diff options
Diffstat (limited to 'src/vendorcode/google')
-rw-r--r-- | src/vendorcode/google/chromeos/Kconfig | 12 | ||||
-rw-r--r-- | src/vendorcode/google/chromeos/Makefile.inc | 2 | ||||
-rw-r--r-- | src/vendorcode/google/chromeos/chromeos.h | 6 | ||||
-rw-r--r-- | src/vendorcode/google/chromeos/vbnv_flash.c | 6 | ||||
-rw-r--r-- | src/vendorcode/google/chromeos/vboot2/Kconfig | 19 | ||||
-rw-r--r-- | src/vendorcode/google/chromeos/vboot_helper.c | 7 |
6 files changed, 15 insertions, 37 deletions
diff --git a/src/vendorcode/google/chromeos/Kconfig b/src/vendorcode/google/chromeos/Kconfig index cf3bd0729b..a75237e488 100644 --- a/src/vendorcode/google/chromeos/Kconfig +++ b/src/vendorcode/google/chromeos/Kconfig @@ -104,7 +104,7 @@ config FLASHMAP_OFFSET config EC_SOFTWARE_SYNC bool "Enable EC software sync" default n - depends on VBOOT_VERIFY_FIRMWARE || VBOOT2_VERIFY_FIRMWARE + depends on VBOOT_VERIFY_FIRMWARE help EC software sync is a mechanism where the AP helps the EC verify its firmware similar to how vboot verifies the main system firmware. This @@ -128,14 +128,14 @@ config VBOOT_OPROM_MATTERS config VIRTUAL_DEV_SWITCH bool "Virtual developer switch support" default n - depends on VBOOT_VERIFY_FIRMWARE || VBOOT2_VERIFY_FIRMWARE + depends on VBOOT_VERIFY_FIRMWARE help Whether this platform has a virtual developer switch. config VBOOT_VERIFY_FIRMWARE bool "Verify firmware with vboot." default n - depends on CHROMEOS + depends on CHROMEOS && HAVE_HARD_RESET help Enabling VBOOT_VERIFY_FIRMWARE will use vboot to verify the components of the firmware (stages, payload, etc). @@ -148,7 +148,7 @@ config VBOOT_VERIFY_FIRMWARE config VBOOT_BOOT_LOADER_INDEX hex "Bootloader component index" default 0 - depends on VBOOT_VERIFY_FIRMWARE || VBOOT2_VERIFY_FIRMWARE + depends on VBOOT_VERIFY_FIRMWARE help This is the index of the bootloader component in the verified firmware block. @@ -164,7 +164,7 @@ config VBOOT_REFCODE_INDEX config VBOOT_RAMSTAGE_INDEX hex "Ramstage component index" default 1 - depends on VBOOT_VERIFY_FIRMWARE || VBOOT2_VERIFY_FIRMWARE + depends on VBOOT_VERIFY_FIRMWARE help This is the index of the ramstage component in the verified firmware block. @@ -172,7 +172,7 @@ config VBOOT_RAMSTAGE_INDEX config VBOOT_ROMSTAGE_INDEX hex "Romstage component index" default 2 - depends on VBOOT2_VERIFY_FIRMWARE + depends on VBOOT_VERIFY_FIRMWARE help This is the index of the romstage component in the verified firmware block. diff --git a/src/vendorcode/google/chromeos/Makefile.inc b/src/vendorcode/google/chromeos/Makefile.inc index 873b81f24f..33cdb26674 100644 --- a/src/vendorcode/google/chromeos/Makefile.inc +++ b/src/vendorcode/google/chromeos/Makefile.inc @@ -54,5 +54,5 @@ CFLAGS_common += -DMOCK_TPM=0 endif VB_SOURCE := vboot_reference -subdirs-$(CONFIG_VBOOT2_VERIFY_FIRMWARE) += vboot2 +subdirs-$(CONFIG_VBOOT_VERIFY_FIRMWARE) += vboot2 CPPFLAGS_common += -I$(VB_SOURCE)/firmware/include diff --git a/src/vendorcode/google/chromeos/chromeos.h b/src/vendorcode/google/chromeos/chromeos.h index 78be422b08..3e427b91a1 100644 --- a/src/vendorcode/google/chromeos/chromeos.h +++ b/src/vendorcode/google/chromeos/chromeos.h @@ -62,18 +62,18 @@ static inline int vboot_skip_display_init(void) { return 0; } struct romstage_handoff; -#if CONFIG_VBOOT_VERIFY_FIRMWARE || CONFIG_VBOOT2_VERIFY_FIRMWARE +#if CONFIG_VBOOT_VERIFY_FIRMWARE /* Returns 0 on success < 0 on error. */ int vboot_get_handoff_info(void **addr, uint32_t *size); void *vboot_get_payload(int *len); -#else /* CONFIG_VBOOT_VERIFY_FIRMWARE || CONFIG_VBOOT2_VERIFY_FIRMWARE */ +#else /* CONFIG_VBOOT_VERIFY_FIRMWARE */ static inline void vboot_verify_firmware(struct romstage_handoff *h) {} static inline void *vboot_get_payload(int *len) { return NULL; } static inline int vboot_get_handoff_info(void **addr, uint32_t *size) { return -1; } -#endif /* CONFIG_VBOOT_VERIFY_FIRMWARE || CONFIG_VBOOT2_VERIFY_FIRMWARE */ +#endif /* CONFIG_VBOOT_VERIFY_FIRMWARE */ int vboot_get_sw_write_protect(void); diff --git a/src/vendorcode/google/chromeos/vbnv_flash.c b/src/vendorcode/google/chromeos/vbnv_flash.c index 97a2a82d1b..4cc87b65ab 100644 --- a/src/vendorcode/google/chromeos/vbnv_flash.c +++ b/src/vendorcode/google/chromeos/vbnv_flash.c @@ -29,13 +29,7 @@ #include "chromeos.h" #include "vbnv_layout.h" -#if IS_ENABLED(CONFIG_VBOOT_VERIFY_FIRMWARE) -#define BLOB_SIZE VBNV_BLOCK_SIZE -#elif IS_ENABLED(CONFIG_VBOOT2_VERIFY_FIRMWARE) #define BLOB_SIZE VB2_NVDATA_SIZE -#else -#error unable to determine BLOB_SIZE -#endif /* FMAP descriptor of the NVRAM area */ static struct vboot_region nvram_region; diff --git a/src/vendorcode/google/chromeos/vboot2/Kconfig b/src/vendorcode/google/chromeos/vboot2/Kconfig index 059100621d..b27b5b76f4 100644 --- a/src/vendorcode/google/chromeos/vboot2/Kconfig +++ b/src/vendorcode/google/chromeos/vboot2/Kconfig @@ -16,19 +16,10 @@ ## Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA ## -config VBOOT2_VERIFY_FIRMWARE - bool "Firmware Verification with vboot2" - default y if VBOOT_VERIFY_FIRMARE - depends on CHROMEOS && HAVE_HARD_RESET - select COLLECT_TIMESTAMPS - help - Enabling VBOOT2_VERIFY_FIRMWARE will use vboot2 to verify the romstage - and boot loader. - config VBOOT2_MOCK_SECDATA bool "Mock secdata for firmware verification" default n - depends on VBOOT2_VERIFY_FIRMWARE + depends on VBOOT_VERIFY_FIRMWARE help Enabling VBOOT2_MOCK_SECDATA will mock secdata for the firmware verification to avoid access to a secdata storage (typically TPM). @@ -39,7 +30,7 @@ config VBOOT2_MOCK_SECDATA config RETURN_FROM_VERSTAGE bool "return from verstage" default n - depends on VBOOT2_VERIFY_FIRMWARE + depends on VBOOT_VERIFY_FIRMWARE help If this is set, the verstage returns back to the bootblock instead of exits to the romstage so that the verstage space can be reused by the @@ -49,7 +40,7 @@ config RETURN_FROM_VERSTAGE config VBOOT_DISABLE_DEV_ON_RECOVERY bool "Disable dev mode on recovery requests" default n - depends on VBOOT2_VERIFY_FIRMWARE + depends on VBOOT_VERIFY_FIRMWARE help When this option is enabled, the Chrome OS device leaves the developer mode as soon as recovery request is detected. This is @@ -58,9 +49,9 @@ config VBOOT_DISABLE_DEV_ON_RECOVERY config VERSTAGE_IN_BOOTBLOCK bool default n - depends on VBOOT2_VERIFY_FIRMWARE + depends on VBOOT_VERIFY_FIRMWARE config SEPARATE_VERSTAGE bool default !VERSTAGE_IN_BOOTBLOCK - depends on VBOOT2_VERIFY_FIRMWARE + depends on VBOOT_VERIFY_FIRMWARE diff --git a/src/vendorcode/google/chromeos/vboot_helper.c b/src/vendorcode/google/chromeos/vboot_helper.c index 4fb3338b00..be1f296ff7 100644 --- a/src/vendorcode/google/chromeos/vboot_helper.c +++ b/src/vendorcode/google/chromeos/vboot_helper.c @@ -105,12 +105,6 @@ int __attribute((weak)) vboot_get_sw_write_protect(void) return 0; } -#if CONFIG_VBOOT2_VERIFY_FIRMWARE - -void *vboot_get_payload(int *len) { return NULL; } - -#else /* CONFIG_VBOOT2_VERIFY_FIRMWARE */ - static void *vboot_get_payload(size_t *len) { struct vboot_handoff *vboot_handoff; @@ -137,7 +131,6 @@ static void *vboot_get_payload(size_t *len) return (void *)fwc->address; } -#endif static int vboot_locate_payload(struct payload *payload) { |