| Commit message (Collapse) | Author | Age | Files | Lines |
|---|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
TEST=Able to save ~50ms of bootime with this CL
Without this CL
1100:finished vboot kernel verification 802,443 (148,108)
With this CL
1100:finished vboot kernel verification 775,914 (102,601)
Signed-off-by: Subrata Banik <subrata.banik@intel.com>
Change-Id: I96bea22667ebf45b446a26d84de96e52f3d28aa0
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/vboot_reference/+/1919094
Reviewed-by: Julius Werner <jwerner@chromium.org>
Commit-Queue: Tim Wawrzynczak <twawrzynczak@chromium.org>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
CL:1900560 broke MOCK_TPM due to a typo in the Makefile. This patch
fixes it.
BRANCH=None
BUG=None
TEST=None
Change-Id: Ifd23ad764029b72af3fb03cf9dd52faefa586a80
Signed-off-by: Julius Werner <jwerner@chromium.org>
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/vboot_reference/+/1922491
Reviewed-by: Tim Wawrzynczak <twawrzynczak@chromium.org>
Reviewed-by: Joel Kitching <kitching@chromium.org>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
This patch splits out the TPM functionality into a separate library called
TLCL (TPM lightweight command library). This is to avoid linking in TLCL
code two times and causing duplicate references.
BUG=none
BRANCH=none
TEST=make clean && make runtests
Cq-Depend: chromium:1901882
Change-Id: I56e961c066b2df1d1e19f632b834b11625454f59
Signed-off-by: Tim Wawrzynczak <twawrzynczak@chromium.org>
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/vboot_reference/+/1900560
Reviewed-by: Julius Werner <jwerner@chromium.org>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Unlike STM32 (used on ARM Chromebooks), EC images on most x86
Chromebooks used to have a header before EC_RO section describing the
size and attributes of firmware to load. However, partial updating with
only 'EC_RO' by flashrom will not include those data. So we should use
'WP_RO' to update whole RO area.
This also implies EC RO software sync, which usually only updates
ec.RO.bin in EC_RO, is not safe on devices with extra data. A quick
solution is to only allow RO software sync when EC_RO is aligned to top
of EC firmware image. Also in future devices cannot run EC software sync
may skip generating EC RO blobs in AP coreboot CBFS so the updater won't
try to do RO software sync.
BUG=chromium:1024401
TEST=(kukui) chromeos-firmwareupdate --mode=recovery # updated and boot
(laser) chromeos-firmwareupdate --mode=recovery # updated and boot
also verified we can update from old x86 EC (EC_RO does not
include header) to new style (EC_RO contains header).
Change-Id: I2c90320ffbfd79ba0cbaf70016446d8ab489e6ac
Signed-off-by: Hung-Te Lin <hungte@chromium.org>
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/vboot_reference/+/1919097
Reviewed-by: Shelley Chen <shchen@chromium.org>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
chromeos-tpm-recovery only works when it's actually booted in recovery
mode, not when just running a recovery image in developer mode with
Ctrl+U. This distinction is often not super clear to non-firmware
people, so make the error message more explicit.
BRANCH=None
BUG=None
TEST=None
Change-Id: I18afa933f624f26d1f7949b9b586ab01daf7c801
Signed-off-by: Julius Werner <jwerner@chromium.org>
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/vboot_reference/+/1913491
Reviewed-by: Curtis Malainey <cujomalainey@chromium.org>
Reviewed-by: Joel Kitching <kitching@chromium.org>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Currently, battery cutoff is handled at the end of a successful EC
software sync. Now that auxiliary firmware sync is separate from the
EC, this patch moves it back to after both EC and auxfw updates are
successful, to ensure all firmware is up-to-date before entering ship
mode.
BUG=none
BRANCH=none
TEST=make runtests
Change-Id: I96bea22667ebf45b446a26d84de96e52f3d289a5
Signed-off-by: Tim Wawrzynczak <twawrzynczak@chromium.org>
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/vboot_reference/+/1889430
Reviewed-by: Julius Werner <jwerner@chromium.org>
|
| |
|
|
|
|
|
|
|
|
|
| |
BUG=b:143094352
BRANCH=none
TEST=make clean && make runtests
Change-Id: I3665bfb10c66e2fbe3906e99cc72346748123cfb
Signed-off-by: Tim Wawrzynczak <twawrzynczak@chromium.org>
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/vboot_reference/+/1873879
Reviewed-by: Julius Werner <jwerner@chromium.org>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
The new flag can be set by any firmware which updates the EC to let
further stages know that the EC sync has already been completed during
this boot.
BUG=none
BRANCH=none
TEST=make runtests
Change-Id: Ide14efe7091631b62d240ddc984c8c70527a6d37
Signed-off-by: Tim Wawrzynczak <twawrzynczak@chromium.org>
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/vboot_reference/+/1877066
Reviewed-by: Joel Kitching <kitching@chromium.org>
Reviewed-by: Julius Werner <jwerner@chromium.org>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
crossystem functions just make up a fake vb2_context for calling into
things like vb2_nv_init(), but that function actually accesses
vb2_shared_data as well. This used to work because vb2_get_sd() would
return NULL in that case and vb2_nv_init() actually checks for that,
but with the persistent context model this is no longer possible and
making up directly allocated contexts is always illegal.
This patch adds a small fake workbuffer to the fake context so we can
have real backing storage for shared data. (This might not be the final
way we want to fix it but should work as a quick band-aid over the
crashes.)
Also remove the now pointless (sd == NULL) checks from vb2_nv_init().
BRANCH=None
BUG=chromium:1024732
TEST=make runtests
Change-Id: I91247013f092bbfc41cf1974b82cf70a29fa4734
Signed-off-by: Julius Werner <jwerner@chromium.org>
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/vboot_reference/+/1917486
Tested-by: Brian Norris <briannorris@chromium.org>
Reviewed-by: Brian Norris <briannorris@chromium.org>
Reviewed-by: Randall Spangler <rspangler@chromium.org>
Commit-Queue: Brian Norris <briannorris@chromium.org>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
This patch separates out some code into an extra file so that it's
easier to link into hostlib without pulling in all additional
dependencies from the random 2misc.c crap. The functions are copied
wholesale with no changes.
BRANCH=None
BUG=chromium:1024732
TEST=make runtests
Change-Id: Ia00d1da277e5fc0956c8a1ae608d842224016c91
Signed-off-by: Julius Werner <jwerner@chromium.org>
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/vboot_reference/+/1917819
Tested-by: Brian Norris <briannorris@chromium.org>
Reviewed-by: Brian Norris <briannorris@chromium.org>
Reviewed-by: Randall Spangler <rspangler@chromium.org>
Commit-Queue: Randall Spangler <rspangler@chromium.org>
Commit-Queue: Brian Norris <briannorris@chromium.org>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
This callback is redundant, because vboot takes the buffer pointer and
just passes it straight into vb2ex_ec_update_image(), so clearly the
platform must be able to find the image on its own. Remove it, and also
remove the arguments to vb2ex_ec_update_image which were the image and
its size.
BUG=none
BRANCH=none
TEST=make runtests
Cq-Depend: chromium:1910562
Change-Id: I35548cc0bde761cf08337489af0772bbdf46de4d
Signed-off-by: Tim Wawrzynczak <twawrzynczak@chromium.org>
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/vboot_reference/+/1877065
Reviewed-by: Julius Werner <jwerner@chromium.org>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Currently, the logic for updating auxfw is entangled with the logic
for performing EC software sync. This patch attempts to split them
apart, so that they can be used separately. VbSelectAndLoadKernel()
currently still performs both, EC first and then auxfw. The intended
use-case for this functionality is to perform EC software sync only in
coreboot's romstage. Unit tests were updated to ensure functionality
is effectively unchanged.
BUG=b:143094352, chromium:1016688
BRANCH=none
TEST=make clean && make runtests
Change-Id: I7bdf38694cfed83b18dd8189b8516780184ecc8e
Signed-off-by: Tim Wawrzynczak <twawrzynczak@chromium.org>
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/vboot_reference/+/1867314
Reviewed-by: Julius Werner <jwerner@chromium.org>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Remove devidx argument from internal and external functions.
Rename external API functions to vboot2 scheme (vb2ex_...).
Rename external EC-related data types to vboot2 scheme (vb2_...).
BUG=b:124141368, chromium:1016688, chromium:1017093, b:112198832, b:143094352
TEST=make clean && make runtests
BRANCH=none
Cq-Depend: chromium:1910562
Change-Id: I4ca9858a0f91a0365288c04cdb90aad0efdd7647
Signed-off-by: Joel Kitching <kitching@google.com>
Signed-off-by: Tim Wawrzynczak <twawrzynczak@chromium.org>
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/vboot_reference/+/1872255
Reviewed-by: Julius Werner <jwerner@chromium.org>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
| |
The EC RO name inside CBFS is actually 'ecro' instead of 'ec_ro'.
BRANCH=None
BUG=b:141965252
TEST=make clean && make runtests
Run 'futility update -i image.bin -e ec.bin --mode=recovery'
Change-Id: I2ede0bfbd550d343726df893ce707e82d77d5f30
Signed-off-by: Hung-Te Lin <hungte@chromium.org>
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/vboot_reference/+/1913689
Reviewed-by: Joel Kitching <kitching@chromium.org>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Also standardize on position and spacing of __attribute__.
BUG=b:124141368
TEST=make clean && make runtests
BRANCH=none
Change-Id: Ic61d6193c2413824837a51af98eb2dcd9ea4ab85
Signed-off-by: Joel Kitching <kitching@google.com>
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/vboot_reference/+/1902843
Commit-Queue: Joel Kitching <kitching@chromium.org>
Tested-by: Joel Kitching <kitching@chromium.org>
Reviewed-by: Julius Werner <jwerner@chromium.org>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
When unpacking files, unzip will retain timestamps on the outputs.
This makes it easy to recreate the firmware unpacker with the same
exact contents. futility doesn't copy update timestamps anywhere,
so all the mtimes are $now, which makes it impossible to recreate
the same archive.
Update the API to pass around mtimes by reading them from inputs,
setting them on outputs, and copying them across.
BUG=None
TEST=`futility update -a chromeos-firmwareupdate --unpack out` has timestamps on outputs
BRANCH=None
Change-Id: Icc0ae833390115082e1677d190d1b2a029b78439
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/vboot_reference/+/1913067
Reviewed-by: Hung-Te Lin <hungte@chromium.org>
Commit-Queue: Mike Frysinger <vapier@chromium.org>
Tested-by: Mike Frysinger <vapier@chromium.org>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
All devices which have a PD chip running CrOS EC code have already shipped,
and there is no intention to go back to using an "EC" for a TCPC anymore.
BUG=b:143762298,chromium:1017093
BRANCH=none
TEST=make runtests
Change-Id: I177c00581089de59e4f35608b97ef5432e8b492b
Signed-off-by: Tim Wawrzynczak <twawrzynczak@chromium.org>
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/vboot_reference/+/1895712
Tested-by: Joel Kitching <kitching@chromium.org>
Reviewed-by: Julius Werner <jwerner@chromium.org>
Reviewed-by: Joel Kitching <kitching@chromium.org>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
This patch fixes an issue discovered while fuzzing
vb2_load_fw_keyblock(): the data key contained in the keyblock is not
sanity-checked before moving it around on the work buffer, resulting in
a potential overflow if it's key_size flows over the end of the
keyblock. This is not exploitable since the keyblock was already
verified, so only signed (=trusted) keyblocks can get to this stage, but
there's nothing wrong with double-checking anyway.
This patch also rewrites the data_key moving code a bit to just move the
whole key rather than individually copying the header elements and then
just memmove()ing the data (and keeping the previous key_offset from the
root key rather than the one from the data key). None of these issues
affect correctness but it seems simpler and cleaner to me this way.
Finally, remove an instance where the keyblock was accessed after the
memmove(). This would be bad if the data key was so much larger than the
keyblock that memmove()ing it overwrites the keyblock header. Like an
existing comment points out, that doesn't happen with the key sizes we
choose in practice, but it's still better to not rely on that.
BRANCH=none
BUG=chromium:1017793
TEST=make runtests and reran failing fuzz testcase
Change-Id: I78ded43ad999e0883a69cbb2ea7e876888a9fa22
Signed-off-by: Julius Werner <jwerner@chromium.org>
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/vboot_reference/+/1880015
Reviewed-by: Joel Kitching <kitching@chromium.org>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Move vb2_context to live inside of vb2_shared_data, instead of
in a separate memory space allocated by the caller.
See design doc:
http://go/vboot2-persistent-context
BUG=b:124141368, chromium:994060
TEST=make clean && make runtests
BRANCH=none
Change-Id: If2421756572a43ba58b9da9f00e56a8f26ad3ad5
Signed-off-by: Joel Kitching <kitching@google.com>
Cq-Depend: chromium:1874753, chromium:1902339
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/vboot_reference/+/1716351
Tested-by: Joel Kitching <kitching@chromium.org>
Commit-Queue: Julius Werner <jwerner@chromium.org>
Reviewed-by: Joel Kitching <kitching@chromium.org>
Reviewed-by: Julius Werner <jwerner@chromium.org>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
The following sections can be now deleted from hard-coded list:
- RO_PRESERVE: no boards use it.
- RO_FSG: new images have set the PRESERVE flag in CBFS.
- SI_GBE, SI_PDR: already using PRESERVE flag since fw branch is cut.
BUG=b:116326638,chromium:936768
TEST=make clean && make runtests
Change-Id: I99759949104bf4f1c1db3556e273923dcb1c5887
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/vboot_reference/+/1902841
Tested-by: Hung-Te Lin <hungte@chromium.org>
Auto-Submit: Hung-Te Lin <hungte@chromium.org>
Reviewed-by: Julius Werner <jwerner@chromium.org>
Commit-Queue: Hung-Te Lin <hungte@chromium.org>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
After informing EC of the mode chosen by vboot, it is stored
in a global and never accessed again. Remove this function,
its calls, and its tests.
Also note some significant issues which existed:
(1) Using accessor VbGetMode for tests, rather than just
overriding VbExEcEnteringMode when needed.
(2) The tests checking the value sent to VbExEcEnteringMode
(vboot_api_kernel2_tests and vboot_detach_menu_tests)
actually call the function themselves.
BUG=b:124141368, chromium:1014379
TEST=make clean && make runtests
BRANCH=none
Change-Id: Ib8e510a1e1c663bb3f8238a9ad15e3e64d7350b0
Signed-off-by: Joel Kitching <kitching@google.com>
Cq-Depend: chromium:1864533
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/vboot_reference/+/1830239
Reviewed-by: Joel Kitching <kitching@chromium.org>
Tested-by: Joel Kitching <kitching@chromium.org>
Commit-Queue: Julius Werner <jwerner@chromium.org>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
This reverts commit 6a703f5b0edfdbf2eee72d59499f73585262a46f.
Reason for revert: This change breaks building coreboot
Original change's description:
> Clean up implicit fall through.
>
> Directly use the __attribute__ ((fallthrough)) instead of
> a macro.
> This was suggested in CL:1772474.
>
> BUG=chromium:997709
> TEST=CQ
> BRANCH=None
>
> Change-Id: Ic6cd417d7c735395a4b136dbb0879a6f1716da98
> Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/vboot_reference/+/1897360
> Tested-by: Manoj Gupta <manojgupta@chromium.org>
> Reviewed-by: Julius Werner <jwerner@chromium.org>
> Commit-Queue: Manoj Gupta <manojgupta@chromium.org>
Bug: chromium:997709
Change-Id: Icd0de8bcdee44d1b41f313a4f5aaba8108f734ab
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/vboot_reference/+/1899735
Reviewed-by: Mathew King <mathewk@chromium.org>
Reviewed-by: Julius Werner <jwerner@chromium.org>
Commit-Queue: Julius Werner <jwerner@chromium.org>
Tested-by: Julius Werner <jwerner@chromium.org>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Directly use the __attribute__ ((fallthrough)) instead of
a macro.
This was suggested in CL:1772474.
BUG=chromium:997709
TEST=CQ
BRANCH=None
Change-Id: Ic6cd417d7c735395a4b136dbb0879a6f1716da98
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/vboot_reference/+/1897360
Tested-by: Manoj Gupta <manojgupta@chromium.org>
Reviewed-by: Julius Werner <jwerner@chromium.org>
Commit-Queue: Manoj Gupta <manojgupta@chromium.org>
|
| |
|
|
|
|
|
|
|
|
|
|
|
| |
Clean up the code.
BUG=none
BRANCH=none
TEST=N/A
Change-Id: If4ef76edf5f97fc51a21740e1ca51475b27b5f1a
Signed-off-by: Eric Lai <ericr_lai@compal.corp-partner.google.com>
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/vboot_reference/+/1897416
Reviewed-by: Julius Werner <jwerner@chromium.org>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
If you read the manpage for printf *really* closely, it seems that the
%#x token only prints the 0x prefix for non-zero values. Huh... never
knew that (and our firmware implementations in fact don't honor that,
but glibc does). Anyway, I think we're fine with either behavior but
this broke the expected output for one of our futility tests, which this
patch fixes (originally broken in CL:1840191).
BRANCH=None
BUG=None
TEST=make runtests
Change-Id: Id54ff6f56e02333ab01b09b75deb16f47da01bc3
Signed-off-by: Julius Werner <jwerner@chromium.org>
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/vboot_reference/+/1885411
Reviewed-by: Joel Kitching <kitching@chromium.org>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
This patch fixes a sanitizer issue in cgpt where a GPT entries array may
have been passed even though it was not loaded from disk (parsing an
uninitialized buffer). The GPT library seems to have been written with
the assumption that both headers and entries would always be loaded and
it could recover even if only the primary header and the secondary
entries were valid. In practice, this doesn't really work because the
caller doesn't know how to read entries for an invalid header.
Therefore, change the code so that entries are only assumed to be loaded
for valid headers.
Also fix some minor problems with loading GPTs by aligning sizes up (not
down) to the next sector boundary and making sure we always allocate the
maximum amount of space for entry arrays, even if the current header may
not need that much (in case a repair wants to overwrite it).
This practically reverts CL:276766 which becomes obsolete (and was
really just a dirty hack to hide an underlying problem).
BRANCH=none
BUG=chromium:1017797
TEST=make runtests
Change-Id: I86c601dc074261d53f013b98ae214efdc44f3563
Signed-off-by: Julius Werner <jwerner@chromium.org>
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/vboot_reference/+/1885098
Reviewed-by: Mattias Nissler <mnissler@chromium.org>
Reviewed-by: Randall Spangler <rspangler@chromium.org>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
This patch adds checks necessary before various types of images
signing could proceed.
The checks include verifying that Board ID flags and major version
number match the image type.
Also, manifest modification for node locked images is enhanced by
setting the least significant bit of the tag field to one. This will
ensure that the prod key ladder is not available to node locked images
even though they are signed with a prod key.
BRANCH=none
BUG=b:74100307
TEST=verified various cases by manually editing prod.json and
signing_instructions.sh and observing results: either error
messages or successful modification of the manifest and signing.
Change-Id: I0bc4a8acae1ca4e983999fd47e515c48786ded6c
Signed-off-by: Vadim Bendebury <vbendeb@chromium.org>
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/vboot_reference/+/1894848
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Node locked images signed by the builder will have to come from the
factory branch and have version of 0.3.22.
Signing manifest will be processed to insert Device ID values, remove
Board ID values and set the top bit of config1.
BRANCH=none
BUG=b:74100307
TEST=ran the script manually with proper input and verified that
manifest is processed as expected.
Change-Id: Ib8cbe0f1ae31e79c3228a662c02231caeb901adc
Signed-off-by: Vadim Bendebury <vbendeb@chromium.org>
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/vboot_reference/+/1880572
Tested-by: George Engelbrecht <engeg@google.com>
Reviewed-by: Ned Nguyen <nednguyen@google.com>
Reviewed-by: George Engelbrecht <engeg@google.com>
Commit-Queue: George Engelbrecht <engeg@google.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
| |
BRANCH=None
BUG=None
TEST=None
Change-Id: I6e10fd839e256454ce3671228116d8c3a9ec6092
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/vboot_reference/+/1888274
Tested-by: LaMont Jones <lamontjones@chromium.org>
Tested-by: George Engelbrecht <engeg@google.com>
Auto-Submit: LaMont Jones <lamontjones@chromium.org>
Reviewed-by: George Engelbrecht <engeg@google.com>
Commit-Queue: George Engelbrecht <engeg@google.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
This was originally used for some U-Boot devices which have
already reached AUE.
Keep gpiod_read (the current method), and VbGetPlatformGpioStatus
(deprecated, but still used in current devices).
BUG=chromium:942901
TEST=make clean && make runtests
BRANCH=none
Change-Id: I2a7b97f2ead0294027407cb4e9349cc5265f8f82
Signed-off-by: Joel Kitching <kitching@google.com>
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/vboot_reference/+/1539434
Tested-by: Joel Kitching <kitching@chromium.org>
Commit-Queue: Joel Kitching <kitching@chromium.org>
Reviewed-by: Julius Werner <jwerner@chromium.org>
Reviewed-by: Simon Glass <sjg@chromium.org>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Functions are replaced by their vboot2 equivalents:
GetPublicKeyData --> vb2_packed_key_data
GetSignatureData --> vb2_signature_data
VerifyPublicKeyInside --> vb2_verify_packed_key_inside
VerifySignatureInside --> vb2_verify_signature_inside
BUG=b:124141368, chromium:968464
TEST=make clean && make runtests
BRANCH=none
Change-Id: Idcae0510070242315bdcd843f29d0662ed0ea3ad
Signed-off-by: Joel Kitching <kitching@google.com>
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/vboot_reference/+/1786387
Tested-by: Joel Kitching <kitching@chromium.org>
Reviewed-by: Julius Werner <jwerner@chromium.org>
Commit-Queue: Joel Kitching <kitching@chromium.org>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Keep const (default) and non-const (_mutable suffix) versions
of `data` field accessors for vb2_signature and vb2_packed_key.
No need for separate 2packed_key.c file -- just static inline
the functions.
vb2_verify_packed_key_inside should return type vb2_error_t.
BUG=b:124141368, chromium:968464
TEST=make clean && make runtests
BRANCH=none
Change-Id: I96722a746f26abbb6e19a365ce74f0bfda0da381
Signed-off-by: Joel Kitching <kitching@google.com>
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/vboot_reference/+/1786386
Tested-by: Joel Kitching <kitching@chromium.org>
Commit-Queue: Joel Kitching <kitching@chromium.org>
Reviewed-by: Julius Werner <jwerner@chromium.org>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
For devices with EC that will reset TCPC when updating RO, dogfood units
without write protection will always see failure in recovery process.
To fix this, we want to apply EC RO software sync if available.
BRANCH=None
BUG=b:141965252
TEST=Boot device in recovery mode, same EC RO and run
futility -i image.bin -e ec.bin # see EC RO in next boot
Change-Id: I60552facc059b894a4922738207fd885008cb40c
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/vboot_reference/+/1864534
Reviewed-by: Hung-Te Lin <hungte@chromium.org>
Tested-by: Hung-Te Lin <hungte@chromium.org>
Commit-Queue: Hung-Te Lin <hungte@chromium.org>
Auto-Submit: Hung-Te Lin <hungte@chromium.org>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Always build vboot_reference with "-g" irrespective of debug mode.
Building with "-g" will allow much better stack traces and
debug information when debugging.
Portage will strip the debug binaries so the size of final files
installed on DUT will stay unchanged.
BUG=chromium:1017793
TEST="-g" is passed to builds.
Change-Id: Id6a718bc31afe4a12243ddbb1c45d411ab9791f0
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/vboot_reference/+/1884690
Tested-by: Manoj Gupta <manojgupta@chromium.org>
Reviewed-by: Julius Werner <jwerner@chromium.org>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Follow up commit to CL:1867970.
Shifting a uint8_t left by 24 promotes to an int, not an unsigned int
(and shifts into the sign bit are undefined). Probably doesn't make a
difference in assembly but still doesn't hurt to fix. Courtesy of UBSAN.
BRANCH=None
BUG=chromium:1015908
TEST=No more shift errors in unit test
Change-Id: I10060df6b23da81388db34973b831c09c8d61bff
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/vboot_reference/+/1881475
Tested-by: Manoj Gupta <manojgupta@chromium.org>
Reviewed-by: Julius Werner <jwerner@chromium.org>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
No platforms support vpd in mosys anymore, so this will always
fail. Drop the warning message and let the user extract it from the
BIOS backup if they need.
BUG=chromium:990438
BRANCH=none
TEST=verified no platform offers cmd_vpd in mosys
Change-Id: I5550724f13120202775245cfd252c988edd5b21f
Signed-off-by: Jack Rosenthal <jrosenth@chromium.org>
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/vboot_reference/+/1881473
Reviewed-by: Mike Frysinger <vapier@chromium.org>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Move ec_sync.c to vboot2 namespace. Keep its API in vboot_api.h
for the time being.
BUG=b:124141368, chromium:1016688, b:112198832, b:143094352
TEST=make clean && make runtests
BRANCH=none
Change-Id: Ia925e93ecdcdb1a2a2724336774f48dbe0439743
Signed-off-by: Joel Kitching <kitching@google.com>
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/vboot_reference/+/1872254
Tested-by: Joel Kitching <kitching@chromium.org>
Commit-Queue: Sean Abraham <seanabraham@chromium.org>
Reviewed-by: Julius Werner <jwerner@chromium.org>
Reviewed-by: Furquan Shaikh <furquan@chromium.org>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Merge ec_sync and ec_sync_all in preparation for EC and auxfw
refactoring. This CL just moves code around without actually
making any modifications.
BUG=b:124141368, chromium:1016688, b:112198832, b:143094352
TEST=make clean && make runtests
BRANCH=none
Change-Id: I833c429e36a8f75e9b6d8f21aeb4c8c92c860256
Signed-off-by: Joel Kitching <kitching@google.com>
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/vboot_reference/+/1872253
Reviewed-by: Karthikeyan Ramasubramanian <kramasub@chromium.org>
Reviewed-by: Julius Werner <jwerner@chromium.org>
Reviewed-by: Furquan Shaikh <furquan@chromium.org>
Tested-by: Joel Kitching <kitching@chromium.org>
Commit-Queue: Sean Abraham <seanabraham@chromium.org>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Shifting a uint8_t left by 24 promotes to an int, not an unsigned int
(and shifts into the sign bit are undefined). Probably doesn't make a
difference in assembly but still doesn't hurt to fix. Courtesy of UBSAN.
BRANCH=None
BUG=chromium:1015908
TEST=None
Change-Id: I92db432eebc52c0432d38dc5fc15a80f3d5527c1
Signed-off-by: Julius Werner <jwerner@chromium.org>
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/vboot_reference/+/1867970
Commit-Queue: Stefan Reinauer <reinauer@google.com>
Reviewed-by: Joel Kitching <kitching@chromium.org>
Reviewed-by: Mattias Nissler <mnissler@chromium.org>
|
| |
|
|
|
|
|
|
|
|
|
|
|
| |
BUG=b:124141368
TEST=make clean && make runtests
BRANCH=none
Change-Id: I5643176ff6979408a81df5fce6de6a002f025a60
Signed-off-by: Joel Kitching <kitching@google.com>
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/vboot_reference/+/1776293
Tested-by: Joel Kitching <kitching@chromium.org>
Commit-Queue: Joel Kitching <kitching@chromium.org>
Reviewed-by: Julius Werner <jwerner@chromium.org>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Since these pre-historic functions have already been updated to
return vb2_error_t values, their error codes should be merged
into vb2_return_code just like was done for vboot1 error codes
in CL:1722913.
BUG=b:124141368, chromium:988410
TEST=make clean && make runtests
BRANCH=none
Change-Id: I5c64eca088a5f130fa5b420f94c85d04955948d2
Signed-off-by: Joel Kitching <kitching@google.com>
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/vboot_reference/+/1776292
Tested-by: Joel Kitching <kitching@chromium.org>
Commit-Queue: Joel Kitching <kitching@chromium.org>
Reviewed-by: Joel Kitching <kitching@chromium.org>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Use official inline keyword instead of compiler-specific
__inline.
BUG=b:124141368
TEST=make clean && make runtests
BRANCH=none
Change-Id: Ica2b2bd5f2af5188209dad6b5ba6f317b8229b99
Signed-off-by: Joel Kitching <kitching@google.com>
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/vboot_reference/+/1872252
Tested-by: Joel Kitching <kitching@chromium.org>
Commit-Queue: Joel Kitching <kitching@chromium.org>
Reviewed-by: Julius Werner <jwerner@chromium.org>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Added in CL:26875 for unknown reasons.
BUG=b:124141368,
TEST=make clean && make runtests
BRANCH=none
Change-Id: Ic44852ab98af4318f3e54cc1335f659ec38c4d9b
Signed-off-by: Joel Kitching <kitching@google.com>
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/vboot_reference/+/1819086
Tested-by: Joel Kitching <kitching@chromium.org>
Commit-Queue: Joel Kitching <kitching@chromium.org>
Reviewed-by: Julius Werner <jwerner@chromium.org>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Use _Static_assert() instead.
BUG=b:124141368
TEST=make clean && make runtests
BRANCH=none
Change-Id: I42a18442a8bff1ab346f8ba784e9e6fc0366de9a
Signed-off-by: Joel Kitching <kitching@google.com>
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/vboot_reference/+/1786388
Tested-by: Joel Kitching <kitching@chromium.org>
Commit-Queue: Joel Kitching <kitching@chromium.org>
Reviewed-by: Julius Werner <jwerner@chromium.org>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Move from vboot20 to vboot2.
BUG=b:124141368, chromium:968464
TEST=make clean && make runtests
BRANCH=none
Change-Id: Ib1fe0e2cfb0865fffe33ad35e7bd67d416da4589
Signed-off-by: Joel Kitching <kitching@google.com>
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/vboot_reference/+/1776291
Tested-by: Joel Kitching <kitching@chromium.org>
Commit-Queue: Joel Kitching <kitching@chromium.org>
Reviewed-by: Julius Werner <jwerner@chromium.org>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Stardardize on inconsistency between "keyblock" and "key block"
both in code, comments, and textual output.
BUG=b:124141368, chromium:968464
TEST=make clean && make runtests
BRANCH=none
Change-Id: Ib8819a2426c1179286663f21f0d254f3de9d94a4
Signed-off-by: Joel Kitching <kitching@google.com>
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/vboot_reference/+/1786385
Tested-by: Joel Kitching <kitching@chromium.org>
Reviewed-by: Joel Kitching <kitching@chromium.org>
Commit-Queue: Joel Kitching <kitching@chromium.org>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
All of the functions in lib20/api.c are actively used in coreboot
verstage firmware verification. Fold the functions and their
test suite into 2lib.
BUG=b:124141368, chromium:968464
TEST=make clean && make runtests
BRANCH=none
Change-Id: I2dbad2715246a8a16ee85dac553a751ae1590afa
Signed-off-by: Joel Kitching <kitching@google.com>
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/vboot_reference/+/1659991
Tested-by: Joel Kitching <kitching@chromium.org>
Commit-Queue: Joel Kitching <kitching@chromium.org>
Reviewed-by: Julius Werner <jwerner@chromium.org>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
These timers have not been used in eons, and an alternative
already exists (coreboot's tstamp_table).
BUG=b:124141368, chromium:1014102
TEST=make clean && make runtests
BRANCH=none
Change-Id: Ic0d3e14028315d6f343388c7c1c9d105b7bd58a2
Signed-off-by: Joel Kitching <kitching@google.com>
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/vboot_reference/+/1860254
Tested-by: Joel Kitching <kitching@chromium.org>
Commit-Queue: Joel Kitching <kitching@chromium.org>
Reviewed-by: Julius Werner <jwerner@chromium.org>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Also standardize on using hex for printing ASCII key values
across vboot_ui.c and vboot_ui_menu.c.
BUG=b:124141368
TEST=make clean && make runtests
BRANCH=none
Change-Id: Ib10288d95e29c248ebe807d99108aea75775b155
Signed-off-by: Joel Kitching <kitching@google.com>
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/vboot_reference/+/1840191
Reviewed-by: Joel Kitching <kitching@chromium.org>
Tested-by: Joel Kitching <kitching@chromium.org>
Commit-Queue: Joel Kitching <kitching@chromium.org>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Remove SAVE_LOCALE_IMMEDIATELY.
Check for VB2_CONTEXT_RECOVERY_MODE and !vb2_allow_recovery()
before committing nvdata.
Ensure comments are consistent.
BUG=b:124141368, chromium:1006689
TEST=make clean && make runtests
BRANCH=none
Change-Id: I6919fb858f999c6d8b81a090dc1f271756bc7dc4
Signed-off-by: Joel Kitching <kitching@google.com>
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/vboot_reference/+/1840192
Tested-by: Joel Kitching <kitching@chromium.org>
Commit-Queue: Joel Kitching <kitching@chromium.org>
Reviewed-by: Julius Werner <jwerner@chromium.org>
|
