GNUBoot/coreboot-kgpe-d16
2
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity
coreboot-kgpe-d16/src/security/vboot/misc.h

102 lines
2.7 KiB
C
Raw Normal View History

vboot: move vboot files to designated directory This moves vboot1 and vboot2 files to their designated directory. Common code stays in vendorcode/google/chromeos. BUG=none BRANCH=none TEST=built cosmos, veyron_pinky, rush_ryu, nyan_blaze, samus, parrot, lumpy, daisy_spring, and storm. Signed-off-by: Daisuke Nojiri <dnojiri@chromium.org> Original-Change-Id: Ia9fb41ba30930b79b222269acfade7ef44b23626 Original-Reviewed-on: https://chromium-review.googlesource.com/222874 Original-Reviewed-by: Daisuke Nojiri <dnojiri@chromium.org> Original-Commit-Queue: Daisuke Nojiri <dnojiri@chromium.org> Original-Tested-by: Daisuke Nojiri <dnojiri@chromium.org> (cherry picked from commit cbfef9ad40776d890e2149b9db788fe0b387d210) Signed-off-by: Aaron Durbin <adurbin@chromium.org> Change-Id: Ia73696accfd93cc14ca83516fa77f87331faef51 Reviewed-on: http://review.coreboot.org/9433 Tested-by: build bot (Jenkins) Reviewed-by: Patrick Georgi <pgeorgi@google.com>
2014-10-10 19:51:06 +02:00
/*
* This file is part of the coreboot project.
*
*
* This program is free software; you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by
* the Free Software Foundation; version 2 of the License.
*
* This program is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU General Public License for more details.
*/
vboot: Separate vboot from chromeos VBOOT_VERIFY_FIRMWARE should be independent of CHROMEOS. This allows use of verified boot library without having to stick to CHROMEOS. BUG=chrome-os-partner:55639 Change-Id: Ia2c328712caedd230ab295b8a613e3c1ed1532d9 Signed-off-by: Furquan Shaikh <furquan@google.com> Reviewed-on: https://review.coreboot.org/15867 Tested-by: build bot (Jenkins) Reviewed-by: Duncan Laurie <dlaurie@chromium.org>
2016-07-25 20:48:03 +02:00
#ifndef __VBOOT_MISC_H__
#define __VBOOT_MISC_H__
vboot: move vboot files to designated directory This moves vboot1 and vboot2 files to their designated directory. Common code stays in vendorcode/google/chromeos. BUG=none BRANCH=none TEST=built cosmos, veyron_pinky, rush_ryu, nyan_blaze, samus, parrot, lumpy, daisy_spring, and storm. Signed-off-by: Daisuke Nojiri <dnojiri@chromium.org> Original-Change-Id: Ia9fb41ba30930b79b222269acfade7ef44b23626 Original-Reviewed-on: https://chromium-review.googlesource.com/222874 Original-Reviewed-by: Daisuke Nojiri <dnojiri@chromium.org> Original-Commit-Queue: Daisuke Nojiri <dnojiri@chromium.org> Original-Tested-by: Daisuke Nojiri <dnojiri@chromium.org> (cherry picked from commit cbfef9ad40776d890e2149b9db788fe0b387d210) Signed-off-by: Aaron Durbin <adurbin@chromium.org> Change-Id: Ia73696accfd93cc14ca83516fa77f87331faef51 Reviewed-on: http://review.coreboot.org/9433 Tested-by: build bot (Jenkins) Reviewed-by: Patrick Georgi <pgeorgi@google.com>
2014-10-10 19:51:06 +02:00
vboot: Turn vboot_logic_executed() into a static inline This patch moves vboot_logic_executed() (and its dependencies) into a header and turns it into a static inline function. The function is used to guard larger amounts of code in several places, so this should allow us to save some more space through compile-time elimination (and also makes it easier to avoid undefined reference issues in some cases). Change-Id: I193f608882cbfe07dc91ee90d02fafbd67a3c324 Signed-off-by: Julius Werner <jwerner@chromium.org> Reviewed-on: https://review.coreboot.org/c/coreboot/+/32716 Tested-by: build bot (Jenkins) <no-reply@coreboot.org> Reviewed-by: Aaron Durbin <adurbin@chromium.org> Reviewed-by: Frans Hendriks <fhendriks@eltan.com>
2019-05-09 23:16:13 +02:00
#include <assert.h>
security/vboot: Move vboot2 to security kconfig section This commit just moves the vboot sources into the security directory and fixes kconfig/makefile paths. Fix vboot2 headers Change-Id: Icd87f95640186f7a625242a3937e1dd13347eb60 Signed-off-by: Philipp Deppenwiese <zaolin@das-labor.org> Reviewed-on: https://review.coreboot.org/22074 Tested-by: build bot (Jenkins) <no-reply@coreboot.org> Reviewed-by: Martin Roth <martinroth@google.com>
2017-10-17 17:02:29 +02:00
#include <security/vboot/vboot_common.h>
vboot: fix up some includes These header files need to make use of vb2_shared_data. Remove the last vestiges of vboot1 data structures in coreboot. BUG=b:124141368, chromium:1038260 TEST=Build locally with CL:2054269 TEST=make clean && make test-abuild BRANCH=none Change-Id: I61b27e33751c11aac9f8af261a75d83b003b5f92 Signed-off-by: Joel Kitching <kitching@google.com> Reviewed-on: https://review.coreboot.org/c/coreboot/+/38884 Reviewed-by: Hung-Te Lin <hungte@chromium.org> Reviewed-by: Patrick Georgi <pgeorgi@google.com> Tested-by: build bot (Jenkins) <no-reply@coreboot.org>
2020-02-14 06:18:06 +01:00
#include <vb2_api.h>
vboot: restructure vboot work buffer handling For the purpose of isolating the work buffer logic the surface area of the API was slimmed down. The vb2_working_data structure is no longer exposed, and the function signatures are updated accordingly. BUG=chrome-os-partner:44827 BRANCH=None TEST=Built and booted glados. Change-Id: If64184a79e9571ee8ef9822cfce1eda20fceee00 Signed-off-by: Aaron Durbin <adurbin@chromium.org> Reviewed-on: http://review.coreboot.org/11818 Tested-by: build bot (Jenkins) Reviewed-by: Patrick Georgi <pgeorgi@google.com>
2015-10-07 00:29:03 +02:00
vboot: rename symbols for better consistency Symbols prefixed with vb2_ should be reserved for internal vboot library use. Anything outside of that may choose some other prefix. Here, we choose vboot_ instead. Also, add some documentation to security/vboot/misc.h, which provides headers for a number of different C files. BUG=b:124141368 TEST=Build and deploy to eve TEST=util/lint/checkpatch.pl -g origin/master..HEAD TEST=util/abuild/abuild -B -e -y -c 50 -p none -x TEST=make clean && make test-abuild BRANCH=none Change-Id: I5d9154fd2d5df25ee254bd5ce4a173afaa6588be Signed-off-by: Joel Kitching <kitching@google.com> Reviewed-on: https://review.coreboot.org/c/coreboot/+/31886 Reviewed-by: Julius Werner <jwerner@chromium.org> Tested-by: build bot (Jenkins) <no-reply@coreboot.org>
2019-03-13 15:38:07 +01:00
/*
* Source: security/vboot/common.c
*/
vboot: use vboot persistent context vb2_context object is now stored on the workbuf as part of vb2_shared_data. Use vboot's new API functions vb2api_init and vb2api_relocate to create and move the workbuf. BUG=b:124141368, chromium:994060 TEST=Build locally BRANCH=none Change-Id: I051be1e47bf79b15a1689d49a5d4c031e9363dfa Signed-off-by: Joel Kitching <kitching@google.com> Also-Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/third_party/coreboot/+/1902339 Reviewed-on: https://review.coreboot.org/c/coreboot/+/36300 Tested-by: build bot (Jenkins) <no-reply@coreboot.org> Reviewed-by: Patrick Georgi <pgeorgi@google.com> Reviewed-by: Stefan Reinauer <stefan.reinauer@coreboot.org> Reviewed-by: Maulik V Vaghela <maulik.v.vaghela@intel.com>
2019-10-23 09:01:37 +02:00
struct vb2_context *vboot_get_context(void);
vboot: move vboot files to designated directory This moves vboot1 and vboot2 files to their designated directory. Common code stays in vendorcode/google/chromeos. BUG=none BRANCH=none TEST=built cosmos, veyron_pinky, rush_ryu, nyan_blaze, samus, parrot, lumpy, daisy_spring, and storm. Signed-off-by: Daisuke Nojiri <dnojiri@chromium.org> Original-Change-Id: Ia9fb41ba30930b79b222269acfade7ef44b23626 Original-Reviewed-on: https://chromium-review.googlesource.com/222874 Original-Reviewed-by: Daisuke Nojiri <dnojiri@chromium.org> Original-Commit-Queue: Daisuke Nojiri <dnojiri@chromium.org> Original-Tested-by: Daisuke Nojiri <dnojiri@chromium.org> (cherry picked from commit cbfef9ad40776d890e2149b9db788fe0b387d210) Signed-off-by: Aaron Durbin <adurbin@chromium.org> Change-Id: Ia73696accfd93cc14ca83516fa77f87331faef51 Reviewed-on: http://review.coreboot.org/9433 Tested-by: build bot (Jenkins) Reviewed-by: Patrick Georgi <pgeorgi@google.com>
2014-10-10 19:51:06 +02:00
security/vboot: Remove selected_region from struct vboot_working_data Since we already have pre-RAM cache for FMAP (CB:36657), calling load_firmware() multiple times is no longer a problem. This patch replaces vboot_get_selected_region() usage with vboot_locate_firmware(), which locates the firmware by reading from the CBMEM cache. In addition, returning false from vboot_is_slot_selected() implies the recovery path was requested, i.e., vb2_shared_data.recovery_reason was set. Therefore, we simply remove the vboot_is_slot_selected() check from vboot_check_recovery_request(). BRANCH=none BUG=chromium:1021452 TEST=emerge-kukui coreboot Change-Id: I27cb1a2175beb189053fc3e44b17b60aba474bb0 Signed-off-by: Yu-Ping Wu <yupingso@chromium.org> Reviewed-on: https://review.coreboot.org/c/coreboot/+/36845 Tested-by: build bot (Jenkins) <no-reply@coreboot.org> Reviewed-by: Julius Werner <jwerner@chromium.org>
2019-11-14 08:42:25 +01:00
/*
* Returns 1 if firmware slot A is used, 0 if slot B is used.
*/
security/vboot: Ensure firmware body size is respected again CB:36845 simplified how coreboot finds the RW CBFS after vboot has and eliminated a layer of caching. Unfortunately, we missed the fact that the former cached value didn't exactly match the FMAP section... it was in fact truncated to the data actually used by vboot. That patch unintentionally broke this truncation which leads to performance regressions on certain CBFS accesses. This patch makes use of a new API function added to vboot (CL:1965920) which we can use to retrieve the real firmware body length as before. (Also stop making all the vb2_context pointers const. vboot generally never marks context pointers as const in its API functions, even when the function doesn't modify the context. Therefore constifying it inside coreboot just makes things weird because it prevents you from calling random API functions for no reason. If we really want const context pointers, that's a refactoring that would have to start inside vboot first.) This patch brings in upstream vboot commit 4b0408d2: 2019-12-12 Julius Werner 2lib: Move firmware body size reporting to separate function Change-Id: I167cd40cb435dbae7f09d6069c9f1ffc1d99fe13 Signed-off-by: Julius Werner <jwerner@chromium.org> Reviewed-on: https://review.coreboot.org/c/coreboot/+/37680 Tested-by: build bot (Jenkins) <no-reply@coreboot.org> Reviewed-by: Mathew King <mathewk@chromium.org>
2019-12-12 22:23:06 +01:00
static inline int vboot_is_firmware_slot_a(struct vb2_context *ctx)
security/vboot: Remove selected_region from struct vboot_working_data Since we already have pre-RAM cache for FMAP (CB:36657), calling load_firmware() multiple times is no longer a problem. This patch replaces vboot_get_selected_region() usage with vboot_locate_firmware(), which locates the firmware by reading from the CBMEM cache. In addition, returning false from vboot_is_slot_selected() implies the recovery path was requested, i.e., vb2_shared_data.recovery_reason was set. Therefore, we simply remove the vboot_is_slot_selected() check from vboot_check_recovery_request(). BRANCH=none BUG=chromium:1021452 TEST=emerge-kukui coreboot Change-Id: I27cb1a2175beb189053fc3e44b17b60aba474bb0 Signed-off-by: Yu-Ping Wu <yupingso@chromium.org> Reviewed-on: https://review.coreboot.org/c/coreboot/+/36845 Tested-by: build bot (Jenkins) <no-reply@coreboot.org> Reviewed-by: Julius Werner <jwerner@chromium.org>
2019-11-14 08:42:25 +01:00
{
return !(ctx->flags & VB2_CONTEXT_FW_SLOT_B);
}
vboot: rename symbols for better consistency Symbols prefixed with vb2_ should be reserved for internal vboot library use. Anything outside of that may choose some other prefix. Here, we choose vboot_ instead. Also, add some documentation to security/vboot/misc.h, which provides headers for a number of different C files. BUG=b:124141368 TEST=Build and deploy to eve TEST=util/lint/checkpatch.pl -g origin/master..HEAD TEST=util/abuild/abuild -B -e -y -c 50 -p none -x TEST=make clean && make test-abuild BRANCH=none Change-Id: I5d9154fd2d5df25ee254bd5ce4a173afaa6588be Signed-off-by: Joel Kitching <kitching@google.com> Reviewed-on: https://review.coreboot.org/c/coreboot/+/31886 Reviewed-by: Julius Werner <jwerner@chromium.org> Tested-by: build bot (Jenkins) <no-reply@coreboot.org>
2019-03-13 15:38:07 +01:00
security/vboot: Use persistent context to read GBB flags With the persistent vboot context coreboot no longer needs to read GBB flags from flash itself -- it can just ask vboot for the cached result. This patch removes the existing GBB code and provides gbb_is_flag_set() (with a slightly better namespaced name) as a static inline instead. Change-Id: Ibc3ed0f3fbeb53d630925d47df4dc474b0ed07ee Signed-off-by: Julius Werner <jwerner@chromium.org> Reviewed-on: https://review.coreboot.org/c/coreboot/+/37261 Tested-by: build bot (Jenkins) <no-reply@coreboot.org> Reviewed-by: Joel Kitching <kitching@google.com>
2019-11-27 02:58:11 +01:00
/*
* Check if given flag is set in the flags field in GBB header.
* Return value:
* true: Flag is set.
* false: Flag is not set.
*/
static inline bool vboot_is_gbb_flag_set(enum vb2_gbb_flag flag)
{
return !!(vb2api_gbb_get_flags(vboot_get_context()) & flag);
}
security/vboot: Remove selected_region from struct vboot_working_data Since we already have pre-RAM cache for FMAP (CB:36657), calling load_firmware() multiple times is no longer a problem. This patch replaces vboot_get_selected_region() usage with vboot_locate_firmware(), which locates the firmware by reading from the CBMEM cache. In addition, returning false from vboot_is_slot_selected() implies the recovery path was requested, i.e., vb2_shared_data.recovery_reason was set. Therefore, we simply remove the vboot_is_slot_selected() check from vboot_check_recovery_request(). BRANCH=none BUG=chromium:1021452 TEST=emerge-kukui coreboot Change-Id: I27cb1a2175beb189053fc3e44b17b60aba474bb0 Signed-off-by: Yu-Ping Wu <yupingso@chromium.org> Reviewed-on: https://review.coreboot.org/c/coreboot/+/36845 Tested-by: build bot (Jenkins) <no-reply@coreboot.org> Reviewed-by: Julius Werner <jwerner@chromium.org>
2019-11-14 08:42:25 +01:00
/*
* Locates firmware as a region device. Returns 0 on success, -1 on failure.
*/
security/vboot: Ensure firmware body size is respected again CB:36845 simplified how coreboot finds the RW CBFS after vboot has and eliminated a layer of caching. Unfortunately, we missed the fact that the former cached value didn't exactly match the FMAP section... it was in fact truncated to the data actually used by vboot. That patch unintentionally broke this truncation which leads to performance regressions on certain CBFS accesses. This patch makes use of a new API function added to vboot (CL:1965920) which we can use to retrieve the real firmware body length as before. (Also stop making all the vb2_context pointers const. vboot generally never marks context pointers as const in its API functions, even when the function doesn't modify the context. Therefore constifying it inside coreboot just makes things weird because it prevents you from calling random API functions for no reason. If we really want const context pointers, that's a refactoring that would have to start inside vboot first.) This patch brings in upstream vboot commit 4b0408d2: 2019-12-12 Julius Werner 2lib: Move firmware body size reporting to separate function Change-Id: I167cd40cb435dbae7f09d6069c9f1ffc1d99fe13 Signed-off-by: Julius Werner <jwerner@chromium.org> Reviewed-on: https://review.coreboot.org/c/coreboot/+/37680 Tested-by: build bot (Jenkins) <no-reply@coreboot.org> Reviewed-by: Mathew King <mathewk@chromium.org>
2019-12-12 22:23:06 +01:00
int vboot_locate_firmware(struct vb2_context *ctx, struct region_device *fw);
vboot: rename symbols for better consistency Symbols prefixed with vb2_ should be reserved for internal vboot library use. Anything outside of that may choose some other prefix. Here, we choose vboot_ instead. Also, add some documentation to security/vboot/misc.h, which provides headers for a number of different C files. BUG=b:124141368 TEST=Build and deploy to eve TEST=util/lint/checkpatch.pl -g origin/master..HEAD TEST=util/abuild/abuild -B -e -y -c 50 -p none -x TEST=make clean && make test-abuild BRANCH=none Change-Id: I5d9154fd2d5df25ee254bd5ce4a173afaa6588be Signed-off-by: Joel Kitching <kitching@google.com> Reviewed-on: https://review.coreboot.org/c/coreboot/+/31886 Reviewed-by: Julius Werner <jwerner@chromium.org> Tested-by: build bot (Jenkins) <no-reply@coreboot.org>
2019-03-13 15:38:07 +01:00
/*
vboot: Turn vboot_logic_executed() into a static inline This patch moves vboot_logic_executed() (and its dependencies) into a header and turns it into a static inline function. The function is used to guard larger amounts of code in several places, so this should allow us to save some more space through compile-time elimination (and also makes it easier to avoid undefined reference issues in some cases). Change-Id: I193f608882cbfe07dc91ee90d02fafbd67a3c324 Signed-off-by: Julius Werner <jwerner@chromium.org> Reviewed-on: https://review.coreboot.org/c/coreboot/+/32716 Tested-by: build bot (Jenkins) <no-reply@coreboot.org> Reviewed-by: Aaron Durbin <adurbin@chromium.org> Reviewed-by: Frans Hendriks <fhendriks@eltan.com>
2019-05-09 23:16:13 +02:00
* The stage loading code is compiled and entered from multiple stages. The
* helper functions below attempt to provide more clarity on when certain
* code should be called. They are implemented inline for better compile-time
* code elimination.
vboot: rename symbols for better consistency Symbols prefixed with vb2_ should be reserved for internal vboot library use. Anything outside of that may choose some other prefix. Here, we choose vboot_ instead. Also, add some documentation to security/vboot/misc.h, which provides headers for a number of different C files. BUG=b:124141368 TEST=Build and deploy to eve TEST=util/lint/checkpatch.pl -g origin/master..HEAD TEST=util/abuild/abuild -B -e -y -c 50 -p none -x TEST=make clean && make test-abuild BRANCH=none Change-Id: I5d9154fd2d5df25ee254bd5ce4a173afaa6588be Signed-off-by: Joel Kitching <kitching@google.com> Reviewed-on: https://review.coreboot.org/c/coreboot/+/31886 Reviewed-by: Julius Werner <jwerner@chromium.org> Tested-by: build bot (Jenkins) <no-reply@coreboot.org>
2019-03-13 15:38:07 +01:00
*/
vboot: Turn vboot_logic_executed() into a static inline This patch moves vboot_logic_executed() (and its dependencies) into a header and turns it into a static inline function. The function is used to guard larger amounts of code in several places, so this should allow us to save some more space through compile-time elimination (and also makes it easier to avoid undefined reference issues in some cases). Change-Id: I193f608882cbfe07dc91ee90d02fafbd67a3c324 Signed-off-by: Julius Werner <jwerner@chromium.org> Reviewed-on: https://review.coreboot.org/c/coreboot/+/32716 Tested-by: build bot (Jenkins) <no-reply@coreboot.org> Reviewed-by: Aaron Durbin <adurbin@chromium.org> Reviewed-by: Frans Hendriks <fhendriks@eltan.com>
2019-05-09 23:16:13 +02:00
static inline int verification_should_run(void)
{
if (CONFIG(VBOOT_SEPARATE_VERSTAGE))
return ENV_VERSTAGE;
else if (CONFIG(VBOOT_STARTS_IN_ROMSTAGE))
return ENV_ROMSTAGE;
else if (CONFIG(VBOOT_STARTS_IN_BOOTBLOCK))
return ENV_BOOTBLOCK;
else
dead_code();
}
static inline int verstage_should_load(void)
{
if (CONFIG(VBOOT_SEPARATE_VERSTAGE))
return ENV_BOOTBLOCK;
else
return 0;
}
static inline int vboot_logic_executed(void)
{
extern int vboot_executed; /* should not be globally accessible */
/* If we are in the stage that runs verification, or in the stage that
both loads the verstage and is returned to from it afterwards, we
src/security: Fix typos Change-Id: I238fce2d48cf62003a701f972a87974415419538 Signed-off-by: Elyes HAOUAS <ehaouas@noos.fr> Reviewed-on: https://review.coreboot.org/c/coreboot/+/38198 Tested-by: build bot (Jenkins) <no-reply@coreboot.org> Reviewed-by: Aaron Durbin <adurbin@chromium.org> Reviewed-by: Nico Huber <nico.h@gmx.de> Reviewed-by: Paul Menzel <paulepanter@users.sourceforge.net> Reviewed-by: Angel Pons <th3fanbus@gmail.com>
2020-01-05 13:14:06 +01:00
need to check a global to see if verification has run. */
vboot: Turn vboot_logic_executed() into a static inline This patch moves vboot_logic_executed() (and its dependencies) into a header and turns it into a static inline function. The function is used to guard larger amounts of code in several places, so this should allow us to save some more space through compile-time elimination (and also makes it easier to avoid undefined reference issues in some cases). Change-Id: I193f608882cbfe07dc91ee90d02fafbd67a3c324 Signed-off-by: Julius Werner <jwerner@chromium.org> Reviewed-on: https://review.coreboot.org/c/coreboot/+/32716 Tested-by: build bot (Jenkins) <no-reply@coreboot.org> Reviewed-by: Aaron Durbin <adurbin@chromium.org> Reviewed-by: Frans Hendriks <fhendriks@eltan.com>
2019-05-09 23:16:13 +02:00
if (verification_should_run() ||
(verstage_should_load() && CONFIG(VBOOT_RETURN_FROM_VERSTAGE)))
security/vboot: Drop CAR_GLOBAL_MIGRATION support Change-Id: I9dee03da028b9111b685e325368815a86e444a47 Signed-off-by: Arthur Heymans <arthur@aheymans.xyz> Reviewed-on: https://review.coreboot.org/c/coreboot/+/37028 Tested-by: build bot (Jenkins) <no-reply@coreboot.org> Reviewed-by: Aaron Durbin <adurbin@chromium.org>
2019-11-20 19:47:10 +01:00
return vboot_executed;
vboot: Turn vboot_logic_executed() into a static inline This patch moves vboot_logic_executed() (and its dependencies) into a header and turns it into a static inline function. The function is used to guard larger amounts of code in several places, so this should allow us to save some more space through compile-time elimination (and also makes it easier to avoid undefined reference issues in some cases). Change-Id: I193f608882cbfe07dc91ee90d02fafbd67a3c324 Signed-off-by: Julius Werner <jwerner@chromium.org> Reviewed-on: https://review.coreboot.org/c/coreboot/+/32716 Tested-by: build bot (Jenkins) <no-reply@coreboot.org> Reviewed-by: Aaron Durbin <adurbin@chromium.org> Reviewed-by: Frans Hendriks <fhendriks@eltan.com>
2019-05-09 23:16:13 +02:00
if (CONFIG(VBOOT_STARTS_IN_BOOTBLOCK)) {
/* All other stages are "after the bootblock" */
return !ENV_BOOTBLOCK;
} else if (CONFIG(VBOOT_STARTS_IN_ROMSTAGE)) {
/* Post-RAM stages are "after the romstage" */
security/vboot: Replace use of __PRE_RAM__ Change-Id: Ibaeda2762c733fdbe48979b635cc0cfd7ee4295d Signed-off-by: Kyösti Mälkki <kyosti.malkki@gmail.com> Reviewed-on: https://review.coreboot.org/c/coreboot/+/35387 Reviewed-by: Furquan Shaikh <furquan@google.com> Reviewed-by: Aaron Durbin <adurbin@chromium.org> Tested-by: build bot (Jenkins) <no-reply@coreboot.org>
2019-09-12 16:09:55 +02:00
return !ENV_ROMSTAGE_OR_BEFORE;
vboot: Turn vboot_logic_executed() into a static inline This patch moves vboot_logic_executed() (and its dependencies) into a header and turns it into a static inline function. The function is used to guard larger amounts of code in several places, so this should allow us to save some more space through compile-time elimination (and also makes it easier to avoid undefined reference issues in some cases). Change-Id: I193f608882cbfe07dc91ee90d02fafbd67a3c324 Signed-off-by: Julius Werner <jwerner@chromium.org> Reviewed-on: https://review.coreboot.org/c/coreboot/+/32716 Tested-by: build bot (Jenkins) <no-reply@coreboot.org> Reviewed-by: Aaron Durbin <adurbin@chromium.org> Reviewed-by: Frans Hendriks <fhendriks@eltan.com>
2019-05-09 23:16:13 +02:00
} else {
dead_code();
}
}
google/chromeos: Add support for saving recovery reason across reboot On some x86 platforms (skylake, apollolake), we observe reboots at different steps during the FSP initialization. These additional reboots result in loss of recovery request because vboot_reference library clears recovery request on vbnv once verification is complete and it has made a decision about which boot path to take(normal/dev, slot-a/slot-b, recovery). Provide a way to allow mainboards/chipsets to inform recovery module in vboot2 to save recovery reason to survive unexpected reboots. The recovery reason is set in vbnv after vboot_reference library completes its verification and clears the reason in vbnv while jumping to payload. BUG=chrome-os-partner:55431 Change-Id: Ie96be9aeb42c8209d8215943409e6327d6a8bf98 Signed-off-by: Furquan Shaikh <furquan@google.com> Reviewed-on: https://review.coreboot.org/15802 Tested-by: build bot (Jenkins) Reviewed-by: Aaron Durbin <adurbin@chromium.org>
2016-07-22 17:56:43 +02:00
vboot: Separate vboot from chromeos VBOOT_VERIFY_FIRMWARE should be independent of CHROMEOS. This allows use of verified boot library without having to stick to CHROMEOS. BUG=chrome-os-partner:55639 Change-Id: Ia2c328712caedd230ab295b8a613e3c1ed1532d9 Signed-off-by: Furquan Shaikh <furquan@google.com> Reviewed-on: https://review.coreboot.org/15867 Tested-by: build bot (Jenkins) Reviewed-by: Duncan Laurie <dlaurie@chromium.org>
2016-07-25 20:48:03 +02:00
#endif /* __VBOOT_MISC_H__ */
Reference in a new issue Copy permalink