diff options
author | edisonhello <edisonhello@google.com> | 2021-07-20 18:37:59 +0800 |
---|---|---|
committer | Commit Bot <commit-bot@chromium.org> | 2021-07-30 17:37:18 +0000 |
commit | 6cebe52a33eba8bb82430a7ce5560c590aee99a0 (patch) | |
tree | 7aa12fa2263b7b533490526f5518853b07a48ab3 /firmware | |
parent | f975ab651e5364f2c59bca496779754b081e44ce (diff) | |
download | vboot-6cebe52a33eba8bb82430a7ce5560c590aee99a0.tar.gz |
vboot: Add DEV_BOOT_*ALLOWED in ctx->flags
Add DEV_BOOT_ALLOWED, DEV_BOOT_ALTFW_ALLOWED,
DEV_BOOT_EXTERNAL_ALLOWED in ctx->flags, which can be used by
external functions. These flags will be filled in
VbSelectAndLoadKernel, before calling any menu function.
In 2ui.c and 2ui_screen.c, all function calls to vb2_dev_boot_*allowed
are replaced with corresponding flags in ctx->flags.
Remove the parts of mocking these functions in unit tests, and set
ctx->flags instead in reset_common_data.
BUG=b:172339016
TEST=export CC=x86_64-pc-linux-gnu-clang DEBUG=1 DETACHABLE=0; \
make -j32 test_setup && make -j32 runtests;
TEST=export CC=x86_64-pc-linux-gnu-clang DEBUG=1 DETACHABLE=1; \
make -j32 test_setup && make -j32 runtests;
TEST=Hayato booted into developer mode
BRANCH=none
Signed-off-by: edisonhello <edisonhello@google.com>
Change-Id: Ida9f03557a92a1522d631fc04b281ce85f5049c7
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/vboot_reference/+/3041498
Reviewed-by: Yu-Ping Wu <yupingso@chromium.org>
Diffstat (limited to 'firmware')
-rw-r--r-- | firmware/2lib/2kernel.c | 2 | ||||
-rw-r--r-- | firmware/2lib/2misc.c | 45 | ||||
-rw-r--r-- | firmware/2lib/2ui.c | 4 | ||||
-rw-r--r-- | firmware/2lib/2ui_screens.c | 16 | ||||
-rw-r--r-- | firmware/2lib/include/2api.h | 20 | ||||
-rw-r--r-- | firmware/2lib/include/2misc.h | 35 |
6 files changed, 56 insertions, 66 deletions
diff --git a/firmware/2lib/2kernel.c b/firmware/2lib/2kernel.c index 763214dd..b1b34a12 100644 --- a/firmware/2lib/2kernel.c +++ b/firmware/2lib/2kernel.c @@ -157,6 +157,8 @@ vb2_error_t vb2api_kernel_phase1(struct vb2_context *ctx) vb2_secdata_kernel_get(ctx, VB2_SECDATA_KERNEL_VERSIONS); sd->kernel_version = sd->kernel_version_secdata; + vb2_fill_dev_boot_flags(ctx); + /* Find the key to use to verify the kernel keyblock */ if ((ctx->flags & VB2_CONTEXT_RECOVERY_MODE)) { /* Load recovery key from GBB. */ diff --git a/firmware/2lib/2misc.c b/firmware/2lib/2misc.c index e30deb4f..29fcde75 100644 --- a/firmware/2lib/2misc.c +++ b/firmware/2lib/2misc.c @@ -537,12 +537,12 @@ enum vb2_dev_default_boot_target vb2api_get_dev_default_boot_target( switch (vb2_nv_get(ctx, VB2_NV_DEV_DEFAULT_BOOT)) { case VB2_DEV_DEFAULT_BOOT_TARGET_EXTERNAL: - if (vb2_dev_boot_external_allowed(ctx)) + if (ctx->flags & VB2_CONTEXT_DEV_BOOT_EXTERNAL_ALLOWED) return VB2_DEV_DEFAULT_BOOT_TARGET_EXTERNAL; break; case VB2_DEV_DEFAULT_BOOT_TARGET_ALTFW: - if (vb2_dev_boot_altfw_allowed(ctx)) + if (ctx->flags & VB2_CONTEXT_DEV_BOOT_ALTFW_ALLOWED) return VB2_DEV_DEFAULT_BOOT_TARGET_ALTFW; break; } @@ -550,33 +550,30 @@ enum vb2_dev_default_boot_target vb2api_get_dev_default_boot_target( return VB2_DEV_DEFAULT_BOOT_TARGET_INTERNAL; } -int vb2_dev_boot_allowed(struct vb2_context *ctx) +void vb2_fill_dev_boot_flags(struct vb2_context *ctx) { struct vb2_gbb_header *gbb = vb2_get_gbb(ctx); - if (vb2_secdata_fwmp_get_flag(ctx, VB2_SECDATA_FWMP_DEV_DISABLE_BOOT)) - return !!(gbb->flags & VB2_GBB_FLAG_FORCE_DEV_SWITCH_ON); - - return 1; -} - -int vb2_dev_boot_altfw_allowed(struct vb2_context *ctx) -{ - struct vb2_gbb_header *gbb = vb2_get_gbb(ctx); - - return vb2_nv_get(ctx, VB2_NV_DEV_BOOT_ALTFW) || - (gbb->flags & VB2_GBB_FLAG_FORCE_DEV_BOOT_ALTFW) || - vb2_secdata_fwmp_get_flag(ctx, - VB2_SECDATA_FWMP_DEV_ENABLE_ALTFW); -} + if (vb2_secdata_fwmp_get_flag(ctx, VB2_SECDATA_FWMP_DEV_DISABLE_BOOT) && + !(gbb->flags & VB2_GBB_FLAG_FORCE_DEV_SWITCH_ON)) + ctx->flags &= ~(uint64_t)VB2_CONTEXT_DEV_BOOT_ALLOWED; + else + ctx->flags |= VB2_CONTEXT_DEV_BOOT_ALLOWED; -int vb2_dev_boot_external_allowed(struct vb2_context *ctx) -{ - struct vb2_gbb_header *gbb = vb2_get_gbb(ctx); + if (vb2_nv_get(ctx, VB2_NV_DEV_BOOT_EXTERNAL) || + (gbb->flags & VB2_GBB_FLAG_FORCE_DEV_BOOT_USB) || + vb2_secdata_fwmp_get_flag(ctx, + VB2_SECDATA_FWMP_DEV_ENABLE_EXTERNAL)) + ctx->flags |= VB2_CONTEXT_DEV_BOOT_EXTERNAL_ALLOWED; + else + ctx->flags &= ~(uint64_t)VB2_CONTEXT_DEV_BOOT_EXTERNAL_ALLOWED; - return vb2_nv_get(ctx, VB2_NV_DEV_BOOT_EXTERNAL) || - (gbb->flags & VB2_GBB_FLAG_FORCE_DEV_BOOT_USB) || - vb2_secdata_fwmp_get_flag(ctx, VB2_SECDATA_FWMP_DEV_ENABLE_EXTERNAL); + if (vb2_nv_get(ctx, VB2_NV_DEV_BOOT_ALTFW) || + (gbb->flags & VB2_GBB_FLAG_FORCE_DEV_BOOT_ALTFW) || + vb2_secdata_fwmp_get_flag(ctx, VB2_SECDATA_FWMP_DEV_ENABLE_ALTFW)) + ctx->flags |= VB2_CONTEXT_DEV_BOOT_ALTFW_ALLOWED; + else + ctx->flags &= ~(uint64_t)VB2_CONTEXT_DEV_BOOT_ALTFW_ALLOWED; } int vb2api_use_short_dev_screen_delay(struct vb2_context *ctx) diff --git a/firmware/2lib/2ui.c b/firmware/2lib/2ui.c index 1850b8f7..2582743c 100644 --- a/firmware/2lib/2ui.c +++ b/firmware/2lib/2ui.c @@ -420,7 +420,7 @@ vb2_error_t ui_loop(struct vb2_context *ctx, enum vb2_screen root_screen_id, vb2_error_t vb2_developer_menu(struct vb2_context *ctx) { enum vb2_screen root_screen_id = VB2_SCREEN_DEVELOPER_MODE; - if (!vb2_dev_boot_allowed(ctx)) { + if (!(ctx->flags & VB2_CONTEXT_DEV_BOOT_ALLOWED)) { VB2_DEBUG("WARNING: Dev boot not allowed; forcing to-norm\n"); root_screen_id = VB2_SCREEN_DEVELOPER_TO_NORM; } @@ -434,7 +434,7 @@ vb2_error_t developer_action(struct vb2_ui_context *ui) return vb2_ui_screen_change(ui, VB2_SCREEN_DEBUG_INFO); /* Ignore other shortcuts */ - if (!vb2_dev_boot_allowed(ui->ctx)) + if (!(ui->ctx->flags & VB2_CONTEXT_DEV_BOOT_ALLOWED)) return VB2_REQUEST_UI_CONTINUE; if (ui->key == VB_KEY_CTRL('S')) diff --git a/firmware/2lib/2ui_screens.c b/firmware/2lib/2ui_screens.c index 7b48b842..c2ff7ee1 100644 --- a/firmware/2lib/2ui_screens.c +++ b/firmware/2lib/2ui_screens.c @@ -693,12 +693,12 @@ vb2_error_t developer_mode_init(struct vb2_ui_context *ui) DEVELOPER_MODE_ITEM_RETURN_TO_SECURE); /* Don't show "Boot from external disk" button if not allowed. */ - if (!vb2_dev_boot_external_allowed(ui->ctx)) + if (!(ui->ctx->flags & VB2_CONTEXT_DEV_BOOT_EXTERNAL_ALLOWED)) VB2_SET_BIT(ui->state->hidden_item_mask, DEVELOPER_MODE_ITEM_BOOT_EXTERNAL); /* Don't show "Select alternate bootloader" button if not allowed. */ - if (!vb2_dev_boot_altfw_allowed(ui->ctx)) + if (!(ui->ctx->flags & VB2_CONTEXT_DEV_BOOT_ALTFW_ALLOWED)) VB2_SET_BIT(ui->state->hidden_item_mask, DEVELOPER_MODE_ITEM_SELECT_ALTFW); @@ -725,7 +725,7 @@ vb2_error_t vb2_ui_developer_mode_boot_internal_action( struct vb2_ui_context *ui) { if (!(ui->ctx->flags & VB2_CONTEXT_DEVELOPER_MODE) || - !vb2_dev_boot_allowed(ui->ctx)) { + !(ui->ctx->flags & VB2_CONTEXT_DEV_BOOT_ALLOWED)) { VB2_DEBUG("ERROR: Dev mode internal boot not allowed\n"); return VB2_SUCCESS; } @@ -741,8 +741,8 @@ vb2_error_t vb2_ui_developer_mode_boot_external_action( /* Validity check, should never happen. */ if (!(ui->ctx->flags & VB2_CONTEXT_DEVELOPER_MODE) || - !vb2_dev_boot_allowed(ui->ctx) || - !vb2_dev_boot_external_allowed(ui->ctx)) { + !(ui->ctx->flags & VB2_CONTEXT_DEV_BOOT_ALLOWED) || + !(ui->ctx->flags & VB2_CONTEXT_DEV_BOOT_EXTERNAL_ALLOWED)) { VB2_DEBUG("ERROR: Dev mode external boot not allowed\n"); ui->error_beep = 1; return set_ui_error(ui, VB2_UI_ERROR_EXTERNAL_BOOT_DISABLED); @@ -853,7 +853,7 @@ static vb2_error_t developer_to_norm_init(struct vb2_ui_context *ui) } ui->state->selected_item = DEVELOPER_TO_NORM_ITEM_CONFIRM; /* Hide "Cancel" button if dev boot is not allowed */ - if (!vb2_dev_boot_allowed(ui->ctx)) + if (!(ui->ctx->flags & VB2_CONTEXT_DEV_BOOT_ALLOWED)) VB2_SET_BIT(ui->state->hidden_item_mask, DEVELOPER_TO_NORM_ITEM_CANCEL); return VB2_SUCCESS; @@ -953,8 +953,8 @@ vb2_error_t vb2_ui_developer_mode_boot_altfw_action( ARRAY_SIZE(developer_select_bootloader_items_before); if (!(ui->ctx->flags & VB2_CONTEXT_DEVELOPER_MODE) || - !vb2_dev_boot_allowed(ui->ctx) || - !vb2_dev_boot_altfw_allowed(ui->ctx)) { + !(ui->ctx->flags & VB2_CONTEXT_DEV_BOOT_ALLOWED) || + !(ui->ctx->flags & VB2_CONTEXT_DEV_BOOT_ALTFW_ALLOWED)) { VB2_DEBUG("ERROR: Dev mode alternate bootloader not allowed\n"); return set_ui_error(ui, VB2_UI_ERROR_ALTFW_DISABLED); } diff --git a/firmware/2lib/include/2api.h b/firmware/2lib/include/2api.h index f59c2494..4219b3da 100644 --- a/firmware/2lib/include/2api.h +++ b/firmware/2lib/include/2api.h @@ -240,6 +240,23 @@ enum vb2_context_flags { * it doesn't jump to RW when this flag is set. */ VB2_CONTEXT_EC_TRUSTED = (1 << 24), + + /* + * Boot into developer mode is allowed by FWMP and GBB flags. + */ + VB2_CONTEXT_DEV_BOOT_ALLOWED = (1 << 25), + + /* + * Boot into developer mode from external disk is allowed by nvdata, + * FWMP and GBB flags. + */ + VB2_CONTEXT_DEV_BOOT_EXTERNAL_ALLOWED = (1 << 26), + + /* + * Boot into developer mode from alternate bootloader is allowed by + * nvdata, FWMP and GBB flags. + */ + VB2_CONTEXT_DEV_BOOT_ALTFW_ALLOWED = (1 << 27), }; /* Helper for aligning fields in vb2_context. */ @@ -915,7 +932,8 @@ enum vb2_dev_default_boot_target { }; /** - * Get the default boot target in developer mode. + * Get the default boot target in developer mode. This function must be called + * after vb2api_kernel_phase1. * * @param ctx Vboot context * @return The developer mode default boot target. diff --git a/firmware/2lib/include/2misc.h b/firmware/2lib/include/2misc.h index 3d96293b..98f169bd 100644 --- a/firmware/2lib/include/2misc.h +++ b/firmware/2lib/include/2misc.h @@ -210,38 +210,11 @@ int vb2_allow_recovery(struct vb2_context *ctx); void vb2_clear_recovery(struct vb2_context *ctx); /** - * Determine if developer mode is allowed. + * Fill VB2_CONTEXT_DEV_BOOT_ALLOWED, VB2_CONTEXT_DEV_BOOT_EXTERNAL_ALLOWED and + * VB2_CONTEXT_DEV_BOOT_ALTFW_ALLOWED flags in ctx->flags. * - * Developer boot is not allowed if and only if FWMP_DEV_DISABLE_BOOT is set and - * GBB_FORCE_DEV_SWITCH_ON is not set. - * - * @param ctx Vboot context - * @return 1 if allowed, or 0 otherwise. - */ -int vb2_dev_boot_allowed(struct vb2_context *ctx); - -/** - * Determine if booting from legacy BIOS is allowed. - * - * Legacy BIOS is allowed if any of these flags are set: - * VB2_NV_DEV_BOOT_ALTFW, VB2_GBB_FLAG_FORCE_DEV_BOOT_ALTFW, and - * VB2_SECDATA_FWMP_DEV_ENABLE_ALTFW. - * - * @param ctx Vboot context - * @return 1 if allowed, or 0 otherwise. - */ -int vb2_dev_boot_altfw_allowed(struct vb2_context *ctx); - -/** - * Determine if booting from external disk is allowed. - * - * Booting from external disk is allowed if any of these flags are set: - * VB2_NV_DEV_BOOT_EXTERNAL, VB2_GBB_FLAG_FORCE_DEV_BOOT_USB, and - * VB2_SECDATA_FWMP_DEV_ENABLE_EXTERNAL. - * - * @param ctx Vboot context - * @return 1 if allowed, or 0 otherwise. + * @param ctx Vboot context. */ -int vb2_dev_boot_external_allowed(struct vb2_context *ctx); +void vb2_fill_dev_boot_flags(struct vb2_context *ctx); #endif /* VBOOT_REFERENCE_2MISC_H_ */ |