From 642508aa9c44daaad6963df76630d0271cf0930e Mon Sep 17 00:00:00 2001 From: Hsuan-ting Chen Date: Wed, 27 Oct 2021 10:59:41 +0000 Subject: Reland "vboot_logic: Set VB2_CONTEXT_EC_TRUSTED in verstage_main" This reverts commit adb393bdd6cd6734fa2672bd174aca4588a68016. This relands commit 6260bf712a836762b18d80082505e981e040f4bc. Reason for revert: The original CL did not handle some devices correctly. With the fixes: * commit 36721a4 (mb/google/brya: Add GPIO_IN_RW to all variants' early GPIO tables) * commit 3bfe46c (mb/google/guybrush: Add GPIO EC in RW to early GPIO tables) * commit 3a30cf9 (mb/google/guybrush: Build chromeos.c in verstage This CL also fix the following platforms: * Change to always trusted: cyan. * Add to early GPIO table: dedede, eve, fizz, glados, hatch, octopus, poppy, reef, volteer. * Add to both Makefile and early GPIO table: zork. For mb/intel: * adlrvp: Add support for get_ec_is_trusted(). * glkrvp: Add support for get_ec_is_trusted() with always trusted. * kblrvp: Add support for get_ec_is_trusted() with always trusted. * kunimitsu: Add support for get_ec_is_trusted() and initialize it as early GPIO. * shadowmountain: Add support for get_ec_is_trusted() and initialize it as early GPIO. * tglrvp: Add support for get_ec_is_trusted() with always trusted. For qemu-q35: Add support for get_ec_is_trusted() with always trusted. We could attempt another land. Change-Id: I66b8b99d6e6bf259b18573f9f6010f9254357bf9 Signed-off-by: Hsuan Ting Chen Reviewed-on: https://review.coreboot.org/c/coreboot/+/58253 Tested-by: build bot (Jenkins) Reviewed-by: Karthik Ramasubramanian Reviewed-by: Tim Wawrzynczak Reviewed-by: Yu-Ping Wu --- src/security/vboot/bootmode.c | 10 ++++++++++ src/security/vboot/vboot_logic.c | 3 +++ 2 files changed, 13 insertions(+) (limited to 'src/security') diff --git a/src/security/vboot/bootmode.c b/src/security/vboot/bootmode.c index 6c051093ea..3c50e4ef83 100644 --- a/src/security/vboot/bootmode.c +++ b/src/security/vboot/bootmode.c @@ -57,6 +57,16 @@ int __weak get_recovery_mode_retrain_switch(void) return 0; } +int __weak get_ec_is_trusted(void) +{ + /* + * If board doesn't override this, by default we always assume EC is in + * RW and untrusted. However, newer platforms are supposed to use cr50 + * BOOT_MODE to report this and won't need to override this anymore. + */ + return 0; +} + #if CONFIG(VBOOT_NO_BOARD_SUPPORT) /** * TODO: Create flash protection interface which implements get_write_protect_state. diff --git a/src/security/vboot/vboot_logic.c b/src/security/vboot/vboot_logic.c index 2973934b99..91d42b2c7f 100644 --- a/src/security/vboot/vboot_logic.c +++ b/src/security/vboot/vboot_logic.c @@ -306,6 +306,9 @@ void verstage_main(void) if (CONFIG(TPM_CR50)) check_boot_mode(ctx); + if (get_ec_is_trusted()) + ctx->flags |= VB2_CONTEXT_EC_TRUSTED; + /* Do early init (set up secdata and NVRAM, load GBB) */ printk(BIOS_INFO, "Phase 1\n"); rv = vb2api_fw_phase1(ctx); -- cgit v1.2.3