| Commit message (Collapse) | Author | Age | Files | Lines |
|---|
| |
|
|
|
|
|
|
|
|
|
|
|
|
| |
This also adds the required tests (keys, testcases).
BRANCH=none
BUG=chromium:684354
TEST=make runtests
Change-Id: I5e148f8792ea325f813d76089271f3c4bcc2935d
Reviewed-on: https://chromium-review.googlesource.com/438951
Commit-Ready: Nicolas Boichat <drinkcat@chromium.org>
Tested-by: Nicolas Boichat <drinkcat@chromium.org>
Reviewed-by: Randall Spangler <rspangler@chromium.org>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Let's keep stderr for actual errors.
BRANCH=none
BUG=chromium:690773
TEST=make runtests
TEST=futility create key.pem out > /dev/null is quiet
Change-Id: Id7ce658a0dc08f45d4d035b68e355e49d9717674
Reviewed-on: https://chromium-review.googlesource.com/442524
Commit-Ready: Nicolas Boichat <drinkcat@chromium.org>
Tested-by: Nicolas Boichat <drinkcat@chromium.org>
Reviewed-by: Randall Spangler <rspangler@chromium.org>
Reviewed-by: Vincent Palatin <vpalatin@chromium.org>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
More reliable than simply assuming that VB2_SIG_RSA8192 is the last
signature.
BRANCH=none
BUG=chromium:684354
TEST=rm tests/testkeys/key_*; make genkeys -j
TEST=make runtests -j
Change-Id: I755b3afb50313fcdf292fb3cd5b0dfe09f8593e3
Reviewed-on: https://chromium-review.googlesource.com/438948
Commit-Ready: Nicolas Boichat <drinkcat@chromium.org>
Tested-by: Nicolas Boichat <drinkcat@chromium.org>
Reviewed-by: Randall Spangler <rspangler@chromium.org>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
| |
This flag will be used by cr50 to disable case-closed debugging
unlock. Here, we're just defining the flag.
BUG=chrome-os-partner:62205
BRANCH=reef
TEST=build_packages --board=reef chromeos_firmware
Change-Id: If86e112948e1c95a767808b2f92dd8fe35abf46c
Signed-off-by: Randall Spangler <rspangler@chromium.org>
Reviewed-on: https://chromium-review.googlesource.com/440846
Reviewed-by: Shelley Chen <shchen@chromium.org>
|
| |
|
|
|
|
|
|
|
|
|
|
|
| |
Get rid of uninitialized variable warning.
BUG=chrome-os-partner:61275
BRANCH=None
TEST=make cgpt WERROR= STATIC=1
Change-Id: I31faa557406c6a90cfdea8571620675c81c0c0ec
Signed-off-by: Shelley Chen <shchen@chromium.org>
Reviewed-on: https://chromium-review.googlesource.com/440432
Reviewed-by: Hung-Te Lin <hungte@chromium.org>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
This tests that futility can correctly create and verify rwsig images.
Note that we do not test RSA 8192, as the signature is longer than
1024 bytes, and the test logic would need to be changed.
BRANCH=none
BUG=chromium:684354
TEST=make runfutiltests
Change-Id: I690e59fe8fa3e273dd81176211c58e1677fa720f
Reviewed-on: https://chromium-review.googlesource.com/438950
Commit-Ready: Nicolas Boichat <drinkcat@chromium.org>
Tested-by: Nicolas Boichat <drinkcat@chromium.org>
Reviewed-by: Vincent Palatin <vpalatin@chromium.org>
|
| |
|
|
|
|
|
|
|
|
|
|
|
| |
BRANCH=none
BUG=chromium:684354
TEST=rm tests/testkeys/key_rsa2048*; make genkeys -j8
Change-Id: I6c75d2d54faf7a02c8fc4ef1ccc8647809c1aae8
Reviewed-on: https://chromium-review.googlesource.com/438949
Commit-Ready: Nicolas Boichat <drinkcat@chromium.org>
Tested-by: Nicolas Boichat <drinkcat@chromium.org>
Reviewed-by: Randall Spangler <rspangler@chromium.org>
Reviewed-by: Vincent Palatin <vpalatin@chromium.org>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
We were passing the wrong value to PrependDigestInfo. Let's also refactor
the function a little bit.
BRANCH=none
BUG=chromium:689371
TEST=make gentestcases; git status => no change
Change-Id: I0244c3f3de05b33b7ddd21e93a266faf34f2c239
Reviewed-on: https://chromium-review.googlesource.com/439086
Commit-Ready: Nicolas Boichat <drinkcat@chromium.org>
Tested-by: Nicolas Boichat <drinkcat@chromium.org>
Reviewed-by: Randall Spangler <rspangler@chromium.org>
Reviewed-by: Vincent Palatin <vpalatin@chromium.org>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
This calls gen_test_cases.sh in the proper environment.
Also, prevent gen_test_cases.sh from overriding test_file, to
provide stable signature (and avoid large git diff for no reason).
BRANCH=none
BUG=chromium:684354
TEST=make gentestcases -j8; git diff => no changes
Change-Id: I556285fd1a07a4d84f4ebd3fd7881ae06743716e
Reviewed-on: https://chromium-review.googlesource.com/439064
Commit-Ready: Nicolas Boichat <drinkcat@chromium.org>
Tested-by: Nicolas Boichat <drinkcat@chromium.org>
Reviewed-by: Randall Spangler <rspangler@chromium.org>
|
| |
|
|
|
|
|
|
|
|
|
|
|
| |
Also, ensuring comments start with capital letter.
BUG=chrome-os-partner:61275
BRANCH=None
TEST=None. No functionality change.
Change-Id: I961236e2b6d95cf0281cd4e3313f465bf12ead9f
Signed-off-by: Shelley Chen <shchen@chromium.org>
Reviewed-on: https://chromium-review.googlesource.com/434250
Reviewed-by: Randall Spangler <rspangler@chromium.org>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
| |
Prevent scrolling off for low res displays
BUG=chrome-os-partner:61275
BRANCH=None
TEST=reboot snappy and make sure menu doesn't cause
screen to scroll.
Change-Id: Ic5641c7c43ab3872dcb321df2629e228e86ddbb6
Signed-off-by: Shelley Chen <shchen@chromium.org>
Reviewed-on: https://chromium-review.googlesource.com/434249
Reviewed-by: Randall Spangler <rspangler@chromium.org>
|
| |
|
|
|
|
|
|
|
|
|
| |
BUG=chrome-os-partner:61275
BRANCH=None
TEST=None
Change-Id: I1d88e552a4c9184061207a8e14e32dfb1a39745a
Signed-off-by: Shelley Chen <shchen@chromium.org>
Reviewed-on: https://chromium-review.googlesource.com/434248
Reviewed-by: Randall Spangler <rspangler@chromium.org>
|
| |
|
|
|
|
|
|
|
|
|
| |
BUG=chrome-os-partner:61275
BRANCH=None
TEST=None. No functionality change.
Change-Id: I00bb1924e22f398e1b614789dd0cd068ce51cc5d
Signed-off-by: Shelley Chen <shchen@chromium.org>
Reviewed-on: https://chromium-review.googlesource.com/434247
Reviewed-by: Randall Spangler <rspangler@chromium.org>
|
| |
|
|
|
|
|
|
|
|
|
| |
BUG=chrome-os-partner:61275
BRANCH=None
TEST=reboot and try to make selections in detachable
UI with power button.
Change-Id: I0a3178eb3fa2c8c1ed77d96fdefa948eaea508e5
Signed-off-by: Shelley Chen <shchen@chromium.org>
Reviewed-on: https://chromium-review.googlesource.com/427220
|
| |
|
|
|
|
|
|
|
|
|
|
| |
BUG=chrome-os-partner:61275
BRANCH=None
TEST=reboot and scroll to ends of menus to make sure that
they don't wraparound.
Change-Id: I9ba83b23939140d23fe54858b9a10f873091ff72
Signed-off-by: Shelley Chen <shchen@chromium.org>
Reviewed-on: https://chromium-review.googlesource.com/426410
Reviewed-by: Randall Spangler <rspangler@chromium.org>
|
| |
|
|
|
|
|
|
|
|
|
|
| |
BUG=chrome-os-partner:61275
BRANCH=None
TEST=reboot and scroll through menus to make sure
defaults to power off in all menus.
Change-Id: I21e6c24c43a46e9e79001857c1dec9869a07d61a
Signed-off-by: Shelley Chen <shchen@chromium.org>
Reviewed-on: https://chromium-review.googlesource.com/426409
Reviewed-by: Randall Spangler <rspangler@chromium.org>
|
| |
|
|
|
|
|
|
|
|
|
| |
BUG=chrome-os-partner:61275
BRANCH=None
TEST=test vol up/down keys and see if menu changes.
Change-Id: I2213639d530f954f12040b14bf2e5cdeb5c03218
Signed-off-by: Shelley Chen <shchen@chromium.org>
Reviewed-on: https://chromium-review.googlesource.com/426408
Reviewed-by: Randall Spangler <rspangler@chromium.org>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Currently, VB2_DEBUG() will print the function name as a prefix to the
debug output. Add VB2_DEBUG_RAW() to print without that, so that it's
possible to print little bits of debug output. Use this in ec_sync to
hex dump the hashes.
And then clean up all of the debug calls which explicitly did things like:
VB2_DEBUG("%s: foo", __func__);
to just:
VB2_DEBUG("foo");
so they don't double-print the function name
BUG=chromium:683391
BRANCH=none
TEST=build_packages --board=reef chromeos-firmware &&
DEBUG=1 make -j runtests
CQ-DEPEND=CL:430978,CL:431111
Change-Id: I0c35519d2e670d55d65d01eaa60d61f3e3edf419
Signed-off-by: Randall Spangler <rspangler@chromium.org>
Reviewed-on: https://chromium-review.googlesource.com/431171
Reviewed-by: Julius Werner <jwerner@chromium.org>
|
| |
|
|
|
|
|
|
|
|
|
|
| |
BUG=chrome-os-partner:61275
BRANCH=None
TEST=compile depthcharge with
inflags=VB_SALK_INFLAGS_ENABLE_DETACHABLE_UI and run.
Change-Id: I4c2351feef51bbf88fefd37986de6f853cd1942e
Signed-off-by: Shelley Chen <shchen@chromium.org>
Reviewed-on: https://chromium-review.googlesource.com/424091
Reviewed-by: Randall Spangler <rspangler@chromium.org>
|
| |
|
|
|
|
|
|
|
|
|
|
| |
BUG=chrome-os-partner:61275
BRANCH=None
TEST=reboot and switch menus and make sure everything
is printing out properly.
Change-Id: I1269d3dc762a66dde0203673b7b400aba92afa75
Signed-off-by: Shelley Chen <shchen@chromium.org>
Reviewed-on: https://chromium-review.googlesource.com/424356
Reviewed-by: Randall Spangler <rspangler@chromium.org>
|
| |
|
|
|
|
|
|
|
|
|
| |
BUG=chrome-os-partner:61275
BRANCH=None
TEST=reboot and try selecting language menu.
Change-Id: I3ec208578aec0ccaa92e17e4589ebeae250dae4f
Signed-off-by: Shelley Chen <shchen@chromium.org>
Reviewed-on: https://chromium-review.googlesource.com/424355
Reviewed-by: Randall Spangler <rspangler@chromium.org>
|
| |
|
|
|
|
|
|
|
|
|
|
|
| |
Adding in basic menu support (using arrow keys) for
detachables. This is specifically for the recovery menu.
BUG=chrome-os-partner:61275
BRANCH=None
TEST=reboot into recovery and try booting into developer mode.
Change-Id: I9596cde62f2748928b4b796bde0a0226dc981235
Signed-off-by: Shelley Chen <shchen@chromium.org>
Reviewed-on: https://chromium-review.googlesource.com/424354
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Adding in basic menu support (using arrow keys)
for detachables, which do not have keyboards. Thus,
we can only do menu scrolling rather than the old
ctrl+D/U/L way. This is specifically for the developer
warning menu.
BUG=chrome-os-partner:61275
BRANCH=None
TEST=reboot system and try scrolling through menu
Change-Id: I39f56f5ca2fedd47df53ab246ec357d07c9c4af0
Signed-off-by: Shelley Chen <shchen@chromium.org>
Reviewed-on: https://chromium-review.googlesource.com/424353
Reviewed-by: Randall Spangler <rspangler@chromium.org>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
If FOR_TEST is defined, 2common.h defines VB2_DEBUG() to be printf();
it should include stdio.h as well.
The HOSTLIB extern linktest links against the vboot1 stub functions,
but not the vboot2 stub functions, so it couldn't find vb2ex_printf().
BUG=chromium:682058
BRANCH=none
TEST=DEBUG=1 make runtests; DEBUG=1 emerge-reef vboot_reference depthcharge
Change-Id: Ibf981a70ca4087ce3d86b02d76e03063b2cfc9e5
Signed-off-by: Randall Spangler <rspangler@chromium.org>
Reviewed-on: https://chromium-review.googlesource.com/429310
Commit-Ready: Shelley Chen <shchen@chromium.org>
Reviewed-by: Shelley Chen <shchen@chromium.org>
|
| |
|
|
|
|
|
|
|
|
|
|
|
| |
BUG=chromium:660209
TEST=`./sign_official_build.sh oci-container fastboot/ ../tests/devkeys` works
TEST=signing an image inserted the container pubkey
BRANCH=None
Change-Id: I75793b03e93f2c18b1495a3ec729ad04d2e17401
Reviewed-on: https://chromium-review.googlesource.com/427538
Commit-Ready: Mike Frysinger <vapier@chromium.org>
Tested-by: Mike Frysinger <vapier@chromium.org>
Reviewed-by: David Riley <davidriley@chromium.org>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Enables easy printing of text to display.
Will be used for detachable UI.
BUG=chrome-os-partner:61275
BRANCH=None
TEST=Tested from new vboot_ui_menu.c file
CQ-DEPEND=CL:424357
Change-Id: I668dd57eaafa02fb31f6ac479bcd03a613323f14
Signed-off-by: Shelley Chen <shchen@chromium.org>
Reviewed-on: https://chromium-review.googlesource.com/424090
Reviewed-by: Randall Spangler <rspangler@chromium.org>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
The original VBDEBUG macro used doubly-nested parens to work with
MSVC, which didn't support varargs in macros. We now only use more
modern compilers, so replace it with the VB2_DEBUG macro and get rid
of the ugly and fragile double parens.
BUG=chromium:611535
BRANCH=none
TEST=make runtests; build_packages --board=reef chromeos-firmware
Change-Id: Ifc0cb0733b14daaa1fde095fab7da4215a538c77
Signed-off-by: Randall Spangler <rspangler@chromium.org>
Reviewed-on: https://chromium-review.googlesource.com/425133
Reviewed-by: Shelley Chen <shchen@chromium.org>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
This moves the UI loops out of vboot_api_kernel.c into vboot_ui.c, so
that it'll be easier to support different UIs for different form factors.
BUG=chromium:611535
BRANCH=none
TEST=make runtests; build_packages --board=reef chromeos-firmware; boot reef
Change-Id: I451b15f65aceb427ffdd94b19f44e91ebc10a860
Signed-off-by: Randall Spangler <rspangler@chromium.org>
Reviewed-on: https://chromium-review.googlesource.com/414289
Reviewed-by: Patrick Georgi <pgeorgi@chromium.org>
Reviewed-by: Shelley Chen <shchen@chromium.org>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
| |
This cleans up the vboot functions which handle display so they don't
need to pass it around. Eventually, it'll be absorbed by vb2_context.
BUG=chromium:611535
BRANCH=none
TEST=make runtests; build_packages --board=reef chromeos-firmware; boot reef
Change-Id: I58169dfd37abe657f9b9aa339cc72ffa398329e0
Signed-off-by: Randall Spangler <rspangler@chromium.org>
Reviewed-on: https://chromium-review.googlesource.com/414288
Reviewed-by: Shelley Chen <shchen@chromium.org>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Previously, the EC software sync process called VbDisplayScreen() from
several function calls deep. Refactor software sync so that the UI
decisions are at a higher level (in ec_sync_all.c) and isolated from
the low-level EC software sync functionality (in ec_sync.c).
This is one in a series of changes which are more clearly separating
out the UI, to make it easier to support multiple UI across a range of
devices.
BUG=chromium:611535
BRANCH=none
TEST=make runtests; build_packages --board=reef chromeos-firmware; boot reef
Change-Id: I40597abeb5b0cc8f5d8fc2098e4acbed4bf59bf6
Signed-off-by: Randall Spangler <rspangler@chromium.org>
Reviewed-on: https://chromium-review.googlesource.com/411921
Reviewed-by: Shelley Chen <shchen@chromium.org>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
| |
Always add "-p host" for flashrom to find right programmer.
BRANCH=None
BUG=chrome-os-partner:60894
TEST=./make_dev_firmware.sh
Change-Id: Iee66e143e77ea258a2a9ff3757d9446b7cf37dbc
Reviewed-on: https://chromium-review.googlesource.com/419860
Commit-Ready: Hung-Te Lin <hungte@chromium.org>
Tested-by: Hung-Te Lin <hungte@chromium.org>
Reviewed-by: Ting Shen <phoenixshen@chromium.org>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
1. Use mrc_metadata structure with new fields for header checksum and
data checksum.
2. Use region file metadata to ensure there is only one metadata block
present and only one slot in recovery MRC cache. Use the offset and size
based on values in metadata block.
BUG=chrome-os-partner:61306
BRANCH=None
TEST=Verified that recovery MRC cache is verified using futility.
Change-Id: I68b2d75ea70fdaef6c87cdaa6ce97656e8a8bddc
Signed-off-by: Furquan Shaikh <furquan@chromium.org>
Reviewed-on: https://chromium-review.googlesource.com/424213
Reviewed-by: Aaron Durbin <adurbin@chromium.org>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Passing the vb2 context around allows using more of the vb2 functions in
future changes, and prepares for a future where we directly use the
context as it was set up in firmware verification.
BUG=chromium:611535
BRANCH=none
TEST=make runtests; emerge-kevin coreboot depthcharge
Change-Id: I8efa606dbdec5d195b66eb899e76fdc84337ad36
Signed-off-by: Randall Spangler <rspangler@chromium.org>
Reviewed-on: https://chromium-review.googlesource.com/404997
Reviewed-by: Shelley Chen <shchen@chromium.org>
|
| |
|
|
|
|
|
|
|
|
|
|
|
| |
Minor tidying; no functional changes.
BUG=chromium:611535
BRANCH=none
TEST=make runtests; emerge-kevin coreboot depthcharge
Change-Id: I44c816de67025b83c9e46db54fb5427c684bbfef
Signed-off-by: Randall Spangler <rspangler@chromium.org>
Reviewed-on: https://chromium-review.googlesource.com/404921
Reviewed-by: Stefan Reinauer <reinauer@chromium.org>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
This was previously done inside vboot_api_kernel. But it has nothing to
do with kernel verification; that's just the only place where we could
easily put it given that vboot (currently) owns the firmware UI.
No outwardly-visible functionality changes.
BUG=chromium:611535
BRANCH=none
TEST=make runtests; emerge-kevin coreboot depthcharge
Change-Id: I8a434eb4449a5a86b129ecac61ad81d0ad55549c
Signed-off-by: Randall Spangler <rspangler@chromium.org>
Reviewed-on: https://chromium-review.googlesource.com/404920
|
| |
|
|
|
|
|
|
|
|
|
|
| |
BRANCH=none
BUG=chrome-os-partner:60894
TEST=set_gbb_flags 0
Change-Id: I22f372590bfe7705d4312588f971ad37f229a216
Reviewed-on: https://chromium-review.googlesource.com/418519
Commit-Ready: Ting Shen <phoenixshen@chromium.org>
Tested-by: Ting Shen <phoenixshen@chromium.org>
Reviewed-by: David Hendricks <dhendrix@chromium.org>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
For people not readily familiar with the BDB acronym, expand it in
a few README files and usage strings.
BUG=None
TEST=looked at help output
BRANCH=None
Change-Id: I2523e1a289815dd0eaea093c086bc75093579808
Reviewed-on: https://chromium-review.googlesource.com/414244
Commit-Ready: Mike Frysinger <vapier@chromium.org>
Tested-by: Mike Frysinger <vapier@chromium.org>
Reviewed-by: Randall Spangler <rspangler@chromium.org>
Reviewed-by: Vadim Bendebury <vbendeb@chromium.org>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Currently make_dev_firmware will abort if the stored TPM version is
higher and ask user to reset TPM; however that is not very feasible
because:
(1) If the device is still MP-signed, external users can't boot
dev-signed factory shim or recovery or test images.
(2) Even if the user is able to reset TPM, the stored TPM version
will be increased again when user boots into the image for
running make_dev_firmware.
As a result, the right flow is to allow user (with warning and
instructions) resign firmware with dev-keys, boot into recovery mode due
to anti-rollback check, and then boot any dev-signed image to reset TPM.
BRANCH=none
BUG=None
TEST=./make_dev_firmware.sh # see warning message.
Change-Id: Ifd4cd9912ab505427c985154b3f469e1485789b2
Reviewed-on: https://chromium-review.googlesource.com/419898
Commit-Ready: Hung-Te Lin <hungte@chromium.org>
Tested-by: Hung-Te Lin <hungte@chromium.org>
Reviewed-by: Mattias Nissler <mnissler@chromium.org>
Reviewed-by: Bill Richardson <wfrichar@chromium.org>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Provide 'phase_enforcement' field that indicates if a
system should have its full security features enabled while
in the factory. The backend implementation currently is only
for x86 using chromeos_acpi.
On reef:
$ grep ^ /sys/devices/platform/chromeos_acpi/GPIO.*/*
/sys/devices/platform/chromeos_acpi/GPIO.2/GPIO.0:4
/sys/devices/platform/chromeos_acpi/GPIO.2/GPIO.1:1
/sys/devices/platform/chromeos_acpi/GPIO.2/GPIO.2:10
/sys/devices/platform/chromeos_acpi/GPIO.2/GPIO.3:INT3452:00
BUG=chrome-os-partner:59951
BRANCH=None
TEST=Tested on reef with accompanying coreboot patches and flipping
internal pulls to see the correct setting.
Change-Id: Id5401d795cff8874a038f2456121549713a11237
Signed-off-by: Aaron Durbin <adurbin@chromium.org>
Reviewed-on: https://chromium-review.googlesource.com/418899
Reviewed-by: Hung-Te Lin <hungte@chromium.org>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
We had two places extracting the board value from lsb-release and parsing
the output by hand. Unify them to use the same parsing logic to avoid
desynchronized behavior.
We also create a new get_boardvar_from_lsb_release helper to unify the
board name -> variable name mangling logic.
BUG=chromium:667192
TEST=`./security_test_image --board samus` still detects the correct board
BRANCH=None
Change-Id: If88a8ae59b9c9fd45ddd796653a0173ed0186d2d
Reviewed-on: https://chromium-review.googlesource.com/414224
Commit-Ready: Mike Frysinger <vapier@chromium.org>
Tested-by: Mike Frysinger <vapier@chromium.org>
Reviewed-by: Hung-Te Lin <hungte@chromium.org>
Reviewed-by: Nicolas Boichat <drinkcat@chromium.org>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
When some of the space re-creation procedure failed, chromeos-tpm-recovery
should exit with non-zero value and not saying TPM is successfully recovered.
However, there are few known issues:
- 0x1009 is not needed in TPM2.
- The space is not created in TPM2.
- tlcl does not support define spaces with policies yet (crosbug.com/p/59594).
As a result, we want to return failure only if writing any of the two
spaces (0x1007, 0x1008) fails.
This change also revised chromeos-tpm-recovery so it won't exit with unbound
variable error due to early exit without having daemon_was_running variable.
BRANCH=None
BUG=chrome-os-partner:60099
TEST=For boards with TPM and TPM2, do:
build_image --board $BOARD factory_install;
Boot factory install shim, select 'I' and get TPM recovered.
Change-Id: I3f79b02cdf77ac61cf1361033c489604dcd603f2
Signed-off-by: Hung-Te Lin <hungte@chromium.org>
Reviewed-on: https://chromium-review.googlesource.com/412543
Reviewed-by: Vadim Bendebury <vbendeb@chromium.org>
|
| |
|
|
|
|
|
|
|
|
| |
This reverts commit dfcacc87bec544ab7b4ed8645f65876b471a1cd3 which breaks tpm2 systems where backup space is not yet defined.
Change-Id: I2e6e24ac24faaa980aa2dfaae2d801141fc49013
Reviewed-on: https://chromium-review.googlesource.com/413147
Commit-Ready: Vadim Bendebury <vbendeb@chromium.org>
Tested-by: Vadim Bendebury <vbendeb@chromium.org>
Reviewed-by: Vadim Bendebury <vbendeb@chromium.org>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Add command for printing TPM version: 1.2 or 2.0. The command works
even when trunksd/tcsd is running and /dev/tpm0 is busy, so it can
be used to first determine which TPM we are dealing with, and then
select the right name of the daemon to stop based on that.
BUG=none
BRANCH=none
TEST=run 'tpmc tpmver'
Change-Id: Ib8db81ff2af6dc6b0d5aecf30e2688a908b5c3d3
Reviewed-on: https://chromium-review.googlesource.com/410703
Commit-Ready: Andrey Pronin <apronin@chromium.org>
Tested-by: Andrey Pronin <apronin@chromium.org>
Reviewed-by: Vadim Bendebury <vbendeb@chromium.org>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Most of the indexes used in practice, have AUTHREAD set with null
password authentication. The only index, for which READ_STCLEAR is
set and TlclReadLock() is called is the one used by mount-encrypted.
It has AUTHREAD with empty password and should be lockable after
platform hierarchy is disabled. So, use null password authorization
instead of platform authorization in TlclReadLock().
BUG=chrome-os-partner:54708
BRANCH=none
TEST=Start with OOBE, corporate enroll, reboot, verify that the system
doesn't go back to OOBE. Check mount-encrypted.log on start: it
should contain "Read-locking NVRAM area succeeded".
Change-Id: Iaac78ba4dd048edac992adfab6fb94b69b2e989a
Reviewed-on: https://chromium-review.googlesource.com/410780
Commit-Ready: Andrey Pronin <apronin@chromium.org>
Tested-by: Andrey Pronin <apronin@chromium.org>
Reviewed-by: Vadim Bendebury <vbendeb@chromium.org>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Now that LoadKernel() uses a stream API for its partition data, it
doesn't care about those fields. They're blindly passed to
cgptlib_internal, which does similar checks in CheckParameters() and
CheckHeader(). So, don't duplicate the checks.
BUG=chromium:611535
BRANCH=none
TEST=make runtests; emerge-kevin coreboot depthcharge
Change-Id: I72375496e5df7b7c17df25d358f2555fe41fe520
Signed-off-by: Randall Spangler <rspangler@chromium.org>
Reviewed-on: https://chromium-review.googlesource.com/407053
Reviewed-by: Daisuke Nojiri <dnojiri@chromium.org>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
LoadKernel() was a big function which did everything from looping over
partitions on a drive to loading the data within them to calling the
low-level verification functions on that data. Split it apart into more
manageable chunks. This also reduces indentation of the inner parts of
the code, whic increases readability.
No outwardly-visible functionality changes.
BUG=chromium:611535
BRANCH=none
TEST=make runtests; emerge-kevin coreboot depthcharge
Change-Id: Iea79e70163f5d9f1a9d0d897e4a9bacc925a742d
Signed-off-by: Randall Spangler <rspangler@chromium.org>
Reviewed-on: https://chromium-review.googlesource.com/404919
Reviewed-by: Daisuke Nojiri <dnojiri@chromium.org>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
When some of the space re-creation procedure failed,
chromeos-tpm-recovery should exit with non-zero value and not saying TPM
is successfully recovered.
BRANCH=None
BUG=None
TEST=manually: chromeos-tpm-recovery
Change-Id: Id898c11adacd0ab38de2481cace23ca37deaec9c
Signed-off-by: Hung-Te Lin <hungte@chromium.org>
Reviewed-on: https://chromium-review.googlesource.com/410467
Reviewed-by: Julius Werner <jwerner@chromium.org>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
There is no direct concept of physical presence in TPM2, the platform
hierarchy could be used to manage access to various NVRAM spaces
instead. The kernel NVRAM space does not have to be explicitly locked,
disabling platform hierarchy is enough to prevent writes into this
space.
BRANCH=none
BUG=chrome-os-partner:59651
TEST=verified that the system boots fine in both normal and recovery
modes; using tpmc confirmed that the kernel space is readable in
both and writeable only in recovery mode.
Change-Id: I3cd8344ad897d061f6b07424f1589a7b547a161f
Signed-off-by: Vadim Bendebury <vbendeb@chromium.org>
Reviewed-on: https://chromium-review.googlesource.com/410127
Reviewed-by: Randall Spangler <rspangler@chromium.org>
Reviewed-by: Andrey Pronin <apronin@chromium.org>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
This functionality allows factory to ensure that the recovery MRC cache
trained during finalization has the right signature and the checksum on
the data can be verified.
BUG=chrome-os-partner:59661
BRANCH=None
TEST=Verified checksum on recovery mrc cache.
Change-Id: Ic5bd9910b4542037ad86f6fb7a7d83b97be5c792
Signed-off-by: Furquan Shaikh <furquan@chromium.org>
Reviewed-on: https://chromium-review.googlesource.com/409680
Reviewed-by: Aaron Durbin <adurbin@chromium.org>
Reviewed-by: Randall Spangler <rspangler@chromium.org>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Implement TlclGetPermissions, which sends a TPM2_NV_ReadPublic command
and returns the attributes of the NV Index (TPM2 Spec, Part 3, Section 31.6).
BUG=chrome-os-partner:58873
BUG=chrome-os-partner:55210
BRANCH=none
TEST=Run "tpmc def" with various permissions to define new indexes,
verify that "tpmc getp" returns matching permissions for them.
Change-Id: I2ad7163332ae8793cd717875645f19baef513b26
Reviewed-on: https://chromium-review.googlesource.com/409618
Commit-Ready: Vadim Bendebury <vbendeb@chromium.org>
Tested-by: Andrey Pronin <apronin@chromium.org>
Reviewed-by: Vadim Bendebury <vbendeb@chromium.org>
|
