summaryrefslogtreecommitdiff
path: root/src/security
diff options
context:
space:
mode:
authorJoel Kitching <kitching@google.com>2019-06-16 16:44:26 +0800
committerJulius Werner <jwerner@chromium.org>2019-06-21 00:50:48 +0000
commita06cd6c29e5f2fb05210eb185b84c887791df989 (patch)
treeb60b02553e9e9a448bc6a4344411a0ad20aca95a /src/security
parentc10af299aeed2a7d530fbabbaa55947d64712333 (diff)
vboot: remove vboot_handoff_get_recovery_reason
Two functions retrieve vboot recovery_reason: * vboot_handoff_get_recovery_reason * vboot_get_recovery_reason_shared_data Previously, when CBMEM comes online, a vboot_handoff data structure is created, and depending on the architecture, coreboot may eventually lose access to vboot_working_data. After implementing vboot_working_data CBMEM migration, vboot_working_data is always guaranteed to be accessible. vboot_get_recovery_reason_shared_data is corrected to also allow accessing vboot_working_data in ramstage and postcar. Now, vboot_handoff_get_recovery reason returning a valid recovery reason implies that vboot_get_recovery_reason_shared_data should *also* return a valid recovery reason. Thus we may remove the former. BUG=b:124141368, b:124192753 TEST=make clean && make test-abuild BRANCH=none Change-Id: Iac216dc968dd155d9d4f8bd0f2dfd5034762f9a0 Signed-off-by: Joel Kitching <kitching@google.com> Reviewed-on: https://review.coreboot.org/c/coreboot/+/33532 Tested-by: build bot (Jenkins) <no-reply@coreboot.org> Reviewed-by: Furquan Shaikh <furquan@google.com> Reviewed-by: Julius Werner <jwerner@chromium.org>
Diffstat (limited to 'src/security')
-rw-r--r--src/security/vboot/bootmode.c28
-rw-r--r--src/security/vboot/vboot_common.c13
-rw-r--r--src/security/vboot/vboot_common.h4
3 files changed, 7 insertions, 38 deletions
diff --git a/src/security/vboot/bootmode.c b/src/security/vboot/bootmode.c
index 68749f008b..4d4dc0ddfd 100644
--- a/src/security/vboot/bootmode.c
+++ b/src/security/vboot/bootmode.c
@@ -26,10 +26,6 @@
static int vboot_get_recovery_reason_shared_data(void)
{
- /* Shared data does not exist for Ramstage and Post-CAR stage. */
- if (ENV_RAMSTAGE || ENV_POSTCAR)
- return 0;
-
struct vb2_shared_data *sd = vboot_get_shared_data();
assert(sd);
return sd->recovery_reason;
@@ -96,11 +92,10 @@ static int vboot_possibly_executed(void)
* VB2_RECOVERY_RO_MANUAL.
* 2. Checks if recovery request is present in VBNV and returns the code read
* from it.
- * 3. Checks recovery request in handoff for stages post-cbmem.
- * 4. For non-CBMEM stages, check if vboot verification is done and look-up
- * selected region to identify if vboot_reference library has requested recovery
- * path. If yes, return the reason code from shared data.
- * 5. If nothing applies, return 0 indicating no recovery request.
+ * 3. Checks if vboot verification is done and looks up selected region
+ * to identify if vboot_reference library has requested recovery path.
+ * If yes, return the reason code from shared data.
+ * 4. If nothing applies, return 0 indicating no recovery request.
*/
int vboot_check_recovery_request(void)
{
@@ -115,19 +110,8 @@ int vboot_check_recovery_request(void)
return reason;
/*
- * Check recovery flag in vboot_handoff for stages post CBMEM coming
- * online. Since for some stages there is no way to know if cbmem has
- * already come online, try looking up handoff anyways. If it fails,
- * flow will fallback to looking up shared data.
- */
- if (cbmem_possibly_online() &&
- ((reason = vboot_handoff_get_recovery_reason()) != 0))
- return reason;
-
- /*
- * For stages where CBMEM might not be online, identify if vboot
- * verification is already complete and no slot was selected
- * i.e. recovery path was requested.
+ * Identify if vboot verification is already complete and no slot
+ * was selected i.e. recovery path was requested.
*/
if (vboot_possibly_executed() && vboot_logic_executed() &&
!vboot_is_slot_selected())
diff --git a/src/security/vboot/vboot_common.c b/src/security/vboot/vboot_common.c
index ff8e6c896c..a18bf23f92 100644
--- a/src/security/vboot/vboot_common.c
+++ b/src/security/vboot/vboot_common.c
@@ -93,19 +93,6 @@ int vboot_handoff_check_recovery_flag(void)
return vboot_get_handoff_flag(VB_INIT_OUT_ENABLE_RECOVERY);
}
-int vboot_handoff_get_recovery_reason(void)
-{
- struct vboot_handoff *vbho;
- VbSharedDataHeader *sd;
-
- if (vboot_get_handoff_info((void **)&vbho, NULL))
- return 0;
-
- sd = (VbSharedDataHeader *)vbho->shared_data;
-
- return sd->recovery_reason;
-}
-
/* ============================ VBOOT REBOOT ============================== */
void __weak vboot_platform_prepare_reboot(void)
{
diff --git a/src/security/vboot/vboot_common.h b/src/security/vboot/vboot_common.h
index a785a8ba34..65a543c791 100644
--- a/src/security/vboot/vboot_common.h
+++ b/src/security/vboot/vboot_common.h
@@ -54,15 +54,13 @@ struct vboot_handoff {
int vboot_get_handoff_info(void **addr, uint32_t *size);
/*
- * The following functions read vboot_handoff structure to obtain requested
+ * The following function reads vboot_handoff structure to obtain requested
* information. If vboot handoff is not available, 0 is returned by default.
* If vboot handoff is available:
* Returns 1 for flag if true
* Returns 0 for flag if false
- * Returns value read for other fields
*/
int vboot_handoff_check_recovery_flag(void);
-int vboot_handoff_get_recovery_reason(void);
/* ============================ VBOOT REBOOT ============================== */
/*