vboot: Deprecate VBSD_BOOT_REC_SWITCH_VIRTUAL
With the compile time constant PHYSICAL_PRESENCE_KEYBOARD passed
(CL:2004267), replace the usage of the flag VBSD_BOOT_REC_SWITCH_VIRTUAL
with PHYSICAL_PRESENCE_KEYBOARD. Also deprecate
VBSD_BOOT_REC_SWITCH_VIRTUAL because it is no longer needed.
BRANCH=none
BUG=chromium:1038259, chromium:943150
TEST=make runtests
Cq-Depend: chromium:2004267
Change-Id: I091825cf1367571bb50dec84dda6e44ed4d2bb19
Signed-off-by: Yu-Ping Wu <yupingso@chromium.org>
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/vboot_reference/+/2037269
Reviewed-by: Julius Werner <jwerner@chromium.org>
Reviewed-by: Joel Kitching <kitching@chromium.org>
diff --git a/Makefile b/Makefile
index 0336a36..6942694 100644
--- a/Makefile
+++ b/Makefile
@@ -213,6 +213,13 @@
CFLAGS += -DDIAGNOSTIC_UI=0
endif
+# Confirm physical presence using keyboard
+ifneq ($(filter-out 0,${PHYSICAL_PRESENCE_KEYBOARD}),)
+CFLAGS += -DPHYSICAL_PRESENCE_KEYBOARD=1
+else
+CFLAGS += -DPHYSICAL_PRESENCE_KEYBOARD=0
+endif
+
# NOTE: We don't use these files but they are useful for other packages to
# query about required compiling/linking flags.
PC_IN_FILES = vboot_host.pc.in
diff --git a/firmware/include/vboot_struct.h b/firmware/include/vboot_struct.h
index 5d76ece..692c356 100644
--- a/firmware/include/vboot_struct.h
+++ b/firmware/include/vboot_struct.h
@@ -79,8 +79,9 @@
/* Firmware software write protect was enabled at boot time.
Crossystem support deprecated as part of CL:575389. */
#define VBSD_DEPRECATED_BOOT_FIRMWARE_SW_WP_ENABLED 0x00002000
-/* VbInit() was told that the recovery button is a virtual one */
-#define VBSD_BOOT_REC_SWITCH_VIRTUAL 0x00004000
+/* VbInit() was told that the recovery button is a virtual one;
+ Deprecated as part of chromium:943150 */
+#define VBSD_DEPRECATED_BOOT_REC_SWITCH_VIRTUAL 0x00004000
/* Firmware used vboot2 for firmware selection */
#define VBSD_BOOT_FIRMWARE_VBOOT2 0x00008000
/* Firmware needs VGA Option ROM to display screens;
diff --git a/firmware/lib/vboot_ui.c b/firmware/lib/vboot_ui.c
index 0363ec1..b46e59b 100644
--- a/firmware/lib/vboot_ui.c
+++ b/firmware/lib/vboot_ui.c
@@ -39,8 +39,6 @@
int VbUserConfirms(struct vb2_context *ctx, uint32_t confirm_flags)
{
- struct vb2_shared_data *sd = vb2_get_sd(ctx);
- VbSharedDataHeader *shared = sd->vbsd;
uint32_t key;
uint32_t key_flags;
uint32_t btn;
@@ -66,13 +64,17 @@
return 1;
}
- /* Beep and notify the user if the recovery switch is
- * not physical. If it is physical then the prompt will
- * tell the user to press the switch and will not say
- * anything about the ENTER key so we can silenty ingore
- * ENTER in this case.
+ /*
+ * If physical presence is confirmed using the keyboard,
+ * beep and notify the user when the ENTER key comes
+ * from an untrusted keyboard.
+ *
+ * If physical presence is confirmed using a physical
+ * button, the existing message on the screen will
+ * instruct the user which button to push. Silently
+ * ignore any ENTER presses.
*/
- if (shared->flags & VBSD_BOOT_REC_SWITCH_VIRTUAL)
+ if (PHYSICAL_PRESENCE_KEYBOARD)
vb2_error_notify("Please use internal keyboard "
"to confirm\n",
"VbUserConfirms() - "
@@ -94,9 +96,9 @@
* pressed, this is also a YES, but must wait for
* release.
*/
- btn = VbExGetSwitches(
- VB_SWITCH_FLAG_PHYS_PRESENCE_PRESSED);
- if (!(shared->flags & VBSD_BOOT_REC_SWITCH_VIRTUAL)) {
+ if (!PHYSICAL_PRESENCE_KEYBOARD) {
+ btn = VbExGetSwitches(
+ VB_SWITCH_FLAG_PHYS_PRESENCE_PRESSED);
if (btn) {
VB2_DEBUG("Presence button pressed, "
"awaiting release\n");
@@ -450,7 +452,6 @@
static vb2_error_t recovery_ui(struct vb2_context *ctx)
{
struct vb2_shared_data *sd = vb2_get_sd(ctx);
- VbSharedDataHeader *shared = sd->vbsd;
uint32_t retval;
uint32_t key;
const char release_button_msg[] =
@@ -520,7 +521,7 @@
if (key == VB_KEY_CTRL('D') &&
!(sd->flags & VB2_SD_FLAG_DEV_MODE_ENABLED) &&
(sd->flags & VB2_SD_FLAG_MANUAL_RECOVERY)) {
- if (!(shared->flags & VBSD_BOOT_REC_SWITCH_VIRTUAL) &&
+ if (!PHYSICAL_PRESENCE_KEYBOARD &&
VbExGetSwitches(
VB_SWITCH_FLAG_PHYS_PRESENCE_PRESSED)) {
/*
