security/vboot: Deprecate VBOOT_VBNV_EC

Boards using VBOOT_VBNV_EC (nyan, daisy, veyron, peach_pit) are all
ChromeOS devices and they've reached the end of life since Feb 2022.
Therefore, remove VBOOT_VBNV_EC for them, each with different
replacement.

- nyan (nyan, nyan_big, nyan_blaze): Add RW_NVRAM to their FMAP (by
  reducing the size of RW_VPD), and replace VBOOT_VBNV_EC with
  VBOOT_VBNV_FLASH.
- veyron: Add RW_NVRAM to their FMAP (by reducing the size of
  SHARED_DATA), and replace VBOOT_VBNV_EC with VBOOT_VBNV_FLASH. Also
  enlarge the OVERLAP_VERSTAGE_ROMSTAGE section for rk3288 (by reducing
  the size of PRERAM_CBMEM_CONSOLE), so that verstage won't exceed its
  allotted size.
- daisy: Because BOOT_DEVICE_SPI_FLASH is not set, which is required for
  VBOOT_VBNV_FLASH, disable MAINBOARD_HAS_CHROMEOS and VBOOT configs.
- peach_pit: As VBOOT is not set, simply remove the unused VBOOT_VBNV_EC
  option.

Remove the VBOOT_VBNV_EC Kconfig option as well as related code, leaving
VBOOT_VBNV_FLASH and VBOOT_VBNV_CMOS as the only two backend options for
vboot nvdata (VBNV).

Also add a check in read_vbnv() and save_vbnv() for VBNV options.

BUG=b:178689388
TEST=util/abuild/abuild -t GOOGLE_NYAN -x -a
TEST=util/abuild/abuild -t GOOGLE_VEYRON_JAQ -x -a
TEST=util/abuild/abuild -t GOOGLE_DAISY -a
TEST=util/abuild/abuild -t GOOGLE_PEACH_PIT -a
BRANCH=none

Change-Id: Ic67d69e694cff3176dbee12d4c6311bc85295863
Signed-off-by: Yu-Ping Wu <yupingso@chromium.org>
Reviewed-on: https://review.coreboot.org/c/coreboot/+/65012
Tested-by: build bot (Jenkins) <no-reply@coreboot.org>
Reviewed-by: Julius Werner <jwerner@chromium.org>
This commit is contained in:
Yu-Ping Wu 2022-06-08 10:23:32 +08:00 committed by Felix Held
parent e399aa8c9c
commit 6b0d085164
16 changed files with 21 additions and 52 deletions

View File

@ -176,7 +176,6 @@ CMOS, the EC, or in a read/write area of the SPI flash device.
Select one of the following: Select one of the following:
* `VBOOT_VBNV_CMOS` * `VBOOT_VBNV_CMOS`
* `VBOOT_VBNV_EC`
* `VBOOT_VBNV_FLASH` * `VBOOT_VBNV_FLASH`
More non-volatile storage features may be found in `security/vboot/Kconfig`. More non-volatile storage features may be found in `security/vboot/Kconfig`.

View File

@ -10,7 +10,6 @@ config BOARD_SPECIFIC_OPTIONS
select EC_GOOGLE_CHROMEEC_I2C select EC_GOOGLE_CHROMEEC_I2C
select BOARD_ROMSIZE_KB_4096 select BOARD_ROMSIZE_KB_4096
select DRIVER_MAXIM_MAX77686 select DRIVER_MAXIM_MAX77686
select MAINBOARD_HAS_CHROMEOS
select DRIVER_TI_TPS65090 select DRIVER_TI_TPS65090
select MAINBOARD_HAS_NATIVE_VGA_INIT select MAINBOARD_HAS_NATIVE_VGA_INIT
select MAINBOARD_FORCE_NATIVE_VGA_INIT select MAINBOARD_FORCE_NATIVE_VGA_INIT
@ -18,9 +17,6 @@ config BOARD_SPECIFIC_OPTIONS
select I2C_TPM select I2C_TPM
select MAINBOARD_HAS_TPM1 select MAINBOARD_HAS_TPM1
config VBOOT
select VBOOT_VBNV_EC
config MAINBOARD_DIR config MAINBOARD_DIR
default "google/daisy" default "google/daisy"

View File

@ -18,7 +18,7 @@ config BOARD_SPECIFIC_OPTIONS
config VBOOT config VBOOT
select EC_GOOGLE_CHROMEEC_SWITCHES select EC_GOOGLE_CHROMEEC_SWITCHES
select VBOOT_VBNV_EC select VBOOT_VBNV_FLASH
config MAINBOARD_DIR config MAINBOARD_DIR
default "google/nyan" default "google/nyan"

View File

@ -23,6 +23,7 @@ FLASH@0x0 0x400000 {
FW_MAIN_B(CBFS)@0x2000 0x75f00 FW_MAIN_B(CBFS)@0x2000 0x75f00
RW_FWID_B@0x77f00 0x100 RW_FWID_B@0x77f00 0x100
} }
RW_VPD(PRESERVE)@0x2f8000 0x8000 RW_VPD(PRESERVE)@0x2f8000 0x4000
RW_NVRAM(PRESERVE)@0x2fc000 0x4000
RW_LEGACY(CBFS)@0x300000 0x100000 RW_LEGACY(CBFS)@0x300000 0x100000
} }

View File

@ -20,7 +20,7 @@ config BOARD_SPECIFIC_OPTIONS
config VBOOT config VBOOT
select EC_GOOGLE_CHROMEEC_SWITCHES select EC_GOOGLE_CHROMEEC_SWITCHES
select VBOOT_VBNV_EC select VBOOT_VBNV_FLASH
config MAINBOARD_DIR config MAINBOARD_DIR
default "google/nyan_big" default "google/nyan_big"

View File

@ -23,6 +23,7 @@ FLASH@0x0 0x400000 {
FW_MAIN_B(CBFS)@0x2000 0x75f00 FW_MAIN_B(CBFS)@0x2000 0x75f00
RW_FWID_B@0x77f00 0x100 RW_FWID_B@0x77f00 0x100
} }
RW_VPD(PRESERVE)@0x2f8000 0x8000 RW_VPD(PRESERVE)@0x2f8000 0x4000
RW_NVRAM(PRESERVE)@0x2fc000 0x4000
RW_LEGACY(CBFS)@0x300000 0x100000 RW_LEGACY(CBFS)@0x300000 0x100000
} }

View File

@ -20,7 +20,7 @@ config BOARD_SPECIFIC_OPTIONS
config VBOOT config VBOOT
select EC_GOOGLE_CHROMEEC_SWITCHES select EC_GOOGLE_CHROMEEC_SWITCHES
select VBOOT_VBNV_EC select VBOOT_VBNV_FLASH
config MAINBOARD_DIR config MAINBOARD_DIR
default "google/nyan_blaze" default "google/nyan_blaze"

View File

@ -23,6 +23,7 @@ FLASH@0x0 0x400000 {
FW_MAIN_B(CBFS)@0x2000 0x75f00 FW_MAIN_B(CBFS)@0x2000 0x75f00
RW_FWID_B@0x77f00 0x100 RW_FWID_B@0x77f00 0x100
} }
RW_VPD(PRESERVE)@0x2f8000 0x8000 RW_VPD(PRESERVE)@0x2f8000 0x4000
RW_NVRAM(PRESERVE)@0x2fc000 0x4000
RW_LEGACY(CBFS)@0x300000 0x100000 RW_LEGACY(CBFS)@0x300000 0x100000
} }

View File

@ -17,9 +17,6 @@ config BOARD_SPECIFIC_OPTIONS
select MAINBOARD_HAS_TPM1 select MAINBOARD_HAS_TPM1
select MISSING_BOARD_RESET select MISSING_BOARD_RESET
config VBOOT
select VBOOT_VBNV_EC
config MAINBOARD_DIR config MAINBOARD_DIR
default "google/peach_pit" default "google/peach_pit"

View File

@ -30,7 +30,7 @@ config BOARD_SPECIFIC_OPTIONS
select MAINBOARD_HAS_TPM1 select MAINBOARD_HAS_TPM1
config VBOOT config VBOOT
select VBOOT_VBNV_EC select VBOOT_VBNV_FLASH
config MAINBOARD_DIR config MAINBOARD_DIR
default "google/veyron" default "google/veyron"

View File

@ -14,9 +14,10 @@ FLASH@0x0 0x400000 {
FW_MAIN_A(CBFS)@0x2000 0x75f00 FW_MAIN_A(CBFS)@0x2000 0x75f00
RW_FWID_A@0x77f00 0x100 RW_FWID_A@0x77f00 0x100
} }
RW_SHARED@0x278000 0x4000 { RW_SHARED@0x278000 0x2000 {
SHARED_DATA@0x0 0x4000 SHARED_DATA@0x0 0x2000
} }
RW_NVRAM(PRESERVE)@0x27a000 0x2000
RW_ELOG(PRESERVE)@0x27c000 0x4000 RW_ELOG(PRESERVE)@0x27c000 0x4000
RW_SECTION_B@0x280000 0x78000 { RW_SECTION_B@0x280000 0x78000 {
VBLOCK_B@0x0 0x2000 VBLOCK_B@0x0 0x2000

View File

@ -58,12 +58,6 @@ config VBOOT_VBNV_CMOS_BACKUP_TO_FLASH
Vboot non-volatile storage data will be backed up from CMOS to flash Vboot non-volatile storage data will be backed up from CMOS to flash
and restored from flash if the CMOS is invalid due to power loss. and restored from flash if the CMOS is invalid due to power loss.
config VBOOT_VBNV_EC
bool
default n
help
VBNV is stored in EC
config VBOOT_VBNV_FLASH config VBOOT_VBNV_FLASH
bool bool
default n default n

View File

@ -72,11 +72,6 @@ verstage-$(CONFIG_VBOOT_VBNV_CMOS_BACKUP_TO_FLASH) += vbnv_flash.c
romstage-$(CONFIG_VBOOT_VBNV_CMOS_BACKUP_TO_FLASH) += vbnv_flash.c romstage-$(CONFIG_VBOOT_VBNV_CMOS_BACKUP_TO_FLASH) += vbnv_flash.c
ramstage-$(CONFIG_VBOOT_VBNV_CMOS_BACKUP_TO_FLASH) += vbnv_flash.c ramstage-$(CONFIG_VBOOT_VBNV_CMOS_BACKUP_TO_FLASH) += vbnv_flash.c
bootblock-$(CONFIG_VBOOT_VBNV_EC) += vbnv_ec.c
verstage-$(CONFIG_VBOOT_VBNV_EC) += vbnv_ec.c
romstage-$(CONFIG_VBOOT_VBNV_EC) += vbnv_ec.c
ramstage-$(CONFIG_VBOOT_VBNV_EC) += vbnv_ec.c
bootblock-$(CONFIG_VBOOT_VBNV_FLASH) += vbnv_flash.c bootblock-$(CONFIG_VBOOT_VBNV_FLASH) += vbnv_flash.c
verstage-$(CONFIG_VBOOT_VBNV_FLASH) += vbnv_flash.c verstage-$(CONFIG_VBOOT_VBNV_FLASH) += vbnv_flash.c
romstage-$(CONFIG_VBOOT_VBNV_FLASH) += vbnv_flash.c romstage-$(CONFIG_VBOOT_VBNV_FLASH) += vbnv_flash.c

View File

@ -1,5 +1,6 @@
/* SPDX-License-Identifier: GPL-2.0-only */ /* SPDX-License-Identifier: GPL-2.0-only */
#include <assert.h>
#include <string.h> #include <string.h>
#include <types.h> #include <types.h>
#include <security/vboot/vbnv.h> #include <security/vboot/vbnv.h>
@ -61,10 +62,10 @@ void read_vbnv(uint8_t *vbnv_copy)
{ {
if (CONFIG(VBOOT_VBNV_CMOS)) if (CONFIG(VBOOT_VBNV_CMOS))
read_vbnv_cmos(vbnv_copy); read_vbnv_cmos(vbnv_copy);
else if (CONFIG(VBOOT_VBNV_EC))
read_vbnv_ec(vbnv_copy);
else if (CONFIG(VBOOT_VBNV_FLASH)) else if (CONFIG(VBOOT_VBNV_FLASH))
read_vbnv_flash(vbnv_copy); read_vbnv_flash(vbnv_copy);
else
dead_code();
/* Check data for consistency */ /* Check data for consistency */
if (!verify_vbnv(vbnv_copy)) if (!verify_vbnv(vbnv_copy))
@ -79,10 +80,10 @@ void save_vbnv(const uint8_t *vbnv_copy)
{ {
if (CONFIG(VBOOT_VBNV_CMOS)) if (CONFIG(VBOOT_VBNV_CMOS))
save_vbnv_cmos(vbnv_copy); save_vbnv_cmos(vbnv_copy);
else if (CONFIG(VBOOT_VBNV_EC))
save_vbnv_ec(vbnv_copy);
else if (CONFIG(VBOOT_VBNV_FLASH)) else if (CONFIG(VBOOT_VBNV_FLASH))
save_vbnv_flash(vbnv_copy); save_vbnv_flash(vbnv_copy);
else
dead_code();
/* Clear initialized flag to force cached data to be updated */ /* Clear initialized flag to force cached data to be updated */
vbnv_initialized = 0; vbnv_initialized = 0;

View File

@ -1,17 +0,0 @@
/* SPDX-License-Identifier: GPL-2.0-only */
#include <types.h>
#include <ec/google/chromeec/ec.h>
#include <security/vboot/vbnv.h>
#include <security/vboot/vbnv_layout.h>
void read_vbnv_ec(uint8_t *vbnv_copy)
{
google_chromeec_vbnv_context(1, vbnv_copy, VBOOT_VBNV_BLOCK_SIZE);
}
void save_vbnv_ec(const uint8_t *vbnv_copy)
{
google_chromeec_vbnv_context(0, (uint8_t *)vbnv_copy,
VBOOT_VBNV_BLOCK_SIZE);
}

View File

@ -18,9 +18,9 @@ SECTIONS
SRAM_START(0xFF700000) SRAM_START(0xFF700000)
TTB(0xFF700000, 16K) TTB(0xFF700000, 16K)
BOOTBLOCK(0xFF704004, 16K - 4) BOOTBLOCK(0xFF704004, 16K - 4)
PRERAM_CBMEM_CONSOLE(0xFF708000, 2K) PRERAM_CBMEM_CONSOLE(0xFF708000, 1K)
VBOOT2_WORK(0xFF708800, 12K) VBOOT2_WORK(0xFF708400, 12K)
OVERLAP_VERSTAGE_ROMSTAGE(0xFF70B800, 46K + 768) OVERLAP_VERSTAGE_ROMSTAGE(0xFF70B400, 47K + 768)
PRERAM_CBFS_CACHE(0xFF717300, 256) PRERAM_CBFS_CACHE(0xFF717300, 256)
TIMESTAMP(0xFF717400, 0x180) TIMESTAMP(0xFF717400, 0x180)
STACK(0xFF717580, 3K - 0x180) STACK(0xFF717580, 3K - 0x180)