vboot: Use CONFIG_VBOOT_MIGRATE_WORKING_DATA on all platforms

When we added CONFIG_VBOOT_MIGRATE_WORKING_DATA, the idea was that on
some Arm platforms the original working data buffer was in SRAM, which
stays accessbile for the whole runtime of the system. There is no reason
to migrate it into CBMEM on those platforms because ramstage and the
payload could continue to access it in SRAM.

Now that we've had a couple of months of experience with this option, we
found that most of our Arm platforms have some issue that requires
migrating anyway, because BL31 often claims SRAM for itself and makes it
inaccessible to the payload. On the remaining platforms, accessing SRAM
from the payload is possible but still an issue, because libpayload
doesn't have enough memory layout information to set up proper page
tables for it, so we're accessing it uncached and at risk of alignment
errors.

Rather than having to figure out how to map the right SRAM range for
every platform in the payload, let's just get rid of the option.
memcpy()ing 12KB isn't worth this much hassle.

Change-Id: I1b94e01c998f723c8950be4d12cc8f02b363a1bf
Signed-off-by: Julius Werner <jwerner@chromium.org>
Reviewed-on: https://review.coreboot.org/c/coreboot/+/33952
Tested-by: build bot (Jenkins) <no-reply@coreboot.org>
Reviewed-by: Joel Kitching <kitching@google.com>
Reviewed-by: Paul Menzel <paulepanter@users.sourceforge.net>
Reviewed-by: Hung-Te Lin <hungte@chromium.org>

6 files changed, 3 insertions, 25 deletions

diff --git a/src/security/vboot/Kconfig b/src/security/vboot/Kconfig
index 66bcc1ed6f..ea1f73889a 100644
--- a/src/security/vboot/Kconfig
+++ b/src/security/vboot/Kconfig
@@ -107,21 +107,6 @@ config VBOOT_STARTS_IN_ROMSTAGE
 	  memory initialization). This implies that vboot working data is
 	  allocated in CBMEM.
 
-config VBOOT_MIGRATE_WORKING_DATA
-	bool
-	default y if CACHE_AS_RAM
-	depends on !VBOOT_STARTS_IN_ROMSTAGE
-	help
-	  In order to make vboot data structures available downstream,
-	  migrate verified boot working data to CBMEM after CBMEM comes
-	  online, when VBOOT_STARTS_IN_BOOTBLOCK is employed.  This should
-	  always be enabled on x86 architectures to migrate data from CAR
-	  before losing access in ramstage, and should almost always be
-	  disabled in SRAM architectures, where access to SRAM is usually
-	  retained.  Any SRAM platform where the original location of the
-	  VBOOT_WORKBUF region becomes inaccessible in later stages should
-	  manually select this option.
-
 config VBOOT_MOCK_SECDATA
 	bool "Mock secdata for firmware verification"
 	default n
diff --git a/src/security/vboot/common.c b/src/security/vboot/common.c
index bd72683e00..626fbc52a4 100644
--- a/src/security/vboot/common.c
+++ b/src/security/vboot/common.c
@@ -117,13 +117,12 @@ int vboot_is_slot_selected(void)
 	return reg->size > 0;
 }
 
-#if CONFIG(VBOOT_MIGRATE_WORKING_DATA)
+#if CONFIG(VBOOT_STARTS_IN_BOOTBLOCK)
 /*
  * For platforms that do not employ VBOOT_STARTS_IN_ROMSTAGE, vboot
  * verification occurs before CBMEM is brought online, using pre-RAM.
  * In order to make vboot data structures available downstream, copy
- * vboot_working_data from SRAM/CAR into CBMEM on platforms where this
- * memory later becomes unavailable.
+ * vboot_working_data from SRAM/CAR into CBMEM.
  */
 static void vboot_migrate_cbmem(int unused)
 {
@@ -140,7 +139,7 @@ static void vboot_migrate_cbmem(int unused)
 	memcpy(wd_cbmem, wd_preram, cbmem_size);
 }
 ROMSTAGE_CBMEM_INIT_HOOK(vboot_migrate_cbmem)
-#elif CONFIG(VBOOT_STARTS_IN_ROMSTAGE)
+#else
 static void vboot_setup_cbmem(int unused)
 {
 	struct vboot_working_data *wd_cbmem =
diff --git a/src/security/vboot/vboot_loader.c b/src/security/vboot/vboot_loader.c
index 9e2cd00404..af4a3fd880 100644
--- a/src/security/vboot/vboot_loader.c
+++ b/src/security/vboot/vboot_loader.c
@@ -26,9 +26,6 @@
 _Static_assert(CONFIG(VBOOT_STARTS_IN_BOOTBLOCK) +
 	       CONFIG(VBOOT_STARTS_IN_ROMSTAGE) == 1,
 	       "vboot must either start in bootblock or romstage (not both!)");
-_Static_assert(CONFIG(VBOOT_STARTS_IN_BOOTBLOCK) ||
-	       !CONFIG(VBOOT_MIGRATE_WORKING_DATA),
-	       "no need to migrate working data after CBMEM is already up!");
 _Static_assert(!CONFIG(VBOOT_SEPARATE_VERSTAGE) ||
 	       CONFIG(VBOOT_STARTS_IN_BOOTBLOCK),
 	       "stand-alone verstage must start in (i.e. after) bootblock");
diff --git a/src/soc/qualcomm/qcs405/Kconfig b/src/soc/qualcomm/qcs405/Kconfig
index e24993a2f0..aa867c2f25 100644
--- a/src/soc/qualcomm/qcs405/Kconfig
+++ b/src/soc/qualcomm/qcs405/Kconfig
@@ -19,7 +19,6 @@ config VBOOT
 	select VBOOT_SEPARATE_VERSTAGE
 	select VBOOT_RETURN_FROM_VERSTAGE
 	select VBOOT_STARTS_IN_BOOTBLOCK
-	select VBOOT_MIGRATE_WORKING_DATA
 
 config QCS405_BLSP_SPI
 	bool
diff --git a/src/soc/qualcomm/sdm845/Kconfig b/src/soc/qualcomm/sdm845/Kconfig
index f6268c95ba..459a4411b2 100644
--- a/src/soc/qualcomm/sdm845/Kconfig
+++ b/src/soc/qualcomm/sdm845/Kconfig
@@ -19,7 +19,6 @@ config VBOOT
 	select VBOOT_RETURN_FROM_VERSTAGE
 	select VBOOT_MUST_REQUEST_DISPLAY
 	select VBOOT_STARTS_IN_BOOTBLOCK
-	select VBOOT_MIGRATE_WORKING_DATA
 
 config SDM845_QSPI
 	bool
diff --git a/src/soc/rockchip/rk3399/Kconfig b/src/soc/rockchip/rk3399/Kconfig
index 897a5979d4..83fc437073 100644
--- a/src/soc/rockchip/rk3399/Kconfig
+++ b/src/soc/rockchip/rk3399/Kconfig
@@ -17,7 +17,6 @@ config SOC_ROCKCHIP_RK3399
 if SOC_ROCKCHIP_RK3399
 
 config VBOOT
-	select VBOOT_MIGRATE_WORKING_DATA
 	select VBOOT_SEPARATE_VERSTAGE
 	select VBOOT_RETURN_FROM_VERSTAGE
 	select VBOOT_MUST_REQUEST_DISPLAY