diff options
author | Joel Kitching <kitching@google.com> | 2019-10-07 15:27:01 +0800 |
---|---|---|
committer | Commit Bot <commit-bot@chromium.org> | 2020-01-03 21:13:24 +0000 |
commit | 4f7328f248dc73e38dcd603259ad362f18f21605 (patch) | |
tree | b3eb33e20177196adc48c2c3f6dbec33a0612cb7 | |
parent | af37ac910c80479a6c2508bf6ef84a6a712aaeb0 (diff) | |
download | vboot-4f7328f248dc73e38dcd603259ad362f18f21605.tar.gz |
vboot: move vb2_allow_recovery function to 2misc
Previously in vboot_common.c. This function "almost" only
reads vboot2 data. As we would like to deprecate and remove the
vboot_common.c file, find a new home for it.
BUG=b:124141368
TEST=make clean && make runtests
BRANCH=none
Change-Id: Ice980604be3537741293bb9f6d31385c1d915887
Signed-off-by: Joel Kitching <kitching@google.com>
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/vboot_reference/+/1844596
Tested-by: Joel Kitching <kitching@chromium.org>
Commit-Queue: Joel Kitching <kitching@chromium.org>
Reviewed-by: Julius Werner <jwerner@chromium.org>
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/vboot_reference/+/1986995
Reviewed-by: Shelley Chen <shchen@chromium.org>
Commit-Queue: Shelley Chen <shchen@chromium.org>
Tested-by: Shelley Chen <shchen@chromium.org>
-rw-r--r-- | firmware/2lib/2misc.c | 22 | ||||
-rw-r--r-- | firmware/2lib/include/2misc.h | 13 | ||||
-rw-r--r-- | firmware/lib/include/vboot_common.h | 13 | ||||
-rw-r--r-- | firmware/lib/vboot_common.c | 20 | ||||
-rw-r--r-- | firmware/lib/vboot_display.c | 1 | ||||
-rw-r--r-- | firmware/lib/vboot_ui.c | 1 | ||||
-rw-r--r-- | firmware/lib/vboot_ui_menu.c | 1 |
7 files changed, 35 insertions, 36 deletions
diff --git a/firmware/2lib/2misc.c b/firmware/2lib/2misc.c index 1cdaeb62..d15da319 100644 --- a/firmware/2lib/2misc.c +++ b/firmware/2lib/2misc.c @@ -14,6 +14,8 @@ #include "2sha.h" #include "2sysincludes.h" #include "vb2_common.h" +#include "vboot_api.h" +#include "vboot_struct.h" vb2_error_t vb2_validate_gbb_signature(uint8_t *sig) { @@ -396,3 +398,23 @@ vb2_error_t vb2_enable_developer_mode(struct vb2_context *ctx) return VB2_SUCCESS; } + +int vb2_allow_recovery(struct vb2_context *ctx) +{ + /* VB2_GBB_FLAG_FORCE_MANUAL_RECOVERY forces this to always return + true. */ + if (vb2_get_gbb(ctx)->flags & VB2_GBB_FLAG_FORCE_MANUAL_RECOVERY) + return 1; + + /* + * If EC is in RW, it implies recovery wasn't manually requested. + * On some platforms, EC_IN_RW can't be reset by the EC, thus, this may + * return false (=RW). That's ok because if recovery is manual, we will + * get the right signal and that's the case we care about. + */ + if (!vb2ex_ec_trusted()) + return 0; + + /* Now we confidently check the recovery switch state at boot */ + return !!(vb2_get_sd(ctx)->vbsd->flags & VBSD_BOOT_REC_SWITCH_ON); +} diff --git a/firmware/2lib/include/2misc.h b/firmware/2lib/include/2misc.h index ac8311f2..6400bfa6 100644 --- a/firmware/2lib/include/2misc.h +++ b/firmware/2lib/include/2misc.h @@ -177,4 +177,17 @@ vb2_error_t vb2_load_kernel_preamble(struct vb2_context *ctx); */ vb2_error_t vb2_enable_developer_mode(struct vb2_context *ctx); +/** + * Check whether recovery is allowed or not. + * + * The only way to pass this check and proceed to the recovery process is to + * physically request a recovery (a.k.a. manual recovery). All other recovery + * requests including manual recovery requested by a (compromised) host will + * end up with 'broken' screen. + * + * @param ctx Vboot context + * @return 1 if recovery is allowed; 0 if no or uncertain. + */ +int vb2_allow_recovery(struct vb2_context *ctx); + #endif /* VBOOT_REFERENCE_2MISC_H_ */ diff --git a/firmware/lib/include/vboot_common.h b/firmware/lib/include/vboot_common.h index e150854d..b430fa15 100644 --- a/firmware/lib/include/vboot_common.h +++ b/firmware/lib/include/vboot_common.h @@ -54,17 +54,4 @@ uint64_t VbSharedDataReserve(VbSharedDataHeader *header, uint64_t size); vb2_error_t VbSharedDataSetKernelKey(VbSharedDataHeader *header, const struct vb2_packed_key *src); -/** - * Check whether recovery is allowed or not. - * - * The only way to pass this check and proceed to the recovery process is to - * physically request a recovery (a.k.a. manual recovery). All other recovery - * requests including manual recovery requested by a (compromised) host will - * end up with 'broken' screen. - * - * @param ctx vboot2 context pointer - * @return 1: Yes. 0: No or not sure. - */ -int vb2_allow_recovery(struct vb2_context *ctx); - #endif /* VBOOT_REFERENCE_VBOOT_COMMON_H_ */ diff --git a/firmware/lib/vboot_common.c b/firmware/lib/vboot_common.c index 839964b0..d062477f 100644 --- a/firmware/lib/vboot_common.c +++ b/firmware/lib/vboot_common.c @@ -98,23 +98,3 @@ vb2_error_t VbSharedDataSetKernelKey(VbSharedDataHeader *header, return PublicKeyCopy(kdest, src); } - -int vb2_allow_recovery(struct vb2_context *ctx) -{ - /* VB2_GBB_FLAG_FORCE_MANUAL_RECOVERY forces this to always return - true. */ - if (vb2_get_gbb(ctx)->flags & VB2_GBB_FLAG_FORCE_MANUAL_RECOVERY) - return 1; - - /* - * If EC is in RW, it implies recovery wasn't manually requested. - * On some platforms, EC_IN_RW can't be reset by the EC, thus, this may - * return false (=RW). That's ok because if recovery is manual, we will - * get the right signal and that's the case we care about. - */ - if (!vb2ex_ec_trusted()) - return 0; - - /* Now we confidently check the recovery switch state at boot */ - return !!(vb2_get_sd(ctx)->vbsd->flags & VBSD_BOOT_REC_SWITCH_ON); -} diff --git a/firmware/lib/vboot_display.c b/firmware/lib/vboot_display.c index 42a0c7bd..36a28323 100644 --- a/firmware/lib/vboot_display.c +++ b/firmware/lib/vboot_display.c @@ -12,7 +12,6 @@ #include "2sysincludes.h" #include "utility.h" #include "vboot_api.h" -#include "vboot_common.h" #include "vboot_display.h" #include "vboot_kernel.h" #include "vboot_struct.h" diff --git a/firmware/lib/vboot_ui.c b/firmware/lib/vboot_ui.c index 77e9e69e..b0c67d22 100644 --- a/firmware/lib/vboot_ui.c +++ b/firmware/lib/vboot_ui.c @@ -18,7 +18,6 @@ #include "vb2_common.h" #include "vboot_api.h" #include "vboot_audio.h" -#include "vboot_common.h" #include "vboot_display.h" #include "vboot_kernel.h" #include "vboot_struct.h" diff --git a/firmware/lib/vboot_ui_menu.c b/firmware/lib/vboot_ui_menu.c index d8f2d15f..aa3f2a91 100644 --- a/firmware/lib/vboot_ui_menu.c +++ b/firmware/lib/vboot_ui_menu.c @@ -17,7 +17,6 @@ #include "vb2_common.h" #include "vboot_api.h" #include "vboot_audio.h" -#include "vboot_common.h" #include "vboot_display.h" #include "vboot_kernel.h" #include "vboot_struct.h" |