| Commit message (Collapse) | Author | Age | Files | Lines |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
This counter was only used by the legacy U2F
implementation, which is no longer required.
This change deletes the code for the counter,
but does not update the flash config to make use
of the pages previously occupied by the counter.
Since this code is already unused, and therefore
already dropped from built firmware images, this
change does not have any impact on image size.
A follow up change can alter the flash config
to reclaim and repurpose the 2KB per partition
previously used by the counter.
BRANCH=none
BUG=b:138459918
TEST=make buildall -j
Signed-off-by: Louis Collard <louiscollard@chromium.org>
Change-Id: I18892e1eb0224b96caa531293403b0b02f28a32b
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/ec/+/1748848
Reviewed-by: Andrey Pronin <apronin@chromium.org>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Refactor code to use proper type for cc1 and cc2 lines.
BRANCH=none
BUG=none
TEST=builds. No functional change.
Change-Id: Id292db8480920e2b191bac9d9ecc2685f61e4ea9
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/ec/+/1744654
Tested-by: Jett Rink <jettrink@chromium.org>
Reviewed-by: Denis Brockus <dbrockus@chromium.org>
Commit-Queue: Jett Rink <jettrink@chromium.org>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Semantics of renew field in EC_CMD_USB_PD_CHIP_INFO is changing as
follows:
0 -> Return hard-coded info for Vendor ID/Product ID and cached info for
the Firmware Version
1 -> Return the live chip info for Vendor ID/Product ID/Firmware Version
Also rename the 'renew' field to 'live' to match the new semantics.
BUG=b:128820536,b:119046668
BRANCH=None
TEST=make -j buildall; Boot to ChromeOS.
Change-Id: Ie3dd022336b0be5c9728bb0ebabef32b7a6b5d57
Signed-off-by: Karthikeyan Ramasubramanian <kramasub@google.com>
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/ec/+/1617893
Tested-by: Karthikeyan Ramasubramanian <kramasub@chromium.org>
Reviewed-by: Daisuke Nojiri <dnojiri@chromium.org>
Reviewed-by: Diana Z <dzigterman@chromium.org>
Commit-Queue: Karthikeyan Ramasubramanian <kramasub@chromium.org>
Auto-Submit: Karthikeyan Ramasubramanian <kramasub@chromium.org>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
This removes the remaining fuzz config that was
left in test_config.h. This section had already been duplicated
in fuzz_config.h, without being removed from test_config.h.
See the original migration CL crrev.com/c/1180179 for more info.
BRANCH=none
BUG=none
TEST=make runtests V=1 -j
Change-Id: Icd7158417ac184d7723828e62b968f7f0aa4bfbc
Signed-off-by: Craig Hesling <hesling@chromium.org>
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/ec/+/1660126
Reviewed-by: Allen Webb <allenwebb@google.com>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Found with MSAN fuzzer: usb_pd_protocol.c may use payload data
that is not initialized.
Fix the test by copying over the whole payload, which is what
tcpci.c's version does.
Also, in tcpci.c, clear cached_messages head before using
get_message_raw to fill it up, to make sure that we do not
accidentally use older data in the queue.
BRANCH=none
BUG=chromium:963076
TEST=make TEST_MSAN=y host-usb_pd_fuzz -j
MSAN_OPTIONS=log_path=stderr:exitcode=0 \
build/host/usb_pd_fuzz/usb_pd_fuzz.exe \
clusterfuzz-testcase-minimized-ec_usb_pd_fuzzer-5716775969357824
Change-Id: I74c38538440cb5a01d1714657b9e2d63e5b80cea
Signed-off-by: Nicolas Boichat <drinkcat@chromium.org>
Reviewed-on: https://chromium-review.googlesource.com/1610163
Reviewed-by: Daisuke Nojiri <dnojiri@chromium.org>
Reviewed-by: Aaron Durbin <adurbin@chromium.org>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
We should ensure that all custom task definition are non-zero and fit
with the globally defined events. Add compile time check and change
semantics to specify bit number (instead of making all callers use the
BIT macro).
This also fixes an error with TASK_EVENT_PHY_TX_DONE for ITE being 0.
The bug that made that happen hasn't landed on any firmware branches
that use it though.
BRANCH=none
BUG=none
TEST=builds
Cq-Depend:chrome-internal:1178968,chrome-internal:1178952
Change-Id: I5e1d1312382d200280c548e9128e53f4eddd3e61
Signed-off-by: Jett Rink <jettrink@chromium.org>
Reviewed-on: https://chromium-review.googlesource.com/1570607
Commit-Ready: ChromeOS CL Exonerator Bot <chromiumos-cl-exonerator@appspot.gserviceaccount.com>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Since nvmem_tpm2_mock is linked outside of libec.a it needs to use the
cstdlib version of memcpy so HIDE_EC_STDLIB needs to be defined prior to
including any of the EC headers.
BRANCH=none
BUG=chromium:950310
TEST=TEST_UBSAN=y make -j host-cr50_fuzz
Change-Id: I2d303ab1e8f493b4d4715c36f6e81592eeca246d
Signed-off-by: Allen Webb <allenwebb@google.com>
Reviewed-on: https://chromium-review.googlesource.com/1566654
Reviewed-by: Manoj Gupta <manojgupta@chromium.org>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
It's simply a bad idea to describe a macro in multiple locations.
It'll make it hard to change. It'll be difficult to keep all
locations in sync.
This patch replaces the comment duplicated in all ec.tasklist with
a pointer to the CONFIG_TASK_LIST definition. The macro will be
described in a single place (just like all/most other macros).
Signed-off-by: Daisuke Nojiri <dnojiri@chromium.org>
BUG=none
BRANCH=none
TEST=buildall
Change-Id: Id658b9d68e742e4334c692b804d9c98c8de21313
Reviewed-on: https://chromium-review.googlesource.com/1551579
Commit-Ready: ChromeOS CL Exonerator Bot <chromiumos-cl-exonerator@appspot.gserviceaccount.com>
Tested-by: Daisuke Nojiri <dnojiri@chromium.org>
Reviewed-by: Daisuke Nojiri <dnojiri@chromium.org>
Reviewed-by: Jett Rink <jettrink@chromium.org>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
This patch includes changes to support testing of the new nvmem
implementation.
Making fizz compatible required duplicating a lot of functionality
available in the test/ directory (fuzz/nvmem_tpm2_mock.c is very
similar to test/nvmem_tpm2_mock.c), but I could not find an easy way
to avoid it.
BRANCH=cr50, cr50-mp
BUG=b:69907320, b:129710256
CQ-DEPEND=CL:1496607
TEST=with the rest of the patches applied 'make buildall -j' succeeds,
which confirms both test and fuzz success.
Change-Id: Ife999b04d22f8ddbe9ea5d35f4c3e21f57592754
Signed-off-by: Vadim Bendebury <vbendeb@chromium.org>
Reviewed-on: https://chromium-review.googlesource.com/1450278
Reviewed-by: Andrey Pronin <apronin@chromium.org>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
This adds owners files for the fuzz target so that bugs are correctly
assigned.
BRANCH=None
BUG=None
TEST=USE="ubsan asan fuzzer" ./build_packages \
--board=amd64-generic --skip_chroot_upgrade chromeos-ec
Change-Id: I53867fcb09bdf306a2a01e50a4c2faa647e2efe8
Signed-off-by: Allen Webb <allenwebb@google.com>
Reviewed-on: https://chromium-review.googlesource.com/1361980
Reviewed-by: Randall Spangler <rspangler@chromium.org>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
This cleanups some header includes to avoid conflicts between the ec
headers and the standard c headers.
BRANCH=None
BUG=None
TEST=make -j buildall && ./build_packages --board=veyron_minnie \
chromeos-ec && FEATURES=test emerge-veyron_minnie chromeos-ec
Change-Id: Icf9022d688fd9c749f7a5f8673755188741b40e1
Signed-off-by: Allen Webb <allenwebb@google.com>
Reviewed-on: https://chromium-review.googlesource.com/1378906
Reviewed-by: Daisuke Nojiri <dnojiri@chromium.org>
Reviewed-by: Nicolas Boichat <drinkcat@chromium.org>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
A new symbol was added to third_party/tpm2 that needed a mock
implementation in cr50_fuzz to fix compilation.
CQ-DEPEND=CL:1370404,CL:1377383
BRANCH=None
BUG=chromium:911310
TEST=USE="ubsan asan fuzzer" ./build_packages \
--board=amd64-generic --skip_chroot_upgrade chromeos-ec
Change-Id: I3e2546829646e89361bfa2a8b4084c95b346f78f
Signed-off-by: Allen Webb <allenwebb@google.com>
Reviewed-on: https://chromium-review.googlesource.com/1370747
Reviewed-by: Manoj Gupta <manojgupta@chromium.org>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
The declaration of nvmem_wipe_cache is now inside the extern "C"
section and a definition was added to cr50_fuzz.
BRANCH=None
BUG=None
TEST=make -j buildall
Change-Id: Ie7401d8880e7982c84fa6a5df5015cbd145fc6d1
Signed-off-by: Allen Webb <allenwebb@google.com>
Reviewed-on: https://chromium-review.googlesource.com/1370746
Commit-Ready: ChromeOS CL Exonerator Bot <chromiumos-cl-exonerator@appspot.gserviceaccount.com>
Reviewed-by: Manoj Gupta <manojgupta@chromium.org>
Reviewed-by: Vadim Bendebury <vbendeb@chromium.org>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
This incorporates the fuzz targets into buildall and adds a quick
sanity check to each fuzz target to make sure it exits successfully for
an empty input.
This adds roughly 5.88 seconds to "make -j buildall" (This includes an
addtionally target that will be enabled in a later CL).
time make -j buildall # BEFORE
real 1m19.519s
user 23m9.220s
sys 5m1.690s
time make -j buildall # AFTER
real 1m25.399s
user 23m35.753s
sys 5m12.609s
BRANCH=None
BUG=None
TEST=make -j buildall
Change-Id: Ib77a57297ee896569c509d0c8c998552d2a3a76c
Signed-off-by: Allen Webb <allenwebb@google.com>
Reviewed-on: https://chromium-review.googlesource.com/1370934
Reviewed-by: Vadim Bendebury <vbendeb@chromium.org>
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
BRANCH=None
BUG=chromium:911310
TEST=USE="ubsan asan fuzzer" ./build_packages \
--board=amd64-generic --skip_chroot_upgrade chromeos-ec
Change-Id: I15ac87b14a0f28a62e257bb155f1862753053eb4
Reviewed-on: https://chromium-review.googlesource.com/c/1368010
Tested-by: Allen Webb <allenwebb@google.com>
Trybot-Ready: Allen Webb <allenwebb@google.com>
Reviewed-by: Manoj Gupta <manojgupta@chromium.org>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
This function is called from common/nvmem.c, it should be available
when compiling for tests, the stub could be filled up later when new
tests are added.
BRANCH=cr50, cr50-mp
BUG=b:119221935
TEST=make buildall -j still succeeds.
Change-Id: I082292818c7f2b10336c9a7c49e0a9195e25a12b
Signed-off-by: Vadim Bendebury <vbendeb@chromium.org>
Reviewed-on: https://chromium-review.googlesource.com/1363816
Reviewed-by: Allen Webb <allenwebb@google.com>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Setup CC lines, then send up to 8 PD messages, in an attempt to
cause errors while parsing PDO and other messages.
BRANCH=none
BUG=chromium:854975
TEST=make -j buildfuzztests && \
./build/host/usb_pd_fuzz/usb_pd_fuzz.exe > /dev/null
Change-Id: Ibb575ea8d464945390d1663dd6fff279bd9d77ea
Signed-off-by: Nicolas Boichat <drinkcat@chromium.org>
Reviewed-on: https://chromium-review.googlesource.com/1116626
Reviewed-by: Jonathan Metzman <metzman@chromium.org>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
'mem_hash_tree.h' was missing '#define HIDE_EC_STDLIB' before
'dcrypto.h'. This problem was only apparent when -O2 is set.
CQ-DEPEND=CL:1358746
BRANCH=None
BUG=chromium:911310
TEST=USE="ubsan asan fuzzer" ./build_packages \
--board=amd64-generic --skip_chroot_upgrade chromeos-ec
Change-Id: I19d00c165764f80cfa385fb3bed64efc67bfc3f9
Signed-off-by: Allen Webb <allenwebb@google.com>
Reviewed-on: https://chromium-review.googlesource.com/1361680
Reviewed-by: Manoj Gupta <manojgupta@chromium.org>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
This fixes a dependency problem that was introduced in CL:1184107.
BRANCH=None
BUG=chromium:911310
TEST=USE="ubsan asan fuzzer" ./build_packages \
--board=amd64-generic --skip_chroot_upgrade chromeos-ec
Change-Id: Ib4795d6a716fe3fcb7a88bf6a165f96ffe10640a
Signed-off-by: Allen Webb <allenwebb@google.com>
Reviewed-on: https://chromium-review.googlesource.com/1358746
Reviewed-by: Mattias Nissler <mnissler@chromium.org>
|
|
|
|
|
|
|
|
|
|
|
|
| |
BRANCH=None
BUG=chromium:911310
TEST=USE="ubsan asan fuzzer" ./build_packages \
--board=amd64-generic --skip_chroot_upgrade chromeos-ec
Change-Id: Ib2ffc7035d0f6912834709bb8a5f6b3c11a2c67a
Signed-off-by: Allen Webb <allenwebb@google.com>
Reviewed-on: https://chromium-review.googlesource.com/1359652
Reviewed-by: Manoj Gupta <manojgupta@chromium.org>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
This adds an initialization step that sanity checks the fuzz target to
make sure the model is working as intended.
BRANCH=None
BUG=chromium:876582
TEST=sudo emerge libprotobuf-mutator &&
make -j buildfuzztests && ./build/host/cr50_fuzz/cr50_fuzz.exe
Change-Id: I3961a7ff05b4876992af447a2104bcfa0a496562
Signed-off-by: Allen Webb <allenwebb@google.com>
Reviewed-on: https://chromium-review.googlesource.com/1347012
Reviewed-by: Mattias Nissler <mnissler@chromium.org>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
This uses protocol buffers to model what actions can be taken with
pinweaver at a higher level of abstraction than the raw requests to
greatly increase the coverage that can be achieved by fuzzing, while
still allowing for invalid inputs to be checked.
BRANCH=none
BUG=chromium:876582
TEST=sudo emerge libprotobuf-mutator &&
make -j buildfuzztests && ./build/host/cr50_fuzz/cr50_fuzz.exe
Change-Id: Ie7ce569650ca06866f277f36eae61df2684de60c
Signed-off-by: Allen Webb <allenwebb@google.com>
Reviewed-on: https://chromium-review.googlesource.com/1184107
Reviewed-by: Mattias Nissler <mnissler@chromium.org>
Reviewed-by: Mike Frysinger <vapier@chromium.org>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
The CONFIG_FLASH_NVMEM_VARS_USER_NUM constant was incorrectly defined,
so nvmem_vars was failing with EC_OVERFLOW.
BRANCH=None
BUG=None
TEST=make -j buildfuzztests && ./build/host/cr50_fuzz/cr50_fuzz.exe
Change-Id: I52facfd44423bb69284b54e6831e5e777cf35a05
Signed-off-by: Allen Webb <allenwebb@google.com>
Reviewed-on: https://chromium-review.googlesource.com/1344800
Reviewed-by: Manoj Gupta <manojgupta@chromium.org>
|
|
|
|
|
|
|
|
|
|
|
| |
BRANCH=None
BUG=None
TEST=make -j buildall
Change-Id: Icf2cfb6a2657064c10721c0e527d24fbb3be6ab3
Signed-off-by: Allen Webb <allenwebb@google.com>
Reviewed-on: https://chromium-review.googlesource.com/1330102
Reviewed-by: Mike Frysinger <vapier@chromium.org>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Adds mock implementation of get_current_pcr_digest() for the fuzz
target.
BRANCH=None
BUG=chromium:903487
TEST=make -j buildfuzztests
Change-Id: I55b7da813d4f17ef7f60e045423a3917a052e41c
Signed-off-by: Allen Webb <allenwebb@google.com>
Reviewed-on: https://chromium-review.googlesource.com/c/1327128
Reviewed-by: Manoj Gupta <manojgupta@chromium.org>
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
A change in a parent commit broke the build for this commit. Adding
an include for cstring and #define HIDE_EC_STDLIB resolves the header conflict.
BUG=chromium:883080
TEST=make -j buildfuzztests
Change-Id: Icf584a6050519c7a3b8f7defb7685c9c64f7a145
Signed-off-by: Allen Webb <allenwebb@google.com>
Reviewed-on: https://chromium-review.googlesource.com/1220390
Reviewed-by: Manoj Gupta <manojgupta@chromium.org>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
This adds a rule for building c++ object files to make it possible
to use libprotobuf-mutator in fuzzing targets.
BRANCH=none
BUG=chromium:876582
TEST=make -j buildfuzztargets &&
./build/host/cr50_fuzz/cr50_fuzz.exe
Change-Id: I1355c313e47a1a83a599eb0f0b9142fefdf6de8b
Signed-off-by: Allen Webb <allenwebb@google.com>
Reviewed-on: https://chromium-review.googlesource.com/1183535
Reviewed-by: Randall Spangler <rspangler@chromium.org>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
This adds a minimal pinweaver fuzzer as a foundation for further work.
It will not be able to achieve good coverage because it doesn't have a
proper description of the protocol, however it demonstrates that the
prerequisites to build against dcrypto, nvmem_vars, and nvcounter are
satisfied for the host board.
CQ-DEPEND=CL:1183532
BRANCH=none
BUG=chromium:876582
TEST=make -j buildfuzztests &&
./build/host/cr50_fuzz/cr50_fuzz.exe
Change-Id: I520d71c224d583c51dc3292dc051ee8de4a4116a
Signed-off-by: Allen Webb <allenwebb@google.com>
Reviewed-on: https://chromium-review.googlesource.com/1183534
Reviewed-by: Randall Spangler <rspangler@chromium.org>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
This creates a build target called libec.a by setting the visibility
of functions that conflict with cstdlib to hidden. It then links
those symbols locally into one large object file that makes up libec.a
Fuzzing targets are linked against libec.a so that they can invoke ec
functionality while depending on outside libraries that need cstdlib.
When linking a particular object against cstdlib, to avoid conflicting
function declarations put the following before any includes from the
ec codebase:
#define __stdlib_compat(...)
The fuzzing targets are now linked using clang++, so that c++ libraries
and objects can be used as part of the fuzzers.
BRANCH=none
BUG=chromium:876582
TEST=make -j buildfuzztests &&
./build/host/host_command_fuzz/host_command_fuzz.exe
Change-Id: Ifdfdc6a51c6ef23b4e192b013ca993bf48a4411b
Signed-off-by: Allen Webb <allenwebb@google.com>
Reviewed-on: https://chromium-review.googlesource.com/1180401
Reviewed-by: Randall Spangler <rspangler@chromium.org>
|
|
BRANCH=none
CQ-DEPEND=CL:*664115
BUG=chromium:876582
TEST=make -j buildall && make -j buildfuzztests
Change-Id: Iade5e5138f495e6b3b99ec16f1a467861ade5537
Signed-off-by: Allen Webb <allenwebb@google.com>
Reviewed-on: https://chromium-review.googlesource.com/1180179
Reviewed-by: Mattias Nissler <mnissler@chromium.org>
Reviewed-by: Nicolas Boichat <drinkcat@chromium.org>
|