summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorAaron Durbin <adurbin@chromium.org>2015-04-21 15:33:01 -0500
committerPatrick Georgi <pgeorgi@google.com>2015-04-28 11:11:05 +0200
commit6d65f796db04927bfc8324f50ad0816cec9673b6 (patch)
treedc2dc13ed24ee56b069c97284eb59990bb03a270
parent599c32d8ef908f0b9723eb864f0a8695f6a76758 (diff)
vboot: remove vboot1
In preparation for moving to vboot2 for all verified boot paths bring over Kconfig options to the common area from vboot1. Also remove vboot1 directory entirely. Change-Id: Iccc4b570216f834886618f0ba5f2e1dd6c01db4b Signed-off-by: Aaron Durbin <adurbin@chromium.org> Reviewed-on: http://review.coreboot.org/9957 Tested-by: build bot (Jenkins) Reviewed-by: Patrick Georgi <pgeorgi@google.com>
-rw-r--r--src/vendorcode/google/chromeos/Kconfig25
-rw-r--r--src/vendorcode/google/chromeos/Makefile.inc1
-rw-r--r--src/vendorcode/google/chromeos/vboot1/Kconfig34
-rw-r--r--src/vendorcode/google/chromeos/vboot1/Makefile.inc74
-rw-r--r--src/vendorcode/google/chromeos/vboot1/vboot_loader.c412
-rw-r--r--src/vendorcode/google/chromeos/vboot1/vboot_wrapper.c266
-rw-r--r--src/vendorcode/google/chromeos/vboot2/Kconfig10
7 files changed, 25 insertions, 797 deletions
diff --git a/src/vendorcode/google/chromeos/Kconfig b/src/vendorcode/google/chromeos/Kconfig
index 9a45efad31..cf3bd0729b 100644
--- a/src/vendorcode/google/chromeos/Kconfig
+++ b/src/vendorcode/google/chromeos/Kconfig
@@ -132,6 +132,14 @@ config VIRTUAL_DEV_SWITCH
help
Whether this platform has a virtual developer switch.
+config VBOOT_VERIFY_FIRMWARE
+ bool "Verify firmware with vboot."
+ default n
+ depends on CHROMEOS
+ help
+ Enabling VBOOT_VERIFY_FIRMWARE will use vboot to verify the components
+ of the firmware (stages, payload, etc).
+
# These VBOOT_X_INDEX are the position of X in FW_MAIN_A/B region. The index
# table is created by cros_bundle_firmware at build time based on the positions
# of the blobs listed in fmap.dts and stored at the top of FW_MAIN_A/B region.
@@ -145,6 +153,14 @@ config VBOOT_BOOT_LOADER_INDEX
This is the index of the bootloader component in the verified
firmware block.
+config VBOOT_REFCODE_INDEX
+ hex "Reference code firmware index"
+ default 1
+ depends on VBOOT_VERIFY_FIRMWARE
+ help
+ This is the index of the reference code component in the verified
+ firmware block.
+
config VBOOT_RAMSTAGE_INDEX
hex "Ramstage component index"
default 1
@@ -153,6 +169,14 @@ config VBOOT_RAMSTAGE_INDEX
This is the index of the ramstage component in the verified
firmware block.
+config VBOOT_ROMSTAGE_INDEX
+ hex "Romstage component index"
+ default 2
+ depends on VBOOT2_VERIFY_FIRMWARE
+ help
+ This is the index of the romstage component in the verified
+ firmware block.
+
config NO_TPM_RESUME
bool
default n
@@ -175,7 +199,6 @@ config WIPEOUT_SUPPORTED
signal the application the need for factory reset (a.k.a. wipe
out) of the device
-source src/vendorcode/google/chromeos/vboot1/Kconfig
source src/vendorcode/google/chromeos/vboot2/Kconfig
endif # CHROMEOS
diff --git a/src/vendorcode/google/chromeos/Makefile.inc b/src/vendorcode/google/chromeos/Makefile.inc
index 0c669856e5..873b81f24f 100644
--- a/src/vendorcode/google/chromeos/Makefile.inc
+++ b/src/vendorcode/google/chromeos/Makefile.inc
@@ -54,6 +54,5 @@ CFLAGS_common += -DMOCK_TPM=0
endif
VB_SOURCE := vboot_reference
-subdirs-$(CONFIG_VBOOT_VERIFY_FIRMWARE) += vboot1
subdirs-$(CONFIG_VBOOT2_VERIFY_FIRMWARE) += vboot2
CPPFLAGS_common += -I$(VB_SOURCE)/firmware/include
diff --git a/src/vendorcode/google/chromeos/vboot1/Kconfig b/src/vendorcode/google/chromeos/vboot1/Kconfig
deleted file mode 100644
index 0102869797..0000000000
--- a/src/vendorcode/google/chromeos/vboot1/Kconfig
+++ /dev/null
@@ -1,34 +0,0 @@
-## This file is part of the coreboot project.
-##
-## Copyright (C) 2014 The ChromiumOS Authors. All rights reserved.
-##
-## This program is free software; you can redistribute it and/or modify
-## it under the terms of the GNU General Public License as published by
-## the Free Software Foundation; version 2 of the License.
-##
-## This program is distributed in the hope that it will be useful,
-## but WITHOUT ANY WARRANTY; without even the implied warranty of
-## MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
-## GNU General Public License for more details.
-##
-## You should have received a copy of the GNU General Public License
-## along with this program; if not, write to the Free Software
-## Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA
-##
-
-config VBOOT_VERIFY_FIRMWARE
- bool "Verify firmware with vboot."
- default n
- depends on CHROMEOS
- select RELOCATABLE_MODULES
- help
- Enabling VBOOT_VERIFY_FIRMWARE will use vboot to verify the ramstage
- and boot loader.
-
-config VBOOT_REFCODE_INDEX
- hex "Reference code firmware index"
- default 1
- depends on VBOOT_VERIFY_FIRMWARE
- help
- This is the index of the reference code component in the verified
- firmware block.
diff --git a/src/vendorcode/google/chromeos/vboot1/Makefile.inc b/src/vendorcode/google/chromeos/vboot1/Makefile.inc
deleted file mode 100644
index 4f7de9017c..0000000000
--- a/src/vendorcode/google/chromeos/vboot1/Makefile.inc
+++ /dev/null
@@ -1,74 +0,0 @@
-##
-## This file is part of the coreboot project.
-##
-## Copyright (C) 2014 The ChromiumOS Authors. All rights reserved.
-##
-## This program is free software; you can redistribute it and/or modify
-## it under the terms of the GNU General Public License as published by
-## the Free Software Foundation; version 2 of the License.
-##
-## This program is distributed in the hope that it will be useful,
-## but WITHOUT ANY WARRANTY; without even the implied warranty of
-## MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
-## GNU General Public License for more details.
-##
-## You should have received a copy of the GNU General Public License
-## along with this program; if not, write to the Free Software
-## Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA
-##
-
-ramstage-y += ../vboot_common.c
-romstage-y += vboot_loader.c ../vboot_common.c
-rmodules_$(ARCH-ROMSTAGE-y)-y += vboot_wrapper.c ../vboot_common.c
-
-ifneq ($(CONFIG_SPI_FLASH_MEMORY_MAPPED),y)
-VBOOT_MAKEFLAGS = REGION_READ=1
-endif
-
-VB_LIB = $(obj)/external/vboot_reference/vboot_fw.a
-# Currently, vboot comes into picture only during the romstage, thus
-# is compiled for being used in romstage only. Since, we are splitting
-# up all components in one of the three stages of coreboot, vboot seems
-# most logical to fall under the romstage. Thus, all references to arch
-# and other compiler stuff for vboot is using the romstage arch.
-VB_FIRMWARE_ARCH := $(ARCHDIR-$(ARCH-ROMSTAGE-y))
-
-VBOOT_STUB_ELF = $(obj)/vendorcode/google/chromeos/vboot1/vbootstub.elf
-VBOOT_STUB = $(VBOOT_STUB_ELF).rmod
-
-# Dependency for the vboot rmodules. Ordering matters.
-VBOOT_STUB_DEPS += $(obj)/vendorcode/google/chromeos/vboot1/vboot_wrapper.rmodules_$(ARCH-ROMSTAGE-y).o
-VBOOT_STUB_DEPS += $(obj)/lib/memcmp.rmodules_$(ARCH-ROMSTAGE-y).o
-ifeq ($(CONFIG_ARCH_ROMSTAGE_X86_32),y)
-VBOOT_STUB_DEPS += $(obj)/arch/x86/lib/memset.rmodules_$(ARCH-ROMSTAGE-y).o
-VBOOT_STUB_DEPS += $(obj)/arch/x86/lib/memcpy.rmodules_$(ARCH-ROMSTAGE-y).o
-endif
-ifeq ($(CONFIG_ARCH_ROMSTAGE_ARM),y)
-VBOOT_STUB_DEPS += $(obj)/arch/arm/memset.rmodules_$(ARCH-ROMSTAGE-y).o
-VBOOT_STUB_DEPS += $(obj)/arch/arm/memcpy.rmodules_$(ARCH-ROMSTAGE-y).o
-endif
-ifeq ($(CONFIG_ARCH_ROMSTAGE_ARM64),y)
-VBOOT_STUB_DEPS += $(obj)/lib/memset.rmodules_$(ARCH-ROMSTAGE-y).o
-VBOOT_STUB_DEPS += $(obj)/lib/memcpy.rmodules_$(ARCH-ROMSTAGE-y).o
-endif
-VBOOT_STUB_DEPS += $(VB_LIB)
-# Remove the '-include' option since that will break vboot's build and ensure
-# vboot_reference can get to coreboot's include files.
-VBOOT_CFLAGS += $(patsubst -I%,-I$(top)/%,$(filter-out -include $(src)/include/kconfig.h, $(CFLAGS_romstage)))
-VBOOT_CFLAGS += -DVBOOT_DEBUG
-VBOOT_CFLAGS += $(rmodules_$(ARCH-ROMSTAGE-y)-c-ccopts)
-
-# Link the vbootstub module with a 64KiB-byte heap.
-$(eval $(call rmodule_link,$(VBOOT_STUB_ELF), $(VBOOT_STUB_DEPS), 0x10000,$(ARCH-ROMSTAGE-y)))
-
-# Build vboot library without the default includes from coreboot proper.
-$(VB_LIB):
- @printf " MAKE $(subst $(obj)/,,$(@))\n"
- $(Q)FIRMWARE_ARCH=$(VB_FIRMWARE_ARCH) \
- CC="$(CC_romstage)" \
- CFLAGS="$(VBOOT_CFLAGS)" \
- $(MAKE) -C $(VB_SOURCE) \
- $(VBOOT_MAKEFLAGS) \
- BUILD=$(top)/$(dir $(VB_LIB)) \
- V=$(V) \
- fwlib
diff --git a/src/vendorcode/google/chromeos/vboot1/vboot_loader.c b/src/vendorcode/google/chromeos/vboot1/vboot_loader.c
deleted file mode 100644
index dd6c7de180..0000000000
--- a/src/vendorcode/google/chromeos/vboot1/vboot_loader.c
+++ /dev/null
@@ -1,412 +0,0 @@
-/*
- * This file is part of the coreboot project.
- *
- * Copyright (C) 2013 Google, Inc.
- *
- * This program is free software; you can redistribute it and/or modify
- * it under the terms of the GNU General Public License as published by
- * the Free Software Foundation; version 2 of the License.
- *
- * This program is distributed in the hope that it will be useful,
- * but WITHOUT ANY WARRANTY; without even the implied warranty of
- * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
- * GNU General Public License for more details.
- *
- * You should have received a copy of the GNU General Public License
- * along with this program; if not, write to the Free Software
- * Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA
- */
-
-#include <arch/stages.h>
-#include <stdint.h>
-#include <stddef.h>
-#include <string.h>
-#include <cbfs.h>
-#include <cbmem.h>
-#include <console/console.h>
-#include <console/vtxprintf.h>
-#include <program_loading.h>
-#include <tpm.h>
-#include <reset.h>
-#include <romstage_handoff.h>
-#include <rmodule.h>
-#include <string.h>
-#include <stdlib.h>
-#include <timestamp.h>
-#include "../chromeos.h"
-#include "../vboot_context.h"
-#include "../vboot_handoff.h"
-
-#define TEMP_CBMEM_ID_VBOOT 0xffffffff
-#define TEMP_CBMEM_ID_VBLOCKS 0xfffffffe
-
-static void vboot_run_stub(struct vboot_context *context)
-{
- struct rmod_stage_load rmod_stage = {
- .cbmem_id = TEMP_CBMEM_ID_VBOOT,
- .name = CONFIG_CBFS_PREFIX "/vboot",
- };
- void (*entry)(struct vboot_context *context);
-
- if (rmodule_stage_load_from_cbfs(&rmod_stage)) {
- printk(BIOS_DEBUG, "Could not load vboot stub.\n");
- goto out;
- }
-
- entry = rmod_stage.entry;
-
- /* Call stub. */
- entry(context);
-
-out:
- /* Tear down the region no longer needed. */
- if (rmod_stage.cbmem_entry != NULL)
- cbmem_entry_remove(rmod_stage.cbmem_entry);
-}
-
-/* Helper routines for the vboot stub. */
-static void log_msg(const char *fmt, va_list args)
-{
- do_vtxprintf(fmt, args);
-}
-
-static void fatal_error(void)
-{
- printk(BIOS_ERR, "vboot encountered fatal error. Resetting.\n");
- vboot_reboot();
-}
-
-static int fw_region_size(struct vboot_region *r)
-{
- struct vboot_components *fw_info;
- int32_t size;
- int i;
-
- fw_info = vboot_locate_components(r);
- if (fw_info == NULL)
- return -1;
-
- if (fw_info->num_components > MAX_PARSED_FW_COMPONENTS)
- return -1;
-
- size = sizeof(*fw_info);
- size += sizeof(struct vboot_component_entry) * fw_info->num_components;
-
- for (i = 0; i < fw_info->num_components; i++)
- size += ALIGN(fw_info->entries[i].size, sizeof(uint32_t));
-
- /* Check that size of comopnents does not exceed the region's size. */
- if (size > r->size)
- return -1;
-
- /* Update region with the correct size. */
- r->size = size;
-
- return 0;
-}
-
-static int vboot_fill_params(struct vboot_context *ctx)
-{
- VbCommonParams *cparams;
- VbSelectFirmwareParams *fparams;
-
- if (fw_region_size(&ctx->fw_a))
- return -1;
-
- if (fw_region_size(&ctx->fw_b))
- return -1;
-
- cparams = ctx->cparams;
- fparams = ctx->fparams;
-
- cparams->gbb_size = ctx->gbb.size;
- fparams->verification_size_A = ctx->vblock_a.size;
- fparams->verification_size_B = ctx->vblock_b.size;
-
- if (IS_ENABLED(CONFIG_SPI_FLASH_MEMORY_MAPPED)) {
- /* Get memory-mapped pointers to the regions. */
- cparams->gbb_data = vboot_get_region(ctx->gbb.offset_addr,
- ctx->gbb.size, NULL);
- fparams->verification_block_A =
- vboot_get_region(ctx->vblock_a.offset_addr,
- ctx->vblock_a.size, NULL);
- fparams->verification_block_B =
- vboot_get_region(ctx->vblock_b.offset_addr,
- ctx->vblock_b.size, NULL);
- } else {
- /*
- * Copy the vblock info into a buffer in cbmem. The gbb will
- * be read using VbExRegionRead().
- */
- char *dest;
- size_t vblck_sz;
-
- vblck_sz = ctx->vblock_a.size + ctx->vblock_b.size;
- ctx->vblocks = cbmem_entry_add(TEMP_CBMEM_ID_VBLOCKS, vblck_sz);
- if (ctx->vblocks == NULL)
- return -1;
- dest = cbmem_entry_start(ctx->vblocks);
- if (vboot_get_region(ctx->vblock_a.offset_addr,
- ctx->vblock_a.size, dest) == NULL)
- return -1;
- fparams->verification_block_A = (void *)dest;
- dest += ctx->vblock_a.size;
- if (vboot_get_region(ctx->vblock_b.offset_addr,
- ctx->vblock_b.size, dest) == NULL)
- return -1;
- fparams->verification_block_B = (void *)dest;
- }
-
- return 0;
-}
-
-static void fill_handoff(struct vboot_context *context)
-{
- struct vboot_components *fw_info;
- struct vboot_region *region;
- int i;
-
- /* Fix up the handoff structure. */
- context->handoff->selected_firmware =
- context->fparams->selected_firmware;
-
- /* Parse out the components for downstream consumption. */
- if (context->handoff->selected_firmware == VB_SELECT_FIRMWARE_A)
- region = &context->fw_a;
- else if (context->handoff->selected_firmware == VB_SELECT_FIRMWARE_B)
- region = &context->fw_b;
- else
- return;
-
- fw_info = vboot_locate_components(region);
- if (fw_info == NULL)
- return;
-
- for (i = 0; i < fw_info->num_components; i++) {
- context->handoff->components[i].address =
- region->offset_addr + fw_info->entries[i].offset;
- context->handoff->components[i].size = fw_info->entries[i].size;
- }
-}
-
-static void vboot_clean_up(struct vboot_context *context)
-{
- if (context->vblocks != NULL)
- cbmem_entry_remove(context->vblocks);
-}
-
-static void vboot_invoke_wrapper(struct vboot_handoff *vboot_handoff)
-{
- VbCommonParams cparams;
- VbSelectFirmwareParams fparams;
- struct vboot_context context;
- uint32_t *iflags;
-
- vboot_handoff->selected_firmware = VB_SELECT_FIRMWARE_READONLY;
-
- memset(&cparams, 0, sizeof(cparams));
- memset(&fparams, 0, sizeof(fparams));
- memset(&context, 0, sizeof(context));
-
- iflags = &vboot_handoff->init_params.flags;
- if (get_developer_mode_switch())
- *iflags |= VB_INIT_FLAG_DEV_SWITCH_ON;
- if (get_recovery_mode_switch()) {
- clear_recovery_mode_switch();
- *iflags |= VB_INIT_FLAG_REC_BUTTON_PRESSED;
- }
- if (get_write_protect_state())
- *iflags |= VB_INIT_FLAG_WP_ENABLED;
- if (vboot_get_sw_write_protect())
- *iflags |= VB_INIT_FLAG_SW_WP_ENABLED;
- if (CONFIG_VIRTUAL_DEV_SWITCH)
- *iflags |= VB_INIT_FLAG_VIRTUAL_DEV_SWITCH;
- if (CONFIG_EC_SOFTWARE_SYNC)
- *iflags |= VB_INIT_FLAG_EC_SOFTWARE_SYNC;
- if (!CONFIG_PHYSICAL_REC_SWITCH)
- *iflags |= VB_INIT_FLAG_VIRTUAL_REC_SWITCH;
- if (CONFIG_VBOOT_EC_SLOW_UPDATE)
- *iflags |= VB_INIT_FLAG_EC_SLOW_UPDATE;
- if (CONFIG_VBOOT_OPROM_MATTERS) {
- *iflags |= VB_INIT_FLAG_OPROM_MATTERS;
- *iflags |= VB_INIT_FLAG_BEFORE_OPROM_LOAD;
- /* Will load VGA option rom during this boot */
- if (developer_mode_enabled() || recovery_mode_enabled() ||
- vboot_wants_oprom()) {
- *iflags |= VB_INIT_FLAG_OPROM_LOADED;
- }
- }
-
- context.handoff = vboot_handoff;
- context.cparams = &cparams;
- context.fparams = &fparams;
-
- cparams.shared_data_blob = &vboot_handoff->shared_data[0];
- cparams.shared_data_size = VB_SHARED_DATA_MIN_SIZE;
- cparams.caller_context = &context;
-
- vboot_locate_region("GBB", &context.gbb);
- vboot_locate_region("VBLOCK_A", &context.vblock_a);
- vboot_locate_region("VBLOCK_B", &context.vblock_b);
- vboot_locate_region("FW_MAIN_A", &context.fw_a);
- vboot_locate_region("FW_MAIN_B", &context.fw_b);
-
- /* Check all fmap entries. */
- if (context.fw_a.size < 0 || context.fw_b.size < 0 ||
- context.vblock_a.size < 0 || context.vblock_b.size < 0 ||
- context.gbb.size < 0) {
- printk(BIOS_DEBUG, "Not all fmap entries found for vboot.\n");
- return;
- }
-
- /* Fill in vboot parameters. */
- if (vboot_fill_params(&context)) {
- vboot_clean_up(&context);
- return;
- }
-
- /* Initialize callbacks. */
- context.read_vbnv = &read_vbnv;
- context.save_vbnv = &save_vbnv;
- context.tis_init = &tis_init;
- context.tis_open = &tis_open;
- context.tis_close = &tis_close;
- context.tis_sendrecv = &tis_sendrecv;
- context.log_msg = &log_msg;
- context.fatal_error = &fatal_error;
- context.get_region = &vboot_get_region;
- context.reset = &vboot_reboot;
-
- vboot_run_stub(&context);
-
- fill_handoff(&context);
-
- vboot_clean_up(&context);
-}
-
-#if CONFIG_RELOCATABLE_RAMSTAGE
-static void *vboot_load_ramstage(uint32_t cbmem_id, const char *name,
- const struct cbmem_entry **cbmem_entry)
-{
- struct vboot_handoff *vboot_handoff;
- struct cbfs_stage *stage;
- const struct firmware_component *fwc;
- struct rmod_stage_load rmod_load = {
- .cbmem_id = cbmem_id,
- .name = name,
- };
-
- timestamp_add_now(TS_START_VBOOT);
-
- vboot_handoff = cbmem_add(CBMEM_ID_VBOOT_HANDOFF,
- sizeof(*vboot_handoff));
-
- if (vboot_handoff == NULL) {
- printk(BIOS_DEBUG, "Could not add vboot_handoff structure.\n");
- return NULL;
- }
-
- memset(vboot_handoff, 0, sizeof(*vboot_handoff));
-
- vboot_invoke_wrapper(vboot_handoff);
-
- timestamp_add_now(TS_END_VBOOT);
-
- /* Take RO firmware path since no RW area was selected. */
- if (vboot_handoff->selected_firmware != VB_SELECT_FIRMWARE_A &&
- vboot_handoff->selected_firmware != VB_SELECT_FIRMWARE_B) {
- printk(BIOS_DEBUG, "No RW firmware selected: 0x%08x\n",
- vboot_handoff->selected_firmware);
- return NULL;
- }
-
- if (CONFIG_VBOOT_RAMSTAGE_INDEX >= MAX_PARSED_FW_COMPONENTS) {
- printk(BIOS_ERR, "Invalid ramstage index: %d\n",
- CONFIG_VBOOT_RAMSTAGE_INDEX);
- return NULL;
- }
-
- /* Check for invalid address. */
- fwc = &vboot_handoff->components[CONFIG_VBOOT_RAMSTAGE_INDEX];
- if (fwc->address == 0) {
- printk(BIOS_DEBUG, "RW ramstage image address invalid.\n");
- return NULL;
- }
-
- printk(BIOS_DEBUG, "RW ramstage image at 0x%08x, 0x%08x bytes.\n",
- fwc->address, fwc->size);
-
- stage = (void *)fwc->address;
-
- if (rmodule_stage_load(&rmod_load, stage)) {
- vboot_handoff->selected_firmware = VB_SELECT_FIRMWARE_READONLY;
- printk(BIOS_DEBUG, "Could not load ramstage region.\n");
- return NULL;
- }
-
- *cbmem_entry = rmod_load.cbmem_entry;
-
- return rmod_load.entry;
-}
-#else /* CONFIG_RELOCATABLE_RAMSTAGE */
-static void vboot_load_ramstage(struct vboot_handoff *vboot_handoff,
- struct romstage_handoff *handoff)
-{
- struct cbfs_stage *stage;
- const struct firmware_component *fwc;
-
- if (CONFIG_VBOOT_RAMSTAGE_INDEX >= MAX_PARSED_FW_COMPONENTS) {
- printk(BIOS_ERR, "Invalid ramstage index: %d\n",
- CONFIG_VBOOT_RAMSTAGE_INDEX);
- return;
- }
-
- /* Check for invalid address. */
- fwc = &vboot_handoff->components[CONFIG_VBOOT_RAMSTAGE_INDEX];
- if (fwc->address == 0) {
- printk(BIOS_DEBUG, "RW ramstage image address invalid.\n");
- return;
- }
-
- printk(BIOS_DEBUG, "RW ramstage image at 0x%08x, 0x%08x bytes.\n",
- fwc->address, fwc->size);
-
- /* This will leak a mapping. */
- stage = vboot_get_region(fwc->address, fwc->size, NULL);
-
- if (stage == NULL) {
- printk(BIOS_DEBUG, "Unable to get RW ramstage region.\n");
- return;
- }
-
- timestamp_add_now(TS_START_COPYRAM);
-
- /* Stages rely the below clearing so that the bss is initialized. */
- memset((void *) (uintptr_t) stage->load, 0, stage->memlen);
-
- if (cbfs_decompress(stage->compression,
- ((unsigned char *) stage) +
- sizeof(struct cbfs_stage),
- (void *) (uintptr_t) stage->load,
- stage->len))
- return;
-
- timestamp_add_now(TS_END_COPYRAM);
-
-#if CONFIG_ARCH_X86
- __asm__ volatile (
- "movl $0, %%ebp\n"
- "jmp *%%edi\n"
- :: "D"(stage->entry)
- );
-#elif CONFIG_ARCH_ARM
- stage_exit((void *)(uintptr_t)stage->entry);
-#endif
-}
-#endif /* CONFIG_RELOCATABLE_RAMSTAGE */
-
-
-const struct ramstage_loader_ops vboot_ramstage_loader = {
- .name = "VBOOT",
- .load = vboot_load_ramstage,
-};
diff --git a/src/vendorcode/google/chromeos/vboot1/vboot_wrapper.c b/src/vendorcode/google/chromeos/vboot1/vboot_wrapper.c
deleted file mode 100644
index 5b9dbbbb31..0000000000
--- a/src/vendorcode/google/chromeos/vboot1/vboot_wrapper.c
+++ /dev/null
@@ -1,266 +0,0 @@
-/*
- * This file is part of the coreboot project.
- *
- * Copyright (C) 2013 Google, Inc.
- *
- * This program is free software; you can redistribute it and/or modify
- * it under the terms of the GNU General Public License as published by
- * the Free Software Foundation; version 2 of the License.
- *
- * This program is distributed in the hope that it will be useful,
- * but WITHOUT ANY WARRANTY; without even the implied warranty of
- * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
- * GNU General Public License for more details.
- *
- * You should have received a copy of the GNU General Public License
- * along with this program; if not, write to the Free Software
- * Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA
- */
-#include <console/vtxprintf.h>
-#if CONFIG_ARCH_X86
-#include <cpu/x86/tsc.h>
-#else
-#include <timer.h>
-#endif
-#include <rmodule.h>
-#include <stdlib.h>
-#include <string.h>
-#include "../vboot_context.h"
-#include "../vboot_handoff.h"
-
-/* Keep a global context pointer around for the callbacks to use. */
-static struct vboot_context *gcontext;
-
-static void vboot_wrapper(void *arg)
-{
- VbError_t res;
- struct vboot_context *context;
-
- context = arg;
- gcontext = context;
-
- VbExDebug("Calling VbInit()\n");
- res = VbInit(context->cparams, &context->handoff->init_params);
- VbExDebug("VbInit() returned 0x%08x\n", res);
-
- if (res != VBERROR_SUCCESS) {
- if(res == VBERROR_TPM_REBOOT_REQUIRED) {
- VbExDebug("TPM Reboot Required. Proceeding reboot.\n");
- gcontext->reset();
- }
- return;
- }
-
- VbExDebug("Calling VbSelectFirmware()\n");
- res = VbSelectFirmware(context->cparams, context->fparams);
- VbExDebug("VbSelectFirmware() returned 0x%08x\n", res);
-
- if (res != VBERROR_SUCCESS)
- return;
-}
-
-void VbExError(const char *format, ...)
-{
- va_list args;
-
- va_start(args, format);
- gcontext->log_msg(format, args);
- va_end(args);
-
- gcontext->fatal_error();
-}
-
-void VbExDebug(const char *format, ...)
-{
- va_list args;
-
- va_start(args, format);
- gcontext->log_msg(format, args);
- va_end(args);
-}
-
-uint64_t VbExGetTimer(void)
-{
-#if CONFIG_ARCH_X86
- return rdtscll();
-#else
- struct mono_time mt;
- timer_monotonic_get(&mt);
- return mt.microseconds;
-#endif
-}
-
-VbError_t VbExNvStorageRead(uint8_t *buf)
-{
- gcontext->read_vbnv(buf);
- return VBERROR_SUCCESS;
-}
-
-VbError_t VbExNvStorageWrite(const uint8_t *buf)
-{
- gcontext->save_vbnv(buf);
- return VBERROR_SUCCESS;
-}
-
-extern char _heap[];
-extern char _eheap[];
-static char *heap_current;
-static int heap_size;
-
-void *VbExMalloc(size_t size)
-{
- void *ptr;
-
- if (heap_current == NULL) {
- heap_current = &_heap[0];
- heap_size = &_eheap[0] - &_heap[0];
- VbExDebug("vboot heap: %p 0x%08x bytes\n",
- heap_current, heap_size);
- }
-
- if (heap_size < size) {
- VbExError("vboot heap request cannot be fulfilled. "
- "0x%08x available, 0x%08x requested\n",
- heap_size, size);
- }
-
- ptr = heap_current;
- heap_size -= size;
- heap_current += size;
-
- return ptr;
-}
-
-void VbExFree(void *ptr)
-{
- /* Leak all memory. */
-}
-
-/* vboot doesn't expose these through the vboot_api.h, but they are needed.
- * coreboot requires declarations so provide them to avoid compiler errors. */
-int Memcmp(const void *src1, const void *src2, size_t n);
-void *Memcpy(void *dest, const void *src, uint64_t n);
-void *Memset(void *dest, const uint8_t c, uint64_t n);
-
-int Memcmp(const void *src1, const void *src2, size_t n)
-{
- return memcmp(src1, src2, n);
-}
-
-void *Memcpy(void *dest, const void *src, uint64_t n)
-{
- return memcpy(dest, src, n);
-}
-
-void *Memset(void *dest, const uint8_t c, uint64_t n)
-{
- return memset(dest, c, n);
-}
-
-static inline size_t get_hash_block_size(size_t requested_size)
-{
- if (!IS_ENABLED(CONFIG_SPI_FLASH_MEMORY_MAPPED)) {
- const size_t block_size = 64 * 1024;
- if (requested_size > block_size)
- return block_size;
- }
- return requested_size;
-}
-
-VbError_t VbExHashFirmwareBody(VbCommonParams *cparams, uint32_t firmware_index)
-{
- uint8_t *data;
- struct vboot_region *region;
- struct vboot_context *ctx;
- size_t data_size;
- uintptr_t offset_addr;
-
- ctx = cparams->caller_context;
-
- switch (firmware_index) {
- case VB_SELECT_FIRMWARE_A:
- region = &ctx->fw_a;
- break;
- case VB_SELECT_FIRMWARE_B:
- region = &ctx->fw_b;
- break;
- default:
- return VBERROR_UNKNOWN;
- }
-
- data_size = region->size;
- offset_addr = region->offset_addr;
- while (data_size) {
- size_t block_size;
-
- block_size = get_hash_block_size(data_size);
- data = ctx->get_region(offset_addr, block_size, NULL);
- if (data == NULL)
- return VBERROR_UNKNOWN;
- VbUpdateFirmwareBodyHash(cparams, data, block_size);
-
- data_size -= block_size;
- offset_addr += block_size;
- }
-
- return VBERROR_SUCCESS;
-}
-
-VbError_t VbExTpmInit(void)
-{
- if (gcontext->tis_init())
- return VBERROR_UNKNOWN;
- return VbExTpmOpen();
-}
-
-VbError_t VbExTpmClose(void)
-{
- if (gcontext->tis_close())
- return VBERROR_UNKNOWN;
- return VBERROR_SUCCESS;
-}
-
-VbError_t VbExTpmOpen(void)
-{
- if (gcontext->tis_open())
- return VBERROR_UNKNOWN;
- return VBERROR_SUCCESS;
-}
-
-VbError_t VbExTpmSendReceive(const uint8_t *request, uint32_t request_length,
- uint8_t *response, uint32_t *response_length)
-{
- size_t len = *response_length;
- if (gcontext->tis_sendrecv(request, request_length, response, &len))
- return VBERROR_UNKNOWN;
- /* check 64->32bit overflow and (re)check response buffer overflow */
- if (len > *response_length)
- return VBERROR_UNKNOWN;
- *response_length = len;
- return VBERROR_SUCCESS;
-}
-
-#if !CONFIG_SPI_FLASH_MEMORY_MAPPED
-VbError_t VbExRegionRead(VbCommonParams *cparams,
- enum vb_firmware_region region, uint32_t offset,
- uint32_t size, void *buf)
-{
- struct vboot_context *ctx;
- VbExDebug("VbExRegionRead: offset=%x size=%x, buf=%p\n",
- offset, size, buf);
- ctx = cparams->caller_context;
-
- if (region == VB_REGION_GBB) {
- if (offset + size > cparams->gbb_size)
- return VBERROR_REGION_READ_INVALID;
- offset += ctx->gbb.offset_addr;
- if (ctx->get_region(offset, size, buf) == NULL)
- return VBERROR_REGION_READ_INVALID;
- return VBERROR_SUCCESS;
- }
-
- return VBERROR_UNSUPPORTED_REGION;
-}
-#endif /* CONFIG_SPI_FLASH_MEMORY_MAPPED */
-
-RMODULE_ENTRY(vboot_wrapper);
diff --git a/src/vendorcode/google/chromeos/vboot2/Kconfig b/src/vendorcode/google/chromeos/vboot2/Kconfig
index 01011f81da..059100621d 100644
--- a/src/vendorcode/google/chromeos/vboot2/Kconfig
+++ b/src/vendorcode/google/chromeos/vboot2/Kconfig
@@ -18,7 +18,7 @@
config VBOOT2_VERIFY_FIRMWARE
bool "Firmware Verification with vboot2"
- default n
+ default y if VBOOT_VERIFY_FIRMARE
depends on CHROMEOS && HAVE_HARD_RESET
select COLLECT_TIMESTAMPS
help
@@ -46,14 +46,6 @@ config RETURN_FROM_VERSTAGE
romstage. Useful if a ram space is too small to fit both the verstage
and the romstage.
-config VBOOT_ROMSTAGE_INDEX
- hex
- default 2
- depends on VBOOT2_VERIFY_FIRMWARE
- help
- This is the index of the romstage component in the verified
- firmware block.
-
config VBOOT_DISABLE_DEV_ON_RECOVERY
bool "Disable dev mode on recovery requests"
default n