security/vboot: Move vboot2 to security kconfig section

This commit just moves the vboot sources into
the security directory and fixes kconfig/makefile paths.

Fix vboot2 headers

Change-Id: Icd87f95640186f7a625242a3937e1dd13347eb60
Signed-off-by: Philipp Deppenwiese <zaolin@das-labor.org>
Reviewed-on: https://review.coreboot.org/22074
Tested-by: build bot (Jenkins) <no-reply@coreboot.org>
Reviewed-by: Martin Roth <martinroth@google.com>

Makefile.inc

@@ -91,7 +91,7 @@ subdirs-y += util/cbfstool util/sconfig util/nvramtool util/broadcom
 subdirs-y += util/futility util/marvell util/blobtool
 subdirs-y += $(wildcard src/arch/*)
 subdirs-y += src/mainboard/$(MAINBOARDDIR)
-subdirs-y += src/vboot
+subdirs-y += src/security
 subdirs-y += payloads payloads/external
 
 subdirs-y += site-local

src/Kconfig

@@ -349,7 +349,6 @@ source "src/ec/*/*/Kconfig"
 source "src/drivers/intel/fsp1_0/Kconfig"
 
 source "src/southbridge/intel/common/firmware/Kconfig"
-source "src/vboot/Kconfig"
 source "src/vendorcode/*/Kconfig"
 
 source "src/arch/*/Kconfig"

src/device/pci_device.c

@@ -47,7 +47,7 @@
 #include <device/pciexp.h>
 #include <device/hypertransport.h>
 #include <pc80/i8259.h>
-#include <vboot/vbnv.h>
+#include <security/vboot/vbnv.h>
 
 u8 pci_moving_config8(struct device *dev, unsigned int reg)
 {

src/drivers/intel/fsp1_1/raminit.c

@@ -23,7 +23,7 @@
 #include <reset.h>
 #include <string.h>
 #include <timestamp.h>
-#include <vboot/vboot_common.h>
+#include <security/vboot/vboot_common.h>
 
 void raminit(struct romstage_params *params)
 {

src/drivers/intel/fsp2_0/memory_init.c

@@ -32,7 +32,7 @@
 #include <symbols.h>
 #include <timestamp.h>
 #include <tpm_lite/tlcl.h>
-#include <vboot/vboot_common.h>
+#include <security/vboot/vboot_common.h>
 #include <vb2_api.h>
 
 static void mrc_cache_update_tpm_hash(const uint8_t *data, size_t size)

src/drivers/pc80/rtc/mc146818rtc.c

@@ -26,8 +26,8 @@
 #include <rtc.h>
 #include <string.h>
 #include <cbfs.h>
-#include <vboot/vbnv.h>
+#include <security/vboot/vbnv.h>
-#include <vboot/vbnv_layout.h>
+#include <security/vboot/vbnv_layout.h>
 
 /* There's no way around this include guard. option_table.h is autogenerated */
 #if IS_ENABLED(CONFIG_USE_OPTION_TABLE)

src/ec/google/chromeec/ec.c

@@ -26,7 +26,7 @@
 #include <reset.h>
 #include <rtc.h>
 #include <stdlib.h>
-#include <vboot/vboot_common.h>
+#include <security/vboot/vboot_common.h>
 
 #include "chip.h"
 #include "ec.h"

src/lib/coreboot_table.c

@@ -32,7 +32,7 @@
 #include <cbmem.h>
 #include <bootmem.h>
 #include <spi_flash.h>
-#include <vboot/vbnv_layout.h>
+#include <security/vboot/vbnv_layout.h>
 #if IS_ENABLED(CONFIG_USE_OPTION_TABLE)
 #include <option_table.h>
 #endif

src/mainboard/google/veyron_rialto/mainboard.c

@@ -34,7 +34,7 @@
 #include <symbols.h>
 #include <vbe.h>
 #include <vendorcode/google/chromeos/chromeos.h>
-#include <vboot/vboot_common.h>
+#include <security/vboot/vboot_common.h>
 
 #include "board.h"
 

src/mainboard/intel/galileo/vboot.c

@@ -24,8 +24,8 @@
 #include "gen1.h"
 #include "gen2.h"
 #include <spi_flash.h>
-#include <vboot/vboot_common.h>
+#include <security/vboot/vboot_common.h>
-#include <vboot/vbnv.h>
+#include <security/vboot/vbnv.h>
 
 int clear_recovery_mode_switch(void)
 {

src/northbridge/intel/haswell/raminit.c

@@ -28,7 +28,7 @@
 #include <device/dram/ddr3.h>
 #include <smbios.h>
 #include <spd.h>
-#include <vboot/vboot_common.h>
+#include <security/vboot/vboot_common.h>
 #include "raminit.h"
 #include "pei_data.h"
 #include "haswell.h"

src/northbridge/intel/sandybridge/raminit_mrc.c

@@ -31,7 +31,7 @@
 #include "raminit.h"
 #include "pei_data.h"
 #include "sandybridge.h"
-#include <vboot/vboot_common.h>
+#include <security/vboot/vboot_common.h>
 
 /* Management Engine is in the southbridge */
 #include "southbridge/intel/bd82x6x/me.h"

src/security/Kconfig

@@ -11,3 +11,5 @@
 ## MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
 ## GNU General Public License for more details.
 ##
+
+source "src/security/vboot/Kconfig"

src/security/Makefile.inc

@@ -0,0 +1 @@
+subdirs-y += vboot

src/security/vboot/bootmode.c

@@ -20,9 +20,9 @@
 #include <rules.h>
 #include <string.h>
 #include <vb2_api.h>
-#include <vboot/misc.h>
+#include <security/vboot/misc.h>
-#include <vboot/vbnv.h>
+#include <security/vboot/vbnv.h>
-#include <vboot/vboot_common.h>
+#include <security/vboot/vboot_common.h>
 
 static int vb2_get_recovery_reason_shared_data(void)
 {

src/security/vboot/common.c

@@ -20,9 +20,9 @@
 #include <reset.h>
 #include <string.h>
 #include <vb2_api.h>
-#include <vboot/misc.h>
+#include <security/vboot/misc.h>
-#include <vboot/symbols.h>
+#include <security/vboot/symbols.h>
-#include <vboot/vboot_common.h>
+#include <security/vboot/vboot_common.h>
 
 struct selected_region {
 	uint32_t offset;

src/security/vboot/misc.h

@@ -16,7 +16,7 @@
 #ifndef __VBOOT_MISC_H__
 #define __VBOOT_MISC_H__
 
-#include <vboot/vboot_common.h>
+#include <security/vboot/vboot_common.h>
 
 struct vb2_context;
 struct vb2_shared_data;

src/security/vboot/vbnv.c

@@ -16,8 +16,8 @@
 #include <arch/early_variables.h>
 #include <string.h>
 #include <types.h>
-#include <vboot/vbnv.h>
+#include <security/vboot/vbnv.h>
-#include <vboot/vbnv_layout.h>
+#include <security/vboot/vbnv_layout.h>
 
 static int vbnv_initialized CAR_GLOBAL;
 static uint8_t vbnv[VBOOT_VBNV_BLOCK_SIZE] CAR_GLOBAL;

src/security/vboot/vbnv_cmos.c

@@ -17,8 +17,8 @@
 #include <console/console.h>
 #include <types.h>
 #include <pc80/mc146818rtc.h>
-#include <vboot/vbnv.h>
+#include <security/vboot/vbnv.h>
-#include <vboot/vbnv_layout.h>
+#include <security/vboot/vbnv_layout.h>
 
 static void clear_vbnv_battery_cutoff_flag(uint8_t *vbnv_copy)
 {

src/security/vboot/vbnv_ec.c

@@ -15,8 +15,8 @@
 
 #include <types.h>
 #include <ec/google/chromeec/ec.h>
-#include <vboot/vbnv.h>
+#include <security/vboot/vbnv.h>
-#include <vboot/vbnv_layout.h>
+#include <security/vboot/vbnv_layout.h>
 
 void read_vbnv_ec(uint8_t *vbnv_copy)
 {

src/security/vboot/vbnv_flash.c

@@ -20,9 +20,9 @@
 #include <string.h>
 #include <vb2_api.h>
 #include <vboot_nvstorage.h>
-#include <vboot/vboot_common.h>
+#include <security/vboot/vboot_common.h>
-#include <vboot/vbnv.h>
+#include <security/vboot/vbnv.h>
-#include <vboot/vbnv_layout.h>
+#include <security/vboot/vbnv_layout.h>
 
 #define BLOB_SIZE VB2_NVDATA_SIZE
 

src/security/vboot/vboot_common.c

@@ -23,7 +23,7 @@
 #include <rules.h>
 #include <stddef.h>
 #include <string.h>
-#include <vboot/vboot_common.h>
+#include <security/vboot/vboot_common.h>
 
 int vboot_named_region_device(const char *name, struct region_device *rdev)
 {

src/security/vboot/vboot_handoff.c

@@ -34,8 +34,8 @@
 #include <stdlib.h>
 #include <timestamp.h>
 #include <vboot_struct.h>
-#include <vboot/vbnv.h>
+#include <security/vboot/vbnv.h>
-#include <vboot/misc.h>
+#include <security/vboot/misc.h>
 
 /**
  * Sets vboot_handoff based on the information in vb2_shared_data

src/security/vboot/vboot_loader.c

@@ -21,9 +21,9 @@
 #include <rmodule.h>
 #include <rules.h>
 #include <string.h>
-#include <vboot/misc.h>
+#include <security/vboot/misc.h>
-#include <vboot/symbols.h>
+#include <security/vboot/symbols.h>
-#include <vboot/vboot_common.h>
+#include <security/vboot/vboot_common.h>
 
 /* Ensure vboot configuration is valid: */
 _Static_assert(IS_ENABLED(CONFIG_VBOOT_STARTS_IN_BOOTBLOCK) +

src/security/vboot/vboot_logic.c

@@ -23,8 +23,8 @@
 #include <string.h>
 #include <timestamp.h>
 #include <vb2_api.h>
-#include <vboot/misc.h>
+#include <security/vboot/misc.h>
-#include <vboot/vbnv.h>
+#include <security/vboot/vbnv.h>
 
 /* The max hash size to expect is for SHA512. */
 #define VBOOT_MAX_HASH_SIZE VB2_SHA512_DIGEST_SIZE

src/security/vboot/verstage.c

@@ -17,7 +17,7 @@
 #include <arch/hlt.h>
 #include <console/console.h>
 #include <program_loading.h>
-#include <vboot/vboot_common.h>
+#include <security/vboot/vboot_common.h>
 
 void __attribute__((weak)) verstage_mainboard_init(void)
 {

src/soc/amd/stoneyridge/pmutil.c

@@ -13,7 +13,7 @@
  * GNU General Public License for more details.
  */
 
-#include <vboot/vbnv.h>
+#include <security/vboot/vbnv.h>
 
 int vbnv_cmos_failed(void)
 {

src/soc/intel/apollolake/pmutil.c

@@ -34,7 +34,7 @@
 #include <soc/pci_devs.h>
 #include <soc/pm.h>
 #include <timer.h>
-#include <vboot/vbnv.h>
+#include <security/vboot/vbnv.h>
 #include "chip.h"
 
 static uintptr_t read_pmc_mmio_bar(void)

src/soc/intel/baytrail/pmutil.c

@@ -22,7 +22,7 @@
 #include <soc/lpc.h>
 #include <soc/pci_devs.h>
 #include <soc/pmc.h>
-#include <vboot/vbnv.h>
+#include <security/vboot/vbnv.h>
 
 #if defined(__SIMPLE_DEVICE__)
 

src/soc/intel/baytrail/romstage/raminit.c

@@ -30,7 +30,7 @@
 #include <soc/romstage.h>
 #include <ec/google/chromeec/ec.h>
 #include <ec/google/chromeec/ec_commands.h>
-#include <vboot/vboot_common.h>
+#include <security/vboot/vboot_common.h>
 
 static void reset_system(void)
 {

src/soc/intel/braswell/pmutil.c

@@ -23,7 +23,7 @@
 #include <soc/pci_devs.h>
 #include <soc/pm.h>
 #include <stdint.h>
-#include <vboot/vbnv.h>
+#include <security/vboot/vbnv.h>
 
 #if defined(__SIMPLE_DEVICE__)
 

src/soc/intel/broadwell/igd.c

@@ -30,7 +30,7 @@
 #include <soc/ramstage.h>
 #include <soc/systemagent.h>
 #include <soc/intel/broadwell/chip.h>
-#include <vboot/vbnv.h>
+#include <security/vboot/vbnv.h>
 #include <soc/igd.h>
 
 #define GT_RETRY		1000

src/soc/intel/broadwell/pmutil.c

@@ -28,7 +28,7 @@
 #include <soc/pci_devs.h>
 #include <soc/pm.h>
 #include <soc/gpio.h>
-#include <vboot/vbnv.h>
+#include <security/vboot/vbnv.h>
 
 /* Print status bits with descriptive names */
 static void print_status_bits(u32 status, const char *bit_names[])

src/soc/intel/cannonlake/pmc.c

@@ -36,8 +36,8 @@
 #include <cpu/x86/smm.h>
 #include <soc/pcr_ids.h>
 #include <soc/ramstage.h>
-#include <vboot/vbnv.h>
+#include <security/vboot/vbnv.h>
-#include <vboot/vbnv_layout.h>
+#include <security/vboot/vbnv_layout.h>
 
 static void pch_pmc_add_mmio_resources(device_t dev)
 {

src/soc/intel/cannonlake/pmutil.c

@@ -40,7 +40,7 @@
 #include <soc/pm.h>
 #include <soc/smbus.h>
 #include <timer.h>
-#include <vboot/vbnv.h>
+#include <security/vboot/vbnv.h>
 #include "chip.h"
 
 /*

src/soc/intel/common/block/pmc/pmclib.c

@@ -23,7 +23,7 @@
 #include <soc/pm.h>
 #include <string.h>
 #include <timer.h>
-#include <vboot/vboot_common.h>
+#include <security/vboot/vboot_common.h>
 
 static struct chipset_power_state power_state CAR_GLOBAL;
 

src/soc/intel/common/mrc_cache.c

@@ -23,7 +23,7 @@
 #include <fmap.h>
 #include <ip_checksum.h>
 #include <region_file.h>
-#include <vboot/vboot_common.h>
+#include <security/vboot/vboot_common.h>
 
 #include "mrc_cache.h"
 #include "nvm.h"

src/soc/intel/skylake/igd.c

@@ -32,7 +32,7 @@
 #include <soc/systemagent.h>
 #include <stdlib.h>
 #include <string.h>
-#include <vboot/vbnv.h>
+#include <security/vboot/vbnv.h>
 
 uintptr_t fsp_soc_get_igd_bar(void)
 {

src/soc/intel/skylake/pmutil.c

@@ -40,7 +40,7 @@
 #include <soc/pmc.h>
 #include <soc/smbus.h>
 #include <timer.h>
-#include <vboot/vbnv.h>
+#include <security/vboot/vbnv.h>
 #include "chip.h"
 
 /*

src/soc/intel/skylake/romstage/romstage_fsp20.c

@@ -35,7 +35,7 @@
 #include <soc/romstage.h>
 #include <string.h>
 #include <timestamp.h>
-#include <vboot/vboot_common.h>
+#include <security/vboot/vboot_common.h>
 
 #define FSP_SMBIOS_MEMORY_INFO_GUID	\
 {	\

src/southbridge/intel/bd82x6x/early_pch_common.c

@@ -22,7 +22,7 @@
 #include <arch/acpi.h>
 #include <console/console.h>
 #include <rules.h>
-#include <vboot/vbnv.h>
+#include <security/vboot/vbnv.h>
 
 #if ENV_ROMSTAGE
 uint64_t get_initial_timestamp(void)

src/southbridge/intel/lynxpoint/pmutil.c

@@ -24,7 +24,7 @@
 #include <device/pci.h>
 #include <device/pci_def.h>
 #include <console/console.h>
-#include <vboot/vbnv.h>
+#include <security/vboot/vbnv.h>
 #include "pch.h"
 
 #if IS_ENABLED(CONFIG_INTEL_LYNXPOINT_LP)

src/vendorcode/google/chromeos/acpi/chromeos.asl

@@ -13,7 +13,7 @@
  * GNU General Public License for more details.
  */
 
-#include <vboot/vbnv_layout.h>
+#include <security/vboot/vbnv_layout.h>
 
 #if IS_ENABLED(CONFIG_CHROMEOS)
 

src/vendorcode/google/chromeos/chromeos.h

@@ -21,8 +21,8 @@
 #include <bootmode.h>
 #include <device/device.h>
 #include <rules.h>
-#include <vboot/misc.h>
+#include <security/vboot/misc.h>
-#include <vboot/vboot_common.h>
+#include <security/vboot/vboot_common.h>
 
 #if IS_ENABLED(CONFIG_CHROMEOS)
 /* functions implemented in watchdog.c */

src/vendorcode/google/chromeos/cr50_enable_update.c

@@ -20,7 +20,7 @@
 #include <halt.h>
 #include <tpm_lite/tlcl.h>
 #include <vb2_api.h>
-#include <vboot/vboot_common.h>
+#include <security/vboot/vboot_common.h>
 
 static void enable_update(void *unused)
 {

src/vendorcode/google/chromeos/elog.c

@@ -16,7 +16,7 @@
 #include <bootstate.h>
 #include <console/console.h>
 #include <elog.h>
-#include <vboot/vboot_common.h>
+#include <security/vboot/vboot_common.h>
 
 #if IS_ENABLED(CONFIG_HAVE_ACPI_RESUME)
 #include <arch/acpi.h>

src/vendorcode/google/chromeos/gnvs.c

@@ -20,8 +20,8 @@
 #include <cbmem.h>
 #include <console/console.h>
 #include <elog.h>
-#include <vboot/vbnv.h>
+#include <security/vboot/vbnv.h>
-#include <vboot/vboot_common.h>
+#include <security/vboot/vboot_common.h>
 #include <vboot_struct.h>
 
 #include "chromeos.h"