vboot: move vb2_allow_recovery function to 2misc

Previously in vboot_common.c.  This function "almost" only
reads vboot2 data.  As we would like to deprecate and remove the
vboot_common.c file, find a new home for it.

BUG=b:124141368
TEST=make clean && make runtests
BRANCH=none

Change-Id: Ice980604be3537741293bb9f6d31385c1d915887
Signed-off-by: Joel Kitching <kitching@google.com>
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/vboot_reference/+/1844596
Tested-by: Joel Kitching <kitching@chromium.org>
Commit-Queue: Joel Kitching <kitching@chromium.org>
Reviewed-by: Julius Werner <jwerner@chromium.org>
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/vboot_reference/+/1986995
Reviewed-by: Shelley Chen <shchen@chromium.org>
Commit-Queue: Shelley Chen <shchen@chromium.org>
Tested-by: Shelley Chen <shchen@chromium.org>

7 files changed, 35 insertions, 36 deletions

diff --git a/firmware/2lib/2misc.c b/firmware/2lib/2misc.c
index 1cdaeb62..d15da319 100644
--- a/firmware/2lib/2misc.c
+++ b/firmware/2lib/2misc.c
@@ -14,6 +14,8 @@
 #include "2sha.h"
 #include "2sysincludes.h"
 #include "vb2_common.h"
+#include "vboot_api.h"
+#include "vboot_struct.h"
 
 vb2_error_t vb2_validate_gbb_signature(uint8_t *sig)
 {
@@ -396,3 +398,23 @@ vb2_error_t vb2_enable_developer_mode(struct vb2_context *ctx)
 
 	return VB2_SUCCESS;
 }
+
+int vb2_allow_recovery(struct vb2_context *ctx)
+{
+	/* VB2_GBB_FLAG_FORCE_MANUAL_RECOVERY forces this to always return
+	   true. */
+	if (vb2_get_gbb(ctx)->flags & VB2_GBB_FLAG_FORCE_MANUAL_RECOVERY)
+		return 1;
+
+	/*
+	 * If EC is in RW, it implies recovery wasn't manually requested.
+	 * On some platforms, EC_IN_RW can't be reset by the EC, thus, this may
+	 * return false (=RW). That's ok because if recovery is manual, we will
+	 * get the right signal and that's the case we care about.
+	 */
+	if (!vb2ex_ec_trusted())
+		return 0;
+
+	/* Now we confidently check the recovery switch state at boot */
+	return !!(vb2_get_sd(ctx)->vbsd->flags & VBSD_BOOT_REC_SWITCH_ON);
+}
diff --git a/firmware/2lib/include/2misc.h b/firmware/2lib/include/2misc.h
index ac8311f2..6400bfa6 100644
--- a/firmware/2lib/include/2misc.h
+++ b/firmware/2lib/include/2misc.h
@@ -177,4 +177,17 @@ vb2_error_t vb2_load_kernel_preamble(struct vb2_context *ctx);
  */
 vb2_error_t vb2_enable_developer_mode(struct vb2_context *ctx);
 
+/**
+ * Check whether recovery is allowed or not.
+ *
+ * The only way to pass this check and proceed to the recovery process is to
+ * physically request a recovery (a.k.a. manual recovery).  All other recovery
+ * requests including manual recovery requested by a (compromised) host will
+ * end up with 'broken' screen.
+ *
+ * @param ctx		Vboot context
+ * @return 1 if recovery is allowed; 0 if no or uncertain.
+ */
+int vb2_allow_recovery(struct vb2_context *ctx);
+
 #endif  /* VBOOT_REFERENCE_2MISC_H_ */
diff --git a/firmware/lib/include/vboot_common.h b/firmware/lib/include/vboot_common.h
index e150854d..b430fa15 100644
--- a/firmware/lib/include/vboot_common.h
+++ b/firmware/lib/include/vboot_common.h
@@ -54,17 +54,4 @@ uint64_t VbSharedDataReserve(VbSharedDataHeader *header, uint64_t size);
 vb2_error_t VbSharedDataSetKernelKey(VbSharedDataHeader *header,
 				     const struct vb2_packed_key *src);
 
-/**
- * Check whether recovery is allowed or not.
- *
- * The only way to pass this check and proceed to the recovery process is to
- * physically request a recovery (a.k.a. manual recovery). All other recovery
- * requests including manual recovery requested by a (compromised) host will
- * end up with 'broken' screen.
- *
- * @param ctx vboot2 context pointer
- * @return 1: Yes. 0: No or not sure.
- */
-int vb2_allow_recovery(struct vb2_context *ctx);
-
 #endif  /* VBOOT_REFERENCE_VBOOT_COMMON_H_ */
diff --git a/firmware/lib/vboot_common.c b/firmware/lib/vboot_common.c
index 839964b0..d062477f 100644
--- a/firmware/lib/vboot_common.c
+++ b/firmware/lib/vboot_common.c
@@ -98,23 +98,3 @@ vb2_error_t VbSharedDataSetKernelKey(VbSharedDataHeader *header,
 
 	return PublicKeyCopy(kdest, src);
 }
-
-int vb2_allow_recovery(struct vb2_context *ctx)
-{
-	/* VB2_GBB_FLAG_FORCE_MANUAL_RECOVERY forces this to always return
-	   true. */
-	if (vb2_get_gbb(ctx)->flags & VB2_GBB_FLAG_FORCE_MANUAL_RECOVERY)
-		return 1;
-
-	/*
-	 * If EC is in RW, it implies recovery wasn't manually requested.
-	 * On some platforms, EC_IN_RW can't be reset by the EC, thus, this may
-	 * return false (=RW). That's ok because if recovery is manual, we will
-	 * get the right signal and that's the case we care about.
-	 */
-	if (!vb2ex_ec_trusted())
-		return 0;
-
-	/* Now we confidently check the recovery switch state at boot */
-	return !!(vb2_get_sd(ctx)->vbsd->flags & VBSD_BOOT_REC_SWITCH_ON);
-}
diff --git a/firmware/lib/vboot_display.c b/firmware/lib/vboot_display.c
index 42a0c7bd..36a28323 100644
--- a/firmware/lib/vboot_display.c
+++ b/firmware/lib/vboot_display.c
@@ -12,7 +12,6 @@
 #include "2sysincludes.h"
 #include "utility.h"
 #include "vboot_api.h"
-#include "vboot_common.h"
 #include "vboot_display.h"
 #include "vboot_kernel.h"
 #include "vboot_struct.h"
diff --git a/firmware/lib/vboot_ui.c b/firmware/lib/vboot_ui.c
index 77e9e69e..b0c67d22 100644
--- a/firmware/lib/vboot_ui.c
+++ b/firmware/lib/vboot_ui.c
@@ -18,7 +18,6 @@
 #include "vb2_common.h"
 #include "vboot_api.h"
 #include "vboot_audio.h"
-#include "vboot_common.h"
 #include "vboot_display.h"
 #include "vboot_kernel.h"
 #include "vboot_struct.h"
diff --git a/firmware/lib/vboot_ui_menu.c b/firmware/lib/vboot_ui_menu.c
index d8f2d15f..aa3f2a91 100644
--- a/firmware/lib/vboot_ui_menu.c
+++ b/firmware/lib/vboot_ui_menu.c
@@ -17,7 +17,6 @@
 #include "vb2_common.h"
 #include "vboot_api.h"
 #include "vboot_audio.h"
-#include "vboot_common.h"
 #include "vboot_display.h"
 #include "vboot_kernel.h"
 #include "vboot_struct.h"