diff options
| author | Randall Spangler <rspangler@chromium.org> | 2011-07-11 10:55:18 -0700 |
|---|---|---|
| committer | Randall Spangler <rspangler@chromium.org> | 2011-07-11 18:16:03 -0700 |
| commit | daa807c51ef6d5bf6599e649d1777432bea8a3e5 (patch) | |
| tree | 48d0e5b60822d906a2c88011a5ebdd74b295f316 | |
| parent | 9619112a574b975476667545e3a326052fa0c50b (diff) | |
| download | vboot-daa807c51ef6d5bf6599e649d1777432bea8a3e5.tar.gz | |
Add support for dev_boot_usb flag
BUG=chromium-os:17433
TEST=make && make runtests. Additional manual tests:
0. Insert a valid dev-signed USB key.
1. Boot with dev switch off.
`crossystem dev_boot_usb` should print 0.
2. Flip dev switch on.
`crossystem dev_boot_usb` should print 0.
Ctrl+U at dev screen should beep, but not boot USB.
3. Type `crossystem dev_boot_usb=1`. Should succeed.
`crossystem dev_boot_usb` should print 1.
4. Reboot system.
At the dev mode warning, press Ctrl+U
System should boot from USB key
`crossystem dev_boot_usb` should print 0.
5. Flip dev switch off.
`crossystem dev_boot_usb` should print 0.
6. Flip dev switch on.
`crossystem dev_boot_usb` should print 0.
Note that this does not apply to Cr-48, Alex, or ZGB.
Change-Id: Idf85fdd642f38f531c89e5fa5b1679e84936d4da
Reviewed-on: http://gerrit.chromium.org/gerrit/3875
Reviewed-by: Bill Richardson <wfrichar@chromium.org>
Reviewed-by: Stefan Reinauer <reinauer@google.com>
Tested-by: Randall Spangler <rspangler@chromium.org>
| -rw-r--r-- | firmware/include/vboot_nvstorage.h | 2 | ||||
| -rw-r--r-- | firmware/lib/vboot_api_kernel.c | 20 | ||||
| -rw-r--r-- | firmware/lib/vboot_nvstorage.c | 14 | ||||
| -rw-r--r-- | host/lib/crossystem.c | 4 | ||||
| -rw-r--r-- | tests/vboot_nvstorage_test.c | 3 | ||||
| -rw-r--r-- | utility/crossystem_main.c | 2 |
6 files changed, 41 insertions, 4 deletions
diff --git a/firmware/include/vboot_nvstorage.h b/firmware/include/vboot_nvstorage.h index 046dd75d..9472e9c7 100644 --- a/firmware/include/vboot_nvstorage.h +++ b/firmware/include/vboot_nvstorage.h @@ -52,6 +52,8 @@ typedef enum VbNvParam { VBNV_TEST_ERROR_FUNC, /* Verified boot API error to generate for the function, if non-zero. */ VBNV_TEST_ERROR_NUM, + /* Allow booting from USB in developer mode. 0=no, 1=yes. */ + VBNV_DEV_BOOT_USB, } VbNvParam; diff --git a/firmware/lib/vboot_api_kernel.c b/firmware/lib/vboot_api_kernel.c index 738c4769..c5e97dd7 100644 --- a/firmware/lib/vboot_api_kernel.c +++ b/firmware/lib/vboot_api_kernel.c @@ -393,8 +393,15 @@ uint32_t VbTryLoadKernel(VbCommonParams* cparams, LoadKernelParams* p, } -/* Handle a normal boot from fixed drive only. */ +/* Handle a normal boot. */ VbError_t VbBootNormal(VbCommonParams* cparams, LoadKernelParams* p) { + + /* Force dev_boot_usb flag disabled. This ensures the flag will be + * initially disabled if the user later transitions back into + * developer mode. */ + VbNvSet(&vnc, VBNV_DEV_BOOT_USB, 0); + + /* Boot from fixed disk only */ return VbTryLoadKernel(cparams, p, VB_DISK_FLAG_FIXED); } @@ -409,6 +416,10 @@ VbError_t VbBootNormal(VbCommonParams* cparams, LoadKernelParams* p) { /* Handle a developer-mode boot */ VbError_t VbBootDeveloper(VbCommonParams* cparams, LoadKernelParams* p) { uint32_t delay_time = 0; + uint32_t allow_usb = 0; + + /* Check if USB booting is allowed */ + VbNvGet(&vnc, VBNV_DEV_BOOT_USB, &allow_usb); /* Show the dev mode warning screen */ VbDisplayScreen(cparams, VB_SCREEN_DEVELOPER_WARNING, 0); @@ -444,8 +455,11 @@ VbError_t VbBootDeveloper(VbCommonParams* cparams, LoadKernelParams* p) { case 0x15: /* Ctrl+U = try USB boot, or beep if failure */ VBDEBUG(("VbBootDeveloper() - user pressed Ctrl+U; try USB\n")); - if (VBERROR_SUCCESS == VbTryLoadKernel(cparams, p, - VB_DISK_FLAG_REMOVABLE)) { + if (!allow_usb) { + VBDEBUG(("VbBootDeveloper() - USB booting is disabled\n")); + VbExBeep(DEV_DELAY_INCREMENT, 400); + } else if (VBERROR_SUCCESS == + VbTryLoadKernel(cparams, p, VB_DISK_FLAG_REMOVABLE)) { VBDEBUG(("VbBootDeveloper() - booting USB\n")); return VBERROR_SUCCESS; } else { diff --git a/firmware/lib/vboot_nvstorage.c b/firmware/lib/vboot_nvstorage.c index 575fcb98..86fafb04 100644 --- a/firmware/lib/vboot_nvstorage.c +++ b/firmware/lib/vboot_nvstorage.c @@ -26,6 +26,9 @@ #define RECOVERY_OFFSET 2 #define LOCALIZATION_OFFSET 3 +#define DEV_FLAGS_OFFSET 4 +#define DEV_BOOT_USB_MASK 0x01 + #define FIRMWARE_FLAGS_OFFSET 5 #define FIRMWARE_TEST_ERR_FUNC_MASK 0x38 #define FIRMWARE_TEST_ERR_FUNC_SHIFT 3 @@ -135,6 +138,10 @@ int VbNvGet(VbNvContext* context, VbNvParam param, uint32_t* dest) { *dest = raw[FIRMWARE_FLAGS_OFFSET] & FIRMWARE_TEST_ERR_NUM_MASK; return 0; + case VBNV_DEV_BOOT_USB: + *dest = (raw[DEV_FLAGS_OFFSET] & DEV_BOOT_USB_MASK ? 1 : 0); + return 0; + default: return 1; } @@ -213,6 +220,13 @@ int VbNvSet(VbNvContext* context, VbNvParam param, uint32_t value) { raw[FIRMWARE_FLAGS_OFFSET] |= (value & FIRMWARE_TEST_ERR_NUM_MASK); break; + case VBNV_DEV_BOOT_USB: + if (value) + raw[DEV_FLAGS_OFFSET] |= DEV_BOOT_USB_MASK; + else + raw[DEV_FLAGS_OFFSET] &= ~DEV_BOOT_USB_MASK; + break; + default: return 1; } diff --git a/host/lib/crossystem.c b/host/lib/crossystem.c index 88afde25..eea48998 100644 --- a/host/lib/crossystem.c +++ b/host/lib/crossystem.c @@ -367,6 +367,8 @@ int VbGetSystemPropertyInt(const char* name) { value &= KERN_NV_FWUPDATE_TRIES_MASK; } else if (!strcasecmp(name,"loc_idx")) { value = VbGetNvStorage(VBNV_LOCALIZATION_INDEX); + } else if (!strcasecmp(name,"dev_boot_usb")) { + value = VbGetNvStorage(VBNV_DEV_BOOT_USB); } /* Other parameters */ else if (!strcasecmp(name,"cros_debug")) { @@ -444,6 +446,8 @@ int VbSetSystemPropertyInt(const char* name, int value) { return VbSetNvStorage(VBNV_KERNEL_FIELD, kern_nv); } else if (!strcasecmp(name,"loc_idx")) { return VbSetNvStorage(VBNV_LOCALIZATION_INDEX, value); + } else if (!strcasecmp(name,"dev_boot_usb")) { + return VbSetNvStorage(VBNV_DEV_BOOT_USB, value); } return -1; diff --git a/tests/vboot_nvstorage_test.c b/tests/vboot_nvstorage_test.c index 5306a648..ae42c0b2 100644 --- a/tests/vboot_nvstorage_test.c +++ b/tests/vboot_nvstorage_test.c @@ -1,4 +1,4 @@ -/* Copyright (c) 2010 The Chromium OS Authors. All rights reserved. +/* Copyright (c) 2011 The Chromium OS Authors. All rights reserved. * Use of this source code is governed by a BSD-style license that can be * found in the LICENSE file. * @@ -31,6 +31,7 @@ static VbNvField nvfields[] = { {VBNV_KERNEL_FIELD, 0, 0x12345678, 0xFEDCBA98, "kernel field"}, {VBNV_TEST_ERROR_FUNC, 0, 1, 7, "verified boot test error func"}, {VBNV_TEST_ERROR_NUM, 0, 3, 6, "verified boot test error number"}, + {VBNV_DEV_BOOT_USB, 0, 1, 0, "dev boot usb"}, {0, 0, 0, 0, NULL} }; diff --git a/utility/crossystem_main.c b/utility/crossystem_main.c index 6b249e00..c388af18 100644 --- a/utility/crossystem_main.c +++ b/utility/crossystem_main.c @@ -37,6 +37,8 @@ const Param sys_param_list[] = { {"arch", IS_STRING, "Platform architecture"}, {"cros_debug", 0, "OS should allow debug features"}, {"dbg_reset", CAN_WRITE, "Debug reset mode request (writable)"}, + {"dev_boot_usb", CAN_WRITE, + "Enable developer mode boot from USB (writable)"}, {"devsw_boot", 0, "Developer switch position at boot"}, {"devsw_cur", 0, "Developer switch current position"}, {"ecfw_act", IS_STRING, "Active EC firmware"}, |