Blame - src/security/vboot/vboot_common.c - coreboot

blob: 68df1406a769ae46f264bab5e36e802522fc495c [file] [log] [blame]

Angel Pons	986d50e	2020-04-02 23:48:53 +0200	[diff] [blame]	1	/* SPDX-License-Identifier: GPL-2.0-only */
Daisuke Nojiri	742fc8d	2014-10-10 10:51:06 -0700	[diff] [blame]	2
Patrick Georgi	3e18aca	2015-04-29 18:59:04 +0200	[diff] [blame]	3	#include <console/cbmem_console.h>
Vadim Bendebury	c83687d	2015-04-10 17:50:11 -0700	[diff] [blame]	4	#include <reset.h>
Jon Murphy	d7b8dc9	2023-09-05 11:36:43 -0600	[diff] [blame]	5	#include <security/tpm/tss_errors.h>
Julius Werner	d618aac	2019-11-26 17:58:11 -0800	[diff] [blame]	6	#include <security/vboot/misc.h>
Philipp Deppenwiese	fea2429	2017-10-17 17:02:29 +0200	[diff] [blame]	7	#include <security/vboot/vboot_common.h>
Furquan Shaikh	95673af	2018-04-25 18:15:44 -0700	[diff] [blame]	8	#include <security/vboot/vbnv.h>
Joel Kitching	1a6b5c2	2019-04-25 19:11:13 +0800	[diff] [blame]	9	#include <vb2_api.h>
Daisuke Nojiri	742fc8d	2014-10-10 10:51:06 -0700	[diff] [blame]	10
Sridhar Siricilla	89ac87a	2020-04-20 18:45:22 +0530	[diff] [blame]	11	#include "antirollback.h"
				12
Jakub Czapiga	d27fff5	2022-11-17 09:13:31 +0000	[diff] [blame]	13	static void save_secdata(struct vb2_context *ctx)
Sridhar Siricilla	89ac87a	2020-04-20 18:45:22 +0530	[diff] [blame]	14	{
Jakub Czapiga	d27fff5	2022-11-17 09:13:31 +0000	[diff] [blame]	15	if (ctx->flags & VB2_CONTEXT_SECDATA_FIRMWARE_CHANGED
Jon Murphy	d7b8dc9	2023-09-05 11:36:43 -0600	[diff] [blame]	16	&& (CONFIG(VBOOT_MOCK_SECDATA) \|\| tlcl_lib_init() == TPM_SUCCESS)) {
Sridhar Siricilla	89ac87a	2020-04-20 18:45:22 +0530	[diff] [blame]	17	printk(BIOS_INFO, "Saving secdata firmware\n");
				18	antirollback_write_space_firmware(ctx);
				19	ctx->flags &= ~VB2_CONTEXT_SECDATA_FIRMWARE_CHANGED;
				20	}
				21
Jakub Czapiga	d27fff5	2022-11-17 09:13:31 +0000	[diff] [blame]	22	if (ctx->flags & VB2_CONTEXT_SECDATA_KERNEL_CHANGED
Jon Murphy	d7b8dc9	2023-09-05 11:36:43 -0600	[diff] [blame]	23	&& (CONFIG(VBOOT_MOCK_SECDATA) \|\| tlcl_lib_init() == TPM_SUCCESS)) {
Sridhar Siricilla	89ac87a	2020-04-20 18:45:22 +0530	[diff] [blame]	24	printk(BIOS_INFO, "Saving secdata kernel\n");
				25	antirollback_write_space_kernel(ctx);
				26	ctx->flags &= ~VB2_CONTEXT_SECDATA_KERNEL_CHANGED;
				27	}
Jakub Czapiga	d27fff5	2022-11-17 09:13:31 +0000	[diff] [blame]	28	}
				29
				30	void vboot_save_data(struct vb2_context *ctx)
				31	{
Arthur Heymans	a2bc254	2021-05-29 08:10:49 +0200	[diff] [blame^]	32	if (!verification_should_run() && !(ENV_RAMINIT && CONFIG(VBOOT_EARLY_EC_SYNC))) {
Jakub Czapiga	d27fff5	2022-11-17 09:13:31 +0000	[diff] [blame]	33	if (ctx->flags
				34	& (VB2_CONTEXT_SECDATA_FIRMWARE_CHANGED
				35	\| VB2_CONTEXT_SECDATA_KERNEL_CHANGED))
				36	die("TPM writeback in " ENV_STRING "?");
				37	} else {
				38	save_secdata(ctx);
				39	}
Sridhar Siricilla	89ac87a	2020-04-20 18:45:22 +0530	[diff] [blame]	40
				41	if (ctx->flags & VB2_CONTEXT_NVDATA_CHANGED) {
				42	printk(BIOS_INFO, "Saving nvdata\n");
				43	save_vbnv(ctx->nvdata);
				44	ctx->flags &= ~VB2_CONTEXT_NVDATA_CHANGED;
				45	}
				46	}
				47
Furquan Shaikh	95673af	2018-04-25 18:15:44 -0700	[diff] [blame]	48	/* Check if it is okay to enable USB Device Controller (UDC). */
				49	int vboot_can_enable_udc(void)
				50	{
Wim Vervoorn	50337f16	2020-01-14 16:18:27 +0100	[diff] [blame]	51	/* Allow UDC in all vboot modes. */
				52	if (!CONFIG(CHROMEOS) && CONFIG(VBOOT_ALWAYS_ALLOW_UDC))
				53	return 1;
				54
Furquan Shaikh	95673af	2018-04-25 18:15:44 -0700	[diff] [blame]	55	/* Always disable if not in developer mode */
				56	if (!vboot_developer_mode_enabled())
				57	return 0;
				58	/* Enable if GBB flag is set */
Julius Werner	d618aac	2019-11-26 17:58:11 -0800	[diff] [blame]	59	if (vboot_is_gbb_flag_set(VB2_GBB_FLAG_ENABLE_UDC))
Furquan Shaikh	95673af	2018-04-25 18:15:44 -0700	[diff] [blame]	60	return 1;
				61	/* Enable if VBNV flag is set */
				62	if (vbnv_udc_enable_flag())
				63	return 1;
				64	/* Otherwise disable */
				65	return 0;
				66	}
				67
Furquan Shaikh	a6c5ddd	2016-07-22 06:59:40 -0700	[diff] [blame]	68	/* ============================ VBOOT REBOOT ============================== */
Aaron Durbin	6403167	2018-04-21 14:45:32 -0600	[diff] [blame]	69	void __weak vboot_platform_prepare_reboot(void)
Aaron Durbin	5dbefd9	2016-01-22 16:33:57 -0600	[diff] [blame]	70	{
				71	}
				72
Vadim Bendebury	c83687d	2015-04-10 17:50:11 -0700	[diff] [blame]	73	void vboot_reboot(void)
				74	{
Julius Werner	cd49cce	2019-03-05 16:53:33 -0800	[diff] [blame]	75	if (CONFIG(CONSOLE_CBMEM_DUMP_TO_UART))
Raul E Rangel	41a1a9e	2022-01-11 12:44:38 -0700	[diff] [blame]	76	cbmem_dump_console_to_uart();
Aaron Durbin	5dbefd9	2016-01-22 16:33:57 -0600	[diff] [blame]	77	vboot_platform_prepare_reboot();
Nico Huber	4f32b64	2018-10-05 23:40:21 +0200	[diff] [blame]	78	board_reset();
Vadim Bendebury	c83687d	2015-04-10 17:50:11 -0700	[diff] [blame]	79	}
Jakub Czapiga	605f793	2022-11-04 12:18:04 +0000	[diff] [blame]	80
				81	void vboot_save_and_reboot(struct vb2_context *ctx, uint8_t subcode)
				82	{
				83	printk(BIOS_INFO, "vboot: reboot requested (%#x)\n", subcode);
				84	vboot_save_data(ctx);
				85	vboot_reboot();
				86	}
				87
				88	void vboot_fail_and_reboot(struct vb2_context *ctx, uint8_t reason, uint8_t subcode)
				89	{
				90	if (reason)
				91	vb2api_fail(ctx, reason, subcode);
				92
				93	vboot_save_and_reboot(ctx, subcode);
				94	}