| Commit message (Collapse) | Author | Age | Files | Lines |
|---|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Until now some variables had to be unset or set to NULL to disable their
respective features. This patch makes it possible to disable variables
by passing zero as a value.
BUG=b:206031372
TEST=make runtests
TEST=sudo emerge-guybrush sys-boot/depthcharge
BRANCH=none
Signed-off-by: Jakub Czapiga <jacz@semihalf.com>
Change-Id: I1c254ac8ea3237615a20334ba6a66c09a4abd791
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/vboot_reference/+/3306615
Tested-by: Jakub Czapiga <czapiga@google.com>
Auto-Submit: Jakub Czapiga <czapiga@google.com>
Reviewed-by: Julius Werner <jwerner@chromium.org>
Commit-Queue: Jakub Czapiga <czapiga@google.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
DETACHABLE and PHYSICAL_PRESENCE_KEYBOARD are unused in the code and can
be removed from the Makefile.
BUG=b:206031372
TEST=make runtests
BRANCH=none
Signed-off-by: Jakub Czapiga <jacz@semihalf.com>
Change-Id: I6d91f8bfa8342c95959014c3a0efcccf02f1d915
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/vboot_reference/+/3306614
Tested-by: Jakub Czapiga <czapiga@google.com>
Reviewed-by: Yu-Ping Wu <yupingso@chromium.org>
Commit-Queue: Jakub Czapiga <czapiga@google.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
This patch extends create_new_keys.sh to generate two additional key
pairs to use for AP RO verification signing. Both new pairs are
RSA4096/SHA256.
The script was ran to generate a new set of keys and the produced AP
RO verification key pairs were copied into tests/devkeys.
BRANCH=none
BUG=b:141191727
TEST=re-signed guybrush AP firmware image following the process
described in cmd_gscvd.c comments, created a Cr50 image
incorporating the new root public key hash, updated the DUT AP
and Cr50 firmware and observed successful AP RO validation.
Change-Id: I03cba1446fc5ffdfef662c5ce1ea3e61950477d4
Signed-off-by: Vadim Bendebury <vbendeb@google.com>
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/vboot_reference/+/3297447
Tested-by: Vadim Bendebury <vbendeb@chromium.org>
Reviewed-by: Mike Frysinger <vapier@chromium.org>
Commit-Queue: Vadim Bendebury <vbendeb@chromium.org>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Unfortunately, CL:3168437 introduced a new problem when booting with a
broken TPM: secdata accessors no longer return failure but instead just
abort when booting in normal mode and continue when we're in recovery
mode. The problem is that when accessing secdata very early in
vb2api_fw_phase1(), we have not decided whether we're booting in
recovery mode yet. If vb2_secdata_firmware_init() fails, we will call
vb2api_fail() and then continue knowing that vb2_check_recovery() will
later see the recovery reason in NVRAM and decide to boot directly into
recovery from here. But if the code in-between accesses secdata, the
VB2_CONTEXT_RECOVERY_MODE flag is technically not yet set, so our
secdata accessor thinks we are booting in normal mode and something
terrible happened (because it shouldn't be possible to boot in normal
mode when secdata_init failed), so it aborts.
In order to try to solve this problem in a more general way, introduce a
new VB2_SD_STATUS_RECOVERY_DECIDED status flag that gets set once we
reach the point where we have conclusively decided whether we are
booting into recovery mode and set the appropriate context flags. Any
code using VB2_REC_OR_DIE() before that point will play it safe and
assume that we may still go into recovery mode, so we shouldn't abort.
BRANCH=none
BUG=none
TEST=none
Signed-off-by: Julius Werner <jwerner@chromium.org>
Change-Id: Ic3daa8dac932286257cbceebfff8712d25c3a97a
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/vboot_reference/+/3301540
Reviewed-by: Hsuan Ting Chen <roccochen@chromium.org>
Reviewed-by: Yu-Ping Wu <yupingso@chromium.org>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
This utility is used in key generation, so it really belongs in the SDK.
However, some autotests currently also want to generate keys on the DUT.
So let's just install it to both.
BUG=b:207452735
TEST=FEATURES=test emerge-dedede vboot_reference
TEST=sudo emerge vboot_reference && which dumpRSAPublicKey
BRANCH=none
Change-Id: Ic2395a10557773acffa22ea3c9a1e01cf581053b
Signed-off-by: Yu-Ping Wu <yupingso@chromium.org>
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/vboot_reference/+/3299839
Reviewed-by: Julius Werner <jwerner@chromium.org>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
The current rules for 'utils_install_sdk' and 'utils_install_board'
individually install the required list of binaries and scripts. When
there are overlapping files in 'UTIL_NAMES_SDK' and 'UTIL_NAMES_BOARD',
the second executed rule will fail with duplicate installation.
Instead of having a single phony target that installs all the files,
define a rule 'util_install-<FILE>' for each file to ensure that each
one will be installed at most once.
BUG=b:207452735
TEST=make runtests
TEST=emerge-dedede vboot_reference
TEST=FEATURES=test emerge-dedede vboot_reference
TEST=sudo emerge vboot_reference
BRANCH=none
Change-Id: I24c23a61c4ff7de851bf11541bc46c963bf35c22
Signed-off-by: Yu-Ping Wu <yupingso@chromium.org>
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/vboot_reference/+/3299836
Reviewed-by: Julius Werner <jwerner@chromium.org>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
writeprotect still requires sub-processing flashrom as
libflashrom currently lacks a API to perform this task.
Therefore simplify the remaining sub-process logic for
just this purpose.
BUG=b:203715651
BRANCH=none
TEST=cros deploy to nocturne and ran:
`/usr/sbin/chromeos-firmwareupdate --mode=recovery --wp=1`.
&& `$ cros_run_unit_tests --board nocturne --packages vboot_reference`.
Signed-off-by: Edward O'Callaghan <quasisec@google.com>
Change-Id: I11c0f89997e3f47e97444cc8186823fa536b8d5d
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/vboot_reference/+/3233704
Tested-by: Edward O'Callaghan <quasisec@chromium.org>
Commit-Queue: Edward O'Callaghan <quasisec@chromium.org>
Reviewed-by: Nikolai Artemiev <nartemiev@google.com>
Reviewed-by: Sam McNally <sammc@chromium.org>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Also drop colour support at reviewers request.
BUG=b:203715651
BRANCH=none
TEST=cros deploy to nocturne and ran:
`/usr/sbin/chromeos-firmwareupdate --mode=recovery --wp=1`.
&& `$ cros_run_unit_tests --board nocturne --packages vboot_reference`.
Signed-off-by: Edward O'Callaghan <quasisec@google.com>
Change-Id: Ie1d1b1e8e304d21ac1df741a3b789cb49ede3556
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/vboot_reference/+/3244680
Commit-Queue: Edward O'Callaghan <quasisec@chromium.org>
Tested-by: Edward O'Callaghan <quasisec@chromium.org>
Reviewed-by: Sam McNally <sammc@chromium.org>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
BOOT_EXTERNAL_ON_DEV was not used anymore, so it was removed from the
Makefile and source code.
BUG=b:206031372
BRANCH=none
TEST=make runtests
TEST=emerge-guybrush depthcharge
Signed-off-by: Jakub Czapiga <jacz@semihalf.com>
Change-Id: I463a77f2de8f59954704495708025321ca1571d8
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/vboot_reference/+/3289345
Reviewed-by: Julius Werner <jwerner@chromium.org>
Reviewed-by: Yu-Ping Wu <yupingso@chromium.org>
Tested-by: Jakub Czapiga <czapiga@google.com>
Commit-Queue: Jakub Czapiga <czapiga@google.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Use libflashrom API over sub-processing the flashrom CLI.
Squash in,
Use buffer instead of temp file in load_system_firmware().
BUG=b:203715651
BRANCH=none
TEST=cros deploy to nocturne and ran:
`/usr/sbin/chromeos-firmwareupdate --mode=recovery --wp=1`.
&& `$ cros_run_unit_tests --board nocturne --packages vboot_reference`.
Cq-Depend: chromium:3295109
Signed-off-by: Edward O'Callaghan <quasisec@google.com>
Change-Id: Ib78f7aa6606adb8d5ce72282c55b8e3b9e3b3cde
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/vboot_reference/+/3247853
Tested-by: Edward O'Callaghan <quasisec@chromium.org>
Auto-Submit: Edward O'Callaghan <quasisec@chromium.org>
Commit-Queue: Edward O'Callaghan <quasisec@chromium.org>
Reviewed-by: Sam McNally <sammc@chromium.org>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Possible fix for flashrom trying to write whole flash.
BUG=b:207359246
BRANCH=none
TEST=builds
Signed-off-by: Nikolai Artemiev <nartemiev@google.com>
Change-Id: I69f40a46d3004a2cb4c675ff79854287f7f50766
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/vboot_reference/+/3295638
Reviewed-by: Edward O'Callaghan <quasisec@chromium.org>
Commit-Queue: Edward O'Callaghan <quasisec@chromium.org>
Tested-by: Edward O'Callaghan <quasisec@chromium.org>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Allow for specifying the 'dummy' programmer within tests over
directly using the host native programmer by ignoring the
specified programmer in the case of output mode for the
purpose of checking whether EC/PD images are being used.
BUG=b:203715651
BRANCH=none
TEST=builds
Signed-off-by: Edward O'Callaghan <quasisec@google.com>
Change-Id: I8d3910569eed4ba9259012dbc05028d9f8dba8a3
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/vboot_reference/+/3295888
Tested-by: Edward O'Callaghan <quasisec@chromium.org>
Auto-Submit: Edward O'Callaghan <quasisec@chromium.org>
Commit-Queue: Edward O'Callaghan <quasisec@chromium.org>
Reviewed-by: Sam McNally <sammc@chromium.org>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Fix updater_apply_white_label() to not assume "<none>" is
a valid file path. Also remove a redundant duplication of
a error branch.
BUG=b:203715651
BRANCH=none
TEST=builds
Signed-off-by: Edward O'Callaghan <quasisec@google.com>
Change-Id: I373d6fac4210e2055f9717e2266e9e2820c40f45
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/vboot_reference/+/3295886
Tested-by: Edward O'Callaghan <quasisec@chromium.org>
Auto-Submit: Edward O'Callaghan <quasisec@chromium.org>
Reviewed-by: Sam McNally <sammc@chromium.org>
Commit-Queue: Edward O'Callaghan <quasisec@chromium.org>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Use libflashrom API over sub-processing the flashrom CLI.
Squash in,
vboot_reference/futility: Use image layout as fallback
Use the layout encoding within the image as the fallback if
we cannot read it from ROM. Also cleanup error paths while
here.
BUG=b:203715651
BRANCH=none
TEST=cros deploy to nocturne and ran:
`/usr/sbin/chromeos-firmwareupdate --mode=recovery --wp=1`.
&& `$ cros_run_unit_tests --board nocturne --packages vboot_reference`.
Cq-Depend: chromium:3249690, chromium:3281062, chromium:3288610
Signed-off-by: Edward O'Callaghan <quasisec@google.com>
Change-Id: I892aec510d8023abd42a07cbb036be79bc8b4498
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/vboot_reference/+/3247852
Tested-by: Edward O'Callaghan <quasisec@chromium.org>
Auto-Submit: Edward O'Callaghan <quasisec@chromium.org>
Commit-Queue: Edward O'Callaghan <quasisec@chromium.org>
Reviewed-by: Sam McNally <sammc@chromium.org>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
The reven board's first stage bootloader (bootia32.efi/bootx64.efi) is
signed by Microsoft so that it can boot with the default UEFI Secure
Boot keys. These two files should not be modified by the signing
scripts.
Implement this by adding a third argument to sign_uefi.sh,
"efi_glob". This argument is set to "*.efi" by default, maintaining the
existing behavior. If the key dir matches "*Reven*", the glob is changed
to "grub*.efi".
Tested by running sign_official_build.sh on a reven base image, once
with a keys dir matching "*Reven*", once with it not matching. When the
keys dir matches Reven, grub*.efi is signed but boot*.efi is not. When
the keys dir does not match Reven, both grub*.efi and boot*.efi are
signed:
Matching "*Reven*":
platform/vboot_reference/scripts/image_signing/sign_official_build.sh \
base build/images/reven/latest/chromiumos_base_image.bin \
platform/vboot_reference/tests/Reven \
build/images/reven/latest/chromiumos_base_image.bin.signed
Not matching:
platform/vboot_reference/scripts/image_signing/sign_official_build.sh \
base build/images/reven/latest/chromiumos_base_image.bin \
platform/vboot_reference/tests/devkeys \
build/images/reven/latest/chromiumos_base_image.bin.signed
BUG=b:205145491
TEST=Build a reven base image and test as described above
BRANCH=none
Change-Id: Iec2800c276ca82bfd6e5b465ff821b11e0b0bb08
Signed-off-by: Nicholas Bishop <nicholasbishop@google.com>
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/vboot_reference/+/3262479
Reviewed-by: Joseph Sussman <josephsussman@google.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Remove function VbExIsShutdownRequested, since this function is not used
in vboot anymore after UI code is centralized.
Remove VB_SHUTDOWN_* macros since they are not used in vboot now. These
macros will be added in depthcharge in the dependent CL.
BUG=b:172339016
TEST=DEBUG=1 make -j test_setup && make -j runtests
BRANCH=none
Cq-Depend: chromium:3142698
Signed-off-by: edisonhello <edisonhello@google.com>
Change-Id: I024b34212a5c9e42b880d51d21c7a90a6170b3c3
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/vboot_reference/+/3143814
Reviewed-by: Yu-Ping Wu <yupingso@chromium.org>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Add a new error type VB2_UI_ERROR_MINIOS_BOOT_FAILED for MiniOS boot
failure.
BUG=b:200750322
TEST=emerge-cherry depthcharge
BRANCH=none
Change-Id: Ia567c9ec735e7aae830ad311b2261e01fed53876
Signed-off-by: Yu-Ping Wu <yupingso@chromium.org>
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/vboot_reference/+/3249590
Reviewed-by: Hsuan Ting Chen <roccochen@chromium.org>
Reviewed-by: Jae Hoon Kim <kimjae@chromium.org>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
| |
In the context of device mapper (dm), use "mapped device".
BUG=b:179221734
TEST=make runtests
BRANCH=none
Change-Id: I9245d8482e59db93bfe6cdcaafa503038ae5c9e3
Signed-off-by: Yu-Ping Wu <yupingso@chromium.org>
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/vboot_reference/+/3246662
Reviewed-by: Chen-Yu Tsai <wenst@chromium.org>
Reviewed-by: Hung-Te Lin <hungte@chromium.org>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
This is in prep for removing the need for temp files.
V.2:
Move validation into parse_firmware_image()
BUG=b:203715651
BRANCH=none
TEST=cros deploy to nocturne and ran:
`/usr/sbin/chromeos-firmware --mode=recovery`.
Signed-off-by: Edward O'Callaghan <quasisec@google.com>
Change-Id: Id61fcb0f53546a78085e0a367c21780c5885bc51
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/vboot_reference/+/3244679
Commit-Queue: Edward O'Callaghan <quasisec@chromium.org>
Commit-Queue: Sam McNally <sammc@chromium.org>
Tested-by: Edward O'Callaghan <quasisec@chromium.org>
Auto-Submit: Edward O'Callaghan <quasisec@chromium.org>
Reviewed-by: Sam McNally <sammc@chromium.org>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
| |
BUG=None
BRANCH=None
TEST=None
Change-Id: Id8d14bf0c878ead1b18d27488db0cfa5223652ad
Signed-off-by: Furquan Shaikh <furquan@google.com>
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/vboot_reference/+/3238231
Tested-by: Furquan Shaikh <furquan@chromium.org>
Auto-Submit: Furquan Shaikh <furquan@chromium.org>
Reviewed-by: Dossym Nurmukhanov <dossym@chromium.org>
Commit-Queue: Dossym Nurmukhanov <dossym@chromium.org>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
The strings in these variables usually don't contain any spaces, but on
some non-Google boards (e.g. Intel RVP) they do, so let's follow the
usual shell style and quote all the things.
BRANCH=none
BUG=b:202870010
TEST=None
Signed-off-by: Julius Werner <jwerner@chromium.org>
Change-Id: I90fac5c605c38eec704df0241d822a19210bfdf9
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/vboot_reference/+/3221956
Reviewed-by: Andrey Pronin <apronin@chromium.org>
Reviewed-by: Yu-Ping Wu <yupingso@chromium.org>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
The help text of the new subcommand is as follows:
-------
This utility creates an RO verification space in the Chrome OS AP
firmware image or allows to validate a previously prepared image
containing the RO verification space.
Usage: futilitygscvd PARAMS <AP FIRMWARE FILE> [<root key hash>]
Creation of RO Verification space:
Required PARAMS:
-R|--ranges STRING Comma separated colon delimited
hex tuples <offset>:<size>, the
areas of the RO covered by the
signature
-r|--root_pub_key <file> The main public key, in .vbpubk
format, used to verify platform
key
-k|--keyblock <file> Signed platform public key in
.keyblock format, used for run
time RO verifcation
-p|--platform_priv <file> Private platform key in .vbprivk
format, used for signing RO
verification data
Optional PARAMS:
[--outfile] OUTFILE Output firmware image containing
RO verification information
Validation of RO Verification space:
The only required parameter is <AP FIRMWARE FILE>, if optional
<root key hash> is given, it is compared to the hash of the body
of the root key found in <AP_FIRMWARE_FILE>.
-h|--help Print this message
-------
When creating GVD section, the sha256 hash of the root public key
payload is printed on stdout, this is the hash to include in the GSC
image to for the root key verification.
Code converting ASCII hex string into binary is refactored into a misc
function.
BRANCH=none
BUG=b:141191727
TEST=testing included the following steps:
. modified guybrush coreboot to allocate an 8KB RO_GSCVD area in
FMAP and built a guybrush BIOS image
. filled GVD space as described in the source file comments
. verified the created space as described in the source file comments
. verified AP RO integrity on the GSC size using crrev.com/c/3172256
Change-Id: I51a80be5007a32d5286b93499f71da84f41b3d81
Signed-off-by: Vadim Bendebury <vbendeb@chromium.org>
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/vboot_reference/+/3174570
Reviewed-by: Julius Werner <jwerner@chromium.org>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Add new rule 'install_dut_test' to deploy dut-specific tests to the
device. Any tests included in the rule will be installed into
/usr/share/vboot/tests/.
Especially vb2_sha256_x86_tests uses sha-ni extension, which might not
be available on some platforms. So it needs to be deployed to the dut
and run there.
BUG=b:162551138
BRANCH=none
TEST=build with modified ebuild on hana & guybrush
Signed-off-by: Kangheui Won <khwon@chromium.org>
Change-Id: I9c6e00c8a9aca192ae283560383417c1215c221f
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/vboot_reference/+/3141250
Reviewed-by: Raul E Rangel <rrangel@chromium.org>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
To support booting from the non-active miniOS partition in recovery UI,
add minios_flags argument to VbTryLoadMiniOsKernel. Currently there is
only one flag: VB_MINIOS_FLAG_NON_ACTIVE. When it is set, we will
attempt to boot from the non-active partition only.
BUG=b:200750322
TEST=make runtests
BRANCH=none
Cq-Depend: chromium:3219727
Change-Id: I6221f10c09de2487e89e6113981bc9e9755d67f4
Signed-off-by: Yu-Ping Wu <yupingso@chromium.org>
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/vboot_reference/+/3219901
Reviewed-by: Julius Werner <jwerner@chromium.org>
Reviewed-by: Jae Hoon Kim <kimjae@chromium.org>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
This reverts commit 8aded7005e2830f54cf53b329946cbb1f11548f2.
Reason for revert: b:202258389
Original change's description:
> 2lib: Use ctx flag VB2_CONTEXT_EC_TRUSTED instead of vb2ex_ec_trusted
>
> In vb2api_allow_recovery(), we need to check if EC is trusted for
> booting into manual recovery mode. This was implemented by a function
> vb2ex_ec_trusted() which defined in vboot_reference and implemented in
> depthcharge by reading the corresponding EC_IN_RW GPIO flags.
>
> By introducing new boot mode architecture, coreboot will now calling
> these functions to determine the current boot mode and support the
> similar functionalities about checking if EC is trusted (i.e. EC is not
> in RW).
>
> We leverages the existing ctx flag VB2_CONTEXT_EC_TRUSTED for fulfilling
> this. This flag will be set at coreboot vboot_logic.c:verstage_main()
> and can be used deciding the boot mode in vboot_reference:
> vb2api_fw_phase1() and is cleared while EC jumps to RW (i.e.
> 2ec_sync.c:sync_ec()).
>
> BRANCH=none
> BUG=b:181931817
> TEST=emerge-trogdor coreboot vboot_reference depthcharge
>
> Cq-Depend: chromium:3088889
> Signed-off-by: Hsuan Ting Chen <roccochen@chromium.org>
> Change-Id: I50f35f48ce75e421094ea21e45c24b82e6e55a6c
> Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/vboot_reference/+/3106329
> Reviewed-by: Julius Werner <jwerner@chromium.org>
> Reviewed-by: Yu-Ping Wu <yupingso@chromium.org>
Bug: b:181931817
Change-Id: I11ae3b2d71c040dfe45b34f74974845dafa92b42
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/vboot_reference/+/3211007
Bot-Commit: Rubber Stamper <rubber-stamper@appspot.gserviceaccount.com>
Commit-Queue: Bhanu Prakash Maiya <bhanumaiya@google.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
This reverts commit 7c73bb07fd3ca45ce650b993a9c6a5850ddb2707.
Reason for revert: b:202258389
Original change's description:
> 2lib/2api: Deprecate vb2ex_ec_trusted()
>
> coreboot will support check the EC_IN_RW during verstage_main(), which
> performs the equivalent tasks as vb2ex_ec_trusted().
>
> In the previous CL, we remove the check of vb2ex_ec_trusted(), so the
> whole implementation of this function among vboot_reference and
> depthcharge could be deprecated and removed.
>
> BUG=b:181931817
> BRANCH=none
> TEST=CC=x86_64-pc-linux-gnu-clang;
> make clean && make runtests
> TEST=emerge coreboot vboot_reference depthcharge
>
> Cq-Depend: chromium:3139956
> Signed-off-by: Hsuan Ting Chen <roccochen@chromium.org>
> Change-Id: I4f592d7dec2480475762e1336791cbb34fa143ba
> Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/vboot_reference/+/3139539
> Reviewed-by: Julius Werner <jwerner@chromium.org>
> Reviewed-by: Yu-Ping Wu <yupingso@chromium.org>
Bug: b:181931817
Change-Id: Ia127ce89b7f9413db9fd6ca4561ad06efb36d7e1
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/vboot_reference/+/3211006
Bot-Commit: Rubber Stamper <rubber-stamper@appspot.gserviceaccount.com>
Commit-Queue: Bhanu Prakash Maiya <bhanumaiya@google.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
This reverts commit 2cf76574dbf57c70da3a835f2a45d5619dc058f5.
Reason for revert: b:202258389
Original change's description:
> 2api: Add vb2_boot_mode in vb2_context denoted the current boot mode
>
> Add enum vb2_boot_mode which denotes the most relevant boot mode between
> normal, manual recovery, broken recovery, diagnostic, and developer.
>
> The boot mode constant stores in vb2_context, is exposed externally, and
> decided in vb2api_fw_phase1.
>
> Split out the logic of manual recovery and broken screen. (The broken
> recovery is a recovery boot with !vb2api_allow_recovery)
>
> Add the fifth boot mode, diagnostic boot mode
>
> A boot could match more the one boot mode, this api will pick the most
> relevant boot mode based on the following order:
> 1. Manual recovery boot
> 2. Broken recovery boot
> 3. Diagnostics boot
> 4. Developer boot
> 5. Normal boot
>
> This constant is used in:
> * lib/vboot_api_kernel.c: VbSelectAndLoadKernel()
> * lib/vboot_kernel.c: replace the original vb2_boot_mode
> * coreboot/bootmode for adding elogs
>
> Also bump the vb2sd minor version from 0 to 1.
>
> BUG=b:185551931, b:177196147, b:181931817
> BRANCH=none
> TEST=CC=x86_64-pc-linux-gnu-clang;
> make clean && make runtests
> TEST=emerge coreboot vboot_reference depthcharge
>
> Signed-off-by: Hsuan Ting Chen <roccochen@chromium.org>
> Change-Id: I421e4d51c261ba2bdec996a5fb2ebccb33513fa4
> Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/vboot_reference/+/2944250
> Reviewed-by: Yu-Ping Wu <yupingso@chromium.org>
Bug: b:185551931, b:177196147, b:181931817
Change-Id: Ic184a24f5b580bcaf40d75045476ae77c674dd3d
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/vboot_reference/+/3209725
Bot-Commit: Rubber Stamper <rubber-stamper@appspot.gserviceaccount.com>
Commit-Queue: Bhanu Prakash Maiya <bhanumaiya@google.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
CL:3167016 in depthcharge mocks vb2ex_printf() to avoid segmentation
fault when running depthcharge unit tests, but the same problem still
exists for all vboot stub functions that use fprintf() to print error
messages. Instead of mocking all the vb2ex_* functions in depthcharge,
we use a simpler approach: always printing error messages using
vb2ex_printf() (or other equivalences) for vboot stubs.
BUG=b:200234887
TEST=make clean && make runtests
TEST=(depthcharge) make unit-tests
BRANCH=none
Change-Id: Idf758070a61b28284864a698475ca582719f4789
Signed-off-by: Yu-Ping Wu <yupingso@chromium.org>
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/vboot_reference/+/3199053
Reviewed-by: Jakub Czapiga <czapiga@google.com>
Reviewed-by: Julius Werner <jwerner@chromium.org>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Add enum vb2_boot_mode which denotes the most relevant boot mode between
normal, manual recovery, broken recovery, diagnostic, and developer.
The boot mode constant stores in vb2_context, is exposed externally, and
decided in vb2api_fw_phase1.
Split out the logic of manual recovery and broken screen. (The broken
recovery is a recovery boot with !vb2api_allow_recovery)
Add the fifth boot mode, diagnostic boot mode
A boot could match more the one boot mode, this api will pick the most
relevant boot mode based on the following order:
1. Manual recovery boot
2. Broken recovery boot
3. Diagnostics boot
4. Developer boot
5. Normal boot
This constant is used in:
* lib/vboot_api_kernel.c: VbSelectAndLoadKernel()
* lib/vboot_kernel.c: replace the original vb2_boot_mode
* coreboot/bootmode for adding elogs
Also bump the vb2sd minor version from 0 to 1.
BUG=b:185551931, b:177196147, b:181931817
BRANCH=none
TEST=CC=x86_64-pc-linux-gnu-clang;
make clean && make runtests
TEST=emerge coreboot vboot_reference depthcharge
Signed-off-by: Hsuan Ting Chen <roccochen@chromium.org>
Change-Id: I421e4d51c261ba2bdec996a5fb2ebccb33513fa4
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/vboot_reference/+/2944250
Reviewed-by: Yu-Ping Wu <yupingso@chromium.org>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
coreboot will support check the EC_IN_RW during verstage_main(), which
performs the equivalent tasks as vb2ex_ec_trusted().
In the previous CL, we remove the check of vb2ex_ec_trusted(), so the
whole implementation of this function among vboot_reference and
depthcharge could be deprecated and removed.
BUG=b:181931817
BRANCH=none
TEST=CC=x86_64-pc-linux-gnu-clang;
make clean && make runtests
TEST=emerge coreboot vboot_reference depthcharge
Cq-Depend: chromium:3139956
Signed-off-by: Hsuan Ting Chen <roccochen@chromium.org>
Change-Id: I4f592d7dec2480475762e1336791cbb34fa143ba
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/vboot_reference/+/3139539
Reviewed-by: Julius Werner <jwerner@chromium.org>
Reviewed-by: Yu-Ping Wu <yupingso@chromium.org>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Add VbTryLoadMiniOsKernel() to vboot API, which boots from a miniOS
recovery kernel located on internal disk. In this boot path, an attempt
is made to verify and boot this kernel. Recovery proceeds from within
the miniOS kernel by downloading a recovery image over the network. No
USB disk is used in the process.
For more information, see go/nbr-firmware.
BUG=b:188121855, b:186682292
TEST=make clean && make runtests
BRANCH=none
Change-Id: Ic4d1fe5642a2bf71c51c78fd7830ad2b6e9eebeb
Signed-off-by: Yu-Ping Wu <yupingso@chromium.org>
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/vboot_reference/+/2856364
Reviewed-by: Julius Werner <jwerner@chromium.org>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
In vb2api_allow_recovery(), we need to check if EC is trusted for
booting into manual recovery mode. This was implemented by a function
vb2ex_ec_trusted() which defined in vboot_reference and implemented in
depthcharge by reading the corresponding EC_IN_RW GPIO flags.
By introducing new boot mode architecture, coreboot will now calling
these functions to determine the current boot mode and support the
similar functionalities about checking if EC is trusted (i.e. EC is not
in RW).
We leverages the existing ctx flag VB2_CONTEXT_EC_TRUSTED for fulfilling
this. This flag will be set at coreboot vboot_logic.c:verstage_main()
and can be used deciding the boot mode in vboot_reference:
vb2api_fw_phase1() and is cleared while EC jumps to RW (i.e.
2ec_sync.c:sync_ec()).
BRANCH=none
BUG=b:181931817
TEST=emerge-trogdor coreboot vboot_reference depthcharge
Cq-Depend: chromium:3088889
Signed-off-by: Hsuan Ting Chen <roccochen@chromium.org>
Change-Id: I50f35f48ce75e421094ea21e45c24b82e6e55a6c
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/vboot_reference/+/3106329
Reviewed-by: Julius Werner <jwerner@chromium.org>
Reviewed-by: Yu-Ping Wu <yupingso@chromium.org>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
This CL is a revert to CL:300621.
In that CL, we adjusted the order of checking dev switch
(vb2_check_dev_switch) and move it after the check for recovery step
(vb2_check_recovery). The reason of that adjustment was because
vb2_check_dev_switch might return very early if the TPM is broken and
it failed to retrieve the secdata.
However, retrieving the secdata becomes a function which cannot fail
nowadays and it is not necessary to handle that scenario of the early
return in vb2_check_dev_switch. So we adjust them back to the original
order.
We also remove the related outdated unit tests in vb2_api_tests.c
BUG=none
BRANCH=none
TEST=CC=x86_64-pc-linux-gnu-clang;
make clean && make runtests
Signed-off-by: Hsuan Ting Chen <roccochen@chromium.org>
Change-Id: Iada8092e73ed9282242b1d67d101c836860e13c6
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/vboot_reference/+/3168437
Reviewed-by: Yu-Ping Wu <yupingso@chromium.org>
Reviewed-by: Julius Werner <jwerner@chromium.org>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
| |
The test uses sha-ni extension, so it crashes on platforms without
sha-ni. Add cpuid checks to avoid that.
BUG=b:162551138
BRANCH=none
TEST=run test on Haswell, which doesn't have sha-ni
Signed-off-by: Kangheui Won <khwon@chromium.org>
Change-Id: I6e18843a723d022c67832ef970d4dc470c1aadce
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/vboot_reference/+/3140849
Reviewed-by: Raul E Rangel <rrangel@chromium.org>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
fstrim relies on the underlying device supporting it and on our
instances we're on lvm devices. Since we're fstrim'ing a mounted
loopback the ability to call fstrim is inherited by the parent device.
Something has changed in the kernel (see bug) that stopped us from
making the trim call on the loopback partition.
sfill with these options should accomplish the same thing (single
write with all zeros) as well as cleaning up inode space.
BRANCH=main
BUG=b:200038130
TEST=signer full tests with this commit.
Signed-off-by: engeg <engeg@google.com>
Change-Id: I8c71adfd59c11b5142aa367fb20222fc4b03a2ba
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/vboot_reference/+/3167191
Tested-by: George Engelbrecht <engeg@google.com>
Auto-Submit: George Engelbrecht <engeg@google.com>
Reviewed-by: Jason Clinton <jclinton@chromium.org>
Reviewed-by: Jared Loucks <jaredloucks@google.com>
Reviewed-by: Greg Edelston <gredelston@google.com>
Commit-Queue: George Engelbrecht <engeg@google.com>
Commit-Queue: Greg Edelston <gredelston@google.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
By passing TEST_PRINT=1 to make, VBOOT_DEBUG symbol will be defined and
hence cause the stub vb2ex_printf() to print to stderr. Note that
DEBUG=1 will also imply VBOOT_DEBUG as before.
BUG=none
TEST=make clean && TEST_PRINT=0 make run2tests
TEST=make clean && TEST_PRINT=1 make run2tests
BRANCH=none
Change-Id: I39353f7fdec0167aa054501bda9d6e23bf66b732
Signed-off-by: Yu-Ping Wu <yupingso@chromium.org>
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/vboot_reference/+/3161533
Reviewed-by: Julius Werner <jwerner@chromium.org>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Since the UI code has been moved to depthcharge, VbExKeyboardRead and
VbExKeyboardReadWithFlags are not used in any function in vboot now.
Remove these two functions in vboot.
BUG=b:172339016
TEST=DEBUG=1 make -j test_setup && make -j runtests
BRANCH=none
Cq-Depend: chromium:3142696
Signed-off-by: edisonhello <edisonhello@google.com>
Change-Id: I6ce983bf400141681dfd33a0e3c30fe74a992c77
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/vboot_reference/+/3143812
Reviewed-by: Yu-Ping Wu <yupingso@chromium.org>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Remove function vb2ex_diag_storage_test_control, after UI code
centralize, since this function is not used anymore in vboot.
Remove enum vb2_diag_storage_test, which is for the parameter of
vb2ex_diag_storage_test_control.
BUG=b:172339016
TEST=DEBUG=1 make -j test_setup && make -j run_test_scripts
BRANCH=none
Cq-Depend: chromium:3142697
Signed-off-by: edisonhello <edisonhello@google.com>
Change-Id: Ie9cdeecd78973074cf363bf41bd37244a3b6d1af
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/vboot_reference/+/3143813
Reviewed-by: Yu-Ping Wu <yupingso@chromium.org>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Since all the screens and tests are already moved to depthcharge
in previous CLs, remove all internal UI functions and tests from
vboot.
BUG=b:172339016
TEST=DEBUG=1 make -j test_setup && make -j runtests
BRANCH=none
Signed-off-by: edisonhello <edisonhello@google.com>
Change-Id: Ifbd005a5761e5c354e010fc70487a63cd17cf4b3
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/vboot_reference/+/3139540
Reviewed-by: Julius Werner <jwerner@chromium.org>
Reviewed-by: Yu-Ping Wu <yupingso@chromium.org>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
This CL is a part of centralizing ui codes. The removed screens and unit
tests will be added in depthcharge.
Remove diagnostics menu, diagnostics storage and memory checking screens.
Remove unit tests for above screens and menu.
BUG=b:172339016
TEST=export CC=x86_64-pc-linux-gnu-clang DEBUG=1 DETACHABLE=0; \
make -j test_setup && make -j runtests
TEST=export CC=x86_64-pc-linux-gnu-clang DEBUG=1 DETACHABLE=1; \
make -j test_setup && make -j runtests
BRANCH=none
Cq-Depend: chromium:3138687
Signed-off-by: edisonhello <edisonhello@google.com>
Change-Id: I5eb1bee6a5f1aedb77298acbddab20156c1c086e
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/vboot_reference/+/3139537
Reviewed-by: Yu-Ping Wu <yupingso@chromium.org>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
This CL is a part of centralizing ui codes. The removed screens and unit
tests will be added in depthcharge.
Remove developer menu and its action function.
Remove developer mode, developer to norm, developer boot external,
developer invalid disk, developer select altfw screens.
Remove unit tests for above screens and menu.
BUG=b:172339016
TEST=export CC=x86_64-pc-linux-gnu-clang DEBUG=1 DETACHABLE=0; \
make -j test_setup && make -j runtests
TEST=export CC=x86_64-pc-linux-gnu-clang DEBUG=1 DETACHABLE=1; \
make -j test_setup && make -j runtests
BRANCH=none
Cq-Depend: chromium:3132550
Signed-off-by: edisonhello <edisonhello@google.com>
Change-Id: I45332f8e059eba612231362cc56a70da1336c7c2
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/vboot_reference/+/3132504
Reviewed-by: Yu-Ping Wu <yupingso@chromium.org>
Reviewed-by: Julius Werner <jwerner@chromium.org>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
This CL is a part of centralizing ui codes. The removed screens and unit
tests will be added in depthcharge.
Remove manual recovery menu and its action function.
Remove recovery select, recovery phone step *, recovery disk step *,
recovery invalid screens.
Add vb2ex_manual_recovery_ui declaration.
Remove unit tests of above screens, menu and actions.
BUG=b:172339016
TEST=Hayato booted into developer mode
TEST=Hayato showed manual recovery screen
TEST=export CC=x86_64-pc-linux-gnu-clang DEBUG=1 DETACHABLE=0; \
make -j test_setup && make -j runtests
TEST=export CC=x86_64-pc-linux-gnu-clang DEBUG=1 DETACHABLE=1; \
make -j test_setup && make -j runtests
BRANCH=none
Cq-Depend: chromium:3099529
Signed-off-by: edisonhello <edisonhello@google.com>
Change-Id: I330098200d45d094d4faab90b96355b5b19e3fea
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/vboot_reference/+/3116108
Reviewed-by: Julius Werner <jwerner@chromium.org>
Reviewed-by: Yu-Ping Wu <yupingso@chromium.org>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Remove broken recovery screen in vboot, and migrate to depthcharge.
Remove broken recovery related tests in vboot.
BUG=b:172339016
TEST=Hayato booted into developer mode
TEST=export CC=x86_64-pc-linux-gnu-clang DEBUG=1 DETACHABLE=0; \
make -j test_setup && make -j runtests
TEST=export CC=x86_64-pc-linux-gnu-clang DEBUG=1 DETACHABLE=1; \
make -j test_setup && make -j runtests
BRANCH=none
Cq-Depend: chromium:3116129
Change-Id: I7d830e992d9ae1703befba570dfbe3061319b9fe
Signed-off-by: edisonhello <edisonhello@google.com>
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/vboot_reference/+/3060559
Reviewed-by: Julius Werner <jwerner@chromium.org>
Reviewed-by: Yu-Ping Wu <yupingso@chromium.org>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Prepare for copying UI functions to depthcharge.
Rename UI functions which will be copied to depthcharge in vboot
in order to avoid linking time error after copying the functions.
BUG=b:172339016
TEST=export CC=x86_64-pc-linux-gnu-clang DEBUG=1 DETACHABLE=0; \
make -j test_setup && make -j runtests
TEST=export CC=x86_64-pc-linux-gnu-clang DEBUG=1 DETACHABLE=1; \
make -j test_setup && make -j runtests
TEST=Hayato booted into developer mode
BRANCH=none
Change-Id: I840de3121dc2ccd8f6d05ec8a1538c3761f806da
Signed-off-by: edisonhello <edisonhello@google.com>
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/vboot_reference/+/3060558
Reviewed-by: Julius Werner <jwerner@chromium.org>
Reviewed-by: Yu-Ping Wu <yupingso@chromium.org>
|
| |
|
|
|
|
|
|
|
|
|
|
|
| |
More permanent fix todo, need to unblock reven-release.
BUG=b:199136347
TEST=shellcheck
BRANCH=none
Change-Id: I2b124f88aa2c5c70124888e2d64bd5a2c41f1a96
Signed-off-by: Jack Neus <jackneus@google.com>
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/vboot_reference/+/3149594
Reviewed-by: George Engelbrecht <engeg@google.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
partnum variable isn't defined.
BUG=none
TEST=none
Signed-off-by: Jae Hoon Kim <kimjae@chromium.org>
BRANCH=none
Change-Id: Ie4ce809e4331d04c10c60f0e9c1b883124018038
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/vboot_reference/+/3146295
Tested-by: Jae Hoon Kim <kimjae@chromium.org>
Auto-Submit: Jae Hoon Kim <kimjae@chromium.org>
Reviewed-by: George Engelbrecht <engeg@google.com>
Commit-Queue: George Engelbrecht <engeg@google.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
This reverts commit 1376cfbfdd3b0cbc14da190c744604c4f3d29a23.
Reason for revert: bad code (missing [[)
Original change's description:
> reven signing: skip install_gsetup_certs
>
> BUG=b:199136347,b:194500280
> TEST=none
> BRANCH=none
>
> Change-Id: Iba90c1f4dcc2fadf9cbadac1948d5037b0feb278
> Signed-off-by: Jack Neus <jackneus@google.com>
> Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/vboot_reference/+/3145774
> Reviewed-by: George Engelbrecht <engeg@google.com>
Bug: b:199136347,b:194500280
Change-Id: I9b1df358a18d043eb0d20d18ed17e1bafbd9e5f3
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/vboot_reference/+/3146076
Auto-Submit: Jack Neus <jackneus@google.com>
Commit-Queue: Rubber Stamper <rubber-stamper@appspot.gserviceaccount.com>
Commit-Queue: George Engelbrecht <engeg@google.com>
Bot-Commit: Rubber Stamper <rubber-stamper@appspot.gserviceaccount.com>
Reviewed-by: George Engelbrecht <engeg@google.com>
Tested-by: George Engelbrecht <engeg@google.com>
Tested-by: Jack Neus <jackneus@google.com>
|
| |
|
|
|
|
|
|
|
|
|
| |
BUG=b:199136347,b:194500280
TEST=none
BRANCH=none
Change-Id: Iba90c1f4dcc2fadf9cbadac1948d5037b0feb278
Signed-off-by: Jack Neus <jackneus@google.com>
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/vboot_reference/+/3145774
Reviewed-by: George Engelbrecht <engeg@google.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Reasons that miniOS partitions might be empty is that the feature is not
enabled yet, but the partitions exist as it's using the newer
disk_layout_v3.
BUG=b:199021334
TEST=# run tests
Signed-off-by: Jae Hoon Kim <kimjae@chromium.org>
BRANCH=none
Change-Id: I2a6b68240428ab2f01394230840ff116c720b3df
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/vboot_reference/+/3145770
Tested-by: Jae Hoon Kim <kimjae@chromium.org>
Auto-Submit: Jae Hoon Kim <kimjae@chromium.org>
Reviewed-by: Julius Werner <jwerner@chromium.org>
Commit-Queue: Julius Werner <jwerner@chromium.org>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Currently the EC is trusted if any of the conditions are met:
* The ctx flag VB2_CONTEXT_EC_TRUSTED is set.
* vb2ex_ec_trusted() returns trusted.
With introducing the boot mode area in ctx, the vb2ex_ec_trusted will be
deprecated and the VB2_CONTEXT_EC_TRUSTED will become the only condition
to decide if EC is trusted.
This CL clears the flag while EC jumps to RW, which is the prerequisite
before landing the coreboot changes.
Also update the tests of ec_sync()
BRANCH=none
BUG=b:181931817
TEST=emerge-trogdor coreboot vboot_reference depthcharge
Signed-off-by: Hsuan Ting Chen <roccochen@chromium.org>
Change-Id: I4711093353f5a92157c4c00c859c01f08fc3607f
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/vboot_reference/+/3139538
Reviewed-by: Yu-Ping Wu <yupingso@chromium.org>
|
