vboot: Separate vboot from chromeos

VBOOT_VERIFY_FIRMWARE should be independent of CHROMEOS. This allows use
of verified boot library without having to stick to CHROMEOS.

BUG=chrome-os-partner:55639

Change-Id: Ia2c328712caedd230ab295b8a613e3c1ed1532d9
Signed-off-by: Furquan Shaikh <furquan@google.com>
Reviewed-on: https://review.coreboot.org/15867
Tested-by: build bot (Jenkins)
Reviewed-by: Duncan Laurie <dlaurie@chromium.org>

Makefile.inc

@@ -82,6 +82,7 @@ subdirs-y += util/cbfstool util/sconfig util/nvramtool util/broadcom
 subdirs-y += util/futility util/marvell
 subdirs-y += $(wildcard src/arch/*)
 subdirs-y += src/mainboard/$(MAINBOARDDIR)
+subdirs-$(CONFIG_VBOOT) += src/vboot
 subdirs-y += payloads payloads/external
 
 subdirs-y += site-local

src/Kconfig

@@ -453,6 +453,7 @@ source "src/ec/*/*/Kconfig"
 source "src/drivers/intel/fsp1_0/Kconfig"
 
 source "src/southbridge/intel/common/firmware/Kconfig"
+source "src/vboot/Kconfig"
 source "src/vendorcode/*/Kconfig"
 
 source "src/arch/*/Kconfig"

src/device/pci_device.c

@@ -48,7 +48,7 @@
 #include <device/hypertransport.h>
 #include <pc80/i8259.h>
 #include <kconfig.h>
-#include <vendorcode/google/chromeos/chromeos.h>
+#include <vboot/vbnv.h>
 
 u8 pci_moving_config8(struct device *dev, unsigned int reg)
 {

src/ec/google/chromeec/Makefile.inc

@@ -22,10 +22,10 @@ verstage-$(CONFIG_EC_GOOGLE_CHROMEEC_LPC) += ec_lpc.c
 verstage-$(CONFIG_EC_GOOGLE_CHROMEEC_MEC) += ec_mec.c
 verstage-$(CONFIG_EC_GOOGLE_CHROMEEC_SPI) += ec_spi.c
 
-ramstage-$(CONFIG_VBOOT_VERIFY_FIRMWARE) += vboot_storage.c
-smm-$(CONFIG_VBOOT_VERIFY_FIRMWARE) += vboot_storage.c
-romstage-$(CONFIG_VBOOT_VERIFY_FIRMWARE) += vboot_storage.c
-verstage-$(CONFIG_VBOOT_VERIFY_FIRMWARE) += vboot_storage.c
+ramstage-$(CONFIG_VBOOT) += vboot_storage.c
+smm-$(CONFIG_VBOOT) += vboot_storage.c
+romstage-$(CONFIG_VBOOT) += vboot_storage.c
+verstage-$(CONFIG_VBOOT) += vboot_storage.c
 
 # These are Chrome EC firmware images that a payload (such as depthcharge) can
 # use to update the EC. ecrw is the main embedded controller's firmware,

src/lib/bootmode.c

@@ -22,7 +22,7 @@ int developer_mode_enabled(void)
 {
 	if (get_developer_mode_switch())
 		return 1;
-#if CONFIG_VBOOT_VERIFY_FIRMWARE
+#if CONFIG_VBOOT
 	if (vboot_handoff_check_developer_flag())
 		return 1;
 #endif

src/lib/cbfs.c

@@ -269,7 +269,7 @@ const struct cbfs_locator __attribute__((weak)) cbfs_master_header_locator = {
 extern const struct cbfs_locator vboot_locator;
 
 static const struct cbfs_locator *locators[] = {
-#if CONFIG_VBOOT_VERIFY_FIRMWARE
+#if CONFIG_VBOOT
 	&vboot_locator,
 #endif
 	&cbfs_master_header_locator,

src/lib/coreboot_table.c

@@ -32,6 +32,7 @@
 #include <cbmem.h>
 #include <bootmem.h>
 #include <spi_flash.h>
+#include <vboot/vbnv_layout.h>
 #if CONFIG_USE_OPTION_TABLE
 #include <option_table.h>
 #endif
@@ -41,7 +42,6 @@
 #endif
 #include <vendorcode/google/chromeos/chromeos.h>
 #include <vendorcode/google/chromeos/gnvs.h>
-#include <vendorcode/google/chromeos/vbnv_layout.h>
 #endif
 #if CONFIG_ARCH_X86
 #include <cpu/x86/mtrr.h>
@@ -221,12 +221,12 @@ static void lb_vbnv(struct lb_header *header)
 	vbnv = (struct lb_range *)lb_new_record(header);
 	vbnv->tag = LB_TAG_VBNV;
 	vbnv->size = sizeof(*vbnv);
-	vbnv->range_start = CONFIG_VBNV_OFFSET + 14;
-	vbnv->range_size = VBNV_BLOCK_SIZE;
+	vbnv->range_start = CONFIG_VBOOT_VBNV_OFFSET + 14;
+	vbnv->range_size = VBOOT_VBNV_BLOCK_SIZE;
 #endif
 }
 
-#if CONFIG_VBOOT_VERIFY_FIRMWARE
+#if CONFIG_VBOOT
 static void lb_vboot_handoff(struct lb_header *header)
 {
 	void *addr;
@@ -244,7 +244,7 @@ static void lb_vboot_handoff(struct lb_header *header)
 }
 #else
 static inline void lb_vboot_handoff(struct lb_header *header) {}
-#endif /* CONFIG_VBOOT_VERIFY_FIRMWARE */
+#endif /* CONFIG_VBOOT */
 #endif /* CONFIG_CHROMEOS */
 
 static void lb_board_id(struct lb_header *header)

src/mainboard/google/auron/Kconfig

@@ -15,10 +15,10 @@ config BOARD_SPECIFIC_OPTIONS # dummy
 	select INTEL_INT15
 
 config CHROMEOS
-	select CHROMEOS_VBNV_CMOS
-	select LID_SWITCH
 	select CHROMEOS_RAMOOPS_DYNAMIC
 	select EC_SOFTWARE_SYNC
+	select LID_SWITCH
+	select VBOOT_VBNV_CMOS
 	select VIRTUAL_DEV_SWITCH
 
 config MAINBOARD_DIR

src/mainboard/google/auron_paine/Kconfig

@@ -15,10 +15,10 @@ config BOARD_SPECIFIC_OPTIONS # dummy
 	select INTEL_INT15
 
 config CHROMEOS
-	select CHROMEOS_VBNV_CMOS
-	select LID_SWITCH
-	select CHROMEOS_RAMOOPS_DYNAMIC
 	select EC_SOFTWARE_SYNC
+	select CHROMEOS_RAMOOPS_DYNAMIC
+	select LID_SWITCH
+	select VBOOT_VBNV_CMOS
 	select VIRTUAL_DEV_SWITCH
 
 config VBOOT_RAMSTAGE_INDEX

src/mainboard/google/butterfly/Kconfig

@@ -18,7 +18,7 @@ config BOARD_SPECIFIC_OPTIONS # dummy
 	select SERIRQ_CONTINUOUS_MODE 	# Workaround for EC/KBC IRQ1.
 
 config CHROMEOS
-	select CHROMEOS_VBNV_CMOS
+	select VBOOT_VBNV_CMOS
 
 config MAINBOARD_DIR
 	string

src/mainboard/google/cosmos/Kconfig

@@ -27,7 +27,7 @@ config BOARD_SPECIFIC_OPTIONS # dummy
 	select SPI_FLASH_SPANSION
 
 config CHROMEOS
-	select CHROMEOS_VBNV_FLASH
+	select VBOOT_VBNV_FLASH
 
 config MAINBOARD_DIR
 	string

src/mainboard/google/cyan/Kconfig

@@ -16,10 +16,10 @@ config BOARD_SPECIFIC_OPTIONS
 	select PCIEXP_L1_SUB_STATE
 
 config CHROMEOS
-	select LID_SWITCH
-	select CHROMEOS_VBNV_CMOS
 	select EC_SOFTWARE_SYNC
+	select LID_SWITCH
 	select VBOOT_DYNAMIC_WORK_BUFFER
+	select VBOOT_VBNV_CMOS
 	select VIRTUAL_DEV_SWITCH
 
 config DISPLAY_SPD_DATA

src/mainboard/google/daisy/Kconfig

@@ -28,7 +28,7 @@ config BOARD_SPECIFIC_OPTIONS # dummy
 	select MAINBOARD_DO_NATIVE_VGA_INIT
 
 config CHROMEOS
-	select CHROMEOS_VBNV_EC
+	select VBOOT_VBNV_EC
 
 config MAINBOARD_DIR
 	string

src/mainboard/google/falco/Kconfig

@@ -21,9 +21,9 @@ config BOARD_SPECIFIC_OPTIONS # dummy
 	select INTEL_INT15
 
 config CHROMEOS
-	select CHROMEOS_VBNV_CMOS
-	select LID_SWITCH
 	select EC_SOFTWARE_SYNC
+	select LID_SWITCH
+	select VBOOT_VBNV_CMOS
 	select VIRTUAL_DEV_SWITCH
 
 config MAINBOARD_DIR

src/mainboard/google/foster/Kconfig

@@ -27,7 +27,7 @@ config BOARD_SPECIFIC_OPTIONS # dummy
 	select SPI_FLASH_WINBOND
 
 config CHROMEOS
-	select CHROMEOS_VBNV_FLASH
+	select VBOOT_VBNV_FLASH
 	select VIRTUAL_DEV_SWITCH
 
 config MAINBOARD_DIR

src/mainboard/google/gru/Kconfig

@@ -39,9 +39,9 @@ config BOARD_SPECIFIC_OPTIONS
 	select SPI_FLASH_WINBOND
 
 config CHROMEOS
-	select CHROMEOS_VBNV_FLASH
 	select EC_SOFTWARE_SYNC
 	select SPI_TPM
+	select VBOOT_VBNV_FLASH
 	select VIRTUAL_DEV_SWITCH
 
 config MAINBOARD_DIR

src/mainboard/google/guado/Kconfig

@@ -14,10 +14,10 @@ config BOARD_SPECIFIC_OPTIONS # dummy
 	select MAINBOARD_HAS_LPC_TPM
 
 config CHROMEOS
-	select CHROMEOS_VBNV_CMOS
 	select CHROMEOS_RAMOOPS_DYNAMIC
-	select VIRTUAL_DEV_SWITCH
 	select PHYSICAL_REC_SWITCH
+	select VBOOT_VBNV_CMOS
+	select VIRTUAL_DEV_SWITCH
 
 config MAINBOARD_DIR
 	string

src/mainboard/google/jecht/Kconfig

@@ -15,9 +15,9 @@ config BOARD_SPECIFIC_OPTIONS # dummy
 	select INTEL_INT15
 
 config CHROMEOS
-	select CHROMEOS_VBNV_CMOS
-	select PHYSICAL_REC_SWITCH
 	select CHROMEOS_RAMOOPS_DYNAMIC
+	select PHYSICAL_REC_SWITCH
+	select VBOOT_VBNV_CMOS
 	select VIRTUAL_DEV_SWITCH
 
 config MAINBOARD_DIR

src/mainboard/google/link/Kconfig

@@ -17,8 +17,8 @@ config BOARD_SPECIFIC_OPTIONS # dummy
 	select MAINBOARD_HAS_NATIVE_VGA_INIT
 
 config CHROMEOS
-	select CHROMEOS_VBNV_CMOS
 	select LID_SWITCH
+	select VBOOT_VBNV_CMOS
 
 config MAINBOARD_DIR
 	string

src/mainboard/google/ninja/Kconfig

@@ -15,6 +15,8 @@ config BOARD_SPECIFIC_OPTIONS
 
 config CHROMEOS
 	select EC_SOFTWARE_SYNC
+	select LID_SWITCH
+	select VBOOT_VBNV_CMOS
 	select VIRTUAL_DEV_SWITCH
 	select PHYSICAL_REC_SWITCH
 

src/mainboard/google/nyan/Kconfig

@@ -32,8 +32,8 @@ config BOARD_SPECIFIC_OPTIONS # dummy
 	select SPI_FLASH_FAST_READ_DUAL_OUTPUT_3B
 
 config CHROMEOS
-	select CHROMEOS_VBNV_EC
 	select EC_SOFTWARE_SYNC
+	select VBOOT_VBNV_EC
 	select VIRTUAL_DEV_SWITCH
 
 config MAINBOARD_DIR

src/mainboard/google/nyan/romstage.c

@@ -83,7 +83,7 @@ static void __attribute__((noinline)) romstage(void)
 	cbmem_initialize_empty();
 
 	/* This was already called from verstage in vboot context. */
-	if (!IS_ENABLED(CONFIG_VBOOT_VERIFY_FIRMWARE))
+	if (!IS_ENABLED(CONFIG_VBOOT))
 		early_mainboard_init();
 
 	run_ramstage();

src/mainboard/google/nyan_big/Kconfig

@@ -34,7 +34,7 @@ config BOARD_SPECIFIC_OPTIONS # dummy
 
 config CHROMEOS
 	select EC_SOFTWARE_SYNC
-	select CHROMEOS_VBNV_EC
+	select VBOOT_VBNV_EC
 	select VIRTUAL_DEV_SWITCH
 
 config MAINBOARD_DIR

src/mainboard/google/nyan_big/romstage.c

@@ -83,7 +83,7 @@ static void __attribute__((noinline)) romstage(void)
 	cbmem_initialize_empty();
 
 	/* This was already called from verstage in vboot context. */
-	if (!IS_ENABLED(CONFIG_VBOOT_VERIFY_FIRMWARE))
+	if (!IS_ENABLED(CONFIG_VBOOT))
 		early_mainboard_init();
 
 	run_ramstage();

src/mainboard/google/nyan_blaze/Kconfig

@@ -35,7 +35,7 @@ config BOARD_SPECIFIC_OPTIONS # dummy
 
 config CHROMEOS
 	select EC_SOFTWARE_SYNC
-	select CHROMEOS_VBNV_EC
+	select VBOOT_VBNV_EC
 	select VIRTUAL_DEV_SWITCH
 
 config MAINBOARD_DIR

src/mainboard/google/nyan_blaze/romstage.c

@@ -53,7 +53,7 @@ static void __attribute__((noinline)) romstage(void)
 	u32 dram_end_mb = sdram_max_addressable_mb();
 	u32 dram_size_mb = dram_end_mb - dram_start_mb;
 
-#if !CONFIG_VBOOT_VERIFY_FIRMWARE
+#if !CONFIG_VBOOT
 	configure_l2_cache();
 	mmu_init();
 	/* Device memory below DRAM is uncached. */
@@ -87,7 +87,7 @@ static void __attribute__((noinline)) romstage(void)
 	cbmem_initialize_empty();
 
 	/* This was already called from verstage in vboot context. */
-	if (!IS_ENABLED(CONFIG_VBOOT_VERIFY_FIRMWARE))
+	if (!IS_ENABLED(CONFIG_VBOOT))
 		early_mainboard_init();
 
 	run_ramstage();
@@ -96,7 +96,7 @@ static void __attribute__((noinline)) romstage(void)
 /* Stub to force arm_init_caches to the top, before any stack/memory accesses */
 void main(void)
 {
-#if !CONFIG_VBOOT_VERIFY_FIRMWARE
+#if !CONFIG_VBOOT
 	asm volatile ("bl arm_init_caches"
 		      ::: "r0","r1","r2","r3","r4","r5","ip");
 #endif

src/mainboard/google/oak/Kconfig

@@ -34,10 +34,10 @@ config BOARD_SPECIFIC_OPTIONS
 	select SPI_FLASH
 
 config CHROMEOS
-	select CHROMEOS_VBNV_FLASH
 	select EC_SOFTWARE_SYNC
 	select VBOOT_EC_SLOW_UPDATE
 	select VBOOT_OPROM_MATTERS
+	select VBOOT_VBNV_FLASH
 	select VIRTUAL_DEV_SWITCH
 
 config MAINBOARD_DIR

src/mainboard/google/panther/Kconfig

@@ -19,7 +19,7 @@ config BOARD_SPECIFIC_OPTIONS # dummy
 
 config CHROMEOS
 	select PHYSICAL_REC_SWITCH
-	select CHROMEOS_VBNV_CMOS
+	select VBOOT_VBNV_CMOS
 	select VIRTUAL_DEV_SWITCH
 
 config MAINBOARD_DIR

src/mainboard/google/parrot/Kconfig

@@ -16,7 +16,7 @@ config BOARD_SPECIFIC_OPTIONS # dummy
 	select INTEL_INT15
 
 config CHROMEOS
-	select CHROMEOS_VBNV_CMOS
+	select VBOOT_VBNV_CMOS
 
 	# Workaround for EC/KBC IRQ1.
 	select SERIRQ_CONTINUOUS_MODE

src/mainboard/google/peach_pit/Kconfig

@@ -26,7 +26,7 @@ config BOARD_SPECIFIC_OPTIONS # dummy
 	select DRIVER_PARADE_PS8625
 
 config CHROMEOS
-	select CHROMEOS_VBNV_EC
+	select VBOOT_VBNV_EC
 
 config MAINBOARD_DIR
 	string

src/mainboard/google/peppy/Kconfig

@@ -22,10 +22,10 @@ config BOARD_SPECIFIC_OPTIONS # dummy
 	select INTEL_INT15
 
 config CHROMEOS
-	select MAINBOARD_DO_NATIVE_VGA_INIT
-	select CHROMEOS_VBNV_CMOS
-	select LID_SWITCH
 	select EC_SOFTWARE_SYNC
+	select LID_SWITCH
+	select MAINBOARD_DO_NATIVE_VGA_INIT
+	select VBOOT_VBNV_CMOS
 	select VIRTUAL_DEV_SWITCH
 
 config MAINBOARD_DIR

src/mainboard/google/purin/Kconfig

@@ -29,7 +29,7 @@ config BOARD_SPECIFIC_OPTIONS # dummy
 	select SPI_ATOMIC_SEQUENCING
 
 config CHROMEOS
-	select CHROMEOS_VBNV_FLASH
+	select VBOOT_VBNV_FLASH
 
 config MAINBOARD_DIR
 	string

src/mainboard/google/rambi/Kconfig

@@ -13,9 +13,9 @@ config BOARD_SPECIFIC_OPTIONS
 	select MAINBOARD_HAS_LPC_TPM
 
 config CHROMEOS
-	select CHROMEOS_VBNV_CMOS
-	select LID_SWITCH
 	select EC_SOFTWARE_SYNC
+	select LID_SWITCH
+	select VBOOT_VBNV_CMOS
 	select VIRTUAL_DEV_SWITCH
 
 config MAINBOARD_DIR

src/mainboard/google/rikku/Kconfig

@@ -14,10 +14,10 @@ config BOARD_SPECIFIC_OPTIONS # dummy
 	select MAINBOARD_HAS_LPC_TPM
 
 config CHROMEOS
-	select CHROMEOS_VBNV_CMOS
 	select CHROMEOS_RAMOOPS_DYNAMIC
-	select VIRTUAL_DEV_SWITCH
 	select PHYSICAL_REC_SWITCH
+	select VBOOT_VBNV_CMOS
+	select VIRTUAL_DEV_SWITCH
 
 config VBOOT_RAMSTAGE_INDEX
 	hex

src/mainboard/google/rush/Kconfig

@@ -29,8 +29,8 @@ config BOARD_SPECIFIC_OPTIONS # dummy
 	select BOARD_ROMSIZE_KB_4096
 
 config CHROMEOS
-	select CHROMEOS_VBNV_EC
 	select EC_SOFTWARE_SYNC
+	select VBOOT_VBNV_EC
 	select VIRTUAL_DEV_SWITCH
 
 config MAINBOARD_DIR

src/mainboard/google/rush_ryu/Kconfig

@@ -30,8 +30,8 @@ config BOARD_SPECIFIC_OPTIONS # dummy
 	select BOARD_ROMSIZE_KB_8192
 
 config CHROMEOS
-	select CHROMEOS_VBNV_EC
 	select EC_SOFTWARE_SYNC
+	select VBOOT_VBNV_EC
 	select VIRTUAL_DEV_SWITCH
 
 config MAINBOARD_DIR

src/mainboard/google/rush_ryu/mainboard.c

@@ -35,8 +35,8 @@
 #include <vendorcode/google/chromeos/cros_vpd.h>
 #if IS_ENABLED(CONFIG_CHROMEOS)
 #include <vboot_struct.h>
-#include <vendorcode/google/chromeos/vboot2/misc.h>
-#include <vendorcode/google/chromeos/vboot_common.h>
+#include <vboot/misc.h>
+#include <vboot/vboot_common.h>
 #endif
 
 #include "gpio.h"

src/mainboard/google/samus/Kconfig

@@ -16,12 +16,12 @@ config BOARD_SPECIFIC_OPTIONS # dummy
 	select INTEL_INT15
 
 config CHROMEOS
-	select CHROMEOS_VBNV_CMOS
-	select LID_SWITCH
+	select CHROMEOS_RAMOOPS_DYNAMIC
 	select EC_SOFTWARE_SYNC
+	select LID_SWITCH
 	select VBOOT_EC_SLOW_UPDATE
 	select VBOOT_OPROM_MATTERS
-	select CHROMEOS_RAMOOPS_DYNAMIC
+	select VBOOT_VBNV_CMOS
 	select VIRTUAL_DEV_SWITCH
 
 config MAINBOARD_DIR

src/mainboard/google/smaug/Kconfig

@@ -33,8 +33,8 @@ config BOARD_SPECIFIC_OPTIONS # dummy
 	select RAM_CODE_SUPPORT
 
 config CHROMEOS
-	select CHROMEOS_VBNV_FLASH
 	select EC_SOFTWARE_SYNC
+	select VBOOT_VBNV_FLASH
 	select VIRTUAL_DEV_SWITCH
 
 config MAINBOARD_DIR

src/mainboard/google/stout/Kconfig

@@ -18,7 +18,7 @@ config BOARD_SPECIFIC_OPTIONS # dummy
 	select SANDYBRIDGE_IVYBRIDGE_LVDS
 
 config CHROMEOS
-	select CHROMEOS_VBNV_CMOS
+	select VBOOT_VBNV_CMOS
 
 config MAINBOARD_DIR
 	string

src/mainboard/google/tidus/Kconfig

@@ -14,10 +14,10 @@ config BOARD_SPECIFIC_OPTIONS # dummy
 	select MAINBOARD_HAS_LPC_TPM
 
 config CHROMEOS
-	select CHROMEOS_VBNV_CMOS
 	select CHROMEOS_RAMOOPS_DYNAMIC
-	select VIRTUAL_DEV_SWITCH
 	select PHYSICAL_REC_SWITCH
+	select VBOOT_VBNV_CMOS
+	select VIRTUAL_DEV_SWITCH
 
 config MAINBOARD_DIR
 	string

src/mainboard/google/veyron/Kconfig

@@ -36,8 +36,8 @@ config BOARD_SPECIFIC_OPTIONS # dummy
 	select SPI_FLASH_WINBOND
 
 config CHROMEOS
-	select CHROMEOS_VBNV_EC
 	select EC_SOFTWARE_SYNC
+	select VBOOT_VBNV_EC
 	select VIRTUAL_DEV_SWITCH
 
 config MAINBOARD_DIR

src/mainboard/google/veyron_brain/Kconfig

@@ -31,8 +31,8 @@ config BOARD_SPECIFIC_OPTIONS # dummy
 	select SPI_FLASH_WINBOND
 
 config CHROMEOS
-	select CHROMEOS_VBNV_FLASH
 	select PHYSICAL_REC_SWITCH
+	select VBOOT_VBNV_FLASH
 	select VIRTUAL_DEV_SWITCH
 
 config MAINBOARD_DIR

src/mainboard/google/veyron_danger/Kconfig

@@ -33,8 +33,8 @@ config BOARD_SPECIFIC_OPTIONS # dummy
 	select MAINBOARD_HAS_CHROMEOS
 
 config CHROMEOS
-	select CHROMEOS_VBNV_FLASH
 	select PHYSICAL_REC_SWITCH
+	select VBOOT_VBNV_FLASH
 
 config MAINBOARD_DIR
 	string

src/mainboard/google/veyron_emile/Kconfig

@@ -31,8 +31,8 @@ config BOARD_SPECIFIC_OPTIONS # dummy
 	select MAINBOARD_HAS_NATIVE_VGA_INIT
 
 config CHROMEOS
-	select CHROMEOS_VBNV_FLASH
 	select PHYSICAL_REC_SWITCH
+	select VBOOT_VBNV_FLASH
 	select VIRTUAL_DEV_SWITCH
 
 config MAINBOARD_DIR

src/mainboard/google/veyron_mickey/Kconfig

@@ -31,8 +31,8 @@ config BOARD_SPECIFIC_OPTIONS # dummy
 	select SPI_FLASH_WINBOND
 
 config CHROMEOS
-	select CHROMEOS_VBNV_FLASH
 	select PHYSICAL_REC_SWITCH
+	select VBOOT_VBNV_FLASH
 	select VIRTUAL_DEV_SWITCH
 
 config MAINBOARD_DIR

src/mainboard/google/veyron_rialto/Kconfig

@@ -31,8 +31,8 @@ config BOARD_SPECIFIC_OPTIONS # dummy
 	select SPI_FLASH_WINBOND
 
 config CHROMEOS
-	select CHROMEOS_VBNV_FLASH
 	select PHYSICAL_REC_SWITCH
+	select VBOOT_VBNV_FLASH
 	select VIRTUAL_DEV_SWITCH
 
 config MAINBOARD_DIR

src/mainboard/google/veyron_romy/Kconfig

@@ -31,8 +31,8 @@ config BOARD_SPECIFIC_OPTIONS # dummy
 	select SPI_FLASH_WINBOND
 
 config CHROMEOS
-	select CHROMEOS_VBNV_FLASH
 	select PHYSICAL_REC_SWITCH
+	select VBOOT_VBNV_FLASH
 	select VIRTUAL_DEV_SWITCH
 
 config MAINBOARD_DIR

src/mainboard/intel/baskingridge/Kconfig

@@ -15,7 +15,7 @@ config BOARD_SPECIFIC_OPTIONS # dummy
 	select INTEL_INT15
 
 config CHROMEOS
-	select CHROMEOS_VBNV_CMOS
+	select VBOOT_VBNV_CMOS
 
 config MAINBOARD_DIR
 	string

src/mainboard/intel/emeraldlake2/Kconfig

@@ -14,7 +14,7 @@ config BOARD_SPECIFIC_OPTIONS # dummy
 	#select MAINBOARD_HAS_CHROMEOS
 
 config CHROMEOS
-	#select CHROMEOS_VBNV_CMOS
+	#select VBOOT_VBNV_CMOS
 
 config MAINBOARD_DIR
 	string

src/mainboard/intel/strago/Kconfig

@@ -16,10 +16,10 @@ config BOARD_SPECIFIC_OPTIONS
 	select PCIEXP_L1_SUB_STATE
 
 config CHROMEOS
-	select LID_SWITCH
-	select CHROMEOS_VBNV_CMOS
 	select EC_SOFTWARE_SYNC
+	select LID_SWITCH
 	select VBOOT_DYNAMIC_WORK_BUFFER
+	select VBOOT_VBNV_CMOS
 	select VIRTUAL_DEV_SWITCH
 
 config DYNAMIC_VNN_SUPPORT

src/mainboard/intel/wtm2/Kconfig

@@ -15,7 +15,7 @@ config BOARD_SPECIFIC_OPTIONS # dummy
 
 config CHROMEOS
 	select CHROMEOS_RAMOOPS_DYNAMIC
-	select CHROMEOS_VBNV_CMOS
+	select VBOOT_VBNV_CMOS
 
 config MAINBOARD_DIR
 	string

src/mainboard/samsung/lumpy/Kconfig

@@ -21,7 +21,7 @@ config BOARD_SPECIFIC_OPTIONS # dummy
 	select INTEL_INT15
 
 config CHROMEOS
-	select CHROMEOS_VBNV_CMOS
+	select VBOOT_VBNV_CMOS
 
 config MAINBOARD_DIR
 	string

src/mainboard/samsung/stumpy/Kconfig

@@ -19,7 +19,7 @@ config BOARD_SPECIFIC_OPTIONS # dummy
 
 config CHROMEOS
 	select PHYSICAL_REC_SWITCH
-	select CHROMEOS_VBNV_CMOS
+	select VBOOT_VBNV_CMOS
 
 config MAINBOARD_DIR
 	string

src/soc/intel/apollolake/Kconfig

@@ -59,13 +59,13 @@ config CPU_SPECIFIC_OPTIONS
 
 config CHROMEOS
 	select CHROMEOS_RAMOOPS_DYNAMIC
-	select CHROMEOS_VBNV_CMOS
-	select CHROMEOS_VBNV_CMOS_BACKUP_TO_FLASH
 	select EC_SOFTWARE_SYNC if EC_GOOGLE_CHROMEEC
 	select SEPARATE_VERSTAGE
 	select VBOOT_OPROM_MATTERS
 	select VBOOT_SAVE_RECOVERY_REASON_ON_REBOOT
 	select VBOOT_STARTS_IN_BOOTBLOCK
+	select VBOOT_VBNV_CMOS
+	select VBOOT_VBNV_CMOS_BACKUP_TO_FLASH
 	select VIRTUAL_DEV_SWITCH
 
 config TPM_ON_FAST_SPI

src/soc/intel/apollolake/lpc.c

@@ -25,7 +25,7 @@
 #include <soc/lpc.h>
 #include <soc/pci_ids.h>
 #include <soc/pm.h>
-#include <vendorcode/google/chromeos/chromeos.h>
+#include <vboot/vbnv.h>
 
 #include "chip.h"
 
@@ -60,7 +60,7 @@ static void rtc_init(void)
 	rtc_fail = !!(ps->gen_pmcon1 & RPS);
 	/* Ensure the date is set including century byte. */
 	cmos_check_update_date();
-	if (IS_ENABLED(CONFIG_CHROMEOS_VBNV_CMOS))
+	if (IS_ENABLED(CONFIG_VBOOT_VBNV_CMOS))
 		init_vbnv_cmos(rtc_fail);
 	else
 		cmos_init(rtc_fail);

src/soc/intel/apollolake/pmutil.c

@@ -27,7 +27,7 @@
 #include <soc/pm.h>
 #include <device/device.h>
 #include <device/pci.h>
-#include <vendorcode/google/chromeos/vboot_common.h>
+#include <vboot/vboot_common.h>
 
 static uintptr_t read_pmc_mmio_bar(void)
 {

src/soc/intel/broadwell/igd.c

@@ -30,7 +30,7 @@
 #include <soc/ramstage.h>
 #include <soc/systemagent.h>
 #include <soc/intel/broadwell/chip.h>
-#include <vendorcode/google/chromeos/chromeos.h>
+#include <vboot/vbnv.h>
 
 #define GT_RETRY 		1000
 #define GT_CDCLK_337		0

src/soc/intel/broadwell/lpc.c

@@ -44,11 +44,8 @@
 #include <arch/acpi.h>
 #include <arch/acpigen.h>
 #include <cpu/cpu.h>
-
-#if IS_ENABLED(CONFIG_CHROMEOS)
-#include <vendorcode/google/chromeos/chromeos.h>
-#include <vendorcode/google/chromeos/vbnv_layout.h>
-#endif
+#include <vboot/vbnv.h>
+#include <vboot/vbnv_layout.h>
 
 static void pch_enable_ioapic(struct device *dev)
 {
@@ -175,14 +172,14 @@ static void pch_power_options(device_t dev)
 	enable_alt_smi(config->alt_gp_smi_en);
 }
 
-#if IS_ENABLED(CONFIG_CHROMEOS) && IS_ENABLED(CONFIG_CHROMEOS_VBNV_CMOS)
+#if IS_ENABLED(CONFIG_CHROMEOS) && IS_ENABLED(CONFIG_VBOOT_VBNV_CMOS)
 /*
  * Preserve Vboot NV data when clearing CMOS as it will
  * have been re-initialized already by Vboot firmware init.
  */
 static void pch_cmos_init_preserve(int reset)
 {
-	uint8_t vbnv[VBNV_BLOCK_SIZE];
+	uint8_t vbnv[VBOOT_VBNV_BLOCK_SIZE];
 
 	if (reset)
 		read_vbnv(vbnv);
@@ -207,7 +204,7 @@ static void pch_rtc_init(struct device *dev)
 		printk(BIOS_DEBUG, "rtc_failed = 0x%x\n", rtc_failed);
 	}
 
-#if IS_ENABLED(CONFIG_CHROMEOS) && IS_ENABLED(CONFIG_CHROMEOS_VBNV_CMOS)
+#if IS_ENABLED(CONFIG_CHROMEOS) && IS_ENABLED(CONFIG_VBOOT_VBNV_CMOS)
 	pch_cmos_init_preserve(rtc_failed);
 #else
 	cmos_init(rtc_failed);

src/soc/intel/skylake/Kconfig

@@ -53,12 +53,12 @@ config CPU_SPECIFIC_OPTIONS
 
 config CHROMEOS
 	select CHROMEOS_RAMOOPS_DYNAMIC
-	select CHROMEOS_VBNV_CMOS
-	select CHROMEOS_VBNV_CMOS_BACKUP_TO_FLASH
 	select EC_SOFTWARE_SYNC if EC_GOOGLE_CHROMEEC
 	select VBOOT_EC_SLOW_UPDATE
 	select VBOOT_OPROM_MATTERS
 	select VBOOT_SAVE_RECOVERY_REASON_ON_REBOOT
+	select VBOOT_VBNV_CMOS
+	select VBOOT_VBNV_CMOS_BACKUP_TO_FLASH
 	select VIRTUAL_DEV_SWITCH
 
 config BOOTBLOCK_CPU_INIT

src/soc/intel/skylake/igd.c

@@ -16,6 +16,7 @@
 
 #include <arch/acpi.h>
 #include <arch/io.h>
+#include <bootmode.h>
 #include <chip.h>
 #include <console/console.h>
 #include <delay.h>
@@ -31,7 +32,7 @@
 #include <soc/systemagent.h>
 #include <stdlib.h>
 #include <string.h>
-#include <vendorcode/google/chromeos/chromeos.h>
+#include <vboot/vbnv.h>
 
 u32 map_oprom_vendev(u32 vendev)
 {

src/soc/intel/skylake/pmc.c

@@ -35,10 +35,8 @@
 #include <cpu/x86/smm.h>
 #include <soc/pcr.h>
 #include <soc/ramstage.h>
-#if IS_ENABLED(CONFIG_CHROMEOS)
-#include <vendorcode/google/chromeos/chromeos.h>
-#include <vendorcode/google/chromeos/vbnv_layout.h>
-#endif
+#include <vboot/vbnv.h>
+#include <vboot/vbnv_layout.h>
 
 static const struct reg_script pch_pmc_misc_init_script[] = {
 	/* SLP_S4=4s, SLP_S3=50ms, disable SLP_X stretching after SUS loss. */
@@ -108,14 +106,14 @@ static void pch_set_acpi_mode(void)
 	}
 }
 
-#if IS_ENABLED(CONFIG_CHROMEOS_VBNV_CMOS)
+#if IS_ENABLED(CONFIG_VBOOT_VBNV_CMOS)
 /*
  * Preserve Vboot NV data when clearing CMOS as it will
  * have been re-initialized already by Vboot firmware init.
  */
 static void pch_cmos_init_preserve(int reset)
 {
-	uint8_t vbnv[VBNV_BLOCK_SIZE];
+	uint8_t vbnv[VBOOT_VBNV_BLOCK_SIZE];
 	if (reset)
 		read_vbnv(vbnv);
 
@@ -143,7 +141,7 @@ static void pch_rtc_init(void)
 	/* Ensure the date is set including century byte. */
 	cmos_check_update_date();
 
-#if IS_ENABLED(CONFIG_CHROMEOS_VBNV_CMOS)
+#if IS_ENABLED(CONFIG_VBOOT_VBNV_CMOS)
 	pch_cmos_init_preserve(rtc_failed);
 #else
 	cmos_init(rtc_failed);

src/soc/intel/skylake/romstage/power_state.c

@@ -30,7 +30,7 @@
 #include <soc/pci_devs.h>
 #include <soc/pm.h>
 #include <soc/romstage.h>
-#include <vendorcode/google/chromeos/vboot_common.h>
+#include <vboot/vboot_common.h>
 
 static struct chipset_power_state power_state CAR_GLOBAL;
 

src/soc/marvell/bg4cd/Kconfig

@@ -17,7 +17,7 @@ config SOC_MARVELL_BG4CD
 	bool
 	default n
 	select ARCH_BOOTBLOCK_ARMV7_M
-	select BOOTBLOCK_CUSTOM if VBOOT_VERIFY_FIRMWARE
+	select BOOTBLOCK_CUSTOM if VBOOT
 	select ARCH_RAMSTAGE_ARMV7
 	select ARCH_ROMSTAGE_ARMV7
 	select ARCH_VERSTAGE_ARMV7_M

src/soc/marvell/bg4cd/Makefile.inc

@@ -15,8 +15,8 @@
 
 ifeq ($(CONFIG_SOC_MARVELL_BG4CD),y)
 
-bootblock-$(CONFIG_VBOOT_VERIFY_FIRMWARE) += bootblock_asm.S
-bootblock-$(CONFIG_VBOOT_VERIFY_FIRMWARE) += bootblock.c
+bootblock-$(CONFIG_VBOOT) += bootblock_asm.S
+bootblock-$(CONFIG_VBOOT) += bootblock.c
 
 bootblock-y += cbmem.c
 bootblock-y += i2c.c

src/soc/qualcomm/ipq40xx/Kconfig

@@ -14,9 +14,9 @@ config SOC_QC_IPQ40XX
 if SOC_QC_IPQ40XX
 
 config CHROMEOS
-	select CHROMEOS_VBNV_FLASH
-	select SEPARATE_VERSTAGE
 	select RETURN_FROM_VERSTAGE
+	select SEPARATE_VERSTAGE
+	select VBOOT_VBNV_FLASH
 
 config IPQ_QFN_PART
 	bool

src/soc/qualcomm/ipq806x/Kconfig

@@ -13,7 +13,7 @@ config SOC_QC_IPQ806X
 if SOC_QC_IPQ806X
 
 config CHROMEOS
-	select CHROMEOS_VBNV_FLASH
+	select VBOOT_VBNV_FLASH
 	select SEPARATE_VERSTAGE
 	select RETURN_FROM_VERSTAGE
 

src/vboot/Kconfig

@@ -12,26 +12,59 @@
 ## GNU General Public License for more details.
 ##
 
+config VBOOT_VBNV_OFFSET
+	hex
+	default 0x26
+	depends on PC80_SYSTEM
+	help
+	  CMOS offset for VbNv data. This value must match cmos.layout
+	  in the mainboard directory, minus 14 bytes for the RTC.
+
+config VBOOT_VBNV_CMOS
+	bool "Vboot non-volatile storage in CMOS."
+	default n
+	help
+	  VBNV is stored in CMOS
+
+config VBOOT_VBNV_CMOS_BACKUP_TO_FLASH
+	bool "Back up Vboot non-volatile storage from CMOS to flash."
+	default n
+	depends on VBOOT_VBNV_CMOS
+	help
+	  Vboot non-volatile storage data will be backed up from CMOS to flash
+	  and restored from flash if the CMOS is invalid due to power loss.
+
+config VBOOT_VBNV_EC
+	bool "Vboot non-volatile storage in EC."
+	default n
+	help
+	  VBNV is stored in EC
+
+config VBOOT_VBNV_FLASH
+	def_bool n
+	help
+	  VBNV is stored in flash storage
+
 config VBOOT_STARTS_IN_BOOTBLOCK
 	bool "Vboot starts verifying in bootblock"
 	default n
-	depends on VBOOT_VERIFY_FIRMWARE
+	depends on VBOOT
 	help
 	  Firmware verification happens during or at the end of bootblock.
 
 config VBOOT_STARTS_IN_ROMSTAGE
 	bool "Vboot starts verifying in romstage"
 	default n
-	depends on VBOOT_VERIFY_FIRMWARE && !VBOOT_STARTS_IN_BOOTBLOCK
+	depends on VBOOT && !VBOOT_STARTS_IN_BOOTBLOCK
 	help
 	  Firmware verification happens during or at the end of romstage.
 
-config VBOOT2_MOCK_SECDATA
+config VBOOT_MOCK_SECDATA
 	bool "Mock secdata for firmware verification"
 	default n
-	depends on VBOOT_VERIFY_FIRMWARE
+	depends on VBOOT
 	help
-	  Enabling VBOOT2_MOCK_SECDATA will mock secdata for the firmware
+	  Enabling VBOOT_MOCK_SECDATA will mock secdata for the firmware
 	  verification to avoid access to a secdata storage (typically TPM).
 	  All operations for a secdata storage will be successful. This option
 	  can be used during development when a TPM is not present or broken.
@@ -40,7 +73,7 @@ config VBOOT2_MOCK_SECDATA
 config VBOOT_DISABLE_DEV_ON_RECOVERY
 	bool "Disable dev mode on recovery requests"
 	default n
-	depends on VBOOT_VERIFY_FIRMWARE
+	depends on VBOOT
 	help
 	  When this option is enabled, the Chrome OS device leaves the
 	  developer mode as soon as recovery request is detected. This is
@@ -49,7 +82,7 @@ config VBOOT_DISABLE_DEV_ON_RECOVERY
 config SEPARATE_VERSTAGE
 	bool "Vboot verification is built into a separate stage"
 	default n
-	depends on VBOOT_VERIFY_FIRMWARE
+	depends on VBOOT
 
 config RETURN_FROM_VERSTAGE
 	bool "The separate verification stage returns to its caller"
@@ -72,7 +105,7 @@ config VBOOT_DYNAMIC_WORK_BUFFER
 	bool "Vboot's work buffer is dynamically allocated."
 	default y if ARCH_ROMSTAGE_X86_32 && !SEPARATE_VERSTAGE
 	default n
-	depends on VBOOT_VERIFY_FIRMWARE
+	depends on VBOOT
 	help
 	  This option is used when there isn't enough pre-main memory
 	  ram to allocate the vboot work buffer. That means vboot verification
@@ -82,8 +115,29 @@ config VBOOT_DYNAMIC_WORK_BUFFER
 config VBOOT_SAVE_RECOVERY_REASON_ON_REBOOT
 	bool
 	default n
-	depends on VBOOT_VERIFY_FIRMWARE
+	depends on VBOOT
 	help
 	  This option ensures that the recovery request is not lost because of
 	  reboots caused after vboot verification is run. e.g. reboots caused by
 	  FSP components on Intel platforms.
+
+config VBOOT_OPROM_MATTERS
+	bool "Video option ROM matters (= can skip display init)"
+	default n
+	depends on VBOOT
+	help
+	  Set this option to indicate to vboot that this platform will skip its
+	  display initialization on a normal (non-recovery, non-developer) boot.
+	  Vboot calls this "oprom matters" because on x86 devices this
+	  traditionally meant that the video option ROM will not be loaded, but
+	  it works functionally the same for other platforms that can skip their
+	  native display initialization code instead.
+
+config VBOOT
+	bool "Verify firmware with vboot."
+	default n
+	depends on HAVE_HARD_RESET
+	help
+	  Enabling VBOOT will use vboot to verify the components of the firmware
+	  (stages, payload, etc).
+

src/vboot/Makefile.inc

@@ -16,17 +16,42 @@
 libverstage-generic-ccopts += -D__PRE_RAM__ -D__VERSTAGE__
 verstage-generic-ccopts += -D__PRE_RAM__ -D__VERSTAGE__
 
+bootblock-y += vbnv.c
+verstage-y += vbnv.c
+romstage-y += vbnv.c
+ramstage-y += vbnv.c
+
+bootblock-$(CONFIG_VBOOT_VBNV_CMOS) += vbnv_cmos.c
+verstage-$(CONFIG_VBOOT_VBNV_CMOS) += vbnv_cmos.c
+romstage-$(CONFIG_VBOOT_VBNV_CMOS) += vbnv_cmos.c
+ramstage-$(CONFIG_VBOOT_VBNV_CMOS) += vbnv_cmos.c
+
+bootblock-$(CONFIG_VBOOT_VBNV_CMOS_BACKUP_TO_FLASH) += vbnv_flash.c
+verstage-$(CONFIG_VBOOT_VBNV_CMOS_BACKUP_TO_FLASH) += vbnv_flash.c
+romstage-$(CONFIG_VBOOT_VBNV_CMOS_BACKUP_TO_FLASH) += vbnv_flash.c
+ramstage-$(CONFIG_VBOOT_VBNV_CMOS_BACKUP_TO_FLASH) += vbnv_flash.c
+
+bootblock-$(CONFIG_VBOOT_VBNV_EC) += vbnv_ec.c
+verstage-$(CONFIG_VBOOT_VBNV_EC) += vbnv_ec.c
+romstage-$(CONFIG_VBOOT_VBNV_EC) += vbnv_ec.c
+ramstage-$(CONFIG_VBOOT_VBNV_EC) += vbnv_ec.c
+
+bootblock-$(CONFIG_VBOOT_VBNV_FLASH) += vbnv_flash.c
+verstage-$(CONFIG_VBOOT_VBNV_FLASH) += vbnv_flash.c
+romstage-$(CONFIG_VBOOT_VBNV_FLASH) += vbnv_flash.c
+ramstage-$(CONFIG_VBOOT_VBNV_FLASH) += vbnv_flash.c
+
 bootblock-y += vboot_loader.c
 romstage-y += vboot_loader.c
 ramstage-y += vboot_loader.c
 verstage-y += vboot_loader.c
 postcar-y += vboot_loader.c
 
-bootblock-y += ../vboot_common.c
-verstage-y += ../vboot_common.c
-romstage-y += ../vboot_common.c
-ramstage-y += ../vboot_common.c
-postcar-y += ../vboot_common.c
+bootblock-y += vboot_common.c
+verstage-y += vboot_common.c
+romstage-y += vboot_common.c
+ramstage-y += vboot_common.c
+postcar-y += vboot_common.c
 
 bootblock-y += recovery.c
 romstage-y += recovery.c
@@ -38,10 +63,10 @@ bootblock-y += common.c
 libverstage-y += vboot_logic.c
 verstage-y += common.c
 verstage-y += verstage.c
-ifeq (${CONFIG_VBOOT2_MOCK_SECDATA},y)
+ifeq (${CONFIG_VBOOT_MOCK_SECDATA},y)
 libverstage-y += secdata_mock.c
 else
-libverstage-y += antirollback.c
+libverstage-y += secdata_tpm.c
 endif
 romstage-y += vboot_handoff.c common.c
 

src/vboot/common.c

@@ -20,10 +20,9 @@
 #include <reset.h>
 #include <string.h>
 #include <vb2_api.h>
-#include "../chromeos.h"
-#include "../symbols.h"
-#include "../vboot_common.h"
-#include "misc.h"
+#include <vboot/misc.h>
+#include <vboot/symbols.h>
+#include <vboot/vboot_common.h>
 
 struct selected_region {
 	uint32_t offset;

src/vboot/misc.h

@@ -13,10 +13,10 @@
  * GNU General Public License for more details.
  */
 
-#ifndef __CHROMEOS_VBOOT2_MISC_H__
-#define __CHROMEOS_VBOOT2_MISC_H__
+#ifndef __VBOOT_MISC_H__
+#define __VBOOT_MISC_H__
 
-#include "../vboot_common.h"
+#include <vboot/vboot_common.h>
 
 struct vb2_context;
 struct vb2_shared_data;
@@ -37,4 +37,4 @@ void vb2_store_selected_region(void);
 
 void vb2_save_recovery_reason_vbnv(void);
 
-#endif /* __CHROMEOS_VBOOT2_MISC_H__ */
+#endif /* __VBOOT_MISC_H__ */

src/vboot/recovery.c

@@ -14,13 +14,14 @@
  */
 
 #include <assert.h>
+#include <bootmode.h>
 #include <bootstate.h>
 #include <rules.h>
 #include <string.h>
 #include <vb2_api.h>
-
-#include "misc.h"
-#include "../vboot_common.h"
+#include <vboot/misc.h>
+#include <vboot/vbnv.h>
+#include <vboot/vboot_common.h>
 
 static int vb2_get_recovery_reason_shared_data(void)
 {
@@ -88,9 +89,6 @@ static int cbmem_possibly_online(void)
  */
 static int vboot_possibly_executed(void)
 {
-	if (!IS_ENABLED(CONFIG_VBOOT_VERIFY_FIRMWARE))
-		return 0;
-
 	if (IS_ENABLED(CONFIG_VBOOT_STARTS_IN_BOOTBLOCK)) {
 		if (ENV_BOOTBLOCK && IS_ENABLED(CONFIG_SEPARATE_VERSTAGE))
 			return 0;

src/vboot/symbols.h

@@ -0,0 +1,28 @@
+/*
+ * This file is part of the coreboot project.
+ *
+ * Copyright 2016 Google Inc.
+ *
+ * This program is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation; version 2 of the License.
+ *
+ * This program is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+ * GNU General Public License for more details.
+ */
+
+#ifndef __VBOOT_SYMBOLS_H__
+#define __VBOOT_SYMBOLS_H__
+
+extern u8 _vboot2_work[];
+extern u8 _evboot2_work[];
+#define _vboot2_work_size (_evboot2_work - _vboot2_work)
+
+/* Careful: _e<stage> and _<stage>_size only defined for the current stage! */
+extern u8 _verstage[];
+extern u8 _everstage[];
+#define _verstage_size (_everstage - _verstage)
+
+#endif /* __VBOOT_SYMBOLS_H__ */

src/vboot/vbnv.c

@@ -16,12 +16,11 @@
 #include <arch/early_variables.h>
 #include <string.h>
 #include <types.h>
-#include "chromeos.h"
-#include "vbnv.h"
-#include "vbnv_layout.h"
+#include <vboot/vbnv.h>
+#include <vboot/vbnv_layout.h>
 
 static int vbnv_initialized CAR_GLOBAL;
-static uint8_t vbnv[VBNV_BLOCK_SIZE] CAR_GLOBAL;
+static uint8_t vbnv[VBOOT_VBNV_BLOCK_SIZE] CAR_GLOBAL;
 
 /* Wrappers for accessing the variables marked as CAR_GLOBAL. */
 static inline int is_vbnv_initialized(void)
@@ -61,7 +60,7 @@ static uint8_t crc8_vbnv(const uint8_t *data, int len)
 
 static void reset_vbnv(uint8_t *vbnv_copy)
 {
-	memset(vbnv_copy, 0, VBNV_BLOCK_SIZE);
+	memset(vbnv_copy, 0, VBOOT_VBNV_BLOCK_SIZE);
 }
 
 /* Read VBNV data into cache. */
@@ -86,11 +85,11 @@ int verify_vbnv(uint8_t *vbnv_copy)
  */
 void read_vbnv(uint8_t *vbnv_copy)
 {
-	if (IS_ENABLED(CONFIG_CHROMEOS_VBNV_CMOS))
+	if (IS_ENABLED(CONFIG_VBOOT_VBNV_CMOS))
 		read_vbnv_cmos(vbnv_copy);
-	else if (IS_ENABLED(CONFIG_CHROMEOS_VBNV_EC))
+	else if (IS_ENABLED(CONFIG_VBOOT_VBNV_EC))
 		read_vbnv_ec(vbnv_copy);
-	else if (IS_ENABLED(CONFIG_CHROMEOS_VBNV_FLASH))
+	else if (IS_ENABLED(CONFIG_VBOOT_VBNV_FLASH))
 		read_vbnv_flash(vbnv_copy);
 
 	/* Check data for consistency */
@@ -104,11 +103,11 @@ void read_vbnv(uint8_t *vbnv_copy)
  */
 void save_vbnv(const uint8_t *vbnv_copy)
 {
-	if (IS_ENABLED(CONFIG_CHROMEOS_VBNV_CMOS))
+	if (IS_ENABLED(CONFIG_VBOOT_VBNV_CMOS))
 		save_vbnv_cmos(vbnv_copy);
-	else if (IS_ENABLED(CONFIG_CHROMEOS_VBNV_EC))
+	else if (IS_ENABLED(CONFIG_VBOOT_VBNV_EC))
 		save_vbnv_ec(vbnv_copy);
-	else if (IS_ENABLED(CONFIG_CHROMEOS_VBNV_FLASH))
+	else if (IS_ENABLED(CONFIG_VBOOT_VBNV_FLASH))
 		save_vbnv_flash(vbnv_copy);
 
 	/* Clear initialized flag to force cached data to be updated */
@@ -118,7 +117,7 @@ void save_vbnv(const uint8_t *vbnv_copy)
 /* Save a recovery reason into VBNV. */
 void set_recovery_mode_into_vbnv(int recovery_reason)
 {
-	uint8_t vbnv_copy[VBNV_BLOCK_SIZE];
+	uint8_t vbnv_copy[VBOOT_VBNV_BLOCK_SIZE];
 
 	read_vbnv(vbnv_copy);
 

src/vboot/vbnv.h

@@ -13,8 +13,8 @@
  * GNU General Public License for more details.
  */
 
-#ifndef __CHROMEOS_VBNV_H__
-#define __CHROMEOS_VBNV_H__
+#ifndef __VBOOT_VBNV_H__
+#define __VBOOT_VBNV_H__
 
 #include <types.h>
 
@@ -39,4 +39,4 @@ void save_vbnv_flash(const uint8_t *vbnv_copy);
 void read_vbnv_ec(uint8_t *vbnv_copy);
 void save_vbnv_ec(const uint8_t *vbnv_copy);
 
-#endif
+#endif /* __VBOOT_VBNV_H__ */

src/vboot/vbnv_cmos.c

@@ -17,17 +17,17 @@
 #include <console/console.h>
 #include <types.h>
 #include <pc80/mc146818rtc.h>
-#include "vbnv.h"
-#include "vbnv_layout.h"
+#include <vboot/vbnv.h>
+#include <vboot/vbnv_layout.h>
 
 void read_vbnv_cmos(uint8_t *vbnv_copy)
 {
 	int i;
 
-	for (i = 0; i < VBNV_BLOCK_SIZE; i++)
-		vbnv_copy[i] = cmos_read(CONFIG_VBNV_OFFSET + 14 + i);
+	for (i = 0; i < VBOOT_VBNV_BLOCK_SIZE; i++)
+		vbnv_copy[i] = cmos_read(CONFIG_VBOOT_VBNV_OFFSET + 14 + i);
 
-	if (IS_ENABLED(CONFIG_CHROMEOS_VBNV_CMOS_BACKUP_TO_FLASH)) {
+	if (IS_ENABLED(CONFIG_VBOOT_VBNV_CMOS_BACKUP_TO_FLASH)) {
 		if (verify_vbnv(vbnv_copy))
 			return;
 
@@ -47,13 +47,13 @@ void save_vbnv_cmos(const uint8_t *vbnv_copy)
 {
 	int i;
 
-	for (i = 0; i < VBNV_BLOCK_SIZE; i++)
-		cmos_write(vbnv_copy[i], CONFIG_VBNV_OFFSET + 14 + i);
+	for (i = 0; i < VBOOT_VBNV_BLOCK_SIZE; i++)
+		cmos_write(vbnv_copy[i], CONFIG_VBOOT_VBNV_OFFSET + 14 + i);
 }
 
 void init_vbnv_cmos(int rtc_fail)
 {
-	uint8_t vbnv[VBNV_BLOCK_SIZE];
+	uint8_t vbnv[VBOOT_VBNV_BLOCK_SIZE];
 
 	if (rtc_fail)
 		read_vbnv_cmos(vbnv);
@@ -64,10 +64,10 @@ void init_vbnv_cmos(int rtc_fail)
 		save_vbnv_cmos(vbnv);
 }
 
-#if IS_ENABLED(CONFIG_CHROMEOS_VBNV_CMOS_BACKUP_TO_FLASH)
+#if IS_ENABLED(CONFIG_VBOOT_VBNV_CMOS_BACKUP_TO_FLASH)
 static void back_up_vbnv_cmos(void *unused)
 {
-	uint8_t vbnv_cmos[VBNV_BLOCK_SIZE];
+	uint8_t vbnv_cmos[VBOOT_VBNV_BLOCK_SIZE];
 
 	/* Read current VBNV from CMOS. */
 	read_vbnv_cmos(vbnv_cmos);

src/vboot/vbnv_ec.c

@@ -15,15 +15,16 @@
 
 #include <types.h>
 #include <ec/google/chromeec/ec.h>
-#include "vbnv.h"
-#include "vbnv_layout.h"
+#include <vboot/vbnv.h>
+#include <vboot/vbnv_layout.h>
 
 void read_vbnv_ec(uint8_t *vbnv_copy)
 {
-	google_chromeec_vbnv_context(1, vbnv_copy, VBNV_BLOCK_SIZE);
+	google_chromeec_vbnv_context(1, vbnv_copy, VBOOT_VBNV_BLOCK_SIZE);
 }
 
 void save_vbnv_ec(const uint8_t *vbnv_copy)
 {
-	google_chromeec_vbnv_context(0, (uint8_t *)vbnv_copy, VBNV_BLOCK_SIZE);
+	google_chromeec_vbnv_context(0, (uint8_t *)vbnv_copy,
+				     VBOOT_VBNV_BLOCK_SIZE);
 }

src/vboot/vbnv_flash.c

@@ -15,14 +15,15 @@
 
 #include <arch/early_variables.h>
 #include <assert.h>
+#include <commonlib/region.h>
 #include <console/console.h>
 #include <spi_flash.h>
 #include <string.h>
 #include <vb2_api.h>
 #include <vboot_nvstorage.h>
-#include "chromeos.h"
-#include "vbnv.h"
-#include "vbnv_layout.h"
+#include <vboot/vboot_common.h>
+#include <vboot/vbnv.h>
+#include <vboot/vbnv_layout.h>
 
 #define BLOB_SIZE VB2_NVDATA_SIZE
 

src/vboot/vbnv_layout.h

@@ -13,10 +13,10 @@
  * GNU General Public License for more details.
  */
 
-#ifndef VBNV_LAYOUT_H
-#define VBNV_LAYOUT_H
+#ifndef __VBOOT_VBNV_LAYOUT_H__
+#define __VBOOT_VBNV_LAYOUT_H__
 
-#define VBNV_BLOCK_SIZE 16	/* Size of NV storage block in bytes */
+#define VBOOT_VBNV_BLOCK_SIZE 16	/* Size of NV storage block in bytes */
 
 /* Constants for NV storage.  We use this rather than structs and
  * bitfields so the data format is consistent across platforms and
@@ -44,4 +44,4 @@
 #define KERNEL_FIELD_OFFSET         11
 #define CRC_OFFSET                  15
 
-#endif /* VBNV_LAYOUT_H */
+#endif /* __VBOOT_VBNV_LAYOUT_H__ */

src/vboot/vboot_common.c

@@ -23,9 +23,7 @@
 #include <rules.h>
 #include <stddef.h>
 #include <string.h>
-
-#include "chromeos.h"
-#include "vboot_common.h"
+#include <vboot/vboot_common.h>
 
 int vboot_named_region_device(const char *name, struct region_device *rdev)
 {

src/vboot/vboot_common.h

@@ -12,16 +12,14 @@
  * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
  * GNU General Public License for more details.
  */
-#ifndef VBOOT_COMMON_H
-#define VBOOT_COMMON_H
+#ifndef __VBOOT_VBOOT_COMMON_H__
+#define __VBOOT_VBOOT_COMMON_H__
 
 #include <commonlib/region.h>
 #include <stdint.h>
 #include <vboot_api.h>
 #include <vboot_struct.h>
 
-#include "chromeos.h"
-
 /* Locate vboot area by name. Returns 0 on success and -1 on error. */
 int vboot_named_region_device(const char *name, struct region_device *rdev);
 
@@ -103,4 +101,4 @@ void verstage_main(void);
 void verstage(void);
 void verstage_mainboard_init(void);
 
-#endif /* VBOOT_COMMON_H */
+#endif /* __VBOOT_VBOOT_COMMON_H__ */

src/vboot/vboot_handoff.c

@@ -15,6 +15,7 @@
 
 #include <arch/stages.h>
 #include <assert.h>
+#include <bootmode.h>
 #include <stdint.h>
 #include <stddef.h>
 #include <string.h>
@@ -28,8 +29,8 @@
 #define NEED_VB20_INTERNALS  /* TODO: remove me! */
 #include <vb2_api.h>
 #include <vboot_struct.h>
-#include "../chromeos.h"
-#include "misc.h"
+#include <vboot/vbnv.h>
+#include <vboot/misc.h>
 
 /**
  * Sets vboot_handoff based on the information in vb2_shared_data
@@ -91,7 +92,7 @@ static void fill_vboot_handoff(struct vboot_handoff *vboot_handoff,
 		 * Inform vboot if the display was enabled by dev/rec
 		 * mode or was requested by vboot kernel phase.
 		 */
-		if (*oflags & VB_INIT_OUT_ENABLE_DISPLAY ||
+		if ((*oflags & VB_INIT_OUT_ENABLE_DISPLAY) ||
 		    vboot_wants_oprom()) {
 			vb_sd->flags |= VBSD_OPROM_LOADED;
 			*oflags |= VB_INIT_OUT_ENABLE_DISPLAY;

src/vboot/vboot_loader.c

@@ -20,9 +20,9 @@
 #include <rmodule.h>
 #include <rules.h>
 #include <string.h>
-#include "misc.h"
-#include "../vboot_common.h"
-#include "../symbols.h"
+#include <vboot/misc.h>
+#include <vboot/symbols.h>
+#include <vboot/vboot_common.h>
 
 /* The stage loading code is compiled and entered from multiple stages. The
  * helper functions below attempt to provide more clarity on when certain

src/vboot/vboot_logic.c

@@ -16,15 +16,15 @@
 #include <antirollback.h>
 #include <arch/exception.h>
 #include <assert.h>
+#include <bootmode.h>
 #include <console/console.h>
 #include <console/vtxprintf.h>
 #include <delay.h>
 #include <string.h>
 #include <timestamp.h>
 #include <vb2_api.h>
-
-#include "../chromeos.h"
-#include "misc.h"
+#include <vboot/misc.h>
+#include <vboot/vbnv.h>
 
 /* The max hash size to expect is for SHA512. */
 #define VBOOT_MAX_HASH_SIZE VB2_SHA512_DIGEST_SIZE

src/vboot/verstage.c

@@ -17,7 +17,7 @@
 #include <arch/hlt.h>
 #include <console/console.h>
 #include <program_loading.h>
-#include "../vboot_common.h"
+#include <vboot/vboot_common.h>
 
 void __attribute__((weak)) verstage_mainboard_init(void)
 {

src/vendorcode/google/Kconfig

@@ -13,4 +13,3 @@
 ##
 
 source src/vendorcode/google/chromeos/Kconfig
-

src/vendorcode/google/chromeos/Kconfig

@@ -28,7 +28,7 @@ config CHROMEOS
 	select BOOTMODE_STRAPS
 	select ELOG if SPI_FLASH
 	select COLLECT_TIMESTAMPS
-	select VBOOT_VERIFY_FIRMWARE
+	select VBOOT
 	select MULTIPLE_CBFS_INSTANCES
 	help
 	  Enable ChromeOS specific features like the GPIO sub table in
@@ -37,39 +37,6 @@ config CHROMEOS
 
 if CHROMEOS
 
-config VBNV_OFFSET
-	hex
-	default 0x26
-	depends on PC80_SYSTEM
-	help
-	  CMOS offset for VbNv data. This value must match cmos.layout
-	  in the mainboard directory, minus 14 bytes for the RTC.
-
-config CHROMEOS_VBNV_CMOS
-	bool "Vboot non-volatile storage in CMOS."
-	default n
-	help
-	  VBNV is stored in CMOS
-
-config CHROMEOS_VBNV_CMOS_BACKUP_TO_FLASH
-	bool "Back up Vboot non-volatile storage from CMOS to flash."
-	default n
-	depends on CHROMEOS_VBNV_CMOS
-	help
-	  Vboot non-volatile storage data will be backed up from CMOS to flash
-	  and restored from flash if the CMOS is invalid due to power loss.
-
-config CHROMEOS_VBNV_EC
-	bool "Vboot non-volatile storage in EC."
-	default n
-	help
-	  VBNV is stored in EC
-
-config CHROMEOS_VBNV_FLASH
-	def_bool n
-	help
-	  VBNV is stored in flash storage
-
 config CHROMEOS_RAMOOPS
 	bool "Reserve space for Chrome OS ramoops"
 	default y
@@ -97,7 +64,7 @@ config CHROMEOS_RAMOOPS_RAM_SIZE
 config EC_SOFTWARE_SYNC
 	bool "Enable EC software sync"
 	default n
-	depends on VBOOT_VERIFY_FIRMWARE
+	depends on VBOOT
 	help
 	  EC software sync is a mechanism where the AP helps the EC verify its
 	  firmware similar to how vboot verifies the main system firmware. This
@@ -111,33 +78,13 @@ config VBOOT_EC_SLOW_UPDATE
 	  Whether the EC (or PD) is slow to update and needs to display a
 	  screen that informs the user the update is happening.
 
-config VBOOT_OPROM_MATTERS
-	bool "Video option ROM matters (= can skip display init)"
-	default n
-	depends on VBOOT_VERIFY_FIRMWARE
-	help
-	  Set this option to indicate to vboot that this platform will skip its
-	  display initialization on a normal (non-recovery, non-developer) boot.
-	  Vboot calls this "oprom matters" because on x86 devices this
-	  traditionally meant that the video option ROM will not be loaded, but
-	  it works functionally the same for other platforms that can skip their
-	  native display initialization code instead.
-
 config VIRTUAL_DEV_SWITCH
 	bool "Virtual developer switch support"
 	default n
-	depends on VBOOT_VERIFY_FIRMWARE
+	depends on VBOOT
 	help
 	  Whether this platform has a virtual developer switch.
 
-config VBOOT_VERIFY_FIRMWARE
-	bool "Verify firmware with vboot."
-	default n
-	depends on HAVE_HARD_RESET
-	help
-	  Enabling VBOOT_VERIFY_FIRMWARE will use vboot to verify the components
-	  of the firmware (stages, payload, etc).
-
 config NO_TPM_RESUME
 	bool
 	default n
@@ -172,8 +119,6 @@ config HAVE_REGULATORY_DOMAIN
 	help
 	 This option is needed to add ACPI regulatory domain methods
 
-source src/vendorcode/google/chromeos/vboot2/Kconfig
-
 menu "GBB configuration"
 
 config GBB_HWID

src/vendorcode/google/chromeos/Makefile.inc

@@ -18,31 +18,6 @@ verstage-y += chromeos.c
 romstage-y += chromeos.c
 ramstage-y += chromeos.c
 
-bootblock-y += vbnv.c
-verstage-y += vbnv.c
-romstage-y += vbnv.c
-ramstage-y += vbnv.c
-
-bootblock-$(CONFIG_CHROMEOS_VBNV_CMOS) += vbnv_cmos.c
-verstage-$(CONFIG_CHROMEOS_VBNV_CMOS) += vbnv_cmos.c
-romstage-$(CONFIG_CHROMEOS_VBNV_CMOS) += vbnv_cmos.c
-ramstage-$(CONFIG_CHROMEOS_VBNV_CMOS) += vbnv_cmos.c
-
-bootblock-$(CONFIG_CHROMEOS_VBNV_CMOS_BACKUP_TO_FLASH) += vbnv_flash.c
-verstage-$(CONFIG_CHROMEOS_VBNV_CMOS_BACKUP_TO_FLASH) += vbnv_flash.c
-romstage-$(CONFIG_CHROMEOS_VBNV_CMOS_BACKUP_TO_FLASH) += vbnv_flash.c
-ramstage-$(CONFIG_CHROMEOS_VBNV_CMOS_BACKUP_TO_FLASH) += vbnv_flash.c
-
-bootblock-$(CONFIG_CHROMEOS_VBNV_EC) += vbnv_ec.c
-verstage-$(CONFIG_CHROMEOS_VBNV_EC) += vbnv_ec.c
-romstage-$(CONFIG_CHROMEOS_VBNV_EC) += vbnv_ec.c
-ramstage-$(CONFIG_CHROMEOS_VBNV_EC) += vbnv_ec.c
-
-bootblock-$(CONFIG_CHROMEOS_VBNV_FLASH) += vbnv_flash.c
-verstage-$(CONFIG_CHROMEOS_VBNV_FLASH) += vbnv_flash.c
-romstage-$(CONFIG_CHROMEOS_VBNV_FLASH) += vbnv_flash.c
-ramstage-$(CONFIG_CHROMEOS_VBNV_FLASH) += vbnv_flash.c
-
 ramstage-$(CONFIG_ELOG) += elog.c
 ramstage-$(CONFIG_HAVE_ACPI_TABLES) += gnvs.c
 ramstage-$(CONFIG_CHROMEOS_RAMOOPS) += ramoops.c
@@ -60,8 +35,6 @@ else
 CFLAGS_common += -DMOCK_TPM=0
 endif
 
-subdirs-$(CONFIG_VBOOT_VERIFY_FIRMWARE) += vboot2
-
 CONFIG_GBB_HWID := $(call strip_quotes,$(CONFIG_GBB_HWID))
 CONFIG_GBB_BMPFV_FILE := $(call strip_quotes,$(CONFIG_GBB_BMPFV_FILE))
 CONFIG_VBOOT_KEYBLOCK := $(call strip_quotes,$(CONFIG_VBOOT_KEYBLOCK))

src/vendorcode/google/chromeos/acpi/chromeos.asl

@@ -13,7 +13,7 @@
  * GNU General Public License for more details.
  */
 
-#include <vendorcode/google/chromeos/vbnv_layout.h>
+#include <vboot/vbnv_layout.h>
 
 Device (CRHW)
 {
@@ -71,8 +71,8 @@ Device (CRHW)
 		Name(VNBV, Package() {
 			// See src/vendorcode/google/chromeos/Kconfig
 			// for the definition of these:
-			CONFIG_VBNV_OFFSET,
-			VBNV_BLOCK_SIZE
+			CONFIG_VBOOT_VBNV_OFFSET,
+			VBOOT_VBNV_BLOCK_SIZE
 		})
 		Return(VNBV)
 	}

src/vendorcode/google/chromeos/chromeos.h

@@ -20,9 +20,8 @@
 #include <stdint.h>
 #include <bootmode.h>
 #include <rules.h>
-#include "vbnv.h"
-#include "vboot_common.h"
-#include "vboot2/misc.h"
+#include <vboot/misc.h>
+#include <vboot/vboot_common.h>
 
 void save_chromeos_gpios(void);
 

src/vendorcode/google/chromeos/elog.c

@@ -17,8 +17,9 @@
 #include <console/console.h>
 #include <elog.h>
 #include <vendorcode/google/chromeos/chromeos.h>
-#if CONFIG_VBOOT_VERIFY_FIRMWARE
-#include "vboot_common.h"
+#if CONFIG_VBOOT
+#include <vboot/vbnv.h>
+#include <vboot/vboot_common.h>
 #include <vboot_struct.h>
 #endif
 
@@ -29,7 +30,7 @@ void elog_add_boot_reason(void)
 		printk(BIOS_DEBUG, "%s: Logged dev mode boot\n", __func__);
 	} else if (recovery_mode_enabled()) {
 		u8 reason = 0;
-#if CONFIG_VBOOT_VERIFY_FIRMWARE
+#if CONFIG_VBOOT
 		struct vboot_handoff *vbho = cbmem_find(CBMEM_ID_VBOOT_HANDOFF);
 
 		reason = get_recovery_mode_from_vbnv();

src/vendorcode/google/chromeos/gnvs.c

@@ -23,8 +23,9 @@
 
 #include "chromeos.h"
 #include "gnvs.h"
-#if CONFIG_VBOOT_VERIFY_FIRMWARE
-#include "vboot_common.h"
+#if CONFIG_VBOOT
+#include <vboot/vbnv.h>
+#include <vboot/vboot_common.h>
 #include <vboot_struct.h>
 #endif
 
@@ -38,7 +39,7 @@ void chromeos_init_vboot(chromeos_acpi_t *chromeos)
 	/* Copy saved ME hash into NVS */
 	memcpy(vboot_data->mehh, me_hash_saved, sizeof(vboot_data->mehh));
 
-#if CONFIG_VBOOT_VERIFY_FIRMWARE
+#if CONFIG_VBOOT
 	/* Save the vdat from the vboot handoff structure. Downstream software
 	 * consumes the data located in the ACPI table. Ensure it reflects
 	 * the shared data from VbInit() and VbSelectFirmware(). */
@@ -57,7 +58,7 @@ void chromeos_init_vboot(chromeos_acpi_t *chromeos)
 		elog_add_event(ELOG_TYPE_CROS_DEVELOPER_MODE);
 	if (recovery_mode_enabled()) {
 		int reason = get_recovery_mode_from_vbnv();
-#if CONFIG_VBOOT_VERIFY_FIRMWARE
+#if CONFIG_VBOOT
 		if (vboot_handoff && !reason) {
 			VbSharedDataHeader *sd = (VbSharedDataHeader *)
 				vboot_handoff->shared_data;

src/vendorcode/google/chromeos/symbols.h

@@ -16,15 +16,6 @@
 #ifndef __CHROMEOS_SYMBOLS_H
 #define __CHROMEOS_SYMBOLS_H
 
-extern u8 _vboot2_work[];
-extern u8 _evboot2_work[];
-#define _vboot2_work_size (_evboot2_work - _vboot2_work)
-
-/* Careful: _e<stage> and _<stage>_size only defined for the current stage! */
-extern u8 _verstage[];
-extern u8 _everstage[];
-#define _verstage_size (_everstage - _verstage)
-
 extern u8 _watchdog_tombstone[];
 extern u8 _ewatchdog_tombstone[];
 #define _watchdog_tombstone_size (_ewatchdog_tombstone - _watchdog_tombstone)