soc/intel/xeon_sp: Revise IIO domain ACPI name encoding
[coreboot2.git] / src / security / vboot / misc.h
blob1b66186278610e5a29ce88faf1a49384e906dd2b
1 /* SPDX-License-Identifier: GPL-2.0-only */
3 #ifndef __VBOOT_MISC_H__
4 #define __VBOOT_MISC_H__
6 #include <assert.h>
7 #include <security/vboot/vboot_common.h>
8 #include <vb2_api.h>
11 * Source: security/vboot/common.c
13 struct vb2_context *vboot_get_context(void);
16 * Returns 1 if firmware slot A is used, 0 if slot B is used.
18 static inline int vboot_is_firmware_slot_a(struct vb2_context *ctx)
20 return !(ctx->flags & VB2_CONTEXT_FW_SLOT_B);
24 * Check if given flag is set in the flags field in GBB header.
26 static inline bool vboot_is_gbb_flag_set(enum vb2_gbb_flag flag)
28 return !!(vb2api_gbb_get_flags(vboot_get_context()) & flag);
32 * Locates firmware as a region device. Returns 0 on success, -1 on failure.
34 int vboot_locate_firmware(struct vb2_context *ctx, struct region_device *fw);
37 * The stage loading code is compiled and entered from multiple stages. The
38 * helper functions below attempt to provide more clarity on when certain
39 * code should be called. They are implemented inline for better compile-time
40 * code elimination.
43 static inline int verification_should_run(void)
45 if (CONFIG(VBOOT_SEPARATE_VERSTAGE))
46 return ENV_SEPARATE_VERSTAGE;
47 else if (CONFIG(VBOOT_STARTS_IN_ROMSTAGE))
48 return ENV_RAMINIT;
49 else if (CONFIG(VBOOT_STARTS_IN_BOOTBLOCK))
50 return ENV_BOOTBLOCK;
51 else
52 dead_code();
55 static inline int verstage_should_load(void)
57 if (CONFIG(VBOOT_SEPARATE_VERSTAGE) && !CONFIG(VBOOT_STARTS_BEFORE_BOOTBLOCK))
58 return ENV_BOOTBLOCK;
59 else
60 return 0;
63 static inline int vboot_logic_executed(void)
65 extern int vboot_executed; /* should not be globally accessible */
67 /* If we are in the stage that runs verification, or in the stage that
68 both loads the verstage and is returned to from it afterwards, we
69 need to check a global to see if verification has run. */
70 if (verification_should_run() ||
71 (verstage_should_load() && CONFIG(VBOOT_RETURN_FROM_VERSTAGE)))
72 return vboot_executed;
74 if (CONFIG(VBOOT_STARTS_IN_BOOTBLOCK)) {
75 /* All other stages are "after the bootblock" */
76 return !ENV_BOOTBLOCK;
77 } else if (CONFIG(VBOOT_STARTS_IN_ROMSTAGE)) {
78 /* Post-RAM stages are "after the romstage" */
79 return !ENV_ROMSTAGE_OR_BEFORE;
80 } else if (CONFIG(VBOOT_STARTS_BEFORE_BOOTBLOCK)) {
81 return !ENV_SEPARATE_VERSTAGE;
82 } else {
83 dead_code();
87 static inline bool vboot_hwcrypto_allowed(void)
89 /* When not using vboot firmware verification, HW crypto is always allowed. */
90 if (!CONFIG(VBOOT))
91 return 1;
93 /* Before vboot runs we can't check for HW crypto, so err on the side of caution. */
94 if (!vboot_logic_executed())
95 return 0;
97 /* Otherwise, vboot can decide. */
98 return vb2api_hwcrypto_allowed(vboot_get_context());
101 #endif /* __VBOOT_MISC_H__ */