From 73d042bd90bc8877f9bfd8b846578fe3e12444c3 Mon Sep 17 00:00:00 2001 From: Julius Werner Date: Fri, 17 Mar 2017 16:54:48 -0700 Subject: vboot: Disallow separate verstage after romstage, try to clarify logic No board has ever tried to combine CONFIG_SEPARATE_VERSTAGE with CONFIG_VBOOT_STARTS_IN_ROMSTAGE. There are probably many reasons why this wouldn't work (e.g. x86 CAR migration logic currently always assumes verstage code to run pre-migration). It would also not really make sense: the reason we use separate verstages is to decrease bootblock size (mitigating the boot speed cost of slow boot ROM SPI drivers) and to allow the SRAM-saving RETURN_FROM_VERSTAGE trick, neither of which would apply to the after-romstage case. It is better to just forbid that case explicitly and give programmers more guarantees about what the verstage is (e.g. now the assumption that it runs pre-RAM is always valid). Since Kconfig dependencies aren't always guaranteed in the face of 'select' statements, also add some explicit compile-time assertions to the vboot code. We can simplify some of the loader logic which now no longer needs to provide for the forbidden case. In addition, also try to make some of the loader logic more readable by writing it in a more functional style that allows us to put more assertions about which cases should be unreachable in there, which will hopefully make it more robust and fail-fast with future changes (e.g. addition of new stages). Change-Id: Iaf60040af4eff711d9b80ee0e5950ce05958b3aa Signed-off-by: Julius Werner Reviewed-on: https://review.coreboot.org/18983 Reviewed-by: Aaron Durbin Tested-by: build bot (Jenkins) --- src/include/memlayout.h | 5 ++++- 1 file changed, 4 insertions(+), 1 deletion(-) (limited to 'src/include') diff --git a/src/include/memlayout.h b/src/include/memlayout.h index a68b21f4d6..b39a8955c9 100644 --- a/src/include/memlayout.h +++ b/src/include/memlayout.h @@ -153,7 +153,10 @@ STR(Verstage exceeded its allotted size! (sz))); \ INCLUDE "verstage/lib/program.ld" - #define OVERLAP_VERSTAGE_ROMSTAGE(addr, size) VERSTAGE(addr, size) + #define OVERLAP_VERSTAGE_ROMSTAGE(addr, size) \ + _ = ASSERT(IS_ENABLED(CONFIG_RETURN_FROM_VERSTAGE) == 1, \ + "Must set RETURN_FROM_VERSTAGE to overlap romstage."); \ + VERSTAGE(addr, size) #else #define VERSTAGE(addr, sz) \ REGION(verstage, addr, sz, 1) -- cgit v1.2.3