diff options
author | Joel Kitching <kitching@google.com> | 2020-02-08 11:17:57 +0800 |
---|---|---|
committer | Joel Kitching <kitching@google.com> | 2020-02-17 08:08:35 +0000 |
commit | 56e2f130a64c9da6319631c19d452e0db978e70b (patch) | |
tree | dccd0079fb763a39c9ab6e63617fbe7afa3e545f /src/security/vboot | |
parent | 81726663bcfe07234eb286ec5eddbff5e55be813 (diff) |
vboot: remove VBOOT_SAVE_RECOVERY_REASON_ON_REBOOT option
With CL:1940398, this option is no longer needed. Recovery
requests are not cleared until kernel verification stage is
reached. If the FSP triggers any reboots, recovery requests
will be preserved. In particular:
- Manual requests will be preserved via recovery switch state,
whose behaviour is modified in CB:38779.
- Other recovery requests will remain in nvdata across reboot.
These functions now only work after verstage has run:
int vboot_check_recovery_request(void)
int vboot_recovery_mode_enabled(void)
int vboot_developer_mode_enabled(void)
BUG=b:124141368, b:35576380
TEST=make clean && make test-abuild
BRANCH=none
Change-Id: I52d17a3c6730be5c04c3c0ae020368d11db6ca3c
Signed-off-by: Joel Kitching <kitching@google.com>
Reviewed-on: https://review.coreboot.org/c/coreboot/+/38780
Reviewed-by: Julius Werner <jwerner@chromium.org>
Reviewed-by: Furquan Shaikh <furquan@google.com>
Tested-by: build bot (Jenkins) <no-reply@coreboot.org>
Diffstat (limited to 'src/security/vboot')
-rw-r--r-- | src/security/vboot/Kconfig | 8 | ||||
-rw-r--r-- | src/security/vboot/bootmode.c | 80 | ||||
-rw-r--r-- | src/security/vboot/misc.h | 5 | ||||
-rw-r--r-- | src/security/vboot/vbnv.c | 20 | ||||
-rw-r--r-- | src/security/vboot/vbnv.h | 2 | ||||
-rw-r--r-- | src/security/vboot/vboot_logic.c | 3 |
6 files changed, 10 insertions, 108 deletions
diff --git a/src/security/vboot/Kconfig b/src/security/vboot/Kconfig index ea70e65256..54e88dd594 100644 --- a/src/security/vboot/Kconfig +++ b/src/security/vboot/Kconfig @@ -156,14 +156,6 @@ config VBOOT_RETURN_FROM_VERSTAGE reused by the succeeding stage. This is useful if a RAM space is too small to fit both the verstage and the succeeding stage. -config VBOOT_SAVE_RECOVERY_REASON_ON_REBOOT - bool - default n - help - This option ensures that the recovery request is not lost because of - reboots caused after vboot verification is run. e.g. reboots caused by - FSP components on Intel platforms. - config VBOOT_MUST_REQUEST_DISPLAY bool default y if VGA_ROM_RUN diff --git a/src/security/vboot/bootmode.c b/src/security/vboot/bootmode.c index 2a911cbf10..50b3cc3b6c 100644 --- a/src/security/vboot/bootmode.c +++ b/src/security/vboot/bootmode.c @@ -24,79 +24,25 @@ #include <security/vboot/vbnv.h> #include <security/vboot/vboot_common.h> -static int vboot_get_recovery_reason_shared_data(void) -{ - struct vb2_shared_data *sd = vb2_get_sd(vboot_get_context()); - assert(sd); - return sd->recovery_reason; -} - -void vboot_save_recovery_reason_vbnv(void) -{ - if (!CONFIG(VBOOT_SAVE_RECOVERY_REASON_ON_REBOOT)) - return; - - int reason = vboot_get_recovery_reason_shared_data(); - if (!reason) - return; - - set_recovery_mode_into_vbnv(reason); -} - -static void vboot_clear_recovery_reason_vbnv(void *unused) -{ - if (!CONFIG(VBOOT_SAVE_RECOVERY_REASON_ON_REBOOT)) - return; - - set_recovery_mode_into_vbnv(0); -} - /* - * Recovery reason stored in VBNV needs to be cleared before the state of VBNV - * is backed-up anywhere or jumping to the payload (whichever occurs - * first). Currently, vbnv_cmos.c backs up VBNV on POST_DEVICE. Thus, we need to - * make sure that the stored recovery reason is cleared off before that - * happens. - * IMPORTANT: Any reboot occurring after BS_DEV_INIT state will cause loss of - * recovery reason on reboot. Until now, we have seen reboots occurring on x86 - * only in FSP stages which run before BS_DEV_INIT. + * Functions which check vboot information should only be called after verstage + * has run. Otherwise, they will hit the assertion in vboot_get_context(). */ -BOOT_STATE_INIT_ENTRY(BS_DEV_INIT, BS_ON_EXIT, - vboot_clear_recovery_reason_vbnv, NULL); -/* - * vb2_check_recovery_request looks up different components to identify if there - * is a recovery request and returns appropriate reason code: - * 1. Checks if recovery mode is initiated by EC. If yes, returns - * VB2_RECOVERY_RO_MANUAL. - * 2. Checks if recovery request is present in VBNV and returns the code read - * from it. - * 3. Checks if vboot verification is done. If yes, return the reason code from - * shared data. - * 4. If nothing applies, return 0 indicating no recovery request. - */ int vboot_check_recovery_request(void) { - int reason = 0; - - /* EC-initiated recovery. */ - if (get_recovery_mode_switch()) - return VB2_RECOVERY_RO_MANUAL; - - /* Recovery request in VBNV. */ - if ((reason = get_recovery_mode_from_vbnv()) != 0) - return reason; - - /* Identify if vboot verification is already complete. */ - if (vboot_logic_executed()) - return vboot_get_recovery_reason_shared_data(); - - return 0; + /* TODO: Expose vb2api_recovery_reason() and vb2api_need_train_and_reboot(). */ + return vb2_get_sd(vboot_get_context())->recovery_reason; } int vboot_recovery_mode_enabled(void) { - return !!vboot_check_recovery_request(); + return vboot_get_context()->flags & VB2_CONTEXT_RECOVERY_MODE; +} + +int vboot_developer_mode_enabled(void) +{ + return vboot_get_context()->flags & VB2_CONTEXT_DEVELOPER_MODE; } int __weak clear_recovery_mode_switch(void) @@ -133,12 +79,6 @@ int vboot_recovery_mode_memory_retrain(void) return get_recovery_mode_retrain_switch(); } -int vboot_developer_mode_enabled(void) -{ - return vboot_logic_executed() && - vboot_get_context()->flags & VB2_CONTEXT_DEVELOPER_MODE; -} - #if CONFIG(VBOOT_NO_BOARD_SUPPORT) /** * TODO: Create flash protection interface which implements get_write_protect_state. diff --git a/src/security/vboot/misc.h b/src/security/vboot/misc.h index 324af5ca11..97944d92a6 100644 --- a/src/security/vboot/misc.h +++ b/src/security/vboot/misc.h @@ -50,11 +50,6 @@ static inline bool vboot_is_gbb_flag_set(enum vb2_gbb_flag flag) int vboot_locate_firmware(struct vb2_context *ctx, struct region_device *fw); /* - * Source: security/vboot/bootmode.c - */ -void vboot_save_recovery_reason_vbnv(void); - -/* * The stage loading code is compiled and entered from multiple stages. The * helper functions below attempt to provide more clarity on when certain * code should be called. They are implemented inline for better compile-time diff --git a/src/security/vboot/vbnv.c b/src/security/vboot/vbnv.c index be598acb18..a5a780664c 100644 --- a/src/security/vboot/vbnv.c +++ b/src/security/vboot/vbnv.c @@ -101,26 +101,6 @@ void save_vbnv(const uint8_t *vbnv_copy) vbnv_initialized = 0; } -/* Save a recovery reason into VBNV. */ -void set_recovery_mode_into_vbnv(int recovery_reason) -{ - uint8_t vbnv_copy[VBOOT_VBNV_BLOCK_SIZE]; - - read_vbnv(vbnv_copy); - - vbnv_copy[RECOVERY_OFFSET] = recovery_reason; - vbnv_copy[CRC_OFFSET] = crc8_vbnv(vbnv_copy, CRC_OFFSET); - - save_vbnv(vbnv_copy); -} - -/* Read the recovery reason from VBNV. */ -int get_recovery_mode_from_vbnv(void) -{ - vbnv_setup(); - return vbnv[RECOVERY_OFFSET]; -} - /* Read the USB Device Controller(UDC) enable flag from VBNV. */ int vbnv_udc_enable_flag(void) { diff --git a/src/security/vboot/vbnv.h b/src/security/vboot/vbnv.h index a2f0b4c978..7d288d5773 100644 --- a/src/security/vboot/vbnv.h +++ b/src/security/vboot/vbnv.h @@ -23,8 +23,6 @@ void read_vbnv(uint8_t *vbnv_copy); void save_vbnv(const uint8_t *vbnv_copy); int verify_vbnv(uint8_t *vbnv_copy); void regen_vbnv_crc(uint8_t *vbnv_copy); -int get_recovery_mode_from_vbnv(void); -void set_recovery_mode_into_vbnv(int recovery_reason); /* Read the USB Device Controller(UDC) enable flag from VBNV. */ int vbnv_udc_enable_flag(void); diff --git a/src/security/vboot/vboot_logic.c b/src/security/vboot/vboot_logic.c index 18c96d77ff..df2f00243b 100644 --- a/src/security/vboot/vboot_logic.c +++ b/src/security/vboot/vboot_logic.c @@ -408,8 +408,5 @@ void verstage_main(void) vboot_is_firmware_slot_a(ctx) ? 'A' : 'B'); verstage_main_exit: - /* Save recovery reason in case of unexpected reboots on x86. */ - vboot_save_recovery_reason_vbnv(); - timestamp_add_now(TS_END_VBOOT); } |