mb/facebook/fbg1701: Add measured boot support

No support is available in mainboard.
Add support to mainboard:
- Add mb_log_list[]
- Add routine mb_crtm()

BUG=N/A
TEST=Boot Embedded Linux 4.20 and verify logging on Facebook FBG-1701

Change-Id: I5120ffb6af0b41520056e1773f63b7b2f34a2460
Signed-off-by: Frans Hendriks <fhendriks@eltan.com>
Reviewed-on: https://review.coreboot.org/c/coreboot/+/33464
Tested-by: build bot (Jenkins) <no-reply@coreboot.org>
Reviewed-by: Lance Zhao <lance.zhao@gmail.com>

2 files changed, 78 insertions, 0 deletions

diff --git a/src/mainboard/facebook/fbg1701/board_mboot.h b/src/mainboard/facebook/fbg1701/board_mboot.h
new file mode 100644
index 000000000000..5a23630570e2
--- /dev/null
+++ b/src/mainboard/facebook/fbg1701/board_mboot.h
@@ -0,0 +1,31 @@
+/*
+ * This file is part of the coreboot project.
+ *
+ * Copyright (C) 2018-2019 Eltan B.V.
+ *
+ * This program is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation; version 2 of the License.
+ *
+ * This program is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+ * GNU General Public License for more details.
+ */
+
+#include <mboot.h>
+
+const mboot_measure_item_t mb_log_list[] = {
+	{ "config", CBFS_TYPE_RAW, MBOOT_PCR_INDEX_0, EV_NO_ACTION, NULL },
+	{ "revision", CBFS_TYPE_RAW, MBOOT_PCR_INDEX_0, EV_NO_ACTION, NULL },
+	{ "cmos_layout.bin", CBFS_COMPONENT_CMOS_LAYOUT, MBOOT_PCR_INDEX_0,
+		EV_NO_ACTION, NULL },
+#if CONFIG(VENDORCODE_ELTAN_VBOOT)
+	{ "oemmanifest.bin", CBFS_TYPE_RAW, MBOOT_PCR_INDEX_7, EV_NO_ACTION,
+		NULL },
+#if CONFIG(VENDORCODE_ELTAN_VBOOT_SIGNED_MANIFEST)
+	{ "vboot_public_key.bin", CBFS_TYPE_RAW, MBOOT_PCR_INDEX_6,
+		EV_NO_ACTION, NULL },
+#endif
+#endif
+};
diff --git a/src/mainboard/facebook/fbg1701/romstage.c b/src/mainboard/facebook/fbg1701/romstage.c
index e2e37d6387b0..d6b475c91899 100644
--- a/src/mainboard/facebook/fbg1701/romstage.c
+++ b/src/mainboard/facebook/fbg1701/romstage.c
@@ -15,10 +15,14 @@
  * GNU General Public License for more details.
  */
 
+#include <build.h>
 #include <cbfs.h>
 #include <console/console.h>
 #include <chip.h>
 #include <device/pci_ops.h>
+#if CONFIG(VENDORCODE_ELTAN_MBOOT)
+#include <mboot.h>
+#endif
 #include <soc/lpc.h>
 #include <soc/pci_devs.h>
 #include <soc/romstage.h>
@@ -49,3 +53,46 @@ void mainboard_after_memory_init(void)
 	/* Disable the Braswell UART hardware for COM1. */
 	pci_write_config32(PCI_DEV(0, LPC_DEV, 0), UART_CONT, 0);
 }
+
+#if CONFIG(VENDORCODE_ELTAN_MBOOT)
+/**
+ * mb_crtm
+ *
+ * Measures the crtm version. This consists of a string than can be defined
+ * using make menuconfig and automatically generated version information.
+ *
+ * @param[in]  activePcr	bitmap of the support
+ *
+ * @retval TPM_SUCCESS		Operation completed successfully.
+ * @retval TPM_E_IOERROR	Unexpected device behavior.
+ */
+
+static const uint8_t crtm_version[] =
+	CONFIG_VENDORCODE_ELTAN_CRTM_VERSION_STRING
+	COREBOOT_VERSION COREBOOT_EXTRA_VERSION " " COREBOOT_BUILD;
+
+int mb_crtm(EFI_TCG2_EVENT_ALGORITHM_BITMAP activePcr)
+{
+	int status = TPM_E_IOERROR;
+	TCG_PCR_EVENT2_HDR tcgEventHdr;
+
+	/* Use FirmwareVersion string to represent CRTM version. */
+	printk(BIOS_DEBUG, "%s: Measure CRTM Version\n", __func__);
+	memset(&tcgEventHdr, 0, sizeof(tcgEventHdr));
+	tcgEventHdr.pcrIndex  = MBOOT_PCR_INDEX_0;
+	tcgEventHdr.eventType = EV_S_CRTM_VERSION;
+	tcgEventHdr.eventSize = sizeof(crtm_version);
+	printk(BIOS_DEBUG, "%s: EventSize - %u\n", __func__,
+	       tcgEventHdr.eventSize);
+
+	status = mboot_hash_extend_log(activePcr, 0, (uint8_t *)crtm_version,
+				       tcgEventHdr.eventSize, &tcgEventHdr,
+				       (uint8_t *)crtm_version, 0);
+	if (status) {
+		printk(BIOS_DEBUG, "Measure CRTM Version returned 0x%x\n",
+		       status);
+	}
+
+	return status;
+}
+#endif