| Commit message (Collapse) | Author | Age | Files | Lines |
|---|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
At present in some cases it takes quite a while to figure out what
enum an error code corresponds to. Add a few comments to make this a
little faster.
BUG=b:191646387
BRANCH=none
TEST=FEATURES=test sudo -E emerge vboot_reference
Signed-off-by: Simon Glass <sjg@chromium.org>
Change-Id: I72311d6fdf3c95284f26f28341f2d7d103f6a616
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/vboot_reference/+/2975085
Reviewed-by: Julius Werner <jwerner@chromium.org>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
MiniOS partitions should not be using the same GUID as the kernel. Refer
to bug as to reasons on why.
```
Using disk_layout_v3.json w/ types as "minios" instead of "kernel" and
checking the GUID uses the new type.
$ /build/zork-minios/usr/bin/cgpt show testimage
start size part contents
0 1 PMBR
1 1 Pri GPT header
2 32 Pri GPT table
40 1 1 Label: ""
Type: ChromeOS miniOS
UUID: 8A23CFDA-316E-B847-ADF2-80C4D1DF6F93
67 32 Sec GPT table
99 1 Sec GPT header
$ /build/zork-minios/usr/bin/cgpt show -n testimage
start size part contents
0 1 PMBR
1 1 Pri GPT header
2 32 Pri GPT table
40 1 1 Label: ""
Type: 09845860-705F-4BB5-B16C-8A8A099CAF52
UUID: 8A23CFDA-316E-B847-ADF2-80C4D1DF6F93
Attr: [0]
67 32 Sec GPT table
99 1 Sec GPT header
```
BUG=b:193182769
TEST=# comment above
BRANCH=none
Signed-off-by: Jae Hoon Kim <kimjae@google.com>
Change-Id: I18beb0c79762d838e580f6af7f4a2601e2980de6
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/vboot_reference/+/3017301
Tested-by: Jae Hoon Kim <kimjae@chromium.org>
Reviewed-by: Mike Frysinger <vapier@chromium.org>
Reviewed-by: Julius Werner <jwerner@chromium.org>
Commit-Queue: Jae Hoon Kim <kimjae@chromium.org>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
After crrev/i/3949327, compression type is not simply determined by
ARC type.
BUG=b:180894807
TEST=sign_official_build.sh and check the log message
BRANCH=none
Signed-off-by: Satoshi Niwa <niwa@google.com>
Cq-Depend: chromium:2999963
Cq-Depend: chrome-internal:3949327
Change-Id: I4b1bf452e0d033b4bb8c2f2c1f91819741f9885c
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/vboot_reference/+/2999823
Tested-by: Satoshi Niwa <niwa@chromium.org>
Reviewed-by: Yury Khmel <khmel@chromium.org>
Reviewed-by: Satoshi Niwa <niwa@chromium.org>
Reviewed-by: Kazuhiro Inaba <kinaba@chromium.org>
Auto-Submit: Satoshi Niwa <niwa@chromium.org>
Commit-Queue: Satoshi Niwa <niwa@chromium.org>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
miniOS requires a distinct kernel data key, whose dev key pair
is added in this CL as minios_kernel_data_key.vb{pub,priv}k.
A distinct keyblock is also required. The keyblock should set
the kernel keyblock flag MINIOS_1. Other keyblocks are modified
appropriately to set MINIOS_0. Keyblocks were generated using
the following commands:
$ futility vbutil_keyblock
--flags 23
--datapubkey tests/devkeys/ec_data_key.vbpubk
--signprivate tests/devkeys/ec_root_key.vbprivk
--pack tests/devkeys/ec.keyblock
Keyblock file: tests/devkeys/ec.keyblock
Signature valid
Flags: 23 !DEV DEV !REC !MINIOS
Data key algorithm: 7 RSA4096 SHA256
Data key version: 1
Data key sha1sum: 5833470fe934be76753cb6501dbb8fbf88ab272b
$ futility vbutil_keyblock
--flags 23
--datapubkey tests/devkeys/firmware_data_key.vbpubk
--signprivate tests/devkeys/root_key.vbprivk
--pack tests/devkeys/firmware.keyblock
Keyblock file: tests/devkeys/firmware.keyblock
Signature valid
Flags: 23 !DEV DEV !REC !MINIOS
Data key algorithm: 7 RSA4096 SHA256
Data key version: 1
Data key sha1sum: e2c1c92d7d7aa7dfed5e8375edd30b7ae52b7450
$ futility vbutil_keyblock
--flags 27
--datapubkey tests/devkeys/recovery_kernel_data_key.vbpubk
--signprivate tests/devkeys/recovery_key.vbprivk
--pack tests/devkeys/recovery_kernel.keyblock
Keyblock file: tests/devkeys/recovery_kernel.keyblock
Signature valid
Flags: 27 !DEV DEV REC !MINIOS
Data key algorithm: 11 RSA8192 SHA512
Data key version: 1
Data key sha1sum: e78ce746a037837155388a1096212ded04fb86eb
$ futility vbutil_keyblock
--flags 43
--datapubkey tests/devkeys/minios_kernel_data_key.vbpubk
--signprivate tests/devkeys/recovery_key.vbprivk
--pack tests/devkeys/minios_kernel.keyblock
Keyblock file: tests/devkeys/minios_kernel.keyblock
Signature valid
Flags: 43 !DEV DEV REC MINIOS
Data key algorithm: 8 RSA4096 SHA512
Data key version: 1
Data key sha1sum: 65441886bc54cbfe3a7308b650806f4b61d8d142
$ futility vbutil_keyblock
--flags 23
--datapubkey tests/devkeys/kernel_data_key.vbpubk
--signprivate tests/devkeys/kernel_subkey.vbprivk
--pack tests/devkeys/kernel.keyblock
Keyblock file: tests/devkeys/kernel.keyblock
Signature valid
Flags: 23 !DEV DEV !REC !MINIOS
Data key algorithm: 4 RSA2048 SHA256
Data key version: 1
Data key sha1sum: d6170aa480136f1f29cf339a5ab1b960585fa444
$ futility vbutil_keyblock
--flags 26
--datapubkey tests/devkeys/installer_kernel_data_key.vbpubk
--signprivate tests/devkeys/recovery_key.vbprivk
--pack tests/devkeys/installer_kernel.keyblock
Keyblock file: tests/devkeys/installer_kernel.keyblock
Signature valid
Flags: 26 DEV REC !MINIOS
Data key algorithm: 11 RSA8192 SHA512
Data key version: 1
Data key sha1sum: e78ce746a037837155388a1096212ded04fb86eb
BUG=b:188121855
TEST=make clean && make runtests
BRANCH=none
Signed-off-by: Joel Kitching <kitching@google.com>
Change-Id: I5b3e4def83ff29ca156b3c84dfcb8398f4985e67
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/vboot_reference/+/2965485
Tested-by: Joel Kitching <kitching@chromium.org>
Reviewed-by: Julius Werner <jwerner@chromium.org>
Commit-Queue: Joel Kitching <kitching@chromium.org>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Subsequent code can potentially access the *log variable after
being set by vb2ex_diag_get_storage_test_log.
BUG=none
TEST=make clean && make runtests
BRANCH=none
Signed-off-by: Joel Kitching <kitching@google.com>
Change-Id: I9c8ed20efecbb4eaff8a8fcdf1f467f7df5147a0
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/vboot_reference/+/2917624
Tested-by: Joel Kitching <kitching@chromium.org>
Commit-Queue: Yu-Ping Wu <yupingso@chromium.org>
Reviewed-by: Yu-Ping Wu <yupingso@chromium.org>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Update dependencies list, and use ${FUTILITY} rather than calling
futility directly.
BUG=b:188121855
TEST=make clean && make runtests
BRANCH=none
Signed-off-by: Joel Kitching <kitching@google.com>
Change-Id: I8a28465937ca82ea9e18edc5d613570a561a3e0e
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/vboot_reference/+/2989639
Reviewed-by: Joel Kitching <kitching@chromium.org>
Tested-by: Joel Kitching <kitching@chromium.org>
Commit-Queue: Joel Kitching <kitching@chromium.org>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
These two types are simply thin wrappers around vbutil_kernel
and are no longer used.
BUG=b:188121855
TEST=make clean && make runtests
BRANCH=none
Signed-off-by: Joel Kitching <kitching@google.com>
Change-Id: Ia9a13f2992eb9de9f6c65525739da5f8e945cb3e
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/vboot_reference/+/2989638
Tested-by: Joel Kitching <kitching@chromium.org>
Commit-Queue: Joel Kitching <kitching@chromium.org>
Reviewed-by: Mike Frysinger <vapier@chromium.org>
Reviewed-by: Julius Werner <jwerner@chromium.org>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Merge aliases "ssd" and "base", since they do the same thing but
only "base" is used in chromite scripts.
Remove "usb" since it is not used anywhere.
BUG=b:188121855
TEST=make clean && make runtests
BRANCH=none
Signed-off-by: Joel Kitching <kitching@google.com>
Change-Id: Ief610387fc1b6d72fe8674b0e4d51d74e6173ddd
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/vboot_reference/+/2989637
Tested-by: Joel Kitching <kitching@chromium.org>
Commit-Queue: Joel Kitching <kitching@chromium.org>
Reviewed-by: Mike Frysinger <vapier@chromium.org>
Reviewed-by: Julius Werner <jwerner@chromium.org>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
- Re-order arguments for consistency with LoadKernel()
- Rename `flags` to `lpflags` for clarity
- Move enum and friends to top of vboot_kernel.c
This CL is part of a series to merge vboot1 and vboot2.0
kernel verification code; see b/181739551.
BUG=b:181739551, b:188121855
TEST=make clean && make runtests
BRANCH=none
Signed-off-by: Joel Kitching <kitching@google.com>
Change-Id: I4a1e1eba9f2c72a1393bba29523fc22944a2d73e
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/vboot_reference/+/2917625
Tested-by: Joel Kitching <kitching@chromium.org>
Commit-Queue: Joel Kitching <kitching@chromium.org>
Reviewed-by: Julius Werner <jwerner@chromium.org>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Store kparams as a pointer in vboot_api_kernel.c, rather than a
full struct passed around as a "buffer copy".
This CL is part of a series to merge vboot1 and vboot2.0
kernel verification code; see b/181739551.
BUG=b:181739551
TEST=make clean && make runtests
BRANCH=none
Signed-off-by: Joel Kitching <kitching@google.com>
Change-Id: I7be7280761564c35e928bc947177b3fce61d6215
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/vboot_reference/+/2856360
Tested-by: Joel Kitching <kitching@chromium.org>
Reviewed-by: Yu-Ping Wu <yupingso@chromium.org>
Reviewed-by: Julius Werner <jwerner@chromium.org>
Commit-Queue: Joel Kitching <kitching@chromium.org>
|
| |
|
|
|
|
|
|
|
|
|
|
|
| |
This enum has changed. Update the one remaining reference.
BUG=b:191646387
BRANCH=none
TEST=FEATURES=test sudo -E emerge vboot_reference
Signed-off-by: Simon Glass <sjg@chromium.org>
Change-Id: If22fa8cdd9a327e9a54dee01caf423caf7ba4efe
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/vboot_reference/+/3002419
Reviewed-by: Julius Werner <jwerner@chromium.org>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
It seems useful to provide a bit more information about why the kernel
failed to load. We have a suitable error code, so show it.
BUG=b:191646387
BRANCH=none
TEST=run through the flow with a VB2_ERROR_LOAD_PARTITION_WORKBUF
error, see it is shown
Signed-off-by: Simon Glass <sjg@chromium.org>
Change-Id: I426f571e1a4f947c97ccf99a399b4c3ab1c32047
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/vboot_reference/+/2975086
Reviewed-by: Joel Kitching <kitching@chromium.org>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
| |
One of the messages is missing a newline. Add it.
BUG=b:191646387
BRANCH=none
TEST=run through the flow and see that the message is correct
Signed-off-by: Simon Glass <sjg@chromium.org>
Change-Id: I5ba16f6665844b5bad6195d1e734f7aaa4ddc325
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/vboot_reference/+/2975084
Reviewed-by: Chung-Sheng Wu <chungsheng@chromium.org>
Reviewed-by: Joel Kitching <kitching@chromium.org>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Latest x86 processors have SHA256 extension which can accelerate hash
computation in vboot.
This is especially helpful on low-end devices where sha256 computation
takes 70ms-90ms, with this CL it is reduced to 10ms.
BUG=b:162551138
BRANCH=zork
TEST=build and boot, check cbmem -t
TEST=run vb2_sha256_x86_tests on dirinboz
Signed-off-by: Kangheui Won <khwon@chromium.org>
Change-Id: I50e123048d54d5061e8d8e0e0ae804a416130948
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/vboot_reference/+/2639457
Reviewed-by: Paul Fagerburg <pfagerburg@chromium.org>
Reviewed-by: Raul E Rangel <rrangel@chromium.org>
Reviewed-by: Julius Werner <jwerner@chromium.org>
Commit-Queue: Raul E Rangel <rrangel@chromium.org>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
vboot has grown code that requires optimizations (notably dead code
elimination) to be enabled to work right and avoid linker reference
errors. For example, the VB2_TRY() macro may or may not emit a call to
vb2api_fail(), based on whether a `ctx` argument was passed. This is
done through an if-statement with a compile-time constant condition, but
the compiler will only actually omit the vb2api_fail() call instruction
when optimizations are enabled. Not all vboot build targets (e.g.
hostlib) provide the vb2api_fail() symbol, so disabling optimizations
may cause link failures for those targets.
GCC and clang offer an -Og option that only enables simple optimizations
(like dead-code elimination) which don't interfere with debugging...
let's just use that instead.
BRANCH=None
BUG=None
TEST=None
Signed-off-by: Julius Werner <jwerner@chromium.org>
Change-Id: Ia972dc498839df80af6ccae8a8203e8c63a5eadc
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/vboot_reference/+/2986801
Reviewed-by: Joel Kitching <kitching@chromium.org>
|
| |
|
|
|
|
|
|
|
|
|
|
|
| |
Fix styling of earlier sections and link to the CrOS os_config guide.
BUG=None
TEST=`crossystem --help` looks nice
BRANCH=None
Signed-off-by: Mike Frysinger <vapier@chromium.org>
Change-Id: I1d5d9b080ee288541619ec4e0e8d550985051558
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/vboot_reference/+/2966239
Reviewed-by: Julius Werner <jwerner@chromium.org>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
On load kernel failure, only call vb2api_fail when in normal
mode.
Previously, the behaviour here was to only call when attempting
to load a kernel from a fixed disk. This maps to (1) normal
mode, and (2) developer mode when booting from an internal disk.
Excluding (2) creates a more consistent experience in developer
mode, and also prepares for a world where recovery kernels might
exist on disk.
This CL is part of a series to merge vboot1 and vboot2.0
kernel verification code; see b/181739551.
BUG=b:181739551, b:188121855
TEST=make clean && make runtests
BRANCH=none
Signed-off-by: Joel Kitching <kitching@google.com>
Change-Id: Ic2c55a073b036be98f4ce9b2e0c7fb3209de74c8
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/vboot_reference/+/2917623
Tested-by: Joel Kitching <kitching@chromium.org>
Commit-Queue: Joel Kitching <kitching@chromium.org>
Reviewed-by: Julius Werner <jwerner@chromium.org>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Move disk validity check to static function is_valid_disk().
If multiple disk types are selected (e.g. REMOVABLE | FIXED),
is_valid_disk() will now check that exactly *one* of those flags
is selected by VbDiskInfo.flags.
Also, split disk flags into two 16-bit sections:
- Disk selection in the lower 16 bits (where the disk lives)
- Disk attributes in the higher 16 bits (extra information about
the disk needed to access it correctly)
This CL is part of a series to merge vboot1 and vboot2.0
kernel verification code; see b/181739551.
BUG=b:181739551
TEST=make clean && make runtests
BRANCH=none
Signed-off-by: Joel Kitching <kitching@google.com>
Change-Id: Icf76ab6e92cca40810071def66aed13cdb3a7ec7
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/vboot_reference/+/2872251
Commit-Queue: Joel Kitching <kitching@chromium.org>
Tested-by: Joel Kitching <kitching@chromium.org>
Reviewed-by: Julius Werner <jwerner@chromium.org>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
LoadKernelParams struct is identical to
VbSelectAndLoadKernelParams. Remove it, and use the public
interface internally.
This CL is part of a series to merge vboot1 and vboot2.0
kernel verification code; see b/181739551.
BUG=b:181739551
TEST=make clean && make runtests
BRANCH=none
Signed-off-by: Joel Kitching <kitching@google.com>
Change-Id: I8b820d18c1e9a66404a7a091aa3ccc1b050a559d
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/vboot_reference/+/2846282
Tested-by: Joel Kitching <kitching@chromium.org>
Commit-Queue: Joel Kitching <kitching@chromium.org>
Reviewed-by: Julius Werner <jwerner@chromium.org>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Pass VbDiskInfo struct into LoadKernel, rather than copying all
of its members into LoadKernelParams. Remove the unused members
from LoadKernelParams.
This CL is part of a series to merge vboot1 and vboot2.0
kernel verification code; see b/181739551.
BUG=b:181739551
TEST=make clean && make runtests
BRANCH=none
Signed-off-by: Joel Kitching <kitching@google.com>
Change-Id: I60957426388c88b16e570b717addb5eaf65b5e4f
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/vboot_reference/+/2846281
Reviewed-by: Joel Kitching <kitching@chromium.org>
Tested-by: Joel Kitching <kitching@chromium.org>
Commit-Queue: Joel Kitching <kitching@chromium.org>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Not needed prior to that.
This CL is part of a series to merge vboot1 and vboot2.0
kernel verification code; see b/181739551.
BUG=b:181739551
TEST=make clean && make runtests
BRANCH=none
Signed-off-by: Joel Kitching <kitching@google.com>
Change-Id: Ia60aa05384384bc1e2981266c33b960115734fae
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/vboot_reference/+/2882527
Tested-by: Joel Kitching <kitching@chromium.org>
Commit-Queue: Joel Kitching <kitching@chromium.org>
Reviewed-by: Julius Werner <jwerner@chromium.org>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Relocate currently-in-use kernel struct functions out
of lib20 namespace, and into:
* 2struct.c for functions required at runtime
* host_common.c for functions required by host
Relocate firmware struct functions from 2common.c
into 2struct.c
vb2_common.h may be deleted as a result.
This CL is part of a series to merge vboot1 and vboot2.0
kernel verification code; see b/181739551.
BUG=b:181739551
TEST=make clean && make runtests
BRANCH=none
Signed-off-by: Joel Kitching <kitching@google.com>
Change-Id: Ic162d9633b6112ddc4a819b3e58d313dc484f304
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/vboot_reference/+/2825269
Tested-by: Joel Kitching <kitching@chromium.org>
Commit-Queue: Joel Kitching <kitching@chromium.org>
Reviewed-by: Julius Werner <jwerner@chromium.org>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Previously, the "Key version too old." error message is printed
even when in dev mode (!need_keyblock_valid). Stop printing this
message when the key version check is not applicable.
This CL is part of a series to merge vboot1 and vboot2.0
kernel verification code; see b/181739551.
BUG=b:181739551
TEST=make clean && make runtests
BRANCH=none
Signed-off-by: Joel Kitching <kitching@google.com>
Change-Id: I1c4605342a2c53c45b74be37f2ba597670654a8e
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/vboot_reference/+/2846252
Tested-by: Joel Kitching <kitching@chromium.org>
Commit-Queue: Joel Kitching <kitching@chromium.org>
Reviewed-by: Julius Werner <jwerner@chromium.org>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
For customization projects, the bios image should be patched by
model first, then the gbb got from the image could be correct.
Reason:
In the function, patch_image_by_model, it will apply the rootkey,
vblock_a and vblock_b of the customization project to the gbb part
of the image.
This change moves the function "find_gbb" to the position after the
function "patch_image_by_model" is called.
BUG=b:188861251
BRANCH=none
TEST=build
Change-Id: I5d80405a2a3b0ecc45e86ca3322b328479b83702
Signed-off-by: Isaac Lee <isaaclee@google.com>
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/vboot_reference/+/2929924
Reviewed-by: Hung-Te Lin <hungte@chromium.org>
|
| |
|
|
|
|
|
|
|
|
|
|
|
| |
Use the existing mount helper so we clean up automatically when exiting.
BUG=None
TEST=CQ passes
BRANCH=None
Change-Id: I882c7f5ea3b54e08745c48378cc50702550cdc71
Signed-off-by: Mike Frysinger <vapier@chromium.org>
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/vboot_reference/+/2923828
Reviewed-by: George Engelbrecht <engeg@google.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Update these scripts to accept a rootfs dir as input so we don't have
to loopback+mount+umount with every invocation. This speeds up the
overall runs.
BUG=None
TEST=scripts still work against image & rootfs dirs
BRANCH=None
Change-Id: I23050faebefd0a19e8ad44cdb76d7cc49c28e570
Signed-off-by: Mike Frysinger <vapier@chromium.org>
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/vboot_reference/+/2923827
Reviewed-by: George Engelbrecht <engeg@google.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Collapse the 4 sudo calls & temporary file into a single call.
This is a bit easier to read and is faster as a result.
We can also hoist the selinux restore to do it only once at the
end if we modified the file.
BUG=None
TEST=set_lsb_release.sh on an image still works
BRANCH=None
Change-Id: I300cf47d017d159d762a62fe2aab789ce391f89a
Signed-off-by: Mike Frysinger <vapier@chromium.org>
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/vboot_reference/+/2923826
Reviewed-by: George Engelbrecht <engeg@google.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
We don't need all this infrastructure for arbitrary cleanups when we
only ever run 2 clean up steps. This also fixes a subtle bug in the
old logic: we registered cleanups in the logical order of (1) mounts
and then (2) loopbacks, but the cleanup loop walks the registered
calls in reverse order. This means the loopback cleanup would fail
and timeout because we hadn't unmounted the partitions yet. The
overall script doesn't fail as cleanup uses `set +e`, but it makes
every script waste ~10 seconds at exit.
BUG=None
TEST=running set_lsb_release.sh on images works quickly now
BRANCH=None
Change-Id: Ibd25ad6ba149c64e08ac3ab860342fe7b2cc7851
Signed-off-by: Mike Frysinger <vapier@chromium.org>
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/vboot_reference/+/2923825
Reviewed-by: George Engelbrecht <engeg@google.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Currently, EC_IN_RW signal is used for the AP to decide whether EC is
running an RO copy or not.
coreboot will set VB2_CONTEXT_EC_TRUSTED based on the EC's boot mode
if supported. It means the EC is in RO and PD is disabled. This patch
makes vb2_allow_recovery check VB2_CONTEXT_EC_TRUSTED prior to
entering recovery mode.
BUG=b:180927027, b:187871195
BRANCH=none
TEST=build
Signed-off-by: Daisuke Nojiri <dnojiri@chromium.org>
Change-Id: Ie7fb337085f9c5f73ee82049d490a719f76a26bb
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/vboot_reference/+/2893095
Reviewed-by: Furquan Shaikh <furquan@chromium.org>
Reviewed-by: Julius Werner <jwerner@chromium.org>
|
| |
|
|
|
|
|
|
|
|
|
| |
This was done on OpenBSD 6.8.
Required packages are: e2fsprogs and gcc.
Change-Id: I86ec080e1ddb90053d81f1edd17d3406e7e737c6
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/vboot_reference/+/2903352
Reviewed-by: Patrick Georgi <pgeorgi@chromium.org>
Tested-by: Patrick Georgi <pgeorgi@chromium.org>
Commit-Queue: Patrick Georgi <pgeorgi@chromium.org>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
This reverts commit 0902a08d74f090b747f59de616abfdf2131b1ae3.
Reason for revert: This causes issues with booting, at least on the guybrush platform.
BUG=b:187953058
TEST=See OS boot failures with this patch in place. Remove patch and guybrush boots fine again.
Original change's description:
> vboot/vboot_kernel: update keyblock flag mismatch logic
>
> A keyblock flag mismatch should cause keyblock verification to
> fail regardless of whether a valid keyblock is required (i.e.
> self-signed keyblock case).
>
> This CL is part of a series to merge vboot1 and vboot2.0
> kernel verification code; see b/181739551.
>
> BUG=b:181739551
> TEST=make clean && make runtests
> BRANCH=none
>
> Signed-off-by: Joel Kitching <kitching@google.com>
> Change-Id: I47096ab7fcf0fbd47a46a9a92a5406e9aa9b3596
> Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/vboot_reference/+/2846251
> Reviewed-by: Julius Werner <jwerner@chromium.org>
> Tested-by: Joel Kitching <kitching@chromium.org>
> Commit-Queue: Joel Kitching <kitching@chromium.org>
Bug: b:181739551
Change-Id: Ie778fd669bc072ba526d2082a3418208d6b28472
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/vboot_reference/+/2891607
Auto-Submit: Martin Roth <martinroth@google.com>
Tested-by: Martin Roth <martinroth@google.com>
Bot-Commit: Rubber Stamper <rubber-stamper@appspot.gserviceaccount.com>
Commit-Queue: Julius Werner <jwerner@chromium.org>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
HexStringToUint32() uses sscanf(), scanning in a hex value, and
capturing the tail as well to figure out if the user passed in too much.
Switch to using a char for that overflow detection rather than a string
to avoid stack corruption. For example:
localhost# tpmc pcrread 999999999999999999999
*** stack smashing detected ***: terminated
Aborted (core dumped)
BUG=None
BRANCH=main
TEST=stop trunksd; tpmc pcrread 999999999999999999999
Signed-off-by: Evan Green <evgreen@chromium.org>
Change-Id: Idefec979d5cf6ab8a83da8654ed5591158807395
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/vboot_reference/+/2893695
Reviewed-by: Andrey Pronin <apronin@chromium.org>
Reviewed-by: Julius Werner <jwerner@chromium.org>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
With the new rollback info space value the node locked images base
needs to be enabled.
BRANCH=none
BUG=b:187438971
TEST=none
Change-Id: I78eafc72766947df81c9b6519bc13633423840d6
Signed-off-by: Vadim Bendebury <vbendeb@chromium.org>
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/vboot_reference/+/2888711
Reviewed-by: Mary Ruthven <mruthven@chromium.org>
Reviewed-by: Mike Frysinger <vapier@chromium.org>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
This commit adds a method to create an empty Firmware Management
Parameters (FWMP) object in secure storage context. This can be used
to initialize the FWMP space just after it's been created by
firmware.
BUG=b:184677625
BRANCH=None
TEST=With other changes in coreboot to create and write the FWMP
space, `emerge-keeby coreboot`.
Signed-off-by: Aseda Aboagye <aaboagye@google.com>
Change-Id: I614975609a44ec18ff018970056e6e45e68265ed
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/vboot_reference/+/2875533
Tested-by: Aseda Aboagye <aaboagye@chromium.org>
Auto-Submit: Aseda Aboagye <aaboagye@chromium.org>
Reviewed-by: Julius Werner <jwerner@chromium.org>
Commit-Queue: Aseda Aboagye <aaboagye@chromium.org>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
A keyblock flag mismatch should cause keyblock verification to
fail regardless of whether a valid keyblock is required (i.e.
self-signed keyblock case).
This CL is part of a series to merge vboot1 and vboot2.0
kernel verification code; see b/181739551.
BUG=b:181739551
TEST=make clean && make runtests
BRANCH=none
Signed-off-by: Joel Kitching <kitching@google.com>
Change-Id: I47096ab7fcf0fbd47a46a9a92a5406e9aa9b3596
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/vboot_reference/+/2846251
Reviewed-by: Julius Werner <jwerner@chromium.org>
Tested-by: Joel Kitching <kitching@chromium.org>
Commit-Queue: Joel Kitching <kitching@chromium.org>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Change conditional checks to match other vboot code.
Instead of:
if (rv != VB2_SUCCESS)
Just use:
if (rv)
Also fix up spacing on a vb2_load_partition call.
This CL is part of a series to merge vboot1 and vboot2.0
kernel verification code; see b/181739551.
BUG=b:181739551
TEST=make clean && make runtests
BRANCH=none
Signed-off-by: Joel Kitching <kitching@google.com>
Change-Id: Ifc6dd5a3e5263d66f279f56919c05064dd49a7a7
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/vboot_reference/+/2835505
Tested-by: Joel Kitching <kitching@chromium.org>
Reviewed-by: Julius Werner <jwerner@chromium.org>
Commit-Queue: Joel Kitching <kitching@chromium.org>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Create vb2_verify_kernel_dev_key_hash to encapsulate
developer key hash checking logic.
Also correct formatting of developer key hash when printed
to console.
This CL is part of a series to merge vboot1 and vboot2.0
kernel verification code; see b/181739551.
BUG=b:181739551
TEST=make clean && make runtests
BRANCH=none
Signed-off-by: Joel Kitching <kitching@google.com>
Change-Id: I0253e1e960fb966b67b4643794585ed8355d8efb
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/vboot_reference/+/2825268
Tested-by: Joel Kitching <kitching@chromium.org>
Reviewed-by: Julius Werner <jwerner@chromium.org>
Commit-Queue: Joel Kitching <kitching@chromium.org>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
This CL is part of a series to merge vboot1 and vboot2.0
kernel verification code; see b/181739551.
BUG=b:181739551
TEST=make clean && make runtests
BRANCH=none
Signed-off-by: Joel Kitching <kitching@google.com>
Change-Id: I155997d96d9edd2c6c2f8a731b8439a835156978
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/vboot_reference/+/2824766
Tested-by: Joel Kitching <kitching@chromium.org>
Reviewed-by: Julius Werner <jwerner@chromium.org>
Commit-Queue: Joel Kitching <kitching@chromium.org>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
This CL is part of a series to merge vboot1 and vboot2.0
kernel verification code; see b/181739551.
BUG=b:181739551
TEST=make clean && make runtests
BRANCH=none
Signed-off-by: Joel Kitching <kitching@google.com>
Change-Id: Ie4a0f356ad387699e180cabdaa8dd2089199b42c
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/vboot_reference/+/2824765
Tested-by: Joel Kitching <kitching@chromium.org>
Commit-Queue: Joel Kitching <kitching@chromium.org>
Reviewed-by: Julius Werner <jwerner@chromium.org>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
This CL is part of a series to merge vboot1 and vboot2.0
kernel verification code; see b/181739551.
BUG=b:181739551
TEST=make clean && make runtests
BRANCH=none
Signed-off-by: Joel Kitching <kitching@google.com>
Change-Id: Iab177cce688425c3cfd051e5d211c64cc60a4e4c
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/vboot_reference/+/2759817
Tested-by: Joel Kitching <kitching@chromium.org>
Reviewed-by: Joel Kitching <kitching@chromium.org>
Commit-Queue: Joel Kitching <kitching@chromium.org>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
This CL is part of a series to merge vboot1 and vboot2.0
kernel verification code; see b/181739551.
BUG=b:181739551
TEST=make clean && make runtests
BRANCH=none
Signed-off-by: Joel Kitching <kitching@google.com>
Change-Id: Id4dad2b32d01c54818c27ef7ea65e94ca3924afd
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/vboot_reference/+/2785810
Tested-by: Joel Kitching <kitching@chromium.org>
Commit-Queue: Joel Kitching <kitching@chromium.org>
Reviewed-by: Julius Werner <jwerner@chromium.org>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
This CL is part of a series to merge vboot1 and vboot2.0
kernel verification code; see b/181739551.
BUG=b:181739551
TEST=make clean && make runtests
BRANCH=none
Signed-off-by: Joel Kitching <kitching@google.com>
Change-Id: I18790fefe7c4bf2126978c7a9bf1d412dfc8ac78
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/vboot_reference/+/2785809
Tested-by: Joel Kitching <kitching@chromium.org>
Reviewed-by: Julius Werner <jwerner@chromium.org>
Commit-Queue: Joel Kitching <kitching@chromium.org>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Ryu was a canceled Chrome OS project (it launched with Android
instead).
6 years later and this unused code is still kicking around. Delete
it.
BUG=b:186777279
BRANCH=none
TEST=compile futility
Signed-off-by: Jack Rosenthal <jrosenth@chromium.org>
Change-Id: Ic359413bc22a51ac8839e3e062234b1fd99a262c
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/vboot_reference/+/2861022
Reviewed-by: Julius Werner <jwerner@chromium.org>
Reviewed-by: Furquan Shaikh <furquan@chromium.org>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
| |
This change replaces --diff and --fast-verify for the supported
equivalent flashrom options
BRANCH=none
BUG=b:186479007
TEST=tryjobs
Change-Id: I614ba71c606dbe4e3a1b4988df845bcbbd61dd01
Signed-off-by: Daniel Campello <campello@chromium.org>
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/vboot_reference/+/2853623
Reviewed-by: Jack Rosenthal <jrosenth@chromium.org>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Add helper functions to check and set ui error code. The ui error
handling shouldn't catch the requests but only the error.
Add vb2_is_error() to 2api.h. This function is for checking if the
return value is an error or not.
BRANCH=none
BUG=b:157625765
TEST=make clean && CC=x86_64-pc-linux-gnu-clang make runtests
Signed-off-by: Chung-Sheng Wu <chungsheng@google.com>
Change-Id: I5c9a34dadf749f3b5364860a1a034bfefe0a61f5
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/vboot_reference/+/2780821
Tested-by: Chung-Sheng Wu <chungsheng@chromium.org>
Commit-Queue: Chung-Sheng Wu <chungsheng@chromium.org>
Reviewed-by: Yu-Ping Wu <yupingso@chromium.org>
Reviewed-by: Joel Kitching <kitching@chromium.org>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Implement the ui for storage self-test.
BUG=b:173364332
TEST=make clean && CC=x86_64-pc-linux-gnu-clang make runtests
BRANCH=none
Cq-Depend: chromium:2641906
Signed-off-by: Chung-Sheng Wu <chungsheng@google.com>
Change-Id: Ieb3a24e0bf19f4e62de41cccd1138719dbc65e7c
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/vboot_reference/+/2626566
Tested-by: Chung-Sheng Wu <chungsheng@chromium.org>
Reviewed-by: Yu-Ping Wu <yupingso@chromium.org>
Reviewed-by: Hsuan Ting Chen <roccochen@chromium.org>
Reviewed-by: Meng-Huan Yu <menghuan@chromium.org>
Commit-Queue: Chung-Sheng Wu <chungsheng@chromium.org>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Update strings to meet the UX review.
BRANCH=none
BUG=b:183351700
TEST=none
Cq-Depend: chromium:2777880
Signed-off-by: Chung-Sheng Wu <chungsheng@google.com>
Change-Id: Ic8d9653abffd80039347f81823930eaa7f35180e
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/vboot_reference/+/2777952
Reviewed-by: Meng-Huan Yu <menghuan@chromium.org>
Reviewed-by: Yu-Ping Wu <yupingso@chromium.org>
Tested-by: Chung-Sheng Wu <chungsheng@chromium.org>
Commit-Queue: Chung-Sheng Wu <chungsheng@chromium.org>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
This piece of code caused serious issues in b/184559695, and it
seems like we have no active users at the moment.
We can punt the decision to remove the code entirely, but for now,
let's stop building and executing it, leaving it to potential
users to fix it up, and refactor/cleanup/test the code.
BRANCH=none
BUG=b:184812319
TEST=`make` does not build `cgpt_wrapper` or any SPI-NOR code.
TEST=`make GPT_SPI_NOR=1` does build it.
TEST=`emerge-$BOARD -v vboot_reference && \
cros deploy $IP vboot_reference`
`cgpt find -t kernel` does not print any RW_GPT-related errors
anymore.
Change-Id: Ie081f372964807caa1b121059288ae761f2f8e43
Signed-off-by: Nicolas Boichat <drinkcat@chromium.org>
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/vboot_reference/+/2814132
Commit-Queue: Jack Rosenthal <jrosenth@chromium.org>
Reviewed-by: Jack Rosenthal <jrosenth@chromium.org>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Closing fd=1 is a bad idea, as flashrom will then reuse fd=1 for
the MTD device and directly write to it.
Luckily, we have a subprocess_run function in vboot that does
what we need. There will be some cleanup required after this,
but hopefully this is enough to clear the P0 on hand.
BUG=b:184559695
TEST=`cgpt find -t kernel` (fails?!), but at least does not
corrupt flash:
`flashrom -r /usr/local/x.bin && hexdump -C /usr/local/x.bin | head`
BRANCH=none
Change-Id: Ia82ed7966ea66274f72fe21eca5241633ffbdb5c
Signed-off-by: Nicolas Boichat <drinkcat@chromium.org>
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/vboot_reference/+/2812630
Reviewed-by: Mike Frysinger <vapier@chromium.org>
Reviewed-by: Jack Rosenthal <jrosenth@chromium.org>
Commit-Queue: Jack Rosenthal <jrosenth@chromium.org>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Remove the unused VB2_SCREEN_BLANK from vb2_screen enum.
BUG=none
TEST=emerge-asurada depthcharge
TEST=make runtests
BRANCH=none
Cq-Depend: chromium:2793450
Change-Id: I931f6ad804f6da3b710bef9d800c26960d20c3cb
Signed-off-by: Yu-Ping Wu <yupingso@chromium.org>
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/vboot_reference/+/2793448
Reviewed-by: Julius Werner <jwerner@chromium.org>
|
