diff options
author | Furquan Shaikh <furquan@google.com> | 2018-04-25 18:15:44 -0700 |
---|---|---|
committer | Furquan Shaikh <furquan@google.com> | 2018-04-27 02:51:32 +0000 |
commit | 95673afc78c9bdc3c78734c8e23a67f37dc8c8cd (patch) | |
tree | e13895ef32d7506ab2074768a91cc68926f97f2f | |
parent | 37c721d78669ed2141981c990a3e8eb1f538fdb4 (diff) |
security/vboot: Add function to check if UDC can be enabled
Add a function that will check the various requirements to
enable USB Device Controller (UDC):
- developer mode enabled
- GBB flag set or VBNV flag set
If VBOOT is not enabled, then default is to allow UDC enabling.
BUG=b:78577893
BRANCH=poppy
Change-Id: Id146ac1065f209865372aeb423f66ae734702954
Signed-off-by: Duncan Laurie <dlaurie@google.com>
Signed-off-by: Furquan Shaikh <furquan@google.com>
Reviewed-on: https://review.coreboot.org/25847
Reviewed-by: Aaron Durbin <adurbin@chromium.org>
Tested-by: build bot (Jenkins) <no-reply@coreboot.org>
-rw-r--r-- | src/security/vboot/vboot_common.c | 19 | ||||
-rw-r--r-- | src/security/vboot/vboot_common.h | 3 |
2 files changed, 22 insertions, 0 deletions
diff --git a/src/security/vboot/vboot_common.c b/src/security/vboot/vboot_common.c index 11320d218e..ae5bdb634a 100644 --- a/src/security/vboot/vboot_common.c +++ b/src/security/vboot/vboot_common.c @@ -20,11 +20,14 @@ #include <console/cbmem_console.h> #include <console/console.h> #include <fmap.h> +#include <gbb_header.h> #include <reset.h> #include <rules.h> #include <stddef.h> #include <string.h> +#include <security/vboot/gbb.h> #include <security/vboot/vboot_common.h> +#include <security/vboot/vbnv.h> int vboot_named_region_device(const char *name, struct region_device *rdev) { @@ -36,6 +39,22 @@ int vboot_named_region_device_rw(const char *name, struct region_device *rdev) return fmap_locate_area_as_rdev_rw(name, rdev); } +/* Check if it is okay to enable USB Device Controller (UDC). */ +int vboot_can_enable_udc(void) +{ + /* Always disable if not in developer mode */ + if (!vboot_developer_mode_enabled()) + return 0; + /* Enable if GBB flag is set */ + if (gbb_is_flag_set(GBB_FLAG_ENABLE_UDC)) + return 1; + /* Enable if VBNV flag is set */ + if (vbnv_udc_enable_flag()) + return 1; + /* Otherwise disable */ + return 0; +} + /* ========================== VBOOT HANDOFF APIs =========================== */ int vboot_get_handoff_info(void **addr, uint32_t *size) { diff --git a/src/security/vboot/vboot_common.h b/src/security/vboot/vboot_common.h index 8c92f7f131..8f03788cb6 100644 --- a/src/security/vboot/vboot_common.h +++ b/src/security/vboot/vboot_common.h @@ -109,10 +109,13 @@ void verstage_mainboard_init(void); int vboot_developer_mode_enabled(void); int vboot_recovery_mode_enabled(void); int vboot_recovery_mode_memory_retrain(void); +int vboot_can_enable_udc(void); #else /* !CONFIG_VBOOT */ static inline int vboot_developer_mode_enabled(void) { return 0; } static inline int vboot_recovery_mode_enabled(void) { return 0; } static inline int vboot_recovery_mode_memory_retrain(void) { return 0; } +/* If VBOOT is not enabled, we are okay enabling USB device controller (UDC). */ +static inline int vboot_can_enable_udc(void) { return 1; } #endif #endif /* __VBOOT_VBOOT_COMMON_H__ */ |