| Commit message (Collapse) | Author | Age | Files | Lines |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Found by Coverity Scan #198910
BUG=none
BRANCH=none
TEST=none
Change-Id: I609a3a1fe4d38b5c417608ef8574df6286dfbfda
Signed-off-by: Patrick Georgi <pgeorgi@google.com>
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/vboot_reference/+/1789709
Reviewed-by: Hung-Te Lin <hungte@chromium.org>
Tested-by: Patrick Georgi <pgeorgi@chromium.org>
Commit-Queue: Patrick Georgi <pgeorgi@chromium.org>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
We're dropping this from the signer, so drop it from here too.
Nothing else has referred to it.
BUG=None
TEST=CQ passes
BRANCH=None
Change-Id: I855ef036b620082ec98af7aac8ea330ae472435a
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/vboot_reference/+/1814697
Reviewed-by: George Engelbrecht <engeg@google.com>
Commit-Queue: Mike Frysinger <vapier@chromium.org>
Tested-by: Mike Frysinger <vapier@chromium.org>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
This reverts commit 4856877a76a90ab1851c0e24593ec67e6375a60a.
Reason for revert: Root cause fixed by CL:1790955.
Original change's description:
> Use bfd as the linker to build vboot_reference.
>
> Coreboot uses vboot_reference to build futility as a host binary.
> However, it passes a target path for linking which causes LLD to
> error out.
> e.g. x86_64-pc-linux-clang -L/build/veyron_minnie/usr/lib
> where -L/build/veyron_minnie/usr/lib should not be passed
> as futility is being linked as a host binary.
>
> Use bfd as the linker temporarily as it only produces a warning
> and does not error out.
>
> BUG=chromium:999217
> TEST=coreboot builds
> BRANCH=None
>
> Change-Id: I8716ff3a0b4cc8afc54a3cc95ca5c1bfdcba6c9f
> Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/vboot_reference/+/1789676
> Tested-by: Manoj Gupta <manojgupta@chromium.org>
> Reviewed-by: Julius Werner <jwerner@chromium.org>
> Commit-Queue: Manoj Gupta <manojgupta@chromium.org>
Bug: chromium:999217
Change-Id: Ibf69ca06e3ae2e681176499b23c673eda8d77b6c
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/vboot_reference/+/1790956
Tested-by: Manoj Gupta <manojgupta@chromium.org>
Reviewed-by: Julius Werner <jwerner@chromium.org>
Commit-Queue: Manoj Gupta <manojgupta@chromium.org>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Found by Coverity Scan
BUG=none
BRANCH=none
TEST=none
Change-Id: I2544a4e84ecadc262e08aaa4e6f056d710d807f5
Signed-off-by: Patrick Georgi <pgeorgi@google.com>
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/vboot_reference/+/1771972
Reviewed-by: Julius Werner <jwerner@chromium.org>
Reviewed-by: Hung-Te Lin <hungte@chromium.org>
Tested-by: Patrick Georgi <pgeorgi@chromium.org>
Commit-Queue: Patrick Georgi <pgeorgi@chromium.org>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Allow MP images to be signed. Also, the manifest file name changed.
BRANCH=none
BUG=b:74100307
TEST=manual
Change-Id: Ia6b4724ceea2b7a18a2caecea7142d1b6ebfaa13
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/vboot_reference/+/1791816
Reviewed-by: LaMont Jones <lamontjones@chromium.org>
Commit-Queue: LaMont Jones <lamontjones@chromium.org>
Tested-by: LaMont Jones <lamontjones@chromium.org>
Auto-Submit: LaMont Jones <lamontjones@chromium.org>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Coreboot uses vboot_reference to build futility as a host binary.
However, it passes a target path for linking which causes LLD to
error out.
e.g. x86_64-pc-linux-clang -L/build/veyron_minnie/usr/lib
where -L/build/veyron_minnie/usr/lib should not be passed
as futility is being linked as a host binary.
Use bfd as the linker temporarily as it only produces a warning
and does not error out.
BUG=chromium:999217
TEST=coreboot builds
BRANCH=None
Change-Id: I8716ff3a0b4cc8afc54a3cc95ca5c1bfdcba6c9f
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/vboot_reference/+/1789676
Tested-by: Manoj Gupta <manojgupta@chromium.org>
Reviewed-by: Julius Werner <jwerner@chromium.org>
Commit-Queue: Manoj Gupta <manojgupta@chromium.org>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
These secure spaces are now used for more than just rollback
versions and should be renamed thus.
Note: Originally this rename operation was batched into the CL
which rewrites the functions in rollback_index/secdata_tpm, but
it made reviewing in Gerrit a pain, since it couldn't pick up on
the file renames, and instead showed them as deletes/adds.
Doing the rename separately helps ensure all references to
rollback_index are updated, and gives us a better review
experience in Gerrit.
BUG=b:124141368, chromium:972956
TEST=make clean && make runtests
BRANCH=none
Change-Id: I51e5c731e0d7a071d384c28da56e7adce64ba943
Signed-off-by: Joel Kitching <kitching@google.com>
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/vboot_reference/+/1776279
Commit-Queue: Joel Kitching <kitching@chromium.org>
Tested-by: Joel Kitching <kitching@chromium.org>
Reviewed-by: Julius Werner <jwerner@chromium.org>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
This function is only used internally in rollback_index.c
and thus does not need a mock.
(It does need to be listed in rollback_index.h since it
must be accessible by tests.)
BUG=b:124141368, chromium:972956
TEST=make clean && make runtests
BRANCH=none
Change-Id: Ib7ce907da82608de7e5c6c2be11c57bf353ca0b3
Signed-off-by: Joel Kitching <kitching@google.com>
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/vboot_reference/+/1780088
Commit-Queue: Joel Kitching <kitching@chromium.org>
Tested-by: Joel Kitching <kitching@chromium.org>
Reviewed-by: Julius Werner <jwerner@chromium.org>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Remove the unnecessary offsetof declaration in
rollback_index.c, and fix some macro formatting.
BUG=b:124141368, chromium:972956
TEST=make clean && make runtests
BRANCH=none
Change-Id: I156a0561070e03f978fff307d3dbfafde09e0adf
Signed-off-by: Joel Kitching <kitching@google.com>
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/vboot_reference/+/1773093
Commit-Queue: Joel Kitching <kitching@chromium.org>
Tested-by: Joel Kitching <kitching@chromium.org>
Reviewed-by: Julius Werner <jwerner@chromium.org>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
The last remaining C++ files were removed in CL:367882.
vboot_reference does not have any C++ files anymore, and
thus does not need this rule in its Makefile.
BUG=b:124141368
TEST=make clean && make runtests
BRANCH=none
Change-Id: Id59b2e593b1748293f045e5f7152ec2647ba7342
Signed-off-by: Joel Kitching <kitching@google.com>
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/vboot_reference/+/1780082
Commit-Queue: Joel Kitching <kitching@chromium.org>
Tested-by: Joel Kitching <kitching@chromium.org>
Reviewed-by: Julius Werner <jwerner@chromium.org>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
- Lists should be alphabetically sorted
- No need for CHROMEOS_ENVIRONMENT variable
- Remove some defunct sections
- Merge VBINIT and VBSLK into FWLIB
BUG=b:124141368
TEST=make clean && make runtests
BRANCH=none
Change-Id: Id05508a8be6273f11c1886fd9a35d30be4bb778f
Signed-off-by: Joel Kitching <kitching@google.com>
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/vboot_reference/+/1773087
Reviewed-by: Joel Kitching <kitching@chromium.org>
Commit-Queue: Joel Kitching <kitching@chromium.org>
Tested-by: Joel Kitching <kitching@chromium.org>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
It is possible that set_vendor_data will not be null terminated if
strlen(vendor_data_value) >= sizeof(set_vendor_data). Leave an extra
byte at the end to prevent this.
BUG=none
TEST=make clean && make runtests
BRANCH=none
Change-Id: Ic21d74e9f3f36557ab1083001ab8af8ee42426e4
Signed-off-by: Jacob Garber <jgarber1@ualberta.ca>
Found-by: Coverity CID 198908
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/vboot_reference/+/1752933
Reviewed-by: Joel Kitching <kitching@chromium.org>
|
|
|
|
|
|
|
|
|
|
|
|
| |
BUG=none
TEST= emerge vboot_reference
BRANCH=none
Change-Id: I1e486ce46d56539e23ec2b93e7eee971366c31f4
Signed-off-by: Srinidhi N Kaushik <srinidhi.n.kaushik@intel.com>
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/vboot_reference/+/1775273
Reviewed-by: Duncan Laurie <dlaurie@google.com>
Reviewed-by: Wonkyu Kim <wonkyu.kim@intel.corp-partner.google.com>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
The drive details are the only place where block sizes are tracked,
so make sure we display them so the user knows the bytes-per-block.
Might as well dump all the other drive details while we're here.
BUG=None
TEST=CQ passes
BRANCH=None
Change-Id: I2f2546feec2d58a295ce69c2bfe89a5ecf392f46
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/vboot_reference/+/1773966
Reviewed-by: Julius Werner <jwerner@chromium.org>
Tested-by: Mike Frysinger <vapier@chromium.org>
Commit-Queue: Mike Frysinger <vapier@chromium.org>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
tlcl_tests and rollback_index2_tests only work when
MOCK_TPM is disabled.
BUG=b:124141368, chromium:972956
TEST=make clean && make runtests
BRANCH=none
Change-Id: I3d09e2b02c72e2ee1b1b89769e433cc5cd513163
Signed-off-by: Joel Kitching <kitching@google.com>
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/vboot_reference/+/1776278
Reviewed-by: Joel Kitching <kitching@chromium.org>
Commit-Queue: Joel Kitching <kitching@chromium.org>
Tested-by: Joel Kitching <kitching@chromium.org>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Allows the case of FIRMWARE_ARCH= TPM2_MODE= MOCK_TPM=1
to compile.
Also wrap TlclUndefineSpace in #ifdef CHROMEOS_ENVIRONMENT
to match its non-mocked definition.
BUG=b:124141368, chromium:997132
TEST=make clean && TPM2_MODE= MOCK_TPM=1 make runtests
BRANCH=none
Change-Id: I681dcb239c0bff9530df84a0a4f848e73384c798
Signed-off-by: Joel Kitching <kitching@google.com>
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/vboot_reference/+/1773095
Commit-Queue: Joel Kitching <kitching@chromium.org>
Tested-by: Joel Kitching <kitching@chromium.org>
Reviewed-by: Julius Werner <jwerner@chromium.org>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Get rid of vb2_context forward declaration and vb2_error_t
redefinition from 2secdata.h, and properly include 2api.h
instead.
Remove 2secdata.h from 2api.h (should not be publicly
accessible), and add 2secdata.h include to appropriate files.
BUG=b:124141368, chromium:972956
TEST=make clean && make runtests
BRANCH=none
Change-Id: I15570488fdabfcd9a178a0cedc7868b8c23720e9
Signed-off-by: Joel Kitching <kitching@google.com>
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/vboot_reference/+/1776285
Tested-by: Joel Kitching <kitching@chromium.org>
Commit-Queue: Joel Kitching <kitching@chromium.org>
Reviewed-by: Julius Werner <jwerner@chromium.org>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
For clarity's sake, rename:
secdata -> secdata_firmware
secdatak -> secdata_kernel
secdata is now the general term to refer to any secure data
spaces: firmware, kernel, and FWMP.
Once coreboot code has been updated, the sections in 2api.h
and 2constants.h may be removed.
BUG=b:124141368, chromium:972956
TEST=make clean && make runtests
BRANCH=none
Change-Id: I376acee552e8be37c75c340626a95462f81e198b
Signed-off-by: Joel Kitching <kitching@google.com>
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/vboot_reference/+/1773079
Reviewed-by: Joel Kitching <kitching@chromium.org>
Commit-Queue: Joel Kitching <kitching@chromium.org>
Tested-by: Joel Kitching <kitching@chromium.org>
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
BUG=b:124141368, chromium:995172
TEST=make clean && make runtests
BRANCH=none
Change-Id: I42e4ac8a21ac3be416d315a8a8cc914f997bab79
Signed-off-by: Joel Kitching <kitching@google.com>
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/vboot_reference/+/1758148
Reviewed-by: Julius Werner <jwerner@chromium.org>
Tested-by: Joel Kitching <kitching@chromium.org>
Commit-Queue: Joel Kitching <kitching@chromium.org>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Standardize on the term "blocks" rather than "sectors" as this matches
our disk layout configuration files.
For cgpt show, split the specific field options out from the -i option.
The current text makes it seem like they're always required when using
the -i option, and it's not super clear that they only matter when the
-i flag is used.
BUG=None
TEST=CQ passes
BRANCH=None
Change-Id: Idfd939cfe9501da78e323bc1ce8c1fbf772fbaa9
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/vboot_reference/+/1773965
Reviewed-by: Julius Werner <jwerner@chromium.org>
Commit-Queue: Mike Frysinger <vapier@chromium.org>
Tested-by: Mike Frysinger <vapier@chromium.org>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
If people use -i0, the code runs as if the flag wasn't specified.
Since valid partition numbers are [1,128], and the lower layers
already reject values outside that range (except for 0), add an
explicit check to the CLI for -i0.
Trying to display specific fields w/out -i makes no sense, and
the lower layers just ignore it. Add an explicit check for it
so users don't try to do `cgpt show /dev/sda -s` and wonder why
the output is unchanged.
Passing more than one specific field selector like -s -b doesn't
work -- whatever flag was specified last wins. This isn't that
obvious to users, so throw an explicit error when it happens.
BUG=None
TEST=CQ passes
BRANCH=None
Change-Id: I7c98822b79b389824b544b128ede93458b678342
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/vboot_reference/+/1773964
Reviewed-by: Julius Werner <jwerner@chromium.org>
Commit-Queue: Mike Frysinger <vapier@chromium.org>
Tested-by: Mike Frysinger <vapier@chromium.org>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Clang is diagnosing implicit fallthrough in C code
past https://reviews.llvm.org/rL369414.
Detect the support for the fallthrough attributes in gcc/clang
and enable it as VBOOT_FALLTHROUGH (copied from boringssl).
This is needed to fix ToT clang builds.
Note: GCC apparently does not diagnose fallthrough to another case
with break but clang does (https://gcc.gnu.org/bugzilla/show_bug.cgi?id=91432).
And clang does not detect the fallthrough based on code comments.
Bug: chromium:997709
Test: CQ
Change-Id: Id8b4be4deabca2d0f1b2efd80efa72a485a5dc8c
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/vboot_reference/+/1772474
Tested-by: Manoj Gupta <manojgupta@chromium.org>
Reviewed-by: Patrick Georgi <pgeorgi@chromium.org>
Commit-Queue: Manoj Gupta <manojgupta@chromium.org>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
BUG=b:124141368, b:131663912, b:139392536
TEST=make clean && make runtests
BRANCH=none
Change-Id: I91eab08130786188b0a7c514b35574c611863b03
Signed-off-by: Joel Kitching <kitching@google.com>
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/vboot_reference/+/1758147
Tested-by: Joel Kitching <kitching@chromium.org>
Reviewed-by: Julius Werner <jwerner@chromium.org>
Reviewed-by: Furquan Shaikh <furquan@chromium.org>
Commit-Queue: Furquan Shaikh <furquan@chromium.org>
Commit-Queue: Joel Kitching <kitching@chromium.org>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Minor but Coverity Scan noticed it.
BUG=none
BRANCH=none
TEST=none
Change-Id: I08e889f8515681e4065b0c93180aec4d083c5012
Signed-off-by: Patrick Georgi <pgeorgi@google.com>
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/vboot_reference/+/1771971
Reviewed-by: Julius Werner <jwerner@chromium.org>
Reviewed-by: Hung-Te Lin <hungte@chromium.org>
Commit-Queue: Patrick Georgi <pgeorgi@chromium.org>
Tested-by: Patrick Georgi <pgeorgi@chromium.org>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Minor leak avoidance as identified by Coverity Scan.
BUG=none
BRANCH=none
TEST=none
Change-Id: I4e1d0f8c7eeaf12c5cf52fb94bdcf4ed7fef3224
Signed-off-by: Patrick Georgi <pgeorgi@google.com>
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/vboot_reference/+/1771970
Reviewed-by: Julius Werner <jwerner@chromium.org>
Commit-Queue: Patrick Georgi <pgeorgi@chromium.org>
Tested-by: Patrick Georgi <pgeorgi@chromium.org>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
This constant triggered different implementations of the two
functions RollbackFwmpRead and RollbackKernelLock, whose
overridden implementation would then be relied on in various
tests. Instead, directly override these functions within the
tests where they are required.
The overridden implementations were also used in
utilities/load_kernel_test.c, but this utility is currently
broken and not in active use. If we would like to get it working
again, simply override these two functions directly in the C
file, just as is done for unit tests. (See b:139839429.)
BUG=b:124141368, chromium:972956
TEST=make clean && make runtests
BRANCH=none
Change-Id: I0a4d24ea4ae4182b7f4f258860de6f712dae1555
Signed-off-by: Joel Kitching <kitching@google.com>
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/vboot_reference/+/1765169
Tested-by: Joel Kitching <kitching@chromium.org>
Reviewed-by: Julius Werner <jwerner@chromium.org>
Commit-Queue: Joel Kitching <kitching@chromium.org>
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
BUG=b:124141368, chromium:972956
TEST=make clean && make runtests
BRANCH=none
Change-Id: I37d2d76aa08f42853fa9785a5b941f080f2f6243
Signed-off-by: Joel Kitching <kitching@google.com>
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/vboot_reference/+/1765168
Tested-by: Joel Kitching <kitching@chromium.org>
Reviewed-by: Julius Werner <jwerner@chromium.org>
Commit-Queue: Joel Kitching <kitching@chromium.org>
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
BUG=b:124141368
TEST=make clean && make runtests
BRANCH=none
Change-Id: Id97f544da845f7070555e5e8cc6e782b2d45c300
Signed-off-by: Joel Kitching <kitching@google.com>
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/vboot_reference/+/1758151
Tested-by: Joel Kitching <kitching@chromium.org>
Reviewed-by: Joel Kitching <kitching@chromium.org>
Commit-Queue: Joel Kitching <kitching@chromium.org>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
VbUnlockDevice is only used in fastboot. Currently fastboot
"unlocking" is disabled (see CL:1757973).
BUG=b:124141368, chromium:972956
TEST=make clean && make runtests
BRANCH=none
Change-Id: I0de44c2bb8d8150dafb0b73e7a0be6e63564a26b
Signed-off-by: Joel Kitching <kitching@google.com>
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/vboot_reference/+/1758150
Tested-by: Joel Kitching <kitching@chromium.org>
Reviewed-by: Julius Werner <jwerner@chromium.org>
Commit-Queue: Joel Kitching <kitching@chromium.org>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
These are not yet used in production and need some fixing up
first.
BUG=b:124141368, chromium:972956
TEST=make clean && make runtests
BRANCH=none
Change-Id: Ifbd0e761cc5bc05437bfed774fb15d5e8ef1b8e7
Signed-off-by: Joel Kitching <kitching@google.com>
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/vboot_reference/+/1758149
Tested-by: Joel Kitching <kitching@chromium.org>
Commit-Queue: Joel Kitching <kitching@chromium.org>
Reviewed-by: Julius Werner <jwerner@chromium.org>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
From the original CL:3077016:
"Small program to temporarily fix TPM state until we can do this
in the BIOS."
BUG=b:124141368
TEST=emerge with USE=cros_host and USE=-cros_host
BRANCH=none
Change-Id: Icc90bc2b3ee76b66b803af4059dafbe5e1d52daf
Signed-off-by: Joel Kitching <kitching@google.com>
Cq-Depend: chromium:1763969
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/vboot_reference/+/1763970
Reviewed-by: Joel Kitching <kitching@chromium.org>
Tested-by: Joel Kitching <kitching@chromium.org>
Commit-Queue: Joel Kitching <kitching@chromium.org>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
No longer relevant with GBB refactor.
BUG=b:124141368, chromium:954774
TEST=make clean && make runtests
BRANCH=none
Change-Id: I84479ae3bd8a936728d83d7937f4981ef6a37247
Signed-off-by: Joel Kitching <kitching@google.com>
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/vboot_reference/+/1763972
Tested-by: Joel Kitching <kitching@chromium.org>
Commit-Queue: Joel Kitching <kitching@chromium.org>
Reviewed-by: Julius Werner <jwerner@chromium.org>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
In case we want to keep it around. See b:139839429.
BUG=b:124141368, b:139839429
TEST=None
BRANCH=none
Change-Id: Ib49a8c7a1acf2e643fcda0a68bf39d756506e3a2
Signed-off-by: Joel Kitching <kitching@google.com>
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/vboot_reference/+/1763971
Tested-by: Joel Kitching <kitching@chromium.org>
Commit-Queue: Joel Kitching <kitching@chromium.org>
Reviewed-by: Mike Frysinger <vapier@chromium.org>
Reviewed-by: Julius Werner <jwerner@chromium.org>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
We need to disable some warnings that only exist for clang, but we don't
want GCC to choke on them with "unrecognized command line option"
either. We still want external users to be able to build vboot (even
host utilities) with GCC if they prefer. Therefore, add
-Wno-unknown-warning to prevent GCC from choking.
BRANCH=None
BUG=chromium:991812
TEST=make runtests
Change-Id: I753bd4c1240d5064a815e3f1d019ad3b67d686a2
Signed-off-by: Julius Werner <jwerner@chromium.org>
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/vboot_reference/+/1772177
Reviewed-by: Mike Frysinger <vapier@chromium.org>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
We deleted the script the oci-container target needs,
so remove some remaining dead references.
BUG=chromium:976916
TEST=signing image w/key deletes it, and signing image w/out key passes
BRANCH=None
Change-Id: I54624a1241a7b7326a746514aa32644fd94ec525
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/vboot_reference/+/1762462
Reviewed-by: LaMont Jones <lamontjones@chromium.org>
Tested-by: Mike Frysinger <vapier@chromium.org>
Commit-Queue: Mike Frysinger <vapier@chromium.org>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
The way the sed logic was written we allowed invalid sed expressions
to count as "pass". This is because we use "no output" as the signal
that the command line option is OK (since the sed script deleted it),
but it meant that invalid sed scripts produced no output too. Add an
explicit exit status check to make sure invalid scripts fail.
BUG=chromium:991590
TEST=`./image_signing/ensure_secure_kernelparams.sh ./coral-12439.0.0-recovery.bin .../cros-signing/security_test_baselines/ensure_secure_kernelparams.config` produces no errors
BRANCH=None
Change-Id: I1de3ada7e44c49f97ecc40824d98cca9291ab7e6
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/vboot_reference/+/1762459
Reviewed-by: LaMont Jones <lamontjones@chromium.org>
Commit-Queue: Mike Frysinger <vapier@chromium.org>
Tested-by: Mike Frysinger <vapier@chromium.org>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
vboot_reference fails to compile with MOCK_TPM=1 due to a lack of
TlclUndefineSpace function in mocked_tlcl.c.
Add the function to fix this issue.
BUG=b:124141368, chromium:997132
TEST=make clean && make runtests
BRANCH=none
Change-Id: If290767a25f1ac6f02e3d8f78373a77da8567c87
Signed-off-by: Joel Kitching <kitching@google.com>
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/vboot_reference/+/1768378
Tested-by: Joel Kitching <kitching@chromium.org>
Reviewed-by: Julius Werner <jwerner@chromium.org>
Reviewed-by: Andrey Pronin <apronin@chromium.org>
Commit-Queue: Joel Kitching <kitching@chromium.org>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Implicit fallthroughs are always a source of trouble, so let's get the
compiler to catch them for us. Intentional fallthroughs can be marked
using the /* fall through */ comment to silence this warning.
BUG=none
TEST=make clean && make runtests
BRANCH=none
Change-Id: I66a9edc810674a732c0530cd78b5aa8a2c37f562
Signed-off-by: Jacob Garber <jgarber1@ualberta.ca>
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/vboot_reference/+/1742640
Reviewed-by: Patrick Georgi <pgeorgi@chromium.org>
Reviewed-by: Julius Werner <jwerner@chromium.org>
Commit-Queue: Manoj Gupta <manojgupta@chromium.org>
Tested-by: Patrick Georgi <pgeorgi@chromium.org>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
The 'incompatible key' error message added the new line in wrong
location, causing the message to be truncated unexpectedly.
We should put the line break after whole message (including URL) is
printed.
BUG=None
TEST=make runfutiltests
BRANCH=None
Change-Id: Ic74da1c2657b9517dce786a72435275e7141348c
Signed-off-by: Hung-Te Lin <hungte@chromium.org>
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/vboot_reference/+/1763968
Reviewed-by: Joel Kitching <kitching@chromium.org>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
sysincludes.h and 2sysincludes.h are almost identical except for
one extra header (ctype.h) in the vboot1 variant. Add this to
2sysincludes.h, and nuke sysincludes.h.
Depends on: https://review.coreboot.org/c/coreboot/+/33525
BUG=b:124141368
TEST=make clean && make runtests
BRANCH=none
Change-Id: Iaba21a9b8bb2ae0c081184019576663898317bd1
Signed-off-by: Joel Kitching <kitching@google.com>
Cq-Depend: chromium:1680325
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/vboot_reference/+/1659990
Tested-by: Joel Kitching <kitching@chromium.org>
Reviewed-by: Julius Werner <jwerner@chromium.org>
Commit-Queue: Joel Kitching <kitching@chromium.org>
Auto-Submit: Joel Kitching <kitching@chromium.org>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Relocate permissions and uid check from RollbackKernelRead
to ReadSpaceKernel.
Restructure test code to set default values in ResetMocks.
BUG=b:124141368, chromium:972956
TEST=make clean && make runtests
BRANCH=none
Change-Id: I72c536042b89684c6db5099412344678e3d9d920
Signed-off-by: Joel Kitching <kitching@google.com>
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/vboot_reference/+/1758146
Reviewed-by: Julius Werner <jwerner@chromium.org>
Tested-by: Joel Kitching <kitching@chromium.org>
Commit-Queue: Joel Kitching <kitching@chromium.org>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
This makes it clear exactly when reads/writes are occurring,
with what values.
BUG=b:124141368, chromium:972956
TEST=make clean && make runtests
BRANCH=none
Change-Id: I614204cc19d2c90d2ac5799f136daf251a45e251
Signed-off-by: Joel Kitching <kitching@google.com>
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/vboot_reference/+/1728299
Tested-by: Joel Kitching <kitching@chromium.org>
Commit-Queue: Joel Kitching <kitching@chromium.org>
Reviewed-by: Julius Werner <jwerner@chromium.org>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Every failure case should output some debug information.
BUG=b:124141368, chromium:972956
TEST=make clean && make runtests
BRANCH=none
Change-Id: I0f178fa72f7e227b3abc22ac1b0d2df5ed4a6dc8
Signed-off-by: Joel Kitching <kitching@google.com>
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/vboot_reference/+/1738348
Reviewed-by: Joel Kitching <kitching@chromium.org>
Tested-by: Joel Kitching <kitching@chromium.org>
Commit-Queue: Joel Kitching <kitching@chromium.org>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
The code to deal with version < 2 rollback spaces has been around
since 2013. Legacy devices will not be updating to this code,
thus we can remove the legacy silent upgrade.
BUG=b:124141368, chromium:972956
TEST=make clean && make runtests
BRANCH=none
Change-Id: I8ce22c37418ddc56cb74cc792540b54b3ee7bbd7
Signed-off-by: Joel Kitching <kitching@google.com>
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/vboot_reference/+/1727949
Reviewed-by: Joel Kitching <kitching@chromium.org>
Tested-by: Joel Kitching <kitching@chromium.org>
Commit-Queue: Joel Kitching <kitching@chromium.org>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
vboot_reference builds most tools as static but
address sanitizer does not support static linking.
Put more tools under NO_BUILD_TOOLS condition (set
only in fuzzer builders) to make fuzzer builders happy.
BUG=chromium:995340
TEST=USE="asan fuzzer" emerge-amd64-generic vboot_reference works.
Change-Id: I76beffb10744c8d9c5b6b4a50e971f1332113491
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/vboot_reference/+/1761012
Reviewed-by: Manoj Gupta <manojgupta@chromium.org>
Tested-by: Manoj Gupta <manojgupta@chromium.org>
Commit-Queue: Dhanya Ganesh <dhanyaganesh@chromium.org>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Ensure that mock_keypresses_count is in bounds before accessing the
mock_keyflags array.
BUG=none
TEST=make clean && make runtests
BRANCH=none
Change-Id: Ifa8fce5438f2e2547c9e316038466244eee7bfa9
Signed-off-by: Jacob Garber <jgarber1@ualberta.ca>
Found-by: Coverity CID 198899
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/vboot_reference/+/1752048
Reviewed-by: Joel Kitching <kitching@chromium.org>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
This patch enables -ffunction-sections, -fdata-sections and
-Wl,--gc-sections for host builds. These flags already get passed by
firmware builds anyway, so having host builds match that behavior should
be a good idea in general. They may also occasionally help save a bit of
code size (though not much since vboot is a library, but I still get
about half a KB out of futility), and they will prevent clang from
omitting relocations for function calls inside the same file, which
means we don't have to splatter test_mockable all over our codebase
anymore. (We still need it for vb2_get_gbb() since that is so small that
both GCC and clang want to inline it, even if they are outputting a
discrete copy anyway.)
(Also add a comment about why GenerateGuid() has nothing do to with this
even though it is also a weak function, and why it is like that.)
BRANCH=None
BUG=chromium:991812
TEST=make runtests with both GCC and clang
Change-Id: Iede9d29e20b99b75a0c86bc7ecb907d2a0e5e3a1
Signed-off-by: Julius Werner <jwerner@chromium.org>
Reviewed-on: https://chromium-review.googlesource.com/1754969
Legacy-Commit-Queue: Commit Bot <commit-bot@chromium.org>
Reviewed-by: Mike Frysinger <vapier@chromium.org>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
vb2_shared_data struct has many offsets to other objects in the
workbuf. They are all prefixed with `workbuf_`, e.g.:
uint32_t workbuf_data_key_offset;
uint32_t workbuf_data_key_size;
In order to adhere to a hierarchical structure on the workbuf,
remove the workbuf_ prefix from these symbols to reflect the
relationship between vb2_shared_data and its children more
accurately.
Create a helper function vb2_member_of to safely look up a child
of a particular object in the workbuf by offset. Pointer
arithmetic to find vb2_shared_data children is replaced with
calls to this function.
BUG=b:124141368, chromium:994060
TEST=make clean && make runtests
BRANCH=none
Change-Id: Ia82417a35d2067ee5e4f42fea0396e6325127223
Signed-off-by: Joel Kitching <kitching@google.com>
Cq-Depend: chromium:1753400
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/vboot_reference/+/1718264
Commit-Queue: Joel Kitching <kitching@chromium.org>
Tested-by: Joel Kitching <kitching@chromium.org>
Reviewed-by: Julius Werner <jwerner@chromium.org>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
rptr points to an object with rsize number of bytes. If offset + size ==
rsize, then rptr + offset + size will point to one byte past the end of
the object during the memcpy(). Exclude this case by adding it to the
bounds check. We can also remove the offset > rsize check since it is
subsumed in the other one.
BUG=none
TEST=make clean && make runtests
BRANCH=none
Change-Id: Iceda658f420babe61bd1d9807efc8333d2044ccc
Signed-off-by: Jacob Garber <jgarber1@ualberta.ca>
Found-by: Coverity CID 198905
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/vboot_reference/+/1752766
Reviewed-by: Joel Kitching <kitching@chromium.org>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
It is possible for load_firmware_image() to fail, in which case there
will be a null pointer dereference of image.data in find_gbb(). Prevent
this by returning early if load_firmware_image() fails.
BUG=none
TEST=make clean && make runtests
BRANCH=none
Change-Id: If60fdff2f3a39f07ef0b1e87f0800ac4fb8d5895
Signed-off-by: Jacob Garber <jgarber1@ualberta.ca>
Found-by: Coverity CID 198902
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/vboot_reference/+/1752522
Reviewed-by: Hung-Te Lin <hungte@chromium.org>
|