coreboot-gerrit March 2017

coreboot-gerrit@coreboot.org

1 participants
2925 discussions

Change in coreboot[master]: amd/pi/hudson: Add alternate method for including amdfw
by Martin Roth (Code Review) 28 Mar '17

28 Mar '17

Martin Roth has submitted this change and it was merged. ( https://review.coreboot.org/18435 ) Change subject: amd/pi/hudson: Add alternate method for including amdfw ...................................................................... amd/pi/hudson: Add alternate method for including amdfw For systems using Chrome OS, place the amdfw outside of cbfs control. The firmware must go to a fixed position at an offset of 0x20000 into the flash device. Potentially improve by adding a warning or error message for the condition when sizeof(amdfw) + sizeof(cbfs and metadata) > sizeof(flash). Original-Signed-off-by: Marshall Dawson <marshalldawson3rd(a)gmail.com> Original-Reviewed-by: Marc Jones <marcj303(a)gmail.com> (cherry picked from commit 2d9d631b39d7850576438a5b0979936bd33893e1) Change-Id: I38029bc03e5db260424cca293b1a7bceea4d0d75 Signed-off-by: Marc Jones <marcj303(a)gmail.com> Reviewed-on: https://review.coreboot.org/18435 Tested-by: build bot (Jenkins) Reviewed-by: Martin Roth <martinroth(a)google.com> --- M src/southbridge/amd/pi/hudson/Kconfig M src/southbridge/amd/pi/hudson/Makefile.inc 2 files changed, 21 insertions(+), 0 deletions(-) Approvals: build bot (Jenkins): Verified Martin Roth: Looks good to me, approved diff --git a/src/southbridge/amd/pi/hudson/Kconfig b/src/southbridge/amd/pi/hudson/Kconfig index f6e3355..7b3b785 100644 --- a/src/southbridge/amd/pi/hudson/Kconfig +++ b/src/southbridge/amd/pi/hudson/Kconfig @@ -204,6 +204,14 @@ bit 3,2 - pin 1 bit 5,4 - pin 2 bit 7,6 - pin 3 + +config AMDFW_OUTSIDE_CBFS + def_bool n + help + The AMDFW (PSP) is typically locatable in cbfs. Select this + option to manually attach the generated amdfw.rom at an + offset of 0x20000 from the bottom of the coreboot ROM image. + endif config HUDSON_UART diff --git a/src/southbridge/amd/pi/hudson/Makefile.inc b/src/southbridge/amd/pi/hudson/Makefile.inc index 24a757c..2153c62 100644 --- a/src/southbridge/amd/pi/hudson/Makefile.inc +++ b/src/southbridge/amd/pi/hudson/Makefile.inc @@ -264,7 +264,20 @@ --flashsize $(CONFIG_ROM_SIZE) \ --output $@ +ifeq ($(CONFIG_AMDFW_OUTSIDE_CBFS),y) +PHONY+=add_amdfw +INTERMEDIATE+=add_amdfw + +add_amdfw: $(obj)/coreboot.pre $(obj)/amdfw.rom + printf " DD Adding AMD Firmware\n" + dd if=$(obj)/amdfw.rom \ + of=$(obj)/coreboot.pre conv=notrunc bs=1 seek=131072 >/dev/null 2>&1 + +else # ifeq ($(CONFIG_AMDFW_OUTSIDE_CBFS),y) + cbfs-files-y += apu/amdfw apu/amdfw-file := $(obj)/amdfw.rom apu/amdfw-position := $(HUDSON_FWM_POSITION) apu/amdfw-type := raw + +endif # ifeq ($(CONFIG_AMDFW_OUTSIDE_CBFS),y) -- To view, visit https://review.coreboot.org/18435 To unsubscribe, visit https://review.coreboot.org/settings Gerrit-MessageType: merged Gerrit-Change-Id: I38029bc03e5db260424cca293b1a7bceea4d0d75 Gerrit-PatchSet: 7 Gerrit-Project: coreboot Gerrit-Branch: master Gerrit-Owner: Marc Jones <marc(a)marcjonesconsulting.com> Gerrit-Reviewer: Kyösti Mälkki <kyosti.malkki(a)gmail.com> Gerrit-Reviewer: Marshall Dawson <marshalldawson3rd(a)gmail.com> Gerrit-Reviewer: Martin Roth <martinroth(a)google.com> Gerrit-Reviewer: Paul Menzel <paulepanter(a)users.sourceforge.net> Gerrit-Reviewer: build bot (Jenkins)

1 0

Change in coreboot[master]: amd/pi/hudson: Add alternate method for including amdfw
by Martin Roth (Code Review) 28 Mar '17

28 Mar '17

Martin Roth has posted comments on this change. ( https://review.coreboot.org/18435 ) Change subject: amd/pi/hudson: Add alternate method for including amdfw ...................................................................... Patch Set 6: Code-Review+2 -- To view, visit https://review.coreboot.org/18435 To unsubscribe, visit https://review.coreboot.org/settings Gerrit-MessageType: comment Gerrit-Change-Id: I38029bc03e5db260424cca293b1a7bceea4d0d75 Gerrit-PatchSet: 6 Gerrit-Project: coreboot Gerrit-Branch: master Gerrit-Owner: Marc Jones <marc(a)marcjonesconsulting.com> Gerrit-Reviewer: Kyösti Mälkki <kyosti.malkki(a)gmail.com> Gerrit-Reviewer: Marshall Dawson <marshalldawson3rd(a)gmail.com> Gerrit-Reviewer: Martin Roth <martinroth(a)google.com> Gerrit-Reviewer: Paul Menzel <paulepanter(a)users.sourceforge.net> Gerrit-Reviewer: build bot (Jenkins) Gerrit-HasComments: No

1 0

Change in coreboot[master]: util/amdfwtool: Add fanless SMU firmware options
by Martin Roth (Code Review) 28 Mar '17

28 Mar '17

Martin Roth has submitted this change and it was merged. ( https://review.coreboot.org/18991 ) Change subject: util/amdfwtool: Add fanless SMU firmware options ...................................................................... util/amdfwtool: Add fanless SMU firmware options The Stoney Ridge program has OPNs that are considered fanless. These APUs are strapped to search for unique SMU firmware, indicated by Type[8]=1 in the directory table entry. Add new options to amdfwtool and include the blobs in the build with the appropriate bit set in the Type encoding. Original-Signed-off-by: Marshall Dawson <marshalldawson3rd(a)gmail.com> Original-Reviewed-by: Marc Jones <marcj303(a)gmail.com> (cherry picked from commit 8df0d6847c39bb021271983018ac6f448f9ff9da) Change-Id: I4b80ccf8fd9644f9a9d300e6c67aed9834a2c7a7 Signed-off-by: Marshall Dawson <marshalldawson3rd(a)gmail.com> Reviewed-on: https://review.coreboot.org/18991 Reviewed-by: Paul Menzel <paulepanter(a)users.sourceforge.net> Tested-by: build bot (Jenkins) Reviewed-by: Martin Roth <martinroth(a)google.com> --- M util/amdfwtool/amdfwtool.c 1 file changed, 85 insertions(+), 63 deletions(-) Approvals: Paul Menzel: Looks good to me, but someone else must approve build bot (Jenkins): Verified Martin Roth: Looks good to me, approved diff --git a/util/amdfwtool/amdfwtool.c b/util/amdfwtool/amdfwtool.c index feac409..58d010c 100644 --- a/util/amdfwtool/amdfwtool.c +++ b/util/amdfwtool/amdfwtool.c @@ -149,53 +149,58 @@ { printf("amdfwtool: Create AMD Firmware combination\n"); printf("Usage: amdfwtool [options] -f <size> -o <filename>\n"); - printf("-x | --xhci <FILE> Add XHCI blob\n"); - printf("-i | --imc <FILE> Add IMC blob\n"); - printf("-g | --gec <FILE> Add GEC blob\n"); + printf("-x | --xhci <FILE> Add XHCI blob\n"); + printf("-i | --imc <FILE> Add IMC blob\n"); + printf("-g | --gec <FILE> Add GEC blob\n"); printf("\nPSP options:\n"); - printf("-p | --pubkey <FILE> Add pubkey\n"); - printf("-b | --bootloader <FILE> Add bootloader\n"); - printf("-s | --smufirmware <FILE> Add smufirmware\n"); - printf("-r | --recovery <FILE> Add recovery\n"); - printf("-k | --rtmpubkey <FILE> Add rtmpubkey\n"); - printf("-c | --secureos <FILE> Add secureos\n"); - printf("-n | --nvram <FILE> Add nvram\n"); - printf("-d | --securedebug <FILE> Add securedebug\n"); - printf("-t | --trustlets <FILE> Add trustlets\n"); - printf("-u | --trustletkey <FILE> Add trustletkey\n"); - printf("-w | --smufirmware2 <FILE> Add smufirmware2\n"); - printf("-m | --smuscs <FILE> Add smuscs\n"); + printf("-p | --pubkey <FILE> Add pubkey\n"); + printf("-b | --bootloader <FILE> Add bootloader\n"); + printf("-s | --smufirmware <FILE> Add smufirmware\n"); + printf("-r | --recovery <FILE> Add recovery\n"); + printf("-k | --rtmpubkey <FILE> Add rtmpubkey\n"); + printf("-c | --secureos <FILE> Add secureos\n"); + printf("-n | --nvram <FILE> Add nvram\n"); + printf("-d | --securedebug <FILE> Add securedebug\n"); + printf("-t | --trustlets <FILE> Add trustlets\n"); + printf("-u | --trustletkey <FILE> Add trustletkey\n"); + printf("-w | --smufirmware2 <FILE> Add smufirmware2\n"); + printf("-m | --smuscs <FILE> Add smuscs\n"); #if PSP2 printf("\nPSP2 options:\n"); - printf("-P | --pubkey2 <FILE> Add pubkey\n"); - printf("-B | --bootloader2 <FILE> Add bootloader\n"); - printf("-S | --smufirmware_2 <FILE> Add smufirmware\n"); - printf("-R | --recovery2 <FILE> Add recovery\n"); - printf("-K | --rtmpubkey2 <FILE> Add rtmpubkey\n"); - printf("-C | --secureos2 <FILE> Add secureos\n"); - printf("-N | --nvram2 <FILE> Add nvram\n"); - printf("-D | --securedebug2 <FILE> Add securedebug\n"); - printf("-T | --trustlets2 <FILE> Add trustlets\n"); - printf("-U | --trustletkey2 <FILE> Add trustletkey\n"); - printf("-W | --smufirmware2_2 <FILE> Add smufirmware2\n"); - printf("-M | --smuscs2 <FILE> Add smuscs\n"); + printf("-P | --pubkey2 <FILE> Add pubkey\n"); + printf("-B | --bootloader2 <FILE> Add bootloader\n"); + printf("-S | --smufirmware_2 <FILE> Add smufirmware\n"); + printf("-L | --smufnfirmware_2 <FILE> Add fanless smufirmware\n"); + printf("-R | --recovery2 <FILE> Add recovery\n"); + printf("-K | --rtmpubkey2 <FILE> Add rtmpubkey\n"); + printf("-C | --secureos2 <FILE> Add secureos\n"); + printf("-N | --nvram2 <FILE> Add nvram\n"); + printf("-D | --securedebug2 <FILE> Add securedebug\n"); + printf("-T | --trustlets2 <FILE> Add trustlets\n"); + printf("-U | --trustletkey2 <FILE> Add trustletkey\n"); + printf("-W | --smufirmware2_2 <FILE> Add smufirmware2\n"); + printf("-E | --smufnfirmware2_2 <FILE> Add fanless smufirmware2\n"); + printf("-M | --smuscs2 <FILE> Add smuscs\n"); #endif printf("\n-o | --output <filename> output filename\n"); - printf("-f | --flashsize <HEX_VAL> ROM size in bytes\n"); - printf(" size must be larger than %dKB\n", + printf("-f | --flashsize <HEX_VAL> ROM size in bytes\n"); + printf(" size must be larger than %dKB\n", MIN_ROM_KB); - printf(" and must a multiple of 1024\n"); - printf("-h | --help show this help\n"); + printf(" and must a multiple of 1024\n"); + printf("-h | --help show this help\n"); } + +#define FANLESS_FW 0x100 /* type[15:8]: 0=non-fanless OPNs, 1=fanless */ typedef enum _amd_fw_type { AMD_FW_PSP_PUBKEY = 0, AMD_FW_PSP_BOOTLOADER = 1, AMD_FW_PSP_SMU_FIRMWARE = 8, + AMD_FW_PSP_SMU_FN_FIRMWARE = FANLESS_FW + AMD_FW_PSP_SMU_FIRMWARE, AMD_FW_PSP_RECOVERY = 3, AMD_FW_PSP_RTM_PUBKEY = 5, AMD_FW_PSP_SECURED_OS = 2, @@ -204,6 +209,7 @@ AMD_FW_PSP_TRUSTLETS = 12, AMD_FW_PSP_TRUSTLETKEY = 13, AMD_FW_PSP_SMU_FIRMWARE2 = 18, + AMD_FW_PSP_SMU_FN_FIRMWARE2 = FANLESS_FW + AMD_FW_PSP_SMU_FIRMWARE2, AMD_PSP_FUSE_CHAIN = 11, AMD_FW_PSP_SMUSCS = 95, @@ -230,6 +236,8 @@ { .type = AMD_FW_PSP_TRUSTLETS }, { .type = AMD_FW_PSP_TRUSTLETKEY }, { .type = AMD_FW_PSP_SMU_FIRMWARE2 }, + { .type = AMD_FW_PSP_SMU_FN_FIRMWARE }, + { .type = AMD_FW_PSP_SMU_FN_FIRMWARE2 }, { .type = AMD_FW_PSP_SMUSCS }, { .type = AMD_PSP_FUSE_CHAIN }, { .type = AMD_FW_INVALID }, @@ -248,6 +256,8 @@ { .type = AMD_FW_PSP_TRUSTLETS }, { .type = AMD_FW_PSP_TRUSTLETKEY }, { .type = AMD_FW_PSP_SMU_FIRMWARE2 }, + { .type = AMD_FW_PSP_SMU_FN_FIRMWARE }, + { .type = AMD_FW_PSP_SMU_FN_FIRMWARE2 }, { .type = AMD_FW_PSP_SMUSCS }, { .type = AMD_PSP_FUSE_CHAIN }, { .type = AMD_FW_INVALID }, @@ -367,50 +377,52 @@ #if PSP2 static const char *optstring = - "x:i:g:p:b:s:r:k:c:n:d:t:u:w:m:P:B:S:R:K:C:N:D:T:U:W:M:o:f:h"; + "x:i:g:p:b:s:r:k:c:n:d:t:u:w:m:P:B:S:L:R:K:C:N:D:T:U:W:E:M:o:f:h"; #else static const char *optstring = "x:i:g:p:b:s:r:k:c:n:d:t:u:w:m:o:f:h"; #endif static struct option long_options[] = { - {"xhci", required_argument, 0, 'x' }, - {"imc", required_argument, 0, 'i' }, - {"gec", required_argument, 0, 'g' }, + {"xhci", required_argument, 0, 'x' }, + {"imc", required_argument, 0, 'i' }, + {"gec", required_argument, 0, 'g' }, /* PSP */ - {"pubkey", required_argument, 0, 'p' }, - {"bootloader", required_argument, 0, 'b' }, - {"smufirmware", required_argument, 0, 's' }, - {"recovery", required_argument, 0, 'r' }, - {"rtmpubkey", required_argument, 0, 'k' }, - {"secureos", required_argument, 0, 'c' }, - {"nvram", required_argument, 0, 'n' }, - {"securedebug", required_argument, 0, 'd' }, - {"trustlets", required_argument, 0, 't' }, - {"trustletkey", required_argument, 0, 'u' }, - {"smufirmware2", required_argument, 0, 'w' }, - {"smuscs", required_argument, 0, 'm' }, + {"pubkey", required_argument, 0, 'p' }, + {"bootloader", required_argument, 0, 'b' }, + {"smufirmware", required_argument, 0, 's' }, + {"recovery", required_argument, 0, 'r' }, + {"rtmpubkey", required_argument, 0, 'k' }, + {"secureos", required_argument, 0, 'c' }, + {"nvram", required_argument, 0, 'n' }, + {"securedebug", required_argument, 0, 'd' }, + {"trustlets", required_argument, 0, 't' }, + {"trustletkey", required_argument, 0, 'u' }, + {"smufirmware2", required_argument, 0, 'w' }, + {"smuscs", required_argument, 0, 'm' }, /* TODO: PSP2 */ #if PSP2 - {"pubkey2", required_argument, 0, 'P' }, - {"bootloader2", required_argument, 0, 'B' }, - {"smufirmware_2", required_argument, 0, 'S' }, - {"recovery2", required_argument, 0, 'R' }, - {"rtmpubkey2", required_argument, 0, 'K' }, - {"secureos2", required_argument, 0, 'C' }, - {"nvram2", required_argument, 0, 'N' }, - {"securedebug2", required_argument, 0, 'D' }, - {"trustlets2", required_argument, 0, 'T' }, - {"trustletkey2", required_argument, 0, 'U' }, - {"smufirmware2_2", required_argument, 0, 'W' }, - {"smuscs2", required_argument, 0, 'M' }, + {"pubkey2", required_argument, 0, 'P' }, + {"bootloader2", required_argument, 0, 'B' }, + {"smufirmware_2", required_argument, 0, 'S' }, + {"smufnfirmware_2", required_argument, 0, 'L' }, + {"recovery2", required_argument, 0, 'R' }, + {"rtmpubkey2", required_argument, 0, 'K' }, + {"secureos2", required_argument, 0, 'C' }, + {"nvram2", required_argument, 0, 'N' }, + {"securedebug2", required_argument, 0, 'D' }, + {"trustlets2", required_argument, 0, 'T' }, + {"trustletkey2", required_argument, 0, 'U' }, + {"smufirmware2_2", required_argument, 0, 'W' }, + {"smufnfirmware2_2", required_argument, 0, 'E' }, + {"smuscs2", required_argument, 0, 'M' }, #endif - {"output", required_argument, 0, 'o' }, - {"flashsize", required_argument, 0, 'f' }, - {"help", no_argument, 0, 'h' }, + {"output", required_argument, 0, 'o' }, + {"flashsize", required_argument, 0, 'f' }, + {"help", no_argument, 0, 'h' }, - {NULL, 0, 0, 0 } + {NULL, 0, 0, 0 } }; static void register_fw_filename(amd_fw_type type, char filename[], int pspflag) @@ -552,6 +564,11 @@ optarg, 2); psp2flag = 1; break; + case 'L': + register_fw_filename(AMD_FW_PSP_SMU_FN_FIRMWARE, + optarg, 2); + psp2flag = 1; + break; case 'R': register_fw_filename(AMD_FW_PSP_RECOVERY, optarg, 2); psp2flag = 1; @@ -586,6 +603,11 @@ optarg, 2); psp2flag = 1; break; + case 'E': + register_fw_filename(AMD_FW_PSP_SMU_FN_FIRMWARE2, + optarg, 2); + psp2flag = 1; + break; case 'M': register_fw_filename(AMD_FW_PSP_SMUSCS, optarg, 2); psp2flag = 1; -- To view, visit https://review.coreboot.org/18991 To unsubscribe, visit https://review.coreboot.org/settings Gerrit-MessageType: merged Gerrit-Change-Id: I4b80ccf8fd9644f9a9d300e6c67aed9834a2c7a7 Gerrit-PatchSet: 6 Gerrit-Project: coreboot Gerrit-Branch: master Gerrit-Owner: Marshall Dawson <marshalldawson3rd(a)gmail.com> Gerrit-Reviewer: Martin Roth <martinroth(a)google.com> Gerrit-Reviewer: Paul Menzel <paulepanter(a)users.sourceforge.net> Gerrit-Reviewer: build bot (Jenkins)

1 0

Change in coreboot[master]: util/amdfwtool: Add fanless SMU firmware options
by Martin Roth (Code Review) 28 Mar '17

28 Mar '17

Martin Roth has posted comments on this change. ( https://review.coreboot.org/18991 ) Change subject: util/amdfwtool: Add fanless SMU firmware options ...................................................................... Patch Set 5: Code-Review+2 -- To view, visit https://review.coreboot.org/18991 To unsubscribe, visit https://review.coreboot.org/settings Gerrit-MessageType: comment Gerrit-Change-Id: I4b80ccf8fd9644f9a9d300e6c67aed9834a2c7a7 Gerrit-PatchSet: 5 Gerrit-Project: coreboot Gerrit-Branch: master Gerrit-Owner: Marshall Dawson <marshalldawson3rd(a)gmail.com> Gerrit-Reviewer: Martin Roth <martinroth(a)google.com> Gerrit-Reviewer: Paul Menzel <paulepanter(a)users.sourceforge.net> Gerrit-Reviewer: build bot (Jenkins) Gerrit-HasComments: No

1 0

Change in coreboot[master]: src/lib/jpeg: Fix missing closing accolade
by Youness Alaoui (Code Review) 28 Mar '17

28 Mar '17

Youness Alaoui has uploaded a new change for review. ( https://review.coreboot.org/19032 ) Change subject: src/lib/jpeg: Fix missing closing accolade ...................................................................... src/lib/jpeg: Fix missing closing accolade There's a missing closing accolade in fillbits function of jpeg.c. This causes the 'if' block in line 463 to never be closed and it will mistakenly think that the dec_readmakrer function declaration below it is part of the fillbits function itself, which causes an avalanche of compilation errors. This was introduced in https://review.coreboot.org/18761 and it prevents coreboot from building (after I did a make disclean). For some reason the buildbot didn't seem to notice it and has verified that commit builds even though it didn't. Change-Id: Ie10b774875fc25ce2ff613c542c15870e780a761 Signed-off-by: Youness Alaoui <youness.alaoui(a)puri.sm> --- M src/lib/jpeg.c 1 file changed, 1 insertion(+), 0 deletions(-) git pull ssh://review.coreboot.org:29418/coreboot refs/changes/32/19032/1 diff --git a/src/lib/jpeg.c b/src/lib/jpeg.c index 06827ea..7125396 100644 --- a/src/lib/jpeg.c +++ b/src/lib/jpeg.c @@ -464,6 +464,7 @@ m = in->func(in->data); if (m == 0) continue; + } } in->marker = m; if (le <= 16) -- To view, visit https://review.coreboot.org/19032 To unsubscribe, visit https://review.coreboot.org/settings Gerrit-MessageType: newchange Gerrit-Change-Id: Ie10b774875fc25ce2ff613c542c15870e780a761 Gerrit-PatchSet: 1 Gerrit-Project: coreboot Gerrit-Branch: master Gerrit-Owner: Youness Alaoui <snifikino(a)gmail.com>

1 0

Change in coreboot[master]: Remove libverstage as separate library and source file class
by Julius Werner (Code Review) 28 Mar '17

28 Mar '17

Julius Werner has submitted this change and it was merged. ( https://review.coreboot.org/18302 ) Change subject: Remove libverstage as separate library and source file class ...................................................................... Remove libverstage as separate library and source file class In builds without CONFIG_VBOOT_SEPARATE_VERSTAGE, verstage files are linked directly into the bootblock or the romstage. However, they're still compiled with a separate "libverstage" source file class, linked into an intermediate library and then linked into the final destination stage. There is no obvious benefit to doing it this way and it's unclear why it was chosen in the first place... there are, however, obvious disadvantages: it can result in code that is used by both libverstage and the host stage to occur twice in the output binary. It also means that libverstage files have their separate compiler flags that are not necessarily aligned with the host stage, which can lead to weird effects like <rules.h> macros not being set the way you would expect. In fact, VBOOT_STARTS_IN_ROMSTAGE configurations are currently broken on x86 because their libverstage code that gets compiled into the romstage sets ENV_VERSTAGE, but CAR migration code expects all ENV_VERSTAGE code to run pre-migration. This patch resolves these problems by removing the separate library. There is no more difference between the 'verstage' and 'libverstage' classes, and the source files added to them are just treated the same way a bootblock or romstage source files in configurations where the verstage is linked into either of these respective stages (allowing for the normal object code deduplication and causing those files to be compiled with the same flags as the host stage's files). Tested this whole series by booting a Kevin, an Elm (both with and without SEPARATE_VERSTAGE) and a Falco in normal and recovery mode. Change-Id: I6bb84a9bf1cd54f2e02ca1f665740a9c88d88df4 Signed-off-by: Julius Werner <jwerner(a)chromium.org> Reviewed-on: https://review.coreboot.org/18302 Tested-by: build bot (Jenkins) Reviewed-by: Aaron Durbin <adurbin(a)chromium.org> --- M Makefile M Makefile.inc M src/arch/arm/Makefile.inc M src/arch/arm/armv4/Makefile.inc M src/arch/arm/armv7/Makefile.inc M src/arch/arm64/Makefile.inc M src/arch/arm64/armv8/Makefile.inc M src/arch/x86/Makefile.inc M src/drivers/i2c/ww_ring/Makefile.inc M src/drivers/intel/fsp1_1/Makefile.inc M src/lib/Makefile.inc M src/soc/qualcomm/ipq40xx/Makefile.inc M src/soc/qualcomm/ipq806x/Makefile.inc M src/soc/rockchip/rk3288/Makefile.inc M src/vboot/Makefile.inc M toolchain.inc 16 files changed, 37 insertions(+), 48 deletions(-) Approvals: Aaron Durbin: Looks good to me, approved build bot (Jenkins): Verified diff --git a/Makefile b/Makefile index 36bb650..701a146 100644 --- a/Makefile +++ b/Makefile @@ -243,11 +243,15 @@ # collect all object files eligible for building subdirs:=$(TOPLEVEL) +postinclude-hooks := $(eval $(call evaluate_subdirs)) ifeq ($(FAILBUILD),1) $(error cannot continue build) endif +# Run hooks registered by subdirectories that need to be evaluated after all files have been parsed +$(eval $(postinclude-hooks)) + # Eliminate duplicate mentions of source files in a class $(foreach class,$(classes),$(eval $(class)-srcs:=$(sort $($(class)-srcs)))) diff --git a/Makefile.inc b/Makefile.inc index 2267f32..5ab3524 100644 --- a/Makefile.inc +++ b/Makefile.inc @@ -97,7 +97,7 @@ ####################################################################### # Add source classes and their build options -classes-y := ramstage romstage bootblock postcar smm smmstub cpu_microcode libverstage verstage +classes-y := ramstage romstage bootblock postcar smm smmstub cpu_microcode verstage # Add dynamic classes for rmodules $(foreach supported_arch,$(ARCH_SUPPORTED), \ @@ -200,7 +200,6 @@ ramstage-c-deps:=$$(OPTION_TABLE_H) romstage-c-deps:=$$(OPTION_TABLE_H) -libverstage-c-deps:=$$(OPTION_TABLE_H) verstage-c-deps:=$$(OPTION_TABLE_H) bootblock-c-deps:=$$(OPTION_TABLE_H) $(foreach type,ads adb, \ @@ -527,10 +526,6 @@ romstage-y+=$(DEVICETREE_STATIC_C) verstage-y+=$(DEVICETREE_STATIC_C) bootblock-y+=$(DEVICETREE_STATIC_C) - -$(objgenerated)/libverstage.a: $$(libverstage-objs) - rm -f $@ - $(AR_libverstage) rcsT $@ $^ ####################################################################### # Clean up rules diff --git a/src/arch/arm/Makefile.inc b/src/arch/arm/Makefile.inc index 2742414..013a4dd 100644 --- a/src/arch/arm/Makefile.inc +++ b/src/arch/arm/Makefile.inc @@ -68,9 +68,9 @@ ifeq ($(CONFIG_ARCH_VERSTAGE_ARM),y) -$(objcbfs)/verstage.debug: $(objgenerated)/libverstage.a $$(verstage-objs) +$(objcbfs)/verstage.debug: $$(verstage-objs) @printf " LINK $(subst $(obj)/,,$(@))\n" - $(LD_verstage) $(LDFLAGS_verstage) -o $@ -L$(obj) -T $(call src-to-obj,verstage,src/mainboard/$(MAINBOARDDIR)/memlayout.ld) --whole-archive --start-group $(filter-out %.ld,$(verstage-objs)) $(objgenerated)/libverstage.a --end-group + $(LD_verstage) $(LDFLAGS_verstage) -o $@ -L$(obj) -T $(call src-to-obj,verstage,src/mainboard/$(MAINBOARDDIR)/memlayout.ld) --whole-archive --start-group $(filter-out %.ld,$(verstage-objs)) --end-group verstage-y += boot.c verstage-y += div0.c diff --git a/src/arch/arm/armv4/Makefile.inc b/src/arch/arm/armv4/Makefile.inc index 1b91961..e8e49a6 100644 --- a/src/arch/arm/armv4/Makefile.inc +++ b/src/arch/arm/armv4/Makefile.inc @@ -39,7 +39,6 @@ ################################################################################ ifeq ($(CONFIG_ARCH_VERSTAGE_ARMV4),y) -libverstage-generic-ccopts += $(armv4_flags) verstage-generic-ccopts += $(armv4_flags) verstage-y += cache.c diff --git a/src/arch/arm/armv7/Makefile.inc b/src/arch/arm/armv7/Makefile.inc index d978f00..fe0b446 100644 --- a/src/arch/arm/armv7/Makefile.inc +++ b/src/arch/arm/armv7/Makefile.inc @@ -71,8 +71,6 @@ ################################################################################ ifeq ($(CONFIG_ARCH_VERSTAGE_ARMV7),y) -libverstage-generic-ccopts += $(armv7-a_flags) -libverstage-S-ccopts += $(armv7_asm_flags) verstage-generic-ccopts += $(armv7-a_flags) verstage-S-ccopts += $(armv7_asm_flags) @@ -83,14 +81,10 @@ verstage-y += mmu.c else ifeq ($(CONFIG_ARCH_VERSTAGE_ARMV7_M),y) -libverstage-generic-ccopts += $(armv7-m_flags) -libverstage-S-ccopts += $(armv7_asm_flags) verstage-generic-ccopts += $(armv7-m_flags) verstage-S-ccopts += $(armv7_asm_flags) else ifeq ($(CONFIG_ARCH_VERSTAGE_ARMV7_R),y) -libverstage-generic-ccopts += $(armv7-r_flags) -libverstage-S-ccopts += $(armv7-r_asm_flags) verstage-generic-ccopts += $(armv7-r_flags) verstage-S-ccopts += $(armv7-r_asm_flags) diff --git a/src/arch/arm64/Makefile.inc b/src/arch/arm64/Makefile.inc index 7f3ce3f..ad3941b 100644 --- a/src/arch/arm64/Makefile.inc +++ b/src/arch/arm64/Makefile.inc @@ -65,9 +65,9 @@ ifeq ($(CONFIG_ARCH_VERSTAGE_ARM64),y) -$(objcbfs)/verstage.debug: $(objgenerated)/libverstage.a $$(verstage-objs) +$(objcbfs)/verstage.debug: $$(verstage-objs) @printf " LINK $(subst $(obj)/,,$(@))\n" - $(LD_verstage) $(LDFLAGS_verstage) -o $@ -L$(obj) --whole-archive --start-group $(filter-out %.ld,$(verstage-objs)) $(objgenerated)/libverstage.a --end-group -T $(call src-to-obj,verstage,src/mainboard/$(MAINBOARDDIR)/memlayout.ld) + $(LD_verstage) $(LDFLAGS_verstage) -o $@ -L$(obj) --whole-archive --start-group $(filter-out %.ld,$(verstage-objs)) --end-group -T $(call src-to-obj,verstage,src/mainboard/$(MAINBOARDDIR)/memlayout.ld) verstage-y += boot.c verstage-y += div0.c diff --git a/src/arch/arm64/armv8/Makefile.inc b/src/arch/arm64/armv8/Makefile.inc index f026a99..a7a6b19 100644 --- a/src/arch/arm64/armv8/Makefile.inc +++ b/src/arch/arm64/armv8/Makefile.inc @@ -53,7 +53,6 @@ verstage-y += cache_helpers.S verstage-y += exception.c -libverstage-generic-ccopts += $(armv8_flags) verstage-generic-ccopts += $(armv8_flags) endif diff --git a/src/arch/x86/Makefile.inc b/src/arch/x86/Makefile.inc index 332e8ec..5f184c5 100644 --- a/src/arch/x86/Makefile.inc +++ b/src/arch/x86/Makefile.inc @@ -186,7 +186,7 @@ verstage-$(CONFIG_COLLECT_TIMESTAMPS) += timestamp.c -verstage-libs += $(objgenerated)/libverstage.a +verstage-libs ?= $(eval $(call early_x86_assembly_entry_rule,verstage)) diff --git a/src/drivers/i2c/ww_ring/Makefile.inc b/src/drivers/i2c/ww_ring/Makefile.inc index 09f2e93..ea0d1a8 100644 --- a/src/drivers/i2c/ww_ring/Makefile.inc +++ b/src/drivers/i2c/ww_ring/Makefile.inc @@ -1,5 +1,5 @@ -libverstage-$(CONFIG_DRIVERS_I2C_WW_RING) += ww_ring.c -libverstage-$(CONFIG_DRIVERS_I2C_WW_RING) += ww_ring_programs.c +verstage-$(CONFIG_DRIVERS_I2C_WW_RING) += ww_ring.c +verstage-$(CONFIG_DRIVERS_I2C_WW_RING) += ww_ring_programs.c ramstage-$(CONFIG_DRIVERS_I2C_WW_RING) += ww_ring.c ramstage-$(CONFIG_DRIVERS_I2C_WW_RING) += ww_ring_programs.c diff --git a/src/drivers/intel/fsp1_1/Makefile.inc b/src/drivers/intel/fsp1_1/Makefile.inc index e2f75ee..960df74 100644 --- a/src/drivers/intel/fsp1_1/Makefile.inc +++ b/src/drivers/intel/fsp1_1/Makefile.inc @@ -18,7 +18,7 @@ verstage-y += car.c verstage-y += fsp_util.c -verstage-y += verstage.c +verstage-$(CONFIG_SEPARATE_VERSTAGE) += verstage.c bootblock-y += bootblock.c bootblock-y += fsp_util.c diff --git a/src/lib/Makefile.inc b/src/lib/Makefile.inc index 4576006..8f92b29 100644 --- a/src/lib/Makefile.inc +++ b/src/lib/Makefile.inc @@ -50,9 +50,9 @@ verstage-y += boot_device.c verstage-$(CONFIG_CONSOLE_CBMEM) += cbmem_console.c -libverstage-$(CONFIG_TPM) += tlcl.c -libverstage-$(CONFIG_TPM2) += tpm2_marshaling.c -libverstage-$(CONFIG_TPM2) += tpm2_tlcl.c +verstage-$(CONFIG_TPM) += tlcl.c +verstage-$(CONFIG_TPM2) += tpm2_marshaling.c +verstage-$(CONFIG_TPM2) += tpm2_tlcl.c ifeq ($(CONFIG_VBOOT_SEPARATE_VERSTAGE),y) romstage-$(CONFIG_TPM) += tlcl.c diff --git a/src/soc/qualcomm/ipq40xx/Makefile.inc b/src/soc/qualcomm/ipq40xx/Makefile.inc index 568b0e3..08be720 100644 --- a/src/soc/qualcomm/ipq40xx/Makefile.inc +++ b/src/soc/qualcomm/ipq40xx/Makefile.inc @@ -24,10 +24,10 @@ verstage-y += clock.c verstage-y += gpio.c -libverstage-y += blsp.c -libverstage-y += i2c.c -libverstage-y += qup.c -libverstage-y += spi.c +verstage-y += blsp.c +verstage-y += i2c.c +verstage-y += qup.c +verstage-y += spi.c verstage-y += timer.c verstage-$(CONFIG_DRIVERS_UART) += uart.c diff --git a/src/soc/qualcomm/ipq806x/Makefile.inc b/src/soc/qualcomm/ipq806x/Makefile.inc index 42d28e4..624b633 100644 --- a/src/soc/qualcomm/ipq806x/Makefile.inc +++ b/src/soc/qualcomm/ipq806x/Makefile.inc @@ -23,10 +23,10 @@ verstage-y += clock.c verstage-y += gpio.c -libverstage-y += gsbi.c -libverstage-y += i2c.c -libverstage-y += qup.c -libverstage-y += spi.c +verstage-y += gsbi.c +verstage-y += i2c.c +verstage-y += qup.c +verstage-y += spi.c verstage-y += timer.c verstage-$(CONFIG_DRIVERS_UART) += uart.c diff --git a/src/soc/rockchip/rk3288/Makefile.inc b/src/soc/rockchip/rk3288/Makefile.inc index b29038d..75c2e24 100644 --- a/src/soc/rockchip/rk3288/Makefile.inc +++ b/src/soc/rockchip/rk3288/Makefile.inc @@ -37,7 +37,7 @@ verstage-y += ../common/gpio.c verstage-y += gpio.c verstage-y += clock.c -libverstage-y += crypto.c +verstage-y += crypto.c verstage-y += ../common/i2c.c verstage-$(CONFIG_SOFTWARE_I2C) += software_i2c.c diff --git a/src/vboot/Makefile.inc b/src/vboot/Makefile.inc index 56a3bac..0d6ce57 100644 --- a/src/vboot/Makefile.inc +++ b/src/vboot/Makefile.inc @@ -21,7 +21,6 @@ verstage-y += bootmode.c postcar-y += bootmode.c -libverstage-generic-ccopts += -D__PRE_RAM__ -D__VERSTAGE__ verstage-generic-ccopts += -D__PRE_RAM__ -D__VERSTAGE__ bootblock-y += vbnv.c @@ -62,14 +61,14 @@ postcar-y += vboot_common.c bootblock-y += common.c -libverstage-y += vboot_logic.c +verstage-y += vboot_logic.c verstage-y += common.c -verstage-y += verstage.c +verstage-$(CONFIG_VBOOT_SEPARATE_VERSTAGE) += verstage.c ifeq (${CONFIG_VBOOT_MOCK_SECDATA},y) -libverstage-y += secdata_mock.c +verstage-y += secdata_mock.c romstage-$(CONFIG_VBOOT_SEPARATE_VERSTAGE) += secdata_mock.c else -libverstage-y += secdata_tpm.c +verstage-y += secdata_tpm.c romstage-$(CONFIG_VBOOT_SEPARATE_VERSTAGE) += secdata_tpm.c endif romstage-y += vboot_handoff.c common.c @@ -88,9 +87,9 @@ endif # CONFIG_VBOOT_SEPARATE_VERSTAGE VB2_LIB = $(obj)/external/vboot_reference/vboot_fw20.a -VBOOT_CFLAGS += $(patsubst -I%,-I$(top)/%, $(filter-out -I$(obj), $(filter-out -include $(src)/include/kconfig.h, $(CPPFLAGS_libverstage)))) -VBOOT_CFLAGS += $(CFLAGS_libverstage) -VBOOT_CFLAGS += $(libverstage-c-ccopts) +VBOOT_CFLAGS += $(patsubst -I%,-I$(top)/%, $(filter-out -I$(obj), $(filter-out -include $(src)/include/kconfig.h, $(CPPFLAGS_verstage)))) +VBOOT_CFLAGS += $(CFLAGS_verstage) +VBOOT_CFLAGS += $(verstage-c-ccopts) VBOOT_CFLAGS += -I$(abspath $(obj)) -include $(top)/src/include/kconfig.h -Wno-missing-prototypes VBOOT_CFLAGS += -DVBOOT_DEBUG @@ -104,7 +103,7 @@ V=$(V) \ fwlib20 -libverstage-srcs += $(VB2_LIB) +verstage-srcs += $(VB2_LIB) ifeq ($(CONFIG_VBOOT_SEPARATE_VERSTAGE),y) @@ -131,11 +130,11 @@ endif -else +else # CONFIG_VBOOT_SEPARATE_VERSTAGE ifeq ($(CONFIG_VBOOT_STARTS_IN_BOOTBLOCK),y) -bootblock-srcs += $(objgenerated)/libverstage.a +postinclude-hooks += $$(eval bootblock-srcs += $$(verstage-srcs)) else -romstage-srcs += $(objgenerated)/libverstage.a +postinclude-hooks += $$(eval romstage-srcs += $$(verstage-srcs)) endif endif # CONFIG_VBOOT_SEPARATE_VERSTAGE diff --git a/toolchain.inc b/toolchain.inc index 9b95215..5501c32 100644 --- a/toolchain.inc +++ b/toolchain.inc @@ -47,8 +47,7 @@ ROMCC=CCC_CC="$(ROMCC_BIN)" $(CC) endif -COREBOOT_STANDARD_STAGES := bootblock libverstage verstage romstage ramstage -MAP-libverstage := verstage +COREBOOT_STANDARD_STAGES := bootblock verstage romstage ramstage ARCHDIR-i386 := x86 ARCHDIR-x86_32 := x86 -- To view, visit https://review.coreboot.org/18302 To unsubscribe, visit https://review.coreboot.org/settings Gerrit-MessageType: merged Gerrit-Change-Id: I6bb84a9bf1cd54f2e02ca1f665740a9c88d88df4 Gerrit-PatchSet: 16 Gerrit-Project: coreboot Gerrit-Branch: master Gerrit-Owner: Julius Werner <jwerner(a)chromium.org> Gerrit-Reviewer: Aaron Durbin <adurbin(a)chromium.org> Gerrit-Reviewer: Furquan Shaikh <furquan(a)google.com> Gerrit-Reviewer: Julius Werner <jwerner(a)chromium.org> Gerrit-Reviewer: Patrick Georgi <pgeorgi(a)google.com> Gerrit-Reviewer: Paul Menzel <paulepanter(a)users.sourceforge.net> Gerrit-Reviewer: build bot (Jenkins)

1 0

Change in coreboot[master]: vboot: Move remaining features out of vendorcode/google/chro...
by Julius Werner (Code Review) 28 Mar '17

28 Mar '17

Julius Werner has submitted this change and it was merged. ( https://review.coreboot.org/18984 ) Change subject: vboot: Move remaining features out of vendorcode/google/chromeos ...................................................................... vboot: Move remaining features out of vendorcode/google/chromeos This patch attempts to finish the separation between CONFIG_VBOOT and CONFIG_CHROMEOS by moving the remaining options and code (including image generation code for things like FWID and GBB flags, which are intrinsic to vboot itself) from src/vendorcode/google/chromeos to src/vboot. Also taking this opportunity to namespace all VBOOT Kconfig options, and clean up menuconfig visibility for them (i.e. some options were visible even though they were tied to the hardware while others were invisible even though it might make sense to change them). CQ-DEPEND=CL:459088 Change-Id: I3e2e31150ebf5a96b6fe507ebeb53a41ecf88122 Signed-off-by: Julius Werner <jwerner(a)chromium.org> Reviewed-on: https://review.coreboot.org/18984 Tested-by: build bot (Jenkins) Reviewed-by: Aaron Durbin <adurbin(a)chromium.org> --- M src/arch/x86/assembly_entry.S M src/arch/x86/bootblock_simple.c M src/arch/x86/car.ld M src/ec/google/chromeec/Kconfig M src/ec/google/chromeec/switches.c M src/include/memlayout.h M src/lib/Makefile.inc M src/mainboard/google/auron/Kconfig M src/mainboard/google/beltino/Kconfig M src/mainboard/google/butterfly/Kconfig M src/mainboard/google/chell/Kconfig M src/mainboard/google/cosmos/Kconfig M src/mainboard/google/cyan/Kconfig M src/mainboard/google/daisy/Kconfig M src/mainboard/google/eve/Kconfig M src/mainboard/google/fizz/Kconfig M src/mainboard/google/foster/Kconfig M src/mainboard/google/gale/Kconfig M src/mainboard/google/glados/Kconfig M src/mainboard/google/gru/Kconfig M src/mainboard/google/jecht/Kconfig M src/mainboard/google/lars/Kconfig M src/mainboard/google/link/Kconfig M src/mainboard/google/nyan/Kconfig M src/mainboard/google/nyan_big/Kconfig M src/mainboard/google/nyan_blaze/Kconfig M src/mainboard/google/oak/Kconfig M src/mainboard/google/parrot/Kconfig M src/mainboard/google/peach_pit/Kconfig M src/mainboard/google/poppy/Kconfig M src/mainboard/google/purin/Kconfig M src/mainboard/google/rambi/Kconfig M src/mainboard/google/reef/Kconfig M src/mainboard/google/rotor/Kconfig M src/mainboard/google/slippy/Kconfig M src/mainboard/google/smaug/Kconfig M src/mainboard/google/storm/Kconfig M src/mainboard/google/stout/Kconfig M src/mainboard/google/veyron/Kconfig M src/mainboard/google/veyron_mickey/Kconfig M src/mainboard/google/veyron_rialto/Kconfig M src/mainboard/intel/baskingridge/Kconfig M src/mainboard/intel/emeraldlake2/Kconfig M src/mainboard/intel/galileo/Kconfig M src/mainboard/intel/kblrvp/Kconfig M src/mainboard/intel/kunimitsu/Kconfig M src/mainboard/intel/strago/Kconfig M src/mainboard/intel/wtm2/Kconfig M src/mainboard/samsung/lumpy/Kconfig M src/mainboard/samsung/stumpy/Kconfig M src/soc/broadcom/cygnus/Kconfig M src/soc/intel/apollolake/Kconfig M src/soc/intel/quark/romstage/fsp1_1.c M src/soc/intel/skylake/Kconfig M src/soc/marvell/armada38x/Kconfig M src/soc/marvell/bg4cd/Kconfig M src/soc/marvell/mvmap2315/Kconfig M src/soc/mediatek/mt8173/Kconfig M src/soc/nvidia/tegra124/Kconfig M src/soc/nvidia/tegra210/Kconfig M src/soc/qualcomm/ipq40xx/Kconfig M src/soc/qualcomm/ipq806x/Kconfig M src/soc/rockchip/rk3288/Kconfig M src/soc/rockchip/rk3399/Kconfig M src/vboot/Kconfig M src/vboot/Makefile.inc M src/vboot/bootmode.c M src/vboot/vboot_handoff.c M src/vboot/vboot_loader.c M src/vboot/vboot_logic.c M src/vboot/verstage.c M src/vendorcode/google/chromeos/Kconfig M src/vendorcode/google/chromeos/Makefile.inc D src/vendorcode/google/chromeos/chromeos.c 74 files changed, 562 insertions(+), 575 deletions(-) Approvals: Aaron Durbin: Looks good to me, approved build bot (Jenkins): Verified diff --git a/src/arch/x86/assembly_entry.S b/src/arch/x86/assembly_entry.S index d1f5d61..56a5b63 100644 --- a/src/arch/x86/assembly_entry.S +++ b/src/arch/x86/assembly_entry.S @@ -21,7 +21,7 @@ * verstage runs directly after bootblock. */ #define ROMSTAGE_AFTER_VERSTAGE \ - (IS_ENABLED(CONFIG_SEPARATE_VERSTAGE) && \ + (IS_ENABLED(CONFIG_VBOOT_SEPARATE_VERSTAGE) && \ IS_ENABLED(CONFIG_VBOOT_STARTS_IN_BOOTBLOCK) && ENV_ROMSTAGE) #if IS_ENABLED(CONFIG_C_ENVIRONMENT_BOOTBLOCK) || ROMSTAGE_AFTER_VERSTAGE diff --git a/src/arch/x86/bootblock_simple.c b/src/arch/x86/bootblock_simple.c index 8e44add..5df279c 100644 --- a/src/arch/x86/bootblock_simple.c +++ b/src/arch/x86/bootblock_simple.c @@ -28,7 +28,7 @@ #endif } -#if CONFIG_SEPARATE_VERSTAGE +#if CONFIG_VBOOT_SEPARATE_VERSTAGE const char *target1 = "fallback/verstage"; #else const char *target1 = "fallback/romstage"; diff --git a/src/arch/x86/car.ld b/src/arch/x86/car.ld index 9236009..aa579c3 100644 --- a/src/arch/x86/car.ld +++ b/src/arch/x86/car.ld @@ -21,7 +21,7 @@ _car_region_start = . ; /* Vboot work buffer is completely volatile outside of verstage and * romstage. Appropriate code needs to handle the transition. */ -#if IS_ENABLED(CONFIG_SEPARATE_VERSTAGE) +#if IS_ENABLED(CONFIG_VBOOT_SEPARATE_VERSTAGE) VBOOT2_WORK(., 16K) #endif /* Stack for CAR stages. Since it persists across all stages that diff --git a/src/ec/google/chromeec/Kconfig b/src/ec/google/chromeec/Kconfig index 76eef05..3e9cb29 100644 --- a/src/ec/google/chromeec/Kconfig +++ b/src/ec/google/chromeec/Kconfig @@ -160,7 +160,7 @@ The path and filename of the PD firmware file to use. config EC_GOOGLE_CHROMEEC_SWITCHES - depends on EC_GOOGLE_CHROMEEC && CHROMEOS + depends on EC_GOOGLE_CHROMEEC && VBOOT bool help Enable support for Chrome OS mode switches provided by the Chrome OS diff --git a/src/ec/google/chromeec/switches.c b/src/ec/google/chromeec/switches.c index 7ed4bfd..e05d37c 100644 --- a/src/ec/google/chromeec/switches.c +++ b/src/ec/google/chromeec/switches.c @@ -20,7 +20,7 @@ #if IS_ENABLED(CONFIG_EC_GOOGLE_CHROMEEC_LPC) int get_lid_switch(void) { - if (!IS_ENABLED(CONFIG_LID_SWITCH)) + if (!IS_ENABLED(CONFIG_VBOOT_LID_SWITCH)) return -1; return !!(google_chromeec_get_switches() & EC_SWITCH_LID_OPEN); diff --git a/src/include/memlayout.h b/src/include/memlayout.h index b39a895..c9c77cf 100644 --- a/src/include/memlayout.h +++ b/src/include/memlayout.h @@ -154,7 +154,7 @@ INCLUDE "verstage/lib/program.ld" #define OVERLAP_VERSTAGE_ROMSTAGE(addr, size) \ - _ = ASSERT(IS_ENABLED(CONFIG_RETURN_FROM_VERSTAGE) == 1, \ + _ = ASSERT(IS_ENABLED(CONFIG_VBOOT_RETURN_FROM_VERSTAGE) == 1, \ "Must set RETURN_FROM_VERSTAGE to overlap romstage."); \ VERSTAGE(addr, size) #else diff --git a/src/lib/Makefile.inc b/src/lib/Makefile.inc index 1117076..4576006 100644 --- a/src/lib/Makefile.inc +++ b/src/lib/Makefile.inc @@ -54,11 +54,11 @@ libverstage-$(CONFIG_TPM2) += tpm2_marshaling.c libverstage-$(CONFIG_TPM2) += tpm2_tlcl.c -ifeq ($(CONFIG_SEPARATE_VERSTAGE),y) +ifeq ($(CONFIG_VBOOT_SEPARATE_VERSTAGE),y) romstage-$(CONFIG_TPM) += tlcl.c romstage-$(CONFIG_TPM2) += tpm2_marshaling.c romstage-$(CONFIG_TPM2) += tpm2_tlcl.c -endif # CONFIG_SEPARATE_VERSTAGE +endif # CONFIG_VBOOT_SEPARATE_VERSTAGE verstage-$(CONFIG_GENERIC_UDELAY) += timer.c verstage-$(CONFIG_GENERIC_GPIO_LIB) += gpio.c diff --git a/src/mainboard/google/auron/Kconfig b/src/mainboard/google/auron/Kconfig index 41c9a7c..d911ff5 100644 --- a/src/mainboard/google/auron/Kconfig +++ b/src/mainboard/google/auron/Kconfig @@ -16,8 +16,10 @@ config CHROMEOS select CHROMEOS_RAMOOPS_DYNAMIC + +config VBOOT select EC_GOOGLE_CHROMEEC_SWITCHES - select LID_SWITCH + select VBOOT_LID_SWITCH select VBOOT_VBNV_CMOS config MAINBOARD_DIR diff --git a/src/mainboard/google/beltino/Kconfig b/src/mainboard/google/beltino/Kconfig index bceb8fb..a029fec 100644 --- a/src/mainboard/google/beltino/Kconfig +++ b/src/mainboard/google/beltino/Kconfig @@ -15,8 +15,8 @@ if BOARD_GOOGLE_BASEBOARD_BELTINO -config CHROMEOS - select PHYSICAL_REC_SWITCH +config VBOOT + select VBOOT_PHYSICAL_REC_SWITCH select VBOOT_VBNV_CMOS config MAINBOARD_DIR diff --git a/src/mainboard/google/butterfly/Kconfig b/src/mainboard/google/butterfly/Kconfig index 09d2157..ffd0c03 100644 --- a/src/mainboard/google/butterfly/Kconfig +++ b/src/mainboard/google/butterfly/Kconfig @@ -17,7 +17,7 @@ select INTEL_INT15 select SERIRQ_CONTINUOUS_MODE # Workaround for EC/KBC IRQ1. -config CHROMEOS +config VBOOT select VBOOT_VBNV_CMOS config MAINBOARD_DIR diff --git a/src/mainboard/google/chell/Kconfig b/src/mainboard/google/chell/Kconfig index 9b88a85..01423a7 100644 --- a/src/mainboard/google/chell/Kconfig +++ b/src/mainboard/google/chell/Kconfig @@ -20,9 +20,9 @@ select MONOTONIC_TIMER_MSR select SOC_INTEL_SKYLAKE -config CHROMEOS +config VBOOT select EC_GOOGLE_CHROMEEC_SWITCHES - select LID_SWITCH + select VBOOT_LID_SWITCH config IRQ_SLOT_COUNT int diff --git a/src/mainboard/google/cosmos/Kconfig b/src/mainboard/google/cosmos/Kconfig index 62cd821..3d8d649 100644 --- a/src/mainboard/google/cosmos/Kconfig +++ b/src/mainboard/google/cosmos/Kconfig @@ -26,7 +26,7 @@ select SPI_FLASH select SPI_FLASH_SPANSION -config CHROMEOS +config VBOOT select VBOOT_VBNV_FLASH config MAINBOARD_DIR diff --git a/src/mainboard/google/cyan/Kconfig b/src/mainboard/google/cyan/Kconfig index 424c08f..77d72ae 100644 --- a/src/mainboard/google/cyan/Kconfig +++ b/src/mainboard/google/cyan/Kconfig @@ -15,9 +15,9 @@ select HAVE_ACPI_RESUME select PCIEXP_L1_SUB_STATE -config CHROMEOS +config VBOOT select EC_GOOGLE_CHROMEEC_SWITCHES - select LID_SWITCH + select VBOOT_LID_SWITCH select VBOOT_VBNV_CMOS config DISPLAY_SPD_DATA diff --git a/src/mainboard/google/daisy/Kconfig b/src/mainboard/google/daisy/Kconfig index 29d6690..b08500d 100644 --- a/src/mainboard/google/daisy/Kconfig +++ b/src/mainboard/google/daisy/Kconfig @@ -28,7 +28,7 @@ select MAINBOARD_HAS_NATIVE_VGA_INIT select MAINBOARD_DO_NATIVE_VGA_INIT -config CHROMEOS +config VBOOT select VBOOT_VBNV_EC config MAINBOARD_DIR diff --git a/src/mainboard/google/eve/Kconfig b/src/mainboard/google/eve/Kconfig index b4442f2..1d1fa7b 100644 --- a/src/mainboard/google/eve/Kconfig +++ b/src/mainboard/google/eve/Kconfig @@ -21,10 +21,10 @@ select SOC_INTEL_KABYLAKE select TPM2 -config CHROMEOS +config VBOOT select EC_GOOGLE_CHROMEEC_SWITCHES select HAS_RECOVERY_MRC_CACHE - select LID_SWITCH + select VBOOT_LID_SWITCH select MRC_CLEAR_NORMAL_CACHE_ON_RECOVERY_RETRAIN config DRIVER_TPM_I2C_BUS diff --git a/src/mainboard/google/fizz/Kconfig b/src/mainboard/google/fizz/Kconfig index a3be595..377a13c 100644 --- a/src/mainboard/google/fizz/Kconfig +++ b/src/mainboard/google/fizz/Kconfig @@ -14,7 +14,7 @@ select NO_FADT_8042 select SOC_INTEL_KABYLAKE -config CHROMEOS +config VBOOT select EC_GOOGLE_CHROMEEC_SWITCHES select GBB_FLAG_DISABLE_EC_SOFTWARE_SYNC diff --git a/src/mainboard/google/foster/Kconfig b/src/mainboard/google/foster/Kconfig index c408ca1..ee22110 100644 --- a/src/mainboard/google/foster/Kconfig +++ b/src/mainboard/google/foster/Kconfig @@ -26,7 +26,7 @@ select COMMON_CBFS_SPI_WRAPPER select SPI_FLASH_WINBOND -config CHROMEOS +config VBOOT select VBOOT_VBNV_FLASH config MAINBOARD_DIR @@ -84,7 +84,7 @@ depends on CHROMEOS default "FOSTER TEST 1184" -config CHROMEOS_FWID_MODEL +config VBOOT_FWID_MODEL string default "Nvidia_Foster" diff --git a/src/mainboard/google/gale/Kconfig b/src/mainboard/google/gale/Kconfig index b6639bc..461ed5b 100644 --- a/src/mainboard/google/gale/Kconfig +++ b/src/mainboard/google/gale/Kconfig @@ -31,9 +31,9 @@ select SPI_FLASH_WINBOND select DRIVERS_UART -config CHROMEOS +config VBOOT select VBOOT_DISABLE_DEV_ON_RECOVERY - select WIPEOUT_SUPPORTED + select VBOOT_WIPEOUT_SUPPORTED config BOARD_VARIANT_DK01 bool "Build an image for DK01" diff --git a/src/mainboard/google/glados/Kconfig b/src/mainboard/google/glados/Kconfig index 0908294..102a8c1 100644 --- a/src/mainboard/google/glados/Kconfig +++ b/src/mainboard/google/glados/Kconfig @@ -20,9 +20,9 @@ select MONOTONIC_TIMER_MSR select SOC_INTEL_SKYLAKE -config CHROMEOS +config VBOOT select EC_GOOGLE_CHROMEEC_SWITCHES - select LID_SWITCH + select VBOOT_LID_SWITCH config IRQ_SLOT_COUNT int diff --git a/src/mainboard/google/gru/Kconfig b/src/mainboard/google/gru/Kconfig index bd19a29..43f671b 100644 --- a/src/mainboard/google/gru/Kconfig +++ b/src/mainboard/google/gru/Kconfig @@ -45,7 +45,7 @@ select SPI_FLASH_GIGADEVICE select SPI_FLASH_WINBOND -config CHROMEOS +config VBOOT select EC_GOOGLE_CHROMEEC_SWITCHES select MAINBOARD_HAS_SPI_TPM_CR50 if GRU_HAS_TPM2 select SPI_TPM if GRU_HAS_TPM2 diff --git a/src/mainboard/google/jecht/Kconfig b/src/mainboard/google/jecht/Kconfig index 39cee21..fdb5ee0 100644 --- a/src/mainboard/google/jecht/Kconfig +++ b/src/mainboard/google/jecht/Kconfig @@ -14,7 +14,9 @@ config CHROMEOS select CHROMEOS_RAMOOPS_DYNAMIC - select PHYSICAL_REC_SWITCH + +config VBOOT + select VBOOT_PHYSICAL_REC_SWITCH select VBOOT_VBNV_CMOS config MAINBOARD_DIR diff --git a/src/mainboard/google/lars/Kconfig b/src/mainboard/google/lars/Kconfig index 73d502c..78db8b2 100644 --- a/src/mainboard/google/lars/Kconfig +++ b/src/mainboard/google/lars/Kconfig @@ -22,9 +22,9 @@ select MONOTONIC_TIMER_MSR select SOC_INTEL_SKYLAKE -config CHROMEOS +config VBOOT select EC_GOOGLE_CHROMEEC_SWITCHES - select LID_SWITCH + select VBOOT_LID_SWITCH config IRQ_SLOT_COUNT int diff --git a/src/mainboard/google/link/Kconfig b/src/mainboard/google/link/Kconfig index b521f9c..8469e86 100644 --- a/src/mainboard/google/link/Kconfig +++ b/src/mainboard/google/link/Kconfig @@ -16,9 +16,9 @@ select SERIRQ_CONTINUOUS_MODE select MAINBOARD_HAS_NATIVE_VGA_INIT -config CHROMEOS +config VBOOT select EC_GOOGLE_CHROMEEC_SWITCHES - select LID_SWITCH + select VBOOT_LID_SWITCH select VBOOT_VBNV_CMOS config MAINBOARD_DIR diff --git a/src/mainboard/google/nyan/Kconfig b/src/mainboard/google/nyan/Kconfig index 7f5854c..d944a43 100644 --- a/src/mainboard/google/nyan/Kconfig +++ b/src/mainboard/google/nyan/Kconfig @@ -31,7 +31,7 @@ select SPI_FLASH_WINBOND select SPI_FLASH_FAST_READ_DUAL_OUTPUT_3B -config CHROMEOS +config VBOOT select EC_GOOGLE_CHROMEEC_SWITCHES select VBOOT_VBNV_EC diff --git a/src/mainboard/google/nyan_big/Kconfig b/src/mainboard/google/nyan_big/Kconfig index 602e778..cacc301 100644 --- a/src/mainboard/google/nyan_big/Kconfig +++ b/src/mainboard/google/nyan_big/Kconfig @@ -32,7 +32,7 @@ select SPI_FLASH_WINBOND select SPI_FLASH_FAST_READ_DUAL_OUTPUT_3B -config CHROMEOS +config VBOOT select EC_GOOGLE_CHROMEEC_SWITCHES select VBOOT_VBNV_EC diff --git a/src/mainboard/google/nyan_blaze/Kconfig b/src/mainboard/google/nyan_blaze/Kconfig index d64eb72..2264068 100644 --- a/src/mainboard/google/nyan_blaze/Kconfig +++ b/src/mainboard/google/nyan_blaze/Kconfig @@ -33,7 +33,7 @@ select SPI_FLASH_WINBOND select SPI_FLASH_FAST_READ_DUAL_OUTPUT_3B -config CHROMEOS +config VBOOT select EC_GOOGLE_CHROMEEC_SWITCHES select VBOOT_VBNV_EC diff --git a/src/mainboard/google/oak/Kconfig b/src/mainboard/google/oak/Kconfig index 0efa478..28771b8 100644 --- a/src/mainboard/google/oak/Kconfig +++ b/src/mainboard/google/oak/Kconfig @@ -33,10 +33,9 @@ select RAM_CODE_SUPPORT select SPI_FLASH -config CHROMEOS +config VBOOT select EC_GOOGLE_CHROMEEC_SWITCHES select VBOOT_EC_SLOW_UPDATE - select VBOOT_OPROM_MATTERS select VBOOT_VBNV_FLASH config MAINBOARD_DIR diff --git a/src/mainboard/google/parrot/Kconfig b/src/mainboard/google/parrot/Kconfig index 7b6b49b..5ce1f24 100644 --- a/src/mainboard/google/parrot/Kconfig +++ b/src/mainboard/google/parrot/Kconfig @@ -17,7 +17,7 @@ # Workaround for EC/KBC IRQ1. select SERIRQ_CONTINUOUS_MODE -config CHROMEOS +config VBOOT select VBOOT_VBNV_CMOS config MAINBOARD_DIR diff --git a/src/mainboard/google/peach_pit/Kconfig b/src/mainboard/google/peach_pit/Kconfig index be06a18..640c009 100644 --- a/src/mainboard/google/peach_pit/Kconfig +++ b/src/mainboard/google/peach_pit/Kconfig @@ -25,7 +25,7 @@ select MAINBOARD_DO_NATIVE_VGA_INIT select DRIVER_PARADE_PS8625 -config CHROMEOS +config VBOOT select VBOOT_VBNV_EC config MAINBOARD_DIR diff --git a/src/mainboard/google/poppy/Kconfig b/src/mainboard/google/poppy/Kconfig index 2240c2d..fc68edf 100644 --- a/src/mainboard/google/poppy/Kconfig +++ b/src/mainboard/google/poppy/Kconfig @@ -16,9 +16,9 @@ select NO_FADT_8042 select SOC_INTEL_KABYLAKE -config CHROMEOS +config VBOOT select EC_GOOGLE_CHROMEEC_SWITCHES - select LID_SWITCH + select VBOOT_LID_SWITCH config GBB_HWID string diff --git a/src/mainboard/google/purin/Kconfig b/src/mainboard/google/purin/Kconfig index ca0909b..6e05724 100644 --- a/src/mainboard/google/purin/Kconfig +++ b/src/mainboard/google/purin/Kconfig @@ -27,7 +27,7 @@ select SPI_FLASH_SPANSION select SPI_FLASH_STMICRO # required for the reference board BCM958305K -config CHROMEOS +config VBOOT select VBOOT_VBNV_FLASH config MAINBOARD_DIR diff --git a/src/mainboard/google/rambi/Kconfig b/src/mainboard/google/rambi/Kconfig index 9b25b49..78f077a 100644 --- a/src/mainboard/google/rambi/Kconfig +++ b/src/mainboard/google/rambi/Kconfig @@ -13,9 +13,9 @@ if BOARD_GOOGLE_BASEBOARD_RAMBI -config CHROMEOS +config VBOOT select EC_GOOGLE_CHROMEEC_SWITCHES - select LID_SWITCH + select VBOOT_LID_SWITCH select VBOOT_VBNV_CMOS config MAINBOARD_DIR diff --git a/src/mainboard/google/reef/Kconfig b/src/mainboard/google/reef/Kconfig index b6c3462..c4bf212 100644 --- a/src/mainboard/google/reef/Kconfig +++ b/src/mainboard/google/reef/Kconfig @@ -37,11 +37,11 @@ int default 60 # GPE0_DW1_28 -config CHROMEOS +config VBOOT select EC_GOOGLE_CHROMEEC_SWITCHES select HAS_RECOVERY_MRC_CACHE select MRC_CLEAR_NORMAL_CACHE_ON_RECOVERY_RETRAIN - select LID_SWITCH if BASEBOARD_REEF_LAPTOP + select VBOOT_LID_SWITCH if BASEBOARD_REEF_LAPTOP config MAINBOARD_DIR string diff --git a/src/mainboard/google/rotor/Kconfig b/src/mainboard/google/rotor/Kconfig index a47a766..437fa02 100644 --- a/src/mainboard/google/rotor/Kconfig +++ b/src/mainboard/google/rotor/Kconfig @@ -21,7 +21,7 @@ select MAINBOARD_HAS_CHROMEOS select BOARD_ROMSIZE_KB_4096 -config CHROMEOS +config VBOOT select VBOOT_MOCK_SECDATA config MAINBOARD_DIR @@ -37,7 +37,7 @@ depends on CHROMEOS default "ROTOR TEST 1234" -config CHROMEOS_FWID_MODEL +config VBOOT_FWID_MODEL string default "Marvell_Rotor" diff --git a/src/mainboard/google/slippy/Kconfig b/src/mainboard/google/slippy/Kconfig index a19c966..1537ff1 100644 --- a/src/mainboard/google/slippy/Kconfig +++ b/src/mainboard/google/slippy/Kconfig @@ -21,9 +21,9 @@ if BOARD_GOOGLE_BASEBOARD_SLIPPY -config CHROMEOS +config VBOOT select EC_GOOGLE_CHROMEEC_SWITCHES - select LID_SWITCH + select VBOOT_LID_SWITCH select MAINBOARD_DO_NATIVE_VGA_INIT if (BOARD_GOOGLE_FALCO || BOARD_GOOGLE_PEPPY) select VBOOT_VBNV_CMOS diff --git a/src/mainboard/google/smaug/Kconfig b/src/mainboard/google/smaug/Kconfig index 5207674..344be28 100644 --- a/src/mainboard/google/smaug/Kconfig +++ b/src/mainboard/google/smaug/Kconfig @@ -32,7 +32,7 @@ select MAINBOARD_HAS_CHROMEOS select RAM_CODE_SUPPORT -config CHROMEOS +config VBOOT select EC_GOOGLE_CHROMEEC_SWITCHES select VBOOT_VBNV_FLASH diff --git a/src/mainboard/google/storm/Kconfig b/src/mainboard/google/storm/Kconfig index f844cf8..24822ab 100644 --- a/src/mainboard/google/storm/Kconfig +++ b/src/mainboard/google/storm/Kconfig @@ -29,9 +29,9 @@ select SPI_FLASH_STMICRO select DRIVERS_UART -config CHROMEOS +config VBOOT select VBOOT_DISABLE_DEV_ON_RECOVERY - select WIPEOUT_SUPPORTED + select VBOOT_WIPEOUT_SUPPORTED config BOARD_VARIANT_AP148 bool "pick this to build an image for ap148" diff --git a/src/mainboard/google/stout/Kconfig b/src/mainboard/google/stout/Kconfig index 571cbce..d34f595 100644 --- a/src/mainboard/google/stout/Kconfig +++ b/src/mainboard/google/stout/Kconfig @@ -17,7 +17,7 @@ select INTEL_INT15 select SANDYBRIDGE_IVYBRIDGE_LVDS -config CHROMEOS +config VBOOT select VBOOT_VBNV_CMOS config MAINBOARD_DIR diff --git a/src/mainboard/google/veyron/Kconfig b/src/mainboard/google/veyron/Kconfig index 3eb3252..5fb340b 100644 --- a/src/mainboard/google/veyron/Kconfig +++ b/src/mainboard/google/veyron/Kconfig @@ -45,7 +45,7 @@ select SPI_FLASH_GIGADEVICE select SPI_FLASH_WINBOND -config CHROMEOS +config VBOOT select VBOOT_VBNV_EC config MAINBOARD_DIR @@ -54,6 +54,11 @@ config MAINBOARD_PART_NUMBER string + default "Veyron_Jaq" if BOARD_GOOGLE_VEYRON_JAQ + default "Veyron_Jerry" if BOARD_GOOGLE_VEYRON_JERRY + default "Veyron_Mighty" if BOARD_GOOGLE_VEYRON_MIGHTY + default "Veyron_Minnie" if BOARD_GOOGLE_VEYRON_MINNIE + default "Veyron_Speedy" if BOARD_GOOGLE_VEYRON_SPEEDY default "Veyron" config MAINBOARD_VENDOR @@ -111,13 +116,5 @@ default "MIGHTY TEST A-A 4557" if BOARD_GOOGLE_VEYRON_MIGHTY default "MINNIE TEST A-A 5151" if BOARD_GOOGLE_VEYRON_MINNIE default "SPEEDY TEST A-A 8421" if BOARD_GOOGLE_VEYRON_SPEEDY - -config CHROMEOS_FWID_MODEL - string - default "Google_Veyron_Jaq" if BOARD_GOOGLE_VEYRON_JAQ - default "Google_Veyron_Jerry" if BOARD_GOOGLE_VEYRON_JERRY - default "Google_Veyron_Mighty" if BOARD_GOOGLE_VEYRON_MIGHTY - default "Google_Veyron_Minnie" if BOARD_GOOGLE_VEYRON_MINNIE - default "Google_Veyron_Speedy" if BOARD_GOOGLE_VEYRON_SPEEDY endif # BOARD_GOOGLE_VEYRON diff --git a/src/mainboard/google/veyron_mickey/Kconfig b/src/mainboard/google/veyron_mickey/Kconfig index 24d7921..1f66ff0 100644 --- a/src/mainboard/google/veyron_mickey/Kconfig +++ b/src/mainboard/google/veyron_mickey/Kconfig @@ -30,8 +30,8 @@ select SPI_FLASH_GIGADEVICE select SPI_FLASH_WINBOND -config CHROMEOS - select PHYSICAL_REC_SWITCH +config VBOOT + select VBOOT_PHYSICAL_REC_SWITCH select VBOOT_VBNV_FLASH config MAINBOARD_DIR @@ -40,7 +40,7 @@ config MAINBOARD_PART_NUMBER string - default "Veyron_mickey" + default "Veyron_Mickey" config MAINBOARD_VENDOR string @@ -71,9 +71,5 @@ string depends on CHROMEOS default "MICKEY TEST A-A 0352" - -config CHROMEOS_FWID_MODEL - string - default "Google_Veyron_Mickey" endif # BOARD_GOOGLE_VEYRON_MICKEY diff --git a/src/mainboard/google/veyron_rialto/Kconfig b/src/mainboard/google/veyron_rialto/Kconfig index bbd6ffd..cc6a4a6 100644 --- a/src/mainboard/google/veyron_rialto/Kconfig +++ b/src/mainboard/google/veyron_rialto/Kconfig @@ -30,8 +30,8 @@ select SPI_FLASH_GIGADEVICE select SPI_FLASH_WINBOND -config CHROMEOS - select PHYSICAL_REC_SWITCH +config VBOOT + select VBOOT_PHYSICAL_REC_SWITCH select VBOOT_VBNV_FLASH config MAINBOARD_DIR diff --git a/src/mainboard/intel/baskingridge/Kconfig b/src/mainboard/intel/baskingridge/Kconfig index df5d312..445dbcb 100644 --- a/src/mainboard/intel/baskingridge/Kconfig +++ b/src/mainboard/intel/baskingridge/Kconfig @@ -14,7 +14,7 @@ select MAINBOARD_HAS_LPC_TPM select INTEL_INT15 -config CHROMEOS +config VBOOT select VBOOT_VBNV_CMOS config MAINBOARD_DIR diff --git a/src/mainboard/intel/emeraldlake2/Kconfig b/src/mainboard/intel/emeraldlake2/Kconfig index 9ee41e8..7b5528a 100644 --- a/src/mainboard/intel/emeraldlake2/Kconfig +++ b/src/mainboard/intel/emeraldlake2/Kconfig @@ -13,7 +13,7 @@ select INTEL_INT15 #select MAINBOARD_HAS_CHROMEOS -config CHROMEOS +config VBOOT #select VBOOT_VBNV_CMOS config MAINBOARD_DIR diff --git a/src/mainboard/intel/galileo/Kconfig b/src/mainboard/intel/galileo/Kconfig index f31ca5e..0ab682c 100644 --- a/src/mainboard/intel/galileo/Kconfig +++ b/src/mainboard/intel/galileo/Kconfig @@ -153,7 +153,7 @@ select COLLECT_TIMESTAMPS select I2C_TPM select MAINBOARD_HAS_I2C_TPM_ATMEL - select SEPARATE_VERSTAGE + select VBOOT_SEPARATE_VERSTAGE select VBOOT select VBOOT_STARTS_IN_BOOTBLOCK select VBOOT_SOFT_REBOOT_WORKAROUND diff --git a/src/mainboard/intel/kblrvp/Kconfig b/src/mainboard/intel/kblrvp/Kconfig index 296b922..6aa4ad5 100644 --- a/src/mainboard/intel/kblrvp/Kconfig +++ b/src/mainboard/intel/kblrvp/Kconfig @@ -14,8 +14,8 @@ select MAINBOARD_HAS_CHROMEOS select GENERIC_SPD_BIN -config CHROMEOS - select LID_SWITCH +config VBOOT + select VBOOT_LID_SWITCH choice prompt "TPM to USE" diff --git a/src/mainboard/intel/kunimitsu/Kconfig b/src/mainboard/intel/kunimitsu/Kconfig index 64a360f..aec394b 100644 --- a/src/mainboard/intel/kunimitsu/Kconfig +++ b/src/mainboard/intel/kunimitsu/Kconfig @@ -34,9 +34,9 @@ endchoice -config CHROMEOS +config VBOOT select EC_GOOGLE_CHROMEEC_SWITCHES - select LID_SWITCH + select VBOOT_LID_SWITCH config IRQ_SLOT_COUNT int diff --git a/src/mainboard/intel/strago/Kconfig b/src/mainboard/intel/strago/Kconfig index c7221e9..f568891 100644 --- a/src/mainboard/intel/strago/Kconfig +++ b/src/mainboard/intel/strago/Kconfig @@ -15,9 +15,9 @@ select SOC_INTEL_BRASWELL select PCIEXP_L1_SUB_STATE -config CHROMEOS +config VBOOT select EC_GOOGLE_CHROMEEC_SWITCHES - select LID_SWITCH + select VBOOT_LID_SWITCH select VBOOT_VBNV_CMOS config DYNAMIC_VNN_SUPPORT diff --git a/src/mainboard/intel/wtm2/Kconfig b/src/mainboard/intel/wtm2/Kconfig index f57cb23..76ed4bf 100644 --- a/src/mainboard/intel/wtm2/Kconfig +++ b/src/mainboard/intel/wtm2/Kconfig @@ -15,6 +15,8 @@ config CHROMEOS select CHROMEOS_RAMOOPS_DYNAMIC + +config VBOOT select VBOOT_VBNV_CMOS config MAINBOARD_DIR diff --git a/src/mainboard/samsung/lumpy/Kconfig b/src/mainboard/samsung/lumpy/Kconfig index db1debb..bd7078d 100644 --- a/src/mainboard/samsung/lumpy/Kconfig +++ b/src/mainboard/samsung/lumpy/Kconfig @@ -20,9 +20,9 @@ select DRIVERS_GENERIC_IOAPIC select INTEL_INT15 -config CHROMEOS - select PHYSICAL_DEV_SWITCH - select PHYSICAL_REC_SWITCH +config VBOOT + select VBOOT_PHYSICAL_DEV_SWITCH + select VBOOT_PHYSICAL_REC_SWITCH select VBOOT_VBNV_CMOS config MAINBOARD_DIR diff --git a/src/mainboard/samsung/stumpy/Kconfig b/src/mainboard/samsung/stumpy/Kconfig index f8e9b99..4f3d1e9 100644 --- a/src/mainboard/samsung/stumpy/Kconfig +++ b/src/mainboard/samsung/stumpy/Kconfig @@ -17,9 +17,9 @@ select SUPERIO_SMSC_LPC47N207 select INTEL_INT15 -config CHROMEOS - select PHYSICAL_DEV_SWITCH - select PHYSICAL_REC_SWITCH +config VBOOT + select VBOOT_PHYSICAL_DEV_SWITCH + select VBOOT_PHYSICAL_REC_SWITCH select VBOOT_VBNV_CMOS config MAINBOARD_DIR diff --git a/src/soc/broadcom/cygnus/Kconfig b/src/soc/broadcom/cygnus/Kconfig index e5849f0..e2f97e4 100644 --- a/src/soc/broadcom/cygnus/Kconfig +++ b/src/soc/broadcom/cygnus/Kconfig @@ -28,10 +28,10 @@ if SOC_BROADCOM_CYGNUS -config CHROMEOS +config VBOOT select VBOOT_STARTS_IN_BOOTBLOCK - select SEPARATE_VERSTAGE - select RETURN_FROM_VERSTAGE + select VBOOT_SEPARATE_VERSTAGE + select VBOOT_RETURN_FROM_VERSTAGE config CONSOLE_SERIAL_UART_ADDRESS hex diff --git a/src/soc/intel/apollolake/Kconfig b/src/soc/intel/apollolake/Kconfig index 234e290..ca8f5d0 100644 --- a/src/soc/intel/apollolake/Kconfig +++ b/src/soc/intel/apollolake/Kconfig @@ -70,7 +70,9 @@ config CHROMEOS select CHROMEOS_RAMOOPS_DYNAMIC - select SEPARATE_VERSTAGE + +config VBOOT + select VBOOT_SEPARATE_VERSTAGE select VBOOT_OPROM_MATTERS select VBOOT_SAVE_RECOVERY_REASON_ON_REBOOT select VBOOT_STARTS_IN_BOOTBLOCK diff --git a/src/soc/intel/quark/romstage/fsp1_1.c b/src/soc/intel/quark/romstage/fsp1_1.c index f715f43..6ce2079 100644 --- a/src/soc/intel/quark/romstage/fsp1_1.c +++ b/src/soc/intel/quark/romstage/fsp1_1.c @@ -119,7 +119,7 @@ printk(BIOS_SPEW, "| coreboot stack |\n"); printk(BIOS_SPEW, "+-------------------+ 0x%p", _car_stack_start); - if (IS_ENABLED(CONFIG_SEPARATE_VERSTAGE)) { + if (IS_ENABLED(CONFIG_VBOOT_SEPARATE_VERSTAGE)) { printk(BIOS_SPEW, "\n"); printk(BIOS_SPEW, "| vboot data |\n"); printk(BIOS_SPEW, "+-------------------+ 0x%08x", diff --git a/src/soc/intel/skylake/Kconfig b/src/soc/intel/skylake/Kconfig index b7c5552..8ac7263 100644 --- a/src/soc/intel/skylake/Kconfig +++ b/src/soc/intel/skylake/Kconfig @@ -87,8 +87,10 @@ config CHROMEOS select CHROMEOS_RAMOOPS_DYNAMIC - select SEPARATE_VERSTAGE - select VBOOT_EC_SLOW_UPDATE if EC_GOOGLE_CHROMEEC + +config VBOOT + select VBOOT_EC_SLOW_UPDATE if VBOOT_EC_SOFTWARE_SYNC + select VBOOT_SEPARATE_VERSTAGE select VBOOT_OPROM_MATTERS select VBOOT_SAVE_RECOVERY_REASON_ON_REBOOT select VBOOT_STARTS_IN_BOOTBLOCK diff --git a/src/soc/marvell/armada38x/Kconfig b/src/soc/marvell/armada38x/Kconfig index ed8cbe8..20f9d09 100644 --- a/src/soc/marvell/armada38x/Kconfig +++ b/src/soc/marvell/armada38x/Kconfig @@ -7,13 +7,15 @@ select ARCH_RAMSTAGE_ARMV7 select HAVE_UART_SPECIAL select BOOTBLOCK_CONSOLE - select RETURN_FROM_VERSTAGE select BOOTBLOCK_CUSTOM select GENERIC_UDELAY select UART_OVERRIDE_REFCLK if SOC_MARVELL_ARMADA38X +config VBOOT + select VBOOT_RETURN_FROM_VERSTAGE + config BOOTBLOCK_CPU_INIT string default "soc/marvell/armada38x/bootblock.c" diff --git a/src/soc/marvell/bg4cd/Kconfig b/src/soc/marvell/bg4cd/Kconfig index cdd8597..6f9b6aa 100644 --- a/src/soc/marvell/bg4cd/Kconfig +++ b/src/soc/marvell/bg4cd/Kconfig @@ -28,7 +28,7 @@ if SOC_MARVELL_BG4CD -config CHROMEOS +config VBOOT select VBOOT_STARTS_IN_BOOTBLOCK endif diff --git a/src/soc/marvell/mvmap2315/Kconfig b/src/soc/marvell/mvmap2315/Kconfig index 45e03c1..072f4ee 100644 --- a/src/soc/marvell/mvmap2315/Kconfig +++ b/src/soc/marvell/mvmap2315/Kconfig @@ -31,8 +31,7 @@ if SOC_MARVELL_MVMAP2315 -config CHROMEOS - select VBOOT +config VBOOT select VBOOT_STARTS_IN_ROMSTAGE config CONSOLE_SERIAL_MVMAP2315_UART_ADDRESS diff --git a/src/soc/mediatek/mt8173/Kconfig b/src/soc/mediatek/mt8173/Kconfig index 7558ad1..a367470 100644 --- a/src/soc/mediatek/mt8173/Kconfig +++ b/src/soc/mediatek/mt8173/Kconfig @@ -17,10 +17,10 @@ if SOC_MEDIATEK_MT8173 -config CHROMEOS +config VBOOT select VBOOT_OPROM_MATTERS select VBOOT_STARTS_IN_BOOTBLOCK - select SEPARATE_VERSTAGE + select VBOOT_SEPARATE_VERSTAGE config MEMORY_TEST bool diff --git a/src/soc/nvidia/tegra124/Kconfig b/src/soc/nvidia/tegra124/Kconfig index fdbbc7f..cd753f4 100644 --- a/src/soc/nvidia/tegra124/Kconfig +++ b/src/soc/nvidia/tegra124/Kconfig @@ -16,10 +16,10 @@ if SOC_NVIDIA_TEGRA124 -config CHROMEOS +config VBOOT select VBOOT_OPROM_MATTERS select VBOOT_STARTS_IN_BOOTBLOCK - select SEPARATE_VERSTAGE + select VBOOT_SEPARATE_VERSTAGE config TEGRA124_MODEL_TD570D bool "TD570D" diff --git a/src/soc/nvidia/tegra210/Kconfig b/src/soc/nvidia/tegra210/Kconfig index 880f199..30a23ef 100644 --- a/src/soc/nvidia/tegra210/Kconfig +++ b/src/soc/nvidia/tegra210/Kconfig @@ -17,9 +17,9 @@ if SOC_NVIDIA_TEGRA210 -config CHROMEOS +config VBOOT select VBOOT_STARTS_IN_BOOTBLOCK - select SEPARATE_VERSTAGE + select VBOOT_SEPARATE_VERSTAGE select VBOOT_OPROM_MATTERS config MAINBOARD_DO_DSI_INIT diff --git a/src/soc/qualcomm/ipq40xx/Kconfig b/src/soc/qualcomm/ipq40xx/Kconfig index d0c1fbd..b0d3f07 100644 --- a/src/soc/qualcomm/ipq40xx/Kconfig +++ b/src/soc/qualcomm/ipq40xx/Kconfig @@ -12,10 +12,10 @@ if SOC_QC_IPQ40XX -config CHROMEOS +config VBOOT select VBOOT_STARTS_IN_BOOTBLOCK - select RETURN_FROM_VERSTAGE - select SEPARATE_VERSTAGE + select VBOOT_SEPARATE_VERSTAGE + select VBOOT_RETURN_FROM_VERSTAGE select VBOOT_VBNV_FLASH config IPQ_QFN_PART diff --git a/src/soc/qualcomm/ipq806x/Kconfig b/src/soc/qualcomm/ipq806x/Kconfig index 13977e5..54300eb 100644 --- a/src/soc/qualcomm/ipq806x/Kconfig +++ b/src/soc/qualcomm/ipq806x/Kconfig @@ -11,11 +11,11 @@ if SOC_QC_IPQ806X -config CHROMEOS +config VBOOT select VBOOT_STARTS_IN_BOOTBLOCK select VBOOT_VBNV_FLASH - select SEPARATE_VERSTAGE - select RETURN_FROM_VERSTAGE + select VBOOT_SEPARATE_VERSTAGE + select VBOOT_RETURN_FROM_VERSTAGE config MBN_ENCAPSULATION depends on USE_BLOBS diff --git a/src/soc/rockchip/rk3288/Kconfig b/src/soc/rockchip/rk3288/Kconfig index ea34bb9..19e52b6 100644 --- a/src/soc/rockchip/rk3288/Kconfig +++ b/src/soc/rockchip/rk3288/Kconfig @@ -31,11 +31,11 @@ if SOC_ROCKCHIP_RK3288 -config CHROMEOS +config VBOOT select VBOOT_OPROM_MATTERS select VBOOT_STARTS_IN_BOOTBLOCK - select SEPARATE_VERSTAGE - select RETURN_FROM_VERSTAGE + select VBOOT_SEPARATE_VERSTAGE + select VBOOT_RETURN_FROM_VERSTAGE config PMIC_BUS int diff --git a/src/soc/rockchip/rk3399/Kconfig b/src/soc/rockchip/rk3399/Kconfig index b4017c8..65b31d5 100644 --- a/src/soc/rockchip/rk3399/Kconfig +++ b/src/soc/rockchip/rk3399/Kconfig @@ -14,9 +14,9 @@ if SOC_ROCKCHIP_RK3399 -config CHROMEOS - select RETURN_FROM_VERSTAGE - select SEPARATE_VERSTAGE +config VBOOT + select VBOOT_SEPARATE_VERSTAGE + select VBOOT_RETURN_FROM_VERSTAGE select VBOOT_OPROM_MATTERS select VBOOT_STARTS_IN_BOOTBLOCK diff --git a/src/vboot/Kconfig b/src/vboot/Kconfig index a92a2fa..c517323 100644 --- a/src/vboot/Kconfig +++ b/src/vboot/Kconfig @@ -12,127 +12,7 @@ ## GNU General Public License for more details. ## -config VBOOT_VBNV_OFFSET - hex - default 0x26 - depends on PC80_SYSTEM - help - CMOS offset for VbNv data. This value must match cmos.layout - in the mainboard directory, minus 14 bytes for the RTC. - -config VBOOT_VBNV_CMOS - bool "Vboot non-volatile storage in CMOS." - default n - help - VBNV is stored in CMOS - -config VBOOT_VBNV_CMOS_BACKUP_TO_FLASH - bool "Back up Vboot non-volatile storage from CMOS to flash." - default n - depends on VBOOT_VBNV_CMOS && BOOT_DEVICE_SUPPORTS_WRITES - help - Vboot non-volatile storage data will be backed up from CMOS to flash - and restored from flash if the CMOS is invalid due to power loss. - -config VBOOT_VBNV_EC - bool "Vboot non-volatile storage in EC." - default n - help - VBNV is stored in EC - -config VBOOT_VBNV_FLASH - def_bool n - depends on BOOT_DEVICE_SUPPORTS_WRITES - help - VBNV is stored in flash storage - -config VBOOT_STARTS_IN_BOOTBLOCK - bool "Vboot starts verifying in bootblock" - default n - depends on VBOOT - help - Firmware verification happens during or at the end of bootblock. - -config VBOOT_STARTS_IN_ROMSTAGE - bool "Vboot starts verifying in romstage" - default n - depends on VBOOT && !VBOOT_STARTS_IN_BOOTBLOCK - help - Firmware verification happens during or at the end of romstage. - -config VBOOT_MOCK_SECDATA - bool "Mock secdata for firmware verification" - default n - depends on VBOOT - help - Enabling VBOOT_MOCK_SECDATA will mock secdata for the firmware - verification to avoid access to a secdata storage (typically TPM). - All operations for a secdata storage will be successful. This option - can be used during development when a TPM is not present or broken. - THIS SHOULD NOT BE LEFT ON FOR PRODUCTION DEVICES. - -config VBOOT_DISABLE_DEV_ON_RECOVERY - bool "Disable dev mode on recovery requests" - default n - depends on VBOOT - help - When this option is enabled, the Chrome OS device leaves the - developer mode as soon as recovery request is detected. This is - handy on embedded devices with limited input capabilities. - -config SEPARATE_VERSTAGE - bool "Vboot verification is built into a separate stage" - default n - depends on VBOOT && VBOOT_STARTS_IN_BOOTBLOCK - help - If this option is set, vboot verification runs in a standalone stage - that is loaded from the bootblock and exits into romstage. If it is - not set, the verification code is linked directly into the bootblock - or the romstage and runs as part of that stage (cf. related options - VBOOT_STARTS_IN_BOOTBLOCK/_ROMSTAGE and RETURN_FROM_VERSTAGE). - -config RETURN_FROM_VERSTAGE - bool "The separate verification stage returns to its caller" - default n - depends on SEPARATE_VERSTAGE - help - If this is set, the verstage returns back to the calling stage instead - of exiting to the succeeding stage so that the verstage space can be - reused by the succeeding stage. This is useful if a RAM space is too - small to fit both the verstage and the succeeding stage. - -config VBOOT_SAVE_RECOVERY_REASON_ON_REBOOT - bool - default n - depends on VBOOT - help - This option ensures that the recovery request is not lost because of - reboots caused after vboot verification is run. e.g. reboots caused by - FSP components on Intel platforms. - -config VBOOT_OPROM_MATTERS - bool "Video option ROM matters (= can skip display init)" - default n - depends on VBOOT - help - Set this option to indicate to vboot that this platform will skip its - display initialization on a normal (non-recovery, non-developer) boot. - Vboot calls this "oprom matters" because on x86 devices this - traditionally meant that the video option ROM will not be loaded, but - it works functionally the same for other platforms that can skip their - native display initialization code instead. - -config VBOOT_HAS_REC_HASH_SPACE - bool - default n - depends on VBOOT - help - Set this option to indicate to vboot that recovery data hash space - is present in TPM. - -config VBOOT_SOFT_REBOOT_WORKAROUND - bool - default n +menu "Verified Boot (vboot)" config VBOOT bool "Verify firmware with vboot." @@ -145,3 +25,293 @@ help Enabling VBOOT will use vboot to verify the components of the firmware (stages, payload, etc). + +if VBOOT + +config VBOOT_VBNV_CMOS + bool + default n + depends on PC80_SYSTEM + help + VBNV is stored in CMOS + +config VBOOT_VBNV_OFFSET + hex + default 0x26 + depends on VBOOT_VBNV_CMOS + help + CMOS offset for VbNv data. This value must match cmos.layout + in the mainboard directory, minus 14 bytes for the RTC. + +config VBOOT_VBNV_CMOS_BACKUP_TO_FLASH + bool + default n + depends on VBOOT_VBNV_CMOS && BOOT_DEVICE_SUPPORTS_WRITES + help + Vboot non-volatile storage data will be backed up from CMOS to flash + and restored from flash if the CMOS is invalid due to power loss. + +config VBOOT_VBNV_EC + bool + default n + help + VBNV is stored in EC + +config VBOOT_VBNV_FLASH + bool + default n + depends on BOOT_DEVICE_SUPPORTS_WRITES + help + VBNV is stored in flash storage + +config VBOOT_STARTS_IN_BOOTBLOCK + bool + default n + help + Firmware verification happens during the end of or right after the + bootblock. This implies that a static VBOOT2_WORK() buffer must be + allocated in memlayout. + +config VBOOT_STARTS_IN_ROMSTAGE + bool + default n + depends on !VBOOT_STARTS_IN_BOOTBLOCK + help + Firmware verification happens during the end of romstage (after + memory initialization). This implies that vboot working data is + allocated in CBMEM. + +config VBOOT_MOCK_SECDATA + bool "Mock secdata for firmware verification" + default n + help + Enabling VBOOT_MOCK_SECDATA will mock secdata for the firmware + verification to avoid access to a secdata storage (typically TPM). + All operations for a secdata storage will be successful. This option + can be used during development when a TPM is not present or broken. + THIS SHOULD NOT BE LEFT ON FOR PRODUCTION DEVICES. + +config VBOOT_DISABLE_DEV_ON_RECOVERY + bool + default n + help + When this option is enabled, the Chrome OS device leaves the + developer mode as soon as recovery request is detected. This is + handy on embedded devices with limited input capabilities. + +config VBOOT_SEPARATE_VERSTAGE + bool + default n + depends on VBOOT_STARTS_IN_BOOTBLOCK + help + If this option is set, vboot verification runs in a standalone stage + that is loaded from the bootblock and exits into romstage. If it is + not set, the verification code is linked directly into the bootblock + or the romstage and runs as part of that stage (cf. related options + VBOOT_STARTS_IN_BOOTBLOCK/_ROMSTAGE and VBOOT_RETURN_FROM_VERSTAGE). + +config VBOOT_RETURN_FROM_VERSTAGE + bool + default n + depends on VBOOT_SEPARATE_VERSTAGE + help + If this is set, the verstage returns back to the calling stage instead + of exiting to the succeeding stage so that the verstage space can be + reused by the succeeding stage. This is useful if a RAM space is too + small to fit both the verstage and the succeeding stage. + +config VBOOT_SAVE_RECOVERY_REASON_ON_REBOOT + bool + default n + help + This option ensures that the recovery request is not lost because of + reboots caused after vboot verification is run. e.g. reboots caused by + FSP components on Intel platforms. + +config VBOOT_OPROM_MATTERS + bool + default n + help + Set this option to indicate to vboot that this platform will skip its + display initialization on a normal (non-recovery, non-developer) boot. + Vboot calls this "oprom matters" because on x86 devices this + traditionally meant that the video option ROM will not be loaded, but + it works functionally the same for other platforms that can skip their + native display initialization code instead. + +config VBOOT_HAS_REC_HASH_SPACE + bool + default n + help + Set this option to indicate to vboot that recovery data hash space + is present in TPM. + +config VBOOT_SOFT_REBOOT_WORKAROUND + bool + default n + +config VBOOT_EC_SOFTWARE_SYNC + bool "Enable EC software sync" + default y if EC_GOOGLE_CHROMEEC + default n + help + EC software sync is a mechanism where the AP helps the EC verify its + firmware similar to how vboot verifies the main system firmware. This + option selects whether vboot should support EC software sync. + +config VBOOT_EC_SLOW_UPDATE + bool + default n + depends on VBOOT_EC_SOFTWARE_SYNC + help + Whether the EC (or PD) is slow to update and needs to display a + screen that informs the user the update is happening. + +config VBOOT_PHYSICAL_DEV_SWITCH + bool + default n + help + Whether this platform has a physical developer switch. Note that this + disables virtual dev switch functionality (through secdata). Operation + where both a physical pin and the virtual switch get sampled is not + supported by coreboot. + +config VBOOT_PHYSICAL_REC_SWITCH + bool + default n + help + Whether this platform has a physical recovery switch. + +config VBOOT_LID_SWITCH + bool + default n + help + Whether this platform has a lid switch. If it does, vboot will not + decrement try counters for boot failures if the lid is closed. + +config VBOOT_WIPEOUT_SUPPORTED + bool + default n + help + When this option is enabled, the firmware provides the ability to + signal the application the need for factory reset (a.k.a. wipe + out) of the device + +config VBOOT_FWID_MODEL + string "Firmware ID model" + default "$(CONFIG_MAINBOARD_VENDOR)_$(CONFIG_MAINBOARD_PART_NUMBER)" + help + This is the first part of the FWID written to various regions of a + vboot firmware image to identify its version. + +config VBOOT_FWID_VERSION + string "Firmware ID version" + default "$(KERNELVERSION)" + help + This is the second part of the FWID written to various regions of a + vboot firmware image to identify its version. + +menu "GBB configuration" + +config GBB_HWID + string "Hardware ID" + default "NOCONF HWID" + +config GBB_BMPFV_FILE + string "Path to bmpfv image" + default "" + +config GBB_FLAG_DEV_SCREEN_SHORT_DELAY + bool "Reduce dev screen delay" + default n + +config GBB_FLAG_LOAD_OPTION_ROMS + bool "Load option ROMs" + default n + +config GBB_FLAG_ENABLE_ALTERNATE_OS + bool "Allow booting a non-Chrome OS kernel if dev switch is on" + default n + +config GBB_FLAG_FORCE_DEV_SWITCH_ON + bool "Force dev switch on" + default n + +config GBB_FLAG_FORCE_DEV_BOOT_USB + bool "Allow booting from USB in dev mode even if dev_boot_usb=0" + default y + +config GBB_FLAG_DISABLE_FW_ROLLBACK_CHECK + bool "Disable firmware rollback protection" + default y + +config GBB_FLAG_ENTER_TRIGGERS_TONORM + bool "Return to normal boot with Enter" + default n + +config GBB_FLAG_FORCE_DEV_BOOT_LEGACY + bool "Allow booting to legacy in dev mode even if dev_boot_legacy=0" + default n + +config GBB_FLAG_FAFT_KEY_OVERIDE + bool "Allow booting using alternative keys for FAFT servo testing" + default n + +config GBB_FLAG_DISABLE_EC_SOFTWARE_SYNC + bool "Disable EC software sync" + default n + +config GBB_FLAG_DEFAULT_DEV_BOOT_LEGACY + bool "Default to booting to legacy in dev mode" + default n + +config GBB_FLAG_DISABLE_PD_SOFTWARE_SYNC + bool "Disable PD software sync" + default n + +config GBB_FLAG_DISABLE_LID_SHUTDOWN + bool "Disable shutdown on closed lid" + default n + +config GBB_FLAG_FORCE_DEV_BOOT_FASTBOOT_FULL_CAP + bool "Allow fastboot even if dev_boot_fastboot_full_cap=0" + default n + +config GBB_FLAG_ENABLE_SERIAL + bool "Tell vboot to enable serial console" + default n + +endmenu # GBB + +menu "Vboot Keys" +config VBOOT_ROOT_KEY + string "Root key (public)" + default "$(VBOOT_SOURCE)/tests/devkeys/root_key.vbpubk" + +config VBOOT_RECOVERY_KEY + string "Recovery key (public)" + default "$(VBOOT_SOURCE)/tests/devkeys/recovery_key.vbpubk" + +config VBOOT_FIRMWARE_PRIVKEY + string "Firmware key (private)" + default "$(VBOOT_SOURCE)/tests/devkeys/firmware_data_key.vbprivk" + +config VBOOT_KERNEL_KEY + string "Kernel subkey (public)" + default "$(VBOOT_SOURCE)/tests/devkeys/kernel_subkey.vbpubk" + +config VBOOT_KEYBLOCK + string "Keyblock to use for the RW regions" + default "$(VBOOT_SOURCE)/tests/devkeys/firmware.keyblock" + +config VBOOT_KEYBLOCK_VERSION + int "Keyblock version number" + default 1 + +config VBOOT_KEYBLOCK_PREAMBLE_FLAGS + hex "Keyblock preamble flags" + default 0x0 + +endmenu # Keys +endif # VBOOT +endmenu # Verified Boot (vboot) diff --git a/src/vboot/Makefile.inc b/src/vboot/Makefile.inc index a09811b..56a3bac 100644 --- a/src/vboot/Makefile.inc +++ b/src/vboot/Makefile.inc @@ -67,17 +67,17 @@ verstage-y += verstage.c ifeq (${CONFIG_VBOOT_MOCK_SECDATA},y) libverstage-y += secdata_mock.c -romstage-$(CONFIG_SEPARATE_VERSTAGE) += secdata_mock.c +romstage-$(CONFIG_VBOOT_SEPARATE_VERSTAGE) += secdata_mock.c else libverstage-y += secdata_tpm.c -romstage-$(CONFIG_SEPARATE_VERSTAGE) += secdata_tpm.c +romstage-$(CONFIG_VBOOT_SEPARATE_VERSTAGE) += secdata_tpm.c endif romstage-y += vboot_handoff.c common.c ramstage-y += common.c postcar-y += common.c -ifeq ($(CONFIG_SEPARATE_VERSTAGE),y) +ifeq ($(CONFIG_VBOOT_SEPARATE_VERSTAGE),y) VB_FIRMWARE_ARCH := $(ARCHDIR-$(ARCH-verstage-y)) else ifeq ($(CONFIG_VBOOT_STARTS_IN_BOOTBLOCK),y) @@ -85,7 +85,7 @@ else VB_FIRMWARE_ARCH := $(ARCHDIR-$(ARCH-romstage-y)) endif -endif # CONFIG_SEPARATE_VERSTAGE +endif # CONFIG_VBOOT_SEPARATE_VERSTAGE VB2_LIB = $(obj)/external/vboot_reference/vboot_fw20.a VBOOT_CFLAGS += $(patsubst -I%,-I$(top)/%, $(filter-out -I$(obj), $(filter-out -include $(src)/include/kconfig.h, $(CPPFLAGS_libverstage)))) @@ -106,7 +106,7 @@ libverstage-srcs += $(VB2_LIB) -ifeq ($(CONFIG_SEPARATE_VERSTAGE),y) +ifeq ($(CONFIG_VBOOT_SEPARATE_VERSTAGE),y) # This works under the assumption that romstage and verstage use the same # architecture and thus CC_verstage is the same as CC_romstage. If this is not @@ -115,7 +115,7 @@ romstage-srcs += $(VB2_LIB) endif -cbfs-files-$(CONFIG_SEPARATE_VERSTAGE) += $(CONFIG_CBFS_PREFIX)/verstage +cbfs-files-$(CONFIG_VBOOT_SEPARATE_VERSTAGE) += $(CONFIG_CBFS_PREFIX)/verstage $(CONFIG_CBFS_PREFIX)/verstage-file := $(objcbfs)/verstage.elf $(CONFIG_CBFS_PREFIX)/verstage-type := stage $(CONFIG_CBFS_PREFIX)/verstage-compression := $(CBFS_PRERAM_COMPRESS_FLAG) @@ -137,7 +137,7 @@ else romstage-srcs += $(objgenerated)/libverstage.a endif -endif # CONFIG_SEPARATE_VERSTAGE +endif # CONFIG_VBOOT_SEPARATE_VERSTAGE # Define a list of files that need to be in RO only. # All other files will be installed into RO and RW regions @@ -155,4 +155,115 @@ rmu.bin \ ,$(1)),COREBOOT,COREBOOT FW_MAIN_A FW_MAIN_B))) +CONFIG_GBB_HWID := $(call strip_quotes,$(CONFIG_GBB_HWID)) +CONFIG_GBB_BMPFV_FILE := $(call strip_quotes,$(CONFIG_GBB_BMPFV_FILE)) +CONFIG_VBOOT_KEYBLOCK := $(call strip_quotes,$(CONFIG_VBOOT_KEYBLOCK)) +CONFIG_VBOOT_FIRMWARE_PRIVKEY := $(call strip_quotes,$(CONFIG_VBOOT_FIRMWARE_PRIVKEY)) +CONFIG_VBOOT_KERNEL_KEY := $(call strip_quotes,$(CONFIG_VBOOT_KERNEL_KEY)) +CONFIG_VBOOT_FWID_MODEL := $(call strip_quotes,$(CONFIG_VBOOT_FWID_MODEL)) +CONFIG_VBOOT_FWID_VERSION := $(call strip_quotes,$(CONFIG_VBOOT_FWID_VERSION)) + +# bool-to-mask(var, value) +# return "value" if var is "y", 0 otherwise +bool-to-mask = $(if $(filter y,$(1)),$(2),0) + +GBB_FLAGS := $(call int-add, \ + $(call bool-to-mask,$(CONFIG_GBB_FLAG_DEV_SCREEN_SHORT_DELAY),0x1) \ + $(call bool-to-mask,$(CONFIG_GBB_FLAG_LOAD_OPTION_ROMS),0x2) \ + $(call bool-to-mask,$(CONFIG_GBB_FLAG_ENABLE_ALTERNATE_OS),0x4) \ + $(call bool-to-mask,$(CONFIG_GBB_FLAG_FORCE_DEV_SWITCH_ON),0x8) \ + $(call bool-to-mask,$(CONFIG_GBB_FLAG_FORCE_DEV_BOOT_USB),0x10) \ + $(call bool-to-mask,$(CONFIG_GBB_FLAG_DISABLE_FW_ROLLBACK_CHECK),0x20) \ + $(call bool-to-mask,$(CONFIG_GBB_FLAG_ENTER_TRIGGERS_TONORM),0x40) \ + $(call bool-to-mask,$(CONFIG_GBB_FLAG_FORCE_DEV_BOOT_LEGACY),0x80) \ + $(call bool-to-mask,$(CONFIG_GBB_FLAG_FAFT_KEY_OVERIDE),0x100) \ + $(call bool-to-mask,$(CONFIG_GBB_FLAG_DISABLE_EC_SOFTWARE_SYNC),0x200) \ + $(call bool-to-mask,$(CONFIG_GBB_FLAG_DEFAULT_DEV_BOOT_LEGACY),0x400) \ + $(call bool-to-mask,$(CONFIG_GBB_FLAG_DISABLE_PD_SOFTWARE_SYNC),0x800) \ + $(call bool-to-mask,$(CONFIG_GBB_FLAG_DISABLE_LID_SHUTDOWN),0x1000) \ + $(call bool-to-mask,$(CONFIG_GBB_FLAG_FORCE_DEV_BOOT_FASTBOOT_FULL_CAP),0x2000) \ + $(call bool-to-mask,$(CONFIG_GBB_FLAG_ENABLE_SERIAL),0x4000) \ + ) + +ifneq ($(CONFIG_GBB_BMPFV_FILE),) +$(obj)/gbb.sizetmp: $(obj)/coreboot.rom + $(CBFSTOOL) $< read -r GBB -f $@ + +$(obj)/gbb.stub: $(obj)/coreboot.rom $(FUTILITY) $(obj)/gbb.sizetmp + @printf " CREATE GBB (with BMPFV)\n" + $(FUTILITY) gbb_utility -c 0x100,0x1000,$(call int-subtract,$(call file-size,$(obj)/gbb.sizetmp) 0x2180),0x1000 $@.tmp + mv $@.tmp $@ +else +$(obj)/gbb.stub: $(obj)/coreboot.rom $(FUTILITY) + @printf " CREATE GBB (without BMPFV)\n" + $(FUTILITY) gbb_utility -c 0x100,0x1000,0,0x1000 $@.tmp + mv $@.tmp $@ +endif + +$(obj)/gbb.region: $(obj)/gbb.stub + @printf " SETUP GBB\n" + cp $< $@.tmp + $(FUTILITY) gbb_utility -s \ + --hwid="$(CONFIG_GBB_HWID)" \ + --rootkey="$(CONFIG_VBOOT_ROOT_KEY)" \ + --recoverykey="$(CONFIG_VBOOT_RECOVERY_KEY)" \ + --flags=$(GBB_FLAGS) \ + $@.tmp +ifneq ($(CONFIG_GBB_BMPFV_FILE),) + $(FUTILITY) gbb_utility -s \ + --bmpfv="$(CONFIG_GBB_BMPFV_FILE)" \ + $@.tmp +endif + mv $@.tmp $@ + +$(obj)/fwid.region: + printf "$(CONFIG_VBOOT_FWID_MODEL)$(CONFIG_VBOOT_FWID_VERSION)\0" > $@ + +build_complete:: $(obj)/gbb.region $(obj)/fwid.region + @printf " WRITE GBB\n" + $(CBFSTOOL) $(obj)/coreboot.rom write -u -r GBB -i 0 -f $(obj)/gbb.region + $(CBFSTOOL) $(obj)/coreboot.rom write -u -r RO_FRID -i 0 -f $(obj)/fwid.region + $(CBFSTOOL) $(obj)/coreboot.rom write -u -r RW_FWID_A -i 0 -f $(obj)/fwid.region + $(CBFSTOOL) $(obj)/coreboot.rom write -u -r RW_FWID_B -i 0 -f $(obj)/fwid.region + +ifneq ($(shell grep "SHARED_DATA" "$(CONFIG_FMDFILE)"),) +build_complete:: + printf "\0" > $(obj)/shared_data.region + $(CBFSTOOL) $(obj)/coreboot.rom write -u -r SHARED_DATA -i 0 -f $(obj)/shared_data.region +endif + +# Extract FW_MAIN_? region and minimize it if the last file is empty, so it +# doesn't contain this empty file (that can have a significant size), +# improving a lot on hash times due to a smaller amount of data loaded from +# firmware storage. +# When passing the minimized image to vbutil_firmware, its length is recorded +# in the keyblock, and coreboot's vboot code clips the region_device to match, +# which prevents any potential extension attacks. +$(obj)/FW_MAIN_%.bin: $(obj)/coreboot.rom + $(CBFSTOOL) $< read -r $(basename $(notdir $@)) -f $@.tmp + $(CBFSTOOL) $(obj)/coreboot.rom print -k -r $(basename $(notdir $@)) | \ + tail -1 | \ + sed "s,^(empty)[[:space:]]$0x[0-9a-f]*$\tnull\t.*$$,\1," \ + > $@.tmp.size + if [ -n "$$(cat $@.tmp.size)" ] && [ $$( printf "%d" $$(cat $@.tmp.size)) -gt 0 ]; then \ + head -c $$( printf "%d" $$(cat $@.tmp.size)) $@.tmp > $@.tmp2 && \ + mv $@.tmp2 $@; \ + else \ + mv $@.tmp $@; \ + fi + +$(obj)/VBLOCK_%.bin: $(obj)/FW_MAIN_%.bin $(FUTILITY) + $(FUTILITY) vbutil_firmware \ + --vblock $@ \ + --keyblock "$(CONFIG_VBOOT_KEYBLOCK)" \ + --signprivate "$(CONFIG_VBOOT_FIRMWARE_PRIVKEY)" \ + --version $(CONFIG_VBOOT_KEYBLOCK_VERSION) \ + --fv $< \ + --kernelkey "$(CONFIG_VBOOT_KERNEL_KEY)" \ + --flags $(CONFIG_VBOOT_KEYBLOCK_PREAMBLE_FLAGS) + +files_added:: $(obj)/VBLOCK_A.bin $(obj)/VBLOCK_B.bin + $(CBFSTOOL) $(obj)/coreboot.rom write -u -r VBLOCK_A -f $(obj)/VBLOCK_A.bin + $(CBFSTOOL) $(obj)/coreboot.rom write -u -r VBLOCK_B -f $(obj)/VBLOCK_B.bin + endif # CONFIG_VBOOT diff --git a/src/vboot/bootmode.c b/src/vboot/bootmode.c index d66911f..23dec13 100644 --- a/src/vboot/bootmode.c +++ b/src/vboot/bootmode.c @@ -75,7 +75,7 @@ static int vboot_possibly_executed(void) { if (IS_ENABLED(CONFIG_VBOOT_STARTS_IN_BOOTBLOCK)) { - if (ENV_BOOTBLOCK && IS_ENABLED(CONFIG_SEPARATE_VERSTAGE)) + if (ENV_BOOTBLOCK && IS_ENABLED(CONFIG_VBOOT_SEPARATE_VERSTAGE)) return 0; return 1; } @@ -141,6 +141,23 @@ return !!vboot_check_recovery_request(); } +int __attribute__((weak)) clear_recovery_mode_switch(void) +{ + // Weak implementation. Nothing to do. + return 0; +} + +int __attribute__((weak)) get_sw_write_protect_state(void) +{ + // Can be implemented by a platform / mainboard + return 0; +} + +void __attribute__((weak)) log_recovery_mode_switch(void) +{ + // Weak implementation. Nothing to do. +} + int __attribute__((weak)) get_recovery_mode_retrain_switch(void) { return 0; diff --git a/src/vboot/vboot_handoff.c b/src/vboot/vboot_handoff.c index 85be928..b3a5c19 100644 --- a/src/vboot/vboot_handoff.c +++ b/src/vboot/vboot_handoff.c @@ -83,11 +83,11 @@ vb_sd->flags |= VBSD_LF_DEV_SWITCH_ON; } /* TODO: Set these in depthcharge */ - if (!IS_ENABLED(CONFIG_PHYSICAL_DEV_SWITCH)) + if (!IS_ENABLED(CONFIG_VBOOT_PHYSICAL_DEV_SWITCH)) vb_sd->flags |= VBSD_HONOR_VIRT_DEV_SWITCH; - if (IS_ENABLED(CONFIG_EC_SOFTWARE_SYNC)) + if (IS_ENABLED(CONFIG_VBOOT_EC_SOFTWARE_SYNC)) vb_sd->flags |= VBSD_EC_SOFTWARE_SYNC; - if (!IS_ENABLED(CONFIG_PHYSICAL_REC_SWITCH)) + if (!IS_ENABLED(CONFIG_VBOOT_PHYSICAL_REC_SWITCH)) vb_sd->flags |= VBSD_BOOT_REC_SWITCH_VIRTUAL; if (IS_ENABLED(CONFIG_VBOOT_EC_SLOW_UPDATE)) vb_sd->flags |= VBSD_EC_SLOW_UPDATE; diff --git a/src/vboot/vboot_loader.c b/src/vboot/vboot_loader.c index 3629402..9aab789 100644 --- a/src/vboot/vboot_loader.c +++ b/src/vboot/vboot_loader.c @@ -29,11 +29,11 @@ _Static_assert(IS_ENABLED(CONFIG_VBOOT_STARTS_IN_BOOTBLOCK) + IS_ENABLED(CONFIG_VBOOT_STARTS_IN_ROMSTAGE) == 1, "vboot must either start in bootblock or romstage (not both!)"); -_Static_assert(!IS_ENABLED(CONFIG_SEPARATE_VERSTAGE) || +_Static_assert(!IS_ENABLED(CONFIG_VBOOT_SEPARATE_VERSTAGE) || IS_ENABLED(CONFIG_VBOOT_STARTS_IN_BOOTBLOCK), "stand-alone verstage must start in (i.e. after) bootblock"); -_Static_assert(!IS_ENABLED(CONFIG_RETURN_FROM_VERSTAGE) || - IS_ENABLED(CONFIG_SEPARATE_VERSTAGE), +_Static_assert(!IS_ENABLED(CONFIG_VBOOT_RETURN_FROM_VERSTAGE) || + IS_ENABLED(CONFIG_VBOOT_SEPARATE_VERSTAGE), "return from verstage only makes sense for separate verstages"); /* The stage loading code is compiled and entered from multiple stages. The @@ -42,7 +42,7 @@ static int verification_should_run(void) { - if (IS_ENABLED(CONFIG_SEPARATE_VERSTAGE)) + if (IS_ENABLED(CONFIG_VBOOT_SEPARATE_VERSTAGE)) return ENV_VERSTAGE; else if (IS_ENABLED(CONFIG_VBOOT_STARTS_IN_ROMSTAGE)) return ENV_ROMSTAGE; @@ -54,7 +54,7 @@ static int verstage_should_load(void) { - if (IS_ENABLED(CONFIG_SEPARATE_VERSTAGE)) + if (IS_ENABLED(CONFIG_VBOOT_SEPARATE_VERSTAGE)) return ENV_BOOTBLOCK; else return 0; @@ -87,7 +87,7 @@ static void vboot_prepare(void) { if (verification_should_run()) { - /* Note: this path is not used for RETURN_FROM_VERSTAGE */ + /* Note: this path is not used for VBOOT_RETURN_FROM_VERSTAGE */ verstage_main(); car_set_var(vboot_executed, 1); vb2_save_recovery_reason_vbnv(); @@ -130,7 +130,7 @@ /* This is not actually possible to hit this condition at * runtime, but this provides a hint to the compiler for dead * code elimination below. */ - if (!IS_ENABLED(CONFIG_RETURN_FROM_VERSTAGE)) + if (!IS_ENABLED(CONFIG_VBOOT_RETURN_FROM_VERSTAGE)) return; car_set_var(vboot_executed, 1); diff --git a/src/vboot/vboot_logic.c b/src/vboot/vboot_logic.c index fbbe3e8..9145ad0 100644 --- a/src/vboot/vboot_logic.c +++ b/src/vboot/vboot_logic.c @@ -329,7 +329,7 @@ antirollback_read_space_firmware(&ctx); timestamp_add_now(TS_END_TPMINIT); - if (IS_ENABLED(CONFIG_PHYSICAL_DEV_SWITCH) && + if (IS_ENABLED(CONFIG_VBOOT_PHYSICAL_DEV_SWITCH) && get_developer_mode_switch()) ctx.flags |= VB2_CONTEXT_FORCE_DEVELOPER_MODE; @@ -339,10 +339,11 @@ ctx.flags |= VB2_DISABLE_DEVELOPER_MODE; } - if (IS_ENABLED(CONFIG_WIPEOUT_SUPPORTED) && get_wipeout_mode_switch()) + if (IS_ENABLED(CONFIG_VBOOT_WIPEOUT_SUPPORTED) && + get_wipeout_mode_switch()) ctx.flags |= VB2_CONTEXT_FORCE_WIPEOUT_MODE; - if (IS_ENABLED(CONFIG_LID_SWITCH) && !get_lid_switch()) + if (IS_ENABLED(CONFIG_VBOOT_LID_SWITCH) && !get_lid_switch()) ctx.flags |= VB2_CONTEXT_NOFAIL_BOOT; /* Do early init (set up secdata and NVRAM, load GBB) */ diff --git a/src/vboot/verstage.c b/src/vboot/verstage.c index 64fadc7..aca4ab3 100644 --- a/src/vboot/verstage.c +++ b/src/vboot/verstage.c @@ -30,7 +30,7 @@ exception_init(); verstage_mainboard_init(); - if (IS_ENABLED(CONFIG_RETURN_FROM_VERSTAGE)) { + if (IS_ENABLED(CONFIG_VBOOT_RETURN_FROM_VERSTAGE)) { verstage_main(); } else { run_romstage(); diff --git a/src/vendorcode/google/chromeos/Kconfig b/src/vendorcode/google/chromeos/Kconfig index 62e60d4..ab24782 100644 --- a/src/vendorcode/google/chromeos/Kconfig +++ b/src/vendorcode/google/chromeos/Kconfig @@ -59,24 +59,6 @@ default 0x00100000 depends on CHROMEOS_RAMOOPS -config EC_SOFTWARE_SYNC - bool "Enable EC software sync" - default y if EC_GOOGLE_CHROMEEC - default n - depends on VBOOT - help - EC software sync is a mechanism where the AP helps the EC verify its - firmware similar to how vboot verifies the main system firmware. This - option selects whether depthcharge should support EC software sync. - -config VBOOT_EC_SLOW_UPDATE - bool "EC is slow to update" - default n - depends on EC_SOFTWARE_SYNC - help - Whether the EC (or PD) is slow to update and needs to display a - screen that informs the user the update is happening. - config NO_TPM_RESUME bool default n @@ -85,54 +67,11 @@ boards, booting Windows will break if the TPM resume command is sent during an S3 resume. -config PHYSICAL_DEV_SWITCH - bool - default n - help - Whether this platform has a physical developer switch. Note that this - disables virtual dev switch functionality (through secdata). Operation - where both a physical pin and the virtual switch get sampled is not - supported by coreboot. - -config PHYSICAL_REC_SWITCH - bool - default n - help - Whether this platform has a physical recovery switch - -config LID_SWITCH - bool "Lid switch is present" - default n - help - Whether this platform has a lid switch - -config WIPEOUT_SUPPORTED - bool "User is able to request factory reset" - default n - help - When this option is enabled, the firmware provides the ability to - signal the application the need for factory reset (a.k.a. wipe - out) of the device - config HAVE_REGULATORY_DOMAIN bool "Add regulatory domain methods" default n help This option is needed to add ACPI regulatory domain methods - -config CHROMEOS_FWID_MODEL - string "Chrome OS Firmware ID model" - default "$(CONFIG_MAINBOARD_VENDOR)_$(CONFIG_MAINBOARD_PART_NUMBER)" - help - This is the first part of the FWID written to various regions of a - Chrome OS firmware image to identify its version. - -config CHROMEOS_FWID_VERSION - string "Chrome OS Firmware ID version" - default "$(KERNELVERSION)" - help - This is the second part of the FWID written to various regions of a - Chrome OS firmware image to identify its version. config CHROMEOS_DISABLE_PLATFORM_HIERARCHY_ON_RESUME bool @@ -147,109 +86,6 @@ the boot loader. However, those operations need to be symmetric on normal boot as well as resume and coreboot is only involved in the resume piece w.r.t. the platform hierarchy. - -menu "GBB configuration" - -config GBB_HWID - string "Hardware ID" - default "NOCONF HWID" - -config GBB_BMPFV_FILE - string "Path to bmpfv image" - default "" - -config GBB_FLAG_DEV_SCREEN_SHORT_DELAY - bool "Reduce dev screen delay" - default n - -config GBB_FLAG_LOAD_OPTION_ROMS - bool "Load option ROMs" - default n - -config GBB_FLAG_ENABLE_ALTERNATE_OS - bool "Allow booting a non-Chrome OS kernel if dev switch is on" - default n - -config GBB_FLAG_FORCE_DEV_SWITCH_ON - bool "Force dev switch on" - default n - -config GBB_FLAG_FORCE_DEV_BOOT_USB - bool "Allow booting from USB in dev mode even if dev_boot_usb=0" - default y - -config GBB_FLAG_DISABLE_FW_ROLLBACK_CHECK - bool "Disable firmware rollback protection" - default y - -config GBB_FLAG_ENTER_TRIGGERS_TONORM - bool "Return to normal boot with Enter" - default n - -config GBB_FLAG_FORCE_DEV_BOOT_LEGACY - bool "Allow booting to legacy in dev mode even if dev_boot_legacy=0" - default n - -config GBB_FLAG_FAFT_KEY_OVERIDE - bool "Allow booting using alternative keys for FAFT servo testing" - default n - -config GBB_FLAG_DISABLE_EC_SOFTWARE_SYNC - bool "Disable EC software sync" - default n - -config GBB_FLAG_DEFAULT_DEV_BOOT_LEGACY - bool "Default to booting to legacy in dev mode" - default n - -config GBB_FLAG_DISABLE_PD_SOFTWARE_SYNC - bool "Disable PD software sync" - default n - -config GBB_FLAG_DISABLE_LID_SHUTDOWN - bool "Disable shutdown on closed lid" - default n - -config GBB_FLAG_FORCE_DEV_BOOT_FASTBOOT_FULL_CAP - bool "Allow fastboot even if dev_boot_fastboot_full_cap=0" - default n - -config GBB_FLAG_ENABLE_SERIAL - bool "Tell vboot to enable serial console" - default n - -endmenu # GBB - -menu "Vboot Keys" -config VBOOT_ROOT_KEY - string "Root key (public)" - default "$(VBOOT_SOURCE)/tests/devkeys/root_key.vbpubk" - -config VBOOT_RECOVERY_KEY - string "Recovery key (public)" - default "$(VBOOT_SOURCE)/tests/devkeys/recovery_key.vbpubk" - -config VBOOT_FIRMWARE_PRIVKEY - string "Firmware key (private)" - default "$(VBOOT_SOURCE)/tests/devkeys/firmware_data_key.vbprivk" - -config VBOOT_KERNEL_KEY - string "Kernel subkey (public)" - default "$(VBOOT_SOURCE)/tests/devkeys/kernel_subkey.vbpubk" - -config VBOOT_KEYBLOCK - string "Keyblock to use for the RW regions" - default "$(VBOOT_SOURCE)/tests/devkeys/firmware.keyblock" - -config VBOOT_KEYBLOCK_VERSION - int "Keyblock version number" - default 1 - -config VBOOT_KEYBLOCK_PREAMBLE_FLAGS - hex "Keyblock preamble flags" - default 0x0 - -endmenu # Keys endif # CHROMEOS endmenu diff --git a/src/vendorcode/google/chromeos/Makefile.inc b/src/vendorcode/google/chromeos/Makefile.inc index 3326ced..22352ef 100644 --- a/src/vendorcode/google/chromeos/Makefile.inc +++ b/src/vendorcode/google/chromeos/Makefile.inc @@ -13,11 +13,6 @@ ## GNU General Public License for more details. ## -bootblock-y += chromeos.c -verstage-y += chromeos.c -romstage-y += chromeos.c -ramstage-y += chromeos.c - ramstage-$(CONFIG_ELOG) += elog.c ramstage-$(CONFIG_HAVE_ACPI_TABLES) += gnvs.c ramstage-$(CONFIG_HAVE_ACPI_TABLES) += acpi.c @@ -31,114 +26,3 @@ bootblock-y += watchdog.c ramstage-y += watchdog.c endif - -CONFIG_GBB_HWID := $(call strip_quotes,$(CONFIG_GBB_HWID)) -CONFIG_GBB_BMPFV_FILE := $(call strip_quotes,$(CONFIG_GBB_BMPFV_FILE)) -CONFIG_VBOOT_KEYBLOCK := $(call strip_quotes,$(CONFIG_VBOOT_KEYBLOCK)) -CONFIG_VBOOT_FIRMWARE_PRIVKEY := $(call strip_quotes,$(CONFIG_VBOOT_FIRMWARE_PRIVKEY)) -CONFIG_VBOOT_KERNEL_KEY := $(call strip_quotes,$(CONFIG_VBOOT_KERNEL_KEY)) -CONFIG_CHROMEOS_FWID_MODEL := $(call strip_quotes,$(CONFIG_CHROMEOS_FWID_MODEL)) -CONFIG_CHROMEOS_FWID_VERSION := $(call strip_quotes,$(CONFIG_CHROMEOS_FWID_VERSION)) - -# bool-to-mask(var, value) -# return "value" if var is "y", 0 otherwise -bool-to-mask = $(if $(filter y,$(1)),$(2),0) - -GBB_FLAGS := $(call int-add, \ - $(call bool-to-mask,$(CONFIG_GBB_FLAG_DEV_SCREEN_SHORT_DELAY),0x1) \ - $(call bool-to-mask,$(CONFIG_GBB_FLAG_LOAD_OPTION_ROMS),0x2) \ - $(call bool-to-mask,$(CONFIG_GBB_FLAG_ENABLE_ALTERNATE_OS),0x4) \ - $(call bool-to-mask,$(CONFIG_GBB_FLAG_FORCE_DEV_SWITCH_ON),0x8) \ - $(call bool-to-mask,$(CONFIG_GBB_FLAG_FORCE_DEV_BOOT_USB),0x10) \ - $(call bool-to-mask,$(CONFIG_GBB_FLAG_DISABLE_FW_ROLLBACK_CHECK),0x20) \ - $(call bool-to-mask,$(CONFIG_GBB_FLAG_ENTER_TRIGGERS_TONORM),0x40) \ - $(call bool-to-mask,$(CONFIG_GBB_FLAG_FORCE_DEV_BOOT_LEGACY),0x80) \ - $(call bool-to-mask,$(CONFIG_GBB_FLAG_FAFT_KEY_OVERIDE),0x100) \ - $(call bool-to-mask,$(CONFIG_GBB_FLAG_DISABLE_EC_SOFTWARE_SYNC),0x200) \ - $(call bool-to-mask,$(CONFIG_GBB_FLAG_DEFAULT_DEV_BOOT_LEGACY),0x400) \ - $(call bool-to-mask,$(CONFIG_GBB_FLAG_DISABLE_PD_SOFTWARE_SYNC),0x800) \ - $(call bool-to-mask,$(CONFIG_GBB_FLAG_DISABLE_LID_SHUTDOWN),0x1000) \ - $(call bool-to-mask,$(CONFIG_GBB_FLAG_FORCE_DEV_BOOT_FASTBOOT_FULL_CAP),0x2000) \ - $(call bool-to-mask,$(CONFIG_GBB_FLAG_ENABLE_SERIAL),0x4000) \ - ) - -ifneq ($(CONFIG_GBB_BMPFV_FILE),) -$(obj)/gbb.sizetmp: $(obj)/coreboot.rom - $(CBFSTOOL) $< read -r GBB -f $@ - -$(obj)/gbb.stub: $(obj)/coreboot.rom $(FUTILITY) $(obj)/gbb.sizetmp - @printf " CREATE GBB (with BMPFV)\n" - $(FUTILITY) gbb_utility -c 0x100,0x1000,$(call int-subtract,$(call file-size,$(obj)/gbb.sizetmp) 0x2180),0x1000 $@.tmp - mv $@.tmp $@ -else -$(obj)/gbb.stub: $(obj)/coreboot.rom $(FUTILITY) - @printf " CREATE GBB (without BMPFV)\n" - $(FUTILITY) gbb_utility -c 0x100,0x1000,0,0x1000 $@.tmp - mv $@.tmp $@ -endif - -$(obj)/gbb.region: $(obj)/gbb.stub - @printf " SETUP GBB\n" - cp $< $@.tmp - $(FUTILITY) gbb_utility -s \ - --hwid="$(CONFIG_GBB_HWID)" \ - --rootkey="$(CONFIG_VBOOT_ROOT_KEY)" \ - --recoverykey="$(CONFIG_VBOOT_RECOVERY_KEY)" \ - --flags=$(GBB_FLAGS) \ - $@.tmp -ifneq ($(CONFIG_GBB_BMPFV_FILE),) - $(FUTILITY) gbb_utility -s \ - --bmpfv="$(CONFIG_GBB_BMPFV_FILE)" \ - $@.tmp -endif - mv $@.tmp $@ - -$(obj)/fwid.region: - printf "$(CONFIG_CHROMEOS_FWID_MODEL)$(CONFIG_CHROMEOS_FWID_VERSION)\0" > $@ - -build_complete:: $(obj)/gbb.region $(obj)/fwid.region - @printf " WRITE GBB\n" - $(CBFSTOOL) $(obj)/coreboot.rom write -u -r GBB -i 0 -f $(obj)/gbb.region - $(CBFSTOOL) $(obj)/coreboot.rom write -u -r RO_FRID -i 0 -f $(obj)/fwid.region - $(CBFSTOOL) $(obj)/coreboot.rom write -u -r RW_FWID_A -i 0 -f $(obj)/fwid.region - $(CBFSTOOL) $(obj)/coreboot.rom write -u -r RW_FWID_B -i 0 -f $(obj)/fwid.region - -ifneq ($(shell grep "SHARED_DATA" "$(CONFIG_FMDFILE)"),) -build_complete:: - printf "\0" > $(obj)/shared_data.region - $(CBFSTOOL) $(obj)/coreboot.rom write -u -r SHARED_DATA -i 0 -f $(obj)/shared_data.region -endif - -# Extract FW_MAIN_? region and minimize it if the last file is empty, so it -# doesn't contain this empty file (that can have a significant size), -# improving a lot on hash times due to a smaller amount of data loaded from -# firmware storage. -# When passing the minimized image to vbutil_firmware, its length is recorded -# in the keyblock, and coreboot's vboot code clips the region_device to match, -# which prevents any potential extension attacks. -$(obj)/FW_MAIN_%.bin: $(obj)/coreboot.rom - $(CBFSTOOL) $< read -r $(basename $(notdir $@)) -f $@.tmp - $(CBFSTOOL) $(obj)/coreboot.rom print -k -r $(basename $(notdir $@)) | \ - tail -1 | \ - sed "s,^(empty)[[:space:]]$0x[0-9a-f]*$\tnull\t.*$$,\1," \ - > $@.tmp.size - if [ -n "$$(cat $@.tmp.size)" ] && [ $$( printf "%d" $$(cat $@.tmp.size)) -gt 0 ]; then \ - head -c $$( printf "%d" $$(cat $@.tmp.size)) $@.tmp > $@.tmp2 && \ - mv $@.tmp2 $@; \ - else \ - mv $@.tmp $@; \ - fi - -$(obj)/VBLOCK_%.bin: $(obj)/FW_MAIN_%.bin $(FUTILITY) - $(FUTILITY) vbutil_firmware \ - --vblock $@ \ - --keyblock "$(CONFIG_VBOOT_KEYBLOCK)" \ - --signprivate "$(CONFIG_VBOOT_FIRMWARE_PRIVKEY)" \ - --version $(CONFIG_VBOOT_KEYBLOCK_VERSION) \ - --fv $< \ - --kernelkey "$(CONFIG_VBOOT_KERNEL_KEY)" \ - --flags $(CONFIG_VBOOT_KEYBLOCK_PREAMBLE_FLAGS) - -files_added:: $(obj)/VBLOCK_A.bin $(obj)/VBLOCK_B.bin - $(CBFSTOOL) $(obj)/coreboot.rom write -u -r VBLOCK_A -f $(obj)/VBLOCK_A.bin - $(CBFSTOOL) $(obj)/coreboot.rom write -u -r VBLOCK_B -f $(obj)/VBLOCK_B.bin diff --git a/src/vendorcode/google/chromeos/chromeos.c b/src/vendorcode/google/chromeos/chromeos.c deleted file mode 100644 index 515b79f..0000000 --- a/src/vendorcode/google/chromeos/chromeos.c +++ /dev/null @@ -1,35 +0,0 @@ -/* - * This file is part of the coreboot project. - * - * Copyright (C) 2011 The ChromiumOS Authors. All rights reserved. - * - * This program is free software; you can redistribute it and/or modify - * it under the terms of the GNU General Public License as published by - * the Free Software Foundation; version 2 of the License. - * - * This program is distributed in the hope that it will be useful, - * but WITHOUT ANY WARRANTY; without even the implied warranty of - * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the - * GNU General Public License for more details. - */ - -#include <stddef.h> -#include <string.h> -#include "chromeos.h" - -int __attribute__((weak)) clear_recovery_mode_switch(void) -{ - // Weak implementation. Nothing to do. - return 0; -} - -int __attribute__((weak)) get_sw_write_protect_state(void) -{ - // Can be implemented by a platform / mainboard - return 0; -} - -void __attribute__((weak)) log_recovery_mode_switch(void) -{ - // Weak implementation. Nothing to do. -} -- To view, visit https://review.coreboot.org/18984 To unsubscribe, visit https://review.coreboot.org/settings Gerrit-MessageType: merged Gerrit-Change-Id: I3e2e31150ebf5a96b6fe507ebeb53a41ecf88122 Gerrit-PatchSet: 13 Gerrit-Project: coreboot Gerrit-Branch: master Gerrit-Owner: Julius Werner <jwerner(a)chromium.org> Gerrit-Reviewer: Aaron Durbin <adurbin(a)chromium.org> Gerrit-Reviewer: Furquan Shaikh <furquan(a)google.com> Gerrit-Reviewer: Julius Werner <jwerner(a)chromium.org> Gerrit-Reviewer: Patrick Georgi <pgeorgi(a)google.com> Gerrit-Reviewer: Paul Menzel <paulepanter(a)users.sourceforge.net> Gerrit-Reviewer: build bot (Jenkins)

1 0

Change in coreboot[master]: vboot: Disallow separate verstage after romstage, try to cla...
by Julius Werner (Code Review) 28 Mar '17

28 Mar '17

Julius Werner has submitted this change and it was merged. ( https://review.coreboot.org/18983 ) Change subject: vboot: Disallow separate verstage after romstage, try to clarify logic ...................................................................... vboot: Disallow separate verstage after romstage, try to clarify logic No board has ever tried to combine CONFIG_SEPARATE_VERSTAGE with CONFIG_VBOOT_STARTS_IN_ROMSTAGE. There are probably many reasons why this wouldn't work (e.g. x86 CAR migration logic currently always assumes verstage code to run pre-migration). It would also not really make sense: the reason we use separate verstages is to decrease bootblock size (mitigating the boot speed cost of slow boot ROM SPI drivers) and to allow the SRAM-saving RETURN_FROM_VERSTAGE trick, neither of which would apply to the after-romstage case. It is better to just forbid that case explicitly and give programmers more guarantees about what the verstage is (e.g. now the assumption that it runs pre-RAM is always valid). Since Kconfig dependencies aren't always guaranteed in the face of 'select' statements, also add some explicit compile-time assertions to the vboot code. We can simplify some of the loader logic which now no longer needs to provide for the forbidden case. In addition, also try to make some of the loader logic more readable by writing it in a more functional style that allows us to put more assertions about which cases should be unreachable in there, which will hopefully make it more robust and fail-fast with future changes (e.g. addition of new stages). Change-Id: Iaf60040af4eff711d9b80ee0e5950ce05958b3aa Signed-off-by: Julius Werner <jwerner(a)chromium.org> Reviewed-on: https://review.coreboot.org/18983 Reviewed-by: Aaron Durbin <adurbin(a)chromium.org> Tested-by: build bot (Jenkins) --- M src/include/memlayout.h M src/vboot/Kconfig M src/vboot/vboot_loader.c 3 files changed, 50 insertions(+), 47 deletions(-) Approvals: Aaron Durbin: Looks good to me, approved build bot (Jenkins): Verified diff --git a/src/include/memlayout.h b/src/include/memlayout.h index a68b21f..b39a895 100644 --- a/src/include/memlayout.h +++ b/src/include/memlayout.h @@ -153,7 +153,10 @@ STR(Verstage exceeded its allotted size! (sz))); \ INCLUDE "verstage/lib/program.ld" - #define OVERLAP_VERSTAGE_ROMSTAGE(addr, size) VERSTAGE(addr, size) + #define OVERLAP_VERSTAGE_ROMSTAGE(addr, size) \ + _ = ASSERT(IS_ENABLED(CONFIG_RETURN_FROM_VERSTAGE) == 1, \ + "Must set RETURN_FROM_VERSTAGE to overlap romstage."); \ + VERSTAGE(addr, size) #else #define VERSTAGE(addr, sz) \ REGION(verstage, addr, sz, 1) diff --git a/src/vboot/Kconfig b/src/vboot/Kconfig index 0c72d47..a92a2fa 100644 --- a/src/vboot/Kconfig +++ b/src/vboot/Kconfig @@ -83,7 +83,13 @@ config SEPARATE_VERSTAGE bool "Vboot verification is built into a separate stage" default n - depends on VBOOT + depends on VBOOT && VBOOT_STARTS_IN_BOOTBLOCK + help + If this option is set, vboot verification runs in a standalone stage + that is loaded from the bootblock and exits into romstage. If it is + not set, the verification code is linked directly into the bootblock + or the romstage and runs as part of that stage (cf. related options + VBOOT_STARTS_IN_BOOTBLOCK/_ROMSTAGE and RETURN_FROM_VERSTAGE). config RETURN_FROM_VERSTAGE bool "The separate verification stage returns to its caller" diff --git a/src/vboot/vboot_loader.c b/src/vboot/vboot_loader.c index 9593358..3629402 100644 --- a/src/vboot/vboot_loader.c +++ b/src/vboot/vboot_loader.c @@ -25,75 +25,69 @@ #include <vboot/symbols.h> #include <vboot/vboot_common.h> +/* Ensure vboot configuration is valid: */ +_Static_assert(IS_ENABLED(CONFIG_VBOOT_STARTS_IN_BOOTBLOCK) + + IS_ENABLED(CONFIG_VBOOT_STARTS_IN_ROMSTAGE) == 1, + "vboot must either start in bootblock or romstage (not both!)"); +_Static_assert(!IS_ENABLED(CONFIG_SEPARATE_VERSTAGE) || + IS_ENABLED(CONFIG_VBOOT_STARTS_IN_BOOTBLOCK), + "stand-alone verstage must start in (i.e. after) bootblock"); +_Static_assert(!IS_ENABLED(CONFIG_RETURN_FROM_VERSTAGE) || + IS_ENABLED(CONFIG_SEPARATE_VERSTAGE), + "return from verstage only makes sense for separate verstages"); + /* The stage loading code is compiled and entered from multiple stages. The * helper functions below attempt to provide more clarity on when certain * code should be called. */ static int verification_should_run(void) { - if (ENV_VERSTAGE && IS_ENABLED(CONFIG_SEPARATE_VERSTAGE)) - return 1; - - if (!IS_ENABLED(CONFIG_SEPARATE_VERSTAGE)) { - if (ENV_ROMSTAGE && - IS_ENABLED(CONFIG_VBOOT_STARTS_IN_ROMSTAGE)) - return 1; - if (ENV_BOOTBLOCK && - IS_ENABLED(CONFIG_VBOOT_STARTS_IN_BOOTBLOCK)) - return 1; - } - - return 0; + if (IS_ENABLED(CONFIG_SEPARATE_VERSTAGE)) + return ENV_VERSTAGE; + else if (IS_ENABLED(CONFIG_VBOOT_STARTS_IN_ROMSTAGE)) + return ENV_ROMSTAGE; + else if (IS_ENABLED(CONFIG_VBOOT_STARTS_IN_BOOTBLOCK)) + return ENV_BOOTBLOCK; + else + die("impossible!"); } static int verstage_should_load(void) { - if (!IS_ENABLED(CONFIG_SEPARATE_VERSTAGE)) + if (IS_ENABLED(CONFIG_SEPARATE_VERSTAGE)) + return ENV_BOOTBLOCK; + else return 0; - - if (ENV_ROMSTAGE && IS_ENABLED(CONFIG_VBOOT_STARTS_IN_ROMSTAGE)) - return 1; - - if (ENV_BOOTBLOCK && IS_ENABLED(CONFIG_VBOOT_STARTS_IN_BOOTBLOCK)) - return 1; - - return 0; } static int vboot_executed CAR_GLOBAL; int vb2_logic_executed(void) { - /* If this stage is supposed to run the vboot logic ensure it has been - * executed. */ - if (verification_should_run() && car_get_var(vboot_executed)) + /* If we are in a stage that would load the verstage or execute the + vboot logic directly, we store the answer in a global. */ + if (verstage_should_load() || verification_should_run()) + return car_get_var(vboot_executed); + + if (IS_ENABLED(CONFIG_VBOOT_STARTS_IN_BOOTBLOCK)) { + /* All other stages are "after the bootblock" */ + return !ENV_BOOTBLOCK; + } else if (IS_ENABLED(CONFIG_VBOOT_STARTS_IN_ROMSTAGE)) { + /* Post-RAM stages are "after the romstage" */ +#ifdef __PRE_RAM__ + return 0; +#else return 1; - - /* If this stage is supposed to load verstage and verstage is returning - * back to the calling stage check that it has been executed. */ - if (verstage_should_load() && IS_ENABLED(CONFIG_RETURN_FROM_VERSTAGE)) - if (car_get_var(vboot_executed)) - return 1; - - /* Handle all other stages post vboot execution. */ - if (!ENV_BOOTBLOCK) { - if (IS_ENABLED(CONFIG_VBOOT_STARTS_IN_BOOTBLOCK)) - return 1; - if (IS_ENABLED(CONFIG_VBOOT_STARTS_IN_ROMSTAGE) && - !ENV_ROMSTAGE) - return 1; +#endif + } else { + die("impossible!"); } - - return 0; } static void vboot_prepare(void) { if (verification_should_run()) { - /* - * Note that this path isn't taken when - * CONFIG_RETURN_FROM_VERSTAGE is employed. - */ + /* Note: this path is not used for RETURN_FROM_VERSTAGE */ verstage_main(); car_set_var(vboot_executed, 1); vb2_save_recovery_reason_vbnv(); -- To view, visit https://review.coreboot.org/18983 To unsubscribe, visit https://review.coreboot.org/settings Gerrit-MessageType: merged Gerrit-Change-Id: Iaf60040af4eff711d9b80ee0e5950ce05958b3aa Gerrit-PatchSet: 13 Gerrit-Project: coreboot Gerrit-Branch: master Gerrit-Owner: Julius Werner <jwerner(a)chromium.org> Gerrit-Reviewer: Aaron Durbin <adurbin(a)chromium.org> Gerrit-Reviewer: Furquan Shaikh <furquan(a)google.com> Gerrit-Reviewer: Julius Werner <jwerner(a)chromium.org> Gerrit-Reviewer: Patrick Georgi <pgeorgi(a)google.com> Gerrit-Reviewer: Paul Menzel <paulepanter(a)users.sourceforge.net> Gerrit-Reviewer: build bot (Jenkins)

1 0

Change in coreboot[master]: vboot: Compile bootmode.c conditionally based on CONFIG_VBOOT
by Julius Werner (Code Review) 28 Mar '17

28 Mar '17

Julius Werner has submitted this change and it was merged. ( https://review.coreboot.org/18982 ) Change subject: vboot: Compile bootmode.c conditionally based on CONFIG_VBOOT ...................................................................... vboot: Compile bootmode.c conditionally based on CONFIG_VBOOT Currently, src/vboot/bootmode.c gets compiled even if vboot is disabled. It seems that this was only done to support calling certain developer/recovery mode functions in this case. There is no reason to compile the whole file for that -- we can just differentiate with a stub in the header instead, which is what other parts of coreboot usually do for cases like this. Change-Id: If83e1b3e0f34f75c2395b4c464651e373724b2e6 Signed-off-by: Julius Werner <jwerner(a)chromium.org> Reviewed-on: https://review.coreboot.org/18982 Reviewed-by: Aaron Durbin <adurbin(a)chromium.org> Tested-by: build bot (Jenkins) --- M src/vboot/Makefile.inc M src/vboot/bootmode.c M src/vboot/vboot_common.h 3 files changed, 8 insertions(+), 11 deletions(-) Approvals: Aaron Durbin: Looks good to me, approved build bot (Jenkins): Verified diff --git a/src/vboot/Makefile.inc b/src/vboot/Makefile.inc index fb373c3..a09811b 100644 --- a/src/vboot/Makefile.inc +++ b/src/vboot/Makefile.inc @@ -13,13 +13,13 @@ ## GNU General Public License for more details. ## +ifeq ($(CONFIG_VBOOT),y) + bootblock-y += bootmode.c romstage-y += bootmode.c ramstage-y += bootmode.c verstage-y += bootmode.c postcar-y += bootmode.c - -ifeq ($(CONFIG_VBOOT),y) libverstage-generic-ccopts += -D__PRE_RAM__ -D__VERSTAGE__ verstage-generic-ccopts += -D__PRE_RAM__ -D__VERSTAGE__ diff --git a/src/vboot/bootmode.c b/src/vboot/bootmode.c index 21922d4..d66911f 100644 --- a/src/vboot/bootmode.c +++ b/src/vboot/bootmode.c @@ -74,9 +74,6 @@ */ static int vboot_possibly_executed(void) { - if (!IS_ENABLED(CONFIG_VBOOT)) - return 0; - if (IS_ENABLED(CONFIG_VBOOT_STARTS_IN_BOOTBLOCK)) { if (ENV_BOOTBLOCK && IS_ENABLED(CONFIG_SEPARATE_VERSTAGE)) return 0; @@ -141,9 +138,6 @@ int vboot_recovery_mode_enabled(void) { - if (!IS_ENABLED(CONFIG_VBOOT)) - return 0; - return !!vboot_check_recovery_request(); } @@ -159,9 +153,6 @@ int vboot_developer_mode_enabled(void) { - if (!IS_ENABLED(CONFIG_VBOOT)) - return 0; - if (cbmem_possibly_online() && vboot_handoff_check_developer_flag()) return 1; diff --git a/src/vboot/vboot_common.h b/src/vboot/vboot_common.h index aa01f28..8421ecb 100644 --- a/src/vboot/vboot_common.h +++ b/src/vboot/vboot_common.h @@ -104,8 +104,14 @@ void verstage_mainboard_init(void); /* Check boot modes */ +#if IS_ENABLED(CONFIG_VBOOT) int vboot_developer_mode_enabled(void); int vboot_recovery_mode_enabled(void); int vboot_recovery_mode_memory_retrain(void); +#else /* !CONFIG_VBOOT */ +static inline int vboot_developer_mode_enabled(void) { return 0; } +static inline int vboot_recovery_mode_enabled(void) { return 0; } +static inline int vboot_recovery_mode_memory_retrain(void) { return 0; } +#endif #endif /* __VBOOT_VBOOT_COMMON_H__ */ -- To view, visit https://review.coreboot.org/18982 To unsubscribe, visit https://review.coreboot.org/settings Gerrit-MessageType: merged Gerrit-Change-Id: If83e1b3e0f34f75c2395b4c464651e373724b2e6 Gerrit-PatchSet: 13 Gerrit-Project: coreboot Gerrit-Branch: master Gerrit-Owner: Julius Werner <jwerner(a)chromium.org> Gerrit-Reviewer: Aaron Durbin <adurbin(a)chromium.org> Gerrit-Reviewer: Furquan Shaikh <furquan(a)google.com> Gerrit-Reviewer: Julius Werner <jwerner(a)chromium.org> Gerrit-Reviewer: Patrick Georgi <pgeorgi(a)google.com> Gerrit-Reviewer: Paul Menzel <paulepanter(a)users.sourceforge.net> Gerrit-Reviewer: build bot (Jenkins)

1 0

Change in coreboot[master]: chromeos / broadwell / jecht: Make save_chromeos_gpios() jec...
by Julius Werner (Code Review) 28 Mar '17

28 Mar '17

Julius Werner has submitted this change and it was merged. ( https://review.coreboot.org/18981 ) Change subject: chromeos / broadwell / jecht: Make save_chromeos_gpios() jecht-specific ...................................................................... chromeos / broadwell / jecht: Make save_chromeos_gpios() jecht-specific This callback was only required for a single mainboard, and it can easily be moved to mainboard-specific code. This patch removes it from the global namespace and isolates it to the Jecht board. (This makes it easier to separate vboot and chromeos code in a later patch.) Change-Id: I9cf67a75a052d1c86eda0393b6a9fbbe255fedf8 Signed-off-by: Julius Werner <jwerner(a)chromium.org> Reviewed-on: https://review.coreboot.org/18981 Reviewed-by: Aaron Durbin <adurbin(a)chromium.org> Tested-by: build bot (Jenkins) --- M src/mainboard/google/jecht/chromeos.c M src/mainboard/google/jecht/onboard.h M src/mainboard/google/jecht/romstage.c M src/soc/intel/broadwell/romstage/romstage.c M src/vendorcode/google/chromeos/chromeos.c M src/vendorcode/google/chromeos/chromeos.h 6 files changed, 7 insertions(+), 12 deletions(-) Approvals: Aaron Durbin: Looks good to me, approved build bot (Jenkins): Verified diff --git a/src/mainboard/google/jecht/chromeos.c b/src/mainboard/google/jecht/chromeos.c index 5f897f3..f99fd6d 100644 --- a/src/mainboard/google/jecht/chromeos.c +++ b/src/mainboard/google/jecht/chromeos.c @@ -22,6 +22,7 @@ #include <ec/google/chromeec/ec.h> #include <soc/gpio.h> #include <soc/sata.h> +#include "onboard.h" #define GPIO_SPI_WP 58 #define GPIO_REC_MODE 12 diff --git a/src/mainboard/google/jecht/onboard.h b/src/mainboard/google/jecht/onboard.h index 96c792c..a911fe6 100644 --- a/src/mainboard/google/jecht/onboard.h +++ b/src/mainboard/google/jecht/onboard.h @@ -19,6 +19,8 @@ #ifndef __ACPI__ void lan_init(void); +void save_chromeos_gpios(void); + void set_power_led(int state); enum { diff --git a/src/mainboard/google/jecht/romstage.c b/src/mainboard/google/jecht/romstage.c index a71d3fe..6203a1e 100644 --- a/src/mainboard/google/jecht/romstage.c +++ b/src/mainboard/google/jecht/romstage.c @@ -46,6 +46,9 @@ /* Call into the real romstage main with this board's attributes. */ romstage_common(rp); + + if (IS_ENABLED(CONFIG_CHROMEOS)) + save_chromeos_gpios(); } void mainboard_pre_console_init(void) diff --git a/src/soc/intel/broadwell/romstage/romstage.c b/src/soc/intel/broadwell/romstage/romstage.c index bd63e00..af95530 100644 --- a/src/soc/intel/broadwell/romstage/romstage.c +++ b/src/soc/intel/broadwell/romstage/romstage.c @@ -19,6 +19,7 @@ #include <arch/io.h> #include <arch/cbfs.h> #include <arch/early_variables.h> +#include <bootmode.h> #include <console/console.h> #include <cbfs.h> #include <cbmem.h> @@ -35,7 +36,6 @@ #include <soc/reset.h> #include <soc/romstage.h> #include <soc/spi.h> -#include <vendorcode/google/chromeos/chromeos.h> /* Entry from cache-as-ram.inc. */ asmlinkage void *romstage_main(unsigned long bist, @@ -78,10 +78,6 @@ /* Call into mainboard. */ mainboard_romstage_entry(&rp); - -#if CONFIG_CHROMEOS - save_chromeos_gpios(); -#endif return setup_stack_and_mttrs(); } diff --git a/src/vendorcode/google/chromeos/chromeos.c b/src/vendorcode/google/chromeos/chromeos.c index 4edf74a..515b79f 100644 --- a/src/vendorcode/google/chromeos/chromeos.c +++ b/src/vendorcode/google/chromeos/chromeos.c @@ -23,11 +23,6 @@ return 0; } -void __attribute__((weak)) save_chromeos_gpios(void) -{ - // Can be implemented by a mainboard -} - int __attribute__((weak)) get_sw_write_protect_state(void) { // Can be implemented by a platform / mainboard diff --git a/src/vendorcode/google/chromeos/chromeos.h b/src/vendorcode/google/chromeos/chromeos.h index 722d62e..e535751 100644 --- a/src/vendorcode/google/chromeos/chromeos.h +++ b/src/vendorcode/google/chromeos/chromeos.h @@ -24,8 +24,6 @@ #include <vboot/misc.h> #include <vboot/vboot_common.h> -void save_chromeos_gpios(void); - #if CONFIG_CHROMEOS /* functions implemented in watchdog.c */ void mark_watchdog_tombstone(void); -- To view, visit https://review.coreboot.org/18981 To unsubscribe, visit https://review.coreboot.org/settings Gerrit-MessageType: merged Gerrit-Change-Id: I9cf67a75a052d1c86eda0393b6a9fbbe255fedf8 Gerrit-PatchSet: 13 Gerrit-Project: coreboot Gerrit-Branch: master Gerrit-Owner: Julius Werner <jwerner(a)chromium.org> Gerrit-Reviewer: Aaron Durbin <adurbin(a)chromium.org> Gerrit-Reviewer: Furquan Shaikh <furquan(a)google.com> Gerrit-Reviewer: Julius Werner <jwerner(a)chromium.org> Gerrit-Reviewer: Patrick Georgi <pgeorgi(a)google.com> Gerrit-Reviewer: Paul Menzel <paulepanter(a)users.sourceforge.net> Gerrit-Reviewer: build bot (Jenkins)

1 0

Jump to page:

2024

2023

2022

2021

2020

2019

2018

2017

2016

2015

2014

2013

coreboot-gerrit March 2017