diff options
author | Hsuan Ting Chen <roccochen@chromium.org> | 2021-09-02 13:29:26 +0800 |
---|---|---|
committer | Commit Bot <commit-bot@chromium.org> | 2021-09-04 16:32:15 +0000 |
commit | ae48219ec49fdec3c084dc5ba1f49219e4bd7d60 (patch) | |
tree | ec449f7defe132b597315436e35878e603348ebe /firmware | |
parent | b2ba574e1df0767cd2c6fc9dc854fb87f0e2a097 (diff) | |
download | vboot-ae48219ec49fdec3c084dc5ba1f49219e4bd7d60.tar.gz |
2lib/2ec_sync: Clear VB2_CONTEXT_EC_TRUSTED before jumping to RW
Currently the EC is trusted if any of the conditions are met:
* The ctx flag VB2_CONTEXT_EC_TRUSTED is set.
* vb2ex_ec_trusted() returns trusted.
With introducing the boot mode area in ctx, the vb2ex_ec_trusted will be
deprecated and the VB2_CONTEXT_EC_TRUSTED will become the only condition
to decide if EC is trusted.
This CL clears the flag while EC jumps to RW, which is the prerequisite
before landing the coreboot changes.
Also update the tests of ec_sync()
BRANCH=none
BUG=b:181931817
TEST=emerge-trogdor coreboot vboot_reference depthcharge
Signed-off-by: Hsuan Ting Chen <roccochen@chromium.org>
Change-Id: I4711093353f5a92157c4c00c859c01f08fc3607f
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/vboot_reference/+/3139538
Reviewed-by: Yu-Ping Wu <yupingso@chromium.org>
Diffstat (limited to 'firmware')
-rw-r--r-- | firmware/2lib/2ec_sync.c | 4 |
1 files changed, 4 insertions, 0 deletions
diff --git a/firmware/2lib/2ec_sync.c b/firmware/2lib/2ec_sync.c index 9c49cebc..20490e08 100644 --- a/firmware/2lib/2ec_sync.c +++ b/firmware/2lib/2ec_sync.c @@ -212,6 +212,10 @@ static vb2_error_t sync_ec(struct vb2_context *ctx) return VB2_REQUEST_REBOOT_EC_TO_RO; } + /* We no longer trust the EC once it is already in RW or tries to jump + to RW. */ + ctx->flags &= ~VB2_CONTEXT_EC_TRUSTED; + /* Tell EC to jump to RW. It should already be in RW for EFS2. */ if (!(sd->flags & VB2_SD_FLAG_ECSYNC_EC_IN_RW)) { VB2_DEBUG("jumping to EC-RW\n"); |