vboot: add vb2api_phone_recovery_ui_enabled()
Add a new flag VB2_SECDATA_KERNEL_FLAG_PHONE_RECOVERY_UI_DISABLED to
vb2_secdata_kernel_flags to separate phone recovery functionality from
UI instructions. Also add vb2api_phone_recovery_ui_enabled() to control
the UI behavior.
BRANCH=none
BUG=b:156532222
TEST=make runtests
Cq-Depend: chromium:2260155
Change-Id: Ib91a206e680ba2cb47762d8a5c0c0ce146918b7d
Signed-off-by: Yu-Ping Wu <yupingso@chromium.org>
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/vboot_reference/+/2259632
Reviewed-by: Julius Werner <jwerner@chromium.org>
Reviewed-by: Joel Kitching <kitching@chromium.org>
diff --git a/firmware/2lib/2kernel.c b/firmware/2lib/2kernel.c
index 3155d18..dd91ec8 100644
--- a/firmware/2lib/2kernel.c
+++ b/firmware/2lib/2kernel.c
@@ -143,9 +143,10 @@
return rv;
}
- /* Enable phone recovery */
+ /* Enable phone recovery while disabling the UI */
secdata_flags = vb2_secdata_kernel_get(ctx, VB2_SECDATA_KERNEL_FLAGS);
secdata_flags &= ~VB2_SECDATA_KERNEL_FLAG_PHONE_RECOVERY_DISABLED;
+ secdata_flags |= VB2_SECDATA_KERNEL_FLAG_PHONE_RECOVERY_UI_DISABLED;
vb2_secdata_kernel_set(ctx, VB2_SECDATA_KERNEL_FLAGS, secdata_flags);
/* Read kernel version from secdata. */
diff --git a/firmware/2lib/2misc.c b/firmware/2lib/2misc.c
index eaab89d..86b866d 100644
--- a/firmware/2lib/2misc.c
+++ b/firmware/2lib/2misc.c
@@ -506,6 +506,17 @@
VB2_SECDATA_KERNEL_FLAG_PHONE_RECOVERY_DISABLED);
}
+int vb2api_phone_recovery_ui_enabled(struct vb2_context *ctx)
+{
+ /*
+ * When phone recovery functionality is disabled, return 0 even if
+ * PHONE_RECOVERY_UI_DISABLED is not set.
+ */
+ return vb2api_phone_recovery_enabled(ctx) &&
+ !(vb2_secdata_kernel_get(ctx, VB2_SECDATA_KERNEL_FLAGS) &
+ VB2_SECDATA_KERNEL_FLAG_PHONE_RECOVERY_UI_DISABLED);
+}
+
enum vb2_dev_default_boot_target vb2api_get_dev_default_boot_target(
struct vb2_context *ctx)
{
diff --git a/firmware/2lib/2ui_screens.c b/firmware/2lib/2ui_screens.c
index b41146d..042d6d4 100644
--- a/firmware/2lib/2ui_screens.c
+++ b/firmware/2lib/2ui_screens.c
@@ -196,7 +196,7 @@
vb2_error_t recovery_select_init(struct vb2_ui_context *ui)
{
ui->state.selected_item = RECOVERY_SELECT_ITEM_PHONE;
- if (!vb2api_phone_recovery_enabled(ui->ctx)) {
+ if (!vb2api_phone_recovery_ui_enabled(ui->ctx)) {
VB2_DEBUG("WARNING: Phone recovery not available\n");
ui->state.disabled_item_mask |=
1 << RECOVERY_SELECT_ITEM_PHONE;
diff --git a/firmware/2lib/include/2api.h b/firmware/2lib/include/2api.h
index 1696289..9131dea 100644
--- a/firmware/2lib/include/2api.h
+++ b/firmware/2lib/include/2api.h
@@ -854,13 +854,21 @@
uint32_t vb2api_get_locale_id(struct vb2_context *ctx);
/**
- * Whether phone recovery is enabled or not.
+ * Whether phone recovery functionality is enabled or not.
*
* @param ctx Vboot context
* @return 1 if enabled, 0 if disabled.
*/
int vb2api_phone_recovery_enabled(struct vb2_context *ctx);
+/**
+ * Whether phone recovery instructions in recovery UI are enabled or not.
+ *
+ * @param ctx Vboot context
+ * @return 1 if enabled, 0 if disabled.
+ */
+int vb2api_phone_recovery_ui_enabled(struct vb2_context *ctx);
+
/* Default boot target in developer mode. */
enum vb2_dev_default_boot_target {
/* Default to boot from internal disk. */
diff --git a/firmware/2lib/include/2secdata.h b/firmware/2lib/include/2secdata.h
index 56ebb3b..3b2fa3c 100644
--- a/firmware/2lib/include/2secdata.h
+++ b/firmware/2lib/include/2secdata.h
@@ -89,15 +89,17 @@
/* Flags for kernel space */
enum vb2_secdata_kernel_flags {
/*
- * Phone recovery is disabled.
+ * Phone recovery functionality is disabled.
*
- * RW firmware currently sets this flag to disable phone recovery on
- * first boot (see function vb2api_kernel_phase1()). A future RW update
- * will flip this flag back to 0 when phone recovery is ready. In the
- * case that there are TPM communication issues, phone recovery is
- * enabled by the default value of 0. See b/147744345 for details.
+ * RW firmware currently clears this flag to enable phone recovery on
+ * first boot (see function vb2api_kernel_phase1()). In the case that
+ * there are TPM communication issues, phone recovery is enabled by the
+ * default value of 0. See b/147744345 for details.
*/
VB2_SECDATA_KERNEL_FLAG_PHONE_RECOVERY_DISABLED = (1 << 0),
+
+ /* Phone recovery instructions in recovery UI are disabled. */
+ VB2_SECDATA_KERNEL_FLAG_PHONE_RECOVERY_UI_DISABLED = (1 << 1),
};
/**
diff --git a/tests/vb2_kernel_tests.c b/tests/vb2_kernel_tests.c
index 09ef706..216776d 100644
--- a/tests/vb2_kernel_tests.c
+++ b/tests/vb2_kernel_tests.c
@@ -213,9 +213,11 @@
" key data");
TEST_EQ(sd->kernel_version_secdata, 0x20002,
" secdata_kernel version");
- /* Make sure phone recovery is enabled */
+ /* Make sure phone recovery functionality is enabled, but UI disabled */
TEST_EQ(vb2api_phone_recovery_enabled(ctx), 1,
" phone recovery enabled");
+ TEST_EQ(vb2api_phone_recovery_ui_enabled(ctx), 0,
+ " phone recovery ui disabled");
/* Bad secdata_fwmp causes failure in normal mode only */
reset_common_data(FOR_PHASE1);
diff --git a/tests/vb2_misc_tests.c b/tests/vb2_misc_tests.c
index b82076f..0f89ee5 100644
--- a/tests/vb2_misc_tests.c
+++ b/tests/vb2_misc_tests.c
@@ -839,6 +839,8 @@
vb2_secdata_kernel_init(ctx);
TEST_EQ(vb2api_phone_recovery_enabled(ctx), 1,
"phone recovery enabled");
+ TEST_EQ(vb2api_phone_recovery_ui_enabled(ctx), 1,
+ " ui also enabled");
/* Phone recovery disabled */
reset_common_data();
@@ -848,6 +850,20 @@
VB2_SECDATA_KERNEL_FLAG_PHONE_RECOVERY_DISABLED);
TEST_EQ(vb2api_phone_recovery_enabled(ctx), 0,
"phone recovery disabled");
+ TEST_EQ(vb2api_phone_recovery_ui_enabled(ctx), 0,
+ " ui also disabled");
+
+ /* Only UI disabled */
+ reset_common_data();
+ vb2api_secdata_kernel_create(ctx);
+ vb2_secdata_kernel_init(ctx);
+ vb2_secdata_kernel_set(
+ ctx, VB2_SECDATA_KERNEL_FLAGS,
+ VB2_SECDATA_KERNEL_FLAG_PHONE_RECOVERY_UI_DISABLED);
+ TEST_EQ(vb2api_phone_recovery_enabled(ctx), 1,
+ "phone recovery enabled again");
+ TEST_EQ(vb2api_phone_recovery_ui_enabled(ctx), 0,
+ " ui disabled");
}
static void dev_default_boot_tests(void)