Blame - src/security/vboot/vboot_loader.c - coreboot

blob: 56a0664328737ea1cf1f5719e0bab71744d96a06 [file] [log] [blame]

Angel Pons	986d50e	2020-04-02 23:48:53 +0200	[diff] [blame]	1	/* SPDX-License-Identifier: GPL-2.0-only */
Aaron Durbin	17200ad	2015-05-01 16:48:54 -0500	[diff] [blame]	2
Julius Werner	1e37c9c	2019-12-11 17:09:39 -0800	[diff] [blame]	3	#include <boot_device.h>
Aaron Durbin	17200ad	2015-05-01 16:48:54 -0500	[diff] [blame]	4	#include <cbfs.h>
Elyes HAOUAS	26a6921	2021-02-08 10:02:56 +0100	[diff] [blame^]	5	#include <cbmem.h>
Julius Werner	1e37c9c	2019-12-11 17:09:39 -0800	[diff] [blame]	6	#include <commonlib/bsd/cbfs_private.h>
Aaron Durbin	17200ad	2015-05-01 16:48:54 -0500	[diff] [blame]	7	#include <console/console.h>
Aaron Durbin	f7ce40b	2016-08-24 14:58:12 -0500	[diff] [blame]	8	#include <ec/google/chromeec/ec.h>
Aaron Durbin	09560fa	2015-05-12 16:43:10 -0500	[diff] [blame]	9	#include <rmodule.h>
Philipp Deppenwiese	fea2429	2017-10-17 17:02:29 +0200	[diff] [blame]	10	#include <security/vboot/misc.h>
				11	#include <security/vboot/symbols.h>
				12	#include <security/vboot/vboot_common.h>
Aaron Durbin	17200ad	2015-05-01 16:48:54 -0500	[diff] [blame]	13
Julius Werner	73d042b	2017-03-17 16:54:48 -0700	[diff] [blame]	14	/* Ensure vboot configuration is valid: */
Julius Werner	cd49cce	2019-03-05 16:53:33 -0800	[diff] [blame]	15	_Static_assert(CONFIG(VBOOT_STARTS_IN_BOOTBLOCK) +
Martin Roth	8a3a3c8	2020-05-04 10:13:45 -0600	[diff] [blame]	16	CONFIG(VBOOT_STARTS_BEFORE_BOOTBLOCK) +
Julius Werner	cd49cce	2019-03-05 16:53:33 -0800	[diff] [blame]	17	CONFIG(VBOOT_STARTS_IN_ROMSTAGE) == 1,
Martin Roth	8a3a3c8	2020-05-04 10:13:45 -0600	[diff] [blame]	18	"vboot must start in bootblock, PSP or romstage (but only one!)");
				19	_Static_assert(!CONFIG(VBOOT_SEPARATE_VERSTAGE) \|\| CONFIG(VBOOT_STARTS_IN_BOOTBLOCK) \|\|
				20	CONFIG(VBOOT_STARTS_BEFORE_BOOTBLOCK),
				21	"stand-alone verstage must start in or before bootblock ");
Julius Werner	cd49cce	2019-03-05 16:53:33 -0800	[diff] [blame]	22	_Static_assert(!CONFIG(VBOOT_RETURN_FROM_VERSTAGE) \|\|
				23	CONFIG(VBOOT_SEPARATE_VERSTAGE),
Julius Werner	73d042b	2017-03-17 16:54:48 -0700	[diff] [blame]	24	"return from verstage only makes sense for separate verstages");
				25
Arthur Heymans	344e86b	2019-11-20 19:47:10 +0100	[diff] [blame]	26	int vboot_executed;
Aaron Durbin	6d720f3	2015-12-08 17:00:23 -0600	[diff] [blame]	27
Julius Werner	fdabf3f	2020-05-06 17:06:35 -0700	[diff] [blame]	28	static void after_verstage(void)
Julius Werner	1e37c9c	2019-12-11 17:09:39 -0800	[diff] [blame]	29	{
Julius Werner	fdabf3f	2020-05-06 17:06:35 -0700	[diff] [blame]	30	vboot_executed = 1; /* Mark verstage execution complete. */
Julius Werner	1e37c9c	2019-12-11 17:09:39 -0800	[diff] [blame]	31
				32	const struct cbfs_boot_device *cbd = vboot_get_cbfs_boot_device();
Julius Werner	fdabf3f	2020-05-06 17:06:35 -0700	[diff] [blame]	33	if (!cbd) /* Can't initialize RW CBFS in recovery mode. */
Julius Werner	1e37c9c	2019-12-11 17:09:39 -0800	[diff] [blame]	34	return;
Julius Werner	fdabf3f	2020-05-06 17:06:35 -0700	[diff] [blame]	35
				36	cb_err_t err = cbfs_init_boot_device(cbd, NULL); /* TODO: RW hash */
				37	if (err && err != CB_CBFS_CACHE_FULL) /* TODO: -> recovery? */
				38	die("RW CBFS initialization failure: %d", err);
Julius Werner	1e37c9c	2019-12-11 17:09:39 -0800	[diff] [blame]	39	}
				40
Wim Vervoorn	1058dd8	2019-11-01 10:22:22 +0100	[diff] [blame]	41	void vboot_run_logic(void)
Aaron Durbin	17200ad	2015-05-01 16:48:54 -0500	[diff] [blame]	42	{
Paul Kocialkowski	1811768	2016-05-14 15:30:52 +0200	[diff] [blame]	43	if (verification_should_run()) {
Julius Werner	58c3938	2017-02-13 17:53:29 -0800	[diff] [blame]	44	/* Note: this path is not used for VBOOT_RETURN_FROM_VERSTAGE */
Aaron Durbin	17200ad	2015-05-01 16:48:54 -0500	[diff] [blame]	45	verstage_main();
Julius Werner	fdabf3f	2020-05-06 17:06:35 -0700	[diff] [blame]	46	after_verstage();
Aaron Durbin	17200ad	2015-05-01 16:48:54 -0500	[diff] [blame]	47	} else if (verstage_should_load()) {
Aaron Durbin	37a5d15	2015-09-17 16:09:30 -0500	[diff] [blame]	48	struct cbfsf file;
Aaron Durbin	ac12c66c	2015-05-20 12:08:55 -0500	[diff] [blame]	49	struct prog verstage =
Aaron Durbin	7e7a4df	2015-12-08 14:34:35 -0600	[diff] [blame]	50	PROG_INIT(PROG_VERSTAGE,
Aaron Durbin	ac12c66c	2015-05-20 12:08:55 -0500	[diff] [blame]	51	CONFIG_CBFS_PREFIX "/verstage");
Aaron Durbin	17200ad	2015-05-01 16:48:54 -0500	[diff] [blame]	52
Aaron Durbin	ce2c50d	2015-05-13 13:33:27 -0500	[diff] [blame]	53	printk(BIOS_DEBUG, "VBOOT: Loading verstage.\n");
				54
Aaron Durbin	17200ad	2015-05-01 16:48:54 -0500	[diff] [blame]	55	/* load verstage from RO */
Aaron Durbin	37a5d15	2015-09-17 16:09:30 -0500	[diff] [blame]	56	if (cbfs_boot_locate(&file, prog_name(&verstage), NULL))
				57	die("failed to load verstage");
				58
				59	cbfs_file_data(prog_rdev(&verstage), &file);
				60
				61	if (cbfs_prog_stage_load(&verstage))
Aaron Durbin	17200ad	2015-05-01 16:48:54 -0500	[diff] [blame]	62	die("failed to load verstage");
				63
				64	/* verify and select a slot */
				65	prog_run(&verstage);
				66
				67	/* This is not actually possible to hit this condition at
				68	* runtime, but this provides a hint to the compiler for dead
				69	* code elimination below. */
Julius Werner	cd49cce	2019-03-05 16:53:33 -0800	[diff] [blame]	70	if (!CONFIG(VBOOT_RETURN_FROM_VERSTAGE))
Aaron Durbin	6d720f3	2015-12-08 17:00:23 -0600	[diff] [blame]	71	return;
				72
Julius Werner	fdabf3f	2020-05-06 17:06:35 -0700	[diff] [blame]	73	after_verstage();
Aaron Durbin	17200ad	2015-05-01 16:48:54 -0500	[diff] [blame]	74	}
Aaron Durbin	17200ad	2015-05-01 16:48:54 -0500	[diff] [blame]	75	}
				76
Julius Werner	1e37c9c	2019-12-11 17:09:39 -0800	[diff] [blame]	77	const struct cbfs_boot_device *vboot_get_cbfs_boot_device(void)
Aaron Durbin	17200ad	2015-05-01 16:48:54 -0500	[diff] [blame]	78	{
Aaron Durbin	6d720f3	2015-12-08 17:00:23 -0600	[diff] [blame]	79	/* Don't honor vboot results until the vboot logic has run. */
Joel Kitching	af8471c	2019-03-13 22:38:07 +0800	[diff] [blame]	80	if (!vboot_logic_executed())
Julius Werner	1e37c9c	2019-12-11 17:09:39 -0800	[diff] [blame]	81	return NULL;
Aaron Durbin	17200ad	2015-05-01 16:48:54 -0500	[diff] [blame]	82
Julius Werner	1e37c9c	2019-12-11 17:09:39 -0800	[diff] [blame]	83	static struct cbfs_boot_device cbd;
				84	if (region_device_sz(&cbd.rdev))
				85	return &cbd;
Yu-Ping Wu	aeb652a	2019-11-14 15:42:25 +0800	[diff] [blame]	86
Julius Werner	1e37c9c	2019-12-11 17:09:39 -0800	[diff] [blame]	87	struct vb2_context *ctx = vboot_get_context();
Yu-Ping Wu	aeb652a	2019-11-14 15:42:25 +0800	[diff] [blame]	88	if (ctx->flags & VB2_CONTEXT_RECOVERY_MODE)
Julius Werner	1e37c9c	2019-12-11 17:09:39 -0800	[diff] [blame]	89	return NULL;
Aaron Durbin	b6981c0	2015-05-15 15:57:51 -0500	[diff] [blame]	90
Julius Werner	1e37c9c	2019-12-11 17:09:39 -0800	[diff] [blame]	91	boot_device_init();
				92	if (vboot_locate_firmware(ctx, &cbd.rdev))
				93	return NULL;
				94
				95	cbfs_boot_device_find_mcache(&cbd, CBMEM_ID_CBFS_RW_MCACHE);
				96
				97	return &cbd;
Aaron Durbin	17200ad	2015-05-01 16:48:54 -0500	[diff] [blame]	98	}