sravan/system76-coreboot
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

security/vboot: Introduce vbnv_platform_init_cmos()

Browse Source 
Most x86 platforms use CMOS as the vboot nvdata (VBNV) backend storage.
On some platforms such as AMD, certain CMOS registers must be configured
before accessing the CMOS RAM which contains VBNV. More precisely,
according to AMD's spec [1], the bit 4 of Register A of CMOS is bank
selection. Since VBNV is accessed via bank 0 (see the MC146818 driver),
the bit must be cleared before the VBNV can be successfully written to
CMOS. Saving VBNV to CMOS may fail in verstage, if CMOS has lost power.
In that case, all the CMOS registers would contain garbage data.
Therefore, for AMD platforms the bit must be cleared in verstage, prior
to the first save_vbnv_cmos() call.

Introduce vbnv_platform_init_cmos(), which is no-op by default, and can
be defined per platform. The function will be called from vbnv_init() if
VBOOT_VBNV_CMOS.

[1] 48751_16h_bkdg.pdf

BUG=b:346716300
TEST=none
BRANCH=skyrim

Change-Id: Ic899a827bd6bb8ab1473f8c6c03b9fde96ea6823
Signed-off-by: Yu-Ping Wu <yupingso@chromium.org>
Reviewed-on: https://review.coreboot.org/c/coreboot/+/83494
Reviewed-by: Bao Zheng <fishbaozi@gmail.com>
Reviewed-by: Karthik Ramasubramanian <kramasub@google.com>
Tested-by: build bot (Jenkins) <no-reply@coreboot.org>
This commit is contained in:
Yu-Ping Wu 2024-07-17 10:39:48 +08:00 committed by Yu-Ping Wu
parent 1b19d292db
commit c0540a3fc2
2 changed files with 8 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
src/security/vboot/vbnv.h
View File

@ -23,6 +23,8 @@ void vbnv_reset(uint8_t *vbnv_copy);
/* Initialize the vbnv CMOS backing store. The vbnv_copy pointer is used for
optional temporary storage in the init function. */
void vbnv_init_cmos(uint8_t *vbnv_copy);
/* Platform-specific CMOS init function, called by vbnv_init_cmos(). */
void vbnv_platform_init_cmos(void);
/* Return non-zero if CMOS power was lost. */
int vbnv_cmos_failed(void);
void read_vbnv_cmos(uint8_t *vbnv_copy);

6
src/security/vboot/vbnv_cmos.c
View File

@ -67,8 +67,14 @@ void save_vbnv_cmos(const uint8_t *vbnv_copy)
cmos_write(vbnv_copy[i], CONFIG_VBOOT_VBNV_OFFSET + 14 + i);
}
void __weak vbnv_platform_init_cmos(void)
{
}
void vbnv_init_cmos(uint8_t *vbnv_copy)
{
vbnv_platform_init_cmos();
/* If no CMOS failure just defer to the normal read path for checking
vbnv contents' integrity. */
if (!vbnv_cmos_failed())