| Commit message (Collapse) | Author | Age | Files | Lines |
|---|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
This change adds a command to cgpt to
change the GUID of the drive.
BRANCH=none
BUG=None
TEST=Compiled and ran utility to verify that GUID changes.
Also verified that the new and existing tests completed
successfully.
Change-Id: Ia8a815447509626312e2b06c6f293901290c73c3
Signed-off-by: Matt Delco <delco@google.com>
Reviewed-on: https://chromium-review.googlesource.com/1171834
Reviewed-by: Julius Werner <jwerner@chromium.org>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Add "arm64" support to Makefile to use crossystem_arch.c
implementation from host/arm/lib directory, in order to avoid
the code duplication.
BUG=None
TEST='emerge-arm64-generic vboot_reference' works correctly
BRANCH=None
Change-Id: I349f8b2055c9be6ebaeb6f322e3b22260465dd5a
Reviewed-on: https://chromium-review.googlesource.com/1082195
Commit-Ready: Adam Kallai <kadam@inf.u-szeged.hu>
Tested-by: Adam Kallai <kadam@inf.u-szeged.hu>
Reviewed-by: Randall Spangler <rspangler@chromium.org>
Reviewed-by: Mike Frysinger <vapier@chromium.org>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Now that initramfs, firmware updater, and auto-updater are all using
dynamically linked programs, there's no need to produce a static
build of crossystem anymore.
BUG=chromium:765499
TEST=precq passes (includes vmtests w/AU)
BRANCH=None
Change-Id: I5aa123e662040ff5d9f2328c0f036b648fc629fb
Reviewed-on: https://chromium-review.googlesource.com/667881
Commit-Ready: Mike Frysinger <vapier@chromium.org>
Tested-by: Mike Frysinger <vapier@chromium.org>
Reviewed-by: Hung-Te Lin <hungte@chromium.org>
Reviewed-by: Don Garrett <dgarrett@chromium.org>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Some of the tools and utilities in vboot_reference do not build
with sanitizers enabled. To avoid this, do not build them
when NO_BUILD_TOOLS is defined.
CQ-DEPEND=CL:1060156
BUG=chromium:841588
TEST=USE="fuzzer" emerge-amd64-generic vboot_reference does not build host tools
TEST=emerge-falco vboot_reference builds all tools.
Change-Id: If238c98d4058db20765731237153bc6969a06375
Reviewed-on: https://chromium-review.googlesource.com/1060154
Commit-Ready: Manoj Gupta <manojgupta@chromium.org>
Tested-by: Manoj Gupta <manojgupta@chromium.org>
Reviewed-by: Randall Spangler <rspangler@chromium.org>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Add the ability to take TPM ownership. This requires two new commands:
TPM_OIAP to start an auth session and TPM_TakeOwnership to establish
ownership. TPM_TakeOwnership requires an auth session and proper
command authentication to work, which is also added.
BRANCH=None
BUG=chromium:788719
TEST=new unit tests
Change-Id: Ib70144eedb0b1c7c43b26c06529d33ccbaa51a0e
Reviewed-on: https://chromium-review.googlesource.com/790414
Reviewed-by: Andrey Pronin <apronin@chromium.org>
Tested-by: Mattias Nissler <mnissler@chromium.org>
Trybot-Ready: ChromeOS CL Exonerator Bot <chromiumos-cl-exonerator@appspot.gserviceaccount.com>
Trybot-Ready: Mattias Nissler <mnissler@chromium.org>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Add a TlclReadPubek library function to read the public endorsement
key.
BRANCH=None
BUG=chromium:788719
TEST=New unit tests.
Change-Id: I5f23b76b88198d656f4ba5782d2b4f25aaa082b1
Reviewed-on: https://chromium-review.googlesource.com/790413
Reviewed-by: Andrey Pronin <apronin@chromium.org>
Tested-by: Mattias Nissler <mnissler@chromium.org>
Trybot-Ready: ChromeOS CL Exonerator Bot <chromiumos-cl-exonerator@appspot.gserviceaccount.com>
Trybot-Ready: Mattias Nissler <mnissler@chromium.org>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
firmware/lib/tpm_lite.c turned off CHROMEOS_ENVIRONMENT if FOR_TEST is
enabled, resulting in a situation where code specific to
CHROMEOS_ENVIRONMENT couldn't be tested. Fortunately, AFAICS
tlcl_tests does not use FOR_TEST for anything useful any longer, so
just drop it.
BRANCH=None
BUG=None
TEST=FEATURES=test emerge-$BOARD -v1 vboot_reference
Change-Id: I7f08ef6d2343bc60a6d2982c3cc7bae0507d94d5
Reviewed-on: https://chromium-review.googlesource.com/937703
Commit-Ready: Mattias Nissler <mnissler@chromium.org>
Tested-by: Mattias Nissler <mnissler@chromium.org>
Reviewed-by: Randall Spangler <rspangler@chromium.org>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
- move helper functions that detect which keys should be used depending
on the build flavor to a separate lib
- add unit tests for that lib
BUG=b:72947583
TEST=unit tests
TEST=run against caroline image, scripts detects 'cheets' build flavor
TEST=run against novato-arc64 image (SDK), script detects 'cheets' build
flavor
TEST=run against newbie image (AOSP), script detects 'aosp' build flavor
TEST=run against invalid build property 'paosp_cheets_...', script
aborts as expected
BRANCH=None
Change-Id: I5595c10a5a063e7658d0cf17c77dbeead429cd97
Reviewed-on: https://chromium-review.googlesource.com/923097
Commit-Ready: Nicolas Norvez <norvez@chromium.org>
Tested-by: Nicolas Norvez <norvez@chromium.org>
Reviewed-by: Mike Frysinger <vapier@chromium.org>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
This reverts commit f59d2e41977032f8f3eac113358b93574fc27b4f.
The change breaks 'make runtests'. More specifically, 'make runfutiltests'.
Also, fix the duplicate FWLIB20 in LDLIBS when linking futility.
BUG=None
BRANCH=None
TEST=make runtests (more specifically, make runfutiltests)
Change-Id: Ia079924a814d98e1a3937b8de6ade7b001ff70ef
Signed-off-by: Randall Spangler <rspangler@chromium.org>
Reviewed-on: https://chromium-review.googlesource.com/832848
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
| |
This adds the pthread library to the linker flags for the static
futility build, which allows it to build with recent GCC versions.
BUG=None
BRACH=None
TEST=Build futility and futility_s with a recent GCC version
Change-Id: I16d9b94b76d6e9586278cfdc0b99ae749160138a
Signed-off-by: Paul Kocialkowski <contact@paulk.fr>
Reviewed-on: https://chromium-review.googlesource.com/805374
Reviewed-by: Martin Roth <martinroth@chromium.org>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
The region API was a way for firmware and kernel verification to get
at various blocks of caller-provided data. In practice, we only used
it internally as a way to get at parts of the GBB. Prune it down to
access only the bits of GBB we still need, from the buffer we already
know we have.
In the long run we should use the same vb2ex_read_resource() API that
vb2 firmware verification does, but that should be done in a follow-up
CL since it'll need to be coordinated with support in depthcharge.
No change in functionality.
BUG=chromium:611535
BRANCH=none
TEST=make -j runtests; build bob firmware and boot it
Change-Id: I5715cb8d88274164a1a73ed4a56bbd93af46f9bf
Signed-off-by: Randall Spangler <rspangler@chromium.org>
Reviewed-on: https://chromium-review.googlesource.com/852798
Commit-Ready: ChromeOS CL Exonerator Bot <chromiumos-cl-exonerator@appspot.gserviceaccount.com>
Reviewed-by: Stefan Reinauer <reinauer@chromium.org>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Vboot firmware previously supported a rather complex audio looping
library. Our original intent was to allow developers to flash a
custom beep sequence / tune as an easter egg. We never fully
supported that, but the code to allow it lived on. Get rid of that.
Vboot also previously made no assumptions about the frequency of
VbExGetTimer(), which was only used by the vboot_audio library. So it
spent 10ms every boot measuring the frequency. Which is silly now,
because depthcharge implements that as a microsecond timer. Get rid
of that measurement and define the timer as a microsecond timer.
BUG=chromium:611535
BRANCH=none
TEST=make -j runtests; build bob firmware and boot it
Change-Id: I350246874fb36b00149423696285cfcaca0fc526
Signed-off-by: Randall Spangler <rspangler@chromium.org>
Reviewed-on: https://chromium-review.googlesource.com/847311
Reviewed-by: Shelley Chen <shchen@chromium.org>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
introduce get_gbb_flags.sh command to make automatic annotation
of power measurements easier.
Also, fix issue where declaring local variables on same line
as executing a command would obfuscate error code, thus not
triggering set -c and continuing execution.
https://github.com/koalaman/shellcheck/wiki/SC2155
Usage:
$ /usr/share/vboot/bin/get_gbb_flags.sh
[...]
ChromeOS GBB set flags: 0x00000329.
$ /usr/share/vboot/bin/get_gbb_flags.sh -e
[...]
ChromeOS GBB set flags: 0x00000329.
ChromeOS GBB set flags listed:
GBB_FLAG_DEV_SCREEN_SHORT_DELAY
GBB_FLAG_FORCE_DEV_SWITCH_ON
GBB_FLAG_DISABLE_FW_ROLLBACK_CHECK
GBB_FLAG_FAFT_KEY_OVERIDE
GBB_FLAG_DISABLE_EC_SOFTWARE_SYNC
BUG=chromium:760267
BRANCH=none
TEST=manual
emerge-soraka vboot_reference
cros deploy <IP> vboot_reference
(on DUT)
/usr/share/vboot/bin/get_gbb_flags.sh -e
<same output as above>
Change-Id: Idb3b993706c03e7f2831eed2cef12a04b9469fea
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Initial unit tests for detachable menu UI. With these tests, the
coverage is at 81.2% for lines for code and 87.5% for function
coverage. I will improve this to closer to 100%, but wanted to get
this in as it's still significantly better than before, which was 0%.
There are still a lot of tests in the code that are #if 0'd out
currently. I still need to go through an enabled/delete those.
BUG=b:65025540
BRANCH=None
TEST=run COV=1 make and make sure passes without errors
Change-Id: If17bfc24fb7f65deb3d2286cc39cdc311d8a6d93
Signed-off-by: Shelley Chen <shchen@chromium.org>
Reviewed-on: https://chromium-review.googlesource.com/830680
Reviewed-by: Randall Spangler <rspangler@chromium.org>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
This removes utillib from the futility build and adds only the required
files from utillib to its build. Utillib includes arch-specific
components (required for crossystem) that only have a limited number of
supported architectures, which is undesirable for futility.
The number of archs that futility can run on is no longer restricted.
BUG=None
BRACH=None
TEST=Build futility and futility_s
Change-Id: Ia9ad2a72b374b5cc3d6004d36c0b7090dbcc97a2
Signed-off-by: Paul Kocialkowski <contact@paulk.fr>
Reviewed-on: https://chromium-review.googlesource.com/666625
Reviewed-by: Julius Werner <jwerner@chromium.org>
Reviewed-by: Patrick Georgi <pgeorgi@chromium.org>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
| |
This handles the aarch64 machine returned by uname as arm to allow
crossystem to build.
BUG=None
BRACH=None
TEST=Build futility and futility_s on ARMv8
Change-Id: I1d847568a36f47d084e7572b28e2603b9b6ec673
Signed-off-by: Paul Kocialkowski <contact@paulk.fr>
Reviewed-on: https://chromium-review.googlesource.com/785911
Reviewed-by: Julius Werner <jwerner@chromium.org>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Remove the old vboot1 vboot_nvstorage library (VbNv*() functions) and
use the vboot2 library (vb2_nv_*()) instead. This is needed in
preparation for moving to 64-byte records; no sense in implementing
that change twice...
Should be (better be) no change in system behavior.
BUG=chromium:789276
BRANCH=none
TEST=make runtests
compare output of crossystem before/after change (should be identical)
Change-Id: I10f9975b0824263064b9a74a3c6daadcecc085d3
Signed-off-by: Randall Spangler <rspangler@chromium.org>
Reviewed-on: https://chromium-review.googlesource.com/794732
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
| |
The firmware updater relies on these, so include them.
BUG=chromium:772862
TEST=build works and futility_s includes new commands
BRANCH=None
Change-Id: I973e339d11df4d5b72f70d3a9e28916cca4ebbf6
Reviewed-on: https://chromium-review.googlesource.com/708236
Commit-Ready: Mike Frysinger <vapier@chromium.org>
Tested-by: Mike Frysinger <vapier@chromium.org>
Reviewed-by: Furquan Shaikh <furquan@chromium.org>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
The auto update process (especially firmware updater) needs static vboot
utilitys but normal OS images, including recovery images, don't need
that. We should build both dynamic and static binaries at the same time
for images to choose what they need.
Currently only `crossystem` will build static version. And after this
change is merged:
(cd /build/reef/usr/bin; file crossystem*)
crossystem: ELF 64-bit LSB shared object
crossystem_s: ELF 64-bit LSB executable
(cd /build/reef/usr/bin; du -sh crossystem*)
40K crossystem
808K crossystem_s
BUG=chromium:764753,chromium:765499
TEST=emerge-reef vboot_reference
BRANCH=None
Change-Id: Ibd66c87bb44c5593767aeb710240e0165103f016
Reviewed-on: https://chromium-review.googlesource.com/668274
Commit-Ready: Hung-Te Lin <hungte@chromium.org>
Tested-by: Hung-Te Lin <hungte@chromium.org>
Reviewed-by: Mike Frysinger <vapier@chromium.org>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
This adds detection for the i686 arch and replaces it with x86, allowing
it to build.
BRANCH=none
BUG=none
TEST=Build host_stuff on an i686 machine
Change-Id: Idab7c762a7fbb97ec5318b9aa860756b4dd0bc25
Signed-off-by: Paul Kocialkowski <contact@paulk.fr>
Reviewed-on: https://chromium-review.googlesource.com/645086
Commit-Ready: Patrick Georgi <pgeorgi@chromium.org>
Tested-by: Patrick Georgi <pgeorgi@chromium.org>
Reviewed-by: Aaron Durbin <adurbin@chromium.org>
Reviewed-by: Patrick Georgi <pgeorgi@chromium.org>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
This calls gen_test_cases.sh in the proper environment.
Also, prevent gen_test_cases.sh from overriding test_file, to
provide stable signature (and avoid large git diff for no reason).
BRANCH=none
BUG=chromium:684354
TEST=make gentestcases -j8; git diff => no changes
Change-Id: I556285fd1a07a4d84f4ebd3fd7881ae06743716e
Reviewed-on: https://chromium-review.googlesource.com/439064
Commit-Ready: Nicolas Boichat <drinkcat@chromium.org>
Tested-by: Nicolas Boichat <drinkcat@chromium.org>
Reviewed-by: Randall Spangler <rspangler@chromium.org>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Adding in basic menu support (using arrow keys)
for detachables, which do not have keyboards. Thus,
we can only do menu scrolling rather than the old
ctrl+D/U/L way. This is specifically for the developer
warning menu.
BUG=chrome-os-partner:61275
BRANCH=None
TEST=reboot system and try scrolling through menu
Change-Id: I39f56f5ca2fedd47df53ab246ec357d07c9c4af0
Signed-off-by: Shelley Chen <shchen@chromium.org>
Reviewed-on: https://chromium-review.googlesource.com/424353
Reviewed-by: Randall Spangler <rspangler@chromium.org>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
If FOR_TEST is defined, 2common.h defines VB2_DEBUG() to be printf();
it should include stdio.h as well.
The HOSTLIB extern linktest links against the vboot1 stub functions,
but not the vboot2 stub functions, so it couldn't find vb2ex_printf().
BUG=chromium:682058
BRANCH=none
TEST=DEBUG=1 make runtests; DEBUG=1 emerge-reef vboot_reference depthcharge
Change-Id: Ibf981a70ca4087ce3d86b02d76e03063b2cfc9e5
Signed-off-by: Randall Spangler <rspangler@chromium.org>
Reviewed-on: https://chromium-review.googlesource.com/429310
Commit-Ready: Shelley Chen <shchen@chromium.org>
Reviewed-by: Shelley Chen <shchen@chromium.org>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
This moves the UI loops out of vboot_api_kernel.c into vboot_ui.c, so
that it'll be easier to support different UIs for different form factors.
BUG=chromium:611535
BRANCH=none
TEST=make runtests; build_packages --board=reef chromeos-firmware; boot reef
Change-Id: I451b15f65aceb427ffdd94b19f44e91ebc10a860
Signed-off-by: Randall Spangler <rspangler@chromium.org>
Reviewed-on: https://chromium-review.googlesource.com/414289
Reviewed-by: Patrick Georgi <pgeorgi@chromium.org>
Reviewed-by: Shelley Chen <shchen@chromium.org>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Previously, the EC software sync process called VbDisplayScreen() from
several function calls deep. Refactor software sync so that the UI
decisions are at a higher level (in ec_sync_all.c) and isolated from
the low-level EC software sync functionality (in ec_sync.c).
This is one in a series of changes which are more clearly separating
out the UI, to make it easier to support multiple UI across a range of
devices.
BUG=chromium:611535
BRANCH=none
TEST=make runtests; build_packages --board=reef chromeos-firmware; boot reef
Change-Id: I40597abeb5b0cc8f5d8fc2098e4acbed4bf59bf6
Signed-off-by: Randall Spangler <rspangler@chromium.org>
Reviewed-on: https://chromium-review.googlesource.com/411921
Reviewed-by: Shelley Chen <shchen@chromium.org>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
This was previously done inside vboot_api_kernel. But it has nothing to
do with kernel verification; that's just the only place where we could
easily put it given that vboot (currently) owns the firmware UI.
No outwardly-visible functionality changes.
BUG=chromium:611535
BRANCH=none
TEST=make runtests; emerge-kevin coreboot depthcharge
Change-Id: I8a434eb4449a5a86b129ecac61ad81d0ad55549c
Signed-off-by: Randall Spangler <rspangler@chromium.org>
Reviewed-on: https://chromium-review.googlesource.com/404920
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
This functionality allows factory to ensure that the recovery MRC cache
trained during finalization has the right signature and the checksum on
the data can be verified.
BUG=chrome-os-partner:59661
BRANCH=None
TEST=Verified checksum on recovery mrc cache.
Change-Id: Ic5bd9910b4542037ad86f6fb7a7d83b97be5c792
Signed-off-by: Furquan Shaikh <furquan@chromium.org>
Reviewed-on: https://chromium-review.googlesource.com/409680
Reviewed-by: Aaron Durbin <adurbin@chromium.org>
Reviewed-by: Randall Spangler <rspangler@chromium.org>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Originally, vboot1 code used VbExMalloc() and VbExFree() since it needed
to talk to EFI firmware that didn't have standard malloc() and free().
Now, coreboot and depthcharge implement them as wrappers around those
standard calls. vboot2 code already calls them directly, so let vboot1
code do that too.
BUG=chromium:611535
BRANCH=none
TEST=make runtests; emerge-kevin coreboot depthcharge
Change-Id: I49ad0e32e38d278dc3589bfaf494bcf0e4b0a4bd
Signed-off-by: Randall Spangler <rspangler@chromium.org>
Reviewed-on: https://chromium-review.googlesource.com/400905
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
| |
Now that the vboot1 cryptolib code is gone, nothing uses stateful_util.
Remove it and its unit tests.
BUG=chromium:611535
BRANCH=none
TEST=make runtests; emerge-kevin coreboot depthcharge
Change-Id: I75b6014be00c5266545db10e87c1d9485fd1444b
Signed-off-by: Randall Spangler <rspangler@chromium.org>
Reviewed-on: https://chromium-review.googlesource.com/400904
Reviewed-by: Daisuke Nojiri <dnojiri@chromium.org>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
The old vboot1 cryptolib hard-coded many of its padding arrays in a
padding.c file. Use the equivalent vboot2 apis instead.
This change is almost exclusively on the host and test side; the only
firmware impact is on a single line of debug output.
BUG=chromium:611535
BRANCH=none
TEST=make runtests; emerge-kevin coreboot depthcharge
Change-Id: If689ffd92f0255847bea2424950da4547b2c0df3
Signed-off-by: Randall Spangler <rspangler@chromium.org>
Reviewed-on: https://chromium-review.googlesource.com/400902
Reviewed-by: Daisuke Nojiri <dnojiri@chromium.org>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Another in a continued stream of refactoring. This change removes more
of the vb1 rsa library code and associated tests, in favor of their vb2
equivalents. This change touches only host-side code and its tests, not
firmware.
BUG=chromium:611535
BRANCH=none
TEST=make runtests; emerge-kevin coreboot depthcharge
Change-Id: I1973bc2f03c60da62232e30bab0fa5fe791b6b34
Signed-off-by: Randall Spangler <rspangler@chromium.org>
Reviewed-on: https://chromium-review.googlesource.com/400901
|
| |
|
|
|
|
|
|
|
|
|
|
|
| |
This removes old vboot1 functions in favor of the new vboot2 functions.
BUG=chromium:611535
BRANCH=none
TEST=make runtests; emerge-kevin coreboot depthcharge
Change-Id: Idc64f7714bbd9d4fa82d14b6b5d73d71c61de854
Signed-off-by: Randall Spangler <rspangler@chromium.org>
Reviewed-on: https://chromium-review.googlesource.com/400900
Reviewed-by: Daisuke Nojiri <dnojiri@chromium.org>
|
| |
|
|
|
|
|
|
|
|
|
|
|
| |
No need to have two implementations of this now.
BUG=chromium:611535
BRANCH=none
TEST=make runtests; emerge-kevin coreboot depthcharge
Change-Id: I18bac928eb09971c37f3e1d7cbfd2009999b1f31
Signed-off-by: Randall Spangler <rspangler@chromium.org>
Reviewed-on: https://chromium-review.googlesource.com/400899
Reviewed-by: Daisuke Nojiri <dnojiri@chromium.org>
|
| |
|
|
|
|
|
|
|
|
|
|
|
| |
No need to have two implementations of this now.
BUG=chromium:611535
BRANCH=none
TEST=make runtests; emerge-kevin coreboot depthcharge
Change-Id: Id3348eae80c5d85451981a44729164ff59f88648
Signed-off-by: Randall Spangler <rspangler@chromium.org>
Reviewed-on: https://chromium-review.googlesource.com/399121
Reviewed-by: Daisuke Nojiri <dnojiri@chromium.org>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
| |
Originally, we didn't trust the firmware to provide these functions from
a standard library. Now, with coreboot, we do.
BUG=chromium:611535
BRANCH=none
TEST=make runtests; emerge-kevin coreboot depthcharge
Change-Id: I4e624c40085f2b665275a38624340b2f6aabcf11
Signed-off-by: Randall Spangler <rspangler@chromium.org>
Reviewed-on: https://chromium-review.googlesource.com/399120
Reviewed-by: Daisuke Nojiri <dnojiri@chromium.org>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
| |
This patch makes futility show command support boot block descriptor (BDB)
of the common boot flow.
BUG=chromium:649554
BRANCH=none
TEST=make runtests. Ran futility show bdb.bin.
Change-Id: I5f199a32ab1c268351e822e37ed39e41ae19bc7a
Signed-off-by: Daisuke Nojiri <dnojiri@chromium.org>
Reviewed-on: https://chromium-review.googlesource.com/388631
Reviewed-by: Randall Spangler <rspangler@chromium.org>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
'resign' sub-command signs a BDB using keys provided. It can resign only
the data key, the hashes, or both. Required keys vary depending on what
part of BDB is invalid and on what public key is specified in the command
line. It then detects what key is needed based on
the verification result and fails if the required key is not provided.
BUG=chromium:649554
BRANCH=none
TEST=make runtests. Ran futility bdb --create, --add, --resign, --verify
Change-Id: I589a5972f1d7e5066eb56e1c5efb4ee7089d41cd
Signed-off-by: Daisuke Nojiri <dnojiri@chromium.org>
Reviewed-on: https://chromium-review.googlesource.com/387118
Reviewed-by: Randall Spangler <rspangler@chromium.org>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
futility bdb --add appends a new hash entry to the given BDB.
The resulting BDB does not have a valid signature and is expected to
be resigned by 'resign' sub-command after all hashes are added.
BUG=chromium:649554
BRANCH=none
TEST=make runtest. Ran futility bdb --add, then --resign, then --verify
(to be implemented)
Change-Id: Icdf185f8ac268a23bb3954f5e78df6f80e749e18
Signed-off-by: Daisuke Nojiri <dnojiri@chromium.org>
Reviewed-on: https://chromium-review.googlesource.com/387117
Reviewed-by: Randall Spangler <rspangler@chromium.org>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
bdb command manipulates BDBs. '--create' sub-command creates a BDB.
Other sub-commands will follow in the successive patches.
BUG=chromium:649554
BRANCH=none
TEST=make runtests. Ran futility bdb --create using test keys and verify
it with bdb --verify (to be implemented).
Change-Id: Ib0a6165ac93efc7478b9d999d3c837d47cf81ddd
Reviewed-on: https://chromium-review.googlesource.com/386794
Commit-Ready: Daisuke Nojiri <dnojiri@chromium.org>
Tested-by: Daisuke Nojiri <dnojiri@chromium.org>
Reviewed-by: Randall Spangler <rspangler@chromium.org>
|
| |
|
|
|
|
|
|
|
|
|
|
|
| |
bdb_extend prints out secrets derived from the given BDS based on
the given BDB.
BUG=chromium:649555
BRANCH=none
TEST=make runtests. Ran bdb_extend -s bds.bin -b bdb.bin (with/without -m)
Change-Id: I8d9f73468992dad4cb93a422c0eae0977be9a16f
Signed-off-by: Daisuke Nojiri <dnojiri@chromium.org>
Reviewed-on: https://chromium-review.googlesource.com/385539
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Defining these symbols weakly causes the output executable to hit
segmentation fault because ld chooses *UND* symbols over the definition
when they appear in *.a archive:
$ objdump -t build/libvboot_utilbdb.a
bdb.o:
0000000000000000 w *UND* 0000000000000000 bdb_rsa4096_verify
...
rsa.o
000000000000061f w F .text 0000000000000111 bdb_rsa4096_verify
...
This happens regardless whether the symbol is referenced or not;
or whether the object defining the symbol appears earlier than the
reference or not.
BUG=none
BRANCH=none
TEST=make runtests
Change-Id: Ib53a9010f2afdc2ba59369fb145aef4381db30d3
Signed-off-by: Daisuke Nojiri <dnojiri@chromium.org>
Reviewed-on: https://chromium-review.googlesource.com/387905
Reviewed-by: Randall Spangler <rspangler@chromium.org>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
An earlier commit had added this:
ifeq (${TPM2_MODE},)
# TODO(apronin): tests for TPM2 case?
TEST_NAMES += \
tests/tlcl_tests \
tests/rollback_index2_tests
endif
but left this:
.PHONY: runmisctests
runmisctests: test_setup
${RUNTEST} ${BUILD_RUN}/tests/rollback_index2_tests
[...]
${RUNTEST} ${BUILD_RUN}/tests/tlcl_tests
So if TPM2_MODE is not null, those two test targets won't be
built. This CL puts those two into the same guard, so that
they won't be attempted if they're not built.
BUG=chrome-os-partner:57727
BRANCH=all
TEST=manual
Before, this fails:
FEATURES=test emerge-reef vboot_reference
Now, it passes.
Change-Id: Ic00f9f867d3d9c719d797907f00fda8bc5044504
Signed-off-by: Bill Richardson <wfrichar@chromium.org>
Reviewed-on: https://chromium-review.googlesource.com/388711
Reviewed-by: Aseda Aboagye <aaboagye@chromium.org>
Reviewed-by: Randall Spangler <rspangler@chromium.org>
Reviewed-by: Andrey Pronin <apronin@chromium.org>
Reviewed-by: Vadim Bendebury <vbendeb@chromium.org>
|
| |
|
|
|
|
|
|
|
|
|
|
|
| |
Continued refactoring of host library to kernel style / vboot2 structs.
BUG=chromium:611535
BRANCH=none
TEST=make runtests
Change-Id: Ifed376812ed7690eea1ec0dfab958e836f7724a0
Signed-off-by: Randall Spangler <rspangler@chromium.org>
Reviewed-on: https://chromium-review.googlesource.com/363951
Reviewed-by: Daisuke Nojiri <dnojiri@chromium.org>
|
| |
|
|
|
|
|
|
|
|
|
|
|
| |
Refactor futility to use only vboot 2.0 APIs to create signatures.
BUG=chromium:611535
BRANCH=none
TEST=make runtests
Change-Id: I176e7f424fa556d34d8fe691df5681f1e43210ce
Signed-off-by: Randall Spangler <rspangler@chromium.org>
Reviewed-on: https://chromium-review.googlesource.com/356128
Reviewed-by: Daisuke Nojiri <dnojiri@chromium.org>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Some of the vboot 2.0 and 2.1 functions call common code that currently
lives inside the vb2.1 host library. To be able to use vboot 2.0 code
in futility, we always need to include the 2.1 sources.
BUG=chromium:611535
BRANCH=none
TEST=make runtests
Change-Id: Ib01622fa462d0bceda1e6041b5e3395ee7c2f94f
Signed-off-by: Randall Spangler <rspangler@chromium.org>
Reviewed-on: https://chromium-review.googlesource.com/356127
Reviewed-by: Daisuke Nojiri <dnojiri@chromium.org>
|
| |
|
|
|
|
|
|
|
|
|
|
|
| |
This removes the remaining vboot 1.0 API calls from cmd_show.
BUG=chromium:611535
BRANCH=none
TEST=make runtests
Change-Id: I03c4260aa034100efbbea1005367cd85dfff273d
Signed-off-by: Randall Spangler <rspangler@chromium.org>
Reviewed-on: https://chromium-review.googlesource.com/350173
Reviewed-by: Daisuke Nojiri <dnojiri@chromium.org>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
This replaces all calls to vboot1 VerifyFirmwarePreamble() with
equivalent vb2.0 functions. No effect on ToT firmware, which already
uses the vboot2.0 functions.
BUG=chromium:611535
BRANCH=none
TEST=make runtests
Change-Id: I5c84e9ed0e0c75e2ea8dbd9bfcde0597bc457f24
Signed-off-by: Randall Spangler <rspangler@chromium.org>
Reviewed-on: https://chromium-review.googlesource.com/349322
Reviewed-by: Daisuke Nojiri <dnojiri@chromium.org>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
And nuke all the underlying code that is unused once those APIs are
gone. These APIs are not used by any project in ToT, having been
superseded last year by the vboot2 APIs.
No functional changes to live code, just lots of deletes.
CQ-DEPEND=CL:347414
BUG=chromium:611535
BRANCH=none
TEST=make runtests; build samus
Change-Id: I05ac752d74d1343dd03600b1c5e6ed22822e2802
Signed-off-by: Randall Spangler <rspangler@chromium.org>
Reviewed-on: https://chromium-review.googlesource.com/347257
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
I see warnings like this when building with USE=minimal (the default):
Package yaml-0.1 was not found in the pkg-config search path.
Perhaps you should add the directory containing `yaml-0.1.pc'
to the PKG_CONFIG_PATH environment variable
No package 'yaml-0.1' found
That's because we don't have a yaml dependency for the USE=minimal
build, yet we still unconditionally call `pkg-config --libs yaml-0.1`.
Let's move the pkg-config calls into 'ifeq' block where they're actually
used.
BRANCH=none
BUG=none
TEST=`emerge-${BOARD} vboot_reference` both with and without USE=minimal
Change-Id: I96a59848ee970abacbe4cc3c56bb35c7cf552f63
Signed-off-by: Brian Norris <briannorris@chromium.org>
Reviewed-on: https://chromium-review.googlesource.com/362620
Reviewed-by: Randall Spangler <rspangler@chromium.org>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
This change replaces all calls to the old vboot1 SHA library with their
vboot2 equivalents.
This is the first in a long series of changes to move the core vboot kernel
verification into vb2, and the control/display loop out to depthcharge.
BUG=chromium:611535
BRANCH=none
TEST=make runtests; build samus firmware and boot it
Change-Id: I31986eb766176c0e39a192c5ce15730471c3cf94
Signed-off-by: Randall Spangler <rspangler@chromium.org>
Reviewed-on: https://chromium-review.googlesource.com/344342
Tested-by: Daisuke Nojiri <dnojiri@chromium.org>
Reviewed-by: Daisuke Nojiri <dnojiri@chromium.org>
|
