From f5367d598a985520a8c935f68ac90d295c7b8d8e Mon Sep 17 00:00:00 2001 From: Joel Kitching Date: Mon, 20 Jan 2020 10:55:28 +0800 Subject: vboot: translate recovery reason info from vboot 2->1 Recovery reason should be passed into vboot kernel verification API using vboot 2 data structures. Upon arrival, translate to vboot 1 data structures for legacy purposes. Also switch to using vboot 2 recovery_reason field in other parts of vboot code. BUG=b:124141368, chromium:1038260 TEST=make clean && make runtests BRANCH=none Change-Id: Ic590db46d57ffbd8829f8f3ad784ea46184ceabc Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/vboot_reference/+/2008534 Commit-Queue: Joel Kitching Tested-by: Joel Kitching Reviewed-by: Yu-Ping Wu --- firmware/lib/vboot_api_kernel.c | 18 ++++++++++++------ firmware/lib/vboot_ui.c | 5 ++--- tests/vboot_api_kernel4_tests.c | 8 ++++---- 3 files changed, 18 insertions(+), 13 deletions(-) diff --git a/firmware/lib/vboot_api_kernel.c b/firmware/lib/vboot_api_kernel.c index ee8080fa..3416a6fd 100644 --- a/firmware/lib/vboot_api_kernel.c +++ b/firmware/lib/vboot_api_kernel.c @@ -227,13 +227,15 @@ static vb2_error_t vb2_kernel_setup(struct vb2_context *ctx, VbSharedDataHeader *shared, VbSelectAndLoadKernelParams *kparams) { + struct vb2_shared_data *sd = vb2_get_sd(ctx); uint32_t tpm_rv; vb2_error_t rv; - /* Translate vboot1 flags back to vboot2 */ - if (shared->recovery_reason) + /* Set selected boot mode in context object. + TODO: Confirm that this can be removed with persistent context. */ + if (sd->recovery_reason) ctx->flags |= VB2_CONTEXT_RECOVERY_MODE; - if (vb2_get_sd(ctx)->flags & VB2_SD_FLAG_DEV_MODE_ENABLED) + if (sd->flags & VB2_SD_FLAG_DEV_MODE_ENABLED) ctx->flags |= VB2_CONTEXT_DEVELOPER_MODE; /* @@ -248,10 +250,14 @@ static vb2_error_t vb2_kernel_setup(struct vb2_context *ctx, if (shared->flags & VBSD_NVDATA_V2) ctx->flags |= VB2_CONTEXT_NVDATA_V2; - vb2_nv_init(ctx); + /* Translate recovery reason-related fields into vboot1 */ + shared->recovery_reason = sd->recovery_reason; + if (sd->recovery_reason) + shared->firmware_index = 0xff; + if (sd->flags & VB2_SD_FLAG_MANUAL_RECOVERY) + shared->flags |= VBSD_BOOT_REC_SWITCH_ON; - struct vb2_shared_data *sd = vb2_get_sd(ctx); - sd->recovery_reason = shared->recovery_reason; + vb2_nv_init(ctx); /* * Save a pointer to the old vboot1 shared data, since we haven't diff --git a/firmware/lib/vboot_ui.c b/firmware/lib/vboot_ui.c index d584ac8b..2c99884f 100644 --- a/firmware/lib/vboot_ui.c +++ b/firmware/lib/vboot_ui.c @@ -794,9 +794,8 @@ static vb2_error_t recovery_ui(struct vb2_context *ctx) * reboot to workaround a boot hiccup. */ VB2_DEBUG("VbBootRecovery() saving recovery reason (%#x)\n", - shared->recovery_reason); - vb2_nv_set(ctx, VB2_NV_RECOVERY_SUBCODE, - shared->recovery_reason); + sd->recovery_reason); + vb2_nv_set(ctx, VB2_NV_RECOVERY_SUBCODE, sd->recovery_reason); /* * Non-manual recovery mode is meant to be left via three-finger diff --git a/tests/vboot_api_kernel4_tests.c b/tests/vboot_api_kernel4_tests.c index aaafcc39..d413024e 100644 --- a/tests/vboot_api_kernel4_tests.c +++ b/tests/vboot_api_kernel4_tests.c @@ -296,25 +296,25 @@ static void VbSlkTest(void) /* Boot recovery */ ResetMocks(); - shared->recovery_reason = 123; + sd->recovery_reason = 123; vbboot_retval = -3; test_slk(VB2_ERROR_MOCK, 0, "Recovery boot bad"); ResetMocks(); - shared->recovery_reason = 123; + sd->recovery_reason = 123; new_version = 0x20003; test_slk(0, 0, "Recovery doesn't roll forward"); TEST_EQ(kernel_version, 0x10002, " version"); ResetMocks(); - shared->recovery_reason = 123; + sd->recovery_reason = 123; kernel_read_retval = TPM_E_IOERROR; kernel_write_retval = TPM_E_IOERROR; kernel_lock_retval = TPM_E_IOERROR; test_slk(0, 0, "Recovery ignore TPM errors"); ResetMocks(); - shared->recovery_reason = VB2_RECOVERY_TRAIN_AND_REBOOT; + sd->recovery_reason = VB2_RECOVERY_TRAIN_AND_REBOOT; test_slk(VBERROR_REBOOT_REQUIRED, 0, "Recovery train and reboot"); // todo: rkr/w/l fail ignored if recovery -- cgit v1.2.1