<p>Philipp Deppenwiese has uploaded this change for <strong>review</strong>.</p><p><a href="https://review.coreboot.org/27714">View Change</a></p><pre style="font-family: monospace,monospace; white-space: pre-wrap;">security/vboot: Add failure safety configurations<br><br>* Make an user interface and board configuration<br>through kconfig available.<br>* 3 modes are now supported:<br> + RO only<br> + RO + RW_A<br> + RO + RW_A + RW_B<br>* The default mode is always RO + RW_A + RW_B<br><br>Change-Id: I278fc060522b13048b00090b8e5261c14496f56e<br>Signed-off-by: Philipp Deppenwiese <zaolin@das-labor.org><br>---<br>M src/security/vboot/Kconfig<br>M src/security/vboot/Makefile.inc<br>2 files changed, 84 insertions(+), 1 deletion(-)<br><br></pre><pre style="font-family: monospace,monospace; white-space: pre-wrap;">git pull ssh://review.coreboot.org:29418/coreboot refs/changes/14/27714/1</pre><pre style="font-family: monospace,monospace; white-space: pre-wrap;"><span>diff --git a/src/security/vboot/Kconfig b/src/security/vboot/Kconfig</span><br><span>index e13101b..4467c02 100644</span><br><span>--- a/src/security/vboot/Kconfig</span><br><span>+++ b/src/security/vboot/Kconfig</span><br><span>@@ -25,6 +25,59 @@</span><br><span> </span><br><span> if VBOOT</span><br><span> </span><br><span style="color: hsl(120, 100%, 40%);">+config VBOOT_SAFETY_AB</span><br><span style="color: hsl(120, 100%, 40%);">+ bool</span><br><span style="color: hsl(120, 100%, 40%);">+ default y if MAINBOARD_HAS_VBOOT_SAFETY_AB || USER_VBOOT_SAFETY_AB</span><br><span style="color: hsl(120, 100%, 40%);">+</span><br><span style="color: hsl(120, 100%, 40%);">+config VBOOT_SAFETY_A</span><br><span style="color: hsl(120, 100%, 40%);">+ bool</span><br><span style="color: hsl(120, 100%, 40%);">+ default y if MAINBOARD_HAS_VBOOT_SAFETY_A || USER_VBOOT_SAFETY_A</span><br><span style="color: hsl(120, 100%, 40%);">+</span><br><span style="color: hsl(120, 100%, 40%);">+config VBOOT_SAFETY_RO</span><br><span style="color: hsl(120, 100%, 40%);">+ bool</span><br><span style="color: hsl(120, 100%, 40%);">+ default y if MAINBOARD_HAS_VBOOT_SAFETY_RO || USER_VBOOT_SAFETY_RO</span><br><span style="color: hsl(120, 100%, 40%);">+</span><br><span style="color: hsl(120, 100%, 40%);">+config MAINBOARD_HAS_VBOOT_SAFETY_AB</span><br><span style="color: hsl(120, 100%, 40%);">+ bool</span><br><span style="color: hsl(120, 100%, 40%);">+</span><br><span style="color: hsl(120, 100%, 40%);">+config MAINBOARD_HAS_VBOOT_SAFETY_A</span><br><span style="color: hsl(120, 100%, 40%);">+ bool</span><br><span style="color: hsl(120, 100%, 40%);">+</span><br><span style="color: hsl(120, 100%, 40%);">+config MAINBOARD_HAS_VBOOT_SAFETY_RO</span><br><span style="color: hsl(120, 100%, 40%);">+ bool</span><br><span style="color: hsl(120, 100%, 40%);">+</span><br><span style="color: hsl(120, 100%, 40%);">+if !MAINBOARD_HAS_VBOOT_SAFETY_AB && !MAINBOARD_HAS_VBOOT_SAFETY_A && !MAINBOARD_HAS_VBOOT_SAFETY_RO</span><br><span style="color: hsl(120, 100%, 40%);">+</span><br><span style="color: hsl(120, 100%, 40%);">+choice</span><br><span style="color: hsl(120, 100%, 40%);">+</span><br><span style="color: hsl(120, 100%, 40%);">+prompt "Failure safety"</span><br><span style="color: hsl(120, 100%, 40%);">+ default USER_VBOOT_SAFETY_AB</span><br><span style="color: hsl(120, 100%, 40%);">+ help</span><br><span style="color: hsl(120, 100%, 40%);">+ Select the failure safety mode in which VBOOT should run.</span><br><span style="color: hsl(120, 100%, 40%);">+ VBOOT can have up to two recovery partitions for A & B updates</span><br><span style="color: hsl(120, 100%, 40%);">+ which also provide failure safety.</span><br><span style="color: hsl(120, 100%, 40%);">+</span><br><span style="color: hsl(120, 100%, 40%);">+config USER_VBOOT_SAFETY_AB</span><br><span style="color: hsl(120, 100%, 40%);">+ bool "Firmware RO + A & B"</span><br><span style="color: hsl(120, 100%, 40%);">+ help</span><br><span style="color: hsl(120, 100%, 40%);">+ Have two update partitions/fallbacks.</span><br><span style="color: hsl(120, 100%, 40%);">+</span><br><span style="color: hsl(120, 100%, 40%);">+config USER_VBOOT_SAFETY_A</span><br><span style="color: hsl(120, 100%, 40%);">+ bool "Firmware RO + A"</span><br><span style="color: hsl(120, 100%, 40%);">+ help</span><br><span style="color: hsl(120, 100%, 40%);">+ Have one update partition/fallback.</span><br><span style="color: hsl(120, 100%, 40%);">+</span><br><span style="color: hsl(120, 100%, 40%);">+config USER_VBOOT_SAFETY_RO</span><br><span style="color: hsl(120, 100%, 40%);">+ bool "Firmware RO only"</span><br><span style="color: hsl(120, 100%, 40%);">+ help</span><br><span style="color: hsl(120, 100%, 40%);">+ Have no update partition/fallback.</span><br><span style="color: hsl(120, 100%, 40%);">+ If the coreboot region is write protected no</span><br><span style="color: hsl(120, 100%, 40%);">+ updates are possible in this configuration.</span><br><span style="color: hsl(120, 100%, 40%);">+</span><br><span style="color: hsl(120, 100%, 40%);">+endchoice</span><br><span style="color: hsl(120, 100%, 40%);">+</span><br><span style="color: hsl(120, 100%, 40%);">+endif</span><br><span style="color: hsl(120, 100%, 40%);">+</span><br><span> config VBOOT_VBNV_CMOS</span><br><span> bool</span><br><span> default n</span><br><span>diff --git a/src/security/vboot/Makefile.inc b/src/security/vboot/Makefile.inc</span><br><span>index b542425..1e8a46f 100644</span><br><span>--- a/src/security/vboot/Makefile.inc</span><br><span>+++ b/src/security/vboot/Makefile.inc</span><br><span>@@ -142,6 +142,19 @@</span><br><span> endif</span><br><span> endif # CONFIG_VBOOT_SEPARATE_VERSTAGE</span><br><span> </span><br><span style="color: hsl(120, 100%, 40%);">+# Check safety mode</span><br><span style="color: hsl(120, 100%, 40%);">+ifeq ($(CONFIG_VBOOT_SAFETY_AB),y)</span><br><span style="color: hsl(120, 100%, 40%);">+VBOOT_PARTITIONS := COREBOOT FW_MAIN_A FW_MAIN_B</span><br><span style="color: hsl(120, 100%, 40%);">+endif</span><br><span style="color: hsl(120, 100%, 40%);">+</span><br><span style="color: hsl(120, 100%, 40%);">+ifeq ($(CONFIG_VBOOT_SAFETY_A),y)</span><br><span style="color: hsl(120, 100%, 40%);">+VBOOT_PARTITIONS := COREBOOT FW_MAIN_A</span><br><span style="color: hsl(120, 100%, 40%);">+endif</span><br><span style="color: hsl(120, 100%, 40%);">+</span><br><span style="color: hsl(120, 100%, 40%);">+ifeq ($(CONFIG_VBOOT_SAFETY_RO),y)</span><br><span style="color: hsl(120, 100%, 40%);">+VBOOT_PARTITIONS := COREBOOT</span><br><span style="color: hsl(120, 100%, 40%);">+endif</span><br><span style="color: hsl(120, 100%, 40%);">+</span><br><span> # Define a list of files that need to be in RO only.</span><br><span> # All other files will be installed into RO and RW regions</span><br><span> # Use $(sort) to cut down on extra spaces that would be translated to commas</span><br><span>@@ -159,7 +172,7 @@</span><br><span> cmos_layout.bin \</span><br><span> cmos.default \</span><br><span> $(call strip_quotes,$(CONFIG_RO_REGION_ONLY)) \</span><br><span style="color: hsl(0, 100%, 40%);">- ,$(1)),COREBOOT,COREBOOT FW_MAIN_A FW_MAIN_B)))</span><br><span style="color: hsl(120, 100%, 40%);">+ ,$(1)),COREBOOT,$(VBOOT_PARTITIONS))))</span><br><span> </span><br><span> CONFIG_GBB_HWID := $(call strip_quotes,$(CONFIG_GBB_HWID))</span><br><span> CONFIG_GBB_BMPFV_FILE := $(call strip_quotes,$(CONFIG_GBB_BMPFV_FILE))</span><br><span>@@ -230,8 +243,13 @@</span><br><span> @printf " WRITE GBB\n"</span><br><span> $(CBFSTOOL) $(obj)/coreboot.rom write -u -r GBB -i 0 -f $(obj)/gbb.region</span><br><span> $(CBFSTOOL) $(obj)/coreboot.rom write -u -r RO_FRID -i 0 -f $(obj)/fwid.region</span><br><span style="color: hsl(120, 100%, 40%);">+ifeq ($(CONFIG_VBOOT_SAFETY_AB),y)</span><br><span> $(CBFSTOOL) $(obj)/coreboot.rom write -u -r RW_FWID_A -i 0 -f $(obj)/fwid.region</span><br><span> $(CBFSTOOL) $(obj)/coreboot.rom write -u -r RW_FWID_B -i 0 -f $(obj)/fwid.region</span><br><span style="color: hsl(120, 100%, 40%);">+endif</span><br><span style="color: hsl(120, 100%, 40%);">+ifeq ($(CONFIG_VBOOT_SAFETY_A),y)</span><br><span style="color: hsl(120, 100%, 40%);">+ $(CBFSTOOL) $(obj)/coreboot.rom write -u -r RW_FWID_A -i 0 -f $(obj)/fwid.region</span><br><span style="color: hsl(120, 100%, 40%);">+endif</span><br><span> </span><br><span> ifneq ($(shell grep "SHARED_DATA" "$(CONFIG_FMDFILE)"),)</span><br><span> build_complete::</span><br><span>@@ -263,8 +281,20 @@</span><br><span> --kernelkey "$(CONFIG_VBOOT_KERNEL_KEY)" \</span><br><span> --flags $(CONFIG_VBOOT_KEYBLOCK_PREAMBLE_FLAGS)</span><br><span> </span><br><span style="color: hsl(120, 100%, 40%);">+ifeq ($(CONFIG_VBOOT_SAFETY_AB),y)</span><br><span> files_added:: $(obj)/VBLOCK_A.bin $(obj)/VBLOCK_B.bin</span><br><span> $(CBFSTOOL) $(obj)/coreboot.rom write -u -r VBLOCK_A -f $(obj)/VBLOCK_A.bin</span><br><span> $(CBFSTOOL) $(obj)/coreboot.rom write -u -r VBLOCK_B -f $(obj)/VBLOCK_B.bin</span><br><span style="color: hsl(120, 100%, 40%);">+ @printf " FLASHMAP Layout generated for RO, A and B partition.\n"</span><br><span style="color: hsl(120, 100%, 40%);">+endif</span><br><span style="color: hsl(120, 100%, 40%);">+ifeq ($(CONFIG_VBOOT_SAFETY_A),y)</span><br><span style="color: hsl(120, 100%, 40%);">+files_added:: $(obj)/VBLOCK_A.bin</span><br><span style="color: hsl(120, 100%, 40%);">+ $(CBFSTOOL) $(obj)/coreboot.rom write -u -r VBLOCK_A -f $(obj)/VBLOCK_A.bin</span><br><span style="color: hsl(120, 100%, 40%);">+ @printf " FLASHMAP Layout generated for RO and A partition.\n"</span><br><span style="color: hsl(120, 100%, 40%);">+endif</span><br><span style="color: hsl(120, 100%, 40%);">+ifeq ($(CONFIG_VBOOT_SAFETY_RO),y)</span><br><span style="color: hsl(120, 100%, 40%);">+files_added::</span><br><span style="color: hsl(120, 100%, 40%);">+ @printf " FLASHMAP Layout generated for RO partition only, beware no updates possible!\n"</span><br><span style="color: hsl(120, 100%, 40%);">+endif</span><br><span> </span><br><span> endif # CONFIG_VBOOT</span><br><span></span><br></pre><p>To view, visit <a href="https://review.coreboot.org/27714">change 27714</a>. To unsubscribe, or for help writing mail filters, visit <a href="https://review.coreboot.org/settings">settings</a>.</p><div itemscope itemtype="http://schema.org/EmailMessage"><div itemscope itemprop="action" itemtype="http://schema.org/ViewAction"><link itemprop="url" href="https://review.coreboot.org/27714"/><meta itemprop="name" content="View Change"/></div></div>
<div style="display:none"> Gerrit-Project: coreboot </div>
<div style="display:none"> Gerrit-Branch: master </div>
<div style="display:none"> Gerrit-MessageType: newchange </div>
<div style="display:none"> Gerrit-Change-Id: I278fc060522b13048b00090b8e5261c14496f56e </div>
<div style="display:none"> Gerrit-Change-Number: 27714 </div>
<div style="display:none"> Gerrit-PatchSet: 1 </div>
<div style="display:none"> Gerrit-Owner: Philipp Deppenwiese <zaolin.daisuki@gmail.com> </div>