From 57e37287f45cc4911accbea21cc9a9ac0f0adde7 Mon Sep 17 00:00:00 2001 From: Aaron Durbin Date: Tue, 28 Apr 2015 16:17:25 -0500 Subject: vboot: add and rejuggle Kconfig options The ChromeOS machines employing vboot verfication require different combinations of support: 1. When vboot verification starts. 2. Is the vboot code a separate stage or program? 3. If a separate stage, does the that vboot program (verstage) return to the stage that loaded the verstage? For the above, #1 is dependent on when to load/run vboot logic which is orthogonal to #2. However, #3 is dependent on #2. The logic to act on the combinations follows in subsequent patches. Change-Id: I39ef7a7c2858e7de43aa99c38121e85a57f1f2f6 Signed-off-by: Aaron Durbin Reviewed-on: http://review.coreboot.org/10024 Tested-by: build bot (Jenkins) Reviewed-by: Patrick Georgi --- src/vendorcode/google/chromeos/vboot2/Kconfig | 37 ++++++++++++++-------- src/vendorcode/google/chromeos/vboot2/Makefile.inc | 4 +++ 2 files changed, 27 insertions(+), 14 deletions(-) (limited to 'src/vendorcode/google/chromeos') diff --git a/src/vendorcode/google/chromeos/vboot2/Kconfig b/src/vendorcode/google/chromeos/vboot2/Kconfig index 3b5c594237..8396113deb 100644 --- a/src/vendorcode/google/chromeos/vboot2/Kconfig +++ b/src/vendorcode/google/chromeos/vboot2/Kconfig @@ -16,6 +16,20 @@ ## Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA ## +config VBOOT_STARTS_IN_BOOTBLOCK + bool + default n + depends on VBOOT_VERIFY_FIRMWARE + help + Firmware verification happens during or at the end of bootblock. + +config VBOOT_STARTS_IN_ROMSTAGE + bool + default n + depends on VBOOT_VERIFY_FIRMWARE && !VBOOT_STARTS_IN_BOOTBLOCK + help + Firmware verification happens during or at the end of romstage. + config VBOOT2_MOCK_SECDATA bool "Mock secdata for firmware verification" default n @@ -27,16 +41,6 @@ config VBOOT2_MOCK_SECDATA can be used during development when a TPM is not present or broken. THIS SHOULD NOT BE LEFT ON FOR PRODUCTION DEVICES. -config RETURN_FROM_VERSTAGE - bool "return from verstage" - default n - depends on VBOOT_VERIFY_FIRMWARE - help - If this is set, the verstage returns back to the bootblock instead of - exits to the romstage so that the verstage space can be reused by the - romstage. Useful if a ram space is too small to fit both the verstage - and the romstage. - config VBOOT_DISABLE_DEV_ON_RECOVERY bool "Disable dev mode on recovery requests" default n @@ -46,15 +50,20 @@ config VBOOT_DISABLE_DEV_ON_RECOVERY developer mode as soon as recovery request is detected. This is handy on embedded devices with limited input capabilities. -config VERSTAGE_IN_BOOTBLOCK +config SEPARATE_VERSTAGE bool default n depends on VBOOT_VERIFY_FIRMWARE -config SEPARATE_VERSTAGE +config RETURN_FROM_VERSTAGE bool - default !VERSTAGE_IN_BOOTBLOCK - depends on VBOOT_VERIFY_FIRMWARE + default n + depends on SEPARATE_VERSTAGE + help + If this is set, the verstage returns back to the calling stage instead + of exiting to the succeeding stage so that the verstage space can be + reused by the succeeding stage. This is useful if a ram space is too + small to fit both the verstage and the succeeding stage. # These VBOOT_X_INDEX are the position of X in FW_MAIN_A/B region. The index # table is created by cros_bundle_firmware at build time based on the positions diff --git a/src/vendorcode/google/chromeos/vboot2/Makefile.inc b/src/vendorcode/google/chromeos/vboot2/Makefile.inc index b2d2dc1035..4c53aed56b 100644 --- a/src/vendorcode/google/chromeos/vboot2/Makefile.inc +++ b/src/vendorcode/google/chromeos/vboot2/Makefile.inc @@ -63,5 +63,9 @@ fallback/verstage-file = $(objcbfs)/verstage.elf fallback/verstage-type = stage fallback/verstage-compression = none else +ifeq ($(VBOOT_STARTS_IN_BOOTBLOCK),y) bootblock-srcs += $(objgenerated)/libverstage.a +else +romstage-srcs += $(objgenerated)/libverstage.a endif +endif # CONFIG_SEPARATE_VERSTAGE -- cgit v1.2.3