| Commit message (Collapse) | Author | Age | Files | Lines |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
I have one too many times being bitten by forgetting to reboot
my DUT between running this tool and trying to flash a new kernel.
Make the script remind me of this requirement.
BRANCH=none
BUG=none
TEST=ran script, saw new output
Change-Id: I5c4738317087ec7654b13c1c9c3cd67273ba3bf1
Signed-off-by: Enrico Granata <egranata@chromium.org>
Reviewed-on: https://chromium-review.googlesource.com/1330016
Reviewed-by: Hung-Te Lin <hungte@chromium.org>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
At present we allow the user to press a keypad number to boot into another
bootloader but there is no indication which one is which.
Add a new screen for this. It is entered via Ctrl-L and shows the
available bootloaders, along with the number to press for each. The
contents of the screen is rendered by the bootloader, as usual.
This is supported by two new screens, one for the keyboard UI and one for
the menu UI. Also a new function, VbExGetAltFwIdxMask(), is added to find
out what bootloaders are available.
Note: This CL combines changes for both UIs. The changes may be easier to
review separately.
CQ-DEPEND=CL:1273269
BUG=chromium:837018
BRANCH=none
TEST=FEATURES=test emerge-grunt --nodeps vboot_reference
Change-Id: Ib3227545dc677c8f9587944753e32f3b49647360
Signed-off-by: Simon Glass <sjg@chromium.org>
Reviewed-on: https://chromium-review.googlesource.com/1273268
Reviewed-by: Julius Werner <jwerner@chromium.org>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
We recently expanded the kernel size from 16M to 64M for the generic
amd64 image and that's causing problems for this script. Let's drop the
check for a maximum size as we have other sanity checks for reading the
kernel command line and modifying vboot headers later on anyway.
BRANCH=None
BUG=chromium:905093
TEST=deploy_chrome for amd64-generic image
Change-Id: Id08ad0a1feb28fda850c611e1e993d15b32e502d
Signed-off-by: Stephen Boyd <swboyd@chromium.org>
Reviewed-on: https://chromium-review.googlesource.com/1336109
Commit-Ready: ChromeOS CL Exonerator Bot <chromiumos-cl-exonerator@appspot.gserviceaccount.com>
Reviewed-by: Hung-Te Lin <hungte@chromium.org>
Reviewed-by: Achuith Bhandarkar <achuith@chromium.org>
Reviewed-by: Mike Frysinger <vapier@chromium.org>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
There are devices, especially during or after RMA, may have WP states
not synced; for example
HW = 1
SW (AP) = 0
SW (EC) = 1
In this case, we can still update host firmware but not EC. This happens
more often on EC that needs an extra reboot to change WP states.
As a result, we do want to check real programmer again before updating
optional images.
BUG=chromium:902546
TEST=make futil; tests/futility/run_test_scripts.sh $(pwd)/build/futility
BRANCH=None
Change-Id: I9a526cde19a1ab3c41afecb4f7247bd941edc3f4
Signed-off-by: Hung-Te Lin <hungte@chromium.org>
Reviewed-on: https://chromium-review.googlesource.com/1322295
Reviewed-by: Randall Spangler <rspangler@chromium.org>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
If some system that firmware RW sections were damaged, the firmware
string may become '\xFF' (flash erased content). We do not want to see
that as version string, and this will help FAFT testing.
BUG=chromium:899901
TEST=TEST=make futil; tests/futility/run_test_scripts.sh $(pwd)/build/futility
BRANCH=None
Change-Id: I947ec3c8286a022163abf01ae1d8ab5747aacf08
Signed-off-by: Hung-Te Lin <hungte@chromium.org>
Reviewed-on: https://chromium-review.googlesource.com/1317050
Reviewed-by: Randall Spangler <rspangler@chromium.org>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
To simplify the migration plan, we want to support the legacy arguments
used by FAFT:
--noupdate_ec => --host_only
--noupdate_pd => --host_only
--nocheck_keys => --force
--update_main => ignore
BUG=chromium:882445,b:118509893
TEST=make futil; tests/futility/run_test_scripts.sh $(pwd)/build/futility
BRANCH=None
Change-Id: I31652806085937fe5ca2f2facc7321021977cbb7
Signed-off-by: Hung-Te Lin <hungte@chromium.org>
Reviewed-on: https://chromium-review.googlesource.com/1310253
Reviewed-by: Randall Spangler <rspangler@chromium.org>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
It is important that we lock the TPM before calling this function. We have
several places where the function is called. Reduce the risk that the TPM
is no locked by running all calls through a single point. Drop the
vb2_exit_altfw() function as it is not needed now.
We rely on being able to call RollbackKernelLock() multiple times since it
ignores subsequent calls and does not attempt to lock the TPM twice.
With the menu UI this causes a small change in behaviour: when starting
legacy firmware fails the screen flashes AFTER the beep instead of before.
Hopefully this difference is not important.
Future work will unify the two UI more.
BUG=chromium:837018
BRANCH=none
TEST=FEATURES=test emerge-grunt --nodeps vboot_reference
Change-Id: I0ee0b52eb57c30c1e1bb4a7e60e11d060025ab17
Signed-off-by: Simon Glass <sjg@chromium.org>
Reviewed-on: https://chromium-review.googlesource.com/1292248
Reviewed-by: Julius Werner <jwerner@chromium.org>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Rather than having vboot_ui be the common file between that and
vboot_ui_menu, create a new file.
For now just move over vb2_error_beep(). The other common functions are
being removed in future CLs.
BUG=chromium:837018
BRANCH=none
TEST=FEATURES=test emerge-grunt --nodeps vboot_reference
Change-Id: Iff6917642ff79ea0b5cce60b383876b6f7174d20
Signed-off-by: Simon Glass <sjg@chromium.org>
Reviewed-on: https://chromium-review.googlesource.com/1310794
Reviewed-by: Julius Werner <jwerner@chromium.org>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
In some cases we use a a single high beep to signal an error. It does not
seem important to distinguish this from any other kind of error, so just
use the existing case.
All beeping now goes through vb2_error_beep(), except for one beep in
vboot_audio.c.
We could move vb2_error_beep() to vboot_audio.c, but the beeps seem to be
a part of the UI rather than the audio system. Of course,
vb2_audio_looping() arguable is also...
BUG=chromium:837018
BRANCH=none
TEST=FEATURES=test emerge-grunt --nodeps vboot_reference
Change-Id: I55807b4548987a621e8bbced97e7710d6cd6d5fb
Signed-off-by: Simon Glass <sjg@chromium.org>
Reviewed-on: https://chromium-review.googlesource.com/1292247
Reviewed-by: Julius Werner <jwerner@chromium.org>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
In chromium:895549, we want to have consistent behavior of
'tpmc def' between TPM 1.2 and TPM 2.0.
In TPM 1.2, define space command will undefine the existing space,
and create a new one. So we make the 'tpmc def' act as this by
default.
Also, provide a option for whom may want to define a new space
only if it is not defined yet. It will return TPM error code
at that case.
BUG=chromium:895549
BRANCH=None
TEST=unit test; manually test:
# For TPM 2.0 use AUTHREAD|AUTHWRITE
tpmc tpmversion | grep 2.0 && export PERM=0x40004
tpmc tpmversion | grep 1.2 && export PERM=0x1
# Define the space
tpmc def 0x1020 0x1 "$PERM"
# Redefine the space, default will overwrite
tpmc def 0x1020 0x1 "$PERM"
# Expected: Success
tpmc def 0x1020 0x1 "$PERM" --no-overwrite
# Expected: output error for the space is already defined.
# For TPM 2.0, it should output:
# command "def" failed with code 0x14c
# the TPM error code is unknown to this program
# For TPM 1.2, it should output:
# The space is existing but --no-overwrite is set.
Change-Id: I9b4e742f2935578443ebcc69e91d0aebc84deed8
Reviewed-on: https://chromium-review.googlesource.com/1298098
Commit-Ready: Meng-Huan Yu <menghuan@chromium.org>
Tested-by: Meng-Huan Yu <menghuan@chromium.org>
Reviewed-by: Andrey Pronin <apronin@chromium.org>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
For TPM 1.2, the undef command only works when NvLocked is not set
which is usually set before boot, even for recovery mode.
For TPM 2.0, it will automaticly choose the correct authorization
according to the TPMA_NV_PLATFORMCREATE attribute of that index.
BUG=chromium:895549
BRANCH=None
TEST=No test for TPM 1.2
Manually test for TPM 2.0:
1. Boot with platform hierarchy is disabled, then
# perm: TPMA_NV_AUTHREAD | TPMA_NV_AUTHWRITE
tpmc def 0x1020 0x10 0x40004
tpmc getp 0x1020 # check the space exists, expect success
tpmc undef 0x1020
2. Boot with platform hierarchy is enabled, then run
# perm: TPMA_NV_AUTHREAD | TPMA_NV_AUTHWRITE |
# TPMA_NV_PLATFORMCREATE
tpmc def 0x1020 0x1 0x40040004
tpmc getp 0x1020 # check the space exists, expect success
tpmc undef 0x1020
Change-Id: I1d814287fda3e7c11933eca7334fdc3ab1ebf895
Reviewed-on: https://chromium-review.googlesource.com/1298097
Commit-Ready: Meng-Huan Yu <menghuan@chromium.org>
Tested-by: Meng-Huan Yu <menghuan@chromium.org>
Reviewed-by: Andrey Pronin <apronin@chromium.org>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
For TPM 1.2, to undefine the space is just define a size 0 space.
And all operation should be done under physical presence is set
if NvLocked is set. Iirc, NvLocked is usually set before boot.
For TPM 2.0, support to undefine space regardless platform hierarchy
state. We will use platform authorization when TPMA_NV_PLATFORMCREATE
of that space is set. Otherwise, we will try to use owner
authorization with NULL password.
For owner authorization with customized password is still not
supported in UndefineSpace since it is also not support in
DefineSpaceEx.
BUG=chromium:895549
BRANCH=None
TEST=vboot_reference unit test passed and added new link test for TPM 1.2.
For TPM 2.0, there is no unit test, but passed manually test
with tpmc in the following commit.
Also passed depthcharge unit test for TPM 2.0 and TPM 1.2 board.
Change-Id: I06dcc70c63a88a04d19f3b248666ff2492a1d2b0
Reviewed-on: https://chromium-review.googlesource.com/1291131
Commit-Ready: Meng-Huan Yu <menghuan@chromium.org>
Tested-by: Meng-Huan Yu <menghuan@chromium.org>
Reviewed-by: Andrey Pronin <apronin@chromium.org>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
On Icelake platform, the pinctrl (gpiochip) driver label is "INT3455:00",
hence declare it properly.
TEST=run 'crossystem wpsw_cur' and see '0' rather than an error
on dragonegg platform.
Change-Id: I34e24478934a8fbaf9777a8340672697f7642ba3
Signed-off-by: Subrata Banik <subrata.banik@intel.com>
Reviewed-on: https://chromium-review.googlesource.com/1307200
Reviewed-by: Aaron Durbin <adurbin@chromium.org>
Reviewed-by: Furquan Shaikh <furquan@chromium.org>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
In mosys, $(mosys platform name) currently returns the board (family) name
while the real model name needs $(mosys platform model).
BUG=chromium:875551
TEST=TEST=make futil; tests/futility/run_test_scripts.sh $(pwd)/build/futility
BRANCH=None
Change-Id: Ie3355ca94d577e88a2140567b9284da40c0b39c5
Reviewed-on: https://chromium-review.googlesource.com/1301013
Commit-Ready: Hung-Te Lin <hungte@chromium.org>
Tested-by: Hung-Te Lin <hungte@chromium.org>
Reviewed-by: Randall Spangler <rspangler@chromium.org>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
We have two different types of beep each with its own meaning:
- two high beeps: not allowed
- single low beep: allowed but it failed
Add an enum to cover this and update all callers. In VbTryUsb() there is a
delay after the beep but that does not seem to be needed, so drop it.
BUG=chromium:837018
BRANCH=none
TEST=FEATURES=test emerge-grunt --nodeps vboot_reference
Change-Id: I824d088d1a51aeb5a35b5978a05533e8eabcf8f6
Signed-off-by: Simon Glass <sjg@chromium.org>
Reviewed-on: https://chromium-review.googlesource.com/1292246
Commit-Ready: ChromeOS CL Exonerator Bot <chromiumos-cl-exonerator@appspot.gserviceaccount.com>
Reviewed-by: Julius Werner <jwerner@chromium.org>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Upstream Linux supports a new ioctl API for GPIO chips, via new
/dev/gpiochip* device nodes. This new API supports name lookups, which
is a much nicer way than the index-based stuff in /sys/class/gpio/. We
can finally use this instead of our custom, downstream "chromeos_arm"
driver.
GPIO line names are defined in a 'gpio-line-names' property in the
Device Tree. For now, we have exactly one board using this, and we're
calling it 'AP_FLASH_WP_L'. We will need to ensure future devices use
this same naming.
Per others' suggestions, I'm avoiding using libgpiod, because it's a
relatively new library (with breaking changes in v1.0 as recently as
this year), and vboot_reference is used by plenty of other projects. And
it wasn't that hard to hand-roll the ioctls.
Side note: the chromeos_arm device is not guaranteed to be found at
/sys/devices/platform/chromeos_arm any more (especially on kernel
>=4.14), so this is a handy excuse to just kill use of the driver
entirely.
BRANCH=none
BUG=chromium:897992
TEST=`crossystem wpsw_cur` on 4.14 kernels (with this API) and older
kernels (without this API)
Change-Id: I7553801fb0e97c8a0aa6f4341d297ad0071c3dac
Signed-off-by: Brian Norris <briannorris@chromium.org>
Reviewed-on: https://chromium-review.googlesource.com/1298274
Reviewed-by: Douglas Anderson <dianders@chromium.org>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Storing backup files inside /mnt/stateful_partition should be done only
on DUTs running ChromeOS. For chroot or other environment, we should
just store in current folder if available.
Also fixed that the warning message when backup files can't be generated
should be printed using "warn" instead of "warning".
BUG=None
TEST=./make_dev_ssd.sh -i image --edit_config --partitions 2
Change-Id: Ie81e810951e7fc72f350de847440a8f0372bc9be
Reviewed-on: https://chromium-review.googlesource.com/1300893
Commit-Ready: Hung-Te Lin <hungte@chromium.org>
Tested-by: Hung-Te Lin <hungte@chromium.org>
Reviewed-by: Mike Frysinger <vapier@chromium.org>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
In order to make the firmware updater package more consistent file
contents (for example, we don't want time stamps, and better if the
files are always physically located in same order) we want to create and
manipulate the ZIP based package directly using updater.
BUG=chromium:875551
TEST=TEST=make futil; tests/futility/run_test_scripts.sh $(pwd)/build/futility
BRANCH=None
Change-Id: Ie4c5aafe51f633729de2879c73bf7074a695151f
Signed-off-by: Hung-Te Lin <hungte@chromium.org>
Reviewed-on: https://chromium-review.googlesource.com/1286173
Commit-Ready: ChromeOS CL Exonerator Bot <chromiumos-cl-exonerator@appspot.gserviceaccount.com>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
The `programmer` cannot be decided in `load_firmware_image` and is always
specified (and managed) by an outer context, and should be preserved
even when we call `free_firmware_image`.
This helps reloading or removing loaded images at runtime.
BUG=chromium:875551
TEST=TEST=make futil; tests/futility/run_test_scripts.sh $(pwd)/build/futility
BRANCH=None
Change-Id: I22f698d4a7118197379e11556b18f70ecd023ca2
Signed-off-by: Hung-Te Lin <hungte@chromium.org>
Reviewed-on: https://chromium-review.googlesource.com/1295209
Reviewed-by: Randall Spangler <rspangler@chromium.org>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
The legacy firmware updater can update explicitly only some type of
images by using `--[no]update_main`, `--[no]update_ec`,
`--[no]update_pd`.
Since software sync is introduced, usually it does not make sense to
only update EC or PD; instead the real request is to "ignore provided EC
and PD images and update only host".
The new `--host_only` argument provides an easy way to ignore images in
command line (`--ec_image`, `--pd_image`) and archives (`ec.bin`,
`pd.bin`).
BUG=chromium:875551
TEST=TEST=make futil; tests/futility/run_test_scripts.sh $(pwd)/build/futility
BRANCH=None
Change-Id: Idf403680880cd58a00867172ccec97fd60c1b826
Signed-off-by: Hung-Te Lin <hungte@chromium.org>
Reviewed-on: https://chromium-review.googlesource.com/1295210
Reviewed-by: Randall Spangler <rspangler@chromium.org>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
For backward compatibility, we need to support the 'output' mode in legacy
firmware updater. The output must select right files according to system
model, and apply all white label transform if needed.
BUG=chromium:875551
TEST=TEST=make futil; tests/futility/run_test_scripts.sh $(pwd)/build/futility
BRANCH=None
Change-Id: Ib433647317fa97387aa4a7f8f2101b47e6ca2123
Signed-off-by: Hung-Te Lin <hungte@chromium.org>
Reviewed-on: https://chromium-review.googlesource.com/1282084
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
For white label devices, we have to select and patch key files (root key
and vblock) by VPD (`whitelabel_tag` or `customization_id`). The white
label tag VPD will be processed and converted to a "signature ID" for
key selection.
To support that, updater has to fetch current (system) image if the
matched model is following white label (so we can read VPD from it).
For developers who want to load and use particular files, they can use
--signature_id to override VPD values.
BUG=chromium:875551
TEST=TEST=make futil; tests/futility/run_test_scripts.sh $(pwd)/build/futility
BRANCH=None
Change-Id: I3630bae28d1a8493b56d0e5efd29f3c61a470379
Signed-off-by: Hung-Te Lin <hungte@chromium.org>
Reviewed-on: https://chromium-review.googlesource.com/1278420
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
For devices using Unified Build, we have to select and load images from
archive by model configuration (setvars.sh). The system model can be
retrieved by $(mosys platform model), but for developers who want to
simulate or get images for particular platform, a command line argument
--model is needed.
BUG=chromium:875551
TEST=TEST=make futil; tests/futility/run_test_scripts.sh $(pwd)/build/futility
BRANCH=None
Change-Id: I8f4a6735b34bc694a05808b001c7309623b2afa3
Signed-off-by: Hung-Te Lin <hungte@chromium.org>
Reviewed-on: https://chromium-review.googlesource.com/1278419
Reviewed-by: Randall Spangler <rspangler@chromium.org>
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
We use this in a few places, so add a constant.
BUG=chromium:837018
BRANCH=none
TEST=FEATURES=test emerge-grunt --nodeps vboot_reference
Change-Id: I7182d0ac52c23c01397de08683ad83b818486f91
Signed-off-by: Simon Glass <sjg@chromium.org>
Reviewed-on: https://chromium-review.googlesource.com/1286221
Reviewed-by: Randall Spangler <rspangler@chromium.org>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
This code is used in both the keyboard and detachable UIs. Make it into a
common function and export it.
BUG=chromium:837018
BRANCH=none
TEST=FEATURES=test emerge-grunt --nodeps vboot_reference
Change-Id: I1e2cf67ec3fce9bc78ad412ddcc34e0eaecab5eb
Signed-off-by: Simon Glass <sjg@chromium.org>
Reviewed-on: https://chromium-review.googlesource.com/1286220
Reviewed-by: Randall Spangler <rspangler@chromium.org>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
At present we have all the logic for this feature in VbTryLegacy(). In
preparation for adding a new menu for alternative firmware, split the
logic into two pieces: preparing to start alternative firware, and
cleaning up afterwards if nothing booted.
Also export these functions so that they can be used by the detachable
UI.
BUG=chromium:837018
BRANCH=none
TEST=FEATURES=test emerge-grunt --nodeps vboot_reference
Change-Id: I560634ebb03a7f02a488defa32b83e51001d018e
Signed-off-by: Simon Glass <sjg@chromium.org>
Reviewed-on: https://chromium-review.googlesource.com/1286219
Reviewed-by: Randall Spangler <rspangler@chromium.org>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
In RMA or factory reinstall flow, we will want to make sure device will
next boot into developer mode, which was usually enforced by GBB flags.
In updater4, this is done by updater using flags defined in target
image. We should keep same behavior.
BUG=b:117866155
TEST=TEST=make futil; tests/futility/run_test_scripts.sh $(pwd)/build/futility
BRANCH=None
Change-Id: Idb6337d453d606dbf88b2a2b82961f21125b7fef
Signed-off-by: Hung-Te Lin <hungte@chromium.org>
Reviewed-on: https://chromium-review.googlesource.com/1288211
Reviewed-by: Randall Spangler <rspangler@chromium.org>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
For devices not using Unified Build, the firmware updater may contain a
single set of firmware images. To make the manifest more consistent for
both cases (Unified Build or not), we want to change to model name to
be the platform name from FWID if available.
This does not make sense because for these devices, usually platform =
board = model, and it helps to make sure programs parsing manifest won't
try to use the hard coded name 'default' (which does not always work in
Unified Build).
BUG=chromium:875551
TEST=TEST=make futil; tests/futility/run_test_scripts.sh $(pwd)/build/futility
BRANCH=None
Change-Id: I6d56336f3b30981e3e936fa63dec7dd45d74b31a
Signed-off-by: Hung-Te Lin <hungte@chromium.org>
Reviewed-on: https://chromium-review.googlesource.com/1278418
Reviewed-by: Randall Spangler <rspangler@chromium.org>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
At present the condition for this is checked in one place in
boot_legacy_action(). We need to be able to check it in more than one
place, so put it in a variable when entering developer mode. This matches
how the keyboard UI works.
BUG=chromium:837018
BRANCH=none
TEST=FEATURES=test emerge-grunt --nodeps vboot_reference
Change-Id: Iaf01b827095b0a1139a36af6834eba4dbf7fb150
Signed-off-by: Simon Glass <sjg@chromium.org>
Reviewed-on: https://chromium-review.googlesource.com/1286218
Commit-Ready: ChromeOS CL Exonerator Bot <chromiumos-cl-exonerator@appspot.gserviceaccount.com>
Reviewed-by: Randall Spangler <rspangler@chromium.org>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
We want to reuse this code for the altfw feature. Move it up in the file
to permit this without needing forward declarations.
BUG=chromium:837018
BRANCH=none
TEST=FEATURES=test emerge-grunt --nodeps vboot_reference
Change-Id: I02e6cdfb1ea7d5b48e272a778976cdaf50378235
Signed-off-by: Simon Glass <sjg@chromium.org>
Reviewed-on: https://chromium-review.googlesource.com/1286217
Commit-Ready: ChromeOS CL Exonerator Bot <chromiumos-cl-exonerator@appspot.gserviceaccount.com>
Reviewed-by: Randall Spangler <rspangler@chromium.org>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
For white label projects, the firmware updater has to select correct
root key and corresponding vblock files per different LOEM. In Unified
build, multiple models may share same firmware base image, with
different key files (per OEM). As a result, we have to apply the key
files before using the firmware image files.
This change adds the "patch" information when building manifest, and
prints the correct key hash in `--manifest` mode.
BUG=chromium:875551
TEST=TEST=make futil; tests/futility/run_test_scripts.sh $(pwd)/build/futility
BRANCH=None
Change-Id: Ib5e31af5262a0989a5a474d0683c83121f24cc78
Signed-off-by: Hung-Te Lin <hungte@chromium.org>
Reviewed-on: https://chromium-review.googlesource.com/1270323
Commit-Ready: ChromeOS CL Exonerator Bot <chromiumos-cl-exonerator@appspot.gserviceaccount.com>
Reviewed-by: Randall Spangler <rspangler@chromium.org>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
The firmware updater packages used to rely on a pre-generated VERSION
file to report what files were included and their image versions. Its
format was hard to parse, and may be out-dated if people repack without
updating VERSION file.
The firmware updater today has the ability to read and parse version,
key hash, ... etc everything we need, so it seems more reasonable to
just let firmware updater scan updater package and print the information
in JSON format, so it will be very easy to fetch latest information.
To make sure the output is purely JSON, the start and end messages are
now sent to stderr instead of stdout.
BUG=chromium:875551
TEST=TEST=make futil; tests/futility/run_test_scripts.sh $(pwd)/build/futility
BRANCH=None
Change-Id: Ifa468fbb3adf798c7931f015258e6c6ce93de993
Signed-off-by: Hung-Te Lin <hungte@chromium.org>
Reviewed-on: https://chromium-review.googlesource.com/1260804
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
We are going to have more command line arguments that must be passed to
updater_setup_config, and it is better to manage so many variables in a
struct.
Also, revised the order or argument processing so that simple settings
are now processed first, then complicated ones or those with dependency.
BUG=chromium:875551
TEST=TEST=make futil; tests/futility/run_test_scripts.sh $(pwd)/build/futility
BRANCH=None
Change-Id: I03ac036d26e49cdf924c03d6e86a272ce89fc2aa
Signed-off-by: Hung-Te Lin <hungte@chromium.org>
Reviewed-on: https://chromium-review.googlesource.com/1265575
Reviewed-by: Randall Spangler <rspangler@chromium.org>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
A firmware update is usually released as a package with multiple images,
instructions, signed vblocks and other files. To work with that, a new
argument '--archive' is added.
The --archive accepts a directory or file, and will determine the
correct driver automatically. For resources (for example --image) in
relative path, updater should find files from archive.
Note in current implementation, only ZIP is supported for file type
drivers (and need the system to have libzip already installed).
BUG=chromium:875551
TEST=TEST=make futil; tests/futility/run_test_scripts.sh $(pwd)/build/futility
BRANCH=None
Change-Id: I6a91cbe73fb4ee203c5fa4607f6651a39ba854d5
Signed-off-by: Hung-Te Lin <hungte@chromium.org>
Reviewed-on: https://chromium-review.googlesource.com/1253229
Reviewed-by: Randall Spangler <rspangler@chromium.org>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
No real function changes.
For incoming changes, we want to rename the shared functions to make it more
clear (and more consistent) in hot it was used, including:
- load_image: should be load_firmware_image(image, filename)
- free_image: should be free_firmware_image
- reload_image: should be reload_firmware_image
- load_system_image: should be load_system_firmware
- create_temp_file: should be updater_create_temp_file to make it more clear
it is created for updater (and deleted when updater has finished)
BUG=chromium:875551
TEST=make futil; tests/futility/run_test_scripts.sh $(pwd)/build/futility
BRANCH=None
Change-Id: I120e30b5a4c40ccce03e5f361734f2583476703a
Signed-off-by: Hung-Te Lin <hungte@chromium.org>
Reviewed-on: https://chromium-review.googlesource.com/1270322
Reviewed-by: Randall Spangler <rspangler@chromium.org>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
When calling `asprintf`, if the return value is negative value then the
strp parameter is not allocated. Updater will need to call asprintf very
often in future, and we should abort immediately if asprintf can't
allocate buffer, since that implies either we are running out of memory,
or the system has gone very wrong.
Instead of writing if (asprintf(...) < 0) { ERROR(); return...}
everywhere, it seems easier to just add a macro and abort as exit(1).
BUG=chromium:875551
TEST=make futil; tests/futility/run_test_scripts.sh $(pwd)/build/futility
BRANCH=None
Change-Id: I8ea5f6c22dcc8225bc53fbd54b4b41a928f84910
Signed-off-by: Hung-Te Lin <hungte@chromium.org>
Reviewed-on: https://chromium-review.googlesource.com/1260803
Reviewed-by: Randall Spangler <rspangler@chromium.org>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Ignore a power button push until after we have seen it released,
to avoid shutting down immediately if the power button is held
down on startup.
BUG=b:116819414,chromium:670492
BRANCH=grunt
TEST=manual:
1) Press and hold esc+refresh+power.
2) Depthcharge shows INSERT screen and does not power off.
3) Release esc+refresh+power.
4) Press and release power.
5) Depthcharge powers off.
TEST=test_that --fast -b grunt $grunt_ip firmware_ECLidShutdown
TEST=FEATURES=test emerge-grunt --nodeps vboot_reference
Change-Id: I7421a4b1a1b8a7894f0e7d1c7927ffc52d9faac0
Signed-off-by: Edward Hill <ecgh@chromium.org>
Reviewed-on: https://chromium-review.googlesource.com/1256023
Reviewed-by: Raul E Rangel <rrangel@chromium.org>
Reviewed-by: Julius Werner <jwerner@chromium.org>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
We changed the verity kernel command line form before R16 was released
and included backwards compat support in the scripts for it. But all
the devices that were released for these old versions are EOL, and we
don't need to sign images that old anymore, so drop support.
BRANCH=None
BUG=chromium:891015
TEST=precq passes
Change-Id: I0e61c5d5cbeefb8ea0af955ead604a97fcb84bad
Reviewed-on: https://chromium-review.googlesource.com/1255344
Commit-Ready: Mike Frysinger <vapier@chromium.org>
Tested-by: Mike Frysinger <vapier@chromium.org>
Reviewed-by: David Riley <davidriley@chromium.org>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
`futility` used to print debug messages to stdout, but there is a side
effect that stdout may be buffered and then flush later than stderr.
For example, when calling futility via ssh, we will see flashrom
messages before any of futility's own messages.
Also, many people want to get flashrom verbose messages (-V).
With this change, when calling ERROR and DEBUG, we will always output to
stderr. This also enables better parameter type checking.
`-d` and `-v` both contribute to verbosity, that will be converted to
-V's when calling flashrom.
BUG=chromium:875551
TEST=make futil; tests/futility/run_test_scripts.sh $(pwd)/build/futility
BRANCH=None
Change-Id: I1d22a8054fc43cdc5e6c7415e131cc9826fbff0c
Signed-off-by: Hung-Te Lin <hungte@chromium.org>
Reviewed-on: https://chromium-review.googlesource.com/1251145
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
"Can we make futility support stdin like flashrom? I typically flash with:
ssh root@DUT flashrom -p host - < foo.bin"
Yes we can:
ssh root@DUT futility update -i - < foo.bin
BUG=chromium:875551
TEST=make futil; tests/futility/run_test_scripts.sh $(pwd)/build/futility
BRANCH=None
Change-Id: Ib1ee5d4c882620e3b6f56fd5e4692b4829cf025a
Signed-off-by: Hung-Te Lin <hungte@chromium.org>
Reviewed-on: https://chromium-review.googlesource.com/1251141
Reviewed-by: Raul E Rangel <rrangel@chromium.org>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
The 'SMM store' must be preserved during firmware update. On newer systems,
this can be done by preserving FMAP section 'SMMSTORE' (CL:1221210).
For Eve, the SMM store did not have its own FMAP section and needs to be
reserved by explicit cbfstool calls.
BRANCH=None
BUG=b:70682365
TEST=make futil; tests/futility/run_test_scripts.sh $(pwd)/build/futility
Change-Id: Ica043f51de0170b5c40f61d059437b9572025e2e
Signed-off-by: Hung-Te Lin <hungte@chromium.org>
Reviewed-on: https://chromium-review.googlesource.com/1250464
Reviewed-by: Joel Kitching <kitching@chromium.org>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
The target AUE for daisy_snow is 74 or even longer, so we need to get a
better solution to get rid of script based updater customization (and the
painful EXTRA list in updater configuration).
The new quirk 'daisy_snow_dual_model' is assuming the input firmware image
has both daisy_snow x8 and x16 firmware packed into a single image
(because in vboot1, RW_A is identical to RW_B), and will modify A/B
contents according to target system.
BRANCH=None
BUG=chromium:881034
TEST=make futil; tests/futility/run_test_scripts.sh $(pwd)/build/futility
# Provide a fake mosys and output both MP / MPx16 to:
futility update -i bios-snow-2695.132.117-rw.bin \
--quirks daisy_snow_dual_model --emu emu.bin --sys_props 0,0x0000,0
Change-Id: I8af1b6c3117a703aed4da59902aaecb1009101f2
Signed-off-by: Hung-Te Lin <hungte@chromium.org>
Reviewed-on: https://chromium-review.googlesource.com/1239798
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
For people running updater directly without the packaged firmware
updater (chromeos-firmwareupdate), it is easier if we identify the
quirks inside updater itself instead of the wrapper script.
This change enables getting "default quirks" by target image RO version
so we won't need to pack firmware images first.
BUG=chromium:875551
TEST=make futil; tests/futility/run_test_scripts.sh $(pwd)/build/futility
BRANCH=None
Change-Id: I179227f7a829577dc9fe5deb085fdee1a738c070
Signed-off-by: Hung-Te Lin <hungte@chromium.org>
Reviewed-on: https://chromium-review.googlesource.com/1245663
Reviewed-by: Randall Spangler <rspangler@chromium.org>
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
There will be more and more board-specific quirks in future and we want
to put them together into a special module.
BUG=chromium:875551
TEST=make futil; tests/futility/run_test_scripts.sh $(pwd)/build/futility
BRANCH=None
Change-Id: I4fd2ff5e2b2e891cbd3da8c9393c6fbdf7024c75
Signed-off-by: Hung-Te Lin <hungte@chromium.org>
Reviewed-on: https://chromium-review.googlesource.com/1245645
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
The creation and deletion of temp files can be managed in same context
where updater config lives.
BUG=chromium:875551
TEST=make futil; tests/futility/run_test_scripts.sh $(pwd)/build/futility
BRANCH=None
Change-Id: Ic1745d27a071047d4882b21905bd11e15b5632cd
Signed-off-by: Hung-Te Lin <hungte@chromium.org>
Reviewed-on: https://chromium-review.googlesource.com/1245644
Reviewed-by: Randall Spangler <rspangler@chromium.org>
Reviewed-by: Joel Kitching <kitching@chromium.org>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Move the do_update back to cmd_update with better initialization. The
update.c now has few APIs to invoke the firmware updater without relying
command line processing.
BUG=chromium:875551
TEST=make futil; tests/futility/run_test_scripts.sh $(pwd)/build/futility
BRANCH=None
Change-Id: I99f792bf902ed72e487242ac8872aec384783555
Signed-off-by: Hung-Te Lin <hungte@chromium.org>
Reviewed-on: https://chromium-review.googlesource.com/1245643
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
It looks like cbfstool removing & inserting blobs into the bios, even
if the contents are the same, break the signatures run over the region.
Until we can figure out what's going on, avoid re-adding content that's
the same to keep the signatures valid.
BRANCH=None
BUG=chromium:889716
TEST=signing fizz image has valid vblock hashes
Change-Id: I00ba84cf22b6fffc594e60b78f91e7cb49c98f06
Reviewed-on: https://chromium-review.googlesource.com/1248201
Commit-Ready: ChromeOS CL Exonerator Bot <chromiumos-cl-exonerator@appspot.gserviceaccount.com>
Tested-by: Mike Frysinger <vapier@chromium.org>
Reviewed-by: C Shapiro <shapiroc@chromium.org>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
The updater is getting more complicated and we may want to split into
few modules, for example "updater", "quirks", and "host".
The first step is to change cmd_update.c to updater.c (to preserve most
GIT history).
BUG=chromium:875551
TEST=make futil; tests/futility/run_test_scripts.sh $(pwd)/build/futility
BRANCH=None
Change-Id: Icae37db8720162130cf38767fec14a970cc9899d
Signed-off-by: Hung-Te Lin <hungte@chromium.org>
Reviewed-on: https://chromium-review.googlesource.com/1245642
Commit-Ready: ChromeOS CL Exonerator Bot <chromiumos-cl-exonerator@appspot.gserviceaccount.com>
Reviewed-by: Joel Kitching <kitching@chromium.org>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Many developers need to reflash or update firmware using servo, and the
firmware logic has been complicated enough that simply calling
'flashrom -w image.bin -p $SERVO' will usually destroy many important
settings, for example HWID, VPD, and other data provisioned in factory.
It should be more convenient if we can use 'futility update' against
servo. The '--programmer' provides first step - to override the flashrom
programmer so we can read and write via special programmer (like servo).
With this change, developers can reflash using:
futility -p $SERVO -i $IMAGE --force --wp 0
BRANCH=None
BUG=b:116326638
TEST=make futil; sudo tests/futility/run_test_scripts.sh $(pwd)/build/futility
Change-Id: Iad4819ff8258086e1abb58fefd462d94050754d0
Signed-off-by: Hung-Te Lin <hungte@chromium.org>
Reviewed-on: https://chromium-review.googlesource.com/1239817
Commit-Ready: ChromeOS CL Exonerator Bot <chromiumos-cl-exonerator@appspot.gserviceaccount.com>
Reviewed-by: Randall Spangler <rspangler@chromium.org>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
In order to support overriding programmer, we need to clean up the
'emulation' first.
The firmware_image.emulation was implemented as a flashrom emulate
programmer so we can emulate with calling flashrom in the very
beginning; and then replaced by native FMAP library because calling
flashrom add too much dependency and much slower in unit tests.
As a result, we can replace emulation to be the real file name being
emulated, and only keep that in the global config.
BRANCH=None
BUG=b:116326638
TEST=make futil; tests/futility/run_test_scripts.sh $(pwd)/build/futility
Change-Id: I5423e64d66be03a09ccfde29ecc3f4ef114c9453
Signed-off-by: Hung-Te Lin <hungte@chromium.org>
Reviewed-on: https://chromium-review.googlesource.com/1239816
Commit-Ready: ChromeOS CL Exonerator Bot <chromiumos-cl-exonerator@appspot.gserviceaccount.com>
Reviewed-by: Randall Spangler <rspangler@chromium.org>
|