src/security/vboot/vbnv_flash.c

   1 /* SPDX-License-Identifier: GPL-2.0-only */
   2
   3 #include <commonlib/region.h>
   4 #include <console/console.h>
   5 #include <fmap.h>
   6 #include <fmap_config.h>
   7 #include <string.h>
   8 #include <vb2_api.h>
   9 #include <security/vboot/vboot_common.h>
  10 #include <security/vboot/vbnv.h>
  11 #include <security/vboot/vbnv_layout.h>
  12
  13 #define BLOB_SIZE VB2_NVDATA_SIZE
  14
  15 struct vbnv_flash_ctx {
  16         /* VBNV flash is initialized */
  17         int initialized;
  18
  19         /* Offset of the current nvdata in flash */
  20         int blob_offset;
  21
  22         /* Offset of the topmost nvdata blob in flash */
  23         int top_offset;
  24
  25         /* Region to store and retrieve the VBNV contents. */
  26         struct region_device vbnv_dev;
  27
  28         /* Cache of the current nvdata */
  29         uint8_t cache[BLOB_SIZE];
  30 };
  31 static struct vbnv_flash_ctx vbnv_flash;
  32
  33 /*
  34  * This code assumes that flash is erased to 1-bits, and write operations can
  35  * only change 1-bits to 0-bits. So if the new contents only change 1-bits to
  36  * 0-bits, we can reuse the current blob.
  37  */
  38 static inline uint8_t erase_value(void)
  39 {
  40         return 0xff;
  41 }
  42
  43 static inline int can_overwrite(uint8_t current, uint8_t new)
  44 {
  45         return (current & new) == new;
  46 }
  47
  48 _Static_assert(FMAP_SECTION_RW_NVRAM_SIZE >= BLOB_SIZE,
  49                "RW_NVRAM FMAP section not present or too small");
  50
  51 static int init_vbnv(void)
  52 {
  53         struct vbnv_flash_ctx *ctx = &vbnv_flash;
  54         struct region_device *rdev = &ctx->vbnv_dev;
  55         uint8_t buf[BLOB_SIZE];
  56         uint8_t empty_blob[BLOB_SIZE];
  57         int used_below, empty_above;
  58         int offset;
  59         int i;
  60
  61         if (fmap_locate_area_as_rdev_rw("RW_NVRAM", rdev) ||
  62             region_device_sz(rdev) < BLOB_SIZE) {
  63                 printk(BIOS_ERR, "%s: failed to locate NVRAM\n", __func__);
  64                 return 1;
  65         }
  66
  67         /* Prepare an empty blob to compare against. */
  68         for (i = 0; i < BLOB_SIZE; i++)
  69                 empty_blob[i] = erase_value();
  70
  71         ctx->top_offset = region_device_sz(rdev) - BLOB_SIZE;
  72
  73         /* Binary search for the border between used and empty */
  74         used_below = 0;
  75         empty_above = region_device_sz(rdev) / BLOB_SIZE;
  76
  77         while (used_below + 1 < empty_above) {
  78                 int guess = (used_below + empty_above) / 2;
  79                 if (rdev_readat(rdev, buf, guess * BLOB_SIZE, BLOB_SIZE) < 0) {
  80                         printk(BIOS_ERR, "failed to read nvdata\n");
  81                         return 1;
  82                 }
  83                 if (!memcmp(buf, empty_blob, BLOB_SIZE))
  84                         empty_above = guess;
  85                 else
  86                         used_below = guess;
  87         }
  88
  89         /*
  90          * Offset points to the last non-empty blob.  Or if all blobs are empty
  91          * (nvram is totally erased), point to the first blob.
  92          */
  93         offset = used_below * BLOB_SIZE;
  94
  95         /* reread the nvdata and write it to the cache */
  96         if (rdev_readat(rdev, ctx->cache, offset, BLOB_SIZE) < 0) {
  97                 printk(BIOS_ERR, "failed to read nvdata\n");
  98                 return 1;
  99         }
 100
 101         ctx->blob_offset = offset;
 102         ctx->initialized = 1;
 103
 104         return 0;
 105 }
 106
 107 static int erase_nvram(void)
 108 {
 109         struct vbnv_flash_ctx *ctx = &vbnv_flash;
 110         const struct region_device *rdev = &ctx->vbnv_dev;
 111
 112         if (rdev_eraseat(rdev, 0, region_device_sz(rdev)) < 0) {
 113                 printk(BIOS_ERR, "failed to erase nvram\n");
 114                 return 1;
 115         }
 116
 117         printk(BIOS_INFO, "nvram is cleared\n");
 118         return 0;
 119 }
 120
 121 void read_vbnv_flash(uint8_t *vbnv_copy)
 122 {
 123         struct vbnv_flash_ctx *ctx = &vbnv_flash;
 124
 125         if (!ctx->initialized)
 126                 if (init_vbnv())
 127                         return;  /* error */
 128
 129         memcpy(vbnv_copy, ctx->cache, BLOB_SIZE);
 130 }
 131
 132 void save_vbnv_flash(const uint8_t *vbnv_copy)
 133 {
 134         struct vbnv_flash_ctx *ctx = &vbnv_flash;
 135         int new_offset;
 136         int i;
 137         const struct region_device *rdev = &ctx->vbnv_dev;
 138
 139         if (!ctx->initialized)
 140                 if (init_vbnv())
 141                         return;  /* error */
 142
 143         /* Bail out if there have been no changes. */
 144         if (!memcmp(vbnv_copy, ctx->cache, BLOB_SIZE))
 145                 return;
 146
 147         new_offset = ctx->blob_offset;
 148
 149         /* See if we can overwrite the current blob with the new one */
 150         for (i = 0; i < BLOB_SIZE; i++) {
 151                 if (!can_overwrite(ctx->cache[i], vbnv_copy[i])) {
 152                         /* unable to overwrite. need to use the next blob */
 153                         new_offset += BLOB_SIZE;
 154                         if (new_offset > ctx->top_offset) {
 155                                 if (erase_nvram())
 156                                         return;  /* error */
 157                                 new_offset = 0;
 158                         }
 159                         break;
 160                 }
 161         }
 162
 163         if (rdev_writeat(rdev, vbnv_copy, new_offset, BLOB_SIZE) == BLOB_SIZE) {
 164                 /* write was successful. safely move pointer forward */
 165                 ctx->blob_offset = new_offset;
 166                 memcpy(ctx->cache, vbnv_copy, BLOB_SIZE);
 167         } else {
 168                 printk(BIOS_ERR, "failed to save nvdata\n");
 169         }
 170 }