diff options
Diffstat (limited to 'firmware')
| -rw-r--r-- | firmware/2lib/include/2common.h | 1 | ||||
| -rw-r--r-- | firmware/2lib/include/2struct.h | 4 | ||||
| -rw-r--r-- | firmware/include/gbb_header.h | 4 | ||||
| -rw-r--r-- | firmware/lib/include/vboot_common.h | 5 | ||||
| -rw-r--r-- | firmware/lib/vboot_common.c | 9 | ||||
| -rw-r--r-- | firmware/lib/vboot_ui.c | 2 | ||||
| -rw-r--r-- | firmware/lib/vboot_ui_menu.c | 8 |
7 files changed, 20 insertions, 13 deletions
diff --git a/firmware/2lib/include/2common.h b/firmware/2lib/include/2common.h index 019a34ac..be5c484a 100644 --- a/firmware/2lib/include/2common.h +++ b/firmware/2lib/include/2common.h @@ -12,6 +12,7 @@ #include "2return_codes.h" #include "2sha.h" #include "2struct.h" +#include "2sysincludes.h" struct vb2_public_key; diff --git a/firmware/2lib/include/2struct.h b/firmware/2lib/include/2struct.h index 3411de77..d1185593 100644 --- a/firmware/2lib/include/2struct.h +++ b/firmware/2lib/include/2struct.h @@ -296,8 +296,8 @@ enum vb2_gbb_flag { */ VB2_GBB_FLAG_FORCE_DEV_BOOT_FASTBOOT_FULL_CAP = (1 << 13), - /* Enable serial */ - VB2_GBB_FLAG_ENABLE_SERIAL = (1 << 14), + /* Recovery mode always assumes manual recovery, even if EC_IN_RW=1 */ + VB2_GBB_FLAG_FORCE_MANUAL_RECOVERY = (1 << 14), /* Disable FWMP */ VB2_GBB_FLAG_DISABLE_FWMP = (1 << 15), diff --git a/firmware/include/gbb_header.h b/firmware/include/gbb_header.h index 4503ffaa..11586e92 100644 --- a/firmware/include/gbb_header.h +++ b/firmware/include/gbb_header.h @@ -72,8 +72,8 @@ * dev_boot_fastboot_full_cap=0. */ #define GBB_FLAG_FORCE_DEV_BOOT_FASTBOOT_FULL_CAP 0x00002000 -/* Enable serial console */ -#define GBB_FLAG_ENABLE_SERIAL 0x00004000 +/* Recovery mode always assumes manual recovery, even if EC_IN_RW=1 */ +#define GBB_FLAG_FORCE_MANUAL_RECOVERY 0x00004000 /* Disable using FWMP */ #define GBB_FLAG_DISABLE_FWMP 0x00008000 diff --git a/firmware/lib/include/vboot_common.h b/firmware/lib/include/vboot_common.h index acfb58b7..44dba262 100644 --- a/firmware/lib/include/vboot_common.h +++ b/firmware/lib/include/vboot_common.h @@ -8,6 +8,7 @@ #ifndef VBOOT_REFERENCE_VBOOT_COMMON_H_ #define VBOOT_REFERENCE_VBOOT_COMMON_H_ +#include "2api.h" #include "vboot_struct.h" #ifndef ARRAY_SIZE @@ -145,9 +146,9 @@ int VbSharedDataSetKernelKey(VbSharedDataHeader *header, * requests including manual recovery requested by a (compromised) host will * end up with 'broken' screen. * - * @param flags Flags of VbSharedDataHeader. + * @param ctx vboot2 context pointer * @return 1: Yes. 0: No or not sure. */ -int vb2_allow_recovery(uint32_t flags); +int vb2_allow_recovery(struct vb2_context *ctx); #endif /* VBOOT_REFERENCE_VBOOT_COMMON_H_ */ diff --git a/firmware/lib/vboot_common.c b/firmware/lib/vboot_common.c index d3851940..f336f2c0 100644 --- a/firmware/lib/vboot_common.c +++ b/firmware/lib/vboot_common.c @@ -10,6 +10,7 @@ #include "2sysincludes.h" #include "2common.h" +#include "2misc.h" #include "2rsa.h" #include "2sha.h" #include "vboot_api.h" @@ -211,8 +212,12 @@ int VbSharedDataSetKernelKey(VbSharedDataHeader *header, const VbPublicKey *src) return PublicKeyCopy(kdest, src); } -int vb2_allow_recovery(uint32_t flags) +int vb2_allow_recovery(struct vb2_context *ctx) { + /* GBB_FLAG_FORCE_MANUAL_RECOVERY forces this to always return true. */ + if (vb2_get_sd(ctx)->gbb_flags & VB2_GBB_FLAG_FORCE_MANUAL_RECOVERY) + return 1; + /* * If EC is in RW, it implies recovery wasn't manually requested. * On some platforms, EC_IN_RW can't be reset by the EC, thus, this may @@ -223,5 +228,5 @@ int vb2_allow_recovery(uint32_t flags) return 0; /* Now we confidently check the recovery switch state at boot */ - return !!(flags & VBSD_BOOT_REC_SWITCH_ON); + return !!(vb2_get_sd(ctx)->vbsd->flags & VBSD_BOOT_REC_SWITCH_ON); } diff --git a/firmware/lib/vboot_ui.c b/firmware/lib/vboot_ui.c index 1db0e4a7..5eb78f0a 100644 --- a/firmware/lib/vboot_ui.c +++ b/firmware/lib/vboot_ui.c @@ -403,7 +403,7 @@ static VbError_t recovery_ui(struct vb2_context *ctx) VB2_DEBUG("VbBootRecovery() start\n"); - if (!vb2_allow_recovery(shared->flags)) { + if (!vb2_allow_recovery(ctx)) { /* * We have to save the reason here so that it will survive * coming up three-finger-salute. We're saving it in diff --git a/firmware/lib/vboot_ui_menu.c b/firmware/lib/vboot_ui_menu.c index 050051ce..c050ec8e 100644 --- a/firmware/lib/vboot_ui_menu.c +++ b/firmware/lib/vboot_ui_menu.c @@ -231,7 +231,7 @@ static VbError_t enter_language_menu(struct vb2_context *ctx) static VbError_t enter_recovery_base_screen(struct vb2_context *ctx) { - if (!vb2_allow_recovery(vb2_get_sd(ctx)->vbsd->flags)) + if (!vb2_allow_recovery(ctx)) vb2_change_menu(VB_MENU_RECOVERY_BROKEN, 0); else if (usb_nogood) vb2_change_menu(VB_MENU_RECOVERY_NO_GOOD, 0); @@ -289,7 +289,7 @@ static VbError_t language_action(struct vb2_context *ctx) * Non-manual recovery mode is meant to be left via hard reset (into * manual recovery mode). Need to commit NVRAM changes immediately. */ - if (vbsd->recovery_reason && !vb2_allow_recovery(vbsd->flags)) + if (vbsd->recovery_reason && !vb2_allow_recovery(ctx)) vb2_nv_commit(ctx); /* Return to previous menu. */ @@ -319,7 +319,7 @@ static VbError_t to_dev_action(struct vb2_context *ctx) /* Sanity check, should never happen. */ if (!(vbsd_flags & VBSD_HONOR_VIRT_DEV_SWITCH) || (vbsd_flags & VBSD_BOOT_DEV_SWITCH_ON) || - !vb2_allow_recovery(vbsd_flags)) + !vb2_allow_recovery(ctx)) return VBERROR_KEEP_LOOPING; VB2_DEBUG("Enabling dev-mode...\n"); @@ -828,7 +828,7 @@ VbError_t VbBootRecoveryMenu(struct vb2_context *ctx) VbError_t retval = vb2_init_menus(ctx); if (VBERROR_SUCCESS != retval) return retval; - if (vb2_allow_recovery(vb2_get_sd(ctx)->vbsd->flags)) + if (vb2_allow_recovery(ctx)) retval = recovery_ui(ctx); else retval = broken_ui(ctx); |