| Commit message (Collapse) | Author | Age | Files | Lines |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
This change adds a command to cgpt to
change the GUID of the drive.
BRANCH=none
BUG=None
TEST=Compiled and ran utility to verify that GUID changes.
Also verified that the new and existing tests completed
successfully.
Change-Id: Ia8a815447509626312e2b06c6f293901290c73c3
Signed-off-by: Matt Delco <delco@google.com>
Reviewed-on: https://chromium-review.googlesource.com/1171834
Reviewed-by: Julius Werner <jwerner@chromium.org>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
A later change I authored has the tests check the GUID of the drive.
When the primary table is ignored the GUID from the secondary wasn't
being displayed either. This change has the details of the secondary
table get displayed when the primary table is ignored.
BRANCH=none
BUG=None
TEST=Compiled. The change was runtime tested as part of a larger change though
I didn't unit test this particular change after it was split out into a
separate commit.
Change-Id: I300511cf65c67f4888e08ab49cd72c7acf234507
Signed-off-by: Matt Delco <delco@google.com>
Reviewed-on: https://chromium-review.googlesource.com/1173410
Reviewed-by: Julius Werner <jwerner@chromium.org>
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
BUG=b:112520234
TEST=make runtests
BRANCH=master
Change-Id: I84ea07f948fec9aa2945c10831f434e77b0e435d
Signed-off-by: Ting Shen <phoenixshen@google.com>
Reviewed-on: https://chromium-review.googlesource.com/1172305
Commit-Ready: Hung-Te Lin <hungte@chromium.org>
Tested-by: Ting Shen <phoenixshen@chromium.org>
Reviewed-by: Hung-Te Lin <hungte@chromium.org>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Unibuilds, such as Octopus, generate long lines listing the
individual board names.
Removing a check which is restricting the unibuilds ability to add
additional boards to the list.
BUG=chromium:873552
BRANCH=none
TEST=none
Change-Id: I080f4f251935eb19ee3377556500a5bd98117a2f
Reviewed-on: https://chromium-review.googlesource.com/1173256
Commit-Ready: Bob Moragues <moragues@chromium.org>
Tested-by: Bob Moragues <moragues@chromium.org>
Reviewed-by: Julius Werner <jwerner@chromium.org>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
This commit switches from claiming 33 bytes of NVRAM for the compressed
representation of a prime256v1 compressed public key to 32 bytes for its
SHA256 hash. This makes it easier to process with the standard OpenSSL
binary.
BUG=chromium:845589
TEST=make runtests
BRANCH=none
Change-Id: Ic641b800bcbf2158d52ffbebbf143c47061e8cc3
Reviewed-on: https://chromium-review.googlesource.com/1161496
Commit-Ready: Tudor Brindus <tbrindus@chromium.org>
Tested-by: Tudor Brindus <tbrindus@chromium.org>
Reviewed-by: Randall Spangler <rspangler@chromium.org>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Port CL:1009444 to ToT.
Adds (enable|disable)_alt_os_request flag for AltOS boot flow.
BRANCH=none
BUG=b:70804764
TEST=1. make runtests
2. Manually, set and get new flags via crossystem
Change-Id: Ie7fe2620f736335f11c39cbfe37b3fdf400ff926
Reviewed-on: https://chromium-review.googlesource.com/1014840
Commit-Ready: ChromeOS CL Exonerator Bot <chromiumos-cl-exonerator@appspot.gserviceaccount.com>
Tested-by: Ting Shen <phoenixshen@chromium.org>
Reviewed-by: Randall Spangler <rspangler@chromium.org>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Problem files were found with:
find . -name '*.c' -o -name '*.h' | xargs grep '^ [^*]'
and edited manually.
Ignores utility/ and cgpt/, since they seem to globally adhere
to a two-space tab convention.
BUG=None
TEST=make clean runtests
TEST=emerge vboot_reference depthcharge
Change-Id: I5a678484a119c8f1911f717e1968bdb4f1a0810f
Reviewed-on: https://chromium-review.googlesource.com/1160131
Commit-Ready: Joel Kitching <kitching@chromium.org>
Tested-by: Joel Kitching <kitching@chromium.org>
Reviewed-by: Randall Spangler <rspangler@chromium.org>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
This commit adds a flag recoverysw_is_virtual for determining whether a
device's recovery switch status (as given by recoverysw_cur) is from a
physical button or a line connected to Servo, without a physical button
(e.g. veyron_minnie).
BRANCH=none
BUG=chromium:845589
TEST=manually tested on cave and veyron_minnie; make runtests
Change-Id: If8e54e1df78b25a52dbf359ce641bea75533d705
Reviewed-on: https://chromium-review.googlesource.com/1157537
Commit-Ready: Tudor Brindus <tbrindus@chromium.org>
Tested-by: Tudor Brindus <tbrindus@chromium.org>
Reviewed-by: Randall Spangler <rspangler@chromium.org>
Reviewed-by: Julius Werner <jwerner@chromium.org>
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Copied from depthcharge.
BUG=none
BRANCH=none
TEST=formatted some code
Change-Id: I9b9916df7da6195c753f2ce9ddbf37baf8a3e747
Signed-off-by: Raul E Rangel <rrangel@chromium.org>
Reviewed-on: https://chromium-review.googlesource.com/1160930
Reviewed-by: Martin Roth <martinroth@chromium.org>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Previously, vbutil_what_keys assumed any input files
of size 8 MB or lower are firmware images. Push that
size up to 16 MB to support larger firmware images,
such as that of eve's.
BUG=None
TEST=vbutil_what_keys on eve image.bin
Change-Id: Iaf07ad3f419f5e79584391a2b846100e3fae61dc
Reviewed-on: https://chromium-review.googlesource.com/1156326
Commit-Ready: Joel Kitching <kitching@chromium.org>
Tested-by: Joel Kitching <kitching@chromium.org>
Reviewed-by: Bill Richardson <wfrichar@chromium.org>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
To speed things up, support stripping /boot from a rootfs block device.
This way we can mount an image via loopback and pass that in directly.
BRANCH=None
BUG=chromium:714598
TEST=strip_boot_from_image.sh on image files works, and on loopback partitions
Change-Id: Ie74d3f239ac29533f4325d0c1f75e3cce5fab7a5
Reviewed-on: https://chromium-review.googlesource.com/1152075
Commit-Ready: ChromeOS CL Exonerator Bot <chromiumos-cl-exonerator@appspot.gserviceaccount.com>
Tested-by: Mike Frysinger <vapier@chromium.org>
Reviewed-by: David Riley <davidriley@chromium.org>
Reviewed-by: Chris Ching <chingcodes@chromium.org>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
This commit claims a TPM space for a 33-byte P256 EC
compressed public key used in OOBE autoconfig validation.
BUG=chromium:793878
TEST=make runtests; precq
BRANCH=none
Change-Id: I12bf8243ceb2a0029b015964ea7a2ae2f56bb080
Reviewed-on: https://chromium-review.googlesource.com/1149073
Commit-Ready: ChromeOS CL Exonerator Bot <chromiumos-cl-exonerator@appspot.gserviceaccount.com>
Tested-by: Tudor Brindus <tbrindus@chromium.org>
Reviewed-by: Randall Spangler <rspangler@chromium.org>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Require that the container passed in is the one containing
the specified key, and no other key. So if only one key is
present it must be the specified key.
BUG=chromium:863464
TEST=run locally
BRANCH=None
Change-Id: Ieeca5773f35b7bf92beae8a2192ed6e6fd9008e6
Reviewed-on: https://chromium-review.googlesource.com/1136910
Commit-Ready: ChromeOS CL Exonerator Bot <chromiumos-cl-exonerator@appspot.gserviceaccount.com>
Tested-by: Nick Sanders <nsanders@chromium.org>
Reviewed-by: Bob Moragues <moragues@chromium.org>
Reviewed-by: Mike Frysinger <vapier@chromium.org>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
When the root is default RW mounted, we found that the system is more
fragile due to suspend and resume tests.
It is found that in early builds, many projects tend to need minor fixes
in test image rootfs, for example kernel modules or files read by
kernel. Currently the only way to update those files is to reflash whole
images, but that's not very practical when the network in manufacturing
line is pretty slow. It would be better if we can change a single file.
As a result, we want to allow setting the default root mount option when
running make_dev_ssd.sh. The new --nodefault_rw_root allows disabling
rootfs verification but still mounting rootfs as RO, which makes better
chances for system to be stable, and changes can still be made by an
explicit 'mount -o rw,remount /'.
BUG=None
TEST=./make_dev_ssd.sh --remove_rootfs_verification --nodefault_rw_root
Change-Id: Ie2675e25b77e638ba6c3be8e2a2a3887a95582fc
Reviewed-on: https://chromium-review.googlesource.com/1137966
Commit-Ready: Hung-Te Lin <hungte@chromium.org>
Tested-by: Hung-Te Lin <hungte@chromium.org>
Reviewed-by: Randall Spangler <rspangler@chromium.org>
|
|
|
|
|
|
|
|
|
|
|
|
| |
BUG=None
TEST=precq passes
BRANCH=None
Change-Id: Ie2062b74671e5f3724cb0d2141b31b53f02123ba
Reviewed-on: https://chromium-review.googlesource.com/1132412
Commit-Ready: Mike Frysinger <vapier@chromium.org>
Tested-by: Mike Frysinger <vapier@chromium.org>
Reviewed-by: Randall Spangler <rspangler@chromium.org>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
We do not want to upgrade the TCPC firmware if the TCPC is the only
source of power. Use this new return code to communicate to depthcharge
that we do not want upgrade at this time.
BRANCH=none
BUG=b:78334391
TEST=if PS8751 is the only source of power, then upgrade will gracefully
skip.
Change-Id: I062c79a2d01f779c30873d48ff4301aca071cca3
Signed-off-by: Jett Rink <jettrink@chromium.org>
Reviewed-on: https://chromium-review.googlesource.com/1123105
Reviewed-by: Simon Glass <sjg@chromium.org>
Reviewed-by: Furquan Shaikh <furquan@chromium.org>
Reviewed-by: Duncan Laurie <dlaurie@google.com>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
All accessories leverage the key format of Hammer therefore this
script calls Hammer's one to generate a key pair and renames them.
BUG=b:110880196
TEST=Run this script in the chroot.
BRANCH=None
Change-Id: I955f28fbe2c1dab1b5f76672c34e6022660a77ed
Reviewed-on: https://chromium-review.googlesource.com/1121632
Commit-Ready: ChromeOS CL Exonerator Bot <chromiumos-cl-exonerator@appspot.gserviceaccount.com>
Tested-by: Nick Sanders <nsanders@chromium.org>
Reviewed-by: Mike Frysinger <vapier@chromium.org>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Add "arm64" support to Makefile to use crossystem_arch.c
implementation from host/arm/lib directory, in order to avoid
the code duplication.
BUG=None
TEST='emerge-arm64-generic vboot_reference' works correctly
BRANCH=None
Change-Id: I349f8b2055c9be6ebaeb6f322e3b22260465dd5a
Reviewed-on: https://chromium-review.googlesource.com/1082195
Commit-Ready: Adam Kallai <kadam@inf.u-szeged.hu>
Tested-by: Adam Kallai <kadam@inf.u-szeged.hu>
Reviewed-by: Randall Spangler <rspangler@chromium.org>
Reviewed-by: Mike Frysinger <vapier@chromium.org>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
UEFI firmware implementations are unlikely to validate the "days".
However we'd better specify a reasonable value. We learned that
setting the "days" argument to a large number can cause unexpected
results due to overflow.
GCE team has decided to set this value as 10 years.
BUG=b:62189155
TEST=None
BRANCH=none
Change-Id: If0375251b41e9584708355a6fd32192aa5ad0c1a
Reviewed-on: https://chromium-review.googlesource.com/1088165
Commit-Ready: Edward Jee <edjee@google.com>
Tested-by: Edward Jee <edjee@google.com>
Reviewed-by: Mike Frysinger <vapier@chromium.org>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
vbutil_kernel already supports 64bit arm architecture,
but it just allows "aarch64" option. However other script,
for example build_kernel_image uses ARCH environment variable,
which for arm64-generic overlay is defined as "arm64".
So vbutil_kernel will refuse the call.
BUG=None
TEST=run vbutil_kernel --arch=arm64
Check that the "Unknown architecture string: arm64" is gone
BRANCH=None
Change-Id: I94c547d6b6940ab8c622a6b8cff49b5f83c1fcad
Reviewed-on: https://chromium-review.googlesource.com/1080529
Commit-Ready: Adam Kallai <kadam@inf.u-szeged.hu>
Tested-by: Adam Kallai <kadam@inf.u-szeged.hu>
Reviewed-by: Mike Frysinger <vapier@chromium.org>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Now that initramfs, firmware updater, and auto-updater are all using
dynamically linked programs, there's no need to produce a static
build of crossystem anymore.
BUG=chromium:765499
TEST=precq passes (includes vmtests w/AU)
BRANCH=None
Change-Id: I5aa123e662040ff5d9f2328c0f036b648fc629fb
Reviewed-on: https://chromium-review.googlesource.com/667881
Commit-Ready: Mike Frysinger <vapier@chromium.org>
Tested-by: Mike Frysinger <vapier@chromium.org>
Reviewed-by: Hung-Te Lin <hungte@chromium.org>
Reviewed-by: Don Garrett <dgarrett@chromium.org>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
In case PK has been generated in HSM, no need to generate them in
software.
BUG=b:62189155
TEST=See CL:*630434.
BRANCH=none
Change-Id: I2180b340e992b678e46920a1142d3b7101c8158f
Reviewed-on: https://chromium-review.googlesource.com/1071242
Commit-Ready: Edward Jee <edjee@google.com>
Tested-by: Edward Jee <edjee@google.com>
Reviewed-by: Mike Frysinger <vapier@chromium.org>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
This CL retries reads and writes from/to TPM device if an error
is returned by read()/write(), up to 3 total attempts.
This is useful case of transient TPM communication errors that go
away after a single retry. Without this CL, after such errors the
encstateful key might be regenerated and encstateful data wiped.
BRANCH=none
BUG=chromium:702724
TEST=1) normal boot still works;
2) simulate a single error, verify that it retries.
Change-Id: I259882209df0aad66cd083729f746ea45909922b
Reviewed-on: https://chromium-review.googlesource.com/1067939
Commit-Ready: Andrey Pronin <apronin@chromium.org>
Tested-by: Andrey Pronin <apronin@chromium.org>
Reviewed-by: Andrey Pronin <apronin@chromium.org>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
The BINF3 (VBT7) reflects the firmware type, and we need that to
describe which type of firmware was booted.
The 'legacy' did not have its own value definition, but without that we
can't make sure if the system is running a non-chrome firmware or simply
entered legacy boot path. CL:1054307 introduced a new value (0x4) for
legacy type and we should handle it in crossystem mainfw_type command.
BUG=b:79130310
TEST=emerge-eve coreboot depthcharge chromeos-bootimage;
Boot in legacy mode and see crossystem reporting 'legacy' for
mainfw_type.
Change-Id: I4a1165e547e70c634d45054f56d1357ae5af2a83
Reviewed-on: https://chromium-review.googlesource.com/1068556
Commit-Ready: Hung-Te Lin <hungte@chromium.org>
Tested-by: Hung-Te Lin <hungte@chromium.org>
Reviewed-by: Randall Spangler <rspangler@chromium.org>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Some of the tools and utilities in vboot_reference do not build
with sanitizers enabled. To avoid this, do not build them
when NO_BUILD_TOOLS is defined.
CQ-DEPEND=CL:1060156
BUG=chromium:841588
TEST=USE="fuzzer" emerge-amd64-generic vboot_reference does not build host tools
TEST=emerge-falco vboot_reference builds all tools.
Change-Id: If238c98d4058db20765731237153bc6969a06375
Reviewed-on: https://chromium-review.googlesource.com/1060154
Commit-Ready: Manoj Gupta <manojgupta@chromium.org>
Tested-by: Manoj Gupta <manojgupta@chromium.org>
Reviewed-by: Randall Spangler <rspangler@chromium.org>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
This sets O_CLOEXEC when opening the TPM device to make sure the file
descriptor isn't shared across processes. The TPM character device
exposes the raw communication channel to send/receive commands to/from
the TPM. The TPM is not designed for concurrent access by multiple
users and the kernel driver already returns EBUSY on open when a
different process has already opened it. Consequently, it only makes
sense to have the /dev/tpm0 file descriptor be closed automatically on
exec().
None of the callers I'm aware of need to share the TPM file descriptor
across processes, and mount-encrypted has some ad-hoc code to close the
descriptor when it does fork+exec to spawn a helper. The existing code
isn't consistent and comprehensive (mount-encrypted spawns other
helpers where it forgets to close the file descriptor), so the plan is
to set O_CLOEXEC and remove the ad-hoc code.
BRANCH=None
BUG=None
TEST=Compiles, passes tests, image boots.
Change-Id: Ia6e73fb12e8f2ed8fe99b4c53ea6eb8cda4a21f5
Reviewed-on: https://chromium-review.googlesource.com/1055569
Commit-Ready: Mattias Nissler <mnissler@chromium.org>
Tested-by: Mattias Nissler <mnissler@chromium.org>
Reviewed-by: Andrey Pronin <apronin@chromium.org>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
firmware_keys field in the HWID database also contains hash of recovery
key so need this information as well in order to deprecate firmware_keys
field.
BUG=chromium:763328
TEST=1) ~/trunk/src/platform/vboot_reference/scripts/image_signing/sign_official_build.sh
recovery ./chromeos_10644.0.0_soraka_recovery_dev-channel_mp.bin
./src/platform/vboot_reference/tests/devkeys ./output.bin
2) verify output file - VERSION.signer.
BRANCH=None
Change-Id: If2be93723e95d46fc0546239695be27c3229275c
Reviewed-on: https://chromium-review.googlesource.com/1053334
Commit-Ready: Marco Chen <marcochen@chromium.org>
Tested-by: Marco Chen <marcochen@chromium.org>
Reviewed-by: Wei-Han Chen <stimim@chromium.org>
Reviewed-by: C Shapiro <shapiroc@google.com>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
chromoes-tpm-recovery was misspelled,
correct to chromeos-tpm-recovery
BRANCH=None
BUG=None
TEST=None
Change-Id: Ia3109348eed59f27b08d5261fbcc3d1d93067e89
Reviewed-on: https://chromium-review.googlesource.com/1043494
Commit-Ready: Nick Sanders <nsanders@chromium.org>
Tested-by: Nick Sanders <nsanders@chromium.org>
Reviewed-by: Vadim Bendebury <vbendeb@chromium.org>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
CL:866522 supported the case of loem and uni-build projects but not for
the project with one key only. After this CL, `gooftool finalize` can
refer to VERSION.signer in order to get correct firmware key hash from
recovery image. As the result, firmware_keys field can be removed from
HWID database.
BUG=chromium:763328
TEST=1) ~/trunk/src/platform/vboot_reference/scripts/image_signing/sign_official_build.sh
recovery ./chromeos_10644.0.0_soraka_recovery_dev-channel_mp.bin
./src/platform/vboot_reference/tests/devkeys ./output.bin
2) verify output file - VERSION.signer.
BRANCH=None
Change-Id: I376cd7038c0fe1d5cc71cb39cbabeb5e79994407
Reviewed-on: https://chromium-review.googlesource.com/1051429
Commit-Ready: Marco Chen <marcochen@chromium.org>
Tested-by: Marco Chen <marcochen@chromium.org>
Reviewed-by: Marco Chen <marcochen@chromium.org>
Reviewed-by: C Shapiro <shapiroc@google.com>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Newer versions of util-linux/mount don't like when you create overlapping
loopback files. Since we always create a loopback of the entire image,
this means every mount fails.
We can change the few users in here over to using the existing loopback
partitions rather than continuing to create their own from scratch. This
makes the code a bit simpler.
However, we currently duplicate some of the mount image helpers so that
one version works off of a disk image while the other uses loopbacks.
Cleaning this up requires a number of changes in other files which we'll
want to do eventually, just not right now (to minimize risk).
BUG=chromium:714598
TEST=image signing works on newer gLinux installs
BRANCH=None
Change-Id: I31b35636b3b271e97070d283f8cb74d3183d8ec8
Reviewed-on: https://chromium-review.googlesource.com/1034435
Commit-Ready: Mike Frysinger <vapier@chromium.org>
Tested-by: Mike Frysinger <vapier@chromium.org>
Reviewed-by: Jason Clinton <jclinton@chromium.org>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Dumping md5sum information along the way of signing bios.bin to shed
some lights on the signing process in order to debug the first slot
issue.
BUG=b:77252439
TEST=None
BRANCH=None
Change-Id: I5083d6db2eee42c5cc9588606f95bbffba0c00ff
Reviewed-on: https://chromium-review.googlesource.com/1036802
Commit-Ready: YH Lin <yueherngl@chromium.org>
Tested-by: YH Lin <yueherngl@chromium.org>
Reviewed-by: C Shapiro <shapiroc@google.com>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
This was an oversight from a previous CL:1007498 that removed the 512 block
size restrictions.
BUG=b:77540192
BRANCH=none
TEST=manual
make runtests passed.
Change-Id: I75b3ffebcc25afdde3774bcbb4a9600215a04436
Reviewed-on: https://chromium-review.googlesource.com/1031193
Commit-Ready: Sam Hurst <shurst@google.com>
Tested-by: Sam Hurst <shurst@google.com>
Reviewed-by: Julius Werner <jwerner@chromium.org>
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
BUG=b:78577893
BRANCH=None
TEST=None
Change-Id: I1905f53aadb0ae882dc4cf9f4fd214b4ccdfc440
Signed-off-by: Furquan Shaikh <furquan@google.com>
Reviewed-on: https://chromium-review.googlesource.com/1029429
Commit-Ready: Furquan Shaikh <furquan@chromium.org>
Tested-by: Furquan Shaikh <furquan@chromium.org>
Reviewed-by: Duncan Laurie <dlaurie@google.com>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Follow up the code review comments on CL:995175, which was merged as
1493e938e45535f86b7132a83123c6319eacb217
("image_signing: sign UEFI binaries")
BUG=b:62189155
TEST=See CL:*613656
BRANCH=none
Change-Id: Ic01bfbbfe39fbfb85c0f313ab62bbcd3e2fbb9a3
Reviewed-on: https://chromium-review.googlesource.com/1024919
Commit-Ready: Edward Jee <edjee@google.com>
Tested-by: Edward Jee <edjee@google.com>
Reviewed-by: Mike Frysinger <vapier@chromium.org>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Follow up the code review comments on CL:995174, which was merged as
7dff0105d66fa597741604cf1652a72c7a8463ac
("keygeneration: add support for UEFI key generation")
BUG=b:62189155
TEST=With CL:*613656, set up a local signer and tested key generation
and signing.
Also, manually ran the scripts like the following.
$ export PATH=$(readlink -f ../../../cros-signing/signer/signingtools-bin):$PATH
$ cd scripts/keygeneration && ./create_new_keys.sh --uefi --output ./key
$ chmod -R u+w key/uefi
$ ./uefi/increment_kek_key.sh key/uefi
$ ./uefi/increment_kek_key.sh key/uefi
$ ./uefi/increment_db_child_key.sh key/uefi
$ ./uefi/increment_db_child_key.sh key/uefi
$ ./uefi/increment_db_child_key.sh key/uefi
$ ./uefi/increment_db_key.sh key/uefi
$ ./uefi/increment_db_child_key.sh key/uefi
$ ./uefi/increment_db_key.sh key/uefi
$ ./uefi/increment_db_child_key.sh key/uefi
$ ./uefi/increment_db_child_key.sh key/uefi
$ openssl x509 -noout -subject -in key/uefi/db/db.children/db_child.pem
BRANCH=none
Change-Id: I6c0cd47914a0a77970cd074fe087bba33c16cffc
Reviewed-on: https://chromium-review.googlesource.com/1024918
Commit-Ready: Edward Jee <edjee@google.com>
Tested-by: Edward Jee <edjee@google.com>
Reviewed-by: Mike Frysinger <vapier@chromium.org>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Follow up the code review comments on CL:995174, which was merged as
7dff0105d66fa597741604cf1652a72c7a8463ac
("keygeneration: add support for UEFI key generation")
BUG=b:62189155
TEST=See the following commit.
BRANCH=none
Change-Id: Id642029010e4eea51ec1f7d23240678f3f07e872
Reviewed-on: https://chromium-review.googlesource.com/1024917
Commit-Ready: Edward Jee <edjee@google.com>
Tested-by: Edward Jee <edjee@google.com>
Reviewed-by: Mike Frysinger <vapier@chromium.org>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Signature Scheme V2 was introduced in N.
TEST=(prepare)
1. Produce A.img by running the original sign_android_image.sh on a
test image.
2. Produce B.img by running the new sign_android_image.sh on the
same image.
TEST=Check Settings.apk with apksigner. Saw only v1 signature exists
with A.img, and only v2 exists with B.img, as expected.
Certificates on both APKs have the same fingerprint.
TEST=Login with A to create a new /data state, then login with B.
Platform apps still run. No signature error in logcat.
BRANCH=none
BUG=b:67942659
Change-Id: Ibabc399563bfdc92836856a377997405cc660483
Reviewed-on: https://chromium-review.googlesource.com/993153
Commit-Ready: Victor Hsieh <victorhsieh@chromium.org>
Tested-by: Victor Hsieh <victorhsieh@chromium.org>
Reviewed-by: Bernie Thompson <bhthompson@chromium.org>
Reviewed-by: Mike Frysinger <vapier@chromium.org>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Whiskers decided to leverage the key format of Hammer therefore this
script calls Hammer's one to generate a key pair and renames them to
key_whiskers*.
BUG=b:78254017
TEST=Run this script in the chroot and verify the generated key pair.
BRANCH=None
Change-Id: Iae7097a3b2da1b134fa1a986c669704bbbaca4e9
Reviewed-on: https://chromium-review.googlesource.com/1018591
Commit-Ready: Patrick Berny <pberny@chromium.org>
Tested-by: Patrick Berny <pberny@chromium.org>
Reviewed-by: Jason Clinton <jclinton@chromium.org>
Reviewed-by: Bob Moragues <moragues@chromium.org>
|
|
|
|
|
|
|
|
|
|
|
|
| |
BUG=b:62189155
TEST=See CL:*601769
BRANCH=none
Change-Id: Id9569616bae0d5f44c1c96e18522ace244a5aae8
Reviewed-on: https://chromium-review.googlesource.com/995175
Commit-Ready: Edward Jee <edjee@google.com>
Tested-by: Edward Jee <edjee@google.com>
Reviewed-by: Jason Clinton <jclinton@chromium.org>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Generated with the following commands.
$ mkdir tests/devkeys/uefi
$ ./scripts/keygeneration/uefi/create_new_uefi_keys.sh tests/devkeys/uefi lakitu
$ rm -f tests/devkeys/uefi/{pk,kek,db,dbx}/*.rsa
BUG=b:62189155
TEST=See the following commit.
BRANCH=none
Change-Id: I996081c30fbfa89d07dba9252128dc214530e71f
Reviewed-on: https://chromium-review.googlesource.com/994179
Commit-Ready: Edward Jee <edjee@google.com>
Tested-by: Edward Jee <edjee@google.com>
Reviewed-by: Jason Clinton <jclinton@chromium.org>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
BUG=b:62189155
TEST=With CL:*601769, set up a local signer and tested key generation
and signing.
Also, manually ran the scripts like the following.
$ export PATH=$(readlink -f ../../../cros-signing/signer/signingtools-bin):$PATH
$ cd scripts/keygeneration && ./create_new_keys.sh --uefi --board lakitu --output ./key
$ ./uefi/increment_kek_key.sh key/uefi lakitu
$ ./uefi/increment_kek_key.sh key/uefi lakitu
$ ./uefi/increment_db_child_key.sh key/uefi lakitu
$ ./uefi/increment_db_child_key.sh key/uefi lakitu
$ ./uefi/increment_db_child_key.sh key/uefi lakitu
$ ./uefi/increment_db_key.sh key/uefi lakitu
$ ./uefi/increment_db_child_key.sh key/uefi lakitu
$ ./uefi/increment_db_key.sh key/uefi lakitu
$ ./uefi/increment_db_child_key.sh key/uefi lakitu
$ ./uefi/increment_db_child_key.sh key/uefi lakitu
$ openssl x509 -noout -subject -in key/uefi/db.children/db_child.pem
BRANCH=none
Change-Id: I9276269a2a66c57f4e99deafec3b90d6cbf52244
Reviewed-on: https://chromium-review.googlesource.com/995174
Commit-Ready: Edward Jee <edjee@google.com>
Tested-by: Edward Jee <edjee@google.com>
Reviewed-by: Jason Clinton <jclinton@chromium.org>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
This change adds a new NV and GBB flag for controlling USB device
mode behavior, adding an additional step to enable UDC on systems
that support it.
Users of this feature will need to first enable developer mode and
then enable UDC separately by running "crossystem dev_enable_udc=1".
Alternatively those without write protect enabled can set a GBB
flag to have UDC enabled by default while in developer mode.
This is based on the security reviewed proposal at
https://docs.google.com/document/d/1b6avd9xvhvljN_NKtctWrClj4mSYZ_uPmp7MmAnPwqs
BUG=b:74339386
BRANCH=poppy
TEST=manual testing on Eve device
Change-Id: I6f440320f28b033639b53246d3034bc8acc37a33
Signed-off-by: Duncan Laurie <dlaurie@google.com>
Reviewed-on: https://chromium-review.googlesource.com/1010769
Reviewed-by: Randall Spangler <rspangler@chromium.org>
Reviewed-by: Furquan Shaikh <furquan@chromium.org>
|
|
|
|
|
|
|
|
|
|
|
|
| |
BUG=b:78009842
Change-Id: I50de5d69309a25411c907425675eace330de7615
Signed-off-by: Shaunak Saha <shaunak.saha@intel.com>
Signed-off-by: Hannah Williams <hannah.williams@intel.com>
Reviewed-on: https://chromium-review.googlesource.com/742490
Commit-Ready: Aaron Durbin <adurbin@chromium.org>
Tested-by: Hannah Williams <hannah.williams@intel.corp-partner.google.com>
Reviewed-by: Furquan Shaikh <furquan@chromium.org>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Add a command that checks whether the well-known secret (SHA1 hash of
20 zero bytes) works for owner authentication. This is accomplished by
sending a DefineSpace command for TPM_NV_INDEX_TRIAL, which will
trigger auth checks but not actually allocate an NVRAM space.
Successful command execution thus indicates that authorization was
successful. tpmc exposes the status via its exit status. This will be
used in the tpm-firmware-updater driver script to verify that the TPM
is in upgradable state.
BRANCH=None
BUG=chromium:788719
TEST=compiles
Change-Id: I630831127e0e01186650412a92643c2153fbe2ee
Reviewed-on: https://chromium-review.googlesource.com/978171
Trybot-Ready: Mattias Nissler <mnissler@chromium.org>
Tested-by: Mattias Nissler <mnissler@chromium.org>
Reviewed-by: Andrey Pronin <apronin@chromium.org>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
The new TlclGetSpaceInfo function returns more detailed information
about a defined NVRAM space. The existing TlclGetPermissions function
is now using TlclGetSpaceInfo behind the scenes.
BRANCH=None
BUG=chromium:788719
TEST=New unit tests.
Change-Id: I6c4f490d575788b696fd742a69e81e2767ec50f1
Reviewed-on: https://chromium-review.googlesource.com/937705
Trybot-Ready: Mattias Nissler <mnissler@chromium.org>
Tested-by: Mattias Nissler <mnissler@chromium.org>
Reviewed-by: Andrey Pronin <apronin@chromium.org>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Add the remaining constants for NVRAM space attributes. The code
previously only declared the ones required in vboot_reference, but
that led to other code growing its own ad-hoc declarations for missing
constants. Just declare them all to simplify things.
BRANCH=None
BUG=chromium:788719
TEST=compiles
Change-Id: I749ae5e4dc1b2ba56121fe42fd136b505d8cae80
Reviewed-on: https://chromium-review.googlesource.com/937704
Trybot-Ready: Mattias Nissler <mnissler@chromium.org>
Tested-by: Mattias Nissler <mnissler@chromium.org>
Reviewed-by: Mattias Nissler <mnissler@chromium.org>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Adds two new functions and their corresponding TPM commands to create
delegation families and list the delegation family table, respectively.
This isn't sufficient to meaningfully manage delegation families, but good
enough for the (ab)use case of storing flags in delegation family labels, which
we are going to do in order to strengthen encrypted stateful to guarantee
recreation of the encrypted file system after TPM clear..
BRANCH=None
BUG=chromium:788719
TEST=new unit tests
Change-Id: I31beb662784a8fff450b485c7cabc553944d7772
Reviewed-on: https://chromium-review.googlesource.com/817199
Trybot-Ready: Mattias Nissler <mnissler@chromium.org>
Tested-by: Mattias Nissler <mnissler@chromium.org>
Reviewed-by: Andrey Pronin <apronin@chromium.org>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Add a TlclDefineSpaceEx function that allows to pass additional
parameters when creating NVRAM spaces, i.e. owner authorization as
well as PCR bindings.
BRANCH=None
BUG=chromium:788719
TEST=New unit tests.
Change-Id: I73404c05528a89604fea3bcb1f00741fb865ba77
Reviewed-on: https://chromium-review.googlesource.com/814114
Reviewed-by: Andrey Pronin <apronin@chromium.org>
Trybot-Ready: ChromeOS CL Exonerator Bot <chromiumos-cl-exonerator@appspot.gserviceaccount.com>
Trybot-Ready: Mattias Nissler <mnissler@chromium.org>
Tested-by: Mattias Nissler <mnissler@chromium.org>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Add the ability to take TPM ownership. This requires two new commands:
TPM_OIAP to start an auth session and TPM_TakeOwnership to establish
ownership. TPM_TakeOwnership requires an auth session and proper
command authentication to work, which is also added.
BRANCH=None
BUG=chromium:788719
TEST=new unit tests
Change-Id: Ib70144eedb0b1c7c43b26c06529d33ccbaa51a0e
Reviewed-on: https://chromium-review.googlesource.com/790414
Reviewed-by: Andrey Pronin <apronin@chromium.org>
Tested-by: Mattias Nissler <mnissler@chromium.org>
Trybot-Ready: ChromeOS CL Exonerator Bot <chromiumos-cl-exonerator@appspot.gserviceaccount.com>
Trybot-Ready: Mattias Nissler <mnissler@chromium.org>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Add a TlclReadPubek library function to read the public endorsement
key.
BRANCH=None
BUG=chromium:788719
TEST=New unit tests.
Change-Id: I5f23b76b88198d656f4ba5782d2b4f25aaa082b1
Reviewed-on: https://chromium-review.googlesource.com/790413
Reviewed-by: Andrey Pronin <apronin@chromium.org>
Tested-by: Mattias Nissler <mnissler@chromium.org>
Trybot-Ready: ChromeOS CL Exonerator Bot <chromiumos-cl-exonerator@appspot.gserviceaccount.com>
Trybot-Ready: Mattias Nissler <mnissler@chromium.org>
|