From 642508aa9c44daaad6963df76630d0271cf0930e Mon Sep 17 00:00:00 2001
From: Hsuan-ting Chen <roccochen@google.com>
Date: Wed, 27 Oct 2021 10:59:41 +0000
Subject: Reland "vboot_logic: Set VB2_CONTEXT_EC_TRUSTED in verstage_main"

This reverts commit adb393bdd6cd6734fa2672bd174aca4588a68016.
This relands commit 6260bf712a836762b18d80082505e981e040f4bc.

Reason for revert:
The original CL did not handle some devices correctly.
With the fixes:
* commit 36721a4 (mb/google/brya: Add GPIO_IN_RW to all variants'
early GPIO tables)
* commit 3bfe46c (mb/google/guybrush: Add GPIO EC in RW to early
GPIO tables)
* commit 3a30cf9 (mb/google/guybrush: Build chromeos.c in verstage

This CL also fix the following platforms:
* Change to always trusted: cyan.
* Add to early GPIO table: dedede, eve, fizz, glados, hatch, octopus,
			   poppy, reef, volteer.
* Add to both Makefile and early GPIO table: zork.

For mb/intel:
* adlrvp: Add support for get_ec_is_trusted().
* glkrvp: Add support for get_ec_is_trusted() with always trusted.
* kblrvp: Add support for get_ec_is_trusted() with always trusted.
* kunimitsu: Add support for get_ec_is_trusted() and initialize it as
	     early GPIO.
* shadowmountain: Add support for get_ec_is_trusted() and initialize
	     it as early GPIO.
* tglrvp: Add support for get_ec_is_trusted() with always trusted.

For qemu-q35: Add support for get_ec_is_trusted() with always trusted.

We could attempt another land.

Change-Id: I66b8b99d6e6bf259b18573f9f6010f9254357bf9
Signed-off-by: Hsuan Ting Chen <roccochen@chromium.org>
Reviewed-on: https://review.coreboot.org/c/coreboot/+/58253
Tested-by: build bot (Jenkins) <no-reply@coreboot.org>
Reviewed-by: Karthik Ramasubramanian <kramasub@google.com>
Reviewed-by: Tim Wawrzynczak <twawrzynczak@chromium.org>
Reviewed-by: Yu-Ping Wu <yupingso@google.com>
---
 src/mainboard/intel/adlrvp/chromeos.c                             | 8 ++++++++
 src/mainboard/intel/glkrvp/chromeos.c                             | 7 +++++++
 src/mainboard/intel/kblrvp/chromeos.c                             | 7 +++++++
 src/mainboard/intel/kunimitsu/chromeos.c                          | 6 ++++++
 src/mainboard/intel/kunimitsu/gpio.h                              | 1 +
 src/mainboard/intel/shadowmountain/chromeos.c                     | 6 ++++++
 .../intel/shadowmountain/variants/baseboard/early_gpio.c          | 2 ++
 src/mainboard/intel/tglrvp/chromeos.c                             | 7 +++++++
 8 files changed, 44 insertions(+)

(limited to 'src/mainboard/intel')

diff --git a/src/mainboard/intel/adlrvp/chromeos.c b/src/mainboard/intel/adlrvp/chromeos.c
index 5fe89af99c..fce365d37f 100644
--- a/src/mainboard/intel/adlrvp/chromeos.c
+++ b/src/mainboard/intel/adlrvp/chromeos.c
@@ -49,3 +49,11 @@ void mainboard_chromeos_acpi_generate(void)
 	gpios = variant_cros_gpios(&num);
 	chromeos_acpi_gpio_generate(gpios, num);
 }
+
+#if (CONFIG(BOARD_INTEL_ADLRVP_P_EXT_EC) || CONFIG(BOARD_INTEL_ADLRVP_M_EXT_EC))
+int get_ec_is_trusted(void)
+{
+	/* EC is trusted if not in RW. */
+	return !gpio_get(GPIO_EC_IN_RW);
+}
+#endif
diff --git a/src/mainboard/intel/glkrvp/chromeos.c b/src/mainboard/intel/glkrvp/chromeos.c
index dfdb66da84..7a14c86bd2 100644
--- a/src/mainboard/intel/glkrvp/chromeos.c
+++ b/src/mainboard/intel/glkrvp/chromeos.c
@@ -39,3 +39,10 @@ int __weak get_lid_switch(void)
 {
 	return -1;
 }
+
+int get_ec_is_trusted(void)
+{
+	/* Do not have a Chrome EC involved in entering recovery mode;
+	   Always return trusted. */
+	return 1;
+}
diff --git a/src/mainboard/intel/kblrvp/chromeos.c b/src/mainboard/intel/kblrvp/chromeos.c
index 902cb194fd..afc27cd6d5 100644
--- a/src/mainboard/intel/kblrvp/chromeos.c
+++ b/src/mainboard/intel/kblrvp/chromeos.c
@@ -64,3 +64,10 @@ void mainboard_chromeos_acpi_generate(void)
 {
 	chromeos_acpi_gpio_generate(cros_gpios, ARRAY_SIZE(cros_gpios));
 }
+
+int get_ec_is_trusted(void)
+{
+	/* Do not have a Chrome EC involved in entering recovery mode;
+	   Always return trusted. */
+	return 1;
+}
diff --git a/src/mainboard/intel/kunimitsu/chromeos.c b/src/mainboard/intel/kunimitsu/chromeos.c
index 09e9b7e44f..87a0e01b41 100644
--- a/src/mainboard/intel/kunimitsu/chromeos.c
+++ b/src/mainboard/intel/kunimitsu/chromeos.c
@@ -35,3 +35,9 @@ void mainboard_chromeos_acpi_generate(void)
 {
 	chromeos_acpi_gpio_generate(cros_gpios, ARRAY_SIZE(cros_gpios));
 }
+
+int get_ec_is_trusted(void)
+{
+	/* EC is trusted if not in RW. */
+	return !gpio_get(GPIO_EC_IN_RW);
+}
diff --git a/src/mainboard/intel/kunimitsu/gpio.h b/src/mainboard/intel/kunimitsu/gpio.h
index 2cd0196137..439bd8992b 100644
--- a/src/mainboard/intel/kunimitsu/gpio.h
+++ b/src/mainboard/intel/kunimitsu/gpio.h
@@ -222,6 +222,7 @@ static const struct pad_config early_gpio_table[] = {
 /* SRCCLKREQ2# */	PAD_CFG_NF(GPP_B7, NONE, DEEP, NF1), /* KEPLER */
 /* SPI_WP_STATUS */	PAD_CFG_GPI_GPIO_DRIVER(GPP_C23, UP_20K, DEEP),
 /* UART0_CTS# */	PAD_CFG_GPO(GPP_C11, 0, DEEP), /* EN_PP3300_KEPLER */
+/* EC_IN_RW */		PAD_CFG_GPI_GPIO_DRIVER(GPP_C6, NONE, DEEP),
 };
 
 #endif
diff --git a/src/mainboard/intel/shadowmountain/chromeos.c b/src/mainboard/intel/shadowmountain/chromeos.c
index e71314ffe0..0858754436 100644
--- a/src/mainboard/intel/shadowmountain/chromeos.c
+++ b/src/mainboard/intel/shadowmountain/chromeos.c
@@ -34,3 +34,9 @@ void mainboard_chromeos_acpi_generate(void)
 	gpios = variant_cros_gpios(&num);
 	chromeos_acpi_gpio_generate(gpios, num);
 }
+
+int get_ec_is_trusted(void)
+{
+	/* EC is trusted if not in RW. */
+	return !gpio_get(GPIO_EC_IN_RW);
+}
diff --git a/src/mainboard/intel/shadowmountain/variants/baseboard/early_gpio.c b/src/mainboard/intel/shadowmountain/variants/baseboard/early_gpio.c
index 80a42646fc..6a74468c2f 100644
--- a/src/mainboard/intel/shadowmountain/variants/baseboard/early_gpio.c
+++ b/src/mainboard/intel/shadowmountain/variants/baseboard/early_gpio.c
@@ -13,6 +13,8 @@ static const struct pad_config early_gpio_table[] = {
 	PAD_CFG_NF(GPP_H11, NONE, DEEP, NF2),
 	/* A7 : MEM_STRAP_0 */
 	PAD_CFG_GPI(GPP_A7, NONE, DEEP),
+	/* A8 : EC_IN_RW_OD */
+	PAD_CFG_GPI(GPP_A8, NONE, DEEP),
 	/* A17 : MEM_CH_SEL */
 	PAD_CFG_GPI(GPP_A17, NONE, DEEP),
 	/* A19 : MEM_STRAP_2 */
diff --git a/src/mainboard/intel/tglrvp/chromeos.c b/src/mainboard/intel/tglrvp/chromeos.c
index 4eeb679ac9..dd6c666794 100644
--- a/src/mainboard/intel/tglrvp/chromeos.c
+++ b/src/mainboard/intel/tglrvp/chromeos.c
@@ -47,3 +47,10 @@ void mainboard_chromeos_acpi_generate(void)
 	gpios = variant_cros_gpios(&num);
 	chromeos_acpi_gpio_generate(gpios, num);
 }
+
+int get_ec_is_trusted(void)
+{
+	/* Do not have a Chrome EC involved in entering recovery mode;
+	   Always return trusted. */
+	return 1;
+}
-- 
cgit v1.2.3