From 6d720f38e06d14cc8a89635f66dc124dcd5ac150 Mon Sep 17 00:00:00 2001 From: Aaron Durbin Date: Tue, 8 Dec 2015 17:00:23 -0600 Subject: [PATCH] cbfs/vboot: remove firmware component support The Chrome OS verified boot path supported multiple CBFS instances in the boot media as well as stand-alone assets sitting in each vboot RW slot. Remove the support for the stand-alone assets and always use CBFS accesses as the way to retrieve data. This is implemented by adding a cbfs_locator object which is queried for locating the current CBFS. Additionally, it is also signalled prior to when a program is about to be loaded by coreboot for the subsequent stage/payload. This provides the same opportunity as previous for vboot to hook in and perform its logic. BUG=chromium:445938 BRANCH=None TEST=Built and ran on glados. CQ-DEPEND=CL:307121,CL:31691,CL:31690 Change-Id: I6a3a15feb6edd355d6ec252c36b6f7885b383099 Signed-off-by: Aaron Durbin Reviewed-on: https://review.coreboot.org/12689 Tested-by: build bot (Jenkins) Tested-by: Raptor Engineering Automated Test Stand Reviewed-by: Patrick Georgi Reviewed-by: Stefan Reinauer --- src/arch/x86/mmap_boot.c | 10 +- src/commonlib/include/commonlib/region.h | 10 +- src/drivers/intel/fsp1_1/car.c | 12 +- src/include/cbfs.h | 14 ++ src/include/program_loading.h | 5 +- src/lib/Makefile.inc | 4 - src/lib/cbfs.c | 96 ++++++++++++- src/lib/cbfs_boot_props.c | 60 -------- src/lib/prog_loaders.c | 14 ++ src/mainboard/google/auron/Kconfig | 8 -- src/mainboard/google/chell/Kconfig | 4 - src/mainboard/google/foster/Kconfig | 7 - src/mainboard/google/glados/Kconfig | 4 - src/mainboard/google/lars/Kconfig | 4 - src/mainboard/google/smaug/Kconfig | 11 -- src/mainboard/intel/kunimitsu/Kconfig | 4 - src/mainboard/intel/sklrvp/Kconfig | 4 - src/mainboard/intel/strago/Kconfig | 6 - src/vendorcode/google/chromeos/Kconfig | 1 + src/vendorcode/google/chromeos/vboot2/Kconfig | 51 ------- .../google/chromeos/vboot2/common.c | 24 ++-- src/vendorcode/google/chromeos/vboot2/misc.h | 7 +- .../google/chromeos/vboot2/vboot_handoff.c | 31 ----- .../google/chromeos/vboot2/vboot_loader.c | 130 ++++++------------ .../google/chromeos/vboot2/vboot_logic.c | 2 +- .../google/chromeos/vboot_handoff.h | 18 +-- 26 files changed, 206 insertions(+), 335 deletions(-) delete mode 100644 src/lib/cbfs_boot_props.c diff --git a/src/arch/x86/mmap_boot.c b/src/arch/x86/mmap_boot.c index 850e62d1f6..ae35451b3c 100644 --- a/src/arch/x86/mmap_boot.c +++ b/src/arch/x86/mmap_boot.c @@ -14,7 +14,6 @@ */ #include -#include #include #include #include @@ -30,7 +29,7 @@ const struct region_device *boot_device_ro(void) return &boot_dev.rdev; } -int cbfs_boot_region_properties(struct cbfs_props *props) +static int cbfs_master_header_props(struct cbfs_props *props) { struct cbfs_header header; int32_t offset; @@ -63,7 +62,10 @@ int cbfs_boot_region_properties(struct cbfs_props *props) props->size -= header.bootblocksize; props->size = ALIGN_DOWN(props->size, 64); - printk(BIOS_DEBUG, "CBFS @ %zx size %zx\n", props->offset, props->size); - return 0; } + +const struct cbfs_locator cbfs_master_header_locator = { + .name = "Master Header Locator", + .locate = cbfs_master_header_props, +}; diff --git a/src/commonlib/include/commonlib/region.h b/src/commonlib/include/commonlib/region.h index 683be31cbe..cc4ee289d2 100644 --- a/src/commonlib/include/commonlib/region.h +++ b/src/commonlib/include/commonlib/region.h @@ -99,14 +99,20 @@ static inline size_t region_sz(const struct region *r) return r->size; } +static inline const struct region *region_device_region( + const struct region_device *rdev) +{ + return &rdev->region; +} + static inline size_t region_device_sz(const struct region_device *rdev) { - return region_sz(&rdev->region); + return region_sz(region_device_region(rdev)); } static inline size_t region_device_offset(const struct region_device *rdev) { - return region_offset(&rdev->region); + return region_offset(region_device_region(rdev)); } /* Memory map entire region device. Same semantics as rdev_mmap() above. */ diff --git a/src/drivers/intel/fsp1_1/car.c b/src/drivers/intel/fsp1_1/car.c index 9d71faa733..23312e14cc 100644 --- a/src/drivers/intel/fsp1_1/car.c +++ b/src/drivers/intel/fsp1_1/car.c @@ -14,11 +14,11 @@ */ #include -#include #include #include #include #include +#include #include #include @@ -79,15 +79,17 @@ asmlinkage void *romstage_after_verstage(void) /* Need to locate the current FSP_INFO_HEADER. The cache-as-ram * is still enabled. We can directly access work buffer here. */ FSP_INFO_HEADER *fih; - struct asset fsp = ASSET_INIT(ASSET_REFCODE, "fsp.bin"); + struct prog fsp = PROG_INIT(ASSET_REFCODE, "fsp.bin"); console_init(); - if (asset_locate(&fsp)) { + if (prog_locate(&fsp)) { fih = NULL; - printk(BIOS_ERR, "Unable to locate %s\n", asset_name(&fsp)); + printk(BIOS_ERR, "Unable to locate %s\n", prog_name(&fsp)); } else - fih = find_fsp((uintptr_t)asset_mmap(&fsp)); + /* This leaks a mapping which this code assumes is benign as + * the flash is memory mapped CPU's address space. */ + fih = find_fsp((uintptr_t)rdev_mmap_full(prog_rdev(&fsp))); set_fih_car(fih); diff --git a/src/include/cbfs.h b/src/include/cbfs.h index dcca173bea..7848d6d6fd 100644 --- a/src/include/cbfs.h +++ b/src/include/cbfs.h @@ -81,4 +81,18 @@ struct cbfs_props { /* Return < 0 on error otherwise props are filled out accordingly. */ int cbfs_boot_region_properties(struct cbfs_props *props); +/* Allow external logic to take action prior to locating a program + * (stage or payload). */ +void cbfs_prepare_program_locate(void); + +/* Object used to identify location of current cbfs to use for cbfs_boot_* + * operations. It's used by cbfs_boot_region_properties() and + * cbfs_prepare_program_locate(). */ +struct cbfs_locator { + const char *name; + void (*prepare)(void); + /* Returns 0 on successful fill of cbfs properties. */ + int (*locate)(struct cbfs_props *props); +}; + #endif diff --git a/src/include/program_loading.h b/src/include/program_loading.h index 2f3a537fd6..4385e3602e 100644 --- a/src/include/program_loading.h +++ b/src/include/program_loading.h @@ -106,10 +106,7 @@ static inline void prog_set_entry(struct prog *prog, void *e, void *arg) } /* Locate the identified program to run. Return 0 on success. < 0 on error. */ -static inline int prog_locate(struct prog *prog) -{ - return asset_locate(&prog->asset); -} +int prog_locate(struct prog *prog); /* Run the program described by prog. */ void prog_run(struct prog *prog); diff --git a/src/lib/Makefile.inc b/src/lib/Makefile.inc index 59b1317438..0aada5373f 100644 --- a/src/lib/Makefile.inc +++ b/src/lib/Makefile.inc @@ -23,7 +23,6 @@ bootblock-y += assets.c bootblock-y += prog_loaders.c bootblock-y += prog_ops.c bootblock-y += cbfs.c -bootblock-y += cbfs_boot_props.c bootblock-$(CONFIG_COMMON_CBFS_SPI_WRAPPER) += cbfs_spi.c bootblock-$(CONFIG_GENERIC_GPIO_LIB) += gpio.c bootblock-y += libgcc.c @@ -47,7 +46,6 @@ verstage-y += delay.c verstage-y += cbfs.c verstage-y += halt.c verstage-y += fmap.c -verstage-y += cbfs_boot_props.c verstage-y += libgcc.c verstage-y += memcmp.c verstage-$(CONFIG_COLLECT_TIMESTAMPS) += timestamp.c @@ -76,7 +74,6 @@ $(foreach arch,$(ARCH_SUPPORTED),\ romstage-y += fmap.c romstage-$(CONFIG_I2C_TPM) += delay.c romstage-y += cbfs.c -romstage-y += cbfs_boot_props.c romstage-$(CONFIG_COMMON_CBFS_SPI_WRAPPER) += cbfs_spi.c romstage-$(CONFIG_COMPRESS_RAMSTAGE) += lzma.c lzmadecode.c romstage-y += libgcc.c @@ -117,7 +114,6 @@ ramstage-y += delay.c ramstage-y += fallback_boot.c ramstage-y += compute_ip_checksum.c ramstage-y += cbfs.c -ramstage-y += cbfs_boot_props.c ramstage-$(CONFIG_COMMON_CBFS_SPI_WRAPPER) += cbfs_spi.c ramstage-y += lzma.c lzmadecode.c ramstage-y += stack.c diff --git a/src/lib/cbfs.c b/src/lib/cbfs.c index c782818ced..1d0869c950 100644 --- a/src/lib/cbfs.c +++ b/src/lib/cbfs.c @@ -37,8 +37,6 @@ int cbfs_boot_locate(struct cbfsf *fh, const char *name, uint32_t *type) const struct region_device *boot_dev; struct cbfs_props props; - boot_device_init(); - if (cbfs_boot_region_properties(&props)) return -1; @@ -255,3 +253,97 @@ out: return 0; } + +static int cbfs_master_header_props(struct cbfs_props *props) +{ + struct cbfs_header header; + const struct region_device *bdev; + int32_t rel_offset; + size_t offset; + + bdev = boot_device_ro(); + + if (bdev == NULL) + return -1; + + /* Find location of header using signed 32-bit offset from + * end of CBFS region. */ + offset = CONFIG_CBFS_SIZE - sizeof(int32_t); + if (rdev_readat(bdev, &rel_offset, offset, sizeof(int32_t)) < 0) + return -1; + + offset = CONFIG_CBFS_SIZE + rel_offset; + if (rdev_readat(bdev, &header, offset, sizeof(header)) < 0) + return -1; + + header.magic = ntohl(header.magic); + header.romsize = ntohl(header.romsize); + header.offset = ntohl(header.offset); + + if (header.magic != CBFS_HEADER_MAGIC) + return -1; + + props->offset = header.offset; + props->size = header.romsize; + props->size -= props->offset; + + printk(BIOS_SPEW, "CBFS @ %zx size %zx\n", props->offset, props->size); + + return 0; +} + +/* This struct is marked as weak to allow a particular platform to + * override the master header logic. This implementation should work for most + * devices. */ +const struct cbfs_locator __attribute__((weak)) cbfs_master_header_locator = { + .name = "Master Header Locator", + .locate = cbfs_master_header_props, +}; + +extern const struct cbfs_locator vboot_locator; + +static const struct cbfs_locator *locators[] = { +#if CONFIG_VBOOT_VERIFY_FIRMWARE + &vboot_locator, +#endif + &cbfs_master_header_locator, +}; + +int cbfs_boot_region_properties(struct cbfs_props *props) +{ + int i; + + boot_device_init(); + + for (i = 0; i < ARRAY_SIZE(locators); i++) { + const struct cbfs_locator *ops; + + ops = locators[i]; + + if (ops->locate == NULL) + continue; + + if (ops->locate(props)) + continue; + + LOG("'%s' located CBFS at [%zx:%zx)\n", + ops->name, props->offset, props->offset + props->size); + + return 0; + } + + return -1; +} + +void cbfs_prepare_program_locate(void) +{ + int i; + + boot_device_init(); + + for (i = 0; i < ARRAY_SIZE(locators); i++) { + if (locators[i]->prepare == NULL) + continue; + locators[i]->prepare(); + } +} diff --git a/src/lib/cbfs_boot_props.c b/src/lib/cbfs_boot_props.c deleted file mode 100644 index 7ff3726c4b..0000000000 --- a/src/lib/cbfs_boot_props.c +++ /dev/null @@ -1,60 +0,0 @@ -/* - * This file is part of the coreboot project. - * - * Copyright 2015 Google Inc. - * - * This program is free software; you can redistribute it and/or modify - * it under the terms of the GNU General Public License as published by - * the Free Software Foundation; version 2 of the License. - * - * This program is distributed in the hope that it will be useful, - * but WITHOUT ANY WARRANTY; without even the implied warranty of - * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the - * GNU General Public License for more details. - */ - -#include -#include -#include -#include -#include - -/* This function is marked as weak to allow a particular platform to - * override the logic. This implementation should work for most devices. */ -int __attribute__((weak)) cbfs_boot_region_properties(struct cbfs_props *props) -{ - struct cbfs_header header; - const struct region_device *bdev; - int32_t rel_offset; - size_t offset; - - bdev = boot_device_ro(); - - if (bdev == NULL) - return -1; - - /* Find location of header using signed 32-bit offset from - * end of CBFS region. */ - offset = CONFIG_CBFS_SIZE - sizeof(int32_t); - if (rdev_readat(bdev, &rel_offset, offset, sizeof(int32_t)) < 0) - return -1; - - offset = CONFIG_CBFS_SIZE + rel_offset; - if (rdev_readat(bdev, &header, offset, sizeof(header)) < 0) - return -1; - - header.magic = ntohl(header.magic); - header.romsize = ntohl(header.romsize); - header.offset = ntohl(header.offset); - - if (header.magic != CBFS_HEADER_MAGIC) - return -1; - - props->offset = header.offset; - props->size = header.romsize; - props->size -= props->offset; - - printk(BIOS_SPEW, "CBFS @ %zx size %zx\n", props->offset, props->size); - - return 0; -} diff --git a/src/lib/prog_loaders.c b/src/lib/prog_loaders.c index a5598c7003..e27eca1f3a 100644 --- a/src/lib/prog_loaders.c +++ b/src/lib/prog_loaders.c @@ -33,6 +33,20 @@ /* Only can represent up to 1 byte less than size_t. */ const struct mem_region_device addrspace_32bit = MEM_REGION_DEV_INIT(0, ~0UL); +int prog_locate(struct prog *prog) +{ + struct cbfsf file; + + cbfs_prepare_program_locate(); + + if (cbfs_boot_locate(&file, prog_name(prog), NULL)) + return -1; + + cbfs_file_data(prog_rdev(prog), &file); + + return 0; +} + void run_romstage(void) { struct prog romstage = diff --git a/src/mainboard/google/auron/Kconfig b/src/mainboard/google/auron/Kconfig index c5a4ef4026..b812674c2e 100644 --- a/src/mainboard/google/auron/Kconfig +++ b/src/mainboard/google/auron/Kconfig @@ -21,14 +21,6 @@ config CHROMEOS select EC_SOFTWARE_SYNC select VIRTUAL_DEV_SWITCH -config VBOOT_RAMSTAGE_INDEX - hex - default 0x2 - -config VBOOT_REFCODE_INDEX - hex - default 0x3 - config MAINBOARD_DIR string default google/auron diff --git a/src/mainboard/google/chell/Kconfig b/src/mainboard/google/chell/Kconfig index f09198ff8a..5773413a08 100644 --- a/src/mainboard/google/chell/Kconfig +++ b/src/mainboard/google/chell/Kconfig @@ -55,8 +55,4 @@ config TPM_PIRQ hex default 0x18 # GPP_E0_IRQ -config VBOOT_RAMSTAGE_INDEX - hex - default 0x3 - endif diff --git a/src/mainboard/google/foster/Kconfig b/src/mainboard/google/foster/Kconfig index f843a9ea5b..2ad3552a4c 100644 --- a/src/mainboard/google/foster/Kconfig +++ b/src/mainboard/google/foster/Kconfig @@ -76,13 +76,6 @@ config BOOT_MEDIA_SPI_CHIP_SELECT help Which chip select to use for boot media. -# For foster, we are using vboot2. Thus, index for stages: -# VBOOT_ROMSTAGE_INDEX -> Use default value of 0x2 -# VBOOT_RAMSTAGE_INDEX -> Use 0x3 -config VBOOT_RAMSTAGE_INDEX - hex - default 0x3 - config DRIVER_TPM_I2C_BUS hex default 0x2 diff --git a/src/mainboard/google/glados/Kconfig b/src/mainboard/google/glados/Kconfig index 029aa1b89b..1bea9fda59 100644 --- a/src/mainboard/google/glados/Kconfig +++ b/src/mainboard/google/glados/Kconfig @@ -55,8 +55,4 @@ config TPM_PIRQ hex default 0x18 # GPP_E0_IRQ -config VBOOT_RAMSTAGE_INDEX - hex - default 0x3 - endif diff --git a/src/mainboard/google/lars/Kconfig b/src/mainboard/google/lars/Kconfig index 70e6726a3a..58391ae59b 100644 --- a/src/mainboard/google/lars/Kconfig +++ b/src/mainboard/google/lars/Kconfig @@ -50,8 +50,4 @@ config MAX_CPUS int default 8 -config VBOOT_RAMSTAGE_INDEX - hex - default 0x3 - endif diff --git a/src/mainboard/google/smaug/Kconfig b/src/mainboard/google/smaug/Kconfig index 576a2f8db3..a23a0d33d7 100644 --- a/src/mainboard/google/smaug/Kconfig +++ b/src/mainboard/google/smaug/Kconfig @@ -83,17 +83,6 @@ config BOOT_MEDIA_SPI_CHIP_SELECT help Which chip select to use for boot media. -# For smaug, we are using vboot2. Thus, index for stages: -# VBOOT_ROMSTAGE_INDEX -> Use default value of 0x2 -# VBOOT_RAMSTAGE_INDEX -> Use 0x3 -config VBOOT_BL31_INDEX - hex - default 0x4 - -config VBOOT_RAMSTAGE_INDEX - hex - default 0x3 - config DRIVER_TPM_I2C_BUS hex default 0x2 diff --git a/src/mainboard/intel/kunimitsu/Kconfig b/src/mainboard/intel/kunimitsu/Kconfig index 5a5b3cdc85..81c18f554b 100644 --- a/src/mainboard/intel/kunimitsu/Kconfig +++ b/src/mainboard/intel/kunimitsu/Kconfig @@ -50,8 +50,4 @@ config MAX_CPUS int default 8 -config VBOOT_RAMSTAGE_INDEX - hex - default 0x3 - endif diff --git a/src/mainboard/intel/sklrvp/Kconfig b/src/mainboard/intel/sklrvp/Kconfig index 73b866a3f6..e6dd86b4b0 100644 --- a/src/mainboard/intel/sklrvp/Kconfig +++ b/src/mainboard/intel/sklrvp/Kconfig @@ -40,8 +40,4 @@ config MAX_CPUS int default 8 -config VBOOT_RAMSTAGE_INDEX - hex - default 0x3 - endif diff --git a/src/mainboard/intel/strago/Kconfig b/src/mainboard/intel/strago/Kconfig index 364e242ffc..facd97f7e7 100755 --- a/src/mainboard/intel/strago/Kconfig +++ b/src/mainboard/intel/strago/Kconfig @@ -47,12 +47,6 @@ config MAINBOARD_VENDOR string default "Intel" -config VBOOT_RAMSTAGE_INDEX - hex - default 0x2 -config VBOOT_REFCODE_INDEX - hex - default 0x3 if !GOP_SUPPORT config VGA_BIOS_FILE string diff --git a/src/vendorcode/google/chromeos/Kconfig b/src/vendorcode/google/chromeos/Kconfig index aae611cde2..87fc024b61 100644 --- a/src/vendorcode/google/chromeos/Kconfig +++ b/src/vendorcode/google/chromeos/Kconfig @@ -28,6 +28,7 @@ config CHROMEOS select ELOG if SPI_FLASH select COLLECT_TIMESTAMPS select VBOOT_VERIFY_FIRMWARE + select MULTIPLE_CBFS_INSTANCES help Enable ChromeOS specific features like the GPIO sub table in the coreboot table. NOTE: Enabling this option on an unsupported diff --git a/src/vendorcode/google/chromeos/vboot2/Kconfig b/src/vendorcode/google/chromeos/vboot2/Kconfig index 66659ddad1..7580d8d50c 100644 --- a/src/vendorcode/google/chromeos/vboot2/Kconfig +++ b/src/vendorcode/google/chromeos/vboot2/Kconfig @@ -68,57 +68,6 @@ config CHIPSET_PROVIDES_VERSTAGE_MAIN_SYMBOL help The chipset code provides their own main() entry point. -# These VBOOT_X_INDEX are the position of X in FW_MAIN_A/B region. The index -# table is created by cros_bundle_firmware at build time based on the positions -# of the blobs listed in fmap.dts and stored at the top of FW_MAIN_A/B region. -# Unfortunately, there is no programmatical link between the blob list and the -# index number here. -config VBOOT_ROMSTAGE_INDEX - hex "Romstage component index" - default 2 - depends on VBOOT_VERIFY_FIRMWARE - help - This is the index of the romstage component in the verified - firmware block. - -config VBOOT_RAMSTAGE_INDEX - hex "Ramstage component index" - default 1 - depends on VBOOT_VERIFY_FIRMWARE - help - This is the index of the ramstage component in the verified - firmware block. - -config VBOOT_REFCODE_INDEX - hex "Reference code firmware index" - default 1 - depends on VBOOT_VERIFY_FIRMWARE - help - This is the index of the reference code component in the verified - firmware block. - -config VBOOT_BOOT_LOADER_INDEX - hex "Bootloader component index" - default 0 - depends on VBOOT_VERIFY_FIRMWARE - help - This is the index of the bootloader component in the verified - firmware block. - -config VBOOT_SECURE_OS_INDEX - hex "ARM64 Secure OS index" - default 0x5 - depends on VBOOT_VERIFY_FIRMWARE - help - Secure OS software component used on ARM64 machines. - -config VBOOT_BL31_INDEX - hex "ARM64 BL31 index" - default 0x4 - depends on VBOOT_VERIFY_FIRMWARE - help - This is the index of the BL31 program on ARM64 machines. - config VBOOT_DYNAMIC_WORK_BUFFER bool "Vboot's work buffer is dynamically allocated." default y if ARCH_ROMSTAGE_X86_32 && !SEPARATE_VERSTAGE diff --git a/src/vendorcode/google/chromeos/vboot2/common.c b/src/vendorcode/google/chromeos/vboot2/common.c index fbad1126f8..4282408535 100644 --- a/src/vendorcode/google/chromeos/vboot2/common.c +++ b/src/vendorcode/google/chromeos/vboot2/common.c @@ -115,21 +115,27 @@ struct vb2_shared_data *vb2_get_shared_data(void) return (void *)((uintptr_t)wd + wd->buffer_offset); } -int vb2_get_selected_region(struct region_device *rdev) +int vb2_get_selected_region(struct region *region) { const struct selected_region *reg = vb2_selected_region(); - struct region region = { - .offset = reg->offset, - .size = reg->size, - }; - return vboot_region_device(®ion, rdev); + + if (reg == NULL) + return -1; + + if (reg->offset == 0 && reg->size == 0) + return -1; + + region->offset = reg->offset; + region->size = reg->size; + + return 0; } -void vb2_set_selected_region(struct region_device *rdev) +void vb2_set_selected_region(const struct region *region) { struct selected_region *reg = vb2_selected_region(); - reg->offset = region_device_offset(rdev); - reg->size = region_device_sz(rdev); + reg->offset = region_offset(region); + reg->size = region_sz(region); } int vboot_is_slot_selected(void) diff --git a/src/vendorcode/google/chromeos/vboot2/misc.h b/src/vendorcode/google/chromeos/vboot2/misc.h index 75874c86b8..fc9d2547cb 100644 --- a/src/vendorcode/google/chromeos/vboot2/misc.h +++ b/src/vendorcode/google/chromeos/vboot2/misc.h @@ -22,16 +22,13 @@ struct vb2_context; struct vb2_shared_data; void vboot_fill_handoff(void); -void *vboot_load_stage(int stage_index, - struct region *fw_main, - struct vboot_components *fw_info); void vb2_init_work_context(struct vb2_context *ctx); struct vb2_shared_data *vb2_get_shared_data(void); /* Returns 0 on success. < 0 on failure. */ -int vb2_get_selected_region(struct region_device *rdev); -void vb2_set_selected_region(struct region_device *rdev); +int vb2_get_selected_region(struct region *region); +void vb2_set_selected_region(const struct region *region); int vboot_is_slot_selected(void); int vboot_is_readonly_path(void); diff --git a/src/vendorcode/google/chromeos/vboot2/vboot_handoff.c b/src/vendorcode/google/chromeos/vboot2/vboot_handoff.c index dc3515f459..246aefecee 100644 --- a/src/vendorcode/google/chromeos/vboot2/vboot_handoff.c +++ b/src/vendorcode/google/chromeos/vboot2/vboot_handoff.c @@ -120,12 +120,8 @@ static void fill_vboot_handoff(struct vboot_handoff *vboot_handoff, void vboot_fill_handoff(void) { - int i; struct vboot_handoff *vh; struct vb2_shared_data *sd; - struct region_device fw_main; - struct vboot_components *fw_info; - size_t metadata_sz; sd = vb2_get_shared_data(); sd->workbuf_hash_offset = 0; @@ -142,33 +138,6 @@ void vboot_fill_handoff(void) /* needed until we finish transtion to vboot2 for kernel verification */ fill_vboot_handoff(vh, sd); - - /* Nothing left to do in readonly path. */ - if (vboot_is_readonly_path()) - return; - - if (IS_ENABLED(CONFIG_MULTIPLE_CBFS_INSTANCES)) - return; - - if (vb2_get_selected_region(&fw_main)) - die("No component metadata.\n"); - - metadata_sz = sizeof(*fw_info); - metadata_sz += MAX_PARSED_FW_COMPONENTS * sizeof(fw_info->entries[0]); - - fw_info = rdev_mmap(&fw_main, 0, metadata_sz); - - if (fw_info == NULL) - die("failed to locate firmware components\n"); - - /* these offset & size are used to load a rw boot loader */ - for (i = 0; i < fw_info->num_components; i++) { - vh->components[i].address = region_device_offset(&fw_main); - vh->components[i].address += fw_info->entries[i].offset; - vh->components[i].size = fw_info->entries[i].size; - } - - rdev_munmap(&fw_main, fw_info); } /* diff --git a/src/vendorcode/google/chromeos/vboot2/vboot_loader.c b/src/vendorcode/google/chromeos/vboot2/vboot_loader.c index b5570dd7ca..5fdd0261cf 100644 --- a/src/vendorcode/google/chromeos/vboot2/vboot_loader.c +++ b/src/vendorcode/google/chromeos/vboot2/vboot_loader.c @@ -13,7 +13,7 @@ * GNU General Public License for more details. */ -#include +#include #include #include #include @@ -59,7 +59,34 @@ static int verstage_should_load(void) return 0; } -static int vboot_active(struct asset *asset) +static int vboot_executed CAR_GLOBAL; + +static int vboot_logic_executed(void) +{ + /* If this stage is supposed to run the vboot logic ensure it has been + * executed. */ + if (verification_should_run() && car_get_var(vboot_executed)) + return 1; + + /* If this stage is supposed to load verstage and verstage is returning + * back to the calling stage check that it has been executed. */ + if (verstage_should_load() && IS_ENABLED(CONFIG_RETURN_FROM_VERSTAGE)) + if (car_get_var(vboot_executed)) + return 1; + + /* Handle all other stages post vboot execution. */ + if (!ENV_BOOTBLOCK) { + if (IS_ENABLED(CONFIG_VBOOT_STARTS_IN_BOOTBLOCK)) + return 1; + if (IS_ENABLED(CONFIG_VBOOT_STARTS_IN_ROMSTAGE) && + !ENV_ROMSTAGE) + return 1; + } + + return 0; +} + +static void vboot_prepare(void) { int run_verification; @@ -67,6 +94,7 @@ static int vboot_active(struct asset *asset) if (run_verification) { verstage_main(); + car_set_var(vboot_executed, 1); } else if (verstage_should_load()) { struct cbfsf file; struct prog verstage = @@ -91,7 +119,9 @@ static int vboot_active(struct asset *asset) * runtime, but this provides a hint to the compiler for dead * code elimination below. */ if (!IS_ENABLED(CONFIG_RETURN_FROM_VERSTAGE)) - return 0; + return; + + car_set_var(vboot_executed, 1); } /* @@ -106,103 +136,27 @@ static int vboot_active(struct asset *asset) vb2_store_selected_region(); vboot_fill_handoff(); } - - return vboot_is_slot_selected(); } -static int vboot_locate_by_components(const struct region_device *fw_main, - struct asset *asset) +static int vboot_locate(struct cbfs_props *props) { - struct vboot_components *fw_info; - size_t metadata_sz; - size_t offset; - size_t size; - struct region_device *fw = asset_rdev(asset); - int fw_index = 0; + struct region selected_region; - if (asset_type(asset) == ASSET_ROMSTAGE) - fw_index = CONFIG_VBOOT_ROMSTAGE_INDEX; - else if (asset_type(asset) == ASSET_RAMSTAGE) - fw_index = CONFIG_VBOOT_RAMSTAGE_INDEX; - else if (asset_type(asset) == ASSET_PAYLOAD) - fw_index = CONFIG_VBOOT_BOOT_LOADER_INDEX; - else if (asset_type(asset) == ASSET_REFCODE) - fw_index = CONFIG_VBOOT_REFCODE_INDEX; - else if (asset_type(asset) == ASSET_BL31) - fw_index = CONFIG_VBOOT_BL31_INDEX; - else - die("Invalid program type for vboot."); - - metadata_sz = sizeof(*fw_info); - metadata_sz += MAX_PARSED_FW_COMPONENTS * sizeof(fw_info->entries[0]); - - fw_info = rdev_mmap(fw_main, 0, metadata_sz); - - if (fw_info == NULL) { - printk(BIOS_INFO, "No component metadata.\n"); + /* Don't honor vboot results until the vboot logic has run. */ + if (!vboot_logic_executed()) return -1; - } - if (fw_index >= fw_info->num_components) { - printk(BIOS_INFO, "invalid index: %d\n", fw_index); - rdev_munmap(fw_main, fw_info); + if (vb2_get_selected_region(&selected_region)) return -1; - } - offset = fw_info->entries[fw_index].offset; - size = fw_info->entries[fw_index].size; - rdev_munmap(fw_main, fw_info); - - if (rdev_chain(fw, fw_main, offset, size)) { - printk(BIOS_INFO, "invalid offset or size\n"); - return -1; - } + props->offset = region_offset(&selected_region); + props->size = region_sz(&selected_region); return 0; } -static int vboot_locate_by_multi_cbfs(const struct region_device *fw_main, - struct asset *asset) -{ - struct cbfsf file; - - if (cbfs_locate(&file, fw_main, asset_name(asset), NULL)) - return -1; - - cbfs_file_data(asset_rdev(asset), &file); - - return 0; -} - -static int vboot_asset_locate(const struct region_device *fw_main, - struct asset *asset) -{ - if (IS_ENABLED(CONFIG_MULTIPLE_CBFS_INSTANCES)) - return vboot_locate_by_multi_cbfs(fw_main, asset); - else - return vboot_locate_by_components(fw_main, asset); -} - -/* This function is only called when vboot_active() returns 1. That - * means we are taking vboot paths. */ -static int vboot_locate(struct asset *asset) -{ - struct region_device fw_main; - - /* Code size optimization. We'd never actually get called under the - * followin cirumstances because verstage was loaded and ran -- never - * returning. */ - if (verstage_should_load() && !IS_ENABLED(CONFIG_RETURN_FROM_VERSTAGE)) - return 0; - - if (vb2_get_selected_region(&fw_main)) - die("failed to reference selected region\n"); - - return vboot_asset_locate(&fw_main, asset); -} - -const struct asset_provider vboot_provider = { +const struct cbfs_locator vboot_locator = { .name = "VBOOT", - .is_active = vboot_active, + .prepare = vboot_prepare, .locate = vboot_locate, }; diff --git a/src/vendorcode/google/chromeos/vboot2/vboot_logic.c b/src/vendorcode/google/chromeos/vboot2/vboot_logic.c index c580829d52..b72de93245 100644 --- a/src/vendorcode/google/chromeos/vboot2/vboot_logic.c +++ b/src/vendorcode/google/chromeos/vboot2/vboot_logic.c @@ -323,6 +323,6 @@ void verstage_main(void) } printk(BIOS_INFO, "Slot %c is selected\n", is_slot_a(&ctx) ? 'A' : 'B'); - vb2_set_selected_region(&fw_main); + vb2_set_selected_region(region_device_region(&fw_main)); timestamp_add_now(TS_END_VBOOT); } diff --git a/src/vendorcode/google/chromeos/vboot_handoff.h b/src/vendorcode/google/chromeos/vboot_handoff.h index 4b88e829a6..f06044403d 100644 --- a/src/vendorcode/google/chromeos/vboot_handoff.h +++ b/src/vendorcode/google/chromeos/vboot_handoff.h @@ -21,30 +21,14 @@ #include "chromeos.h" #include "vboot_common.h" -/* - * The vboot handoff structure keeps track of a maximum number of firmware - * components in the verfieid RW area of flash. This is not a restriction on - * the number of components packed in a firmware block. It's only the maximum - * number of parsed firmware components (address and size) included in the - * handoff structure. - */ -#define MAX_PARSED_FW_COMPONENTS 6 - -struct firmware_component { - uint32_t address; - uint32_t size; -} __attribute__((packed)); - /* * The vboot_handoff structure contains the data to be consumed by downstream * firmware after firmware selection has been completed. Namely it provides - * vboot shared data as well as the flags from VbInit. As noted above a finite - * number of components are parsed from the verfieid firmare region. + * vboot shared data as well as the flags from VbInit. */ struct vboot_handoff { VbInitParams init_params; uint32_t selected_firmware; - struct firmware_component components[MAX_PARSED_FW_COMPONENTS]; char shared_data[VB_SHARED_DATA_MIN_SIZE]; } __attribute__((packed));