| Commit message (Collapse) | Author | Age | Files | Lines |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
There is a standard way of handling fallthrough, at least in linux and
U-Boot, of defining 'fallthrough' as the required attribute. At
present, vboot always defines this itself, which is incompatible with
this convention.
Use double underscores around the definition of VBOOT_FALLTHROUGH to
maintain compatibility.
BUG=b:191646387
BRANCH=none
TEST=FEATURES=test sudo -E emerge vboot_reference
Signed-off-by: Simon Glass <sjg@chromium.org>
Change-Id: Id62f126f77311360fb7859ee956f1476378d87c0
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/vboot_reference/+/3032350
Reviewed-by: Julius Werner <jwerner@chromium.org>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Attempts to access array of fixed size beyond the boundary now trigger
compilation warnings, even though there is room beyond the array
boundary in due to data layout.
Let's modify the code to declare the array size explicitly to calm the
compiler.
Also needed to add en explicit return value in a function where all
returns happened inside a case statement.
BRANCH=none
BUG=none
TEST='make run2tests' does not fail to compile any more and succeeds
running tests.
Change-Id: Ib2158145233a0e8641c5b9b95499928f18390a8d
Signed-off-by: Vadim Bendebury <vbendeb@chromium.org>
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/vboot_reference/+/3120000
Reviewed-by: Daisuke Nojiri <dnojiri@chromium.org>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Some systems have an active-high GPIO for reading WP status, so support
an inverted name for that.
While we're at it, do this for recovery too, just in case someone needs
it.
BRANCH=none
BUG=b:197258688
TEST=play with servo's `fw_wp_state`, check `crossystem wpsw_cur` on
kevin-kernelnext + DTS change
Signed-off-by: Brian Norris <briannorris@chromium.org>
Change-Id: I28ad566568d6dc62843d0bc9b75cca1fc1a35633
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/vboot_reference/+/3108068
Reviewed-by: Julius Werner <jwerner@chromium.org>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
BUG=b:193618692
TEST=sign_official_build.sh can handle zstd-compressed Android image
BRANCH=none
Signed-off-by: Satoshi Niwa <niwa@google.com>
Cq-Depend: chrome-internal:4024687
Change-Id: Ie01e93e49da9b32245055f7e4b6fa4fb3fbefd8e
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/vboot_reference/+/3066801
Tested-by: Satoshi Niwa <niwa@chromium.org>
Reviewed-by: Kazuhiro Inaba <kinaba@chromium.org>
Reviewed-by: Yury Khmel <khmel@chromium.org>
Auto-Submit: Satoshi Niwa <niwa@chromium.org>
Commit-Queue: Satoshi Niwa <niwa@chromium.org>
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
verity is now in platform2.
BUG=chromium:886953
TEST=none
BRANCH=none
Change-Id: I55b8a88540b781658a02819de749ab2d20984658
Signed-off-by: Nicholas Bishop <nicholasbishop@google.com>
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/vboot_reference/+/3087641
Reviewed-by: Julius Werner <jwerner@chromium.org>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
The FIRMWARE_SETTINGS_RESET flag was intended to show when nvdata was
forcibly reset due to CRC failures. However, in practice it is useless
because it never gets cleared again and just stays set forever. This
patch fixes that by clearing it on every normal boot (i.e. a boot where
the existing nvdata was valid and didn't need to be reset).
BRANCH=None
BUG=None
TEST=Booted CoachZ, confirmed flag got cleared.
Signed-off-by: Julius Werner <jwerner@chromium.org>
Change-Id: I8c88ea134bf92ccb5f1d9a710d86c5ec5198def8
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/vboot_reference/+/3063692
Reviewed-by: Yu-Ping Wu <yupingso@chromium.org>
Tested-by: Yu-Ping Wu <yupingso@chromium.org>
Commit-Queue: Yu-Ping Wu <yupingso@chromium.org>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
These have always been in here but I don't think anyone remembers what
they are for. The firmware library doesn't require endian accesses
(other than the TPM2 marshalling code which provides its own... and I
guess the GPT code isn't actually safe for big-endian systems, which is
probably bad, but a topic for another patch). As far as I can tell, none
of our environments actually define the macros that these two are
guarded by. Let's get rid of them and see what breaks.
BRANCH=none
BUG=none
TEST=none
Signed-off-by: Julius Werner <jwerner@chromium.org>
Change-Id: I277336cf768d7d9f5aaf7c032632e4a299b4bb51
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/vboot_reference/+/3063691
Commit-Queue: Yu-Ping Wu <yupingso@chromium.org>
Reviewed-by: Yu-Ping Wu <yupingso@chromium.org>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Since vboot code uses kernel coding style, enable checkpatch_check. The
checkpatch.pl script already checks for long lines, so disable
long_line_check. The latter is inaccurate anyways (a tab is considered
of length 1).
Copy .checkpatch.conf from depthcharge and also ignore
MACRO_WITH_FLOW_CONTROL for the VB2_TRY macro.
BUG=none
TEST=repo upload . --cbr
BRANCH=none
Change-Id: I60d78c47a6723062718d23dc1e74137a56d0d28c
Signed-off-by: Yu-Ping Wu <yupingso@chromium.org>
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/vboot_reference/+/3067205
Reviewed-by: Julius Werner <jwerner@chromium.org>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Add a known partition type guid for hibernate partitions, so that they
can be uniquely distinguished from other data partitions.
BUG=b:196224292
TEST=build volteer with disk_layout_v4
BRANCH=main
Change-Id: I62d969671ee1f80388c2c0cc5982051f5cb1bd0c
Signed-off-by: Evan Green <evgreen@chromium.org>
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/vboot_reference/+/3088839
Reviewed-by: Julius Werner <jwerner@chromium.org>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Since all flags are initialized as 0 in vb2api_init(),
some flag unset operations are not needed.
Edit few comments to make it more accurate.
BUG=none
TEST=export CC=x86_64-pc-linux-gnu-clang DEBUG=1; \
make -j32 test_setup && make -j32 runtests;
BRANCH=none
Signed-off-by: edisonhello <edisonhello@google.com>
Change-Id: I0129f43342598195800ff671b965100d3d568564
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/vboot_reference/+/3066803
Reviewed-by: Julius Werner <jwerner@chromium.org>
Reviewed-by: Yu-Ping Wu <yupingso@chromium.org>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Check vb2api_allow_recovery before actual changes in
vb2api_enable_developer_mode.
Add new API error type VB2_ERROR_API_ENABLE_DEV_NOT_ALLOWED in
vb2_error_t.
Add spaces in the output message of vb2_misc_tests for indentation.
BUG=b:172339016
TEST=export CC=x86_64-pc-linux-gnu-clang DEBUG=1 DETACHABLE=0; \
make -j32 test_setup && make -j32 runtests;
TEST=export CC=x86_64-pc-linux-gnu-clang DEBUG=1 DETACHABLE=1; \
make -j32 test_setup && make -j32 runtests;
TEST=Hayato booted into developer mode
BRANCH=none
Change-Id: Ifebdd01ca87cf944c394907eca73a09fc3bf5457
Signed-off-by: edisonhello <edisonhello@google.com>
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/vboot_reference/+/3056240
Reviewed-by: Julius Werner <jwerner@chromium.org>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Change the order of checking whether the allocated pointer is null
and memset the allocated pointer. Prevent using a null pointer, which
may cause segmentation fault.
BUG=none
TEST=export CC=x86_64-pc-linux-gnu-clang DEBUG=1 \
make -j32 test_setup && make -j32 runtests;
TEST=emerge-asurada depthcharge
BRANCH=none
Signed-off-by: edisonhello <edisonhello@google.com>
Change-Id: I5fc91b5157b32b6b7263d580998eceb6efe9a63a
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/vboot_reference/+/3077962
Reviewed-by: Yu-Ping Wu <yupingso@chromium.org>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Add test_fail function that will check whether the result value is
not 0.
Add TEST_FAIL macro that will call test_fail.
BUG=none
TEST=export CC=x86_64-pc-linux-gnu-clang DEBUG=1; \
make -j32 test_setup && make -j32 runtests;
BRANCH=none
Change-Id: I4dfe6a887780f70fbcb753828cfb5500ed810b72
Signed-off-by: edisonhello <edisonhello@google.com>
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/vboot_reference/+/3060562
Reviewed-by: Yu-Ping Wu <yupingso@chromium.org>
Reviewed-by: Julius Werner <jwerner@chromium.org>
Commit-Queue: Yu-Ping Wu <yupingso@chromium.org>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Publicize vb2api_enable_developer_mode, vb2api_allow_recovery and
VbTryLoadKernel, and modify corresponding parts in tests.
Create vb2api_disable_dev_request, vb2api_request_diagnostics for
wrapping vb2_nv_set(ctx, VB2_NV_DISABLE_DEV_REQUEST, 1) and
vb2_nv_set(ctx, VB2_NV_DIAG_REQUEST, 1).
BUG=b:172339016
TEST=export CC=x86_64-pc-linux-gnu-clang DEBUG=1 DETACHABLE=0; \
make -j32 test_setup && make -j32 runtests;
TEST=export CC=x86_64-pc-linux-gnu-clang DEBUG=1 DETACHABLE=1; \
make -j32 test_setup && make -j32 runtests;
TEST=Hayato booted into developer mode
BRANCH=none
Change-Id: I0211a63ed58ce862ee3e17b4835c675544f773a4
Signed-off-by: edisonhello <edisonhello@google.com>
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/vboot_reference/+/3053541
Reviewed-by: Yu-Ping Wu <yupingso@chromium.org>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Add DEV_BOOT_ALLOWED, DEV_BOOT_ALTFW_ALLOWED,
DEV_BOOT_EXTERNAL_ALLOWED in ctx->flags, which can be used by
external functions. These flags will be filled in
VbSelectAndLoadKernel, before calling any menu function.
In 2ui.c and 2ui_screen.c, all function calls to vb2_dev_boot_*allowed
are replaced with corresponding flags in ctx->flags.
Remove the parts of mocking these functions in unit tests, and set
ctx->flags instead in reset_common_data.
BUG=b:172339016
TEST=export CC=x86_64-pc-linux-gnu-clang DEBUG=1 DETACHABLE=0; \
make -j32 test_setup && make -j32 runtests;
TEST=export CC=x86_64-pc-linux-gnu-clang DEBUG=1 DETACHABLE=1; \
make -j32 test_setup && make -j32 runtests;
TEST=Hayato booted into developer mode
BRANCH=none
Signed-off-by: edisonhello <edisonhello@google.com>
Change-Id: Ida9f03557a92a1522d631fc04b281ce85f5049c7
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/vboot_reference/+/3041498
Reviewed-by: Yu-Ping Wu <yupingso@chromium.org>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
BUG=none
TEST=none
BRANCH=none
Signed-off-by: Joel Kitching <kitching@google.com>
Change-Id: I70f3de0edeeeabc31b97e4320e7ea420e8bdd2cb
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/vboot_reference/+/3060276
Tested-by: Joel Kitching <kitching@chromium.org>
Reviewed-by: Julius Werner <jwerner@chromium.org>
Reviewed-by: Furquan Shaikh <furquan@chromium.org>
Reviewed-by: Hung-Te Lin <hungte@chromium.org>
Commit-Queue: Julius Werner <jwerner@chromium.org>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
This retries signing android image in case of integrity check failure.
The reason of failure is still unknown.
BUG=b:175081695
TEST=Locally image signing passed with adding temporary code that
emulates random diff file error. Confirmed recovery happened
and signing finished successfully.
BRANCH=none
Signed-off-by: Yury Khmel <khmel@google.com>
Change-Id: Iffc23145cae21f4f468b987d015f45fec95f29d0
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/vboot_reference/+/3057193
Reviewed-by: Mike Frysinger <vapier@chromium.org>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Add vb2api_set_locale_id to vboot2 API.
Replace the direct access to vb2_nv_get and vb2_nv_set in ui
functions with vb2api_get_locale_id and vb2api_set_locale_id.
BUG=b:172339016
TEST=export CC=x86_64-pc-linux-gnu-clang DEBUG=1 DIAGNOSTIC_UI=1 \
MINIMAL=1; make -j32 test_setup && make -j32 runtests;
TEST=Hayato booted into developer mode
BRANCH=none
Signed-off-by: edisonhello <edisonhello@google.com>
Change-Id: I5a92e571eceed6a402d0d80caa567bb9d77341a3
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/vboot_reference/+/3041506
Commit-Queue: Yu-Ping Wu <yupingso@chromium.org>
Reviewed-by: Yu-Ping Wu <yupingso@chromium.org>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Replace direct calls to vb2_get_gbb with vb2api_gbb_get_flags.
This is a preparation work for migrating ui codes from vboot to
depthcharge.
BUG=b:172339016
TEST=export CC=x86_64-pc-linux-gnu-clang DEBUG=1; \
make -j32 test_setup && make -j32 runtests;
TEST=Hayato booted into developer mode
BRANCH=none
Change-Id: I69b1504c236df1c0b656cb1e6e28a4066d9fad63
Signed-off-by: edisonhello <edisonhello@google.com>
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/vboot_reference/+/3041504
Commit-Queue: Yu-Ping Wu <yupingso@chromium.org>
Reviewed-by: Yu-Ping Wu <yupingso@chromium.org>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
This is a reland of 43325cb9b2568c4a03c849f3474fcee8de3ae893
Looks like this was reverted incorrectly in CL:3044633, culprit
turned out to be an unrelated flake (see b/194293181).
Original change's description:
> vboot/sign_official_build: re-sign miniOS partitions
>
> sign_official_build.sh needs to be taught how to re-sign miniOS
> partitions, depending on whether the particular image at hand
> contains them or not.
>
> BUG=b:188121855
> TEST=make clean && make runtests
> BRANCH=none
>
> Cq-Depend: chromium:3027786
> Signed-off-by: Joel Kitching <kitching@google.com>
> Change-Id: Iaf847e14588011dd0fea6b59405091ae36ef038f
> Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/vboot_reference/+/2989640
> Tested-by: Joel Kitching <kitching@chromium.org>
> Reviewed-by: Mike Frysinger <vapier@chromium.org>
> Commit-Queue: Joel Kitching <kitching@chromium.org>
Bug: b:188121855
Signed-off-by: Julius Werner <jwerner@google.com>
Change-Id: I2e29a6e85f7d41ad365365ffb7e694f0c291d4f3
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/vboot_reference/+/3046439
Reviewed-by: Sergey Frolov <sfrolov@google.com>
Reviewed-by: Joel Kitching <kitching@chromium.org>
Reviewed-by: Mike Frysinger <vapier@chromium.org>
Tested-by: Julius Werner <jwerner@chromium.org>
Bot-Commit: Rubber Stamper <rubber-stamper@appspot.gserviceaccount.com>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
This reverts commit 43325cb9b2568c4a03c849f3474fcee8de3ae893.
Reason for revert: b/194293181 suspect
Original change's description:
> vboot/sign_official_build: re-sign miniOS partitions
>
> sign_official_build.sh needs to be taught how to re-sign miniOS
> partitions, depending on whether the particular image at hand
> contains them or not.
>
> BUG=b:188121855
> TEST=make clean && make runtests
> BRANCH=none
>
> Cq-Depend: chromium:3027786
> Signed-off-by: Joel Kitching <kitching@google.com>
> Change-Id: Iaf847e14588011dd0fea6b59405091ae36ef038f
> Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/vboot_reference/+/2989640
> Tested-by: Joel Kitching <kitching@chromium.org>
> Reviewed-by: Mike Frysinger <vapier@chromium.org>
> Commit-Queue: Joel Kitching <kitching@chromium.org>
Bug: b:188121855
Change-Id: Ieb936a21d5ae09ed84eb65c9a3a3198a5b5b22a5
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/vboot_reference/+/3044633
Bot-Commit: Rubber Stamper <rubber-stamper@appspot.gserviceaccount.com>
Commit-Queue: Sergey Frolov <sfrolov@google.com>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
These don't really belong together. We can get two cleaner test
files by splitting them apart.
This CL is part of a series to merge vboot1 and vboot2.0
kernel verification code; see b/181739551.
BUG=b:181739551, b:172337800, b:124141368
TEST=make clean && make runtests
BRANCH=none
Signed-off-by: Joel Kitching <kitching@google.com>
Change-Id: Idaa4c36214cc98bffdc50bdb5c071673829250ee
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/vboot_reference/+/3039164
Tested-by: Joel Kitching <kitching@chromium.org>
Reviewed-by: Julius Werner <jwerner@chromium.org>
Commit-Queue: Joel Kitching <kitching@chromium.org>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Flag decides whether MINIOS-A or MINIOS-B is booted.
BUG=b:186682292
TEST=make clean && make runtests
TEST=Deploy and run `crossystem minios_priority` commands
BRANCH=none
Signed-off-by: Joel Kitching <kitching@google.com>
Change-Id: I11460bf1522cde8e98e680b0f00a417e2b4ef9a1
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/vboot_reference/+/2998513
Tested-by: Joel Kitching <kitching@chromium.org>
Commit-Queue: Joel Kitching <kitching@chromium.org>
Reviewed-by: Julius Werner <jwerner@chromium.org>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
vboot 1 is deprecated, so remove "vboot2" annotations in
crossystem help text.
BUG=none
TEST=make clean && make runtests
BRANCH=none
Signed-off-by: Joel Kitching <kitching@google.com>
Change-Id: Ic46576b34d3f1ea611d574e5566479b8d29c1e81
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/vboot_reference/+/3028643
Tested-by: Joel Kitching <kitching@chromium.org>
Commit-Queue: Joel Kitching <kitching@chromium.org>
Reviewed-by: Julius Werner <jwerner@chromium.org>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
sign_official_build.sh needs to be taught how to re-sign miniOS
partitions, depending on whether the particular image at hand
contains them or not.
BUG=b:188121855
TEST=make clean && make runtests
BRANCH=none
Cq-Depend: chromium:3027786
Signed-off-by: Joel Kitching <kitching@google.com>
Change-Id: Iaf847e14588011dd0fea6b59405091ae36ef038f
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/vboot_reference/+/2989640
Tested-by: Joel Kitching <kitching@chromium.org>
Reviewed-by: Mike Frysinger <vapier@chromium.org>
Commit-Queue: Joel Kitching <kitching@chromium.org>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
DIAGNOSTIC_UI is indirectly decided by the diag_payload and minidiag use
flag from depthcharge.
But with introducing the diagnostic boot mode, coreboot also needs to
build minidiag utility functions and enable this building flag.
Therefore we consider to deprecate DIAGNOSTIC_UI and always build them.
For diag_payload:
It is for a diagnostic tool which based on legacy UI and deprecated
For minidiag:
Mini-diag is set default enabled for newer devices, and we could still
use kernel secdata in runtime if we decide to disable it on certain
platforms.
In conclusion, deprecating DIAGNOSTIC_UI will not affect newer devices.
BUG=b:190796342, b:181931817
BRANCH=none
TEST=emerge-volteer depthcharge
TEST=emerge-volteer coreboot
TEST=CC=x86_64-pc-linux-gnu-clang;
make clean && make runtests
Cq-Depend: chromium:3004223
Signed-off-by: Hsuan Ting Chen <roccochen@chromium.org>
Change-Id: I0d804bcd9d31d3952c744a1926ac59cde7b7f841
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/vboot_reference/+/3006114
Reviewed-by: Yu-Ping Wu <yupingso@chromium.org>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
At present in some cases it takes quite a while to figure out what
enum an error code corresponds to. Add a few comments to make this a
little faster.
BUG=b:191646387
BRANCH=none
TEST=FEATURES=test sudo -E emerge vboot_reference
Signed-off-by: Simon Glass <sjg@chromium.org>
Change-Id: I72311d6fdf3c95284f26f28341f2d7d103f6a616
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/vboot_reference/+/2975085
Reviewed-by: Julius Werner <jwerner@chromium.org>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
MiniOS partitions should not be using the same GUID as the kernel. Refer
to bug as to reasons on why.
```
Using disk_layout_v3.json w/ types as "minios" instead of "kernel" and
checking the GUID uses the new type.
$ /build/zork-minios/usr/bin/cgpt show testimage
start size part contents
0 1 PMBR
1 1 Pri GPT header
2 32 Pri GPT table
40 1 1 Label: ""
Type: ChromeOS miniOS
UUID: 8A23CFDA-316E-B847-ADF2-80C4D1DF6F93
67 32 Sec GPT table
99 1 Sec GPT header
$ /build/zork-minios/usr/bin/cgpt show -n testimage
start size part contents
0 1 PMBR
1 1 Pri GPT header
2 32 Pri GPT table
40 1 1 Label: ""
Type: 09845860-705F-4BB5-B16C-8A8A099CAF52
UUID: 8A23CFDA-316E-B847-ADF2-80C4D1DF6F93
Attr: [0]
67 32 Sec GPT table
99 1 Sec GPT header
```
BUG=b:193182769
TEST=# comment above
BRANCH=none
Signed-off-by: Jae Hoon Kim <kimjae@google.com>
Change-Id: I18beb0c79762d838e580f6af7f4a2601e2980de6
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/vboot_reference/+/3017301
Tested-by: Jae Hoon Kim <kimjae@chromium.org>
Reviewed-by: Mike Frysinger <vapier@chromium.org>
Reviewed-by: Julius Werner <jwerner@chromium.org>
Commit-Queue: Jae Hoon Kim <kimjae@chromium.org>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
After crrev/i/3949327, compression type is not simply determined by
ARC type.
BUG=b:180894807
TEST=sign_official_build.sh and check the log message
BRANCH=none
Signed-off-by: Satoshi Niwa <niwa@google.com>
Cq-Depend: chromium:2999963
Cq-Depend: chrome-internal:3949327
Change-Id: I4b1bf452e0d033b4bb8c2f2c1f91819741f9885c
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/vboot_reference/+/2999823
Tested-by: Satoshi Niwa <niwa@chromium.org>
Reviewed-by: Yury Khmel <khmel@chromium.org>
Reviewed-by: Satoshi Niwa <niwa@chromium.org>
Reviewed-by: Kazuhiro Inaba <kinaba@chromium.org>
Auto-Submit: Satoshi Niwa <niwa@chromium.org>
Commit-Queue: Satoshi Niwa <niwa@chromium.org>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
miniOS requires a distinct kernel data key, whose dev key pair
is added in this CL as minios_kernel_data_key.vb{pub,priv}k.
A distinct keyblock is also required. The keyblock should set
the kernel keyblock flag MINIOS_1. Other keyblocks are modified
appropriately to set MINIOS_0. Keyblocks were generated using
the following commands:
$ futility vbutil_keyblock
--flags 23
--datapubkey tests/devkeys/ec_data_key.vbpubk
--signprivate tests/devkeys/ec_root_key.vbprivk
--pack tests/devkeys/ec.keyblock
Keyblock file: tests/devkeys/ec.keyblock
Signature valid
Flags: 23 !DEV DEV !REC !MINIOS
Data key algorithm: 7 RSA4096 SHA256
Data key version: 1
Data key sha1sum: 5833470fe934be76753cb6501dbb8fbf88ab272b
$ futility vbutil_keyblock
--flags 23
--datapubkey tests/devkeys/firmware_data_key.vbpubk
--signprivate tests/devkeys/root_key.vbprivk
--pack tests/devkeys/firmware.keyblock
Keyblock file: tests/devkeys/firmware.keyblock
Signature valid
Flags: 23 !DEV DEV !REC !MINIOS
Data key algorithm: 7 RSA4096 SHA256
Data key version: 1
Data key sha1sum: e2c1c92d7d7aa7dfed5e8375edd30b7ae52b7450
$ futility vbutil_keyblock
--flags 27
--datapubkey tests/devkeys/recovery_kernel_data_key.vbpubk
--signprivate tests/devkeys/recovery_key.vbprivk
--pack tests/devkeys/recovery_kernel.keyblock
Keyblock file: tests/devkeys/recovery_kernel.keyblock
Signature valid
Flags: 27 !DEV DEV REC !MINIOS
Data key algorithm: 11 RSA8192 SHA512
Data key version: 1
Data key sha1sum: e78ce746a037837155388a1096212ded04fb86eb
$ futility vbutil_keyblock
--flags 43
--datapubkey tests/devkeys/minios_kernel_data_key.vbpubk
--signprivate tests/devkeys/recovery_key.vbprivk
--pack tests/devkeys/minios_kernel.keyblock
Keyblock file: tests/devkeys/minios_kernel.keyblock
Signature valid
Flags: 43 !DEV DEV REC MINIOS
Data key algorithm: 8 RSA4096 SHA512
Data key version: 1
Data key sha1sum: 65441886bc54cbfe3a7308b650806f4b61d8d142
$ futility vbutil_keyblock
--flags 23
--datapubkey tests/devkeys/kernel_data_key.vbpubk
--signprivate tests/devkeys/kernel_subkey.vbprivk
--pack tests/devkeys/kernel.keyblock
Keyblock file: tests/devkeys/kernel.keyblock
Signature valid
Flags: 23 !DEV DEV !REC !MINIOS
Data key algorithm: 4 RSA2048 SHA256
Data key version: 1
Data key sha1sum: d6170aa480136f1f29cf339a5ab1b960585fa444
$ futility vbutil_keyblock
--flags 26
--datapubkey tests/devkeys/installer_kernel_data_key.vbpubk
--signprivate tests/devkeys/recovery_key.vbprivk
--pack tests/devkeys/installer_kernel.keyblock
Keyblock file: tests/devkeys/installer_kernel.keyblock
Signature valid
Flags: 26 DEV REC !MINIOS
Data key algorithm: 11 RSA8192 SHA512
Data key version: 1
Data key sha1sum: e78ce746a037837155388a1096212ded04fb86eb
BUG=b:188121855
TEST=make clean && make runtests
BRANCH=none
Signed-off-by: Joel Kitching <kitching@google.com>
Change-Id: I5b3e4def83ff29ca156b3c84dfcb8398f4985e67
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/vboot_reference/+/2965485
Tested-by: Joel Kitching <kitching@chromium.org>
Reviewed-by: Julius Werner <jwerner@chromium.org>
Commit-Queue: Joel Kitching <kitching@chromium.org>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Subsequent code can potentially access the *log variable after
being set by vb2ex_diag_get_storage_test_log.
BUG=none
TEST=make clean && make runtests
BRANCH=none
Signed-off-by: Joel Kitching <kitching@google.com>
Change-Id: I9c8ed20efecbb4eaff8a8fcdf1f467f7df5147a0
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/vboot_reference/+/2917624
Tested-by: Joel Kitching <kitching@chromium.org>
Commit-Queue: Yu-Ping Wu <yupingso@chromium.org>
Reviewed-by: Yu-Ping Wu <yupingso@chromium.org>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Update dependencies list, and use ${FUTILITY} rather than calling
futility directly.
BUG=b:188121855
TEST=make clean && make runtests
BRANCH=none
Signed-off-by: Joel Kitching <kitching@google.com>
Change-Id: I8a28465937ca82ea9e18edc5d613570a561a3e0e
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/vboot_reference/+/2989639
Reviewed-by: Joel Kitching <kitching@chromium.org>
Tested-by: Joel Kitching <kitching@chromium.org>
Commit-Queue: Joel Kitching <kitching@chromium.org>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
These two types are simply thin wrappers around vbutil_kernel
and are no longer used.
BUG=b:188121855
TEST=make clean && make runtests
BRANCH=none
Signed-off-by: Joel Kitching <kitching@google.com>
Change-Id: Ia9a13f2992eb9de9f6c65525739da5f8e945cb3e
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/vboot_reference/+/2989638
Tested-by: Joel Kitching <kitching@chromium.org>
Commit-Queue: Joel Kitching <kitching@chromium.org>
Reviewed-by: Mike Frysinger <vapier@chromium.org>
Reviewed-by: Julius Werner <jwerner@chromium.org>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Merge aliases "ssd" and "base", since they do the same thing but
only "base" is used in chromite scripts.
Remove "usb" since it is not used anywhere.
BUG=b:188121855
TEST=make clean && make runtests
BRANCH=none
Signed-off-by: Joel Kitching <kitching@google.com>
Change-Id: Ief610387fc1b6d72fe8674b0e4d51d74e6173ddd
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/vboot_reference/+/2989637
Tested-by: Joel Kitching <kitching@chromium.org>
Commit-Queue: Joel Kitching <kitching@chromium.org>
Reviewed-by: Mike Frysinger <vapier@chromium.org>
Reviewed-by: Julius Werner <jwerner@chromium.org>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
- Re-order arguments for consistency with LoadKernel()
- Rename `flags` to `lpflags` for clarity
- Move enum and friends to top of vboot_kernel.c
This CL is part of a series to merge vboot1 and vboot2.0
kernel verification code; see b/181739551.
BUG=b:181739551, b:188121855
TEST=make clean && make runtests
BRANCH=none
Signed-off-by: Joel Kitching <kitching@google.com>
Change-Id: I4a1e1eba9f2c72a1393bba29523fc22944a2d73e
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/vboot_reference/+/2917625
Tested-by: Joel Kitching <kitching@chromium.org>
Commit-Queue: Joel Kitching <kitching@chromium.org>
Reviewed-by: Julius Werner <jwerner@chromium.org>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Store kparams as a pointer in vboot_api_kernel.c, rather than a
full struct passed around as a "buffer copy".
This CL is part of a series to merge vboot1 and vboot2.0
kernel verification code; see b/181739551.
BUG=b:181739551
TEST=make clean && make runtests
BRANCH=none
Signed-off-by: Joel Kitching <kitching@google.com>
Change-Id: I7be7280761564c35e928bc947177b3fce61d6215
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/vboot_reference/+/2856360
Tested-by: Joel Kitching <kitching@chromium.org>
Reviewed-by: Yu-Ping Wu <yupingso@chromium.org>
Reviewed-by: Julius Werner <jwerner@chromium.org>
Commit-Queue: Joel Kitching <kitching@chromium.org>
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
This enum has changed. Update the one remaining reference.
BUG=b:191646387
BRANCH=none
TEST=FEATURES=test sudo -E emerge vboot_reference
Signed-off-by: Simon Glass <sjg@chromium.org>
Change-Id: If22fa8cdd9a327e9a54dee01caf423caf7ba4efe
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/vboot_reference/+/3002419
Reviewed-by: Julius Werner <jwerner@chromium.org>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
It seems useful to provide a bit more information about why the kernel
failed to load. We have a suitable error code, so show it.
BUG=b:191646387
BRANCH=none
TEST=run through the flow with a VB2_ERROR_LOAD_PARTITION_WORKBUF
error, see it is shown
Signed-off-by: Simon Glass <sjg@chromium.org>
Change-Id: I426f571e1a4f947c97ccf99a399b4c3ab1c32047
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/vboot_reference/+/2975086
Reviewed-by: Joel Kitching <kitching@chromium.org>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
One of the messages is missing a newline. Add it.
BUG=b:191646387
BRANCH=none
TEST=run through the flow and see that the message is correct
Signed-off-by: Simon Glass <sjg@chromium.org>
Change-Id: I5ba16f6665844b5bad6195d1e734f7aaa4ddc325
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/vboot_reference/+/2975084
Reviewed-by: Chung-Sheng Wu <chungsheng@chromium.org>
Reviewed-by: Joel Kitching <kitching@chromium.org>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Latest x86 processors have SHA256 extension which can accelerate hash
computation in vboot.
This is especially helpful on low-end devices where sha256 computation
takes 70ms-90ms, with this CL it is reduced to 10ms.
BUG=b:162551138
BRANCH=zork
TEST=build and boot, check cbmem -t
TEST=run vb2_sha256_x86_tests on dirinboz
Signed-off-by: Kangheui Won <khwon@chromium.org>
Change-Id: I50e123048d54d5061e8d8e0e0ae804a416130948
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/vboot_reference/+/2639457
Reviewed-by: Paul Fagerburg <pfagerburg@chromium.org>
Reviewed-by: Raul E Rangel <rrangel@chromium.org>
Reviewed-by: Julius Werner <jwerner@chromium.org>
Commit-Queue: Raul E Rangel <rrangel@chromium.org>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
vboot has grown code that requires optimizations (notably dead code
elimination) to be enabled to work right and avoid linker reference
errors. For example, the VB2_TRY() macro may or may not emit a call to
vb2api_fail(), based on whether a `ctx` argument was passed. This is
done through an if-statement with a compile-time constant condition, but
the compiler will only actually omit the vb2api_fail() call instruction
when optimizations are enabled. Not all vboot build targets (e.g.
hostlib) provide the vb2api_fail() symbol, so disabling optimizations
may cause link failures for those targets.
GCC and clang offer an -Og option that only enables simple optimizations
(like dead-code elimination) which don't interfere with debugging...
let's just use that instead.
BRANCH=None
BUG=None
TEST=None
Signed-off-by: Julius Werner <jwerner@chromium.org>
Change-Id: Ia972dc498839df80af6ccae8a8203e8c63a5eadc
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/vboot_reference/+/2986801
Reviewed-by: Joel Kitching <kitching@chromium.org>
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Fix styling of earlier sections and link to the CrOS os_config guide.
BUG=None
TEST=`crossystem --help` looks nice
BRANCH=None
Signed-off-by: Mike Frysinger <vapier@chromium.org>
Change-Id: I1d5d9b080ee288541619ec4e0e8d550985051558
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/vboot_reference/+/2966239
Reviewed-by: Julius Werner <jwerner@chromium.org>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
On load kernel failure, only call vb2api_fail when in normal
mode.
Previously, the behaviour here was to only call when attempting
to load a kernel from a fixed disk. This maps to (1) normal
mode, and (2) developer mode when booting from an internal disk.
Excluding (2) creates a more consistent experience in developer
mode, and also prepares for a world where recovery kernels might
exist on disk.
This CL is part of a series to merge vboot1 and vboot2.0
kernel verification code; see b/181739551.
BUG=b:181739551, b:188121855
TEST=make clean && make runtests
BRANCH=none
Signed-off-by: Joel Kitching <kitching@google.com>
Change-Id: Ic2c55a073b036be98f4ce9b2e0c7fb3209de74c8
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/vboot_reference/+/2917623
Tested-by: Joel Kitching <kitching@chromium.org>
Commit-Queue: Joel Kitching <kitching@chromium.org>
Reviewed-by: Julius Werner <jwerner@chromium.org>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Move disk validity check to static function is_valid_disk().
If multiple disk types are selected (e.g. REMOVABLE | FIXED),
is_valid_disk() will now check that exactly *one* of those flags
is selected by VbDiskInfo.flags.
Also, split disk flags into two 16-bit sections:
- Disk selection in the lower 16 bits (where the disk lives)
- Disk attributes in the higher 16 bits (extra information about
the disk needed to access it correctly)
This CL is part of a series to merge vboot1 and vboot2.0
kernel verification code; see b/181739551.
BUG=b:181739551
TEST=make clean && make runtests
BRANCH=none
Signed-off-by: Joel Kitching <kitching@google.com>
Change-Id: Icf76ab6e92cca40810071def66aed13cdb3a7ec7
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/vboot_reference/+/2872251
Commit-Queue: Joel Kitching <kitching@chromium.org>
Tested-by: Joel Kitching <kitching@chromium.org>
Reviewed-by: Julius Werner <jwerner@chromium.org>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
LoadKernelParams struct is identical to
VbSelectAndLoadKernelParams. Remove it, and use the public
interface internally.
This CL is part of a series to merge vboot1 and vboot2.0
kernel verification code; see b/181739551.
BUG=b:181739551
TEST=make clean && make runtests
BRANCH=none
Signed-off-by: Joel Kitching <kitching@google.com>
Change-Id: I8b820d18c1e9a66404a7a091aa3ccc1b050a559d
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/vboot_reference/+/2846282
Tested-by: Joel Kitching <kitching@chromium.org>
Commit-Queue: Joel Kitching <kitching@chromium.org>
Reviewed-by: Julius Werner <jwerner@chromium.org>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Pass VbDiskInfo struct into LoadKernel, rather than copying all
of its members into LoadKernelParams. Remove the unused members
from LoadKernelParams.
This CL is part of a series to merge vboot1 and vboot2.0
kernel verification code; see b/181739551.
BUG=b:181739551
TEST=make clean && make runtests
BRANCH=none
Signed-off-by: Joel Kitching <kitching@google.com>
Change-Id: I60957426388c88b16e570b717addb5eaf65b5e4f
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/vboot_reference/+/2846281
Reviewed-by: Joel Kitching <kitching@chromium.org>
Tested-by: Joel Kitching <kitching@chromium.org>
Commit-Queue: Joel Kitching <kitching@chromium.org>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Not needed prior to that.
This CL is part of a series to merge vboot1 and vboot2.0
kernel verification code; see b/181739551.
BUG=b:181739551
TEST=make clean && make runtests
BRANCH=none
Signed-off-by: Joel Kitching <kitching@google.com>
Change-Id: Ia60aa05384384bc1e2981266c33b960115734fae
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/vboot_reference/+/2882527
Tested-by: Joel Kitching <kitching@chromium.org>
Commit-Queue: Joel Kitching <kitching@chromium.org>
Reviewed-by: Julius Werner <jwerner@chromium.org>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Relocate currently-in-use kernel struct functions out
of lib20 namespace, and into:
* 2struct.c for functions required at runtime
* host_common.c for functions required by host
Relocate firmware struct functions from 2common.c
into 2struct.c
vb2_common.h may be deleted as a result.
This CL is part of a series to merge vboot1 and vboot2.0
kernel verification code; see b/181739551.
BUG=b:181739551
TEST=make clean && make runtests
BRANCH=none
Signed-off-by: Joel Kitching <kitching@google.com>
Change-Id: Ic162d9633b6112ddc4a819b3e58d313dc484f304
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/vboot_reference/+/2825269
Tested-by: Joel Kitching <kitching@chromium.org>
Commit-Queue: Joel Kitching <kitching@chromium.org>
Reviewed-by: Julius Werner <jwerner@chromium.org>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Previously, the "Key version too old." error message is printed
even when in dev mode (!need_keyblock_valid). Stop printing this
message when the key version check is not applicable.
This CL is part of a series to merge vboot1 and vboot2.0
kernel verification code; see b/181739551.
BUG=b:181739551
TEST=make clean && make runtests
BRANCH=none
Signed-off-by: Joel Kitching <kitching@google.com>
Change-Id: I1c4605342a2c53c45b74be37f2ba597670654a8e
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/vboot_reference/+/2846252
Tested-by: Joel Kitching <kitching@chromium.org>
Commit-Queue: Joel Kitching <kitching@chromium.org>
Reviewed-by: Julius Werner <jwerner@chromium.org>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
For customization projects, the bios image should be patched by
model first, then the gbb got from the image could be correct.
Reason:
In the function, patch_image_by_model, it will apply the rootkey,
vblock_a and vblock_b of the customization project to the gbb part
of the image.
This change moves the function "find_gbb" to the position after the
function "patch_image_by_model" is called.
BUG=b:188861251
BRANCH=none
TEST=build
Change-Id: I5d80405a2a3b0ecc45e86ca3322b328479b83702
Signed-off-by: Isaac Lee <isaaclee@google.com>
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/vboot_reference/+/2929924
Reviewed-by: Hung-Te Lin <hungte@chromium.org>
|