coreboot
coreboot is an Open Source project aimed at replacing the proprietary BIOS found in most computers.
Macros | Functions
vboot_logic.c File Reference
#include <arch/exception.h>
#include <assert.h>
#include <console/console.h>
#include <bootmode.h>
#include <fmap.h>
#include <security/tpm/tspi/crtm.h>
#include <security/tpm/tss/vendor/cr50/cr50.h>
#include <security/vboot/misc.h>
#include <security/vboot/vbnv.h>
#include <security/vboot/tpm_common.h>
#include <string.h>
#include <timestamp.h>
#include <vb2_api.h>
#include <boot_device.h>
#include "antirollback.h"
Include dependency graph for vboot_logic.c:

Go to the source code of this file.

Macros

#define VBOOT_MAX_HASH_SIZE   VB2_SHA512_DIGEST_SIZE
 
#define EC_EFS_BOOT_MODE_VERIFIED_RW   0x00
 
#define EC_EFS_BOOT_MODE_UNTRUSTED_RO   0x01
 
#define EC_EFS_BOOT_MODE_TRUSTED_RO   0x02
 

Functions

vb2_error_t vb2ex_read_resource (struct vb2_context *ctx, enum vb2_resource_index index, uint32_t offset, void *buf, uint32_t size)
 
static int handle_digest_result (void *slot_hash, size_t slot_hash_sz)
 
static vb2_error_t hash_body (struct vb2_context *ctx, struct region_device *fw_body)
 
static uint32_t extend_pcrs (struct vb2_context *ctx)
 
static const char * get_boot_mode_string (uint8_t boot_mode)
 
static void check_boot_mode (struct vb2_context *ctx)
 
void verstage_main (void)
 Verify and select the firmware in the RW image. More...
 

Macro Definition Documentation

◆ EC_EFS_BOOT_MODE_TRUSTED_RO

#define EC_EFS_BOOT_MODE_TRUSTED_RO   0x02

Definition at line 196 of file vboot_logic.c.

◆ EC_EFS_BOOT_MODE_UNTRUSTED_RO

#define EC_EFS_BOOT_MODE_UNTRUSTED_RO   0x01

Definition at line 195 of file vboot_logic.c.

◆ EC_EFS_BOOT_MODE_VERIFIED_RW

#define EC_EFS_BOOT_MODE_VERIFIED_RW   0x00

Definition at line 194 of file vboot_logic.c.

◆ VBOOT_MAX_HASH_SIZE

#define VBOOT_MAX_HASH_SIZE   VB2_SHA512_DIGEST_SIZE

Definition at line 21 of file vboot_logic.c.

Function Documentation

◆ check_boot_mode()

static void check_boot_mode ( struct vb2_context *  ctx)
static

Definition at line 210 of file vboot_logic.c.

References BIOS_ERR, BIOS_INFO, BIOS_WARNING, EC_EFS_BOOT_MODE_TRUSTED_RO, EC_EFS_BOOT_MODE_UNTRUSTED_RO, get_boot_mode_string(), printk, tlcl_cr50_get_boot_mode(), TPM_E_NO_SUCH_COMMAND, and TPM_SUCCESS.

Referenced by verstage_main().

Here is the call graph for this function:
Here is the caller graph for this function:

◆ extend_pcrs()

static uint32_t extend_pcrs ( struct vb2_context *  ctx)
static

Definition at line 188 of file vboot_logic.c.

References vboot_extend_pcr().

Referenced by verstage_main().

Here is the call graph for this function:
Here is the caller graph for this function:

◆ get_boot_mode_string()

static const char* get_boot_mode_string ( uint8_t  boot_mode)
static

Definition at line 198 of file vboot_logic.c.

References EC_EFS_BOOT_MODE_TRUSTED_RO, EC_EFS_BOOT_MODE_UNTRUSTED_RO, and EC_EFS_BOOT_MODE_VERIFIED_RW.

Referenced by check_boot_mode().

Here is the caller graph for this function:

◆ handle_digest_result()

static int handle_digest_result ( void slot_hash,
size_t  slot_hash_sz 
)
static

Definition at line 57 of file vboot_logic.c.

References assert, BIOS_DEBUG, BIOS_ERR, CONFIG, memcmp(), platform_is_resuming(), printk, VBOOT_MAX_HASH_SIZE, vboot_retrieve_hash(), and vboot_save_hash().

Referenced by hash_body().

Here is the call graph for this function:
Here is the caller graph for this function:

◆ hash_body()

static vb2_error_t hash_body ( struct vb2_context *  ctx,
struct region_device fw_body 
)
static

Definition at line 120 of file vboot_logic.c.

References handle_digest_result(), memset(), offset, rdev_readat(), region_device_sz(), timestamp_add(), timestamp_add_now(), timestamp_get, TS_HASH_BODY_END, TS_HASH_BODY_START, TS_HASHING_END, TS_LOADING_END, and VBOOT_MAX_HASH_SIZE.

Referenced by verstage_main().

Here is the call graph for this function:
Here is the caller graph for this function:

◆ vb2ex_read_resource()

vb2_error_t vb2ex_read_resource ( struct vb2_context *  ctx,
enum vb2_resource_index  index,
uint32_t  offset,
void buf,
uint32_t  size 
)

Definition at line 25 of file vboot_logic.c.

References buf, fmap_locate_area_as_rdev(), name, offset, rdev, rdev_readat(), and vboot_is_firmware_slot_a().

Here is the call graph for this function:

◆ verstage_main()

void verstage_main ( void  )

Verify and select the firmware in the RW image.

TODO: Avoid loading a stage twice (once in hash_body & again in load_stage). when per-stage verification is ready.

Definition at line 245 of file vboot_logic.c.

References antirollback_lock_space_firmware(), antirollback_lock_space_mrc_hash(), antirollback_read_space_firmware(), antirollback_read_space_kernel(), BIOS_INFO, BIOS_WARNING, boot_device_security_lockdown(), check_boot_mode(), CONFIG, die_with_post_code, extend_pcrs(), get_ec_is_trusted(), get_lid_switch(), get_recovery_mode_switch(), get_wipeout_mode_switch(), hash_body(), MRC_REC_HASH_NV_INDEX, platform_is_resuming(), POST_INVALID_ROM, printk, timestamp_add_now(), TPM_SUCCESS, TS_TPMINIT_END, TS_TPMINIT_START, TS_TPMLOCK_END, TS_TPMLOCK_START, TS_TPMPCR_END, TS_TPMPCR_START, TS_VBOOT_END, TS_VBOOT_START, TS_VERIFY_SLOT_END, TS_VERIFY_SLOT_START, vbnv_init(), vboot_get_context(), vboot_is_firmware_slot_a(), vboot_locate_firmware(), vboot_reboot(), vboot_save_data(), and vboot_setup_tpm().

Referenced by main(), and vboot_run_logic().

Here is the call graph for this function:
Here is the caller graph for this function: