vboot2: add verstage
Verstage will host vboot2 for firmware verification. It's a stage in the sense that it has its own set of toolchains, compiler flags, and includes. This allows us to easily add object files as needed. But it's directly linked to bootblock. This allows us to avoid code duplication for stage loading and jumping (e.g. cbfs driver) for the boards where bootblock has to run in a different architecture (e.g. Tegra124). To avoid name space conflict, verstage symbols are prefixed with verstage_. TEST=Built with VBOOT2_VERIFY_FIRMWARE on/off. Booted Nyan Blaze. BUG=None BRANCH=none Original-Signed-off-by: Daisuke Nojiri <dnojiri@chromium.org> Original-Change-Id: Iad57741157ec70426c676e46c5855e6797ac1dac Original-Reviewed-on: https://chromium-review.googlesource.com/204376 Original-Reviewed-by: Randall Spangler <rspangler@chromium.org> (cherry picked from commit 27940f891678dae975b68f2fc729ad7348192af3) Signed-off-by: Marc Jones <marc.jones@se-eng.com> Change-Id: I42b2b3854a24ef6cda2316eb741ca379f41516e0 Reviewed-on: http://review.coreboot.org/8159 Reviewed-by: Stefan Reinauer <stefan.reinauer@coreboot.org> Tested-by: build bot (Jenkins)
This commit is contained in:
parent
337de4c0e5
commit
320647abda
|
@ -75,7 +75,7 @@ subdirs-y += site-local
|
|||
|
||||
#######################################################################
|
||||
# Add source classes and their build options
|
||||
classes-y := ramstage romstage bootblock smm smmstub cpu_microcode
|
||||
classes-y := ramstage romstage bootblock smm smmstub cpu_microcode verstage
|
||||
|
||||
# Add dynamic classes for rmodules
|
||||
$(foreach supported_arch,$(ARCH_SUPPORTED), \
|
||||
|
@ -128,6 +128,8 @@ ramstage-postprocess=$(foreach d,$(sort $(dir $(1))), \
|
|||
$(eval $(d)ramstage.o: $(call files-in-dir,$(d),$(1)); $$(LD_ramstage) -o $$@ -r $$^ ) \
|
||||
$(eval ramstage-objs:=$(d)ramstage.o $(filter-out $(call files-in-dir,$(d),$(1)),$(ramstage-objs))))
|
||||
|
||||
verstage-c-ccopts:=-D__PRE_RAM__ -D__VER_STAGE__
|
||||
verstage-S-ccopts:=-D__PRE_RAM__ -D__VER_STAGE__
|
||||
romstage-c-ccopts:=-D__PRE_RAM__
|
||||
romstage-S-ccopts:=-D__PRE_RAM__
|
||||
ifeq ($(CONFIG_TRACE),y)
|
||||
|
@ -162,6 +164,7 @@ endif
|
|||
|
||||
ramstage-c-deps:=$$(OPTION_TABLE_H)
|
||||
romstage-c-deps:=$$(OPTION_TABLE_H)
|
||||
verstage-c-deps:=$$(OPTION_TABLE_H)
|
||||
bootblock-c-deps:=$$(OPTION_TABLE_H)
|
||||
smm-c-deps:=$$(OPTION_TABLE_H)
|
||||
|
||||
|
@ -374,6 +377,10 @@ $(obj)/%.romstage.o $(abspath $(obj))/%.romstage.o: $(obj)/%.c $(obj)/config.h $
|
|||
@printf " CC $(subst $(obj)/,,$(@))\n"
|
||||
$(CC_romstage) -MMD $(CFLAGS_romstage) $(CPPFLAGS_romstage) $(romstage-c-ccopts) -c -o $@ $<
|
||||
|
||||
$(obj)/%.verstage.o $(abspath $(obj))/%.verstage.o: $(obj)/%.c $(obj)/config.h $(OPTION_TABLE_H)
|
||||
@printf " CC $(subst $(obj)/,,$(@))\n"
|
||||
$(CC_verstage) -MMD $(CFLAGS_verstage) $(verstage-c-ccopts) -c -o $@ $<
|
||||
|
||||
$(obj)/%.bootblock.o $(abspath $(obj))/%.bootblock.o: $(obj)/%.c $(obj)/config.h $(OPTION_TABLE_H)
|
||||
@printf " CC $(subst $(obj)/,,$(@))\n"
|
||||
$(CC_bootblock) -MMD $(CFLAGS_bootblock) $(CPPFLAGS_bootblock) $(bootblock-c-ccopts) -c -o $@ $<
|
||||
|
|
|
@ -3,6 +3,10 @@ config ARCH_BOOTBLOCK_ARM
|
|||
default n
|
||||
select ARCH_ARM
|
||||
|
||||
config ARCH_VERSTAGE_ARM
|
||||
bool
|
||||
default n
|
||||
|
||||
config ARCH_ROMSTAGE_ARM
|
||||
bool
|
||||
default n
|
||||
|
|
|
@ -61,7 +61,7 @@ bootblock-y += memcpy.S
|
|||
bootblock-y += memmove.S
|
||||
bootblock-y += div0.c
|
||||
|
||||
$(objcbfs)/bootblock.debug: $(src)/arch/arm/bootblock.ld $(obj)/ldoptions $$(bootblock-objs)
|
||||
$(objcbfs)/bootblock.debug: $(src)/arch/arm/bootblock.ld $(obj)/ldoptions $$(bootblock-objs) $$(VERSTAGE_LIB)
|
||||
@printf " LINK $(subst $(obj)/,,$(@))\n"
|
||||
$(LD_bootblock) --gc-sections -static -o $@ -L$(obj) --start-group $(bootblock-objs) --end-group -T $(src)/arch/arm/bootblock.ld
|
||||
|
||||
|
|
|
@ -2,6 +2,10 @@ config ARCH_BOOTBLOCK_ARMV7
|
|||
def_bool n
|
||||
select ARCH_BOOTBLOCK_ARM
|
||||
|
||||
config ARCH_VERSTAGE_ARMV7
|
||||
def_bool n
|
||||
select ARCH_VERSTAGE_ARM
|
||||
|
||||
config ARCH_ROMSTAGE_ARMV7
|
||||
def_bool n
|
||||
select ARCH_ROMSTAGE_ARM
|
||||
|
|
|
@ -2,6 +2,7 @@ config SOC_NVIDIA_TEGRA124
|
|||
bool
|
||||
default n
|
||||
select ARCH_BOOTBLOCK_ARMV4
|
||||
select ARCH_VERSTAGE_ARMV7
|
||||
select ARCH_ROMSTAGE_ARMV7
|
||||
select ARCH_RAMSTAGE_ARMV7
|
||||
select HAVE_UART_SPECIAL
|
||||
|
|
|
@ -20,6 +20,8 @@ ifeq ($(CONFIG_BOOTBLOCK_CONSOLE),y)
|
|||
bootblock-$(CONFIG_CONSOLE_SERIAL) += uart.c
|
||||
endif
|
||||
|
||||
verstage-y += verstage.c
|
||||
|
||||
romstage-y += cbfs.c
|
||||
romstage-y += cbmem.c
|
||||
romstage-y += clock.c
|
||||
|
|
|
@ -23,10 +23,13 @@
|
|||
#include <console/console.h>
|
||||
#include <soc/clock.h>
|
||||
#include <soc/nvidia/tegra/apbmisc.h>
|
||||
|
||||
#include "pinmux.h"
|
||||
#include "power.h"
|
||||
|
||||
#if CONFIG_VBOOT2_VERIFY_FIRMWARE
|
||||
#include "verstage.h"
|
||||
#endif
|
||||
|
||||
void main(void)
|
||||
{
|
||||
void *entry;
|
||||
|
@ -72,7 +75,11 @@ void main(void)
|
|||
power_enable_cpu_rail();
|
||||
power_ungate_cpu();
|
||||
|
||||
#if CONFIG_VBOOT2_VERIFY_FIRMWARE
|
||||
entry = (void *)verstage_vboot_main;
|
||||
#else
|
||||
entry = cbfs_load_stage(CBFS_DEFAULT_MEDIA, "fallback/romstage");
|
||||
#endif
|
||||
|
||||
if (entry)
|
||||
clock_cpu0_config_and_reset(entry);
|
||||
|
|
|
@ -0,0 +1,9 @@
|
|||
#include "verstage.h"
|
||||
|
||||
/**
|
||||
* Stage entry point
|
||||
*/
|
||||
void vboot_main(void)
|
||||
{
|
||||
for(;;);
|
||||
}
|
|
@ -0,0 +1,2 @@
|
|||
void vboot_main(void);
|
||||
void verstage_vboot_main(void);
|
|
@ -85,6 +85,14 @@ config VBOOT_VERIFY_FIRMWARE
|
|||
Enabling VBOOT_VERIFY_FIRMWARE will use vboot to verify the ramstage
|
||||
and boot loader.
|
||||
|
||||
config VBOOT2_VERIFY_FIRMWARE
|
||||
bool "Firmware Verification with vboot2"
|
||||
default n
|
||||
depends on CHROMEOS
|
||||
help
|
||||
Enabling VBOOT2_VERIFY_FIRMWARE will use vboot2 to verify the romstage
|
||||
and boot loader.
|
||||
|
||||
config EC_SOFTWARE_SYNC
|
||||
bool "Enable EC software sync"
|
||||
default n
|
||||
|
|
|
@ -93,3 +93,12 @@ $(VB_LIB):
|
|||
fwlib
|
||||
|
||||
endif
|
||||
|
||||
ifeq ($(CONFIG_VBOOT2_VERIFY_FIRMWARE),y)
|
||||
VERSTAGE_LIB = $(obj)/vendorcode/google/chromeos/verstage.a
|
||||
$(VERSTAGE_LIB): $$(verstage-objs)
|
||||
@printf " AR $(subst $(obj)/,,$(@))\n"
|
||||
$(AR_verstage) rc $@.tmp $(verstage-objs)
|
||||
@printf " OBJCOPY $(subst $(obj)/,,$(@))\n"
|
||||
$(OBJCOPY_verstage) --prefix-symbols=verstage_ $@.tmp $@
|
||||
endif
|
||||
|
|
|
@ -51,7 +51,7 @@ HOSTCXX:=CCC_CXX="$(HOSTCXX)" $(CXX)
|
|||
ROMCC=CCC_CC="$(ROMCC_BIN)" $(CC)
|
||||
endif
|
||||
|
||||
COREBOOT_STANDARD_STAGES := bootblock romstage ramstage
|
||||
COREBOOT_STANDARD_STAGES := bootblock verstage romstage ramstage
|
||||
|
||||
ARCHDIR-i386 := x86
|
||||
ARCHDIR-x86_32 := x86
|
||||
|
|
Loading…
Reference in New Issue