tpm: Refactor TPM Kconfig dimensions
Break TPM related Kconfig into the following dimensions:
TPM transport support:
config CRB_TPM
config I2C_TPM
config SPI_TPM
config MEMORY_MAPPED_TPM (new)
TPM brand, not defining any of these is valid, and result in "generic" support:
config TPM_ATMEL (new)
config TPM_GOOGLE (new)
config TPM_GOOGLE_CR50 (new, implies TPM_GOOGLE)
config TPM_GOOGLE_TI50 (new to be used later, implies TPM_GOOGLE)
What protocol the TPM chip supports:
config MAINBOARD_HAS_TPM1
config MAINBOARD_HAS_TPM2
What the user chooses to compile (restricted by the above):
config NO_TPM
config TPM1
config TPM2
The following Kconfigs will be replaced as indicated:
config TPM_CR50 -> TPM_GOOGLE
config MAINBOARD_HAS_CRB_TPM -> CRB_TPM
config MAINBOARD_HAS_I2C_TPM_ATMEL -> I2C_TPM && TPM_ATMEL
config MAINBOARD_HAS_I2C_TPM_CR50 -> I2C_TPM && TPM_GOOGLE
config MAINBOARD_HAS_I2C_TPM_GENERIC -> I2C_TPM && !TPM_GOOGLE && !TPM_ATMEL
config MAINBOARD_HAS_LPC_TPM -> MEMORY_MAPPED_TPM
config MAINBOARD_HAS_SPI_TPM -> SPI_TPM && !TPM_GOOGLE && !TPM_ATMEL
config MAINBOARD_HAS_SPI_TPM_CR50 -> SPI_TPM && TPM_GOOGLE
Signed-off-by: Jes B. Klinke <jbk@chromium.org>
Change-Id: I4656b2b90363b8dfd008dc281ad591862fe2cc9e
Reviewed-on: https://review.coreboot.org/c/coreboot/+/63424
Tested-by: build bot (Jenkins) <no-reply@coreboot.org>
Reviewed-by: Yu-Ping Wu <yupingso@google.com>
Reviewed-by: Tim Wawrzynczak <twawrzynczak@chromium.org>
Reviewed-by: Julius Werner <jwerner@chromium.org>
diff --git a/src/security/tpm/Kconfig b/src/security/tpm/Kconfig
index 4864f12..fc339a2 100644
--- a/src/security/tpm/Kconfig
+++ b/src/security/tpm/Kconfig
@@ -20,21 +20,14 @@
config TPM1
bool "TPM 1.2"
- depends on MAINBOARD_HAS_LPC_TPM || \
- MAINBOARD_HAS_I2C_TPM_GENERIC || \
- MAINBOARD_HAS_I2C_TPM_ATMEL
+ depends on I2C_TPM || MEMORY_MAPPED_TPM || SPI_TPM || CRB_TPM
depends on !MAINBOARD_HAS_TPM2
help
Select this option if your TPM uses the older TPM 1.2 protocol.
config TPM2
bool "TPM 2.0"
- depends on MAINBOARD_HAS_I2C_TPM_GENERIC || \
- MAINBOARD_HAS_LPC_TPM || \
- MAINBOARD_HAS_I2C_TPM_ATMEL || \
- MAINBOARD_HAS_I2C_TPM_CR50 || \
- MAINBOARD_HAS_SPI_TPM || \
- MAINBOARD_HAS_CRB_TPM
+ depends on I2C_TPM || MEMORY_MAPPED_TPM || SPI_TPM || CRB_TPM
depends on !MAINBOARD_HAS_TPM1
help
Select this option if your TPM uses the newer TPM 2.0 protocol.
@@ -77,7 +70,7 @@
config TPM_RDRESP_NEED_DELAY
bool "Enable Delay Workaround for TPM"
default n
- depends on MAINBOARD_HAS_LPC_TPM
+ depends on MEMORY_MAPPED_TPM
help
Certain TPMs seem to need some delay when reading response
to work around a race-condition-related issue, possibly
diff --git a/src/security/tpm/Makefile.inc b/src/security/tpm/Makefile.inc
index c36183d..8f633a8 100644
--- a/src/security/tpm/Makefile.inc
+++ b/src/security/tpm/Makefile.inc
@@ -1,4 +1,4 @@
-subdirs-$(CONFIG_TPM_CR50) += tss/vendor/cr50
+subdirs-$(CONFIG_TPM_GOOGLE) += tss/vendor/cr50
## TSS
diff --git a/src/security/tpm/tss/vendor/cr50/Kconfig b/src/security/tpm/tss/vendor/cr50/Kconfig
index c4ecdef..f98b8ef 100644
--- a/src/security/tpm/tss/vendor/cr50/Kconfig
+++ b/src/security/tpm/tss/vendor/cr50/Kconfig
@@ -1,11 +1,21 @@
# SPDX-License-Identifier: GPL-2.0-only
-config TPM_CR50
+config TPM_GOOGLE
bool
- depends on TPM2
- default y if MAINBOARD_HAS_I2C_TPM_CR50 || MAINBOARD_HAS_SPI_TPM_CR50
-if TPM_CR50
+config TPM_GOOGLE_CR50
+ bool
+ select TPM_GOOGLE
+
+config TPM_GOOGLE_TI50
+ bool
+ select TPM_GOOGLE
+
+if TPM_GOOGLE
+
+config TPM_GOOGLE_IMMEDIATELY_COMMIT_FW_SECDATA
+ bool
+ default y
config POWER_OFF_ON_CR50_UPDATE
bool
diff --git a/src/security/vboot/secdata_mock.c b/src/security/vboot/secdata_mock.c
index 5792b41..57aed61 100644
--- a/src/security/vboot/secdata_mock.c
+++ b/src/security/vboot/secdata_mock.c
@@ -31,7 +31,7 @@
/*
* The new kernel secdata v1 stores the last read EC hash, and reboots the
* device during EC software sync when that hash didn't match the currently
- * active hash on the EC (this is used with TPM_CR50 to support EC-EFS2 and
+ * active hash on the EC (this is used with TPM_GOOGLE to support EC-EFS2 and
* pretty much a no-op for other devices). Generally, of course the whole
* point of secdata is always that it persists across reboots, but with
* MOCK_SECDATA we can't do that. Previously we always happened to somewhat
diff --git a/src/security/vboot/secdata_tpm.c b/src/security/vboot/secdata_tpm.c
index 847a959..450c681 100644
--- a/src/security/vboot/secdata_tpm.c
+++ b/src/security/vboot/secdata_tpm.c
@@ -384,8 +384,7 @@
* Define and write zero-touch enrollment (ZTE) spaces. For Cr50 devices,
* these are set up elsewhere via TPM vendor commands.
*/
- if (CONFIG(CHROMEOS) && (!(CONFIG(MAINBOARD_HAS_SPI_TPM_CR50) ||
- CONFIG(MAINBOARD_HAS_I2C_TPM_CR50))))
+ if (CONFIG(CHROMEOS) && !(CONFIG(TPM_GOOGLE)))
RETURN_ON_FAILURE(setup_zte_spaces());
/* Define widevine counter space. No need to increment/write to the secure counters
@@ -613,7 +612,7 @@
uint32_t antirollback_write_space_firmware(struct vb2_context *ctx)
{
- if (CONFIG(CR50_IMMEDIATELY_COMMIT_FW_SECDATA))
+ if (CONFIG(TPM_GOOGLE_IMMEDIATELY_COMMIT_FW_SECDATA))
tlcl_cr50_enable_nvcommits();
return safe_write(FIRMWARE_NV_INDEX, ctx->secdata_firmware,
VB2_SECDATA_FIRMWARE_SIZE);
@@ -632,7 +631,7 @@
* recovery, software sync, or other special boot flows. When the AP
* wants to write, it is imporant to actually commit changes.
*/
- if (CONFIG(CR50_IMMEDIATELY_COMMIT_FW_SECDATA))
+ if (CONFIG(TPM_GOOGLE_IMMEDIATELY_COMMIT_FW_SECDATA))
tlcl_cr50_enable_nvcommits();
return safe_write(KERNEL_NV_INDEX, ctx->secdata_kernel, size);
diff --git a/src/security/vboot/vboot_logic.c b/src/security/vboot/vboot_logic.c
index 509169f..2230b5ab 100644
--- a/src/security/vboot/vboot_logic.c
+++ b/src/security/vboot/vboot_logic.c
@@ -303,7 +303,7 @@
* If there is an communication error, a recovery reason will be set and
* vb2api_fw_phase1 will route us to recovery mode.
*/
- if (CONFIG(TPM_CR50))
+ if (CONFIG(TPM_GOOGLE))
check_boot_mode(ctx);
if (get_ec_is_trusted())