*License[\s\#]*as[\s\#]*published[\s\#]*by[\s\#]*the[\s\#]*Free[\s\#]*Software[\s\#]*Foundation[;,][\s\#]*version[\s\#]*2[\s\#]*of[\s\#]*the[\s\#]*License.*[\s\#]*This[\s\#]*program[\s\#]*is[\s\#]*distributed[\s\#]*in[\s\#]*the[\s\#]*hope[\s\#]*that[\s\#]*it[\s\#]*will[\#\s]*be[\#\s]*useful,[\#\s]*but[\#\s]*WITHOUT[\#\s]*ANY[\#\s]*WARRANTY;[\#\s]*without[\#\s]*even[\#\s]*the[\#\s]*implied[\#\s]*warranty[\#\s]*of[\#\s]*MERCHANTABILITY[\#\s]*or[\#\s]*FITNESS[\#\s]*FOR[\#\s]*A[\#\s]*PARTICULAR[\#\s]*PURPOSE.[\#\s]*See[\#\s]*the[\#\s]*GNU[\#\s]*General[\#\s]*Public[\#\s]*License[\#\s]*for[\#\s]*more[\#\s]*details.\s(#* *\n)*|\1 SPDX-License-Identifier: GPL-2.0-only\n\n|' $(cat filelist) perl -i -p0e 's|(\#\#*)[\w*]*.*is free software[:;][\s*]*you[\s*]*can[\s*]*redistribute[\s*]*it[\s*]*and\/or[\s*]*modify[\s*]*it[\s*]*under[\s*]*the[\s*]*terms[\s*]*of[\s*]*the[\s*]*GNU[\s*]*General[\s*]*Public[\s*]*License[\s*]*as[\s*]*published[\s*]*by[\s*]*the[\s*]*Free[\s*]*Software[\s*]*Foundation[;,][\s*]*version[\s*]*2[\s*]*of[\s*]*the[\s*]*License.[\s*]*This[\s*]*program[\s*]*is[\s*]*distributed[\s*]*in[\s*]*the[\s*]*hope[\s*]*that[\s*]*it[\s*]*will[\s*]*be[\s*]*useful,[\s*]*but[\s*]*WITHOUT[\s*]*ANY[\s*]*WARRANTY;[\s*]*without[\s*]*even[\s*]*the[\s*]*implied[\s*]*warranty[\s*]*of[\s*]*MERCHANTABILITY[\s*]*or[\s*]*FITNESS[\s*]*FOR[\s*]*A[\s*]*PARTICULAR[\s*]*PURPOSE.[\s*]*See[\s*]*the[\s*]*GNU[\s*]*General[\s*]*Public[\s*]*License[\s*]*for[\s*]*more[\s*]*details.\s(#* *\n)*|\1 SPDX-License-Identifier: GPL-2.0-only\n\n|' $(cat filelist) Change-Id: Ia01908544f4b92a2e06ea621eca548e582728280 Signed-off-by: Patrick Georgi <pgeorgi@google.com> Reviewed-on: https://review.coreboot.org/c/coreboot/+/41178 Reviewed-by: HAOUAS Elyes <ehaouas@noos.fr> Tested-by: build bot (Jenkins) <no-reply@coreboot.org>
2020-05-08security: tcg-2.0: Ignore data payload for errors, fix Cr50 boot modeJulius Werner
This patch improves the response buffer handling for TPM 2.0. Previously we would allow any command to return no payload, but if there was a payload we would always try to unmarshal it according to the normal success response. This was sort of relying on the fact that the TPM usually returns no additional data after the header for error responses, but in practice that is not always true. It also means that commands without a response payload accidentally work by default even though we did not explicitly add unmarshallig support for them, which seems undesirable. Adding explicit unmarshalling support for TPM2_SelfTest which was only supported through this loophole before. This patch changes the behavior to always accept any amount of payload data for error responses but not unmarshal any of it. None of our use cases actually care about payload data for errors, so it seems safer to not even try to interpret it. For success responses, on the other hand, we always require support for the command to be explicitly added. This fixes a problem with the Cr50 GET_BOOT_MODE command where an error response would only return the subcommand code but no data after that. Also add support for a second, slightly different NO_SUCH_COMMAND error code that was added in Cr50 recently. Signed-off-by: Julius Werner <jwerner@chromium.org> Change-Id: Ib85032d85482d5484180be6fd105f2467f393cd2 Reviewed-on: https://review.coreboot.org/c/coreboot/+/41100 Reviewed-by: Vadim Bendebury <vbendeb@chromium.org> Reviewed-by: Andrey Pronin <apronin@chromium.org> Tested-by: build bot (Jenkins) <no-reply@coreboot.org>
2020-05-08{security,soc}/*/Kconfig: Replace GPLv2 long form headers with SPDX headerElyes HAOUAS
Change-Id: Ie3721f6a93dacb8014f93aa86780d51a659a68df Signed-off-by: Elyes HAOUAS <ehaouas@noos.fr> Reviewed-on: https://review.coreboot.org/c/coreboot/+/41145 Tested-by: build bot (Jenkins) <no-reply@coreboot.org> Reviewed-by: Aaron Durbin <adurbin@chromium.org>
2020-05-08vboot: Provide declaration for verstage_mainboard_early_init()Furquan Shaikh
Similar to bootblock, provide declaration for verstage_mainboard_early_init() to support early mainboard initialization if verstage is run before bootblock. BUG=b:155824234 TEST=Verified that trembyle still builds Signed-off-by: Furquan Shaikh <furquan@google.com> Change-Id: I106213ecc1c44100f1f74071189518563ac08121 Reviewed-on: https://review.coreboot.org/c/coreboot/+/41137 Tested-by: build bot (Jenkins) <no-reply@coreboot.org> Reviewed-by: Aaron Durbin <adurbin@chromium.org>
2020-05-04security/vboot: Limit vboot verification code access to only verstageSridhar Siricilla
Make vboot verification code accessible in only verstage. Vboot verification code in vboot_logic.c is being used in verstage. Due to support function vboot_save_data(), so core functionality in vboot_logic.c is made available in romstage. The patch decouples the support function frm vboot_logic.c to limit itself to verstage. BUG=b:155544643 TEST=Verified on hatch Signed-off-by: Sridhar Siricilla <sridhar.siricilla@intel.com> Change-Id: Id1ede45c4dffe90afcef210eabaa657cf92a9335 Reviewed-on: https://review.coreboot.org/c/coreboot/+/40562 Tested-by: build bot (Jenkins) <no-reply@coreboot.org> Reviewed-by: Furquan Shaikh <furquan@google.com> Reviewed-by: Rizwan Qureshi <rizwan.qureshi@intel.com>
2020-05-02acpi: Move ACPI table support out of arch/x86 (3/5)Furquan Shaikh
This change moves all ACPI table support in coreboot currently living under arch/x86 into common code to make it architecture independent. ACPI table generation is not really tied to any architecture and hence it makes sense to move this to its own directory. In order to make it easier to review, this change is being split into multiple CLs. This is change 3/5 which basically is generated by running the following command: $ git grep -iIl "arch/acpi" | xargs sed -i 's/arch\/acpi/acpi\/acpi/g' BUG=b:155428745 Change-Id: I16b1c45d954d6440fb9db1d3710063a47b582eae Signed-off-by: Furquan Shaikh <furquan@google.com> Reviewed-on: https://review.coreboot.org/c/coreboot/+/40938 Tested-by: build bot (Jenkins) <no-reply@coreboot.org> Reviewed-by: HAOUAS Elyes <ehaouas@noos.fr>
2020-05-02intel/stm: Drop now unneeded `num_cpus` paramEugene D Myers
Suggested by Nico Huber in CB:38766 Change-Id: Ib8a340f17a12951bc6bc67e3093046575e7b0e46 Signed-off-by: Eugene D Myers <cedarhouse@comcast.net> Reviewed-on: https://review.coreboot.org/c/coreboot/+/40438 Tested-by: build bot (Jenkins) <no-reply@coreboot.org> Reviewed-by: Angel Pons <th3fanbus@gmail.com>