[coreboot-gerrit] Patch set updated for coreboot: google/chromeos: Add recovery module in vboot2
Furquan Shaikh (furquan@google.com)
gerrit at coreboot.org
Mon Jul 25 03:30:26 CEST 2016
Furquan Shaikh (furquan at google.com) just uploaded a new patch set to gerrit, which you can find at https://review.coreboot.org/15800
-gerrit
commit fbb6b67d4587d7c4202b79e20271a4170f1f14f6
Author: Furquan Shaikh <furquan at google.com>
Date: Fri Jul 22 08:28:57 2016 -0700
google/chromeos: Add recovery module in vboot2
Add recovery module in vboot2 that checks if a recovery request is
pending and returns appropriate reason code:
1. Checks if recovery mode is initiated by EC.
2. Checks if recovery request is present in VBNV.
3. Checks if recovery request is present in handoff for post-cbmem
stages.
4. Checks if vboot verification is complete and looks up selected region
to identify if recovery is requested by vboot library.
BUG=chrome-os-partner:55431
Change-Id: I31e332a4d014a185df2434c3730954e08dc27281
Signed-off-by: Furquan Shaikh <furquan at google.com>
---
src/vendorcode/google/chromeos/vboot2/Makefile.inc | 6 ++
src/vendorcode/google/chromeos/vboot2/recovery.c | 120 +++++++++++++++++++++
src/vendorcode/google/chromeos/vboot_common.h | 6 ++
3 files changed, 132 insertions(+)
diff --git a/src/vendorcode/google/chromeos/vboot2/Makefile.inc b/src/vendorcode/google/chromeos/vboot2/Makefile.inc
index b0a3c12..31889e2 100644
--- a/src/vendorcode/google/chromeos/vboot2/Makefile.inc
+++ b/src/vendorcode/google/chromeos/vboot2/Makefile.inc
@@ -28,6 +28,12 @@ romstage-y += ../vboot_common.c
ramstage-y += ../vboot_common.c
postcar-y += ../vboot_common.c
+bootblock-y += recovery.c
+romstage-y += recovery.c
+ramstage-y += recovery.c
+verstage-y += recovery.c
+postcar-y += recovery.c
+
bootblock-y += common.c
libverstage-y += vboot_logic.c
verstage-y += common.c
diff --git a/src/vendorcode/google/chromeos/vboot2/recovery.c b/src/vendorcode/google/chromeos/vboot2/recovery.c
new file mode 100644
index 0000000..2cd5e80
--- /dev/null
+++ b/src/vendorcode/google/chromeos/vboot2/recovery.c
@@ -0,0 +1,120 @@
+/*
+ * This file is part of the coreboot project.
+ *
+ * Copyright 2016 Google Inc.
+ *
+ * This program is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation; version 2 of the License.
+ *
+ * This program is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+ * GNU General Public License for more details.
+ */
+
+#include <assert.h>
+#include <rules.h>
+#include <string.h>
+#include <vb2_api.h>
+
+#include "misc.h"
+#include "../vboot_common.h"
+
+static int vb2_get_recovery_reason_shared_data(void)
+{
+ /* Shared data does not exist for Ramstage and Post-CAR stage. */
+ if (ENV_RAMSTAGE || ENV_POSTCAR)
+ return 0;
+
+ struct vb2_shared_data *sd = vb2_get_shared_data();
+ assert(sd);
+ return sd->recovery_reason;
+}
+
+/*
+ * Returns 0 for the stages where we know that cbmem does not come online.
+ * Even if this function returns 1 for romstage, depending upon the point in
+ * bootup, cbmem might not actually be online.
+ */
+static int cbmem_possibly_online(void)
+{
+ if (ENV_BOOTBLOCK)
+ return 0;
+
+ if (ENV_VERSTAGE && IS_ENABLED(CONFIG_VBOOT_STARTS_IN_BOOTBLOCK))
+ return 0;
+
+ return 1;
+}
+
+/*
+ * Returns 1 if vboot is being used and currently in a stage which might have
+ * already executed vboot verification.
+ */
+static int vboot_possibly_executed(void)
+{
+ if (!IS_ENABLED(CONFIG_VBOOT_VERIFY_FIRMWARE))
+ return 0;
+
+ if (IS_ENABLED(CONFIG_VBOOT_STARTS_IN_BOOTBLOCK)) {
+ if (ENV_BOOTBLOCK && IS_ENABLED(CONFIG_SEPARATE_VERSTAGE))
+ return 0;
+ return 1;
+ }
+
+ if (IS_ENABLED(CONFIG_VBOOT_STARTS_IN_ROMSTAGE)) {
+ if (ENV_BOOTBLOCK)
+ return 0;
+ return 1;
+ }
+
+ return 0;
+}
+
+/*
+ * vb2_check_recovery_request looks up different components to identify if there
+ * is a recovery request and returns appropriate reason code:
+ * 1. Checks if recovery mode is initiated by EC. If yes, returns
+ * VB2_RECOVERY_RO_MANUAL.
+ * 2. Checks if recovery request is present in VBNV and returns the code read
+ * from it.
+ * 3. Checks recovery request in handoff for stages post-cbmem.
+ * 4. For non-CBMEM stages, check if vboot verification is done and look-up
+ * selected region to identify if vboot_refence library has requested recovery
+ * path. If yes, return the reason code from shared data.
+ * 5. If nothing applies, return 0 indicating no recovery request.
+ */
+int vboot_check_recovery_request(void)
+{
+ int reason = 0;
+
+ /* EC-initiated recovery. */
+ if (get_recovery_mode_switch())
+ return VB2_RECOVERY_RO_MANUAL;
+
+ /* Recovery request in VBNV. */
+ if ((reason = get_recovery_mode_from_vbnv()) != 0)
+ return reason;
+
+ /*
+ * Check recovery flag in vboot_handoff for stages post CBMEM coming
+ * online. Since for some stages there is no way to know if cbmem has
+ * already come online, try looking up handoff anyways. If it fails,
+ * flow will fallback to looking up shared data.
+ */
+ if (cbmem_possibly_online() &&
+ ((reason = vboot_handoff_get_recovery_reason()) != 0))
+ return reason;
+
+ /*
+ * For stages where CBMEM might not be online, identify if vboot
+ * verification is already complete and no slot was selected
+ * i.e. recovery path was requested.
+ */
+ if (vboot_possibly_executed() && vb2_logic_executed() &&
+ !vb2_is_slot_selected())
+ return vb2_get_recovery_reason_shared_data();
+
+ return 0;
+}
diff --git a/src/vendorcode/google/chromeos/vboot_common.h b/src/vendorcode/google/chromeos/vboot_common.h
index ae135fe..266ce4f 100644
--- a/src/vendorcode/google/chromeos/vboot_common.h
+++ b/src/vendorcode/google/chromeos/vboot_common.h
@@ -25,6 +25,12 @@
/* Locate vboot area by name. Returns 0 on success and -1 on error. */
int vboot_named_region_device(const char *name, struct region_device *rdev);
+/*
+ * Function to check if there is a request to enter recovery mode. Returns
+ * reason code if request to enter recovery mode is present, otherwise 0.
+ */
+int vboot_check_recovery_request(void);
+
/* ========================== VBOOT HANDOFF APIs =========================== */
/*
* The vboot_handoff structure contains the data to be consumed by downstream
More information about the coreboot-gerrit
mailing list