diff options
Diffstat (limited to 'src/security')
-rw-r--r-- | src/security/tpm/tspi/log.c | 6 | ||||
-rw-r--r-- | src/security/tpm/tspi/tspi.c | 16 | ||||
-rw-r--r-- | src/security/tpm/tss.h | 4 | ||||
-rw-r--r-- | src/security/vboot/bootmode.c | 12 | ||||
-rw-r--r-- | src/security/vboot/common.c | 6 | ||||
-rw-r--r-- | src/security/vboot/secdata_tpm.c | 8 | ||||
-rw-r--r-- | src/security/vboot/vbnv.c | 14 | ||||
-rw-r--r-- | src/security/vboot/vbnv_cmos.c | 4 | ||||
-rw-r--r-- | src/security/vboot/vboot_common.c | 4 | ||||
-rw-r--r-- | src/security/vboot/vboot_common.h | 2 | ||||
-rw-r--r-- | src/security/vboot/vboot_crtm.c | 4 | ||||
-rw-r--r-- | src/security/vboot/vboot_crtm.h | 2 | ||||
-rw-r--r-- | src/security/vboot/vboot_handoff.c | 14 | ||||
-rw-r--r-- | src/security/vboot/vboot_loader.c | 28 | ||||
-rw-r--r-- | src/security/vboot/vboot_logic.c | 20 | ||||
-rw-r--r-- | src/security/vboot/verstage.c | 2 |
16 files changed, 73 insertions, 73 deletions
diff --git a/src/security/tpm/tspi/log.c b/src/security/tpm/tspi/log.c index 18ab288dcc..ba4dbc111a 100644 --- a/src/security/tpm/tspi/log.c +++ b/src/security/tpm/tspi/log.c @@ -52,10 +52,10 @@ static struct tcpa_table *tcpa_log_init(void) /* We are dealing here with pre CBMEM environment. * If cbmem isn't available use CAR or SRAM */ if (!cbmem_possibly_online() && - !IS_ENABLED(CONFIG_VBOOT_RETURN_FROM_VERSTAGE)) + !CONFIG(VBOOT_RETURN_FROM_VERSTAGE)) return (struct tcpa_table *)_vboot2_tpm_log; else if (ENV_ROMSTAGE && - !IS_ENABLED(CONFIG_VBOOT_RETURN_FROM_VERSTAGE)) { + !CONFIG(VBOOT_RETURN_FROM_VERSTAGE)) { tclt = tcpa_cbmem_init(); if (!tclt) return (struct tcpa_table *)_vboot2_tpm_log; @@ -136,7 +136,7 @@ void tcpa_preram_log_clear(void) tclt->num_entries = 0; } -#if !IS_ENABLED(CONFIG_VBOOT_RETURN_FROM_VERSTAGE) +#if !CONFIG(VBOOT_RETURN_FROM_VERSTAGE) static void recover_tcpa_log(int is_recovery) { struct tcpa_table *preram_log = (struct tcpa_table *)_vboot2_tpm_log; diff --git a/src/security/tpm/tspi/tspi.c b/src/security/tpm/tspi/tspi.c index f1b72fbff3..aa2dc09bfc 100644 --- a/src/security/tpm/tspi/tspi.c +++ b/src/security/tpm/tspi/tspi.c @@ -22,12 +22,12 @@ #include <security/tpm/tss.h> #include <stdlib.h> #include <string.h> -#if IS_ENABLED(CONFIG_VBOOT) +#if CONFIG(VBOOT) #include <vb2_api.h> #include <assert.h> #endif -#if IS_ENABLED(CONFIG_TPM1) +#if CONFIG(TPM1) static uint32_t tpm1_invoke_state_machine(void) { uint8_t disabled; @@ -51,7 +51,7 @@ static uint32_t tpm1_invoke_state_machine(void) } } - if (!!deactivated != IS_ENABLED(CONFIG_TPM_DEACTIVATE)) { + if (!!deactivated != CONFIG(TPM_DEACTIVATE)) { printk(BIOS_INFO, "TPM: Unexpected TPM deactivated state. Toggling...\n"); result = tlcl_set_deactivated(!deactivated); @@ -167,7 +167,7 @@ uint32_t tpm_setup(int s3flag) } } -#if IS_ENABLED(CONFIG_TPM1) +#if CONFIG(TPM1) result = tpm1_invoke_state_machine(); #endif @@ -185,7 +185,7 @@ uint32_t tpm_clear_and_reenable(void) return result; } -#if IS_ENABLED(CONFIG_TPM1) +#if CONFIG(TPM1) result = tlcl_set_enable(); if (result != TPM_SUCCESS) { printk(BIOS_ERR, "TPM: Can't set enabled state.\n"); @@ -214,14 +214,14 @@ uint32_t tpm_extend_pcr(int pcr, enum vb2_hash_algorithm digest_algo, if (result != TPM_SUCCESS) return result; - if (IS_ENABLED(CONFIG_VBOOT_MEASURED_BOOT)) + if (CONFIG(VBOOT_MEASURED_BOOT)) tcpa_log_add_table_entry(name, pcr, digest_algo, digest, digest_len); return TPM_SUCCESS; } -#if IS_ENABLED(CONFIG_VBOOT) +#if CONFIG(VBOOT) uint32_t tpm_measure_region(const struct region_device *rdev, uint8_t pcr, const char *rname) { @@ -239,7 +239,7 @@ uint32_t tpm_measure_region(const struct region_device *rdev, uint8_t pcr, printk(BIOS_ERR, "TPM: Can't initialize library.\n"); return result; } - if (IS_ENABLED(CONFIG_TPM1)) { + if (CONFIG(TPM1)) { hash_alg = VB2_HASH_SHA1; } else { /* CONFIG_TPM2 */ hash_alg = VB2_HASH_SHA256; diff --git a/src/security/tpm/tss.h b/src/security/tpm/tss.h index c4f2608603..807cb46a3e 100644 --- a/src/security/tpm/tss.h +++ b/src/security/tpm/tss.h @@ -19,7 +19,7 @@ #include <security/tpm/tss_errors.h> #include <security/tpm/tss/vendor/cr50/cr50.h> -#if IS_ENABLED(CONFIG_TPM1) +#if CONFIG(TPM1) #include <security/tpm/tss/tcg-1.2/tss_structures.h> @@ -53,7 +53,7 @@ uint32_t tlcl_get_permanent_flags(TPM_PERMANENT_FLAGS *pflags); #endif -#if IS_ENABLED(CONFIG_TPM2) +#if CONFIG(TPM2) #include <security/tpm/tss/tcg-2.0/tss_structures.h> diff --git a/src/security/vboot/bootmode.c b/src/security/vboot/bootmode.c index 59eaf2f540..fb1fc461b8 100644 --- a/src/security/vboot/bootmode.c +++ b/src/security/vboot/bootmode.c @@ -36,7 +36,7 @@ static int vb2_get_recovery_reason_shared_data(void) void vb2_save_recovery_reason_vbnv(void) { - if (!IS_ENABLED(CONFIG_VBOOT_SAVE_RECOVERY_REASON_ON_REBOOT)) + if (!CONFIG(VBOOT_SAVE_RECOVERY_REASON_ON_REBOOT)) return; int reason = vb2_get_recovery_reason_shared_data(); @@ -48,7 +48,7 @@ void vb2_save_recovery_reason_vbnv(void) static void vb2_clear_recovery_reason_vbnv(void *unused) { - if (!IS_ENABLED(CONFIG_VBOOT_SAVE_RECOVERY_REASON_ON_REBOOT)) + if (!CONFIG(VBOOT_SAVE_RECOVERY_REASON_ON_REBOOT)) return; set_recovery_mode_into_vbnv(0); @@ -73,13 +73,13 @@ BOOT_STATE_INIT_ENTRY(BS_DEV_INIT, BS_ON_EXIT, */ static int vboot_possibly_executed(void) { - if (IS_ENABLED(CONFIG_VBOOT_STARTS_IN_BOOTBLOCK)) { - if (ENV_BOOTBLOCK && IS_ENABLED(CONFIG_VBOOT_SEPARATE_VERSTAGE)) + if (CONFIG(VBOOT_STARTS_IN_BOOTBLOCK)) { + if (ENV_BOOTBLOCK && CONFIG(VBOOT_SEPARATE_VERSTAGE)) return 0; return 1; } - if (IS_ENABLED(CONFIG_VBOOT_STARTS_IN_ROMSTAGE)) { + if (CONFIG(VBOOT_STARTS_IN_ROMSTAGE)) { if (ENV_BOOTBLOCK) return 0; return 1; @@ -169,7 +169,7 @@ int vboot_developer_mode_enabled(void) return 0; } -#if IS_ENABLED(CONFIG_VBOOT_NO_BOARD_SUPPORT) +#if CONFIG(VBOOT_NO_BOARD_SUPPORT) /** * TODO: Create flash protection interface which implements get_write_protect_state. * get_recovery_mode_switch should be implemented as default function. diff --git a/src/security/vboot/common.c b/src/security/vboot/common.c index da4e1ca09f..59c830f1bc 100644 --- a/src/security/vboot/common.c +++ b/src/security/vboot/common.c @@ -44,7 +44,7 @@ static const size_t vb_work_buf_size = 16 * KiB; static struct vb2_working_data * const vboot_get_working_data(void) { - if (IS_ENABLED(CONFIG_VBOOT_STARTS_IN_ROMSTAGE)) + if (CONFIG(VBOOT_STARTS_IN_ROMSTAGE)) /* cbmem_add() does a cbmem_find() first. */ return cbmem_add(CBMEM_ID_VBOOT_WORKBUF, vb_work_buf_size); else @@ -53,7 +53,7 @@ static struct vb2_working_data * const vboot_get_working_data(void) static size_t vb2_working_data_size(void) { - if (IS_ENABLED(CONFIG_VBOOT_STARTS_IN_ROMSTAGE)) + if (CONFIG(VBOOT_STARTS_IN_ROMSTAGE)) return vb_work_buf_size; else return REGION_SIZE(vboot2_work); @@ -171,7 +171,7 @@ void vb2_store_selected_region(void) * Therefore, the selected region contents would not be initialized * so don't automatically add results when cbmem comes online. */ -#if !IS_ENABLED(CONFIG_VBOOT_STARTS_IN_ROMSTAGE) +#if !CONFIG(VBOOT_STARTS_IN_ROMSTAGE) static void vb2_store_selected_region_cbmem(int unused) { vb2_store_selected_region(); diff --git a/src/security/vboot/secdata_tpm.c b/src/security/vboot/secdata_tpm.c index 1ace632aff..39cd6141fd 100644 --- a/src/security/vboot/secdata_tpm.c +++ b/src/security/vboot/secdata_tpm.c @@ -167,7 +167,7 @@ static const uint8_t secdata_kernel[] = { */ static const uint8_t rec_hash_data[REC_HASH_NV_SIZE] = { }; -#if IS_ENABLED(CONFIG_TPM2) +#if CONFIG(TPM2) /* * Different sets of NVRAM space attributes apply to the "ro" spaces, * i.e. those which should not be possible to delete or modify once @@ -264,7 +264,7 @@ static uint32_t _factory_initialize_tpm(struct vb2_context *ctx) */ RETURN_ON_FAILURE(set_kernel_space(secdata_kernel)); - if (IS_ENABLED(CONFIG_VBOOT_HAS_REC_HASH_SPACE)) + if (CONFIG(VBOOT_HAS_REC_HASH_SPACE)) RETURN_ON_FAILURE(set_rec_hash_space(rec_hash_data)); RETURN_ON_FAILURE(set_firmware_space(ctx->secdata)); @@ -385,7 +385,7 @@ static uint32_t _factory_initialize_tpm(struct vb2_context *ctx) VB2_SECDATA_SIZE)); /* Define and set rec hash space, if available. */ - if (IS_ENABLED(CONFIG_VBOOT_HAS_REC_HASH_SPACE)) + if (CONFIG(VBOOT_HAS_REC_HASH_SPACE)) RETURN_ON_FAILURE(set_rec_hash_space(rec_hash_data)); return TPM_SUCCESS; @@ -481,7 +481,7 @@ uint32_t antirollback_read_space_firmware(struct vb2_context *ctx) uint32_t antirollback_write_space_firmware(struct vb2_context *ctx) { - if (IS_ENABLED(CONFIG_CR50_IMMEDIATELY_COMMIT_FW_SECDATA)) + if (CONFIG(CR50_IMMEDIATELY_COMMIT_FW_SECDATA)) tlcl_cr50_enable_nvcommits(); return write_secdata(FIRMWARE_NV_INDEX, ctx->secdata, VB2_SECDATA_SIZE); } diff --git a/src/security/vboot/vbnv.c b/src/security/vboot/vbnv.c index 636e5e3806..b99941875c 100644 --- a/src/security/vboot/vbnv.c +++ b/src/security/vboot/vbnv.c @@ -91,11 +91,11 @@ void regen_vbnv_crc(uint8_t *vbnv_copy) */ void read_vbnv(uint8_t *vbnv_copy) { - if (IS_ENABLED(CONFIG_VBOOT_VBNV_CMOS)) + if (CONFIG(VBOOT_VBNV_CMOS)) read_vbnv_cmos(vbnv_copy); - else if (IS_ENABLED(CONFIG_VBOOT_VBNV_EC)) + else if (CONFIG(VBOOT_VBNV_EC)) read_vbnv_ec(vbnv_copy); - else if (IS_ENABLED(CONFIG_VBOOT_VBNV_FLASH)) + else if (CONFIG(VBOOT_VBNV_FLASH)) read_vbnv_flash(vbnv_copy); /* Check data for consistency */ @@ -109,11 +109,11 @@ void read_vbnv(uint8_t *vbnv_copy) */ void save_vbnv(const uint8_t *vbnv_copy) { - if (IS_ENABLED(CONFIG_VBOOT_VBNV_CMOS)) + if (CONFIG(VBOOT_VBNV_CMOS)) save_vbnv_cmos(vbnv_copy); - else if (IS_ENABLED(CONFIG_VBOOT_VBNV_EC)) + else if (CONFIG(VBOOT_VBNV_EC)) save_vbnv_ec(vbnv_copy); - else if (IS_ENABLED(CONFIG_VBOOT_VBNV_FLASH)) + else if (CONFIG(VBOOT_VBNV_FLASH)) save_vbnv_flash(vbnv_copy); /* Clear initialized flag to force cached data to be updated */ @@ -156,7 +156,7 @@ int vbnv_udc_enable_flag(void) void vbnv_init(uint8_t *vbnv_copy) { - if (IS_ENABLED(CONFIG_VBOOT_VBNV_CMOS)) + if (CONFIG(VBOOT_VBNV_CMOS)) vbnv_init_cmos(vbnv_copy); read_vbnv(vbnv_copy); } diff --git a/src/security/vboot/vbnv_cmos.c b/src/security/vboot/vbnv_cmos.c index 9c801d84fe..7758ef6198 100644 --- a/src/security/vboot/vbnv_cmos.c +++ b/src/security/vboot/vbnv_cmos.c @@ -39,7 +39,7 @@ static void clear_vbnv_battery_cutoff_flag(uint8_t *vbnv_copy) /* Return non-zero if backup was used. */ static int restore_from_backup(uint8_t *vbnv_copy) { - if (!IS_ENABLED(CONFIG_VBOOT_VBNV_CMOS_BACKUP_TO_FLASH)) + if (!CONFIG(VBOOT_VBNV_CMOS_BACKUP_TO_FLASH)) return 0; printk(BIOS_INFO, "VBNV: CMOS invalid, restoring from flash\n"); @@ -99,7 +99,7 @@ void vbnv_init_cmos(uint8_t *vbnv_copy) } } -#if IS_ENABLED(CONFIG_VBOOT_VBNV_CMOS_BACKUP_TO_FLASH) +#if CONFIG(VBOOT_VBNV_CMOS_BACKUP_TO_FLASH) static void back_up_vbnv_cmos(void *unused) { uint8_t vbnv_cmos[VBOOT_VBNV_BLOCK_SIZE]; diff --git a/src/security/vboot/vboot_common.c b/src/security/vboot/vboot_common.c index c80650f3be..51bc682893 100644 --- a/src/security/vboot/vboot_common.c +++ b/src/security/vboot/vboot_common.c @@ -60,7 +60,7 @@ int vboot_get_handoff_info(void **addr, uint32_t *size) * pre-ram stage, then bail out early. */ if (ENV_BOOTBLOCK || - (ENV_VERSTAGE && IS_ENABLED(CONFIG_VBOOT_STARTS_IN_BOOTBLOCK))) + (ENV_VERSTAGE && CONFIG(VBOOT_STARTS_IN_BOOTBLOCK))) return -1; struct vboot_handoff *vboot_handoff; @@ -124,7 +124,7 @@ void __weak vboot_platform_prepare_reboot(void) void vboot_reboot(void) { - if (IS_ENABLED(CONFIG_CONSOLE_CBMEM_DUMP_TO_UART)) + if (CONFIG(CONSOLE_CBMEM_DUMP_TO_UART)) cbmem_dump_console(); vboot_platform_prepare_reboot(); board_reset(); diff --git a/src/security/vboot/vboot_common.h b/src/security/vboot/vboot_common.h index 61f5931fe5..8c92437a3c 100644 --- a/src/security/vboot/vboot_common.h +++ b/src/security/vboot/vboot_common.h @@ -104,7 +104,7 @@ void verstage_main(void); void verstage_mainboard_init(void); /* Check boot modes */ -#if IS_ENABLED(CONFIG_VBOOT) +#if CONFIG(VBOOT) int vboot_developer_mode_enabled(void); int vboot_recovery_mode_enabled(void); int vboot_recovery_mode_memory_retrain(void); diff --git a/src/security/vboot/vboot_crtm.c b/src/security/vboot/vboot_crtm.c index 4e69b7cddd..6aa5103f60 100644 --- a/src/security/vboot/vboot_crtm.c +++ b/src/security/vboot/vboot_crtm.c @@ -88,7 +88,7 @@ uint32_t vboot_init_crtm(void) } } - if (IS_ENABLED(CONFIG_VBOOT_STARTS_IN_ROMSTAGE)) { + if (CONFIG(VBOOT_STARTS_IN_ROMSTAGE)) { struct cbfsf romstage_data; /* measure romstage from RO */ if (cbfs_boot_locate(&romstage_data, @@ -111,7 +111,7 @@ uint32_t vboot_init_crtm(void) } } - if (IS_ENABLED(CONFIG_VBOOT_SEPARATE_VERSTAGE)) { + if (CONFIG(VBOOT_SEPARATE_VERSTAGE)) { struct cbfsf verstage_data; /* measure verstage from RO */ if (cbfs_boot_locate(&verstage_data, diff --git a/src/security/vboot/vboot_crtm.h b/src/security/vboot/vboot_crtm.h index 84ee9e63b5..e1799b8e84 100644 --- a/src/security/vboot/vboot_crtm.h +++ b/src/security/vboot/vboot_crtm.h @@ -46,7 +46,7 @@ */ uint32_t vboot_init_crtm(void); -#if (IS_ENABLED(CONFIG_VBOOT_MEASURED_BOOT) && \ +#if (CONFIG(VBOOT_MEASURED_BOOT) && \ !ENV_BOOTBLOCK && !ENV_DECOMPRESSOR && !ENV_SMM) /* * Measures cbfs data via hook (cbfs) diff --git a/src/security/vboot/vboot_handoff.c b/src/security/vboot/vboot_handoff.c index e8464140b9..2bb26a8974 100644 --- a/src/security/vboot/vboot_handoff.c +++ b/src/security/vboot/vboot_handoff.c @@ -79,18 +79,18 @@ static void fill_vboot_handoff(struct vboot_handoff *vboot_handoff, vb_sd->flags |= VBSD_LF_DEV_SWITCH_ON; } /* TODO: Set these in depthcharge */ - if (!IS_ENABLED(CONFIG_VBOOT_PHYSICAL_DEV_SWITCH)) + if (!CONFIG(VBOOT_PHYSICAL_DEV_SWITCH)) vb_sd->flags |= VBSD_HONOR_VIRT_DEV_SWITCH; - if (IS_ENABLED(CONFIG_VBOOT_EC_SOFTWARE_SYNC)) { + if (CONFIG(VBOOT_EC_SOFTWARE_SYNC)) { vb_sd->flags |= VBSD_EC_SOFTWARE_SYNC; - if (IS_ENABLED(CONFIG_VBOOT_EC_SLOW_UPDATE)) + if (CONFIG(VBOOT_EC_SLOW_UPDATE)) vb_sd->flags |= VBSD_EC_SLOW_UPDATE; - if (IS_ENABLED(CONFIG_VBOOT_EC_EFS)) + if (CONFIG(VBOOT_EC_EFS)) vb_sd->flags |= VBSD_EC_EFS; } - if (!IS_ENABLED(CONFIG_VBOOT_PHYSICAL_REC_SWITCH)) + if (!CONFIG(VBOOT_PHYSICAL_REC_SWITCH)) vb_sd->flags |= VBSD_BOOT_REC_SWITCH_VIRTUAL; - if (IS_ENABLED(CONFIG_VBOOT_OPROM_MATTERS)) { + if (CONFIG(VBOOT_OPROM_MATTERS)) { vb_sd->flags |= VBSD_OPROM_MATTERS; /* * Inform vboot if the display was enabled by dev/rec @@ -179,7 +179,7 @@ void vboot_fill_handoff(void) * Therefore, the vboot results would not be initialized so don't * automatically add results when cbmem comes online. */ -#if !IS_ENABLED(CONFIG_VBOOT_STARTS_IN_ROMSTAGE) +#if !CONFIG(VBOOT_STARTS_IN_ROMSTAGE) static void vb2_fill_handoff_cbmem(int unused) { vboot_fill_handoff(); diff --git a/src/security/vboot/vboot_loader.c b/src/security/vboot/vboot_loader.c index 75f75b5cf8..b6c216d5fa 100644 --- a/src/security/vboot/vboot_loader.c +++ b/src/security/vboot/vboot_loader.c @@ -24,14 +24,14 @@ #include <security/vboot/vboot_common.h> /* Ensure vboot configuration is valid: */ -_Static_assert(IS_ENABLED(CONFIG_VBOOT_STARTS_IN_BOOTBLOCK) + - IS_ENABLED(CONFIG_VBOOT_STARTS_IN_ROMSTAGE) == 1, +_Static_assert(CONFIG(VBOOT_STARTS_IN_BOOTBLOCK) + + CONFIG(VBOOT_STARTS_IN_ROMSTAGE) == 1, "vboot must either start in bootblock or romstage (not both!)"); -_Static_assert(!IS_ENABLED(CONFIG_VBOOT_SEPARATE_VERSTAGE) || - IS_ENABLED(CONFIG_VBOOT_STARTS_IN_BOOTBLOCK), +_Static_assert(!CONFIG(VBOOT_SEPARATE_VERSTAGE) || + CONFIG(VBOOT_STARTS_IN_BOOTBLOCK), "stand-alone verstage must start in (i.e. after) bootblock"); -_Static_assert(!IS_ENABLED(CONFIG_VBOOT_RETURN_FROM_VERSTAGE) || - IS_ENABLED(CONFIG_VBOOT_SEPARATE_VERSTAGE), +_Static_assert(!CONFIG(VBOOT_RETURN_FROM_VERSTAGE) || + CONFIG(VBOOT_SEPARATE_VERSTAGE), "return from verstage only makes sense for separate verstages"); /* The stage loading code is compiled and entered from multiple stages. The @@ -40,11 +40,11 @@ _Static_assert(!IS_ENABLED(CONFIG_VBOOT_RETURN_FROM_VERSTAGE) || static int verification_should_run(void) { - if (IS_ENABLED(CONFIG_VBOOT_SEPARATE_VERSTAGE)) + if (CONFIG(VBOOT_SEPARATE_VERSTAGE)) return ENV_VERSTAGE; - else if (IS_ENABLED(CONFIG_VBOOT_STARTS_IN_ROMSTAGE)) + else if (CONFIG(VBOOT_STARTS_IN_ROMSTAGE)) return ENV_ROMSTAGE; - else if (IS_ENABLED(CONFIG_VBOOT_STARTS_IN_BOOTBLOCK)) + else if (CONFIG(VBOOT_STARTS_IN_BOOTBLOCK)) return ENV_BOOTBLOCK; else die("impossible!"); @@ -52,7 +52,7 @@ static int verification_should_run(void) static int verstage_should_load(void) { - if (IS_ENABLED(CONFIG_VBOOT_SEPARATE_VERSTAGE)) + if (CONFIG(VBOOT_SEPARATE_VERSTAGE)) return ENV_BOOTBLOCK; else return 0; @@ -67,10 +67,10 @@ int vb2_logic_executed(void) if (verstage_should_load() || verification_should_run()) return car_get_var(vboot_executed); - if (IS_ENABLED(CONFIG_VBOOT_STARTS_IN_BOOTBLOCK)) { + if (CONFIG(VBOOT_STARTS_IN_BOOTBLOCK)) { /* All other stages are "after the bootblock" */ return !ENV_BOOTBLOCK; - } else if (IS_ENABLED(CONFIG_VBOOT_STARTS_IN_ROMSTAGE)) { + } else if (CONFIG(VBOOT_STARTS_IN_ROMSTAGE)) { /* Post-RAM stages are "after the romstage" */ #ifdef __PRE_RAM__ return 0; @@ -112,7 +112,7 @@ static void vboot_prepare(void) /* This is not actually possible to hit this condition at * runtime, but this provides a hint to the compiler for dead * code elimination below. */ - if (!IS_ENABLED(CONFIG_VBOOT_RETURN_FROM_VERSTAGE)) + if (!CONFIG(VBOOT_RETURN_FROM_VERSTAGE)) return; car_set_var(vboot_executed, 1); @@ -126,7 +126,7 @@ static void vboot_prepare(void) * other platforms the vboot cbmem objects are initialized when * cbmem comes online. */ - if (ENV_ROMSTAGE && IS_ENABLED(CONFIG_VBOOT_STARTS_IN_ROMSTAGE)) { + if (ENV_ROMSTAGE && CONFIG(VBOOT_STARTS_IN_ROMSTAGE)) { vb2_store_selected_region(); vboot_fill_handoff(); } diff --git a/src/security/vboot/vboot_logic.c b/src/security/vboot/vboot_logic.c index 7ab9824843..4aab795871 100644 --- a/src/security/vboot/vboot_logic.c +++ b/src/security/vboot/vboot_logic.c @@ -113,14 +113,14 @@ static int handle_digest_result(void *slot_hash, size_t slot_hash_sz) * Chrome EC is the only support for vboot_save_hash() & * vboot_retrieve_hash(), if Chrome EC is not enabled then return. */ - if (!IS_ENABLED(CONFIG_EC_GOOGLE_CHROMEEC)) + if (!CONFIG(EC_GOOGLE_CHROMEEC)) return 0; /* * Nothing to do since resuming on the platform doesn't require * vboot verification again. */ - if (!IS_ENABLED(CONFIG_RESUME_PATH_SAME_AS_BOOT)) + if (!CONFIG(RESUME_PATH_SAME_AS_BOOT)) return 0; /* @@ -128,7 +128,7 @@ static int handle_digest_result(void *slot_hash, size_t slot_hash_sz) * RW memory init code is not employed. i.e. memory init code * lives in RO CBFS. */ - if (!IS_ENABLED(CONFIG_VBOOT_STARTS_IN_BOOTBLOCK)) + if (!CONFIG(VBOOT_STARTS_IN_BOOTBLOCK)) return 0; is_resume = vboot_platform_is_resuming(); @@ -306,7 +306,7 @@ void verstage_main(void) * which slot to boot. This is only relevant to vboot if the platform * does verification of memory init and thus must ensure it resumes with * the same slot that it booted from. */ - if (IS_ENABLED(CONFIG_RESUME_PATH_SAME_AS_BOOT) && + if (CONFIG(RESUME_PATH_SAME_AS_BOOT) && vboot_platform_is_resuming()) ctx.flags |= VB2_CONTEXT_S3_RESUME; @@ -318,27 +318,27 @@ void verstage_main(void) timestamp_add_now(TS_END_TPMINIT); /* Enable measured boot mode */ - if (IS_ENABLED(CONFIG_VBOOT_MEASURED_BOOT) && + if (CONFIG(VBOOT_MEASURED_BOOT) && !(ctx.flags & VB2_CONTEXT_S3_RESUME)) { if (vboot_init_crtm() != VB2_SUCCESS) die("Initializing measured boot mode failed!"); } - if (IS_ENABLED(CONFIG_VBOOT_PHYSICAL_DEV_SWITCH) && + if (CONFIG(VBOOT_PHYSICAL_DEV_SWITCH) && get_developer_mode_switch()) ctx.flags |= VB2_CONTEXT_FORCE_DEVELOPER_MODE; if (get_recovery_mode_switch()) { ctx.flags |= VB2_CONTEXT_FORCE_RECOVERY_MODE; - if (IS_ENABLED(CONFIG_VBOOT_DISABLE_DEV_ON_RECOVERY)) + if (CONFIG(VBOOT_DISABLE_DEV_ON_RECOVERY)) ctx.flags |= VB2_CONTEXT_DISABLE_DEVELOPER_MODE; } - if (IS_ENABLED(CONFIG_VBOOT_WIPEOUT_SUPPORTED) && + if (CONFIG(VBOOT_WIPEOUT_SUPPORTED) && get_wipeout_mode_switch()) ctx.flags |= VB2_CONTEXT_FORCE_WIPEOUT_MODE; - if (IS_ENABLED(CONFIG_VBOOT_LID_SWITCH) && !get_lid_switch()) + if (CONFIG(VBOOT_LID_SWITCH) && !get_lid_switch()) ctx.flags |= VB2_CONTEXT_NOFAIL_BOOT; /* Do early init (set up secdata and NVRAM, load GBB) */ @@ -424,7 +424,7 @@ void verstage_main(void) timestamp_add_now(TS_END_TPMLOCK); /* Lock rec hash space if available. */ - if (IS_ENABLED(CONFIG_VBOOT_HAS_REC_HASH_SPACE)) { + if (CONFIG(VBOOT_HAS_REC_HASH_SPACE)) { rv = antirollback_lock_space_rec_hash(); if (rv) { printk(BIOS_INFO, "Failed to lock rec hash space(%x)\n", diff --git a/src/security/vboot/verstage.c b/src/security/vboot/verstage.c index afd73f11e0..ef0bd48850 100644 --- a/src/security/vboot/verstage.c +++ b/src/security/vboot/verstage.c @@ -30,7 +30,7 @@ void main(void) exception_init(); verstage_mainboard_init(); - if (IS_ENABLED(CONFIG_VBOOT_RETURN_FROM_VERSTAGE)) { + if (CONFIG(VBOOT_RETURN_FROM_VERSTAGE)) { verstage_main(); } else { run_romstage(); |