soc/amd/mendocino: PSP_INCLUDES_HSP
Select HSP config to indicate that the SoC includes Hardware Security
Processor. This will allow PSP verstage to get and report the HSP state.
BUG=None
TEST=Build Skyrim BIOS image and boot to ChromeOS on Skyrim. Verify
that HSP is reported during the boot sequence.
Change-Id: I22446c2bd6202529367da040c09449e6b26f9d7a
Signed-off-by: Karthikeyan Ramasubramanian <kramasub@google.com>
Reviewed-on: https://review.coreboot.org/c/coreboot/+/71209
Tested-by: build bot (Jenkins) <no-reply@coreboot.org>
Reviewed-by: Martin L Roth <gaumless@gmail.com>
diff --git a/src/soc/amd/common/psp_verstage/include/psp_verstage.h b/src/soc/amd/common/psp_verstage/include/psp_verstage.h
index dd3d2b3..c3240fa 100644
--- a/src/soc/amd/common/psp_verstage/include/psp_verstage.h
+++ b/src/soc/amd/common/psp_verstage/include/psp_verstage.h
@@ -68,6 +68,8 @@
void update_psp_fw_hash_table(const char *fname);
+void report_prev_boot_status_to_vboot(void);
+
void report_hsp_secure_state(void);
#endif /* PSP_VERSTAGE_H */
diff --git a/src/soc/amd/common/psp_verstage/psp_verstage.c b/src/soc/amd/common/psp_verstage/psp_verstage.c
index 33d9218..88d4299 100644
--- a/src/soc/amd/common/psp_verstage/psp_verstage.c
+++ b/src/soc/amd/common/psp_verstage/psp_verstage.c
@@ -137,25 +137,6 @@
return 0;
}
-static void report_prev_boot_status_to_vboot(void)
-{
- uint32_t boot_status = 0;
- int ret;
- struct vb2_context *ctx = vboot_get_context();
-
- /* Already in recovery mode. No need to report previous boot status. */
- if (ctx->flags & VB2_CONTEXT_RECOVERY_MODE)
- return;
-
- ret = svc_get_prev_boot_status(&boot_status);
- if (ret != BL_OK || boot_status) {
- printk(BIOS_ERR, "PSPFW failure in previous boot: %d:%#8x\n", ret, boot_status);
- vbnv_init();
- vb2api_previous_boot_fail(ctx, VB2_RECOVERY_FW_VENDOR_BLOB,
- boot_status ? (int)boot_status : ret);
- }
-}
-
/*
* Save workbuf (and soon memory console and timestamps) to the bootloader to pass
* back to coreboot.
diff --git a/src/soc/amd/mendocino/Kconfig b/src/soc/amd/mendocino/Kconfig
index 5286333..7faa479 100644
--- a/src/soc/amd/mendocino/Kconfig
+++ b/src/soc/amd/mendocino/Kconfig
@@ -24,6 +24,7 @@
select PARALLEL_MP_AP_WORK
select PLATFORM_USES_FSP2_0
select PROVIDES_ROM_SHARING
+ select PSP_INCLUDES_HSP
select PSP_SUPPORTS_EFS2_RELATIVE_ADDR if VBOOT_STARTS_BEFORE_BOOTBLOCK
select PSP_VERSTAGE_CCP_DMA if VBOOT_STARTS_BEFORE_BOOTBLOCK
select RESET_VECTOR_IN_RAM
diff --git a/src/soc/amd/mendocino/psp_verstage/chipset.c b/src/soc/amd/mendocino/psp_verstage/chipset.c
index c892b19..7572756 100644
--- a/src/soc/amd/mendocino/psp_verstage/chipset.c
+++ b/src/soc/amd/mendocino/psp_verstage/chipset.c
@@ -2,12 +2,15 @@
/* TODO: Check if this is still correct */
+#include "2api.h"
#include <arch/hlt.h>
#include <bl_uapp/bl_errorcodes_public.h>
#include <bl_uapp/bl_syscall_public.h>
#include <cbfs.h>
#include <console/console.h>
#include <psp_verstage.h>
+#include <security/vboot/misc.h>
+#include <security/vboot/vbnv.h>
/*
* We can't pass pointer to hash table in the SPI.
@@ -116,6 +119,25 @@
svc_set_platform_boot_mode(CHROME_BOOK_BOOT_MODE_NORMAL);
}
+void report_prev_boot_status_to_vboot(void)
+{
+ uint32_t boot_status = 0;
+ int ret;
+ struct vb2_context *ctx = vboot_get_context();
+
+ /* Already in recovery mode. No need to report previous boot status. */
+ if (ctx->flags & VB2_CONTEXT_RECOVERY_MODE)
+ return;
+
+ ret = svc_get_prev_boot_status(&boot_status);
+ if (ret != BL_OK || boot_status) {
+ printk(BIOS_ERR, "PSPFW failure in previous boot: %d:%#8x\n", ret, boot_status);
+ vbnv_init();
+ vb2api_previous_boot_fail(ctx, VB2_RECOVERY_FW_VENDOR_BLOB,
+ boot_status ? (int)boot_status : ret);
+ }
+}
+
void report_hsp_secure_state(void)
{
uint32_t hsp_secure_state;
diff --git a/src/vendorcode/amd/fsp/cezanne/include/bl_uapp/bl_syscall_public.h b/src/vendorcode/amd/fsp/cezanne/include/bl_uapp/bl_syscall_public.h
index 1468e5b..d88bfe1 100644
--- a/src/vendorcode/amd/fsp/cezanne/include/bl_uapp/bl_syscall_public.h
+++ b/src/vendorcode/amd/fsp/cezanne/include/bl_uapp/bl_syscall_public.h
@@ -343,15 +343,6 @@
-----------------------------------------------------------------------------*/
uint32_t svc_set_platform_boot_mode(enum chrome_platform_boot_mode boot_mode);
-/* Get the previous boot status.
- *
- * Parameters:
- * - boot_status - Address where the boot status is read into
- *
- * Return value: BL_OK or error code
- */
-uint32_t svc_get_prev_boot_status(uint32_t *boot_status);
-
/* C entry point for the Bootloader Userspace Application */
void Main(void);
diff --git a/src/vendorcode/amd/fsp/picasso/include/bl_uapp/bl_syscall_public.h b/src/vendorcode/amd/fsp/picasso/include/bl_uapp/bl_syscall_public.h
index 20cebe6..0c168a9 100644
--- a/src/vendorcode/amd/fsp/picasso/include/bl_uapp/bl_syscall_public.h
+++ b/src/vendorcode/amd/fsp/picasso/include/bl_uapp/bl_syscall_public.h
@@ -410,15 +410,6 @@
return BL_ERR_UNSUPPORTED_PLATFORM;
}
-/* Get the previous boot status.
- *
- * Parameters:
- * - boot_status - Address where the boot status is read into
- *
- * Return value: BL_OK or error code
- */
-uint32_t svc_get_prev_boot_status(uint32_t *boot_status);
-
/* C entry point for the Bootloader Userspace Application */
void Main(void);