| Commit message (Collapse) | Author | Age | Files | Lines |
... | |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Collapse the 4 sudo calls & temporary file into a single call.
This is a bit easier to read and is faster as a result.
We can also hoist the selinux restore to do it only once at the
end if we modified the file.
BUG=None
TEST=set_lsb_release.sh on an image still works
BRANCH=None
Change-Id: I300cf47d017d159d762a62fe2aab789ce391f89a
Signed-off-by: Mike Frysinger <vapier@chromium.org>
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/vboot_reference/+/2923826
Reviewed-by: George Engelbrecht <engeg@google.com>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
We don't need all this infrastructure for arbitrary cleanups when we
only ever run 2 clean up steps. This also fixes a subtle bug in the
old logic: we registered cleanups in the logical order of (1) mounts
and then (2) loopbacks, but the cleanup loop walks the registered
calls in reverse order. This means the loopback cleanup would fail
and timeout because we hadn't unmounted the partitions yet. The
overall script doesn't fail as cleanup uses `set +e`, but it makes
every script waste ~10 seconds at exit.
BUG=None
TEST=running set_lsb_release.sh on images works quickly now
BRANCH=None
Change-Id: Ibd25ad6ba149c64e08ac3ab860342fe7b2cc7851
Signed-off-by: Mike Frysinger <vapier@chromium.org>
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/vboot_reference/+/2923825
Reviewed-by: George Engelbrecht <engeg@google.com>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Currently, EC_IN_RW signal is used for the AP to decide whether EC is
running an RO copy or not.
coreboot will set VB2_CONTEXT_EC_TRUSTED based on the EC's boot mode
if supported. It means the EC is in RO and PD is disabled. This patch
makes vb2_allow_recovery check VB2_CONTEXT_EC_TRUSTED prior to
entering recovery mode.
BUG=b:180927027, b:187871195
BRANCH=none
TEST=build
Signed-off-by: Daisuke Nojiri <dnojiri@chromium.org>
Change-Id: Ie7fb337085f9c5f73ee82049d490a719f76a26bb
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/vboot_reference/+/2893095
Reviewed-by: Furquan Shaikh <furquan@chromium.org>
Reviewed-by: Julius Werner <jwerner@chromium.org>
|
|
|
|
|
|
|
|
|
|
|
| |
This was done on OpenBSD 6.8.
Required packages are: e2fsprogs and gcc.
Change-Id: I86ec080e1ddb90053d81f1edd17d3406e7e737c6
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/vboot_reference/+/2903352
Reviewed-by: Patrick Georgi <pgeorgi@chromium.org>
Tested-by: Patrick Georgi <pgeorgi@chromium.org>
Commit-Queue: Patrick Georgi <pgeorgi@chromium.org>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
This reverts commit 0902a08d74f090b747f59de616abfdf2131b1ae3.
Reason for revert: This causes issues with booting, at least on the guybrush platform.
BUG=b:187953058
TEST=See OS boot failures with this patch in place. Remove patch and guybrush boots fine again.
Original change's description:
> vboot/vboot_kernel: update keyblock flag mismatch logic
>
> A keyblock flag mismatch should cause keyblock verification to
> fail regardless of whether a valid keyblock is required (i.e.
> self-signed keyblock case).
>
> This CL is part of a series to merge vboot1 and vboot2.0
> kernel verification code; see b/181739551.
>
> BUG=b:181739551
> TEST=make clean && make runtests
> BRANCH=none
>
> Signed-off-by: Joel Kitching <kitching@google.com>
> Change-Id: I47096ab7fcf0fbd47a46a9a92a5406e9aa9b3596
> Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/vboot_reference/+/2846251
> Reviewed-by: Julius Werner <jwerner@chromium.org>
> Tested-by: Joel Kitching <kitching@chromium.org>
> Commit-Queue: Joel Kitching <kitching@chromium.org>
Bug: b:181739551
Change-Id: Ie778fd669bc072ba526d2082a3418208d6b28472
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/vboot_reference/+/2891607
Auto-Submit: Martin Roth <martinroth@google.com>
Tested-by: Martin Roth <martinroth@google.com>
Bot-Commit: Rubber Stamper <rubber-stamper@appspot.gserviceaccount.com>
Commit-Queue: Julius Werner <jwerner@chromium.org>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
HexStringToUint32() uses sscanf(), scanning in a hex value, and
capturing the tail as well to figure out if the user passed in too much.
Switch to using a char for that overflow detection rather than a string
to avoid stack corruption. For example:
localhost# tpmc pcrread 999999999999999999999
*** stack smashing detected ***: terminated
Aborted (core dumped)
BUG=None
BRANCH=main
TEST=stop trunksd; tpmc pcrread 999999999999999999999
Signed-off-by: Evan Green <evgreen@chromium.org>
Change-Id: Idefec979d5cf6ab8a83da8654ed5591158807395
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/vboot_reference/+/2893695
Reviewed-by: Andrey Pronin <apronin@chromium.org>
Reviewed-by: Julius Werner <jwerner@chromium.org>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
With the new rollback info space value the node locked images base
needs to be enabled.
BRANCH=none
BUG=b:187438971
TEST=none
Change-Id: I78eafc72766947df81c9b6519bc13633423840d6
Signed-off-by: Vadim Bendebury <vbendeb@chromium.org>
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/vboot_reference/+/2888711
Reviewed-by: Mary Ruthven <mruthven@chromium.org>
Reviewed-by: Mike Frysinger <vapier@chromium.org>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
This commit adds a method to create an empty Firmware Management
Parameters (FWMP) object in secure storage context. This can be used
to initialize the FWMP space just after it's been created by
firmware.
BUG=b:184677625
BRANCH=None
TEST=With other changes in coreboot to create and write the FWMP
space, `emerge-keeby coreboot`.
Signed-off-by: Aseda Aboagye <aaboagye@google.com>
Change-Id: I614975609a44ec18ff018970056e6e45e68265ed
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/vboot_reference/+/2875533
Tested-by: Aseda Aboagye <aaboagye@chromium.org>
Auto-Submit: Aseda Aboagye <aaboagye@chromium.org>
Reviewed-by: Julius Werner <jwerner@chromium.org>
Commit-Queue: Aseda Aboagye <aaboagye@chromium.org>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
A keyblock flag mismatch should cause keyblock verification to
fail regardless of whether a valid keyblock is required (i.e.
self-signed keyblock case).
This CL is part of a series to merge vboot1 and vboot2.0
kernel verification code; see b/181739551.
BUG=b:181739551
TEST=make clean && make runtests
BRANCH=none
Signed-off-by: Joel Kitching <kitching@google.com>
Change-Id: I47096ab7fcf0fbd47a46a9a92a5406e9aa9b3596
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/vboot_reference/+/2846251
Reviewed-by: Julius Werner <jwerner@chromium.org>
Tested-by: Joel Kitching <kitching@chromium.org>
Commit-Queue: Joel Kitching <kitching@chromium.org>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Change conditional checks to match other vboot code.
Instead of:
if (rv != VB2_SUCCESS)
Just use:
if (rv)
Also fix up spacing on a vb2_load_partition call.
This CL is part of a series to merge vboot1 and vboot2.0
kernel verification code; see b/181739551.
BUG=b:181739551
TEST=make clean && make runtests
BRANCH=none
Signed-off-by: Joel Kitching <kitching@google.com>
Change-Id: Ifc6dd5a3e5263d66f279f56919c05064dd49a7a7
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/vboot_reference/+/2835505
Tested-by: Joel Kitching <kitching@chromium.org>
Reviewed-by: Julius Werner <jwerner@chromium.org>
Commit-Queue: Joel Kitching <kitching@chromium.org>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Create vb2_verify_kernel_dev_key_hash to encapsulate
developer key hash checking logic.
Also correct formatting of developer key hash when printed
to console.
This CL is part of a series to merge vboot1 and vboot2.0
kernel verification code; see b/181739551.
BUG=b:181739551
TEST=make clean && make runtests
BRANCH=none
Signed-off-by: Joel Kitching <kitching@google.com>
Change-Id: I0253e1e960fb966b67b4643794585ed8355d8efb
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/vboot_reference/+/2825268
Tested-by: Joel Kitching <kitching@chromium.org>
Reviewed-by: Julius Werner <jwerner@chromium.org>
Commit-Queue: Joel Kitching <kitching@chromium.org>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
This CL is part of a series to merge vboot1 and vboot2.0
kernel verification code; see b/181739551.
BUG=b:181739551
TEST=make clean && make runtests
BRANCH=none
Signed-off-by: Joel Kitching <kitching@google.com>
Change-Id: I155997d96d9edd2c6c2f8a731b8439a835156978
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/vboot_reference/+/2824766
Tested-by: Joel Kitching <kitching@chromium.org>
Reviewed-by: Julius Werner <jwerner@chromium.org>
Commit-Queue: Joel Kitching <kitching@chromium.org>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
This CL is part of a series to merge vboot1 and vboot2.0
kernel verification code; see b/181739551.
BUG=b:181739551
TEST=make clean && make runtests
BRANCH=none
Signed-off-by: Joel Kitching <kitching@google.com>
Change-Id: Ie4a0f356ad387699e180cabdaa8dd2089199b42c
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/vboot_reference/+/2824765
Tested-by: Joel Kitching <kitching@chromium.org>
Commit-Queue: Joel Kitching <kitching@chromium.org>
Reviewed-by: Julius Werner <jwerner@chromium.org>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
This CL is part of a series to merge vboot1 and vboot2.0
kernel verification code; see b/181739551.
BUG=b:181739551
TEST=make clean && make runtests
BRANCH=none
Signed-off-by: Joel Kitching <kitching@google.com>
Change-Id: Iab177cce688425c3cfd051e5d211c64cc60a4e4c
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/vboot_reference/+/2759817
Tested-by: Joel Kitching <kitching@chromium.org>
Reviewed-by: Joel Kitching <kitching@chromium.org>
Commit-Queue: Joel Kitching <kitching@chromium.org>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
This CL is part of a series to merge vboot1 and vboot2.0
kernel verification code; see b/181739551.
BUG=b:181739551
TEST=make clean && make runtests
BRANCH=none
Signed-off-by: Joel Kitching <kitching@google.com>
Change-Id: Id4dad2b32d01c54818c27ef7ea65e94ca3924afd
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/vboot_reference/+/2785810
Tested-by: Joel Kitching <kitching@chromium.org>
Commit-Queue: Joel Kitching <kitching@chromium.org>
Reviewed-by: Julius Werner <jwerner@chromium.org>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
This CL is part of a series to merge vboot1 and vboot2.0
kernel verification code; see b/181739551.
BUG=b:181739551
TEST=make clean && make runtests
BRANCH=none
Signed-off-by: Joel Kitching <kitching@google.com>
Change-Id: I18790fefe7c4bf2126978c7a9bf1d412dfc8ac78
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/vboot_reference/+/2785809
Tested-by: Joel Kitching <kitching@chromium.org>
Reviewed-by: Julius Werner <jwerner@chromium.org>
Commit-Queue: Joel Kitching <kitching@chromium.org>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Ryu was a canceled Chrome OS project (it launched with Android
instead).
6 years later and this unused code is still kicking around. Delete
it.
BUG=b:186777279
BRANCH=none
TEST=compile futility
Signed-off-by: Jack Rosenthal <jrosenth@chromium.org>
Change-Id: Ic359413bc22a51ac8839e3e062234b1fd99a262c
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/vboot_reference/+/2861022
Reviewed-by: Julius Werner <jwerner@chromium.org>
Reviewed-by: Furquan Shaikh <furquan@chromium.org>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
This change replaces --diff and --fast-verify for the supported
equivalent flashrom options
BRANCH=none
BUG=b:186479007
TEST=tryjobs
Change-Id: I614ba71c606dbe4e3a1b4988df845bcbbd61dd01
Signed-off-by: Daniel Campello <campello@chromium.org>
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/vboot_reference/+/2853623
Reviewed-by: Jack Rosenthal <jrosenth@chromium.org>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Add helper functions to check and set ui error code. The ui error
handling shouldn't catch the requests but only the error.
Add vb2_is_error() to 2api.h. This function is for checking if the
return value is an error or not.
BRANCH=none
BUG=b:157625765
TEST=make clean && CC=x86_64-pc-linux-gnu-clang make runtests
Signed-off-by: Chung-Sheng Wu <chungsheng@google.com>
Change-Id: I5c9a34dadf749f3b5364860a1a034bfefe0a61f5
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/vboot_reference/+/2780821
Tested-by: Chung-Sheng Wu <chungsheng@chromium.org>
Commit-Queue: Chung-Sheng Wu <chungsheng@chromium.org>
Reviewed-by: Yu-Ping Wu <yupingso@chromium.org>
Reviewed-by: Joel Kitching <kitching@chromium.org>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Implement the ui for storage self-test.
BUG=b:173364332
TEST=make clean && CC=x86_64-pc-linux-gnu-clang make runtests
BRANCH=none
Cq-Depend: chromium:2641906
Signed-off-by: Chung-Sheng Wu <chungsheng@google.com>
Change-Id: Ieb3a24e0bf19f4e62de41cccd1138719dbc65e7c
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/vboot_reference/+/2626566
Tested-by: Chung-Sheng Wu <chungsheng@chromium.org>
Reviewed-by: Yu-Ping Wu <yupingso@chromium.org>
Reviewed-by: Hsuan Ting Chen <roccochen@chromium.org>
Reviewed-by: Meng-Huan Yu <menghuan@chromium.org>
Commit-Queue: Chung-Sheng Wu <chungsheng@chromium.org>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Update strings to meet the UX review.
BRANCH=none
BUG=b:183351700
TEST=none
Cq-Depend: chromium:2777880
Signed-off-by: Chung-Sheng Wu <chungsheng@google.com>
Change-Id: Ic8d9653abffd80039347f81823930eaa7f35180e
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/vboot_reference/+/2777952
Reviewed-by: Meng-Huan Yu <menghuan@chromium.org>
Reviewed-by: Yu-Ping Wu <yupingso@chromium.org>
Tested-by: Chung-Sheng Wu <chungsheng@chromium.org>
Commit-Queue: Chung-Sheng Wu <chungsheng@chromium.org>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
This piece of code caused serious issues in b/184559695, and it
seems like we have no active users at the moment.
We can punt the decision to remove the code entirely, but for now,
let's stop building and executing it, leaving it to potential
users to fix it up, and refactor/cleanup/test the code.
BRANCH=none
BUG=b:184812319
TEST=`make` does not build `cgpt_wrapper` or any SPI-NOR code.
TEST=`make GPT_SPI_NOR=1` does build it.
TEST=`emerge-$BOARD -v vboot_reference && \
cros deploy $IP vboot_reference`
`cgpt find -t kernel` does not print any RW_GPT-related errors
anymore.
Change-Id: Ie081f372964807caa1b121059288ae761f2f8e43
Signed-off-by: Nicolas Boichat <drinkcat@chromium.org>
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/vboot_reference/+/2814132
Commit-Queue: Jack Rosenthal <jrosenth@chromium.org>
Reviewed-by: Jack Rosenthal <jrosenth@chromium.org>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Closing fd=1 is a bad idea, as flashrom will then reuse fd=1 for
the MTD device and directly write to it.
Luckily, we have a subprocess_run function in vboot that does
what we need. There will be some cleanup required after this,
but hopefully this is enough to clear the P0 on hand.
BUG=b:184559695
TEST=`cgpt find -t kernel` (fails?!), but at least does not
corrupt flash:
`flashrom -r /usr/local/x.bin && hexdump -C /usr/local/x.bin | head`
BRANCH=none
Change-Id: Ia82ed7966ea66274f72fe21eca5241633ffbdb5c
Signed-off-by: Nicolas Boichat <drinkcat@chromium.org>
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/vboot_reference/+/2812630
Reviewed-by: Mike Frysinger <vapier@chromium.org>
Reviewed-by: Jack Rosenthal <jrosenth@chromium.org>
Commit-Queue: Jack Rosenthal <jrosenth@chromium.org>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Remove the unused VB2_SCREEN_BLANK from vb2_screen enum.
BUG=none
TEST=emerge-asurada depthcharge
TEST=make runtests
BRANCH=none
Cq-Depend: chromium:2793450
Change-Id: I931f6ad804f6da3b710bef9d800c26960d20c3cb
Signed-off-by: Yu-Ping Wu <yupingso@chromium.org>
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/vboot_reference/+/2793448
Reviewed-by: Julius Werner <jwerner@chromium.org>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
This adds missing networkstack keys required for sign scripts.
Keys are generated by:
./create_new_android_keys.sh ${VBOOT_REFERENCE}/tests/devkeys/android
git checkout media.pk8 media.x509.pem platform.pk8 \
platform.x509.pem releasekey.pk8 releasekey.x509.pem \
shared.pk8 shared.x509.pem
BUG=b:170344735
TEST=build hatch based board with this feature on
BRANCH=none
Change-Id: I80376b8b07cc111d3ef51cf8a7bbc8dcfe8cfcc8
Signed-off-by: Yury Khmel <khmel@chromium.org>
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/vboot_reference/+/2803655
Reviewed-by: Victor Hsieh <victorhsieh@chromium.org>
Reviewed-by: Mike Frysinger <vapier@chromium.org>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
BRANCH=dedede,volteer,trogdor,zork
BUG=b:182338095
TEST=none
Cq-Depend: chromium:2789114
Signed-off-by: Chung-Sheng Wu <chungsheng@google.com>
Change-Id: I865b28d8a8a6e1f3924ce94fb38b6c7799a797dd
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/vboot_reference/+/2789115
Tested-by: Chung-Sheng Wu <chungsheng@chromium.org>
Reviewed-by: Yu-Ping Wu <yupingso@chromium.org>
Commit-Queue: Chung-Sheng Wu <chungsheng@chromium.org>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Refactor code to use log_page_update to update log pages. Clean up
duplicated code. Split the cancel button logic to
log_page_show_back_or_cancel function.
BUG=b:174127808, b:157625765
TEST=make clean && CC=x86_64-pc-linux-gnu-clang make runtests
BRANCH=none
Cq-Depend: chromium:2641904
Signed-off-by: Chung-Sheng Wu <chungsheng@google.com>
Change-Id: Iaa8565c91c310e218dade45eb0efd56c72950512
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/vboot_reference/+/2641981
Reviewed-by: Hsuan Ting Chen <roccochen@chromium.org>
Reviewed-by: Yu-Ping Wu <yupingso@chromium.org>
Tested-by: Chung-Sheng Wu <chungsheng@chromium.org>
Commit-Queue: Chung-Sheng Wu <chungsheng@chromium.org>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
This CL is part of a series to merge vboot1 and vboot2.0
kernel verification code; see b/181739551.
BUG=b:181739551
TEST=make clean && make runtests
BRANCH=none
Signed-off-by: Joel Kitching <kitching@google.com>
Change-Id: Ib61f9bd726d2da9ef0fee3cd3a4039a6aa1063cc
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/vboot_reference/+/2780222
Tested-by: Joel Kitching <kitching@chromium.org>
Commit-Queue: Joel Kitching <kitching@chromium.org>
Reviewed-by: Julius Werner <jwerner@chromium.org>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Instead of just checking for failure/success on functions
returning vb2_error_t and mapping to a completely different
return value, pass that value directly back to the caller.
Also, create VB2_ERROR_KEYBLOCK_HASH_INVALID_IN_DEV_MODE to
replace uses of VB2_ERROR_KEYBLOCK_SIG_INVALID when keyblock
hash is invalid (dev mode, using self-signed kernels).
This CL is part of a series to merge vboot1 and vboot2.0
kernel verification code; see b/181739551.
BUG=b:181739551
TEST=make clean && make runtests
BRANCH=none
Signed-off-by: Joel Kitching <kitching@google.com>
Change-Id: Iefc00ccee6b6d29fb94e4acd652c033321f2d8af
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/vboot_reference/+/2772138
Reviewed-by: Joel Kitching <kitching@chromium.org>
Tested-by: Joel Kitching <kitching@chromium.org>
Commit-Queue: Joel Kitching <kitching@chromium.org>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Function no longer needs the `params` argument. Use more
precise language, replacing the term "OS" with "kernel".
This CL is part of a series to merge vboot1 and vboot2.0
kernel verification code; see b/181739551.
BUG=b:181739551
TEST=make clean && make runtests
BRANCH=none
Signed-off-by: Joel Kitching <kitching@google.com>
Change-Id: Ie4162760744a6c341fee122c5be247d86bd49c05
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/vboot_reference/+/2741921
Tested-by: Joel Kitching <kitching@chromium.org>
Commit-Queue: Joel Kitching <kitching@chromium.org>
Reviewed-by: Julius Werner <jwerner@chromium.org>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Reorder errors in enum vb2_ui_error to match the order in bmpblk. Also
rename VB2_UI_ERROR_EXTERNAL_BOOT_NOT_ENABLED to
VB2_UI_ERROR_EXTERNAL_BOOT_DISABLED for consistency with
VB2_UI_ERROR_ALTFW_DISABLED.
BUG=b:144969091
TEST=make runtests
TEST=emerge-asurada depthcharge
BRANCH=none
Cq-Depend: chromium:2682057
Change-Id: Id8859be3e451c077dd7689b51e98a410d5987874
Signed-off-by: Yu-Ping Wu <yupingso@chromium.org>
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/vboot_reference/+/2746898
Reviewed-by: Joel Kitching <kitching@chromium.org>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Rename vboot_mode enum to better match vboot2 coding style.
Also add a test case for checking developer key hash while
in recovery mode.
This CL is part of a series to merge vboot1 and vboot2.0
kernel verification code; see b/181739551.
BUG=b:181739551
TEST=make clean && make runtests
BRANCH=none
Signed-off-by: Joel Kitching <kitching@google.com>
Change-Id: I4ac141df17c5e53caebe605f0fb6a186130ed6d5
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/vboot_reference/+/2730357
Tested-by: Joel Kitching <kitching@chromium.org>
Reviewed-by: Julius Werner <jwerner@chromium.org>
Reviewed-by: Yu-Ping Wu <yupingso@chromium.org>
Commit-Queue: Joel Kitching <kitching@chromium.org>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
In CL:2716747, VB2_SCREEN_DEVELOPER_TO_NORM is pulled up to act
as the root screen in the case of dev boot being disallowed.
As such, the screen changes can be removed from
VB2_SCREEN_DEVELOPER_MODE init() and reinit() functions.
If the user does manage to get into the developer mode screen
while developer mode is disabled, rely on the individual checks
in these functions to prevent booting:
- vb2_ui_developer_mode_boot_internal_action
- vb2_ui_developer_mode_boot_external_action
- vb2_ui_developer_mode_boot_altfw_action
BUG=b:159579189, b:181087237
TEST=make clean && make runtests
BRANCH=none
Signed-off-by: Joel Kitching <kitching@google.com>
Change-Id: Ic72d30709baeac2fc7e681d973413e2e9c8b0483
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/vboot_reference/+/2730669
Reviewed-by: Joel Kitching <kitching@chromium.org>
Tested-by: Joel Kitching <kitching@chromium.org>
Commit-Queue: Joel Kitching <kitching@chromium.org>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
When the gsc signer reads the contents of the payload it finds
out if it is a cr50 or ti50 chip. We write the chip type to a
.rename file next to the bin (which has a @CHIP@ in the path) so
that the signer can rename the artifact for placement.
Signed-off-by: George Engelbrecht <engeg@google.com>
BRANCH=None
BUG=b:179964270
TEST=local signer
Change-Id: I0600cb60bb614111802119293ba0c63f2b61c231
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/vboot_reference/+/2728736
Reviewed-by: Mike Frysinger <vapier@chromium.org>
Reviewed-by: Vadim Bendebury <vbendeb@chromium.org>
Commit-Queue: George Engelbrecht <engeg@google.com>
Tested-by: George Engelbrecht <engeg@google.com>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Add support for using HW hashing acceleration in kernel verification.
BUG=b:162551138
BRANCH=zork
TEST=CC=x86_64-pc-linux-gnu-clang make runtests
Signed-off-by: Kangheui Won <khwon@chromium.org>
Change-Id: Ia03ff7f49bd18393c0daeab72348414fa059e0cd
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/vboot_reference/+/2639456
Reviewed-by: Raul E Rangel <rrangel@chromium.org>
Reviewed-by: Julius Werner <jwerner@chromium.org>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Add a new log_page_update function to maintain the state of page up/down
buttons.
BUG=b:174127808
TEST=make clean && CC=x86_64-pc-linux-gnu-clang make runtests
BRANCH=none
Signed-off-by: Chung-Sheng Wu <chungsheng@google.com>
Change-Id: I6c396af3139229771557f017b816ea93aba27be2
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/vboot_reference/+/2641979
Tested-by: Chung-Sheng Wu <chungsheng@chromium.org>
Commit-Queue: Chung-Sheng Wu <chungsheng@chromium.org>
Reviewed-by: Meng-Huan Yu <menghuan@chromium.org>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
In current codebase, VB2_REQUEST_UI_CONTINUE is for successful ui
function call, and VB2_SUCCESS is for breaking the main ui loop.
Replace most of the VB2_REQUEST_UI_CONTINUE with VB2_SUCCESS, and
replace those breaking requesting VB2_SUCCESS with VB2_REQUEST_UI_EXIT.
All the "VB2_REQUEST_UI_CONTINUE" and "VB2_REQUEST_UI_EXIT" are caught
in the ui loop. VB2_REQUEST_UI_CONTINUE does nothing while
VB2_REQUEST_UI_EXIT breaks the ui loop and return VB2_SUCCESS. Returning
VB2_SUCCESS and VB2_REQUEST_UI_CONTINUE to the ui loop now should do the
same thing, that is, continue process the ui.
VB2_REQUEST_UI_CONTINUE can be used to quickly return from ui functions
to the main UI loop, because it is not VB2_SUCCESS and makes VB2_TRY
return.
BRANCH=none
BUG=b:157625765
TEST=make clean && CC=x86_64-pc-linux-gnu-clang make runtests
Signed-off-by: Chung-Sheng Wu <chungsheng@google.com>
Change-Id: If1b54657d09198196f9c646b6b907b4fd8faadce
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/vboot_reference/+/2714502
Tested-by: Chung-Sheng Wu <chungsheng@chromium.org>
Reviewed-by: Joel Kitching <kitching@chromium.org>
Commit-Queue: Chung-Sheng Wu <chungsheng@chromium.org>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Rename storage to storage health info to prevent confusing with storage
self-test.
BRANCH=none
BUG=b:173364332
TEST=make clean && CC=x86_64-pc-linux-gnu-clang make runtests
Cq-Depend: chromium:2709784
Signed-off-by: Chung-Sheng Wu <chungsheng@google.com>
Change-Id: I6c5e355e2062b8c371dbbeff8a5f1b9445bac9f0
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/vboot_reference/+/2719252
Tested-by: Chung-Sheng Wu <chungsheng@chromium.org>
Commit-Queue: Chung-Sheng Wu <chungsheng@chromium.org>
Reviewed-by: Meng-Huan Yu <menghuan@chromium.org>
Reviewed-by: Yu-Ping Wu <yupingso@chromium.org>
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
BRANCH=None
BUG=None
TEST=None
Change-Id: I9eeb580f720ceb42a5950b1de7fbc961058f5970
Signed-off-by: Philip Chen <philipchen@google.com>
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/vboot_reference/+/2739702
Tested-by: Philip Chen <philipchen@chromium.org>
Commit-Queue: Douglas Anderson <dianders@chromium.org>
Reviewed-by: Douglas Anderson <dianders@chromium.org>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Without returning, subsequent code may operate under the
assumption that the screen has *not* changed, leading to
unexpected behaviour. The user may also be able to select
otherwise disallowed menu items.
BUG=b:181087237, chromium:1181484
TEST=make clean && make runtests
BRANCH=none
Signed-off-by: Joel Kitching <kitching@google.com>
Change-Id: I820e387417ad39e2f7bd47f65d08c387cf66d6e5
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/vboot_reference/+/2717449
Tested-by: Joel Kitching <kitching@chromium.org>
Reviewed-by: Yu-Ping Wu <yupingso@chromium.org>
Commit-Queue: Joel Kitching <kitching@chromium.org>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Change UI root screen to DEVELOPER_TO_NORM if DEV_DISABLE_BOOT is set in
FWMP, and disable all dev-mode shortcuts except '\t'. This ensures
DEVELOPER_TO_NORM and VB2_SCREEN_DEBUG_INFO are the only two screens
accessible from the UI.
Also hide the "Cancel" menu item in DEVELOPER_TO_NORM.
BUG=b:159579189, chromium:1181484
TEST=make runtests
TEST=emerge-asurada depthcharge
BRANCH=none
Change-Id: Ifedb53ae2eb968b1118340aef30cda00b7925f03
Signed-off-by: Yu-Ping Wu <yupingso@chromium.org>
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/vboot_reference/+/2716747
Reviewed-by: Joel Kitching <kitching@chromium.org>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
After these functions are called, no assumptions may be made
about which screen is currently displayed, and thus execution
should return to ui_loop:
- vb2_ui_menu_select
- vb2_ui_screen_back
- vb2_ui_screen_change
When VB2_TRY() is wrapped around these functions, the result
should be returning immediately. No code following the functions
should be executed. Add unit test coverage for this.
BUG=b:157625765
TEST=make clean && make runtests
BRANCH=none
Signed-off-by: Joel Kitching <kitching@google.com>
Change-Id: I4fc2a1eb59012eeefce34d25f010a49cb1d957de
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/vboot_reference/+/2721377
Tested-by: Joel Kitching <kitching@chromium.org>
Reviewed-by: Hsuan Ting Chen <roccochen@chromium.org>
Commit-Queue: Joel Kitching <kitching@chromium.org>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Standardize on the term "altfw" (short form) and
"alternate bootloader" (long form) in both code and
documentation.
Remove the VbAltFwIndex_t enum, and replace with a
simple uint32_t.
Rename VbExLegacy to vb2ex_run_altfw, and move
to vboot2 namespace.
Rename crossystem param dev_boot_legacy to
dev_boot_altfw, but leave an alias.
Rename crossystem param dev_default_boot value
from legacy to altfw, but leave an alias.
BUG=b:179458327
TEST=make clean && make runtests
TEST=emerge vboot_reference and check output for:
crossystem dev_boot_legacy=0
crossystem dev_boot_altfw=0
crossystem dev_default_boot=legacy
crossystem dev_default_boot=altfw
BRANCH=none
Cq-Depend: chromium:2641196
Signed-off-by: Joel Kitching <kitching@google.com>
Change-Id: I289df63d992a3d9ae3845c59779ecbd115b18ee2
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/vboot_reference/+/2641346
Reviewed-by: Julius Werner <jwerner@chromium.org>
Reviewed-by: Yu-Ping Wu <yupingso@chromium.org>
Tested-by: Joel Kitching <kitching@chromium.org>
Commit-Queue: Yu-Ping Wu <yupingso@chromium.org>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
After implemented the driver-level TPM2.0 simulator on VM boards, the
mount-encrypted would use the vTPM to encrypted the file system.
We would need to remove the TPM simulator NVChip when we want to
hard reset the TPM on VM.
And we don't need to remove the mount-encrypted key after we landed
the driver-level TPM simulator on all VM boards.
BUG=b:174807059
BRANCH=none
TEST=crossystem clear_tpm_owner_request=1
TEST=crossystem clear_tpm_owner_request // showing the right value
Cq-Depend: chromium:2576865, chromium:2638953
Signed-off-by: Yi Chou <yich@google.com>
Change-Id: Iba2c9b93ed9e558a9163542dfc1fbcb738c1d83d
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/vboot_reference/+/2576867
Reviewed-by: Joel Kitching <kitching@chromium.org>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Clang is complaining about missing prototypes e.g.
tests/vb2_preamble_fuzzer.c:43:13: error: no previous
prototype for function 'vb2_check_padding'
[-Werror,-Wmissing-prototypes]
Add the header "2rsa_private.h" to fix fuzzer builders.
BUG=chromium:1172055
TEST=tryjob
Signed-off-by: Manoj Gupta <manojgupta@google.com>
Change-Id: I9593e1f747939a38c33226f98570fa5423570362
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/vboot_reference/+/2658033
Reviewed-by: Julius Werner <jwerner@chromium.org>
Commit-Queue: Manoj Gupta <manojgupta@chromium.org>
Tested-by: Manoj Gupta <manojgupta@chromium.org>
Auto-Submit: Manoj Gupta <manojgupta@chromium.org>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Implement TlclExtend, which sends a TPM2_PCR_Extend command to extend
the indicated PCR.
BUG=b:174807059
BRANCH=none
TEST=After stopped trunksd run "tpmc pcrextend <index> <extend hex>" to
extend the PCR. Start trunksd and run "trunks_client --read_pcr
--index=<index>" would see the PCR value changed.
Disallow-Recycled-Builds: test-failures
Signed-off-by: Yi Chou <yich@google.com>
Change-Id: I5b11fcf7de83186a29e1abed43f443ac9ca426fb
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/vboot_reference/+/2632019
Reviewed-by: Leo Lai <cylai@google.com>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
s/@returns/@return/g for consistency.
BUG=b:124141368
TEST=make clean && make runtests
BRANCH=none
Signed-off-by: Joel Kitching <kitching@google.com>
Change-Id: If5ef147761111294b0eca532e56e683fd787bee6
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/vboot_reference/+/2641345
Tested-by: Joel Kitching <kitching@chromium.org>
Commit-Queue: Joel Kitching <kitching@chromium.org>
Reviewed-by: Yu-Ping Wu <yupingso@chromium.org>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Previously, functions that need to be tested but not exposed
to vboot API were placed in vboot_test.h. Now, the approach
of placing them in a xyz_private.h header file is preferred.
BUG=b:124141368, chromium:968464
TEST=make clean && make runtests
BRANCH=none
Signed-off-by: Joel Kitching <kitching@google.com>
Change-Id: I8be50d95c533b277b509aabb503ae05f69662a33
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/vboot_reference/+/2641344
Tested-by: Joel Kitching <kitching@chromium.org>
Commit-Queue: Joel Kitching <kitching@chromium.org>
Reviewed-by: Yu-Ping Wu <yupingso@chromium.org>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Function is only used in 2secdata_kernel.c. Convert to
a static function, and remove its header.
BUG=b:124141368, chromium:968464
TEST=make clean && make runtests
BRANCH=none
Signed-off-by: Joel Kitching <kitching@google.com>
Change-Id: Ib45abe68f0d4d025160c800c91dd2d2525dd1e3e
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/vboot_reference/+/2641343
Tested-by: Joel Kitching <kitching@chromium.org>
Commit-Queue: Joel Kitching <kitching@chromium.org>
Reviewed-by: Yu-Ping Wu <yupingso@chromium.org>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
No longer used with new vboot UI; remove.
(Missed this in the prior removal of legacy UI code.)
BUG=b:167643628, chromium:968464
TEST=make clean && make runtests
BRANCH=none
Signed-off-by: Joel Kitching <kitching@google.com>
Change-Id: I01383071dee6257921547302fe4a2977b3521195
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/vboot_reference/+/2641342
Tested-by: Joel Kitching <kitching@chromium.org>
Commit-Queue: Joel Kitching <kitching@chromium.org>
Reviewed-by: Yu-Ping Wu <yupingso@chromium.org>
|