| Commit message (Collapse) | Author | Age | Files | Lines |
|---|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
VbExDisplayDebugInfo() was invented for the TAB display that dumps a
whole lot of possibly interesting debug data to the screen. Since some
debug data is only available to the calling firmware, the convention has
always been that the calling firmware is supposed to append any of its
own debug data it thinks may be relevant to the output.
Later, the function was reused to print small info messages that give
the user a hint what went wrong when a Ctrl+U or Ctrl+L fails
(unlocalized, of course, but better than nothing). The calling firmware
is not aware of this new use case, so every time vboot prints a
"WARNING: Ctrl+L not enabled" sort of message on the screen, depthcharge
also dumps the firmware IDs and TPM state below it.
This patch introduces a new parameter to the function to make the two
differing use cases clear to the calling firmware.
CQ-DEPEND=CL:1496903
BRANCH=None
BUG=None
TEST=with other patches
Change-Id: I52a1e764189508130fea562ad6d53bcefb1fce64
Signed-off-by: Julius Werner <jwerner@chromium.org>
Reviewed-on: https://chromium-review.googlesource.com/1497038
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
VbExDisplayScreen/Menu() can fail for many reasons... most often because
some asset that was part of the intended screen couldn't be found. Most
of the errors are permanent and will not get better by trying again.
The respective vboot wrapper functions track the last screen change that
was requested so that we don't keep drawing the same screen over and
over again for every keyboard poll. The current code does not update
this tracking when there was an error during drawing, but the benefit of
this is questionable... those errors usually mean that some part wasn't
drawn correctly, but they don't mean "please keep trying". This problem
is currently worked around in depthcharge by just always passing
VBERROR_SUCCESS even if the underlying screen drawing calls failed, but
it seems cleaner not to hide this error from vboot and instead make
vboot deal with it better.
BRANCH=None
BUG=None
TEST=Navigated through some menus both with and without bitmaps in CBFS.
Change-Id: I3d86a5150fddce9fab18189b2b706960d429b2b7
Signed-off-by: Julius Werner <jwerner@chromium.org>
Reviewed-on: https://chromium-review.googlesource.com/1497037
Reviewed-by: Furquan Shaikh <furquan@chromium.org>
Reviewed-by: Mathew King <mathewk@chromium.org>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
In Unibuild, the white label models may use (per model) PreMP key for
devices without VPD 'whitelabel_tag' - this helps dogfooders and lab
machines to run and update properly.
BUG=b:126800200
TEST=make futil; tests/futility/run_test_scripts.sh $(pwd)/build/futility
BRANCH=none
Change-Id: I7249e3fb1a2b7ab8ed281d2aa317aee6cde8f8db
Signed-off-by: Hung-Te Lin <hungte@chromium.org>
Reviewed-on: https://chromium-review.googlesource.com/1501614
Commit-Ready: ChromeOS CL Exonerator Bot <chromiumos-cl-exonerator@appspot.gserviceaccount.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Futility has two debug facilities: the Debug() function that can be
enabled by passing --debug on the command line, and the VB2_DEBUG()
macro (mostly in common code from the firmware/ directory that it
includes) which can only be enabled by passing DEBUG=1 at build time.
This is confusing and inconvenient, since you don't always want to
rebuild futility whenever you need that extra debug output and it's not
very obvious that you can get even more debugging beyond just passing
--debug.
This patch resolves the inconsistency by merging both facilities
together into a single VB2_DEBUG() that is output when passing --debug.
In order to make this work, we'll have to move the VBOOT_DEBUG #define
so that it only affects the stub implementation of vb2ex_printf(), and
any caller overriding the stub is in charge of their own destiny. This
should be okay since callers can still individually implement debugging
policy in their versions of vb2ex_printf() if they want to. (This may
have been useful to cut down the binary space for debugging strings, but
our firmware has always been unconditionally enabling VBOOT_DEBUG in the
past years, so that doesn't seem to be very important in practice.)
BRANCH=None
BUG=None
TEST=Ran futility --debug show, noticed I got all the extra keyblock
verification debug output I always wanted.
Change-Id: I9a5c205fc3673941b50f03f2a967b1be110a1555
Signed-off-by: Julius Werner <jwerner@chromium.org>
Reviewed-on: https://chromium-review.googlesource.com/1504140
Commit-Ready: ChromeOS CL Exonerator Bot <chromiumos-cl-exonerator@appspot.gserviceaccount.com>
Reviewed-by: Hung-Te Lin <hungte@chromium.org>
Reviewed-by: Randall Spangler <rspangler@chromium.org>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Many projects started their initial builds without knowing that some
sections must be preserved when being updated. This may be solved by
adding section name to 'preserved' list in firmware updater (for
instance, CL:1239797), or include that section as sub area of
{RO,RW}_PRESERVE.
However, there are problems in both solutions. For example, installing
an older image will run old updater, which will not preserve the new
names. Also, if there are multiple sections must be preserved (and not
contiguous - see CL:1493629) there will be problems. Additionally,
changing FMAP layout usually causes more problems.
As a result, adding the description in FMAP area would be the better
idea. A new FMAP_AREA_PRESERVE suggests firmware updater to preserve
a section if possible. In Coreboot, this can be easily set in *.fmd
using flag (PRESERVE). See https://review.coreboot.org/31709 for
example.
BUG=chromium:936768
TEST=make futil; tests/futility/run_test_scripts.sh $(pwd)/build/futility
BRANCH=None
Change-Id: Ie56f65dd418faa97ffb78b1acff613e7d7e268b8
Signed-off-by: Hung-Te Lin <hungte@chromium.org>
Reviewed-on: https://chromium-review.googlesource.com/1495054
Reviewed-by: Julius Werner <jwerner@chromium.org>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
In RO+RW update mode, we only check if the system will be doing re-key.
However, as Unibuild and White-label are becoming more popular today,
this may not be true when signer config has something wrong, or if the
patching of rootkey/vblock is broken.
As a result we should also check if the target image is looking good
before proceed to update in recovery mode.
BUG=b:126931606
TEST=make futil; tests/futility/run_test_scripts.sh $(pwd)/build/futility
BRANCH=none
Change-Id: I16c2f9b4fd886e15414de8fda7bd41813f3f8d83
Signed-off-by: Hung-Te Lin <hungte@chromium.org>
Reviewed-on: https://chromium-review.googlesource.com/1496678
Reviewed-by: Julius Werner <jwerner@chromium.org>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Many people seem to have problems doing things in the detachable UI on
early bring-up devices that don't yet support display output. This patch
is supposed to alleviate that problem by adding more log output so that
people can see on the UART which menu option they have selected (with
actual text rather than just screen and menu item indices).
While we're at it, let's also dump the TAB output to the console so that
it's easier to retrieve that information without a display as well.
BRANCH=None
BUG=chromium:924446
TEST=None, because make runtests is broken and nobody seems to care.
Change-Id: If9350255a68821b7e232726ba56d001571d52cd4
Signed-off-by: Julius Werner <jwerner@chromium.org>
Reviewed-on: https://chromium-review.googlesource.com/1436494
Reviewed-by: Randall Spangler <rspangler@chromium.org>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
On a full firmware update we need to preserve these regions:
SI_GBE contains the unique MAC address for the system
SI_PDR contains data from the factory and diagnostics
BUG=b:126637087
BRANCH=none
TEST=futility update image-sarien.bin
Change-Id: I2981c8cc478617029934ef3fbdb1c446c858fad8
Signed-off-by: Duncan Laurie <dlaurie@google.com>
Reviewed-on: https://chromium-review.googlesource.com/1493629
Commit-Ready: ChromeOS CL Exonerator Bot <chromiumos-cl-exonerator@appspot.gserviceaccount.com>
Reviewed-by: Hung-Te Lin <hungte@chromium.org>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
The computation to determine the number of table entries was incorrect
due to sizeof(TPM_FAMILY_TABLE_ENTRY) producing a wrong value for the
size of a single entry. TPM_FAMILY_TABLE_ENTRY actually doesn't match
the encoding of the entries in the TPM's response due to alignment.
Fix this by using a constant that reflects the correct entry size.
Relatedly, I found that ReadDelegationFamilyTableTest would have
caught the bug, but was actually not being invoked. Fix this as well.
BUG=chromium:934193
TEST=Unit tests, manual per instructions in bug.
BRANCH=none
Change-Id: Ic72ad110dc0dbf15cc3cc25b438c4bc2bd2d6015
Reviewed-on: https://chromium-review.googlesource.com/1480519
Commit-Ready: Mattias Nissler <mnissler@chromium.org>
Tested-by: Mattias Nissler <mnissler@chromium.org>
Tested-by: Andreea-Elena Costinas <acostinas@google.com>
Reviewed-by: Andrey Pronin <apronin@chromium.org>
|
| |
|
|
|
|
|
|
|
|
|
|
|
| |
There's already a local |output| variable that we clobbered.
BUG=chromium:935628
TEST=cros-signing/signer/signing_unittest.py passes
BRANCH=none
Change-Id: Idde2aa35053ff6bc149f3f4d1df784e25b4fcdc5
Reviewed-on: https://chromium-review.googlesource.com/c/1490651
Reviewed-by: Mike Frysinger <vapier@chromium.org>
Tested-by: Mike Frysinger <vapier@chromium.org>
|
| |
|
|
|
|
|
|
|
|
|
|
|
| |
Openssl output format changed, use futility for key_size.
BUG=chromium:935628
TEST=None
BRANCH=none
Change-Id: I1329fa8cd1a79943dbcd8be19d56680ae22376f1
Reviewed-on: https://chromium-review.googlesource.com/c/1489452
Tested-by: LaMont Jones <lamontjones@chromium.org>
Reviewed-by: Mike Frysinger <vapier@chromium.org>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
BUG=b:124297157
TEST=make runtest
test on device
BRANCH=none
CQ-DEPEND=CL:1466822
Change-Id: Ic3b1b502b1aff14a795397da3024f8a12eb04775
Reviewed-on: https://chromium-review.googlesource.com/1466290
Commit-Ready: Mathew King <mathewk@chromium.org>
Tested-by: Mathew King <mathewk@chromium.org>
Reviewed-by: Julius Werner <jwerner@chromium.org>
Reviewed-by: Mathew King <mathewk@chromium.org>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
| |
BUG=chromium:933391
TEST=make runtests
Test ctrl+d, ctrl+u, and ctrl+l on device
BRANCH=none
Change-Id: Icf8699e5facac44a074cfd47e796b9957fd6b714
Reviewed-on: https://chromium-review.googlesource.com/1475781
Commit-Ready: ChromeOS CL Exonerator Bot <chromiumos-cl-exonerator@appspot.gserviceaccount.com>
Tested-by: Mathew King <mathewk@chromium.org>
Reviewed-by: Julius Werner <jwerner@chromium.org>
Reviewed-by: Mathew King <mathewk@chromium.org>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Rename VB2_DISABLE_DEVELOPER_MODE to VB2_CONTEXT_DISABLE_DEVELOPER_MODE.
Flag name should be consistent with others in vb2_context_flags.
VB2_DISABLE_DEVELOPER_MODE should be removed in subsequent CL.
BUG=b:124141368
TEST=Build locally
BRANCH=none
Change-Id: I42260205e9e27b4bd382cdf69962917d41ca882a
Reviewed-on: https://chromium-review.googlesource.com/1460645
Commit-Ready: ChromeOS CL Exonerator Bot <chromiumos-cl-exonerator@appspot.gserviceaccount.com>
Tested-by: Joel Kitching <kitching@chromium.org>
Reviewed-by: Joel Kitching <kitching@chromium.org>
Reviewed-by: Julius Werner <jwerner@chromium.org>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Rename VB2_SD_DEV_MODE_ENABLED to VB2_SD_FLAG_DEV_MODE_ENABLED.
Flag name should be consistent with others in vb2_shared_data_flags.
VB2_SD_DEV_MODE_ENABLED should be removed in subsequent CL.
BUG=b:124141368
TEST=Build locally
BRANCH=none
Change-Id: I301a43ac6bc7c825a7cb9f9b47f57ed330ba2294
Reviewed-on: https://chromium-review.googlesource.com/1460644
Commit-Ready: ChromeOS CL Exonerator Bot <chromiumos-cl-exonerator@appspot.gserviceaccount.com>
Tested-by: Joel Kitching <kitching@chromium.org>
Tested-by: Julius Werner <jwerner@chromium.org>
Reviewed-by: Joel Kitching <kitching@chromium.org>
Reviewed-by: Julius Werner <jwerner@chromium.org>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Many firmware developers will try to flash a local built firmware (i.e,
DEV key signed) on a MP device (with write protection enabled).
The updater used to provide feedback like:
ERROR: verify_keyblock: Failed verifying key block.
INFO: Current (RO) firmware image has root key: ade780ffd0...732867181bae
WARNING: Target (RW) image is signed by rootkey: b11d74edd2...e1135b49e7f0.
ERROR: RW not signed by same RO root key
>> FAILED: Firmware updater aborted.
This is correctly identifying the root cause, but not helpful for
developers to figure out what to do, and may be confused with the DEV
re-key safety check (which needs --force).
Also, when developers try to do "--mode=factory --force", the message
was:
updater_setup_config: Factory mode needs WP disabled.
Where the 'WP' is again not clear enough.
With this change, we're improving the error messages so that:
- Being consistent on 'root key' instead of 'rootkey'.
- Being consistent for having period for error messages, except those
ended with root key hash (for easier copy-paste).
- Say 'Write Protection' instead of 'WP'.
- When re-keying with WP enabled, print a better hint:
"To change keys in RO area, you have to first remove write protection
(https://goo.gl/ces83U)."
BUG=None
TEST=make futil; tests/futility/run_test_scripts.sh $(pwd)/build/futility
BRANCH=none
Change-Id: Ia74d7b113766d09428a4d0897918b4f17b4afae7
Reviewed-on: https://chromium-review.googlesource.com/1465709
Commit-Ready: Hung-Te Lin <hungte@chromium.org>
Tested-by: Hung-Te Lin <hungte@chromium.org>
Reviewed-by: Matthew Blecker <matthewb@chromium.org>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
cgpt's C/C++ bindings use non-const char* parameters leading to
compiler errors if a user attempts to pass a const char* parameter
rather than creating an unnecessary mutable copy.
Since the code doesn't need to modify the parameters, change them to
const char* to make the library easier to use.
BUG=none
TEST=builds and test cgpt cli tool on-device.
CQ-DEPEND=CL:1460081
BRANCH=none
Change-Id: I6552db159e3dc4d9d07bb889a3f1e4e890b33cb0
Reviewed-on: https://chromium-review.googlesource.com/1459848
Commit-Ready: Fletcher Woodruff <fletcherw@chromium.org>
Tested-by: Fletcher Woodruff <fletcherw@chromium.org>
Reviewed-by: Julius Werner <jwerner@chromium.org>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
We've dropped the chromeos_arm driver on recent kernels. Now, if you
name the GPIO as RECOVERY_SW_L (e.g., in the Device Tree), crossystem
can pick it up directly.
BRANCH=none
BUG=chromium:897992, b:116761006
TEST=crossystem recoverysw_cur on ARM with 4.14+ (without chromeos_arm
driver)
Change-Id: I20fb1aa310268a60070bd6c8914c4d58e5760cf8
Reviewed-on: https://chromium-review.googlesource.com/1448395
Commit-Ready: Brian Norris <briannorris@chromium.org>
Tested-by: SANTHOSH JANARDHANA HASSAN <sahassan@google.com>
Tested-by: Brian Norris <briannorris@chromium.org>
Reviewed-by: Douglas Anderson <dianders@chromium.org>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
The lack of -D support in CgptEdit introduced a test failure. This
change adds support for -D.
BRANCH=none
BUG=chromium:605348
TEST=Verified that prior to this change the tests failed:
cros_workon --host start vboot_reference
sudo FEATURES=test emerge vboot_reference
The tests fail in a different area prior to CgptEdit, so I applied the
following temporary change to Makefile to see the relevant failure:
ifeq (${MINIMAL},)
# Bitmap utility isn't compiled for minimal variant
- test_targets:: runbmptests runfutiltests
+ test_targets:: runbmptests # runfutiltests
# Scripts don't work under qemu testing
With this change the tests pass.
Change-Id: Ia2127a3537c72e4ea6daf59c5c33b8701a89b0f6
Signed-off-by: Matt Delco <delco@google.com>
Reviewed-on: https://chromium-review.googlesource.com/1436496
Tested-by: Matt Delco <delco@chromium.org>
Reviewed-by: Julius Werner <jwerner@chromium.org>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Starting from GBB 1.2, a digest is stored in GBB and must be updated
whenever the HWID string is changed.
In shell script version of updater, the digest is automatically updated
when we do "futility gbb -s --hwid=XXX", but in native updater
implementation we only updated the HWID string and left digest
unchanged, this leaves devices generating wrong PCR1 values.
`cmd_gbb_utility` updates the digest by calling `update_hwid_digest`
using vboot1 structure, so we should introduce a new vboot2 friendly
function, `vb2_change_hwid`, which changes both HWID string and digest
at same time.
Note this has no impact for end user's devices with write protection
enabled. Only changes dogfood units AU results.
BUG=b:122248649
TEST=make futil; tests/futility/run_test_scripts.sh $(pwd)/build/futility
BRANCH=none
Change-Id: I6ad2754e6df3c9dd66d71c560a2afc26d14eae33
Signed-off-by: Hung-Te Lin <hungte@chromium.org>
Reviewed-on: https://chromium-review.googlesource.com/1411932
Reviewed-by: Joel Kitching <kitching@chromium.org>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
| |
This introduces a script for signing Cr50 images on the build server.
BRANCH=cr50
TEST=sign_official_build.sh cr50_firmware input tests/devkeys output
BUG=b:74100307
Change-Id: I741b8532980b0a7a0b32fbacff235c38661c7668
Signed-off-by: Vadim Bendebury <vbendeb@chromium.org>
Reviewed-on: https://chromium-review.googlesource.com/1313573
Commit-Ready: ChromeOS CL Exonerator Bot <chromiumos-cl-exonerator@appspot.gserviceaccount.com>
Reviewed-by: Mike Frysinger <vapier@chromium.org>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Includes cgpt_find.c and some dependencies in the make rule for
libvboothost so that they can be used by the new C++ clobber-state.
BUG=chromium:884520
TEST=vboothost successfully builds
BRANCH=none
Change-Id: I4cedd7625c8dd905b4391de39477f42ad0dc4902
Reviewed-on: https://chromium-review.googlesource.com/1395811
Commit-Ready: Fletcher Woodruff <fletcherw@chromium.org>
Tested-by: Fletcher Woodruff <fletcherw@chromium.org>
Reviewed-by: Hung-Te Lin <hungte@chromium.org>
Reviewed-by: Mike Frysinger <vapier@chromium.org>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Since we enforce this file (with name=) on signers, add it to our test
keysets so we can run unittests against them.
BRANCH=None
BUG=chromium:343499
TEST=precq passes as do new unittests
Change-Id: Ia807df1b8037097064dadc85fcf8796d44ada1af
Reviewed-on: https://chromium-review.googlesource.com/1401143
Commit-Ready: Mike Frysinger <vapier@chromium.org>
Tested-by: Mike Frysinger <vapier@chromium.org>
Reviewed-by: LaMont Jones <lamontjones@chromium.org>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
When using 'futility update' with Servo Micro or CCD, the programmer is
pretty slow that every invocation of flashrom would take a very long
time, so re-reading firmware contents when writing (flashrom -w) seems
redundant. For such usage, a '--fast' would be helpful that
- Uses the last read image (image_current) as --diff
- Add --noverify
BUG=None
TEST=make futil; tests/futility/run_test_scripts.sh $(pwd)/build/futility
BRANCH=None
Change-Id: I1ad57185160a082ea6b5c94b837a4d3ba708b587
Signed-off-by: Hung-Te Lin <hungte@chromium.org>
Reviewed-on: https://chromium-review.googlesource.com/1375495
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
A special Snow RO firmware had been released and would break existing
platform check: 'Google_Snow_Rev4.2695.128.0'. As a result, we want to
bypass platform check in quirk 'daisy_snow_dual_model'.
BUG=chromium:917581
TEST=make futil; tests/futility/run_test_scripts.sh $(pwd)/build/futility
BRANCH=None
Change-Id: I10b0e4c2b8a11faff979b4add368f342a72a6cec
Signed-off-by: Hung-Te Lin <hungte@chromium.org>
Reviewed-on: https://chromium-review.googlesource.com/1390083
Commit-Ready: ChromeOS CL Exonerator Bot <chromiumos-cl-exonerator@appspot.gserviceaccount.com>
Reviewed-by: Joel Kitching <kitching@chromium.org>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
We changed the verity kernel command line form before R16 was released
and included backwards compat support in the scripts for it. But all
the devices that were released for these old versions are EOL, and we
don't need to sign images that old anymore, so drop support.
BRANCH=None
BUG=chromium:891015
TEST=precq passes
Change-Id: I5cc37fae19fb4b3db229598aa0f5c69a6f32005a
Reviewed-on: https://chromium-review.googlesource.com/1387904
Commit-Ready: LaMont Jones <lamontjones@chromium.org>
Tested-by: LaMont Jones <lamontjones@chromium.org>
Reviewed-by: Mike Frysinger <vapier@chromium.org>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
In quirk daisy_snow_dual_model, after RO is preserved the actual RO
version should be updated as well from current image. Without this,
reported version may look weird as RO=132, RW=117.
BRANCH=None
BUG=chromium:915013
TEST=make futil; tests/futility/run_test_scripts.sh $(pwd)/build/futility
Change-Id: I1bc6c47a8bd548265fd654dae6ab2a5971d59a1c
Signed-off-by: Hung-Te Lin <hungte@chromium.org>
Reviewed-on: https://chromium-review.googlesource.com/1383631
Reviewed-by: Duncan Laurie <dlaurie@google.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Commit 16ceb9625ed13b0da4ae6306f9187b672b9b382f dropped support for old
versions, but it also accidentally dropped the salt= setting which ended
up breaking newer recovery kernels. Restore that line and drop an unused
var from the old code path.
BRANCH=None
BUG=chromium:891015, chromium:891764
TEST=running `./sign_official_build.sh verify` against the images in crbug.com/891764 works again
Change-Id: I8ae619c9243f9c2638962ae439b9df5090d6c535
Reviewed-on: https://chromium-review.googlesource.com/1376831
Commit-Ready: Mike Frysinger <vapier@chromium.org>
Tested-by: Mike Frysinger <vapier@chromium.org>
Reviewed-by: David Riley <davidriley@chromium.org>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
| |
In CL:1351178 the SMM store file name has been changed to 'smm_store' so we
have to also change test script.
BUG=b:120060878
TEST=make futil; tests/futility/run_test_scripts.sh $(pwd)/build/futility
Change-Id: Idc98517cc46a848bb77335214a11fbc9303590f2
Signed-off-by: Hung-Te Lin <hungte@chromium.org>
Reviewed-on: https://chromium-review.googlesource.com/1375494
Commit-Ready: ChromeOS CL Exonerator Bot <chromiumos-cl-exonerator@appspot.gserviceaccount.com>
Reviewed-by: Joel Kitching <kitching@chromium.org>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Added a vb2_error_notify() function that bundles a log message,
screen notification message, beep, and flash into one function,
since callers were often calling these three things separately.
BUG=chromium:899762
TEST=Image still builds and runs on an Aleena, function works
on at least one of the calls, the others are harder to test.
TEST=make runtests
BRANCH=none
Change-Id: I82224f8ffa1c326c5e7293a2c00db4dc5d80bf3a
Reviewed-on: https://chromium-review.googlesource.com/1330013
Commit-Ready: ChromeOS CL Exonerator Bot <chromiumos-cl-exonerator@appspot.gserviceaccount.com>
Tested-by: Eugene Hermann <yherman@google.com>
Reviewed-by: Nick Crews <ncrews@chromium.org>
Reviewed-by: Julius Werner <jwerner@chromium.org>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
The firmware updater archive is going to rename the prefix of host (AP)
firmware image from 'bios' to 'image' (CL:1318712), to be more
consistent with firmware package output. We need to include both old and
new names in updater manifest construction.
For --mode=output, we will produce both 'bios.bin' and 'image.bin'. In
future there should be only 'image.bin' after migration is completed.
BUG=b:65745723
TEST=make futil; tests/futility/run_test_scripts.sh $(pwd)/build/futility
BRANCH=None
Change-Id: I8b7e3bc2953b70525fb14fcf6aadaf6d1e00e4aa
Signed-off-by: Hung-Te Lin <hungte@chromium.org>
Reviewed-on: https://chromium-review.googlesource.com/1327862
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
This change allows CgptEdit to be called via the API. Prior to this
change link fails in an app that uses CgptEdit due to undefined
reference. The underlying implementation wasn't checking set_unique so
I've fixed that as well.
BRANCH=none
BUG=None
TEST=Added CgptEdit(0) call to extern.c and verified that build failed.
Added cgpt_edit.c to Makefile and confirmed that build is now
successful. Successfully ran unit tests on both vboot_reference and the
app I'm working on that calls CgptEdit (which also has a unit test for
setting the drive ID).
Change-Id: Ie0a46ff96406eb83d0564d3f1eac978e0565ed76
Signed-off-by: Matt Delco <delco@google.com>
Reviewed-on: https://chromium-review.googlesource.com/1361948
Reviewed-by: Hung-Te Lin <hungte@chromium.org>
Reviewed-by: Julius Werner <jwerner@chromium.org>
|
| |
|
|
|
|
|
|
|
|
|
| |
BUG=None
TEST=None
Change-Id: I789caf6fd4410820b9a0c9ef4ed39ad4f4568737
Reviewed-on: https://chromium-review.googlesource.com/1354144
Commit-Ready: ChromeOS CL Exonerator Bot <chromiumos-cl-exonerator@appspot.gserviceaccount.com>
Tested-by: Joel Kitching <kitching@chromium.org>
Reviewed-by: Randall Spangler <rspangler@chromium.org>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Rename "smm store" to "smm_store".
Depends on CL:1351857.
BUG=b:120060878
TEST=None
Change-Id: Iae511ecdc6d918d06218de1b651b1e5e3821d2f1
Reviewed-on: https://chromium-review.googlesource.com/1351178
Commit-Ready: ChromeOS CL Exonerator Bot <chromiumos-cl-exonerator@appspot.gserviceaccount.com>
Tested-by: Joel Kitching <kitching@chromium.org>
Reviewed-by: Hung-Te Lin <hungte@chromium.org>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
For developers running a local build on white label models, currently
the chromeos-firmwareupdate will always fail if VPD `whitelabel_tag` is
set because the `keyset/` folder does not exist (which was created by
signer bot).
Developers in this case usually don't really care about which key to use
and will be happy with the default (DEV signed) keys, also the key
compatibility will be still checked later, so we can skip the white
label patching if no keyset folder, which would allow developers getting
same experience on WL and non-WL devices.
BUG=b:120268135
TEST=TEST=make futil; tests/futility/run_test_scripts.sh $(pwd)/build/futility
BRANCH=None
Change-Id: I3992301ff4c406096e11e1ae8129f2f68b2319b5
Signed-off-by: Hung-Te Lin <hungte@chromium.org>
Reviewed-on: https://chromium-review.googlesource.com/1356688
Reviewed-by: C Shapiro <shapiroc@chromium.org>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
| |
The firmware name for Veyron devices are Google_Veyron_XXX and we have
to correct the names in quirks database.
BUG=chromium:910085
TEST=make futil; tests/futility/run_test_scripts.sh $(pwd)/build/futility
BRANCH=None
Change-Id: I3bf3bbb32fe90ebf370c1bc51c54d0280ddb7e98
Signed-off-by: Hung-Te Lin <hungte@chromium.org>
Reviewed-on: https://chromium-review.googlesource.com/1354147
Reviewed-by: Youcheng Syu <youcheng@chromium.org>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
"Model '%s' is not defined in manifest." is not very easy to understand
for people who are debugging devices in early stages. We should provide
better instructions. For example, running with Coral updater will now
show:
ERROR: manifest_find_model: Cannot get model name.
You are probably running an image for wrong board, or a device in early
stage that 'mosys' command is not ready, or image from old (or factory)
branches that Unified Build config is not updated yet for 'mosys'.
Please check command 'mosys platform model', which should output one of
the supported models below:
unprovisioned_meep sparky orbatrix unprovisioned_fleex grabbiter bobba
unprovisioned_bobba mimrock fleex meep yorp phaser360 sparky360 phaser
bobba360 unprovisioned_phaser bip
BUG=chromium:875551
TEST=TEST=make futil; tests/futility/run_test_scripts.sh $(pwd)/build/futility
BRANCH=None
Change-Id: Ib17fcb654d1530b94c44cf21aaa28717841f11ed
Signed-off-by: Hung-Te Lin <hungte@chromium.org>
Reviewed-on: https://chromium-review.googlesource.com/1351171
Reviewed-by: Cheng-Han Yang <chenghan@chromium.org>
Reviewed-by: Ting Shen <phoenixshen@chromium.org>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Implement support for getting random bytes from the TPM in the tpm2
library. The intent is to use this to seed the kaslr-seed DT property on
ARM devices.
BRANCH=None
BUG=None
TEST=Generate some random bytes in depthcharge using this API,
and 'stop trunksd; tpmc rand <size>' with sizes (0, 1, 0xf0, and
0xf1) on the device and see the last one fail
Change-Id: Ied0dc1ead70ac4daa2cee315516160ec100039be
Signed-off-by: Stephen Boyd <swboyd@chromium.org>
Reviewed-on: https://chromium-review.googlesource.com/1327187
Commit-Ready: ChromeOS CL Exonerator Bot <chromiumos-cl-exonerator@appspot.gserviceaccount.com>
Reviewed-by: Andrey Pronin <apronin@chromium.org>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Add a mock test to handle VB_AUX_FW_NO_DEVICE severity
BUG=chromium:896451
BRANCH=None
TEST=/mnt/host/source/chromite/bin/cros_run_unit_tests
--board=octopus --packages=chromeos-base/vboot_reference
Change-Id: Ifdabdf3cee1130a8c853d57c278f0e557ebbb96f
Signed-off-by: Karthikeyan Ramasubramanian <kramasub@chromium.org>
Reviewed-on: https://chromium-review.googlesource.com/1299994
Commit-Ready: ChromeOS CL Exonerator Bot <chromiumos-cl-exonerator@appspot.gserviceaccount.com>
Reviewed-by: Furquan Shaikh <furquan@chromium.org>
Reviewed-by: Julius Werner <jwerner@chromium.org>
Reviewed-by: Jett Rink <jettrink@chromium.org>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
There is a possibility that a registered device is not present at
run-time and this scenario needs to be handled a little different. Add a
new update severity to handle this situation.
BUG=chromium:896451
BRANCH=None
TEST=bootup to ChromeOS by connecting and disconnecting the USB
daughterboard
Change-Id: I8a2044ce6a10fe611ee1f47262a7b54598a53ce3
Signed-off-by: Karthikeyan Ramasubramanian <kramasub@chromium.org>
Reviewed-on: https://chromium-review.googlesource.com/1299993
Commit-Ready: ChromeOS CL Exonerator Bot <chromiumos-cl-exonerator@appspot.gserviceaccount.com>
Reviewed-by: Furquan Shaikh <furquan@chromium.org>
Reviewed-by: Julius Werner <jwerner@chromium.org>
Reviewed-by: Jett Rink <jettrink@chromium.org>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
In auto update and recovery, the firmware updater was executed with both
stdout and stderr logged. However, the logs usually comes with all stderr
first then all stdout. This makes it harder to debug because the
messages logged in out of order.
TO solve that, few macros are introduced:
INFO: for useful information.
STATUS: the most common information, usually comes with a prefix code.
And all messages should now go to stderr except the final execution
result (and those output commands, for example --manifest).
BUG=chromium:875551
TEST=TEST=make futil; tests/futility/run_test_scripts.sh $(pwd)/build/futility
CQ-DEPEND=CL:1345250
BRANCH=None
Change-Id: Ie0dc6594ece10e7e15caf9c36353e2b3ec8754c5
Signed-off-by: Hung-Te Lin <hungte@chromium.org>
Reviewed-on: https://chromium-review.googlesource.com/1345611
Reviewed-by: Youcheng Syu <youcheng@chromium.org>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
There were devices shipped as "only device" (no key set) and then became
one of the "white label" family. This is now no longer valid on newer
devices but we have to support the legacy ones, for example Reks.
BUG=chromium:906962
TEST=make futil; tests/futility/run_test_scripts.sh $(pwd)/build/futility
BRANCH=None
Change-Id: I437be08726ab2c46229062689bf765ac6837ca5d
Signed-off-by: Hung-Te Lin <hungte@chromium.org>
Reviewed-on: https://chromium-review.googlesource.com/1345610
Reviewed-by: Youcheng Syu <youcheng@chromium.org>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
There may be quirks needed during image archive setup (for example
loading white label tags) so we have to move quirks setup to some
earlier place.
BUG=chromium:906962
TEST=make futil; tests/futility/run_test_scripts.sh $(pwd)/build/futility
BRANCH=None
Change-Id: I1f6eddb0119c64098df75bad72809ba8366625c7
Signed-off-by: Hung-Te Lin <hungte@chromium.org>
Reviewed-on: https://chromium-review.googlesource.com/1345609
Reviewed-by: Youcheng Syu <youcheng@chromium.org>
|
| |
|
|
|
|
|
|
|
|
|
| |
BUG=None
TEST=None
Change-Id: Ia9a0a7d9aabc298fcbda72371c9b1d2e6b822b17
Reviewed-on: https://chromium-review.googlesource.com/1333092
Commit-Ready: ChromeOS CL Exonerator Bot <chromiumos-cl-exonerator@appspot.gserviceaccount.com>
Tested-by: Joel Kitching <kitching@chromium.org>
Reviewed-by: Julius Werner <jwerner@chromium.org>
|
| |
|
|
|
|
|
|
|
|
|
|
|
| |
Also, add (writable) at the end.
BUG=None
TEST=None
Change-Id: I34eb1e8e02ba3c837ba5fa452f9f6da64ce7b6e0
Reviewed-on: https://chromium-review.googlesource.com/1328391
Commit-Ready: ChromeOS CL Exonerator Bot <chromiumos-cl-exonerator@appspot.gserviceaccount.com>
Tested-by: Joel Kitching <kitching@chromium.org>
Reviewed-by: Julius Werner <jwerner@chromium.org>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Some user-space applications need to know whether Alt OS is
currently enabled or disabled. Add alt_os_enabled to
crossystem as a read-only flag for this purpose.
It is currently based off of reading VBSD_ALT_OS_SHOW_PICKER
from VbSharedDataHeader. We may want to change that to a
field dedicated to showing Alt OS state in the future
(see b/117195332).
BUG=b:117195332,b:117142023
TEST=emerge-eve vboot_reference && \
cros deploy --force --board=eve dut vboot_reference
Change-Id: Ic9a120e7d24021eb984d501f09ce4d7b6f85d730
Reviewed-on: https://chromium-review.googlesource.com/1328390
Commit-Ready: ChromeOS CL Exonerator Bot <chromiumos-cl-exonerator@appspot.gserviceaccount.com>
Tested-by: Joel Kitching <kitching@chromium.org>
Reviewed-by: Julius Werner <jwerner@chromium.org>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Previously, it is impossible to programmatically enable/disable
Alt OS mode in eve. This is because only EC-RW supports the
kbatboot keyboard matrix functionality. But, as part of the
campfire boot flow, the keyboard matrix is retrieved *immediately*
after jumping into EC-RW. We need to insert a small pause in
order to allow for some entity (autotest/servo) to send a kbatboot
command, simulating the Alt OS keyboard press hotkey.
BUG=b:117140648,b:118786884
TEST=Manually use crossystem to set post_ec_sync_delay=1
Reboot, and wait for the delay to begin
Run `kbatboot 1 4 1` in EC console
Check that AP console contains:
"vb2_post_ec_sync_hooks: post_ec_sync_delay 5000 ms..."
TEST=make clean && make runtests
Note that we are only cherry-picking the changes which affect
crossystem in this CL. Firmware changes will still live in
campfire-eve branch only.
Change-Id: I1305357199d87b80b4edc4e311015106ab07de65
Reviewed-on: https://chromium-review.googlesource.com/c/1256644
Commit-Queue: Joel Kitching <kitching@chromium.org>
Tested-by: Joel Kitching <kitching@chromium.org>
Trybot-Ready: Joel Kitching <kitching@chromium.org>
Reviewed-by: Randall Spangler <rspangler@chromium.org>
(cherry picked from commit 64d7369976b88b21d8d8a860252023776a2f119e)
Reviewed-on: https://chromium-review.googlesource.com/1328389
Commit-Ready: ChromeOS CL Exonerator Bot <chromiumos-cl-exonerator@appspot.gserviceaccount.com>
Reviewed-by: Julius Werner <jwerner@chromium.org>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
For dogfood devices, we usually will only re-key from DEV to PreMP, and then
PreMP to MP. It was found that for retail devices, if WP was disabled
(unintended), user may accidentally re-key to DEV keys if they (1)
recover with a DEV-signed image, or (2) received an AU that didn't have
right signing keys.
As a result, we want to make it harder when recovering to DEV keys.
BUG=chromium:894324
TEST=make futil; tests/futility/run_test_scripts.sh $(pwd)/build/futility
BRANCH=None
Change-Id: Id3f7788e6c86d12b6e37b77818a1b4c2ceda1e2f
Signed-off-by: Hung-Te Lin <hungte@chromium.org>
Reviewed-on: https://chromium-review.googlesource.com/1312596
Reviewed-by: Mike Frysinger <vapier@chromium.org>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
I have one too many times being bitten by forgetting to reboot
my DUT between running this tool and trying to flash a new kernel.
Make the script remind me of this requirement.
BRANCH=none
BUG=none
TEST=ran script, saw new output
Change-Id: I5c4738317087ec7654b13c1c9c3cd67273ba3bf1
Signed-off-by: Enrico Granata <egranata@chromium.org>
Reviewed-on: https://chromium-review.googlesource.com/1330016
Reviewed-by: Hung-Te Lin <hungte@chromium.org>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
At present we allow the user to press a keypad number to boot into another
bootloader but there is no indication which one is which.
Add a new screen for this. It is entered via Ctrl-L and shows the
available bootloaders, along with the number to press for each. The
contents of the screen is rendered by the bootloader, as usual.
This is supported by two new screens, one for the keyboard UI and one for
the menu UI. Also a new function, VbExGetAltFwIdxMask(), is added to find
out what bootloaders are available.
Note: This CL combines changes for both UIs. The changes may be easier to
review separately.
CQ-DEPEND=CL:1273269
BUG=chromium:837018
BRANCH=none
TEST=FEATURES=test emerge-grunt --nodeps vboot_reference
Change-Id: Ib3227545dc677c8f9587944753e32f3b49647360
Signed-off-by: Simon Glass <sjg@chromium.org>
Reviewed-on: https://chromium-review.googlesource.com/1273268
Reviewed-by: Julius Werner <jwerner@chromium.org>
|
