diff options
| author | Furquan Shaikh <furquan@google.com> | 2015-05-14 12:53:19 -0700 |
|---|---|---|
| committer | ChromeOS Commit Bot <chromeos-commit-bot@chromium.org> | 2015-05-16 04:17:16 +0000 |
| commit | 9101df2fe3ed4f0e8b65121ffc1c7e8b2d65b35d (patch) | |
| tree | e90832599181e8222d660055bf962ecf84c3b5b5 /firmware | |
| parent | 07e56f22b852f4d96af2b2df57da11f6938778dd (diff) | |
| download | vboot-9101df2fe3ed4f0e8b65121ffc1c7e8b2d65b35d.tar.gz | |
nvstorage: Add new flag VBNV_DEV_BOOT_FASTBOOT_FULL_CAP
Add a new flag to nvstorage for controlling fastboot capabilities
offered in firmware in dev-mode. By default, value of this flag would
be ignored in normal mode. Thus, when fastboot-based recovery is
entered from normal mode, only limited capability would be available
in firmware.
After switching to dev-mode, this flag can be set automatically by
user script after performing the wipe or it can be set manually using
crossystem. When fastboot-based recovery is entered from dev mode and
this flag is set, it will provide full fastboot capability in the
firmware.
BUG=chrome-os-partner:40196
BRANCH=None
TEST=Compiles successfully for smaug. make runalltests successful.
Change-Id: I761a9ab304dd90f0b73081acc9ce1f8d9052325f
Signed-off-by: Furquan Shaikh <furquan@google.com>
Reviewed-on: https://chromium-review.googlesource.com/271369
Reviewed-by: Aaron Durbin <adurbin@chromium.org>
Reviewed-by: Randall Spangler <rspangler@chromium.org>
Commit-Queue: Furquan Shaikh <furquan@chromium.org>
Trybot-Ready: Furquan Shaikh <furquan@chromium.org>
Tested-by: Furquan Shaikh <furquan@chromium.org>
Diffstat (limited to 'firmware')
| -rw-r--r-- | firmware/include/vboot_nvstorage.h | 5 | ||||
| -rw-r--r-- | firmware/lib/vboot_api_init.c | 1 | ||||
| -rw-r--r-- | firmware/lib/vboot_display.c | 6 | ||||
| -rw-r--r-- | firmware/lib/vboot_nvstorage.c | 15 | ||||
| -rw-r--r-- | firmware/lib/vboot_nvstorage_rollback.c | 1 |
5 files changed, 28 insertions, 0 deletions
diff --git a/firmware/include/vboot_nvstorage.h b/firmware/include/vboot_nvstorage.h index 65cd2e5b..7f017350 100644 --- a/firmware/include/vboot_nvstorage.h +++ b/firmware/include/vboot_nvstorage.h @@ -72,6 +72,11 @@ typedef enum VbNvParam { /* Only boot Google-signed images in developer mode. 0=no, 1=yes. */ VBNV_DEV_BOOT_SIGNED_ONLY, /* + * Allow full fastboot capability in firmware in developer mode. + * 0=no, 1=yes. + */ + VBNV_DEV_BOOT_FASTBOOT_FULL_CAP, + /* * Set by userspace to request that RO firmware disable dev-mode on the * next boot. This is likely only possible if the dev-switch is * virtual. diff --git a/firmware/lib/vboot_api_init.c b/firmware/lib/vboot_api_init.c index ce89715a..4371042d 100644 --- a/firmware/lib/vboot_api_init.c +++ b/firmware/lib/vboot_api_init.c @@ -320,6 +320,7 @@ VbError_t VbInit(VbCommonParams *cparams, VbInitParams *iparams) VbNvSet(&vnc, VBNV_DEV_BOOT_USB, 0); VbNvSet(&vnc, VBNV_DEV_BOOT_LEGACY, 0); VbNvSet(&vnc, VBNV_DEV_BOOT_SIGNED_ONLY, 0); + VbNvSet(&vnc, VBNV_DEV_BOOT_FASTBOOT_FULL_CAP, 0); /* * Back up any changes now, so these values can't be forgotten * by draining the battery. We really only care about these diff --git a/firmware/lib/vboot_display.c b/firmware/lib/vboot_display.c index 26fa8bd4..311a1c9a 100644 --- a/firmware/lib/vboot_display.c +++ b/firmware/lib/vboot_display.c @@ -564,6 +564,12 @@ VbError_t VbDisplayDebugInfo(VbCommonParams *cparams, VbNvContext *vncptr) DEBUG_INFO_SIZE - used); used += Uint64ToString(buf + used, DEBUG_INFO_SIZE - used, i, 10, 0); + /* Add dev_boot_fastboot_full_cap flag */ + VbNvGet(vncptr, VBNV_DEV_BOOT_FASTBOOT_FULL_CAP, &i); + used += StrnAppend(buf + used, "\ndev_boot_fastboot_full_cap: ", + DEBUG_INFO_SIZE - used); + used += Uint64ToString(buf + used, DEBUG_INFO_SIZE - used, i, 10, 0); + /* Add TPM versions */ used += StrnAppend(buf + used, "\nTPM: fwver=0x", DEBUG_INFO_SIZE - used); used += Uint64ToString(buf + used, DEBUG_INFO_SIZE - used, diff --git a/firmware/lib/vboot_nvstorage.c b/firmware/lib/vboot_nvstorage.c index af24fac1..ebf796e6 100644 --- a/firmware/lib/vboot_nvstorage.c +++ b/firmware/lib/vboot_nvstorage.c @@ -41,6 +41,7 @@ #define DEV_BOOT_USB_MASK 0x01 #define DEV_BOOT_SIGNED_ONLY_MASK 0x02 #define DEV_BOOT_LEGACY_MASK 0x04 +#define DEV_BOOT_FASTBOOT_FULL_CAP_MASK 0x08 #define TPM_FLAGS_OFFSET 5 #define TPM_CLEAR_OWNER_REQUEST 0x01 @@ -150,6 +151,11 @@ int VbNvGet(VbNvContext *context, VbNvParam param, uint32_t *dest) 1 : 0); return 0; + case VBNV_DEV_BOOT_FASTBOOT_FULL_CAP: + *dest = (raw[DEV_FLAGS_OFFSET] & DEV_BOOT_FASTBOOT_FULL_CAP_MASK + ? 1 : 0); + return 0; + case VBNV_DISABLE_DEV_REQUEST: *dest = (raw[BOOT_OFFSET] & BOOT_DISABLE_DEV_REQUEST ? 1 : 0); return 0; @@ -292,6 +298,15 @@ int VbNvSet(VbNvContext *context, VbNvParam param, uint32_t value) raw[DEV_FLAGS_OFFSET] &= ~DEV_BOOT_SIGNED_ONLY_MASK; break; + case VBNV_DEV_BOOT_FASTBOOT_FULL_CAP: + if (value) + raw[DEV_FLAGS_OFFSET] |= + DEV_BOOT_FASTBOOT_FULL_CAP_MASK; + else + raw[DEV_FLAGS_OFFSET] &= + ~DEV_BOOT_FASTBOOT_FULL_CAP_MASK; + break; + case VBNV_DISABLE_DEV_REQUEST: if (value) raw[BOOT_OFFSET] |= BOOT_DISABLE_DEV_REQUEST; diff --git a/firmware/lib/vboot_nvstorage_rollback.c b/firmware/lib/vboot_nvstorage_rollback.c index 8e67812d..85c245a7 100644 --- a/firmware/lib/vboot_nvstorage_rollback.c +++ b/firmware/lib/vboot_nvstorage_rollback.c @@ -20,6 +20,7 @@ static const VbNvParam backup_params[] = { VBNV_DEV_BOOT_USB, VBNV_DEV_BOOT_LEGACY, VBNV_DEV_BOOT_SIGNED_ONLY, + VBNV_DEV_BOOT_FASTBOOT_FULL_CAP, }; /* We can't back things up if there isn't enough storage. */ |