| Commit message (Collapse) | Author | Age | Files | Lines |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
When developer mode is disabled by the VB2_SECDATA_FWMP_DEV_DISABLE_BOOT
flag, the error message will be redrawn per 20 ms even if no key is
pressed. This patch reduces unnecessary redraw by moving the drawing
inside enter_to_norm_menu(), which will be called only when changing
screens.
BRANCH=kukui
BUG=chromium:1048094,chromium:1049029
TEST=emerge-nami vboot_reference
Cq-Depend: chromium:2040844
Change-Id: I0e892086b25fc94800534c5a37bcab8b70a5fcd9
Signed-off-by: Yu-Ping Wu <yupingso@chromium.org>
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/vboot_reference/+/2035056
Reviewed-by: Joel Kitching <kitching@chromium.org>
Reviewed-by: Julius Werner <jwerner@chromium.org>
(cherry picked from commit 87c7b1b55155a91cd22a1e93343064d65d6aad97)
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/vboot_reference/+/2043781
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
The sd->kernel_version_secdatak variable referenced here is never
actually initialized by current code, so it always shows as 0x00000000.
This patch reverts part of the changes regarding TPM versions in
CL:1680190.
This CL is a temporary fix for kukui. Please do not merge this CL to
ToT, which will be fixed by initializing the variable in question
instead (see CL:1651221).
BRANCH=kukui
BUG=none
TEST=emerge-kukui vboot_reference
Change-Id: I86316a175be7a29eb9c0e4e67dfd59c0ddff9fed
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/vboot_reference/+/2035098
Tested-by: Yu-Ping Wu <yupingso@chromium.org>
Auto-Submit: Yu-Ping Wu <yupingso@chromium.org>
Commit-Queue: Yu-Ping Wu <yupingso@chromium.org>
Reviewed-by: Joel Kitching <kitching@chromium.org>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
We recently reactivated the -DUNROLL_LOOPS code for x86 devices.
Unfortunatley, this seems to lead to code size problems for early
firmware stages on certain x86 boards (CB:37475). The biggest speedup
with unrolled loops was observed during kernel verification anyway
(which hashes orders of magnitude more data than firmware verification),
so let's make this fully configurable by the calling firmware and only
enable it from depthcharge. Pre-RAM coreboot changes are probably better
served with the smaller implementation anyway (and this will only become
more important as we move to CBFS per-file hashing and need hash
algorithms in every stage).
BRANCH=None
BUG=None
TEST=None
Cq-Depend: chromium:1951413
Change-Id: I87eaa14299cae0ee0d0b4a098d638b6bccdaf75b
Signed-off-by: Julius Werner <jwerner@chromium.org>
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/vboot_reference/+/1951782
Reviewed-by: Aaron Durbin <adurbin@google.com>
Reviewed-by: Subrata Banik <subrata.banik@intel.com>
(cherry picked from commit 695c56dc50a59e5c9098c94f41b3d86b8f99baf1)
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/vboot_reference/+/1954965
Reviewed-by: Hung-Te Lin <hungte@chromium.org>
Commit-Queue: Hung-Te Lin <hungte@chromium.org>
Tested-by: Hung-Te Lin <hungte@chromium.org>
Auto-Submit: Hung-Te Lin <hungte@chromium.org>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
TEST=Able to save ~50ms of bootime with this CL
Without this CL
1100:finished vboot kernel verification 802,443 (148,108)
With this CL
1100:finished vboot kernel verification 775,914 (102,601)
Signed-off-by: Subrata Banik <subrata.banik@intel.com>
Change-Id: I96bea22667ebf45b446a26d84de96e52f3d28aa0
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/vboot_reference/+/1919094
Reviewed-by: Julius Werner <jwerner@chromium.org>
Commit-Queue: Tim Wawrzynczak <twawrzynczak@chromium.org>
(cherry picked from commit 7dedd9a88847a7b10ecb75e7c3fd0b28c3f86609)
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/vboot_reference/+/1954964
Reviewed-by: Hung-Te Lin <hungte@chromium.org>
Commit-Queue: Hung-Te Lin <hungte@chromium.org>
Tested-by: Hung-Te Lin <hungte@chromium.org>
Auto-Submit: Hung-Te Lin <hungte@chromium.org>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
BUG=b:124141368
TEST=make clean && make runtests
BRANCH=none
Change-Id: If322882e53aabb9e488a393a0053f16fcabd626c
Signed-off-by: Joel Kitching <kitching@google.com>
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/vboot_reference/+/1839732
Tested-by: Joel Kitching <kitching@chromium.org>
Commit-Queue: Joel Kitching <kitching@chromium.org>
Reviewed-by: Julius Werner <jwerner@chromium.org>
(cherry picked from commit 7a58d44d2b241a739bb5d10daca1ae5a98f92544)
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/vboot_reference/+/1902833
Reviewed-by: Hung-Te Lin <hungte@chromium.org>
Commit-Queue: Hung-Te Lin <hungte@chromium.org>
Tested-by: Hung-Te Lin <hungte@chromium.org>
Auto-Submit: Hung-Te Lin <hungte@chromium.org>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
BUG=b:124141368
TEST=make clean && make runtests
BRANCH=none
Change-Id: Ie00678b9045b0a93ee7d0baaf285e9aed68917c4
Signed-off-by: Joel Kitching <kitching@google.com>
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/vboot_reference/+/1839731
Tested-by: Joel Kitching <kitching@chromium.org>
Reviewed-by: Joel Kitching <kitching@chromium.org>
Reviewed-by: Julius Werner <jwerner@chromium.org>
Commit-Queue: Joel Kitching <kitching@chromium.org>
(cherry picked from commit a2d9c10ad4a3569e05690c396b93e7b21813b347)
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/vboot_reference/+/1902832
Reviewed-by: Hung-Te Lin <hungte@chromium.org>
Commit-Queue: Hung-Te Lin <hungte@chromium.org>
Tested-by: Hung-Te Lin <hungte@chromium.org>
Auto-Submit: Hung-Te Lin <hungte@chromium.org>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
vboot1 FWB_TRIED flag is unused and replaced by vboot2
TRY_COUNT.
Remove related test cases.
Rewrite a special case for preventing kernel version roll-forward
with combined firmware+kernel updates.
BUG=b:124141368, chromium:1010389, b:35575422
TEST=make clean && make runtests
BRANCH=none
Change-Id: I9300def8bb426868b5e4d687d9c86e85c0c9b2c0
Signed-off-by: Joel Kitching <kitching@google.com>
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/vboot_reference/+/1833369
Reviewed-by: Joel Kitching <kitching@chromium.org>
Tested-by: Joel Kitching <kitching@chromium.org>
Commit-Queue: Joel Kitching <kitching@chromium.org>
(cherry picked from commit 3c00180ae2b7efbe7cf14eac7e62d649d0a30d3c)
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/vboot_reference/+/1902831
Reviewed-by: Hung-Te Lin <hungte@chromium.org>
Commit-Queue: Hung-Te Lin <hungte@chromium.org>
Tested-by: Hung-Te Lin <hungte@chromium.org>
Auto-Submit: Hung-Te Lin <hungte@chromium.org>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
The reason for having a separate REC_DISK_DELAY and REC_KEY_DELAY has
long been lost in time... in fact, with our current coreboot firmware
stack, polling for keys will always also poll for disks, so we're
already polling for disks in the inner loop anyway. Removing this
distinction will resolve some weirdness in certain error cases.
An unintended side effect is that the usual recovery mode console spam
goes from annoying at 4 times a second to unbearable at 50 times a
second. Let's just remove it instead and get the console output more in
line with what our developer and BROKEN screens show (i.e. nothing,
unless there's any change or user input).
BRANCH=None
BUG=chromium:1009850
TEST=Booted Kevin
Change-Id: Ie1754646e7d17a661c9adebf43483df1785e6127
Signed-off-by: Julius Werner <jwerner@chromium.org>
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/vboot_reference/+/1856831
Reviewed-by: Joel Kitching <kitching@chromium.org>
(cherry picked from commit 5caaa393b4345ea09e2bf4e336d2c30b80376eab)
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/vboot_reference/+/1902830
Reviewed-by: Hung-Te Lin <hungte@chromium.org>
Commit-Queue: Hung-Te Lin <hungte@chromium.org>
Tested-by: Hung-Te Lin <hungte@chromium.org>
Auto-Submit: Hung-Te Lin <hungte@chromium.org>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Right now TryLoadKernel() always sets a recovery reason when it did not
manage to load a kernel for any reason. In many cases (e.g. we're
already in recovery mode, or we're trying to boot off some random USB
stick in dev mode) we don't actually want that to happen, so there are
four different instances of code unconditionally clearing the recovery
reason again right after calling TryLoadKernel().
This is confusing and there's a far simpler solution: only set the
recovery reason when we're booting off a fixed disk. We never want to
set it when trying to boot a removable disk anyway, so centralizing this
distinction right in TryLoadKernel() makes the logic easier to follow.
BRANCH=None
BUG=None
TEST=make runtests, played around with a Kevin
Change-Id: I9d56356b0f3547b3690be2c24cf6936e57e4cf1f
Signed-off-by: Julius Werner <jwerner@chromium.org>
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/vboot_reference/+/1859687
(cherry picked from commit 0320617a0b9abf44eba822e1cb043a87a6e808fe)
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/vboot_reference/+/1902829
Reviewed-by: Hung-Te Lin <hungte@chromium.org>
Commit-Queue: Hung-Te Lin <hungte@chromium.org>
Tested-by: Hung-Te Lin <hungte@chromium.org>
Auto-Submit: Hung-Te Lin <hungte@chromium.org>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
LoadKernel() currently contains code that sets the recovery reason
directly (via direct nvdata access, bypassing the usual
VbSetRecoveryReason() helper) whenever it has a problem loading a
kernel. This seems to be an ancient vestige from the time when
LoadKernel() (and not VbSelectAndLoadKernel()) was still the external
API. In our current use, VbTryLoadKernel() will always immediately
override any recovery reason set this way.
This patch removes this pointless code to avoid confusion. Instead,
TryLoadKernel() is expanded to be able to tell the difference between
LoadKernel() return codes and set a more precise recovery reason based
on that.
BRANCH=None
BUG=chromium:692715
TEST=make runtests
Change-Id: Idd8bd6e16d5ef1472aa3b2b66468248726d5c889
Signed-off-by: Julius Werner <jwerner@chromium.org>
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/vboot_reference/+/1859686
(cherry picked from commit ddcec12ff1a033dfc533212ca2012e406a58f458)
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/vboot_reference/+/1876588
Reviewed-by: Hung-Te Lin <hungte@chromium.org>
Commit-Queue: Hung-Te Lin <hungte@chromium.org>
Tested-by: Hung-Te Lin <hungte@chromium.org>
Auto-Submit: Hung-Te Lin <hungte@chromium.org>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Remove VbSetRecoveryRequest and use vb2api_fail instead.
When failure is encountered in kernel verification, it's very
possible that there is a bug in updated RW firmware. The other
firmware slot should always be attempted before falling back to
recovery mode. Call vb2api_fail to invoke this behaviour, rather
than setting the recovery request directly with
VbSetRecoveryRequest.
BUG=b:124141368, chromium:1007999
TEST=make clean && make runtests
BRANCH=none
Change-Id: I69c457f37d1f58c1eef33dec436fb77b2a77030f
Signed-off-by: Joel Kitching <kitching@google.com>
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/vboot_reference/+/1833364
Tested-by: Joel Kitching <kitching@chromium.org>
Commit-Queue: Joel Kitching <kitching@chromium.org>
Reviewed-by: Julius Werner <jwerner@chromium.org>
(cherry picked from commit f06f7551e16bb5e44b3b1f2fd5788ea86825cd7e)
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/vboot_reference/+/1902828
Reviewed-by: Hung-Te Lin <hungte@chromium.org>
Commit-Queue: Hung-Te Lin <hungte@chromium.org>
Tested-by: Hung-Te Lin <hungte@chromium.org>
Auto-Submit: Hung-Te Lin <hungte@chromium.org>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
This patch deprecates a bunch of recovery reasons we no longer use and
removes the display strings associated with them.
BRANCH=None
BUG=None
TEST=make runtests
Change-Id: I0350784f810c68d52bc972575b8c3f57539b8094
Signed-off-by: Julius Werner <jwerner@chromium.org>
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/vboot_reference/+/1863624
Reviewed-by: Joel Kitching <kitching@chromium.org>
(cherry picked from commit ddc8458496bad26c0dfbba1b8bf8c8730c9f3829)
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/vboot_reference/+/1876587
Reviewed-by: Hung-Te Lin <hungte@chromium.org>
Commit-Queue: Hung-Te Lin <hungte@chromium.org>
Tested-by: Hung-Te Lin <hungte@chromium.org>
Auto-Submit: Hung-Te Lin <hungte@chromium.org>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
When enabling `-fno-common` in Fuchsia, we get a bunch of linker errors
when linking futility:
```
ld.lld: error: duplicate symbol: vboot_version
>>> defined at futility.h:43 (../../third_party/vboot_reference/futility/futility.h:43)
>>> host_x63-asan_no_detect_leaks/obj/third_party/vboot_reference/futility/futility.cmd_bdb.c.o:(vboot_version)
>>> defined at futility.h:43 (../../third_party/vboot_reference/futility/futility.h:43)
>>> host_x64-asan_no_detect_leaks/obj/third_party/vboot_reference/futility/futility.cmd_create.c.o:(.bss.vboot_version+0x0)
```
and think this is because -fno-common places vboot_version for
unitialized global variables in the BSS section of each object file.
Making it extern instead resolves each reference to its definition in
futility/misc.c.
Change-Id: I591f07abd1f975a8a9d078bb4366e2e0861390b4
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/vboot_reference/+/1839207
Reviewed-by: Julius Werner <jwerner@chromium.org>
Reviewed-by: Joel Kitching <kitching@chromium.org>
Commit-Queue: Julius Werner <jwerner@chromium.org>
Tested-by: Julius Werner <jwerner@chromium.org>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Previously used for fastboot.
BUG=b:124141368, chromium:995172
TEST=make clean && make runtests
BRANCH=none
Change-Id: I960932526bbd4482707125700cfa63e94c9f356b
Signed-off-by: Joel Kitching <kitching@google.com>
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/vboot_reference/+/1776290
Commit-Queue: Joel Kitching <kitching@chromium.org>
Tested-by: Joel Kitching <kitching@chromium.org>
Reviewed-by: Julius Werner <jwerner@chromium.org>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Remove linktest files, which were previously used to ensure that
firmware lib doesn't rely on outside libraries.
BUG=b:124141368
TEST=make clean && make runtests
BRANCH=none
Change-Id: I694ca51007b05213d4b105f183bb34ad25e2ddbd
Signed-off-by: Joel Kitching <kitching@google.com>
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/vboot_reference/+/1813123
Reviewed-by: Joel Kitching <kitching@chromium.org>
Commit-Queue: Joel Kitching <kitching@chromium.org>
Tested-by: Joel Kitching <kitching@chromium.org>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
As previously discussed with jwerner@, API functions should not
distinguish between "internal" and "external" versions.
BUG=b:124141368
TEST=make clean && make runtests
BRANCH=none
Change-Id: Iea4fb430dbd56110639f52bdb7d8d3aaae7ee293
Signed-off-by: Joel Kitching <kitching@google.com>
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/vboot_reference/+/1830240
Reviewed-by: Julius Werner <jwerner@chromium.org>
Tested-by: Joel Kitching <kitching@chromium.org>
Commit-Queue: Joel Kitching <kitching@chromium.org>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
In CL:1773088, we jumped the gun on an update to using the
context object in RollbackFwmpRead, before actually updating
the function to take vb2_context as an argument (which will
occur in CL:1728298).
BUG=b:124141368, chromium:972956
TEST=make clean && MOCK_TPM=1 make runtests
BRANCH=none
Change-Id: I0e1db6eafea169e73a806094ec6f385254fa563f
Signed-off-by: Joel Kitching <kitching@google.com>
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/vboot_reference/+/1830238
Tested-by: Joel Kitching <kitching@chromium.org>
Tested-by: Julius Werner <jwerner@chromium.org>
Reviewed-by: Ronak Kanabar <ronak.kanabar@intel.corp-partner.google.com>
Reviewed-by: Julius Werner <jwerner@chromium.org>
Commit-Queue: Julius Werner <jwerner@chromium.org>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Found by Coverity Scan #204275
BUG=none
BRANCH=none
TEST=Coverity run after this merged marks #204275 fixed
Change-Id: I50e6300eabaf6bd0c1230b0cbd2d375ab1daf5d2
Signed-off-by: Patrick Georgi <pgeorgi@google.com>
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/vboot_reference/+/1827293
Reviewed-by: Duncan Laurie <dlaurie@google.com>
Commit-Queue: Patrick Georgi <pgeorgi@chromium.org>
Tested-by: Patrick Georgi <pgeorgi@chromium.org>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Coverity identifies a couple of issues with data read and then parsed,
but it can't identify that the code checks it. Help coverity with an
annotation.
BUG=none
BRANCH=none
TEST=Should clear a couple of coverity errors, but it's hard to test
offline.
Change-Id: Icab3c6bdfeb4cc36b3c183ac2207c4a41c9cfaf1
Signed-off-by: Patrick Georgi <pgeorgi@google.com>
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/vboot_reference/+/1815242
Reviewed-by: Julius Werner <jwerner@chromium.org>
Tested-by: Patrick Georgi <pgeorgi@chromium.org>
Commit-Queue: Patrick Georgi <pgeorgi@chromium.org>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Found by Coverity Scan #57203
BUG=none
BRANCH=none
TEST=none
Change-Id: Ic04d1c7c3299ee5f779e7a8cf0359a8a1a751b5b
Signed-off-by: Patrick Georgi <pgeorgi@google.com>
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/vboot_reference/+/1815240
Reviewed-by: Julius Werner <jwerner@chromium.org>
Tested-by: Patrick Georgi <pgeorgi@chromium.org>
Commit-Queue: Patrick Georgi <pgeorgi@chromium.org>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Found by Coverity Scan #242
BUG=none
BRANCH=none
TEST=none
Change-Id: I384044d36ee5e2e9d344c7af40d61c5e27fd75b4
Signed-off-by: Patrick Georgi <pgeorgi@google.com>
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/vboot_reference/+/1815239
Reviewed-by: Hung-Te Lin <hungte@chromium.org>
Tested-by: Patrick Georgi <pgeorgi@chromium.org>
Commit-Queue: Patrick Georgi <pgeorgi@chromium.org>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Found by Coverity Scan #198897
BUG=none
BRANCH=none
TEST=none
Change-Id: Ib7e049c912a77fa5ad15a0f4638befd5596b7df4
Signed-off-by: Patrick Georgi <pgeorgi@google.com>
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/vboot_reference/+/1815238
Reviewed-by: Hung-Te Lin <hungte@chromium.org>
Tested-by: Patrick Georgi <pgeorgi@chromium.org>
Commit-Queue: Patrick Georgi <pgeorgi@chromium.org>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Should have no extra line breaks in between local includes,
and should be sorted alphabetically.
BUG=b:124141368
TEST=make clean && make runtests
BRANCH=none
Change-Id: I83c25d30d7376712857314965a7d93f57190aa3f
Signed-off-by: Joel Kitching <kitching@google.com>
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/vboot_reference/+/1776281
Tested-by: Joel Kitching <kitching@chromium.org>
Commit-Queue: Joel Kitching <kitching@chromium.org>
Reviewed-by: Julius Werner <jwerner@chromium.org>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Makes it easier to prevent different parts of vboot from reading
secdata structs without using accessor functions.
BUG=b:124141368, chromium:972956
TEST=make clean && make runtests
BRANCH=none
Change-Id: I407e1409409c6aab0c1f311f7715ce159497961b
Signed-off-by: Joel Kitching <kitching@google.com>
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/vboot_reference/+/1776280
Reviewed-by: Joel Kitching <kitching@chromium.org>
Tested-by: Joel Kitching <kitching@chromium.org>
Commit-Queue: Joel Kitching <kitching@chromium.org>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Implement FWMP support in vboot2. Currently, the data structure
is just accessed directly, checking to see whether its `flags`
member contains particular flags. We'd like to change this to
follow the same scheme as secdata_firmware and secdata_kernel.
This CL also updates some functions, comments, and tests related
to secdata_firmware and secdata_kernel to ensure consistency
between code for the secdata spaces.
BUG=b:124141368, chromium:972956
TEST=make clean && make runtests
BRANCH=none
Change-Id: Ia0d67532cc6e077e170ffb25d0bc587b1d53edf3
Signed-off-by: Joel Kitching <kitching@google.com>
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/vboot_reference/+/1773088
Reviewed-by: Joel Kitching <kitching@chromium.org>
Tested-by: Joel Kitching <kitching@chromium.org>
Commit-Queue: Joel Kitching <kitching@chromium.org>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Sometimes vboot needs to make assertions to work sanely without
always having to return VB2_ERROR_* values. Add VB2_ASSERT and
VB2_DIE macros to deal with these cases.
Convert existing VbAssert macro to use either VB2_ASSERT or
TEST_* macros depending on the case.
Implement testing infrastructure to check that aborts are being
triggered correctly. The TEST_ASSERT macro should be used.
BUG=b:124141368, chromium:1005700
TEST=make clean && make runtests
BRANCH=none
Change-Id: I298384ba50842a94a311df7f868f807bf2109cff
Signed-off-by: Joel Kitching <kitching@google.com>
Cq-Depend: chromium:1813277
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/vboot_reference/+/1800112
Tested-by: Joel Kitching <kitching@chromium.org>
Reviewed-by: Julius Werner <jwerner@chromium.org>
Commit-Queue: Joel Kitching <kitching@chromium.org>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Found by Coverity Scan #198897
BUG=none
BRANCH=none
TEST=none
Change-Id: I171571afe2492d15256df8388fa4a05bd8b10bf2
Signed-off-by: Patrick Georgi <pgeorgi@google.com>
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/vboot_reference/+/1789711
Tested-by: Patrick Georgi <pgeorgi@chromium.org>
Commit-Queue: Patrick Georgi <pgeorgi@chromium.org>
Reviewed-by: Hung-Te Lin <hungte@chromium.org>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Found by Coverity Scan #198901
BUG=none
BRANCH=none
TEST=none
Change-Id: I6ebf5caa286bd64cddaa589a9e14f93185afbf90
Signed-off-by: Patrick Georgi <pgeorgi@google.com>
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/vboot_reference/+/1789710
Reviewed-by: Hung-Te Lin <hungte@chromium.org>
Tested-by: Patrick Georgi <pgeorgi@chromium.org>
Commit-Queue: Patrick Georgi <pgeorgi@chromium.org>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Found by Coverity Scan #198910
BUG=none
BRANCH=none
TEST=none
Change-Id: I609a3a1fe4d38b5c417608ef8574df6286dfbfda
Signed-off-by: Patrick Georgi <pgeorgi@google.com>
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/vboot_reference/+/1789709
Reviewed-by: Hung-Te Lin <hungte@chromium.org>
Tested-by: Patrick Georgi <pgeorgi@chromium.org>
Commit-Queue: Patrick Georgi <pgeorgi@chromium.org>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
We're dropping this from the signer, so drop it from here too.
Nothing else has referred to it.
BUG=None
TEST=CQ passes
BRANCH=None
Change-Id: I855ef036b620082ec98af7aac8ea330ae472435a
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/vboot_reference/+/1814697
Reviewed-by: George Engelbrecht <engeg@google.com>
Commit-Queue: Mike Frysinger <vapier@chromium.org>
Tested-by: Mike Frysinger <vapier@chromium.org>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
This reverts commit 4856877a76a90ab1851c0e24593ec67e6375a60a.
Reason for revert: Root cause fixed by CL:1790955.
Original change's description:
> Use bfd as the linker to build vboot_reference.
>
> Coreboot uses vboot_reference to build futility as a host binary.
> However, it passes a target path for linking which causes LLD to
> error out.
> e.g. x86_64-pc-linux-clang -L/build/veyron_minnie/usr/lib
> where -L/build/veyron_minnie/usr/lib should not be passed
> as futility is being linked as a host binary.
>
> Use bfd as the linker temporarily as it only produces a warning
> and does not error out.
>
> BUG=chromium:999217
> TEST=coreboot builds
> BRANCH=None
>
> Change-Id: I8716ff3a0b4cc8afc54a3cc95ca5c1bfdcba6c9f
> Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/vboot_reference/+/1789676
> Tested-by: Manoj Gupta <manojgupta@chromium.org>
> Reviewed-by: Julius Werner <jwerner@chromium.org>
> Commit-Queue: Manoj Gupta <manojgupta@chromium.org>
Bug: chromium:999217
Change-Id: Ibf69ca06e3ae2e681176499b23c673eda8d77b6c
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/vboot_reference/+/1790956
Tested-by: Manoj Gupta <manojgupta@chromium.org>
Reviewed-by: Julius Werner <jwerner@chromium.org>
Commit-Queue: Manoj Gupta <manojgupta@chromium.org>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Found by Coverity Scan
BUG=none
BRANCH=none
TEST=none
Change-Id: I2544a4e84ecadc262e08aaa4e6f056d710d807f5
Signed-off-by: Patrick Georgi <pgeorgi@google.com>
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/vboot_reference/+/1771972
Reviewed-by: Julius Werner <jwerner@chromium.org>
Reviewed-by: Hung-Te Lin <hungte@chromium.org>
Tested-by: Patrick Georgi <pgeorgi@chromium.org>
Commit-Queue: Patrick Georgi <pgeorgi@chromium.org>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Allow MP images to be signed. Also, the manifest file name changed.
BRANCH=none
BUG=b:74100307
TEST=manual
Change-Id: Ia6b4724ceea2b7a18a2caecea7142d1b6ebfaa13
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/vboot_reference/+/1791816
Reviewed-by: LaMont Jones <lamontjones@chromium.org>
Commit-Queue: LaMont Jones <lamontjones@chromium.org>
Tested-by: LaMont Jones <lamontjones@chromium.org>
Auto-Submit: LaMont Jones <lamontjones@chromium.org>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Coreboot uses vboot_reference to build futility as a host binary.
However, it passes a target path for linking which causes LLD to
error out.
e.g. x86_64-pc-linux-clang -L/build/veyron_minnie/usr/lib
where -L/build/veyron_minnie/usr/lib should not be passed
as futility is being linked as a host binary.
Use bfd as the linker temporarily as it only produces a warning
and does not error out.
BUG=chromium:999217
TEST=coreboot builds
BRANCH=None
Change-Id: I8716ff3a0b4cc8afc54a3cc95ca5c1bfdcba6c9f
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/vboot_reference/+/1789676
Tested-by: Manoj Gupta <manojgupta@chromium.org>
Reviewed-by: Julius Werner <jwerner@chromium.org>
Commit-Queue: Manoj Gupta <manojgupta@chromium.org>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
These secure spaces are now used for more than just rollback
versions and should be renamed thus.
Note: Originally this rename operation was batched into the CL
which rewrites the functions in rollback_index/secdata_tpm, but
it made reviewing in Gerrit a pain, since it couldn't pick up on
the file renames, and instead showed them as deletes/adds.
Doing the rename separately helps ensure all references to
rollback_index are updated, and gives us a better review
experience in Gerrit.
BUG=b:124141368, chromium:972956
TEST=make clean && make runtests
BRANCH=none
Change-Id: I51e5c731e0d7a071d384c28da56e7adce64ba943
Signed-off-by: Joel Kitching <kitching@google.com>
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/vboot_reference/+/1776279
Commit-Queue: Joel Kitching <kitching@chromium.org>
Tested-by: Joel Kitching <kitching@chromium.org>
Reviewed-by: Julius Werner <jwerner@chromium.org>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
This function is only used internally in rollback_index.c
and thus does not need a mock.
(It does need to be listed in rollback_index.h since it
must be accessible by tests.)
BUG=b:124141368, chromium:972956
TEST=make clean && make runtests
BRANCH=none
Change-Id: Ib7ce907da82608de7e5c6c2be11c57bf353ca0b3
Signed-off-by: Joel Kitching <kitching@google.com>
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/vboot_reference/+/1780088
Commit-Queue: Joel Kitching <kitching@chromium.org>
Tested-by: Joel Kitching <kitching@chromium.org>
Reviewed-by: Julius Werner <jwerner@chromium.org>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Remove the unnecessary offsetof declaration in
rollback_index.c, and fix some macro formatting.
BUG=b:124141368, chromium:972956
TEST=make clean && make runtests
BRANCH=none
Change-Id: I156a0561070e03f978fff307d3dbfafde09e0adf
Signed-off-by: Joel Kitching <kitching@google.com>
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/vboot_reference/+/1773093
Commit-Queue: Joel Kitching <kitching@chromium.org>
Tested-by: Joel Kitching <kitching@chromium.org>
Reviewed-by: Julius Werner <jwerner@chromium.org>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
The last remaining C++ files were removed in CL:367882.
vboot_reference does not have any C++ files anymore, and
thus does not need this rule in its Makefile.
BUG=b:124141368
TEST=make clean && make runtests
BRANCH=none
Change-Id: Id59b2e593b1748293f045e5f7152ec2647ba7342
Signed-off-by: Joel Kitching <kitching@google.com>
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/vboot_reference/+/1780082
Commit-Queue: Joel Kitching <kitching@chromium.org>
Tested-by: Joel Kitching <kitching@chromium.org>
Reviewed-by: Julius Werner <jwerner@chromium.org>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
- Lists should be alphabetically sorted
- No need for CHROMEOS_ENVIRONMENT variable
- Remove some defunct sections
- Merge VBINIT and VBSLK into FWLIB
BUG=b:124141368
TEST=make clean && make runtests
BRANCH=none
Change-Id: Id05508a8be6273f11c1886fd9a35d30be4bb778f
Signed-off-by: Joel Kitching <kitching@google.com>
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/vboot_reference/+/1773087
Reviewed-by: Joel Kitching <kitching@chromium.org>
Commit-Queue: Joel Kitching <kitching@chromium.org>
Tested-by: Joel Kitching <kitching@chromium.org>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
It is possible that set_vendor_data will not be null terminated if
strlen(vendor_data_value) >= sizeof(set_vendor_data). Leave an extra
byte at the end to prevent this.
BUG=none
TEST=make clean && make runtests
BRANCH=none
Change-Id: Ic21d74e9f3f36557ab1083001ab8af8ee42426e4
Signed-off-by: Jacob Garber <jgarber1@ualberta.ca>
Found-by: Coverity CID 198908
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/vboot_reference/+/1752933
Reviewed-by: Joel Kitching <kitching@chromium.org>
|
|
|
|
|
|
|
|
|
|
|
|
| |
BUG=none
TEST= emerge vboot_reference
BRANCH=none
Change-Id: I1e486ce46d56539e23ec2b93e7eee971366c31f4
Signed-off-by: Srinidhi N Kaushik <srinidhi.n.kaushik@intel.com>
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/vboot_reference/+/1775273
Reviewed-by: Duncan Laurie <dlaurie@google.com>
Reviewed-by: Wonkyu Kim <wonkyu.kim@intel.corp-partner.google.com>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
The drive details are the only place where block sizes are tracked,
so make sure we display them so the user knows the bytes-per-block.
Might as well dump all the other drive details while we're here.
BUG=None
TEST=CQ passes
BRANCH=None
Change-Id: I2f2546feec2d58a295ce69c2bfe89a5ecf392f46
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/vboot_reference/+/1773966
Reviewed-by: Julius Werner <jwerner@chromium.org>
Tested-by: Mike Frysinger <vapier@chromium.org>
Commit-Queue: Mike Frysinger <vapier@chromium.org>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
tlcl_tests and rollback_index2_tests only work when
MOCK_TPM is disabled.
BUG=b:124141368, chromium:972956
TEST=make clean && make runtests
BRANCH=none
Change-Id: I3d09e2b02c72e2ee1b1b89769e433cc5cd513163
Signed-off-by: Joel Kitching <kitching@google.com>
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/vboot_reference/+/1776278
Reviewed-by: Joel Kitching <kitching@chromium.org>
Commit-Queue: Joel Kitching <kitching@chromium.org>
Tested-by: Joel Kitching <kitching@chromium.org>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Allows the case of FIRMWARE_ARCH= TPM2_MODE= MOCK_TPM=1
to compile.
Also wrap TlclUndefineSpace in #ifdef CHROMEOS_ENVIRONMENT
to match its non-mocked definition.
BUG=b:124141368, chromium:997132
TEST=make clean && TPM2_MODE= MOCK_TPM=1 make runtests
BRANCH=none
Change-Id: I681dcb239c0bff9530df84a0a4f848e73384c798
Signed-off-by: Joel Kitching <kitching@google.com>
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/vboot_reference/+/1773095
Commit-Queue: Joel Kitching <kitching@chromium.org>
Tested-by: Joel Kitching <kitching@chromium.org>
Reviewed-by: Julius Werner <jwerner@chromium.org>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Get rid of vb2_context forward declaration and vb2_error_t
redefinition from 2secdata.h, and properly include 2api.h
instead.
Remove 2secdata.h from 2api.h (should not be publicly
accessible), and add 2secdata.h include to appropriate files.
BUG=b:124141368, chromium:972956
TEST=make clean && make runtests
BRANCH=none
Change-Id: I15570488fdabfcd9a178a0cedc7868b8c23720e9
Signed-off-by: Joel Kitching <kitching@google.com>
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/vboot_reference/+/1776285
Tested-by: Joel Kitching <kitching@chromium.org>
Commit-Queue: Joel Kitching <kitching@chromium.org>
Reviewed-by: Julius Werner <jwerner@chromium.org>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
For clarity's sake, rename:
secdata -> secdata_firmware
secdatak -> secdata_kernel
secdata is now the general term to refer to any secure data
spaces: firmware, kernel, and FWMP.
Once coreboot code has been updated, the sections in 2api.h
and 2constants.h may be removed.
BUG=b:124141368, chromium:972956
TEST=make clean && make runtests
BRANCH=none
Change-Id: I376acee552e8be37c75c340626a95462f81e198b
Signed-off-by: Joel Kitching <kitching@google.com>
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/vboot_reference/+/1773079
Reviewed-by: Joel Kitching <kitching@chromium.org>
Commit-Queue: Joel Kitching <kitching@chromium.org>
Tested-by: Joel Kitching <kitching@chromium.org>
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
BUG=b:124141368, chromium:995172
TEST=make clean && make runtests
BRANCH=none
Change-Id: I42e4ac8a21ac3be416d315a8a8cc914f997bab79
Signed-off-by: Joel Kitching <kitching@google.com>
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/vboot_reference/+/1758148
Reviewed-by: Julius Werner <jwerner@chromium.org>
Tested-by: Joel Kitching <kitching@chromium.org>
Commit-Queue: Joel Kitching <kitching@chromium.org>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Standardize on the term "blocks" rather than "sectors" as this matches
our disk layout configuration files.
For cgpt show, split the specific field options out from the -i option.
The current text makes it seem like they're always required when using
the -i option, and it's not super clear that they only matter when the
-i flag is used.
BUG=None
TEST=CQ passes
BRANCH=None
Change-Id: Idfd939cfe9501da78e323bc1ce8c1fbf772fbaa9
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/vboot_reference/+/1773965
Reviewed-by: Julius Werner <jwerner@chromium.org>
Commit-Queue: Mike Frysinger <vapier@chromium.org>
Tested-by: Mike Frysinger <vapier@chromium.org>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
If people use -i0, the code runs as if the flag wasn't specified.
Since valid partition numbers are [1,128], and the lower layers
already reject values outside that range (except for 0), add an
explicit check to the CLI for -i0.
Trying to display specific fields w/out -i makes no sense, and
the lower layers just ignore it. Add an explicit check for it
so users don't try to do `cgpt show /dev/sda -s` and wonder why
the output is unchanged.
Passing more than one specific field selector like -s -b doesn't
work -- whatever flag was specified last wins. This isn't that
obvious to users, so throw an explicit error when it happens.
BUG=None
TEST=CQ passes
BRANCH=None
Change-Id: I7c98822b79b389824b544b128ede93458b678342
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/vboot_reference/+/1773964
Reviewed-by: Julius Werner <jwerner@chromium.org>
Commit-Queue: Mike Frysinger <vapier@chromium.org>
Tested-by: Mike Frysinger <vapier@chromium.org>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Clang is diagnosing implicit fallthrough in C code
past https://reviews.llvm.org/rL369414.
Detect the support for the fallthrough attributes in gcc/clang
and enable it as VBOOT_FALLTHROUGH (copied from boringssl).
This is needed to fix ToT clang builds.
Note: GCC apparently does not diagnose fallthrough to another case
with break but clang does (https://gcc.gnu.org/bugzilla/show_bug.cgi?id=91432).
And clang does not detect the fallthrough based on code comments.
Bug: chromium:997709
Test: CQ
Change-Id: Id8b4be4deabca2d0f1b2efd80efa72a485a5dc8c
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/vboot_reference/+/1772474
Tested-by: Manoj Gupta <manojgupta@chromium.org>
Reviewed-by: Patrick Georgi <pgeorgi@chromium.org>
Commit-Queue: Manoj Gupta <manojgupta@chromium.org>
|