summaryrefslogtreecommitdiff
path: root/firmware/bdb
Commit message (Collapse)AuthorAgeFilesLines
* vboot: bulk fix tabs and spacing inconsistencyJoel Kitching2018-08-032-8/+8
| | | | | | | | | | | | | | | | | | | Problem files were found with: find . -name '*.c' -o -name '*.h' | xargs grep '^ [^*]' and edited manually. Ignores utility/ and cgpt/, since they seem to globally adhere to a two-space tab convention. BUG=None TEST=make clean runtests TEST=emerge vboot_reference depthcharge Change-Id: I5a678484a119c8f1911f717e1968bdb4f1a0810f Reviewed-on: https://chromium-review.googlesource.com/1160131 Commit-Ready: Joel Kitching <kitching@chromium.org> Tested-by: Joel Kitching <kitching@chromium.org> Reviewed-by: Randall Spangler <rspangler@chromium.org>
* expand the BDB acronym in a few key placesstabilize-9093.BMike Frysinger2016-12-141-1/+1
| | | | | | | | | | | | | | | | For people not readily familiar with the BDB acronym, expand it in a few README files and usage strings. BUG=None TEST=looked at help output BRANCH=None Change-Id: I2523e1a289815dd0eaea093c086bc75093579808 Reviewed-on: https://chromium-review.googlesource.com/414244 Commit-Ready: Mike Frysinger <vapier@chromium.org> Tested-by: Mike Frysinger <vapier@chromium.org> Reviewed-by: Randall Spangler <rspangler@chromium.org> Reviewed-by: Vadim Bendebury <vbendeb@chromium.org>
* bdb: Add bdb_get_hash_by_indexDaisuke Nojiri2016-10-112-4/+31
| | | | | | | | | | | | | | | | bdb_get_hash_by_index returns a hash entry from a BDB using an index. bdb_get_hash is also renamed to bdb_get_hash_by_type. bdb_get_hash is deprecated. Callers are expected to call bdb_get_hash_by_index(buf, 0) instead. BUG=none BRANCH=none TEST=make runtests Change-Id: Id99926123c0ac9094574eb057c63f79eceda2867 Signed-off-by: Daisuke Nojiri <dnojiri@chromium.org> Reviewed-on: https://chromium-review.googlesource.com/392947 Reviewed-by: Randall Spangler <rspangler@chromium.org>
* bdb: Add 'bdb --resign' to futilityDaisuke Nojiri2016-10-042-2/+90
| | | | | | | | | | | | | | | | | 'resign' sub-command signs a BDB using keys provided. It can resign only the data key, the hashes, or both. Required keys vary depending on what part of BDB is invalid and on what public key is specified in the command line. It then detects what key is needed based on the verification result and fails if the required key is not provided. BUG=chromium:649554 BRANCH=none TEST=make runtests. Ran futility bdb --create, --add, --resign, --verify Change-Id: I589a5972f1d7e5066eb56e1c5efb4ee7089d41cd Signed-off-by: Daisuke Nojiri <dnojiri@chromium.org> Reviewed-on: https://chromium-review.googlesource.com/387118 Reviewed-by: Randall Spangler <rspangler@chromium.org>
* bdb: Add 'bdb --add' to futilityDaisuke Nojiri2016-10-041-6/+6
| | | | | | | | | | | | | | | | futility bdb --add appends a new hash entry to the given BDB. The resulting BDB does not have a valid signature and is expected to be resigned by 'resign' sub-command after all hashes are added. BUG=chromium:649554 BRANCH=none TEST=make runtest. Ran futility bdb --add, then --resign, then --verify (to be implemented) Change-Id: Icdf185f8ac268a23bb3954f5e78df6f80e749e18 Signed-off-by: Daisuke Nojiri <dnojiri@chromium.org> Reviewed-on: https://chromium-review.googlesource.com/387117 Reviewed-by: Randall Spangler <rspangler@chromium.org>
* bdb: Assign different codes for data validation errorsDaisuke Nojiri2016-10-042-2/+4
| | | | | | | | | | | | | | | | | This patch adds BDB_ERROR_DATA_CHECK_SIG and BD_ERROR_DATA_SIGNED_SIZE to distiniguish data signature validation errors. 'futility bdb --resign' uses these to decide whether to resign is needed or not. BUG=chromium:649554 BRANCH=none TEST=make runtests Change-Id: I19137801ece2424ae575092c51d02664c8b73ba3 Signed-off-by: Daisuke Nojiri <dnojiri@chromium.org> Reviewed-on: https://chromium-review.googlesource.com/386795 Reviewed-by: Randall Spangler <rspangler@chromium.org>
* bdb: Add bdb_extendDaisuke Nojiri2016-10-012-10/+28
| | | | | | | | | | | | | bdb_extend prints out secrets derived from the given BDS based on the given BDB. BUG=chromium:649555 BRANCH=none TEST=make runtests. Ran bdb_extend -s bds.bin -b bdb.bin (with/without -m) Change-Id: I8d9f73468992dad4cb93a422c0eae0977be9a16f Signed-off-by: Daisuke Nojiri <dnojiri@chromium.org> Reviewed-on: https://chromium-review.googlesource.com/385539
* bdb: Add functions to get attributes of BDB componentsDaisuke Nojiri2016-10-012-1/+42
| | | | | | | | | | | | | | These APIs return size and offsets of BDB components. They help code look more descriptive. BUG=none BRANCH=none TEST=make runtests Change-Id: I29326e249d9f2b88d5716f878f8415703f63360c Signed-off-by: Daisuke Nojiri <dnojiri@chromium.org> Reviewed-on: https://chromium-review.googlesource.com/388813 Reviewed-by: Randall Spangler <rspangler@chromium.org>
* bdb: Add secret deriving code for SP-RODaisuke Nojiri2016-10-015-91/+282
| | | | | | | | | | | | | | | | | This patch adds code which dervies secrets from BDS. It's supposed to be done by SP-RO, hence the code is mostly useful for testing (or emulation). vba_extend_secrets_ro takes a function pointer to a hash extend function. It'll be used to try different sha256 extend algorithms. BUG=chromium:649555 BRANCH=none TEST=make runtests Change-Id: I8fef6b851fb84686d8bcdd948b36160016687c51 Signed-off-by: Daisuke Nojiri <dnojiri@chromium.org> Reviewed-on: https://chromium-review.googlesource.com/384354 Reviewed-by: Randall Spangler <rspangler@chromium.org>
* bdb: Make bdb_verify accept null pointer for key digestDaisuke Nojiri2016-10-012-2/+6
| | | | | | | | | | | | | | | If key digest matching is not required (i.e. verify-bdb-key efuse flag is not set), bdb_verify skips digest matching. This change makes bdb_verify accept null pointer for the key digest parameter. BUG=chromium:649555 BRANCH=none TEST=make runtests Change-Id: I14e5bd02526684b7b7bca1e1701cf04056df83ea Signed-off-by: Daisuke Nojiri <dnojiri@chromium.org> Reviewed-on: https://chromium-review.googlesource.com/385538 Reviewed-by: Randall Spangler <rspangler@chromium.org>
* bdb: Define RSA symbols non-weaklyDaisuke Nojiri2016-09-261-4/+0
| | | | | | | | | | | | | | | | | | | | | | | | | | | Defining these symbols weakly causes the output executable to hit segmentation fault because ld chooses *UND* symbols over the definition when they appear in *.a archive: $ objdump -t build/libvboot_utilbdb.a bdb.o: 0000000000000000 w *UND* 0000000000000000 bdb_rsa4096_verify ... rsa.o 000000000000061f w F .text 0000000000000111 bdb_rsa4096_verify ... This happens regardless whether the symbol is referenced or not; or whether the object defining the symbol appears earlier than the reference or not. BUG=none BRANCH=none TEST=make runtests Change-Id: Ib53a9010f2afdc2ba59369fb145aef4381db30d3 Signed-off-by: Daisuke Nojiri <dnojiri@chromium.org> Reviewed-on: https://chromium-review.googlesource.com/387905 Reviewed-by: Randall Spangler <rspangler@chromium.org>
* Fix coverity warnings in firmwareRandall Spangler2016-09-061-0/+1
| | | | | | | | | | | | | | Assorted minor code issues, which we should fix so any new errors stand out more. BUG=chromium:643769 BRANCH=none TEST=make runtests Change-Id: I84182df0d0e222f4f60206c621ec62e1ee283adb Signed-off-by: Randall Spangler <rspangler@chromium.org> Reviewed-on: https://chromium-review.googlesource.com/380697 Reviewed-by: Stefan Reinauer <reinauer@chromium.org>
* bdb: Add nvmrw_get and nvmrw_setDaisuke Nojiri2016-07-112-0/+118
| | | | | | | | | | | | | These internal APIs are used to get and set values in NVM-RW variables. BUG=chrome-os-partner:51907 BRANCH=tot TEST=make runtests Change-Id: Ibae1836cb569fe89dd2c8249f76c66b78b1c2cf4 Signed-off-by: Daisuke Nojiri <dnojiri@chromium.org> Reviewed-on: https://chromium-review.googlesource.com/356691 Reviewed-by: Randall Spangler <rspangler@chromium.org>
* bdb: Add secrets librarystabilize-8530.Bstabilize-8530.96.Bstabilize-8530.93.Bstabilize-8530.89.Bstabilize-8530.80.Bstabilize-8530.77.Bstabilize-8530.71.Bstabilize-8530.35.Bstabilize-8516.Brelease-R53-8530.BDaisuke Nojiri2016-06-235-0/+203
| | | | | | | | | | | | | | The secrets library clears, extends, and derives secrets which are used by vboot SoC. BUG=chrome-os-partner:51907 BRANCH=tot TEST=make runtests Change-Id: I38c93fd450364792cebc942694f848e10d0e9502 Signed-off-by: Daisuke Nojiri <dnojiri@chromium.org> Reviewed-on: https://chromium-review.googlesource.com/349252 Reviewed-by: Randall Spangler <rspangler@chromium.org>
* bdb: Add vba_update_bucDaisuke Nojiri2016-06-224-0/+86
| | | | | | | | | | | | | vba_update_buc writes a BUC (boot unlock code) to NVM-RW. It will be called by AP-RW to update a BUC. BUG=chrome-os-partner:51907 BRANCH=tot TEST=make runtests Change-Id: Ic91f34b60b11ebce948bce01993ddb44519a59b8 Signed-off-by: Daisuke Nojiri <dnojiri@chromium.org> Reviewed-on: https://chromium-review.googlesource.com/346233
* bdb: Add NVM libraryDaisuke Nojiri2016-05-206-0/+445
| | | | | | | | | | | | | | This patch adds NVM library, which verifies, updates, and syncs NVM-RW of vboot SoC. BUG=chrome-os-partner:51907 BRANCH=tot TEST=make runtests Change-Id: I5adc399f9e582bd9ea7d9ee73482ed9a924837e0 Signed-off-by: Daisuke Nojiri <dnojiri@chromium.org> Reviewed-on: https://chromium-review.googlesource.com/343121 Reviewed-by: Daisuke Nojiri <dnojiri@google.com>
* bdb: Add vba_bdb_initDaisuke Nojiri2016-05-074-0/+220
| | | | | | | | | | | | | | | | | | | vba_bdb_init initializes the vboot context and decides what to do next based on the vboot register content. Possible actions are: 1. proceed to verify the current slot 2. reset to try the other slot 3. reset to recovery mode bdb_sprw_test demonstrates these actions. BUG=chrome-os-partner:51907 BRANCH=tot TEST=make runtests Change-Id: If72cdd575d09b9162a871f088064ca853b7fd74d Signed-off-by: Daisuke Nojiri <dnojiri@chromium.org> Reviewed-on: https://chromium-review.googlesource.com/342604 Reviewed-by: Randall Spangler <rspangler@chromium.org>
* bdb: Add vboot_register.hDaisuke Nojiri2016-05-071-0/+22
| | | | | | | | | | | | | | vboot_register.h lists definitions for vboot registers. Vboot registers are used to transfer information between modules (coreboot & depthcharge) or boots. BUG=chrome-os-partner:51907 BRANCH=tot TEST=make runtests Change-Id: Ie0876fefb43d3e79a8f96e8f25f99f798892a056 Signed-off-by: Daisuke Nojiri <dnojiri@chromium.org> Reviewed-on: https://chromium-review.googlesource.com/342603
* bdb: Rename subkey to datakeystabilize-8282.Bfirmware-gale-8281.BDaisuke Nojiri2016-05-045-31/+31
| | | | | | | | | | | | | | This patch replaces subkey with datakey to make name use consistent with the design document. BUG=chrome-os-partner:51908 BRANCH=tot TEST=make runtests Change-Id: I3690abd51e6c18c5a1094a8449f375d803c7e0b2 Signed-off-by: Daisuke Nojiri <dnojiri@chromium.org> Reviewed-on: https://chromium-review.googlesource.com/342199 Reviewed-by: Randall Spangler <rspangler@chromium.org>
* bdb: Replace sha functions with vb2 libraryDaisuke Nojiri2016-05-043-216/+13
| | | | | | | | | | | | | | BDB has its own implementation of SHA256. This patch replaces it with the one implemented in vb2 library. BUG=chrome-os-partner:51908 BRANCH=tot TEST=build runtests Change-Id: Ida19dd49153a038fc2b2ce481cedf828818aaeaa Signed-off-by: Daisuke Nojiri <dnojiri@chromium.org> Reviewed-on: https://chromium-review.googlesource.com/342121 Reviewed-by: Randall Spangler <rspangler@chromium.org>
* bdb: Copy files from bdb to firmware/bdbDaisuke Nojiri2016-05-0411-0/+2188
Test files are copied to tests/ and the rest are copied to firmware/bdb/. BUG=chrome-os-partner:51908 BRANCH=tot TEST=make runtests Change-Id: I19f66c398e69037f00812a789854340a9690fef5 Signed-off-by: Daisuke Nojiri <dnojiri@chromium.org> Reviewed-on: https://chromium-review.googlesource.com/342090 Reviewed-by: Randall Spangler <rspangler@chromium.org>
View Lorry Controller Status