diff options
author | Wim Vervoorn <wvervoorn@eltan.com> | 2019-11-01 10:22:22 +0100 |
---|---|---|
committer | Patrick Georgi <pgeorgi@google.com> | 2019-11-05 15:03:44 +0000 |
commit | 1058dd84f06fa2fcbdd99eb99da07dccdf5b9722 (patch) | |
tree | ba7a35d891d204c81658fc6d1fb0de05e6ee94a3 /src/arch | |
parent | 397ce3c45fc8d2469c07565879c09d8fb00626ec (diff) | |
download | coreboot-1058dd84f06fa2fcbdd99eb99da07dccdf5b9722.tar.xz |
security/vboot: Removed vboot_prepare from vboot_locator
When prog_locate() is called in the stage VBOOT is starting from and the
image to be loaded is not the target image vboot_prepare() may be called
too early.
To prevent this vboot_prepare() is removed from the vboot_locator
structure. This allows more control over the start of the vboot logic.
To clarify the change the vboot_prepare() has been renamed to
vboot_run_logic() and calls to initialize vboot have been added at the
following places:
postcar_loader: when VBOOT starts in ROMSTAGE
romstage_loader: when VBOOT starts in BOOTBLOCK
ramstage_loader: when VBOOT starts in ROMSTAGE
BUG=N/A
TEST=tested on facebook fbg1701
Change-Id: Id5e8fd78458c09dd3896bfd142bd49c2c3d686df
Signed-off-by: Wim Vervoorn <wvervoorn@eltan.com>
Reviewed-on: https://review.coreboot.org/c/coreboot/+/36543
Reviewed-by: Frans Hendriks <fhendriks@eltan.com>
Tested-by: build bot (Jenkins) <no-reply@coreboot.org>
Diffstat (limited to 'src/arch')
-rw-r--r-- | src/arch/x86/postcar_loader.c | 3 |
1 files changed, 3 insertions, 0 deletions
diff --git a/src/arch/x86/postcar_loader.c b/src/arch/x86/postcar_loader.c index 0a5d50cc1a..868b770c18 100644 --- a/src/arch/x86/postcar_loader.c +++ b/src/arch/x86/postcar_loader.c @@ -23,6 +23,7 @@ #include <romstage_handoff.h> #include <stage_cache.h> #include <timestamp.h> +#include <security/vboot/vboot_common.h> static inline void stack_push(struct postcar_frame *pcf, uint32_t val) { @@ -171,6 +172,8 @@ static void load_postcar_cbfs(struct prog *prog, struct postcar_frame *pcf) .prog = prog, }; + vboot_run_logic(); + if (prog_locate(prog)) die_with_post_code(POST_INVALID_ROM, "Failed to locate after CAR program.\n"); |