Furquan Shaikh has posted comments on this change. ( https://review.coreboot.org/c/coreboot/+/38779 )
Change subject: vboot: push clear recovery mode switch until BS_WRITE_TABLES ......................................................................
Patch Set 3:
(1 comment)
Patch Set 3:
This patch is now failing due to compiling with CHROMEOS and EC_GOOGLE_CHROMEEC, but not EC_GOOGLE_CHROMEEC_SWITCHES.
I think the problem is that call to clear_recovery_mode_switch() moved from src/security/vboot/ to src/ec/. CONFIG_VBOOT gets selected only when CONFIG_CHROMEOS is selected and hence I believe you are running into this issue. There is a weak clear_recovery_mode_switch() which is present in src/security/vboot/bootmode.c. Probably that needs to move to src/ec as well?
https://review.coreboot.org/c/coreboot/+/38779/1/src/security/vboot/vboot_lo... File src/security/vboot/vboot_logic.c:
https://review.coreboot.org/c/coreboot/+/38779/1/src/security/vboot/vboot_lo... PS1, Line 281: x86 systems ignore the saved dram settings : * in the recovery path in order to start from a clean slate. Therefore : * clear the state here since this function is called when memory : * is known to be up.
Furquan / Aaron, I'm not sure I fully understand this statement. […]
This comment basically meant that: on x86, recovery mode switch was queried by more than just vboot and it was necessary that get_recovery_mode_switch() returned consistent values. Since ROMSTAGE_CBMEM_INIT_HOOK runs after memory is up, it was considered a safe place to clear out the switches since nothing is supposed to rely on the switch after this point.