Pass all calls to VBExLegacy() through a single function
It is important that we lock the TPM before calling this function. We have
several places where the function is called. Reduce the risk that the TPM
is no locked by running all calls through a single point. Drop the
vb2_exit_altfw() function as it is not needed now.
We rely on being able to call RollbackKernelLock() multiple times since it
ignores subsequent calls and does not attempt to lock the TPM twice.
With the menu UI this causes a small change in behaviour: when starting
legacy firmware fails the screen flashes AFTER the beep instead of before.
Hopefully this difference is not important.
Future work will unify the two UI more.
BUG=chromium:837018
BRANCH=none
TEST=FEATURES=test emerge-grunt --nodeps vboot_reference
Change-Id: I0ee0b52eb57c30c1e1bb4a7e60e11d060025ab17
Signed-off-by: Simon Glass <sjg@chromium.org>
Reviewed-on: https://chromium-review.googlesource.com/1292248
Reviewed-by: Julius Werner <jwerner@chromium.org>
diff --git a/firmware/lib/include/vboot_kernel.h b/firmware/lib/include/vboot_kernel.h
index 15c2710..c3c4585 100644
--- a/firmware/lib/include/vboot_kernel.h
+++ b/firmware/lib/include/vboot_kernel.h
@@ -88,38 +88,4 @@
*/
void vb2_nv_commit(struct vb2_context *ctx);
-/**
- * Prepare to start a bootloader
- *
- * Get ready to jump into a bootloader if allowed, calling RollbackKernelLock().
- *
- * @param allowed 1 if allowed, 0 if not allowed (in which case this function
- * prints a debug error)
- * @return 0 if allowed, -1 if not allowed
- *
- */
-int vb2_prepare_alt_fw(int allowed);
-
-/**
- * Tidy up after failing to start a bootloader
- *
- * This beeps twice to indicate failure
- */
-void vb2_exit_altfw(void);
-
-/**
- * Jump to a bootloader if possible
- *
- * This calls vb2_prepare_alt_fw() to check the operation is permitted. If it
- * is, then it jumps to the selected bootloader and execution continues there,
- * never returning.
- *
- * If the operation is not permitted, or it is permitted but the bootloader
- * cannot be found, it calls vb2_exit_altfw() and returns.
- *
- * @allowed 1 if allowed, 0 if not allowed
- * @altfw_num Number of bootloader to start (0=any, 1=first, etc.)
- */
-void vb2_try_alt_fw(int allowed, int altfw_num);
-
#endif /* VBOOT_REFERENCE_VBOOT_KERNEL_H_ */
diff --git a/firmware/lib/include/vboot_ui_common.h b/firmware/lib/include/vboot_ui_common.h
index aa6a67e..19c3809 100644
--- a/firmware/lib/include/vboot_ui_common.h
+++ b/firmware/lib/include/vboot_ui_common.h
@@ -18,4 +18,14 @@
*/
void vb2_error_beep(enum vb2_beep_type beep);
+/**
+ * Run alternative firmware if allowed
+ *
+ * This will only return if it is not allowed, or the bootloader fails to
+ * cannot be found / fails to start
+ *
+ * @altfw_num Number of bootloader to start (0=any, 1=first, etc.)
+ */
+void vb2_run_altfw(int altfw_num);
+
#endif /* VBOOT_REFERENCE_VBOOT_UI_COMMON_H_ */
diff --git a/firmware/lib/vboot_ui.c b/firmware/lib/vboot_ui.c
index b512af2..63ae9cc 100644
--- a/firmware/lib/vboot_ui.c
+++ b/firmware/lib/vboot_ui.c
@@ -73,32 +73,29 @@
return !!shutdown_request;
}
-int vb2_prepare_alt_fw(int allowed)
+/**
+ * Jump to a bootloader if possible
+ *
+ * This checks if the operation is permitted. If it is, then it jumps to the
+ * selected bootloader and execution continues there, never returning.
+ *
+ * If the operation is not permitted, or it is permitted but the bootloader
+ * cannot be found, it beeps and returns.
+ *
+ * @allowed 1 if allowed, 0 if not allowed
+ * @altfw_num Number of bootloader to start (0=any, 1=first, etc.)
+ */
+static void vb2_try_alt_fw(int allowed, int altfw_num)
{
- if (!allowed) {
+ if (allowed) {
+ vb2_run_altfw(altfw_num); /* will not return if found */
+ } else {
VB2_DEBUG("VbBootDeveloper() - Legacy boot is disabled\n");
VbExDisplayDebugInfo("WARNING: Booting legacy BIOS has not "
"been enabled. Refer to the developer"
"-mode documentation for details.\n");
- return -1;
- } else if (0 != RollbackKernelLock(0)) {
- VB2_DEBUG("Error locking kernel versions on legacy boot.\n");
- return -1;
+ vb2_error_beep(VB_BEEP_NOT_ALLOWED);
}
-
- return 0;
-}
-
-void vb2_exit_altfw(void)
-{
- vb2_error_beep(VB_BEEP_FAILED);
-}
-
-void vb2_try_alt_fw(int allowed, int altfw_num)
-{
- if (!vb2_prepare_alt_fw(allowed))
- VbExLegacy(altfw_num); /* will not return if found */
- vb2_exit_altfw();
}
uint32_t VbTryUsb(struct vb2_context *ctx)
diff --git a/firmware/lib/vboot_ui_common.c b/firmware/lib/vboot_ui_common.c
index 6948664..727ed77 100644
--- a/firmware/lib/vboot_ui_common.c
+++ b/firmware/lib/vboot_ui_common.c
@@ -7,6 +7,10 @@
#include "sysincludes.h"
+#include "2sysincludes.h"
+#include "2common.h"
+
+#include "rollback_index.h"
#include "vboot_api.h"
#include "vboot_ui_common.h"
@@ -25,3 +29,12 @@
break;
}
}
+
+void vb2_run_altfw(int altfw_num)
+{
+ if (RollbackKernelLock(0))
+ VB2_DEBUG("Error locking kernel versions on legacy boot.\n");
+ else
+ VbExLegacy(altfw_num); /* will not return if found */
+ vb2_error_beep(VB_BEEP_FAILED);
+}
diff --git a/firmware/lib/vboot_ui_menu.c b/firmware/lib/vboot_ui_menu.c
index 1de1d30..9bbc2c7 100644
--- a/firmware/lib/vboot_ui_menu.c
+++ b/firmware/lib/vboot_ui_menu.c
@@ -136,15 +136,10 @@
return VBERROR_KEEP_LOOPING;
}
- if (0 == RollbackKernelLock(0))
- VbExLegacy(0);/* Will not return if successful */
- else
- VB2_DEBUG("Error locking kernel versions on legacy boot.\n");
-
+ vb2_run_altfw(0);
vb2_flash_screen(ctx);
VB2_DEBUG(no_legacy);
VbExDisplayDebugInfo(no_legacy);
- vb2_error_beep(VB_BEEP_FAILED);
return VBERROR_KEEP_LOOPING;
}
