From d1130b7ec0c2e651317015d54b9dc726fb760924 Mon Sep 17 00:00:00 2001
From: Karthikeyan Ramasubramanian <kramasub@google.com>
Date: Tue, 16 Aug 2022 17:42:57 -0600
Subject: [PATCH] soc/amd/mendocino: Add GSVCD range

Add region/range of SPI ROM to be verified by Google Security Chip
(GSC).

BUG=b:227809919
TEST=Build and boot to OS in Skyrim with CBFS verification enabled.

Change-Id: If8a766d9a7ef26f94e3ab002a9384ba9d444dd1f
Signed-off-by: Karthikeyan Ramasubramanian <kramasub@google.com>
Reviewed-on: https://review.coreboot.org/c/coreboot/+/66945
Tested-by: build bot (Jenkins) <no-reply@coreboot.org>
Reviewed-by: Raul Rangel <rrangel@chromium.org>
---
 src/soc/amd/common/Makefile.inc    | 12 ++++++++++++
 src/soc/amd/mendocino/Makefile.inc | 13 +++++++++++++
 2 files changed, 25 insertions(+)

diff --git a/src/soc/amd/common/Makefile.inc b/src/soc/amd/common/Makefile.inc
index c8e9d0df4a..63ee773ddd 100644
--- a/src/soc/amd/common/Makefile.inc
+++ b/src/soc/amd/common/Makefile.inc
@@ -28,6 +28,18 @@ endif # ifeq ($(CONFIG_RESET_VECTOR_IN_RAM),y)
 
 ifeq ($(CONFIG_VBOOT_GSCVD),y)
 build_complete:: $(AMDFWREAD)
+
+amdfwread-offset-size-cmd = $(AMDFWREAD) --ro-list $(obj)/coreboot.rom | \
+				awk --non-decimal-data '/$(1)/ {printf "%x:%x", $$3, $$4}'
+
+amdfwread-range-cmd = $(shell ( \
+	range=$$($(call amdfwread-offset-size-cmd,$(1))) ;\
+	if [ -n "$$range" ]; then \
+		printf $$range ;\
+	else \
+		printf "error" ;\
+	fi ;\
+))
 endif # ifeq ($(CONFIG_VBOOT_GSCVD),y)
 
 endif
diff --git a/src/soc/amd/mendocino/Makefile.inc b/src/soc/amd/mendocino/Makefile.inc
index 306f22887b..44a0e29149 100644
--- a/src/soc/amd/mendocino/Makefile.inc
+++ b/src/soc/amd/mendocino/Makefile.inc
@@ -327,4 +327,17 @@ build_complete:: $(obj)/amdfw_a.rom $(obj)/amdfw_b.rom
 		-n apu/amdfw_b_hash -t raw
 endif
 
+# Add ranges for all components up until the first segment of BIOS to be verified by GSC
+ifeq ($(CONFIG_VBOOT_GSCVD),y)
+# Adding range for Bootblock
+vboot-gscvd-ranges += $(call amdfwread-range-cmd,BIOSL2: 0x62)
+# Adding range for PSP Stage1 Bootloader
+vboot-gscvd-ranges += $(call amdfwread-range-cmd,PSPL2: 0x01)
+
+ifeq ($(CONFIG_VBOOT_STARTS_BEFORE_BOOTBLOCK),y)
+# Adding range for PSP Verstage
+vboot-gscvd-ranges += $(call amdfwread-range-cmd,PSPL2: 0x52)
+endif # ifeq ($(CONFIG_VBOOT_STARTS_BEFORE_BOOTBLOCK),y)
+endif # ifeq ($(CONFIG_VBOOT_GSCVD),y)
+
 endif # ($(CONFIG_SOC_AMD_MENDOCINO),y)