scottk/OpenCellular
1
0
Fork 0
mirror of https://github.com/Telecominfraproject/OpenCellular.git synced 2025-11-24 02:05:01 +00:00
Code Issues Packages Projects Releases Wiki Activity

Use virtual dev-mode switch when told to.

Browse Source 
If VbInit() is instructed to look at a virtual dev-mode switch, then it will
use value contained in the TPM's firmware space instead of a hardware GPIO
to determine if developer mode is enabled.

This change just makes it look. It doesn't provide a way to actually set
the value in the TPM. VbInit() isn't being told to look yet, either. Those
changes are coming.

BUG=chrome-os-partner:9706
TEST=none

The usual sanity-check applies:

  make
  make runtests

But to actually test that this stuff is working IRL requires special tweaks
to other components and monitoring the serial debug output from both EC and
CPU. We'll save the hands-on tests for when it's all done.

Change-Id: Ie485ad2180224e192238bf2a5dbf95bbcb9130f9
Signed-off-by: Bill Richardson <wfrichar@chromium.org>
Reviewed-on: https://gerrit.chromium.org/gerrit/23067
Reviewed-by: Randall Spangler <rspangler@chromium.org>
This commit is contained in:
Bill Richardson
2012-05-17 13:26:05 -07:00
committed by Gerrit
parent e97760cec3
commit b75d8adcc0
10 changed files with 206 additions and 142 deletions
Download Patch File Download Diff File Expand all files Collapse all files

47
firmware/lib/vboot_api_firmware.c
View File

@@ -14,14 +14,6 @@
#include "vboot_common.h"
#include "vboot_nvstorage.h"
/* Set recovery request */
static void VbSfRequestRecovery(VbNvContext *vnc, uint32_t recovery_request) {
VBDEBUG(("VbSfRequestRecovery(%d)\n", (int)recovery_request));
VbNvSet(vnc, VBNV_RECOVERY_REQUEST, recovery_request);
}
VbError_t VbSelectFirmware(VbCommonParams* cparams,
VbSelectFirmwareParams* fparams) {
VbSharedDataHeader* shared = (VbSharedDataHeader*)cparams->shared_data_blob;
@@ -29,7 +21,6 @@ VbError_t VbSelectFirmware(VbCommonParams* cparams,
VbError_t retval = VBERROR_UNKNOWN; /* Assume error until proven successful */
int is_rec = (shared->recovery_reason ? 1 : 0);
int is_dev = (shared->flags & VBSD_BOOT_DEV_SWITCH_ON ? 1 : 0);
uint32_t tpm_version = 0;
uint32_t tpm_status = 0;
/* Start timer */
@@ -39,38 +30,6 @@ VbError_t VbSelectFirmware(VbCommonParams* cparams,
VbExNvStorageRead(vnc.raw);
VbNvSetup(&vnc);
/* Initialize the TPM */
VBPERFSTART("VB_TPMI");
tpm_status = RollbackFirmwareSetup(is_rec, is_dev, &tpm_version);
VBPERFEND("VB_TPMI");
if (0 != tpm_status) {
VBDEBUG(("Unable to setup TPM and read firmware version.\n"));
if (TPM_E_MUST_REBOOT == tpm_status) {
/* TPM wants to reboot into the same mode we're in now */
VBDEBUG(("TPM requires a reboot.\n"));
if (!is_rec) {
/* Not recovery mode. Just reboot (not into recovery). */
retval = VBERROR_TPM_REBOOT_REQUIRED;
goto VbSelectFirmware_exit;
} else if (VBNV_RECOVERY_RO_TPM_REBOOT != shared->recovery_reason) {
/* In recovery mode now, and we haven't requested a TPM reboot yet,
* so request one. */
VbSfRequestRecovery(&vnc, VBNV_RECOVERY_RO_TPM_REBOOT);
retval = VBERROR_TPM_REBOOT_REQUIRED;
goto VbSelectFirmware_exit;
}
}
if (!is_rec) {
VbSfRequestRecovery(&vnc, VBNV_RECOVERY_RO_TPM_ERROR);
retval = VBERROR_TPM_FIRMWARE_SETUP;
goto VbSelectFirmware_exit;
}
}
shared->fw_version_tpm_start = tpm_version;
shared->fw_version_tpm = tpm_version;
if (is_rec) {
/* Recovery is requested; go straight to recovery without checking the
* RW firmware. */
@@ -104,7 +63,7 @@ VbError_t VbSelectFirmware(VbCommonParams* cparams,
VBPERFEND("VB_TPMU");
if (0 != tpm_status) {
VBDEBUG(("Unable to write firmware version to TPM.\n"));
VbSfRequestRecovery(&vnc, VBNV_RECOVERY_RO_TPM_ERROR);
VbNvSet(&vnc, VBNV_RECOVERY_REQUEST, VBNV_RECOVERY_RO_TPM_ERROR);
retval = VBERROR_TPM_WRITE_FIRMWARE;
goto VbSelectFirmware_exit;
}
@@ -116,7 +75,7 @@ VbError_t VbSelectFirmware(VbCommonParams* cparams,
VBPERFEND("VB_TPML");
if (0 != tpm_status) {
VBDEBUG(("Unable to lock firmware version in TPM.\n"));
VbSfRequestRecovery(&vnc, VBNV_RECOVERY_RO_TPM_ERROR);
VbNvSet(&vnc, VBNV_RECOVERY_REQUEST, VBNV_RECOVERY_RO_TPM_ERROR);
retval = VBERROR_TPM_LOCK_FIRMWARE;
goto VbSelectFirmware_exit;
}
@@ -128,7 +87,7 @@ VbError_t VbSelectFirmware(VbCommonParams* cparams,
if (0 != tpm_status) {
VBDEBUG(("Unable to update the TPM with boot mode information.\n"));
if (!is_rec) {
VbSfRequestRecovery(&vnc, VBNV_RECOVERY_RO_TPM_ERROR);
VbNvSet(&vnc, VBNV_RECOVERY_REQUEST, VBNV_RECOVERY_RO_TPM_ERROR);
retval = VBERROR_TPM_SET_BOOT_MODE_STATE;
goto VbSelectFirmware_exit;
}