[coreboot-gerrit] Change in coreboot[master]: TEST_ONLY: Rainier: use MOCK_TPM and disable EC_RW_SYNC in Scarlet

Lin Huang (Code Review) gerrit at coreboot.org
Mon Jan 22 03:31:23 CET 2018 

Lin Huang has uploaded this change for review. ( https://review.coreboot.org/23348


Change subject: TEST_ONLY: Rainier: use MOCK_TPM and disable EC_RW_SYNC in Scarlet
......................................................................

TEST_ONLY: Rainier: use MOCK_TPM and disable EC_RW_SYNC in Scarlet

there are some problem when AP and H1 do SPI transfer, it alway
happen "irq timeout", so use MOCK_TPM first. And disable
DISABLE_EC_SOFTWARE_SYNC.

Change-Id: Ia3976bee85dd06e8bb83df0c737f3c5f96e9d5b6
Signed-off-by: Lin Huang <hl at rock-chips.com>
---
M src/mainboard/google/gru/Kconfig
A src/vboot/Kconfig
2 files changed, 321 insertions(+), 3 deletions(-)



  git pull ssh://review.coreboot.org:29418/coreboot refs/changes/48/23348/1

diff --git a/src/mainboard/google/gru/Kconfig b/src/mainboard/google/gru/Kconfig
index bbaec72..6375b29 100644
--- a/src/mainboard/google/gru/Kconfig
+++ b/src/mainboard/google/gru/Kconfig
@@ -59,10 +59,12 @@
 	select SPI_FLASH_WINBOND
 
 config VBOOT
+	select VBOOT_MOCK_SECDATA
+
 	select EC_GOOGLE_CHROMEEC_SWITCHES
-	select MAINBOARD_HAS_SPI_TPM_CR50 if GRU_HAS_TPM2
-	select SPI_TPM if GRU_HAS_TPM2
-	select VBOOT_VBNV_FLASH
+	#select MAINBOARD_HAS_SPI_TPM_CR50 if GRU_HAS_TPM2
+	#select SPI_TPM if GRU_HAS_TPM2
+	#select VBOOT_VBNV_FLASH
 
 config MAINBOARD_DIR
 	string
diff --git a/src/vboot/Kconfig b/src/vboot/Kconfig
new file mode 100644
index 0000000..78664ad
--- /dev/null
+++ b/src/vboot/Kconfig
@@ -0,0 +1,316 @@
+## This file is part of the coreboot project.
+##
+## Copyright (C) 2014 The ChromiumOS Authors.  All rights reserved.
+##
+## This program is free software; you can redistribute it and/or modify
+## it under the terms of the GNU General Public License as published by
+## the Free Software Foundation; version 2 of the License.
+##
+## This program is distributed in the hope that it will be useful,
+## but WITHOUT ANY WARRANTY; without even the implied warranty of
+## MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+## GNU General Public License for more details.
+##
+
+menu "Verified Boot (vboot)"
+
+config VBOOT
+	bool "Verify firmware with vboot."
+	default n
+	select TPM if !MAINBOARD_HAS_TPM2 && !VBOOT_MOCK_SECDATA
+	select TPM2 if MAINBOARD_HAS_TPM2 && !VBOOT_MOCK_SECDATA
+	select TPM_INIT_FAILURE_IS_FATAL if PC80_SYSTEM && LPC_TPM
+	select SKIP_TPM_STARTUP_ON_NORMAL_BOOT if PC80_SYSTEM && LPC_TPM
+	depends on HAVE_HARD_RESET
+	help
+	  Enabling VBOOT will use vboot to verify the components of the firmware
+	  (stages, payload, etc).
+
+if VBOOT
+
+config VBOOT_VBNV_CMOS
+	bool
+	default n
+	depends on PC80_SYSTEM
+	help
+	  VBNV is stored in CMOS
+
+config VBOOT_VBNV_OFFSET
+	hex
+	default 0x26
+	depends on VBOOT_VBNV_CMOS
+	help
+	  CMOS offset for VbNv data. This value must match cmos.layout
+	  in the mainboard directory, minus 14 bytes for the RTC.
+
+config VBOOT_VBNV_CMOS_BACKUP_TO_FLASH
+	bool
+	default n
+	depends on VBOOT_VBNV_CMOS && BOOT_DEVICE_SUPPORTS_WRITES
+	help
+	  Vboot non-volatile storage data will be backed up from CMOS to flash
+	  and restored from flash if the CMOS is invalid due to power loss.
+
+config VBOOT_VBNV_EC
+	bool
+	default n
+	help
+	  VBNV is stored in EC
+
+config VBOOT_VBNV_FLASH
+	bool
+	default n
+	depends on BOOT_DEVICE_SUPPORTS_WRITES
+	help
+	  VBNV is stored in flash storage
+
+config VBOOT_STARTS_IN_BOOTBLOCK
+	bool
+	default n
+	help
+	  Firmware verification happens during the end of or right after the
+	  bootblock. This implies that a static VBOOT2_WORK() buffer must be
+	  allocated in memlayout.
+
+config VBOOT_STARTS_IN_ROMSTAGE
+	bool
+	default n
+	depends on !VBOOT_STARTS_IN_BOOTBLOCK
+	help
+	  Firmware verification happens during the end of romstage (after
+	  memory initialization). This implies that vboot working data is
+	  allocated in CBMEM.
+
+config VBOOT_MOCK_SECDATA
+	bool "Mock secdata for firmware verification"
+	default n
+	help
+	  Enabling VBOOT_MOCK_SECDATA will mock secdata for the firmware
+	  verification to avoid access to a secdata storage (typically TPM).
+	  All operations for a secdata storage will be successful. This option
+	  can be used during development when a TPM is not present or broken.
+	  THIS SHOULD NOT BE LEFT ON FOR PRODUCTION DEVICES.
+
+config VBOOT_DISABLE_DEV_ON_RECOVERY
+	bool
+	default n
+	help
+	  When this option is enabled, the Chrome OS device leaves the
+	  developer mode as soon as recovery request is detected. This is
+	  handy on embedded devices with limited input capabilities.
+
+config VBOOT_SEPARATE_VERSTAGE
+	bool
+	default n
+	depends on VBOOT_STARTS_IN_BOOTBLOCK
+	help
+	  If this option is set, vboot verification runs in a standalone stage
+	  that is loaded from the bootblock and exits into romstage. If it is
+	  not set, the verification code is linked directly into the bootblock
+	  or the romstage and runs as part of that stage (cf. related options
+	  VBOOT_STARTS_IN_BOOTBLOCK/_ROMSTAGE and VBOOT_RETURN_FROM_VERSTAGE).
+
+config VBOOT_RETURN_FROM_VERSTAGE
+	bool
+	default n
+	depends on VBOOT_SEPARATE_VERSTAGE
+	help
+	  If this is set, the verstage returns back to the calling stage instead
+	  of exiting to the succeeding stage so that the verstage space can be
+	  reused by the succeeding stage. This is useful if a RAM space is too
+	  small to fit both the verstage and the succeeding stage.
+
+config VBOOT_SAVE_RECOVERY_REASON_ON_REBOOT
+	bool
+	default n
+	help
+	  This option ensures that the recovery request is not lost because of
+	  reboots caused after vboot verification is run. e.g. reboots caused by
+	  FSP components on Intel platforms.
+
+config VBOOT_OPROM_MATTERS
+	bool
+	default n
+	help
+	  Set this option to indicate to vboot that this platform will skip its
+	  display initialization on a normal (non-recovery, non-developer) boot.
+	  Vboot calls this "oprom matters" because on x86 devices this
+	  traditionally meant that the video option ROM will not be loaded, but
+	  it works functionally the same for other platforms that can skip their
+	  native display initialization code instead.
+
+config VBOOT_HAS_REC_HASH_SPACE
+	bool
+	default n
+	help
+	  Set this option to indicate to vboot that recovery data hash space
+	  is present in TPM.
+
+config VBOOT_SOFT_REBOOT_WORKAROUND
+	bool
+	default n
+
+config VBOOT_EC_SOFTWARE_SYNC
+	bool "Enable EC software sync"
+	default n
+	help
+	  EC software sync is a mechanism where the AP helps the EC verify its
+	  firmware similar to how vboot verifies the main system firmware. This
+	  option selects whether vboot should support EC software sync.
+
+config VBOOT_EC_SLOW_UPDATE
+	bool
+	default n
+	depends on VBOOT_EC_SOFTWARE_SYNC
+	help
+	  Whether the EC (or PD) is slow to update and needs to display a
+	  screen that informs the user the update is happening.
+
+config VBOOT_PHYSICAL_DEV_SWITCH
+	bool
+	default n
+	help
+	  Whether this platform has a physical developer switch. Note that this
+	  disables virtual dev switch functionality (through secdata). Operation
+	  where both a physical pin and the virtual switch get sampled is not
+	  supported by coreboot.
+
+config VBOOT_PHYSICAL_REC_SWITCH
+	bool
+	default n
+	help
+	  Whether this platform has a physical recovery switch.
+
+config VBOOT_LID_SWITCH
+	bool
+	default n
+	help
+	  Whether this platform has a lid switch. If it does, vboot will not
+	  decrement try counters for boot failures if the lid is closed.
+
+config VBOOT_WIPEOUT_SUPPORTED
+	bool
+	default n
+	help
+	  When this option is enabled, the firmware provides the ability to
+	  signal the application the need for factory reset (a.k.a. wipe
+	  out) of the device
+
+config VBOOT_FWID_MODEL
+	string "Firmware ID model"
+	default "$(CONFIG_MAINBOARD_VENDOR)_$(CONFIG_MAINBOARD_PART_NUMBER)"
+	help
+	  This is the first part of the FWID written to various regions of a
+	  vboot firmware image to identify its version.
+
+config VBOOT_FWID_VERSION
+	string "Firmware ID version"
+	default ".$(KERNELVERSION)"
+	help
+	  This is the second part of the FWID written to various regions of a
+	  vboot firmware image to identify its version.
+
+menu "GBB configuration"
+
+config GBB_HWID
+	string "Hardware ID"
+	default "NOCONF HWID"
+
+config GBB_BMPFV_FILE
+	string "Path to bmpfv image"
+	default ""
+
+config GBB_FLAG_DEV_SCREEN_SHORT_DELAY
+	bool "Reduce dev screen delay"
+	default n
+
+config GBB_FLAG_LOAD_OPTION_ROMS
+	bool "Load option ROMs"
+	default n
+
+config GBB_FLAG_ENABLE_ALTERNATE_OS
+	bool "Allow booting a non-Chrome OS kernel if dev switch is on"
+	default n
+
+config GBB_FLAG_FORCE_DEV_SWITCH_ON
+	bool "Force dev switch on"
+	default n
+
+config GBB_FLAG_FORCE_DEV_BOOT_USB
+	bool "Allow booting from USB in dev mode even if dev_boot_usb=0"
+	default y
+
+config GBB_FLAG_DISABLE_FW_ROLLBACK_CHECK
+	bool "Disable firmware rollback protection"
+	default y
+
+config GBB_FLAG_ENTER_TRIGGERS_TONORM
+	bool "Return to normal boot with Enter"
+	default n
+
+config GBB_FLAG_FORCE_DEV_BOOT_LEGACY
+	bool "Allow booting to legacy in dev mode even if dev_boot_legacy=0"
+	default n
+
+config GBB_FLAG_FAFT_KEY_OVERIDE
+	bool "Allow booting using alternative keys for FAFT servo testing"
+	default n
+
+config GBB_FLAG_DISABLE_EC_SOFTWARE_SYNC
+	bool "Disable EC software sync"
+	default y
+
+config GBB_FLAG_DEFAULT_DEV_BOOT_LEGACY
+	bool "Default to booting to legacy in dev mode"
+	default n
+
+config GBB_FLAG_DISABLE_PD_SOFTWARE_SYNC
+	bool "Disable PD software sync"
+	default n
+
+config GBB_FLAG_DISABLE_LID_SHUTDOWN
+	bool "Disable shutdown on closed lid"
+	default n
+
+config GBB_FLAG_FORCE_DEV_BOOT_FASTBOOT_FULL_CAP
+	bool "Allow fastboot even if dev_boot_fastboot_full_cap=0"
+	default n
+
+config GBB_FLAG_ENABLE_SERIAL
+	bool "Tell vboot to enable serial console"
+	default n
+
+endmenu # GBB
+
+menu "Vboot Keys"
+config VBOOT_ROOT_KEY
+	string "Root key (public)"
+	default "$(VBOOT_SOURCE)/tests/devkeys/root_key.vbpubk"
+
+config VBOOT_RECOVERY_KEY
+	string "Recovery key (public)"
+	default "$(VBOOT_SOURCE)/tests/devkeys/recovery_key.vbpubk"
+
+config VBOOT_FIRMWARE_PRIVKEY
+	string "Firmware key (private)"
+	default "$(VBOOT_SOURCE)/tests/devkeys/firmware_data_key.vbprivk"
+
+config VBOOT_KERNEL_KEY
+	string "Kernel subkey (public)"
+	default "$(VBOOT_SOURCE)/tests/devkeys/kernel_subkey.vbpubk"
+
+config VBOOT_KEYBLOCK
+	string "Keyblock to use for the RW regions"
+	default "$(VBOOT_SOURCE)/tests/devkeys/firmware.keyblock"
+
+config VBOOT_KEYBLOCK_VERSION
+	int "Keyblock version number"
+	default 1
+
+config VBOOT_KEYBLOCK_PREAMBLE_FLAGS
+	hex "Keyblock preamble flags"
+	default 0x0
+
+endmenu # Keys
+endif # VBOOT
+endmenu # Verified Boot (vboot)

-- 
To view, visit https://review.coreboot.org/23348
To unsubscribe, or for help writing mail filters, visit https://review.coreboot.org/settings

Gerrit-Project: coreboot
Gerrit-Branch: master
Gerrit-MessageType: newchange
Gerrit-Change-Id: Ia3976bee85dd06e8bb83df0c737f3c5f96e9d5b6
Gerrit-Change-Number: 23348
Gerrit-PatchSet: 1
Gerrit-Owner: Lin Huang <hl at rock-chips.com>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mail.coreboot.org/pipermail/coreboot-gerrit/attachments/20180122/85c7e1b0/attachment-0001.html>

More information about the coreboot-gerrit mailing list