summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorYu-Ping Wu <yupingso@chromium.org>2022-06-08 10:23:32 +0800
committerFelix Held <felix-coreboot@felixheld.de>2022-06-22 18:08:53 +0000
commit6b0d0851645cf369e2fd08a2d11ffc441df7f7aa (patch)
treea68db4074ac79abdc906511d0865619fd9b40d5a
parente399aa8c9cb6e301c6348c5d255cc71892cfde22 (diff)
security/vboot: Deprecate VBOOT_VBNV_EC
Boards using VBOOT_VBNV_EC (nyan, daisy, veyron, peach_pit) are all ChromeOS devices and they've reached the end of life since Feb 2022. Therefore, remove VBOOT_VBNV_EC for them, each with different replacement. - nyan (nyan, nyan_big, nyan_blaze): Add RW_NVRAM to their FMAP (by reducing the size of RW_VPD), and replace VBOOT_VBNV_EC with VBOOT_VBNV_FLASH. - veyron: Add RW_NVRAM to their FMAP (by reducing the size of SHARED_DATA), and replace VBOOT_VBNV_EC with VBOOT_VBNV_FLASH. Also enlarge the OVERLAP_VERSTAGE_ROMSTAGE section for rk3288 (by reducing the size of PRERAM_CBMEM_CONSOLE), so that verstage won't exceed its allotted size. - daisy: Because BOOT_DEVICE_SPI_FLASH is not set, which is required for VBOOT_VBNV_FLASH, disable MAINBOARD_HAS_CHROMEOS and VBOOT configs. - peach_pit: As VBOOT is not set, simply remove the unused VBOOT_VBNV_EC option. Remove the VBOOT_VBNV_EC Kconfig option as well as related code, leaving VBOOT_VBNV_FLASH and VBOOT_VBNV_CMOS as the only two backend options for vboot nvdata (VBNV). Also add a check in read_vbnv() and save_vbnv() for VBNV options. BUG=b:178689388 TEST=util/abuild/abuild -t GOOGLE_NYAN -x -a TEST=util/abuild/abuild -t GOOGLE_VEYRON_JAQ -x -a TEST=util/abuild/abuild -t GOOGLE_DAISY -a TEST=util/abuild/abuild -t GOOGLE_PEACH_PIT -a BRANCH=none Change-Id: Ic67d69e694cff3176dbee12d4c6311bc85295863 Signed-off-by: Yu-Ping Wu <yupingso@chromium.org> Reviewed-on: https://review.coreboot.org/c/coreboot/+/65012 Tested-by: build bot (Jenkins) <no-reply@coreboot.org> Reviewed-by: Julius Werner <jwerner@chromium.org>
Diffstat
-rw-r--r--Documentation/security/vboot/index.md1
-rw-r--r--src/mainboard/google/daisy/Kconfig4
-rw-r--r--src/mainboard/google/nyan/Kconfig2
-rw-r--r--src/mainboard/google/nyan/chromeos.fmd3
-rw-r--r--src/mainboard/google/nyan_big/Kconfig2
-rw-r--r--src/mainboard/google/nyan_big/chromeos.fmd3
-rw-r--r--src/mainboard/google/nyan_blaze/Kconfig2
-rw-r--r--src/mainboard/google/nyan_blaze/chromeos.fmd3
-rw-r--r--src/mainboard/google/peach_pit/Kconfig3
-rw-r--r--src/mainboard/google/veyron/Kconfig2
-rw-r--r--src/mainboard/google/veyron/chromeos.fmd5
-rw-r--r--src/security/vboot/Kconfig6
-rw-r--r--src/security/vboot/Makefile.inc5
-rw-r--r--src/security/vboot/vbnv.c9
-rw-r--r--src/security/vboot/vbnv_ec.c17
-rw-r--r--src/soc/rockchip/rk3288/memlayout.ld6
16 files changed, 21 insertions, 52 deletions
diff --git a/Documentation/security/vboot/index.md b/Documentation/security/vboot/index.md
index b82e3ab801..5ee0492486 100644
--- a/Documentation/security/vboot/index.md
+++ b/Documentation/security/vboot/index.md
@@ -176,7 +176,6 @@ CMOS, the EC, or in a read/write area of the SPI flash device.
Select one of the following:
* `VBOOT_VBNV_CMOS`
-* `VBOOT_VBNV_EC`
* `VBOOT_VBNV_FLASH`
More non-volatile storage features may be found in `security/vboot/Kconfig`.
diff --git a/src/mainboard/google/daisy/Kconfig b/src/mainboard/google/daisy/Kconfig
index d4117d84ac..1ccc61f2de 100644
--- a/src/mainboard/google/daisy/Kconfig
+++ b/src/mainboard/google/daisy/Kconfig
@@ -10,7 +10,6 @@ config BOARD_SPECIFIC_OPTIONS
select EC_GOOGLE_CHROMEEC_I2C
select BOARD_ROMSIZE_KB_4096
select DRIVER_MAXIM_MAX77686
- select MAINBOARD_HAS_CHROMEOS
select DRIVER_TI_TPS65090
select MAINBOARD_HAS_NATIVE_VGA_INIT
select MAINBOARD_FORCE_NATIVE_VGA_INIT
@@ -18,9 +17,6 @@ config BOARD_SPECIFIC_OPTIONS
select I2C_TPM
select MAINBOARD_HAS_TPM1
-config VBOOT
- select VBOOT_VBNV_EC
-
config MAINBOARD_DIR
default "google/daisy"
diff --git a/src/mainboard/google/nyan/Kconfig b/src/mainboard/google/nyan/Kconfig
index 62976767f3..0690f01eb9 100644
--- a/src/mainboard/google/nyan/Kconfig
+++ b/src/mainboard/google/nyan/Kconfig
@@ -18,7 +18,7 @@ config BOARD_SPECIFIC_OPTIONS
config VBOOT
select EC_GOOGLE_CHROMEEC_SWITCHES
- select VBOOT_VBNV_EC
+ select VBOOT_VBNV_FLASH
config MAINBOARD_DIR
default "google/nyan"
diff --git a/src/mainboard/google/nyan/chromeos.fmd b/src/mainboard/google/nyan/chromeos.fmd
index ebc6eb137b..bca13463cb 100644
--- a/src/mainboard/google/nyan/chromeos.fmd
+++ b/src/mainboard/google/nyan/chromeos.fmd
@@ -23,6 +23,7 @@ FLASH@0x0 0x400000 {
FW_MAIN_B(CBFS)@0x2000 0x75f00
RW_FWID_B@0x77f00 0x100
}
- RW_VPD(PRESERVE)@0x2f8000 0x8000
+ RW_VPD(PRESERVE)@0x2f8000 0x4000
+ RW_NVRAM(PRESERVE)@0x2fc000 0x4000
RW_LEGACY(CBFS)@0x300000 0x100000
}
diff --git a/src/mainboard/google/nyan_big/Kconfig b/src/mainboard/google/nyan_big/Kconfig
index 5c253c9bc9..04acaedd50 100644
--- a/src/mainboard/google/nyan_big/Kconfig
+++ b/src/mainboard/google/nyan_big/Kconfig
@@ -20,7 +20,7 @@ config BOARD_SPECIFIC_OPTIONS
config VBOOT
select EC_GOOGLE_CHROMEEC_SWITCHES
- select VBOOT_VBNV_EC
+ select VBOOT_VBNV_FLASH
config MAINBOARD_DIR
default "google/nyan_big"
diff --git a/src/mainboard/google/nyan_big/chromeos.fmd b/src/mainboard/google/nyan_big/chromeos.fmd
index ebc6eb137b..bca13463cb 100644
--- a/src/mainboard/google/nyan_big/chromeos.fmd
+++ b/src/mainboard/google/nyan_big/chromeos.fmd
@@ -23,6 +23,7 @@ FLASH@0x0 0x400000 {
FW_MAIN_B(CBFS)@0x2000 0x75f00
RW_FWID_B@0x77f00 0x100
}
- RW_VPD(PRESERVE)@0x2f8000 0x8000
+ RW_VPD(PRESERVE)@0x2f8000 0x4000
+ RW_NVRAM(PRESERVE)@0x2fc000 0x4000
RW_LEGACY(CBFS)@0x300000 0x100000
}
diff --git a/src/mainboard/google/nyan_blaze/Kconfig b/src/mainboard/google/nyan_blaze/Kconfig
index e687129617..9f4edacd61 100644
--- a/src/mainboard/google/nyan_blaze/Kconfig
+++ b/src/mainboard/google/nyan_blaze/Kconfig
@@ -20,7 +20,7 @@ config BOARD_SPECIFIC_OPTIONS
config VBOOT
select EC_GOOGLE_CHROMEEC_SWITCHES
- select VBOOT_VBNV_EC
+ select VBOOT_VBNV_FLASH
config MAINBOARD_DIR
default "google/nyan_blaze"
diff --git a/src/mainboard/google/nyan_blaze/chromeos.fmd b/src/mainboard/google/nyan_blaze/chromeos.fmd
index ebc6eb137b..bca13463cb 100644
--- a/src/mainboard/google/nyan_blaze/chromeos.fmd
+++ b/src/mainboard/google/nyan_blaze/chromeos.fmd
@@ -23,6 +23,7 @@ FLASH@0x0 0x400000 {
FW_MAIN_B(CBFS)@0x2000 0x75f00
RW_FWID_B@0x77f00 0x100
}
- RW_VPD(PRESERVE)@0x2f8000 0x8000
+ RW_VPD(PRESERVE)@0x2f8000 0x4000
+ RW_NVRAM(PRESERVE)@0x2fc000 0x4000
RW_LEGACY(CBFS)@0x300000 0x100000
}
diff --git a/src/mainboard/google/peach_pit/Kconfig b/src/mainboard/google/peach_pit/Kconfig
index 780a00e567..64abb7c0e7 100644
--- a/src/mainboard/google/peach_pit/Kconfig
+++ b/src/mainboard/google/peach_pit/Kconfig
@@ -17,9 +17,6 @@ config BOARD_SPECIFIC_OPTIONS
select MAINBOARD_HAS_TPM1
select MISSING_BOARD_RESET
-config VBOOT
- select VBOOT_VBNV_EC
-
config MAINBOARD_DIR
default "google/peach_pit"
diff --git a/src/mainboard/google/veyron/Kconfig b/src/mainboard/google/veyron/Kconfig
index 0847c410ff..dbd2b8733c 100644
--- a/src/mainboard/google/veyron/Kconfig
+++ b/src/mainboard/google/veyron/Kconfig
@@ -30,7 +30,7 @@ config BOARD_SPECIFIC_OPTIONS
select MAINBOARD_HAS_TPM1
config VBOOT
- select VBOOT_VBNV_EC
+ select VBOOT_VBNV_FLASH
config MAINBOARD_DIR
default "google/veyron"
diff --git a/src/mainboard/google/veyron/chromeos.fmd b/src/mainboard/google/veyron/chromeos.fmd
index ebc6eb137b..df35976d00 100644
--- a/src/mainboard/google/veyron/chromeos.fmd
+++ b/src/mainboard/google/veyron/chromeos.fmd
@@ -14,9 +14,10 @@ FLASH@0x0 0x400000 {
FW_MAIN_A(CBFS)@0x2000 0x75f00
RW_FWID_A@0x77f00 0x100
}
- RW_SHARED@0x278000 0x4000 {
- SHARED_DATA@0x0 0x4000
+ RW_SHARED@0x278000 0x2000 {
+ SHARED_DATA@0x0 0x2000
}
+ RW_NVRAM(PRESERVE)@0x27a000 0x2000
RW_ELOG(PRESERVE)@0x27c000 0x4000
RW_SECTION_B@0x280000 0x78000 {
VBLOCK_B@0x0 0x2000
diff --git a/src/security/vboot/Kconfig b/src/security/vboot/Kconfig
index 04770c94eb..06f9e93485 100644
--- a/src/security/vboot/Kconfig
+++ b/src/security/vboot/Kconfig
@@ -58,12 +58,6 @@ config VBOOT_VBNV_CMOS_BACKUP_TO_FLASH
Vboot non-volatile storage data will be backed up from CMOS to flash
and restored from flash if the CMOS is invalid due to power loss.
-config VBOOT_VBNV_EC
- bool
- default n
- help
- VBNV is stored in EC
-
config VBOOT_VBNV_FLASH
bool
default n
diff --git a/src/security/vboot/Makefile.inc b/src/security/vboot/Makefile.inc
index 52f374ec82..2caeb17434 100644
--- a/src/security/vboot/Makefile.inc
+++ b/src/security/vboot/Makefile.inc
@@ -72,11 +72,6 @@ verstage-$(CONFIG_VBOOT_VBNV_CMOS_BACKUP_TO_FLASH) += vbnv_flash.c
romstage-$(CONFIG_VBOOT_VBNV_CMOS_BACKUP_TO_FLASH) += vbnv_flash.c
ramstage-$(CONFIG_VBOOT_VBNV_CMOS_BACKUP_TO_FLASH) += vbnv_flash.c
-bootblock-$(CONFIG_VBOOT_VBNV_EC) += vbnv_ec.c
-verstage-$(CONFIG_VBOOT_VBNV_EC) += vbnv_ec.c
-romstage-$(CONFIG_VBOOT_VBNV_EC) += vbnv_ec.c
-ramstage-$(CONFIG_VBOOT_VBNV_EC) += vbnv_ec.c
-
bootblock-$(CONFIG_VBOOT_VBNV_FLASH) += vbnv_flash.c
verstage-$(CONFIG_VBOOT_VBNV_FLASH) += vbnv_flash.c
romstage-$(CONFIG_VBOOT_VBNV_FLASH) += vbnv_flash.c
diff --git a/src/security/vboot/vbnv.c b/src/security/vboot/vbnv.c
index 7e92401e55..26946fd335 100644
--- a/src/security/vboot/vbnv.c
+++ b/src/security/vboot/vbnv.c
@@ -1,5 +1,6 @@
/* SPDX-License-Identifier: GPL-2.0-only */
+#include <assert.h>
#include <string.h>
#include <types.h>
#include <security/vboot/vbnv.h>
@@ -61,10 +62,10 @@ void read_vbnv(uint8_t *vbnv_copy)
{
if (CONFIG(VBOOT_VBNV_CMOS))
read_vbnv_cmos(vbnv_copy);
- else if (CONFIG(VBOOT_VBNV_EC))
- read_vbnv_ec(vbnv_copy);
else if (CONFIG(VBOOT_VBNV_FLASH))
read_vbnv_flash(vbnv_copy);
+ else
+ dead_code();
/* Check data for consistency */
if (!verify_vbnv(vbnv_copy))
@@ -79,10 +80,10 @@ void save_vbnv(const uint8_t *vbnv_copy)
{
if (CONFIG(VBOOT_VBNV_CMOS))
save_vbnv_cmos(vbnv_copy);
- else if (CONFIG(VBOOT_VBNV_EC))
- save_vbnv_ec(vbnv_copy);
else if (CONFIG(VBOOT_VBNV_FLASH))
save_vbnv_flash(vbnv_copy);
+ else
+ dead_code();
/* Clear initialized flag to force cached data to be updated */
vbnv_initialized = 0;
diff --git a/src/security/vboot/vbnv_ec.c b/src/security/vboot/vbnv_ec.c
deleted file mode 100644
index fcae37a910..0000000000
--- a/src/security/vboot/vbnv_ec.c
+++ /dev/null
@@ -1,17 +0,0 @@
-/* SPDX-License-Identifier: GPL-2.0-only */
-
-#include <types.h>
-#include <ec/google/chromeec/ec.h>
-#include <security/vboot/vbnv.h>
-#include <security/vboot/vbnv_layout.h>
-
-void read_vbnv_ec(uint8_t *vbnv_copy)
-{
- google_chromeec_vbnv_context(1, vbnv_copy, VBOOT_VBNV_BLOCK_SIZE);
-}
-
-void save_vbnv_ec(const uint8_t *vbnv_copy)
-{
- google_chromeec_vbnv_context(0, (uint8_t *)vbnv_copy,
- VBOOT_VBNV_BLOCK_SIZE);
-}
diff --git a/src/soc/rockchip/rk3288/memlayout.ld b/src/soc/rockchip/rk3288/memlayout.ld
index 32962257b2..5e35a064b9 100644
--- a/src/soc/rockchip/rk3288/memlayout.ld
+++ b/src/soc/rockchip/rk3288/memlayout.ld
@@ -18,9 +18,9 @@ SECTIONS
SRAM_START(0xFF700000)
TTB(0xFF700000, 16K)
BOOTBLOCK(0xFF704004, 16K - 4)
- PRERAM_CBMEM_CONSOLE(0xFF708000, 2K)
- VBOOT2_WORK(0xFF708800, 12K)
- OVERLAP_VERSTAGE_ROMSTAGE(0xFF70B800, 46K + 768)
+ PRERAM_CBMEM_CONSOLE(0xFF708000, 1K)
+ VBOOT2_WORK(0xFF708400, 12K)
+ OVERLAP_VERSTAGE_ROMSTAGE(0xFF70B400, 47K + 768)
PRERAM_CBFS_CACHE(0xFF717300, 256)
TIMESTAMP(0xFF717400, 0x180)
STACK(0xFF717580, 3K - 0x180)
generated by cgit v1.2.3 (git 2.25.1) at 2024-11-11 05:29:59 +0000