Change in coreboot[master]: libpayload: Enable vboot integration - coreboot-gerrit

13 Dec 2021

Jakub Czapiga has uploaded this change for review. ( https://review.coreboot.org/c/coreboot/+/60080 )
Change subject: libpayload: Enable vboot integration
......................................................................
libpayload: Enable vboot integration
This patch introduces building and linking of 3rdparty/vboot with
libpayload. VBoot configuration can be set using CONFIG_LP_VBOOT and
other entries from VBoot Kconfig menu.
Change-Id: I2d9d766a461edaa0081041c020ecf580fd2ca64e
Signed-off-by: Jakub Czapiga jacz@semihalf.com
---
M payloads/libpayload/Kconfig
M payloads/libpayload/Makefile
M payloads/libpayload/Makefile.inc
A payloads/libpayload/vboot/Kconfig
A payloads/libpayload/vboot/Makefile.inc
5 files changed, 126 insertions(+), 4 deletions(-)
git pull ssh://review.coreboot.org:29418/coreboot refs/changes/80/60080/1

diff --git a/payloads/libpayload/Kconfig b/payloads/libpayload/Kconfig
index 382f5af..71895fb 100644
--- a/payloads/libpayload/Kconfig
+++ b/payloads/libpayload/Kconfig
@@ -486,6 +486,8 @@
      This option is turned on if the target system has a separate
      IO address space. This is typically only the case on x86.
+source "vboot/Kconfig"
+
 source "arch/arm/Kconfig"
 source "arch/arm64/Kconfig"
 source "arch/x86/Kconfig"
diff --git a/payloads/libpayload/Makefile b/payloads/libpayload/Makefile
index 3ad313f..51f5f68 100644
--- a/payloads/libpayload/Makefile
+++ b/payloads/libpayload/Makefile
@@ -273,6 +273,7 @@
 add-class= \
    $(eval $(1)-srcs:=) \
    $(eval $(1)-objs:=) \
+	$(eval $(1)-libs:=) \
    $(eval classes+=$(1))
# Special classes are managed types with special behaviour
@@ -326,7 +327,7 @@
    $(basename \
    $(addprefix $(obj)/,\
    $(subst $(coreboottop)/,coreboot/,$(2)))))
-$(foreach class,$(classes),$(eval $(class)-objs:=$(call src-to-obj,$(class),$($(class)-srcs))))
+$(foreach class,$(classes),$(eval $(class)-objs+=$(call src-to-obj,$(class),$($(class)-srcs))))
allsrcs:=$(foreach var, $(addsuffix -srcs,$(classes)), $($(var)))
 allobjs:=$(foreach var, $(addsuffix -objs,$(classes)), $($(var)))
diff --git a/payloads/libpayload/Makefile.inc b/payloads/libpayload/Makefile.inc
index 0e90364..067a2d8 100644
--- a/payloads/libpayload/Makefile.inc
+++ b/payloads/libpayload/Makefile.inc
@@ -46,6 +46,7 @@
 classes-$(CONFIG_LP_LZMA) += liblzma
 classes-$(CONFIG_LP_LZ4) += liblz4
 classes-$(CONFIG_LP_REMOTEGDB) += libgdb
+classes-$(CONFIG_LP_VBOOT) += vboot
 libraries := $(classes-y)
 classes-y += head.o
@@ -55,6 +56,7 @@
 subdirs-$(CONFIG_LP_CBFS) += libcbfs
 subdirs-$(CONFIG_LP_LZMA) += liblzma
 subdirs-$(CONFIG_LP_LZ4) += liblz4
+subdirs-$(CONFIG_LP_VBOOT) += vboot
INCLUDES := -Iinclude -Iinclude/$(ARCHDIR-y) -I$(obj)
 INCLUDES += -include include/kconfig.h -include include/compiler.h
@@ -77,7 +79,8 @@
 $(obj)/libpayload-config.h: $(KCONFIG_AUTOHEADER) $(obj)/libpayload.config
    cmp $@ $< 2>/dev/null || cp $< $@
-library-targets = $(addsuffix .a,$(addprefix $(obj)/,$(libraries))) $(obj)/libpayload.a
+library-targets = $(addsuffix .a,$(addprefix $(obj)/,$(libraries))) $(obj)/libpayload.a \
+	$(foreach class,$(classes),$($(class)-libs))
 lib: $$(library-targets) $(obj)/head.o
extract_nth=$(word $(1), $(subst |, ,$(2)))
@@ -89,9 +92,14 @@
    	$(if $(wildcard $(1)$(call extract_nth,1,$(2))), \
    		$(eval includes += $(1)$(2)))
-$(obj)/libpayload.a: $(foreach class,$(libraries),$$($(class)-objs))
+$(obj)/libpayload.a: $(foreach class,$(libraries),$$($(class)-objs) $$($(class)-libs))
    printf "    AR         $(subst $(CURDIR)/,,$(@))\n"
-	$(AR) rc $@ $^
+	$(AR) rc $@ $(filter-out %.a,$^)
+	cat <(printf "open %s\n" "$@") \
+		<(for lib in $(filter %.a,$^); do \
+			printf "addlib %s\n" "$$lib"; \
+		done) \
+		<(printf "save\nend\n") | $(AR) -M
$(obj)/%.a: $$(%-objs)
    printf "    AR         $(subst $(CURDIR)/,,$(@))\n"
diff --git a/payloads/libpayload/vboot/Kconfig b/payloads/libpayload/vboot/Kconfig
new file mode 100644
index 0000000..e4cf630
--- /dev/null
+++ b/payloads/libpayload/vboot/Kconfig
@@ -0,0 +1,68 @@
+# SPDX-License-Identifier: BSD-3-Clause
+
+menu "Verified boot (vboot)"
+
+config VBOOT
+	bool "Enable VBoot"
+	default n
+	help
+	  This option enables compiling and buildinf vboot libraries.
+
+if VBOOT
+
+config VBOOT_FIRMWARE_ARCH
+	string "vboot architecture"
+	default "arm" if ARCH_ARM
+	default "x86" if ARCH_X86
+	default "arm64" if ARCH_ARM64
+	default "" if ARCH_MOCK
+
+config VBOOT_DEBUG
+	bool "Compile vboot with debug flags"
+	default n
+
+config VBOOT_DEBUG_PRINT
+	bool "Enable debug messages"
+	default y
+
+config VBOOT_FORCE_LOGGING_ON
+	bool "Force logging"
+	default n
+
+config VBOOT_TPM2_MODE
+	bool "TPM2 Mode"
+	default y
+
+config VBOOT_GPT_SPI_NOR
+	bool "GPT SPI NOR"
+	default n
+
+config VBOOT_TPM2_SIMULATOR
+	bool "TPM2 Simulator"
+	default n
+
+config VBOOT_VTPM_PROXY
+	bool "VTPM Proxy"
+	default n
+
+config VBOOT_STATIC
+	bool "Build static vboot"
+	default n
+
+config VBOOT_EXTRA_CFLAGS
+	string "Additional vboot CFLAGS"
+	default ""
+
+config VBOOT_X86_SHA_EXT
+	bool "x86 SHA Extension"
+	depends on ARCH_X86
+	default y if ARCH_X86
+	default n
+
+config VBOOT_UNROLL_LOOPS
+	bool
+	default y
+
+endif
+
+endmenu
diff --git a/payloads/libpayload/vboot/Makefile.inc b/payloads/libpayload/vboot/Makefile.inc
new file mode 100644
index 0000000..0ac596c
--- /dev/null
+++ b/payloads/libpayload/vboot/Makefile.inc
@@ -0,0 +1,43 @@
+# SPDX-License-Identifier: BSD-3-Clause
+
+VBOOT_SOURCE ?= $(coreboottop)/3rdparty/vboot
+
+VBOOT_BUILD_DIR ?= $(abspath $(obj)/external/vboot)
+VBOOT_LIB = $(VBOOT_BUILD_DIR)/vboot_fw.a
+TLCL_LIB = $(VBOOT_BUILD_DIR)/tlcl.a
+
+ifeq ($(CONFIG_LP_VBOOT),y)
+vboot-libs += $(VBOOT_LIB)
+ifeq ($(CONFIG_LP_VBOOT_TPM2_MODE),y)
+vboot-libs += $(TLCL_LIB)
+endif
+endif
+
+kconfig-to-binary=$(if $(strip $(1)),$(strip $(subst n,0,$(subst y,1,$(1)))),0)
+
+VBOOT_INCLUDES := -I$(top)/include -I$(top)/include/$(ARCHDIR-y) -I$(absobj)
+VBOOT_INCLUDES += -include $(top)/include/kconfig.h -include $(top)/include/compiler.h
+
+$(VBOOT_LIB): $(obj)/libpayload-config.h
+	@printf "    MAKE       $(subst $(obj)/,,$(@))\n"
+	+$(Q) unset CFLAGS CXXFLAGS LDFLAGS && \
+		FIRMWARE_ARCH=$(CONFIG_LP_VBOOT_FIRMWARE_ARCH) \
+		CC=$(CC) \
+		$(MAKE) -C "$(VBOOT_SOURCE)" \
+		DEBUG=$(call kconfig-to-binary, $(CONFIG_LP_VBOOT_DEBUG)) \
+		TEST_PRINT=$(call kconfig-to-binary, $(CONFIG_LP_VBOOT_DEBUG_PRINT)) \
+		FORCE_LOGGING_ON=$(call kconfig-to-binary, $(CONFIG_LP_VBOOT_FORCE_LOGGING_ON)) \
+		TPM2_MODE=$(call kconfig-to-binary, $(CONFIG_LP_VBOOT_TPM2_MODE)) \
+		GPT_SPI_NOR=$(call kconfig-to-binary, $(CONFIG_LP_VBOOT_GPT_SPI_NOR)) \
+		TPM2_SIMULATOR=$(call kconfig-to-binary, $(CONFIG_LP_VBOOT_TPM2_SIMULATOR)) \
+		VTPM_PROXY=$(call kconfig-to-binary, $(CONFIG_LP_VTPM_PROXY)) \
+		STATIC=$(call kconfig-to-binary, $(CONFIG_LP_VBOOT_STATIC)) \
+		FUZZ_FLAGS="$(VBOOT_INCLUDES) $(call strip_quotes, $(CONFIG_LP_VBOOT_EXTRA_CFLAGS))" \
+		X86_SHA_EXT=$(call kconfig-to-binary, $(CONFIG_LP_VBOOT_X86_SHA_EXT)) \
+		UNROLL_LOOPS=$(call kconfig-to-binary, $(CONFIG_LP_VBOOT_UNROLL_LOOPS)) \
+		BUILD=$(VBOOT_BUILD_DIR) \
+		V=$(V) \
+		fwlib tlcl
+
+$(TLCL_LIB): $(VBOOT_LIB)
+
-- 
To view, visit https://review.coreboot.org/c/coreboot/+/60080
To unsubscribe, or for help writing mail filters, visit https://review.coreboot.org/settings

Gerrit-Project: coreboot
Gerrit-Branch: master
Gerrit-Change-Id: I2d9d766a461edaa0081041c020ecf580fd2ca64e
Gerrit-Change-Number: 60080
Gerrit-PatchSet: 1
Gerrit-Owner: Jakub Czapiga jacz@semihalf.com
Gerrit-MessageType: newchange



    