scottk/OpenCellular
1
0
Fork 0
mirror of https://github.com/Telecominfraproject/OpenCellular.git synced 2025-11-25 10:45:02 +00:00
Code Issues Packages Projects Releases Wiki Activity

nvstorage: Add new flag VBNV_DEV_BOOT_FASTBOOT_FULL_CAP

Browse Source 
Add a new flag to nvstorage for controlling fastboot capabilities
offered in firmware in dev-mode. By default, value of this flag would
be ignored in normal mode. Thus, when fastboot-based recovery is
entered from normal mode, only limited capability would be available
in firmware.

After switching to dev-mode, this flag can be set automatically by
user script after performing the wipe or it can be set manually using
crossystem. When fastboot-based recovery is entered from dev mode and
this flag is set, it will provide full fastboot capability in the
firmware.

BUG=chrome-os-partner:40196
BRANCH=None
TEST=Compiles successfully for smaug. make runalltests successful.

Change-Id: I761a9ab304dd90f0b73081acc9ce1f8d9052325f
Signed-off-by: Furquan Shaikh <furquan@google.com>
Reviewed-on: https://chromium-review.googlesource.com/271369
Reviewed-by: Aaron Durbin <adurbin@chromium.org>
Reviewed-by: Randall Spangler <rspangler@chromium.org>
Commit-Queue: Furquan Shaikh <furquan@chromium.org>
Trybot-Ready: Furquan Shaikh <furquan@chromium.org>
Tested-by: Furquan Shaikh <furquan@chromium.org>
This commit is contained in:
Furquan Shaikh
2015-05-14 12:53:19 -07:00
committed by ChromeOS Commit Bot
parent 07e56f22b8
commit 9101df2fe3
8 changed files with 45 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

5
firmware/include/vboot_nvstorage.h
View File

@@ -71,6 +71,11 @@ typedef enum VbNvParam {
VBNV_DEV_BOOT_LEGACY, VBNV_DEV_BOOT_LEGACY,
/* Only boot Google-signed images in developer mode. 0=no, 1=yes. */ /* Only boot Google-signed images in developer mode. 0=no, 1=yes. */
VBNV_DEV_BOOT_SIGNED_ONLY, VBNV_DEV_BOOT_SIGNED_ONLY,
/*
* Allow full fastboot capability in firmware in developer mode.
* 0=no, 1=yes.
*/
VBNV_DEV_BOOT_FASTBOOT_FULL_CAP,
/* /*
* Set by userspace to request that RO firmware disable dev-mode on the * Set by userspace to request that RO firmware disable dev-mode on the
* next boot. This is likely only possible if the dev-switch is * next boot. This is likely only possible if the dev-switch is

1
firmware/lib/vboot_api_init.c
View File

@@ -320,6 +320,7 @@ VbError_t VbInit(VbCommonParams *cparams, VbInitParams *iparams)
VbNvSet(&vnc, VBNV_DEV_BOOT_USB, 0); VbNvSet(&vnc, VBNV_DEV_BOOT_USB, 0);
VbNvSet(&vnc, VBNV_DEV_BOOT_LEGACY, 0); VbNvSet(&vnc, VBNV_DEV_BOOT_LEGACY, 0);
VbNvSet(&vnc, VBNV_DEV_BOOT_SIGNED_ONLY, 0); VbNvSet(&vnc, VBNV_DEV_BOOT_SIGNED_ONLY, 0);
VbNvSet(&vnc, VBNV_DEV_BOOT_FASTBOOT_FULL_CAP, 0);
/* /*
* Back up any changes now, so these values can't be forgotten * Back up any changes now, so these values can't be forgotten
* by draining the battery. We really only care about these * by draining the battery. We really only care about these

6
firmware/lib/vboot_display.c
View File

@@ -564,6 +564,12 @@ VbError_t VbDisplayDebugInfo(VbCommonParams *cparams, VbNvContext *vncptr)
DEBUG_INFO_SIZE - used); DEBUG_INFO_SIZE - used);
used += Uint64ToString(buf + used, DEBUG_INFO_SIZE - used, i, 10, 0); used += Uint64ToString(buf + used, DEBUG_INFO_SIZE - used, i, 10, 0);
/* Add dev_boot_fastboot_full_cap flag */
VbNvGet(vncptr, VBNV_DEV_BOOT_FASTBOOT_FULL_CAP, &i);
used += StrnAppend(buf + used, "\ndev_boot_fastboot_full_cap: ",
DEBUG_INFO_SIZE - used);
used += Uint64ToString(buf + used, DEBUG_INFO_SIZE - used, i, 10, 0);
/* Add TPM versions */ /* Add TPM versions */
used += StrnAppend(buf + used, "\nTPM: fwver=0x", DEBUG_INFO_SIZE - used); used += StrnAppend(buf + used, "\nTPM: fwver=0x", DEBUG_INFO_SIZE - used);
used += Uint64ToString(buf + used, DEBUG_INFO_SIZE - used, used += Uint64ToString(buf + used, DEBUG_INFO_SIZE - used,

15
firmware/lib/vboot_nvstorage.c
View File

@@ -41,6 +41,7 @@
#define DEV_BOOT_USB_MASK 0x01 #define DEV_BOOT_USB_MASK 0x01
#define DEV_BOOT_SIGNED_ONLY_MASK 0x02 #define DEV_BOOT_SIGNED_ONLY_MASK 0x02
#define DEV_BOOT_LEGACY_MASK 0x04 #define DEV_BOOT_LEGACY_MASK 0x04
#define DEV_BOOT_FASTBOOT_FULL_CAP_MASK 0x08
#define TPM_FLAGS_OFFSET 5 #define TPM_FLAGS_OFFSET 5
#define TPM_CLEAR_OWNER_REQUEST 0x01 #define TPM_CLEAR_OWNER_REQUEST 0x01
@@ -150,6 +151,11 @@ int VbNvGet(VbNvContext *context, VbNvParam param, uint32_t *dest)
1 : 0); 1 : 0);
return 0; return 0;
case VBNV_DEV_BOOT_FASTBOOT_FULL_CAP:
*dest = (raw[DEV_FLAGS_OFFSET] & DEV_BOOT_FASTBOOT_FULL_CAP_MASK
? 1 : 0);
return 0;
case VBNV_DISABLE_DEV_REQUEST: case VBNV_DISABLE_DEV_REQUEST:
*dest = (raw[BOOT_OFFSET] & BOOT_DISABLE_DEV_REQUEST ? 1 : 0); *dest = (raw[BOOT_OFFSET] & BOOT_DISABLE_DEV_REQUEST ? 1 : 0);
return 0; return 0;
@@ -292,6 +298,15 @@ int VbNvSet(VbNvContext *context, VbNvParam param, uint32_t value)
raw[DEV_FLAGS_OFFSET] &= ~DEV_BOOT_SIGNED_ONLY_MASK; raw[DEV_FLAGS_OFFSET] &= ~DEV_BOOT_SIGNED_ONLY_MASK;
break; break;
case VBNV_DEV_BOOT_FASTBOOT_FULL_CAP:
if (value)
raw[DEV_FLAGS_OFFSET] |=
DEV_BOOT_FASTBOOT_FULL_CAP_MASK;
else
raw[DEV_FLAGS_OFFSET] &=
~DEV_BOOT_FASTBOOT_FULL_CAP_MASK;
break;
case VBNV_DISABLE_DEV_REQUEST: case VBNV_DISABLE_DEV_REQUEST:
if (value) if (value)
raw[BOOT_OFFSET] |= BOOT_DISABLE_DEV_REQUEST; raw[BOOT_OFFSET] |= BOOT_DISABLE_DEV_REQUEST;

1
firmware/lib/vboot_nvstorage_rollback.c
View File

@@ -20,6 +20,7 @@ static const VbNvParam backup_params[] = {
VBNV_DEV_BOOT_USB, VBNV_DEV_BOOT_USB,
VBNV_DEV_BOOT_LEGACY, VBNV_DEV_BOOT_LEGACY,
VBNV_DEV_BOOT_SIGNED_ONLY, VBNV_DEV_BOOT_SIGNED_ONLY,
VBNV_DEV_BOOT_FASTBOOT_FULL_CAP,
}; };
/* We can't back things up if there isn't enough storage. */ /* We can't back things up if there isn't enough storage. */

4
host/lib/crossystem.c
View File

@@ -499,6 +499,8 @@ int VbGetSystemPropertyInt(const char* name) {
value = VbGetNvStorage(VBNV_DEV_BOOT_LEGACY); value = VbGetNvStorage(VBNV_DEV_BOOT_LEGACY);
} else if (!strcasecmp(name,"dev_boot_signed_only")) { } else if (!strcasecmp(name,"dev_boot_signed_only")) {
value = VbGetNvStorage(VBNV_DEV_BOOT_SIGNED_ONLY); value = VbGetNvStorage(VBNV_DEV_BOOT_SIGNED_ONLY);
} else if (!strcasecmp(name,"dev_boot_fastboot_full_cap")) {
value = VbGetNvStorage(VBNV_DEV_BOOT_FASTBOOT_FULL_CAP);
} else if (!strcasecmp(name,"oprom_needed")) { } else if (!strcasecmp(name,"oprom_needed")) {
value = VbGetNvStorage(VBNV_OPROM_NEEDED); value = VbGetNvStorage(VBNV_OPROM_NEEDED);
} else if (!strcasecmp(name,"recovery_subcode")) { } else if (!strcasecmp(name,"recovery_subcode")) {
@@ -653,6 +655,8 @@ int VbSetSystemPropertyInt(const char* name, int value) {
return VbSetNvStorage_WithBackup(VBNV_DEV_BOOT_LEGACY, value); return VbSetNvStorage_WithBackup(VBNV_DEV_BOOT_LEGACY, value);
} else if (!strcasecmp(name,"dev_boot_signed_only")) { } else if (!strcasecmp(name,"dev_boot_signed_only")) {
return VbSetNvStorage_WithBackup(VBNV_DEV_BOOT_SIGNED_ONLY, value); return VbSetNvStorage_WithBackup(VBNV_DEV_BOOT_SIGNED_ONLY, value);
} else if (!strcasecmp(name,"dev_boot_fastboot_full_cap")) {
return VbSetNvStorage_WithBackup(VBNV_DEV_BOOT_FASTBOOT_FULL_CAP, value);
} }
return -1; return -1;

12
tests/vboot_api_init_tests.c
View File

@@ -555,6 +555,7 @@ static void VbInitTestBackup(void)
VbNvSet(&vnc, VBNV_DEV_BOOT_USB, 1); VbNvSet(&vnc, VBNV_DEV_BOOT_USB, 1);
VbNvSet(&vnc, VBNV_DEV_BOOT_LEGACY, 1); VbNvSet(&vnc, VBNV_DEV_BOOT_LEGACY, 1);
VbNvSet(&vnc, VBNV_DEV_BOOT_SIGNED_ONLY, 1); VbNvSet(&vnc, VBNV_DEV_BOOT_SIGNED_ONLY, 1);
VbNvSet(&vnc, VBNV_DEV_BOOT_FASTBOOT_FULL_CAP, 1);
/* and some that don't */ /* and some that don't */
VbNvSet(&vnc, VBNV_OPROM_NEEDED, 1); VbNvSet(&vnc, VBNV_OPROM_NEEDED, 1);
VbNvSet(&vnc, VBNV_TRY_B_COUNT, 3); VbNvSet(&vnc, VBNV_TRY_B_COUNT, 3);
@@ -582,6 +583,8 @@ static void VbInitTestBackup(void)
TEST_EQ(u, 0, " NV dev_boot_legacy"); TEST_EQ(u, 0, " NV dev_boot_legacy");
VbNvGet(&vnc, VBNV_DEV_BOOT_SIGNED_ONLY, &u); VbNvGet(&vnc, VBNV_DEV_BOOT_SIGNED_ONLY, &u);
TEST_EQ(u, 0, " NV dev_boot_signed_only"); TEST_EQ(u, 0, " NV dev_boot_signed_only");
VbNvGet(&vnc, VBNV_DEV_BOOT_FASTBOOT_FULL_CAP, &u);
TEST_EQ(u, 0, " NV dev_boot_fastboot_full_cap");
/* So we should have written the backup */ /* So we should have written the backup */
TEST_EQ(backup_write_called, 1, " Backup written once"); TEST_EQ(backup_write_called, 1, " Backup written once");
/* And the backup should reflect the persisent flags. */ /* And the backup should reflect the persisent flags. */
@@ -597,6 +600,8 @@ static void VbInitTestBackup(void)
TEST_EQ(u, 0, " BU dev_boot_legacy"); TEST_EQ(u, 0, " BU dev_boot_legacy");
VbNvGet(&tmp_vnc, VBNV_DEV_BOOT_SIGNED_ONLY, &u); VbNvGet(&tmp_vnc, VBNV_DEV_BOOT_SIGNED_ONLY, &u);
TEST_EQ(u, 0, " BU dev_boot_signed_only"); TEST_EQ(u, 0, " BU dev_boot_signed_only");
VbNvGet(&tmp_vnc, VBNV_DEV_BOOT_FASTBOOT_FULL_CAP, &u);
TEST_EQ(u, 0, " BU dev_boot_fastboot_full_cap");
/* but not the others */ /* but not the others */
VbNvGet(&tmp_vnc, VBNV_OPROM_NEEDED, &u); VbNvGet(&tmp_vnc, VBNV_OPROM_NEEDED, &u);
TEST_EQ(u, 0, " BU oprom_needed"); TEST_EQ(u, 0, " BU oprom_needed");
@@ -636,6 +641,7 @@ static void VbInitTestBackup(void)
VbNvSet(&vnc, VBNV_DEV_BOOT_USB, 1); VbNvSet(&vnc, VBNV_DEV_BOOT_USB, 1);
VbNvSet(&vnc, VBNV_DEV_BOOT_LEGACY, 1); VbNvSet(&vnc, VBNV_DEV_BOOT_LEGACY, 1);
VbNvSet(&vnc, VBNV_DEV_BOOT_SIGNED_ONLY, 1); VbNvSet(&vnc, VBNV_DEV_BOOT_SIGNED_ONLY, 1);
VbNvSet(&vnc, VBNV_DEV_BOOT_FASTBOOT_FULL_CAP, 1);
/* and some that don't */ /* and some that don't */
VbNvSet(&vnc, VBNV_OPROM_NEEDED, 1); VbNvSet(&vnc, VBNV_OPROM_NEEDED, 1);
VbNvSet(&vnc, VBNV_TRY_B_COUNT, 4); VbNvSet(&vnc, VBNV_TRY_B_COUNT, 4);
@@ -683,6 +689,8 @@ static void VbInitTestBackup(void)
TEST_EQ(u, 1, " BU dev_boot_legacy"); TEST_EQ(u, 1, " BU dev_boot_legacy");
VbNvGet(&tmp_vnc, VBNV_DEV_BOOT_SIGNED_ONLY, &u); VbNvGet(&tmp_vnc, VBNV_DEV_BOOT_SIGNED_ONLY, &u);
TEST_EQ(u, 1, " BU dev_boot_signed_only"); TEST_EQ(u, 1, " BU dev_boot_signed_only");
VbNvGet(&tmp_vnc, VBNV_DEV_BOOT_FASTBOOT_FULL_CAP, &u);
TEST_EQ(u, 1, " BU dev_boot_fastboot_full_cap");
/* but not the others */ /* but not the others */
VbNvGet(&tmp_vnc, VBNV_OPROM_NEEDED, &u); VbNvGet(&tmp_vnc, VBNV_OPROM_NEEDED, &u);
TEST_EQ(u, 0, " BU oprom_needed"); TEST_EQ(u, 0, " BU oprom_needed");
@@ -720,6 +728,8 @@ static void VbInitTestBackup(void)
TEST_EQ(u, 1, " BU dev_boot_legacy"); TEST_EQ(u, 1, " BU dev_boot_legacy");
VbNvGet(&vnc, VBNV_DEV_BOOT_SIGNED_ONLY, &u); VbNvGet(&vnc, VBNV_DEV_BOOT_SIGNED_ONLY, &u);
TEST_EQ(u, 1, " BU dev_boot_signed_only"); TEST_EQ(u, 1, " BU dev_boot_signed_only");
VbNvGet(&vnc, VBNV_DEV_BOOT_FASTBOOT_FULL_CAP, &u);
TEST_EQ(u, 1, " BU dev_boot_fastboot_full_cap");
/* /*
* But if we lose the NV storage and go back to normal mode at the same * But if we lose the NV storage and go back to normal mode at the same
@@ -754,6 +764,8 @@ static void VbInitTestBackup(void)
TEST_EQ(u, 0, " BU dev_boot_legacy"); TEST_EQ(u, 0, " BU dev_boot_legacy");
VbNvGet(&vnc, VBNV_DEV_BOOT_SIGNED_ONLY, &u); VbNvGet(&vnc, VBNV_DEV_BOOT_SIGNED_ONLY, &u);
TEST_EQ(u, 0, " BU dev_boot_signed_only"); TEST_EQ(u, 0, " BU dev_boot_signed_only");
VbNvGet(&vnc, VBNV_DEV_BOOT_FASTBOOT_FULL_CAP, &u);
TEST_EQ(u, 0, " BU dev_boot_fastboot_full_cap");
} }

1
tests/vboot_nvstorage_test.c
View File

@@ -33,6 +33,7 @@ static VbNvField nvfields[] = {
{VBNV_DEV_BOOT_USB, 0, 1, 0, "dev boot usb"}, {VBNV_DEV_BOOT_USB, 0, 1, 0, "dev boot usb"},
{VBNV_DEV_BOOT_LEGACY, 0, 1, 0, "dev boot legacy"}, {VBNV_DEV_BOOT_LEGACY, 0, 1, 0, "dev boot legacy"},
{VBNV_DEV_BOOT_SIGNED_ONLY, 0, 1, 0, "dev boot custom"}, {VBNV_DEV_BOOT_SIGNED_ONLY, 0, 1, 0, "dev boot custom"},
{VBNV_DEV_BOOT_FASTBOOT_FULL_CAP, 0, 1, 0, "dev boot fastboot full cap"},
{VBNV_DISABLE_DEV_REQUEST, 0, 1, 0, "disable dev request"}, {VBNV_DISABLE_DEV_REQUEST, 0, 1, 0, "disable dev request"},
{VBNV_CLEAR_TPM_OWNER_REQUEST, 0, 1, 0, "clear tpm owner request"}, {VBNV_CLEAR_TPM_OWNER_REQUEST, 0, 1, 0, "clear tpm owner request"},
{VBNV_CLEAR_TPM_OWNER_DONE, 0, 1, 0, "clear tpm owner done"}, {VBNV_CLEAR_TPM_OWNER_DONE, 0, 1, 0, "clear tpm owner done"},