vboot: remove VBOOT_SAVE_RECOVERY_REASON_ON_REBOOT option
With CL:1940398, this option is no longer needed. Recovery requests are not cleared until kernel verification stage is reached. If the FSP triggers any reboots, recovery requests will be preserved. In particular: - Manual requests will be preserved via recovery switch state, whose behaviour is modified in CB:38779. - Other recovery requests will remain in nvdata across reboot. These functions now only work after verstage has run: int vboot_check_recovery_request(void) int vboot_recovery_mode_enabled(void) int vboot_developer_mode_enabled(void) BUG=b:124141368, b:35576380 TEST=make clean && make test-abuild BRANCH=none Change-Id: I52d17a3c6730be5c04c3c0ae020368d11db6ca3c Signed-off-by: Joel Kitching <kitching@google.com> Reviewed-on: https://review.coreboot.org/c/coreboot/+/38780 Reviewed-by: Julius Werner <jwerner@chromium.org> Reviewed-by: Furquan Shaikh <furquan@google.com> Tested-by: build bot (Jenkins) <no-reply@coreboot.org>
This commit is contained in:
Joel Kitching
@ -24,79 +24,25 @@
|
||||
#include <security/vboot/vbnv.h>
|
||||
#include <security/vboot/vboot_common.h>
|
||||
|
||||
static int vboot_get_recovery_reason_shared_data(void)
|
||||
{
|
||||
struct vb2_shared_data *sd = vb2_get_sd(vboot_get_context());
|
||||
assert(sd);
|
||||
return sd->recovery_reason;
|
||||
}
|
||||
|
||||
void vboot_save_recovery_reason_vbnv(void)
|
||||
{
|
||||
if (!CONFIG(VBOOT_SAVE_RECOVERY_REASON_ON_REBOOT))
|
||||
return;
|
||||
|
||||
int reason = vboot_get_recovery_reason_shared_data();
|
||||
if (!reason)
|
||||
return;
|
||||
|
||||
set_recovery_mode_into_vbnv(reason);
|
||||
}
|
||||
|
||||
static void vboot_clear_recovery_reason_vbnv(void *unused)
|
||||
{
|
||||
if (!CONFIG(VBOOT_SAVE_RECOVERY_REASON_ON_REBOOT))
|
||||
return;
|
||||
|
||||
set_recovery_mode_into_vbnv(0);
|
||||
}
|
||||
|
||||
/*
|
||||
* Recovery reason stored in VBNV needs to be cleared before the state of VBNV
|
||||
* is backed-up anywhere or jumping to the payload (whichever occurs
|
||||
* first). Currently, vbnv_cmos.c backs up VBNV on POST_DEVICE. Thus, we need to
|
||||
* make sure that the stored recovery reason is cleared off before that
|
||||
* happens.
|
||||
* IMPORTANT: Any reboot occurring after BS_DEV_INIT state will cause loss of
|
||||
* recovery reason on reboot. Until now, we have seen reboots occurring on x86
|
||||
* only in FSP stages which run before BS_DEV_INIT.
|
||||
* Functions which check vboot information should only be called after verstage
|
||||
* has run. Otherwise, they will hit the assertion in vboot_get_context().
|
||||
*/
|
||||
BOOT_STATE_INIT_ENTRY(BS_DEV_INIT, BS_ON_EXIT,
|
||||
vboot_clear_recovery_reason_vbnv, NULL);
|
||||
|
||||
/*
|
||||
* vb2_check_recovery_request looks up different components to identify if there
|
||||
* is a recovery request and returns appropriate reason code:
|
||||
* 1. Checks if recovery mode is initiated by EC. If yes, returns
|
||||
* VB2_RECOVERY_RO_MANUAL.
|
||||
* 2. Checks if recovery request is present in VBNV and returns the code read
|
||||
* from it.
|
||||
* 3. Checks if vboot verification is done. If yes, return the reason code from
|
||||
* shared data.
|
||||
* 4. If nothing applies, return 0 indicating no recovery request.
|
||||
*/
|
||||
int vboot_check_recovery_request(void)
|
||||
{
|
||||
int reason = 0;
|
||||
|
||||
/* EC-initiated recovery. */
|
||||
if (get_recovery_mode_switch())
|
||||
return VB2_RECOVERY_RO_MANUAL;
|
||||
|
||||
/* Recovery request in VBNV. */
|
||||
if ((reason = get_recovery_mode_from_vbnv()) != 0)
|
||||
return reason;
|
||||
|
||||
/* Identify if vboot verification is already complete. */
|
||||
if (vboot_logic_executed())
|
||||
return vboot_get_recovery_reason_shared_data();
|
||||
|
||||
return 0;
|
||||
/* TODO: Expose vb2api_recovery_reason() and vb2api_need_train_and_reboot(). */
|
||||
return vb2_get_sd(vboot_get_context())->recovery_reason;
|
||||
}
|
||||
|
||||
int vboot_recovery_mode_enabled(void)
|
||||
{
|
||||
return !!vboot_check_recovery_request();
|
||||
return vboot_get_context()->flags & VB2_CONTEXT_RECOVERY_MODE;
|
||||
}
|
||||
|
||||
int vboot_developer_mode_enabled(void)
|
||||
{
|
||||
return vboot_get_context()->flags & VB2_CONTEXT_DEVELOPER_MODE;
|
||||
}
|
||||
|
||||
int __weak clear_recovery_mode_switch(void)
|
||||
@ -133,12 +79,6 @@ int vboot_recovery_mode_memory_retrain(void)
|
||||
return get_recovery_mode_retrain_switch();
|
||||
}
|
||||
|
||||
int vboot_developer_mode_enabled(void)
|
||||
{
|
||||
return vboot_logic_executed() &&
|
||||
vboot_get_context()->flags & VB2_CONTEXT_DEVELOPER_MODE;
|
||||
}
|
||||
|
||||
#if CONFIG(VBOOT_NO_BOARD_SUPPORT)
|
||||
/**
|
||||
* TODO: Create flash protection interface which implements get_write_protect_state.
|
||||
|
||||
Reference in New Issue
Block a user