Gitiles
Code Review Sign In
review.coreboot.org / coreboot / d32b6dee6bfd609ce44c195abd0410d5f56c8f5f / . / src / security / vboot / vboot_loader.c
blob: 4cf3eea35da5a7f778bbfd717d2d2a1ff0ff55b9 [file] [log] [blame]
Aaron Durbin17200ad2015-05-01 16:48:54 -0500[diff] [blame]1/*
2 * This file is part of the coreboot project.
3 *
Aaron Durbin17200ad2015-05-01 16:48:54 -0500[diff] [blame]4 *
5 * This program is free software; you can redistribute it and/or modify
6 * it under the terms of the GNU General Public License as published by
7 * the Free Software Foundation; version 2 of the License.
8 *
9 * This program is distributed in the hope that it will be useful,
10 * but WITHOUT ANY WARRANTY; without even the implied warranty of
11 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
12 * GNU General Public License for more details.
Aaron Durbin17200ad2015-05-01 16:48:54 -0500[diff] [blame]13 */
14
15#include <cbfs.h>
16#include <console/console.h>
Aaron Durbinf7ce40b2016-08-24 14:58:12 -0500[diff] [blame]17#include <ec/google/chromeec/ec.h>
Aaron Durbin09560fa2015-05-12 16:43:10 -0500[diff] [blame]18#include <rmodule.h>
Philipp Deppenwiesefea24292017-10-17 17:02:29 +0200[diff] [blame]19#include <security/vboot/misc.h>
20#include <security/vboot/symbols.h>
21#include <security/vboot/vboot_common.h>
Aaron Durbin17200ad2015-05-01 16:48:54 -0500[diff] [blame]22
Julius Werner73d042b2017-03-17 16:54:48 -0700[diff] [blame]23/* Ensure vboot configuration is valid: */
Julius Wernercd49cce2019-03-05 16:53:33 -0800[diff] [blame]24_Static_assert(CONFIG(VBOOT_STARTS_IN_BOOTBLOCK) +
25 CONFIG(VBOOT_STARTS_IN_ROMSTAGE) == 1,
Julius Werner73d042b2017-03-17 16:54:48 -0700[diff] [blame]26 "vboot must either start in bootblock or romstage (not both!)");
Julius Wernercd49cce2019-03-05 16:53:33 -0800[diff] [blame]27_Static_assert(!CONFIG(VBOOT_SEPARATE_VERSTAGE) ||
28 CONFIG(VBOOT_STARTS_IN_BOOTBLOCK),
Julius Werner73d042b2017-03-17 16:54:48 -0700[diff] [blame]29 "stand-alone verstage must start in (i.e. after) bootblock");
Julius Wernercd49cce2019-03-05 16:53:33 -0800[diff] [blame]30_Static_assert(!CONFIG(VBOOT_RETURN_FROM_VERSTAGE) ||
31 CONFIG(VBOOT_SEPARATE_VERSTAGE),
Julius Werner73d042b2017-03-17 16:54:48 -0700[diff] [blame]32 "return from verstage only makes sense for separate verstages");
33
Arthur Heymans344e86b2019-11-20 19:47:10 +0100[diff] [blame]34int vboot_executed;
Aaron Durbin6d720f32015-12-08 17:00:23 -0600[diff] [blame]35
Wim Vervoorn1058dd82019-11-01 10:22:22 +0100[diff] [blame]36void vboot_run_logic(void)
Aaron Durbin17200ad2015-05-01 16:48:54 -0500[diff] [blame]37{
Paul Kocialkowski18117682016-05-14 15:30:52 +0200[diff] [blame]38 if (verification_should_run()) {
Julius Werner58c39382017-02-13 17:53:29 -0800[diff] [blame]39 /* Note: this path is not used for VBOOT_RETURN_FROM_VERSTAGE */
Aaron Durbin17200ad2015-05-01 16:48:54 -0500[diff] [blame]40 verstage_main();
Arthur Heymans344e86b2019-11-20 19:47:10 +0100[diff] [blame]41 vboot_executed = 1;
Aaron Durbin17200ad2015-05-01 16:48:54 -0500[diff] [blame]42 } else if (verstage_should_load()) {
Aaron Durbin37a5d152015-09-17 16:09:30 -0500[diff] [blame]43 struct cbfsf file;
Aaron Durbinac12c66c2015-05-20 12:08:55 -0500[diff] [blame]44 struct prog verstage =
Aaron Durbin7e7a4df2015-12-08 14:34:35 -0600[diff] [blame]45 PROG_INIT(PROG_VERSTAGE,
Aaron Durbinac12c66c2015-05-20 12:08:55 -0500[diff] [blame]46 CONFIG_CBFS_PREFIX "/verstage");
Aaron Durbin17200ad2015-05-01 16:48:54 -0500[diff] [blame]47
Aaron Durbince2c50d2015-05-13 13:33:27 -0500[diff] [blame]48 printk(BIOS_DEBUG, "VBOOT: Loading verstage.\n");
49
Aaron Durbin17200ad2015-05-01 16:48:54 -0500[diff] [blame]50 /* load verstage from RO */
Aaron Durbin37a5d152015-09-17 16:09:30 -0500[diff] [blame]51 if (cbfs_boot_locate(&file, prog_name(&verstage), NULL))
52 die("failed to load verstage");
53
54 cbfs_file_data(prog_rdev(&verstage), &file);
55
56 if (cbfs_prog_stage_load(&verstage))
Aaron Durbin17200ad2015-05-01 16:48:54 -0500[diff] [blame]57 die("failed to load verstage");
58
59 /* verify and select a slot */
60 prog_run(&verstage);
61
62 /* This is not actually possible to hit this condition at
63 * runtime, but this provides a hint to the compiler for dead
64 * code elimination below. */
Julius Wernercd49cce2019-03-05 16:53:33 -0800[diff] [blame]65 if (!CONFIG(VBOOT_RETURN_FROM_VERSTAGE))
Aaron Durbin6d720f32015-12-08 17:00:23 -0600[diff] [blame]66 return;
67
Arthur Heymans344e86b2019-11-20 19:47:10 +0100[diff] [blame]68 vboot_executed = 1;
Aaron Durbin17200ad2015-05-01 16:48:54 -0500[diff] [blame]69 }
Aaron Durbin17200ad2015-05-01 16:48:54 -0500[diff] [blame]70}
71
Julius Werner815611e2019-12-05 22:29:07 -0800[diff] [blame]72int vboot_locate_cbfs(struct region_device *rdev)
Aaron Durbin17200ad2015-05-01 16:48:54 -0500[diff] [blame]73{
Julius Wernerf8e17642019-12-12 13:23:06 -0800[diff] [blame]74 struct vb2_context *ctx;
Aaron Durbin899d13d2015-05-15 23:39:23 -0500[diff] [blame]75
Aaron Durbin6d720f32015-12-08 17:00:23 -0600[diff] [blame]76 /* Don't honor vboot results until the vboot logic has run. */
Joel Kitchingaf8471c2019-03-13 22:38:07 +0800[diff] [blame]77 if (!vboot_logic_executed())
Aaron Durbinb6981c02015-05-15 15:57:51 -0500[diff] [blame]78 return -1;
Aaron Durbin17200ad2015-05-01 16:48:54 -0500[diff] [blame]79
Yu-Ping Wuaeb652a2019-11-14 15:42:25 +0800[diff] [blame]80 ctx = vboot_get_context();
81
82 if (ctx->flags & VB2_CONTEXT_RECOVERY_MODE)
Aaron Durbin4e50cdd2015-05-15 23:25:46 -0500[diff] [blame]83 return -1;
Aaron Durbinb6981c02015-05-15 15:57:51 -0500[diff] [blame]84
Aaron Durbinfe338e22019-11-18 12:35:21 -0700[diff] [blame]85 return vboot_locate_firmware(ctx, rdev);
Aaron Durbin17200ad2015-05-01 16:48:54 -0500[diff] [blame]86}