diff options
author | Hsuan Ting Chen <roccochen@chromium.org> | 2021-06-07 16:54:47 +0800 |
---|---|---|
committer | Commit Bot <commit-bot@chromium.org> | 2021-10-01 15:48:34 +0000 |
commit | 2cf76574dbf57c70da3a835f2a45d5619dc058f5 (patch) | |
tree | 9c88955ba9f7ae2b129fd6fa18c903e1b4dbe35a /tests | |
parent | 7c73bb07fd3ca45ce650b993a9c6a5850ddb2707 (diff) | |
download | vboot-2cf76574dbf57c70da3a835f2a45d5619dc058f5.tar.gz |
2api: Add vb2_boot_mode in vb2_context denoted the current boot modestabilize-14267.Bfactory-ambassador-14265.B
Add enum vb2_boot_mode which denotes the most relevant boot mode between
normal, manual recovery, broken recovery, diagnostic, and developer.
The boot mode constant stores in vb2_context, is exposed externally, and
decided in vb2api_fw_phase1.
Split out the logic of manual recovery and broken screen. (The broken
recovery is a recovery boot with !vb2api_allow_recovery)
Add the fifth boot mode, diagnostic boot mode
A boot could match more the one boot mode, this api will pick the most
relevant boot mode based on the following order:
1. Manual recovery boot
2. Broken recovery boot
3. Diagnostics boot
4. Developer boot
5. Normal boot
This constant is used in:
* lib/vboot_api_kernel.c: VbSelectAndLoadKernel()
* lib/vboot_kernel.c: replace the original vb2_boot_mode
* coreboot/bootmode for adding elogs
Also bump the vb2sd minor version from 0 to 1.
BUG=b:185551931, b:177196147, b:181931817
BRANCH=none
TEST=CC=x86_64-pc-linux-gnu-clang;
make clean && make runtests
TEST=emerge coreboot vboot_reference depthcharge
Signed-off-by: Hsuan Ting Chen <roccochen@chromium.org>
Change-Id: I421e4d51c261ba2bdec996a5fb2ebccb33513fa4
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/vboot_reference/+/2944250
Reviewed-by: Yu-Ping Wu <yupingso@chromium.org>
Diffstat (limited to 'tests')
-rw-r--r-- | tests/vboot_api_kernel4_tests.c | 3 | ||||
-rw-r--r-- | tests/vboot_kernel2_tests.c | 4 | ||||
-rw-r--r-- | tests/vboot_kernel_tests.c | 35 |
3 files changed, 32 insertions, 10 deletions
diff --git a/tests/vboot_api_kernel4_tests.c b/tests/vboot_api_kernel4_tests.c index f122eb38..c1e71afa 100644 --- a/tests/vboot_api_kernel4_tests.c +++ b/tests/vboot_api_kernel4_tests.c @@ -80,6 +80,9 @@ static void test_slk(vb2_error_t retval, int recovery_reason, const char *desc) ctx->flags |= VB2_CONTEXT_RECOVERY_MODE; expected_recovery_reason = recovery_reason; + /* The VbSelectAndLoadKernel directly leverages the value at + ctx->boot_mode, so we have to call vb2_set_boot_mode first. */ + vb2_set_boot_mode(ctx); TEST_EQ(VbSelectAndLoadKernel(ctx, &kparams), retval, desc); TEST_EQ(vb2_nv_get(ctx, VB2_NV_RECOVERY_REQUEST), recovery_reason, " recovery reason"); diff --git a/tests/vboot_kernel2_tests.c b/tests/vboot_kernel2_tests.c index 5424e86c..30bef640 100644 --- a/tests/vboot_kernel2_tests.c +++ b/tests/vboot_kernel2_tests.c @@ -47,6 +47,7 @@ static struct vb2_shared_data *sd; static struct vb2_workbuf wb; static uint8_t workbuf[VB2_KERNEL_WORKBUF_RECOMMENDED_SIZE] __attribute__((aligned(VB2_WORKBUF_ALIGN))); +static enum vb2_boot_mode *boot_mode; static VbSelectAndLoadKernelParams lkp; static VbDiskInfo disk_info; @@ -82,6 +83,9 @@ static void reset_common_data(void) vb2_secdata_kernel_init(ctx); ctx->flags = VB2_CONTEXT_RECOVERY_MODE; + boot_mode = (enum vb2_boot_mode *)&ctx->boot_mode; + *boot_mode = VB2_BOOT_MODE_MANUAL_RECOVERY; + sd = vb2_get_sd(ctx); sd->kernel_version_secdata = 0xabcdef | (1 << 24); diff --git a/tests/vboot_kernel_tests.c b/tests/vboot_kernel_tests.c index 14e7e1f2..1f77cc5c 100644 --- a/tests/vboot_kernel_tests.c +++ b/tests/vboot_kernel_tests.c @@ -51,6 +51,7 @@ static uint8_t workbuf[VB2_KERNEL_WORKBUF_RECOMMENDED_SIZE] static struct vb2_context *ctx; static struct vb2_shared_data *sd; static struct vb2_packed_key mock_key; +static enum vb2_boot_mode *boot_mode; /** * Reset mock data (for use before each test) @@ -114,6 +115,9 @@ static void ResetMocks(void) fwmp = (struct vb2_secdata_fwmp *)ctx->secdata_fwmp; memcpy(&fwmp->dev_key_hash, mock_digest, sizeof(fwmp->dev_key_hash)); + boot_mode = (enum vb2_boot_mode *)&ctx->boot_mode; + *boot_mode = VB2_BOOT_MODE_NORMAL; + // TODO: more workbuf fields - flags, secdata_firmware vb2api_secdata_kernel_create(ctx); @@ -337,6 +341,7 @@ static void LoadKernelTest(void) /* In dev mode, fail if hash is bad too */ ResetMocks(); ctx->flags |= VB2_CONTEXT_DEVELOPER_MODE; + *boot_mode = VB2_BOOT_MODE_DEVELOPER; keyblock_verify_fail = 2; TestLoadKernel(VB2_ERROR_LK_INVALID_KERNEL_FOUND, "Fail key block dev hash"); @@ -344,6 +349,7 @@ static void LoadKernelTest(void) /* But just bad sig is ok */ ResetMocks(); ctx->flags |= VB2_CONTEXT_DEVELOPER_MODE; + *boot_mode = VB2_BOOT_MODE_DEVELOPER; keyblock_verify_fail = 1; TestLoadKernel(0, "Succeed keyblock dev sig"); TEST_EQ(sd->flags & VB2_SD_FLAG_KERNEL_SIGNED, 0, " use hash"); @@ -351,6 +357,7 @@ static void LoadKernelTest(void) /* In dev mode and requiring signed kernel, fail if sig is bad */ ResetMocks(); ctx->flags |= VB2_CONTEXT_DEVELOPER_MODE; + *boot_mode = VB2_BOOT_MODE_DEVELOPER; vb2_nv_set(ctx, VB2_NV_DEV_BOOT_SIGNED_ONLY, 1); keyblock_verify_fail = 1; TestLoadKernel(VB2_ERROR_LK_INVALID_KERNEL_FOUND, @@ -358,6 +365,7 @@ static void LoadKernelTest(void) ResetMocks(); ctx->flags |= VB2_CONTEXT_DEVELOPER_MODE; + *boot_mode = VB2_BOOT_MODE_DEVELOPER; fwmp->flags |= VB2_SECDATA_FWMP_DEV_ENABLE_OFFICIAL_ONLY; keyblock_verify_fail = 1; TestLoadKernel(VB2_ERROR_LK_INVALID_KERNEL_FOUND, @@ -387,6 +395,7 @@ static void LoadKernelTest(void) ResetMocks(); ctx->flags |= VB2_CONTEXT_RECOVERY_MODE; + *boot_mode = VB2_BOOT_MODE_MANUAL_RECOVERY; kbh.keyblock_flags = VB2_KEYBLOCK_FLAG_RECOVERY_1 | VB2_KEYBLOCK_FLAG_DEVELOPER_1 | VB2_KEYBLOCK_FLAG_MINIOS_0; @@ -395,6 +404,7 @@ static void LoadKernelTest(void) ResetMocks(); ctx->flags |= VB2_CONTEXT_RECOVERY_MODE; + *boot_mode = VB2_BOOT_MODE_MANUAL_RECOVERY; kbh.keyblock_flags = VB2_KEYBLOCK_FLAG_RECOVERY_1 | VB2_KEYBLOCK_FLAG_DEVELOPER_0 | VB2_KEYBLOCK_FLAG_MINIOS_0; @@ -402,6 +412,7 @@ static void LoadKernelTest(void) ResetMocks(); ctx->flags |= VB2_CONTEXT_RECOVERY_MODE | VB2_CONTEXT_DEVELOPER_MODE; + *boot_mode = VB2_BOOT_MODE_MANUAL_RECOVERY; kbh.keyblock_flags = VB2_KEYBLOCK_FLAG_RECOVERY_1 | VB2_KEYBLOCK_FLAG_DEVELOPER_0 | VB2_KEYBLOCK_FLAG_MINIOS_0; @@ -410,6 +421,7 @@ static void LoadKernelTest(void) ResetMocks(); ctx->flags |= VB2_CONTEXT_RECOVERY_MODE | VB2_CONTEXT_DEVELOPER_MODE; + *boot_mode = VB2_BOOT_MODE_MANUAL_RECOVERY; kbh.keyblock_flags = VB2_KEYBLOCK_FLAG_RECOVERY_1 | VB2_KEYBLOCK_FLAG_DEVELOPER_1 | VB2_KEYBLOCK_FLAG_MINIOS_0; @@ -418,6 +430,7 @@ static void LoadKernelTest(void) /* Check keyblock flags (dev mode + signed kernel required) */ ResetMocks(); ctx->flags |= VB2_CONTEXT_DEVELOPER_MODE; + *boot_mode = VB2_BOOT_MODE_DEVELOPER; vb2_nv_set(ctx, VB2_NV_DEV_BOOT_SIGNED_ONLY, 1); kbh.keyblock_flags = VB2_KEYBLOCK_FLAG_RECOVERY_1 | VB2_KEYBLOCK_FLAG_DEVELOPER_0 @@ -427,6 +440,7 @@ static void LoadKernelTest(void) ResetMocks(); ctx->flags |= VB2_CONTEXT_DEVELOPER_MODE; + *boot_mode = VB2_BOOT_MODE_DEVELOPER; fwmp->flags |= VB2_SECDATA_FWMP_DEV_ENABLE_OFFICIAL_ONLY; kbh.keyblock_flags = VB2_KEYBLOCK_FLAG_RECOVERY_1 | VB2_KEYBLOCK_FLAG_DEVELOPER_0 @@ -436,6 +450,7 @@ static void LoadKernelTest(void) ResetMocks(); ctx->flags |= VB2_CONTEXT_DEVELOPER_MODE; + *boot_mode = VB2_BOOT_MODE_DEVELOPER; fwmp->flags |= VB2_SECDATA_FWMP_DEV_ENABLE_OFFICIAL_ONLY; kbh.keyblock_flags = VB2_KEYBLOCK_FLAG_RECOVERY_0 | VB2_KEYBLOCK_FLAG_DEVELOPER_0 @@ -445,6 +460,7 @@ static void LoadKernelTest(void) ResetMocks(); ctx->flags |= VB2_CONTEXT_DEVELOPER_MODE; + *boot_mode = VB2_BOOT_MODE_DEVELOPER; vb2_nv_set(ctx, VB2_NV_DEV_BOOT_SIGNED_ONLY, 1); kbh.keyblock_flags = VB2_KEYBLOCK_FLAG_RECOVERY_0 | VB2_KEYBLOCK_FLAG_DEVELOPER_1 @@ -477,12 +493,12 @@ static void LoadKernelTest(void) ResetMocks(); kbh.data_key.key_version = 1; - ctx->flags |= VB2_CONTEXT_DEVELOPER_MODE; + *boot_mode = VB2_BOOT_MODE_DEVELOPER; TestLoadKernel(0, "Key version ignored in dev mode"); ResetMocks(); kbh.data_key.key_version = 1; - ctx->flags |= VB2_CONTEXT_RECOVERY_MODE; + *boot_mode = VB2_BOOT_MODE_MANUAL_RECOVERY; TestLoadKernel(0, "Key version ignored in rec mode"); ResetMocks(); @@ -500,18 +516,18 @@ static void LoadKernelTest(void) ResetMocks(); kph.kernel_version = 0; - ctx->flags |= VB2_CONTEXT_DEVELOPER_MODE; + *boot_mode = VB2_BOOT_MODE_DEVELOPER; TestLoadKernel(0, "Kernel version ignored in dev mode"); ResetMocks(); kph.kernel_version = 0; - ctx->flags |= VB2_CONTEXT_RECOVERY_MODE; + *boot_mode = VB2_BOOT_MODE_MANUAL_RECOVERY; TestLoadKernel(0, "Kernel version ignored in rec mode"); /* Check kernel version (dev mode + signed kernel required) */ ResetMocks(); kbh.data_key.key_version = 0; - ctx->flags |= VB2_CONTEXT_DEVELOPER_MODE; + *boot_mode = VB2_BOOT_MODE_DEVELOPER; vb2_nv_set(ctx, VB2_NV_DEV_BOOT_SIGNED_ONLY, 1); TestLoadKernel(VB2_ERROR_LK_INVALID_KERNEL_FOUND, "Keyblock key version checked in dev mode " @@ -519,7 +535,7 @@ static void LoadKernelTest(void) ResetMocks(); kbh.data_key.key_version = 0; - ctx->flags |= VB2_CONTEXT_DEVELOPER_MODE; + *boot_mode = VB2_BOOT_MODE_DEVELOPER; fwmp->flags |= VB2_SECDATA_FWMP_DEV_ENABLE_OFFICIAL_ONLY; TestLoadKernel(VB2_ERROR_LK_INVALID_KERNEL_FOUND, "Keyblock key version checked in dev mode " @@ -527,7 +543,7 @@ static void LoadKernelTest(void) /* Check developer key hash - bad */ ResetMocks(); - ctx->flags |= VB2_CONTEXT_DEVELOPER_MODE; + *boot_mode = VB2_BOOT_MODE_DEVELOPER; fwmp->flags |= VB2_SECDATA_FWMP_DEV_USE_KEY_HASH; fwmp->dev_key_hash[0]++; TestLoadKernel(VB2_ERROR_LK_INVALID_KERNEL_FOUND, @@ -535,15 +551,14 @@ static void LoadKernelTest(void) /* Check developer key hash - bad (recovery mode) */ ResetMocks(); - ctx->flags |= VB2_CONTEXT_RECOVERY_MODE; - ctx->flags |= VB2_CONTEXT_DEVELOPER_MODE; + *boot_mode = VB2_BOOT_MODE_MANUAL_RECOVERY; fwmp->flags |= VB2_SECDATA_FWMP_DEV_USE_KEY_HASH; fwmp->dev_key_hash[0]++; TestLoadKernel(0, "Bad keyblock dev fwmp hash ignored in rec mode"); /* Check developer key hash - good */ ResetMocks(); - ctx->flags |= VB2_CONTEXT_DEVELOPER_MODE; + *boot_mode = VB2_BOOT_MODE_DEVELOPER; fwmp->flags |= VB2_SECDATA_FWMP_DEV_USE_KEY_HASH; TestLoadKernel(0, "Good keyblock dev fwmp hash"); |