diff options
Diffstat (limited to 'src/vendorcode/google/chromeos')
-rw-r--r-- | src/vendorcode/google/chromeos/Kconfig | 164 | ||||
-rw-r--r-- | src/vendorcode/google/chromeos/Makefile.inc | 116 | ||||
-rw-r--r-- | src/vendorcode/google/chromeos/chromeos.c | 35 |
3 files changed, 0 insertions, 315 deletions
diff --git a/src/vendorcode/google/chromeos/Kconfig b/src/vendorcode/google/chromeos/Kconfig index 62e60d40d4..ab2478212d 100644 --- a/src/vendorcode/google/chromeos/Kconfig +++ b/src/vendorcode/google/chromeos/Kconfig @@ -59,24 +59,6 @@ config CHROMEOS_RAMOOPS_RAM_SIZE default 0x00100000 depends on CHROMEOS_RAMOOPS -config EC_SOFTWARE_SYNC - bool "Enable EC software sync" - default y if EC_GOOGLE_CHROMEEC - default n - depends on VBOOT - help - EC software sync is a mechanism where the AP helps the EC verify its - firmware similar to how vboot verifies the main system firmware. This - option selects whether depthcharge should support EC software sync. - -config VBOOT_EC_SLOW_UPDATE - bool "EC is slow to update" - default n - depends on EC_SOFTWARE_SYNC - help - Whether the EC (or PD) is slow to update and needs to display a - screen that informs the user the update is happening. - config NO_TPM_RESUME bool default n @@ -85,55 +67,12 @@ config NO_TPM_RESUME boards, booting Windows will break if the TPM resume command is sent during an S3 resume. -config PHYSICAL_DEV_SWITCH - bool - default n - help - Whether this platform has a physical developer switch. Note that this - disables virtual dev switch functionality (through secdata). Operation - where both a physical pin and the virtual switch get sampled is not - supported by coreboot. - -config PHYSICAL_REC_SWITCH - bool - default n - help - Whether this platform has a physical recovery switch - -config LID_SWITCH - bool "Lid switch is present" - default n - help - Whether this platform has a lid switch - -config WIPEOUT_SUPPORTED - bool "User is able to request factory reset" - default n - help - When this option is enabled, the firmware provides the ability to - signal the application the need for factory reset (a.k.a. wipe - out) of the device - config HAVE_REGULATORY_DOMAIN bool "Add regulatory domain methods" default n help This option is needed to add ACPI regulatory domain methods -config CHROMEOS_FWID_MODEL - string "Chrome OS Firmware ID model" - default "$(CONFIG_MAINBOARD_VENDOR)_$(CONFIG_MAINBOARD_PART_NUMBER)" - help - This is the first part of the FWID written to various regions of a - Chrome OS firmware image to identify its version. - -config CHROMEOS_FWID_VERSION - string "Chrome OS Firmware ID version" - default "$(KERNELVERSION)" - help - This is the second part of the FWID written to various regions of a - Chrome OS firmware image to identify its version. - config CHROMEOS_DISABLE_PLATFORM_HIERARCHY_ON_RESUME bool default y @@ -148,108 +87,5 @@ config CHROMEOS_DISABLE_PLATFORM_HIERARCHY_ON_RESUME on normal boot as well as resume and coreboot is only involved in the resume piece w.r.t. the platform hierarchy. -menu "GBB configuration" - -config GBB_HWID - string "Hardware ID" - default "NOCONF HWID" - -config GBB_BMPFV_FILE - string "Path to bmpfv image" - default "" - -config GBB_FLAG_DEV_SCREEN_SHORT_DELAY - bool "Reduce dev screen delay" - default n - -config GBB_FLAG_LOAD_OPTION_ROMS - bool "Load option ROMs" - default n - -config GBB_FLAG_ENABLE_ALTERNATE_OS - bool "Allow booting a non-Chrome OS kernel if dev switch is on" - default n - -config GBB_FLAG_FORCE_DEV_SWITCH_ON - bool "Force dev switch on" - default n - -config GBB_FLAG_FORCE_DEV_BOOT_USB - bool "Allow booting from USB in dev mode even if dev_boot_usb=0" - default y - -config GBB_FLAG_DISABLE_FW_ROLLBACK_CHECK - bool "Disable firmware rollback protection" - default y - -config GBB_FLAG_ENTER_TRIGGERS_TONORM - bool "Return to normal boot with Enter" - default n - -config GBB_FLAG_FORCE_DEV_BOOT_LEGACY - bool "Allow booting to legacy in dev mode even if dev_boot_legacy=0" - default n - -config GBB_FLAG_FAFT_KEY_OVERIDE - bool "Allow booting using alternative keys for FAFT servo testing" - default n - -config GBB_FLAG_DISABLE_EC_SOFTWARE_SYNC - bool "Disable EC software sync" - default n - -config GBB_FLAG_DEFAULT_DEV_BOOT_LEGACY - bool "Default to booting to legacy in dev mode" - default n - -config GBB_FLAG_DISABLE_PD_SOFTWARE_SYNC - bool "Disable PD software sync" - default n - -config GBB_FLAG_DISABLE_LID_SHUTDOWN - bool "Disable shutdown on closed lid" - default n - -config GBB_FLAG_FORCE_DEV_BOOT_FASTBOOT_FULL_CAP - bool "Allow fastboot even if dev_boot_fastboot_full_cap=0" - default n - -config GBB_FLAG_ENABLE_SERIAL - bool "Tell vboot to enable serial console" - default n - -endmenu # GBB - -menu "Vboot Keys" -config VBOOT_ROOT_KEY - string "Root key (public)" - default "$(VBOOT_SOURCE)/tests/devkeys/root_key.vbpubk" - -config VBOOT_RECOVERY_KEY - string "Recovery key (public)" - default "$(VBOOT_SOURCE)/tests/devkeys/recovery_key.vbpubk" - -config VBOOT_FIRMWARE_PRIVKEY - string "Firmware key (private)" - default "$(VBOOT_SOURCE)/tests/devkeys/firmware_data_key.vbprivk" - -config VBOOT_KERNEL_KEY - string "Kernel subkey (public)" - default "$(VBOOT_SOURCE)/tests/devkeys/kernel_subkey.vbpubk" - -config VBOOT_KEYBLOCK - string "Keyblock to use for the RW regions" - default "$(VBOOT_SOURCE)/tests/devkeys/firmware.keyblock" - -config VBOOT_KEYBLOCK_VERSION - int "Keyblock version number" - default 1 - -config VBOOT_KEYBLOCK_PREAMBLE_FLAGS - hex "Keyblock preamble flags" - default 0x0 - -endmenu # Keys - endif # CHROMEOS endmenu diff --git a/src/vendorcode/google/chromeos/Makefile.inc b/src/vendorcode/google/chromeos/Makefile.inc index 3326ced1eb..22352ef243 100644 --- a/src/vendorcode/google/chromeos/Makefile.inc +++ b/src/vendorcode/google/chromeos/Makefile.inc @@ -13,11 +13,6 @@ ## GNU General Public License for more details. ## -bootblock-y += chromeos.c -verstage-y += chromeos.c -romstage-y += chromeos.c -ramstage-y += chromeos.c - ramstage-$(CONFIG_ELOG) += elog.c ramstage-$(CONFIG_HAVE_ACPI_TABLES) += gnvs.c ramstage-$(CONFIG_HAVE_ACPI_TABLES) += acpi.c @@ -31,114 +26,3 @@ ifeq ($(CONFIG_ARCH_MIPS),) bootblock-y += watchdog.c ramstage-y += watchdog.c endif - -CONFIG_GBB_HWID := $(call strip_quotes,$(CONFIG_GBB_HWID)) -CONFIG_GBB_BMPFV_FILE := $(call strip_quotes,$(CONFIG_GBB_BMPFV_FILE)) -CONFIG_VBOOT_KEYBLOCK := $(call strip_quotes,$(CONFIG_VBOOT_KEYBLOCK)) -CONFIG_VBOOT_FIRMWARE_PRIVKEY := $(call strip_quotes,$(CONFIG_VBOOT_FIRMWARE_PRIVKEY)) -CONFIG_VBOOT_KERNEL_KEY := $(call strip_quotes,$(CONFIG_VBOOT_KERNEL_KEY)) -CONFIG_CHROMEOS_FWID_MODEL := $(call strip_quotes,$(CONFIG_CHROMEOS_FWID_MODEL)) -CONFIG_CHROMEOS_FWID_VERSION := $(call strip_quotes,$(CONFIG_CHROMEOS_FWID_VERSION)) - -# bool-to-mask(var, value) -# return "value" if var is "y", 0 otherwise -bool-to-mask = $(if $(filter y,$(1)),$(2),0) - -GBB_FLAGS := $(call int-add, \ - $(call bool-to-mask,$(CONFIG_GBB_FLAG_DEV_SCREEN_SHORT_DELAY),0x1) \ - $(call bool-to-mask,$(CONFIG_GBB_FLAG_LOAD_OPTION_ROMS),0x2) \ - $(call bool-to-mask,$(CONFIG_GBB_FLAG_ENABLE_ALTERNATE_OS),0x4) \ - $(call bool-to-mask,$(CONFIG_GBB_FLAG_FORCE_DEV_SWITCH_ON),0x8) \ - $(call bool-to-mask,$(CONFIG_GBB_FLAG_FORCE_DEV_BOOT_USB),0x10) \ - $(call bool-to-mask,$(CONFIG_GBB_FLAG_DISABLE_FW_ROLLBACK_CHECK),0x20) \ - $(call bool-to-mask,$(CONFIG_GBB_FLAG_ENTER_TRIGGERS_TONORM),0x40) \ - $(call bool-to-mask,$(CONFIG_GBB_FLAG_FORCE_DEV_BOOT_LEGACY),0x80) \ - $(call bool-to-mask,$(CONFIG_GBB_FLAG_FAFT_KEY_OVERIDE),0x100) \ - $(call bool-to-mask,$(CONFIG_GBB_FLAG_DISABLE_EC_SOFTWARE_SYNC),0x200) \ - $(call bool-to-mask,$(CONFIG_GBB_FLAG_DEFAULT_DEV_BOOT_LEGACY),0x400) \ - $(call bool-to-mask,$(CONFIG_GBB_FLAG_DISABLE_PD_SOFTWARE_SYNC),0x800) \ - $(call bool-to-mask,$(CONFIG_GBB_FLAG_DISABLE_LID_SHUTDOWN),0x1000) \ - $(call bool-to-mask,$(CONFIG_GBB_FLAG_FORCE_DEV_BOOT_FASTBOOT_FULL_CAP),0x2000) \ - $(call bool-to-mask,$(CONFIG_GBB_FLAG_ENABLE_SERIAL),0x4000) \ - ) - -ifneq ($(CONFIG_GBB_BMPFV_FILE),) -$(obj)/gbb.sizetmp: $(obj)/coreboot.rom - $(CBFSTOOL) $< read -r GBB -f $@ - -$(obj)/gbb.stub: $(obj)/coreboot.rom $(FUTILITY) $(obj)/gbb.sizetmp - @printf " CREATE GBB (with BMPFV)\n" - $(FUTILITY) gbb_utility -c 0x100,0x1000,$(call int-subtract,$(call file-size,$(obj)/gbb.sizetmp) 0x2180),0x1000 $@.tmp - mv $@.tmp $@ -else -$(obj)/gbb.stub: $(obj)/coreboot.rom $(FUTILITY) - @printf " CREATE GBB (without BMPFV)\n" - $(FUTILITY) gbb_utility -c 0x100,0x1000,0,0x1000 $@.tmp - mv $@.tmp $@ -endif - -$(obj)/gbb.region: $(obj)/gbb.stub - @printf " SETUP GBB\n" - cp $< $@.tmp - $(FUTILITY) gbb_utility -s \ - --hwid="$(CONFIG_GBB_HWID)" \ - --rootkey="$(CONFIG_VBOOT_ROOT_KEY)" \ - --recoverykey="$(CONFIG_VBOOT_RECOVERY_KEY)" \ - --flags=$(GBB_FLAGS) \ - $@.tmp -ifneq ($(CONFIG_GBB_BMPFV_FILE),) - $(FUTILITY) gbb_utility -s \ - --bmpfv="$(CONFIG_GBB_BMPFV_FILE)" \ - $@.tmp -endif - mv $@.tmp $@ - -$(obj)/fwid.region: - printf "$(CONFIG_CHROMEOS_FWID_MODEL)$(CONFIG_CHROMEOS_FWID_VERSION)\0" > $@ - -build_complete:: $(obj)/gbb.region $(obj)/fwid.region - @printf " WRITE GBB\n" - $(CBFSTOOL) $(obj)/coreboot.rom write -u -r GBB -i 0 -f $(obj)/gbb.region - $(CBFSTOOL) $(obj)/coreboot.rom write -u -r RO_FRID -i 0 -f $(obj)/fwid.region - $(CBFSTOOL) $(obj)/coreboot.rom write -u -r RW_FWID_A -i 0 -f $(obj)/fwid.region - $(CBFSTOOL) $(obj)/coreboot.rom write -u -r RW_FWID_B -i 0 -f $(obj)/fwid.region - -ifneq ($(shell grep "SHARED_DATA" "$(CONFIG_FMDFILE)"),) -build_complete:: - printf "\0" > $(obj)/shared_data.region - $(CBFSTOOL) $(obj)/coreboot.rom write -u -r SHARED_DATA -i 0 -f $(obj)/shared_data.region -endif - -# Extract FW_MAIN_? region and minimize it if the last file is empty, so it -# doesn't contain this empty file (that can have a significant size), -# improving a lot on hash times due to a smaller amount of data loaded from -# firmware storage. -# When passing the minimized image to vbutil_firmware, its length is recorded -# in the keyblock, and coreboot's vboot code clips the region_device to match, -# which prevents any potential extension attacks. -$(obj)/FW_MAIN_%.bin: $(obj)/coreboot.rom - $(CBFSTOOL) $< read -r $(basename $(notdir $@)) -f $@.tmp - $(CBFSTOOL) $(obj)/coreboot.rom print -k -r $(basename $(notdir $@)) | \ - tail -1 | \ - sed "s,^(empty)[[:space:]]\(0x[0-9a-f]*\)\tnull\t.*$$,\1," \ - > $@.tmp.size - if [ -n "$$(cat $@.tmp.size)" ] && [ $$( printf "%d" $$(cat $@.tmp.size)) -gt 0 ]; then \ - head -c $$( printf "%d" $$(cat $@.tmp.size)) $@.tmp > $@.tmp2 && \ - mv $@.tmp2 $@; \ - else \ - mv $@.tmp $@; \ - fi - -$(obj)/VBLOCK_%.bin: $(obj)/FW_MAIN_%.bin $(FUTILITY) - $(FUTILITY) vbutil_firmware \ - --vblock $@ \ - --keyblock "$(CONFIG_VBOOT_KEYBLOCK)" \ - --signprivate "$(CONFIG_VBOOT_FIRMWARE_PRIVKEY)" \ - --version $(CONFIG_VBOOT_KEYBLOCK_VERSION) \ - --fv $< \ - --kernelkey "$(CONFIG_VBOOT_KERNEL_KEY)" \ - --flags $(CONFIG_VBOOT_KEYBLOCK_PREAMBLE_FLAGS) - -files_added:: $(obj)/VBLOCK_A.bin $(obj)/VBLOCK_B.bin - $(CBFSTOOL) $(obj)/coreboot.rom write -u -r VBLOCK_A -f $(obj)/VBLOCK_A.bin - $(CBFSTOOL) $(obj)/coreboot.rom write -u -r VBLOCK_B -f $(obj)/VBLOCK_B.bin diff --git a/src/vendorcode/google/chromeos/chromeos.c b/src/vendorcode/google/chromeos/chromeos.c deleted file mode 100644 index 515b79f45d..0000000000 --- a/src/vendorcode/google/chromeos/chromeos.c +++ /dev/null @@ -1,35 +0,0 @@ -/* - * This file is part of the coreboot project. - * - * Copyright (C) 2011 The ChromiumOS Authors. All rights reserved. - * - * This program is free software; you can redistribute it and/or modify - * it under the terms of the GNU General Public License as published by - * the Free Software Foundation; version 2 of the License. - * - * This program is distributed in the hope that it will be useful, - * but WITHOUT ANY WARRANTY; without even the implied warranty of - * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the - * GNU General Public License for more details. - */ - -#include <stddef.h> -#include <string.h> -#include "chromeos.h" - -int __attribute__((weak)) clear_recovery_mode_switch(void) -{ - // Weak implementation. Nothing to do. - return 0; -} - -int __attribute__((weak)) get_sw_write_protect_state(void) -{ - // Can be implemented by a platform / mainboard - return 0; -} - -void __attribute__((weak)) log_recovery_mode_switch(void) -{ - // Weak implementation. Nothing to do. -} |