| Commit message (Collapse) | Author | Age | Files | Lines |
|---|
| |
|
|
|
|
|
|
|
|
|
|
| |
BUG=None
TEST=manually verified.
BRANCH=None
Change-Id: I65467d56409bcf608e9c59aa0759e820d11507ed
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/vboot_reference/+/1667537
Tested-by: LaMont Jones <lamontjones@chromium.org>
Reviewed-by: Mike Frysinger <vapier@chromium.org>
Commit-Queue: LaMont Jones <lamontjones@chromium.org>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
For set_lsb_release.sh called without parameter, it doesn't modify
anything in the image, and mount the image ro. Thus setfattr to
ensure security.selinux xattr will fail with Read-only filesystem,
and is not necessary since nothing has been modified.
BUG=chromium:954670
TEST=set_lsb_release.sh xx.bin a b
TEST=set_lsb_release.sh xx.bin
BRANCH=none
Change-Id: I32bf61796c2b60d18e4e62cc43f2d0e9dc75cef5
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/vboot_reference/+/1666516
Tested-by: Qijiang Fan <fqj@google.com>
Commit-Queue: LaMont Jones <lamontjones@chromium.org>
Reviewed-by: LaMont Jones <lamontjones@chromium.org>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Currently some chips that require AUX FW update request EC reboot to RO
after the FW update is applied successfully while some chips do not. It
is safe to request EC reboot to RO whenever AUX FW update is applied
successfully so that all the chips that require AUX FW update gets reset
to a clean state.
Update tests to handle the updated code flow and return code correctly.
BUG=b:128820536,b:119046668
BRANCH=None
TEST=Ensure that the device boots to ChromeOS. Force a TCPC FW update
and ensure that after it is successfully applied EC reboots to RO.
Cq-Depend: chromium:1625866
Change-Id: I72849620d90284e49cd1a9b31fc5eadede455c51
Signed-off-by: Karthikeyan Ramasubramanian <kramasub@google.com>
Reviewed-on: https://chromium-review.googlesource.com/1627302
Tested-by: Karthikeyan Ramasubramanian <kramasub@chromium.org>
Commit-Ready: Karthikeyan Ramasubramanian <kramasub@chromium.org>
Legacy-Commit-Queue: Commit Bot <commit-bot@chromium.org>
Reviewed-by: Julius Werner <jwerner@chromium.org>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Return value of vb2_gbb_read_recovery_key should be saved into an
integer, not into vboot1-style VbError_t.
BUG=b:124141368, chromium:954774
TEST=make clean && make runtests
BRANCH=none
Change-Id: Icbe622c9958d3f303da0faf7b52b0ce52c2b16a5
Signed-off-by: Joel Kitching <kitching@google.com>
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/vboot_reference/+/1648093
Tested-by: Joel Kitching <kitching@chromium.org>
Auto-Submit: Joel Kitching <kitching@chromium.org>
Reviewed-by: Julius Werner <jwerner@chromium.org>
Commit-Queue: Julius Werner <jwerner@chromium.org>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
This makes it easy to spot the speed at which the eMMC controller is
running.
vb2_load_partition: read 8419 KB in 48 ms at 174342 KB/s.
The calculation looks a little funky because I wanted to perform all
multiplications before the division to avoid losing any precision.
BRANCH=grunt
BUG=b:122244718
TEST=Verified it on grunt
Change-Id: I5fac584994bc478bfb27cbd4e2ea34af0be7f1d9
Signed-off-by: Raul E Rangel <rrangel@chromium.org>
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/vboot_reference/+/1661366
Reviewed-by: Julius Werner <jwerner@chromium.org>
|
| |
|
|
|
|
|
|
|
|
|
|
|
| |
The ME unlock needs a different pattern for these devices.
BUG=b:135216986
BRANCH=none
TEST=test update from unlocked to locked image on sarien
Change-Id: I928ee3de522937d5b972daaec4460dcc731b495e
Signed-off-by: Duncan Laurie <dlaurie@google.com>
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/vboot_reference/+/1659534
Reviewed-by: Furquan Shaikh <furquan@chromium.org>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
| |
BUG=b:124141368, chromium:954774
TEST=make clean && make runtests
BRANCH=none
Change-Id: I7b422e8a26621720a6b7efc5211629996a6aa385
Signed-off-by: Joel Kitching <kitching@google.com>
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/vboot_reference/+/1659989
Tested-by: Joel Kitching <kitching@chromium.org>
Commit-Queue: Julius Werner <jwerner@chromium.org>
Auto-Submit: Joel Kitching <kitching@chromium.org>
Reviewed-by: Julius Werner <jwerner@chromium.org>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Export information about vb2_gbb_header's flags member:
* vb2_gbb_flags_t
* VB2_GBB_FLAGS_OFFSET
BUG=b:124141368, chromium:954774
TEST=make clean && make runtests
BRANCH=none
Change-Id: I2923156edd06df02751ccded5dcbb5bf8fe0207d
Signed-off-by: Joel Kitching <kitching@google.com>
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/vboot_reference/+/1657503
Reviewed-by: Joel Kitching <kitching@chromium.org>
Reviewed-by: Julius Werner <jwerner@chromium.org>
Tested-by: Joel Kitching <kitching@chromium.org>
Commit-Queue: Julius Werner <jwerner@chromium.org>
Auto-Submit: Joel Kitching <kitching@chromium.org>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
This constant was incorrectly set to 14, whereas
sizeof(vb2_secdatak) is 13.
Update the constant its correct value, and add a test for
each of secdata and secdatak to check the constant values.
Previously, this constant was not used anywhere. The
secdatak space is created and initialized in coreboot
with a hard-coded (correct) size and initial value.
So there should be no worry about devices out in the
field with TPM secdatak size set to 14.
BUG=b:124141368, chromium:972956
TEST=make clean && make runtests
BRANCH=none
Change-Id: I0a6072aef2de401bd3cd40ac3b002f754da19560
Signed-off-by: Joel Kitching <kitching@google.com>
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/vboot_reference/+/1655049
Reviewed-by: Julius Werner <jwerner@chromium.org>
Tested-by: Joel Kitching <kitching@chromium.org>
Commit-Queue: Julius Werner <jwerner@chromium.org>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Previously vb2api_secdatak_check and vb2api_secdatak_create had
headers in 2api.h, but no definitions.
Merge identical internal/external functions:
vb2api_secdata_create, vb2_secdata_create_crc
vb2api_secdata_check, vb2_secdata_check_crc
vb2api_secdatak_create, vb2_secdatak_create_crc
vb2api_secdatak_check, vb2_secdatak_check_crc
BUG=b:124141368, chromium:972956
TEST=make clean && make runtests
BRANCH=none
Change-Id: I64a14d65e5d856ca0f819ef3ded50b4719abc8b3
Signed-off-by: Joel Kitching <kitching@google.com>
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/vboot_reference/+/1652874
Tested-by: Joel Kitching <kitching@chromium.org>
Reviewed-by: Julius Werner <jwerner@chromium.org>
Commit-Queue: Julius Werner <jwerner@chromium.org>
|
| |
|
|
|
|
|
|
|
|
|
|
| |
BUG=chromium:967968
TEST=None
Change-Id: Ibcf67c87d7a942494f9e898b20e5485fdba1093f
Signed-off-by: Joel Kitching <kitching@google.com>
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/vboot_reference/+/1634090
Reviewed-by: Julius Werner <jwerner@chromium.org>
Tested-by: Joel Kitching <kitching@chromium.org>
Commit-Queue: Sean Abraham <seanabraham@chromium.org>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Old vboot1-style GBB accessor functions were awkwardly located
within region-init.c.
Rewrite GBB accessor functions for vboot2, and formally expose
HWID retrieval function via vboot2 API. workbuf is used for
key retrieval functions, while a buffer provided by the caller
is used for HWID retrieval function.
Reintroduce vboot_display_tests to `make runtests` test suite.
Move GBB tests from vboot_display_tests to vb2_gbb_tests.
Properly propagate vb2_workbuf objects within the function call
stack (vb2_load_partition).
BUG=b:124141368, chromium:954774
TEST=Build and flash to eve, check that Chrome OS boots
TEST=Build with CL:1627469 applied, check HWID
TEST=make clean && make runtests
BRANCH=none
Change-Id: I398d1329f0b092de35aac73d98dfd9aee6e4e7de
Signed-off-by: Joel Kitching <kitching@google.com>
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/vboot_reference/+/1584488
Tested-by: Joel Kitching <kitching@chromium.org>
Reviewed-by: Julius Werner <jwerner@chromium.org>
Commit-Queue: Jason Clinton <jclinton@chromium.org>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
VB2_NV_DISPLAY_REQUEST disabling code has been relocated to
VbBootNormal. Remove from EC sync code.
Remove the vb2_shared_data argument from
check_reboot_for_display.
Avoid calling ec_sync_check_aux_fw after phase 1 if already
certain that a reboot is required.
BUG=b:124141368, chromium:948592, chromium:967298
TEST=make clean && make runtests
BRANCH=none
Change-Id: Ia5472aceb0b2a415f24dd76d26179632009d07cb
Signed-off-by: Joel Kitching <kitching@google.com>
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/vboot_reference/+/1634453
Commit-Queue: Jason Clinton <jclinton@chromium.org>
Tested-by: Jason Clinton <jclinton@chromium.org>
Reviewed-by: Julius Werner <jwerner@chromium.org>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Display initialization code now directly checks
VB2_NV_DIAG_REQUEST. There is no need for diagnostic mode flow
to set VB2_NV_DISPLAY_REQUEST.
BUG=b:124141368, chromium:948592, chromium:967298, b:133175864
TEST=make clean && make runtests
BRANCH=none
Change-Id: I9748bf03c11c5698c181c177634d73fb34fd2d59
Signed-off-by: Joel Kitching <kitching@google.com>
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/vboot_reference/+/1634452
Commit-Queue: Jason Clinton <jclinton@chromium.org>
Tested-by: Jason Clinton <jclinton@chromium.org>
Reviewed-by: Julius Werner <jwerner@chromium.org>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
In order to simplify code which uses VB2_NV_DISPLAY_REQUEST,
centralize disabling this NVRAM flag to a function called at
the start of VbBootNormal. Also disable VB2_NV_DIAG_REQUEST
here, since display init is enabled for this request as well.
BUG=b:124141368, chromium:948592, chromium:967298, b:133175864
TEST=make clean && make runtests
BRANCH=none
Change-Id: I8aa7c44671ada23c0500cd8a0c5d7f737298bb11
Signed-off-by: Joel Kitching <kitching@google.com>
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/vboot_reference/+/1634451
Commit-Queue: Jason Clinton <jclinton@chromium.org>
Tested-by: Jason Clinton <jclinton@chromium.org>
Reviewed-by: Joel Kitching <kitching@chromium.org>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
VB2_NV_DISPLAY_REQUEST should only be used for cases where there
is no other way for coreboot to tell that display initialization
is required.
In the case of developer, recovery, and diagnostic modes, display
should always be initialized without looking at
VB2_NV_DISPLAY_REQUEST.
In the case of EC slow sync, VB2_NV_DISPLAY_REQUEST should still
be used.
BUG=b:124141368, chromium:948592, chromium:967298, b:133175864
TEST=make clean && make runtests
BRANCH=none
Change-Id: I56e7d50bfd7de596d25ba232251f73ccd2d5df9b
Signed-off-by: Joel Kitching <kitching@google.com>
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/vboot_reference/+/1634450
Reviewed-by: Joel Kitching <kitching@chromium.org>
Tested-by: Joel Kitching <kitching@chromium.org>
Commit-Queue: Jason Clinton <jclinton@chromium.org>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
* Move vb2_packed_key from vb2_struct.h to 2struct.h
* Move vb2_verify_member_inside from lib20/common.c to 2common.c
* Move vb2_packed_key_data and vb2_verify_packed_key_inside from
lib20/packed_key.c to 2packed_key.c
* Relocate tests accordingly
BUG=b:124141368, chromium:968464
TEST=make clean && make runtests
BRANCH=none
Change-Id: I6a9338ffdb640aad071941c3768427e15cd2aa93
Signed-off-by: Joel Kitching <kitching@google.com>
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/vboot_reference/+/1642773
Tested-by: Joel Kitching <kitching@chromium.org>
Reviewed-by: Julius Werner <jwerner@chromium.org>
Commit-Queue: Joel Kitching <kitching@chromium.org>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
After every invocation to set_lsb_release.sh, make sure /etc/lsb-release
in $rootfs has the expected SELinux security context stored at
security.selinux extended attribute.
BRANCH=none
BUG=chromium:954670
TEST=set-lsb_release.sh chromium_test_image.bin a b
Change-Id: I541493d8ad3c94b16840337d807629691b1b00bb
Reviewed-on: https://chromium-review.googlesource.com/1630426
Commit-Ready: ChromeOS CL Exonerator Bot <chromiumos-cl-exonerator@appspot.gserviceaccount.com>
Tested-by: Qijiang Fan <fqj@google.com>
Legacy-Commit-Queue: Commit Bot <commit-bot@chromium.org>
Reviewed-by: LaMont Jones <lamontjones@chromium.org>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
All AUX FW remote bus tunnels are protected as part of
VbootExEcVbootDone callback. So update the test to reflect that
behavior.
BUG=None
BRANCH=None
TEST=/mnt/host/source/chromite/bin/cros_run_unit_tests --board=octopus
--packages=chromeos-base/vboot_reference
Change-Id: I163518a57deb586fb12ea11ba74987ff1a4ad90b
Signed-off-by: Karthikeyan Ramasubramanian <kramasub@google.com>
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/vboot_reference/+/1641531
Tested-by: Karthikeyan Ramasubramanian <kramasub@chromium.org>
Reviewed-by: Julius Werner <jwerner@chromium.org>
Commit-Queue: Karthikeyan Ramasubramanian <kramasub@chromium.org>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
When booting off of a 4kb device, depthcharge gets upset when reading
the main kernel blob (after reading a 64k chunk initially) because
the total size is not an even number of 4k sectors. Most of the parts
of the kernel blob are rounded up to 4kb, except for one.
Align the whole image up to 4kb so that it's an even number of sectors
on a 4kb device.
BUG=b:134061077
BRANCH=none
TEST=Boot off a UFS card
Change-Id: Iffa93cccd2b5902161fb373efb37f7414e816455
Signed-off-by: Evan Green <evgreen@chromium.org>
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/vboot_reference/+/1641958
Reviewed-by: Julius Werner <jwerner@chromium.org>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
* To enable, use --use_apksigner.
* Drop signature schemes that we don't really need.
* Supports key rotation. In this case, the signing lineage
will be honored if the file exists next to the keys.
* Update key generation script to auto generate the signing lineage.
TEST=the script runs successfully with and without the flag
TEST=`apksigner lineage --print-certs -v -in foo.apk` shows
correct rotation info
TEST=keygeneration/create_new_android_keys.sh --rotate-from old new
BUG=None
BRANCH=None
Change-Id: Ic7b7b0ed4ea707a748dc42a1f39d6eb79d53cf1b
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/vboot_reference/+/1643411
Tested-by: Victor Hsieh <victorhsieh@chromium.org>
Reviewed-by: LaMont Jones <lamontjones@chromium.org>
Commit-Queue: Victor Hsieh <victorhsieh@chromium.org>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Keep VB_INIT_OUT_* constants which are still currently used by
vboot_handoff.out_flags. They can be removed once vboot_handoff
has been completely sunsetted.
BUG=b:124141368, chromium:960226
TEST=make clean && make runtests
BRANCH=none
Change-Id: I8bf2d3330a09c971fd26406737a656b4b3221779
Signed-off-by: Joel Kitching <kitching@google.com>
Cq-Depend: chromium:1599565, chromium:1598588
Reviewed-on: https://chromium-review.googlesource.com/1597369
Commit-Ready: ChromeOS CL Exonerator Bot <chromiumos-cl-exonerator@appspot.gserviceaccount.com>
Tested-by: Joel Kitching <kitching@chromium.org>
Legacy-Commit-Queue: Commit Bot <commit-bot@chromium.org>
Reviewed-by: Julius Werner <jwerner@chromium.org>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Perform all the operations regarding EC AUX FW update once the EC update
is applied and EC has jumped to the updated image. This way the
information regarding the devices that require EC AUX FW update can be
probed and obtained from EC consistently.
BUG=b:128820536,b:119046668
BRANCH=None
TEST=Ensure that the device boots to ChromeOS. Ensure that the Aux FW
update is handled after EC update is applied and jumped to the updated
EC image.
Casta:
sync_one_ec: jumping to EC-RW
send_packet: CrosEC result code 12
EC returned from reboot after 53061us
ps8751.0: vendor 0x1da0 product 0x8751 device 0x0001 fw_rev 0x39
ps8751.1: vendor 0x1da0 product 0x8751 device 0x0001 fw_rev 0x39
Bobba:
sync_one_ec: jumping to EC-RW
send_packet: CrosEC result code 12
EC returned from reboot after 52271us
ps8751.1: vendor 0x1da0 product 0x8751 device 0x0001 fw_rev 0x39
Ampton:
sync_one_ec: jumping to EC-RW
EC returned from reboot after 43019us
vb2_developer_ui: Entering
vboot_draw_screen: screen=0x101 locale=0
Change-Id: I28956543dfe1e059e15212dceada8bc517c0e7fc
Signed-off-by: Karthikeyan Ramasubramanian <kramasub@google.com>
Reviewed-on: https://chromium-review.googlesource.com/1592472
Commit-Ready: Karthikeyan Ramasubramanian <kramasub@chromium.org>
Tested-by: Karthikeyan Ramasubramanian <kramasub@chromium.org>
Legacy-Commit-Queue: Commit Bot <commit-bot@chromium.org>
Reviewed-by: Julius Werner <jwerner@chromium.org>
Reviewed-by: Furquan Shaikh <furquan@chromium.org>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Pass VbSharedDataHeader struct directly as an argument for the
functions VbVerifyMemoryBootImage and VbSelectAndLoadKernel,
instead of retrieving from cparams. After any remaining
references are removed from depthcharge, the VbCommonParams
struct may be deprecated and removed.
BUG=b:124141368
TEST=make clean && make runtests
BRANCH=none
Change-Id: I4dceb539516b62b5817987359705bb8e27ddb6f3
Signed-off-by: Joel Kitching <kitching@google.com>
Cq-Depend: chromium:1585505
Reviewed-on: https://chromium-review.googlesource.com/1584489
Commit-Ready: Joel Kitching <kitching@chromium.org>
Tested-by: Joel Kitching <kitching@chromium.org>
Legacy-Commit-Queue: Commit Bot <commit-bot@chromium.org>
Reviewed-by: Joel Kitching <kitching@chromium.org>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Since GBB header will be needed for subsequent GBB reads later on
(in kernel verification stage), and since GBB header is
relatively small (128 bytes), save the full GBB header onto
workbuf during firmware verification stage, and store an offset
pointer to it in vb2_shared_data. vb2_gbb_header object may be
accessed via the vb2_get_gbb function.
Additionally, update functions in firmware/lib/region-init.c to
read GBB data from flash, rather than using cparams passed in by
depthcharge, which is slated for deprecation.
BUG=b:124141368, chromium:954774
TEST=make clean && make runtests
BRANCH=none
Change-Id: I6e6218231299ce3a5b383663bc3480b20f929840
Signed-off-by: Joel Kitching <kitching@google.com>
Cq-Depend: chromium:1585500
Reviewed-on: https://chromium-review.googlesource.com/1627430
Commit-Ready: Joel Kitching <kitching@chromium.org>
Tested-by: Joel Kitching <kitching@chromium.org>
Legacy-Commit-Queue: Commit Bot <commit-bot@chromium.org>
Reviewed-by: Julius Werner <jwerner@chromium.org>
Reviewed-by: Joel Kitching <kitching@chromium.org>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
The PCR extension value size should not have been hardcoded, it is
different for different TPM specification versions.
BRANCH=none
BUG=none
TEST=the error message prints the correct expected input size for both
tpm and tpm2 case now.
Change-Id: I8e65181edff1e62bbaae46e622fe67f420cbab25
Signed-off-by: Vadim Bendebury <vbendeb@chromium.org>
Reviewed-on: https://chromium-review.googlesource.com/1627640
Legacy-Commit-Queue: Commit Bot <commit-bot@chromium.org>
Reviewed-by: Andrey Pronin <apronin@chromium.org>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
In CL:1601678, few logging messages were not properly converted:
- STATUS should add \n
- INFO and WARN should not need __FUNCTION__
BUG=None
TEST=make futil; tests/futility/run_test_scripts.sh $(pwd)/build/futility
BRANCH=None
Change-Id: Ib01d9319815a5fbb579e49391fc4bff9d61ca214
Signed-off-by: Hung-Te Lin <hungte@chromium.org>
Reviewed-on: https://chromium-review.googlesource.com/1626189
Legacy-Commit-Queue: Commit Bot <commit-bot@chromium.org>
Reviewed-by: Julius Werner <jwerner@chromium.org>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
sign_official_build.sh accepted a subset of the syntax allowed by
sign_firmware.sh. Update to be consistent.
BUG=chromium:962529
BRANCH=None
TEST=Manually verified
Change-Id: Ic9c7d5d8a4744c09c06249ed835ef678e6368aa0
Reviewed-on: https://chromium-review.googlesource.com/1612376
Commit-Ready: LaMont Jones <lamontjones@chromium.org>
Tested-by: LaMont Jones <lamontjones@chromium.org>
Legacy-Commit-Queue: Commit Bot <commit-bot@chromium.org>
Reviewed-by: Jason Clinton <jclinton@chromium.org>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
| |
If the key file directory name includes string 'test' do not check if
the image being signed has the prod RO.
BRANCH=none
BUG=b:74100307
TEST=manual
Change-Id: I3241d31f6612c1dc44c217958d74d4da784c5dfb
Signed-off-by: Vadim Bendebury <vbendeb@chromium.org>
Reviewed-on: https://chromium-review.googlesource.com/1614793
Reviewed-by: LaMont Jones <lamontjones@chromium.org>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Use `ctx` for global vb2_context variable, and `c` for argument
to functions. This avoids shadowing the `ctx` identifier, which
was recently disallowed by enabling -Wshadow in CL:1598721.
BUG=b:124141368
TEST=make clean && make runtests
BRANCH=none
Change-Id: I9db97fd4945694e6f54abc5b0c04ed5533789300
Signed-off-by: Joel Kitching <kitching@google.com>
Reviewed-on: https://chromium-review.googlesource.com/1616872
Commit-Ready: Joel Kitching <kitching@chromium.org>
Tested-by: Joel Kitching <kitching@chromium.org>
Reviewed-by: Youcheng Syu <youcheng@chromium.org>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Use vboot vb2_gbb_header instead. Struct contents are identical.
BUG=b:124141368, chromium:954774
TEST=make clean && make runtests
BRANCH=none
Change-Id: I9047c683af176384da3ec135faecf35870351973
Signed-off-by: Joel Kitching <kitching@google.com>
Cq-Depend: chromium:1583943, chromium:1599828
Reviewed-on: https://chromium-review.googlesource.com/1583827
Commit-Ready: Joel Kitching <kitching@chromium.org>
Tested-by: Joel Kitching <kitching@chromium.org>
Reviewed-by: Julius Werner <jwerner@chromium.org>
Reviewed-by: Simon Glass <sjg@chromium.org>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Deprecate internal usage of GoogleBinaryBlockHeader struct in
favour of vb2_gbb_header struct. Keep the v1 struct around until
we remove references in other repos.
BUG=b:124141368, chromium:954774
TEST=make clean && make runtests
BRANCH=none
Change-Id: I396d2e624bd5dcac9c461cc86e8175e8f7692d26
Signed-off-by: Joel Kitching <kitching@google.com>
Reviewed-on: https://chromium-review.googlesource.com/1583826
Commit-Ready: Joel Kitching <kitching@chromium.org>
Tested-by: Joel Kitching <kitching@chromium.org>
Reviewed-by: Joel Kitching <kitching@chromium.org>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Replaced with the external-facing header vb2_sha.h.
BUG=b:124141368, chromium:956474
TEST=make clean && make runtests
BRANCH=none
Change-Id: Ib31c816ed8e2eb91c30080e854ec9245d59c98f2
Signed-off-by: Joel Kitching <kitching@google.com>
Cq-Depend: chromium:1599567, chromium:1583941, chromium:1610164
Reviewed-on: https://chromium-review.googlesource.com/1583825
Commit-Ready: Joel Kitching <kitching@chromium.org>
Tested-by: Joel Kitching <kitching@chromium.org>
Reviewed-by: Joel Kitching <kitching@chromium.org>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Clients which wish to use this function may simply import the
vb2_sha.h header to make all SHA library functionality available.
Whether or not to make a full vb2api_ set of functions for SHA
library should be considered in the future, but individual
functions should not be added to the API as was done.
BUG=b:124141368, chromium:956474
TEST=make clean && make runtests
BRANCH=none
Change-Id: I1dc8ed84ecfb621a57411975f312e96a695b68f4
Signed-off-by: Joel Kitching <kitching@google.com>
Cq-Depend: chromium:1583942
Reviewed-on: https://chromium-review.googlesource.com/1583822
Commit-Ready: Joel Kitching <kitching@chromium.org>
Tested-by: Joel Kitching <kitching@chromium.org>
Reviewed-by: Julius Werner <jwerner@chromium.org>
Reviewed-by: Simon Glass <sjg@chromium.org>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
2common.h contains code which should be internal to vboot.
Most notably of which is 2struct.h, which contains
the vb2_shared_data data structure.
BUG=b:124141368, chromium:956474
TEST=make clean && make runtests
BRANCH=none
Cq-Depend: chromium:1587981, chromium:1599567, chromium:1610164
Change-Id: I712f51915bb9b0b03dce558e2b843eb83662f434
Signed-off-by: Joel Kitching <kitching@google.com>
Reviewed-on: https://chromium-review.googlesource.com/1583819
Commit-Ready: Joel Kitching <kitching@chromium.org>
Tested-by: Joel Kitching <kitching@chromium.org>
Reviewed-by: Joel Kitching <kitching@chromium.org>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
After sed -i, if the lsb-release will change, sed -i will recreate the
file and loose the security.selinux xattr.
We need to recover this extended attribute to make sure lsb-release
still has the correct label in signed images.
BRANCH=none
BUG=chromium:954670
TEST=../platform/vboot_reference/scripts/image_signing/set_channel.sh image.bin something
TEST=../platform/vboot_reference/scripts/image_signing/tag_image.sh --from image.bin --remove_test_label
TEST=../platform/vboot_reference/scripts/image_signing/remove_test_label.sh image.bin
TEST=getfattr -n security.selinux dir_3/etc/lsb-release after above each command
Change-Id: Icfb721a9b4b2ebb21c2cb0f14381ef1f61b928d7
Reviewed-on: https://chromium-review.googlesource.com/1610265
Commit-Ready: ChromeOS CL Exonerator Bot <chromiumos-cl-exonerator@appspot.gserviceaccount.com>
Tested-by: Qijiang Fan <fqj@google.com>
Reviewed-by: Brian Norris <briannorris@chromium.org>
Reviewed-by: Kenny Root <kroot@google.com>
Reviewed-by: LaMont Jones <lamontjones@chromium.org>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
As per go/vboot2-oprom-cleanup, use vboot2 SD flag
DISPLAY_AVAILABLE, instead of the old vboot1 flags
OPROM_MATTERS and OPROM_LOADED.
Remove instances of "OPROM" and update with correct
nomenclature.
Update code and tests for EC software sync and diagnostic
menu to use vboot2 display init model.
OPROM_MATTERS and OPROM_LOADED are now deprecated, and
will be removed when no references remain in depthcharge
and coreboot.
Deprecate VBERROR_DISPLAY_INIT_MISMATCH (previously
OPROM_MISMATCH) and return VBERROR_REBOOT_REQUIRED
directly when needed.
BUG=b:124141368, b:124192753, chromium:948529
TEST=Build image for eve, force EC update,
check that the "critical update" screen shows
TEST=make clean && make runtests
BRANCH=none
Change-Id: I889872f886230f8559d5cce09d0de194da3fcc38
Signed-off-by: Joel Kitching <kitching@google.com>
Reviewed-on: https://chromium-review.googlesource.com/1605641
Commit-Ready: ChromeOS CL Exonerator Bot <chromiumos-cl-exonerator@appspot.gserviceaccount.com>
Tested-by: Joel Kitching <kitching@chromium.org>
Reviewed-by: Julius Werner <jwerner@chromium.org>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
As part of go/vboot2-oprom-cleanup, prepare to rename NVRAM
request flag used to request that coreboot initialize the
device's display, from VB2_NV_OPROM_NEEDED to
VB2_NV_DISPLAY_REQUEST.
BUG=b:124141368, b:124192753, chromium:948529
TEST=make clean && make runtests
BRANCH=none
Change-Id: I0ec29d61bd9e87bcaaffd647015e252ff3222708
Signed-off-by: Joel Kitching <kitching@google.com>
Reviewed-on: https://chromium-review.googlesource.com/1605640
Commit-Ready: ChromeOS CL Exonerator Bot <chromiumos-cl-exonerator@appspot.gserviceaccount.com>
Tested-by: Joel Kitching <kitching@chromium.org>
Reviewed-by: Julius Werner <jwerner@chromium.org>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
vboot can query the physical presence flag instead of the recovery
mode flag. In general, the physical presence flag will map
to the recovery mode button if a board has it, and otherwise will
map to the physical presence button (usually the power button).
Cq-Depend: chromium:1580454
BUG=b:129471321
BRANCH=None
TEST=make runtests. Built firmware and slashed on sarien. Verified
that displayed text references power button and that pressing power
button initiates dev mode (vs. powering off the system).
Change-Id: I22f29de192da67b8eece27cbdd5aa64e97717bfc
Signed-off-by: Matt Delco <delco@google.com>
Reviewed-on: https://chromium-review.googlesource.com/1580472
Commit-Ready: Matt Delco <delco@chromium.org>
Tested-by: Matt Delco <delco@chromium.org>
Reviewed-by: Matt Delco <delco@chromium.org>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
The cr50 has been changed to report live status of the power button so
this workaround is no longer needed.
BUG=b:128431787
BRANCH=None
TEST=Locally built and flashed onto system with modified cr50. Verified
that power button status is read and works reliably.
Change-Id: Ia9b33610c897085e79dd18805350c41e17e3d9f2
Signed-off-by: Matt Delco <delco@google.com>
Reviewed-on: https://chromium-review.googlesource.com/1534621
Commit-Ready: Matt Delco <delco@chromium.org>
Tested-by: Matt Delco <delco@chromium.org>
Reviewed-by: Julius Werner <jwerner@chromium.org>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
| |
BUG=b:124141368, b:131663912
TEST=make clean && make runtests
BRANCH=none
Change-Id: I6aae5683b8306eede4388ff5ed6665e7769756dc
Signed-off-by: Joel Kitching <kitching@google.com>
Reviewed-on: https://chromium-review.googlesource.com/1588026
Commit-Ready: ChromeOS CL Exonerator Bot <chromiumos-cl-exonerator@appspot.gserviceaccount.com>
Tested-by: Joel Kitching <kitching@chromium.org>
Reviewed-by: Julius Werner <jwerner@chromium.org>
Reviewed-by: Ting Shen <phoenixshen@chromium.org>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
This patch adds a bunch of more warnings that are already enabled in
coreboot and thus already enabled for firmware builds anyway (because
coreboot just passes its CFLAGS through). Enabling it in the vboot
Makefile means they also apply to host utilities and tests, which sounds
desirable for consistency.
Fix enough of the cruft and bad coding practices that accumulated over
the years of not having warnings enabled to get it to build again (this
includes making functions static, removing dead code, cleaning up
prototypes, etc.).
Also remove -fno-strict-aliasing from the x86 firmware build options,
because it's not clear why it's there (coreboot isn't doing this, so
presumably it's not needed).
BRANCH=None
BUG=None
TEST=make runtests
Change-Id: Ie4a42083c4770a4eca133b22725be9ba85b24184
Signed-off-by: Julius Werner <jwerner@chromium.org>
Reviewed-on: https://chromium-review.googlesource.com/1598721
Commit-Ready: ChromeOS CL Exonerator Bot <chromiumos-cl-exonerator@appspot.gserviceaccount.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
The firmware updater introduced its own logging macros, but the rest of
futility already used a (smaller) set of macros previously. Unify the
two so that all parts of the binary use the same system.
Note that the same debug output infrastructure can (and already could
before this patch, although it was less obvious) be enabled with both
futility --debug update and futility update -d. This is a bit weird but
shouldn't really hurt and I presume we may want it for backwards
compatibility in the updater.
BRANCH=None
BUG=None
TEST=make runtests
Change-Id: I8b7c1677bcef9e9772ee666c72958d27139b36a2
Signed-off-by: Julius Werner <jwerner@chromium.org>
Reviewed-on: https://chromium-review.googlesource.com/1601678
Commit-Ready: ChromeOS CL Exonerator Bot <chromiumos-cl-exonerator@appspot.gserviceaccount.com>
Reviewed-by: Hung-Te Lin <hungte@chromium.org>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
These utilities used to be a bmpblk dependency way back in the day. Now
that bmpblk utilities have been removed, we don't need them anymore.
BRANCH=None
BUG=None
TEST=make runtests
Change-Id: I73b77b853dc03a7c867b8726de3cdeb01314916e
Signed-off-by: Julius Werner <jwerner@chromium.org>
Reviewed-on: https://chromium-review.googlesource.com/1601677
Commit-Ready: ChromeOS CL Exonerator Bot <chromiumos-cl-exonerator@appspot.gserviceaccount.com>
Reviewed-by: Joel Kitching <kitching@chromium.org>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
-Wtype-limits is an additional warning we're trying to enable in
coreboot that catches common coding mistakes (e.g. checking whether an
unsigned variable is < 0). vboot almost works with this out of the box,
but there's one instance where we want such a check (because the
constant it's checking may change). This patch pragma's it out so that
we can still build with the new warning.
BRANCH=None
BUG=chromium:960270
TEST=make runtests
Change-Id: I678a5915c99451b7e0a2672efb5ae6c81ebfb027
Signed-off-by: Julius Werner <jwerner@chromium.org>
Reviewed-on: https://chromium-review.googlesource.com/1598720
Commit-Ready: Joel Kitching <kitching@chromium.org>
Reviewed-by: Joel Kitching <kitching@chromium.org>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
This patch removes the code displaying vboot screens using bitmap
and layout data stored in GBB. bmpblk_utility, and futility
support for BmpBlock is also removed.
BUG=chromium:622501,chrome-os-partner:54619,b:124141368
BRANCH=none
CQ-DEPEND=CL:373123
TEST=Verified screens on eve && emerge-eve chromeos-bootimage &&
make runtests
Change-Id: I1a8dd8ff0162965e81df121d5a87ea64310a0854
Signed-off-by: Daisuke Nojiri <dnojiri@chromium.org>
Reviewed-on: https://chromium-review.googlesource.com/367882
Commit-Ready: ChromeOS CL Exonerator Bot <chromiumos-cl-exonerator@appspot.gserviceaccount.com>
Tested-by: Joel Kitching <kitching@chromium.org>
Reviewed-by: Joel Kitching <kitching@chromium.org>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
vb2_gbb_header should NOT be in the public API, but GBB flag
definitions themselves SHOULD be.
BUG=b:124141368, chromium:956474
TEST=make clean && make runtests
BRANCH=none
Change-Id: I9b9cb1bc67c31c3a29b7a237d90a11aba55f131e
Signed-off-by: Joel Kitching <kitching@google.com>
Reviewed-on: https://chromium-review.googlesource.com/1583821
Commit-Ready: Joel Kitching <kitching@chromium.org>
Tested-by: Joel Kitching <kitching@chromium.org>
Reviewed-by: Julius Werner <jwerner@chromium.org>
Reviewed-by: Simon Glass <sjg@chromium.org>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
If VB2_WORKBUF_ALIGN was set to any value other than 16, this
test would fail. The test should not be dependent upon a
specific alignment, but rather account for this variable.
BUG=None
TEST=make clean && make runtests
BRANCH=none
Change-Id: Iaba095eba7a852bc2eb9711bf122a23c34cb66c3
Signed-off-by: Joel Kitching <kitching@google.com>
Reviewed-on: https://chromium-review.googlesource.com/1588028
Commit-Ready: Joel Kitching <kitching@chromium.org>
Tested-by: Joel Kitching <kitching@chromium.org>
Reviewed-by: Julius Werner <jwerner@chromium.org>
Reviewed-by: Simon Glass <sjg@chromium.org>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
As part of go/vboot2-cleanup-oprom, introduce new context
flag DISPLAY_INIT. The equivalent shared data flag
DISPLAY_AVAILABLE is also introduced for downstream vboot
to read.
The context flag serves the dual purpose of:
(1) the vboot caller (coreboot) telling vboot that "display
will be initialized regardless", for cases when a
mainboard/SoC cannot disable its display initialization
code (see coreboot Kconfig VBOOT_MUST_REQUEST_DISPLAY,
previously VBOOT_OPROM_MATTERS).
(2) vboot telling the vboot caller (coreboot) that "display
initialization should occur" for cases when vboot needs
display enabled on this boot.
BUG=b:124141368, chromium:948529
TEST=make clean && make runtests
BRANCH=none
Change-Id: If18bedf99c0f6e366c12d043377edb7bcdb35fdf
Signed-off-by: Joel Kitching <kitching@google.com>
Reviewed-on: https://chromium-review.googlesource.com/1564232
Commit-Ready: Joel Kitching <kitching@chromium.org>
Tested-by: Joel Kitching <kitching@chromium.org>
Reviewed-by: Julius Werner <jwerner@chromium.org>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
The error string "Could not boot from USB" does not have a newline
and so the string gets mashed with the one after it into "Could not
boot from USBread-only firmware id..."
BUG=b:123224593
BRANCH=none
TEST=none
Change-Id: I57db2fedb7f920ea201b1dd98d31c1f7f6131ad3
Signed-off-by: Duncan Laurie <dlaurie@google.com>
Reviewed-on: https://chromium-review.googlesource.com/1589847
Commit-Ready: ChromeOS CL Exonerator Bot <chromiumos-cl-exonerator@appspot.gserviceaccount.com>
Reviewed-by: Julius Werner <jwerner@chromium.org>
Reviewed-by: Furquan Shaikh <furquan@chromium.org>
|
