xref: /aosp_15_r20/external/coreboot/src/security/vboot/misc.h (revision b9411a12aaaa7e1e6a6fb7c5e057f44ee179a49c) 
1 /* SPDX-License-Identifier: GPL-2.0-only */
2 
3 #ifndef __VBOOT_MISC_H__
4 #define __VBOOT_MISC_H__
5 
6 #include <assert.h>
7 #include <security/vboot/vboot_common.h>
8 #include <vb2_api.h>
9 
10 /*
11  * Source: security/vboot/common.c
12  */
13 struct vb2_context *vboot_get_context(void);
14 
15 /*
16  * Returns 1 if firmware slot A is used, 0 if slot B is used.
17  */
vboot_is_firmware_slot_a(struct vb2_context * ctx)18 static inline int vboot_is_firmware_slot_a(struct vb2_context *ctx)
19 {
20 	return !(ctx->flags & VB2_CONTEXT_FW_SLOT_B);
21 }
22 
23 /*
24  * Check if given flag is set in the flags field in GBB header.
25  * Return value:
26  * true: Flag is set.
27  * false: Flag is not set.
28  */
vboot_is_gbb_flag_set(enum vb2_gbb_flag flag)29 static inline bool vboot_is_gbb_flag_set(enum vb2_gbb_flag flag)
30 {
31 	return !!(vb2api_gbb_get_flags(vboot_get_context()) & flag);
32 }
33 
34 /*
35  * Locates firmware as a region device. Returns 0 on success, -1 on failure.
36  */
37 int vboot_locate_firmware(struct vb2_context *ctx, struct region_device *fw);
38 
39 /*
40  * The stage loading code is compiled and entered from multiple stages. The
41  * helper functions below attempt to provide more clarity on when certain
42  * code should be called. They are implemented inline for better compile-time
43  * code elimination.
44  */
45 
verification_should_run(void)46 static inline int verification_should_run(void)
47 {
48 	if (CONFIG(VBOOT_SEPARATE_VERSTAGE))
49 		return ENV_SEPARATE_VERSTAGE;
50 	else if (CONFIG(VBOOT_STARTS_IN_ROMSTAGE))
51 		return ENV_RAMINIT;
52 	else if (CONFIG(VBOOT_STARTS_IN_BOOTBLOCK))
53 		return ENV_BOOTBLOCK;
54 	else
55 		dead_code();
56 }
57 
verstage_should_load(void)58 static inline int verstage_should_load(void)
59 {
60 	if (CONFIG(VBOOT_SEPARATE_VERSTAGE) && !CONFIG(VBOOT_STARTS_BEFORE_BOOTBLOCK))
61 		return ENV_BOOTBLOCK;
62 	else
63 		return 0;
64 }
65 
vboot_logic_executed(void)66 static inline int vboot_logic_executed(void)
67 {
68 	extern int vboot_executed;	/* should not be globally accessible */
69 
70 	/* If we are in the stage that runs verification, or in the stage that
71 	   both loads the verstage and is returned to from it afterwards, we
72 	   need to check a global to see if verification has run. */
73 	if (verification_should_run() ||
74 	    (verstage_should_load() && CONFIG(VBOOT_RETURN_FROM_VERSTAGE)))
75 		return vboot_executed;
76 
77 	if (CONFIG(VBOOT_STARTS_IN_BOOTBLOCK)) {
78 		/* All other stages are "after the bootblock" */
79 		return !ENV_BOOTBLOCK;
80 	} else if (CONFIG(VBOOT_STARTS_IN_ROMSTAGE)) {
81 		/* Post-RAM stages are "after the romstage" */
82 		return !ENV_ROMSTAGE_OR_BEFORE;
83 	} else if (CONFIG(VBOOT_STARTS_BEFORE_BOOTBLOCK)) {
84 		return !ENV_SEPARATE_VERSTAGE;
85 	} else {
86 		dead_code();
87 	}
88 }
89 
vboot_hwcrypto_allowed(void)90 static inline bool vboot_hwcrypto_allowed(void)
91 {
92 	/* When not using vboot firmware verification, HW crypto is always allowed. */
93 	if (!CONFIG(VBOOT))
94 		return 1;
95 
96 	/* Before vboot runs we can't check for HW crypto, so err on the side of caution. */
97 	if (!vboot_logic_executed())
98 		return 0;
99 
100 	/* Otherwise, vboot can decide. */
101 	return vb2api_hwcrypto_allowed(vboot_get_context());
102 }
103 
104 #endif /* __VBOOT_MISC_H__ */
105