cbfs/vboot: remove firmware component support

The Chrome OS verified boot path supported multiple CBFS instances in the boot media as well as stand-alone assets sitting in each vboot RW slot. Remove the support for the stand-alone assets and always use CBFS accesses as the way to retrieve data. This is implemented by adding a cbfs_locator object which is queried for locating the current CBFS. Additionally, it is also signalled prior to when a program is about to be loaded by coreboot for the subsequent stage/payload. This provides the same opportunity as previous for vboot to hook in and perform its logic. BUG=chromium:445938 BRANCH=None TEST=Built and ran on glados. CQ-DEPEND=CL:307121,CL:31691,CL:31690 Change-Id: I6a3a15feb6edd355d6ec252c36b6f7885b383099 Signed-off-by: Aaron Durbin <adurbin@chromium.org> Reviewed-on: https://review.coreboot.org/12689 Tested-by: build bot (Jenkins) Tested-by: Raptor Engineering Automated Test Stand <noreply@raptorengineeringinc.com> Reviewed-by: Patrick Georgi <pgeorgi@google.com> Reviewed-by: Stefan Reinauer <stefan.reinauer@coreboot.org>
2015-12-08 17:00:23 -06:00 · 2015-12-08 17:00:23 -06:00 · 6d720f38e0
parent bf3dbaf86d
commit 6d720f38e0
26 changed files with 206 additions and 335 deletions
--- a/src/arch/x86/mmap_boot.c
+++ b/src/arch/x86/mmap_boot.c
@ -14,7 +14,6 @@
 */
 #include <boot_device.h>
 #include <console/console.h>
 #include <cbfs.h>
 #include <endian.h>
 #include <stdlib.h>
@ -30,7 +29,7 @@ const struct region_device *boot_device_ro(void)
 	return &boot_dev.rdev;
 }
-int cbfs_boot_region_properties(struct cbfs_props *props)
+static int cbfs_master_header_props(struct cbfs_props *props)
 {
 	struct cbfs_header header;
 	int32_t offset;
@ -63,7 +62,10 @@ int cbfs_boot_region_properties(struct cbfs_props *props)
 	props->size -= header.bootblocksize;
 	props->size = ALIGN_DOWN(props->size, 64);
 	printk(BIOS_DEBUG, "CBFS @ %zx size %zx\n", props->offset, props->size);
 	return 0;
 }
 const struct cbfs_locator cbfs_master_header_locator = {
 	.name = "Master Header Locator",
 	.locate = cbfs_master_header_props,
 };
--- a/src/commonlib/include/commonlib/region.h
+++ b/src/commonlib/include/commonlib/region.h
@ -99,14 +99,20 @@ static inline size_t region_sz(const struct region *r)
 	return r->size;
 }
 static inline const struct region *region_device_region(
 					const struct region_device *rdev)
 {
 	return &rdev->region;
 }
 static inline size_t region_device_sz(const struct region_device *rdev)
 {
-	return region_sz(&rdev->region);
+	return region_sz(region_device_region(rdev));
 }
 static inline size_t region_device_offset(const struct region_device *rdev)
 {
-	return region_offset(&rdev->region);
+	return region_offset(region_device_region(rdev));
 }
 /* Memory map entire region device. Same semantics as rdev_mmap() above. */
--- a/src/drivers/intel/fsp1_1/car.c
+++ b/src/drivers/intel/fsp1_1/car.c
@ -14,11 +14,11 @@
 */
 #include <arch/early_variables.h>
 #include <assets.h>
 #include <console/console.h>
 #include <ec/google/chromeec/ec.h>
 #include <fsp/car.h>
 #include <fsp/util.h>
 #include <program_loading.h>
 #include <soc/intel/common/util.h>
 #include <timestamp.h>
@ -79,15 +79,17 @@ asmlinkage void *romstage_after_verstage(void)
 	/* Need to locate the current FSP_INFO_HEADER. The cache-as-ram
 	 * is still enabled. We can directly access work buffer here. */
 	FSP_INFO_HEADER *fih;
-	struct asset fsp = ASSET_INIT(ASSET_REFCODE, "fsp.bin");
+	struct prog fsp = PROG_INIT(ASSET_REFCODE, "fsp.bin");
 	console_init();
-	if (asset_locate(&fsp)) {
+	if (prog_locate(&fsp)) {
 		fih = NULL;
-		printk(BIOS_ERR, "Unable to locate %s\n", asset_name(&fsp));
+		printk(BIOS_ERR, "Unable to locate %s\n", prog_name(&fsp));
 	} else
-		fih = find_fsp((uintptr_t)asset_mmap(&fsp));
+		/* This leaks a mapping which this code assumes is benign as
 		 * the flash is memory mapped CPU's address space. */
 		fih = find_fsp((uintptr_t)rdev_mmap_full(prog_rdev(&fsp)));
 	set_fih_car(fih);
--- a/src/include/cbfs.h
+++ b/src/include/cbfs.h
@ -81,4 +81,18 @@ struct cbfs_props {
 /* Return < 0 on error otherwise props are filled out accordingly. */
 int cbfs_boot_region_properties(struct cbfs_props *props);
 /* Allow external logic to take action prior to locating a program
 * (stage or payload). */
 void cbfs_prepare_program_locate(void);
 /* Object used to identify location of current cbfs to use for cbfs_boot_*
 * operations. It's used by cbfs_boot_region_properties() and
 * cbfs_prepare_program_locate(). */
 struct cbfs_locator {
 	const char *name;
 	void (*prepare)(void);
 	/* Returns 0 on successful fill of cbfs properties. */
 	int (*locate)(struct cbfs_props *props);
 };
 #endif
--- a/src/include/program_loading.h
+++ b/src/include/program_loading.h
@ -106,10 +106,7 @@ static inline void prog_set_entry(struct prog *prog, void *e, void *arg)
 }
 /* Locate the identified program to run. Return 0 on success. < 0 on error. */
-static inline int prog_locate(struct prog *prog)
+int prog_locate(struct prog *prog);
 {
 	return asset_locate(&prog->asset);
 }
 /* Run the program described by prog. */
 void prog_run(struct prog *prog);
--- a/src/lib/Makefile.inc
+++ b/src/lib/Makefile.inc
@ -23,7 +23,6 @@ bootblock-y += assets.c
 bootblock-y += prog_loaders.c
 bootblock-y += prog_ops.c
 bootblock-y += cbfs.c
 bootblock-y += cbfs_boot_props.c
 bootblock-$(CONFIG_COMMON_CBFS_SPI_WRAPPER) += cbfs_spi.c
 bootblock-$(CONFIG_GENERIC_GPIO_LIB) += gpio.c
 bootblock-y += libgcc.c
@ -47,7 +46,6 @@ verstage-y += delay.c
 verstage-y += cbfs.c
 verstage-y += halt.c
 verstage-y += fmap.c
 verstage-y += cbfs_boot_props.c
 verstage-y += libgcc.c
 verstage-y += memcmp.c
 verstage-$(CONFIG_COLLECT_TIMESTAMPS) += timestamp.c
@ -76,7 +74,6 @@ $(foreach arch,$(ARCH_SUPPORTED),\
 romstage-y += fmap.c
 romstage-$(CONFIG_I2C_TPM) += delay.c
 romstage-y += cbfs.c
 romstage-y += cbfs_boot_props.c
 romstage-$(CONFIG_COMMON_CBFS_SPI_WRAPPER) += cbfs_spi.c
 romstage-$(CONFIG_COMPRESS_RAMSTAGE) += lzma.c lzmadecode.c
 romstage-y += libgcc.c
@ -117,7 +114,6 @@ ramstage-y += delay.c
 ramstage-y += fallback_boot.c
 ramstage-y += compute_ip_checksum.c
 ramstage-y += cbfs.c
 ramstage-y += cbfs_boot_props.c
 ramstage-$(CONFIG_COMMON_CBFS_SPI_WRAPPER) += cbfs_spi.c
 ramstage-y += lzma.c lzmadecode.c
 ramstage-y += stack.c
--- a/src/lib/cbfs.c
+++ b/src/lib/cbfs.c
@ -37,8 +37,6 @@ int cbfs_boot_locate(struct cbfsf *fh, const char *name, uint32_t *type)
 	const struct region_device *boot_dev;
 	struct cbfs_props props;
 	boot_device_init();
 	if (cbfs_boot_region_properties(&props))
 		return -1;
@ -255,3 +253,97 @@ out:
 	return 0;
 }
 static int cbfs_master_header_props(struct cbfs_props *props)
 {
 	struct cbfs_header header;
 	const struct region_device *bdev;
 	int32_t rel_offset;
 	size_t offset;
 	bdev = boot_device_ro();
 	if (bdev == NULL)
 		return -1;
 	/* Find location of header using signed 32-bit offset from
 	 * end of CBFS region. */
 	offset = CONFIG_CBFS_SIZE - sizeof(int32_t);
 	if (rdev_readat(bdev, &rel_offset, offset, sizeof(int32_t)) < 0)
 		return -1;
 	offset = CONFIG_CBFS_SIZE + rel_offset;
 	if (rdev_readat(bdev, &header, offset, sizeof(header)) < 0)
 		return -1;
 	header.magic = ntohl(header.magic);
 	header.romsize = ntohl(header.romsize);
 	header.offset = ntohl(header.offset);
 	if (header.magic != CBFS_HEADER_MAGIC)
 		return -1;
 	props->offset = header.offset;
 	props->size = header.romsize;
 	props->size -= props->offset;
 	printk(BIOS_SPEW, "CBFS @ %zx size %zx\n", props->offset, props->size);
 	return 0;
 }
 /* This struct is marked as weak to allow a particular platform to
 * override the master header logic. This implementation should work for most
 * devices. */
 const struct cbfs_locator __attribute__((weak)) cbfs_master_header_locator = {
 	.name = "Master Header Locator",
 	.locate = cbfs_master_header_props,
 };
 extern const struct cbfs_locator vboot_locator;
 static const struct cbfs_locator *locators[] = {
 #if CONFIG_VBOOT_VERIFY_FIRMWARE
 	&vboot_locator,
 #endif
 	&cbfs_master_header_locator,
 };
 int cbfs_boot_region_properties(struct cbfs_props *props)
 {
 	int i;
 	boot_device_init();
 	for (i = 0; i < ARRAY_SIZE(locators); i++) {
 		const struct cbfs_locator *ops;
 		ops = locators[i];
 		if (ops->locate == NULL)
 			continue;
 		if (ops->locate(props))
 			continue;
 		LOG("'%s' located CBFS at [%zx:%zx)\n",
 			ops->name, props->offset, props->offset + props->size);
 		return 0;
 	}
 	return -1;
 }
 void cbfs_prepare_program_locate(void)
 {
 	int i;
 	boot_device_init();
 	for (i = 0; i < ARRAY_SIZE(locators); i++) {
 		if (locators[i]->prepare == NULL)
 			continue;
 		locators[i]->prepare();
 	}
 }
--- a/src/lib/cbfs_boot_props.c
+++ b/src/lib/cbfs_boot_props.c
@ -1,60 +0,0 @@
 /*
 * This file is part of the coreboot project.
 *
 * Copyright 2015 Google Inc.
 *
 * This program is free software; you can redistribute it and/or modify
 * it under the terms of the GNU General Public License as published by
 * the Free Software Foundation; version 2 of the License.
 *
 * This program is distributed in the hope that it will be useful,
 * but WITHOUT ANY WARRANTY; without even the implied warranty of
 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
 * GNU General Public License for more details.
 */
 #include <boot_device.h>
 #include <cbfs.h>
 #include <console/console.h>
 #include <endian.h>
 #include <commonlib/region.h>
 /* This function is marked as weak to allow a particular platform to
 * override the logic. This implementation should work for most devices. */
 int __attribute__((weak)) cbfs_boot_region_properties(struct cbfs_props *props)
 {
 	struct cbfs_header header;
 	const struct region_device *bdev;
 	int32_t rel_offset;
 	size_t offset;
 	bdev = boot_device_ro();
 	if (bdev == NULL)
 		return -1;
 	/* Find location of header using signed 32-bit offset from
 	 * end of CBFS region. */
 	offset = CONFIG_CBFS_SIZE - sizeof(int32_t);
 	if (rdev_readat(bdev, &rel_offset, offset, sizeof(int32_t)) < 0)
 		return -1;
 	offset = CONFIG_CBFS_SIZE + rel_offset;
 	if (rdev_readat(bdev, &header, offset, sizeof(header)) < 0)
 		return -1;
 	header.magic = ntohl(header.magic);
 	header.romsize = ntohl(header.romsize);
 	header.offset = ntohl(header.offset);
 	if (header.magic != CBFS_HEADER_MAGIC)
 		return -1;
 	props->offset = header.offset;
 	props->size = header.romsize;
 	props->size -= props->offset;
 	printk(BIOS_SPEW, "CBFS @ %zx size %zx\n", props->offset, props->size);
 	return 0;
 }
--- a/src/lib/prog_loaders.c
+++ b/src/lib/prog_loaders.c
@ -33,6 +33,20 @@
 /* Only can represent up to 1 byte less than size_t. */
 const struct mem_region_device addrspace_32bit = MEM_REGION_DEV_INIT(0, ~0UL);
 int prog_locate(struct prog *prog)
 {
 	struct cbfsf file;
 	cbfs_prepare_program_locate();
 	if (cbfs_boot_locate(&file, prog_name(prog), NULL))
 		return -1;
 	cbfs_file_data(prog_rdev(prog), &file);
 	return 0;
 }
 void run_romstage(void)
 {
 	struct prog romstage =
--- a/src/mainboard/google/auron/Kconfig
+++ b/src/mainboard/google/auron/Kconfig
@ -21,14 +21,6 @@ config CHROMEOS
 	select EC_SOFTWARE_SYNC
 	select VIRTUAL_DEV_SWITCH
 config VBOOT_RAMSTAGE_INDEX
 	hex
 	default 0x2
 config VBOOT_REFCODE_INDEX
 	hex
 	default 0x3
 config MAINBOARD_DIR
 	string
 	default google/auron
--- a/src/mainboard/google/chell/Kconfig
+++ b/src/mainboard/google/chell/Kconfig
@ -55,8 +55,4 @@ config TPM_PIRQ
 	hex
 	default 0x18  # GPP_E0_IRQ
 config VBOOT_RAMSTAGE_INDEX
 	hex
 	default 0x3
 endif
--- a/src/mainboard/google/foster/Kconfig
+++ b/src/mainboard/google/foster/Kconfig
@ -76,13 +76,6 @@ config BOOT_MEDIA_SPI_CHIP_SELECT
 	help
 	  Which chip select to use for boot media.
 # For foster, we are using vboot2. Thus, index for stages:
 # VBOOT_ROMSTAGE_INDEX -> Use default value of 0x2
 # VBOOT_RAMSTAGE_INDEX -> Use 0x3
 config VBOOT_RAMSTAGE_INDEX
 	hex
 	default 0x3
 config DRIVER_TPM_I2C_BUS
 	hex
 	default 0x2
--- a/src/mainboard/google/glados/Kconfig
+++ b/src/mainboard/google/glados/Kconfig
@ -55,8 +55,4 @@ config TPM_PIRQ
 	hex
 	default 0x18  # GPP_E0_IRQ
 config VBOOT_RAMSTAGE_INDEX
 	hex
 	default 0x3
 endif
--- a/src/mainboard/google/lars/Kconfig
+++ b/src/mainboard/google/lars/Kconfig
@ -50,8 +50,4 @@ config MAX_CPUS
 	int
 	default 8
 config VBOOT_RAMSTAGE_INDEX
 	hex
 	default 0x3
 endif
--- a/src/mainboard/google/smaug/Kconfig
+++ b/src/mainboard/google/smaug/Kconfig
@ -83,17 +83,6 @@ config BOOT_MEDIA_SPI_CHIP_SELECT
 	help
 	  Which chip select to use for boot media.
 # For smaug, we are using vboot2. Thus, index for stages:
 # VBOOT_ROMSTAGE_INDEX -> Use default value of 0x2
 # VBOOT_RAMSTAGE_INDEX -> Use 0x3
 config VBOOT_BL31_INDEX
 	hex
 	default 0x4
 config VBOOT_RAMSTAGE_INDEX
 	hex
 	default 0x3
 config DRIVER_TPM_I2C_BUS
 	hex
 	default 0x2
--- a/src/mainboard/intel/kunimitsu/Kconfig
+++ b/src/mainboard/intel/kunimitsu/Kconfig
@ -50,8 +50,4 @@ config MAX_CPUS
 	int
 	default 8
 config VBOOT_RAMSTAGE_INDEX
 	hex
 	default 0x3
 endif
--- a/src/mainboard/intel/sklrvp/Kconfig
+++ b/src/mainboard/intel/sklrvp/Kconfig
@ -40,8 +40,4 @@ config MAX_CPUS
 	int
 	default 8
 config VBOOT_RAMSTAGE_INDEX
 	hex
 	default 0x3
 endif
--- a/src/mainboard/intel/strago/Kconfig
+++ b/src/mainboard/intel/strago/Kconfig
@ -47,12 +47,6 @@ config MAINBOARD_VENDOR
 	string
 	default "Intel"
 config VBOOT_RAMSTAGE_INDEX
 	hex
 	default 0x2
 config VBOOT_REFCODE_INDEX
 	hex
 	default 0x3
 if !GOP_SUPPORT
 config VGA_BIOS_FILE
 	string
--- a/src/vendorcode/google/chromeos/Kconfig
+++ b/src/vendorcode/google/chromeos/Kconfig
@ -28,6 +28,7 @@ config CHROMEOS
 	select ELOG if SPI_FLASH
 	select COLLECT_TIMESTAMPS
 	select VBOOT_VERIFY_FIRMWARE
 	select MULTIPLE_CBFS_INSTANCES
 	help
 	  Enable ChromeOS specific features like the GPIO sub table in
 	  the coreboot table. NOTE: Enabling this option on an unsupported
--- a/src/vendorcode/google/chromeos/vboot2/Kconfig
+++ b/src/vendorcode/google/chromeos/vboot2/Kconfig
@ -68,57 +68,6 @@ config CHIPSET_PROVIDES_VERSTAGE_MAIN_SYMBOL
 	help
 	  The chipset code provides their own main() entry point.
 # These VBOOT_X_INDEX are the position of X in FW_MAIN_A/B region. The index
 # table is created by cros_bundle_firmware at build time based on the positions
 # of the blobs listed in fmap.dts and stored at the top of FW_MAIN_A/B region.
 # Unfortunately, there is no programmatical link between the blob list and the
 # index number here.
 config VBOOT_ROMSTAGE_INDEX
 	hex "Romstage component index"
 	default 2
 	depends on VBOOT_VERIFY_FIRMWARE
 	help
 	  This is the index of the romstage component in the verified
 	  firmware block.
 config VBOOT_RAMSTAGE_INDEX
 	hex "Ramstage component index"
 	default 1
 	depends on VBOOT_VERIFY_FIRMWARE
 	help
 	  This is the index of the ramstage component in the verified
 	  firmware block.
 config VBOOT_REFCODE_INDEX
 	hex "Reference code firmware index"
 	default 1
 	depends on VBOOT_VERIFY_FIRMWARE
 	help
 	  This is the index of the reference code component in the verified
 	  firmware block.
 config VBOOT_BOOT_LOADER_INDEX
 	hex "Bootloader component index"
 	default 0
 	depends on VBOOT_VERIFY_FIRMWARE
 	help
 	  This is the index of the bootloader component in the verified
 	  firmware block.
 config VBOOT_SECURE_OS_INDEX
 	hex "ARM64 Secure OS index"
 	default 0x5
 	depends on VBOOT_VERIFY_FIRMWARE
 	help
 	  Secure OS software component used on ARM64 machines.
 config VBOOT_BL31_INDEX
 	hex "ARM64 BL31 index"
 	default 0x4
 	depends on VBOOT_VERIFY_FIRMWARE
 	help
 	  This is the index of the BL31 program on ARM64 machines.
 config VBOOT_DYNAMIC_WORK_BUFFER
 	bool "Vboot's work buffer is dynamically allocated."
 	default y if ARCH_ROMSTAGE_X86_32 && !SEPARATE_VERSTAGE
--- a/src/vendorcode/google/chromeos/vboot2/common.c
+++ b/src/vendorcode/google/chromeos/vboot2/common.c
@ -115,21 +115,27 @@ struct vb2_shared_data *vb2_get_shared_data(void)
 	return (void *)((uintptr_t)wd + wd->buffer_offset);
 }
-int vb2_get_selected_region(struct region_device *rdev)
+int vb2_get_selected_region(struct region *region)
 {
 	const struct selected_region *reg = vb2_selected_region();
-	struct region region = {
+
-		.offset = reg->offset,
+	if (reg == NULL)
-		.size = reg->size,
+		return -1;
-	};
+
-	return vboot_region_device(&region, rdev);
+	if (reg->offset == 0 && reg->size == 0)
 		return -1;
 	region->offset = reg->offset;
 	region->size = reg->size;
 	return 0;
 }
-void vb2_set_selected_region(struct region_device *rdev)
+void vb2_set_selected_region(const struct region *region)
 {
 	struct selected_region *reg = vb2_selected_region();
-	reg->offset = region_device_offset(rdev);
+	reg->offset = region_offset(region);
-	reg->size = region_device_sz(rdev);
+	reg->size = region_sz(region);
 }
 int vboot_is_slot_selected(void)
--- a/src/vendorcode/google/chromeos/vboot2/misc.h
+++ b/src/vendorcode/google/chromeos/vboot2/misc.h
@ -22,16 +22,13 @@ struct vb2_context;
 struct vb2_shared_data;
 void vboot_fill_handoff(void);
 void *vboot_load_stage(int stage_index,
 		       struct region *fw_main,
 		       struct vboot_components *fw_info);
 void vb2_init_work_context(struct vb2_context *ctx);
 struct vb2_shared_data *vb2_get_shared_data(void);
 /* Returns 0 on success. < 0 on failure. */
-int vb2_get_selected_region(struct region_device *rdev);
+int vb2_get_selected_region(struct region *region);
-void vb2_set_selected_region(struct region_device *rdev);
+void vb2_set_selected_region(const struct region *region);
 int vboot_is_slot_selected(void);
 int vboot_is_readonly_path(void);
--- a/src/vendorcode/google/chromeos/vboot2/vboot_handoff.c
+++ b/src/vendorcode/google/chromeos/vboot2/vboot_handoff.c
@ -120,12 +120,8 @@ static void fill_vboot_handoff(struct vboot_handoff *vboot_handoff,
 void vboot_fill_handoff(void)
 {
 	int i;
 	struct vboot_handoff *vh;
 	struct vb2_shared_data *sd;
 	struct region_device fw_main;
 	struct vboot_components *fw_info;
 	size_t metadata_sz;
 	sd = vb2_get_shared_data();
 	sd->workbuf_hash_offset = 0;
@ -142,33 +138,6 @@ void vboot_fill_handoff(void)
 	/* needed until we finish transtion to vboot2 for kernel verification */
 	fill_vboot_handoff(vh, sd);
 	/* Nothing left to do in readonly path. */
 	if (vboot_is_readonly_path())
 		return;
 	if (IS_ENABLED(CONFIG_MULTIPLE_CBFS_INSTANCES))
 		return;
 	if (vb2_get_selected_region(&fw_main))
 		die("No component metadata.\n");
 	metadata_sz = sizeof(*fw_info);
 	metadata_sz += MAX_PARSED_FW_COMPONENTS * sizeof(fw_info->entries[0]);
 	fw_info = rdev_mmap(&fw_main, 0, metadata_sz);
 	if (fw_info == NULL)
 		die("failed to locate firmware components\n");
 	/* these offset & size are used to load a rw boot loader */
 	for (i = 0; i < fw_info->num_components; i++) {
 		vh->components[i].address = region_device_offset(&fw_main);
 		vh->components[i].address += fw_info->entries[i].offset;
 		vh->components[i].size = fw_info->entries[i].size;
 	}
 	rdev_munmap(&fw_main, fw_info);
 }
 /*
--- a/src/vendorcode/google/chromeos/vboot2/vboot_loader.c
+++ b/src/vendorcode/google/chromeos/vboot2/vboot_loader.c
@ -13,7 +13,7 @@
 * GNU General Public License for more details.
 */
-#include <assets.h>
+#include <arch/early_variables.h>
 #include <cbfs.h>
 #include <cbmem.h>
 #include <console/console.h>
@ -59,7 +59,34 @@ static int verstage_should_load(void)
 	return 0;
 }
-static int vboot_active(struct asset *asset)
+static int vboot_executed CAR_GLOBAL;
 static int vboot_logic_executed(void)
 {
 	/* If this stage is supposed to run the vboot logic ensure it has been
 	 * executed. */
 	if (verification_should_run() && car_get_var(vboot_executed))
 		return 1;
 	/* If this stage is supposed to load verstage and verstage is returning
 	 * back to the calling stage check that it has been executed. */
 	if (verstage_should_load() && IS_ENABLED(CONFIG_RETURN_FROM_VERSTAGE))
 		if (car_get_var(vboot_executed))
 			return 1;
 	/* Handle all other stages post vboot execution. */
 	if (!ENV_BOOTBLOCK) {
 		if (IS_ENABLED(CONFIG_VBOOT_STARTS_IN_BOOTBLOCK))
 			return 1;
 		if (IS_ENABLED(CONFIG_VBOOT_STARTS_IN_ROMSTAGE) &&
 				!ENV_ROMSTAGE)
 			return 1;
 	}
 	return 0;
 }
 static void vboot_prepare(void)
 {
 	int run_verification;
@ -67,6 +94,7 @@ static int vboot_active(struct asset *asset)
 	if (run_verification) {
 		verstage_main();
 		car_set_var(vboot_executed, 1);
 	} else if (verstage_should_load()) {
 		struct cbfsf file;
 		struct prog verstage =
@ -91,7 +119,9 @@ static int vboot_active(struct asset *asset)
 		 * runtime, but this provides a hint to the compiler for dead
 		 * code elimination below. */
 		if (!IS_ENABLED(CONFIG_RETURN_FROM_VERSTAGE))
-			return 0;
+			return;
 		car_set_var(vboot_executed, 1);
 	}
 	/*
@ -106,103 +136,27 @@ static int vboot_active(struct asset *asset)
 		vb2_store_selected_region();
 		vboot_fill_handoff();
 	}
 	return vboot_is_slot_selected();
 }
-static int vboot_locate_by_components(const struct region_device *fw_main,
+static int vboot_locate(struct cbfs_props *props)
 					struct asset *asset)
 {
-	struct vboot_components *fw_info;
+	struct region selected_region;
 	size_t metadata_sz;
 	size_t offset;
 	size_t size;
 	struct region_device *fw = asset_rdev(asset);
 	int fw_index = 0;
-	if (asset_type(asset) == ASSET_ROMSTAGE)
+	/* Don't honor vboot results until the vboot logic has run. */
-		fw_index = CONFIG_VBOOT_ROMSTAGE_INDEX;
+	if (!vboot_logic_executed())
 	else if (asset_type(asset) == ASSET_RAMSTAGE)
 		fw_index = CONFIG_VBOOT_RAMSTAGE_INDEX;
 	else if (asset_type(asset) == ASSET_PAYLOAD)
 		fw_index = CONFIG_VBOOT_BOOT_LOADER_INDEX;
 	else if (asset_type(asset) == ASSET_REFCODE)
 		fw_index = CONFIG_VBOOT_REFCODE_INDEX;
 	else if (asset_type(asset) == ASSET_BL31)
 		fw_index = CONFIG_VBOOT_BL31_INDEX;
 	else
 		die("Invalid program type for vboot.");
 	metadata_sz = sizeof(*fw_info);
 	metadata_sz += MAX_PARSED_FW_COMPONENTS * sizeof(fw_info->entries[0]);
 	fw_info = rdev_mmap(fw_main, 0, metadata_sz);
 	if (fw_info == NULL) {
 		printk(BIOS_INFO, "No component metadata.\n");
 		return -1;
 	}
-	if (fw_index >= fw_info->num_components) {
+	if (vb2_get_selected_region(&selected_region))
 		printk(BIOS_INFO, "invalid index: %d\n", fw_index);
 		rdev_munmap(fw_main, fw_info);
 		return -1;
 	}
-	offset = fw_info->entries[fw_index].offset;
+	props->offset = region_offset(&selected_region);
-	size = fw_info->entries[fw_index].size;
+	props->size = region_sz(&selected_region);
 	rdev_munmap(fw_main, fw_info);
 	if (rdev_chain(fw, fw_main, offset, size)) {
 		printk(BIOS_INFO, "invalid offset or size\n");
 		return -1;
 	}
 	return 0;
 }
-static int vboot_locate_by_multi_cbfs(const struct region_device *fw_main,
+const struct cbfs_locator vboot_locator = {
 					struct asset *asset)
 {
 	struct cbfsf file;
 	if (cbfs_locate(&file, fw_main, asset_name(asset), NULL))
 		return -1;
 	cbfs_file_data(asset_rdev(asset), &file);
 	return 0;
 }
 static int vboot_asset_locate(const struct region_device *fw_main,
 				struct asset *asset)
 {
 	if (IS_ENABLED(CONFIG_MULTIPLE_CBFS_INSTANCES))
 		return vboot_locate_by_multi_cbfs(fw_main, asset);
 	else
 		return vboot_locate_by_components(fw_main, asset);
 }
 /* This function is only called when vboot_active() returns 1. That
 * means we are taking vboot paths. */
 static int vboot_locate(struct asset *asset)
 {
 	struct region_device fw_main;
 	/* Code size optimization. We'd never actually get called under the
 	 * followin cirumstances because verstage was loaded and ran -- never
 	 * returning. */
 	if (verstage_should_load() && !IS_ENABLED(CONFIG_RETURN_FROM_VERSTAGE))
 		return 0;
 	if (vb2_get_selected_region(&fw_main))
 		die("failed to reference selected region\n");
 	return vboot_asset_locate(&fw_main, asset);
 }
 const struct asset_provider vboot_provider = {
 	.name = "VBOOT",
-	.is_active = vboot_active,
+	.prepare = vboot_prepare,
 	.locate = vboot_locate,
 };
--- a/src/vendorcode/google/chromeos/vboot2/vboot_logic.c
+++ b/src/vendorcode/google/chromeos/vboot2/vboot_logic.c
@ -323,6 +323,6 @@ void verstage_main(void)
 	}
 	printk(BIOS_INFO, "Slot %c is selected\n", is_slot_a(&ctx) ? 'A' : 'B');
-	vb2_set_selected_region(&fw_main);
+	vb2_set_selected_region(region_device_region(&fw_main));
 	timestamp_add_now(TS_END_VBOOT);
 }
--- a/src/vendorcode/google/chromeos/vboot_handoff.h
+++ b/src/vendorcode/google/chromeos/vboot_handoff.h
@ -21,30 +21,14 @@
 #include "chromeos.h"
 #include "vboot_common.h"
 /*
 * The vboot handoff structure keeps track of a maximum number of firmware
 * components in the verfieid RW area of flash.  This is not a restriction on
 * the number of components packed in a firmware block. It's only the maximum
 * number of parsed firmware components (address and size) included in the
 * handoff structure.
 */
 #define MAX_PARSED_FW_COMPONENTS 6
 struct firmware_component {
 	uint32_t address;
 	uint32_t size;
 } __attribute__((packed));
 /*
 * The vboot_handoff structure contains the data to be consumed by downstream
 * firmware after firmware selection has been completed. Namely it provides
- * vboot shared data as well as the flags from VbInit. As noted above a finite
+ * vboot shared data as well as the flags from VbInit.
 * number of components are parsed from the verfieid firmare region.
 */
 struct vboot_handoff {
 	VbInitParams init_params;
 	uint32_t selected_firmware;
 	struct firmware_component components[MAX_PARSED_FW_COMPONENTS];
 	char shared_data[VB_SHARED_DATA_MIN_SIZE];
 } __attribute__((packed));