| Commit message (Collapse) | Author | Age | Files | Lines |
|---|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
1) Extend TlclGetVersion to return vendor specific data, if
requested.
2) Extend 'tpmc getver' to include vendor specific data.
BRANCH=none
BUG=chromium:771561
TEST=unit tests, running 'tpmc getver'
Change-Id: Ic04c242d4e6f33b45a80479be9ab9777b317ebe2
Reviewed-on: https://chromium-review.googlesource.com/706240
Commit-Ready: Andrey Pronin <apronin@chromium.org>
Tested-by: Andrey Pronin <apronin@chromium.org>
Reviewed-by: Andrey Pronin <apronin@chromium.org>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
| |
The firmware updater relies on these, so include them.
BUG=chromium:772862
TEST=build works and futility_s includes new commands
BRANCH=None
Change-Id: I973e339d11df4d5b72f70d3a9e28916cca4ebbf6
Reviewed-on: https://chromium-review.googlesource.com/708236
Commit-Ready: Mike Frysinger <vapier@chromium.org>
Tested-by: Mike Frysinger <vapier@chromium.org>
Reviewed-by: Furquan Shaikh <furquan@chromium.org>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Depthcharge currently asks EC whether recovery was requested manually
or not without verifying EC is in RO or not. If EC-RW is compromised,
recovery switch state can be spoofed.
This patch makes Depthcharge check EC_IN_RW to determine whether EC
is in RO or not. Only if it's in RO and it says recovery button was
pressed at boot, we proceed to the recovery process.
All other recovery requests including manual recovery requested by a
(compromised) host will end up with 'broken' screen.
BUG=b:66516882
BRANCH=none
TEST=Boot Fizz. make runtests.
Change-Id: I01d2df05fe22e79bbc949f5cb83db605147667b3
Signed-off-by: Daisuke Nojiri <dnojiri@chromium.org>
Reviewed-on: https://chromium-review.googlesource.com/693008
Reviewed-by: Randall Spangler <rspangler@chromium.org>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
power button press is not being handled in broken screen
(VB_SCREEN_OS_BROKEN) if the user wants to exit out of it.
BUG=none
BRANCH=none
TEST=verified power button key functionality in
broken screen in Soraka board
Change-Id: I64cbb79479e3e0579aeec4e87894441acf26c9fa
Signed-off-by: Divya Chellap <divya.chellappa@intel.com>
Reviewed-on: https://chromium-review.googlesource.com/674886
Commit-Ready: Divya Chellappa <divya.chellappa@intel.com>
Tested-by: Divya Chellappa <divya.chellappa@intel.com>
Reviewed-by: Aaron Durbin <adurbin@chromium.org>
Reviewed-by: Subrata Banik <subrata.banik@intel.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Staff decided to leverage the key format of Hammer therefore this
script calls Hammer's one to generate a key pair and renames them to
key_staff*.
BUG=b:66889892
TEST=Run this script in the chroot and verify the generated key pair.
BRANCH=None
Change-Id: I73162efaba47a8c08336805130ced0be25ab262a
Reviewed-on: https://chromium-review.googlesource.com/688522
Commit-Ready: Marco Chen <marcochen@chromium.org>
Tested-by: Marco Chen <marcochen@chromium.org>
Reviewed-by: Mike Frysinger <vapier@chromium.org>
|
| |
|
|
|
|
|
|
|
|
|
|
| |
BUG=None
TEST=ran against local devkeys
BRANCH=None
Change-Id: Ib1c88ae187f12aad4531e9c22da6cda2af1503e3
Reviewed-on: https://chromium-review.googlesource.com/691340
Commit-Ready: Mike Frysinger <vapier@chromium.org>
Tested-by: Mike Frysinger <vapier@chromium.org>
Reviewed-by: David Riley <davidriley@chromium.org>
|
| |
|
|
|
|
|
|
|
|
|
|
| |
BUG=None
TEST=ran against local devkeys
BRANCH=None
Change-Id: I76470e18ea2e66f6abb5a912c4055fc245cedc8a
Reviewed-on: https://chromium-review.googlesource.com/691339
Commit-Ready: Mike Frysinger <vapier@chromium.org>
Tested-by: Mike Frysinger <vapier@chromium.org>
Reviewed-by: David Riley <davidriley@chromium.org>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Android master puts that file at a different location, so use similar
logic to official signing script.
TEST="sign_android_image.sh passed locally for both caroline (NYC) &
caroline-bertha (master)."
BUG=b:65610114
BRANCH=none
Change-Id: If33bfbcaa7e6cff95f26ff26a91735c87880f3db
Reviewed-on: https://chromium-review.googlesource.com/686046
Commit-Ready: Garfield Tan <xutan@chromium.org>
Tested-by: Garfield Tan <xutan@chromium.org>
Reviewed-by: Victor Hsieh <victorhsieh@chromium.org>
Reviewed-by: Mike Frysinger <vapier@chromium.org>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
On AMD Stoney Ridge systems, the pinctrl (gpiochip) driver label is
"AMD0030".
Signed-off-by: Daniel Kurtz <djkurtz@chromium.org>
BUG=b:65597554
TEST=w/ coreboot patches:
https://review.coreboot.org/#/c/21684/
https://review.coreboot.org/#/c/21614/
TEST=crossystem wpsw_cur
=> 0
BRANCH=None
Change-Id: Iab0a1a28dd3e42d55cf3b18503e2df0de7b8ad11
Reviewed-on: https://chromium-review.googlesource.com/685945
Commit-Ready: Daniel Kurtz <djkurtz@chromium.org>
Tested-by: Aaron Durbin <adurbin@chromium.org>
Reviewed-by: Aaron Durbin <adurbin@chromium.org>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
If the channel is missing or has whitespace, the test triggers
errors in the script because the test command has bad quoting.
BUG=None
TEST=script no longer fails on an empty lsb-release
BRANCH=None
Change-Id: Ic2e6ab91ca4ec10c298d122aee1f7f7236b52bf2
Reviewed-on: https://chromium-review.googlesource.com/680059
Commit-Ready: Mike Frysinger <vapier@chromium.org>
Tested-by: Mike Frysinger <vapier@chromium.org>
Reviewed-by: David Riley <davidriley@chromium.org>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
| |
This allows for quick local testing by creating a dummy rootfs.
BUG=chromium:714598
TEST=signing images still works
BRANCH=None
Change-Id: If252b119fd64686b46e9989d55bedbd1eec45700
Reviewed-on: https://chromium-review.googlesource.com/680039
Commit-Ready: Mike Frysinger <vapier@chromium.org>
Tested-by: Mike Frysinger <vapier@chromium.org>
Reviewed-by: David Riley <davidriley@chromium.org>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
| |
Nothing needs this, just something I noticed while debugging.
BUG=None
TEST=`ensure_sane_lsb-release.sh` no longer complains about comment lines
BRANCH=None
Change-Id: Ia39e6461db79a387cc59e5f88ec1216984bb4d28
Reviewed-on: https://chromium-review.googlesource.com/680058
Commit-Ready: Mike Frysinger <vapier@chromium.org>
Tested-by: Mike Frysinger <vapier@chromium.org>
Reviewed-by: Mike Frysinger <vapier@chromium.org>
|
| |
|
|
|
|
|
|
|
|
|
|
| |
BUG=None
TEST=ensure_sane_lsb-release.sh errors now include the full string
BRANCH=None
Change-Id: I460ec5e2127a57e7576214fe8fde9e511f940755
Reviewed-on: https://chromium-review.googlesource.com/680038
Commit-Ready: Mike Frysinger <vapier@chromium.org>
Tested-by: Mike Frysinger <vapier@chromium.org>
Reviewed-by: David Riley <davidriley@chromium.org>
|
| |
|
|
|
|
|
|
|
|
|
|
| |
BUG=chromium:765499
TEST=unittests pass
BRANCH=None
Change-Id: I5c5118c44897d89e5116a9fce49bacbf16704dd8
Reviewed-on: https://chromium-review.googlesource.com/668658
Commit-Ready: Mike Frysinger <vapier@chromium.org>
Tested-by: Mike Frysinger <vapier@chromium.org>
Reviewed-by: Aaron Durbin <adurbin@chromium.org>
|
| |
|
|
|
|
|
|
|
|
|
|
| |
BUG=chromium:381862
TEST=run against a loem.ini file with blank lines doesn't barf
BRANCH=None
Change-Id: Icf8f8a3ba518ca0f4e64e6eee9c694d47fa32362
Reviewed-on: https://chromium-review.googlesource.com/679754
Commit-Ready: Mike Frysinger <vapier@chromium.org>
Tested-by: Mike Frysinger <vapier@chromium.org>
Reviewed-by: C Shapiro <shapiroc@google.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Selecting cancel from DEV_MENU should not set the selected_idx
to loc. It should be set to power off.
BUG=b:35585623
BRANCH=None
TEST=go to DEV_MENU, hit cancel and make sure that power off is
selected item
Change-Id: I8cae397c7174b5bd52a3a27736cd3d5a57412e63
Signed-off-by: Shelley Chen <shchen@chromium.org>
Reviewed-on: https://chromium-review.googlesource.com/667933
Reviewed-by: Julius Werner <jwerner@chromium.org>
|
| |
|
|
|
|
|
|
|
|
|
|
|
| |
BUG=b:65546569
BRANCH=None
TEST=Boot into recovery, selection Disabled OS Verification.
Ensure that in next menu, Cancel is selected.
Also, setting default for TO_NORM menu to Confirm.
Change-Id: Ibf72ec15aa38b1b815be97a08cfe7c9ee2615390
Signed-off-by: Shelley Chen <shchen@chromium.org>
Reviewed-on: https://chromium-review.googlesource.com/665356
Reviewed-by: Julius Werner <jwerner@chromium.org>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Add in check at TO_DEV menu screen to make sure that the navigation
keys (up/down, volup/voldown) are trusted. Beep when user tries to
use unstrusted keys (usb keyboard) in the TO_DEV menu so that the user
knows they're doing something wrong. USB keyboard return key will
still work in the TO_DEV menu.
BUG=b:65546569
BRANCH=None
TEST=test out using up/down keys in TO_DEV menu and make sure that
they are disabled and hear beeps.
Change-Id: Ifc7183c7ca35efaf079abb196a90ab7305380642
Signed-off-by: Shelley Chen <shchen@chromium.org>
Reviewed-on: https://chromium-review.googlesource.com/665355
Reviewed-by: Julius Werner <jwerner@chromium.org>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
The auto update process (especially firmware updater) needs static vboot
utilitys but normal OS images, including recovery images, don't need
that. We should build both dynamic and static binaries at the same time
for images to choose what they need.
Currently only `crossystem` will build static version. And after this
change is merged:
(cd /build/reef/usr/bin; file crossystem*)
crossystem: ELF 64-bit LSB shared object
crossystem_s: ELF 64-bit LSB executable
(cd /build/reef/usr/bin; du -sh crossystem*)
40K crossystem
808K crossystem_s
BUG=chromium:764753,chromium:765499
TEST=emerge-reef vboot_reference
BRANCH=None
Change-Id: Ibd66c87bb44c5593767aeb710240e0165103f016
Reviewed-on: https://chromium-review.googlesource.com/668274
Commit-Ready: Hung-Te Lin <hungte@chromium.org>
Tested-by: Hung-Te Lin <hungte@chromium.org>
Reviewed-by: Mike Frysinger <vapier@chromium.org>
|
| |
|
|
|
|
|
|
|
|
|
|
| |
BUG=b:65595963
BRANCH=None
TEST=enabled Dev mode, reboot, select developer options &
make sure Network Boot doesn't appear in menu.
Change-Id: I30953d037740259b06011ecb141d508db114b79e
Signed-off-by: Shelley Chen <shchen@chromium.org>
Reviewed-on: https://chromium-review.googlesource.com/664298
Reviewed-by: Julius Werner <jwerner@chromium.org>
|
| |
|
|
|
|
|
|
|
|
|
|
| |
BUG=b:64400325
BRANCH=None
TEST=boot up into recovery, press power button
ensure device shuts down.
Change-Id: Ia8e6e91921e81692a2e57b1f77163c656b56ea85
Signed-off-by: Shelley Chen <shchen@chromium.org>
Reviewed-on: https://chromium-review.googlesource.com/646488
Reviewed-by: Julius Werner <jwerner@chromium.org>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
This feature was originally implemented before go/cros-unibuild-signing.
It only provided basis support to continue testing unibuilds, but didn't
deal with the actual required model specific cases.
Unibuilds have already been migrated away from this, so this feature is
now obsolete.
BUG=None
TEST=~/trunk/src/platform/vboot_reference/scripts/image_signing/sign_official_build.sh
recovery ../build/images/coral/latest/recovery_image.bin
../platform/vboot_reference/tests/devkeys
BRANCH=None
Change-Id: I58b569b97f0bf42a927a851e7bc0559cb1e26200
Reviewed-on: https://chromium-review.googlesource.com/660805
Commit-Ready: C Shapiro <shapiroc@google.com>
Tested-by: C Shapiro <shapiroc@google.com>
Reviewed-by: Simon Glass <sjg@chromium.org>
Reviewed-by: Mike Frysinger <vapier@chromium.org>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
This change makes futility write out a EC_RW image to the filesystem.
It also allows the command to run without '--prikey' option. When a
private key isn't provided, the command copies the previous signature.
This can be used to extract EC_RW without changing the key or the
signature. Since data only mode doesn't have a previous signature,
the command returns error if '--prikey' isn't specified (as done
before).
BUG=b:65027647
BRANCH=none
TEST=Run futility as follows
futility sign --type rwsig ec.RW.flat ec.RW.sig (Missing key error, expected)
futility sign --type rwsig ec.bin (EC_RW.bin is produced)
futility sign --type rwsig EC_RW.bin
futility sign --type rwsig --prikey key.vbprik2 ec.RW.flat ec.RW.sig
futility sign --type rwsig --prikey key.vbprik2 ec.bin (EC_RW.bin is produced)
futility sign --type rwsig --prikey key.vbprik2 EC_RW.bin
make runfutiltests
Change-Id: I8c1e0cef147967cfd6d28aa7272b88c03e109e0d
Signed-off-by: Daisuke Nojiri <dnojiri@chromium.org>
Reviewed-on: https://chromium-review.googlesource.com/647804
Reviewed-by: Randall Spangler <rspangler@chromium.org>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Chromebox ECs perform EFS: verifying firmware before the AP boots.
This patch adds support for EC EFS.
EC EFS uses two slots: one is active slot and one is used for update.
AP is agnostic about which slot is active and which slot is for
update. Instead, AP recognizes one slot as 'active' and the other
as 'update' (or non active) slot.
After update is successful, AP issues a cold reboot command to
activate the new slot.
BUG=b:65028930,b:65264494
BRANCH=none
CQ-DEPEND=CL:616248
TEST=buildall. On Fizz, verify:
1. RW_B is old and updated by soft sync. RW_B is activated and
executed after reboot. System continues to boot to OS.
2. RW_A is old and updated by soft sync. RW_A is activated and
executed after reboot. System continues to boot to OS.
Change-Id: I6ca7686eb28b0b548785cf2c02eca1b67018f469
Signed-off-by: Daisuke Nojiri <dnojiri@chromium.org>
Reviewed-on: https://chromium-review.googlesource.com/616346
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
This patch updates the help text for futility sign --type rwsig
command. The change describes what FMAP regions are required. It
also names each mode (data only, data+signature, key+data+signature)
and explains how each mode is selected.
BUG=b:65027647
BRANCH=none
TEST=Run futility help sign rwsig
Change-Id: Ib43f5396ce4f1319f4825ef85d412483bd92d18f
Signed-off-by: Daisuke Nojiri <dnojiri@chromium.org>
Reviewed-on: https://chromium-review.googlesource.com/646377
Reviewed-by: Aaron Durbin <adurbin@chromium.org>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
For model specific signatures, the root key needs to be copied also for
the development case where the root key can be flashed into the RO
block.
BUG=b:65367246
TEST=./build_image --board=coral dev \
&& ./mod_image_for_recovery.sh --board=coral \
&& ~/trunk/src/platform/vboot_reference/scripts/image_signing/sign_official_build.sh \
recovery ../build/images/coral/latest/recovery_image.bin \
../platform/vboot_reference/tests/devkeys
BRANCH=None
Change-Id: I116850881d3c183b20e7d75e40deb13122f40c7a
Reviewed-on: https://chromium-review.googlesource.com/650546
Commit-Ready: C Shapiro <shapiroc@google.com>
Tested-by: C Shapiro <shapiroc@google.com>
Reviewed-by: C Shapiro <shapiroc@google.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
The grep pattern was too lenient and allowed for matches with the same
shared root key id. E.g. NASHER also matched NASHER360
This changes the pattern to match exactly to the end of the line.
BUG=b:65284008
TEST=grep -E "[0-9]+ = NASHER$" ~/tmp/loem.ini with actual loem.ini
that will exist on the signers
BRANCH=None
Change-Id: I80a870cd512825d30c7a39e4ac6f3cffc9ea808d
Reviewed-on: https://chromium-review.googlesource.com/647800
Commit-Ready: C Shapiro <shapiroc@google.com>
Tested-by: C Shapiro <shapiroc@google.com>
Reviewed-by: Aaron Durbin <adurbin@chromium.org>
Reviewed-by: YH Lin <yueherngl@chromium.org>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
This adds detection for the i686 arch and replaces it with x86, allowing
it to build.
BRANCH=none
BUG=none
TEST=Build host_stuff on an i686 machine
Change-Id: Idab7c762a7fbb97ec5318b9aa860756b4dd0bc25
Signed-off-by: Paul Kocialkowski <contact@paulk.fr>
Reviewed-on: https://chromium-review.googlesource.com/645086
Commit-Ready: Patrick Georgi <pgeorgi@chromium.org>
Tested-by: Patrick Georgi <pgeorgi@chromium.org>
Reviewed-by: Aaron Durbin <adurbin@chromium.org>
Reviewed-by: Patrick Georgi <pgeorgi@chromium.org>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
updater4.sh uses the /keyset subdir from the firmware updater shellball
to indicate if it should use model specific keys or not. This won't
work for any case where the signers haven't been updated with model
specific keys yet.
Changed the output for unibuilds to be consistent with non-uni builds
where the /keyset subdir won't be created if loem.ini doesn't exist on
the signer.
BUG=b:65128657
TEST=crrev.com/c/626718 and crrev.com/c/636344 test cases, which cover
both the shared and non-shared key use cases
BRANCH=None
Change-Id: I38db1385fa99ac4a9843a750c336c58b74b127b4
Reviewed-on: https://chromium-review.googlesource.com/642031
Commit-Ready: Simon Glass <sjg@chromium.org>
Tested-by: Simon Glass <sjg@chromium.org>
Tested-by: C Shapiro <shapiroc@google.com>
Reviewed-by: Simon Glass <sjg@chromium.org>
Reviewed-by: Jason Clinton <jclinton@chromium.org>
Reviewed-by: Mike Frysinger <vapier@chromium.org>
|
| |
|
|
|
|
|
|
|
|
|
|
| |
BRANCH=none
BUG=b:64854892
TEST=make runlongtests
Change-Id: I22d0c6e55afde6ece9535591f94ec07280ae2b12
Reviewed-on: https://chromium-review.googlesource.com/633966
Commit-Ready: Nicolas Boichat <drinkcat@chromium.org>
Tested-by: Nicolas Boichat <drinkcat@chromium.org>
Reviewed-by: Randall Spangler <rspangler@chromium.org>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Updated the current coral config to use the fake keys from the loemkeys
dev keyset (ACME) and then tested/debugged this flow based on that
config.
Fixed issue where key_id wasn't eval'd in bash when it was passed to
grep because it has ' quotes around it.
BUG=b:64842314
TEST=~/trunk/src/platform/vboot_reference/scripts/image_signing/sign_official_build.sh
recovery
../build/images/coral/R62-9877.0.2017_08_25_1030-a1/recovery_image.bin
../platform/vboot_reference/tests/loemkeys
coral_loem_signed_recovery.bin
BRANCH=None
Change-Id: I50a58e512e9a83dc2707951f12d709f9006d67ca
Reviewed-on: https://chromium-review.googlesource.com/636344
Commit-Ready: C Shapiro <shapiroc@google.com>
Tested-by: C Shapiro <shapiroc@google.com>
Reviewed-by: Simon Glass <sjg@chromium.org>
Reviewed-by: Mike Frysinger <vapier@chromium.org>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
We would like to have different signature versions for hammer
(1=dev, 2=premp, 3=mp), so we should pass --version to futility.
The default version stays 1.
BRANCH=none
BUG=b:35587169
TEST=openssl genrsa -3 -out key_hammer.pem 2048
futility create --desc="Hammer fake MP key" key_hammer.pem key_hammer
echo firmware_version=2 > key_hammer.version
../vboot_reference/scripts/image_signing/sign_official_build.sh \
accessory_rwsig build/hammer/ec.bin . \
ec-signed.bin key_hammer.version
futility show ec-signed.bin => Version: 0x00000002
TEST=Without passing a version file, version is still 1.
../vboot_reference/scripts/image_signing/sign_official_build.sh \
accessory_rwsig build/hammer/ec.bin . ec-signed.bin
futility show ec-signed.bin => Version: 0x00000001
Change-Id: I0cd9133404fb0d827bd2f0d3bcc71d5dd274734d
Reviewed-on: https://chromium-review.googlesource.com/631757
Commit-Ready: Nicolas Boichat <drinkcat@chromium.org>
Tested-by: Nicolas Boichat <drinkcat@chromium.org>
Reviewed-by: Mike Frysinger <vapier@chromium.org>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
vb2_public_key_read_keyb cannot be used for VB2.1 public keys
(especially not for 2048 exponent 3 or F4, as their size is the
same so the algorithm cannot be guess).
Instead, do what futility/rwsig does and derive the public key from
the private RSA key.
BRANCH=none
BUG=b:64854892
TEST=make runlongtests
Change-Id: Ie81f40e6076cd0c234012b9af58e39425f8b717c
Signed-off-by: Nicolas Boichat <drinkcat@google.com>
Reviewed-on: https://chromium-review.googlesource.com/628177
Commit-Ready: Nicolas Boichat <drinkcat@chromium.org>
Tested-by: Nicolas Boichat <drinkcat@chromium.org>
Reviewed-by: Randall Spangler <rspangler@chromium.org>
Reviewed-by: Caveh Jalali <caveh@google.com>
|
| |
|
|
|
|
|
|
|
|
|
|
| |
BRANCH=none
BUG=b:64854892
TEST=make runlongtests
Change-Id: I827ce47b68339dc4df7f84b26a0b6643af27037b
Signed-off-by: Caveh Jalali <caveh@google.com>
Reviewed-on: https://chromium-review.googlesource.com/628176
Commit-Ready: Nicolas Boichat <drinkcat@chromium.org>
Tested-by: Nicolas Boichat <drinkcat@chromium.org>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Add tpm_lite library support for the IFX specific TPM_FieldUpgrade
subcommand "FieldUpgradeInfoRequest2". Expose this via tpmc so it can
be used from shell scripts.
BRANCH=none
BUG=chromium:728130
TEST=Builds and tpmc ifxfieldupgradeinfo prints plausible results.
Change-Id: Ie58ebccef7fe90f7fca65d7cd9c78e1f16f9f29a
Reviewed-on: https://chromium-review.googlesource.com/562772
Commit-Ready: Mattias Nissler <mnissler@chromium.org>
Tested-by: Mattias Nissler <mnissler@chromium.org>
Reviewed-by: Mattias Nissler <mnissler@chromium.org>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
For design context, see go/cros-unibuild-signing
This adds support for multiple, shared firmware images from a unified
build that needs to be signed with different OEM specific keys.
It uses a signer_config.csv file (that is generated by pack_firmware.py)
to determine which images need to be signed with which keys.
BUG=b:64842314
TEST=./build_image --board=coral dev
&& ./mod_image_for_recovery.sh --board=coral
&& ~/trunk/src/platform/vboot_reference/scripts/image_signing/sign_official_build.sh
recovery ../build/images/coral/latest/recovery_image.bin
../platform/vboot_reference/tests/devkeys
BRANCH=None
Change-Id: Id3711bbe73dfe652184bc046b5f642c30b8d1627
Reviewed-on: https://chromium-review.googlesource.com/626718
Commit-Ready: C Shapiro <shapiroc@google.com>
Tested-by: C Shapiro <shapiroc@google.com>
Reviewed-by: C Shapiro <shapiroc@google.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
When user first starts up recovery (3 finger salute), display
usb insert instructions and original insert graphic until user
starts pushing volume buttons. If the user pushes power button
during while the icon is displayed (no menu items), device will
shut down (this is to accomodate users that accidentally enter
the recovery screen and want to exit quickly). Upon user
pressing the volume buttons, the insert icon will disappear
and user will see the menu items and be able to scroll up/down.
BUG=b:64400325
BRANCH=None
TEST=boot into recovery. Make sure graphic shown until start
pushing volume buttons.
Change-Id: I4a5001271a0b84d1237d4bbc6a098afa10cb9372
Signed-off-by: Shelley Chen <shchen@chromium.org>
Reviewed-on: https://chromium-review.googlesource.com/617600
Reviewed-by: Julius Werner <jwerner@chromium.org>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
call VbExUpdateAuxFw() uncontidionally, instead of when we know we
need to do an update. Vb*AuxFw() already maintains state, so this
doesn't change when we (attempt) to update firmware.
however, this does allow us to iterate over all firmware drivers to
call their .protect() method. previously, we would only call
.protect() after an actual firmware update.
updated unit tests to match the new logic.
BRANCH=none
BUG=b:35585700
TEST=verified i2c tunnels are protected on reef using
ectool i2cprotect N status.
Change-Id: I9244db28ed181f568d117092307293202257735b
Signed-off-by: Caveh Jalali <caveh@google.com>
Reviewed-on: https://chromium-review.googlesource.com/620281
Reviewed-by: Julius Werner <jwerner@chromium.org>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
vb2_update_selection considered only KEY_UP and KEY_DOWN inputs to
update the selection. This resulted in volume buttons not working on
firmware screen to update the selection. Add volume buttons as valid
inputs in vb2_update_selection.
BUG=b:64839396
BRANCH=None
TEST=Verified that volume buttons work on firmware screen.
Change-Id: I08bfa91eafb170fb450649a2abaafe7f4d58e17b
Signed-off-by: Furquan Shaikh <furquan@chromium.org>
Reviewed-on: https://chromium-review.googlesource.com/621787
Reviewed-by: Aaron Durbin <adurbin@chromium.org>
Reviewed-by: Shelley Chen <shchen@chromium.org>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
When DUT is already in dev mode, don't let user select the "Enable
Developer Mode" selection in the menu. Add disabled_idx_mask to
VbExDisplayMenu API to allow for disabling of menu items in the future
if needed.
BUG=b:63078243, b:35585623
BRANCH=None
TEST=reboot into recovery with DUT already in dev mode. Make sure
can't scroll to "Enable Developer Mode: entry.
reboot into recovery with DUT in normal mode. Make sure
"Enable Developer Mode" entry is selectable.
CQ-DEPEND=CL:565335
Change-Id: Ic71fe6aa2e41337787a0c2278f729356edb155fd
Signed-off-by: Shelley Chen <shchen@chromium.org>
Reviewed-on: https://chromium-review.googlesource.com/598430
Reviewed-by: Julius Werner <jwerner@chromium.org>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
This converts the script in one commit as nothing uses it directly,
so the chances of it breaking overall build is low.
- Convert to common.sh for more helpers
- Convert echo to info
- Convert to loopback devices to speed things up
- Fix quoting in a few places
- Drop cgpt usage since we use loopback partitions everywhere now
BRANCH=None
BUG=chromium:714598
TEST=running on an image still works
Change-Id: I6608db77792502f35522a6f793ccd800fdd6af4e
Reviewed-on: https://chromium-review.googlesource.com/505482
Commit-Ready: Mike Frysinger <vapier@chromium.org>
Tested-by: Mike Frysinger <vapier@chromium.org>
Reviewed-by: David Riley <davidriley@chromium.org>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
The prioritize cmd expected primary gpt header and entries are valid.
Add a validity check to guarantee that.
BUG=b:35585016
TEST=Check on bob, the secondary gpt still valid after these commands:
dd if=/dev/zero of=/dev/mmcblk0 bs=512 count=64
cgpt prioritize /dev/mmcblk0
Change-Id: I853e25211a46fa3ce93cef1e5169b93b0a6430a9
Signed-off-by: Jeffy Chen <jeffy.chen@rock-chips.com>
Reviewed-on: https://chromium-review.googlesource.com/604814
Reviewed-by: Randall Spangler <rspangler@chromium.org>
Reviewed-by: Julius Werner <jwerner@chromium.org>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
loader updates
This is the last place that uses grab_kernel_config. Convert it over
to accessing the kernel directly via loopbacks and delete the helper
function entirely. This avoids unnecessary copies and prevents any
more code from using it.
BRANCH=None
BUG=chromium:714598
TEST=dump_config still works
Change-Id: I16aa2c2568d15c43bb20b9d5dc18060915047506
Reviewed-on: https://chromium-review.googlesource.com/505481
Commit-Ready: Mike Frysinger <vapier@chromium.org>
Tested-by: Mike Frysinger <vapier@chromium.org>
Reviewed-by: David Riley <davidriley@chromium.org>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Set current selection to power off after exiting the languages menu.
Previously, we were just defaulting to selecting the 0 index. However,
this won't work anymore if we hide the "Enable Developer Mode" entry
in the recovery menu due to that entry being at the 0th index.
BUG=b:63078243, b:35585623
BRANCH=None
TEST=Boot into recovery when machine in normal mode.
Select languages menu, make language selection and make sure
that when return to recovery menu, power off item is selected.
Change-Id: I479c2270ca99197fd8c44386ab1ca4526ae7d64a
Signed-off-by: Shelley Chen <shchen@chromium.org>
Reviewed-on: https://chromium-review.googlesource.com/565527
Reviewed-by: Randall Spangler <rspangler@chromium.org>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
For detachables, the short delay is to fast to them to read/choose
options. Setting timeout to 30 seconds once user starts scrolling
through the menu. If no action is taken by the user, will retain
the short delay timeout.
BUG=b:63056097, b:35585623
BRANCH=None
TEST=reboot with gbb flag bit 1 enabled and ensure using short delay.
reboot and press volume button and make sure using long delay.
reboot and make sure short delay performed again upon reboot.
reboot and make sure gbb flag bit 1 = 0 and make sure long delay
still working as expected.
Change-Id: I31e3ca8aff6b29abca70ca9587deae7f6443d837
Signed-off-by: Shelley Chen <shchen@chromium.org>
Reviewed-on: https://chromium-review.googlesource.com/563817
Reviewed-by: Randall Spangler <rspangler@chromium.org>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
The sw_wpsw_boot field only ever worked correctly on some platforms. It
also isn't used anywhere in the codebase (only other reference is a
comment about how it doesn't always work in factory_installer.sh), and
it's no longer clear what it was meant for in the first place
(b/35510092 hints at needing it for some planned feature that was never
implemented). Let's get rid of it to avoid confusing people.
If userspace tools need to know the software write-protect state, they
can instead run flashrom directly. For feedback reports, this output is
already included in the "verified boot" section.
BRANCH=none
BUG=chromium:508269,chromium:742685
TEST=none
Change-Id: I8975b1e2c8e604b4cb48d092c13b923b4db2d207
Signed-off-by: Julius Werner <jwerner@chromium.org>
Reviewed-on: https://chromium-review.googlesource.com/575389
Reviewed-by: Hung-Te Lin <hungte@chromium.org>
Reviewed-by: Aaron Durbin <adurbin@chromium.org>
Reviewed-by: Randall Spangler <rspangler@chromium.org>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
This command exposes the vendor and TPM firmware version.
BRANCH=none
BUG=chromium:728130
TEST=Builds and tpmc getversion prints plausible results.
Change-Id: Iec556a298e025e10bda00121b40a25d8dc3839d1
Reviewed-on: https://chromium-review.googlesource.com/565287
Commit-Ready: Mattias Nissler <mnissler@chromium.org>
Tested-by: Mattias Nissler <mnissler@chromium.org>
Reviewed-by: Jorge Lucangeli Obes <jorgelo@chromium.org>
Reviewed-by: Andrey Pronin <apronin@chromium.org>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
This avoids copying GB of data for the rootfs & kernels by using loopback
devices instead.
BRANCH=None
BUG=chromium:714598
TEST=dump_config still works
Change-Id: I41cd71db3c567be811c4a59523c797c128a8e493
Reviewed-on: https://chromium-review.googlesource.com/505480
Commit-Ready: Mike Frysinger <vapier@chromium.org>
Tested-by: Mike Frysinger <vapier@chromium.org>
Reviewed-by: David Riley <davidriley@chromium.org>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
This avoids copying out the kernels just to read their configs.
Not super important as the signer doesn't use it, but we want to
kill off the grab_kernel_config helper.
BRANCH=None
BUG=chromium:714598
TEST=dump_config still works
Change-Id: I2533b1d4de6980120f277fea3a1d964cb4fbaf0d
Reviewed-on: https://chromium-review.googlesource.com/505479
Commit-Ready: Mike Frysinger <vapier@chromium.org>
Tested-by: Mike Frysinger <vapier@chromium.org>
Reviewed-by: David Riley <davidriley@chromium.org>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
OpenSSL 1.1 has made significant non-backwards compatible changes to its
API as outlined in:
https://wiki.openssl.org/index.php/OpenSSL_1.1.0_Changes
BRANCH=none
BUG=chromium:738114
TEST=cros_workon --host start vboot_reference
TEST=w/ openssl-1.0.2k: sudo emerge vboot_reference
TEST=w/ openssl-1.1.0e: sudo emerge vboot_reference
=> both build ok
$ futility version
=> command runs without error
TEST=cros_workon --board=soraka start vboot_reference coreboot
TEST=w/ openssl-1.0.2k: emerge-soraka vboot_reference coreboot
TEST=w/ openssl-1.1.0e: emerge-soraka vboot_reference coreboot
=> All build ok
Change-Id: I37cfc8cbb04a092eab7b0b3224f475b82609447c
Reviewed-on: https://chromium-review.googlesource.com/557739
Commit-Ready: Daniel Kurtz <djkurtz@chromium.org>
Tested-by: Daniel Kurtz <djkurtz@chromium.org>
Reviewed-by: Randall Spangler <rspangler@chromium.org>
Reviewed-by: Mike Frysinger <vapier@chromium.org>
|
