summaryrefslogtreecommitdiff
path: root/firmware
diff options
context:
space:
mode:
Diffstat (limited to 'firmware')
-rw-r--r--firmware/2lib/2kernel.c3
-rw-r--r--firmware/2lib/2misc.c6
-rw-r--r--firmware/2lib/include/2api.h8
-rw-r--r--firmware/2lib/include/2secdata.h7
-rw-r--r--firmware/lib/vboot_api_kernel.c1
5 files changed, 24 insertions, 1 deletions
diff --git a/firmware/2lib/2kernel.c b/firmware/2lib/2kernel.c
index dd91ec83..02ea5446 100644
--- a/firmware/2lib/2kernel.c
+++ b/firmware/2lib/2kernel.c
@@ -143,10 +143,11 @@ vb2_error_t vb2api_kernel_phase1(struct vb2_context *ctx)
return rv;
}
- /* Enable phone recovery while disabling the UI */
+ /* Enable phone recovery while disabling the UI; disable diagnostics. */
secdata_flags = vb2_secdata_kernel_get(ctx, VB2_SECDATA_KERNEL_FLAGS);
secdata_flags &= ~VB2_SECDATA_KERNEL_FLAG_PHONE_RECOVERY_DISABLED;
secdata_flags |= VB2_SECDATA_KERNEL_FLAG_PHONE_RECOVERY_UI_DISABLED;
+ secdata_flags |= VB2_SECDATA_KERNEL_FLAG_DIAGNOSTIC_UI_DISABLED;
vb2_secdata_kernel_set(ctx, VB2_SECDATA_KERNEL_FLAGS, secdata_flags);
/* Read kernel version from secdata. */
diff --git a/firmware/2lib/2misc.c b/firmware/2lib/2misc.c
index 8e5444a6..7c4ca262 100644
--- a/firmware/2lib/2misc.c
+++ b/firmware/2lib/2misc.c
@@ -517,6 +517,12 @@ int vb2api_phone_recovery_ui_enabled(struct vb2_context *ctx)
VB2_SECDATA_KERNEL_FLAG_PHONE_RECOVERY_UI_DISABLED);
}
+int vb2api_diagnostic_ui_enabled(struct vb2_context *ctx)
+{
+ return !(vb2_secdata_kernel_get(ctx, VB2_SECDATA_KERNEL_FLAGS) &
+ VB2_SECDATA_KERNEL_FLAG_DIAGNOSTIC_UI_DISABLED);
+}
+
enum vb2_dev_default_boot_target vb2api_get_dev_default_boot_target(
struct vb2_context *ctx)
{
diff --git a/firmware/2lib/include/2api.h b/firmware/2lib/include/2api.h
index 649ee096..205b2891 100644
--- a/firmware/2lib/include/2api.h
+++ b/firmware/2lib/include/2api.h
@@ -854,6 +854,14 @@ int vb2api_phone_recovery_enabled(struct vb2_context *ctx);
*/
int vb2api_phone_recovery_ui_enabled(struct vb2_context *ctx);
+/**
+ * Whether diagnostic UI functionality is enabled or not.
+ *
+ * @param ctx Vboot context
+ * @return 1 if enabled, 0 if disabled.
+ */
+int vb2api_diagnostic_ui_enabled(struct vb2_context *ctx);
+
/* Default boot target in developer mode. */
enum vb2_dev_default_boot_target {
/* Default to boot from internal disk. */
diff --git a/firmware/2lib/include/2secdata.h b/firmware/2lib/include/2secdata.h
index 3b2fa3ca..425dcfff 100644
--- a/firmware/2lib/include/2secdata.h
+++ b/firmware/2lib/include/2secdata.h
@@ -100,6 +100,13 @@ enum vb2_secdata_kernel_flags {
/* Phone recovery instructions in recovery UI are disabled. */
VB2_SECDATA_KERNEL_FLAG_PHONE_RECOVERY_UI_DISABLED = (1 << 1),
+
+ /*
+ * Diagnostic UI is disabled. This includes both hiding the entry
+ * point on the recovery UI menu ("Launch diagnostics"), and
+ * disallowing the user from booting into the diagnostic UI.
+ */
+ VB2_SECDATA_KERNEL_FLAG_DIAGNOSTIC_UI_DISABLED = (1 << 2),
};
/**
diff --git a/firmware/lib/vboot_api_kernel.c b/firmware/lib/vboot_api_kernel.c
index 500d3725..4ae52c57 100644
--- a/firmware/lib/vboot_api_kernel.c
+++ b/firmware/lib/vboot_api_kernel.c
@@ -241,6 +241,7 @@ vb2_error_t VbSelectAndLoadKernel(struct vb2_context *ctx,
VB2_TRY(VbBootRecoveryLegacyClamshell(ctx));
}
} else if (DIAGNOSTIC_UI && !MENU_UI &&
+ vb2api_diagnostic_ui_enabled(ctx) &&
vb2_nv_get(ctx, VB2_NV_DIAG_REQUEST)) {
vb2_nv_set(ctx, VB2_NV_DIAG_REQUEST, 0);
View Lorry Controller Status