summaryrefslogtreecommitdiff
path: root/src/security
diff options
context:
space:
mode:
Diffstat (limited to 'src/security')
-rw-r--r--src/security/vboot/vboot_common.c19
-rw-r--r--src/security/vboot/vboot_common.h3
2 files changed, 22 insertions, 0 deletions
diff --git a/src/security/vboot/vboot_common.c b/src/security/vboot/vboot_common.c
index 11320d218e..ae5bdb634a 100644
--- a/src/security/vboot/vboot_common.c
+++ b/src/security/vboot/vboot_common.c
@@ -20,11 +20,14 @@
#include <console/cbmem_console.h>
#include <console/console.h>
#include <fmap.h>
+#include <gbb_header.h>
#include <reset.h>
#include <rules.h>
#include <stddef.h>
#include <string.h>
+#include <security/vboot/gbb.h>
#include <security/vboot/vboot_common.h>
+#include <security/vboot/vbnv.h>
int vboot_named_region_device(const char *name, struct region_device *rdev)
{
@@ -36,6 +39,22 @@ int vboot_named_region_device_rw(const char *name, struct region_device *rdev)
return fmap_locate_area_as_rdev_rw(name, rdev);
}
+/* Check if it is okay to enable USB Device Controller (UDC). */
+int vboot_can_enable_udc(void)
+{
+ /* Always disable if not in developer mode */
+ if (!vboot_developer_mode_enabled())
+ return 0;
+ /* Enable if GBB flag is set */
+ if (gbb_is_flag_set(GBB_FLAG_ENABLE_UDC))
+ return 1;
+ /* Enable if VBNV flag is set */
+ if (vbnv_udc_enable_flag())
+ return 1;
+ /* Otherwise disable */
+ return 0;
+}
+
/* ========================== VBOOT HANDOFF APIs =========================== */
int vboot_get_handoff_info(void **addr, uint32_t *size)
{
diff --git a/src/security/vboot/vboot_common.h b/src/security/vboot/vboot_common.h
index 8c92f7f131..8f03788cb6 100644
--- a/src/security/vboot/vboot_common.h
+++ b/src/security/vboot/vboot_common.h
@@ -109,10 +109,13 @@ void verstage_mainboard_init(void);
int vboot_developer_mode_enabled(void);
int vboot_recovery_mode_enabled(void);
int vboot_recovery_mode_memory_retrain(void);
+int vboot_can_enable_udc(void);
#else /* !CONFIG_VBOOT */
static inline int vboot_developer_mode_enabled(void) { return 0; }
static inline int vboot_recovery_mode_enabled(void) { return 0; }
static inline int vboot_recovery_mode_memory_retrain(void) { return 0; }
+/* If VBOOT is not enabled, we are okay enabling USB device controller (UDC). */
+static inline int vboot_can_enable_udc(void) { return 1; }
#endif
#endif /* __VBOOT_VBOOT_COMMON_H__ */