| Commit message (Collapse) | Author | Age | Files | Lines |
|---|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Get rid of vb2_context forward declaration and vb2_error_t
redefinition from 2secdata.h, and properly include 2api.h
instead.
Remove 2secdata.h from 2api.h (should not be publicly
accessible), and add 2secdata.h include to appropriate files.
BUG=b:124141368, chromium:972956
TEST=make clean && make runtests
BRANCH=none
Change-Id: I15570488fdabfcd9a178a0cedc7868b8c23720e9
Signed-off-by: Joel Kitching <kitching@google.com>
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/vboot_reference/+/1776285
Tested-by: Joel Kitching <kitching@chromium.org>
Commit-Queue: Joel Kitching <kitching@chromium.org>
Reviewed-by: Julius Werner <jwerner@chromium.org>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
For clarity's sake, rename:
secdata -> secdata_firmware
secdatak -> secdata_kernel
secdata is now the general term to refer to any secure data
spaces: firmware, kernel, and FWMP.
Once coreboot code has been updated, the sections in 2api.h
and 2constants.h may be removed.
BUG=b:124141368, chromium:972956
TEST=make clean && make runtests
BRANCH=none
Change-Id: I376acee552e8be37c75c340626a95462f81e198b
Signed-off-by: Joel Kitching <kitching@google.com>
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/vboot_reference/+/1773079
Reviewed-by: Joel Kitching <kitching@chromium.org>
Commit-Queue: Joel Kitching <kitching@chromium.org>
Tested-by: Joel Kitching <kitching@chromium.org>
|
| |
|
|
|
|
|
|
|
|
|
|
|
| |
BUG=b:124141368, chromium:995172
TEST=make clean && make runtests
BRANCH=none
Change-Id: I42e4ac8a21ac3be416d315a8a8cc914f997bab79
Signed-off-by: Joel Kitching <kitching@google.com>
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/vboot_reference/+/1758148
Reviewed-by: Julius Werner <jwerner@chromium.org>
Tested-by: Joel Kitching <kitching@chromium.org>
Commit-Queue: Joel Kitching <kitching@chromium.org>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Clang is diagnosing implicit fallthrough in C code
past https://reviews.llvm.org/rL369414.
Detect the support for the fallthrough attributes in gcc/clang
and enable it as VBOOT_FALLTHROUGH (copied from boringssl).
This is needed to fix ToT clang builds.
Note: GCC apparently does not diagnose fallthrough to another case
with break but clang does (https://gcc.gnu.org/bugzilla/show_bug.cgi?id=91432).
And clang does not detect the fallthrough based on code comments.
Bug: chromium:997709
Test: CQ
Change-Id: Id8b4be4deabca2d0f1b2efd80efa72a485a5dc8c
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/vboot_reference/+/1772474
Tested-by: Manoj Gupta <manojgupta@chromium.org>
Reviewed-by: Patrick Georgi <pgeorgi@chromium.org>
Commit-Queue: Manoj Gupta <manojgupta@chromium.org>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
BUG=b:124141368, b:131663912, b:139392536
TEST=make clean && make runtests
BRANCH=none
Change-Id: I91eab08130786188b0a7c514b35574c611863b03
Signed-off-by: Joel Kitching <kitching@google.com>
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/vboot_reference/+/1758147
Tested-by: Joel Kitching <kitching@chromium.org>
Reviewed-by: Julius Werner <jwerner@chromium.org>
Reviewed-by: Furquan Shaikh <furquan@chromium.org>
Commit-Queue: Furquan Shaikh <furquan@chromium.org>
Commit-Queue: Joel Kitching <kitching@chromium.org>
|
| |
|
|
|
|
|
|
|
|
|
|
|
| |
BUG=b:124141368
TEST=make clean && make runtests
BRANCH=none
Change-Id: Id97f544da845f7070555e5e8cc6e782b2d45c300
Signed-off-by: Joel Kitching <kitching@google.com>
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/vboot_reference/+/1758151
Tested-by: Joel Kitching <kitching@chromium.org>
Reviewed-by: Joel Kitching <kitching@chromium.org>
Commit-Queue: Joel Kitching <kitching@chromium.org>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
These are not yet used in production and need some fixing up
first.
BUG=b:124141368, chromium:972956
TEST=make clean && make runtests
BRANCH=none
Change-Id: Ifbd0e761cc5bc05437bfed774fb15d5e8ef1b8e7
Signed-off-by: Joel Kitching <kitching@google.com>
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/vboot_reference/+/1758149
Tested-by: Joel Kitching <kitching@chromium.org>
Commit-Queue: Joel Kitching <kitching@chromium.org>
Reviewed-by: Julius Werner <jwerner@chromium.org>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
sysincludes.h and 2sysincludes.h are almost identical except for
one extra header (ctype.h) in the vboot1 variant. Add this to
2sysincludes.h, and nuke sysincludes.h.
Depends on: https://review.coreboot.org/c/coreboot/+/33525
BUG=b:124141368
TEST=make clean && make runtests
BRANCH=none
Change-Id: Iaba21a9b8bb2ae0c081184019576663898317bd1
Signed-off-by: Joel Kitching <kitching@google.com>
Cq-Depend: chromium:1680325
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/vboot_reference/+/1659990
Tested-by: Joel Kitching <kitching@chromium.org>
Reviewed-by: Julius Werner <jwerner@chromium.org>
Commit-Queue: Joel Kitching <kitching@chromium.org>
Auto-Submit: Joel Kitching <kitching@chromium.org>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
vb2_shared_data struct has many offsets to other objects in the
workbuf. They are all prefixed with `workbuf_`, e.g.:
uint32_t workbuf_data_key_offset;
uint32_t workbuf_data_key_size;
In order to adhere to a hierarchical structure on the workbuf,
remove the workbuf_ prefix from these symbols to reflect the
relationship between vb2_shared_data and its children more
accurately.
Create a helper function vb2_member_of to safely look up a child
of a particular object in the workbuf by offset. Pointer
arithmetic to find vb2_shared_data children is replaced with
calls to this function.
BUG=b:124141368, chromium:994060
TEST=make clean && make runtests
BRANCH=none
Change-Id: Ia82417a35d2067ee5e4f42fea0396e6325127223
Signed-off-by: Joel Kitching <kitching@google.com>
Cq-Depend: chromium:1753400
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/vboot_reference/+/1718264
Commit-Queue: Joel Kitching <kitching@chromium.org>
Tested-by: Joel Kitching <kitching@chromium.org>
Reviewed-by: Julius Werner <jwerner@chromium.org>
|
| |
|
|
|
|
|
|
|
|
|
|
|
| |
BUG=b:124141368, chromium:988410
TEST=make clean && make runtests
BRANCH=none
Change-Id: I59b5646a79769cb9fafdecd904021a5df85906b6
Signed-off-by: Joel Kitching <kitching@google.com>
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/vboot_reference/+/1728295
Commit-Queue: Joel Kitching <kitching@chromium.org>
Tested-by: Joel Kitching <kitching@chromium.org>
Reviewed-by: Julius Werner <jwerner@chromium.org>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Replace vboot1-style VBERROR_INVALID_PARAMETER with vboot2 equivalent
VB2_ERROR_INVALID_PARAMETER.
BUG=b:124141368, chromium:988410
TEST=make clean && make runtests
BRANCH=none
Change-Id: I46227cd3a7d7ce84654a0093f9d64883c9563381
Signed-off-by: Joel Kitching <kitching@google.com>
Cq-Depend: chromium:1728116
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/vboot_reference/+/1728294
Commit-Queue: Joel Kitching <kitching@chromium.org>
Tested-by: Joel Kitching <kitching@chromium.org>
Reviewed-by: Julius Werner <jwerner@chromium.org>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Replace vboot1-style VBERROR_SIMULATED with VB2_ERROR_MOCK.
BUG=b:124141368, chromium:988410
TEST=make clean && make runtests
BRANCH=none
Change-Id: I9f7a21b957097672883a428a5210c14a27852085
Signed-off-by: Joel Kitching <kitching@google.com>
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/vboot_reference/+/1722917
Commit-Queue: Joel Kitching <kitching@chromium.org>
Tested-by: Joel Kitching <kitching@chromium.org>
Reviewed-by: Julius Werner <jwerner@chromium.org>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Replace vboot1-style VBERROR_UNKNOWN with VB2_ERROR_UNKNOWN.
BUG=b:124141368, chromium:988410
TEST=make clean && make runtests
BRANCH=none
Change-Id: Icd2158e328142cff69ce94b5396ab021a1f7839c
Signed-off-by: Joel Kitching <kitching@google.com>
Cq-Depend: chromium:1728115
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/vboot_reference/+/1722916
Commit-Queue: Joel Kitching <kitching@chromium.org>
Tested-by: Joel Kitching <kitching@chromium.org>
Reviewed-by: Julius Werner <jwerner@chromium.org>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Replace vboot1-style VBERROR_SUCCESS with VB2_SUCCESS
(trivial change since both are equal values).
BUG=b:124141368, chromium:988410
TEST=make clean && make runtests
BRANCH=none
Change-Id: I46e02471a031e9f36ec869d11d0b957d1c1b5769
Signed-off-by: Joel Kitching <kitching@google.com>
Cq-Depend: chromium:1728114
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/vboot_reference/+/1722915
Commit-Queue: Joel Kitching <kitching@chromium.org>
Tested-by: Joel Kitching <kitching@chromium.org>
Reviewed-by: Julius Werner <jwerner@chromium.org>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
To make explicit when vboot2 error codes should be returned,
use the new vb2_error_t type on all functions which return
VB2_ERROR_* constants.
BUG=b:124141368, chromium:988410
TEST=make clean && make runtests
BRANCH=none
Change-Id: Idd3ee8afe8c78347783ce5fa829cb78f1e5719e2
Signed-off-by: Joel Kitching <kitching@google.com>
Cq-Depend: chromium:1728113, chromium:1728499
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/vboot_reference/+/1728292
Reviewed-by: Joel Kitching <kitching@chromium.org>
Commit-Queue: Joel Kitching <kitching@chromium.org>
Tested-by: Joel Kitching <kitching@chromium.org>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
As part of the conversion of error codes from vboot1 to vboot2,
replace all instances of VbError_t with vb2_error_t.
vboot2 currently uses the int type for return values, but we
would like to implement the use of vb2_error_t instead, which is
potentially clearer than simply using an int. Existing functions
will be converted to use vb2_error_t in a subsequent CL.
BUG=b:124141368, chromium:988410
TEST=make clean && make runtests
BRANCH=none
Change-Id: Iee90d9a1f46bcf5f088e981ba6ddbcf886ff0f18
Signed-off-by: Joel Kitching <kitching@google.com>
Cq-Depend: chromium:1728112
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/vboot_reference/+/1722914
Reviewed-by: Julius Werner <jwerner@chromium.org>
Commit-Queue: Joel Kitching <kitching@chromium.org>
Tested-by: Joel Kitching <kitching@chromium.org>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
It's extremely hard to accomplish anything with two different
sets of error codes. Since the two error code sets don't
overlap, merge them into the same enum (vb2_return_code). The
next step is to get rid of VbError_t and have all functions
consistently return vboot2-style int.
BUG=b:124141368, chromium:988410
TEST=make clean && make runtests
BRANCH=none
Change-Id: Ie34ac2c30e5d73fe886628e3150cf63543d520af
Signed-off-by: Joel Kitching <kitching@google.com>
Cq-Depend: chromium:1728117, chromium:1735666
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/vboot_reference/+/1722913
Tested-by: Joel Kitching <kitching@chromium.org>
Commit-Queue: Joel Kitching <kitching@chromium.org>
Reviewed-by: Julius Werner <jwerner@chromium.org>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Replace old vboot1-style Min macro with VB2_MIN,
and relocate tests accordingly.
BUG=b:124141368
TEST=make clean && make runtests
BRANCH=none
Change-Id: I73d630147eaf23f97dd750769fb1e911dae01848
Signed-off-by: Joel Kitching <kitching@google.com>
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/vboot_reference/+/1675866
Tested-by: Joel Kitching <kitching@chromium.org>
Reviewed-by: Julius Werner <jwerner@chromium.org>
Commit-Queue: Joel Kitching <kitching@chromium.org>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
| |
BUG=b:124141368, chromium:954774
TEST=make clean && make runtests
BRANCH=none
Change-Id: I7b422e8a26621720a6b7efc5211629996a6aa385
Signed-off-by: Joel Kitching <kitching@google.com>
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/vboot_reference/+/1659989
Tested-by: Joel Kitching <kitching@chromium.org>
Commit-Queue: Julius Werner <jwerner@chromium.org>
Auto-Submit: Joel Kitching <kitching@chromium.org>
Reviewed-by: Julius Werner <jwerner@chromium.org>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Export information about vb2_gbb_header's flags member:
* vb2_gbb_flags_t
* VB2_GBB_FLAGS_OFFSET
BUG=b:124141368, chromium:954774
TEST=make clean && make runtests
BRANCH=none
Change-Id: I2923156edd06df02751ccded5dcbb5bf8fe0207d
Signed-off-by: Joel Kitching <kitching@google.com>
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/vboot_reference/+/1657503
Reviewed-by: Joel Kitching <kitching@chromium.org>
Reviewed-by: Julius Werner <jwerner@chromium.org>
Tested-by: Joel Kitching <kitching@chromium.org>
Commit-Queue: Julius Werner <jwerner@chromium.org>
Auto-Submit: Joel Kitching <kitching@chromium.org>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
This constant was incorrectly set to 14, whereas
sizeof(vb2_secdatak) is 13.
Update the constant its correct value, and add a test for
each of secdata and secdatak to check the constant values.
Previously, this constant was not used anywhere. The
secdatak space is created and initialized in coreboot
with a hard-coded (correct) size and initial value.
So there should be no worry about devices out in the
field with TPM secdatak size set to 14.
BUG=b:124141368, chromium:972956
TEST=make clean && make runtests
BRANCH=none
Change-Id: I0a6072aef2de401bd3cd40ac3b002f754da19560
Signed-off-by: Joel Kitching <kitching@google.com>
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/vboot_reference/+/1655049
Reviewed-by: Julius Werner <jwerner@chromium.org>
Tested-by: Joel Kitching <kitching@chromium.org>
Commit-Queue: Julius Werner <jwerner@chromium.org>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Previously vb2api_secdatak_check and vb2api_secdatak_create had
headers in 2api.h, but no definitions.
Merge identical internal/external functions:
vb2api_secdata_create, vb2_secdata_create_crc
vb2api_secdata_check, vb2_secdata_check_crc
vb2api_secdatak_create, vb2_secdatak_create_crc
vb2api_secdatak_check, vb2_secdatak_check_crc
BUG=b:124141368, chromium:972956
TEST=make clean && make runtests
BRANCH=none
Change-Id: I64a14d65e5d856ca0f819ef3ded50b4719abc8b3
Signed-off-by: Joel Kitching <kitching@google.com>
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/vboot_reference/+/1652874
Tested-by: Joel Kitching <kitching@chromium.org>
Reviewed-by: Julius Werner <jwerner@chromium.org>
Commit-Queue: Julius Werner <jwerner@chromium.org>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Old vboot1-style GBB accessor functions were awkwardly located
within region-init.c.
Rewrite GBB accessor functions for vboot2, and formally expose
HWID retrieval function via vboot2 API. workbuf is used for
key retrieval functions, while a buffer provided by the caller
is used for HWID retrieval function.
Reintroduce vboot_display_tests to `make runtests` test suite.
Move GBB tests from vboot_display_tests to vb2_gbb_tests.
Properly propagate vb2_workbuf objects within the function call
stack (vb2_load_partition).
BUG=b:124141368, chromium:954774
TEST=Build and flash to eve, check that Chrome OS boots
TEST=Build with CL:1627469 applied, check HWID
TEST=make clean && make runtests
BRANCH=none
Change-Id: I398d1329f0b092de35aac73d98dfd9aee6e4e7de
Signed-off-by: Joel Kitching <kitching@google.com>
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/vboot_reference/+/1584488
Tested-by: Joel Kitching <kitching@chromium.org>
Reviewed-by: Julius Werner <jwerner@chromium.org>
Commit-Queue: Jason Clinton <jclinton@chromium.org>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
VB2_NV_DISPLAY_REQUEST should only be used for cases where there
is no other way for coreboot to tell that display initialization
is required.
In the case of developer, recovery, and diagnostic modes, display
should always be initialized without looking at
VB2_NV_DISPLAY_REQUEST.
In the case of EC slow sync, VB2_NV_DISPLAY_REQUEST should still
be used.
BUG=b:124141368, chromium:948592, chromium:967298, b:133175864
TEST=make clean && make runtests
BRANCH=none
Change-Id: I56e7d50bfd7de596d25ba232251f73ccd2d5df9b
Signed-off-by: Joel Kitching <kitching@google.com>
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/vboot_reference/+/1634450
Reviewed-by: Joel Kitching <kitching@chromium.org>
Tested-by: Joel Kitching <kitching@chromium.org>
Commit-Queue: Jason Clinton <jclinton@chromium.org>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
* Move vb2_packed_key from vb2_struct.h to 2struct.h
* Move vb2_verify_member_inside from lib20/common.c to 2common.c
* Move vb2_packed_key_data and vb2_verify_packed_key_inside from
lib20/packed_key.c to 2packed_key.c
* Relocate tests accordingly
BUG=b:124141368, chromium:968464
TEST=make clean && make runtests
BRANCH=none
Change-Id: I6a9338ffdb640aad071941c3768427e15cd2aa93
Signed-off-by: Joel Kitching <kitching@google.com>
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/vboot_reference/+/1642773
Tested-by: Joel Kitching <kitching@chromium.org>
Reviewed-by: Julius Werner <jwerner@chromium.org>
Commit-Queue: Joel Kitching <kitching@chromium.org>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Since GBB header will be needed for subsequent GBB reads later on
(in kernel verification stage), and since GBB header is
relatively small (128 bytes), save the full GBB header onto
workbuf during firmware verification stage, and store an offset
pointer to it in vb2_shared_data. vb2_gbb_header object may be
accessed via the vb2_get_gbb function.
Additionally, update functions in firmware/lib/region-init.c to
read GBB data from flash, rather than using cparams passed in by
depthcharge, which is slated for deprecation.
BUG=b:124141368, chromium:954774
TEST=make clean && make runtests
BRANCH=none
Change-Id: I6e6218231299ce3a5b383663bc3480b20f929840
Signed-off-by: Joel Kitching <kitching@google.com>
Cq-Depend: chromium:1585500
Reviewed-on: https://chromium-review.googlesource.com/1627430
Commit-Ready: Joel Kitching <kitching@chromium.org>
Tested-by: Joel Kitching <kitching@chromium.org>
Legacy-Commit-Queue: Commit Bot <commit-bot@chromium.org>
Reviewed-by: Julius Werner <jwerner@chromium.org>
Reviewed-by: Joel Kitching <kitching@chromium.org>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Clients which wish to use this function may simply import the
vb2_sha.h header to make all SHA library functionality available.
Whether or not to make a full vb2api_ set of functions for SHA
library should be considered in the future, but individual
functions should not be added to the API as was done.
BUG=b:124141368, chromium:956474
TEST=make clean && make runtests
BRANCH=none
Change-Id: I1dc8ed84ecfb621a57411975f312e96a695b68f4
Signed-off-by: Joel Kitching <kitching@google.com>
Cq-Depend: chromium:1583942
Reviewed-on: https://chromium-review.googlesource.com/1583822
Commit-Ready: Joel Kitching <kitching@chromium.org>
Tested-by: Joel Kitching <kitching@chromium.org>
Reviewed-by: Julius Werner <jwerner@chromium.org>
Reviewed-by: Simon Glass <sjg@chromium.org>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
2common.h contains code which should be internal to vboot.
Most notably of which is 2struct.h, which contains
the vb2_shared_data data structure.
BUG=b:124141368, chromium:956474
TEST=make clean && make runtests
BRANCH=none
Cq-Depend: chromium:1587981, chromium:1599567, chromium:1610164
Change-Id: I712f51915bb9b0b03dce558e2b843eb83662f434
Signed-off-by: Joel Kitching <kitching@google.com>
Reviewed-on: https://chromium-review.googlesource.com/1583819
Commit-Ready: Joel Kitching <kitching@chromium.org>
Tested-by: Joel Kitching <kitching@chromium.org>
Reviewed-by: Joel Kitching <kitching@chromium.org>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
As per go/vboot2-oprom-cleanup, use vboot2 SD flag
DISPLAY_AVAILABLE, instead of the old vboot1 flags
OPROM_MATTERS and OPROM_LOADED.
Remove instances of "OPROM" and update with correct
nomenclature.
Update code and tests for EC software sync and diagnostic
menu to use vboot2 display init model.
OPROM_MATTERS and OPROM_LOADED are now deprecated, and
will be removed when no references remain in depthcharge
and coreboot.
Deprecate VBERROR_DISPLAY_INIT_MISMATCH (previously
OPROM_MISMATCH) and return VBERROR_REBOOT_REQUIRED
directly when needed.
BUG=b:124141368, b:124192753, chromium:948529
TEST=Build image for eve, force EC update,
check that the "critical update" screen shows
TEST=make clean && make runtests
BRANCH=none
Change-Id: I889872f886230f8559d5cce09d0de194da3fcc38
Signed-off-by: Joel Kitching <kitching@google.com>
Reviewed-on: https://chromium-review.googlesource.com/1605641
Commit-Ready: ChromeOS CL Exonerator Bot <chromiumos-cl-exonerator@appspot.gserviceaccount.com>
Tested-by: Joel Kitching <kitching@chromium.org>
Reviewed-by: Julius Werner <jwerner@chromium.org>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
As part of go/vboot2-oprom-cleanup, prepare to rename NVRAM
request flag used to request that coreboot initialize the
device's display, from VB2_NV_OPROM_NEEDED to
VB2_NV_DISPLAY_REQUEST.
BUG=b:124141368, b:124192753, chromium:948529
TEST=make clean && make runtests
BRANCH=none
Change-Id: I0ec29d61bd9e87bcaaffd647015e252ff3222708
Signed-off-by: Joel Kitching <kitching@google.com>
Reviewed-on: https://chromium-review.googlesource.com/1605640
Commit-Ready: ChromeOS CL Exonerator Bot <chromiumos-cl-exonerator@appspot.gserviceaccount.com>
Tested-by: Joel Kitching <kitching@chromium.org>
Reviewed-by: Julius Werner <jwerner@chromium.org>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
| |
BUG=b:124141368, b:131663912
TEST=make clean && make runtests
BRANCH=none
Change-Id: I6aae5683b8306eede4388ff5ed6665e7769756dc
Signed-off-by: Joel Kitching <kitching@google.com>
Reviewed-on: https://chromium-review.googlesource.com/1588026
Commit-Ready: ChromeOS CL Exonerator Bot <chromiumos-cl-exonerator@appspot.gserviceaccount.com>
Tested-by: Joel Kitching <kitching@chromium.org>
Reviewed-by: Julius Werner <jwerner@chromium.org>
Reviewed-by: Ting Shen <phoenixshen@chromium.org>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
This patch adds a bunch of more warnings that are already enabled in
coreboot and thus already enabled for firmware builds anyway (because
coreboot just passes its CFLAGS through). Enabling it in the vboot
Makefile means they also apply to host utilities and tests, which sounds
desirable for consistency.
Fix enough of the cruft and bad coding practices that accumulated over
the years of not having warnings enabled to get it to build again (this
includes making functions static, removing dead code, cleaning up
prototypes, etc.).
Also remove -fno-strict-aliasing from the x86 firmware build options,
because it's not clear why it's there (coreboot isn't doing this, so
presumably it's not needed).
BRANCH=None
BUG=None
TEST=make runtests
Change-Id: Ie4a42083c4770a4eca133b22725be9ba85b24184
Signed-off-by: Julius Werner <jwerner@chromium.org>
Reviewed-on: https://chromium-review.googlesource.com/1598721
Commit-Ready: ChromeOS CL Exonerator Bot <chromiumos-cl-exonerator@appspot.gserviceaccount.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
-Wtype-limits is an additional warning we're trying to enable in
coreboot that catches common coding mistakes (e.g. checking whether an
unsigned variable is < 0). vboot almost works with this out of the box,
but there's one instance where we want such a check (because the
constant it's checking may change). This patch pragma's it out so that
we can still build with the new warning.
BRANCH=None
BUG=chromium:960270
TEST=make runtests
Change-Id: I678a5915c99451b7e0a2672efb5ae6c81ebfb027
Signed-off-by: Julius Werner <jwerner@chromium.org>
Reviewed-on: https://chromium-review.googlesource.com/1598720
Commit-Ready: Joel Kitching <kitching@chromium.org>
Reviewed-by: Joel Kitching <kitching@chromium.org>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
vb2_gbb_header should NOT be in the public API, but GBB flag
definitions themselves SHOULD be.
BUG=b:124141368, chromium:956474
TEST=make clean && make runtests
BRANCH=none
Change-Id: I9b9cb1bc67c31c3a29b7a237d90a11aba55f131e
Signed-off-by: Joel Kitching <kitching@google.com>
Reviewed-on: https://chromium-review.googlesource.com/1583821
Commit-Ready: Joel Kitching <kitching@chromium.org>
Tested-by: Joel Kitching <kitching@chromium.org>
Reviewed-by: Julius Werner <jwerner@chromium.org>
Reviewed-by: Simon Glass <sjg@chromium.org>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
As part of go/vboot2-cleanup-oprom, introduce new context
flag DISPLAY_INIT. The equivalent shared data flag
DISPLAY_AVAILABLE is also introduced for downstream vboot
to read.
The context flag serves the dual purpose of:
(1) the vboot caller (coreboot) telling vboot that "display
will be initialized regardless", for cases when a
mainboard/SoC cannot disable its display initialization
code (see coreboot Kconfig VBOOT_MUST_REQUEST_DISPLAY,
previously VBOOT_OPROM_MATTERS).
(2) vboot telling the vboot caller (coreboot) that "display
initialization should occur" for cases when vboot needs
display enabled on this boot.
BUG=b:124141368, chromium:948529
TEST=make clean && make runtests
BRANCH=none
Change-Id: If18bedf99c0f6e366c12d043377edb7bcdb35fdf
Signed-off-by: Joel Kitching <kitching@google.com>
Reviewed-on: https://chromium-review.googlesource.com/1564232
Commit-Ready: Joel Kitching <kitching@chromium.org>
Tested-by: Joel Kitching <kitching@chromium.org>
Reviewed-by: Julius Werner <jwerner@chromium.org>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
When clients wish to use SHA functionality, they should import
vb2_sha.h header instead of setting NEED_VB2_SHA_LIBRARY and
importing vb2_api.h. The latter will be deprecated.
NEED_VB2_SHA_LIBRARY is troublesome since the compiler may
complain when it is defined multiple times within the same
namespace.
BUG=b:124141368, chromium:956474
TEST=make clean && make runtests
BRANCH=none
Change-Id: Ie39bb14e7fb35fd7e365acdd29dd5524567358b1
Signed-off-by: Joel Kitching <kitching@google.com>
Reviewed-on: https://chromium-review.googlesource.com/1583820
Commit-Ready: Joel Kitching <kitching@chromium.org>
Tested-by: Joel Kitching <kitching@chromium.org>
Reviewed-by: Julius Werner <jwerner@chromium.org>
Reviewed-by: Randall Spangler <rspangler@google.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
| |
BUG=b:124141368, chromium:944804
TEST=make clean && make runtests
BRANCH=none
Change-Id: I79ddbf260ec86ad94eb1ea2daec115fb188264d6
Signed-off-by: Joel Kitching <kitching@google.com>
Reviewed-on: https://chromium-review.googlesource.com/1583824
Commit-Ready: Joel Kitching <kitching@chromium.org>
Tested-by: Joel Kitching <kitching@chromium.org>
Reviewed-by: Julius Werner <jwerner@chromium.org>
Reviewed-by: Randall Spangler <rspangler@google.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
In order for vb2_shared_data to cross application boundaries,
it needs magic and version fields.
These can be initialized in vb2_init_context, which is called
implicitly via vb2api_fw_phase1 and vb2api_fail.
On re-init, check fields for validity.
BUG=b:124141368, b:124192753
TEST=make clean && make runtests
BRANCH=none
Change-Id: I90005833836f13f60813bdf82f0e4dbb8d9afecd
Reviewed-on: https://chromium-review.googlesource.com/1521406
Commit-Ready: Joel Kitching <kitching@chromium.org>
Tested-by: Joel Kitching <kitching@chromium.org>
Reviewed-by: Julius Werner <jwerner@chromium.org>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
As part of chromium:942901, physical dev switch functionality
is being deprecated.
After CL:1541322 is merged, VB2_CONTEXT_FORCE_DEVELOPER_MODE
will no longer be used, and can be renamed.
(See: src/security/vboot/vboot_logic.c)
BUG=b:124141368, b:124192753, chromium:942901
TEST=make clean && make runtests
TEST=make clean && COV=1 make coverage && make coverage_html
CQ-DEPEND=CL:1541322
BRANCH=none
Change-Id: I3a401a59dc80cb42617a8f3a485d303aa3484c92
Signed-off-by: Joel Kitching <kitching@google.com>
Reviewed-on: https://chromium-review.googlesource.com/1526071
Commit-Ready: Joel Kitching <kitching@chromium.org>
Tested-by: Joel Kitching <kitching@chromium.org>
Reviewed-by: Joel Kitching <kitching@chromium.org>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
vboot_reference has a set of "external" functions which are
defined by the client and linked in at compile time.
Instead of creating a separate return code for each unimplemented
external function, group them all into one.
BUG=chromium:944804
TEST=make clean && make runtests
BRANCH=None
Change-Id: Ic3896572c71aabf99590758c7fc3848b61f9e078
Reviewed-on: https://chromium-review.googlesource.com/1539433
Commit-Ready: ChromeOS CL Exonerator Bot <chromiumos-cl-exonerator@appspot.gserviceaccount.com>
Tested-by: Joel Kitching <kitching@chromium.org>
Reviewed-by: Julius Werner <jwerner@chromium.org>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
As part of chromium:942901, physical dev switch functionality
is being deprecated.
VB2_CONTEXT_FORCE_DEVELOPER_MODE is for the express purpose
of enabling developer mode when the physical dev switch is
on. (See: coreboot's src/security/vboot/vboot_logic.c)
Remove the check of this context flag for deciding whether
developer mode is enabled.
In order to retain a path to developer mode on devices
with physical dev switch, this CL depends on
VBSD_HONOR_VIRT_DEV_SWITCH check being removed first
(see CL:1526070). (Alternately, we can wait for CB:31943
to be merged and pulled downstream.)
This constant will be marked as deprecated in a subsequent
CL, once the coreboot CL has been pulled downstream.
BUG=b:124141368, b:124192753, chromium:942901
TEST=Build locally
TEST=/work/vboot/src/repohooks/pre-upload.py
TEST=make clean && make runtests
TEST=make clean && COV=1 make coverage && make coverage_html
CQ-DEPEND=CL:1526070
BRANCH=none
Change-Id: I81b54b9e2b8d3c6f9c00b40dd0771cda0585037c
Signed-off-by: Joel Kitching <kitching@google.com>
Reviewed-on: https://chromium-review.googlesource.com/1524757
Commit-Ready: ChromeOS CL Exonerator Bot <chromiumos-cl-exonerator@appspot.gserviceaccount.com>
Tested-by: Joel Kitching <kitching@chromium.org>
Reviewed-by: Simon Glass <sjg@chromium.org>
Reviewed-by: Julius Werner <jwerner@chromium.org>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
This change adds diagnostic mode. When enabled for a board (based on
defconfig in depthcharge) the user can press Ctrl-C or F12 at a recovery
mode screen, at which point an nv bit is set and the system reboots.
Upon reboot, if the nv bit is set then the user is prompted to confirm
launch of the diagnostic rom via the power button. If user confirms
then the diagnostic payload is verified and run (if verify fails or
payload doesn't run then a recovery reason is recorded and system
reboots to recovery mode). If the user does not confirm then the system
reboots.
BUG=b:124358784
BRANCH=None
TEST=Locally built and flashed using change that enabled feature for atlas
and set to use payload 2 (tianocore) rather than 5 (diagnostic). Confirmed
that Ctrl-C is functional or not based on defconfig and that Ctrl-C
sets NV bit and reboots. Confirmed that NV bit can be set and
queried via crossystem. Confirmed that during boot confirmation screen
appears or not based on NV bit. Confirmed that pressing power button
caused payload to be verified and run. Confirmed that non-matching hash
(build configured to use sha1 rather than sha256) caused payload to not
be run and system reboot to recovery. Confirmed that Esc or timeout
caused system to reboot.
CQ-DEPEND=CL:1471056
Change-Id: I8979d4eeb443bf64b727ee86a814c46d1d27ff37
Signed-off-by: Matt Delco <delco@google.com>
Reviewed-on: https://chromium-review.googlesource.com/1470723
Reviewed-by: Julius Werner <jwerner@chromium.org>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
This change allocates a bit in the nvram that will be used
in a later change to tell the firmware whether to detour
to diagnostic mode during boot.
BUG=b:124358784
BRANCH=None
TEST=Local build and ran "make runtests". Verified with a later
change that the nvram bit takes effect as expected.
Change-Id: If2fd3f46da30fc7375d37b240e3e745819ae0632
Signed-off-by: Matt Delco <delco@google.com>
Reviewed-on: https://chromium-review.googlesource.com/1504758
Reviewed-by: Julius Werner <jwerner@chromium.org>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Add vboot2 callback for tpm_set_mode.
This is mostly a cherry-pick of these:
https://chromium-review.googlesource.com/c/1354139
https://chromium-review.googlesource.com/c/1365293
The re-enable of the tpm is now performed by coreboot
so this version doesn't implement tpm_get_mode.
BUG=b:124358784
BRANCH=None
TEST=compile vboot_reference and depthcharge
CQ-DEPEND=CL:1471195
Change-Id: I4168b50650e22f35ad9c66d49f34b689c46a36e1
Signed-off-by: Matt Delco <delco@google.com>
Reviewed-on: https://chromium-review.googlesource.com/1470962
Reviewed-by: Julius Werner <jwerner@chromium.org>
Reviewed-by: Keith Short <keithshort@chromium.org>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Remove:
- VB2_DISABLE_DEVELOPER_MODE
- VB2_SD_DEV_MODE_ENABLED
(Both have been renamed.)
coreboot dependencies: CB:31297, CB:31298
BUG=b:124141368
TEST=Build locally
TEST=/work/vboot/src/repohooks/pre-upload.py
TEST=make clean && make runtests
TEST=make clean && COV=1 make coverage && make coverage_html
BRANCH=none
Change-Id: Ic50e5e327e5b192af3aa103e4b36ff7ed8631c8f
Signed-off-by: Joel Kitching <kitching@google.com>
Reviewed-on: https://chromium-review.googlesource.com/1506681
Commit-Ready: Joel Kitching <kitching@chromium.org>
Tested-by: Joel Kitching <kitching@chromium.org>
Reviewed-by: Patrick Georgi <pgeorgi@chromium.org>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
This is largely a cherry-pick of CL:1133598
- Externalize vb2_digest_buffer function to vb2api_digest_buffer.
- Change VbExLegacy()'s altfw_num parameter from int to enum so
caller can specify which specific payload to run.
BUG=b:124358784
BRANCH=None
TEST=Local compile. Verified with subsequent change that legacy boot
still works and new functionality can opt-in to and utilize payload
verification.
CQ-DEPEND=CL:1471053
Change-Id: I9700c2e38c3cfa255eeff72ce416295af9d076fb
Signed-off-by: Matt Delco <delco@google.com>
Reviewed-on: https://chromium-review.googlesource.com/1471051
Reviewed-by: Julius Werner <jwerner@chromium.org>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
coreboot uses the C preprocessor on its linker scripts to
allow evaluation of macros when defining memory layout.
Move constants from 2api.h to an independent file in order
to allow for coreboot to use these constants in its memlayout
file, without needing to include the entire vboot API.
Note this commit creates two new header files:
- firmware/2lib/include/2constants.h: contains the constants
- firmware/include/vb2_constants.h: externally importable header
Also, rename VB2_WORKBUF_RECOMMENDED_SIZE to
VB2_FIRMWARE_WORKBUF_RECOMMENDED_SIZE for clarity.
BUG=b:124141368, b:124192753
TEST=Build locally
TEST=/work/vboot/src/repohooks/pre-upload.py
TEST=make clean && make runtests
TEST=make clean && COV=1 make coverage && make coverage_html
BRANCH=none
Change-Id: Id17c6955b67e51cb048b10b4be0901c0e9110a1f
Signed-off-by: Joel Kitching <kitching@google.com>
Reviewed-on: https://chromium-review.googlesource.com/1504490
Commit-Ready: Joel Kitching <kitching@chromium.org>
Tested-by: Joel Kitching <kitching@chromium.org>
Reviewed-by: Hung-Te Lin <hungte@chromium.org>
Reviewed-by: Randall Spangler <rspangler@chromium.org>
Reviewed-by: Julius Werner <jwerner@chromium.org>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Futility has two debug facilities: the Debug() function that can be
enabled by passing --debug on the command line, and the VB2_DEBUG()
macro (mostly in common code from the firmware/ directory that it
includes) which can only be enabled by passing DEBUG=1 at build time.
This is confusing and inconvenient, since you don't always want to
rebuild futility whenever you need that extra debug output and it's not
very obvious that you can get even more debugging beyond just passing
--debug.
This patch resolves the inconsistency by merging both facilities
together into a single VB2_DEBUG() that is output when passing --debug.
In order to make this work, we'll have to move the VBOOT_DEBUG #define
so that it only affects the stub implementation of vb2ex_printf(), and
any caller overriding the stub is in charge of their own destiny. This
should be okay since callers can still individually implement debugging
policy in their versions of vb2ex_printf() if they want to. (This may
have been useful to cut down the binary space for debugging strings, but
our firmware has always been unconditionally enabling VBOOT_DEBUG in the
past years, so that doesn't seem to be very important in practice.)
BRANCH=None
BUG=None
TEST=Ran futility --debug show, noticed I got all the extra keyblock
verification debug output I always wanted.
Change-Id: I9a5c205fc3673941b50f03f2a967b1be110a1555
Signed-off-by: Julius Werner <jwerner@chromium.org>
Reviewed-on: https://chromium-review.googlesource.com/1504140
Commit-Ready: ChromeOS CL Exonerator Bot <chromiumos-cl-exonerator@appspot.gserviceaccount.com>
Reviewed-by: Hung-Te Lin <hungte@chromium.org>
Reviewed-by: Randall Spangler <rspangler@chromium.org>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
BUG=b:124297157
TEST=make runtest
test on device
BRANCH=none
CQ-DEPEND=CL:1466822
Change-Id: Ic3b1b502b1aff14a795397da3024f8a12eb04775
Reviewed-on: https://chromium-review.googlesource.com/1466290
Commit-Ready: Mathew King <mathewk@chromium.org>
Tested-by: Mathew King <mathewk@chromium.org>
Reviewed-by: Julius Werner <jwerner@chromium.org>
Reviewed-by: Mathew King <mathewk@chromium.org>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Rename VB2_DISABLE_DEVELOPER_MODE to VB2_CONTEXT_DISABLE_DEVELOPER_MODE.
Flag name should be consistent with others in vb2_context_flags.
VB2_DISABLE_DEVELOPER_MODE should be removed in subsequent CL.
BUG=b:124141368
TEST=Build locally
BRANCH=none
Change-Id: I42260205e9e27b4bd382cdf69962917d41ca882a
Reviewed-on: https://chromium-review.googlesource.com/1460645
Commit-Ready: ChromeOS CL Exonerator Bot <chromiumos-cl-exonerator@appspot.gserviceaccount.com>
Tested-by: Joel Kitching <kitching@chromium.org>
Reviewed-by: Joel Kitching <kitching@chromium.org>
Reviewed-by: Julius Werner <jwerner@chromium.org>
|
