diff options
author | Hsuan-ting Chen <roccochen@google.com> | 2021-10-27 10:59:41 +0000 |
---|---|---|
committer | Felix Held <felix-coreboot@felixheld.de> | 2021-11-15 12:00:12 +0000 |
commit | 642508aa9c44daaad6963df76630d0271cf0930e (patch) | |
tree | 48fc09455e47c1e09566a73931c96f8a1a45707b /src/security | |
parent | 436eac827aea4839169f2421006df42b8c5c379f (diff) |
Reland "vboot_logic: Set VB2_CONTEXT_EC_TRUSTED in verstage_main"
This reverts commit adb393bdd6cd6734fa2672bd174aca4588a68016.
This relands commit 6260bf712a836762b18d80082505e981e040f4bc.
Reason for revert:
The original CL did not handle some devices correctly.
With the fixes:
* commit 36721a4 (mb/google/brya: Add GPIO_IN_RW to all variants'
early GPIO tables)
* commit 3bfe46c (mb/google/guybrush: Add GPIO EC in RW to early
GPIO tables)
* commit 3a30cf9 (mb/google/guybrush: Build chromeos.c in verstage
This CL also fix the following platforms:
* Change to always trusted: cyan.
* Add to early GPIO table: dedede, eve, fizz, glados, hatch, octopus,
poppy, reef, volteer.
* Add to both Makefile and early GPIO table: zork.
For mb/intel:
* adlrvp: Add support for get_ec_is_trusted().
* glkrvp: Add support for get_ec_is_trusted() with always trusted.
* kblrvp: Add support for get_ec_is_trusted() with always trusted.
* kunimitsu: Add support for get_ec_is_trusted() and initialize it as
early GPIO.
* shadowmountain: Add support for get_ec_is_trusted() and initialize
it as early GPIO.
* tglrvp: Add support for get_ec_is_trusted() with always trusted.
For qemu-q35: Add support for get_ec_is_trusted() with always trusted.
We could attempt another land.
Change-Id: I66b8b99d6e6bf259b18573f9f6010f9254357bf9
Signed-off-by: Hsuan Ting Chen <roccochen@chromium.org>
Reviewed-on: https://review.coreboot.org/c/coreboot/+/58253
Tested-by: build bot (Jenkins) <no-reply@coreboot.org>
Reviewed-by: Karthik Ramasubramanian <kramasub@google.com>
Reviewed-by: Tim Wawrzynczak <twawrzynczak@chromium.org>
Reviewed-by: Yu-Ping Wu <yupingso@google.com>
Diffstat (limited to 'src/security')
-rw-r--r-- | src/security/vboot/bootmode.c | 10 | ||||
-rw-r--r-- | src/security/vboot/vboot_logic.c | 3 |
2 files changed, 13 insertions, 0 deletions
diff --git a/src/security/vboot/bootmode.c b/src/security/vboot/bootmode.c index 6c051093ea..3c50e4ef83 100644 --- a/src/security/vboot/bootmode.c +++ b/src/security/vboot/bootmode.c @@ -57,6 +57,16 @@ int __weak get_recovery_mode_retrain_switch(void) return 0; } +int __weak get_ec_is_trusted(void) +{ + /* + * If board doesn't override this, by default we always assume EC is in + * RW and untrusted. However, newer platforms are supposed to use cr50 + * BOOT_MODE to report this and won't need to override this anymore. + */ + return 0; +} + #if CONFIG(VBOOT_NO_BOARD_SUPPORT) /** * TODO: Create flash protection interface which implements get_write_protect_state. diff --git a/src/security/vboot/vboot_logic.c b/src/security/vboot/vboot_logic.c index 2973934b99..91d42b2c7f 100644 --- a/src/security/vboot/vboot_logic.c +++ b/src/security/vboot/vboot_logic.c @@ -306,6 +306,9 @@ void verstage_main(void) if (CONFIG(TPM_CR50)) check_boot_mode(ctx); + if (get_ec_is_trusted()) + ctx->flags |= VB2_CONTEXT_EC_TRUSTED; + /* Do early init (set up secdata and NVRAM, load GBB) */ printk(BIOS_INFO, "Phase 1\n"); rv = vb2api_fw_phase1(ctx); |