| Commit message (Collapse) | Author | Age | Files | Lines |
|---|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
The Samus EVT2 BIOS names the GPIO controller "PCH-LP" which does
not match the label in the kernel. As a workaround for the factory
use an alias for the PCH-LP that will allow it to find GPIOs properly.
BUG=chrome-os-partner:33098
BRANCH=samus
TEST='crossystem wpsw_cur' returns 1 on samus with 6300.18 firmware
Change-Id: I0b2a109bf79c851d9894e938741622f5c4941da0
Signed-off-by: Duncan Laurie <dlaurie@chromium.org>
Reviewed-on: https://chromium-review.googlesource.com/224573
Commit-Queue: Ricky Liang <jcliang@chromium.org>
Tested-by: Ricky Liang <jcliang@chromium.org>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
The current logic for finding a GPIO expects only one gpiochip
entry to exist in /sys/class/gpio. With Samus there is a second
entry because the codec also exports a set of GPIOs.
To solve this we can use the gpiochip#/label file and compare
against the GPIO controller name described in ACPI.
This adds support for that detection method, as well as a new
GPIO controller entry for INT3437:00 which is used in Broadwell
systems.
BUG=chrome-os-partner:33098
BRANCH=samus
TEST=crossytem wpsw_cur works on samus (TOT with enabled codec)
Signed-off-by: Duncan Laurie <dlaurie@chromium.org>
Reviewed-on: https://chromium-review.googlesource.com/224156
Reviewed-by: Bill Richardson <wfrichar@chromium.org>
(cherry picked from commit 8bb3689d42089241b209ccea2860f03aeaddd8f8)
Change-Id: I5763abdf1c9479d82826516f1c36d6374a0df288
Reviewed-on: https://chromium-review.googlesource.com/224572
Commit-Queue: Ricky Liang <jcliang@chromium.org>
Tested-by: Ricky Liang <jcliang@chromium.org>
Reviewed-by: Duncan Laurie <dlaurie@chromium.org>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Currently ReadFileInt assumes that an integer value read from a file
is never going to be "-1" and uses that value to indicate failure.
In particular for GPIO values that may be returned by the kernel it
is possible for them to be not simply 0 or 1 but instead a bit within
the GPIO status register that indicates the value.
The function semantics are changed to have the caller pass in the
variable to store the integer in, and use the return code explicitly
as a pass or fail condition.
This requires all the callers of ReadFileInt to be changed to use the
new scheme, and the x86 ReadGpio function is changed to normalize the
GPIO value that is read from the kernel instead of assuming it is
always 1 for active high values.
BUG=chrome-os-partner:32645
BRANCH=samus,auron
TEST=build for samus, check crossystem output and ensure that all
values are properly reported and that wpsw_cur is correct now.
Also tested to ensure no changes in output on: x86-alex, daisy,
peach_pit, lumpy, stumpy, nyan_big, nyan_blaze, rush_ryu, panther,
wolf, zako, auron, rambi, squawks, parrot_ivb, veyron_pinky
Signed-off-by: Duncan Laurie <dlaurie@chromium.org>
Reviewed-on: https://chromium-review.googlesource.com/223009
Reviewed-by: Bill Richardson <wfrichar@chromium.org>
(cherry picked from commit d241fff54c982f2764e6d126a024ab71fa6dd84a)
Change-Id: I34e14ec48d99cd3de2cd54cfb835504f10f5ca0f
Reviewed-on: https://chromium-review.googlesource.com/224571
Commit-Queue: Ricky Liang <jcliang@chromium.org>
Tested-by: Ricky Liang <jcliang@chromium.org>
Reviewed-by: Duncan Laurie <dlaurie@chromium.org>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
In order to display the slow EC update screen on x86 devices
in normal mode it is necessary to request a reboot where the
VGA Option ROM is loaded.
This needs a bit of plumbing to pass the OPROM_MATTERS and
OPROM_LOADED flags into shared data so they can be consumed
in the VbEcSoftwareSync() function. It also needs the VbInit()
function to not immediately request a reboot if the VGA Option
ROM was loaded in normal mode and the SLOW_EC flag is set as it
will still need to be used during software sync.
A FIXME in VbEcSoftwareSync() is implemented and the comment is
removed, and two extra checks are done. First, if rebooting to
RO then also check if the VGA Option ROM is needed to save an
extra reboot, and second when exiting the software sync function
request a reboot without the VGA Option ROM if it was done in
normal mode and the option rom was needed+loaded.
The request for a reboot from VbEcSoftwareSync() is saved when
doing EC update in case there is an (optional) PD software sync
that may also need to display the screen.
BUG=chrome-os-partner:12257,chrome-os-partner:32379
BRANCH=samus
TEST=all tests pass, manual testing:
1) in normal mode, with EC/PD in RW, ensure that they are rebooted
to RO and the VGA Option ROM is loaded and the wait screen is
displayed, and then the system is rebooted at the end and the
VGA Option ROM is not loaded.
2) same as #1 with EC/PD in RO already, same result
3) same as #1 with system in developer mode, same result except
there is no reboot at the end of software sync
4) same as #1 with system in developer mode and EC/PD in RO,
ensure that there is no extra reboot at the beginning or end of
software sync.
Change-Id: Id592181efd640f4cd37a986cd1dcc29f3ca45104
Signed-off-by: Duncan Laurie <dlaurie@chromium.org>
Reviewed-on: https://chromium-review.googlesource.com/223718
Reviewed-by: Bill Richardson <wfrichar@chromium.org>
Reviewed-by: Randall Spangler <rspangler@chromium.org>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
ChromiumOS images have recently changed the installable vblock from stateful
partition to kernel + vblock in slot B. sign_official_build script should
follow that layout so other scripts (ex, cros_generate_update_payload) won't
find wrong blob.
BRANCH=none
BUG=chrome-os-partner:32156
TEST=for image_t in ssd usb install recovery; do
./sign_official_build.sh $image_t IMAGE KEYDIR output$image_t.bin
./sign_official_build.sh verify output$image_t.bin
done
# Also boots images without problem.
Change-Id: I04e2b50f3f3355263ba6de9567b4a82c040c5826
Reviewed-on: https://chromium-review.googlesource.com/221890
Reviewed-by: Hung-Te Lin <hungte@chromium.org>
Tested-by: Hung-Te Lin <hungte@chromium.org>
Commit-Queue: Hung-Te Lin <hungte@chromium.org>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
And add a few hash tag types we'll be supporting soon.
No functional changes; just moving an enum from one header to another.
BUG=chromium:423882
BRANCH=none
TEST=VBOOT2=1 make runtests
Change-Id: I6f0fa54ee85fd857c4037856b81e2159e92f1ea9
Signed-off-by: Randall Spangler <rspangler@chromium.org>
Reviewed-on: https://chromium-review.googlesource.com/223532
Reviewed-by: Bill Richardson <wfrichar@chromium.org>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
This allows the algorithm list to be shared by code which simply needs
to look at the vboot structures.
No functional changes; just moving enums around and adding comments.
BUG=chromium:423882
BRANCH=none
TEST=make runtests; VBOOT2=1 make runtests
Change-Id: Ia8cefeffb28d5eceb290540195193ea13e68e2c1
Signed-off-by: Randall Spangler <rspangler@chromium.org>
Reviewed-on: https://chromium-review.googlesource.com/223541
Reviewed-by: Bill Richardson <wfrichar@chromium.org>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Now that futility is pretty much working as intended, we don't
have to be quite so picky in the way it's being invoked. Up until
now, it's only worked when invoked as "futility" or as one of the
built-in commands, such as "dump_fmap".
This change removes those restrictions. You can invoke futility
under any name you wish. If it recognizes the name as a built-in
command, great. Otherwise it will require a valid command as the
first arg, just like it always has.
BUG=none
BRANCH=ToT, Samus
TEST=make runtests
In addtion to the new test included with this CL, I manually ran
lddtree --copy-to-tree=blah --generate-wrappers /usr/bin/futility
./blah/usr/bin/futility dump_fmap -h tests/futility/data/bios_peppy_mp.bin
Before this CL, the wrapper didn't work because the binary was
being invoked as futility.elf, which was rejected. After this CL,
the wrapper works fine.
Change-Id: Iafdaff6e07ed294a7d29e4cff599ace0a3089229
Signed-off-by: Bill Richardson <wfrichar@chromium.org>
Reviewed-on: https://chromium-review.googlesource.com/223386
Reviewed-by: Hung-Te Lin <hungte@chromium.org>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
This is necessary to support reading the kernel from raw NAND flash,
where the driver may need to skip over bad sectors, and absolute
sector addressing is thus not practical.
The impact is relatively minor. Vboot only did two reads per kernel
anyway, one for the first 64KB of the partition and a second for the
rest of the kernel data.
Firmware which uses vboot will need to implement the streaming APIs.
Or, as a really easy workaround, just copy the implementation from
firmware/stub/vboot_api_stub_stream.c, which translates from the new
streaming API to the old sector-based disk API.
BUG=chromium:403432
BRANCH=none
TEST=make runtests; passes.
CQ-DEPEND=CL:221992, CL:222885, CL:222945
Change-Id: I7437b489650c95c09ac68b67d4d86f9e15c2fa73
Signed-off-by: Randall Spangler <rspangler@chromium.org>
Reviewed-on: https://chromium-review.googlesource.com/222410
Reviewed-by: Daniel Ehrenberg <dehrenberg@chromium.org>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
This patch adds three functions called from vboot into depthcharge to
support NAND. NAND needs to stream rather than be accessed randomly
in order to skip bad blocks. The intended flow from vboot1 is:
- Read the GPT from a NAND disk handle, and depthcharge will silently
fill it in with reads from from SPI
- When a partition is selected, open a stream on the volume to access
NAND
- Sequentially read the NAND partition
- Close the NAND stream
This can be done multiple times when trying different partitions. The
stream is associated with the GPT by reading/opening a stream from the
same disk handle.
This patch includes stub implementations by rspangler to translate the
stream calls to block device calls.
To reduce vboot code duplication, this flow will be done for all media
types eventually, but a STREAMING flag is included to ease the transition.
The draft depthcharge code can be found at
https://chromium-review.googlesource.com/#/c/222312/
BUG=chromium:403432
TEST=stub implementations pass unit tests; together with upcoming depthcharge
and vboot code, actually boots a kernel. This compiles by itself.
BRANCH=none
Change-Id: I660a89594390c72c2ef6ea2564367ce62bd90cf2
Reviewed-on: https://chromium-review.googlesource.com/221992
Reviewed-by: Randall Spangler <rspangler@chromium.org>
Reviewed-by: Daniel Ehrenberg <dehrenberg@chromium.org>
Tested-by: Randall Spangler <rspangler@chromium.org>
Commit-Queue: Randall Spangler <rspangler@chromium.org>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
This is just a cosmetic tweak to make it a bit clearer that
mosys is the underlying interface for these particular vbnv
read/write functions.
BUG=none
BRANCH=none
TEST=it still compiles
Signed-off-by: David Hendricks <dhendrix@chromium.org>
Change-Id: Ide172bfecf608a30489d25026268aedfc421ce4d
Reviewed-on: https://chromium-review.googlesource.com/222062
Reviewed-by: Vadim Bendebury <vbendeb@chromium.org>
Reviewed-by: Randall Spangler <rspangler@chromium.org>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
This handles VBNV data stored in SPI flash which happens to be
the exact same way we handle VBNV data stored in the EC.
BUG=chrome-os-partner:31529
BRANCH=none
TEST=with CL:221349 applied, crossystem on storm no longer
spews tons of errors
Change-Id: I021d9f430acfac34dff44a927361a5a0e5ae2ff8
Signed-off-by: David Hendricks <dhendrix@chromium.org>
Reviewed-on: https://chromium-review.googlesource.com/222061
Reviewed-by: Vadim Bendebury <vbendeb@chromium.org>
Reviewed-by: Randall Spangler <rspangler@chromium.org>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
If we try to sign an image w/out Chrome, this file won't exist.
Run grep with the -s flag to silence those warnings.
BUG=chromium:418817
TEST=`cbuildbot storm-release` no longer warns
BRANCH=None
Change-Id: Ibac0978e3e4d9f89c00206a2dd21c1d71544f710
Reviewed-on: https://chromium-review.googlesource.com/221184
Reviewed-by: Gaurav Shah <gauravsh@chromium.org>
Tested-by: Mike Frysinger <vapier@chromium.org>
Commit-Queue: Mike Frysinger <vapier@chromium.org>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
This gives recovery mode information on two boots back instead of one,
which may be handy for debugging.
It also allows determining whether a failure of the current boot
should try the other slot or go to recovery, using only information
stored in NV storage.
Added crossystem support for printing the fields, and unit tests.
BUG=chrome-os-partner:32585
BRANCH=none
TEST=make runtests; VBOOT2=1 make runtests
Change-Id: Ia9f4186210d30217b902db7c513ae4ab8851f8f4
Signed-off-by: Randall Spangler <rspangler@chromium.org>
Reviewed-on: https://chromium-review.googlesource.com/221230
Reviewed-by: Daisuke Nojiri <dnojiri@chromium.org>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Any of these:
make xrefs
make tags
make TAGS
should create "build/cscope.files", containing a list of the
source files used in preparing to run tests (minus any test
sources). If the 'ctags' or 'etags' programs are installed in the
chroot, they'll be run too.
BUG=none
BRANCH=ToT
TEST=manual
make xrefs
cat build/cscope.files
Change-Id: If1173af7edb41742bb348b728238d800ef66ad55
Signed-off-by: Bill Richardson <wfrichar@chromium.org>
Reviewed-on: https://chromium-review.googlesource.com/221425
Reviewed-by: Randall Spangler <rspangler@chromium.org>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Previously, we only kept that slot info in RAM. We read it from NV
storage, but never wrote it back.
Added a test to confirm proper behavior (and made sure it failed
before patching 2misc.c with the fix).
BUG=chrome-os-partner:32583
BRANCH=none
TEST=VBOOT2=1 make runtests
Change-Id: Ie12124d9cbe417914fbde14ea5086380d637240f
Signed-off-by: Randall Spangler <rspangler@chromium.org>
Reviewed-on: https://chromium-review.googlesource.com/221214
Reviewed-by: Daisuke Nojiri <dnojiri@chromium.org>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
This just involves deleting the "set -o pipefail" line. With
bash, that meant that any program failure in a pipe would be
fatal. Without it, only the last program matters. This usually
means that the last command simply gets no input, in which case
the program just appears to do nothing instead of complaining
about whatever the problem was.
Since vbutil_what_keys is generally only used to help debug a
failure to boot, that's not a major problem.
BUG=chromium:419773
BRANCH=ToT
TEST=manual
Tried on a Pit, it works:
localhost ~ # /tmp/vbutil_what_keys /dev/mmcblk0
-e
IMAGE: /dev/mmcblk0
part 2 kernel: d6170aa480136f1f29cf339a5ab1b960585fa444 (!DEV DEV !REC) developer keys
part 4 kernel: d6170aa480136f1f29cf339a5ab1b960585fa444 (!DEV DEV !REC) developer keys
localhost ~ # flashrom -r /tmp/bios.bin
flashrom v0.9.4 : 904e8a5 : Sep 22 2014 20:47:40 UTC on Linux 3.8.11 (armv7l), built with libpci 3.1.10, GCC 4.8.x-google 20140307 (prerelease), little endian
Reading flash... SUCCESS
localhost ~ # /tmp/vbutil_what_keys /tmp/bios.bin
-e
BIOS: /tmp/bios.bin
hwid: PIT D3A-D4Q-A3L
root key: a026a7a4a0bf0fa32d6b7aa90a80d5ef01a3b799 Daisy MP-v3, Peach-Pi MP, Peach-Pit MP-v2, Snow MP
recovery key: 6d9a2ca8b3080a97e1e5a4efbc5386ead77c3c7f Peach-Pit MP-v2
localhost ~ #
Change-Id: I171da3bf688032f469d7a5cdb42278d8028b7e0d
Signed-off-by: Bill Richardson <wfrichar@chromium.org>
Reviewed-on: https://chromium-review.googlesource.com/221176
Reviewed-by: Mike Frysinger <vapier@chromium.org>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
BUG=chromium:419773
BRANCH=ToT
TEST=manual
make MINIMAL=1 DESTDIR=FOO install
make MINIMAL= DESTDIR=BAR install
find FOO BAR -name vbutil_what_keys
It should only install the script into BAR/.
Change-Id: I48d3a780533c5b72cc18720d39b18ac286b07fd9
Signed-off-by: Bill Richardson <wfrichar@chromium.org>
Reviewed-on: https://chromium-review.googlesource.com/221177
Reviewed-by: Mike Frysinger <vapier@chromium.org>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
When disabling verity with make_dev_ssh.sh, a bug in
vbutil_kernel caused the re-signed kernel size to be the entire
kernel partition instead of just the necessary bits. Until we can
improve the test coverage, I'm rolling back the changes that
introduced this bug.
BUG=chromium:418647
BRANCH=ToT
TEST=manual
Created a new test image with these changes. You can install it
and disable dm-verity and it works (although there seems to be an
unrelated browser startup issue on ToT).
Change-Id: I48e8427b05e191c9894c42056429a79d57bfc78d
Signed-off-by: Bill Richardson <wfrichar@chromium.org>
Reviewed-on: https://chromium-review.googlesource.com/220935
Reviewed-by: Randall Spangler <rspangler@chromium.org>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
In AllocAndReadGptData() the code was changed to use the GPT header
to determine the LBA of the GPT entries. This change did not account
for devices that have an invalid header and it can attempt to read
from invalid block addresses on a device.
This commit happened here:
a2d72f7 vboot: cgpt: Refer to partition entries by entries_lba.
https://chromium-review.googlesource.com/213861
The subsequent steps in vboot, LoadKernel->GptInit->GptRepair will
fix a missing header and entries, so it is only necessary for one of
the headers to be valid.
This is commonly the case with a new USB stick that has an image
written to it as only the primary header will be valid in this case.
However it is also true if the primary header has been corrupted and
the secondary header is still valid.
The code has been changed to call CheckHeader() on the primary and
secondary headers before attempting to use the 'entries_lba' field
to read the entries from the device. AllocAndReadGptData() now only
fails if both headers are invalid.
A number of new unit tests are created to check for these failure
conditions. In order to support this I had to extend the vboot_kernel
test infrastructure to have a buffer for the mocked disk data instead
of just ignoring reads and writes. This is because many of the existing
tests assumed they could have an invalid GPT header and still pass.
Now that the header is checked it is necessary for a valid header to
be created before the tests can pass.
BUG=chrome-os-partner:32386
BRANCH=samus,auron
TEST=All unit tests pass when running 'make runtests'
In addition real-world testing was done by corrupting the primary
and/or secondary headers of USB stick to ensure that it will
successfully boot if one of the headers is valid.
Change-Id: I7f840a44742fa3ba9a124df29ab5749e4c5a40c1
Signed-off-by: Duncan Laurie <dlaurie@chromium.org>
Reviewed-on: https://chromium-review.googlesource.com/220757
Reviewed-by: Bill Richardson <wfrichar@chromium.org>
Reviewed-by: Nam Nguyen <namnguyen@chromium.org>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
This adds a --strict mode to the show command, which requires
that all signatures be valid in order to exit cleanly. It also
creates a "verify" command, which is really just an alias for
"show --strict".
BUG=none
BRANCH=ToT
TEST=make runtests
Signed-off-by: Bill Richardson <wfrichar@chromium.org>
Change-Id: I1fed7db7fe7128191bcab0c615706ef4fe2709f5
Reviewed-on: https://chromium-review.googlesource.com/219732
Reviewed-by: Randall Spangler <rspangler@chromium.org>
|
| |
|
|
|
|
|
|
|
|
|
| |
BUG=none
BRANCH=ToT
TEST=make runtests
Signed-off-by: Bill Richardson <wfrichar@chromium.org>
Change-Id: Ib1cf55301fd4c54e3280ef01b7d67a780e7e56fe
Reviewed-on: https://chromium-review.googlesource.com/219731
Reviewed-by: Randall Spangler <rspangler@chromium.org>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
| |
BUG=none
BRANCH=ToT
TEST=make runtests
This also modifies the tests to compare the futility sign command
results against the vbutil_kernel results.
Signed-off-by: Bill Richardson <wfrichar@chromium.org>
Change-Id: Ibc659f134cc83982e3f0c0bcc108cc0eddbe228e
Reviewed-on: https://chromium-review.googlesource.com/219730
Reviewed-by: Randall Spangler <rspangler@chromium.org>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
We have been traversing things by passing a file descriptor. Now
the caller should mmap the file first. This will allow the caller
to determine the file type before traversing into it, so we can
check args.
BUG=none
BRANCH=ToT
TEST=make runtests
Signed-off-by: Bill Richardson <wfrichar@chromium.org>
Change-Id: If69799bde0133689dc9fb5111e6ecb5ac61639c7
Reviewed-on: https://chromium-review.googlesource.com/219649
Reviewed-by: Randall Spangler <rspangler@chromium.org>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
This adds new file types to prepare for signing kernel partitions
and raw firmware blobs (FW_MAIN_A/B).
BUG=none
BRANCH=ToT
TEST=make runtests
No new functionality yet.
Change-Id: Ic6b6b94bb99f00ab54609dfe1b753b53868abaca
Signed-off-by: Bill Richardson <wfrichar@chromium.org>
Reviewed-on: https://chromium-review.googlesource.com/219648
Reviewed-by: Randall Spangler <rspangler@chromium.org>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
The original vbutil_kernel command used file read and write to
make changes. Futility prefers to use memory-mapped files. This
rewrites cmd_vbutil_kernel.c to use that scheme.
BUG=none
BRANCH=ToT
TEST=make runtests
The original cmd_vbutil_kernel.c is renamed, and a test written
to ensure that the refactored version produces identical results.
Signed-off-by: Bill Richardson <wfrichar@chromium.org>
Change-Id: Ic6c3e12429a5dcb271f8136a9edac70807d66120
Reviewed-on: https://chromium-review.googlesource.com/219647
Reviewed-by: Randall Spangler <rspangler@chromium.org>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Previously, you could extract FMAP areas like so:
futility dump_fmap -x bios.bin FW_MAIN_A VBLOCK_A ...
This lets you decide what to name each area as it's extracted:
futility dump_fmap -x bios.bin FW_MAIN_A:/tmp/rw_a ../vblock
BUG=none
BRANCH=ToT
TEST=make runtests
Signed-off-by: Bill Richardson <wfrichar@chromium.org>
Change-Id: If02b57e03294b0b0b1dbc216ef57afdd3bdf2960
Reviewed-on: https://chromium-review.googlesource.com/219646
Reviewed-by: Randall Spangler <rspangler@chromium.org>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Move the Debug() function into a common place instead of several
copies in different files, rename shared functions to start with
"futil_"
BUG=none
BRANCH=ToT
TEST=make runtests
Signed-off-by: Bill Richardson <wfrichar@chromium.org>
Change-Id: I6b844553dff95c24894dae611102716a8da5312d
Reviewed-on: https://chromium-review.googlesource.com/219645
Reviewed-by: Randall Spangler <rspangler@chromium.org>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
If key is null in vb2_verify_digest(), we could attempt to dereference
it. In practice it never is, but for safety's sake we should avoid
the reference.
BUG=chrome-os-partner:32235
BRANCH=none
TEST=VBOOT2=1 make runtests
Change-Id: I5a817e432922ea4c3b439b696cd2f8d988d0fecc
Signed-off-by: Randall Spangler <rspangler@chromium.org>
Reviewed-on: https://chromium-review.googlesource.com/219574
Reviewed-by: Bill Richardson <wfrichar@chromium.org>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
This provides help messages for the futility commands similar to
the way git does. These show the available commands:
futility
futility help
futility --help
While these show help for a specific command:
futility help COMMAND
futility --help COMMAND
futility COMMAND --help
BUG=none
BRANCH=ToT
TEST=manual
make runtests
And manually look at help messages for each command.
Change-Id: I1126471e242784c6ca7a2f11694fa7c505d833e8
Signed-off-by: Bill Richardson <wfrichar@chromium.org>
Reviewed-on: https://chromium-review.googlesource.com/219528
Reviewed-by: Randall Spangler <rspangler@chromium.org>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
| |
This utility is used by firmware tests and having it missing is causing subtle
FAFT test failures that are frustratingly difficult to track down.
BUG=chrome-os-partner:38032
BRANCH=none
TEST=successful run of firmware_UpdateKernelDataKeyVersion
Change-Id: I4dcf277ce2678001f6e68d89781b6166042ea96e
Signed-off-by: Duncan Laurie <dlaurie@chromium.org>
Reviewed-on: https://chromium-review.googlesource.com/219079
Reviewed-by: Bill Richardson <wfrichar@chromium.org>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
This doesn't have any visible effect. It just brings the meaning
of the where-do-I-put-this variable more in line with common
convention.
BRANCH=ToT
BUG=none
CQ-DEPEND=CL:217940
TEST=lots...
make runtests
make DESTDIR=BAR install
make MINIMAL=1 DESTDIR=FOO install
emerge-$BOARD vboot_reference
sudo emerge vboot_reference
trybots: link-tot-paladin, daisy_spring-paladin
Change-Id: I8d72664da07535f663d8b2f13c872eece37978b9
Signed-off-by: Bill Richardson <wfrichar@chromium.org>
Reviewed-on: https://chromium-review.googlesource.com/217930
Reviewed-by: Mike Frysinger <vapier@chromium.org>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
scripts/sign_data.sh is just a wrapper to do this:
./signature_digest_utility $1 $3 \
| openssl rsautl -sign -pkcs -inkey $2
AFAICT, that script is only invoked by the SignatureFile()
function in host/lib/file_keys.c, which is not referenced by
anything. I think I can remove both of those things.
Also remove utility/gbb_utility.cc, which should have been done
long ago in commit 6f39615.
BUG=none
BRANCH=ToT
TEST=make runalltests
Also ran it on daisy_spring-paladin and link-tot-paladin.
Change-Id: I16de5022765806f11bf6144d7ffd8cc849578a68
Signed-off-by: Bill Richardson <wfrichar@chromium.org>
Reviewed-on: https://chromium-review.googlesource.com/216719
Reviewed-by: Mike Frysinger <vapier@chromium.org>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
We still create the symlinks (FOO -> futility), but this
change invokes those built-in functions with "futility FOO ..."
instead of using the FOO symlink.
Note that the scripts/ directory is unchanged. That's a
separate CL, since we don't have tests for that.
BUG=chromium:231547
BRANCH=ToT
TEST=make runtests
In addition to running "make runtests", I temporarily
modified the Makefile to avoid creating the symlinks at all.
The tests still passed.
Change-Id: I96863259b9df02a3611f759a7509bf4090ae03e8
Signed-off-by: Bill Richardson <wfrichar@chromium.org>
Reviewed-on: https://chromium-review.googlesource.com/216717
Reviewed-by: Randall Spangler <rspangler@chromium.org>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Since all of the functionality of the resign_firmwarefd.sh script
is built in to futility, let's just make that script invoke
futility to do the work. We'll come back and remove the script
entirely, once all outside references to it have been changed to
do the right thing.
BUG=chromium:224734
BRANCH=ToT
TEST=make runtests
Also tested by editing tests/futility/test_resign_firmware.sh to
invoke the resign_firmwarefd.sh script instead of futility.
Everything passed.
Signed-off-by: Bill Richardson <wfrichar@chromium.org>
Change-Id: Id068e551067a956cd7ddc3f9b9e23488261d8d94
Reviewed-on: https://chromium-review.googlesource.com/216716
Reviewed-by: Randall Spangler <rspangler@chromium.org>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Just reporting that the parent process is "/bin/bash" doesn't
help much. Let's also report the cmdline args given to the parent
and the cwd. This will help us identify which shell script is
calling futility with the wrong args.
BUG=chromium:231547
BRANCH=ToT
TEST=make runtests
Signed-off-by: Bill Richardson <wfrichar@chromium.org>
Change-Id: I800995ff269ab8d8c56cad8827d8de48a53cd150
Reviewed-on: https://chromium-review.googlesource.com/216715
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
If we're re-signing a valid BIOS image, we want to be sure that
we preserve the original firmware preamble flags (RO_NORMAL and
so forth) if the --flags option does not specifically override
it.
This change adds a test for that case, and makes it happen.
BUG=chromium:224734
BRANCH=ToT
TEST=make runtests
Signed-off-by: Bill Richardson <wfrichar@chromium.org>
Change-Id: I8cbde66abaf96ec82adf0205bedf57b1fd1b82a1
Reviewed-on: https://chromium-review.googlesource.com/216714
Reviewed-by: Randall Spangler <rspangler@chromium.org>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
The previous version of gbb_utility always zeros data before
writing new values and we should keep this behavior, to simplify
firmware hash calculation and potential security concern.
BRANCH=none
BUG=chromium:413066
TEST=emerge gbb_utility; factory/bin/gooftool get_firmware_hash bios.bin
Original-Change-Id: Ic97a118cefc9698d52d9370b627670ff103d5e23
Change-Id: If38e15f35ee491cc80f96b360c63ee25f71c1854
Reviewed-on: https://chromium-review.googlesource.com/217700
Reviewed-by: Hung-Te Lin <hungte@chromium.org>
Commit-Queue: Hung-Te Lin <hungte@chromium.org>
Tested-by: Hung-Te Lin <hungte@chromium.org>
(cherry picked from commit 3c8d29c204c6feb91ad951e2e1c5190d4ca98a13)
Reviewed-on: https://chromium-review.googlesource.com/217711
Commit-Queue: Bill Richardson <wfrichar@chromium.org>
Tested-by: Bill Richardson <wfrichar@chromium.org>
Reviewed-by: Randall Spangler <rspangler@chromium.org>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
This path doesn't exists in the repo so this patch removes it from the
Makefile:
firmware/arch/${FIRMWARE_ARCH}/include
BUG=None
BRANCH=None
TEST=./emerge_test
Change-Id: I8b5461ee0ddfa0aa8d31bc6d2b981912a9ccde58
Reviewed-on: https://chromium-review.googlesource.com/214392
Reviewed-by: Bill Richardson <wfrichar@chromium.org>
Commit-Queue: Alex Deymo <deymo@chromium.org>
Tested-by: Alex Deymo <deymo@chromium.org>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
This allows the sign command to work on BIOS images with
invalid VBLOCK areas. When re-signing an existing image, the
length of the firmware body is part of the firmware preamble
in the VBLOCK areas. If those are invalid, the BIOS can
still be signed, but it will have to sign the entire FW_MAIN
area. That's a little slower to verify, so we'd prefer not
to do that, but it works.
BUG=chromium:224734
BRANCH=ToT
TEST=make runtests
Signed-off-by: Bill Richardson <wfrichar@chromium.org>
Change-Id: If58b5c86c5df12f004eabff72c22bfb1e84de7fd
Reviewed-on: https://chromium-review.googlesource.com/216229
Reviewed-by: Randall Spangler <rspangler@chromium.org>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
This adds a "load_fmap" command, which is pretty much the
opposite of the "dump_fmap -x" command. It allows you to
replace the content of any FMAP areas with new stuff, without
mucking around with dd. There's a test for it, too.
BUG=chromium:224734
BRANCH=ToT
TEST=make runtests
Signed-off-by: Bill Richardson <wfrichar@chromium.org>
Change-Id: I5a9ab249c9e63a9bb1a9b26feeb3ed757cd294f1
Reviewed-on: https://chromium-review.googlesource.com/216228
Reviewed-by: Randall Spangler <rspangler@chromium.org>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
The "sign" command can perform the same operation as the old
resign_firmwarefd.sh script, only about 20 times faster. The
test for that will use the new command instead.
BUG=chromium:224734
BRANCH=ToT
TEST=make runtests
Change-Id: Ie7f7a0ab6fc00d7e06cb263733bf6e7246fdb023
Signed-off-by: Bill Richardson <wfrichar@chromium.org>
Reviewed-on: https://chromium-review.googlesource.com/216227
Reviewed-by: Randall Spangler <rspangler@chromium.org>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
This resigns official MP-signed BIOS images, because that's the best way to
ensure we remain compatible forever. The resign_firmwarefd.sh script is
invoked make_dev_firmware.sh, which is used for development and bringup.
BUG=chromium:224734
BRANCH=ToT
TEST=make runtests
No new functionality, only a new test.
Change-Id: I4bf9cdd8321d126e1c1a45fc198ef46b0eeb5c36
Signed-off-by: Bill Richardson <wfrichar@chromium.org>
Reviewed-on: https://chromium-review.googlesource.com/216226
Reviewed-by: Randall Spangler <rspangler@chromium.org>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
It doesn't yet handle block devices, but it can display normal files
containing a entire BIOS image, a GBB, a VBLOCK, a .vbpubk, a .vblock,
and a firmware preamble (VbFirmwarePreambleHeader).
The command-line options are not well-documented.
BUG=chromium:224734
BRANCH=ToT
TEST=make runtests
Change-Id: I181f6331ae23599302bbaee3f270e8af9586cf06
Reviewed-on: https://chromium-review.googlesource.com/216032
Commit-Queue: Bill Richardson <wfrichar@chromium.org>
Tested-by: Bill Richardson <wfrichar@chromium.org>
Reviewed-by: Randall Spangler <rspangler@chromium.org>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Notify EC of boot mode, i.e. normal, developer or recovery.
This is necessary for battery firmware updates.
BUG=chrome-os-partner:24741
CQ-DEPEND=CL:205323
CQ-DEPEND=CL:210033
CQ-DEPEND=CL:215720
BRANCH=ToT
TEST=Verified on samus & glimmer.
Passed runalltests.
~/trunk/src/platform/vboot_reference $ make runalltests -j
Change-Id: I1613ede34b4a929d1e8114fb519861f349377e94
Signed-off-by: Sheng-Liang Song <ssl@chromium.org>
Reviewed-on: https://chromium-review.googlesource.com/210032
Reviewed-by: Randall Spangler <rspangler@chromium.org>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
The futility.lds linker script was used to generate a table with
all the symbols in a specific section called .futil_cmds listed
in order under the symbol "futil_cmds". This allows the source files
to define a command and let the linker figure out the list of
compiled commands. Nevertheless, passing this linker script
makes the linker leave a gap of about 2MiB in the output ELF file.
Instead of mess up with linker scripts just to generate a table of
commands, this patch generates such table in the Makefile looking
at the included sources and compiling that table. The result is a
futility binary of about 88 KiB instead of the 2.1 MiB required
originally.
This patch also adds sys-boot/chromeos-u-boot to the list of ebuilds
tested by emerge_test.sh.
BUG=chromium:408926
BRANCH=None
TEST=BOARD=link ./emerge_test.sh
TEST=BOARD=daisy_spring ./emerge_test.sh
TEST=`readelf -S futility` shows no gap.
TEST=/usr/bin/futility shows no difference in the help output.
Change-Id: I9c0febc76140b404d48aa13e7f948e8ea77a41b5
Reviewed-on: https://chromium-review.googlesource.com/215496
Tested-by: Alex Deymo <deymo@chromium.org>
Reviewed-by: Bill Richardson <wfrichar@chromium.org>
Commit-Queue: Alex Deymo <deymo@chromium.org>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
This creates a disk image and verifies a kernel can be loaded from it.
It is roughly analogous to vb2_firmware_tests.sh, but at the kernel
step instead of the firmware step.
This will get more interesting in the near future, with the upcoming
addition of a streaming API to read the kernel.
BUG=chromium:408265
BRANCH=none
TEST=make runtests
Change-Id: Icc9e6d0e318c4bd38fc9ab1ad704da99232822e1
Signed-off-by: Randall Spangler <rspangler@chromium.org>
Reviewed-on: https://chromium-review.googlesource.com/214508
Reviewed-by: Daisuke Nojiri <dnojiri@chromium.org>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
This CL renames GPT_PMBR_SECTOR to GPT_PMBR_SECTORS and GPT_HEADER_SECTOR to
GPT_HEADER_SECTORS to better indicate that these are constants for sizes, not
location.
BRANCH=None
BUG=None
TEST=unittest
Change-Id: I26ed6d45d77dcb1eb714135edbb9e4124b54e953
Reviewed-on: https://chromium-review.googlesource.com/214830
Reviewed-by: Bill Richardson <wfrichar@chromium.org>
Tested-by: Nam Nguyen <namnguyen@chromium.org>
Commit-Queue: Nam Nguyen <namnguyen@chromium.org>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
The functions that look for the FMAP and its entries should return more
useful values.
BUG=none
BRANCH=ToT
TEST=make runtests
No functional changes.
Change-Id: I4b62ea0de972bceb3d58f4ee8eb82ad065ddcbae
Signed-off-by: Bill Richardson <wfrichar@chromium.org>
Reviewed-on: https://chromium-review.googlesource.com/214630
Reviewed-by: Randall Spangler <rspangler@chromium.org>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Provide a PublicKeyLooksOkay() function to sanity-check VbPublicKey structs.
This was just part of PublicKeyRead(), but I want to separate the reading
from the checking.
BUG=chromium:224734
BRANCH=ToT
TEST=make runtests
Change-Id: I1dd808e623e2a7fdc2789e02305619111a7b01e6
Signed-off-by: Bill Richardson <wfrichar@chromium.org>
Reviewed-on: https://chromium-review.googlesource.com/214621
Reviewed-by: Randall Spangler <rspangler@chromium.org>
|
