vboot: remove VBOOT_SAVE_RECOVERY_REASON_ON_REBOOT option
With CL:1940398, this option is no longer needed. Recovery requests are not cleared until kernel verification stage is reached. If the FSP triggers any reboots, recovery requests will be preserved. In particular: - Manual requests will be preserved via recovery switch state, whose behaviour is modified in CB:38779. - Other recovery requests will remain in nvdata across reboot. These functions now only work after verstage has run: int vboot_check_recovery_request(void) int vboot_recovery_mode_enabled(void) int vboot_developer_mode_enabled(void) BUG=b:124141368, b:35576380 TEST=make clean && make test-abuild BRANCH=none Change-Id: I52d17a3c6730be5c04c3c0ae020368d11db6ca3c Signed-off-by: Joel Kitching <kitching@google.com> Reviewed-on: https://review.coreboot.org/c/coreboot/+/38780 Reviewed-by: Julius Werner <jwerner@chromium.org> Reviewed-by: Furquan Shaikh <furquan@google.com> Tested-by: build bot (Jenkins) <no-reply@coreboot.org>
This commit is contained in:
Joel Kitching
parent
81726663bc
commit
56e2f130a6
|
|
@ -156,14 +156,6 @@ config VBOOT_RETURN_FROM_VERSTAGE
|
|||
reused by the succeeding stage. This is useful if a RAM space is too
|
||||
small to fit both the verstage and the succeeding stage.
|
||||
|
||||
config VBOOT_SAVE_RECOVERY_REASON_ON_REBOOT
|
||||
bool
|
||||
default n
|
||||
help
|
||||
This option ensures that the recovery request is not lost because of
|
||||
reboots caused after vboot verification is run. e.g. reboots caused by
|
||||
FSP components on Intel platforms.
|
||||
|
||||
config VBOOT_MUST_REQUEST_DISPLAY
|
||||
bool
|
||||
default y if VGA_ROM_RUN
|
||||
|
|
|
|||
|
|
@ -24,79 +24,25 @@
|
|||
#include <security/vboot/vbnv.h>
|
||||
#include <security/vboot/vboot_common.h>
|
||||
|
||||
static int vboot_get_recovery_reason_shared_data(void)
|
||||
{
|
||||
struct vb2_shared_data *sd = vb2_get_sd(vboot_get_context());
|
||||
assert(sd);
|
||||
return sd->recovery_reason;
|
||||
}
|
||||
|
||||
void vboot_save_recovery_reason_vbnv(void)
|
||||
{
|
||||
if (!CONFIG(VBOOT_SAVE_RECOVERY_REASON_ON_REBOOT))
|
||||
return;
|
||||
|
||||
int reason = vboot_get_recovery_reason_shared_data();
|
||||
if (!reason)
|
||||
return;
|
||||
|
||||
set_recovery_mode_into_vbnv(reason);
|
||||
}
|
||||
|
||||
static void vboot_clear_recovery_reason_vbnv(void *unused)
|
||||
{
|
||||
if (!CONFIG(VBOOT_SAVE_RECOVERY_REASON_ON_REBOOT))
|
||||
return;
|
||||
|
||||
set_recovery_mode_into_vbnv(0);
|
||||
}
|
||||
|
||||
/*
|
||||
* Recovery reason stored in VBNV needs to be cleared before the state of VBNV
|
||||
* is backed-up anywhere or jumping to the payload (whichever occurs
|
||||
* first). Currently, vbnv_cmos.c backs up VBNV on POST_DEVICE. Thus, we need to
|
||||
* make sure that the stored recovery reason is cleared off before that
|
||||
* happens.
|
||||
* IMPORTANT: Any reboot occurring after BS_DEV_INIT state will cause loss of
|
||||
* recovery reason on reboot. Until now, we have seen reboots occurring on x86
|
||||
* only in FSP stages which run before BS_DEV_INIT.
|
||||
* Functions which check vboot information should only be called after verstage
|
||||
* has run. Otherwise, they will hit the assertion in vboot_get_context().
|
||||
*/
|
||||
BOOT_STATE_INIT_ENTRY(BS_DEV_INIT, BS_ON_EXIT,
|
||||
vboot_clear_recovery_reason_vbnv, NULL);
|
||||
|
||||
/*
|
||||
* vb2_check_recovery_request looks up different components to identify if there
|
||||
* is a recovery request and returns appropriate reason code:
|
||||
* 1. Checks if recovery mode is initiated by EC. If yes, returns
|
||||
* VB2_RECOVERY_RO_MANUAL.
|
||||
* 2. Checks if recovery request is present in VBNV and returns the code read
|
||||
* from it.
|
||||
* 3. Checks if vboot verification is done. If yes, return the reason code from
|
||||
* shared data.
|
||||
* 4. If nothing applies, return 0 indicating no recovery request.
|
||||
*/
|
||||
int vboot_check_recovery_request(void)
|
||||
{
|
||||
int reason = 0;
|
||||
|
||||
/* EC-initiated recovery. */
|
||||
if (get_recovery_mode_switch())
|
||||
return VB2_RECOVERY_RO_MANUAL;
|
||||
|
||||
/* Recovery request in VBNV. */
|
||||
if ((reason = get_recovery_mode_from_vbnv()) != 0)
|
||||
return reason;
|
||||
|
||||
/* Identify if vboot verification is already complete. */
|
||||
if (vboot_logic_executed())
|
||||
return vboot_get_recovery_reason_shared_data();
|
||||
|
||||
return 0;
|
||||
/* TODO: Expose vb2api_recovery_reason() and vb2api_need_train_and_reboot(). */
|
||||
return vb2_get_sd(vboot_get_context())->recovery_reason;
|
||||
}
|
||||
|
||||
int vboot_recovery_mode_enabled(void)
|
||||
{
|
||||
return !!vboot_check_recovery_request();
|
||||
return vboot_get_context()->flags & VB2_CONTEXT_RECOVERY_MODE;
|
||||
}
|
||||
|
||||
int vboot_developer_mode_enabled(void)
|
||||
{
|
||||
return vboot_get_context()->flags & VB2_CONTEXT_DEVELOPER_MODE;
|
||||
}
|
||||
|
||||
int __weak clear_recovery_mode_switch(void)
|
||||
|
|
@ -133,12 +79,6 @@ int vboot_recovery_mode_memory_retrain(void)
|
|||
return get_recovery_mode_retrain_switch();
|
||||
}
|
||||
|
||||
int vboot_developer_mode_enabled(void)
|
||||
{
|
||||
return vboot_logic_executed() &&
|
||||
vboot_get_context()->flags & VB2_CONTEXT_DEVELOPER_MODE;
|
||||
}
|
||||
|
||||
#if CONFIG(VBOOT_NO_BOARD_SUPPORT)
|
||||
/**
|
||||
* TODO: Create flash protection interface which implements get_write_protect_state.
|
||||
|
|
|
|||
|
|
@ -49,11 +49,6 @@ static inline bool vboot_is_gbb_flag_set(enum vb2_gbb_flag flag)
|
|||
*/
|
||||
int vboot_locate_firmware(struct vb2_context *ctx, struct region_device *fw);
|
||||
|
||||
/*
|
||||
* Source: security/vboot/bootmode.c
|
||||
*/
|
||||
void vboot_save_recovery_reason_vbnv(void);
|
||||
|
||||
/*
|
||||
* The stage loading code is compiled and entered from multiple stages. The
|
||||
* helper functions below attempt to provide more clarity on when certain
|
||||
|
|
|
|||
|
|
@ -101,26 +101,6 @@ void save_vbnv(const uint8_t *vbnv_copy)
|
|||
vbnv_initialized = 0;
|
||||
}
|
||||
|
||||
/* Save a recovery reason into VBNV. */
|
||||
void set_recovery_mode_into_vbnv(int recovery_reason)
|
||||
{
|
||||
uint8_t vbnv_copy[VBOOT_VBNV_BLOCK_SIZE];
|
||||
|
||||
read_vbnv(vbnv_copy);
|
||||
|
||||
vbnv_copy[RECOVERY_OFFSET] = recovery_reason;
|
||||
vbnv_copy[CRC_OFFSET] = crc8_vbnv(vbnv_copy, CRC_OFFSET);
|
||||
|
||||
save_vbnv(vbnv_copy);
|
||||
}
|
||||
|
||||
/* Read the recovery reason from VBNV. */
|
||||
int get_recovery_mode_from_vbnv(void)
|
||||
{
|
||||
vbnv_setup();
|
||||
return vbnv[RECOVERY_OFFSET];
|
||||
}
|
||||
|
||||
/* Read the USB Device Controller(UDC) enable flag from VBNV. */
|
||||
int vbnv_udc_enable_flag(void)
|
||||
{
|
||||
|
|
|
|||
|
|
@ -23,8 +23,6 @@ void read_vbnv(uint8_t *vbnv_copy);
|
|||
void save_vbnv(const uint8_t *vbnv_copy);
|
||||
int verify_vbnv(uint8_t *vbnv_copy);
|
||||
void regen_vbnv_crc(uint8_t *vbnv_copy);
|
||||
int get_recovery_mode_from_vbnv(void);
|
||||
void set_recovery_mode_into_vbnv(int recovery_reason);
|
||||
|
||||
/* Read the USB Device Controller(UDC) enable flag from VBNV. */
|
||||
int vbnv_udc_enable_flag(void);
|
||||
|
|
|
|||
|
|
@ -408,8 +408,5 @@ void verstage_main(void)
|
|||
vboot_is_firmware_slot_a(ctx) ? 'A' : 'B');
|
||||
|
||||
verstage_main_exit:
|
||||
/* Save recovery reason in case of unexpected reboots on x86. */
|
||||
vboot_save_recovery_reason_vbnv();
|
||||
|
||||
timestamp_add_now(TS_END_VBOOT);
|
||||
}
|
||||
|
|
|
|||
|
|
@ -93,7 +93,6 @@ config AMD_SOC_PACKAGE
|
|||
config VBOOT
|
||||
select VBOOT_SEPARATE_VERSTAGE
|
||||
select VBOOT_STARTS_IN_BOOTBLOCK
|
||||
select VBOOT_SAVE_RECOVERY_REASON_ON_REBOOT
|
||||
select VBOOT_VBNV_CMOS
|
||||
select VBOOT_VBNV_CMOS_BACKUP_TO_FLASH
|
||||
|
||||
|
|
|
|||
|
|
@ -113,7 +113,6 @@ config CHROMEOS
|
|||
config VBOOT
|
||||
select VBOOT_SEPARATE_VERSTAGE
|
||||
select VBOOT_MUST_REQUEST_DISPLAY
|
||||
select VBOOT_SAVE_RECOVERY_REASON_ON_REBOOT
|
||||
select VBOOT_STARTS_IN_BOOTBLOCK
|
||||
select VBOOT_VBNV_CMOS
|
||||
select VBOOT_VBNV_CMOS_BACKUP_TO_FLASH
|
||||
|
|
|
|||
|
|
@ -260,7 +260,6 @@ config CHROMEOS
|
|||
config VBOOT
|
||||
select VBOOT_SEPARATE_VERSTAGE
|
||||
select VBOOT_MUST_REQUEST_DISPLAY
|
||||
select VBOOT_SAVE_RECOVERY_REASON_ON_REBOOT
|
||||
select VBOOT_STARTS_IN_BOOTBLOCK
|
||||
select VBOOT_VBNV_CMOS
|
||||
select VBOOT_VBNV_CMOS_BACKUP_TO_FLASH
|
||||
|
|
|
|||
|
|
@ -165,7 +165,6 @@ config CHROMEOS
|
|||
config VBOOT
|
||||
select VBOOT_SEPARATE_VERSTAGE
|
||||
select VBOOT_MUST_REQUEST_DISPLAY
|
||||
select VBOOT_SAVE_RECOVERY_REASON_ON_REBOOT
|
||||
select VBOOT_STARTS_IN_BOOTBLOCK
|
||||
select VBOOT_VBNV_CMOS
|
||||
select VBOOT_VBNV_CMOS_BACKUP_TO_FLASH
|
||||
|
|
|
|||
|
|
@ -94,7 +94,6 @@ config CHROMEOS
|
|||
config VBOOT
|
||||
select VBOOT_SEPARATE_VERSTAGE
|
||||
select VBOOT_MUST_REQUEST_DISPLAY
|
||||
select VBOOT_SAVE_RECOVERY_REASON_ON_REBOOT
|
||||
select VBOOT_STARTS_IN_BOOTBLOCK
|
||||
select VBOOT_VBNV_CMOS
|
||||
select VBOOT_VBNV_CMOS_BACKUP_TO_FLASH
|
||||
|
|
|
|||
|
|
@ -189,7 +189,6 @@ config CHROMEOS
|
|||
config VBOOT
|
||||
select VBOOT_SEPARATE_VERSTAGE
|
||||
select VBOOT_MUST_REQUEST_DISPLAY
|
||||
select VBOOT_SAVE_RECOVERY_REASON_ON_REBOOT
|
||||
select VBOOT_STARTS_IN_BOOTBLOCK
|
||||
select VBOOT_VBNV_CMOS
|
||||
select VBOOT_VBNV_CMOS_BACKUP_TO_FLASH
|
||||
|
|
|
|||
Loading…
Reference in New Issue