Ensure that the VGA is enabled/disabled as needed.

On some systems, we require the VGA option ROM to be loaded before VbInit() is called so we can display BIOS screens. If that hasn't happened, we request it and reboot. Alternatively, if we don't need the option ROM (normal mode) but we've already loaded it, we un-request it and reboot just in case there are security vulnerabilities that might be exposed. Not all systems need preloaded option ROMs. There is an additional input flag that indicates whether this matters or not. BUG=chrome-os-partner:8789 TEST=manual Using keyboard-based dev-mode, switch between normal and dev mode and back. It should work as expected. Change-Id: Id1d662014d47ab648c73db4b1647520801f3a0b8 Signed-off-by: Bill Richardson <wfrichar@chromium.org> Reviewed-on: https://gerrit.chromium.org/gerrit/27125 Reviewed-by: Randall Spangler <rspangler@chromium.org>
author: Bill Richardson <wfrichar@chromium.org> 2012-07-10 17:56:42 -0700
committer: Gerrit <chrome-bot@google.com> 2012-07-11 12:09:38 -0700
commit: 88d9375f50726fb26f1d4fcb909aa15256e24a17 (patch)
tree: 79716e37d349ff8708c5aab61bc377f69eb72ac7
parent: 45de9c931be8ddec6db8f41d0645110bb28b8c8c (diff)
download: vboot-88d9375f50726fb26f1d4fcb909aa15256e24a17.tar.gz
3 files changed, 25 insertions, 5 deletions
diff --git a/firmware/include/vboot_api.h b/firmware/include/vboot_api.h
index 2a418ad3..60f06dfc 100644
--- a/firmware/include/vboot_api.h
+++ b/firmware/include/vboot_api.h
@@ -101,6 +101,8 @@ enum VbErrorPredefined_t {
   VBERROR_NO_BACKGROUND_SOUND           = 0x10019,
   /* Developer has requested a BIOS shell */
   VBERROR_BIOS_SHELL_REQUESTED          = 0x10020,
+  /* Need VGA and don't have it, or vice-versa */
+  VBERROR_VGA_OPROM_MISMATCH            = 0x10021,
 };
 
 
@@ -171,8 +173,10 @@ typedef struct VbCommonParams {
 #define VB_INIT_FLAG_VIRTUAL_DEV_SWITCH  0x00000040
 /* Set when the VGA Option ROM has been loaded already. */
 #define VB_INIT_FLAG_OPROM_LOADED        0x00000080
+/* Set if we care about the VGA Option ROM - some platforms don't. */
+#define VB_INIT_FLAG_OPROM_MATTERS       0x00000100
 /* EC on this platform supports EC software sync. */
-#define VB_INIT_FLAG_EC_SOFTWARE_SYNC    0x00000100
+#define VB_INIT_FLAG_EC_SOFTWARE_SYNC    0x00000200
 
 /* Output flags for VbInitParams.out_flags.  Used to indicate
  * potential boot paths and configuration to the calling firmware
diff --git a/firmware/include/vboot_struct.h b/firmware/include/vboot_struct.h
index cfd56717..d894e23d 100644
--- a/firmware/include/vboot_struct.h
+++ b/firmware/include/vboot_struct.h
@@ -233,8 +233,6 @@ typedef struct VbKernelPreambleHeader {
 #define VBSD_BOOT_RO_NORMAL_SUPPORT     0x00000200
 /* VbInit was told that the system has a virtual dev-switch */
 #define VBSD_HONOR_VIRT_DEV_SWITCH      0x00000400
-/* VbInit was told that the VGA Option ROM was loaded at boot */
-#define VBSD_BOOT_OPROM_LOADED          0x00000800
 
 /* Result codes for VbSharedDataHeader.check_fw_a_result (and b_result) */
 #define VBSD_LF_CHECK_NOT_DONE          0
diff --git a/firmware/lib/vboot_api_init.c b/firmware/lib/vboot_api_init.c
index 8581d898..229849e4 100644
--- a/firmware/lib/vboot_api_init.c
+++ b/firmware/lib/vboot_api_init.c
@@ -58,8 +58,6 @@ VbError_t VbInit(VbCommonParams* cparams, VbInitParams* iparams) {
     shared->flags |= VBSD_BOOT_S3_RESUME;
   if (iparams->flags & VB_INIT_FLAG_RO_NORMAL_SUPPORT)
     shared->flags |= VBSD_BOOT_RO_NORMAL_SUPPORT;
-  if (iparams->flags & VB_INIT_FLAG_OPROM_LOADED)
-    shared->flags |= VBSD_BOOT_OPROM_LOADED;
 
   is_s3_resume = (iparams->flags & VB_INIT_FLAG_S3_RESUME ? 1 : 0);
 
@@ -205,12 +203,32 @@ VbError_t VbInit(VbCommonParams* cparams, VbInitParams* iparams) {
     VbNvGet(&vnc, VBNV_DEV_BOOT_SIGNED_ONLY, &require_official_os);
     if (!require_official_os)
       iparams->out_flags |= VB_INIT_OUT_ENABLE_ALTERNATE_OS;
+
+    /* Dev-mode needs the VGA option ROM to be loaded so it can display the
+     * scary boot screen. If we don't have it, we need to request it and
+     * reboot so it can be loaded. */
+    if ((iparams->flags & VB_INIT_FLAG_OPROM_MATTERS) &&
+        !(iparams->flags & VB_INIT_FLAG_OPROM_LOADED)) {
+      VbNvSet(&vnc, VBNV_OPROM_NEEDED, 1);
+      retval = VBERROR_VGA_OPROM_MISMATCH;
+      VBDEBUG(("VbInit() needs oprom, doesn't have it\n"));
+    }
+
   } else {
     /* Normal mode, so disable dev_boot_* flags.  This ensures they will be
      * initially disabled if the user later transitions back into developer
      * mode. */
     VbNvSet(&vnc, VBNV_DEV_BOOT_USB, 0);
     VbNvSet(&vnc, VBNV_DEV_BOOT_SIGNED_ONLY, 0);
+
+    /* If we don't need the VGA option ROM but got it anyway, stop asking for
+     * it and reboot in case there's some vulnerability in using it. */
+    if ((iparams->flags & VB_INIT_FLAG_OPROM_MATTERS) &&
+        (iparams->flags & VB_INIT_FLAG_OPROM_LOADED)) {
+      VbNvSet(&vnc, VBNV_OPROM_NEEDED, 0);
+      retval = VBERROR_VGA_OPROM_MISMATCH;
+      VBDEBUG(("VbInit() has oprom, doesn't need it\n"));
+    }
   }
 
 VbInit_exit:
author	Bill Richardson <wfrichar@chromium.org>	2012-07-10 17:56:42 -0700
committer	Gerrit <chrome-bot@google.com>	2012-07-11 12:09:38 -0700
commit	88d9375f50726fb26f1d4fcb909aa15256e24a17 (patch)
tree	79716e37d349ff8708c5aab61bc377f69eb72ac7
parent	45de9c931be8ddec6db8f41d0645110bb28b8c8c (diff)
download	vboot-88d9375f50726fb26f1d4fcb909aa15256e24a17.tar.gz