From 1124cec59a2c705a4ef3740dbdf0f68113602d31 Mon Sep 17 00:00:00 2001 From: Aaron Durbin Date: Wed, 22 Apr 2015 10:41:42 -0500 Subject: [PATCH] chromeos: remove VBOOT2_VERIFY_FIRMWARE option There's no need to have the VBOOT2_VERIFY_FIRMWARE distinction because it's the only game in town. Change-Id: I82aab665934c27829e1a04115bf499ae527a91aa Signed-off-by: Aaron Durbin Reviewed-on: http://review.coreboot.org/9958 Tested-by: build bot (Jenkins) Reviewed-by: Patrick Georgi --- src/ec/google/chromeec/Makefile.inc | 3 --- src/lib/coreboot_table.c | 2 +- src/mainboard/google/nyan_blaze/Kconfig | 3 +-- src/mainboard/google/nyan_blaze/romstage.c | 6 +++--- src/mainboard/google/rush/memlayout.ld | 2 +- src/mainboard/google/rush_ryu/memlayout.ld | 2 +- src/soc/marvell/bg4cd/Kconfig | 2 +- src/soc/marvell/bg4cd/Makefile.inc | 4 ++-- src/vendorcode/google/chromeos/Kconfig | 12 ++++++------ src/vendorcode/google/chromeos/Makefile.inc | 2 +- src/vendorcode/google/chromeos/chromeos.h | 6 +++--- src/vendorcode/google/chromeos/vbnv_flash.c | 6 ------ src/vendorcode/google/chromeos/vboot2/Kconfig | 19 +++++-------------- src/vendorcode/google/chromeos/vboot_helper.c | 7 ------- 14 files changed, 25 insertions(+), 51 deletions(-) diff --git a/src/ec/google/chromeec/Makefile.inc b/src/ec/google/chromeec/Makefile.inc index 8757c0b594..70db2e2c98 100644 --- a/src/ec/google/chromeec/Makefile.inc +++ b/src/ec/google/chromeec/Makefile.inc @@ -13,11 +13,8 @@ romstage-$(CONFIG_EC_GOOGLE_CHROMEEC_I2C) += ec_i2c.c romstage-$(CONFIG_EC_GOOGLE_CHROMEEC_LPC) += ec_lpc.c romstage-$(CONFIG_EC_GOOGLE_CHROMEEC_MEC) += ec_mec.c romstage-$(CONFIG_EC_GOOGLE_CHROMEEC_SPI) += ec_spi.c -ifeq ($(CONFIG_VBOOT2_VERIFY_FIRMWARE),y) verstage-y += ec.c crosec_proto.c verstage-$(CONFIG_EC_GOOGLE_CHROMEEC_I2C) += ec_i2c.c verstage-$(CONFIG_EC_GOOGLE_CHROMEEC_LPC) += ec_lpc.c verstage-$(CONFIG_EC_GOOGLE_CHROMEEC_MEC) += ec_mec.c verstage-$(CONFIG_EC_GOOGLE_CHROMEEC_SPI) += ec_spi.c -endif - diff --git a/src/lib/coreboot_table.c b/src/lib/coreboot_table.c index 8319c03c0f..4af50edb92 100644 --- a/src/lib/coreboot_table.c +++ b/src/lib/coreboot_table.c @@ -195,7 +195,7 @@ static void lb_vbnv(struct lb_header *header) #endif } -#if CONFIG_VBOOT_VERIFY_FIRMWARE || CONFIG_VBOOT2_VERIFY_FIRMWARE +#if CONFIG_VBOOT_VERIFY_FIRMWARE static void lb_vboot_handoff(struct lb_header *header) { void *addr; diff --git a/src/mainboard/google/nyan_blaze/Kconfig b/src/mainboard/google/nyan_blaze/Kconfig index 54e6ef3be7..3b7c555f58 100644 --- a/src/mainboard/google/nyan_blaze/Kconfig +++ b/src/mainboard/google/nyan_blaze/Kconfig @@ -85,8 +85,7 @@ config EC_GOOGLE_CHROMEEC_SPI_BUS config VBOOT_RAMSTAGE_INDEX hex - default 0x3 if VBOOT2_VERIFY_FIRMWARE - default 0x2 + default 0x3 config FLASHMAP_OFFSET hex diff --git a/src/mainboard/google/nyan_blaze/romstage.c b/src/mainboard/google/nyan_blaze/romstage.c index c9510d627e..12b2ffb366 100644 --- a/src/mainboard/google/nyan_blaze/romstage.c +++ b/src/mainboard/google/nyan_blaze/romstage.c @@ -58,7 +58,7 @@ static void __attribute__((noinline)) romstage(void) u32 dram_end_mb = sdram_max_addressable_mb(); u32 dram_size_mb = dram_end_mb - dram_start_mb; -#if !CONFIG_VBOOT2_VERIFY_FIRMWARE +#if !CONFIG_VBOOT_VERIFY_FIRMWARE configure_l2_cache(); mmu_init(); /* Device memory below DRAM is uncached. */ @@ -95,7 +95,7 @@ static void __attribute__((noinline)) romstage(void) early_mainboard_init(); -#if CONFIG_VBOOT2_VERIFY_FIRMWARE +#if CONFIG_VBOOT_VERIFY_FIRMWARE entry = vboot2_load_ramstage(); #else early_mainboard_init(); @@ -108,7 +108,7 @@ static void __attribute__((noinline)) romstage(void) /* Stub to force arm_init_caches to the top, before any stack/memory accesses */ void main(void) { -#if !CONFIG_VBOOT2_VERIFY_FIRMWARE +#if !CONFIG_VBOOT_VERIFY_FIRMWARE asm volatile ("bl arm_init_caches" ::: "r0","r1","r2","r3","r4","r5","ip"); #endif diff --git a/src/mainboard/google/rush/memlayout.ld b/src/mainboard/google/rush/memlayout.ld index d8fdb9a94b..367a88e48e 100644 --- a/src/mainboard/google/rush/memlayout.ld +++ b/src/mainboard/google/rush/memlayout.ld @@ -1,4 +1,4 @@ -#if IS_ENABLED(CONFIG_VBOOT2_VERIFY_FIRMWARE) +#if IS_ENABLED(CONFIG_VBOOT_VERIFY_FIRMWARE) #include #else #include diff --git a/src/mainboard/google/rush_ryu/memlayout.ld b/src/mainboard/google/rush_ryu/memlayout.ld index d8fdb9a94b..367a88e48e 100644 --- a/src/mainboard/google/rush_ryu/memlayout.ld +++ b/src/mainboard/google/rush_ryu/memlayout.ld @@ -1,4 +1,4 @@ -#if IS_ENABLED(CONFIG_VBOOT2_VERIFY_FIRMWARE) +#if IS_ENABLED(CONFIG_VBOOT_VERIFY_FIRMWARE) #include #else #include diff --git a/src/soc/marvell/bg4cd/Kconfig b/src/soc/marvell/bg4cd/Kconfig index 725f56153c..96fd8efe77 100644 --- a/src/soc/marvell/bg4cd/Kconfig +++ b/src/soc/marvell/bg4cd/Kconfig @@ -24,7 +24,7 @@ config SOC_MARVELL_BG4CD select ARCH_RAMSTAGE_ARMV7 select ARCH_ROMSTAGE_ARMV7 select ARCH_VERSTAGE_ARMV7_M - select ARM_BOOTBLOCK_CUSTOM if VBOOT2_VERIFY_FIRMWARE + select ARM_BOOTBLOCK_CUSTOM if VBOOT_VERIFY_FIRMWARE select BOOTBLOCK_CONSOLE select CPU_HAS_BOOTBLOCK_INIT select DYNAMIC_CBMEM diff --git a/src/soc/marvell/bg4cd/Makefile.inc b/src/soc/marvell/bg4cd/Makefile.inc index a540250ce8..4a58e6f8eb 100644 --- a/src/soc/marvell/bg4cd/Makefile.inc +++ b/src/soc/marvell/bg4cd/Makefile.inc @@ -17,8 +17,8 @@ ## Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA ## -bootblock-$(CONFIG_VBOOT2_VERIFY_FIRMWARE) += bootblock_asm.S -bootblock-$(CONFIG_VBOOT2_VERIFY_FIRMWARE) += bootblock.c +bootblock-$(CONFIG_VBOOT_VERIFY_FIRMWARE) += bootblock_asm.S +bootblock-$(CONFIG_VBOOT_VERIFY_FIRMWARE) += bootblock.c bootblock-y += cbmem.c bootblock-y += i2c.c diff --git a/src/vendorcode/google/chromeos/Kconfig b/src/vendorcode/google/chromeos/Kconfig index cf3bd0729b..a75237e488 100644 --- a/src/vendorcode/google/chromeos/Kconfig +++ b/src/vendorcode/google/chromeos/Kconfig @@ -104,7 +104,7 @@ config FLASHMAP_OFFSET config EC_SOFTWARE_SYNC bool "Enable EC software sync" default n - depends on VBOOT_VERIFY_FIRMWARE || VBOOT2_VERIFY_FIRMWARE + depends on VBOOT_VERIFY_FIRMWARE help EC software sync is a mechanism where the AP helps the EC verify its firmware similar to how vboot verifies the main system firmware. This @@ -128,14 +128,14 @@ config VBOOT_OPROM_MATTERS config VIRTUAL_DEV_SWITCH bool "Virtual developer switch support" default n - depends on VBOOT_VERIFY_FIRMWARE || VBOOT2_VERIFY_FIRMWARE + depends on VBOOT_VERIFY_FIRMWARE help Whether this platform has a virtual developer switch. config VBOOT_VERIFY_FIRMWARE bool "Verify firmware with vboot." default n - depends on CHROMEOS + depends on CHROMEOS && HAVE_HARD_RESET help Enabling VBOOT_VERIFY_FIRMWARE will use vboot to verify the components of the firmware (stages, payload, etc). @@ -148,7 +148,7 @@ config VBOOT_VERIFY_FIRMWARE config VBOOT_BOOT_LOADER_INDEX hex "Bootloader component index" default 0 - depends on VBOOT_VERIFY_FIRMWARE || VBOOT2_VERIFY_FIRMWARE + depends on VBOOT_VERIFY_FIRMWARE help This is the index of the bootloader component in the verified firmware block. @@ -164,7 +164,7 @@ config VBOOT_REFCODE_INDEX config VBOOT_RAMSTAGE_INDEX hex "Ramstage component index" default 1 - depends on VBOOT_VERIFY_FIRMWARE || VBOOT2_VERIFY_FIRMWARE + depends on VBOOT_VERIFY_FIRMWARE help This is the index of the ramstage component in the verified firmware block. @@ -172,7 +172,7 @@ config VBOOT_RAMSTAGE_INDEX config VBOOT_ROMSTAGE_INDEX hex "Romstage component index" default 2 - depends on VBOOT2_VERIFY_FIRMWARE + depends on VBOOT_VERIFY_FIRMWARE help This is the index of the romstage component in the verified firmware block. diff --git a/src/vendorcode/google/chromeos/Makefile.inc b/src/vendorcode/google/chromeos/Makefile.inc index 873b81f24f..33cdb26674 100644 --- a/src/vendorcode/google/chromeos/Makefile.inc +++ b/src/vendorcode/google/chromeos/Makefile.inc @@ -54,5 +54,5 @@ CFLAGS_common += -DMOCK_TPM=0 endif VB_SOURCE := vboot_reference -subdirs-$(CONFIG_VBOOT2_VERIFY_FIRMWARE) += vboot2 +subdirs-$(CONFIG_VBOOT_VERIFY_FIRMWARE) += vboot2 CPPFLAGS_common += -I$(VB_SOURCE)/firmware/include diff --git a/src/vendorcode/google/chromeos/chromeos.h b/src/vendorcode/google/chromeos/chromeos.h index 78be422b08..3e427b91a1 100644 --- a/src/vendorcode/google/chromeos/chromeos.h +++ b/src/vendorcode/google/chromeos/chromeos.h @@ -62,18 +62,18 @@ static inline int vboot_skip_display_init(void) { return 0; } struct romstage_handoff; -#if CONFIG_VBOOT_VERIFY_FIRMWARE || CONFIG_VBOOT2_VERIFY_FIRMWARE +#if CONFIG_VBOOT_VERIFY_FIRMWARE /* Returns 0 on success < 0 on error. */ int vboot_get_handoff_info(void **addr, uint32_t *size); void *vboot_get_payload(int *len); -#else /* CONFIG_VBOOT_VERIFY_FIRMWARE || CONFIG_VBOOT2_VERIFY_FIRMWARE */ +#else /* CONFIG_VBOOT_VERIFY_FIRMWARE */ static inline void vboot_verify_firmware(struct romstage_handoff *h) {} static inline void *vboot_get_payload(int *len) { return NULL; } static inline int vboot_get_handoff_info(void **addr, uint32_t *size) { return -1; } -#endif /* CONFIG_VBOOT_VERIFY_FIRMWARE || CONFIG_VBOOT2_VERIFY_FIRMWARE */ +#endif /* CONFIG_VBOOT_VERIFY_FIRMWARE */ int vboot_get_sw_write_protect(void); diff --git a/src/vendorcode/google/chromeos/vbnv_flash.c b/src/vendorcode/google/chromeos/vbnv_flash.c index 97a2a82d1b..4cc87b65ab 100644 --- a/src/vendorcode/google/chromeos/vbnv_flash.c +++ b/src/vendorcode/google/chromeos/vbnv_flash.c @@ -29,13 +29,7 @@ #include "chromeos.h" #include "vbnv_layout.h" -#if IS_ENABLED(CONFIG_VBOOT_VERIFY_FIRMWARE) -#define BLOB_SIZE VBNV_BLOCK_SIZE -#elif IS_ENABLED(CONFIG_VBOOT2_VERIFY_FIRMWARE) #define BLOB_SIZE VB2_NVDATA_SIZE -#else -#error unable to determine BLOB_SIZE -#endif /* FMAP descriptor of the NVRAM area */ static struct vboot_region nvram_region; diff --git a/src/vendorcode/google/chromeos/vboot2/Kconfig b/src/vendorcode/google/chromeos/vboot2/Kconfig index 059100621d..b27b5b76f4 100644 --- a/src/vendorcode/google/chromeos/vboot2/Kconfig +++ b/src/vendorcode/google/chromeos/vboot2/Kconfig @@ -16,19 +16,10 @@ ## Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA ## -config VBOOT2_VERIFY_FIRMWARE - bool "Firmware Verification with vboot2" - default y if VBOOT_VERIFY_FIRMARE - depends on CHROMEOS && HAVE_HARD_RESET - select COLLECT_TIMESTAMPS - help - Enabling VBOOT2_VERIFY_FIRMWARE will use vboot2 to verify the romstage - and boot loader. - config VBOOT2_MOCK_SECDATA bool "Mock secdata for firmware verification" default n - depends on VBOOT2_VERIFY_FIRMWARE + depends on VBOOT_VERIFY_FIRMWARE help Enabling VBOOT2_MOCK_SECDATA will mock secdata for the firmware verification to avoid access to a secdata storage (typically TPM). @@ -39,7 +30,7 @@ config VBOOT2_MOCK_SECDATA config RETURN_FROM_VERSTAGE bool "return from verstage" default n - depends on VBOOT2_VERIFY_FIRMWARE + depends on VBOOT_VERIFY_FIRMWARE help If this is set, the verstage returns back to the bootblock instead of exits to the romstage so that the verstage space can be reused by the @@ -49,7 +40,7 @@ config RETURN_FROM_VERSTAGE config VBOOT_DISABLE_DEV_ON_RECOVERY bool "Disable dev mode on recovery requests" default n - depends on VBOOT2_VERIFY_FIRMWARE + depends on VBOOT_VERIFY_FIRMWARE help When this option is enabled, the Chrome OS device leaves the developer mode as soon as recovery request is detected. This is @@ -58,9 +49,9 @@ config VBOOT_DISABLE_DEV_ON_RECOVERY config VERSTAGE_IN_BOOTBLOCK bool default n - depends on VBOOT2_VERIFY_FIRMWARE + depends on VBOOT_VERIFY_FIRMWARE config SEPARATE_VERSTAGE bool default !VERSTAGE_IN_BOOTBLOCK - depends on VBOOT2_VERIFY_FIRMWARE + depends on VBOOT_VERIFY_FIRMWARE diff --git a/src/vendorcode/google/chromeos/vboot_helper.c b/src/vendorcode/google/chromeos/vboot_helper.c index 4fb3338b00..be1f296ff7 100644 --- a/src/vendorcode/google/chromeos/vboot_helper.c +++ b/src/vendorcode/google/chromeos/vboot_helper.c @@ -105,12 +105,6 @@ int __attribute((weak)) vboot_get_sw_write_protect(void) return 0; } -#if CONFIG_VBOOT2_VERIFY_FIRMWARE - -void *vboot_get_payload(int *len) { return NULL; } - -#else /* CONFIG_VBOOT2_VERIFY_FIRMWARE */ - static void *vboot_get_payload(size_t *len) { struct vboot_handoff *vboot_handoff; @@ -137,7 +131,6 @@ static void *vboot_get_payload(size_t *len) return (void *)fwc->address; } -#endif static int vboot_locate_payload(struct payload *payload) {