From 56e2f130a64c9da6319631c19d452e0db978e70b Mon Sep 17 00:00:00 2001
From: Joel Kitching <kitching@google.com>
Date: Sat, 8 Feb 2020 11:17:57 +0800
Subject: vboot: remove VBOOT_SAVE_RECOVERY_REASON_ON_REBOOT option

With CL:1940398, this option is no longer needed.  Recovery
requests are not cleared until kernel verification stage is
reached.  If the FSP triggers any reboots, recovery requests
will be preserved.  In particular:

- Manual requests will be preserved via recovery switch state,
  whose behaviour is modified in CB:38779.
- Other recovery requests will remain in nvdata across reboot.

These functions now only work after verstage has run:
  int vboot_check_recovery_request(void)
  int vboot_recovery_mode_enabled(void)
  int vboot_developer_mode_enabled(void)

BUG=b:124141368, b:35576380
TEST=make clean && make test-abuild
BRANCH=none

Change-Id: I52d17a3c6730be5c04c3c0ae020368d11db6ca3c
Signed-off-by: Joel Kitching <kitching@google.com>
Reviewed-on: https://review.coreboot.org/c/coreboot/+/38780
Reviewed-by: Julius Werner <jwerner@chromium.org>
Reviewed-by: Furquan Shaikh <furquan@google.com>
Tested-by: build bot (Jenkins) <no-reply@coreboot.org>
---
 src/security/vboot/bootmode.c | 80 ++++++-------------------------------------
 1 file changed, 10 insertions(+), 70 deletions(-)

(limited to 'src/security/vboot/bootmode.c')

diff --git a/src/security/vboot/bootmode.c b/src/security/vboot/bootmode.c
index 2a911cbf10..50b3cc3b6c 100644
--- a/src/security/vboot/bootmode.c
+++ b/src/security/vboot/bootmode.c
@@ -24,79 +24,25 @@
 #include <security/vboot/vbnv.h>
 #include <security/vboot/vboot_common.h>
 
-static int vboot_get_recovery_reason_shared_data(void)
-{
-	struct vb2_shared_data *sd = vb2_get_sd(vboot_get_context());
-	assert(sd);
-	return sd->recovery_reason;
-}
-
-void vboot_save_recovery_reason_vbnv(void)
-{
-	if (!CONFIG(VBOOT_SAVE_RECOVERY_REASON_ON_REBOOT))
-		return;
-
-	int reason = vboot_get_recovery_reason_shared_data();
-	if (!reason)
-		return;
-
-	set_recovery_mode_into_vbnv(reason);
-}
-
-static void vboot_clear_recovery_reason_vbnv(void *unused)
-{
-	if (!CONFIG(VBOOT_SAVE_RECOVERY_REASON_ON_REBOOT))
-		return;
-
-	set_recovery_mode_into_vbnv(0);
-}
-
 /*
- * Recovery reason stored in VBNV needs to be cleared before the state of VBNV
- * is backed-up anywhere or jumping to the payload (whichever occurs
- * first). Currently, vbnv_cmos.c backs up VBNV on POST_DEVICE. Thus, we need to
- * make sure that the stored recovery reason is cleared off before that
- * happens.
- * IMPORTANT: Any reboot occurring after BS_DEV_INIT state will cause loss of
- * recovery reason on reboot. Until now, we have seen reboots occurring on x86
- * only in FSP stages which run before BS_DEV_INIT.
+ * Functions which check vboot information should only be called after verstage
+ * has run.  Otherwise, they will hit the assertion in vboot_get_context().
  */
-BOOT_STATE_INIT_ENTRY(BS_DEV_INIT, BS_ON_EXIT,
-		      vboot_clear_recovery_reason_vbnv, NULL);
 
-/*
- * vb2_check_recovery_request looks up different components to identify if there
- * is a recovery request and returns appropriate reason code:
- * 1. Checks if recovery mode is initiated by EC. If yes, returns
- * VB2_RECOVERY_RO_MANUAL.
- * 2. Checks if recovery request is present in VBNV and returns the code read
- * from it.
- * 3. Checks if vboot verification is done. If yes, return the reason code from
- * shared data.
- * 4. If nothing applies, return 0 indicating no recovery request.
- */
 int vboot_check_recovery_request(void)
 {
-	int reason = 0;
-
-	/* EC-initiated recovery. */
-	if (get_recovery_mode_switch())
-		return VB2_RECOVERY_RO_MANUAL;
-
-	/* Recovery request in VBNV. */
-	if ((reason = get_recovery_mode_from_vbnv()) != 0)
-		return reason;
-
-	/* Identify if vboot verification is already complete. */
-	if (vboot_logic_executed())
-		return vboot_get_recovery_reason_shared_data();
-
-	return 0;
+	/* TODO: Expose vb2api_recovery_reason() and vb2api_need_train_and_reboot(). */
+	return vb2_get_sd(vboot_get_context())->recovery_reason;
 }
 
 int vboot_recovery_mode_enabled(void)
 {
-	return !!vboot_check_recovery_request();
+	return vboot_get_context()->flags & VB2_CONTEXT_RECOVERY_MODE;
+}
+
+int vboot_developer_mode_enabled(void)
+{
+	return vboot_get_context()->flags & VB2_CONTEXT_DEVELOPER_MODE;
 }
 
 int __weak clear_recovery_mode_switch(void)
@@ -133,12 +79,6 @@ int vboot_recovery_mode_memory_retrain(void)
 	return get_recovery_mode_retrain_switch();
 }
 
-int vboot_developer_mode_enabled(void)
-{
-	return vboot_logic_executed() &&
-		vboot_get_context()->flags & VB2_CONTEXT_DEVELOPER_MODE;
-}
-
 #if CONFIG(VBOOT_NO_BOARD_SUPPORT)
 /**
  * TODO: Create flash protection interface which implements get_write_protect_state.
-- 
cgit v1.2.3