Angel Pons | 986d50e | 2020-04-02 23:48:53 +0200 | [diff] [blame] | 1 | /* SPDX-License-Identifier: GPL-2.0-only */ |
Daisuke Nojiri | 742fc8d | 2014-10-10 10:51:06 -0700 | [diff] [blame] | 2 | |
Furquan Shaikh | 2a12e2e | 2016-07-25 11:48:03 -0700 | [diff] [blame] | 3 | #ifndef __VBOOT_MISC_H__ |
| 4 | #define __VBOOT_MISC_H__ |
Daisuke Nojiri | 742fc8d | 2014-10-10 10:51:06 -0700 | [diff] [blame] | 5 | |
Julius Werner | 998dc17 | 2019-05-09 14:16:13 -0700 | [diff] [blame] | 6 | #include <assert.h> |
Philipp Deppenwiese | fea2429 | 2017-10-17 17:02:29 +0200 | [diff] [blame] | 7 | #include <security/vboot/vboot_common.h> |
Joel Kitching | 814c865 | 2020-02-14 13:18:06 +0800 | [diff] [blame] | 8 | #include <vb2_api.h> |
Aaron Durbin | b5a20b2 | 2015-10-06 17:29:03 -0500 | [diff] [blame] | 9 | |
Joel Kitching | 8d0f599 | 2019-03-13 18:10:52 +0800 | [diff] [blame] | 10 | /* |
Joel Kitching | af8471c | 2019-03-13 22:38:07 +0800 | [diff] [blame] | 11 | * Source: security/vboot/common.c |
| 12 | */ |
Joel Kitching | 2332c74 | 2019-10-23 15:01:37 +0800 | [diff] [blame] | 13 | struct vb2_context *vboot_get_context(void); |
Daisuke Nojiri | 742fc8d | 2014-10-10 10:51:06 -0700 | [diff] [blame] | 14 | |
Yu-Ping Wu | aeb652a | 2019-11-14 15:42:25 +0800 | [diff] [blame] | 15 | /* |
| 16 | * Returns 1 if firmware slot A is used, 0 if slot B is used. |
| 17 | */ |
Julius Werner | f8e1764 | 2019-12-12 13:23:06 -0800 | [diff] [blame] | 18 | static inline int vboot_is_firmware_slot_a(struct vb2_context *ctx) |
Yu-Ping Wu | aeb652a | 2019-11-14 15:42:25 +0800 | [diff] [blame] | 19 | { |
| 20 | return !(ctx->flags & VB2_CONTEXT_FW_SLOT_B); |
| 21 | } |
Daisuke Nojiri | 742fc8d | 2014-10-10 10:51:06 -0700 | [diff] [blame] | 22 | |
Yu-Ping Wu | aeb652a | 2019-11-14 15:42:25 +0800 | [diff] [blame] | 23 | /* |
Julius Werner | d618aac | 2019-11-26 17:58:11 -0800 | [diff] [blame] | 24 | * Check if given flag is set in the flags field in GBB header. |
| 25 | * Return value: |
| 26 | * true: Flag is set. |
| 27 | * false: Flag is not set. |
| 28 | */ |
| 29 | static inline bool vboot_is_gbb_flag_set(enum vb2_gbb_flag flag) |
| 30 | { |
| 31 | return !!(vb2api_gbb_get_flags(vboot_get_context()) & flag); |
| 32 | } |
| 33 | |
| 34 | /* |
Yu-Ping Wu | aeb652a | 2019-11-14 15:42:25 +0800 | [diff] [blame] | 35 | * Locates firmware as a region device. Returns 0 on success, -1 on failure. |
| 36 | */ |
Julius Werner | f8e1764 | 2019-12-12 13:23:06 -0800 | [diff] [blame] | 37 | int vboot_locate_firmware(struct vb2_context *ctx, struct region_device *fw); |
Joel Kitching | af8471c | 2019-03-13 22:38:07 +0800 | [diff] [blame] | 38 | |
| 39 | /* |
Julius Werner | 998dc17 | 2019-05-09 14:16:13 -0700 | [diff] [blame] | 40 | * The stage loading code is compiled and entered from multiple stages. The |
| 41 | * helper functions below attempt to provide more clarity on when certain |
| 42 | * code should be called. They are implemented inline for better compile-time |
| 43 | * code elimination. |
| 44 | */ |
| 45 | |
| 46 | static inline int verification_should_run(void) |
| 47 | { |
| 48 | if (CONFIG(VBOOT_SEPARATE_VERSTAGE)) |
Julius Werner | 21a4053 | 2020-04-21 16:03:53 -0700 | [diff] [blame] | 49 | return ENV_SEPARATE_VERSTAGE; |
Julius Werner | 998dc17 | 2019-05-09 14:16:13 -0700 | [diff] [blame] | 50 | else if (CONFIG(VBOOT_STARTS_IN_ROMSTAGE)) |
Arthur Heymans | a2bc254 | 2021-05-29 08:10:49 +0200 | [diff] [blame^] | 51 | return ENV_RAMINIT; |
Julius Werner | 998dc17 | 2019-05-09 14:16:13 -0700 | [diff] [blame] | 52 | else if (CONFIG(VBOOT_STARTS_IN_BOOTBLOCK)) |
| 53 | return ENV_BOOTBLOCK; |
| 54 | else |
Nico Huber | db2c8df | 2020-04-06 23:02:12 +0200 | [diff] [blame] | 55 | dead_code(); |
Julius Werner | 998dc17 | 2019-05-09 14:16:13 -0700 | [diff] [blame] | 56 | } |
| 57 | |
| 58 | static inline int verstage_should_load(void) |
| 59 | { |
Martin Roth | 8a3a3c8 | 2020-05-04 10:13:45 -0600 | [diff] [blame] | 60 | if (CONFIG(VBOOT_SEPARATE_VERSTAGE) && !CONFIG(VBOOT_STARTS_BEFORE_BOOTBLOCK)) |
Julius Werner | 998dc17 | 2019-05-09 14:16:13 -0700 | [diff] [blame] | 61 | return ENV_BOOTBLOCK; |
| 62 | else |
| 63 | return 0; |
| 64 | } |
| 65 | |
| 66 | static inline int vboot_logic_executed(void) |
| 67 | { |
| 68 | extern int vboot_executed; /* should not be globally accessible */ |
| 69 | |
| 70 | /* If we are in the stage that runs verification, or in the stage that |
| 71 | both loads the verstage and is returned to from it afterwards, we |
Elyes HAOUAS | 58f3fd6 | 2020-01-05 13:14:06 +0100 | [diff] [blame] | 72 | need to check a global to see if verification has run. */ |
Julius Werner | 998dc17 | 2019-05-09 14:16:13 -0700 | [diff] [blame] | 73 | if (verification_should_run() || |
| 74 | (verstage_should_load() && CONFIG(VBOOT_RETURN_FROM_VERSTAGE))) |
Arthur Heymans | 344e86b | 2019-11-20 19:47:10 +0100 | [diff] [blame] | 75 | return vboot_executed; |
Julius Werner | 998dc17 | 2019-05-09 14:16:13 -0700 | [diff] [blame] | 76 | |
| 77 | if (CONFIG(VBOOT_STARTS_IN_BOOTBLOCK)) { |
| 78 | /* All other stages are "after the bootblock" */ |
| 79 | return !ENV_BOOTBLOCK; |
| 80 | } else if (CONFIG(VBOOT_STARTS_IN_ROMSTAGE)) { |
| 81 | /* Post-RAM stages are "after the romstage" */ |
Kyösti Mälkki | b590a04 | 2019-09-12 17:09:55 +0300 | [diff] [blame] | 82 | return !ENV_ROMSTAGE_OR_BEFORE; |
Martin Roth | 8a3a3c8 | 2020-05-04 10:13:45 -0600 | [diff] [blame] | 83 | } else if (CONFIG(VBOOT_STARTS_BEFORE_BOOTBLOCK)) { |
| 84 | return !ENV_SEPARATE_VERSTAGE; |
Julius Werner | 998dc17 | 2019-05-09 14:16:13 -0700 | [diff] [blame] | 85 | } else { |
Nico Huber | db2c8df | 2020-04-06 23:02:12 +0200 | [diff] [blame] | 86 | dead_code(); |
Julius Werner | 998dc17 | 2019-05-09 14:16:13 -0700 | [diff] [blame] | 87 | } |
| 88 | } |
| 89 | |
Julius Werner | d96ca24 | 2022-08-08 18:08:35 -0700 | [diff] [blame] | 90 | static inline bool vboot_hwcrypto_allowed(void) |
| 91 | { |
| 92 | /* When not using vboot firmware verification, HW crypto is always allowed. */ |
| 93 | if (!CONFIG(VBOOT)) |
| 94 | return 1; |
| 95 | |
| 96 | /* Before vboot runs we can't check for HW crypto, so err on the side of caution. */ |
| 97 | if (!vboot_logic_executed()) |
| 98 | return 0; |
| 99 | |
| 100 | /* Otherwise, vboot can decide. */ |
| 101 | return vb2api_hwcrypto_allowed(vboot_get_context()); |
| 102 | } |
| 103 | |
Furquan Shaikh | 2a12e2e | 2016-07-25 11:48:03 -0700 | [diff] [blame] | 104 | #endif /* __VBOOT_MISC_H__ */ |