| Commit message (Collapse) | Author | Age | Files | Lines |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
We're updating the algorithm for this so the signing scripts have to
support it as well. Since we're running ToT signing scripts on older
images as well, determine the hash algorithm used in the image by
checking its length (40 hex digits for SHA1, 64 for SHA256).
BRANCH=None
BUG=b:137576540
TEST=$(sign_official_build.sh recovery recovery_image.bin
/tmp/scratch/mykeys/ resigned_image.bin) -- used futility to confirm
that new image kern_b_hash matches new image KERN-B and uses the
expected algorithm (tried with both SHA1 and SHA256)
Cq-Depend: chromium:1706624
Change-Id: Ie1a62ad1fd4fbf141cc1c32d592b863f2d43a24e
Signed-off-by: Julius Werner <jwerner@chromium.org>
Reviewed-on: https://chromium-review.googlesource.com/1707529
Legacy-Commit-Queue: Commit Bot <commit-bot@chromium.org>
Reviewed-by: Mike Frysinger <vapier@chromium.org>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Convert uses of this function to call VB2_DEBUG and manually
exit if necessary.
BUG=b:124141368
TEST=make clean && make runtests
BRANCH=none
Change-Id: I9006b1a9c66645757d33310d96207233b88eaed5
Signed-off-by: Joel Kitching <kitching@google.com>
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/vboot_reference/+/1710340
Tested-by: Joel Kitching <kitching@chromium.org>
Reviewed-by: Julius Werner <jwerner@chromium.org>
Commit-Queue: Joel Kitching <kitching@chromium.org>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Remove unused BDB code, previously created for a cancelled SoC
project.
BUG=b:124141368, chromium:986177
TEST=make clean && make runtests
BRANCH=none
Change-Id: I91faf97d9850f8afb816fa324ad9a4d9f3842888
Signed-off-by: Joel Kitching <kitching@google.com>
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/vboot_reference/+/1710336
Tested-by: Joel Kitching <kitching@chromium.org>
Reviewed-by: Joel Kitching <kitching@chromium.org>
Commit-Queue: Joel Kitching <kitching@chromium.org>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Adding --absolute-names to getfattr to let getfattr not to remove
the leading slash, and not to print the warning to stderr.
BUG=chromium:954670
TEST=set_lsb_release.sh xx.bin a b
TEST=`getfattr: Removing leading '/' from absolute path names` not printed
BRANCH=none
Change-Id: I6273151713612746443d5d68a8df530f1146a4a2
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/vboot_reference/+/1712890
Tested-by: Qijiang Fan <fqj@google.com>
Reviewed-by: LaMont Jones <lamontjones@chromium.org>
Commit-Queue: Qijiang Fan <fqj@google.com>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Previously, a mix of:
- DIE
- Fatal (customly defined in cmd_vbutil_kernel.c)
- VbExError
... were all used to print an error message and exit.
In the case of futility, standardize on using the FATAL macro
defined in futility.h.
BUG=b:124141368
TEST=Check that FATAL works correctly:
$ build/futility/futility vbutil_key --in a --out a --algorithm 18
FATAL: do_vbutil_key: Unknown option
TEST=make clean && make runtests
BRANCH=none
Change-Id: I97ca1153dc36e7208c69185883518c52d5d75293
Signed-off-by: Joel Kitching <kitching@google.com>
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/vboot_reference/+/1679799
Commit-Queue: Joel Kitching <kitching@chromium.org>
Tested-by: Joel Kitching <kitching@chromium.org>
Reviewed-by: Randall Spangler <rspangler@chromium.org>
Reviewed-by: Julius Werner <jwerner@chromium.org>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Preference for vboot2 data structures when available:
sd->recovery_reason
sd->fw_version_secdata
sd->kernel_version_secdatak
BUG=b:124141368, b:124192753
TEST=make clean && make runtests
BRANCH=none
Change-Id: Ifdd77947cabb75e8ac5a838b75cbcd643c6e481e
Signed-off-by: Joel Kitching <kitching@google.com>
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/vboot_reference/+/1680190
Reviewed-by: Joel Kitching <kitching@chromium.org>
Reviewed-by: Julius Werner <jwerner@chromium.org>
Commit-Queue: Joel Kitching <kitching@chromium.org>
Tested-by: Joel Kitching <kitching@chromium.org>
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
BUG=chromium:985940
TEST=None
BRANCH=none
Change-Id: I844074e28a9cf2384bb7dc1593de7d7e01622457
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/vboot_reference/+/1710989
Tested-by: LaMont Jones <lamontjones@chromium.org>
Auto-Submit: LaMont Jones <lamontjones@chromium.org>
Reviewed-by: Mike Frysinger <vapier@chromium.org>
Commit-Queue: Mike Frysinger <vapier@chromium.org>
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
BUG=b:124141368
TEST=make clean && make runtests
BRANCH=none
Change-Id: Iff20dcc3aa47bfa29776609e5b352ea464c18241
Signed-off-by: Joel Kitching <kitching@google.com>
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/vboot_reference/+/1680189
Tested-by: Joel Kitching <kitching@chromium.org>
Commit-Queue: Joel Kitching <kitching@chromium.org>
Reviewed-by: Julius Werner <jwerner@chromium.org>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
We migrated away from this in 2012, so drop the alias. Any devices
made around that time won't need new factory images either.
BUG=None
TEST=None
BRANCH=None
Change-Id: I72a155d6c4c241781ec07b2ebb9a2393f8470a08
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/vboot_reference/+/1679436
Reviewed-by: LaMont Jones <lamontjones@chromium.org>
Commit-Queue: Mike Frysinger <vapier@chromium.org>
Tested-by: Mike Frysinger <vapier@chromium.org>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Update all references to vboot2-style struct vb2_packed_key.
BUG=b:124141368
TEST=make clean && make runtests
BRANCH=none
Change-Id: I55a5f6bf315bdb4b83a998759d3732077283998e
Signed-off-by: Joel Kitching <kitching@google.com>
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/vboot_reference/+/1675871
Tested-by: Joel Kitching <kitching@chromium.org>
Commit-Queue: Joel Kitching <kitching@chromium.org>
Reviewed-by: Julius Werner <jwerner@chromium.org>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Replace old vboot1-style Min macro with VB2_MIN,
and relocate tests accordingly.
BUG=b:124141368
TEST=make clean && make runtests
BRANCH=none
Change-Id: I73d630147eaf23f97dd750769fb1e911dae01848
Signed-off-by: Joel Kitching <kitching@google.com>
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/vboot_reference/+/1675866
Tested-by: Joel Kitching <kitching@chromium.org>
Reviewed-by: Julius Werner <jwerner@chromium.org>
Commit-Queue: Joel Kitching <kitching@chromium.org>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
When testing updater behavior with emulation (--emulate), there was no
way to know if EC and PD images were correctly found from archive and
expected to be flashed (for example if we want to test the difference
between modes).
Since we do flash EC/PD in recovery and factory modes, it is better
to still allow loading EC/PD images, and simply not writing them
(and print some messages as indication) in emulation.
BUG=chromium:965092
TEST=make runfutiltests
BRANCH=None
Change-Id: I3bbbd75cb8adf2e238a593d3dee0b2491abe7719
Signed-off-by: Hung-Te Lin <hungte@chromium.org>
Reviewed-on: https://chromium-review.googlesource.com/1626190
Legacy-Commit-Queue: Commit Bot <commit-bot@chromium.org>
Reviewed-by: Dana Goyette <dgoyette@chromium.org>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
I was following the advice given in these examples and saw:
# flashrom -p bios -w /mnt/stateful_partition/backups/bios_SAMUS_TEST_8028_20190628_100324.fd
flashrom v0.9.9 : cc7cca2 : Jun 15 2019 04:36:54 UTC on Linux 4.14.129 (x86_64)
Error: Unknown programmer bios.
Please run "flashrom --help" for usage info.
As you can see in flashrom_bios() in that same file, the "programmer"
argument in flashrom that you need to flash the BIOS is "host" not
"bios":
# flashrom -p host -w /tmp/bios_SAMUS_TEST_8028_20190628_100324.fd
flashrom v0.9.9 : 2d00129 : Jun 27 2019 15:16:55 UTC on Linux 4.14.129 (x86_64)
flashrom v0.9.9 : 2d00129 : Jun 27 2019 15:16:55 UTC on Linux 4.14.129 (x86_64)
Calibrating delay loop... OK.
coreboot table found at 0x7ce3a000.
...
Erasing and writing flash chip... SUCCESS
BUG=none
TEST=successfully flashed a backup BIOS image using flashrom
BRANCH=none
Change-Id: Ib1e10c1e06ad84714853953702328c4f4dadebe7
Signed-off-by: Ross Zwisler <zwisler@google.com>
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/vboot_reference/+/1685859
Reviewed-by: Hung-Te Lin <hungte@chromium.org>
Commit-Queue: Hung-Te Lin <hungte@chromium.org>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
We are leaving the --4k options since they are (now) no-ops, and
existing users of the script may be passing them. Since they are the
default, we want to discourage their use, so they are not documented.
BUG=b:135130152
TEST=Unit tests pass
BRANCH=None
Change-Id: I1d73496f45ac0e04657149d438434a33e0e8569b
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/vboot_reference/+/1680641
Tested-by: LaMont Jones <lamontjones@chromium.org>
Commit-Queue: LaMont Jones <lamontjones@chromium.org>
Reviewed-by: Julius Werner <jwerner@chromium.org>
Reviewed-by: Mike Frysinger <vapier@chromium.org>
Auto-Submit: LaMont Jones <lamontjones@chromium.org>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
I've had dozens of instances over the years where I had been wondering
what GBB flags a given firmware log was running with. Let's just print
them.
BRANCH=None
BUG=None
TEST=Booted Cheza.
Change-Id: I631dbcffd16f189731ed5881782722e1eec8eb83
Signed-off-by: Julius Werner <jwerner@chromium.org>
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/vboot_reference/+/1674967
Reviewed-by: Joel Kitching <kitching@chromium.org>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Use vboot2-style vb2_verify_member_inside instead.
Correct some strings in vboot2 tests to refer to new vboot2
functions instead.
BUG=b:124141368
TEST=make clean && make runtests
BRANCH=none
Change-Id: Idb3bcf1657c9d955acc6f93983c7b0c7f06427e3
Signed-off-by: Joel Kitching <kitching@google.com>
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/vboot_reference/+/1675870
Tested-by: Joel Kitching <kitching@chromium.org>
Commit-Queue: Joel Kitching <kitching@chromium.org>
Reviewed-by: Julius Werner <jwerner@chromium.org>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Macro already exists in vboot2-style 2common.h.
Relocate tests accordingly.
BUG=b:124141368
TEST=make clean && make runtests
BRANCH=none
Change-Id: I6b96627a05e8c05ff49b8780fe4472890c2a2043
Signed-off-by: Joel Kitching <kitching@google.com>
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/vboot_reference/+/1675869
Reviewed-by: Joel Kitching <kitching@chromium.org>
Tested-by: Joel Kitching <kitching@chromium.org>
Commit-Queue: Joel Kitching <kitching@chromium.org>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Should use vboot2 equivalent instead: vb2_offset_of
BUG=b:124141368
TEST=make clean && make runtests
BRANCH=none
Change-Id: I64afc88477cbb615a661833f45761030c55fcdf6
Signed-off-by: Joel Kitching <kitching@google.com>
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/vboot_reference/+/1675868
Tested-by: Joel Kitching <kitching@chromium.org>
Commit-Queue: Joel Kitching <kitching@chromium.org>
Reviewed-by: Julius Werner <jwerner@chromium.org>
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
BUG=b:124141368
TEST=make clean && make runtests
BRANCH=none
Change-Id: Ifd7dcc1414248b025a8a4bc2942db11814bc8be5
Signed-off-by: Joel Kitching <kitching@google.com>
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/vboot_reference/+/1675865
Reviewed-by: Julius Werner <jwerner@chromium.org>
Tested-by: Joel Kitching <kitching@chromium.org>
Commit-Queue: Joel Kitching <kitching@chromium.org>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Should use VB2_DEBUG macro instead (which uses vb2ex_printf).
BUG=b:124141368
TEST=make clean && make runtests
BRANCH=none
Change-Id: Ia6da51b597cb02d178ab3906022f1f4075b99a60
Signed-off-by: Joel Kitching <kitching@google.com>
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/vboot_reference/+/1675864
Reviewed-by: Julius Werner <jwerner@chromium.org>
Tested-by: Joel Kitching <kitching@chromium.org>
Commit-Queue: Joel Kitching <kitching@chromium.org>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
No one is using this, so drop the dependency.
BUG=chromium:978563
TEST=cq passes
BRANCH=None
Change-Id: I50595675f7f24f8af06a5a8ec3de21690e2ecb34
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/vboot_reference/+/1677105
Reviewed-by: Julius Werner <jwerner@chromium.org>
Reviewed-by: Joel Kitching <kitching@chromium.org>
Commit-Queue: Mike Frysinger <vapier@chromium.org>
Tested-by: Mike Frysinger <vapier@chromium.org>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
VbCommonParams is now a relic of the past. It was originally
used to pass data to VbInit, VbSelectFirmware,
VbSelectAndLoadKernel, and VbVerifyMemoryBootImage.
The former two are long deprecated and removed, while the latter
two now pass information via the vb2_context struct.
BUG=b:124141368, b:124192753
TEST=make clean && make runtests
BRANCH=none
Change-Id: Ie72f1a5308dea4f9abf2738f104cf373d1030623
Signed-off-by: Joel Kitching <kitching@google.com>
Cq-Depend: chromium:1663749
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/vboot_reference/+/1663893
Tested-by: Joel Kitching <kitching@chromium.org>
Commit-Queue: Joel Kitching <kitching@chromium.org>
Auto-Submit: Joel Kitching <kitching@chromium.org>
Reviewed-by: Julius Werner <jwerner@chromium.org>
|
|
|
|
|
|
|
|
|
|
|
|
| |
BUG=None
TEST=manually verified.
BRANCH=None
Change-Id: I65467d56409bcf608e9c59aa0759e820d11507ed
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/vboot_reference/+/1667537
Tested-by: LaMont Jones <lamontjones@chromium.org>
Reviewed-by: Mike Frysinger <vapier@chromium.org>
Commit-Queue: LaMont Jones <lamontjones@chromium.org>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
For set_lsb_release.sh called without parameter, it doesn't modify
anything in the image, and mount the image ro. Thus setfattr to
ensure security.selinux xattr will fail with Read-only filesystem,
and is not necessary since nothing has been modified.
BUG=chromium:954670
TEST=set_lsb_release.sh xx.bin a b
TEST=set_lsb_release.sh xx.bin
BRANCH=none
Change-Id: I32bf61796c2b60d18e4e62cc43f2d0e9dc75cef5
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/vboot_reference/+/1666516
Tested-by: Qijiang Fan <fqj@google.com>
Commit-Queue: LaMont Jones <lamontjones@chromium.org>
Reviewed-by: LaMont Jones <lamontjones@chromium.org>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Currently some chips that require AUX FW update request EC reboot to RO
after the FW update is applied successfully while some chips do not. It
is safe to request EC reboot to RO whenever AUX FW update is applied
successfully so that all the chips that require AUX FW update gets reset
to a clean state.
Update tests to handle the updated code flow and return code correctly.
BUG=b:128820536,b:119046668
BRANCH=None
TEST=Ensure that the device boots to ChromeOS. Force a TCPC FW update
and ensure that after it is successfully applied EC reboots to RO.
Cq-Depend: chromium:1625866
Change-Id: I72849620d90284e49cd1a9b31fc5eadede455c51
Signed-off-by: Karthikeyan Ramasubramanian <kramasub@google.com>
Reviewed-on: https://chromium-review.googlesource.com/1627302
Tested-by: Karthikeyan Ramasubramanian <kramasub@chromium.org>
Commit-Ready: Karthikeyan Ramasubramanian <kramasub@chromium.org>
Legacy-Commit-Queue: Commit Bot <commit-bot@chromium.org>
Reviewed-by: Julius Werner <jwerner@chromium.org>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Return value of vb2_gbb_read_recovery_key should be saved into an
integer, not into vboot1-style VbError_t.
BUG=b:124141368, chromium:954774
TEST=make clean && make runtests
BRANCH=none
Change-Id: Icbe622c9958d3f303da0faf7b52b0ce52c2b16a5
Signed-off-by: Joel Kitching <kitching@google.com>
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/vboot_reference/+/1648093
Tested-by: Joel Kitching <kitching@chromium.org>
Auto-Submit: Joel Kitching <kitching@chromium.org>
Reviewed-by: Julius Werner <jwerner@chromium.org>
Commit-Queue: Julius Werner <jwerner@chromium.org>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
This makes it easy to spot the speed at which the eMMC controller is
running.
vb2_load_partition: read 8419 KB in 48 ms at 174342 KB/s.
The calculation looks a little funky because I wanted to perform all
multiplications before the division to avoid losing any precision.
BRANCH=grunt
BUG=b:122244718
TEST=Verified it on grunt
Change-Id: I5fac584994bc478bfb27cbd4e2ea34af0be7f1d9
Signed-off-by: Raul E Rangel <rrangel@chromium.org>
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/vboot_reference/+/1661366
Reviewed-by: Julius Werner <jwerner@chromium.org>
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
The ME unlock needs a different pattern for these devices.
BUG=b:135216986
BRANCH=none
TEST=test update from unlocked to locked image on sarien
Change-Id: I928ee3de522937d5b972daaec4460dcc731b495e
Signed-off-by: Duncan Laurie <dlaurie@google.com>
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/vboot_reference/+/1659534
Reviewed-by: Furquan Shaikh <furquan@chromium.org>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
BUG=b:124141368, chromium:954774
TEST=make clean && make runtests
BRANCH=none
Change-Id: I7b422e8a26621720a6b7efc5211629996a6aa385
Signed-off-by: Joel Kitching <kitching@google.com>
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/vboot_reference/+/1659989
Tested-by: Joel Kitching <kitching@chromium.org>
Commit-Queue: Julius Werner <jwerner@chromium.org>
Auto-Submit: Joel Kitching <kitching@chromium.org>
Reviewed-by: Julius Werner <jwerner@chromium.org>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Export information about vb2_gbb_header's flags member:
* vb2_gbb_flags_t
* VB2_GBB_FLAGS_OFFSET
BUG=b:124141368, chromium:954774
TEST=make clean && make runtests
BRANCH=none
Change-Id: I2923156edd06df02751ccded5dcbb5bf8fe0207d
Signed-off-by: Joel Kitching <kitching@google.com>
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/vboot_reference/+/1657503
Reviewed-by: Joel Kitching <kitching@chromium.org>
Reviewed-by: Julius Werner <jwerner@chromium.org>
Tested-by: Joel Kitching <kitching@chromium.org>
Commit-Queue: Julius Werner <jwerner@chromium.org>
Auto-Submit: Joel Kitching <kitching@chromium.org>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
This constant was incorrectly set to 14, whereas
sizeof(vb2_secdatak) is 13.
Update the constant its correct value, and add a test for
each of secdata and secdatak to check the constant values.
Previously, this constant was not used anywhere. The
secdatak space is created and initialized in coreboot
with a hard-coded (correct) size and initial value.
So there should be no worry about devices out in the
field with TPM secdatak size set to 14.
BUG=b:124141368, chromium:972956
TEST=make clean && make runtests
BRANCH=none
Change-Id: I0a6072aef2de401bd3cd40ac3b002f754da19560
Signed-off-by: Joel Kitching <kitching@google.com>
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/vboot_reference/+/1655049
Reviewed-by: Julius Werner <jwerner@chromium.org>
Tested-by: Joel Kitching <kitching@chromium.org>
Commit-Queue: Julius Werner <jwerner@chromium.org>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Previously vb2api_secdatak_check and vb2api_secdatak_create had
headers in 2api.h, but no definitions.
Merge identical internal/external functions:
vb2api_secdata_create, vb2_secdata_create_crc
vb2api_secdata_check, vb2_secdata_check_crc
vb2api_secdatak_create, vb2_secdatak_create_crc
vb2api_secdatak_check, vb2_secdatak_check_crc
BUG=b:124141368, chromium:972956
TEST=make clean && make runtests
BRANCH=none
Change-Id: I64a14d65e5d856ca0f819ef3ded50b4719abc8b3
Signed-off-by: Joel Kitching <kitching@google.com>
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/vboot_reference/+/1652874
Tested-by: Joel Kitching <kitching@chromium.org>
Reviewed-by: Julius Werner <jwerner@chromium.org>
Commit-Queue: Julius Werner <jwerner@chromium.org>
|
|
|
|
|
|
|
|
|
|
|
|
| |
BUG=chromium:967968
TEST=None
Change-Id: Ibcf67c87d7a942494f9e898b20e5485fdba1093f
Signed-off-by: Joel Kitching <kitching@google.com>
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/vboot_reference/+/1634090
Reviewed-by: Julius Werner <jwerner@chromium.org>
Tested-by: Joel Kitching <kitching@chromium.org>
Commit-Queue: Sean Abraham <seanabraham@chromium.org>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Old vboot1-style GBB accessor functions were awkwardly located
within region-init.c.
Rewrite GBB accessor functions for vboot2, and formally expose
HWID retrieval function via vboot2 API. workbuf is used for
key retrieval functions, while a buffer provided by the caller
is used for HWID retrieval function.
Reintroduce vboot_display_tests to `make runtests` test suite.
Move GBB tests from vboot_display_tests to vb2_gbb_tests.
Properly propagate vb2_workbuf objects within the function call
stack (vb2_load_partition).
BUG=b:124141368, chromium:954774
TEST=Build and flash to eve, check that Chrome OS boots
TEST=Build with CL:1627469 applied, check HWID
TEST=make clean && make runtests
BRANCH=none
Change-Id: I398d1329f0b092de35aac73d98dfd9aee6e4e7de
Signed-off-by: Joel Kitching <kitching@google.com>
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/vboot_reference/+/1584488
Tested-by: Joel Kitching <kitching@chromium.org>
Reviewed-by: Julius Werner <jwerner@chromium.org>
Commit-Queue: Jason Clinton <jclinton@chromium.org>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
VB2_NV_DISPLAY_REQUEST disabling code has been relocated to
VbBootNormal. Remove from EC sync code.
Remove the vb2_shared_data argument from
check_reboot_for_display.
Avoid calling ec_sync_check_aux_fw after phase 1 if already
certain that a reboot is required.
BUG=b:124141368, chromium:948592, chromium:967298
TEST=make clean && make runtests
BRANCH=none
Change-Id: Ia5472aceb0b2a415f24dd76d26179632009d07cb
Signed-off-by: Joel Kitching <kitching@google.com>
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/vboot_reference/+/1634453
Commit-Queue: Jason Clinton <jclinton@chromium.org>
Tested-by: Jason Clinton <jclinton@chromium.org>
Reviewed-by: Julius Werner <jwerner@chromium.org>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Display initialization code now directly checks
VB2_NV_DIAG_REQUEST. There is no need for diagnostic mode flow
to set VB2_NV_DISPLAY_REQUEST.
BUG=b:124141368, chromium:948592, chromium:967298, b:133175864
TEST=make clean && make runtests
BRANCH=none
Change-Id: I9748bf03c11c5698c181c177634d73fb34fd2d59
Signed-off-by: Joel Kitching <kitching@google.com>
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/vboot_reference/+/1634452
Commit-Queue: Jason Clinton <jclinton@chromium.org>
Tested-by: Jason Clinton <jclinton@chromium.org>
Reviewed-by: Julius Werner <jwerner@chromium.org>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
In order to simplify code which uses VB2_NV_DISPLAY_REQUEST,
centralize disabling this NVRAM flag to a function called at
the start of VbBootNormal. Also disable VB2_NV_DIAG_REQUEST
here, since display init is enabled for this request as well.
BUG=b:124141368, chromium:948592, chromium:967298, b:133175864
TEST=make clean && make runtests
BRANCH=none
Change-Id: I8aa7c44671ada23c0500cd8a0c5d7f737298bb11
Signed-off-by: Joel Kitching <kitching@google.com>
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/vboot_reference/+/1634451
Commit-Queue: Jason Clinton <jclinton@chromium.org>
Tested-by: Jason Clinton <jclinton@chromium.org>
Reviewed-by: Joel Kitching <kitching@chromium.org>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
VB2_NV_DISPLAY_REQUEST should only be used for cases where there
is no other way for coreboot to tell that display initialization
is required.
In the case of developer, recovery, and diagnostic modes, display
should always be initialized without looking at
VB2_NV_DISPLAY_REQUEST.
In the case of EC slow sync, VB2_NV_DISPLAY_REQUEST should still
be used.
BUG=b:124141368, chromium:948592, chromium:967298, b:133175864
TEST=make clean && make runtests
BRANCH=none
Change-Id: I56e7d50bfd7de596d25ba232251f73ccd2d5df9b
Signed-off-by: Joel Kitching <kitching@google.com>
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/vboot_reference/+/1634450
Reviewed-by: Joel Kitching <kitching@chromium.org>
Tested-by: Joel Kitching <kitching@chromium.org>
Commit-Queue: Jason Clinton <jclinton@chromium.org>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
* Move vb2_packed_key from vb2_struct.h to 2struct.h
* Move vb2_verify_member_inside from lib20/common.c to 2common.c
* Move vb2_packed_key_data and vb2_verify_packed_key_inside from
lib20/packed_key.c to 2packed_key.c
* Relocate tests accordingly
BUG=b:124141368, chromium:968464
TEST=make clean && make runtests
BRANCH=none
Change-Id: I6a9338ffdb640aad071941c3768427e15cd2aa93
Signed-off-by: Joel Kitching <kitching@google.com>
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/vboot_reference/+/1642773
Tested-by: Joel Kitching <kitching@chromium.org>
Reviewed-by: Julius Werner <jwerner@chromium.org>
Commit-Queue: Joel Kitching <kitching@chromium.org>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
After every invocation to set_lsb_release.sh, make sure /etc/lsb-release
in $rootfs has the expected SELinux security context stored at
security.selinux extended attribute.
BRANCH=none
BUG=chromium:954670
TEST=set-lsb_release.sh chromium_test_image.bin a b
Change-Id: I541493d8ad3c94b16840337d807629691b1b00bb
Reviewed-on: https://chromium-review.googlesource.com/1630426
Commit-Ready: ChromeOS CL Exonerator Bot <chromiumos-cl-exonerator@appspot.gserviceaccount.com>
Tested-by: Qijiang Fan <fqj@google.com>
Legacy-Commit-Queue: Commit Bot <commit-bot@chromium.org>
Reviewed-by: LaMont Jones <lamontjones@chromium.org>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
All AUX FW remote bus tunnels are protected as part of
VbootExEcVbootDone callback. So update the test to reflect that
behavior.
BUG=None
BRANCH=None
TEST=/mnt/host/source/chromite/bin/cros_run_unit_tests --board=octopus
--packages=chromeos-base/vboot_reference
Change-Id: I163518a57deb586fb12ea11ba74987ff1a4ad90b
Signed-off-by: Karthikeyan Ramasubramanian <kramasub@google.com>
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/vboot_reference/+/1641531
Tested-by: Karthikeyan Ramasubramanian <kramasub@chromium.org>
Reviewed-by: Julius Werner <jwerner@chromium.org>
Commit-Queue: Karthikeyan Ramasubramanian <kramasub@chromium.org>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
When booting off of a 4kb device, depthcharge gets upset when reading
the main kernel blob (after reading a 64k chunk initially) because
the total size is not an even number of 4k sectors. Most of the parts
of the kernel blob are rounded up to 4kb, except for one.
Align the whole image up to 4kb so that it's an even number of sectors
on a 4kb device.
BUG=b:134061077
BRANCH=none
TEST=Boot off a UFS card
Change-Id: Iffa93cccd2b5902161fb373efb37f7414e816455
Signed-off-by: Evan Green <evgreen@chromium.org>
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/vboot_reference/+/1641958
Reviewed-by: Julius Werner <jwerner@chromium.org>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
* To enable, use --use_apksigner.
* Drop signature schemes that we don't really need.
* Supports key rotation. In this case, the signing lineage
will be honored if the file exists next to the keys.
* Update key generation script to auto generate the signing lineage.
TEST=the script runs successfully with and without the flag
TEST=`apksigner lineage --print-certs -v -in foo.apk` shows
correct rotation info
TEST=keygeneration/create_new_android_keys.sh --rotate-from old new
BUG=None
BRANCH=None
Change-Id: Ic7b7b0ed4ea707a748dc42a1f39d6eb79d53cf1b
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/vboot_reference/+/1643411
Tested-by: Victor Hsieh <victorhsieh@chromium.org>
Reviewed-by: LaMont Jones <lamontjones@chromium.org>
Commit-Queue: Victor Hsieh <victorhsieh@chromium.org>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Keep VB_INIT_OUT_* constants which are still currently used by
vboot_handoff.out_flags. They can be removed once vboot_handoff
has been completely sunsetted.
BUG=b:124141368, chromium:960226
TEST=make clean && make runtests
BRANCH=none
Change-Id: I8bf2d3330a09c971fd26406737a656b4b3221779
Signed-off-by: Joel Kitching <kitching@google.com>
Cq-Depend: chromium:1599565, chromium:1598588
Reviewed-on: https://chromium-review.googlesource.com/1597369
Commit-Ready: ChromeOS CL Exonerator Bot <chromiumos-cl-exonerator@appspot.gserviceaccount.com>
Tested-by: Joel Kitching <kitching@chromium.org>
Legacy-Commit-Queue: Commit Bot <commit-bot@chromium.org>
Reviewed-by: Julius Werner <jwerner@chromium.org>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Perform all the operations regarding EC AUX FW update once the EC update
is applied and EC has jumped to the updated image. This way the
information regarding the devices that require EC AUX FW update can be
probed and obtained from EC consistently.
BUG=b:128820536,b:119046668
BRANCH=None
TEST=Ensure that the device boots to ChromeOS. Ensure that the Aux FW
update is handled after EC update is applied and jumped to the updated
EC image.
Casta:
sync_one_ec: jumping to EC-RW
send_packet: CrosEC result code 12
EC returned from reboot after 53061us
ps8751.0: vendor 0x1da0 product 0x8751 device 0x0001 fw_rev 0x39
ps8751.1: vendor 0x1da0 product 0x8751 device 0x0001 fw_rev 0x39
Bobba:
sync_one_ec: jumping to EC-RW
send_packet: CrosEC result code 12
EC returned from reboot after 52271us
ps8751.1: vendor 0x1da0 product 0x8751 device 0x0001 fw_rev 0x39
Ampton:
sync_one_ec: jumping to EC-RW
EC returned from reboot after 43019us
vb2_developer_ui: Entering
vboot_draw_screen: screen=0x101 locale=0
Change-Id: I28956543dfe1e059e15212dceada8bc517c0e7fc
Signed-off-by: Karthikeyan Ramasubramanian <kramasub@google.com>
Reviewed-on: https://chromium-review.googlesource.com/1592472
Commit-Ready: Karthikeyan Ramasubramanian <kramasub@chromium.org>
Tested-by: Karthikeyan Ramasubramanian <kramasub@chromium.org>
Legacy-Commit-Queue: Commit Bot <commit-bot@chromium.org>
Reviewed-by: Julius Werner <jwerner@chromium.org>
Reviewed-by: Furquan Shaikh <furquan@chromium.org>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Pass VbSharedDataHeader struct directly as an argument for the
functions VbVerifyMemoryBootImage and VbSelectAndLoadKernel,
instead of retrieving from cparams. After any remaining
references are removed from depthcharge, the VbCommonParams
struct may be deprecated and removed.
BUG=b:124141368
TEST=make clean && make runtests
BRANCH=none
Change-Id: I4dceb539516b62b5817987359705bb8e27ddb6f3
Signed-off-by: Joel Kitching <kitching@google.com>
Cq-Depend: chromium:1585505
Reviewed-on: https://chromium-review.googlesource.com/1584489
Commit-Ready: Joel Kitching <kitching@chromium.org>
Tested-by: Joel Kitching <kitching@chromium.org>
Legacy-Commit-Queue: Commit Bot <commit-bot@chromium.org>
Reviewed-by: Joel Kitching <kitching@chromium.org>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Since GBB header will be needed for subsequent GBB reads later on
(in kernel verification stage), and since GBB header is
relatively small (128 bytes), save the full GBB header onto
workbuf during firmware verification stage, and store an offset
pointer to it in vb2_shared_data. vb2_gbb_header object may be
accessed via the vb2_get_gbb function.
Additionally, update functions in firmware/lib/region-init.c to
read GBB data from flash, rather than using cparams passed in by
depthcharge, which is slated for deprecation.
BUG=b:124141368, chromium:954774
TEST=make clean && make runtests
BRANCH=none
Change-Id: I6e6218231299ce3a5b383663bc3480b20f929840
Signed-off-by: Joel Kitching <kitching@google.com>
Cq-Depend: chromium:1585500
Reviewed-on: https://chromium-review.googlesource.com/1627430
Commit-Ready: Joel Kitching <kitching@chromium.org>
Tested-by: Joel Kitching <kitching@chromium.org>
Legacy-Commit-Queue: Commit Bot <commit-bot@chromium.org>
Reviewed-by: Julius Werner <jwerner@chromium.org>
Reviewed-by: Joel Kitching <kitching@chromium.org>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
The PCR extension value size should not have been hardcoded, it is
different for different TPM specification versions.
BRANCH=none
BUG=none
TEST=the error message prints the correct expected input size for both
tpm and tpm2 case now.
Change-Id: I8e65181edff1e62bbaae46e622fe67f420cbab25
Signed-off-by: Vadim Bendebury <vbendeb@chromium.org>
Reviewed-on: https://chromium-review.googlesource.com/1627640
Legacy-Commit-Queue: Commit Bot <commit-bot@chromium.org>
Reviewed-by: Andrey Pronin <apronin@chromium.org>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
In CL:1601678, few logging messages were not properly converted:
- STATUS should add \n
- INFO and WARN should not need __FUNCTION__
BUG=None
TEST=make futil; tests/futility/run_test_scripts.sh $(pwd)/build/futility
BRANCH=None
Change-Id: Ib01d9319815a5fbb579e49391fc4bff9d61ca214
Signed-off-by: Hung-Te Lin <hungte@chromium.org>
Reviewed-on: https://chromium-review.googlesource.com/1626189
Legacy-Commit-Queue: Commit Bot <commit-bot@chromium.org>
Reviewed-by: Julius Werner <jwerner@chromium.org>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
sign_official_build.sh accepted a subset of the syntax allowed by
sign_firmware.sh. Update to be consistent.
BUG=chromium:962529
BRANCH=None
TEST=Manually verified
Change-Id: Ic9c7d5d8a4744c09c06249ed835ef678e6368aa0
Reviewed-on: https://chromium-review.googlesource.com/1612376
Commit-Ready: LaMont Jones <lamontjones@chromium.org>
Tested-by: LaMont Jones <lamontjones@chromium.org>
Legacy-Commit-Queue: Commit Bot <commit-bot@chromium.org>
Reviewed-by: Jason Clinton <jclinton@chromium.org>
|