Patrick Georgi has submitted this change. ( https://review.coreboot.org/c/coreboot/+/36543 )
Change subject: security/vboot: Removed vboot_prepare from vboot_locator ......................................................................
security/vboot: Removed vboot_prepare from vboot_locator
When prog_locate() is called in the stage VBOOT is starting from and the image to be loaded is not the target image vboot_prepare() may be called too early.
To prevent this vboot_prepare() is removed from the vboot_locator structure. This allows more control over the start of the vboot logic.
To clarify the change the vboot_prepare() has been renamed to vboot_run_logic() and calls to initialize vboot have been added at the following places:
postcar_loader: when VBOOT starts in ROMSTAGE romstage_loader: when VBOOT starts in BOOTBLOCK ramstage_loader: when VBOOT starts in ROMSTAGE
BUG=N/A TEST=tested on facebook fbg1701
Change-Id: Id5e8fd78458c09dd3896bfd142bd49c2c3d686df Signed-off-by: Wim Vervoorn wvervoorn@eltan.com Reviewed-on: https://review.coreboot.org/c/coreboot/+/36543 Reviewed-by: Frans Hendriks fhendriks@eltan.com Tested-by: build bot (Jenkins) no-reply@coreboot.org --- M src/arch/x86/postcar_loader.c M src/lib/prog_loaders.c M src/security/vboot/vboot_common.h M src/security/vboot/vboot_loader.c 4 files changed, 11 insertions(+), 2 deletions(-)
Approvals: build bot (Jenkins): Verified Frans Hendriks: Looks good to me, approved
diff --git a/src/arch/x86/postcar_loader.c b/src/arch/x86/postcar_loader.c index 0a5d50c..868b770 100644 --- a/src/arch/x86/postcar_loader.c +++ b/src/arch/x86/postcar_loader.c @@ -23,6 +23,7 @@ #include <romstage_handoff.h> #include <stage_cache.h> #include <timestamp.h> +#include <security/vboot/vboot_common.h>
static inline void stack_push(struct postcar_frame *pcf, uint32_t val) { @@ -171,6 +172,8 @@ .prog = prog, };
+ vboot_run_logic(); + if (prog_locate(prog)) die_with_post_code(POST_INVALID_ROM, "Failed to locate after CAR program.\n"); diff --git a/src/lib/prog_loaders.c b/src/lib/prog_loaders.c index 183a22b..72c1de1 100644 --- a/src/lib/prog_loaders.c +++ b/src/lib/prog_loaders.c @@ -30,6 +30,7 @@ #include <symbols.h> #include <timestamp.h> #include <fit_payload.h> +#include <security/vboot/vboot_common.h>
/* Only can represent up to 1 byte less than size_t. */ const struct mem_region_device addrspace_32bit = @@ -59,6 +60,8 @@ struct prog romstage = PROG_INIT(PROG_ROMSTAGE, CONFIG_CBFS_PREFIX "/romstage");
+ vboot_run_logic(); + if (prog_locate(&romstage)) goto fail;
@@ -135,6 +138,8 @@ !CONFIG(NO_STAGE_CACHE)) run_ramstage_from_resume(&ramstage);
+ vboot_run_logic(); + if (prog_locate(&ramstage)) goto fail;
diff --git a/src/security/vboot/vboot_common.h b/src/security/vboot/vboot_common.h index 8aadf9e..42b4a6b 100644 --- a/src/security/vboot/vboot_common.h +++ b/src/security/vboot/vboot_common.h @@ -76,12 +76,14 @@ int vboot_recovery_mode_enabled(void); int vboot_recovery_mode_memory_retrain(void); int vboot_can_enable_udc(void); +void vboot_run_logic(void); #else /* !CONFIG_VBOOT */ static inline int vboot_developer_mode_enabled(void) { return 0; } static inline int vboot_recovery_mode_enabled(void) { return 0; } static inline int vboot_recovery_mode_memory_retrain(void) { return 0; } /* If VBOOT is not enabled, we are okay enabling USB device controller (UDC). */ static inline int vboot_can_enable_udc(void) { return 1; } +static inline void vboot_run_logic(void) {} #endif
#endif /* __VBOOT_VBOOT_COMMON_H__ */ diff --git a/src/security/vboot/vboot_loader.c b/src/security/vboot/vboot_loader.c index 3aac48d..2b7ba83 100644 --- a/src/security/vboot/vboot_loader.c +++ b/src/security/vboot/vboot_loader.c @@ -35,7 +35,7 @@
int vboot_executed CAR_GLOBAL;
-static void vboot_prepare(void) +void vboot_run_logic(void) { if (verification_should_run()) { /* Note: this path is not used for VBOOT_RETURN_FROM_VERSTAGE */ @@ -90,6 +90,5 @@
const struct cbfs_locator vboot_locator = { .name = "VBOOT", - .prepare = vboot_prepare, .locate = vboot_locate, };