summaryrefslogtreecommitdiff
path: root/src/security
diff options
context:
space:
mode:
authorJoel Kitching <kitching@google.com>2019-03-17 18:07:25 +0800
committerJulius Werner <jwerner@chromium.org>2019-03-27 06:13:27 +0000
commit51bbdac7d513f5e0763ff68ecac2fcd3db1d53aa (patch)
tree86b81ca1014b5d975dfdae46256e60efb7d5408b /src/security
parented6996f2babb6efd794e45e18f39a09d2996b2b0 (diff)
vboot: deprecate physical dev switch
Currently only two devices make use of physical dev switch: stumpy, lumpy Deprecate this switch. If these devices are flashed to ToT, they may still make use of virtual dev switch, activated via recovery screen. BUG=b:124141368, b:124192753, chromium:942901 TEST=util/lint/checkpatch.pl -g origin/master..HEAD TEST=util/abuild/abuild -B -e -y -c 50 -p none -x TEST=make clean && make test-abuild BRANCH=none Change-Id: I87ec0db6148c1727b95475d94e3e3f6e7ec83193 Signed-off-by: Joel Kitching <kitching@google.com> Reviewed-on: https://review.coreboot.org/c/coreboot/+/31943 Reviewed-by: Simon Glass <sjg@chromium.org> Reviewed-by: Kyösti Mälkki <kyosti.malkki@gmail.com> Reviewed-by: Julius Werner <jwerner@chromium.org> Tested-by: build bot (Jenkins) <no-reply@coreboot.org>
Diffstat (limited to 'src/security')
-rw-r--r--src/security/vboot/Kconfig9
-rw-r--r--src/security/vboot/vboot_handoff.c3
-rw-r--r--src/security/vboot/vboot_logic.c4
3 files changed, 1 insertions, 15 deletions
diff --git a/src/security/vboot/Kconfig b/src/security/vboot/Kconfig
index 42e7b19261..ca25423f72 100644
--- a/src/security/vboot/Kconfig
+++ b/src/security/vboot/Kconfig
@@ -191,15 +191,6 @@ config VBOOT_SOFT_REBOOT_WORKAROUND
bool
default n
-config VBOOT_PHYSICAL_DEV_SWITCH
- bool
- default n
- help
- Whether this platform has a physical developer switch. Note that this
- disables virtual dev switch functionality (through secdata). Operation
- where both a physical pin and the virtual switch get sampled is not
- supported by coreboot.
-
config VBOOT_PHYSICAL_REC_SWITCH
bool
default n
diff --git a/src/security/vboot/vboot_handoff.c b/src/security/vboot/vboot_handoff.c
index cbfedf5016..11831d5b7b 100644
--- a/src/security/vboot/vboot_handoff.c
+++ b/src/security/vboot/vboot_handoff.c
@@ -79,8 +79,7 @@ static void fill_vboot_handoff(struct vboot_handoff *vboot_handoff,
vb_sd->flags |= VBSD_LF_DEV_SWITCH_ON;
}
/* TODO: Set these in depthcharge */
- if (!CONFIG(VBOOT_PHYSICAL_DEV_SWITCH))
- vb_sd->flags |= VBSD_HONOR_VIRT_DEV_SWITCH;
+ vb_sd->flags |= VBSD_HONOR_VIRT_DEV_SWITCH;
if (!CONFIG(VBOOT_PHYSICAL_REC_SWITCH))
vb_sd->flags |= VBSD_BOOT_REC_SWITCH_VIRTUAL;
if (CONFIG(VBOOT_OPROM_MATTERS)) {
diff --git a/src/security/vboot/vboot_logic.c b/src/security/vboot/vboot_logic.c
index 0b5763bfe3..ac3d3c33a7 100644
--- a/src/security/vboot/vboot_logic.c
+++ b/src/security/vboot/vboot_logic.c
@@ -324,10 +324,6 @@ void verstage_main(void)
die("Initializing measured boot mode failed!");
}
- if (CONFIG(VBOOT_PHYSICAL_DEV_SWITCH) &&
- get_developer_mode_switch())
- ctx.flags |= VB2_CONTEXT_FORCE_DEVELOPER_MODE;
-
if (get_recovery_mode_switch()) {
ctx.flags |= VB2_CONTEXT_FORCE_RECOVERY_MODE;
if (CONFIG(VBOOT_DISABLE_DEV_ON_RECOVERY))