| Commit message (Collapse) | Author | Age | Files | Lines |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Let's require the user of this script to explicitly provide the base
file name of the generated key.
BRANCH=none
BUG=b:221423468
TEST=verified generating the new key in various directories (local and
non local).
Verified that the script fails if the user does not supply the
required key file base name.
Change-Id: Iaf85e5822d06c65ca4b7d51f17579269576e4707
Signed-off-by: Vadim Bendebury <vbendeb@google.com>
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/vboot_reference/+/3630287
Tested-by: Vadim Bendebury <vbendeb@chromium.org>
Reviewed-by: Mike Frysinger <vapier@chromium.org>
Commit-Queue: Vadim Bendebury <vbendeb@chromium.org>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
The getter for HWWP implicitly converted the integer returned by
crossystem to an `enum wp_state`. This only worked because of the
particular values assigned to the enum values, so explicitly convert
instead.
BUG=b:223291615
BRANCH=none
TEST=builds
Change-Id: Ib572733f8b05a5a992f09ba98050a7eab5e3bcce
Signed-off-by: Nikolai Artemiev <nartemiev@google.com>
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/vboot_reference/+/3540784
Reviewed-by: Julius Werner <jwerner@chromium.org>
Reviewed-by: Edward O'Callaghan <quasisec@chromium.org>
Tested-by: Edward O'Callaghan <quasisec@chromium.org>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Move the creation of simple folder manifest to a new function.
No changes in functionality.
BUG=None
TEST=make; run test
BRANCH=None
Change-Id: I302752183fc4f385f9b915023d26723a5cbd0c1c
Signed-off-by: Hung-Te Lin <hungte@chromium.org>
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/vboot_reference/+/3615697
Commit-Queue: Yu-Ping Wu <yupingso@chromium.org>
Reviewed-by: Yu-Ping Wu <yupingso@chromium.org>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
The signer_config.csv contains almost everything we need for mapping
from models to image files so that can be an alternative when
models/*/setvars.sh files are not available. This can be shared by
/firmware in future.
Verified by comparing the manifest.json from existing firmware updaters
on the following boards: volteer (share target), sarien (no ec), octopus
(custom-label), and hatch (share target).
for BOARD in volteer sarien octopus hatch; do
/build/$BOARD/usr/sbin/chromeos-firmwareupdate --unpack test/$BOARD
jq -S . <test/$BOARD/manifest.json >old
rm -rf test/$BOARD/models
futility update --manifest -a test/$BOARD | jq -S . >new
diff new old >diff.$BOARD
done
# all diff.$BOARD are empty, e.g., no difference.
BUG=b:230679721
TEST=make; run test
BRANCH=None
Change-Id: I17393c941d2577a2b1c5f00f60b25e98fa3f3a6f
Signed-off-by: Hung-Te Lin <hungte@chromium.org>
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/vboot_reference/+/3612646
Reviewed-by: Julius Werner <jwerner@chromium.org>
Commit-Queue: Yu-Ping Wu <yupingso@chromium.org>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
The PATH_ENDSWITH_SERVARS should be PATH_ENDSWITH_SETVARS.
BUG=None
TEST=make; run test
BRANCH=None
Signed-off-by: Hung-Te Lin <hungte@chromium.org>
Change-Id: I2fd8ab9fe9accf185bc85b2a195e90a9863669bf
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/vboot_reference/+/3615696
Reviewed-by: Yu-Ping Wu <yupingso@chromium.org>
Commit-Queue: Yu-Ping Wu <yupingso@chromium.org>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
To simplify parsing text files in future we want the archive_read_file
to always return a NULL terminated string on success.
BUG=None
TEST=make; run test
BRANCH=None
Signed-off-by: Hung-Te Lin <hungte@chromium.org>
Change-Id: I0dd0105971a80d857a1b05d9680b34b42dbff7e6
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/vboot_reference/+/3612645
Reviewed-by: Julius Werner <jwerner@chromium.org>
Commit-Queue: Julius Werner <jwerner@chromium.org>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
GSC RW signing requires a 3070 bit RSA key. The codesigner tool when
invoked expects the public key in .pem format, the same format is used
by the RO codebase when incorporating the public key in the RO image.
This patch introduces a new accessory key generating script, which
invokes the appropriate opensssl command to generated the required key
pair.
BUG=b:221423468
BRANCH=none
TEST=ran scripts/keygeneration/accessory/create_new_gsc_key.sh and
observed two gsc keys generated:
ls -l *gsc*
-rw------- 1 vbendeb vbendeb 2451 Apr 21 20:42 gsc_3070.pem
-rw-r--r-- 1 vbendeb vbendeb 625 Apr 21 20:42 gsc_3070.pem.pub
in the FPGA setup confirmed that Ti50 RW can be signed and
verified using the generated key pair.
Signed-off-by: Vadim Bendebury <vbendeb@chromium.org>
Change-Id: I429c250f60aa1da28aa99f39dff40c3bcda71df6
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/vboot_reference/+/3600151
Reviewed-by: Andrey Pronin <apronin@chromium.org>
Reviewed-by: Mike Frysinger <vapier@chromium.org>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
For early bring up and the lab deployment, the developers need a simple
way to update the firmware directly from the build artifacts (either
from CPFE firmware archives or /build/$BOARD/firmware) before the
firmware is pinned and available via chromeos-firmwareupdate.
To simplify the process, we want the updater to understand the layout of
files in /firmware. This change supports that as "raw archive" so
developers can update by:
# Verify what's available.
futility update -a /build/$BOARD/firmware --manifest
# Update the firmware for a specific model.
futility update -a /build/$BOARD/firmware --model $MODEL
# On DUT, detect the model and update the firmware.
mkdir /tmp/firmware
tar -xvf firmware.tbz -C /tmp/firmware
futility update -a /tmp/firmware
BUG=b:230679721
TEST=make; run tests
BRANCH=None
Change-Id: I8a262f1d2ec916da62e49a53fd45bdec9fa0ad9b
Signed-off-by: Hung-Te Lin <hungte@chromium.org>
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/vboot_reference/+/3611322
Reviewed-by: Sergey Frolov <sfrolov@google.com>
Reviewed-by: Mike Frysinger <vapier@chromium.org>
Reviewed-by: Julius Werner <jwerner@chromium.org>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
ToT clang is complaining about missing 'void' in
function prototype.
futility/updater.c:1235:42:
error: a function declaration without a prototype is
deprecated in all versions of C [-Werror,-Wstrict-prototypes]
struct updater_config *updater_new_config()
^
void
BUG=b:230345382
TEST=CQ, llvm tot test
BRANCH=none
Signed-off-by: Manoj Gupta <manojgupta@google.com>
Change-Id: Ic68b71a7413e9396904dd319e0febce2eecb0df3
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/vboot_reference/+/3610725
Reviewed-by: Julius Werner <jwerner@chromium.org>
Commit-Queue: Julius Werner <jwerner@chromium.org>
Tested-by: Manoj Gupta <manojgupta@chromium.org>
Commit-Queue: Manoj Gupta <manojgupta@chromium.org>
Auto-Submit: Manoj Gupta <manojgupta@chromium.org>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
BUG=b:230434967
BRANCH=None
TEST=Run ./sign_official_build.sh locally
Signed-off-by: Daichi Hirono <hirono@chromium.org>
Change-Id: I5e8b4d848f30f53fae58c721c9b7ddcfbfea9852
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/vboot_reference/+/3607891
Tested-by: Daichi Hirono <hirono@chromium.org>
Commit-Queue: Daichi Hirono <hirono@chromium.org>
Reviewed-by: Shao-Chuan Lee <shaochuan@chromium.org>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Old names are not in use for very long time, so remove them.
BUG=b:197114807
TEST=cros-workon-volteer start vboot_reference && \
FW_NAME=voxel emerge-volteer vboot_reference coreboot
chromeos-bootimage
TEST=sudo FEATURES=test emerge vboot_reference
BRANCH=none
Signed-off-by: Jakub Czapiga <jacz@semihalf.com>
Change-Id: I07916b82a721481c982b291e228df0772e0fc2a2
Disallow-Recycled-Builds: test-failures
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/vboot_reference/+/3575323
Auto-Submit: Jakub Czapiga <czapiga@google.com>
Commit-Queue: Jakub Czapiga <czapiga@google.com>
Reviewed-by: Julius Werner <jwerner@chromium.org>
Tested-by: Jakub Czapiga <czapiga@google.com>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
This reverts commit 2981c0bacbaa0446562aaa04f23e3e9f07c86069, as that
patch is not the proper way to generate accessory keys.
BUG=b:221423468
BRANCH=none
TEST=none
Change-Id: I5500424b01ef45cc353468173f60f9b202b92b54
Signed-off-by: Vadim Bendebury <vbendeb@chromium.org>
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/vboot_reference/+/3600150
Reviewed-by: Mike Frysinger <vapier@chromium.org>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
GSC RW signing requires an 3070 bit RSA key. The codesigner tool when
invoked expects the public key in .pem format, the same format is used
by the RO codebase when incorporating the public key in the RO image.
This patch introduces a new key option, RSA3070_NOSIG_ALGOID. The keys
of this kind are not going to be processed by futility, hence no need
to specify the signing algorithm.
BUG=b:221423468
BRANCH=none
TEST=ran ./create_new_keys.sh and observed two gsc keys generated:
$ ls *gsc*
gsc_rw_3070.pem gsc_rw_3070.pem.pub
in the FPGA setup confirmed that Ti50 RW can be signed and
verified using the generated key pair.
Signed-off-by: Vadim Bendebury <vbendeb@chromium.org>
Change-Id: Ie676ba8043c34900388372270329a4903656d499
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/vboot_reference/+/3591642
Reviewed-by: Mike Frysinger <vapier@chromium.org>
Commit-Queue: Mike Frysinger <vapier@chromium.org>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
This adds a keyblock holding the arv_platform public key that is signed
with the arv_root private key. The SHA-256 of the root key is
3d74429f35be8d34bcb425d4397e2218e6961afed456a78ce30047f5b54ed158.
Command to build:
./build/futility/futility vbutil_keyblock \
--pack tests/devkeys/arv_platform.keyblock \
--datapubkey tests/devkeys/arv_platform.vbpubk \
--signprivate tests/devkeys/arv_root.vbprivk
BUG=b:161483233
TEST=above command
BRANCH=None
Signed-off-by: Alyssa Haroldsen <kupiakos@google.com>
Change-Id: I7989c081e4a3ad79f957e3e6d8a3b2314e06152f
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/vboot_reference/+/3584691
Reviewed-by: Jett Rink <jettrink@chromium.org>
Commit-Queue: Alyssa Haroldsen <kupiakos@google.com>
Tested-by: Alyssa Haroldsen <kupiakos@google.com>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
BUG=b:207808292
BRANCH=none
TEST=emerge-octopus and cros deploy'ed
Signed-off-by: Edward O'Callaghan <quasisec@google.com>
Change-Id: I8a8f941f224416d872592d6cc2de4caf058cb5bc
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/vboot_reference/+/3512274
Reviewed-by: Hung-Te Lin <hungte@chromium.org>
Tested-by: Edward O'Callaghan <quasisec@chromium.org>
Auto-Submit: Edward O'Callaghan <quasisec@chromium.org>
Reviewed-by: Nikolai Artemiev <nartemiev@google.com>
Commit-Queue: Nikolai Artemiev <nartemiev@google.com>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Otherwise, it will mutate the file under your feet!
This also adds some clarifying messages, including a message if
verification failed due to incorrect signing instead of silent output.
BUG=None
TEST=`futility gscvd <file>` does not change sha256sum of file
BRANCH=None
Signed-off-by: Alyssa Haroldsen <kupiakos@google.com>
Change-Id: Ic793ad47c0160e3cedb7e2b7cc842a3f4380749d
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/vboot_reference/+/3584690
Reviewed-by: Vadim Bendebury <vbendeb@chromium.org>
Commit-Queue: Alyssa Haroldsen <kupiakos@google.com>
Tested-by: Alyssa Haroldsen <kupiakos@google.com>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Some newer devices need extra preparation steps even when using CCD via
servo, so a new 'ccd_cpu_fw_spi' is added to hdctools. The firmware
updater should use it in servo+ccd modes.
Also, the custom_rst is now moved to detect_servo so the --servo_noreset
option is removed.
BUG=b:216832684
TEST=make; run test
BRANCH=None
Change-Id: I6af0f03d5b0b1bb473ecb29680b253a5b71c7465
Signed-off-by: Hung-Te Lin <hungte@chromium.org>
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/vboot_reference/+/3577658
Reviewed-by: Wai-Hong Tam <waihong@google.com>
Tested-by: Wai-Hong Tam <waihong@google.com>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Detect servo micro and C2D2 servo types and toggle cpu_fw_spi before and
after flash access is required.
BUG=b:220992685
TEST={get,set}_gbb_flags.sh --servo with C2D2 and servo micro
BRANCH=None
Cq-Depend: chromium:3470605
Change-Id: I9f8a9bcabe731001ed18150ca1db9820db20e0d3
Signed-off-by: Sam McNally <sammc@chromium.org>
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/vboot_reference/+/3469747
Reviewed-by: Edward O'Callaghan <quasisec@chromium.org>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
With introduction of Ti50 images the version of the eraseflashinfo
capable images must change, which will prevent signing scripts from
accepting Ti50 images from node locked signing.
Enforcing the version number is proving to be a larger pain that in is
worth: we do need to modify the version once in a while, and it takes
a lot of effort and time to propagate the version adjustment through
signing stages.
We already have a quorum requirement for eraseflashinfo capable node
locked images, this provides enough guarantee from accidental signing
or malicious signing of such an image, version number enforcement does
not add security.
BRANCH=none
BUG=b:219774807
TEST=none
Change-Id: Ifd5ac17540595d71210445e6ad573c81fc25a47a
Signed-off-by: Vadim Bendebury <vbendeb@chromium.org>
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/vboot_reference/+/3553419
Reviewed-by: Mary Ruthven <mruthven@chromium.org>
Reviewed-by: Andrey Pronin <apronin@chromium.org>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
The new quirk will allow the updater to easily switch the underlying
flash driver between the libflashrom and the external flashrom.
BUG=None
TEST=build and run test
BRANCH=None
Change-Id: I5b9da373b1e22a948e04d844973a5683adffe63c
Signed-off-by: Hung-Te Lin <hungte@chromium.org>
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/vboot_reference/+/3534489
Reviewed-by: Yu-Ping Wu <yupingso@chromium.org>
Commit-Queue: Yu-Ping Wu <yupingso@chromium.org>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
The libflashrom is still different from the real flashrom program.
To easily debug and compare the execution results (especially for
devices under development), we want to allow the updater to
switch between the libflashrom and the external flashrom.
The real switch (either a quirk or a command line argument) will
be added in a follow up change.
BUG=None
TEST=build and run test
BRANCH=None
Change-Id: I3f3226fd555dc9e7c40838cd1474e0d018b27ccc
Signed-off-by: Hung-Te Lin <hungte@chromium.org>
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/vboot_reference/+/3500339
Reviewed-by: Yu-Ping Wu <yupingso@chromium.org>
Commit-Queue: Yu-Ping Wu <yupingso@chromium.org>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
The 'write_system_firmware' and 'load_system_firmware' have too many
parameters that are already contained in the updater_config.
To simplify the interfaces, we should just pass the updater_config to
{write,load}_system_firmware, and merge the write_firmware_sections
(only handling emulation and deciding the diff image) to the
write_system_firmware.
Also moved the utility functions only used by *_system_firmware (for
example is_the_same_programmer and emulate_write_firmware) to the
updater_utils.c.
The emulate_write_firmware is also revised to handle a list of sections
directly (so we don't need to handle that in write_system_firmware).
BUG=None
TEST=make; build and run test.
BRANCH=None
Change-Id: I4d123d12e8057da82d6c301899472e3773f3266e
Signed-off-by: Hung-Te Lin <hungte@chromium.org>
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/vboot_reference/+/3508121
Reviewed-by: Yu-Ping Wu <yupingso@chromium.org>
Commit-Queue: Yu-Ping Wu <yupingso@chromium.org>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Per discussion, the 'custom_label_tag' is easier to read than
'customlabel_tag'. We should rename it before any real devices
have started using the different names.
BUG=b:169766857
TEST=make; build and run test
BRANCH=None
Change-Id: I3672e7b20bc85f79796470ba1a58c2896d26ff88
Signed-off-by: Hung-Te Lin <hungte@chromium.org>
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/vboot_reference/+/3534491
Reviewed-by: Yu-Ping Wu <yupingso@chromium.org>
Commit-Queue: Yu-Ping Wu <yupingso@chromium.org>
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
It should be VB2_NV_DISABLE_DEV_REQUEST, not VB2_NV_DIAG_REQUEST.
BUG=b:172339016
TEST=none
BRANCH=none
Change-Id: Id35ea2680dd55d830991cf118f4e9c97f52eb0cb
Signed-off-by: Hsuan Ting Chen <roccochen@chromium.org>
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/vboot_reference/+/3532539
Reviewed-by: Yu-Ping Wu <yupingso@chromium.org>
|
|
|
|
|
|
|
|
|
|
|
| |
BUG=none
TEST=still builds
BRANCH=none
Change-Id: I3b244461b86c8aeec4f33ad7205157c709e0d695
Signed-off-by: Peter Marheine <pmarheine@chromium.org>
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/vboot_reference/+/3524288
Reviewed-by: Reka Norman <rekanorman@chromium.org>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
On Meteor Lake platform, the pinctrl (gpiochip) driver label is
"INTC1083:00", hence declare it properly.
BUG=b:224325352
TEST=Test pending
Signed-off-by: Subrata Banik <subratabanik@google.com>
Change-Id: I9c1583972e71ae472c8b3f360eda34611c8c8f0c
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/vboot_reference/+/3520099
Reviewed-by: Tim Wawrzynczak <twawrzynczak@chromium.org>
Tested-by: Subrata Banik <subratabanik@chromium.org>
Commit-Queue: Subrata Banik <subratabanik@chromium.org>
Auto-Submit: Subrata Banik <subratabanik@chromium.org>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
When checking the sections to update in the RW-recovery flow, we should
always check the availability before adding them to the list for
updating.
BUG=None
TEST=build and run test
BRANCH=None
Signed-off-by: Hung-Te Lin <hungte@chromium.org>
Change-Id: Id714b1db736cbf4eef879566431e5a496f319cd4
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/vboot_reference/+/3494671
Reviewed-by: Yu-Ping Wu <yupingso@chromium.org>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
The updater should always only update the whole image when write
protection is disabled, or partial (RW) when write protection is
enabled. As a result, it should be better to always turn on -N
(--noverify-all) for two reasons: (1) faster partial write, and
(2) prevent failure due to other processors accessing the flash
in parallel.
- Faster partial write:
On recent x86 Chromebooks the flash size is getting bigger and bigger
(for example 32M on Brya) and the RW section size is much smaller
(8M on Brya). So we wasted a lot of time reading and verifying
sections that we don't care (64M versus 16M) if we don't turn on -N.
- Concurrent access:
On recent x86 devices the system flash is shared by two processors -
the CPU and the CSME. Before the ME is locked, CPU can see and access
all regions - including those managed by ME/CSME. As a result, when
the updater is changing the RW_SECTION, the CSME may be updating
CSE_RO or CSE_RW on its own. So if we don't turn on -N, the
verification will fail in CSE regions.
Also revised to only set FLASHROM_FLAG_VERIFY_AFTER_WRITE one time.
BUG=None
TEST=make; build and run tests.
BRANCH=None
Change-Id: I1ebff2d7f00b85037464eff4fa5d4573f867ce44
Signed-off-by: Hung-Te Lin <hungte@chromium.org>
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/vboot_reference/+/3505290
Reviewed-by: Yu-Ping Wu <yupingso@chromium.org>
Commit-Queue: Yu-Ping Wu <yupingso@chromium.org>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Support new VPD name 'customlabel_tag' for the custom label program.
For shipped devices (firmware is already locked and write protected) we
still support the legacy name.
The quirk 'allow_empty_wl_tag' also renamed to
'allow_empty_customlabel_tag'.
This is usually not recommended, but given no devices have used this
quirk in the CBFS quirks, it should be fine to change the quirk name.
BUG=b:169766857
TEST=make; build and run test
BRANCH=None
Change-Id: Ia29051a4e829d853cc60488f286d575c20f52f20
Signed-off-by: Hung-Te Lin <hungte@chromium.org>
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/vboot_reference/+/3503199
Reviewed-by: Yu-Ping Wu <yupingso@chromium.org>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Small refactor to make it easier to more towards
libflashrom. This makes the call site responsible for
setting up the path for ReadNorFlash().
BUG=b:207808292,b:220079643
BRANCH=none
TEST=`make cgpt`
Signed-off-by: Edward O'Callaghan <quasisec@google.com>
Change-Id: I15fc57e5afca6206b60df92616fd4cdce63b03e3
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/vboot_reference/+/3469738
Tested-by: Edward O'Callaghan <quasisec@chromium.org>
Auto-Submit: Edward O'Callaghan <quasisec@chromium.org>
Reviewed-by: Sam McNally <sammc@chromium.org>
Commit-Queue: Edward O'Callaghan <quasisec@chromium.org>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Small refactor to make it easier to more towards libflashrom.
BUG=b:207808292,b:220079643
BRANCH=none
TEST=`make cgpt`
Signed-off-by: Edward O'Callaghan <quasisec@google.com>
Change-Id: Ie0c7f4faee3052300b10ba2d1adce7876d7b821c
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/vboot_reference/+/3469737
Tested-by: Edward O'Callaghan <quasisec@chromium.org>
Auto-Submit: Edward O'Callaghan <quasisec@chromium.org>
Reviewed-by: Sam McNally <sammc@chromium.org>
Commit-Queue: Edward O'Callaghan <quasisec@chromium.org>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
C2D2 is used similarly to servo micro. Mirror the servo micro logic
accordingly.
BUG=b:220992685
TEST=futility update --servo over C2D2 with and with servo v4
BRANCH=None
Cq-Depend: chromium:3470605
Change-Id: I298fe5847abba0957fa5c2da4e1981a7da9e0428
Signed-off-by: Sam McNally <sammc@chromium.org>
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/vboot_reference/+/3469746
Reviewed-by: Reka Norman <rekanorman@chromium.org>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
To get more message for debugging, we want to increase the verbosity on
each retry.
BUG=None
TEST=build and run tests
BRANCH=None
Signed-off-by: Hung-Te Lin <hungte@chromium.org>
Change-Id: I85e0fc518113a18bb1aaa39db3f58329d94b5ecb
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/vboot_reference/+/3500326
Reviewed-by: Subrata Banik <subratabanik@chromium.org>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
BUG=b:207808292,b:220079643
BRANCH=none
TEST=`make cgpt`
Signed-off-by: Edward O'Callaghan <quasisec@google.com>
Change-Id: I367e44eed18c79a807bd428e50a3faf926833719
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/vboot_reference/+/3461097
Auto-Submit: Edward O'Callaghan <quasisec@chromium.org>
Reviewed-by: Nikolai Artemiev <nartemiev@google.com>
Tested-by: Edward O'Callaghan <quasisec@chromium.org>
Commit-Queue: Edward O'Callaghan <quasisec@chromium.org>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
The write_firmware_sections now supports writing multiple sections in
one invocation so we can pass all RW sections to it for the recovery
update.
On Brya, the total execution time may be reduced from 4 mins to
1.5 mins.
BUG=b:221137867
TEST=build and run test
BRANCH=None
Signed-off-by: Hung-Te Lin <hungte@chromium.org>
Change-Id: Ifbc67327a02096e027c1e2025485ebb17645a71d
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/vboot_reference/+/3490387
Reviewed-by: Edward O'Callaghan <quasisec@chromium.org>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Add new function 'write_firmware_sections' so we can write update
sections in one write_system_firmware (e.g., flashrom) command.
BUG=b:221137867
TEST=build; and run test
BRANCH=None
Change-Id: Ia33ec5ac82e1c661457180ec45df6c02beae4ec3
Signed-off-by: Hung-Te Lin <hungte@chromium.org>
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/vboot_reference/+/3490389
Reviewed-by: Edward O'Callaghan <quasisec@chromium.org>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
When we have multiple regions to update, invoking flashrom_write_image
multiple times will take much longer because for each write it has to
read the whole flash, write and then verify whole flash (also timer
calibration and programmer init/shutdown every time).
As a result, we want to support writing multiple regions - just like
that flashrom can take arbitrary numbers of "-i REGION".
This change only extended flashrom_write_image, and the firmware updater
is calling flashrom_drv multiple times. That will be addressed in the
follow up changes.
BUG=b:221137867
TEST=build; and run test
BRANCH=None
Signed-off-by: Hung-Te Lin <hungte@chromium.org>
Change-Id: Id335cc9f816f1384f1886422efa97fe2c7b81aec
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/vboot_reference/+/3490388
Reviewed-by: Edward O'Callaghan <quasisec@chromium.org>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Unfortunately the USE_FLASHROM build flag broke during a refactor
in commit f0af257a9b333b. This flag is needed for coreboot builds.
Resolve by putting relevant files under guards.
BUG=b:221234560,b:220833585
BRANCH=none
TEST=`USE_FLASHROM={0,1} make`
Signed-off-by: Edward O'Callaghan <quasisec@google.com>
Change-Id: Ic10a3909bf070897cef7f1556deef57eba6c57f3
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/vboot_reference/+/3493527
Tested-by: Edward O'Callaghan <quasisec@chromium.org>
Auto-Submit: Edward O'Callaghan <quasisec@chromium.org>
Reviewed-by: Martin Roth <martinroth@google.com>
Commit-Queue: Martin Roth <martinroth@google.com>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Currently, Depthcharge prevents the kernel from being loaded if
NO_BOOT flag is set. This makes sense only when EC sync is enabled.
This patch makes VbSelectAndLoadKernel ignore NO_BOOT flag if
VB2_CONTEXT_EC_SYNC_SUPPORTED isn't set.
BUG=b:216317864
BRANCH=None
TEST=None
Change-Id: Ic501f430754947dfa8a2243dcb12d31232b18b75
Signed-off-by: Daisuke Nojiri <dnojiri@chromium.org>
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/vboot_reference/+/3433028
Reviewed-by: Tim Wawrzynczak <twawrzynczak@chromium.org>
Reviewed-by: Julius Werner <jwerner@chromium.org>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Previously we decide if the flash command can use the image_current as
the diff image by comparing if the target image pointer is identical to
the host image to write (cfg->image). This may not work properly if we
try to write a temporary firmware image object loaded separately.
A more correct way to is check if the image has the same programmer from
the diff image (e.g., image_current).
BUG=b:221137867
TEST=build and run futility tests.
BRANCH=None
Signed-off-by: Hung-Te Lin <hungte@chromium.org>
Change-Id: Iee61cd9b47c0db4b87001bbb348f95a89495b975
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/vboot_reference/+/3490386
Reviewed-by: Yu-Ping Wu <yupingso@chromium.org>
Commit-Queue: Yu-Ping Wu <yupingso@chromium.org>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
To help debugging:
- Print equivalent flashrom commands when reading and writing.
- Print <sys-flash> instead of <none> in 'Current system:' message.
- Always print the detected model from libcrosid.
- After writing to flash, print a new line.
BUG=None
TEST=make; build and run test
BRANCH=None
Change-Id: I34a73ec1c968a98a9fca649c65863aa43ca39ca8
Signed-off-by: Hung-Te Lin <hungte@chromium.org>
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/vboot_reference/+/3461090
Reviewed-by: Yu-Ping Wu <yupingso@chromium.org>
Commit-Queue: Yu-Ping Wu <yupingso@chromium.org>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
During the flashrom initialization sequence the return code is not
being checked therefore there's a potential that the code moves
forward with read/write operation even with outstanding error.
This CL checks the return code and bail with error.
BUG=b:217629892
TEST=Test futility update with multiple instances of flashrom running.
BRANCH=None
Signed-off-by: YH Lin <yueherngl@chromium.org>
Change-Id: I0768232f6af35290ad7b3d9f479ee299bf9400e1
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/vboot_reference/+/3485520
Reviewed-by: Tim Wawrzynczak <twawrzynczak@chromium.org>
Reviewed-by: Edward O'Callaghan <quasisec@chromium.org>
Reviewed-by: Hung-Te Lin <hungte@chromium.org>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
The 'match by firmware name' should be deprecated. All new platforms
should use quirk instruction files (updater_quirks) from CBFS.
BUG=None
TEST=None (comments only)
BRANCH=None
Signed-off-by: Hung-Te Lin <hungte@chromium.org>
Change-Id: Ib66cc903b15bf3fdb44db832a010d80c40bfbaa4
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/vboot_reference/+/3458024
Reviewed-by: Yu-Ping Wu <yupingso@chromium.org>
Reviewed-by: Karthikeyan Ramasubramanian <kramasub@google.com>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
The 'ec_partial_recovery' quirk is not very helpful today because the
two underlying functions - "EC RO software sync" and "update EC RO
without sysjump by flashrom" are either disabled or not well tested.
As a result we should change the quirk from "decide by runtime" to
"default disabled".
BUG=b:218612817
TEST=make; build and run test
BRANCH=None
Signed-off-by: Hung-Te Lin <hungte@chromium.org>
Change-Id: I9022b88516e52cb89f2226523a754dc2a00b15da
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/vboot_reference/+/3458023
Reviewed-by: Karthikeyan Ramasubramanian <kramasub@google.com>
Reviewed-by: Yu-Ping Wu <yupingso@chromium.org>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Allow for picking the default verbosity with a sentinel
value of -1.
BUG=b:207808292
BRANCH=none
TEST=none
Signed-off-by: Edward O'Callaghan <quasisec@google.com>
Change-Id: Ia3a21e8647fe480c60ea80ecb060466e9d86110a
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/vboot_reference/+/3461094
Tested-by: Edward O'Callaghan <quasisec@chromium.org>
Auto-Submit: Edward O'Callaghan <quasisec@chromium.org>
Reviewed-by: Nikolai Artemiev <nartemiev@google.com>
Commit-Queue: Nikolai Artemiev <nartemiev@google.com>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Bring sub-process and libflashrom wrapper implementations
under the common host/lib path to later be reconciled.
The WP implementation is left separated out due to the
lack of a libflashrom WP implementation which creates
circular dependencies for the moment.
BUG=b:207808292
BRANCH=none
TEST=none
Signed-off-by: Edward O'Callaghan <quasisec@google.com>
Change-Id: Ic759c4e9828778a0ef1443b163224aef2c7cba54
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/vboot_reference/+/3461093
Reviewed-by: Nikolai Artemiev <nartemiev@google.com>
Auto-Submit: Edward O'Callaghan <quasisec@chromium.org>
Tested-by: Edward O'Callaghan <quasisec@chromium.org>
Commit-Queue: Edward O'Callaghan <quasisec@chromium.org>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
BUG=b:207808292
BRANCH=none
TEST=none
Signed-off-by: Edward O'Callaghan <quasisec@google.com>
Change-Id: I49bd29dcfe12ad9845213d07bc6bee71980a8cd1
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/vboot_reference/+/3461092
Tested-by: Edward O'Callaghan <quasisec@chromium.org>
Auto-Submit: Edward O'Callaghan <quasisec@chromium.org>
Reviewed-by: Nikolai Artemiev <nartemiev@google.com>
Reviewed-by: Sam McNally <sammc@chromium.org>
Commit-Queue: Edward O'Callaghan <quasisec@chromium.org>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
BUG=b:207808292
BRANCH=none
TEST=none
Signed-off-by: Edward O'Callaghan <quasisec@google.com>
Change-Id: Iaf94b5cc8c7b4f4b7859f10b8078e922bc1636d2
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/vboot_reference/+/3450057
Tested-by: Edward O'Callaghan <quasisec@chromium.org>
Auto-Submit: Edward O'Callaghan <quasisec@chromium.org>
Reviewed-by: Nikolai Artemiev <nartemiev@google.com>
Reviewed-by: Sam McNally <sammc@chromium.org>
Commit-Queue: Edward O'Callaghan <quasisec@chromium.org>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Allow custom programmers to be used instead of host for getting and
setting GBB flags via a --programmer/-p flag similar to the same flag
for futility. Also support --servo with the same semantics as the
futility flag - detecting the programmer to use from the current servod
instance mirroring the logic in futility. Only CCD is supported at this
stage.
When reading, include the FMAP section as well as the GBB section. For
writes over CCD, avoiding rescanning for the FMAP can save up to 1.8s.
BUG=None
TEST={get,set}_gbb_flags.sh --servo with and without servod running
BRANCH=None
Change-Id: Iecedf4c3d0cad6923aed4405ef4a72910f3f9f05
Signed-off-by: Sam McNally <sammc@chromium.org>
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/vboot_reference/+/3455562
Reviewed-by: Edward O'Callaghan <quasisec@chromium.org>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
This attempts to converge the signatures of host/lib/flashrom
with that of 'futility/updater_utils.h:struct firmware_image'.
with the eventual goal of converging the multiple flashrom
wrapper implementations.
BUG=b:207808292
BRANCH=none
TEST=`$ cros_run_unit_tests --board nocturne --packages vboot_reference`
Cq-Depend: chromium:3399963
Signed-off-by: Edward O'Callaghan <quasisec@google.com>
Change-Id: I016dacbdca6f1108def0dbc608d83e0066a30023
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/vboot_reference/+/3301571
Reviewed-by: Sam McNally <sammc@chromium.org>
Tested-by: Edward O'Callaghan <quasisec@chromium.org>
Auto-Submit: Edward O'Callaghan <quasisec@chromium.org>
Commit-Queue: Edward O'Callaghan <quasisec@chromium.org>
|