security/tpm: Fix TPM 1.2 state machine issues

* Fix ACPI resume path compilation for TPM ramstage
  driver
* Move enabling of the TPM prior activation and remove
  reboot return status from TPM enable.

More information can be found via the TCG
specification v1.2

Tested=Elgon

Change-Id: Ided110e0c1889b302e29acac6d8d2341f97eb10b
Signed-off-by: Philipp Deppenwiese <zaolin@das-labor.org>
Reviewed-on: https://review.coreboot.org/28085
Reviewed-by: Patrick Rudolph <patrick.rudolph@9elements.com>
Reviewed-by: Philipp Deppenwiese <zaolin.daisuki@gmail.com>
Tested-by: build bot (Jenkins) <no-reply@coreboot.org>

src/drivers/tpm/tpm.c

@@ -18,16 +18,18 @@
 #include <bootstate.h>
 #include <security/tpm/tspi.h>
 
-#if IS_ENABLED(CONFIG_ARCH_X86)
+#if IS_ENABLED(CONFIG_HAVE_ACPI_RESUME)
 #include <arch/acpi.h>
 #endif
 
 static void init_tpm_dev(void *unused)
 {
-#if IS_ENABLED(CONFIG_ARCH_X86)
+#if IS_ENABLED(CONFIG_HAVE_ACPI_RESUME)
 	int s3resume = acpi_is_wakeup_s3();
 	tpm_setup(s3resume);
 #else
+	/* This can lead to PCR reset attacks but currently there
+	   is no generic way to detect resume on other platforms. */
 	tpm_setup(false);
 #endif
 }