diff options
| author | Wim Vervoorn <wvervoorn@eltan.com> | 2019-11-01 10:22:22 +0100 |
|---|---|---|
| committer | Patrick Georgi <pgeorgi@google.com> | 2019-11-05 15:03:44 +0000 |
| commit | 1058dd84f06fa2fcbdd99eb99da07dccdf5b9722 (patch) | |
| tree | ba7a35d891d204c81658fc6d1fb0de05e6ee94a3 /src/security | |
| parent | 397ce3c45fc8d2469c07565879c09d8fb00626ec (diff) | |
security/vboot: Removed vboot_prepare from vboot_locator
When prog_locate() is called in the stage VBOOT is starting from and the
image to be loaded is not the target image vboot_prepare() may be called
too early.
To prevent this vboot_prepare() is removed from the vboot_locator
structure. This allows more control over the start of the vboot logic.
To clarify the change the vboot_prepare() has been renamed to
vboot_run_logic() and calls to initialize vboot have been added at the
following places:
postcar_loader: when VBOOT starts in ROMSTAGE
romstage_loader: when VBOOT starts in BOOTBLOCK
ramstage_loader: when VBOOT starts in ROMSTAGE
BUG=N/A
TEST=tested on facebook fbg1701
Change-Id: Id5e8fd78458c09dd3896bfd142bd49c2c3d686df
Signed-off-by: Wim Vervoorn <wvervoorn@eltan.com>
Reviewed-on: https://review.coreboot.org/c/coreboot/+/36543
Reviewed-by: Frans Hendriks <fhendriks@eltan.com>
Tested-by: build bot (Jenkins) <no-reply@coreboot.org>
Diffstat (limited to 'src/security')
| -rw-r--r-- | src/security/vboot/vboot_common.h | 2 | ||||
| -rw-r--r-- | src/security/vboot/vboot_loader.c | 3 |
2 files changed, 3 insertions, 2 deletions
diff --git a/src/security/vboot/vboot_common.h b/src/security/vboot/vboot_common.h index 8aadf9e420..42b4a6b59b 100644 --- a/src/security/vboot/vboot_common.h +++ b/src/security/vboot/vboot_common.h @@ -76,12 +76,14 @@ int vboot_developer_mode_enabled(void); int vboot_recovery_mode_enabled(void); int vboot_recovery_mode_memory_retrain(void); int vboot_can_enable_udc(void); +void vboot_run_logic(void); #else /* !CONFIG_VBOOT */ static inline int vboot_developer_mode_enabled(void) { return 0; } static inline int vboot_recovery_mode_enabled(void) { return 0; } static inline int vboot_recovery_mode_memory_retrain(void) { return 0; } /* If VBOOT is not enabled, we are okay enabling USB device controller (UDC). */ static inline int vboot_can_enable_udc(void) { return 1; } +static inline void vboot_run_logic(void) {} #endif #endif /* __VBOOT_VBOOT_COMMON_H__ */ diff --git a/src/security/vboot/vboot_loader.c b/src/security/vboot/vboot_loader.c index 3aac48d174..2b7ba83503 100644 --- a/src/security/vboot/vboot_loader.c +++ b/src/security/vboot/vboot_loader.c @@ -35,7 +35,7 @@ _Static_assert(!CONFIG(VBOOT_RETURN_FROM_VERSTAGE) || int vboot_executed CAR_GLOBAL; -static void vboot_prepare(void) +void vboot_run_logic(void) { if (verification_should_run()) { /* Note: this path is not used for VBOOT_RETURN_FROM_VERSTAGE */ @@ -90,6 +90,5 @@ static int vboot_locate(struct cbfs_props *props) const struct cbfs_locator vboot_locator = { .name = "VBOOT", - .prepare = vboot_prepare, .locate = vboot_locate, }; |