secdata: Initialize secdata kernel in vb2api_fw_phase1

Currently, secdata kernel is initialized in vb2api_kernel_phase1.
Since we'll be using secdata kernel in romstage for EFS2, it
needs to be initialized earlier.

This patch makes vb2api_fw_phase1 call vb2_secdata_kernel_init.

Signed-off-by: dnojiri <dnojiri@chromium.org>

BUG=b:147298634, chromium:1045217, b:148259137
BRANCH=none
TEST=Verify Hmir is updated in romstage on Puff.

Cq-Depend: chromium:2155377
Change-Id: I8a537126a952ecccc9cc496ce60fc6dc81541a8f
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/vboot_reference/+/2153852
Reviewed-by: Julius Werner <jwerner@chromium.org>
Reviewed-by: Joel Kitching <kitching@chromium.org>
Commit-Queue: Daisuke Nojiri <dnojiri@chromium.org>
Tested-by: Daisuke Nojiri <dnojiri@chromium.org>
Auto-Submit: Daisuke Nojiri <dnojiri@chromium.org>
diff --git a/firmware/2lib/2api.c b/firmware/2lib/2api.c
index 4492cf9..d49b8d3 100644
--- a/firmware/2lib/2api.c
+++ b/firmware/2lib/2api.c
@@ -46,11 +46,15 @@
 		return VB2_ERROR_API_PHASE1_SECDATA_REBOOT;
 	}
 
-	/* Initialize firmware secure data */
+	/* Initialize firmware & kernel secure data */
 	rv = vb2_secdata_firmware_init(ctx);
 	if (rv)
 		vb2api_fail(ctx, VB2_RECOVERY_SECDATA_FIRMWARE_INIT, rv);
 
+	rv = vb2_secdata_kernel_init(ctx);
+	if (rv)
+		vb2api_fail(ctx, VB2_RECOVERY_SECDATA_KERNEL_INIT, rv);
+
 	/* Load and parse the GBB header */
 	rv = vb2_fw_init_gbb(ctx);
 	if (rv)
diff --git a/firmware/2lib/2kernel.c b/firmware/2lib/2kernel.c
index f49b6de..84c90d7 100644
--- a/firmware/2lib/2kernel.c
+++ b/firmware/2lib/2kernel.c
@@ -131,16 +131,10 @@
 	vb2_workbuf_from_ctx(ctx, &wb);
 
 	/*
-	 * Init secdata_kernel and secdata_fwmp spaces.  No need to init
-	 * secdata_firmware, since it was already read during firmware
+	 * Init secdata_fwmp spaces. No need to init secdata_firmware or
+	 * secdata_kernel, since they were already read during firmware
 	 * verification.  Ignore errors in recovery mode.
 	 */
-	rv = vb2_secdata_kernel_init(ctx);
-	if (rv && !(ctx->flags & VB2_CONTEXT_RECOVERY_MODE)) {
-		VB2_DEBUG("TPM: init secdata_kernel returned %#x\n", rv);
-		vb2api_fail(ctx, VB2_RECOVERY_SECDATA_KERNEL_INIT, rv);
-		return rv;
-	}
 	rv = vb2_secdata_fwmp_init(ctx);
 	if (rv && !(ctx->flags & VB2_CONTEXT_RECOVERY_MODE)) {
 		VB2_DEBUG("TPM: init secdata_fwmp returned %#x\n", rv);
diff --git a/tests/vb20_verify_fw.c b/tests/vb20_verify_fw.c
index e2a5471..f732b8b 100644
--- a/tests/vb20_verify_fw.c
+++ b/tests/vb20_verify_fw.c
@@ -176,6 +176,7 @@
 
 	/* Initialize secure context */
 	vb2api_secdata_firmware_create(ctx);
+	vb2api_secdata_kernel_create(ctx);
 
 	// TODO: optional args to set contents for nvdata, secdata?
 
diff --git a/tests/vb2_api_tests.c b/tests/vb2_api_tests.c
index 50bdf74..a03a004 100644
--- a/tests/vb2_api_tests.c
+++ b/tests/vb2_api_tests.c
@@ -79,7 +79,8 @@
 	vb2_nv_init(ctx);
 
 	vb2api_secdata_firmware_create(ctx);
-	vb2_secdata_firmware_init(ctx);
+
+	vb2api_secdata_kernel_create(ctx);
 
 	force_dev_mode = 0;
 	retval_vb2_fw_init_gbb = VB2_SUCCESS;
@@ -352,6 +353,10 @@
 		0, "  display init context flag");
 	TEST_EQ(sd->flags & VB2_SD_FLAG_DISPLAY_AVAILABLE,
 		0, "  display available SD flag");
+	TEST_NEQ(sd->status & VB2_SD_STATUS_SECDATA_FIRMWARE_INIT,
+		 0, "  secdata firmware initialized");
+	TEST_NEQ(sd->status & VB2_SD_STATUS_SECDATA_KERNEL_INIT,
+		 0, "  secdata kernel initialized");
 
 	reset_common_data(FOR_MISC);
 	retval_vb2_fw_init_gbb = VB2_ERROR_GBB_MAGIC;
@@ -392,6 +397,16 @@
 	TEST_NEQ(ctx->flags & VB2_CONTEXT_RECOVERY_MODE, 0, "  recovery flag");
 	TEST_NEQ(ctx->flags & VB2_CONTEXT_CLEAR_RAM, 0, "  clear ram flag");
 
+	/* Bad secdata_kernel causes recovery mode */
+	reset_common_data(FOR_MISC);
+	ctx->secdata_kernel[2] ^= 0x42;  /* 3rd byte is CRC */
+	TEST_EQ(vb2api_fw_phase1(ctx), VB2_ERROR_API_PHASE1_RECOVERY,
+		"phase1 bad secdata_kernel");
+	TEST_EQ(sd->recovery_reason, VB2_RECOVERY_SECDATA_KERNEL_INIT,
+		"  recovery reason");
+	TEST_NEQ(ctx->flags & VB2_CONTEXT_RECOVERY_MODE, 0, "  recovery flag");
+	TEST_NEQ(ctx->flags & VB2_CONTEXT_CLEAR_RAM, 0, "  clear ram flag");
+
 	/* Test secdata_firmware-requested reboot */
 	reset_common_data(FOR_MISC);
 	ctx->flags |= VB2_CONTEXT_SECDATA_WANTS_REBOOT;
diff --git a/tests/vb2_kernel_tests.c b/tests/vb2_kernel_tests.c
index 0117f97..d92f159 100644
--- a/tests/vb2_kernel_tests.c
+++ b/tests/vb2_kernel_tests.c
@@ -99,11 +99,6 @@
 		sd->preamble_size = sizeof(*fwpre) + k->key_size;
 		vb2_set_workbuf_used(ctx,
 				     sd->preamble_offset + sd->preamble_size);
-
-		/* Needed to check that secdata_kernel initialization is
-		   performed by phase1 function. */
-		sd->status &= ~VB2_SD_STATUS_SECDATA_KERNEL_INIT;
-
 	}
 };
 
@@ -219,22 +214,6 @@
 	TEST_EQ(sd->kernel_version_secdata, 0x20002,
 		"  secdata_kernel version");
 
-	/* Bad secdata_kernel causes failure in normal mode only */
-	reset_common_data(FOR_PHASE1);
-	ctx->secdata_kernel[2] ^= 0x33;  /* 3rd byte is CRC */
-	TEST_EQ(vb2api_kernel_phase1(ctx), VB2_ERROR_SECDATA_KERNEL_CRC,
-		"phase1 bad secdata_kernel");
-	TEST_EQ(vb2_nv_get(ctx, VB2_NV_RECOVERY_REQUEST),
-		VB2_RECOVERY_SECDATA_KERNEL_INIT, "  recovery reason");
-
-	reset_common_data(FOR_PHASE1);
-	ctx->secdata_kernel[0] ^= 0x33;
-	ctx->flags |= VB2_CONTEXT_RECOVERY_MODE;
-	TEST_SUCC(vb2api_kernel_phase1(ctx), "phase1 bad secdata_kernel rec");
-	TEST_EQ(sd->kernel_version_secdata, 0, "  secdata_kernel version");
-	TEST_EQ(vb2_nv_get(ctx, VB2_NV_RECOVERY_REQUEST),
-		VB2_RECOVERY_NOT_REQUESTED, "  no recovery");
-
 	/* Bad secdata_fwmp causes failure in normal mode only */
 	reset_common_data(FOR_PHASE1);
 	mock_secdata_fwmp_check_retval = VB2_ERROR_SECDATA_FWMP_CRC;
diff --git a/tests/vboot_api_kernel4_tests.c b/tests/vboot_api_kernel4_tests.c
index de4688b..12a89af 100644
--- a/tests/vboot_api_kernel4_tests.c
+++ b/tests/vboot_api_kernel4_tests.c
@@ -109,11 +109,6 @@
 	return VB2_SUCCESS;
 }
 
-vb2_error_t vb2_secdata_kernel_init(struct vb2_context *c)
-{
-	return secdata_kernel_init_retval;
-}
-
 vb2_error_t vb2_secdata_fwmp_init(struct vb2_context *c)
 {
 	return secdata_fwmp_init_retval;