GNUBoot/coreboot-kgpe-d16
2
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity
coreboot-kgpe-d16/src/security/vboot/vbnv.c

105 lines
2.3 KiB
C
Raw Normal View History

src/security: Use SPDX for GPL-2.0-only files Done with sed and God Lines. Only done for C-like code for now. Change-Id: I51f5764b57fb8b62e3a4b3d41bd32e5330a2983c Signed-off-by: Angel Pons <th3fanbus@gmail.com> Reviewed-on: https://review.coreboot.org/c/coreboot/+/40057 Tested-by: build bot (Jenkins) <no-reply@coreboot.org> Reviewed-by: HAOUAS Elyes <ehaouas@noos.fr>
2020-04-02 23:48:53 +02:00
/* SPDX-License-Identifier: GPL-2.0-only */
/* This file is part of the coreboot project. */
chromeos: Add vbnv wrapper for the different backends Add a wrapper around the vbnv implementations and call into the different backend functions from there. Also move some of the common functions to the common code and simplify the backend drivers. This will allow some of the code to be re-used so the CMOS backend can backup the data into the flash backend. One side effect of this is that the cache of VBNV was removed from CMOS and EC backends and moved into the VBNV wrapper, but the flash backend also still has a separate cache because it has more state and complexity in the implementation. The wrapper cached data is not used for normal vbnv_read/vbnv_write because some callers need the ability to force a write if the backend storage is cleared (i.e. CMOS clear). BUG=chrome-os-partner:47915 BRANCH=glados TEST=build and boot on chell Change-Id: I4d2e0e99af7e8a44aec77ad9991507401babcca6 Signed-off-by: Patrick Georgi <pgeorgi@chromium.org> Original-Commit-Id: c30f60434a64f6c0eb9ede45d48ddafff19dd24f Original-Change-Id: Ia97f6607c5ad837b9aa10b45211137221ccb93a0 Original-Signed-off-by: Duncan Laurie <dlaurie@chromium.org> Original-Reviewed-on: https://chromium-review.googlesource.com/324120 Original-Reviewed-by: Aaron Durbin <adurbin@chromium.org> Reviewed-on: https://review.coreboot.org/13597 Tested-by: build bot (Jenkins) Reviewed-by: Martin Roth <martinroth@google.com>
2016-01-26 02:13:27 +01:00
#include <string.h>
#include <types.h>
security/vboot: Move vboot2 to security kconfig section This commit just moves the vboot sources into the security directory and fixes kconfig/makefile paths. Fix vboot2 headers Change-Id: Icd87f95640186f7a625242a3937e1dd13347eb60 Signed-off-by: Philipp Deppenwiese <zaolin@das-labor.org> Reviewed-on: https://review.coreboot.org/22074 Tested-by: build bot (Jenkins) <no-reply@coreboot.org> Reviewed-by: Martin Roth <martinroth@google.com>
2017-10-17 17:02:29 +02:00
#include <security/vboot/vbnv.h>
#include <security/vboot/vbnv_layout.h>
chromeos: Add vbnv wrapper for the different backends Add a wrapper around the vbnv implementations and call into the different backend functions from there. Also move some of the common functions to the common code and simplify the backend drivers. This will allow some of the code to be re-used so the CMOS backend can backup the data into the flash backend. One side effect of this is that the cache of VBNV was removed from CMOS and EC backends and moved into the VBNV wrapper, but the flash backend also still has a separate cache because it has more state and complexity in the implementation. The wrapper cached data is not used for normal vbnv_read/vbnv_write because some callers need the ability to force a write if the backend storage is cleared (i.e. CMOS clear). BUG=chrome-os-partner:47915 BRANCH=glados TEST=build and boot on chell Change-Id: I4d2e0e99af7e8a44aec77ad9991507401babcca6 Signed-off-by: Patrick Georgi <pgeorgi@chromium.org> Original-Commit-Id: c30f60434a64f6c0eb9ede45d48ddafff19dd24f Original-Change-Id: Ia97f6607c5ad837b9aa10b45211137221ccb93a0 Original-Signed-off-by: Duncan Laurie <dlaurie@chromium.org> Original-Reviewed-on: https://chromium-review.googlesource.com/324120 Original-Reviewed-by: Aaron Durbin <adurbin@chromium.org> Reviewed-on: https://review.coreboot.org/13597 Tested-by: build bot (Jenkins) Reviewed-by: Martin Roth <martinroth@google.com>
2016-01-26 02:13:27 +01:00
security/vboot: Drop CAR_GLOBAL_MIGRATION support Change-Id: I9dee03da028b9111b685e325368815a86e444a47 Signed-off-by: Arthur Heymans <arthur@aheymans.xyz> Reviewed-on: https://review.coreboot.org/c/coreboot/+/37028 Tested-by: build bot (Jenkins) <no-reply@coreboot.org> Reviewed-by: Aaron Durbin <adurbin@chromium.org>
2019-11-20 19:47:10 +01:00
static int vbnv_initialized;
static uint8_t vbnv[VBOOT_VBNV_BLOCK_SIZE];
chromeos: Add vbnv wrapper for the different backends Add a wrapper around the vbnv implementations and call into the different backend functions from there. Also move some of the common functions to the common code and simplify the backend drivers. This will allow some of the code to be re-used so the CMOS backend can backup the data into the flash backend. One side effect of this is that the cache of VBNV was removed from CMOS and EC backends and moved into the VBNV wrapper, but the flash backend also still has a separate cache because it has more state and complexity in the implementation. The wrapper cached data is not used for normal vbnv_read/vbnv_write because some callers need the ability to force a write if the backend storage is cleared (i.e. CMOS clear). BUG=chrome-os-partner:47915 BRANCH=glados TEST=build and boot on chell Change-Id: I4d2e0e99af7e8a44aec77ad9991507401babcca6 Signed-off-by: Patrick Georgi <pgeorgi@chromium.org> Original-Commit-Id: c30f60434a64f6c0eb9ede45d48ddafff19dd24f Original-Change-Id: Ia97f6607c5ad837b9aa10b45211137221ccb93a0 Original-Signed-off-by: Duncan Laurie <dlaurie@chromium.org> Original-Reviewed-on: https://chromium-review.googlesource.com/324120 Original-Reviewed-by: Aaron Durbin <adurbin@chromium.org> Reviewed-on: https://review.coreboot.org/13597 Tested-by: build bot (Jenkins) Reviewed-by: Martin Roth <martinroth@google.com>
2016-01-26 02:13:27 +01:00
/* Return CRC-8 of the data, using x^8 + x^2 + x + 1 polynomial. */
static uint8_t crc8_vbnv(const uint8_t *data, int len)
{
src/[northbridge,security]: change "unsigned" to "unsigned int" Signed-off-by: Martin Roth <martin@coreboot.org> Change-Id: If6b5930f78c3da6dcefaa7b6202cd0424a24525b Reviewed-on: https://review.coreboot.org/c/coreboot/+/36331 Tested-by: build bot (Jenkins) <no-reply@coreboot.org> Reviewed-by: Aaron Durbin <adurbin@chromium.org>
2019-10-24 05:44:42 +02:00
unsigned int crc = 0;
chromeos: Add vbnv wrapper for the different backends Add a wrapper around the vbnv implementations and call into the different backend functions from there. Also move some of the common functions to the common code and simplify the backend drivers. This will allow some of the code to be re-used so the CMOS backend can backup the data into the flash backend. One side effect of this is that the cache of VBNV was removed from CMOS and EC backends and moved into the VBNV wrapper, but the flash backend also still has a separate cache because it has more state and complexity in the implementation. The wrapper cached data is not used for normal vbnv_read/vbnv_write because some callers need the ability to force a write if the backend storage is cleared (i.e. CMOS clear). BUG=chrome-os-partner:47915 BRANCH=glados TEST=build and boot on chell Change-Id: I4d2e0e99af7e8a44aec77ad9991507401babcca6 Signed-off-by: Patrick Georgi <pgeorgi@chromium.org> Original-Commit-Id: c30f60434a64f6c0eb9ede45d48ddafff19dd24f Original-Change-Id: Ia97f6607c5ad837b9aa10b45211137221ccb93a0 Original-Signed-off-by: Duncan Laurie <dlaurie@chromium.org> Original-Reviewed-on: https://chromium-review.googlesource.com/324120 Original-Reviewed-by: Aaron Durbin <adurbin@chromium.org> Reviewed-on: https://review.coreboot.org/13597 Tested-by: build bot (Jenkins) Reviewed-by: Martin Roth <martinroth@google.com>
2016-01-26 02:13:27 +01:00
int i, j;
for (j = len; j; j--, data++) {
crc ^= (*data << 8);
for (i = 8; i; i--) {
if (crc & 0x8000)
crc ^= (0x1070 << 3);
crc <<= 1;
}
}
return (uint8_t) (crc >> 8);
}
vboot: expose vbnv_reset() function It's helpful to use the common vbnv_reset() function to initialize the vbnv contents when backing store failures occur. Therefore, allow that to happen. BUG=b:63054105 Change-Id: I990639e8c163469733fdab0d3c72e064acc9f8d8 Signed-off-by: Aaron Durbin <adurbin@chromium.org> Reviewed-on: https://review.coreboot.org/21559 Tested-by: build bot (Jenkins) <no-reply@coreboot.org> Reviewed-by: Furquan Shaikh <furquan@google.com>
2017-09-15 19:17:38 +02:00
void vbnv_reset(uint8_t *vbnv_copy)
chromeos: Add vbnv wrapper for the different backends Add a wrapper around the vbnv implementations and call into the different backend functions from there. Also move some of the common functions to the common code and simplify the backend drivers. This will allow some of the code to be re-used so the CMOS backend can backup the data into the flash backend. One side effect of this is that the cache of VBNV was removed from CMOS and EC backends and moved into the VBNV wrapper, but the flash backend also still has a separate cache because it has more state and complexity in the implementation. The wrapper cached data is not used for normal vbnv_read/vbnv_write because some callers need the ability to force a write if the backend storage is cleared (i.e. CMOS clear). BUG=chrome-os-partner:47915 BRANCH=glados TEST=build and boot on chell Change-Id: I4d2e0e99af7e8a44aec77ad9991507401babcca6 Signed-off-by: Patrick Georgi <pgeorgi@chromium.org> Original-Commit-Id: c30f60434a64f6c0eb9ede45d48ddafff19dd24f Original-Change-Id: Ia97f6607c5ad837b9aa10b45211137221ccb93a0 Original-Signed-off-by: Duncan Laurie <dlaurie@chromium.org> Original-Reviewed-on: https://chromium-review.googlesource.com/324120 Original-Reviewed-by: Aaron Durbin <adurbin@chromium.org> Reviewed-on: https://review.coreboot.org/13597 Tested-by: build bot (Jenkins) Reviewed-by: Martin Roth <martinroth@google.com>
2016-01-26 02:13:27 +01:00
{
vboot: Separate vboot from chromeos VBOOT_VERIFY_FIRMWARE should be independent of CHROMEOS. This allows use of verified boot library without having to stick to CHROMEOS. BUG=chrome-os-partner:55639 Change-Id: Ia2c328712caedd230ab295b8a613e3c1ed1532d9 Signed-off-by: Furquan Shaikh <furquan@google.com> Reviewed-on: https://review.coreboot.org/15867 Tested-by: build bot (Jenkins) Reviewed-by: Duncan Laurie <dlaurie@chromium.org>
2016-07-25 20:48:03 +02:00
memset(vbnv_copy, 0, VBOOT_VBNV_BLOCK_SIZE);
chromeos: Add vbnv wrapper for the different backends Add a wrapper around the vbnv implementations and call into the different backend functions from there. Also move some of the common functions to the common code and simplify the backend drivers. This will allow some of the code to be re-used so the CMOS backend can backup the data into the flash backend. One side effect of this is that the cache of VBNV was removed from CMOS and EC backends and moved into the VBNV wrapper, but the flash backend also still has a separate cache because it has more state and complexity in the implementation. The wrapper cached data is not used for normal vbnv_read/vbnv_write because some callers need the ability to force a write if the backend storage is cleared (i.e. CMOS clear). BUG=chrome-os-partner:47915 BRANCH=glados TEST=build and boot on chell Change-Id: I4d2e0e99af7e8a44aec77ad9991507401babcca6 Signed-off-by: Patrick Georgi <pgeorgi@chromium.org> Original-Commit-Id: c30f60434a64f6c0eb9ede45d48ddafff19dd24f Original-Change-Id: Ia97f6607c5ad837b9aa10b45211137221ccb93a0 Original-Signed-off-by: Duncan Laurie <dlaurie@chromium.org> Original-Reviewed-on: https://chromium-review.googlesource.com/324120 Original-Reviewed-by: Aaron Durbin <adurbin@chromium.org> Reviewed-on: https://review.coreboot.org/13597 Tested-by: build bot (Jenkins) Reviewed-by: Martin Roth <martinroth@google.com>
2016-01-26 02:13:27 +01:00
}
/* Read VBNV data into cache. */
static void vbnv_setup(void)
{
security/vboot: Drop CAR_GLOBAL_MIGRATION support Change-Id: I9dee03da028b9111b685e325368815a86e444a47 Signed-off-by: Arthur Heymans <arthur@aheymans.xyz> Reviewed-on: https://review.coreboot.org/c/coreboot/+/37028 Tested-by: build bot (Jenkins) <no-reply@coreboot.org> Reviewed-by: Aaron Durbin <adurbin@chromium.org>
2019-11-20 19:47:10 +01:00
if (!vbnv_initialized) {
read_vbnv(vbnv);
vbnv_initialized = 1;
chromeos: Add vbnv wrapper for the different backends Add a wrapper around the vbnv implementations and call into the different backend functions from there. Also move some of the common functions to the common code and simplify the backend drivers. This will allow some of the code to be re-used so the CMOS backend can backup the data into the flash backend. One side effect of this is that the cache of VBNV was removed from CMOS and EC backends and moved into the VBNV wrapper, but the flash backend also still has a separate cache because it has more state and complexity in the implementation. The wrapper cached data is not used for normal vbnv_read/vbnv_write because some callers need the ability to force a write if the backend storage is cleared (i.e. CMOS clear). BUG=chrome-os-partner:47915 BRANCH=glados TEST=build and boot on chell Change-Id: I4d2e0e99af7e8a44aec77ad9991507401babcca6 Signed-off-by: Patrick Georgi <pgeorgi@chromium.org> Original-Commit-Id: c30f60434a64f6c0eb9ede45d48ddafff19dd24f Original-Change-Id: Ia97f6607c5ad837b9aa10b45211137221ccb93a0 Original-Signed-off-by: Duncan Laurie <dlaurie@chromium.org> Original-Reviewed-on: https://chromium-review.googlesource.com/324120 Original-Reviewed-by: Aaron Durbin <adurbin@chromium.org> Reviewed-on: https://review.coreboot.org/13597 Tested-by: build bot (Jenkins) Reviewed-by: Martin Roth <martinroth@google.com>
2016-01-26 02:13:27 +01:00
}
}
/* Verify VBNV header and checksum. */
int verify_vbnv(uint8_t *vbnv_copy)
{
return (HEADER_SIGNATURE == (vbnv_copy[HEADER_OFFSET] & HEADER_MASK)) &&
(crc8_vbnv(vbnv_copy, CRC_OFFSET) == vbnv_copy[CRC_OFFSET]);
}
vboot: Clear battery cutoff flags when vbnv_cmos loads backup VBNV. When CONFIG_VBOOT_VBNV_CMOS_BACKUP_TO_FLASH is set, vbnv_cmos will try to load VBNV from flash if the VBNV in CMOS is invalid. This is usually correct, except the case of battery cut-off. CMOS will always be invalid after battery cut-off if there is no RTC battery (or if that is dead). However, in current implementation the backup in flash is only updated in coreboot, while the real battery cutoff (and the clearing of cutoff flags in VBNV) is done in payload (Depthcharge) stage. This will create an endless reboot loop that: 1. crossystem sets battery cutoff flag in VBNV_CMOS then reboot. 2. coreboot backs-up VBNV_CMOS to VBNV_flash. 3. Depthcharge sees cutoff flag in VBNV_CMOS. 4. Depthcharge clears cutoff flag in VBNV_CMOS. 5. Depthcharge performs battery cutoff (CMOS data is lost). 6. (Plug AC adapter) Reboot. 7. Coreboot sees invalid VBNV_CMOS, load backup from VBNV_flash. 8. Jump to 3. As a result, we should always clear battery cutoff flags when loading backups from VBNV_flash. BRANCH=glados,reef BUG=chrome-os-partner:61365,chrome-os-partner:59615 TEST=emerge-reef coreboot bootimage; Change-Id: I3250a3a179a7b0de9c6e401e4a94dcd23920e473 Signed-off-by: Hung-Te Lin <hungte@chromium.org> Reviewed-on: https://chromium-review.googlesource.com/423460 Reviewed-by: Duncan Laurie <dlaurie@google.com> Reviewed-on: https://review.coreboot.org/18008 Reviewed-by: Paul Menzel <paulepanter@users.sourceforge.net> Tested-by: build bot (Jenkins) Reviewed-by: Martin Roth <martinroth@google.com>
2016-12-29 13:59:37 +01:00
/* Re-generate VBNV checksum. */
void regen_vbnv_crc(uint8_t *vbnv_copy)
{
vbnv_copy[CRC_OFFSET] = crc8_vbnv(vbnv_copy, CRC_OFFSET);
}
vbnv: Do not silently reset cache in read_vbnv Currently, read_vbnv performs a reset of the vbnv cache if it is not valid. However, this information is not passed up to the vboot layer, thus resulting in missed write-back of vbnv cache to storage if vboot does not update the cache itself. Update read_vbnv to return a value depending upon whether it wants a write-back to be performed when save is called. Return value: 0 = No write-back required 1 = Write-back of VBNV cache is required. Change-Id: I239939d5f9731d89a9d53fe662321b93fc1ab113 Signed-off-by: Furquan Shaikh <furquan@google.com> Reviewed-on: https://review.coreboot.org/15457 Tested-by: build bot (Jenkins) Reviewed-by: Aaron Durbin <adurbin@chromium.org>
2016-06-28 01:19:09 +02:00
/*
* Read VBNV data from configured storage backend.
* If VBNV verification fails, reset the vbnv copy.
*/
vbnv: Do not initialize vbnv_copy in vbnv layer If read_vbnv finds that the vbnv_copy is not valid, it initializes it with the correct HEADER_SIGNATURE and other attributes. However, the vbnv copy is checked for validity and initialized at the vboot layer as well. Since, vboot is the owner of this data, it should be the one initializing it. Thus, if read_vbnv sees that the data is not valid, simply reset it to all 0s and let vboot layer take care of it. This also removes the need for additional checks to ensure that the dirty vbnv copy is properly updated on storage. Change-Id: I6101ac41f31f720a6e357c9c56e571d62e0f2f47 Signed-off-by: Furquan Shaikh <furquan@google.com> Reviewed-on: https://review.coreboot.org/15498 Tested-by: build bot (Jenkins) Reviewed-by: Paul Menzel <paulepanter@users.sourceforge.net> Reviewed-by: Julius Werner <jwerner@chromium.org>
2016-06-29 20:26:27 +02:00
void read_vbnv(uint8_t *vbnv_copy)
chromeos: Add vbnv wrapper for the different backends Add a wrapper around the vbnv implementations and call into the different backend functions from there. Also move some of the common functions to the common code and simplify the backend drivers. This will allow some of the code to be re-used so the CMOS backend can backup the data into the flash backend. One side effect of this is that the cache of VBNV was removed from CMOS and EC backends and moved into the VBNV wrapper, but the flash backend also still has a separate cache because it has more state and complexity in the implementation. The wrapper cached data is not used for normal vbnv_read/vbnv_write because some callers need the ability to force a write if the backend storage is cleared (i.e. CMOS clear). BUG=chrome-os-partner:47915 BRANCH=glados TEST=build and boot on chell Change-Id: I4d2e0e99af7e8a44aec77ad9991507401babcca6 Signed-off-by: Patrick Georgi <pgeorgi@chromium.org> Original-Commit-Id: c30f60434a64f6c0eb9ede45d48ddafff19dd24f Original-Change-Id: Ia97f6607c5ad837b9aa10b45211137221ccb93a0 Original-Signed-off-by: Duncan Laurie <dlaurie@chromium.org> Original-Reviewed-on: https://chromium-review.googlesource.com/324120 Original-Reviewed-by: Aaron Durbin <adurbin@chromium.org> Reviewed-on: https://review.coreboot.org/13597 Tested-by: build bot (Jenkins) Reviewed-by: Martin Roth <martinroth@google.com>
2016-01-26 02:13:27 +01:00
{
coreboot: Replace all IS_ENABLED(CONFIG_XXX) with CONFIG(XXX) This patch is a raw application of find src/ -type f | xargs sed -i -e 's/IS_ENABLED\s*(CONFIG_/CONFIG(/g' Change-Id: I6262d6d5c23cabe23c242b4f38d446b74fe16b88 Signed-off-by: Julius Werner <jwerner@chromium.org> Reviewed-on: https://review.coreboot.org/c/coreboot/+/31774 Tested-by: build bot (Jenkins) <no-reply@coreboot.org> Reviewed-by: Patrick Georgi <pgeorgi@google.com>
2019-03-06 01:53:33 +01:00
if (CONFIG(VBOOT_VBNV_CMOS))
chromeos: Add vbnv wrapper for the different backends Add a wrapper around the vbnv implementations and call into the different backend functions from there. Also move some of the common functions to the common code and simplify the backend drivers. This will allow some of the code to be re-used so the CMOS backend can backup the data into the flash backend. One side effect of this is that the cache of VBNV was removed from CMOS and EC backends and moved into the VBNV wrapper, but the flash backend also still has a separate cache because it has more state and complexity in the implementation. The wrapper cached data is not used for normal vbnv_read/vbnv_write because some callers need the ability to force a write if the backend storage is cleared (i.e. CMOS clear). BUG=chrome-os-partner:47915 BRANCH=glados TEST=build and boot on chell Change-Id: I4d2e0e99af7e8a44aec77ad9991507401babcca6 Signed-off-by: Patrick Georgi <pgeorgi@chromium.org> Original-Commit-Id: c30f60434a64f6c0eb9ede45d48ddafff19dd24f Original-Change-Id: Ia97f6607c5ad837b9aa10b45211137221ccb93a0 Original-Signed-off-by: Duncan Laurie <dlaurie@chromium.org> Original-Reviewed-on: https://chromium-review.googlesource.com/324120 Original-Reviewed-by: Aaron Durbin <adurbin@chromium.org> Reviewed-on: https://review.coreboot.org/13597 Tested-by: build bot (Jenkins) Reviewed-by: Martin Roth <martinroth@google.com>
2016-01-26 02:13:27 +01:00
read_vbnv_cmos(vbnv_copy);
coreboot: Replace all IS_ENABLED(CONFIG_XXX) with CONFIG(XXX) This patch is a raw application of find src/ -type f | xargs sed -i -e 's/IS_ENABLED\s*(CONFIG_/CONFIG(/g' Change-Id: I6262d6d5c23cabe23c242b4f38d446b74fe16b88 Signed-off-by: Julius Werner <jwerner@chromium.org> Reviewed-on: https://review.coreboot.org/c/coreboot/+/31774 Tested-by: build bot (Jenkins) <no-reply@coreboot.org> Reviewed-by: Patrick Georgi <pgeorgi@google.com>
2019-03-06 01:53:33 +01:00
else if (CONFIG(VBOOT_VBNV_EC))
chromeos: Add vbnv wrapper for the different backends Add a wrapper around the vbnv implementations and call into the different backend functions from there. Also move some of the common functions to the common code and simplify the backend drivers. This will allow some of the code to be re-used so the CMOS backend can backup the data into the flash backend. One side effect of this is that the cache of VBNV was removed from CMOS and EC backends and moved into the VBNV wrapper, but the flash backend also still has a separate cache because it has more state and complexity in the implementation. The wrapper cached data is not used for normal vbnv_read/vbnv_write because some callers need the ability to force a write if the backend storage is cleared (i.e. CMOS clear). BUG=chrome-os-partner:47915 BRANCH=glados TEST=build and boot on chell Change-Id: I4d2e0e99af7e8a44aec77ad9991507401babcca6 Signed-off-by: Patrick Georgi <pgeorgi@chromium.org> Original-Commit-Id: c30f60434a64f6c0eb9ede45d48ddafff19dd24f Original-Change-Id: Ia97f6607c5ad837b9aa10b45211137221ccb93a0 Original-Signed-off-by: Duncan Laurie <dlaurie@chromium.org> Original-Reviewed-on: https://chromium-review.googlesource.com/324120 Original-Reviewed-by: Aaron Durbin <adurbin@chromium.org> Reviewed-on: https://review.coreboot.org/13597 Tested-by: build bot (Jenkins) Reviewed-by: Martin Roth <martinroth@google.com>
2016-01-26 02:13:27 +01:00
read_vbnv_ec(vbnv_copy);
coreboot: Replace all IS_ENABLED(CONFIG_XXX) with CONFIG(XXX) This patch is a raw application of find src/ -type f | xargs sed -i -e 's/IS_ENABLED\s*(CONFIG_/CONFIG(/g' Change-Id: I6262d6d5c23cabe23c242b4f38d446b74fe16b88 Signed-off-by: Julius Werner <jwerner@chromium.org> Reviewed-on: https://review.coreboot.org/c/coreboot/+/31774 Tested-by: build bot (Jenkins) <no-reply@coreboot.org> Reviewed-by: Patrick Georgi <pgeorgi@google.com>
2019-03-06 01:53:33 +01:00
else if (CONFIG(VBOOT_VBNV_FLASH))
chromeos: Add vbnv wrapper for the different backends Add a wrapper around the vbnv implementations and call into the different backend functions from there. Also move some of the common functions to the common code and simplify the backend drivers. This will allow some of the code to be re-used so the CMOS backend can backup the data into the flash backend. One side effect of this is that the cache of VBNV was removed from CMOS and EC backends and moved into the VBNV wrapper, but the flash backend also still has a separate cache because it has more state and complexity in the implementation. The wrapper cached data is not used for normal vbnv_read/vbnv_write because some callers need the ability to force a write if the backend storage is cleared (i.e. CMOS clear). BUG=chrome-os-partner:47915 BRANCH=glados TEST=build and boot on chell Change-Id: I4d2e0e99af7e8a44aec77ad9991507401babcca6 Signed-off-by: Patrick Georgi <pgeorgi@chromium.org> Original-Commit-Id: c30f60434a64f6c0eb9ede45d48ddafff19dd24f Original-Change-Id: Ia97f6607c5ad837b9aa10b45211137221ccb93a0 Original-Signed-off-by: Duncan Laurie <dlaurie@chromium.org> Original-Reviewed-on: https://chromium-review.googlesource.com/324120 Original-Reviewed-by: Aaron Durbin <adurbin@chromium.org> Reviewed-on: https://review.coreboot.org/13597 Tested-by: build bot (Jenkins) Reviewed-by: Martin Roth <martinroth@google.com>
2016-01-26 02:13:27 +01:00
read_vbnv_flash(vbnv_copy);
/* Check data for consistency */
vbnv: Do not initialize vbnv_copy in vbnv layer If read_vbnv finds that the vbnv_copy is not valid, it initializes it with the correct HEADER_SIGNATURE and other attributes. However, the vbnv copy is checked for validity and initialized at the vboot layer as well. Since, vboot is the owner of this data, it should be the one initializing it. Thus, if read_vbnv sees that the data is not valid, simply reset it to all 0s and let vboot layer take care of it. This also removes the need for additional checks to ensure that the dirty vbnv copy is properly updated on storage. Change-Id: I6101ac41f31f720a6e357c9c56e571d62e0f2f47 Signed-off-by: Furquan Shaikh <furquan@google.com> Reviewed-on: https://review.coreboot.org/15498 Tested-by: build bot (Jenkins) Reviewed-by: Paul Menzel <paulepanter@users.sourceforge.net> Reviewed-by: Julius Werner <jwerner@chromium.org>
2016-06-29 20:26:27 +02:00
if (!verify_vbnv(vbnv_copy))
vboot: expose vbnv_reset() function It's helpful to use the common vbnv_reset() function to initialize the vbnv contents when backing store failures occur. Therefore, allow that to happen. BUG=b:63054105 Change-Id: I990639e8c163469733fdab0d3c72e064acc9f8d8 Signed-off-by: Aaron Durbin <adurbin@chromium.org> Reviewed-on: https://review.coreboot.org/21559 Tested-by: build bot (Jenkins) <no-reply@coreboot.org> Reviewed-by: Furquan Shaikh <furquan@google.com>
2017-09-15 19:17:38 +02:00
vbnv_reset(vbnv_copy);
chromeos: Add vbnv wrapper for the different backends Add a wrapper around the vbnv implementations and call into the different backend functions from there. Also move some of the common functions to the common code and simplify the backend drivers. This will allow some of the code to be re-used so the CMOS backend can backup the data into the flash backend. One side effect of this is that the cache of VBNV was removed from CMOS and EC backends and moved into the VBNV wrapper, but the flash backend also still has a separate cache because it has more state and complexity in the implementation. The wrapper cached data is not used for normal vbnv_read/vbnv_write because some callers need the ability to force a write if the backend storage is cleared (i.e. CMOS clear). BUG=chrome-os-partner:47915 BRANCH=glados TEST=build and boot on chell Change-Id: I4d2e0e99af7e8a44aec77ad9991507401babcca6 Signed-off-by: Patrick Georgi <pgeorgi@chromium.org> Original-Commit-Id: c30f60434a64f6c0eb9ede45d48ddafff19dd24f Original-Change-Id: Ia97f6607c5ad837b9aa10b45211137221ccb93a0 Original-Signed-off-by: Duncan Laurie <dlaurie@chromium.org> Original-Reviewed-on: https://chromium-review.googlesource.com/324120 Original-Reviewed-by: Aaron Durbin <adurbin@chromium.org> Reviewed-on: https://review.coreboot.org/13597 Tested-by: build bot (Jenkins) Reviewed-by: Martin Roth <martinroth@google.com>
2016-01-26 02:13:27 +01:00
}
/*
* Write VBNV data to configured storage backend.
* This assumes that the caller has updated the CRC already.
*/
void save_vbnv(const uint8_t *vbnv_copy)
{
coreboot: Replace all IS_ENABLED(CONFIG_XXX) with CONFIG(XXX) This patch is a raw application of find src/ -type f | xargs sed -i -e 's/IS_ENABLED\s*(CONFIG_/CONFIG(/g' Change-Id: I6262d6d5c23cabe23c242b4f38d446b74fe16b88 Signed-off-by: Julius Werner <jwerner@chromium.org> Reviewed-on: https://review.coreboot.org/c/coreboot/+/31774 Tested-by: build bot (Jenkins) <no-reply@coreboot.org> Reviewed-by: Patrick Georgi <pgeorgi@google.com>
2019-03-06 01:53:33 +01:00
if (CONFIG(VBOOT_VBNV_CMOS))
chromeos: Add vbnv wrapper for the different backends Add a wrapper around the vbnv implementations and call into the different backend functions from there. Also move some of the common functions to the common code and simplify the backend drivers. This will allow some of the code to be re-used so the CMOS backend can backup the data into the flash backend. One side effect of this is that the cache of VBNV was removed from CMOS and EC backends and moved into the VBNV wrapper, but the flash backend also still has a separate cache because it has more state and complexity in the implementation. The wrapper cached data is not used for normal vbnv_read/vbnv_write because some callers need the ability to force a write if the backend storage is cleared (i.e. CMOS clear). BUG=chrome-os-partner:47915 BRANCH=glados TEST=build and boot on chell Change-Id: I4d2e0e99af7e8a44aec77ad9991507401babcca6 Signed-off-by: Patrick Georgi <pgeorgi@chromium.org> Original-Commit-Id: c30f60434a64f6c0eb9ede45d48ddafff19dd24f Original-Change-Id: Ia97f6607c5ad837b9aa10b45211137221ccb93a0 Original-Signed-off-by: Duncan Laurie <dlaurie@chromium.org> Original-Reviewed-on: https://chromium-review.googlesource.com/324120 Original-Reviewed-by: Aaron Durbin <adurbin@chromium.org> Reviewed-on: https://review.coreboot.org/13597 Tested-by: build bot (Jenkins) Reviewed-by: Martin Roth <martinroth@google.com>
2016-01-26 02:13:27 +01:00
save_vbnv_cmos(vbnv_copy);
coreboot: Replace all IS_ENABLED(CONFIG_XXX) with CONFIG(XXX) This patch is a raw application of find src/ -type f | xargs sed -i -e 's/IS_ENABLED\s*(CONFIG_/CONFIG(/g' Change-Id: I6262d6d5c23cabe23c242b4f38d446b74fe16b88 Signed-off-by: Julius Werner <jwerner@chromium.org> Reviewed-on: https://review.coreboot.org/c/coreboot/+/31774 Tested-by: build bot (Jenkins) <no-reply@coreboot.org> Reviewed-by: Patrick Georgi <pgeorgi@google.com>
2019-03-06 01:53:33 +01:00
else if (CONFIG(VBOOT_VBNV_EC))
chromeos: Add vbnv wrapper for the different backends Add a wrapper around the vbnv implementations and call into the different backend functions from there. Also move some of the common functions to the common code and simplify the backend drivers. This will allow some of the code to be re-used so the CMOS backend can backup the data into the flash backend. One side effect of this is that the cache of VBNV was removed from CMOS and EC backends and moved into the VBNV wrapper, but the flash backend also still has a separate cache because it has more state and complexity in the implementation. The wrapper cached data is not used for normal vbnv_read/vbnv_write because some callers need the ability to force a write if the backend storage is cleared (i.e. CMOS clear). BUG=chrome-os-partner:47915 BRANCH=glados TEST=build and boot on chell Change-Id: I4d2e0e99af7e8a44aec77ad9991507401babcca6 Signed-off-by: Patrick Georgi <pgeorgi@chromium.org> Original-Commit-Id: c30f60434a64f6c0eb9ede45d48ddafff19dd24f Original-Change-Id: Ia97f6607c5ad837b9aa10b45211137221ccb93a0 Original-Signed-off-by: Duncan Laurie <dlaurie@chromium.org> Original-Reviewed-on: https://chromium-review.googlesource.com/324120 Original-Reviewed-by: Aaron Durbin <adurbin@chromium.org> Reviewed-on: https://review.coreboot.org/13597 Tested-by: build bot (Jenkins) Reviewed-by: Martin Roth <martinroth@google.com>
2016-01-26 02:13:27 +01:00
save_vbnv_ec(vbnv_copy);
coreboot: Replace all IS_ENABLED(CONFIG_XXX) with CONFIG(XXX) This patch is a raw application of find src/ -type f | xargs sed -i -e 's/IS_ENABLED\s*(CONFIG_/CONFIG(/g' Change-Id: I6262d6d5c23cabe23c242b4f38d446b74fe16b88 Signed-off-by: Julius Werner <jwerner@chromium.org> Reviewed-on: https://review.coreboot.org/c/coreboot/+/31774 Tested-by: build bot (Jenkins) <no-reply@coreboot.org> Reviewed-by: Patrick Georgi <pgeorgi@google.com>
2019-03-06 01:53:33 +01:00
else if (CONFIG(VBOOT_VBNV_FLASH))
chromeos: Add vbnv wrapper for the different backends Add a wrapper around the vbnv implementations and call into the different backend functions from there. Also move some of the common functions to the common code and simplify the backend drivers. This will allow some of the code to be re-used so the CMOS backend can backup the data into the flash backend. One side effect of this is that the cache of VBNV was removed from CMOS and EC backends and moved into the VBNV wrapper, but the flash backend also still has a separate cache because it has more state and complexity in the implementation. The wrapper cached data is not used for normal vbnv_read/vbnv_write because some callers need the ability to force a write if the backend storage is cleared (i.e. CMOS clear). BUG=chrome-os-partner:47915 BRANCH=glados TEST=build and boot on chell Change-Id: I4d2e0e99af7e8a44aec77ad9991507401babcca6 Signed-off-by: Patrick Georgi <pgeorgi@chromium.org> Original-Commit-Id: c30f60434a64f6c0eb9ede45d48ddafff19dd24f Original-Change-Id: Ia97f6607c5ad837b9aa10b45211137221ccb93a0 Original-Signed-off-by: Duncan Laurie <dlaurie@chromium.org> Original-Reviewed-on: https://chromium-review.googlesource.com/324120 Original-Reviewed-by: Aaron Durbin <adurbin@chromium.org> Reviewed-on: https://review.coreboot.org/13597 Tested-by: build bot (Jenkins) Reviewed-by: Martin Roth <martinroth@google.com>
2016-01-26 02:13:27 +01:00
save_vbnv_flash(vbnv_copy);
/* Clear initialized flag to force cached data to be updated */
security/vboot: Drop CAR_GLOBAL_MIGRATION support Change-Id: I9dee03da028b9111b685e325368815a86e444a47 Signed-off-by: Arthur Heymans <arthur@aheymans.xyz> Reviewed-on: https://review.coreboot.org/c/coreboot/+/37028 Tested-by: build bot (Jenkins) <no-reply@coreboot.org> Reviewed-by: Aaron Durbin <adurbin@chromium.org>
2019-11-20 19:47:10 +01:00
vbnv_initialized = 0;
chromeos: Add vbnv wrapper for the different backends Add a wrapper around the vbnv implementations and call into the different backend functions from there. Also move some of the common functions to the common code and simplify the backend drivers. This will allow some of the code to be re-used so the CMOS backend can backup the data into the flash backend. One side effect of this is that the cache of VBNV was removed from CMOS and EC backends and moved into the VBNV wrapper, but the flash backend also still has a separate cache because it has more state and complexity in the implementation. The wrapper cached data is not used for normal vbnv_read/vbnv_write because some callers need the ability to force a write if the backend storage is cleared (i.e. CMOS clear). BUG=chrome-os-partner:47915 BRANCH=glados TEST=build and boot on chell Change-Id: I4d2e0e99af7e8a44aec77ad9991507401babcca6 Signed-off-by: Patrick Georgi <pgeorgi@chromium.org> Original-Commit-Id: c30f60434a64f6c0eb9ede45d48ddafff19dd24f Original-Change-Id: Ia97f6607c5ad837b9aa10b45211137221ccb93a0 Original-Signed-off-by: Duncan Laurie <dlaurie@chromium.org> Original-Reviewed-on: https://chromium-review.googlesource.com/324120 Original-Reviewed-by: Aaron Durbin <adurbin@chromium.org> Reviewed-on: https://review.coreboot.org/13597 Tested-by: build bot (Jenkins) Reviewed-by: Martin Roth <martinroth@google.com>
2016-01-26 02:13:27 +01:00
}
security/vboot: Add function to read UDC enable flag This change adds a helper function to read USB Device Controller (UDC) enable flag from VBNV. BUG=b:78577893 BRANCH=poppy Change-Id: Ifd1e9b0781ffee242d695b72287632bc944a50c7 Signed-off-by: Duncan Laurie <dlaurie@google.com> Signed-off-by: Furquan Shaikh <furquan@google.com> Reviewed-on: https://review.coreboot.org/25846 Tested-by: build bot (Jenkins) <no-reply@coreboot.org> Reviewed-by: Aaron Durbin <adurbin@chromium.org>
2018-04-26 03:13:03 +02:00
/* Read the USB Device Controller(UDC) enable flag from VBNV. */
int vbnv_udc_enable_flag(void)
{
vbnv_setup();
security/vboot: Drop CAR_GLOBAL_MIGRATION support Change-Id: I9dee03da028b9111b685e325368815a86e444a47 Signed-off-by: Arthur Heymans <arthur@aheymans.xyz> Reviewed-on: https://review.coreboot.org/c/coreboot/+/37028 Tested-by: build bot (Jenkins) <no-reply@coreboot.org> Reviewed-by: Aaron Durbin <adurbin@chromium.org>
2019-11-20 19:47:10 +01:00
return (vbnv[DEV_FLAGS_OFFSET] & DEV_ENABLE_UDC) ? 1 : 0;
security/vboot: Add function to read UDC enable flag This change adds a helper function to read USB Device Controller (UDC) enable flag from VBNV. BUG=b:78577893 BRANCH=poppy Change-Id: Ifd1e9b0781ffee242d695b72287632bc944a50c7 Signed-off-by: Duncan Laurie <dlaurie@google.com> Signed-off-by: Furquan Shaikh <furquan@google.com> Reviewed-on: https://review.coreboot.org/25846 Tested-by: build bot (Jenkins) <no-reply@coreboot.org> Reviewed-by: Aaron Durbin <adurbin@chromium.org>
2018-04-26 03:13:03 +02:00
}
vboot: introduce vbnv_init() Add vbnv_init() which is responsible for doing any vbnv initialization and reading the vbnv contents. Having this function allows for putting vbnv backing store specific support in the main vboot logic path. BUG=b:63054105 Change-Id: Id8f0344e5de5338417ae2e353ae473d6909c860a Signed-off-by: Aaron Durbin <adurbin@chromium.org> Reviewed-on: https://review.coreboot.org/21550 Reviewed-by: Duncan Laurie <dlaurie@chromium.org> Tested-by: build bot (Jenkins) <no-reply@coreboot.org> Reviewed-by: Furquan Shaikh <furquan@google.com>
2017-09-15 19:15:07 +02:00
void vbnv_init(uint8_t *vbnv_copy)
{
coreboot: Replace all IS_ENABLED(CONFIG_XXX) with CONFIG(XXX) This patch is a raw application of find src/ -type f | xargs sed -i -e 's/IS_ENABLED\s*(CONFIG_/CONFIG(/g' Change-Id: I6262d6d5c23cabe23c242b4f38d446b74fe16b88 Signed-off-by: Julius Werner <jwerner@chromium.org> Reviewed-on: https://review.coreboot.org/c/coreboot/+/31774 Tested-by: build bot (Jenkins) <no-reply@coreboot.org> Reviewed-by: Patrick Georgi <pgeorgi@google.com>
2019-03-06 01:53:33 +01:00
if (CONFIG(VBOOT_VBNV_CMOS))
vboot: reset vbnv in cmos when cmos failure occurs There's an occasional issue on machines which use CMOS for their vbnv storage. The machine that just powers up from complete G3 would have had their RTC rail not held up. The contents of vbnv in CMOS could pass the crc8 though the values could be bad. In order to fix this introduce two functions: 1. vbnv_init_cmos() 2. vbnv_cmos_failed() At the start of vboot the CMOS is queried for failure. If there is a failure indicated then the vbnv data is restored from flash backup or reset to known values when there is no flash backup. BUG=b:63054105 Change-Id: I8bd6f28f64a116b84a08ce4779cd4dc73c0f2f3d Signed-off-by: Aaron Durbin <adurbin@chromium.org> Reviewed-on: https://review.coreboot.org/21560 Tested-by: build bot (Jenkins) <no-reply@coreboot.org> Reviewed-by: Julius Werner <jwerner@chromium.org> Reviewed-by: Furquan Shaikh <furquan@google.com>
2017-09-15 23:23:04 +02:00
vbnv_init_cmos(vbnv_copy);
vboot: introduce vbnv_init() Add vbnv_init() which is responsible for doing any vbnv initialization and reading the vbnv contents. Having this function allows for putting vbnv backing store specific support in the main vboot logic path. BUG=b:63054105 Change-Id: Id8f0344e5de5338417ae2e353ae473d6909c860a Signed-off-by: Aaron Durbin <adurbin@chromium.org> Reviewed-on: https://review.coreboot.org/21550 Reviewed-by: Duncan Laurie <dlaurie@chromium.org> Tested-by: build bot (Jenkins) <no-reply@coreboot.org> Reviewed-by: Furquan Shaikh <furquan@google.com>
2017-09-15 19:15:07 +02:00
read_vbnv(vbnv_copy);
}
Reference in a new issue Copy permalink