| Commit message (Collapse) | Author | Age | Files | Lines |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Ryu will store a hash of the GBB root key in a struct inside its boot
block. Add a vb2_ryu_root_key_hash struct for that.
If 'futility gbb_utility' is used to set the root key, also look for a
root key hash struct and fill it in. No error if not found, because
this needs to work on other platforms where the struct is not present.
This way, we don't need to change the signing scripts.
Added a --roothash option which can be used to check if the root key
hash is found, and if so, whether it's empty, valid, or invalid.
BUG=chromium:511405
BRANCH=ryu
TEST=manual
Take any existing image.bin.
cp image.bin image.orig
gbb_utility --roothash image.bin
- ryu root hash not found
Extract the root key
gbb_utility -k rootkey.bin image.bin
- exported root_key to file: rootkey.bin
Now, append a blank ryu root hash struct to it
echo '0000000: 5274 4b79 4861 7368 0100 0000 3000 0000' | xxd -r >> image.bin
echo '0000000: 0000 0000 0000 0000 0000 0000 0000 0000' | xxd -r >> image.bin
echo '0000000: 0000 0000 0000 0000 0000 0000 0000 0000' | xxd -r >> image.bin
Nothing is set yet
gbb_utility --roothash image.bin
- ryu root hash is unset
Setting the root key also sets the root hash
gbb_utility -s -k rootkey.bin image.bin
- import root_key from rootkey.bin: success
- calculate ryu root hash: success
successfully saved new image to: image.bin
See, it verifies
gbb_utility --roothash image.bin
- ryu root hash verified
Now, append a bad ryu root hash struct to it
cp image.orig image.bin
echo '0000000: 5274 4b79 4861 7368 0100 0000 3000 0000' | xxd -r >> image.bin
echo '0000000: 0001 0000 0000 0000 0000 0000 0000 0000' | xxd -r >> image.bin
echo '0000000: 0000 0000 0000 0000 0000 0000 0000 0000' | xxd -r >> image.bin
See, it fails
gbb_utility --roothash image.bin
- ryu root hash does not verify
Make sure the library doesn't contain the magic string
strings `which futility` | grep RtKyHash
(should be no output)
Change-Id: Ib46f93cac0f2b532bada4b187ae48efcf4926702
Signed-off-by: Randall Spangler <rspangler@chromium.org>
Reviewed-on: https://chromium-review.googlesource.com/286237
Reviewed-by: Furquan Shaikh <furquan@chromium.org>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
This allows the caller to load the kernel partition and then pass it
to vboot for verification, rather than having vboot assume the kernel
partitions are all on a block storage device.
Next up, APIs for the caller to parse partition information from a GPT
(yes, that's cgptlib, but we'll make it more easily callable by
depthcharge).
BUG=chromium:487699
BRANCH=none
TEST=make -j runtests
Change-Id: I388085c7023f4c76d416f37df0607019bea844ac
Signed-off-by: Randall Spangler <rspangler@chromium.org>
Reviewed-on: https://chromium-review.googlesource.com/275646
Reviewed-by: Daisuke Nojiri <dnojiri@chromium.org>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
This can be used by implementations that want to request vboot to
favor a particular kernel entry for booting without affecting the
checks for rollback protection and image verification.
CQ-DEPEND=CL:274716, CL:274932, CL:275171
BUG=None
BRANCH=None
TEST=Compiles successfully. make -j runtests successful.
Change-Id: I6a4600020354f5d4118c17f083c353c2585c4181
Signed-off-by: Furquan Shaikh <furquan@google.com>
Reviewed-on: https://chromium-review.googlesource.com/274558
Reviewed-by: Furquan Shaikh <furquan@chromium.org>
Reviewed-by: Stefan Reinauer <reinauer@chromium.org>
Tested-by: Nicolas Boichat <drinkcat@chromium.org>
Commit-Queue: Nicolas Boichat <drinkcat@chromium.org>
Trybot-Ready: Nicolas Boichat <drinkcat@chromium.org>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Add support for functions to request unlock and lock of devices in
response to fastboot oem unlock/lock commands. Unlock operation is
equivalent to enabling dev mode and lock operation is equivalent to
leaving dev mode. It is the responsibility of the caller to ensure
that user confirmation is obtained before unlock/lock operations.
BUG=chrome-os-partner:40196
BRANCH=None
TEST=Compiles successfully and fastboot lock/unlock operations work as
expected on smaug. Added tests to ensure lock/unlock operations are
covered. Verified using make -j runtests.
Change-Id: Ibafe75abdd1202473009208a414f3996d537db4f
Signed-off-by: Furquan Shaikh <furquan@google.com>
Reviewed-on: https://chromium-review.googlesource.com/273182
Reviewed-by: Furquan Shaikh <furquan@chromium.org>
Tested-by: Furquan Shaikh <furquan@chromium.org>
Reviewed-by: Randall Spangler <rspangler@chromium.org>
Commit-Queue: Furquan Shaikh <furquan@chromium.org>
Trybot-Ready: Furquan Shaikh <furquan@chromium.org>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
This API allows fastboot boot from memory command to verify that the
image loaded in memory is signed properly using recovery keys. Thus,
only officially signed recovery images can be booted using fastboot
boot command in recovery mode.
However, if GBB_FLAG_FORCE_DEV_BOOT_FASTBOOT_FULL_CAP is set, then
this routine will not perform any check and return okay for any image
sent by fastboot boot.
BUG=chrome-os-partner:40196
BRANCH=None
TEST=Compiles successfully. With GBB override for FASTBOOT_FULL_CAP
set any signed image is allowed to boot. With FASTBOOT_FULL_CAP not
set, then only officially signed image is allowed to boot. (make -j
runtests successful)
Change-Id: I78028853bd1ad09d3c610a687f327560557d5681
Signed-off-by: Furquan Shaikh <furquan@google.com>
Reviewed-on: https://chromium-review.googlesource.com/272696
Reviewed-by: Randall Spangler <rspangler@chromium.org>
Commit-Queue: Furquan Shaikh <furquan@chromium.org>
Trybot-Ready: Furquan Shaikh <furquan@chromium.org>
Tested-by: Furquan Shaikh <furquan@chromium.org>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
These are slightly more complex than the firmware versions, because
they need to deal with developer-signed keyblocks and keyblock flags.
BUG=chromium:487699
BRANCH=none
TEST=make -j runtests
Change-Id: I682c14ddfe729984f2629dfbe66750e5cd5ab75e
Signed-off-by: Randall Spangler <rspangler@chromium.org>
Reviewed-on: https://chromium-review.googlesource.com/272541
Reviewed-by: Daisuke Nojiri <dnojiri@chromium.org>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
This is necessary for the next change, which adds keyblock hash checking.
Also clean up some other assorted comments, and move the diagnostic
check of root key to see if it's the checked-in one earlier in
firmware preamble validation so it's closer to where the root key is
loaded.
No functional or higher-level API changes; just shuffling around code
under the covers.
BUG=chromium:487699
BRANCH=none
TEST=make -j runtests
Change-Id: Ibc3960a4d882dc2ad8684e235db4b9d066eac080
Signed-off-by: Randall Spangler <rspangler@chromium.org>
Reviewed-on: https://chromium-review.googlesource.com/272223
Reviewed-by: Bill Richardson <wfrichar@chromium.org>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
This also checks that the bootloader and vmlinuz headers, if present,
are within the signed part of the kernel blob; the vboot1 routines
didn't do that. That wasn't harmful at firmware boot time because the
vboot1 routines would only load as much data as was signed, but in
vboot2 loading the kernel data is the responsibility of the caller so
we need to check.
BUG=chromium:487699
BRANCH=none
TEST=make -j runtests
Change-Id: I73eb4831e5d3d7a642b6cb85cb55857d87fcc0af
Signed-off-by: Randall Spangler <rspangler@chromium.org>
Reviewed-on: https://chromium-review.googlesource.com/270797
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Holds kernel rollback information. Will be used by vboot 2.0 kernel
verification.
BUG=chromium:487699
BRANCH=none
TEST=make -j runtests
Change-Id: Ib4a70e943ebd79aac06404df09cf4ce62d719201
Signed-off-by: Randall Spangler <rspangler@chromium.org>
Reviewed-on: https://chromium-review.googlesource.com/270626
Reviewed-by: Bill Richardson <wfrichar@chromium.org>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
The USB Type-C chargers released with Samus ("Pixel (2015)") have
upgradable firmware. Those firmware images are currently signed
by some custom scripts. This adds support for those images to
futility, so that those custom scripts can be replaced.
Note that due to space considerations, the usbpd firmware images
don't have room for handy things like an FMAP or headers for the
signatures. Accordingly, all the normally variable factors (image
size, signature algorithms, etc.) are hard coded and the image
itself just looks like a bunch of random numbers. Because of
this:
1. There's no way to recognize this type of file, and nothing to
display about it.
2. You have to give the "--type usbpd1" arg to the sign command.
3. I'm designating this file type "v1" because I hope that the
firmware for any future adapters will be more readily
identifiable.
BUG=chromium:231574
BRANCH=none
TEST=make runtests
This adds a new test that signs usbpd1 firmware images using
futility, and compares the result to the same files signed by the
custom scripts, ensuring that they are bitwise identical.
Signed-off-by: Bill Richardson <wfrichar@chromium.org>
Change-Id: Idbe061db5b3c8e474ada47b40bcbe04bbecdba3a
Reviewed-on: https://chromium-review.googlesource.com/262899
Reviewed-by: Randall Spangler <rspangler@chromium.org>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
This moves the functions that handle BIOS file types into a
separate set of source files. BIOSes are constructed from other
components arranged in particular ways, so they shouldn't be
mixed in with the code specifically for those components.
BUG=chromium:231574
BRANCH=none
TEST=make runtests
Signed-off-by: Bill Richardson <wfrichar@chromium.org>
Change-Id: I15c3fec61498925f9b8c672092fd97e7ea2d90e9
Reviewed-on: https://chromium-review.googlesource.com/262898
Reviewed-by: Randall Spangler <rspangler@chromium.org>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
This will install the libs/headers/devkeys that people normally want.
BUG=chromium:466499
TEST=precq still passes
BRANCH=None
Change-Id: Ice035d7caddad4f05abd702d1a292b690a04d6d4
Reviewed-on: https://chromium-review.googlesource.com/259532
Trybot-Ready: Mike Frysinger <vapier@chromium.org>
Reviewed-by: Randall Spangler <rspangler@chromium.org>
Commit-Queue: Mike Frysinger <vapier@chromium.org>
Tested-by: Mike Frysinger <vapier@chromium.org>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Instead of a separate help function for each command, let's just
require each command to handle a --help option. This will make it
easier to layer the commands (for example, "sign" could have
several subcommand variants, each with its own help).
BUG=none
BRANCH=none
TEST=make runtests
I also compared the result of running "futility help CMD" before
and after this change. The help still shows up correctly.
Change-Id: I5c58176f32b41b0a2c2b8f0afb17dddd80fddc70
Signed-off-by: Bill Richardson <wfrichar@chromium.org>
Reviewed-on: https://chromium-review.googlesource.com/260495
Reviewed-by: Randall Spangler <rspangler@chromium.org>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Rather than write to temp files in the cwd, use the existing build dir
as our scratch space. This lets us build out of tree properly even if
the source repo is read only.
BUG=chromium:466499
TEST=precq still passes
TEST=out-of-tree ebuild passes
BRANCH=None
Change-Id: I5dd69dcb8289cc557143e115e409b9c0924263b3
Reviewed-on: https://chromium-review.googlesource.com/259530
Reviewed-by: Randall Spangler <rspangler@chromium.org>
Reviewed-by: Bill Richardson <wfrichar@chromium.org>
Tested-by: Mike Frysinger <vapier@chromium.org>
Commit-Queue: Mike Frysinger <vapier@chromium.org>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
This lets us control it explicitly. In CrOS, we won't turn it off, but
most distros will want to as it's too hard to keep a handle on compilers
and various settings users leverage.
BUG=chromium:466499
TEST=precq still passes
BRANCH=None
Change-Id: I11bf03acefa3fd624dd4c5688dd18e3a3c87647d
Reviewed-on: https://chromium-review.googlesource.com/259521
Reviewed-by: Randall Spangler <rspangler@chromium.org>
Tested-by: Mike Frysinger <vapier@chromium.org>
Commit-Queue: Mike Frysinger <vapier@chromium.org>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
This adds a test to be sure we can identify the types of input
files that futility can handle.
This fixes commit d7e1e4f0befdda52ad48e5a8eb5fc49dbee40247, which
was reverted in commit 1ab2c10e8cc51a66272458117e35619d87f53db0
because the Makefile dependencies were wrong.
BUG=chromium:466433
BRANCH=none
TEST=make runtests
Also try this:
\rm -rf build
make $(pwd)/build/tests/futility/test_file_types -j16
Before, that failed every time. Now it works.
Change-Id: I7702e1b99f4f593ef0121686a8616a2cb132e64a
Signed-off-by: Bill Richardson <wfrichar@chromium.org>
Reviewed-on: https://chromium-review.googlesource.com/259651
Reviewed-by: Randall Spangler <rspangler@chromium.org>
|
|
|
|
|
|
|
|
|
|
|
|
| |
This reverts commit 271c071344beaacc45201c17406bcf3b4daece88.
BUG=chromium:466433
TEST=None.
Change-Id: Ic84d069d672a76b46201a0e3700801a1e6d47438
Reviewed-on: https://chromium-review.googlesource.com/259364
Reviewed-by: David James <davidjames@chromium.org>
Tested-by: Prathmesh Prabhu <pprabhu@chromium.org>
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
This adds a test to be sure we can identify the types of input
files that futility can handle.
BUG=none
BRANCH=none
TEST=make runtests
Change-Id: Iff1dcc05530af2969a82d7c32599850bba59597a
Signed-off-by: Bill Richardson <wfrichar@chromium.org>
Reviewed-on: https://chromium-review.googlesource.com/258501
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
This enhances the futility show command to recognize and identify
our public and private key files, for both the old vboot 1.0
format and the new vboot 2.1 format.
BUG=chromium:231547
BRANCH=ToT
TEST=make runtests
vboot 1.0:
futility show tests/devkeys/*.vbp*
vboot 2.1:
futility create tests/testkeys/key_rsa2048.pem foo
futility show foo.vbp*
Change-Id: I9d7641db03e480b416790a7da6b473215444128a
Signed-off-by: Bill Richardson <wfrichar@chromium.org>
Reviewed-on: https://chromium-review.googlesource.com/246767
Reviewed-by: Randall Spangler <rspangler@chromium.org>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
This command reads a single .pem file and emits the public and
private keys generated from it. It can produce both the old-style
vboot 1.0 keys (.vbpubk and .vbprivk), or the new vboot 2.1
format keys (.vbpubk2 and .vbprik2). The default is the new
format, but you can give futility the --vb1 arg to force the old
format.
A test is included.
BUG=chromium:231547
BRANCH=ToT
TEST=make runtests
Change-Id: I4713dc5bf34151052870f88ba52ddccf9d4dab50
Signed-off-by: Bill Richardson <wfrichar@chromium.org>
Reviewed-on: https://chromium-review.googlesource.com/246766
Reviewed-by: Randall Spangler <rspangler@chromium.org>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Before, building locally left a file named "vboot_host.pc" in the
top directory.
With this change, it's put into the $BUILD directory where it
belongs.
It still gets installed into the same place, of course.
BUG=chromium:459338
BRANCH=none
TEST=make runtests, and
Run:
make test_setup MINIMAL=
make test_setup MINIMAL=1
find . -name vboot_host.pc
Before this CL:
./build/install_for_test/usr/lib/pkgconfig/vboot_host.pc
./build/install_for_test/lib/pkgconfig/vboot_host.pc
./vboot_host.pc
After this CL:
./build/install_for_test/usr/lib/pkgconfig/vboot_host.pc
./build/install_for_test/lib/pkgconfig/vboot_host.pc
./build/vboot_host.pc
Change-Id: I3a888f72a5753228eec5187178d0da22de782171
Signed-off-by: Bill Richardson <wfrichar@chromium.org>
Reviewed-on: https://chromium-review.googlesource.com/254712
Reviewed-by: Mike Frysinger <vapier@chromium.org>
Reviewed-by: Nam Nguyen <namnguyen@chromium.org>
Reviewed-by: Randall Spangler <rspangler@chromium.org>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
make runtests -j4 occasionally failed due to missing
dependencies. This helps. Of course, there may be others...
BUG=none
BRANCH=ToT
TEST=make runtests -j4
Change-Id: Iff6e96f94b125a16be76d8cf34ce473bf6c65fe5
Signed-off-by: Bill Richardson <wfrichar@chromium.org>
Reviewed-on: https://chromium-review.googlesource.com/246764
Reviewed-by: Randall Spangler <rspangler@chromium.org>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
We already set '-static' to LDFLAGS above no need to do it again here.
TEST=build with 'make' and 'make STATIC=1'. Check that 'STATIC=1' adds '-static' linker flag.
BUG=None
Change-Id: I83e23984753094af203432eb4570930085788398
Reviewed-on: https://chromium-review.googlesource.com/251151
Reviewed-by: Mike Frysinger <vapier@chromium.org>
Reviewed-by: Hung-Te Lin <hungte@chromium.org>
Reviewed-by: Anatol Pomazau <anatol@google.com>
Commit-Queue: Anatol Pomazau <anatol@google.com>
Tested-by: Anatol Pomazau <anatol@google.com>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
postinst needs access to a kernel that is bootable from legacy BIOS.
futility provides extraction of a bootable vmlinuz from the kernel
partition via the command line. This patch provides a function which
does the same thing and is suitable for static linking into postinst
with minimal additonal code linked in. This way we can avoid issues with
running dynamic executables during postinst.
BRANCH=none
TEST=None
BUG=chromium:455343
Change-Id: Iaec2f48e4d8f78a4bbfcc1636b6ce478e95e9a8e
Reviewed-on: https://chromium-review.googlesource.com/251760
Reviewed-by: Bill Richardson <wfrichar@chromium.org>
Commit-Queue: Zach Reizner <zachr@chromium.org>
Tested-by: Zach Reizner <zachr@chromium.org>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
This CL implements a read function that works with MTD devices in
dump_kernel_config.
BUG=chromium:457862
BRANCH=none
TEST=make runtests
TEST=try on storm_nand
Change-Id: Id784d422de64e7918b163005c0b426d727d2115e
Reviewed-on: https://chromium-review.googlesource.com/249271
Reviewed-by: Nam Nguyen <namnguyen@chromium.org>
Commit-Queue: Nam Nguyen <namnguyen@chromium.org>
Trybot-Ready: Nam Nguyen <namnguyen@chromium.org>
Tested-by: Nam Nguyen <namnguyen@chromium.org>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Since we are going to pull in libmtdutils, it would be nice to let
downstream packages automatically query for appropriate linking flags.
BUG=chromium:459338
BRANCH=None
CQ-DEPEND=CL:250836
TEST=See the depending CL.
Change-Id: I9ff8046b95e1d7e909a483fe87a69d460777e192
Reviewed-on: https://chromium-review.googlesource.com/250530
Commit-Queue: Nam Nguyen <namnguyen@chromium.org>
Trybot-Ready: Nam Nguyen <namnguyen@chromium.org>
Tested-by: Nam Nguyen <namnguyen@chromium.org>
Reviewed-by: Nam Nguyen <namnguyen@chromium.org>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
The following works from a Mac with these changes:
make Q= ARCH=arm HAVE_MACOS=1 `pwd`/build/futility/futility
Only vbutil_keyblock and vbutil_kernel have been exercised.
BUG=none
TEST='make Q= ARCH=arm HAVE_MACOS=1 `pwd`/build/futility/futility'
BRANCH=none
Signed-off-by: David Riley <davidriley@chromium.org>
Change-Id: Ie69cfee0c650d4ff96be6322083a2fea1543ee39
Reviewed-on: https://chromium-review.googlesource.com/246773
Reviewed-by: Bill Richardson <wfrichar@chromium.org>
Tested-by: David Riley <davidriley@chromium.org>
Commit-Queue: David Riley <davidriley@chromium.org>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Oops. Somehow the Makefile stopped including the generated
dependencies. As long as we're building from scratch this didn't
matter, but rebuilding following local changes wouldn't always
work. Let's fix it.
BUG=none
BRANCH=none
TEST=make runtests
Change-Id: I80bd30d1847734a288cddf61f28bb33ae9906525
Signed-off-by: Bill Richardson <wfrichar@chromium.org>
Reviewed-on: https://chromium-review.googlesource.com/245501
Reviewed-by: Randall Spangler <rspangler@chromium.org>
|
|
|
|
|
|
|
|
|
|
|
|
| |
this api allows firmware to get the digest indicating boot mode status.
BUG=chromium:451609
TEST=VBOOT2=1 make run2tests
BRANCH=tot
Signed-off-by: Daisuke Nojiri <dnojiri@chromium.org>
Change-Id: Idca7bc5f6aed947689ad7cf219805aad35047c7d
Reviewed-on: https://chromium-review.googlesource.com/244542
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
This moves the what-kind-of-file-is-this logic into a separate
file, and makes it work by calling distinct recognizers until one
hits. A new "-t" option to the show command prints what it's
doing.
BUG=chromium:228932
BRANCH=ToT
TEST=make runtests
Change-Id: Id8f60bdf3fe6a9adf41b4555b3448a261fa52fea
Signed-off-by: Bill Richardson <wfrichar@chromium.org>
Reviewed-on: https://chromium-review.googlesource.com/245122
Reviewed-by: Randall Spangler <rspangler@chromium.org>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
The vboot 2.0 stuff is deprecated, so let's not index that when
building cross-references (cscope.files and TAGS).
BUG=none
BRANCH=ToT
TEST=manual
make xrefs
Change-Id: If3a9c42f869308acd929e32d5290e3354f5c3555
Signed-off-by: Bill Richardson <wfrichar@chromium.org>
Reviewed-on: https://chromium-review.googlesource.com/244751
Reviewed-by: Randall Spangler <rspangler@chromium.org>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
This accurately reflects what's really happening. Vboot 2.0 is
backwards-compatible with the binary structs used in vboot 1.0,
while vboot 2.1 will not be.
When building firmware, vboot_reference should be invoked in one
of three ways:
TARGET OUTPUT VERSION
fwlib vboot_fw.a 1.0
fwlib20 vboot_fw20.a 2.0
fwlib21 vboot_fw21.a 2.1
BUG=chromium:228932
BRANCH=ToT
CQ-DEPEND=CL:243981
TEST=manual
emerge-veyron_pinky coreboot
emerge-samus coreboot
emerge-daisy_spring chromeos-u-boot
make runtests
Change-Id: I98d8ea6b48e5922a470e744d56699cad43eabb3d
Signed-off-by: Bill Richardson <wfrichar@chromium.org>
Reviewed-on: https://chromium-review.googlesource.com/243980
Reviewed-by: Randall Spangler <rspangler@chromium.org>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
The vb2_verify_fw command is used only in a host-side test. It
doesn't need to be built into futility. This makes it a separate
executable used just for that test.
BUG=chromium:231547
BRANCH=none
TEST=make VBOOT2=1 runtests
Note that tests/vb2_firmware_tests.sh still passes, now using an
external vb2_verify_fw executable instead of a futility command.
Change-Id: Iee58df065e7a762369c5e691f6c2093de9122ed2
Signed-off-by: Bill Richardson <wfrichar@chromium.org>
Reviewed-on: https://chromium-review.googlesource.com/243630
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
This wasn't being used anywhere, so out it goes.
BUG=chromium:231457
BRANCH=none
TEST=make runtests
Change-Id: If3865f54ac29655ee7d520f00e618f490f25c619
Signed-off-by: Bill Richardson <wfrichar@chromium.org>
Reviewed-on: https://chromium-review.googlesource.com/235481
Reviewed-by: Randall Spangler <rspangler@chromium.org>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
The verify_kernel command is used only in a host-side test. It
doesn't need to be built into futility. This makes it a separate
executable used just for that test.
BUG=chromium:231547
BRANCH=none
TEST=make runtests
Note that the load_kernel_tests.sh still passes, using the
external verify_kernel executable.
Change-Id: I309d2561d65af7eb4f3708e9bc024852238deeec
Signed-off-by: Bill Richardson <wfrichar@chromium.org>
Reviewed-on: https://chromium-review.googlesource.com/235480
Reviewed-by: Randall Spangler <rspangler@chromium.org>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Now that the underlying bug is fixed (commit 64ef69c), this
replaces the old vbutil_kernel command implementation with the
new one that we rolled back in commit f1dba02.
BUG=chromium:418647
BRANCH=none
TEST=make runtests
I've also built an image with this change, installed it on a
Chromebook, ran make_dev_ssd.sh, make_dev_firmware.sh, recovered,
etc. Everything still works.
Change-Id: I8996e674a24b5d994658a6be2973ef3623cd659b
Signed-off-by: Bill Richardson <wfrichar@chromium.org>
Reviewed-on: https://chromium-review.googlesource.com/235429
Reviewed-by: Randall Spangler <rspangler@chromium.org>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
This CL adds a "cgpt_wrapper" binary that will forward to "cgpt" binary
as needed to transparently support NAND.
The idea is that if we are working with an MTD device, this binary will
exec out to "flashrom" to read in the GPT section, then exec out to the
actual "cgpt" binary to work on that file, and finally write it back
with "flashrom".
This CL introduces a make target "install_mtd" to install this wrapper.
The corresponding ebuild should use this make target when "mtd" USE flag
is on.
BUG=chromium:442518
BRANCH=none
CQ-DEPEND=CL:239573
TEST=unittest and some trial runs with mtdram
TEST=test on a real device with NOR flash and NAND
Change-Id: I54534afa9a970ec858f313f698c0eb210c827477
Reviewed-on: https://chromium-review.googlesource.com/239580
Tested-by: Nam Nguyen <namnguyen@chromium.org>
Reviewed-by: Daniel Ehrenberg <dehrenberg@chromium.org>
Reviewed-by: Bill Richardson <wfrichar@chromium.org>
Commit-Queue: Nam Nguyen <namnguyen@chromium.org>
|
|
|
|
|
|
|
|
|
|
|
|
| |
BUG=None
TEST=make still builds
BRANCH=none
Change-Id: Ie7292e4cc88338dc6544fd859028ce55557578b4
Reviewed-on: https://chromium-review.googlesource.com/241043
Commit-Queue: Mike Frysinger <vapier@chromium.org>
Tested-by: Mike Frysinger <vapier@chromium.org>
Reviewed-by: Bill Richardson <wfrichar@google.com>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Add a STATIC knob to easily get static builds of all binaries.
We want this for the signer system.
We also need to fix the bmpblk utility to look up its libraries
via pkg-config.
BUG=chromium:447051
TEST=`make STATIC=1` works now
BRANCH=none
Change-Id: Icaef1f19f4618b0ce2b934735796749539081a02
Reviewed-on: https://chromium-review.googlesource.com/241041
Trybot-Ready: Mike Frysinger <vapier@chromium.org>
Tested-by: Mike Frysinger <vapier@chromium.org>
Reviewed-by: Bill Richardson <wfrichar@google.com>
Commit-Queue: Mike Frysinger <vapier@chromium.org>
Reviewed-by: Hung-Te Lin <hungte@chromium.org>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Over in depthcharge, IsEntryUnused will be useful for presenting the
partition table to the kernel. This patch moves that function to
gpt_misc.[ch] for export to depthcharge.
TEST=Booted a kernel on NAND with all this compiled in
TEST=make runtests passed
BRANCH=none
BUG=none
Signed-off-by: Dan Ehrenberg <dehrenberg@google.com>
Change-Id: I56445d1a420fec4d8385ddffc5469b7d77eab576
Reviewed-on: https://chromium-review.googlesource.com/231455
Reviewed-by: Bill Richardson <wfrichar@chromium.org>
Commit-Queue: Daniel Ehrenberg <dehrenberg@chromium.org>
Tested-by: Daniel Ehrenberg <dehrenberg@chromium.org>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
The dev_debug_vboot program can sometimes interfere with
automated firmware testing because it takes too long to read the
BIOS flash. Limiting the sections of flash that are read may
help, but in some cases skipping this program entirely may be
better.
This CL does three things:
1. dev_debug_vboot will read only some sections of the BIOS
flash, falling back to reading the whole thing only if it
fails at that.
2. dev_debug_vboot will source /etc/default/vboot_reference if it
exists. Putting DEV_DEBUG_FORCE=1 in that file will prevent
dev_debug_vboot from reading the flash at all unless it's
invoked with --force option.
3. The Makefile will create the /etc/default/vboot_reference file
in the install directory, setting DEV_DEBUG_FORCE to the value
in effect at build time. This will let a future CL change the
default behavior for each target.
BUG=chromium:438854
BRANCH=none
TEST=manual
Built and tested on Samus. /etc/default/vboot_reference was
present, containing "DEV_DEBUG_FORCE=". The dev_debug_vboot
script ran normally.
Manually changing /etc/default/vboot_reference to contain
"DEV_DEBUG_FORCE=1" and rebooting caused dev_debug_vboot to stop
before reading the BIOS flash.
I also manually forced various flashrom invocations to fail to
test each part of the new flow.
Change-Id: Ib319dd16b9026162d01f435f15570ec8ba99c512
Signed-off-by: Bill Richardson <wfrichar@chromium.org>
Reviewed-on: https://chromium-review.googlesource.com/233228
Reviewed-by: David Hendricks <dhendrix@chromium.org>
Reviewed-by: Stefan Reinauer <reinauer@chromium.org>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
This is part 4 of a series of changes to rearrange the vboot2 library
so that it's possible to start using the new-style data structs. This
change moves knowledge of the old vboot1 data structs into lib20; 2lib
now contains only code which is common to both vboot2.x libraries
(that is, code which is data structure version agnostic).
No functional changes; just rearranging code and tests.
BUG=chromium:423882
BRANCH=none
TEST=make runtests && VBOOT2=1 make runtests (works with/withoug VBOOT2 flag)
And compile firmware for veyron_pinky
CQ-DEPEND=CL:233051
Change-Id: I8f9e67157575e5be14952ef4809c3dfafd92596d
Signed-off-by: Randall Spangler <rspangler@chromium.org>
Reviewed-on: https://chromium-review.googlesource.com/233021
Reviewed-by: Bill Richardson <wfrichar@chromium.org>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Code which compiles against fwlib2 no longer knows or cares about the
new data structures. This should shrink fwlib2 a bit. This is part 3
of 4 changes which split vboot 2.0 struct handling (old vboot1
structs) from vboot 2.1 struct handling (new style structs).
No functional changes; just shuffling around code.
BUG=chromium:423882
BRANCH=none
TEST=make runtests && VBOOT2=1 make runtests (works with/withoug VBOOT2 flag)
And compile firmware for veyron_pinky.
Change-Id: Ibccd7d1974e07f38b90c19c924ef3b1ffcb77d62
Signed-off-by: Randall Spangler <rspangler@chromium.org>
Reviewed-on: https://chromium-review.googlesource.com/233020
Reviewed-by: Bill Richardson <wfrichar@chromium.org>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
This is part 1 of a series of 4 changes which rearrange the vboot2
files and unit tests so that we can more cleanly switch over from
old-style structs to new-style structs.
No functional changes, just shuffling around code.
BUG=chromium:423882
BRANCH=none
TEST=make runtests && VBOOT2=1 make runtests (works with/withoug VBOOT2 flag)
And build firmware for veyron_pinky.
Change-Id: I170d737bf151a6bafe61cde23b3d2f7a3fae43ce
Signed-off-by: Randall Spangler <rspangler@chromium.org>
Reviewed-on: https://chromium-review.googlesource.com/232978
Reviewed-by: Bill Richardson <wfrichar@chromium.org>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Signing is now simple enough (thanks to full utility lib support for
vboot2 data structs) that we don't need the vb2_convert_structs module
anymore. Also, use the utility lib function to create a firmware
preamble, rather than duplicating that code in the fwlib unit tests.
BUG=chromium:423882
BRANCH=none
TEST=VBOOT2=1 make runtests, and build firmware for veyron_pinky
Change-Id: I1db402a08621f79274d2a69095aebc3e84f4328d
Signed-off-by: Randall Spangler <rspangler@chromium.org>
Reviewed-on: https://chromium-review.googlesource.com/232755
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Most importantly, make a vboot 2.0 utility library, rather than just
tossing all the vboot2 files into the main utility library. This will
allow creation of a vboot 2.1 library with overlapping symbol names.
BUG=chromium:423882
BRANCH=none
TEST=make runtests && VBOOT2=1 make runtests (works with/withoug VBOOT2 flag)
And build firmware for veyron_pinky.
Change-Id: I514bda18cb0fa62bbc507251219b02054c447f3c
Signed-off-by: Randall Spangler <rspangler@chromium.org>
Reviewed-on: https://chromium-review.googlesource.com/232753
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
And associated unit tests
BUG=chromium:423882
BRANCH=none
TEST=VBOOT2=1 make runtests
Change-Id: I3bf6ff6c6e32dfd0dd737f9b04ff0546e9e0a463
Signed-off-by: Randall Spangler <rspangler@chromium.org>
Reviewed-on: https://chromium-review.googlesource.com/231728
Reviewed-by: Bill Richardson <wfrichar@chromium.org>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Also add vb2_common_desc() helper function to return the description
for an object starting with a common struct header.
And use the new host lib function to create the keyblock for verifying
the firmware lib.
Add tests for everything new.
BUG=chromium:423882
BRANCH=none
TEST=VBOOT2=1 make runtests
Change-Id: I1fadb3e249e771a692cc69b23620c6ddd46a48ac
Signed-off-by: Randall Spangler <rspangler@chromium.org>
Reviewed-on: https://chromium-review.googlesource.com/231721
Reviewed-by: Bill Richardson <wfrichar@chromium.org>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
The cros-compiler doesn't support backtrace(3) when linked
statically. Until that's fixed, just don't use it.
BUG=chromium:437107
BRANCH=ToT, samus
TEST=manual
FEATURES=test emerge-link vboot_reference
/build/link/usr/bin/futility_s gbb_utility -c 100,100,100,100 test.bin
/build/link/usr/bin/futility_s gbb_utility -s --hwid=HEY test.bin
Change-Id: I66b76fc8c0aa92f95976c5d5015f62730bb12064
Signed-off-by: Bill Richardson <wfrichar@chromium.org>
Reviewed-on: https://chromium-review.googlesource.com/232234
Reviewed-by: Mike Frysinger <vapier@chromium.org>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Including signing with bare hashes, and signing an object with more
than one signature. With unit tests, even.
BUG=chromium:423882
BRANCH=none
TEST=VBOOT2=1 make runtests
Change-Id: Iad0b9f9f6cca7129071aebf0cbc60c0daa94d382
Signed-off-by: Randall Spangler <rspangler@chromium.org>
Reviewed-on: https://chromium-review.googlesource.com/231452
Reviewed-by: Bill Richardson <wfrichar@chromium.org>
|