| Commit message (Collapse) | Author | Age | Files | Lines |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
The bootcache will be changing the linux command line. Added additional
patterns that are acceptable to the signing software.
BUG=chrome-os-partner:16370
TEST=none
BRANCH=none
Change-Id: Id46d5f5eeebfd72941127f4fab35da59b28f695e
Original-Change-Id: I22d00ebc6191b5499f722974d90c260b78eb63b2
Reviewed-on: https://gerrit.chromium.org/gerrit/39023
Reviewed-by: Mike Frysinger <vapier@chromium.org>
Tested-by: Shawn Nematbakhsh <shawnn@google.com>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
To handle a more diverse set of configurations, added
processing of regular expressions for the dm params.
BUG=chrome-os-partner:16370
TEST=none
BRANCH=Butterfly
Change-Id: I43723448c09b0b68e53d05a176dba07cd3bfb200
Original-Change-Id: I4d9e610586cc9f63d55397e60462600ed9b9651f
Reviewed-on: https://gerrit.chromium.org/gerrit/38202
Reviewed-by: Mike Frysinger <vapier@chromium.org>
Commit-Ready: Paul Taysom <taysom@chromium.org>
Tested-by: Paul Taysom <taysom@chromium.org>
Reviewed-on: https://gerrit.chromium.org/gerrit/38694
Tested-by: Shawn Nematbakhsh <shawnn@google.com>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Ctrl-U used to simply beep without messages for why it does not work (due to NV
data dev_boot_usb). Since the system is already in Developer mode, it should be
fine to provide some debug information otherwise we can spent time trying to
figure out why the firmware doesn't work.
BRANCH=all
BUG=chrome-os-partner:14474
TEST=flash image to Link, enter DEV and press Ctrl-U; gets beep and warning messages.
Change-Id: Iab20ecdb2e1c4e267b7257a7bd241006241ddf70
Reviewed-on: https://gerrit.chromium.org/gerrit/34406
Tested-by: Hung-Te Lin <hungte@chromium.org>
Reviewed-by: Bill Richardson <wfrichar@chromium.org>
Reviewed-by: Randall Spangler <rspangler@chromium.org>
Commit-Ready: Hung-Te Lin <hungte@chromium.org>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
We use gbb-flag-force-dev-switch-on in default firmware images to make
things easier for factory and some devs.
But when we request normal mode there should be some sort of warning/error
telling the user that this is not available, otherwise we can spent time trying
to figure out why the firmware doesn't work.
BRANCH=all
BUG=chrome-os-partner:14474
TEST=flash image to Link, set GBB flags to 0x39, boot to DEV screen
and press SPACE (TONORM); gets beep and warning messages.
Change-Id: Id48c12693c7575001fae7fad92a868cb5465e83d
Reviewed-on: https://gerrit.chromium.org/gerrit/34172
Reviewed-by: Simon Glass <sjg@chromium.org>
Reviewed-by: Randall Spangler <rspangler@chromium.org>
Commit-Ready: Hung-Te Lin <hungte@chromium.org>
Tested-by: Hung-Te Lin <hungte@chromium.org>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
This enables the signer script to sign update payloads.
BUG=chromium-os:34521
TEST=`./sign_official_build.sh update_payload testcase.sha256 . foo` produced a signed foo file
BRANCH=None
Change-Id: I27a9de89e760427251538deec38161944388a152
Reviewed-on: https://gerrit.chromium.org/gerrit/33535
Tested-by: Mike Frysinger <vapier@chromium.org>
Reviewed-by: Don Garrett <dgarrett@chromium.org>
Reviewed-by: Gaurav Shah <gauravsh@chromium.org>
Commit-Ready: Mike Frysinger <vapier@chromium.org>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
When the cgpt utility complaints about parameter errors, it is
impossible to tell what exactly went wrong. This change consolidates
error definitions and adds a function to convert integer error values
into text messages.
BRANCH=none
BUG=none
TEST=manual
. emerge-link vbooot_reference
. copy generated `cgpt' to a Link device
. run command with wrong arguments with respect to the existing GPT:
localhost var # ./cgpt add -i 3 -b 3985408 -s 1757184 -t rootfs -l ROOT-A /dev/sda
ERROR: cgpt add: Starting LBA overlaps
ERROR: cgpt add: -i 3 -l ROOT-A -b 3985408 -s 1757184 -t 3CB8E202-3B7E-47DD-8A3C-7FF2A13CFCEC
. on the host, in the chroot in src/platform/vboot_reference run
$ make && make runtests
observe all tests succeed
Change-Id: Ibd23ca0430a875f70524adc99e0509b26ae699b2
Signed-off-by: Vadim Bendebury <vbendeb@chromium.org>
Reviewed-on: https://gerrit.chromium.org/gerrit/34003
Reviewed-by: Randall Spangler <rspangler@chromium.org>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Older firmware does not provide nonvolatile-context-storage FDT
property, and crossystem complains about it.
This is harmless; so just make it quiet.
Signed-off-by: Che-Liang Chiou <clchiou@chromium.org>
BRANCH=none
BUG=chrome-os-partner:14475
TEST=manual, see blow
Run crossystem and make sure its output does not contain
"Unable to open FDT property nonvolatile-context-storage"
messages.
Check crossystem still works by comparing its output w/ and w/o this
change.
Change-Id: I0b8f40775833457a75d801f185344e931ac08847
Reviewed-on: https://gerrit.chromium.org/gerrit/33896
Commit-Ready: Che-Liang Chiou <clchiou@chromium.org>
Tested-by: Che-Liang Chiou <clchiou@chromium.org>
Reviewed-by: Simon Glass <sjg@chromium.org>
Reviewed-by: Randall Spangler <rspangler@chromium.org>
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
--snark; no functional change.
BUG=none
TEST=build code
BRANCH=none
Change-Id: Id3a8c5aaf0e5a9d0e1949af602840efcc1895f50
Signed-off-by: Randall Spangler <rspangler@chromium.org>
Reviewed-on: https://gerrit.chromium.org/gerrit/33898
Reviewed-by: Bill Richardson <wfrichar@chromium.org>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
This option is disabled per default and can be enabled with
crossystem dev_boot_legacy=1
or by setting the GBB flag
GBB_FLAG_FORCE_DEV_BOOT_LEGACY 0x00000080
BUG=chrome-os-partner:6108
TEST=crossystem dev_boot_legacy=1
boot to dev mode screen, press CTRL-L, see SeaBIOS start
(other CLs needed)
BRANCH=link
Signed-off-by: Stefan Reinauer <reinauer@chromium.org>
Change-Id: I593d2be7cff5ca07b8d08012c4514a172bd75a38
Reviewed-on: https://gerrit.chromium.org/gerrit/31265
Reviewed-by: Stefan Reinauer <reinauer@chromium.org>
Tested-by: Stefan Reinauer <reinauer@chromium.org>
Reviewed-by: Randall Spangler <rspangler@chromium.org>
Commit-Ready: Stefan Reinauer <reinauer@chromium.org>
|
|
|
|
|
|
|
|
|
|
|
| |
BUG=None
TEST=Ran it
BRANCH=None
Change-Id: Ib494c64d81c4ee80991a01b2172c7c47b60d5658
Reviewed-on: https://gerrit.chromium.org/gerrit/33659
Tested-by: Kris Rambish <krisr@chromium.org>
Reviewed-by: Gaurav Shah <gauravsh@chromium.org>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
In order to dual boot Windows and ChromeOS, Windows must
not find a GPT partition table on the disk. So change
ChromeOS to cope with an alternative signature "CHROMEOS"
instead of the standard "EFI PART"
BUG=chrome-os-partner:6108
TEST=rebuild chromeos, install it,
run cgpt legacy /dev/sda
dd if=/dev/sda of=/tmp/x bs=1k
hexdump -C /tmp/X
see the string CHROMEOS
BRANCH=link
Signed-off-by: Stefan Reinauer <reinauer@chromium.org>
Change-Id: Ia88eff33b9880bd73a78c1b8e026c1f8298c4557
Reviewed-on: https://gerrit.chromium.org/gerrit/31264
Reviewed-by: Randall Spangler <rspangler@chromium.org>
Commit-Ready: Stefan Reinauer <reinauer@chromium.org>
Tested-by: Stefan Reinauer <reinauer@chromium.org>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
For firmware and kernel key increment testing we need to be able to
rev only particular keys and verify an autoupdate works.
BUG=None
TEST=Ran it
BRANCH=None
Change-Id: Ic814480b4bf8fbc994132fcd7ba519c3be9b0ccd
Reviewed-on: https://gerrit.chromium.org/gerrit/32458
Reviewed-by: Mike Frysinger <vapier@chromium.org>
Commit-Ready: Kris Rambish <krisr@chromium.org>
Tested-by: Kris Rambish <krisr@chromium.org>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
We may have multiple storage types (disk or mkbp) of VbNvContext.
crossystem should switch the type and choose the corresponding device
driver.
After patching U-Boot, you may check storage type:
[ "mkbp" = "$(cat /proc/device-tree/firmware/chromeos/nonvolatile-context-storage)" ]
And cross-verify crossystem with mosys:
$ mosys nvram vboot read
70000000000000000000000000000020
$ crossystem recovery_request
0
$ crossystem recovery_request=123
$ mosys nvram vboot read
70007b0000000000000000000000005d
$ mosys nvram vboot write 70000000000000000000000000000020
$ crossystem recovery_request
0
More importantly, crossystem should also work with older version of
firmware, which does not pass down this information.
Signed-off-by: Che-Liang Chiou <clchiou@chromium.org>
BRANCH=none
BUG=chrome-os-partner:13766
TEST=Check storage type on a Snow device:
[ "mkbp" = "$(cat /proc/device-tree/firmware/chromeos/nonvolatile-context-storage)" ]
Make sure that FAFT is still happy:
./run_remote_tests.sh --remote $ADDR --board daisy 'firmware_TryFwB/control$'
./run_remote_tests.sh --remote $ADDR --board daisy 'firmware_TryFwB/control.dev$'
More importantly, check crossystem worked well even when ChromeOS
is booted from an older version of firmware.
Change-Id: I3989a8c181efe03cd9f06127743763e0ad97e281
Reviewed-on: https://gerrit.chromium.org/gerrit/32470
Reviewed-by: Che-Liang Chiou <clchiou@chromium.org>
Tested-by: Che-Liang Chiou <clchiou@chromium.org>
Commit-Ready: Che-Liang Chiou <clchiou@chromium.org>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
This GBB_FLAG_ENTER_TRIGGERS_TONORM is new added for allowing Enter
(default is Space) to trigger the TONORM screen. This flag is
used by FAFT testing.
Chage the usage of set_gbb_flags.sh to help an user.
BUG=chrome-os-partner:12699
TEST=None. Trivial comment change.
Change-Id: I8a1efa880627965570719f22dedfa0e31ab2d5f5
Reviewed-on: https://gerrit.chromium.org/gerrit/33404
Reviewed-by: Hung-Te Lin <hungte@chromium.org>
Commit-Ready: Tom Wai-Hong Tam <waihong@chromium.org>
Tested-by: Tom Wai-Hong Tam <waihong@chromium.org>
Reviewed-by: Randall Spangler <rspangler@chromium.org>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Currently we don't accept keyboard input in UPDATE screen.
BRANCH=none
BUG=chrome-os-partner:13821
TEST=make # no more languages on UPDATE screen.
Change-Id: I08fa6dab7415e9a461ca8096073e98a155a8489e
Reviewed-on: https://gerrit.chromium.org/gerrit/33161
Tested-by: Hung-Te Lin <hungte@chromium.org>
Reviewed-by: Dave Parker <dparker@chromium.org>
Commit-Ready: Hung-Te Lin <hungte@chromium.org>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
A shortcut and easier way to enable USB booting without always calling the huge
firmware updater.
BRANCH=none
BUG=none
TEST=./enable_dev_usb_boot # successfully set dev_usb_boot value.
Change-Id: I9ebb3ce79ef58bc0a32926866d5e1827a92b6e74
Reviewed-on: https://gerrit.chromium.org/gerrit/33046
Reviewed-by: Randall Spangler <rspangler@chromium.org>
Commit-Ready: Hung-Te Lin <hungte@chromium.org>
Tested-by: Hung-Te Lin <hungte@chromium.org>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
This lines up with the terminology that people have been using, and the
valid types that can appear in signer instruction files. We keep around
the old "install" so that other code continues to work.
BUG=None
TEST=None
BRANCH=none
Change-Id: I8d0d2ab4c0ae61f6bcdbcc24ec9796d9eabe386e
Reviewed-on: https://gerrit.chromium.org/gerrit/33056
Reviewed-by: David McMahon <djmm@chromium.org>
Commit-Ready: Mike Frysinger <vapier@chromium.org>
Tested-by: Mike Frysinger <vapier@chromium.org>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
For larger panels, we want to support 1280x* profiles.
BRANCH=none
BUG=chrome-os-partner:12896
TEST=make # all profiles generated.
Change-Id: I5b6729e4335bc0ade3948151e766c02ab937435d
Reviewed-on: https://gerrit.chromium.org/gerrit/32892
Tested-by: Hung-Te Lin <hungte@chromium.org>
Reviewed-by: Dave Parker <dparker@chromium.org>
Commit-Ready: Hung-Te Lin <hungte@chromium.org>
|
|
|
|
|
|
|
|
|
|
|
|
| |
BRANCH=none
BUG=chrome-os-partner:13767
TEST=make # success, s1024usb profiles don't have SD in Remove page.
Change-Id: Ifa605dea50d9d8538fca6032743662e9d8dc7e6c
Reviewed-on: https://gerrit.chromium.org/gerrit/32683
Reviewed-by: Hung-Te Lin <hungte@chromium.org>
Tested-by: Dave Parker <dparker@chromium.org>
Commit-Ready: Dave Parker <dparker@chromium.org>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
This just chews up memory and wastes time on ARM, since the data is already
in memory.
BUG=chrome-os-partner:13492
BRANCH=snow
TEST=manual
Build and boot on snow with manually modified code, to see that the bmpfv
pointer is in the same region as the bmp region.
Build and boot on link and see that displaying screens is still fast.
Change-Id: I98349b73671e38fa6cace966b6953a2abf129fab
Reviewed-on: https://gerrit.chromium.org/gerrit/32629
Reviewed-by: Mike Truty <truty@chromium.org>
Reviewed-by: Randall Spangler <rspangler@chromium.org>
Tested-by: Simon Glass <sjg@chromium.org>
Reviewed-by: Che-Liang Chiou <clchiou@chromium.org>
Commit-Ready: Simon Glass <sjg@chromium.org>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
This enum seems partially complete, and not used in vboot_reference.
Complete it and use it.
BUG=chrome-os-partner:13492
BRANCH=snow
TEST=manual
Build and boot through to recovery on snow. Run through the various
screens and check that they still appear correctly.
Change-Id: Ifca54d072457d9a0396a38026f44f8334efb9cf5
Reviewed-on: https://gerrit.chromium.org/gerrit/32628
Reviewed-by: Mike Truty <truty@chromium.org>
Reviewed-by: Randall Spangler <rspangler@chromium.org>
Tested-by: Simon Glass <sjg@chromium.org>
Commit-Ready: Simon Glass <sjg@chromium.org>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
%L is, in some standard libraries like U-Boot's, a synonym for %ll which is
for long long integers, required by the C99 standard to be at least 64 bits.
For practical purposes that basically means %ll should be used with 64 bit
values. Since %L seems to be non-standard and, at least in U-Boot's case, %ll
is recognized in the same way, %ll seems preferable.
BUG=chrome-os-partner:8339
TEST=Booted ChromeOS using depthcharge and U-Boot. Booted with
depthcharge/libpayload which does not support %L and saw a number where %L had
been printed.
BRANCH=None
Change-Id: Id51fb5c9295e0dd65b42a5c0738eb34c8210a2b2
Signed-off-by: Gabe Black <gabeblack@google.com>
Reviewed-on: https://gerrit.chromium.org/gerrit/32660
Reviewed-by: Randall Spangler <rspangler@chromium.org>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
On x86 U-Boot cannot see the power button, which means that the EC must
deal with it, and may power off the unit at any time. To get around this,
we write the vbcontext every time we change it.
Since this isn't a problem on ARM, and we want to avoid spurious writes
(due to delay and disk wear), make this code execute only on x86 machines.
BUG=chrome-os-partner:13717
BUG=chrome-os-partner:7689
BRANCH=snow,link
TEST=manual
On snow, see that the EC no longer gets MKBP messages to write the nv
context.
On link, manually add a print to U-Boot's nvstorage_write_disk() function
and see that changing language in recovery still causes a write.
Change-Id: I62508739c9fc3aca46fba58b196a8af45269af2a
Reviewed-on: https://gerrit.chromium.org/gerrit/32464
Commit-Ready: Tom Wai-Hong Tam <waihong@chromium.org>
Reviewed-by: Tom Wai-Hong Tam <waihong@chromium.org>
Tested-by: Tom Wai-Hong Tam <waihong@chromium.org>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Currently we check the keyboard each 250ms. This makes for a pretty choppy
experience when changing languages. Change to check every 20ms, without
changing the disk check interval (which remains 1s).
BUG=chrome-os-partner:13717
BRANCH=snow
TEST=manual
Boot into recovery
Try changing language on snow with left/right arrow and see that it updates
instantly.
Change-Id: I2ae411bc36fdb2badac11595b099bca43f116669
Signed-off-by: Simon Glass <sjg@chromium.org>
Reviewed-on: https://gerrit.chromium.org/gerrit/32463
Commit-Ready: Tom Wai-Hong Tam <waihong@chromium.org>
Reviewed-by: Tom Wai-Hong Tam <waihong@chromium.org>
Tested-by: Tom Wai-Hong Tam <waihong@chromium.org>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Rather than read the images from slow flash every time we need them, cache
them the first time and use that cache thereafter.
BUG=none
BRANCH=snow,link
TEST=manual
Go into recovery mode on link
See that we can display a new screen in roughly 20ms instead of the 250ms
it previously took on link.
Also tested on snow and shown to have no ill effects.
Change-Id: Ieb39c44bddeb6315da8983669f19f550888659bd
Signed-off-by: Simon Glass <sjg@chromium.org>
Reviewed-on: https://gerrit.chromium.org/gerrit/32462
Commit-Ready: Tom Wai-Hong Tam <waihong@chromium.org>
Reviewed-by: Tom Wai-Hong Tam <waihong@chromium.org>
Tested-by: Tom Wai-Hong Tam <waihong@chromium.org>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Adding 'update' and language description for locale 'ms'.
Also fixed 'model' height in 'th' locale.
BRANCH=none
BUG=chrome-os-partner:11969
TEST=make # success.
Change-Id: I3eb12d43284bab8c3c243cf86e3dc90c7c0e5497
Reviewed-on: https://gerrit.chromium.org/gerrit/32440
Tested-by: Hung-Te Lin <hungte@chromium.org>
Reviewed-by: Dave Parker <dparker@chromium.org>
Commit-Ready: Hung-Te Lin <hungte@chromium.org>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Block devices return a size of 0 when stat'ed.
In order to be able to verify directly a raw partition, let's add a
special case to query the block device size.
BUG=chromium-os:34176
TEST="vbutil_kernel --verify /dev/sda4 --verbose" shows the actual
content not an error message.
BRANCH=none
Change-Id: Ibecf0a88816abf97305f0f87c0131ba7b66e386c
Reviewed-on: https://gerrit.chromium.org/gerrit/32302
Reviewed-by: Randall Spangler <rspangler@chromium.org>
Reviewed-by: Jon Salz <jsalz@chromium.org>
Commit-Ready: Vincent Palatin <vpalatin@chromium.org>
Tested-by: Vincent Palatin <vpalatin@chromium.org>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
BUG=chrome-os-partner:13765
BRANCH=all
TEST=manual
1. boot in dev mode. see DEV screen
2. press space -> TONORM
3. press esc -> DEV
4. press esc -> (still at DEV)
Change-Id: I9ed2fd2ff2380b058f1aa677ccd516d9fd5679d2
Signed-off-by: Randall Spangler <rspangler@chromium.org>
Reviewed-on: https://gerrit.chromium.org/gerrit/32454
Reviewed-by: Duncan Laurie <dlaurie@chromium.org>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
First, preserve extensions for the backed up keys (and keyblocks). Useful since
our wrapping scripts look at the extension in deciding what needs wrapping.
Second, instead of having to run the script from within a keyset directory,
take the keyset path as an argument and increment the versions for
the keys in there.
BUG=chrome-os-partner:13748
TEST=ran on devkeys
BRANCH=none
Change-Id: I9e8c3e58149e5cb4cd5557521e047e25c06b0cd6
Reviewed-on: https://gerrit.chromium.org/gerrit/32417
Reviewed-by: Mike Frysinger <vapier@chromium.org>
Tested-by: Gaurav Shah <gauravsh@chromium.org>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
The signing script extracted firmware body sections FW_MAIN_{A,B} and
resigned the whole section instead of just firmware body.
As a result, read-only firmware spends more time loading read-write
firmware from SPI flash.
Since vblock has firmware body size information, signing script should
retrieve it and use it to sign just firmware body.
This may reduce boot time for ~560ms, depending on firmware image size,
section size and SPI flash/bus throughput.
Signed-off-by: Che-Liang Chiou <clchiou@chromium.org>
BRANCH=snow,link
BUG=chrome-os-partner:13094
TEST=For Snow (or boards that use cros_bundle_firmware), check that
after resigning, VBLOCK_{A,B} and FW_MAIN_{A,B} are unchanged
For Alex and ZGB, check that old and new resign_firmwarefd.sh
generates identical output
(Test for Snow; repeat for A and B)
dump_fmap -x image.bin VBLOCK_A FW_MAIN_A
mv VBLOCK_A VBLOCK_A.orig
mv FW_MAIN_A FW_MAIN_A.orig
resign_firmwarefd.sh image.bin image-resigned.bin \
firmware_data_key.vbprivk \
firmware.keyblock \
dev_firmware_data_key.vbprivk \
dev_firmware.keyblock \
kernel_subkey.vbpubk
dump_fmap -x image-resigned.bin VBLOCK_A FW_MAIN_A
cmp VBLOCK_A.orig VBLOCK_A
cmp FW_MAIN_A.orig FW_MAIN_A
(Test for Alex and ZGB; repeat for old and new resign_firmwarefd.sh)
resign_firmwarefd.sh image.bin image-resigned-{old or new}.bin \
firmware_data_key.vbprivk \
firmware.keyblock \
dev_firmware_data_key.vbprivk \
dev_firmware.keyblock \
kernel_subkey.vbpubk
cmp image-resigned-old.bin image-resigned-new.bin
Change-Id: Ie70b6c91614343ad9f991ae369a0f8e74ec213fe
Reviewed-on: https://gerrit.chromium.org/gerrit/31572
Commit-Ready: Che-Liang Chiou <clchiou@chromium.org>
Tested-by: Che-Liang Chiou <clchiou@chromium.org>
Reviewed-by: Simon Glass <sjg@chromium.org>
Reviewed-by: Gaurav Shah <gauravsh@chromium.org>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Mount with commit=600, just as the unencrypted stateful is mounted.
BUG=chrome-os-partner:13185
TEST=x86-alex build
Change-Id: I0cee85c8bdabccb6545ca2238f6d5a120300e3aa
Signed-off-by: Kees Cook <keescook@chromium.org>
Reviewed-on: https://gerrit.chromium.org/gerrit/31762
Commit-Ready: Luigi Semenzato <semenzato@chromium.org>
Reviewed-by: Luigi Semenzato <semenzato@chromium.org>
Tested-by: Luigi Semenzato <semenzato@chromium.org>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
This reverts commit 92951c813dc416c24d8a9eda39d037f46baeb077.
BUG=chromium-os:33963,
TEST=None
BRANCH=None
Change-Id: I186432ab4cdb91495f81a1574863fada28f59603
Reviewed-on: https://gerrit.chromium.org/gerrit/31690
Commit-Ready: Yung-Chieh Lo <yjlou@chromium.org>
Reviewed-by: Yung-Chieh Lo <yjlou@chromium.org>
Tested-by: Yung-Chieh Lo <yjlou@chromium.org>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
We have to define the function we need here, so that we can implement it in
U-Boot, then we can come back here and try to use it. Grr.
BUG=chrome-os-partner:11215
BRANCH=link
TEST=none
This just defines the function prototype. No change to test.
Change-Id: I38a19baa54c59c9744d20f743eb53260f2d19852
Signed-off-by: Bill Richardson <wfrichar@chromium.org>
Reviewed-on: https://gerrit.chromium.org/gerrit/31658
Reviewed-by: Randall Spangler <rspangler@chromium.org>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
We need to know not only whether the HW WP pin is asserted, but whether the
flash chip has configured its software protection registers to actually
protect anything. This flag can be used to indicate that.
BUG=chrome-os-partner:13265
BRANCH=link
TEST=none
This just adds the flag. Nothing actually sets the flag yet, so there's
nothing to test.
Change-Id: Icba9945fb56eb3a4681486c630cbbdc9232485ef
Signed-off-by: Bill Richardson <wfrichar@chromium.org>
Reviewed-on: https://gerrit.chromium.org/gerrit/31642
Reviewed-by: Randall Spangler <rspangler@chromium.org>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
If the --signprivate_pem option is used to vbutil_keyblock and without
an external signer, we were passing the wrong name to PrivateKeyReadPem()
causing all such invocations to fail. This CL fixes the typo.
(This particular path isn't current being used.)
BUG=none
TEST=manually verified with --signprivatekey_pem but without --external_signer.
BRANCH=none
Change-Id: I56df76a965706f654df1de8ac6e42738c15284c7
Reviewed-on: https://gerrit.chromium.org/gerrit/31556
Commit-Ready: Gaurav Shah <gauravsh@chromium.org>
Reviewed-by: Gaurav Shah <gauravsh@chromium.org>
Tested-by: Gaurav Shah <gauravsh@chromium.org>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
The FMAP requires to be aligned at 64-byte. Searchin at 4-byte could
lead bug if a designated FMAP is located at 4-byte address.
BUG=chrome-os-partner:13143,
TEST=Tested in CL https://gerrit.chromium.org/gerrit/#/c/31436/
BRANCH=link,snow
Signed-off-by: Louis Yung-Chieh Lo <yjlou@chromium.org>
Change-Id: Ib7f36dc89d7d2763b1a72b641433d45bec6c2bef
Reviewed-on: https://gerrit.chromium.org/gerrit/31442
Reviewed-by: Bill Richardson <wfrichar@chromium.org>
Reviewed-by: David Hendricks <dhendrix@chromium.org>
Reviewed-by: Simon Glass <sjg@chromium.org>
Commit-Ready: Yung-Chieh Lo <yjlou@chromium.org>
Tested-by: Yung-Chieh Lo <yjlou@chromium.org>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Modifying the size of an existing partition without modifying the start as
well assumed the start was at block 0. Sometimes it was caught, often it
wasn't.
Fix the error, add a test to catch the problem.
BUG=chrome-os-partner:13090
BRANCH=all
TEST=manual
make && make runtests
Change-Id: I4f5a5031a90a3e78d886ed3573f61305316a3f1f
Signed-off-by: Bill Richardson <wfrichar@chromium.org>
Reviewed-on: https://gerrit.chromium.org/gerrit/31418
Reviewed-by: Randall Spangler <rspangler@chromium.org>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
I'm about to add a new test to fix some borkage with cgpt. First step is to
clean up the script a little bit.
BUG=none (yet)
BRANCH=all
TEST=manual
make && make runtests
Change-Id: I2311b5eb20aff80c4a0435cf1d10331c679af3c0
Signed-off-by: Bill Richardson <wfrichar@chromium.org>
Reviewed-on: https://gerrit.chromium.org/gerrit/31379
Reviewed-by: Randall Spangler <rspangler@chromium.org>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
When we changed the bmpblk version from 1.2 to 2.0, the tests weren't
updated.
BUG=chrome-os-partner:11078
BRANCH=all
TEST=manual
make && make runtests
Change-Id: I244a9aeeb34be912fe6058687394c37d0e474890
Signed-off-by: Bill Richardson <wfrichar@chromium.org>
Reviewed-on: https://gerrit.chromium.org/gerrit/31377
Reviewed-by: Randall Spangler <rspangler@chromium.org>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
The current kernel parameter parsing logic uses word boundaries (\b) to
keep from replacing parameters inside of other parameters (like "level=1"
mangling "loglevel=1" into "log"), but this fails when the last character
isn't a "word" character. e.g. "\bconsole=\b" doesn't match "console=".
Change the \b to a space. Since we're already using spaces as our split
marker, this shouldn't be a problem.
BRANCH=None
BUG=chrome-os-partner:12780
BUG=chromium-os:33868
TEST=ran `ensure_secure_kernelparams.sh` on an image with 'console=' and saw it work
Change-Id: Id69250179ea76aabfed9cd21c1c59483d78a215d
Reviewed-on: https://gerrit.chromium.org/gerrit/31356
Reviewed-by: David McMahon <djmm@chromium.org>
Commit-Ready: Mike Frysinger <vapier@chromium.org>
Tested-by: Mike Frysinger <vapier@chromium.org>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
When checking kernel params fail, it's useful to know all the variables
as to what it's doing. So dump some state when an error occurs.
BRANCH=None
BUG=None
TEST=ran `ensure_secure_kernelparams.sh` on a bad image and saw useful output
TEST=ran `ensure_secure_kernelparams.sh` on a good image and saw no output
Change-Id: I0e499f87a6d8feed80da72aba75e1e6c1b4076c9
Reviewed-on: https://gerrit.chromium.org/gerrit/31355
Reviewed-by: David McMahon <djmm@chromium.org>
Commit-Ready: Mike Frysinger <vapier@chromium.org>
Tested-by: Mike Frysinger <vapier@chromium.org>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Sandbox U-Boot has no sound, so there is no point in looping while it
doesn't really play.
BRANCH=none
BUG=chromium-os:32603
TEST=Sandbox U-Boot has no sound, no need to loop
Signed-off-by: Taylor Hutt <thutt@chromium.org>
Change-Id: I5ff987d9d80c2d24ae6502c36cf399e582dff524
Reviewed-on: https://gerrit.chromium.org/gerrit/31015
Reviewed-by: Bill Richardson <wfrichar@chromium.org>
Commit-Ready: Taylor Hutt <thutt@chromium.org>
Reviewed-by: Taylor Hutt <thutt@chromium.org>
Tested-by: Taylor Hutt <thutt@chromium.org>
|
|
|
|
|
|
|
|
|
|
|
|
| |
BRANCH=none # we always build images in ToT.
BUG=chrome-os-partner:13048
TEST=make # got n1366usb bmpblk.bin
Change-Id: I5af3c4f599c6789c208013095db86f0836241ced
Reviewed-on: https://gerrit.chromium.org/gerrit/31324
Reviewed-by: Bill Richardson <wfrichar@chromium.org>
Commit-Ready: Hung-Te Lin <hungte@chromium.org>
Tested-by: Hung-Te Lin <hungte@chromium.org>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
These fields are part of the version 1 struct, but were mistakenly
labeled as version 2 fields. Since ZGB firmware produces a version 1
struct, crossystem was treating the fields as unavailable.
BUG=chromium-os:33685
TEST=crossystem tpm_fwver tpm_kernver
BRANCH=none (OS utility change, not firmware, and affects only Alex/ZGB)
Change-Id: Ic857ee2da9a7ae7f0d42317b711bf102d068de64
Signed-off-by: Randall Spangler <rspangler@chromium.org>
Reviewed-on: https://gerrit.chromium.org/gerrit/30904
Tested-by: Sonny Rao <sonnyrao@chromium.org>
Reviewed-by: Sonny Rao <sonnyrao@chromium.org>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Both for_help_* and Url bitmaps have margin, so it looks too large as a
"margin*2 + 5(x_pad)" gap on screen.
BRANCH=none
BUG=chrome-os-partner:12893
TEST=make # All bitmaps generated.
Change-Id: Ic8d3e9180e52b7476b07367a027793cea0ed3109
Reviewed-on: https://gerrit.chromium.org/gerrit/30988
Tested-by: Hung-Te Lin <hungte@chromium.org>
Reviewed-by: Dave Parker <dparker@chromium.org>
Commit-Ready: Hung-Te Lin <hungte@chromium.org>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
On very large HDDs, the sector count was wrapping around. Switch most
calculations to bytes using uint64_t, and use BLKGETSIZE64 for checking
the loopback device size.
BUG=chrome-os-partner:12705
TEST=parrot build, manual testing
STATUS=Fixed
Change-Id: I1f7aea81151ed5cc130b1f6a05fda83f7a85150f
Signed-off-by: Kees Cook <keescook@chromium.org>
Reviewed-on: https://gerrit.chromium.org/gerrit/31073
Reviewed-by: Elly Jones <ellyjones@chromium.org>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
"insert_sd_usb2" message didn't include the "ChromeOS is missing or damaged"
text, also is too long for certain locales.
We should revise message and check if the locale fits screen width.
BRANCH=none
BUG=none
TEST=cd strings; make # all pass
Change-Id: Ie9cb5e4ecd6d143772ffa8e7de29c202e9bde130
Reviewed-on: https://gerrit.chromium.org/gerrit/30824
Tested-by: Hung-Te Lin <hungte@chromium.org>
Reviewed-by: Dave Parker <dparker@chromium.org>
Commit-Ready: Hung-Te Lin <hungte@chromium.org>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Added "n1366usb2" profile and remove SD icon in *usb profile.
BRANCH=none
BUG=chrome-os-partner:11078
TEST=make # all profiles generated.
Change-Id: If280cebb847cdc7a599f510f279df03e1cc9b4d5
Reviewed-on: https://gerrit.chromium.org/gerrit/30810
Tested-by: Hung-Te Lin <hungte@chromium.org>
Reviewed-by: Bill Richardson <wfrichar@chromium.org>
Reviewed-by: Dave Parker <dparker@chromium.org>
Commit-Ready: Hung-Te Lin <hungte@chromium.org>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
The difference of firmware bitmaps won't rely on platform (x86/arm) in future;
instead, things will differ by rescaling & message contents.
To support that, we need to change build target from "platform" to "profiles".
To build all platforms, run "make" in top leve (or "make all" in images).
To debug (en locale without rescaling), run "make" in images folder.
To debug a specific profile, run "make $PROFILE" in images folder.
BRANCH=none
BUG=chrome-os-partner:11078, chrome-os-partner:12790
TEST=make # all profiles generated in images/out_*/*.bin
Change-Id: Iaabf160b1b2bc844d230188eb593daa8a597d378
Reviewed-on: https://gerrit.chromium.org/gerrit/30683
Commit-Ready: Hung-Te Lin <hungte@chromium.org>
Reviewed-by: Hung-Te Lin <hungte@chromium.org>
Tested-by: Hung-Te Lin <hungte@chromium.org>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
PNG files are better for editing and checking than BMP files.
Also smaller file size.
BRANCH=none
BUG=none
TEST=make # x86 & arm bitmap blocks generated.
Change-Id: I828779aafa4938cb21356a8c42dee27b1b3ad8ae
Reviewed-on: https://gerrit.chromium.org/gerrit/30682
Commit-Ready: Hung-Te Lin <hungte@chromium.org>
Reviewed-by: Hung-Te Lin <hungte@chromium.org>
Tested-by: Hung-Te Lin <hungte@chromium.org>
|