From 8028cac33c9c408f90de9ceffc714a1a0ca9d583 Mon Sep 17 00:00:00 2001 From: Hsuan Ting Chen Date: Thu, 11 Nov 2021 08:11:04 +0000 Subject: Reland "2api: Add vb2_boot_mode in vb2_context denoted the current boot mode" This reverts commit f0ba3fe277fdc623565eab0725aed743e24a1a44. Reason for revert: We can try another reland after the coreboot CL https://review.coreboot.org/c/coreboot/+/58253 is downstreamed and the guybrush psp_verstage.bin is signed again. Original change's description: > Revert "2api: Add vb2_boot_mode in vb2_context denoted the current boot mode" > > This reverts commit 2cf76574dbf57c70da3a835f2a45d5619dc058f5. > > Reason for revert: b:202258389 > > Original change's description: > > 2api: Add vb2_boot_mode in vb2_context denoted the current boot mode > > > > Add enum vb2_boot_mode which denotes the most relevant boot mode between > > normal, manual recovery, broken recovery, diagnostic, and developer. > > > > The boot mode constant stores in vb2_context, is exposed externally, and > > decided in vb2api_fw_phase1. > > > > Split out the logic of manual recovery and broken screen. (The broken > > recovery is a recovery boot with !vb2api_allow_recovery) > > > > Add the fifth boot mode, diagnostic boot mode > > > > A boot could match more the one boot mode, this api will pick the most > > relevant boot mode based on the following order: > > 1. Manual recovery boot > > 2. Broken recovery boot > > 3. Diagnostics boot > > 4. Developer boot > > 5. Normal boot > > > > This constant is used in: > > * lib/vboot_api_kernel.c: VbSelectAndLoadKernel() > > * lib/vboot_kernel.c: replace the original vb2_boot_mode > > * coreboot/bootmode for adding elogs > > > > Also bump the vb2sd minor version from 0 to 1. > > > > BUG=b:185551931, b:177196147, b:181931817 > > BRANCH=none > > TEST=CC=x86_64-pc-linux-gnu-clang; > > make clean && make runtests > > TEST=emerge coreboot vboot_reference depthcharge > > > > Signed-off-by: Hsuan Ting Chen > > Change-Id: I421e4d51c261ba2bdec996a5fb2ebccb33513fa4 > > Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/vboot_reference/+/2944250 > > Reviewed-by: Yu-Ping Wu > > Bug: b:185551931, b:177196147, b:181931817 > Change-Id: Ic184a24f5b580bcaf40d75045476ae77c674dd3d > Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/vboot_reference/+/3209725 > Bot-Commit: Rubber Stamper > Commit-Queue: Bhanu Prakash Maiya Bug: b:185551931, b:177196147, b:181931817 Change-Id: Ie480bf76eb0164f6e498b72e0533cd5c5762d6f6 Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/vboot_reference/+/3274699 Reviewed-by: Hsuan Ting Chen Tested-by: Hsuan Ting Chen Reviewed-by: Yu-Ping Wu Commit-Queue: Hsuan Ting Chen --- firmware/2lib/include/2api.h | 62 ++++++++++++++++++++++++++++++++++++++++++++ 1 file changed, 62 insertions(+) (limited to 'firmware/2lib/include/2api.h') diff --git a/firmware/2lib/include/2api.h b/firmware/2lib/include/2api.h index 8966999d..cd558b05 100644 --- a/firmware/2lib/include/2api.h +++ b/firmware/2lib/include/2api.h @@ -259,6 +259,58 @@ enum vb2_context_flags { VB2_CONTEXT_DEV_BOOT_ALTFW_ALLOWED = (1 << 27), }; +/* Boot mode decided in vb2api_fw_phase1. + * + * Boot mode is a constant set by verified boot and may be read (but should not + * be set or cleared) by the caller. + * The boot modes are mutually exclusive. If a boot fulfill more than one + * constraints of the listing boot modes, it will be set to the most important + * one. The priority is the same as the listing order. + */ +enum vb2_boot_mode { + /* Undefined, The boot mode is not set. */ + VB2_BOOT_MODE_UNDEFINED = 0, + + /* + * Manual recovery boot, regardless of dev mode state. + * + * VB2_CONTEXT_RECOVERY_MODE is set and the recovery is physically + * requested (a.k.a. Manual recovery). All other recovery requests + * including manual recovery requested by a (compromised) host will end + * up with a broken screen. + */ + VB2_BOOT_MODE_MANUAL_RECOVERY = 1, + + /* + * Broken screen. + * + * If a recovery boot is not a manual recovery (a.k.a. not requested + * physically), the recovery is not allowed and will end up with + * broken screen. + */ + VB2_BOOT_MODE_BROKEN_SCREEN = 2, + + /* + * Diagnostic boot. + * + * If diagnostic boot is enabled (a.k.a. vb2api_diagnostic_ui_enabled) + * and the nvdata contains VB2_NV_DIAG_REQUEST from previous boot, it + * will boot to diagnostic mode. + */ + VB2_BOOT_MODE_DIAGNOSTICS = 3, + + /* + * Developer boot: self-signed kernel okay. + * + * The developer mode switch is set (a.k.a. VB2_CONTEXT_DEVELOPER_MODE) + * and we are in the developer boot mode. + */ + VB2_BOOT_MODE_DEVELOPER = 4, + + /* Normal boot: kernel must be verified. */ + VB2_BOOT_MODE_NORMAL = 5, +}; + /* Helper for aligning fields in vb2_context. */ #define VB2_PAD_STRUCT3(size, align, count) \ uint8_t _pad##count[align - (((size - 1) % align) + 1)] @@ -333,6 +385,16 @@ struct vb2_context { */ uint8_t secdata_fwmp[VB2_SECDATA_FWMP_MAX_SIZE]; VB2_PAD_STRUCT(VB2_SECDATA_FWMP_MAX_SIZE, 8); + + /********************************************************************** + * Fields below added in struct version 3.1. + */ + + /* + * Mutually exclusive boot mode. + * This constant is initialized after calling vb2api_fw_phase1(). + */ + const enum vb2_boot_mode boot_mode; }; /* Resource index for vb2ex_read_resource() */ -- cgit v1.2.1