| Commit message (Collapse) | Author | Age | Files | Lines |
|---|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Add helper functions that read a number in TPM byte order and advance
the buffer pointer in a single operation. Replace instances of this
pattern with call to the helpers. No functional changes.
BRANCH=None
BUG=None
TEST=existing unit tests
Change-Id: I96d866893ec875aafc978cbe2a55ea7f9f27542c
Reviewed-on: https://chromium-review.googlesource.com/985832
Commit-Ready: Mattias Nissler <mnissler@chromium.org>
Tested-by: Mattias Nissler <mnissler@chromium.org>
Reviewed-by: Andrey Pronin <apronin@chromium.org>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
firmware/lib/tpm_lite.c turned off CHROMEOS_ENVIRONMENT if FOR_TEST is
enabled, resulting in a situation where code specific to
CHROMEOS_ENVIRONMENT couldn't be tested. Fortunately, AFAICS
tlcl_tests does not use FOR_TEST for anything useful any longer, so
just drop it.
BRANCH=None
BUG=None
TEST=FEATURES=test emerge-$BOARD -v1 vboot_reference
Change-Id: I7f08ef6d2343bc60a6d2982c3cc7bae0507d94d5
Reviewed-on: https://chromium-review.googlesource.com/937703
Commit-Ready: Mattias Nissler <mnissler@chromium.org>
Tested-by: Mattias Nissler <mnissler@chromium.org>
Reviewed-by: Randall Spangler <rspangler@chromium.org>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Wand decided to leverage the key format of Hammer therefore this
script calls Hammer's one to generate a key pair and renames them to
key_wand*.
BUG=b:73799441
TEST=Run this script in the chroot and verify the generated key pair.
BRANCH=None
Change-Id: Id2749d78e0632bee66c09c4ee7aa1930534157b7
Reviewed-on: https://chromium-review.googlesource.com/991532
Commit-Ready: Marco Chen <marcochen@chromium.org>
Tested-by: Marco Chen <marcochen@chromium.org>
Reviewed-by: Nicolas Boichat <drinkcat@chromium.org>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
| |
The default value is "disk", and should be mentionned as an option.
BRANCH=none
BUG=none
TEST=emerge-poppy -av vboot_reference
Change-Id: I9ddfe155f1dbaf019b74c1bab7b5ce5539545e7f
Reviewed-on: https://chromium-review.googlesource.com/989375
Commit-Ready: Nicolas Boichat <drinkcat@chromium.org>
Tested-by: Nicolas Boichat <drinkcat@chromium.org>
Reviewed-by: Randall Spangler <rspangler@chromium.org>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
If an aux firmware update fails enter recovery with a specific
reason code so we can identify systems that fail.
Also handle the case where the update succeeds and requests a
cold reset of the EC, first clearing the oprom flag if
necessary in order to prevent a second reset.
Unit test was added to check recovery reason for aux firmware
update failure.
BUG=b:74336712
BRANCH=eve
TEST=manual: force update to fail and ensure it goes to recovery
mode, and after successful update check that the option rom flag
is cleared before the EC reset happens.
Unit tests udpated and 'make runtests' passes.
Change-Id: I35a93892a0f8bb16eac0925ada5dfbc5c3144f8d
Signed-off-by: Duncan Laurie <dlaurie@google.com>
Reviewed-on: https://chromium-review.googlesource.com/959671
Reviewed-by: Caveh Jalali <caveh@google.com>
Reviewed-by: Furquan Shaikh <furquan@chromium.org>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Add a distinct recovery reason for aux firmware update failures
so we have some visibility into failures in eventlog.
This is used in a subsequent commit.
BUG=b:74336712
BRANCH=eve
TEST=manual: force update failure and ensure device goes to recovery
with this reason
Change-Id: I4b215444592b7c31cd25d59ad2a52b85d504e3bf
Signed-off-by: Duncan Laurie <dlaurie@google.com>
Reviewed-on: https://chromium-review.googlesource.com/959669
Reviewed-by: Furquan Shaikh <furquan@chromium.org>
Reviewed-by: caveh jalali <caveh@chromium.org>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Responses and commands share the same header structure. The
tpm_code field corresponds to TPM_CC in one case and TPM_RC
in the other. Make it uint32_t (instead of TPM_CC) in the
structure to avoid confusion when dealing with responses.
BUG=chromium:825894
BRANCH=none
TEST=build
Change-Id: I07821f35b0f539a863ee97c0a08c141d0533a4de
Signed-off-by: Andrey Pronin <apronin@chromium.org>
Reviewed-on: https://chromium-review.googlesource.com/981111
Reviewed-by: Vadim Bendebury <vbendeb@chromium.org>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Propagate the actual error - a non-successful response
code from the tpm or communication/serializing failure -
to the caller of the Tlcl functions in TPM 2.0 case.
Currently, the callers only have special processing for
the error codes from TCG TPM 1.2 range, which are never
returned in case of communication or serialization failures
or from the actual TPM 2.0. (The only case of mapping
TPM 2.0 error codes to TPM_E_BADINDEX is preserved in this CL.)
Thus, changing the actual values returned from the functions
won't change any current behavior in the calling layers.
This CL is a preparatory work for adding special processing
for communication errors in mount-encrypted.
BUG=chromium:702724
BRANCH=none
TEST=build; test that tpmc getvf, tpmc read still work.
Change-Id: I96b20e7285e83f0038abc01e4b7175c938867e7d
Signed-off-by: Andrey Pronin <apronin@chromium.org>
Reviewed-on: https://chromium-review.googlesource.com/977225
Reviewed-by: Vadim Bendebury <vbendeb@chromium.org>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
The constants from the list defined in tss_constants.h
should be the same values regardless of TPM 1.2 vs 2.0
spec version since AP firmware checks for those exact
values in certain cases. Stop defining them separately
for TPM 1.2 and 2.0 and move to the common tss_constants.h.
Before the change, even though TPM_E constants were defined
in TPM spec dependent files, they were defined identically.
So, no changes to the behavior are caused by this CL.
This is a preparatoryy change to fixing error handling for
Tlcl and mount-encrypted.
BUG=chromium:702724
BRANCH=none
TEST=emerge vboot_reference
Change-Id: Ib7a5f41ca55579d053ba63ce07f4bed1394e7ae9
Signed-off-by: Andrey Pronin <apronin@chromium.org>
Reviewed-on: https://chromium-review.googlesource.com/976871
Reviewed-by: Vadim Bendebury <vbendeb@chromium.org>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
| |
Looks like we forgot to update the help text for set_gbb_flags.sh when
adding the DISABLE_FMWP flag. This patch fixes that.
BRANCH=None
BUG=None
TEST=None
Change-Id: Iae45e151ae786565f6a1a695a2e3c3d01f8c1d0a
Signed-off-by: Julius Werner <jwerner@chromium.org>
Reviewed-on: https://chromium-review.googlesource.com/976801
Reviewed-by: Randall Spangler <rspangler@chromium.org>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
It seems like there are some testing use cases where we want the device
to boot into the recovery installer but it is impractical to fully
simulate a user-triggered recovery. This has become impossible with the
recent change to always require manual recovery to boot an image, even
when the developer mode switch is enabled (CL:924458).
This patch adds a new GBB flag to support this use case. When the flag
is set, all recovery mode is manual recovery mode, regardless of wheter
the developer mode switch is on or not.
Since the GBB_FLAG_ENABLE_SERIAL was killed off before it ever really
worked anyway, we can safely reuse the bit reserved for it.
BRANCH=None
BUG=None
TEST=make runtests, manually confirmed on Kevin
Change-Id: I4f51dfd20b4ff04c522f53596896dccbceee52dc
Signed-off-by: Julius Werner <jwerner@chromium.org>
Reviewed-on: https://chromium-review.googlesource.com/976660
Reviewed-by: Randall Spangler <rspangler@chromium.org>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
This regenerates packages cache during signing the image once apks are
changed due timestamp and key update.
TEST=Build image, sign it useing devkeys and deploy to device. Perform
user sign-in and enable ARC. Test logcat and everything is clear.
BUG=b:74108152
Change-Id: I4809a1f87c8b8f52094054dbb4c8ba3e059aee89
Reviewed-on: https://chromium-review.googlesource.com/948064
Commit-Ready: Yury Khmel <khmel@google.com>
Tested-by: Yury Khmel <khmel@google.com>
Reviewed-by: Mike Frysinger <vapier@chromium.org>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
CL:942031 introduced a check for the length of output returned by
mosys. If the output has a trailing newline, then the check failed.
Just make sure we get at least as much data as we expect.
BUG=b:74439800
BRANCH=none
TEST=run crossystem on bob; no 'mosys returned hex data' errors
Change-Id: If678b201185dbda869e4e17abae314470f5cef4a
Signed-off-by: Randall Spangler <rspangler@chromium.org>
Reviewed-on: https://chromium-review.googlesource.com/958286
Reviewed-by: Stefan Reinauer <reinauer@chromium.org>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Check the result of VbSharedDataRead() before dereferencing it.
BUG=chromium:789276,chromium:819695
BRANCH=none
TEST=make runtests
Change-Id: I1b1cc90bdc2fca61a9aad6b02e8b7e1f6a919797
Signed-off-by: Randall Spangler <rspangler@chromium.org>
Reviewed-on: https://chromium-review.googlesource.com/954712
Commit-Ready: Keith Haddow <haddowk@chromium.org>
Reviewed-by: Keith Haddow <haddowk@chromium.org>
Reviewed-by: Mike Frysinger <vapier@chromium.org>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
As we've refactored the code over the last few years, there are some
dangling features which are no longer used. Remove the code for them.
BUG=chromium:611535
BRANCH=none
TEST=make runtests; build and boot bob
CQ-DEPEND=CL:954224
Change-Id: Id4f3caa0581ce68465ea92e3eeedab501fb6b1aa
Signed-off-by: Randall Spangler <rspangler@chromium.org>
Reviewed-on: https://chromium-review.googlesource.com/954354
Reviewed-by: Julius Werner <jwerner@chromium.org>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
On CNL systems, the pinctrl (gpiochip) driver label is "INT34BB:00".
Declare it properly.
BRANCH=none
BUG=b:71722386
TEST=on Meowth, run 'crossystem wpsw_cur' and see '0' rather than an
error.
Change-Id: I74f3cce19afac9a76e8d3071426e79eb9bb11db9
Reviewed-on: https://chromium-review.googlesource.com/951789
Commit-Ready: Vincent Palatin <vpalatin@chromium.org>
Tested-by: Vincent Palatin <vpalatin@chromium.org>
Reviewed-by: Randall Spangler <rspangler@chromium.org>
Reviewed-by: Benson Leung <bleung@chromium.org>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
The calling firmware can set ctx->flags VB2_CONTEXT_NVDATA_V2 to tell
vboot that nvdata is a 64-byte record instead of a 16-byte record, or
equivalently, set the VBSD_NVDATA_V2 flag if calling the old vboot1
API.
If calling firmware does not (which is the current coreboot and
depthcharge default), then the 16-byte record is used, and V2 fields
return explicit default values.
Added the fw_max_rollforward V2 field, which defaults to 0xfffffffe on
V1. This will be used by a subsequent CL.
Added unit tests to verify all that.
Added crossystem support, though it will only work with the current
16-byte records until firmware sets the VBSD flag and mosys supports
larger records.
(Note that because coreboot/depthcharge do not yet set the new context
flag, this CL should not change ToT firmware behavior.)
See go/vboot-nvstorage for design doc.
BUG=chromium:789276
BRANCH=none
TEST=make runtests
Change-Id: I43072ef153dfa016c051f560892af1fbb3508e3a
Signed-off-by: Randall Spangler <rspangler@chromium.org>
Reviewed-on: https://chromium-review.googlesource.com/942031
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
This was deprecated months ago in crossystem, and isn't set by
depthcharge or coreboot. Remove the flag from vboot as well, keeping
only a reminder in vboot_struct.h so we don't reuse the VbSharedData
bit.
BUG=chromium:742685
BRANCH=none
TEST=make runtests
Change-Id: Ifa928e8ec4d999c524c6f4168695859261f384c9
Signed-off-by: Randall Spangler <rspangler@chromium.org>
Reviewed-on: https://chromium-review.googlesource.com/947256
Reviewed-by: Julius Werner <jwerner@chromium.org>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
VbLockDevice() would be inconvenient to port to 64-byte NV storage
records because it doesn't take VbSharedData flags or a vb2_context.
So, just have depthcharge call vbnv_write() directly (as it does in
other places in fastboot.c) and get rid of this API.
BUG=chromium:789276
BRANCH=none
TEST=make runtests
CQ-DEPEND=CL:944183
Change-Id: I2aeaecf7f929cd1a1ebd1f6850d0dd96c6fabb49
Signed-off-by: Randall Spangler <rspangler@chromium.org>
Reviewed-on: https://chromium-review.googlesource.com/944243
Reviewed-by: Furquan Shaikh <furquan@chromium.org>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Instead of only logging when ARC++ is not present, also report when we
found an ARC++ image about to be re-signed.
BUG=None
TEST=See info message when running sign_official_build.sh
BRANCH=None
Change-Id: I0d983d38048c4b8dace51e4ea25e23c7cf1da3d7
Reviewed-on: https://chromium-review.googlesource.com/942021
Commit-Ready: Nicolas Norvez <norvez@chromium.org>
Tested-by: Nicolas Norvez <norvez@chromium.org>
Reviewed-by: Victor Hsieh <victorhsieh@chromium.org>
Reviewed-by: Mike Frysinger <vapier@chromium.org>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
- move helper functions that detect which keys should be used depending
on the build flavor to a separate lib
- add unit tests for that lib
BUG=b:72947583
TEST=unit tests
TEST=run against caroline image, scripts detects 'cheets' build flavor
TEST=run against novato-arc64 image (SDK), script detects 'cheets' build
flavor
TEST=run against newbie image (AOSP), script detects 'aosp' build flavor
TEST=run against invalid build property 'paosp_cheets_...', script
aborts as expected
BRANCH=None
Change-Id: I5595c10a5a063e7658d0cf17c77dbeead429cd97
Reviewed-on: https://chromium-review.googlesource.com/923097
Commit-Ready: Nicolas Norvez <norvez@chromium.org>
Tested-by: Nicolas Norvez <norvez@chromium.org>
Reviewed-by: Mike Frysinger <vapier@chromium.org>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
The original "ro.product.name" of the Android image is modified by the
Chrome OS build process to change it to the CrOS device name instead,
which breaks the detection of the build flavor.
Instead, we now rely on the "ro.build.flavor" property which is not
modified.
If the build flavor is either cheets_* or sdk_google_cheets_*, we expect
the keys to be the cheets keys. AOSP keys are used for aosp_cheets_*
build flavors.
BUG=b:72947583
TEST=run against caroline image, scripts detects 'cheets' build flavor
TEST=run against novato-arc64 image (SDK), script detects 'cheets' build
flavor
TEST=run against newbie image (AOSP), script detects 'aosp' build flavor
TEST=run against invalid build property 'paosp_cheets_...', script
aborts as expected
BRANCH=None
Change-Id: I662436b256b59238b00c7374120f315b538fcd75
Reviewed-on: https://chromium-review.googlesource.com/911905
Commit-Ready: Nicolas Norvez <norvez@chromium.org>
Tested-by: Nicolas Norvez <norvez@chromium.org>
Reviewed-by: Victor Hsieh <victorhsieh@chromium.org>
Reviewed-by: Mike Frysinger <vapier@chromium.org>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Currently, ec.bin generated by cros_sdk contains and is signed by the
dev keys in the platform/ec/<board> directory. This patch copies these
dev keys to vboot_reference.
BUG=b:73249665
BRANCH=none
TEST=make runtests
Change-Id: Id2a0b16dc6d404a6bea902fd5a401d6fc7caa2bf
Signed-off-by: Daisuke Nojiri <dnojiri@chromium.org>
Reviewed-on: https://chromium-review.googlesource.com/940665
Reviewed-by: Wai-Hong Tam <waihong@google.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
| |
Assorted addtional tests to improve coverage of the firmware libraries.
BUG=none
BRANCH=none
TEST=make runtests
Change-Id: Iaf707bd54ca5dc10745eb19dfa9e9afbf0d74112
Signed-off-by: Randall Spangler <rspangler@chromium.org>
Reviewed-on: https://chromium-review.googlesource.com/927608
Reviewed-by: Julius Werner <jwerner@chromium.org>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
The mount-encrypted utility, which includes tlcl.h is in the process
of being converted to C++. To simplify inclusion in C++ code, add the
standard extern "C" linkage specifiers.
BRANCH=none
BUG=chromium:808303
TEST=compiles
Change-Id: I8a99a0e5cfcce64b27cad10735b08ba40434b222
Reviewed-on: https://chromium-review.googlesource.com/915345
Commit-Ready: Mattias Nissler <mnissler@chromium.org>
Tested-by: Mattias Nissler <mnissler@chromium.org>
Reviewed-by: Vadim Bendebury <vbendeb@chromium.org>
Reviewed-by: Andrey Pronin <apronin@chromium.org>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Previously, non-manual recovery behavior would depend on the developer
mode switch: in normal mode it would get stuck at the BROKEN screen, but
in developer mode it would proceed exactly like manual recovery. This
behavior was mostly just confusing to people and it seems that we have
no real use case for it anymore. Remove the developer mode special case
so that non-manual recovery will always go to the BROKEN screen from now
on.
BRANCH=scarlet?
BUG=None
TEST=make runtests, verified manually on Scarlet and Kevin
Change-Id: Iaf33f82d7cb709a5ee309c08d1ad3015859738b3
Signed-off-by: Julius Werner <jwerner@chromium.org>
Reviewed-on: https://chromium-review.googlesource.com/924458
Reviewed-by: Randall Spangler <rspangler@chromium.org>
Reviewed-by: Daisuke Nojiri <dnojiri@chromium.org>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
This patch makes ec_sync_all clear OPROM_NEEDED flag when
ec_sync_phase2 updates EC and requests reboot.
Without this change OPROM_NEEDED flag will stay forever because after
reboot need_wait_screen won't be set (thus line 90 won't be reached).
BUG=b:72387533
BRANCH=none
TEST=Verify firmware screens are displayed on type-c monitor:
developer warning screen, critical update screen, recovery screen.
Change-Id: I9cc072efbf937ac438b55f3812f677612f79eaf9
Signed-off-by: Daisuke Nojiri <dnojiri@chromium.org>
Reviewed-on: https://chromium-review.googlesource.com/916635
Reviewed-by: Julius Werner <jwerner@chromium.org>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Since we're continuing to support the boot shortcuts Ctrl+D, Ctrl+U and
Ctrl+L, it makes sense to also continue to support the debug info
shortcut Tab, just in case somebody may want to use it from an external
keyboard. This does not affect the existing method to display debug info
through the appropriate menu option in any way.
BRANCH=None
BUG=b:73080278
TEST=make runtests, booted Scarlet and pressed Tab on UART.
Change-Id: Ia08404e0ffd1f8cac3d85f3b2fc4ce17a21d743d
Signed-off-by: Julius Werner <jwerner@chromium.org>
Reviewed-on: https://chromium-review.googlesource.com/907759
Reviewed-by: Furquan Shaikh <furquan@chromium.org>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
We deleted crosh workarounds logic years ago (e.g. CL:178932),
so drop references here too.
BUG=None
TEST=precq passes
BRANCH=None
Change-Id: I2b195a7ca863101be35a4bfde29d7950a96c1edd
Reviewed-on: https://chromium-review.googlesource.com/907069
Commit-Ready: ChromeOS CL Exonerator Bot <chromiumos-cl-exonerator@appspot.gserviceaccount.com>
Tested-by: Mike Frysinger <vapier@chromium.org>
Reviewed-by: David Riley <davidriley@chromium.org>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
When switching from normal to dev mode, the EC is in RO. AP requests
warm reboot, whic causes EC to jump to RW. After sysjump, RW tries to
renegotiate PD but it's too late for type-c monitor to function
because VBIOS has already run.
This patch makes AP request EC reboot when switching to dev mode.
BUG=b:73083750
BRANCH=none
TEST=Dingdong connected to Teemo. Verify norm-to-dev screen is
displayed. make -j runtests.
Change-Id: I763cd6968406f7b904604b2588a9db6d567cbd4e
Signed-off-by: Daisuke Nojiri <dnojiri@chromium.org>
Reviewed-on: https://chromium-review.googlesource.com/907734
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Some of the defined screens have never been used or we've stopped using
them a while ago. Remove the respective constants to make it clearer
that callers of the library are not expected to handle them.
CQ-DEPEND=CL:903362
BRANCH=None
BUG=None
TEST=make runtests
Change-Id: I82308fc76dc10b2c8b408af7a15a819120043632
Signed-off-by: Julius Werner <jwerner@chromium.org>
Reviewed-on: https://chromium-review.googlesource.com/902899
Commit-Ready: ChromeOS CL Exonerator Bot <chromiumos-cl-exonerator@appspot.gserviceaccount.com>
Reviewed-by: Randall Spangler <rspangler@chromium.org>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Following ag/3536780, aosp_cheets targets have their APKs signed with
keys https://android.googlesource.com/platform/build/+/master/target/product/security/
The image signing script now:
- detects if it's an aosp_cheets or cheets build
- checks the correct signing keys have been used in either case
- logs more information about the Android image
BUG=b:72947583
TEST=manually test sign_framework_apks against AOSP and cheets builds
TEST=aosp_cheets builds prior to ag/3536780 are now failing (expected)
TEST=aosp_cheets builds posterior to ag/3536780 are passing
TEST=cheets builds (before and after) are passing
TEST=check that commenting out ro.product.name in build.prop triggers an
error
TEST=check that an invalid value in ro.product.name triggers an error
BRANCH=None
Change-Id: I72abea5182fbfe76820e3f48831be04f39cb334e
Reviewed-on: https://chromium-review.googlesource.com/904726
Commit-Ready: Nicolas Norvez <norvez@chromium.org>
Tested-by: Nicolas Norvez <norvez@chromium.org>
Reviewed-by: Mike Frysinger <vapier@chromium.org>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Bit 0 in the GPT partition attributes is defined to indicate whether a
partition is required by the platform. This CL adds the support for
managing this bit to cgpt.
BUG=b:70807006
BRANCH=None
TEST=Run unit tests.
Change-Id: Iaf87c828438b3df6730de502ae420fcf4c61277b
Reviewed-on: https://chromium-review.googlesource.com/902196
Commit-Ready: Ben Chan <benchan@chromium.org>
Tested-by: Ben Chan <benchan@chromium.org>
Reviewed-by: Mike Frysinger <vapier@chromium.org>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
For the EC supporting EFS boot, the RO section contains a
public key, and the RW is signed. For running FAFT, should
replace the RO key to a known one (the dev key under
vboot_reference), such that FAFT tests can resign the RW
using a known private key.
For BIOS image, we use make_dev_firmware.sh to do a similar
job to replace the key in BIOS. This CL makes the
make_dev_firmware script support changing EC key.
BUG=b:71769443
BRANCH=none
TEST=Modify files
$ # Check the original BIOS and EC images
$ futility show ec.bin
$ futility show bios.bin
$ ./make_dev_firmware.sh --change_ec -f bios.bin -t new_bios.bin \
-e ec.bin -o new_ec.bin --backup_dir backup
$ # Check the new images, using new keys and verification succeeded
$ futility show new_ec.bin
$ futility show new_bios.bin
TEST=Modify live firmware
$ ./make_dev_firmware.sh --change_ec
And then run firmware_ECUpdateId with a Type-C charger.
TEST=Run sign_official_build.sh
$ sign_official_build.sh recovery recovery_image.bin \
~/trunk/src/platform/vboot_reference/tests/devkeys /tmp/out.bin
TEST=make runalltests
Change-Id: Id51e2c411a4e6d016e619cec91453ce918b7fff7
Reviewed-on: https://chromium-review.googlesource.com/889406
Commit-Ready: Wai-Hong Tam <waihong@google.com>
Tested-by: Wai-Hong Tam <waihong@google.com>
Reviewed-by: Daisuke Nojiri <dnojiri@chromium.org>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
This fixes a warning with GCC 6.3:
firmware/lib/vboot_ui_menu.c: In function 'enter_developer_menu':
firmware/lib/vboot_ui_menu.c:211:2: error: 'menu_idx' may be used
uninitialized in this function [-Werror=maybe-uninitialized]
vb2_change_menu(VB_MENU_DEV, menu_idx);
^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
TEST=Build
BUG=None
BRANCH=None
Change-Id: Idd9449322cccca66d8bd8796a444b9a8ceea9d11
Signed-off-by: Martin Roth <martinroth@google.com>
Reviewed-on: https://chromium-review.googlesource.com/897910
Commit-Ready: Martin Roth <martinroth@chromium.org>
Tested-by: Martin Roth <martinroth@chromium.org>
Reviewed-by: Julius Werner <jwerner@chromium.org>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
This patch adds a bunch of new unit tests for the detachable UI and
enhances some of the existing ones to more explicitly check more things.
BRANCH=None
BUG=b:65025540
TEST=make runtests. I actually found a real bug in my previous patch, so
that's nice... and COV=1 make gives me 96.9% of lines covered in
vboot_ui_menu.c, with 28 out of 28 functions touched.
Change-Id: I7737a7e62d4b7e01ea98e6a0f1dd098716582794
Signed-off-by: Julius Werner <jwerner@chromium.org>
Reviewed-on: https://chromium-review.googlesource.com/894292
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
This patch factors the code handling the BROKEN screen out of the
recovery_ui() function since it's already pretty much a completely
separate piece anyway. It is also rewritten to more closely match the
other UI loops and to use the same OPTIONS menu that allows language and
debug info access as the existing manual recovery UI.
BRANCH=None
BUG=b:64400036
TEST=make runtests, boot Scarlet in non-manual recovery mode and play
with OPTIONS menu. Also check manual recovery mode menu again, and
confirm that language selections and recovery reasons persist when
initiating manual recovery from the BROKEN screen.
Change-Id: Ib680c4e30d728c16a3661041d9b2987648e592e3
Signed-off-by: Julius Werner <jwerner@chromium.org>
Reviewed-on: https://chromium-review.googlesource.com/892280
Reviewed-by: Furquan Shaikh <furquan@chromium.org>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Most of the UI loop input handling is essentially the same between the
developer and recovery mode interfaces. This patch factors it out into a
separate function, which reduces duplication and will make it easier to
add a third UI for non-manual recovery mode.
BRANCH=None
BUG=None
TEST=make runtests, played around with menus on Scarlet
Change-Id: I75751770a81eb373f8bc7ed0e5f5dfcb6d2bd464
Signed-off-by: Julius Werner <jwerner@chromium.org>
Reviewed-on: https://chromium-review.googlesource.com/892279
Reviewed-by: Randall Spangler <rspangler@chromium.org>
Reviewed-by: Furquan Shaikh <furquan@chromium.org>
Reviewed-by: Shelley Chen <shchen@chromium.org>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
This patch shuffles around most of the detachable UI code to try to make
it more readable and maintainable. The goal is to get the business logic
out of the main UI loop functions as much as possible, and concentrate
the code handling each individual menu option in a single location.
This is a pure refactor and should not change behavior in any
(important) way. The adjustments to unit tests are only needed since the
old code displayed the same screen twice in certain circumstances, and
returning from the LANGUAGE menu to DEVELOPER selected the default
option Power Off, although other transitions to that screen select the
current default boot target.
BRANCH=None
BUG=None
TEST=make runtests, boot Scarlet and play with all screens.
Change-Id: Ibe05cbcb23c964d81f80de741bbd6f2231a2522d
Signed-off-by: Julius Werner <jwerner@chromium.org>
Reviewed-on: https://chromium-review.googlesource.com/888082
Reviewed-by: Randall Spangler <rspangler@chromium.org>
Reviewed-by: Furquan Shaikh <furquan@chromium.org>
Reviewed-by: Shelley Chen <shchen@chromium.org>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
The disabled_idx_mask always needs to be set according to the current
menu, so it makes sense to combine this task with the function that
changes menus. Call the new function vb2_change_menu() to indicate its
broader set of responsibilities.
BRANCH=None
BUG=None
TEST=make runtest
Change-Id: I122783cbc0b35d0d9e866f614646865c5c8a0ed0
Signed-off-by: Julius Werner <jwerner@chromium.org>
Reviewed-on: https://chromium-review.googlesource.com/888081
Reviewed-by: Randall Spangler <rspangler@chromium.org>
Reviewed-by: Furquan Shaikh <furquan@chromium.org>
Reviewed-by: Shelley Chen <shchen@chromium.org>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
| |
This patch removes the RECOVERY menu that is no longer being used.
BRANCH=None
BUG=None
TEST=make runtests
Change-Id: I069101ab1418779e2cc4a9f6d1b39166ba2b37ed
Signed-off-by: Julius Werner <jwerner@chromium.org>
Reviewed-on: https://chromium-review.googlesource.com/888080
Reviewed-by: Randall Spangler <rspangler@chromium.org>
Reviewed-by: Furquan Shaikh <furquan@chromium.org>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
This patch implements the new OPTIONS menu which will function in stead
of the old basic RECOVERY menu. The TO_DEV menu is now directly
reachable through the VolUp+VolDown key combo. Cancelling any menu or
changing USB state will immediately drop back to the menuless base
screens (INSERT or NOGOOD).
Also contains some minor clean-up here and there, like decoupling code
from tests a bit more by reducing reliance on global initializers. Code
for the now obsolete RECOVERY menu will be removed in a follow-up patch.
BUG=b:67371896, b:64400036
BRANCH=None
TEST=Go through all recovery screens, trry various back-and-forth
transitions between OPTIONS, LANGUAGE and TO_DEV, in addition to
inserting/removing USB at various times.
CQ-DEPEND=CL:884840
Change-Id: I95319778e14ce07fe2ada3edf95990560ac7081a
Signed-off-by: Shelley Chen <shchen@chromium.org>
Reviewed-on: https://chromium-review.googlesource.com/770258
Commit-Ready: Julius Werner <jwerner@chromium.org>
Tested-by: Julius Werner <jwerner@chromium.org>
Reviewed-by: Randall Spangler <rspangler@chromium.org>
Reviewed-by: Furquan Shaikh <furquan@chromium.org>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
This menu will be used by any of the legacy screens.
The idea is that when the user hits volume up/down, then
they will enter this options menu, which will allow the user
to change languages or show debug info.
BUG=b:67371896, b:64400036
BRANCH=None
TEST=None
Change-Id: I31d3e312388b56613368276ec72e5c68ded2264e
Signed-off-by: Shelley Chen <shchen@chromium.org>
Reviewed-on: https://chromium-review.googlesource.com/770257
Commit-Ready: Benjamin Gordon <bmgordon@chromium.org>
Reviewed-by: Randall Spangler <rspangler@chromium.org>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Battery cutoff may cause the entire system to lose power, which means
that any uncommitted nvram updates will be lost. This can leave us in a
battery cutoff loop, where we never completely clear the
BATTERY_CUTOFF_REQUEST flag before actually cutting off power.
The only way to escape this potential cutoff loop is if we manage to
cleanly exit to vb2_kernel_cleanup(), where we perform a similar commit.
But this requires us to retain power for some time after
VbExEcBatteryCutOff().
BRANCH=none
BUG=b:70176744
TEST=`crossystem battery_cutoff_request=1` on scarlet, then reboot;
see battery cutoff; plug in AC and observe whether we reliably boot
on first attach
Change-Id: I1acf3aaeaf76f97f7603f79dbfef7a24a96f36dc
Signed-off-by: Brian Norris <briannorris@chromium.org>
Reviewed-on: https://chromium-review.googlesource.com/876783
Reviewed-by: Philip Chen <philipchen@chromium.org>
Reviewed-by: Julius Werner <jwerner@chromium.org>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
To record sha1sum of keys in keyset can help loem or unibuild projects to verify
1. whether rekey process is performed correctly during the factory
build.
2. whether HWID database is updated correctly.
BUG=chromium:763328
TEST=1) modify loem.ini to match what coral is.
2) ~/trunk/src/platform/vboot_reference/scripts/image_signing/sign_official_build.sh
recovery ./chromeos_10308.0.0_coral_recovery_dev-channel_mp-v4.bin
./src/platform/vboot_reference/tests/loemkeys ./output.bin
3) verify output file - VERSION.signer.
BRANCH=none
Change-Id: I80deadb04d9dc0eb66fc5ac45dce84e6f41f1a16
Signed-off-by: Marco Chen <marcochen@chromium.org>
Reviewed-on: https://chromium-review.googlesource.com/866522
Reviewed-by: Simon Glass <sjg@chromium.org>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
The helper function - info redirects msg to stderr and appends some
backslash escapes so
1. it can't be redirected to VERSION.signer via stdout again.
2. Even if change to stderr, we also don't want these appended
msg.
BUG=chromium:760879
TEST==~/trunk/src/platform/vboot_reference/scripts/image_signing/sign_official_build.sh
recovery ../build/images/coral/latest/recovery_image.bin
../platform/vboot_reference/tests/devkeys
BRANCH=None
Change-Id: I46d560fb4cb93756fd02e32412410afb3a4db0e2
Reviewed-on: https://chromium-review.googlesource.com/861694
Commit-Ready: Marco Chen <marcochen@chromium.org>
Tested-by: Marco Chen <marcochen@chromium.org>
Reviewed-by: Simon Glass <sjg@chromium.org>
Reviewed-by: Mike Frysinger <vapier@chromium.org>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
This reverts commit f59d2e41977032f8f3eac113358b93574fc27b4f.
The change breaks 'make runtests'. More specifically, 'make runfutiltests'.
Also, fix the duplicate FWLIB20 in LDLIBS when linking futility.
BUG=None
BRANCH=None
TEST=make runtests (more specifically, make runfutiltests)
Change-Id: Ia079924a814d98e1a3937b8de6ade7b001ff70ef
Signed-off-by: Randall Spangler <rspangler@chromium.org>
Reviewed-on: https://chromium-review.googlesource.com/832848
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
| |
This adds the pthread library to the linker flags for the static
futility build, which allows it to build with recent GCC versions.
BUG=None
BRACH=None
TEST=Build futility and futility_s with a recent GCC version
Change-Id: I16d9b94b76d6e9586278cfdc0b99ae749160138a
Signed-off-by: Paul Kocialkowski <contact@paulk.fr>
Reviewed-on: https://chromium-review.googlesource.com/805374
Reviewed-by: Martin Roth <martinroth@chromium.org>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Now that vb2_shared_data / vb2_context provides all the same data to
lower-level kernel verification code that cparams did, stop passing
cparams down to those functions.
No change in functionality.
BUG=chromium:611535
BRANCH=none
TEST=make -j runtests; build bob firmware and boot it
Change-Id: I86eb1801ee96d8b56404b74843a8d09e3122567f
Signed-off-by: Randall Spangler <rspangler@chromium.org>
Reviewed-on: https://chromium-review.googlesource.com/852814
Commit-Ready: ChromeOS CL Exonerator Bot <chromiumos-cl-exonerator@appspot.gserviceaccount.com>
Reviewed-by: Stefan Reinauer <reinauer@chromium.org>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
The region API was a way for firmware and kernel verification to get
at various blocks of caller-provided data. In practice, we only used
it internally as a way to get at parts of the GBB. Prune it down to
access only the bits of GBB we still need, from the buffer we already
know we have.
In the long run we should use the same vb2ex_read_resource() API that
vb2 firmware verification does, but that should be done in a follow-up
CL since it'll need to be coordinated with support in depthcharge.
No change in functionality.
BUG=chromium:611535
BRANCH=none
TEST=make -j runtests; build bob firmware and boot it
Change-Id: I5715cb8d88274164a1a73ed4a56bbd93af46f9bf
Signed-off-by: Randall Spangler <rspangler@chromium.org>
Reviewed-on: https://chromium-review.googlesource.com/852798
Commit-Ready: ChromeOS CL Exonerator Bot <chromiumos-cl-exonerator@appspot.gserviceaccount.com>
Reviewed-by: Stefan Reinauer <reinauer@chromium.org>
|
