xref: /aosp_15_r20/external/coreboot/src/security/vboot/vbnv_flash.c (revision b9411a12aaaa7e1e6a6fb7c5e057f44ee179a49c) 
1 /* SPDX-License-Identifier: GPL-2.0-only */
2 
3 #include <commonlib/region.h>
4 #include <console/console.h>
5 #include <fmap.h>
6 #include <fmap_config.h>
7 #include <string.h>
8 #include <vb2_api.h>
9 #include <security/vboot/vboot_common.h>
10 #include <security/vboot/vbnv.h>
11 #include <security/vboot/vbnv_layout.h>
12 
13 #define BLOB_SIZE VB2_NVDATA_SIZE
14 
15 struct vbnv_flash_ctx {
16 	/* VBNV flash is initialized */
17 	int initialized;
18 
19 	/* Offset of the current nvdata in flash */
20 	int blob_offset;
21 
22 	/* Offset of the topmost nvdata blob in flash */
23 	int top_offset;
24 
25 	/* Region to store and retrieve the VBNV contents. */
26 	struct region_device vbnv_dev;
27 
28 	/* Cache of the current nvdata */
29 	uint8_t cache[BLOB_SIZE];
30 };
31 static struct vbnv_flash_ctx vbnv_flash;
32 
33 /*
34  * This code assumes that flash is erased to 1-bits, and write operations can
35  * only change 1-bits to 0-bits. So if the new contents only change 1-bits to
36  * 0-bits, we can reuse the current blob.
37  */
erase_value(void)38 static inline uint8_t erase_value(void)
39 {
40 	return 0xff;
41 }
42 
can_overwrite(uint8_t current,uint8_t new)43 static inline int can_overwrite(uint8_t current, uint8_t new)
44 {
45 	return (current & new) == new;
46 }
47 
48 _Static_assert(FMAP_SECTION_RW_NVRAM_SIZE >= BLOB_SIZE,
49 	       "RW_NVRAM FMAP section not present or too small");
50 
init_vbnv(void)51 static int init_vbnv(void)
52 {
53 	struct vbnv_flash_ctx *ctx = &vbnv_flash;
54 	struct region_device *rdev = &ctx->vbnv_dev;
55 	uint8_t buf[BLOB_SIZE];
56 	uint8_t empty_blob[BLOB_SIZE];
57 	int used_below, empty_above;
58 	int offset;
59 	int i;
60 
61 	if (fmap_locate_area_as_rdev_rw("RW_NVRAM", rdev) ||
62 	    region_device_sz(rdev) < BLOB_SIZE) {
63 		printk(BIOS_ERR, "%s: failed to locate NVRAM\n", __func__);
64 		return 1;
65 	}
66 
67 	/* Prepare an empty blob to compare against. */
68 	for (i = 0; i < BLOB_SIZE; i++)
69 		empty_blob[i] = erase_value();
70 
71 	ctx->top_offset = region_device_sz(rdev) - BLOB_SIZE;
72 
73 	/* Binary search for the border between used and empty */
74 	used_below = 0;
75 	empty_above = region_device_sz(rdev) / BLOB_SIZE;
76 
77 	while (used_below + 1 < empty_above) {
78 		int guess = (used_below + empty_above) / 2;
79 		if (rdev_readat(rdev, buf, guess * BLOB_SIZE, BLOB_SIZE) < 0) {
80 			printk(BIOS_ERR, "failed to read nvdata\n");
81 			return 1;
82 		}
83 		if (!memcmp(buf, empty_blob, BLOB_SIZE))
84 			empty_above = guess;
85 		else
86 			used_below = guess;
87 	}
88 
89 	/*
90 	 * Offset points to the last non-empty blob.  Or if all blobs are empty
91 	 * (nvram is totally erased), point to the first blob.
92 	 */
93 	offset = used_below * BLOB_SIZE;
94 
95 	/* reread the nvdata and write it to the cache */
96 	if (rdev_readat(rdev, ctx->cache, offset, BLOB_SIZE) < 0) {
97 		printk(BIOS_ERR, "failed to read nvdata\n");
98 		return 1;
99 	}
100 
101 	ctx->blob_offset = offset;
102 	ctx->initialized = 1;
103 
104 	return 0;
105 }
106 
erase_nvram(void)107 static int erase_nvram(void)
108 {
109 	struct vbnv_flash_ctx *ctx = &vbnv_flash;
110 	const struct region_device *rdev = &ctx->vbnv_dev;
111 
112 	if (rdev_eraseat(rdev, 0, region_device_sz(rdev)) < 0) {
113 		printk(BIOS_ERR, "failed to erase nvram\n");
114 		return 1;
115 	}
116 
117 	printk(BIOS_INFO, "nvram is cleared\n");
118 	return 0;
119 }
120 
read_vbnv_flash(uint8_t * vbnv_copy)121 void read_vbnv_flash(uint8_t *vbnv_copy)
122 {
123 	struct vbnv_flash_ctx *ctx = &vbnv_flash;
124 
125 	if (!ctx->initialized)
126 		if (init_vbnv())
127 			return;  /* error */
128 
129 	memcpy(vbnv_copy, ctx->cache, BLOB_SIZE);
130 }
131 
save_vbnv_flash(const uint8_t * vbnv_copy)132 void save_vbnv_flash(const uint8_t *vbnv_copy)
133 {
134 	struct vbnv_flash_ctx *ctx = &vbnv_flash;
135 	int new_offset;
136 	int i;
137 	const struct region_device *rdev = &ctx->vbnv_dev;
138 
139 	if (!ctx->initialized)
140 		if (init_vbnv())
141 			return;  /* error */
142 
143 	/* Bail out if there have been no changes. */
144 	if (!memcmp(vbnv_copy, ctx->cache, BLOB_SIZE))
145 		return;
146 
147 	new_offset = ctx->blob_offset;
148 
149 	/* See if we can overwrite the current blob with the new one */
150 	for (i = 0; i < BLOB_SIZE; i++) {
151 		if (!can_overwrite(ctx->cache[i], vbnv_copy[i])) {
152 			/* unable to overwrite. need to use the next blob */
153 			new_offset += BLOB_SIZE;
154 			if (new_offset > ctx->top_offset) {
155 				if (erase_nvram())
156 					return;  /* error */
157 				new_offset = 0;
158 			}
159 			break;
160 		}
161 	}
162 
163 	if (rdev_writeat(rdev, vbnv_copy, new_offset, BLOB_SIZE) == BLOB_SIZE) {
164 		/* write was successful. safely move pointer forward */
165 		ctx->blob_offset = new_offset;
166 		memcpy(ctx->cache, vbnv_copy, BLOB_SIZE);
167 	} else {
168 		printk(BIOS_ERR, "failed to save nvdata\n");
169 	}
170 }
171