romstage: add support for vboot firmware selection

This patch implements support for vboot firmware selection. The vboot
support is comprised of the following pieces:

1. vboot_loader.c - this file contains the entry point,
   vboot_verify_firmware(), for romstage to call in order to perform
   vboot selection. The loader sets up all the data for the wrapper
   to use.
2. vboot_wrapper.c - this file contains the implementation calling the vboot
   API. It calls VbInit() and VbSelectFirmware() with the data supplied
   by the loader.

The vboot wrapper is compiled and linked as an rmodule and placed in
cbfs as 'fallback/vboot'. It's loaded into memory and relocated just
like the way ramstage would be. After being loaded the loader calls into
wrapper. When the wrapper sees that a given piece of firmware has been
selected it parses firmware component information for a predetermined
number of components.

Vboot result information is passed to downstream users by way of the
vboot_handoff structure. This structure lives in cbmem and contains
the shared data, selected firmware, VbInitParams, and parsed firwmare
components.

During ramstage there are only 2 changes:

1. Copy the shared vboot data from vboot_handoff to the chromeos acpi
   table.
2. If a firmware selection was made in romstage the boot loader
   component is used for the payload.

Noteable Information:
- no vboot path for S3.
- assumes that all RW firmware contains a book keeping header for the
  components that comprise the signed firmware area.
- As sanity check there is a limit to the number of firmware components
  contained in a signed firmware area. That's so that an errant value
  doesn't cause the size calculation to erroneously read memory it
  shouldn't.
- RO normal path isn't supported. It's assumed that firmware will always
  load the verified RW on all boots but recovery.
- If vboot requests memory to be cleared it is assumed that the boot
  loader will take care of that by looking at the out flags in
VbInitParams.

Built and booted. Noted firmware select worked on an image with
RW firmware support. Also checked that recovery mode worked as well
by choosing the RO path.

Change-Id: I45de725c44ee5b766f866692a20881c42ee11fa8
Signed-off-by: Aaron Durbin <adurbin@chromium.org>
Reviewed-on: http://review.coreboot.org/2854
Tested-by: build bot (Jenkins)
Reviewed-by: Ronald G. Minnich <rminnich@gmail.com>

1 files changed, 12 insertions, 0 deletions

diff --git a/src/vendorcode/google/chromeos/chromeos.h b/src/vendorcode/google/chromeos/chromeos.h
index 37630a69bc..8410707a9b 100644
--- a/src/vendorcode/google/chromeos/chromeos.h
+++ b/src/vendorcode/google/chromeos/chromeos.h
@@ -20,9 +20,12 @@
 #ifndef __CHROMEOS_H__
 #define __CHROMEOS_H__
 
+#include <stdint.h>
+
 /* functions implemented per mainboard: */
 int get_developer_mode_switch(void);
 int get_recovery_mode_switch(void);
+int get_write_protect_state(void);
 #ifdef __PRE_RAM__
 void save_chromeos_gpios(void);
 #endif
@@ -32,6 +35,9 @@ int get_recovery_mode_from_vbnv(void);
 int vboot_wants_oprom(void);
 extern int oprom_is_loaded;
 
+void read_vbnv(uint8_t *vbnv_copy);
+void save_vbnv(const uint8_t *vbnv_copy);
+
 /* functions implemented in chromeos.c: */
 int developer_mode_enabled(void);
 int recovery_mode_enabled(void);
@@ -39,4 +45,10 @@ int recovery_mode_enabled(void);
 /* functions implemented in vboot.c */
 void init_chromeos(int bootmode);
 
+#if CONFIG_VBOOT_VERIFY_FIRMWARE
+struct romstage_handoff;
+void vboot_verify_firmware(struct romstage_handoff *handoff);
+void *vboot_get_payload(int *len);
+#endif
+
 #endif