| Commit message (Collapse) | Author | Age | Files | Lines |
|---|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
With a series of UI callback functions removed from depthcharge (see the
long CL list in Cq-Depend below), now we can remove them from vboot2
API.
BUG=b:172339016
TEST=make runtests -j
TEST=emerge-corsola libpayload depthcharge
BRANCH=none
Cq-Depend: chromium:3581323, chromium:3581320, chromium:3587669
Cq-Depend: chromium:3611670, chromium:3631467, chromium:3631405
Cq-Depend: chromium:3677727, chromium:3681952
Change-Id: Icccaf81b8a6f16780bf68a6f1f3aa01689fc9ed8
Signed-off-by: Yu-Ping Wu <yupingso@chromium.org>
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/vboot_reference/+/3682754
Reviewed-by: Hsuan Ting Chen <roccochen@chromium.org>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Adding `*` to OWNERS makes Rubber Stamper not work for cherry-picks, so
we transition to something else. While coreboot and depthcharge
responsibilities are so distributed that it probably still makes sense
to allow the whole firmware team to approve (see CL:3687245 and
CL:3687246), vboot is not as platform-specific and it seems that we
mostly have a tighter group of contributors. Looking at the recent
commits, it seems that pretty much every patch was approved by one of
the existing explicitly-mentioned owners anyway, so I think it makes
sense to reduce ownership to that set. (Note that the scripts/
subdirectory already has its own additional OWNERS file managed by the
infra team, so we don't necessarily need to cover that.)
BRANCH=none
BUG=none
TEST=none
Signed-off-by: Julius Werner <jwerner@chromium.org>
Change-Id: Ib902f4dcf654f00703da8fff831c6a2b9f7e9e0e
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/vboot_reference/+/3687195
Reviewed-by: Tim Wawrzynczak <twawrzynczak@chromium.org>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
This feature has not been needed since pre-2012 devices which have long
since reached their end of life. We can safely remove it to simplify the
code.
Also remove ZGB image, as it is no longer needed.
BUG=b:197114807
TEST=sudo FEATURES=test emerge vboot_reference
BRANCH=none
Signed-off-by: Jakub Czapiga <jacz@semihalf.com>
Cq-Depend: chromium:3650757
Change-Id: I889dc6300c5cb72bdfcb9c2b66d63e97d3f8c862
Disallow-Recycled-Builds: test-failures
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/vboot_reference/+/3578968
Commit-Queue: Jakub Czapiga <czapiga@google.com>
Auto-Submit: Jakub Czapiga <czapiga@google.com>
Tested-by: Jakub Czapiga <czapiga@google.com>
Reviewed-by: Julius Werner <jwerner@chromium.org>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Previous change I5e8b4d848f30f53fae58c721c9b7ddcfbfea9852
was reverted because the check did not pass if the
signing process adds new files to the image.
The new check alerts only when we miss files in the original image.
BUG=b:230434967
BRANCH=None
TEST=Run ./sign_official_build.sh locally
Signed-off-by: Daichi Hirono <hirono@chromium.org>
Change-Id: If8e9eeb9568fefcde92d737b356fa84b865b05c9
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/vboot_reference/+/3653721
Commit-Queue: Shao-Chuan Lee <shaochuan@chromium.org>
Tested-by: Daichi Hirono <hirono@chromium.org>
Commit-Queue: Daichi Hirono <hirono@chromium.org>
Auto-Submit: Daichi Hirono <hirono@chromium.org>
Reviewed-by: Shao-Chuan Lee <shaochuan@chromium.org>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
This is the firmware part of go/deferredupdates.
During autoupdates, it's required to defer firmware cookies (a.k.a. slot
switching) to not try the updated RW firmware. Instead it is deferred
for the values to be updated at a later time, when the actual update
should be applied.
Since there is not a clear communication method between
futility and postinstall+autoupdater, it'll be the case that STATUS will
be used as the IPC for postinstall+autoupdater to determine when to
update firmware cookies w/ a UUID.
```
// autoupdate
localhost ~ # chromeos-firmwareupdate --mode=autoupdate --wp=1
Machine Model: gimble
Write Protect: HW=0 SW=0
Last Boot Version: RO=Google_Gimble.14498.0.0 ACT/B=Google_Gimble.14498.0.0
Firmware Updater: RO=Google_Gimble.14505.93.0 RW=Google_Gimble.14505.93.0
>> Starting firmware updater.
>> Target image: images/bios-gimble.ro-14505-93-0.rw-14505-93-0.bin (RO:Google_Gimble.14505.93.0, RW/A:Google_Gimble.14505.93.0, RW/B:Google_Gimble.14505.93.0).
>> Current system: <sys-flash> (RO:Google_Gimble.14498.0.0, RW/A:Google_Gimble.14505.93.0, RW/B:Google_Gimble.14498.0.0).
>> Write protection: 1 (enabled; HW=1, SW=1).
>> TRY-RW UPDATE: Updating RW_SECTION_A to try on reboot.
>> DONE: Firmware updater exits successfully.
fw_prev_result = trying # [RO/str] Firmware result of previous boot
fw_prev_tried = B # [RO/str] Firmware tried on previous boot (A or B)
fw_result = success # [RW/str] Firmware result this boot
fw_tried = B # [RO/str] Firmware tried this boot (A or B)
fw_try_count = 10 # [RW/int] Number of times to try fw_try_next
fw_try_next = A # [RW/str] Firmware to try next (A or B)
fw_vboot2 = 1 # [RO/int] 1 if firmware was selected by vboot2 or 0 otherwise
fwb_tries = 10 # [RW/int] Try firmware B count
fwid = Google_Gimble.14498.0.0 # [RO/str] Active firmware ID
fwupdate_tries = 0 # [RW/int] Times to try OS firmware update (inside kern_nv)
mainfw_act = B # [RO/str] Active main firmware
// deferupdate HOLD
localhost ~ # chromeos-firmwareupdate --mode=deferupdate_hold --wp=1
Machine Model: gimble
Write Protect: HW=0 SW=0
Last Boot Version: RO=Google_Gimble.14498.0.0 ACT/B=Google_Gimble.14498.0.0
Firmware Updater: RO=Google_Gimble.14505.93.0 RW=Google_Gimble.14505.93.0
>> Starting firmware updater.
>> Target image: images/bios-gimble.ro-14505-93-0.rw-14505-93-0.bin (RO:Google_Gimble.14505.93.0, RW/A:Google_Gimble.14505.93.0, RW/B:Google_Gimble.14505.93.0).
>> Current system: <sys-flash> (RO:Google_Gimble.14498.0.0, RW/A:Google_Gimble.14505.93.0, RW/B:Google_Gimble.14498.0.0).
>> Write protection: 1 (enabled; HW=1, SW=1).
>> TRY-RW UPDATE: Updating RW_SECTION_A to try on reboot.
>> DEFER UPDATE: Defer setting cookies for RW_SECTION_A.
>> DONE: Firmware updater exits successfully.
fw_prev_result = trying # [RO/str] Firmware result of previous boot
fw_prev_tried = B # [RO/str] Firmware tried on previous boot (A or B)
fw_result = success # [RW/str] Firmware result this boot
fw_tried = B # [RO/str] Firmware tried this boot (A or B)
fw_try_count = 0 # [RW/int] Number of times to try fw_try_next
fw_try_next = B # [RW/str] Firmware to try next (A or B)
fw_vboot2 = 1 # [RO/int] 1 if firmware was selected by vboot2 or 0 otherwise
fwb_tries = 0 # [RW/int] Try firmware B count
fwid = Google_Gimble.14498.0.0 # [RO/str] Active firmware ID
fwupdate_tries = 0 # [RW/int] Times to try OS firmware update (inside kern_nv)
mainfw_act = B # [RO/str] Active main firmware
// deferupdate APPLY
localhost ~ # chromeos-firmwareupdate --mode=deferupdate_apply --wp=1
Machine Model: gimble
Write Protect: HW=0 SW=1
Last Boot Version: RO=Google_Gimble.14498.0.0 ACT/B=Google_Gimble.14498.0.0
Firmware Updater: RO=Google_Gimble.14505.106.0 RW=Google_Gimble.14505.106.0
>> Starting firmware updater.
INFO: update_firmware: Apply defer updates, only setting cookies for the next boot slot.
>> DONE: Firmware updater exits successfully.
fw_prev_result = trying # [RO/str] Firmware result of previous boot
fw_prev_tried = B # [RO/str] Firmware tried on previous boot (A or B)
fw_result = success # [RW/str] Firmware result this boot
fw_tried = B # [RO/str] Firmware tried this boot (A or B)
fw_try_count = 10 # [RW/int] Number of times to try fw_try_next
fw_try_next = A # [RW/str] Firmware to try next (A or B)
fw_vboot2 = 1 # [RO/int] 1 if firmware was selected by vboot2 or 0 otherwise
fwb_tries = 10 # [RW/int] Try firmware B count
fwid = Google_Gimble.14498.0.0 # [RO/str] Active firmware ID
fwupdate_tries = 0 # [RW/int] Times to try OS firmware update (inside kern_nv)
mainfw_act = B # [RO/str] Active main firmware
```
BUG=b:232304971
TEST=chromeos-firmwareupdate w/ comment above
BRANCH=None
Signed-off-by: Jae Hoon Kim <kimjae@chromium.org>
Change-Id: Idcfc5864a2cfc2b46a8b936bbab61e3da7c62596
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/vboot_reference/+/3661357
Commit-Queue: Yu-Ping Wu <yupingso@chromium.org>
Reviewed-by: Hung-Te Lin <hungte@chromium.org>
Reviewed-by: Yu-Ping Wu <yupingso@chromium.org>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
In many places (e.g. go/cros-dlm), we treat GSC board IDs as a 4-letter
ASCII string rather than a hexadecimal number. To relieve people of the
need to manually convert between formats when copy&pasting IDs, this
patch makes the `gscvd` command accept both versions.
BRANCH=none
BUG=b:229015103
TEST=futility gscvd -b GVLR
Signed-off-by: Julius Werner <jwerner@chromium.org>
Change-Id: I50fa73f5a14d2747c3e1b15e5dc3fbfcb2391f47
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/vboot_reference/+/3656349
Reviewed-by: Vadim Bendebury <vbendeb@chromium.org>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Introduce a new vboot context flag VB2_CONTEXT_DISABLE_TPM to indicate
whether TPM should be disabled before jumping to kernel. This allows us
to move the vb2ex_tpm_set_mode(VB2_TPM_MODE_DISABLED) call from vboot to
depthcharge. See CL:3653659 for details.
BUG=b:223662000, b:232743820
TEST=make runtests
TEST=emerge-cherry depthcharge
BRANCH=cherry
Cq-Depend: chromium:3653659
Change-Id: Ie7bcc3c7bf01346a3bc1f9e14b30017a4c3148ac
Signed-off-by: Yu-Ping Wu <yupingso@chromium.org>
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/vboot_reference/+/3653207
Reviewed-by: Julius Werner <jwerner@chromium.org>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
This patch adds a new `--add_gbb`/`-G` flag to the `gscvd` command that
can be used as a shorthand option to add the `GBB` FMAP section to the
covered ranges. When adding the GBB, it is important that we exclude the
HWID and HWID digest from the covered ranges, because they can vary
between units and it would be too cumbersome to sign every possible HWID
separately. Figuring out the right ranges to pass that exclude these
individual fields of the structure manually from the build scripts would
be very awkward, so let's add this option here where we can write the
logic cleanly with C code and have all the vboot data structure
definitions readily available.
Also do some minor option parsing cleanups.
BRANCH=none
BUG=b:229015103
TEST=Created GSCVDs with this flag, manually confirmed with a hex editor
that the correct ranges were created.
Signed-off-by: Julius Werner <jwerner@chromium.org>
Change-Id: I3bef5355506d831353afe6f534ae9303334d014c
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/vboot_reference/+/3653203
Reviewed-by: Vadim Bendebury <vbendeb@chromium.org>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
This reverts commit 48532e571bf79f32af972f6096681c11674c3825.
Reason for revert: Stable roll blocked due to unit test failures in platform/signing.
https://ci.chromium.org/ui/p/chromeos/builders/cq/fullcheckout-presubmit/b8813887760837459473/overview
Original change's description:
> signer: Check the list of android image files
>
> BUG=b:230434967
> BRANCH=None
> TEST=Run ./sign_official_build.sh locally
>
> Signed-off-by: Daichi Hirono <hirono@chromium.org>
>
> Change-Id: I5e8b4d848f30f53fae58c721c9b7ddcfbfea9852
> Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/vboot_reference/+/3607891
> Tested-by: Daichi Hirono <hirono@chromium.org>
> Commit-Queue: Daichi Hirono <hirono@chromium.org>
> Reviewed-by: Shao-Chuan Lee <shaochuan@chromium.org>
Bug: b:230434967
Change-Id: I185562d6dcbac4fd30b6dc4c331bd0b1508d58e8
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/vboot_reference/+/3644484
Commit-Queue: Daichi Hirono <hirono@chromium.org>
Tested-by: Daichi Hirono <hirono@chromium.org>
Reviewed-by: Shao-Chuan Lee <shaochuan@chromium.org>
Auto-Submit: Daichi Hirono <hirono@chromium.org>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
The updater_archive has two functions: the implementation of archives,
and the creation of manifest. Since we are having more support of
archives in different format and the logic of manifests is getting more
complicated, so it is better to move the manifest to its own file.
No functional changes, only internal refactoring.
BUG=None
TEST=make; run test
BRANCH=None
Change-Id: I01ff9561583357eac4c6add8a09384f1c4c9d671
Signed-off-by: Hung-Te Lin <hungte@chromium.org>
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/vboot_reference/+/3647407
Reviewed-by: Yu-Ping Wu <yupingso@chromium.org>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
The firmware archive files from buildbot are usually released in
tar+bzip2 format. Although the standard format of the archive
(chromeos-firmwareupdate) is ZIP, it is very helpful if the developers
can quickly run the update using the standard tar.bz2 archive files.
BUG=b:230679721
TEST=futility update --manifest -a \
~/Downloads/ChromeOS-firmware-R91-13885.3.0-asurada.tar.bz2
QEMU_LD_PREFIX=/build/cherry qemu-arm /build/cherry/usr/bin/futility \
update --manifest -a \
~/Downloads/ChromeOS-firmware-R91-13885.3.0-asurada.tar.bz2
BRANCH=None
Change-Id: Ibbab2e8226a00e8b5b292293af570eda37b31a8a
Signed-off-by: Hung-Te Lin <hungte@chromium.org>
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/vboot_reference/+/3644540
Reviewed-by: Yu-Ping Wu <yupingso@chromium.org>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
| |
Rename 'struct archive' to 'struct u_archive' as 'updater archive'
so in future we can support libarchive (which needs 'struct archive').
BUG=None
TEST=make; run test
BRANCH=None
Change-Id: Id4e5b425044b6f1e64f504373c264dba05da62f4
Signed-off-by: Hung-Te Lin <hungte@chromium.org>
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/vboot_reference/+/3644539
Reviewed-by: Yu-Ping Wu <yupingso@chromium.org>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Adding calls to cbfstool truncate command requires file to be closed and
not mapped to work correctly. This patch reworks file opening and
mapping to make it simpler. It also moves responsibility from main
command runner to command functions to correctly operate on their
input/output files.
BUG=b:197114807
TEST=sudo FEATURES=test emerge vboot_reference
TEST=build and boot while chromeos-bootimage and boot on volteer/voxel
platform
BRANCH=none
Signed-off-by: Jakub Czapiga <jacz@semihalf.com>
Change-Id: Iee24fdc43f2a57f54c65f6e55cdd26adf44a0b29
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/vboot_reference/+/3575324
Tested-by: Jakub Czapiga <czapiga@google.com>
Reviewed-by: Julius Werner <jwerner@chromium.org>
Commit-Queue: Julius Werner <jwerner@chromium.org>
Auto-Submit: Jakub Czapiga <czapiga@google.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Let's require the user of this script to explicitly provide the base
file name of the generated key.
BRANCH=none
BUG=b:221423468
TEST=verified generating the new key in various directories (local and
non local).
Verified that the script fails if the user does not supply the
required key file base name.
Change-Id: Iaf85e5822d06c65ca4b7d51f17579269576e4707
Signed-off-by: Vadim Bendebury <vbendeb@google.com>
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/vboot_reference/+/3630287
Tested-by: Vadim Bendebury <vbendeb@chromium.org>
Reviewed-by: Mike Frysinger <vapier@chromium.org>
Commit-Queue: Vadim Bendebury <vbendeb@chromium.org>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
The getter for HWWP implicitly converted the integer returned by
crossystem to an `enum wp_state`. This only worked because of the
particular values assigned to the enum values, so explicitly convert
instead.
BUG=b:223291615
BRANCH=none
TEST=builds
Change-Id: Ib572733f8b05a5a992f09ba98050a7eab5e3bcce
Signed-off-by: Nikolai Artemiev <nartemiev@google.com>
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/vboot_reference/+/3540784
Reviewed-by: Julius Werner <jwerner@chromium.org>
Reviewed-by: Edward O'Callaghan <quasisec@chromium.org>
Tested-by: Edward O'Callaghan <quasisec@chromium.org>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Move the creation of simple folder manifest to a new function.
No changes in functionality.
BUG=None
TEST=make; run test
BRANCH=None
Change-Id: I302752183fc4f385f9b915023d26723a5cbd0c1c
Signed-off-by: Hung-Te Lin <hungte@chromium.org>
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/vboot_reference/+/3615697
Commit-Queue: Yu-Ping Wu <yupingso@chromium.org>
Reviewed-by: Yu-Ping Wu <yupingso@chromium.org>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
The signer_config.csv contains almost everything we need for mapping
from models to image files so that can be an alternative when
models/*/setvars.sh files are not available. This can be shared by
/firmware in future.
Verified by comparing the manifest.json from existing firmware updaters
on the following boards: volteer (share target), sarien (no ec), octopus
(custom-label), and hatch (share target).
for BOARD in volteer sarien octopus hatch; do
/build/$BOARD/usr/sbin/chromeos-firmwareupdate --unpack test/$BOARD
jq -S . <test/$BOARD/manifest.json >old
rm -rf test/$BOARD/models
futility update --manifest -a test/$BOARD | jq -S . >new
diff new old >diff.$BOARD
done
# all diff.$BOARD are empty, e.g., no difference.
BUG=b:230679721
TEST=make; run test
BRANCH=None
Change-Id: I17393c941d2577a2b1c5f00f60b25e98fa3f3a6f
Signed-off-by: Hung-Te Lin <hungte@chromium.org>
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/vboot_reference/+/3612646
Reviewed-by: Julius Werner <jwerner@chromium.org>
Commit-Queue: Yu-Ping Wu <yupingso@chromium.org>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
| |
The PATH_ENDSWITH_SERVARS should be PATH_ENDSWITH_SETVARS.
BUG=None
TEST=make; run test
BRANCH=None
Signed-off-by: Hung-Te Lin <hungte@chromium.org>
Change-Id: I2fd8ab9fe9accf185bc85b2a195e90a9863669bf
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/vboot_reference/+/3615696
Reviewed-by: Yu-Ping Wu <yupingso@chromium.org>
Commit-Queue: Yu-Ping Wu <yupingso@chromium.org>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
To simplify parsing text files in future we want the archive_read_file
to always return a NULL terminated string on success.
BUG=None
TEST=make; run test
BRANCH=None
Signed-off-by: Hung-Te Lin <hungte@chromium.org>
Change-Id: I0dd0105971a80d857a1b05d9680b34b42dbff7e6
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/vboot_reference/+/3612645
Reviewed-by: Julius Werner <jwerner@chromium.org>
Commit-Queue: Julius Werner <jwerner@chromium.org>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
GSC RW signing requires a 3070 bit RSA key. The codesigner tool when
invoked expects the public key in .pem format, the same format is used
by the RO codebase when incorporating the public key in the RO image.
This patch introduces a new accessory key generating script, which
invokes the appropriate opensssl command to generated the required key
pair.
BUG=b:221423468
BRANCH=none
TEST=ran scripts/keygeneration/accessory/create_new_gsc_key.sh and
observed two gsc keys generated:
ls -l *gsc*
-rw------- 1 vbendeb vbendeb 2451 Apr 21 20:42 gsc_3070.pem
-rw-r--r-- 1 vbendeb vbendeb 625 Apr 21 20:42 gsc_3070.pem.pub
in the FPGA setup confirmed that Ti50 RW can be signed and
verified using the generated key pair.
Signed-off-by: Vadim Bendebury <vbendeb@chromium.org>
Change-Id: I429c250f60aa1da28aa99f39dff40c3bcda71df6
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/vboot_reference/+/3600151
Reviewed-by: Andrey Pronin <apronin@chromium.org>
Reviewed-by: Mike Frysinger <vapier@chromium.org>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
For early bring up and the lab deployment, the developers need a simple
way to update the firmware directly from the build artifacts (either
from CPFE firmware archives or /build/$BOARD/firmware) before the
firmware is pinned and available via chromeos-firmwareupdate.
To simplify the process, we want the updater to understand the layout of
files in /firmware. This change supports that as "raw archive" so
developers can update by:
# Verify what's available.
futility update -a /build/$BOARD/firmware --manifest
# Update the firmware for a specific model.
futility update -a /build/$BOARD/firmware --model $MODEL
# On DUT, detect the model and update the firmware.
mkdir /tmp/firmware
tar -xvf firmware.tbz -C /tmp/firmware
futility update -a /tmp/firmware
BUG=b:230679721
TEST=make; run tests
BRANCH=None
Change-Id: I8a262f1d2ec916da62e49a53fd45bdec9fa0ad9b
Signed-off-by: Hung-Te Lin <hungte@chromium.org>
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/vboot_reference/+/3611322
Reviewed-by: Sergey Frolov <sfrolov@google.com>
Reviewed-by: Mike Frysinger <vapier@chromium.org>
Reviewed-by: Julius Werner <jwerner@chromium.org>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
ToT clang is complaining about missing 'void' in
function prototype.
futility/updater.c:1235:42:
error: a function declaration without a prototype is
deprecated in all versions of C [-Werror,-Wstrict-prototypes]
struct updater_config *updater_new_config()
^
void
BUG=b:230345382
TEST=CQ, llvm tot test
BRANCH=none
Signed-off-by: Manoj Gupta <manojgupta@google.com>
Change-Id: Ic68b71a7413e9396904dd319e0febce2eecb0df3
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/vboot_reference/+/3610725
Reviewed-by: Julius Werner <jwerner@chromium.org>
Commit-Queue: Julius Werner <jwerner@chromium.org>
Tested-by: Manoj Gupta <manojgupta@chromium.org>
Commit-Queue: Manoj Gupta <manojgupta@chromium.org>
Auto-Submit: Manoj Gupta <manojgupta@chromium.org>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
| |
BUG=b:230434967
BRANCH=None
TEST=Run ./sign_official_build.sh locally
Signed-off-by: Daichi Hirono <hirono@chromium.org>
Change-Id: I5e8b4d848f30f53fae58c721c9b7ddcfbfea9852
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/vboot_reference/+/3607891
Tested-by: Daichi Hirono <hirono@chromium.org>
Commit-Queue: Daichi Hirono <hirono@chromium.org>
Reviewed-by: Shao-Chuan Lee <shaochuan@chromium.org>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Old names are not in use for very long time, so remove them.
BUG=b:197114807
TEST=cros-workon-volteer start vboot_reference && \
FW_NAME=voxel emerge-volteer vboot_reference coreboot
chromeos-bootimage
TEST=sudo FEATURES=test emerge vboot_reference
BRANCH=none
Signed-off-by: Jakub Czapiga <jacz@semihalf.com>
Change-Id: I07916b82a721481c982b291e228df0772e0fc2a2
Disallow-Recycled-Builds: test-failures
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/vboot_reference/+/3575323
Auto-Submit: Jakub Czapiga <czapiga@google.com>
Commit-Queue: Jakub Czapiga <czapiga@google.com>
Reviewed-by: Julius Werner <jwerner@chromium.org>
Tested-by: Jakub Czapiga <czapiga@google.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
| |
This reverts commit 2981c0bacbaa0446562aaa04f23e3e9f07c86069, as that
patch is not the proper way to generate accessory keys.
BUG=b:221423468
BRANCH=none
TEST=none
Change-Id: I5500424b01ef45cc353468173f60f9b202b92b54
Signed-off-by: Vadim Bendebury <vbendeb@chromium.org>
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/vboot_reference/+/3600150
Reviewed-by: Mike Frysinger <vapier@chromium.org>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
GSC RW signing requires an 3070 bit RSA key. The codesigner tool when
invoked expects the public key in .pem format, the same format is used
by the RO codebase when incorporating the public key in the RO image.
This patch introduces a new key option, RSA3070_NOSIG_ALGOID. The keys
of this kind are not going to be processed by futility, hence no need
to specify the signing algorithm.
BUG=b:221423468
BRANCH=none
TEST=ran ./create_new_keys.sh and observed two gsc keys generated:
$ ls *gsc*
gsc_rw_3070.pem gsc_rw_3070.pem.pub
in the FPGA setup confirmed that Ti50 RW can be signed and
verified using the generated key pair.
Signed-off-by: Vadim Bendebury <vbendeb@chromium.org>
Change-Id: Ie676ba8043c34900388372270329a4903656d499
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/vboot_reference/+/3591642
Reviewed-by: Mike Frysinger <vapier@chromium.org>
Commit-Queue: Mike Frysinger <vapier@chromium.org>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
This adds a keyblock holding the arv_platform public key that is signed
with the arv_root private key. The SHA-256 of the root key is
3d74429f35be8d34bcb425d4397e2218e6961afed456a78ce30047f5b54ed158.
Command to build:
./build/futility/futility vbutil_keyblock \
--pack tests/devkeys/arv_platform.keyblock \
--datapubkey tests/devkeys/arv_platform.vbpubk \
--signprivate tests/devkeys/arv_root.vbprivk
BUG=b:161483233
TEST=above command
BRANCH=None
Signed-off-by: Alyssa Haroldsen <kupiakos@google.com>
Change-Id: I7989c081e4a3ad79f957e3e6d8a3b2314e06152f
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/vboot_reference/+/3584691
Reviewed-by: Jett Rink <jettrink@chromium.org>
Commit-Queue: Alyssa Haroldsen <kupiakos@google.com>
Tested-by: Alyssa Haroldsen <kupiakos@google.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
BUG=b:207808292
BRANCH=none
TEST=emerge-octopus and cros deploy'ed
Signed-off-by: Edward O'Callaghan <quasisec@google.com>
Change-Id: I8a8f941f224416d872592d6cc2de4caf058cb5bc
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/vboot_reference/+/3512274
Reviewed-by: Hung-Te Lin <hungte@chromium.org>
Tested-by: Edward O'Callaghan <quasisec@chromium.org>
Auto-Submit: Edward O'Callaghan <quasisec@chromium.org>
Reviewed-by: Nikolai Artemiev <nartemiev@google.com>
Commit-Queue: Nikolai Artemiev <nartemiev@google.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Otherwise, it will mutate the file under your feet!
This also adds some clarifying messages, including a message if
verification failed due to incorrect signing instead of silent output.
BUG=None
TEST=`futility gscvd <file>` does not change sha256sum of file
BRANCH=None
Signed-off-by: Alyssa Haroldsen <kupiakos@google.com>
Change-Id: Ic793ad47c0160e3cedb7e2b7cc842a3f4380749d
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/vboot_reference/+/3584690
Reviewed-by: Vadim Bendebury <vbendeb@chromium.org>
Commit-Queue: Alyssa Haroldsen <kupiakos@google.com>
Tested-by: Alyssa Haroldsen <kupiakos@google.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Some newer devices need extra preparation steps even when using CCD via
servo, so a new 'ccd_cpu_fw_spi' is added to hdctools. The firmware
updater should use it in servo+ccd modes.
Also, the custom_rst is now moved to detect_servo so the --servo_noreset
option is removed.
BUG=b:216832684
TEST=make; run test
BRANCH=None
Change-Id: I6af0f03d5b0b1bb473ecb29680b253a5b71c7465
Signed-off-by: Hung-Te Lin <hungte@chromium.org>
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/vboot_reference/+/3577658
Reviewed-by: Wai-Hong Tam <waihong@google.com>
Tested-by: Wai-Hong Tam <waihong@google.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Detect servo micro and C2D2 servo types and toggle cpu_fw_spi before and
after flash access is required.
BUG=b:220992685
TEST={get,set}_gbb_flags.sh --servo with C2D2 and servo micro
BRANCH=None
Cq-Depend: chromium:3470605
Change-Id: I9f8a9bcabe731001ed18150ca1db9820db20e0d3
Signed-off-by: Sam McNally <sammc@chromium.org>
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/vboot_reference/+/3469747
Reviewed-by: Edward O'Callaghan <quasisec@chromium.org>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
With introduction of Ti50 images the version of the eraseflashinfo
capable images must change, which will prevent signing scripts from
accepting Ti50 images from node locked signing.
Enforcing the version number is proving to be a larger pain that in is
worth: we do need to modify the version once in a while, and it takes
a lot of effort and time to propagate the version adjustment through
signing stages.
We already have a quorum requirement for eraseflashinfo capable node
locked images, this provides enough guarantee from accidental signing
or malicious signing of such an image, version number enforcement does
not add security.
BRANCH=none
BUG=b:219774807
TEST=none
Change-Id: Ifd5ac17540595d71210445e6ad573c81fc25a47a
Signed-off-by: Vadim Bendebury <vbendeb@chromium.org>
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/vboot_reference/+/3553419
Reviewed-by: Mary Ruthven <mruthven@chromium.org>
Reviewed-by: Andrey Pronin <apronin@chromium.org>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
The new quirk will allow the updater to easily switch the underlying
flash driver between the libflashrom and the external flashrom.
BUG=None
TEST=build and run test
BRANCH=None
Change-Id: I5b9da373b1e22a948e04d844973a5683adffe63c
Signed-off-by: Hung-Te Lin <hungte@chromium.org>
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/vboot_reference/+/3534489
Reviewed-by: Yu-Ping Wu <yupingso@chromium.org>
Commit-Queue: Yu-Ping Wu <yupingso@chromium.org>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
The libflashrom is still different from the real flashrom program.
To easily debug and compare the execution results (especially for
devices under development), we want to allow the updater to
switch between the libflashrom and the external flashrom.
The real switch (either a quirk or a command line argument) will
be added in a follow up change.
BUG=None
TEST=build and run test
BRANCH=None
Change-Id: I3f3226fd555dc9e7c40838cd1474e0d018b27ccc
Signed-off-by: Hung-Te Lin <hungte@chromium.org>
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/vboot_reference/+/3500339
Reviewed-by: Yu-Ping Wu <yupingso@chromium.org>
Commit-Queue: Yu-Ping Wu <yupingso@chromium.org>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
The 'write_system_firmware' and 'load_system_firmware' have too many
parameters that are already contained in the updater_config.
To simplify the interfaces, we should just pass the updater_config to
{write,load}_system_firmware, and merge the write_firmware_sections
(only handling emulation and deciding the diff image) to the
write_system_firmware.
Also moved the utility functions only used by *_system_firmware (for
example is_the_same_programmer and emulate_write_firmware) to the
updater_utils.c.
The emulate_write_firmware is also revised to handle a list of sections
directly (so we don't need to handle that in write_system_firmware).
BUG=None
TEST=make; build and run test.
BRANCH=None
Change-Id: I4d123d12e8057da82d6c301899472e3773f3266e
Signed-off-by: Hung-Te Lin <hungte@chromium.org>
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/vboot_reference/+/3508121
Reviewed-by: Yu-Ping Wu <yupingso@chromium.org>
Commit-Queue: Yu-Ping Wu <yupingso@chromium.org>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Per discussion, the 'custom_label_tag' is easier to read than
'customlabel_tag'. We should rename it before any real devices
have started using the different names.
BUG=b:169766857
TEST=make; build and run test
BRANCH=None
Change-Id: I3672e7b20bc85f79796470ba1a58c2896d26ff88
Signed-off-by: Hung-Te Lin <hungte@chromium.org>
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/vboot_reference/+/3534491
Reviewed-by: Yu-Ping Wu <yupingso@chromium.org>
Commit-Queue: Yu-Ping Wu <yupingso@chromium.org>
|
| |
|
|
|
|
|
|
|
|
|
|
|
| |
It should be VB2_NV_DISABLE_DEV_REQUEST, not VB2_NV_DIAG_REQUEST.
BUG=b:172339016
TEST=none
BRANCH=none
Change-Id: Id35ea2680dd55d830991cf118f4e9c97f52eb0cb
Signed-off-by: Hsuan Ting Chen <roccochen@chromium.org>
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/vboot_reference/+/3532539
Reviewed-by: Yu-Ping Wu <yupingso@chromium.org>
|
| |
|
|
|
|
|
|
|
|
|
| |
BUG=none
TEST=still builds
BRANCH=none
Change-Id: I3b244461b86c8aeec4f33ad7205157c709e0d695
Signed-off-by: Peter Marheine <pmarheine@chromium.org>
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/vboot_reference/+/3524288
Reviewed-by: Reka Norman <rekanorman@chromium.org>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
On Meteor Lake platform, the pinctrl (gpiochip) driver label is
"INTC1083:00", hence declare it properly.
BUG=b:224325352
TEST=Test pending
Signed-off-by: Subrata Banik <subratabanik@google.com>
Change-Id: I9c1583972e71ae472c8b3f360eda34611c8c8f0c
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/vboot_reference/+/3520099
Reviewed-by: Tim Wawrzynczak <twawrzynczak@chromium.org>
Tested-by: Subrata Banik <subratabanik@chromium.org>
Commit-Queue: Subrata Banik <subratabanik@chromium.org>
Auto-Submit: Subrata Banik <subratabanik@chromium.org>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
When checking the sections to update in the RW-recovery flow, we should
always check the availability before adding them to the list for
updating.
BUG=None
TEST=build and run test
BRANCH=None
Signed-off-by: Hung-Te Lin <hungte@chromium.org>
Change-Id: Id714b1db736cbf4eef879566431e5a496f319cd4
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/vboot_reference/+/3494671
Reviewed-by: Yu-Ping Wu <yupingso@chromium.org>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
The updater should always only update the whole image when write
protection is disabled, or partial (RW) when write protection is
enabled. As a result, it should be better to always turn on -N
(--noverify-all) for two reasons: (1) faster partial write, and
(2) prevent failure due to other processors accessing the flash
in parallel.
- Faster partial write:
On recent x86 Chromebooks the flash size is getting bigger and bigger
(for example 32M on Brya) and the RW section size is much smaller
(8M on Brya). So we wasted a lot of time reading and verifying
sections that we don't care (64M versus 16M) if we don't turn on -N.
- Concurrent access:
On recent x86 devices the system flash is shared by two processors -
the CPU and the CSME. Before the ME is locked, CPU can see and access
all regions - including those managed by ME/CSME. As a result, when
the updater is changing the RW_SECTION, the CSME may be updating
CSE_RO or CSE_RW on its own. So if we don't turn on -N, the
verification will fail in CSE regions.
Also revised to only set FLASHROM_FLAG_VERIFY_AFTER_WRITE one time.
BUG=None
TEST=make; build and run tests.
BRANCH=None
Change-Id: I1ebff2d7f00b85037464eff4fa5d4573f867ce44
Signed-off-by: Hung-Te Lin <hungte@chromium.org>
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/vboot_reference/+/3505290
Reviewed-by: Yu-Ping Wu <yupingso@chromium.org>
Commit-Queue: Yu-Ping Wu <yupingso@chromium.org>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Support new VPD name 'customlabel_tag' for the custom label program.
For shipped devices (firmware is already locked and write protected) we
still support the legacy name.
The quirk 'allow_empty_wl_tag' also renamed to
'allow_empty_customlabel_tag'.
This is usually not recommended, but given no devices have used this
quirk in the CBFS quirks, it should be fine to change the quirk name.
BUG=b:169766857
TEST=make; build and run test
BRANCH=None
Change-Id: Ia29051a4e829d853cc60488f286d575c20f52f20
Signed-off-by: Hung-Te Lin <hungte@chromium.org>
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/vboot_reference/+/3503199
Reviewed-by: Yu-Ping Wu <yupingso@chromium.org>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Small refactor to make it easier to more towards
libflashrom. This makes the call site responsible for
setting up the path for ReadNorFlash().
BUG=b:207808292,b:220079643
BRANCH=none
TEST=`make cgpt`
Signed-off-by: Edward O'Callaghan <quasisec@google.com>
Change-Id: I15fc57e5afca6206b60df92616fd4cdce63b03e3
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/vboot_reference/+/3469738
Tested-by: Edward O'Callaghan <quasisec@chromium.org>
Auto-Submit: Edward O'Callaghan <quasisec@chromium.org>
Reviewed-by: Sam McNally <sammc@chromium.org>
Commit-Queue: Edward O'Callaghan <quasisec@chromium.org>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Small refactor to make it easier to more towards libflashrom.
BUG=b:207808292,b:220079643
BRANCH=none
TEST=`make cgpt`
Signed-off-by: Edward O'Callaghan <quasisec@google.com>
Change-Id: Ie0c7f4faee3052300b10ba2d1adce7876d7b821c
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/vboot_reference/+/3469737
Tested-by: Edward O'Callaghan <quasisec@chromium.org>
Auto-Submit: Edward O'Callaghan <quasisec@chromium.org>
Reviewed-by: Sam McNally <sammc@chromium.org>
Commit-Queue: Edward O'Callaghan <quasisec@chromium.org>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
C2D2 is used similarly to servo micro. Mirror the servo micro logic
accordingly.
BUG=b:220992685
TEST=futility update --servo over C2D2 with and with servo v4
BRANCH=None
Cq-Depend: chromium:3470605
Change-Id: I298fe5847abba0957fa5c2da4e1981a7da9e0428
Signed-off-by: Sam McNally <sammc@chromium.org>
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/vboot_reference/+/3469746
Reviewed-by: Reka Norman <rekanorman@chromium.org>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
| |
To get more message for debugging, we want to increase the verbosity on
each retry.
BUG=None
TEST=build and run tests
BRANCH=None
Signed-off-by: Hung-Te Lin <hungte@chromium.org>
Change-Id: I85e0fc518113a18bb1aaa39db3f58329d94b5ecb
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/vboot_reference/+/3500326
Reviewed-by: Subrata Banik <subratabanik@chromium.org>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
| |
BUG=b:207808292,b:220079643
BRANCH=none
TEST=`make cgpt`
Signed-off-by: Edward O'Callaghan <quasisec@google.com>
Change-Id: I367e44eed18c79a807bd428e50a3faf926833719
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/vboot_reference/+/3461097
Auto-Submit: Edward O'Callaghan <quasisec@chromium.org>
Reviewed-by: Nikolai Artemiev <nartemiev@google.com>
Tested-by: Edward O'Callaghan <quasisec@chromium.org>
Commit-Queue: Edward O'Callaghan <quasisec@chromium.org>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
The write_firmware_sections now supports writing multiple sections in
one invocation so we can pass all RW sections to it for the recovery
update.
On Brya, the total execution time may be reduced from 4 mins to
1.5 mins.
BUG=b:221137867
TEST=build and run test
BRANCH=None
Signed-off-by: Hung-Te Lin <hungte@chromium.org>
Change-Id: Ifbc67327a02096e027c1e2025485ebb17645a71d
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/vboot_reference/+/3490387
Reviewed-by: Edward O'Callaghan <quasisec@chromium.org>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
| |
Add new function 'write_firmware_sections' so we can write update
sections in one write_system_firmware (e.g., flashrom) command.
BUG=b:221137867
TEST=build; and run test
BRANCH=None
Change-Id: Ia33ec5ac82e1c661457180ec45df6c02beae4ec3
Signed-off-by: Hung-Te Lin <hungte@chromium.org>
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/vboot_reference/+/3490389
Reviewed-by: Edward O'Callaghan <quasisec@chromium.org>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
When we have multiple regions to update, invoking flashrom_write_image
multiple times will take much longer because for each write it has to
read the whole flash, write and then verify whole flash (also timer
calibration and programmer init/shutdown every time).
As a result, we want to support writing multiple regions - just like
that flashrom can take arbitrary numbers of "-i REGION".
This change only extended flashrom_write_image, and the firmware updater
is calling flashrom_drv multiple times. That will be addressed in the
follow up changes.
BUG=b:221137867
TEST=build; and run test
BRANCH=None
Signed-off-by: Hung-Te Lin <hungte@chromium.org>
Change-Id: Id335cc9f816f1384f1886422efa97fe2c7b81aec
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/vboot_reference/+/3490388
Reviewed-by: Edward O'Callaghan <quasisec@chromium.org>
|
