diff --git a/boot/Kconfig b/boot/Kconfig index b8db8cd796..e0f09e21ef 100644 --- a/boot/Kconfig +++ b/boot/Kconfig @@ -398,6 +398,16 @@ config BOOTMETH_EFILOADER This provides a way to try out standard boot on an existing boot flow. +config BOOTMETH_VBE + bool "Bootdev support for Verified Boot for Embedded" + depends on FIT + default y + select BOOTMETH_GLOBAL + help + Enables support for VBE boot. This is a standard boot method which + supports selection of various firmware components, seleciton of an OS to + boot as well as updating these using fwupd. + config BOOTMETH_SANDBOX def_bool y depends on SANDBOX diff --git a/boot/Makefile b/boot/Makefile index 854b3913b2..c52c96977f 100644 --- a/boot/Makefile +++ b/boot/Makefile @@ -46,3 +46,5 @@ obj-$(CONFIG_CMD_ADTIMG) += image-android-dt.o ifdef CONFIG_SPL_BUILD obj-$(CONFIG_SPL_LOAD_FIT) += common_fit.o endif + +obj-$(CONFIG_$(SPL_TPL_)BOOTMETH_VBE) += vbe.o diff --git a/boot/vbe.c b/boot/vbe.c new file mode 100644 index 0000000000..e6ee087dc2 --- /dev/null +++ b/boot/vbe.c @@ -0,0 +1,119 @@ +// SPDX-License-Identifier: GPL-2.0 +/* + * Verified Boot for Embedded (VBE) access functions + * + * Copyright 2022 Google LLC + * Written by Simon Glass + */ + +#include +#include +#include +#include +#include +#include +#include + +/** + * is_vbe() - Check if a device is a VBE method + * + * @dev: Device to check + * @return true if this is a VBE bootmth device, else false + */ +static bool is_vbe(struct udevice *dev) +{ + return !strncmp("vbe", dev->driver->name, 3); +} + +int vbe_find_next_device(struct udevice **devp) +{ + for (uclass_find_next_device(devp); + *devp; + uclass_find_next_device(devp)) { + if (is_vbe(*devp)) + return 0; + } + + return 0; +} + +int vbe_find_first_device(struct udevice **devp) +{ + uclass_find_first_device(UCLASS_BOOTMETH, devp); + if (*devp && is_vbe(*devp)) + return 0; + + return vbe_find_next_device(devp); +} + +int vbe_list(void) +{ + struct bootstd_priv *std; + struct udevice *dev; + int ret; + + ret = bootstd_get_priv(&std); + if (ret) + return ret; + + printf("%3s %-3s %-15s %-15s %s\n", "#", "Sel", "Device", "Driver", + "Description"); + printf("%3s %-3s %-15s %-15s %s\n", "---", "---", "--------------", + "--------------", "-----------"); + for (ret = vbe_find_first_device(&dev); dev; + ret = vbe_find_next_device(&dev)) { + const struct bootmeth_uc_plat *plat = dev_get_uclass_plat(dev); + + printf("%3d %-3s %-15s %-15s %s\n", dev_seq(dev), + std->vbe_bootmeth == dev ? "*" : "", dev->name, + dev->driver->name, plat->desc); + } + printf("%3s %-3s %-15s %-15s %s\n", "---", "---", "--------------", + "--------------", "-----------"); + + return 0; +} + +int vbe_select(struct udevice *dev) +{ + struct bootstd_priv *std; + int ret; + + ret = bootstd_get_priv(&std); + if (ret) + return ret; + std->vbe_bootmeth = dev; + + return 0; +} + +int vbe_find_by_any(const char *name, struct udevice **devp) +{ + struct udevice *dev; + int ret, seq; + char *endp; + + seq = simple_strtol(name, &endp, 16); + + /* Select by name */ + if (*endp) { + ret = uclass_get_device_by_name(UCLASS_BOOTMETH, name, &dev); + if (ret) { + printf("Cannot probe VBE bootmeth '%s' (err=%d)\n", name, + ret); + return ret; + } + + /* select by number */ + } else { + ret = uclass_get_device_by_seq(UCLASS_BOOTMETH, seq, &dev); + if (ret) { + printf("Cannot find '%s' (err=%d)\n", name, ret); + return ret; + } + } + + *devp = dev; + + return 0; +} diff --git a/include/bootstd.h b/include/bootstd.h index b002365f4f..01be249d16 100644 --- a/include/bootstd.h +++ b/include/bootstd.h @@ -26,6 +26,7 @@ struct udevice; * @glob_head: Head for the global list of all bootflows across all bootdevs * @bootmeth_count: Number of bootmeth devices in @bootmeth_order * @bootmeth_order: List of bootmeth devices to use, in order, NULL-terminated + * @vbe_bootmeth: Currently selected VBE bootmeth, NULL if none */ struct bootstd_priv { const char **prefixes; @@ -35,6 +36,7 @@ struct bootstd_priv { struct list_head glob_head; int bootmeth_count; struct udevice **bootmeth_order; + struct udevice *vbe_bootmeth; }; /** diff --git a/include/vbe.h b/include/vbe.h new file mode 100644 index 0000000000..b83f6f0c51 --- /dev/null +++ b/include/vbe.h @@ -0,0 +1,48 @@ +/* SPDX-License-Identifier: GPL-2.0+ */ +/* + * Verified Boot for Embedded (VBE) support + * See doc/develop/vbe.rst + * + * Copyright 2022 Google LLC + * Written by Simon Glass + */ + +#ifndef __VBE_H +#define __VBE_H + +/** + * vbe_list() - List the VBE bootmeths + * + * This shows a list of the VBE bootmeth devices + * + * @return 0 (always) + */ +int vbe_list(void); + +/** + * vbe_find_by_any() - Find a VBE bootmeth by name or sequence + * + * @name: name (e.g. "vbe-simple"), or sequence ("2") to find + * @devp: returns the device found, on success + * Return: 0 if OK, -ve on error + */ +int vbe_find_by_any(const char *name, struct udevice **devp); + +/** + * vbe_find_first_device() - Find the first VBE bootmeth + * + * @devp: Returns first available VBE bootmeth, or NULL if none + * Returns: 0 (always) + */ +int vbe_find_first_device(struct udevice **devp); + +/** + * vbe_find_next_device() - Find the next available VBE bootmeth + * + * @devp: Previous device to start from. Returns next available VBE bootmeth, + * or NULL if none + * Returns: 0 (always) + */ +int vbe_find_next_device(struct udevice **devp); + +#endif