From 0325dc6f7cbdad4fd29315bfcb7f4e54fb678f3e Mon Sep 17 00:00:00 2001 From: Furquan Shaikh Date: Mon, 25 Jul 2016 13:02:36 -0700 Subject: bootmode: Get rid of CONFIG_BOOTMODE_STRAPS With VBOOT_VERIFY_FIRMWARE separated from CHROMEOS, move recovery and developer mode check functions to vboot. Thus, get rid of the BOOTMODE_STRAPS option which controlled these functions under src/lib. BUG=chrome-os-partner:55639 Change-Id: Ia2571026ce8976856add01095cc6be415d2be22e Signed-off-by: Furquan Shaikh Reviewed-on: https://review.coreboot.org/15868 Tested-by: build bot (Jenkins) Reviewed-by: Aaron Durbin --- src/vboot/Makefile.inc | 16 +++-- src/vboot/bootmode.c | 177 +++++++++++++++++++++++++++++++++++++++++++++++ src/vboot/recovery.c | 152 ---------------------------------------- src/vboot/vboot_common.h | 4 ++ 4 files changed, 191 insertions(+), 158 deletions(-) create mode 100644 src/vboot/bootmode.c delete mode 100644 src/vboot/recovery.c (limited to 'src/vboot') diff --git a/src/vboot/Makefile.inc b/src/vboot/Makefile.inc index c43af72d04..82b4ac2e9e 100644 --- a/src/vboot/Makefile.inc +++ b/src/vboot/Makefile.inc @@ -13,6 +13,14 @@ ## GNU General Public License for more details. ## +bootblock-y += bootmode.c +romstage-y += bootmode.c +ramstage-y += bootmode.c +verstage-y += bootmode.c +postcar-y += bootmode.c + +ifeq ($(CONFIG_VBOOT),y) + libverstage-generic-ccopts += -D__PRE_RAM__ -D__VERSTAGE__ verstage-generic-ccopts += -D__PRE_RAM__ -D__VERSTAGE__ @@ -53,12 +61,6 @@ romstage-y += vboot_common.c ramstage-y += vboot_common.c postcar-y += vboot_common.c -bootblock-y += recovery.c -romstage-y += recovery.c -ramstage-y += recovery.c -verstage-y += recovery.c -postcar-y += recovery.c - bootblock-y += common.c libverstage-y += vboot_logic.c verstage-y += common.c @@ -141,3 +143,5 @@ regions-for-file = $(subst $(spc),$(comma),$(sort \ font.bin \ vbgfx.bin \ ,$(1)),COREBOOT,COREBOOT FW_MAIN_A FW_MAIN_B))) + +endif # CONFIG_VBOOT diff --git a/src/vboot/bootmode.c b/src/vboot/bootmode.c new file mode 100644 index 0000000000..12a4dc0c8d --- /dev/null +++ b/src/vboot/bootmode.c @@ -0,0 +1,177 @@ +/* + * This file is part of the coreboot project. + * + * Copyright 2016 Google Inc. + * + * This program is free software; you can redistribute it and/or modify + * it under the terms of the GNU General Public License as published by + * the Free Software Foundation; version 2 of the License. + * + * This program is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU General Public License for more details. + */ + +#include +#include +#include +#include +#include +#include +#include +#include +#include + +static int vb2_get_recovery_reason_shared_data(void) +{ + /* Shared data does not exist for Ramstage and Post-CAR stage. */ + if (ENV_RAMSTAGE || ENV_POSTCAR) + return 0; + + struct vb2_shared_data *sd = vb2_get_shared_data(); + assert(sd); + return sd->recovery_reason; +} + +void vb2_save_recovery_reason_vbnv(void) +{ + if (!IS_ENABLED(CONFIG_VBOOT_SAVE_RECOVERY_REASON_ON_REBOOT)) + return; + + int reason = vb2_get_recovery_reason_shared_data(); + if (!reason) + return; + + set_recovery_mode_into_vbnv(reason); +} + +static void vb2_clear_recovery_reason_vbnv(void *unused) +{ + if (!IS_ENABLED(CONFIG_VBOOT_SAVE_RECOVERY_REASON_ON_REBOOT)) + return; + + set_recovery_mode_into_vbnv(0); +} + +/* + * Recovery reason stored in VBNV needs to be cleared before the state of VBNV + * is backed-up anywhere or jumping to the payload (whichever occurs + * first). Currently, vbnv_cmos.c backs up VBNV on POST_DEVICE. Thus, we need to + * make sure that the stored recovery reason is cleared off before that + * happens. + * IMPORTANT: Any reboot occurring after BS_DEV_INIT state will cause loss of + * recovery reason on reboot. Until now, we have seen reboots occuring on x86 + * only in FSP stages which run before BS_DEV_INIT. + */ +BOOT_STATE_INIT_ENTRY(BS_DEV_INIT, BS_ON_EXIT, + vb2_clear_recovery_reason_vbnv, NULL); + +/* + * Returns 0 for the stages where we know that cbmem does not come online. + * Even if this function returns 1 for romstage, depending upon the point in + * bootup, cbmem might not actually be online. + */ +static int cbmem_possibly_online(void) +{ + if (ENV_BOOTBLOCK) + return 0; + + if (ENV_VERSTAGE && IS_ENABLED(CONFIG_VBOOT_STARTS_IN_BOOTBLOCK)) + return 0; + + return 1; +} + +/* + * Returns 1 if vboot is being used and currently in a stage which might have + * already executed vboot verification. + */ +static int vboot_possibly_executed(void) +{ + if (!IS_ENABLED(CONFIG_VBOOT)) + return 0; + + if (IS_ENABLED(CONFIG_VBOOT_STARTS_IN_BOOTBLOCK)) { + if (ENV_BOOTBLOCK && IS_ENABLED(CONFIG_SEPARATE_VERSTAGE)) + return 0; + return 1; + } + + if (IS_ENABLED(CONFIG_VBOOT_STARTS_IN_ROMSTAGE)) { + if (ENV_BOOTBLOCK) + return 0; + return 1; + } + + return 0; +} + +/* + * vb2_check_recovery_request looks up different components to identify if there + * is a recovery request and returns appropriate reason code: + * 1. Checks if recovery mode is initiated by EC. If yes, returns + * VB2_RECOVERY_RO_MANUAL. + * 2. Checks if recovery request is present in VBNV and returns the code read + * from it. + * 3. Checks recovery request in handoff for stages post-cbmem. + * 4. For non-CBMEM stages, check if vboot verification is done and look-up + * selected region to identify if vboot_refence library has requested recovery + * path. If yes, return the reason code from shared data. + * 5. If nothing applies, return 0 indicating no recovery request. + */ +int vboot_check_recovery_request(void) +{ + int reason = 0; + + /* EC-initiated recovery. */ + if (get_recovery_mode_switch()) + return VB2_RECOVERY_RO_MANUAL; + + /* Recovery request in VBNV. */ + if ((reason = get_recovery_mode_from_vbnv()) != 0) + return reason; + + /* + * Check recovery flag in vboot_handoff for stages post CBMEM coming + * online. Since for some stages there is no way to know if cbmem has + * already come online, try looking up handoff anyways. If it fails, + * flow will fallback to looking up shared data. + */ + if (cbmem_possibly_online() && + ((reason = vboot_handoff_get_recovery_reason()) != 0)) + return reason; + + /* + * For stages where CBMEM might not be online, identify if vboot + * verification is already complete and no slot was selected + * i.e. recovery path was requested. + */ + if (vboot_possibly_executed() && vb2_logic_executed() && + !vb2_is_slot_selected()) + return vb2_get_recovery_reason_shared_data(); + + return 0; +} + +int vboot_recovery_mode_enabled(void) +{ + if (!IS_ENABLED(CONFIG_VBOOT)) + return 0; + + return !!vboot_check_recovery_request(); +} + +int vboot_developer_mode_enabled(void) +{ + if (!IS_ENABLED(CONFIG_VBOOT)) + return 0; + + if (get_developer_mode_switch()) + return 1; + + if (cbmem_possibly_online() && vboot_handoff_check_developer_flag()) + return 1; + + return 0; +} diff --git a/src/vboot/recovery.c b/src/vboot/recovery.c deleted file mode 100644 index 6e6eb0e159..0000000000 --- a/src/vboot/recovery.c +++ /dev/null @@ -1,152 +0,0 @@ -/* - * This file is part of the coreboot project. - * - * Copyright 2016 Google Inc. - * - * This program is free software; you can redistribute it and/or modify - * it under the terms of the GNU General Public License as published by - * the Free Software Foundation; version 2 of the License. - * - * This program is distributed in the hope that it will be useful, - * but WITHOUT ANY WARRANTY; without even the implied warranty of - * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the - * GNU General Public License for more details. - */ - -#include -#include -#include -#include -#include -#include -#include -#include -#include - -static int vb2_get_recovery_reason_shared_data(void) -{ - /* Shared data does not exist for Ramstage and Post-CAR stage. */ - if (ENV_RAMSTAGE || ENV_POSTCAR) - return 0; - - struct vb2_shared_data *sd = vb2_get_shared_data(); - assert(sd); - return sd->recovery_reason; -} - -void vb2_save_recovery_reason_vbnv(void) -{ - if (!IS_ENABLED(CONFIG_VBOOT_SAVE_RECOVERY_REASON_ON_REBOOT)) - return; - - int reason = vb2_get_recovery_reason_shared_data(); - if (!reason) - return; - - set_recovery_mode_into_vbnv(reason); -} - -static void vb2_clear_recovery_reason_vbnv(void *unused) -{ - if (!IS_ENABLED(CONFIG_VBOOT_SAVE_RECOVERY_REASON_ON_REBOOT)) - return; - - set_recovery_mode_into_vbnv(0); -} - -/* - * Recovery reason stored in VBNV needs to be cleared before the state of VBNV - * is backed-up anywhere or jumping to the payload (whichever occurs - * first). Currently, vbnv_cmos.c backs up VBNV on POST_DEVICE. Thus, we need to - * make sure that the stored recovery reason is cleared off before that - * happens. - * IMPORTANT: Any reboot occurring after BS_DEV_INIT state will cause loss of - * recovery reason on reboot. Until now, we have seen reboots occuring on x86 - * only in FSP stages which run before BS_DEV_INIT. - */ -BOOT_STATE_INIT_ENTRY(BS_DEV_INIT, BS_ON_EXIT, - vb2_clear_recovery_reason_vbnv, NULL); - -/* - * Returns 0 for the stages where we know that cbmem does not come online. - * Even if this function returns 1 for romstage, depending upon the point in - * bootup, cbmem might not actually be online. - */ -static int cbmem_possibly_online(void) -{ - if (ENV_BOOTBLOCK) - return 0; - - if (ENV_VERSTAGE && IS_ENABLED(CONFIG_VBOOT_STARTS_IN_BOOTBLOCK)) - return 0; - - return 1; -} - -/* - * Returns 1 if vboot is being used and currently in a stage which might have - * already executed vboot verification. - */ -static int vboot_possibly_executed(void) -{ - if (IS_ENABLED(CONFIG_VBOOT_STARTS_IN_BOOTBLOCK)) { - if (ENV_BOOTBLOCK && IS_ENABLED(CONFIG_SEPARATE_VERSTAGE)) - return 0; - return 1; - } - - if (IS_ENABLED(CONFIG_VBOOT_STARTS_IN_ROMSTAGE)) { - if (ENV_BOOTBLOCK) - return 0; - return 1; - } - - return 0; -} - -/* - * vb2_check_recovery_request looks up different components to identify if there - * is a recovery request and returns appropriate reason code: - * 1. Checks if recovery mode is initiated by EC. If yes, returns - * VB2_RECOVERY_RO_MANUAL. - * 2. Checks if recovery request is present in VBNV and returns the code read - * from it. - * 3. Checks recovery request in handoff for stages post-cbmem. - * 4. For non-CBMEM stages, check if vboot verification is done and look-up - * selected region to identify if vboot_refence library has requested recovery - * path. If yes, return the reason code from shared data. - * 5. If nothing applies, return 0 indicating no recovery request. - */ -int vboot_check_recovery_request(void) -{ - int reason = 0; - - /* EC-initiated recovery. */ - if (get_recovery_mode_switch()) - return VB2_RECOVERY_RO_MANUAL; - - /* Recovery request in VBNV. */ - if ((reason = get_recovery_mode_from_vbnv()) != 0) - return reason; - - /* - * Check recovery flag in vboot_handoff for stages post CBMEM coming - * online. Since for some stages there is no way to know if cbmem has - * already come online, try looking up handoff anyways. If it fails, - * flow will fallback to looking up shared data. - */ - if (cbmem_possibly_online() && - ((reason = vboot_handoff_get_recovery_reason()) != 0)) - return reason; - - /* - * For stages where CBMEM might not be online, identify if vboot - * verification is already complete and no slot was selected - * i.e. recovery path was requested. - */ - if (vboot_possibly_executed() && vb2_logic_executed() && - !vb2_is_slot_selected()) - return vb2_get_recovery_reason_shared_data(); - - return 0; -} diff --git a/src/vboot/vboot_common.h b/src/vboot/vboot_common.h index 684a66b2e2..d64b5bb007 100644 --- a/src/vboot/vboot_common.h +++ b/src/vboot/vboot_common.h @@ -101,4 +101,8 @@ void verstage_main(void); void verstage(void); void verstage_mainboard_init(void); +/* Check boot modes */ +int vboot_developer_mode_enabled(void); +int vboot_recovery_mode_enabled(void); + #endif /* __VBOOT_VBOOT_COMMON_H__ */ -- cgit v1.2.3