summaryrefslogtreecommitdiff
path: root/src/security
diff options
context:
space:
mode:
authorJoel Kitching <kitching@google.com>2019-04-10 16:06:21 +0800
committerJulius Werner <jwerner@chromium.org>2019-04-30 21:47:25 +0000
commit6672bd8e6b808300a98be0ce308a2bfe5b4685d6 (patch)
tree9bd6699009566d63dc7bf4417b7ab6e23436f3d2 /src/security
parent2b8789bb3bf186b64ead7a92c341eb70ed57bbcf (diff)
vboot: refactor OPROM code
The name OPROM is somewhat inaccurate, since other steps to bring up display and graphics are needed depending on mainboard/SoC. This patch cleans up OPROM code nomenclature, and works towards the goal of deprecating vboot1: * Rename CONFIG_VBOOT_OPROM_MATTERS to CONFIG_VBOOT_MUST_REQUEST_DISPLAY and clarify Kconfig description * Remove function vboot_handoff_skip_display_init * Remove use of the VbInit oflag VB_INIT_OUT_ENABLE_DISPLAY * Add |flags| field to vboot_working_data struct * Create VBOOT_FLAG_DISPLAY_REQUESTED and set in vboot_handoff BUG=b:124141368, b:124192753, chromium:948529 TEST=make clean && make test-abuild TEST=build and flash eve device; attempt loading dev/rec modes BRANCH=none Change-Id: Idf111a533c3953448b4b9084885a9a65a2432a8b Signed-off-by: Joel Kitching <kitching@google.com> Reviewed-on: https://review.coreboot.org/c/coreboot/+/32262 Tested-by: build bot (Jenkins) <no-reply@coreboot.org> Reviewed-by: Julius Werner <jwerner@chromium.org>
Diffstat (limited to 'src/security')
-rw-r--r--src/security/vboot/Kconfig8
-rw-r--r--src/security/vboot/misc.h11
-rw-r--r--src/security/vboot/vboot_common.c5
-rw-r--r--src/security/vboot/vboot_common.h1
-rw-r--r--src/security/vboot/vboot_handoff.c23
5 files changed, 21 insertions, 27 deletions
diff --git a/src/security/vboot/Kconfig b/src/security/vboot/Kconfig
index 4815cb10f9..66bcc1ed6f 100644
--- a/src/security/vboot/Kconfig
+++ b/src/security/vboot/Kconfig
@@ -169,17 +169,15 @@ config VBOOT_SAVE_RECOVERY_REASON_ON_REBOOT
reboots caused after vboot verification is run. e.g. reboots caused by
FSP components on Intel platforms.
-config VBOOT_OPROM_MATTERS
+config VBOOT_MUST_REQUEST_DISPLAY
bool
default y if VGA_ROM_RUN
default n
help
Set this option to indicate to vboot that this platform will skip its
display initialization on a normal (non-recovery, non-developer) boot.
- Vboot calls this "oprom matters" because on x86 devices this
- traditionally meant that the video option ROM will not be loaded, but
- it works functionally the same for other platforms that can skip their
- native display initialization code instead.
+ Unless display is specifically requested, the video option ROM is not
+ loaded, and any other native display initialization code is not run.
config VBOOT_HAS_REC_HASH_SPACE
bool
diff --git a/src/security/vboot/misc.h b/src/security/vboot/misc.h
index 27317ad32d..b4fae19d74 100644
--- a/src/security/vboot/misc.h
+++ b/src/security/vboot/misc.h
@@ -34,12 +34,19 @@ struct selected_region {
*/
struct vboot_working_data {
struct selected_region selected_region;
+ uint32_t flags;
/* offset of the buffer from the start of this struct */
- uint32_t buffer_offset;
- uint32_t buffer_size;
+ uint16_t buffer_offset;
+ uint16_t buffer_size;
};
/*
+ * Definitions for vboot_working_data.flags values.
+ */
+/* vboot requests display initialization from coreboot. */
+#define VBOOT_WD_FLAG_DISPLAY_INIT (1 << 0)
+
+/*
* Source: security/vboot/common.c
*/
struct vboot_working_data * const vboot_get_working_data(void);
diff --git a/src/security/vboot/vboot_common.c b/src/security/vboot/vboot_common.c
index 5e95c6215c..3dddc76556 100644
--- a/src/security/vboot/vboot_common.c
+++ b/src/security/vboot/vboot_common.c
@@ -88,11 +88,6 @@ static int vboot_get_handoff_flag(uint32_t flag)
return !!(vbho->init_params.out_flags & flag);
}
-int vboot_handoff_skip_display_init(void)
-{
- return !vboot_get_handoff_flag(VB_INIT_OUT_ENABLE_DISPLAY);
-}
-
int vboot_handoff_check_developer_flag(void)
{
return vboot_get_handoff_flag(VB_INIT_OUT_ENABLE_DEVELOPER);
diff --git a/src/security/vboot/vboot_common.h b/src/security/vboot/vboot_common.h
index 8c92437a3c..768b29d4fc 100644
--- a/src/security/vboot/vboot_common.h
+++ b/src/security/vboot/vboot_common.h
@@ -60,7 +60,6 @@ int vboot_get_handoff_info(void **addr, uint32_t *size);
* Returns 0 for flag if false
* Returns value read for other fields
*/
-int vboot_handoff_skip_display_init(void);
int vboot_handoff_check_recovery_flag(void);
int vboot_handoff_check_developer_flag(void);
int vboot_handoff_get_recovery_reason(void);
diff --git a/src/security/vboot/vboot_handoff.c b/src/security/vboot/vboot_handoff.c
index ff938e15ce..178877d847 100644
--- a/src/security/vboot/vboot_handoff.c
+++ b/src/security/vboot/vboot_handoff.c
@@ -61,30 +61,25 @@ static void fill_vboot_handoff(struct vboot_handoff *vboot_handoff,
vb_sd->flags |= VBSD_BOOT_REC_SWITCH_ON;
*oflags |= VB_INIT_OUT_ENABLE_RECOVERY;
*oflags |= VB_INIT_OUT_CLEAR_RAM;
- *oflags |= VB_INIT_OUT_ENABLE_DISPLAY;
*oflags |= VB_INIT_OUT_ENABLE_USB_STORAGE;
}
if (vb2_sd->flags & VB2_SD_FLAG_DEV_MODE_ENABLED) {
*oflags |= VB_INIT_OUT_ENABLE_DEVELOPER;
*oflags |= VB_INIT_OUT_CLEAR_RAM;
- *oflags |= VB_INIT_OUT_ENABLE_DISPLAY;
*oflags |= VB_INIT_OUT_ENABLE_USB_STORAGE;
vb_sd->flags |= VBSD_BOOT_DEV_SWITCH_ON;
vb_sd->flags |= VBSD_LF_DEV_SWITCH_ON;
}
- /* TODO: Set these in depthcharge */
- if (CONFIG(VBOOT_OPROM_MATTERS)) {
- vb_sd->flags |= VBSD_OPROM_MATTERS;
- /*
- * Inform vboot if the display was enabled by dev/rec
- * mode or was requested by vboot kernel phase.
- */
- if ((*oflags & VB_INIT_OUT_ENABLE_DISPLAY) ||
- vboot_wants_oprom()) {
- vb_sd->flags |= VBSD_OPROM_LOADED;
- *oflags |= VB_INIT_OUT_ENABLE_DISPLAY;
- }
+ /* Inform vboot if the display was requested by vboot kernel phase
+ or enabled by dev/rec mode. */
+ if (vboot_wants_oprom() || vb2_sd->recovery_reason ||
+ vb2_sd->flags & VB2_SD_FLAG_DEV_MODE_ENABLED) {
+ vboot_get_working_data()->flags |= VBOOT_WD_FLAG_DISPLAY_INIT;
+ vb_sd->flags |= VBSD_OPROM_LOADED;
}
+ /* TODO: Remove when depthcharge no longer reads this flag. */
+ if (CONFIG(VBOOT_MUST_REQUEST_DISPLAY))
+ vb_sd->flags |= VBSD_OPROM_MATTERS;
/* In vboot1, VBSD_FWB_TRIED is
* set only if B is booted as explicitly requested. Therefore, if B is