| Commit message (Collapse) | Author | Age | Files | Lines |
|---|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
vb2api_kernel_phase1 was previously written to read the GBB
headers, locate the recovery key, and then load it. GBB headers
are now saved directly on workbuf in firmware phase. Simply use
the vb2_gbb_read_recovery_key function to retrieve the key.
Update LoadKernel to read kernel subkey from vboot2 workbuf.
Update tests/verify_kernel.c to write subkey to vboot2 workbuf.
BUG=b:124141368, chromium:954774, chromium:1038260
TEST=make clean && make runtests
BRANCH=none
Change-Id: Ia85013da34bdab68bf486014a3401d48c95b3472
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/vboot_reference/+/1651221
Tested-by: Joel Kitching <kitching@chromium.org>
Reviewed-by: Julius Werner <jwerner@chromium.org>
Commit-Queue: Joel Kitching <kitching@chromium.org>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Instead of clearing recovery requests early on in firmware
verification, defer this task until kernel verification has
begun.
If the system is rebooted for any non-vboot-related reason when
entering recovery mode (e.g. FSP initialization), the recovery
request will still be available in nvdata.
Additionally, relocate the reboot triggered by memory training
into VbSelectAndLoadKernel.
BUG=b:124141368, b:35576380
TEST=make clean && make runtests
BRANCH=none
Change-Id: I787e45c7ed4f2bebf570bb9c1a8e9e371f2a040b
Signed-off-by: Joel Kitching <kitching@google.com>
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/vboot_reference/+/1940398
Tested-by: Joel Kitching <kitching@chromium.org>
Reviewed-by: Julius Werner <jwerner@chromium.org>
Commit-Queue: Joel Kitching <kitching@chromium.org>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Piping something into 'grep -q' when the shell option '-o pipefail' is
set is racy: 'grep -q' exits immediately after seeing the first
occurence of the pattern, so if the process at the front of the pipe
hasn't written all its data into the pipe buffer yet, it will still try
to write more after grep has already exited and die with a SIGPIPE.
The recommended solution seems to be using a <<<"herestring" instead.
(Also add the test's return code to the FAILED output in
run_test_scripts.sh to aid future test script debugging.)
BRANCH=None
BUG=chromium:1048048
TEST=make runtests
Change-Id: I2f2589f223d9179d694565f5733535d4270699ea
Signed-off-by: Julius Werner <jwerner@chromium.org>
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/vboot_reference/+/2039946
Reviewed-by: Joel Kitching <kitching@chromium.org>
Reviewed-by: Hung-Te Lin <hungte@chromium.org>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Refactored wilco-specific functions related to setting
serial numbers to their own file and diagnostic UI feature
BUG=b:138812835
BRANCH=None
TEST=emerge-drallion vboot_reference, flashed drallion and tested vendor
data setting
Related to chromium:1983248, chromium:1926508, chrome-internal:2180149
Change-Id: I02b2a62943ea60af007b6fc084b74e990062f3c3
Signed-off-by: Pranay Shoroff <pshoroff@google.com>
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/vboot_reference/+/1999050
Reviewed-by: Mathew King <mathewk@chromium.org>
Reviewed-by: Joel Kitching <kitching@chromium.org>
Tested-by: Mathew King <mathewk@chromium.org>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Use tests/common.sh instead of tests/futility/common.sh.
Correct SCRIPT_DIR value to allow running run_test_scripts.sh
standalone without using Makefile.
BUG=b:124141368, chromium:605348
TEST=make clean && make runfutiltests
BRANCH=none
Change-Id: I107952826ea9a3a3816d9c13206aa48bee63ac6c
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/vboot_reference/+/2014236
Tested-by: Joel Kitching <kitching@chromium.org>
Commit-Queue: Joel Kitching <kitching@chromium.org>
Reviewed-by: Julius Werner <jwerner@chromium.org>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
- Clean up install paths. The ebuild was adding /usr in the
MINIMAL=1 case, making it look virtually exactly the same
as the non-MINIMAL case. Just unify the two.
- Introduce SDK_BUILD variable to take over part of the
functionality previously implemented by MINIMAL.
- One may now use rununittests for quick test runs instead
of setting MINIMAL=1.
- runtestscripts is added to the default test set under
"runtests". runfutiltests is not yet enabled due to
flakiness (see chromium:1048048).
- Remove unused LZMA_LIBS and YAML_LIBS.
- Stop installing dev-mode-only scripts into /usr/bin for
an SDK build (VB_DIR). Presumably this was meant for board
builds, but since everyone is used to these scripts living
in /usr/share/vboot/bin, we may as well keep them there.
- Stop installing crossystem for an SDK build.
- Group SIGNING_SCRIPTS into UTIL_SCRIPTS_BOARD.
- Have install_for_test depend on test_setup instead of
vice versa. Targets which run tests should depend on
install_for_test.
BUG=b:124141368, chromium:605348, chromium:1048048
TEST=make clean && make runtests
TEST=make clean && make rununittests
TEST=sudo emerge vboot_reference, check installed files
TEST=emerge-eve vboot_reference, check installed files
TEST=USE=fuzzer emerge-eve vboot_reference
TEST=FEATURES=test USE=fuzzer emerge-eve vboot_reference
BRANCH=none
Change-Id: I203e69143e40ee42729488bf0ab59f5120649bd1
Cq-Depend: chromium:2012183
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/vboot_reference/+/2012182
Reviewed-by: Joel Kitching <kitching@chromium.org>
Tested-by: Joel Kitching <kitching@chromium.org>
Commit-Queue: Joel Kitching <kitching@chromium.org>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
My goal in CL:1963614 was to write struct vb2_hash such that it can
match the exisiting binary representation of the CBFS hash attribute,
but no longer be dependent on endianness. Unfortunately I screwed up...
if you want to match the binary representation of a big-endian integer
for small numbers, the important byte you're interested in is the *last*
one, not the first.
Thankfully we still have time to fix the issue before this struct is
really used anywhere, so this patch does that and adds a test to double
check I got it right this time.
Also clarify comments about how vboot is allowed to use this struct a
bit to match the indended usage I'm planning in coreboot. In doing that
I realized that you actually don't want to make it easy to sizeof() the
|bytes| portion of the struct (because functions shouldn't rely on that
size anyway, they should only touch what's valid for a given hash
algorithm), so taking that out which also makes it a little more
comfortable to work with the struct.
BRANCH=none
BUG=none
TEST=make runtests
Change-Id: I7e1a19f36d75acb69e5d1bfa79700c9d878f9703
Signed-off-by: Julius Werner <jwerner@chromium.org>
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/vboot_reference/+/2019952
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Looks like UBSAN doesn't like zero-length arrays. We use those all the
time in firmware, but I guess that's the reason we don't even try to run
UBSAN on the real firmware repos. For this particular case in vboot's
tests, it's easy enough to work around.
BRANCH=None
BUG=chromium:1043405
TEST=make runtests
Change-Id: Ia799fdc57ee17dc46b55920dd1d2601adf98d3f7
Signed-off-by: Julius Werner <jwerner@chromium.org>
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/vboot_reference/+/2008766
Reviewed-by: Joel Kitching <kitching@chromium.org>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
In vboot 2 design, secdata spaces are read/written by the vboot
caller, and not by vboot itself. We still need to maintain a
vb2ex_commit_data callback for edge cases, such as when the vboot
UI prompts the user to reboot.
BUG=b:124141368, chromium:972956
TEST=Build locally, flash and boot eve,
check logs for secdata writes and locks
TEST=make clean && make runtests
BRANCH=none
Change-Id: Ib3b628549185749a290dd65e297f2e19adecbc66
Cq-Depend: chromium:1958012
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/vboot_reference/+/1958070
Reviewed-by: Joel Kitching <kitching@chromium.org>
Commit-Queue: Joel Kitching <kitching@chromium.org>
Tested-by: Joel Kitching <kitching@chromium.org>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Recovery reason should be passed into vboot kernel verification
API using vboot 2 data structures. Upon arrival, translate to
vboot 1 data structures for legacy purposes.
Also switch to using vboot 2 recovery_reason field in other parts
of vboot code.
BUG=b:124141368, chromium:1038260
TEST=make clean && make runtests
BRANCH=none
Change-Id: Ic590db46d57ffbd8829f8f3ad784ea46184ceabc
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/vboot_reference/+/2008534
Commit-Queue: Joel Kitching <kitching@chromium.org>
Tested-by: Joel Kitching <kitching@chromium.org>
Reviewed-by: Yu-Ping Wu <yupingso@chromium.org>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
With CL:1988245, vb2_context flag VB2_CONTEXT_EC_SYNC_SUPPORTED is set
in depthcharge. Set VBSD_EC_SOFTWARE_SYNC in shared data based on the
presence of VB2_CONTEXT_EC_SYNC_SUPPORTED.
BRANCH=none
BUG=chromium:1038259, chromium:1042135
TEST=FEATURES=test emerge-nami vboot_reference
Cq-Depend: chromium:1988245
Change-Id: Ia1dd57858234bbc43f25517f416b7506c1b7919a
Signed-off-by: Yu-Ping Wu <yupingso@chromium.org>
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/vboot_reference/+/1988246
Reviewed-by: Joel Kitching <kitching@chromium.org>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
The vboot 1 flags are not used in userspace, so they may be
deprecated. The vboot 2 flags are converted to use compile-time
options instead.
BUG=b:124141368, chromium:1038259
TEST=make clean && make runtests
BRANCH=none
Change-Id: I0bd63a6f4dd0f29d416beacb966c99b16b5efabd
Signed-off-by: Joel Kitching <kitching@google.com>
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/vboot_reference/+/2004256
Reviewed-by: Yu-Ping Wu <yupingso@chromium.org>
Commit-Queue: Joel Kitching <kitching@chromium.org>
Tested-by: Joel Kitching <kitching@chromium.org>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Auxfw sync used to be guarded by both VB2_GBB_FLAG_DISABLE_EC_SOFTWARE_SYNC
and VB2_CONTEXT_EC_SYNC_SUPPORTED. Now that the EC and AUXFW sync are
fully decoupled, there are scenarios where it may make sense to do auxfw
sync independent of EC sync, such as early bringup.
BUG=chromium:1041879
BRANCH=none
TEST=make runtests
Change-Id: I07948b0317119231ec0287d663a3d8b92259fd6b
Signed-off-by: Tim Wawrzynczak <twawrzynczak@chromium.org>
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/vboot_reference/+/2004942
Reviewed-by: Julius Werner <jwerner@chromium.org>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
This patch changes vb2_firmware_tests to run multiple times with
different combinations of signature and hash algorithms. The goal is to
have more confidence that our recommended work buffer size is still big
enough even if we changed algorithm combinations in an RW update. It
also changes the underlying vb20_verify_fw to not just print the amount
of work buffer used at the end, but to detect the actual high water mark
of work buffer used during the test.
Also add some fallback definitions for undefined environment variables
to tests/common.sh which helps running individual test scripts without
the Makefile harness.
BRANCH=None
BUG=None
TEST=make runtests
Change-Id: I14519cd7c76a9886bd11ebf5312458ab658e6f75
Signed-off-by: Julius Werner <jwerner@chromium.org>
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/vboot_reference/+/1967976
Reviewed-by: Joel Kitching <kitching@chromium.org>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
I'm prototyping some coreboot code to closer integrate vboot with CBFS
(per-file hashing and that stuff). While doing that, I noticed that it
would be neat to have a standardized serializable representation for any
kind of vboot hash. We already have something like that in CBFS
attributes, but if we want to use it more generally it makes more sense
to put it in vboot. This patch adds a suitable structure defintion to
2sha.h and two utility functions that can be used to work with it.
Also add alloca() because I need it and fix the return types of
vb2_..._size(), because those are just plain wrong.
BRANCH=None
BUG=None
TEST=make runtests
Change-Id: I4b535ad43704693463fb114d6a81d2b5689a87b9
Signed-off-by: Julius Werner <jwerner@chromium.org>
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/vboot_reference/+/1963614
Reviewed-by: Joel Kitching <kitching@chromium.org>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
No additional features added, simply moved tests relating to setting
vendor data to a separate function
BUG=b:138812835
BRANCH=none
TEST=Run 'FEATURES=test emerge-drallion vboot_reference' and
verify tests run
Change-Id: Ib9c1d32a4cd149c0e5eb464b7f9b4b17839c42d3
Signed-off-by: Pranay Shoroff <pshoroff@google.com>
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/vboot_reference/+/1999043
Reviewed-by: Joel Kitching <kitching@chromium.org>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Also clean up a few lines setting unneeded flags and fields in
tests, and add conditionals to check for VBSD in vboot_display.c.
BUG=b:124141368, chromium:1038260
TEST=make clean && make runtests
BRANCH=none
Change-Id: I84438d00777516354529b1e6ee4d04f7947ff971
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/vboot_reference/+/1992856
Reviewed-by: Yu-Ping Wu <yupingso@chromium.org>
Tested-by: Joel Kitching <kitching@chromium.org>
Commit-Queue: Joel Kitching <kitching@chromium.org>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Use vboot 2 flags for checking whether dev mode is enabled, and
whether manual recovery was requested.
VBSD_BOOT_DEV_SWITCH_ON --> VB2_SD_FLAG_DEV_MODE_ENABLED
VBSD_BOOT_REC_SWITCH_ON --> VB2_SD_FLAG_MANUAL_RECOVERY
BUG=b:124141368, chromium:1038260
TEST=make clean && make runtests
BRANCH=none
Change-Id: Idb439f658391f46170704a0fd614853054e1c64d
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/vboot_reference/+/1992852
Tested-by: Joel Kitching <kitching@chromium.org>
Reviewed-by: Yu-Ping Wu <yupingso@chromium.org>
Commit-Queue: Joel Kitching <kitching@chromium.org>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Deprecate:
PublicKeyInit --> vb2_init_packed_key
PublicKeyCopy --> vb2_copy_packed_key
Rename:
packed_key_looks_ok --> vb2_packed_key_looks_ok
Move vb2_packed_key_looks_ok from host_key.c to host_key2.c.
Move tests/vboot_common_tests.c to tests/vb2_host_key_tests.c.
Remove firmware/lib/vboot_common.c.
Remove host/lib/host_key.c.
BUG=b:124141368, chromium:968464
TEST=make clean && make runtests
BRANCH=none
Change-Id: I627b2af0416ac69460f9860614a69cad8bdb76a7
Signed-off-by: Joel Kitching <kitching@google.com>
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/vboot_reference/+/1844597
Tested-by: Joel Kitching <kitching@chromium.org>
Reviewed-by: Joel Kitching <kitching@chromium.org>
Commit-Queue: Joel Kitching <kitching@chromium.org>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Also rename tests.
BUG=b:124141368, chromium:968464
TEST=make clean && make runtests
BRANCH=none
Change-Id: Ic79e7bc233ab93283d2be78ca9a08322b317d11d
Signed-off-by: Joel Kitching <kitching@google.com>
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/vboot_reference/+/1844600
Tested-by: Joel Kitching <kitching@chromium.org>
Reviewed-by: Joel Kitching <kitching@chromium.org>
Commit-Queue: Joel Kitching <kitching@chromium.org>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Instead of calling VbExGetSwitches to essentially retrieve a
compile-time config value from depthcharge, send this config
value to vboot_reference as a build flag.
Add a test based on the value of USB_BOOT_ON_DEV.
BUG=b:124141368, chromium:1035761
TEST=make clean && make runtests
TEST=Add CONFIG_USB_BOOT_ON_DEV to defconfig and flash to device
Switch to dev mode and confirm dev_boot_usb with crossystem
BRANCH=none
Change-Id: I70a2e3fcd8c5cc252ca3d0eed81490a08503d7b3
Cq-Depend: chromium:1975346
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/vboot_reference/+/1975450
Reviewed-by: Yu-Ping Wu <yupingso@chromium.org>
Commit-Queue: Joel Kitching <kitching@chromium.org>
Tested-by: Joel Kitching <kitching@chromium.org>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Remove VbSharedDataInit, VbSharedDataReserve,
VbSharedDataSetKernelKey, along with their corresponding tests.
In tests/verify_kernel and utility/load_kernel_test, just copy the
kernel subkey manually for now, until we update LoadKernel to
retrieve the key from vboot2 workbuf instead.
BUG=b:124141368, chromium:968464
TEST=make clean && make runtests
BRANCH=none
Change-Id: I7055be10f0d7a38502fd8108f0bc93c5b78f06c9
Signed-off-by: Joel Kitching <kitching@google.com>
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/vboot_reference/+/1844598
Reviewed-by: Joel Kitching <kitching@chromium.org>
Commit-Queue: Joel Kitching <kitching@chromium.org>
Tested-by: Joel Kitching <kitching@chromium.org>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
We used to return the firmware body size as part of vb2api_init_hash().
With persistent context and other recent developments, coreboot is
caching less data itself and relying more on vboot's data structures, so
it may now need this information at more points than just during the
hashing process. So let's create a custom function to return this.
BRANCH=hatch
BUG=b:143994765
TEST=make runtests
Cq-Depend: chromium:1965837
Change-Id: I2bc968cd163016fd0130416c2679724caad895a2
Signed-off-by: Julius Werner <jwerner@chromium.org>
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/vboot_reference/+/1965920
Reviewed-by: Mathew King <mathewk@chromium.org>
Reviewed-by: Joel Kitching <kitching@chromium.org>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
| |
Publicize check_reboot_for_display() and rename it to
vb2api_need_reboot_for_display() for depthcharge to use.
BRANCH=none
BUG=chromium:1030608
TEST=FEATURES=test emerge-nami vboot_reference
Change-Id: Ie6c734850b67b29c8a098c3f232888f3ab47fddf
Signed-off-by: Yu-Ping Wu <yupingso@chromium.org>
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/vboot_reference/+/1957726
Reviewed-by: Joel Kitching <kitching@chromium.org>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
For the libflashrom-compatible interface I'm working on, I needed the
ability to process data from the flashrom subprocess in a callback
function.
This adds a new type of subprocess_target, TARGET_CALLBACK, which can
read and write to/from a callback function.
BUG=chromium:478356
BRANCH=none
TEST=provided unit tests
Change-Id: I20b71000fc2b6b297a8617d2b03d0e91813007d1
Signed-off-by: Jack Rosenthal <jrosenth@chromium.org>
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/vboot_reference/+/1959944
Reviewed-by: Julius Werner <jwerner@chromium.org>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Also remove unused preamble structs in vboot_struct.h.
BUG=b:124141368, chromium:968464
TEST=make clean && make runtests
BRANCH=none
Change-Id: I8b41f24b55eba91b1f952415eda1b532732848eb
Signed-off-by: Joel Kitching <kitching@google.com>
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/vboot_reference/+/1844601
Tested-by: Joel Kitching <kitching@chromium.org>
Reviewed-by: Julius Werner <jwerner@chromium.org>
Commit-Queue: Joel Kitching <kitching@chromium.org>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Just resolving some style comments left on CL:1955805. The CL merged
by CQ before I noticed the comments.
BUG=none
BRANCH=none
TEST=compiles
Change-Id: I286343e3ee2ecb4cb6092ca99fa46c4a80442e03
Signed-off-by: Jack Rosenthal <jrosenth@chromium.org>
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/vboot_reference/+/1957760
Tested-by: Julius Werner <jwerner@chromium.org>
Reviewed-by: Julius Werner <jwerner@chromium.org>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
This is a powerful library for interacting with processes. We'll be
able to clean up much of the code which manually sets up the pipes and
calls exec* with this well-tested and expressive abstraction.
This code will initially be used in crossystem for calling out to
flashrom instead of relying on mosys.
BUG=chromium:1030473
BRANCH=none
TEST=provided unit tests
Change-Id: I56f28419406d0b1299bb91058dd4500079b2435e
Signed-off-by: Jack Rosenthal <jrosenth@chromium.org>
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/vboot_reference/+/1955805
Reviewed-by: Julius Werner <jwerner@chromium.org>
Reviewed-by: Joel Kitching <kitching@chromium.org>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
This function was added with the sole intended user being
BCB support on the depthcharge side.
Now that BCB is deprecated, we can remove it.
BUG=b:124141368, chromium:956474
TEST=make clean && make runtests
BRANCH=none
Change-Id: I4a99c540951b5e160bf50bcb790091d1df6eefc3
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/vboot_reference/+/1954975
Tested-by: Joel Kitching <kitching@chromium.org>
Reviewed-by: Julius Werner <jwerner@chromium.org>
Commit-Queue: Joel Kitching <kitching@chromium.org>
|
| |
|
|
|
|
|
|
|
|
|
|
|
| |
BUG=b:124141368
TEST=make clean && make runtests
BRANCH=none
Change-Id: I7daf97a88c71ff188c5812a30ca71d6c84823ae9
Signed-off-by: Joel Kitching <kitching@google.com>
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/vboot_reference/+/1844595
Tested-by: Joel Kitching <kitching@chromium.org>
Commit-Queue: Joel Kitching <kitching@chromium.org>
Reviewed-by: Julius Werner <jwerner@chromium.org>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Convert LoadKernel and TryLoadKernel to use vboot2-style error
codes. Error codes are renamed as follows:
VBERROR_NO_KERNEL_FOUND
--> VB2_ERROR_LK_NO_KERNEL_FOUND
VBERROR_INVALID_KERNEL_FOUND
--> VB2_ERROR_LK_INVALID_KERNEL_FOUND
VBERROR_NO_DISK_FOUND
--> VB2_ERROR_LK_NO_DISK_FOUND
Remove these error codes:
VBERROR_LOAD_KERNEL_RECOVERY
Remove VBSD_BOOT_DEV_SWITCH_ON check in vb2_developer_ui
to align vboot_ui and vboot_ui_menu functionality.
VBERROR_LOAD_KERNEL
Unused.
BUG=b:124141368, chromium:988410
TEST=make clean && make runtests
BRANCH=none
Change-Id: I90389c6629cc6055c4a4acbbbdd358bb79b63bf7
Signed-off-by: Joel Kitching <kitching@google.com>
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/vboot_reference/+/1728297
Tested-by: Joel Kitching <kitching@chromium.org>
Commit-Queue: Joel Kitching <kitching@chromium.org>
Reviewed-by: Joel Kitching <kitching@chromium.org>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
EC software sync should not be performed in recovery mode, as it breaks
the vboot model.
BUG=b:145310842
BRANCH=firmware-hatch-12672.B
TEST=Verify that EC sync is skipped in recovery mode (coreboot & depthcharge)
Change-Id: I771b970b044ed2b13a1cd79f5649af92b0177ac7
Signed-off-by: Tim Wawrzynczak <twawrzynczak@chromium.org>
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/vboot_reference/+/1941037
Reviewed-by: Julius Werner <jwerner@chromium.org>
Reviewed-by: Joel Kitching <kitching@chromium.org>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Stop magically checking get_info_flags by subtracting the
expected value from vbtlk_retval. Introduce two globals
vbtlk_expect_fixed and vbtlk_expect_removable which are
checked when the mocked VbTryLoadKernel function is called.
Update some comment style and fix spacing.
BUG=b:124141368
TEST=make clean && make runtests
BRANCH=none
Change-Id: I038aa03dcff24ec06f68f6a175f992ed99feddb9
Signed-off-by: Joel Kitching <kitching@google.com>
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/vboot_reference/+/1836612
Tested-by: Joel Kitching <kitching@chromium.org>
Reviewed-by: Julius Werner <jwerner@chromium.org>
Commit-Queue: Joel Kitching <kitching@chromium.org>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
In current kernel verification code, secdata reads and writes
are spread throughout the code. vboot2's design is to use
vb2_context.secdata_* for storing the state of secdata spaces,
and have the caller (depthcharge) read/save this field when
necessary.
Centralize secdata reads/writes into the functions of
secdata_tpm.c, previously known as rollback_index.c.
Functions which directly read/write to the TPM space are modified
to use vb2_secdata_*_get and vb2_secdata_*_set.
The secure spaces get read/flushed by functions in
vboot_api_kernel.c. These calls and the underlying functions
from secdata_tpm.c will eventually be relocated to depthcharge.
Create a new external function vb2ex_commit_data, which commits
any modified nvdata/secdata. Currently the depthcharge
implementation of this function only writes nvdata, but once
secdata TPM drivers have been migrated from vboot_reference to
depthcharge, it will also commit these data spaces.
This CL also removes the VbExNvStorageRead call from
vb2_kernel_setup, and the data is instead read in depthcharge
CL:1819379, right before calling VbSelectAndLoadKernel.
As such, both the VbExNvStorageRead and VbExNvStorageWrite
functions may be removed.
Finally, create a vb2_secdata_kernel_lock function, which should
be used right before attempting to leave vboot (by booting an OS
or chainloading to another firmware). This should eventually be
exposed as a vb2ex_ API function and relocated to depthcharge.
BUG=b:124141368, chromium:972956, chromium:1006689
TEST=make clean && make runtests
BRANCH=none
Change-Id: Ifbfb21122af0bf85e22a6d3a0d48a1db7f7c25b7
Signed-off-by: Joel Kitching <kitching@google.com>
Cq-Depend: chromium:1819380, chromium:1939168
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/vboot_reference/+/1728298
Tested-by: Joel Kitching <kitching@chromium.org>
Reviewed-by: Andrey Pronin <apronin@chromium.org>
Reviewed-by: Julius Werner <jwerner@chromium.org>
Commit-Queue: Joel Kitching <kitching@chromium.org>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Rather than depending on the architecture and environment to
provide the correct memory alignment (__BIGGEST_ALIGNMENT__),
hardcode to 8, which should be sufficient for all cases.
(Previously, by using __BIGGEST_ALIGNMENT__, this is set to
16 in all known cases, which is unnecessarily large.)
Update vb2_workbuf tests to be more flexible according to
VB2_WORKBUF_ALIGN value.
BUG=b:124141368
TEST=make clean && make runtests
TEST=Try values of VB2_WORKBUF_ALIGN=2,4,8,16,32,64
BRANCH=none
Change-Id: I819586119fa3102fa423a01e0737e6864c05d752
Signed-off-by: Joel Kitching <kitching@google.com>
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/vboot_reference/+/1911921
Reviewed-by: Joel Kitching <kitching@chromium.org>
Commit-Queue: Joel Kitching <kitching@chromium.org>
Tested-by: Joel Kitching <kitching@chromium.org>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
After storing the GBB header on the workbuf, the offset of wb.buf
is stored into workbuf_used by incorrectly using ctx as the
pointer base, rather than sd (which corresponds to the start of
the workbuf). This subtracts 8 bytes from the correct value of
workbuf_used, and leaves the last 8 bytes of the GBB header
vulnerable to being overwritten with any VB2_WORKBUF_ALIGN values
less than 16.
Also update the relevant vb2_misc_tests check to account for
GBB headers with non-aligned sizes (currently it is 128 bytes).
BUG=b:124141368, chromium:1027846
TEST=Test with various VB2_WORKBUF_ALIGN values
BRANCH=none
Change-Id: I862d29155ce08df6911c277f8ce8c703ffaf1df7
Signed-off-by: Joel Kitching <kitching@google.com>
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/vboot_reference/+/1932276
Tested-by: Joel Kitching <kitching@chromium.org>
Reviewed-by: Yu-Ping Wu <yupingso@chromium.org>
Commit-Queue: Joel Kitching <kitching@chromium.org>
|
| |
|
|
|
|
|
|
|
|
|
| |
BUG=b:143094352
BRANCH=none
TEST=make clean && make runtests
Change-Id: I3665bfb10c66e2fbe3906e99cc72346748123cfb
Signed-off-by: Tim Wawrzynczak <twawrzynczak@chromium.org>
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/vboot_reference/+/1873879
Reviewed-by: Julius Werner <jwerner@chromium.org>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
This callback is redundant, because vboot takes the buffer pointer and
just passes it straight into vb2ex_ec_update_image(), so clearly the
platform must be able to find the image on its own. Remove it, and also
remove the arguments to vb2ex_ec_update_image which were the image and
its size.
BUG=none
BRANCH=none
TEST=make runtests
Cq-Depend: chromium:1910562
Change-Id: I35548cc0bde761cf08337489af0772bbdf46de4d
Signed-off-by: Tim Wawrzynczak <twawrzynczak@chromium.org>
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/vboot_reference/+/1877065
Reviewed-by: Julius Werner <jwerner@chromium.org>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Currently, the logic for updating auxfw is entangled with the logic
for performing EC software sync. This patch attempts to split them
apart, so that they can be used separately. VbSelectAndLoadKernel()
currently still performs both, EC first and then auxfw. The intended
use-case for this functionality is to perform EC software sync only in
coreboot's romstage. Unit tests were updated to ensure functionality
is effectively unchanged.
BUG=b:143094352, chromium:1016688
BRANCH=none
TEST=make clean && make runtests
Change-Id: I7bdf38694cfed83b18dd8189b8516780184ecc8e
Signed-off-by: Tim Wawrzynczak <twawrzynczak@chromium.org>
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/vboot_reference/+/1867314
Reviewed-by: Julius Werner <jwerner@chromium.org>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Remove devidx argument from internal and external functions.
Rename external API functions to vboot2 scheme (vb2ex_...).
Rename external EC-related data types to vboot2 scheme (vb2_...).
BUG=b:124141368, chromium:1016688, chromium:1017093, b:112198832, b:143094352
TEST=make clean && make runtests
BRANCH=none
Cq-Depend: chromium:1910562
Change-Id: I4ca9858a0f91a0365288c04cdb90aad0efdd7647
Signed-off-by: Joel Kitching <kitching@google.com>
Signed-off-by: Tim Wawrzynczak <twawrzynczak@chromium.org>
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/vboot_reference/+/1872255
Reviewed-by: Julius Werner <jwerner@chromium.org>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Also standardize on position and spacing of __attribute__.
BUG=b:124141368
TEST=make clean && make runtests
BRANCH=none
Change-Id: Ic61d6193c2413824837a51af98eb2dcd9ea4ab85
Signed-off-by: Joel Kitching <kitching@google.com>
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/vboot_reference/+/1902843
Commit-Queue: Joel Kitching <kitching@chromium.org>
Tested-by: Joel Kitching <kitching@chromium.org>
Reviewed-by: Julius Werner <jwerner@chromium.org>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
All devices which have a PD chip running CrOS EC code have already shipped,
and there is no intention to go back to using an "EC" for a TCPC anymore.
BUG=b:143762298,chromium:1017093
BRANCH=none
TEST=make runtests
Change-Id: I177c00581089de59e4f35608b97ef5432e8b492b
Signed-off-by: Tim Wawrzynczak <twawrzynczak@chromium.org>
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/vboot_reference/+/1895712
Tested-by: Joel Kitching <kitching@chromium.org>
Reviewed-by: Julius Werner <jwerner@chromium.org>
Reviewed-by: Joel Kitching <kitching@chromium.org>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Move vb2_context to live inside of vb2_shared_data, instead of
in a separate memory space allocated by the caller.
See design doc:
http://go/vboot2-persistent-context
BUG=b:124141368, chromium:994060
TEST=make clean && make runtests
BRANCH=none
Change-Id: If2421756572a43ba58b9da9f00e56a8f26ad3ad5
Signed-off-by: Joel Kitching <kitching@google.com>
Cq-Depend: chromium:1874753, chromium:1902339
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/vboot_reference/+/1716351
Tested-by: Joel Kitching <kitching@chromium.org>
Commit-Queue: Julius Werner <jwerner@chromium.org>
Reviewed-by: Joel Kitching <kitching@chromium.org>
Reviewed-by: Julius Werner <jwerner@chromium.org>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
After informing EC of the mode chosen by vboot, it is stored
in a global and never accessed again. Remove this function,
its calls, and its tests.
Also note some significant issues which existed:
(1) Using accessor VbGetMode for tests, rather than just
overriding VbExEcEnteringMode when needed.
(2) The tests checking the value sent to VbExEcEnteringMode
(vboot_api_kernel2_tests and vboot_detach_menu_tests)
actually call the function themselves.
BUG=b:124141368, chromium:1014379
TEST=make clean && make runtests
BRANCH=none
Change-Id: Ib8e510a1e1c663bb3f8238a9ad15e3e64d7350b0
Signed-off-by: Joel Kitching <kitching@google.com>
Cq-Depend: chromium:1864533
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/vboot_reference/+/1830239
Reviewed-by: Joel Kitching <kitching@chromium.org>
Tested-by: Joel Kitching <kitching@chromium.org>
Commit-Queue: Julius Werner <jwerner@chromium.org>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
If you read the manpage for printf *really* closely, it seems that the
%#x token only prints the 0x prefix for non-zero values. Huh... never
knew that (and our firmware implementations in fact don't honor that,
but glibc does). Anyway, I think we're fine with either behavior but
this broke the expected output for one of our futility tests, which this
patch fixes (originally broken in CL:1840191).
BRANCH=None
BUG=None
TEST=make runtests
Change-Id: Id54ff6f56e02333ab01b09b75deb16f47da01bc3
Signed-off-by: Julius Werner <jwerner@chromium.org>
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/vboot_reference/+/1885411
Reviewed-by: Joel Kitching <kitching@chromium.org>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
This patch fixes a sanitizer issue in cgpt where a GPT entries array may
have been passed even though it was not loaded from disk (parsing an
uninitialized buffer). The GPT library seems to have been written with
the assumption that both headers and entries would always be loaded and
it could recover even if only the primary header and the secondary
entries were valid. In practice, this doesn't really work because the
caller doesn't know how to read entries for an invalid header.
Therefore, change the code so that entries are only assumed to be loaded
for valid headers.
Also fix some minor problems with loading GPTs by aligning sizes up (not
down) to the next sector boundary and making sure we always allocate the
maximum amount of space for entry arrays, even if the current header may
not need that much (in case a repair wants to overwrite it).
This practically reverts CL:276766 which becomes obsolete (and was
really just a dirty hack to hide an underlying problem).
BRANCH=none
BUG=chromium:1017797
TEST=make runtests
Change-Id: I86c601dc074261d53f013b98ae214efdc44f3563
Signed-off-by: Julius Werner <jwerner@chromium.org>
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/vboot_reference/+/1885098
Reviewed-by: Mattias Nissler <mnissler@chromium.org>
Reviewed-by: Randall Spangler <rspangler@chromium.org>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Keep const (default) and non-const (_mutable suffix) versions
of `data` field accessors for vb2_signature and vb2_packed_key.
No need for separate 2packed_key.c file -- just static inline
the functions.
vb2_verify_packed_key_inside should return type vb2_error_t.
BUG=b:124141368, chromium:968464
TEST=make clean && make runtests
BRANCH=none
Change-Id: I96722a746f26abbb6e19a365ce74f0bfda0da381
Signed-off-by: Joel Kitching <kitching@google.com>
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/vboot_reference/+/1786386
Tested-by: Joel Kitching <kitching@chromium.org>
Commit-Queue: Joel Kitching <kitching@chromium.org>
Reviewed-by: Julius Werner <jwerner@chromium.org>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Move ec_sync.c to vboot2 namespace. Keep its API in vboot_api.h
for the time being.
BUG=b:124141368, chromium:1016688, b:112198832, b:143094352
TEST=make clean && make runtests
BRANCH=none
Change-Id: Ia925e93ecdcdb1a2a2724336774f48dbe0439743
Signed-off-by: Joel Kitching <kitching@google.com>
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/vboot_reference/+/1872254
Tested-by: Joel Kitching <kitching@chromium.org>
Commit-Queue: Sean Abraham <seanabraham@chromium.org>
Reviewed-by: Julius Werner <jwerner@chromium.org>
Reviewed-by: Furquan Shaikh <furquan@chromium.org>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Since these pre-historic functions have already been updated to
return vb2_error_t values, their error codes should be merged
into vb2_return_code just like was done for vboot1 error codes
in CL:1722913.
BUG=b:124141368, chromium:988410
TEST=make clean && make runtests
BRANCH=none
Change-Id: I5c64eca088a5f130fa5b420f94c85d04955948d2
Signed-off-by: Joel Kitching <kitching@google.com>
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/vboot_reference/+/1776292
Tested-by: Joel Kitching <kitching@chromium.org>
Commit-Queue: Joel Kitching <kitching@chromium.org>
Reviewed-by: Joel Kitching <kitching@chromium.org>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Use _Static_assert() instead.
BUG=b:124141368
TEST=make clean && make runtests
BRANCH=none
Change-Id: I42a18442a8bff1ab346f8ba784e9e6fc0366de9a
Signed-off-by: Joel Kitching <kitching@google.com>
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/vboot_reference/+/1786388
Tested-by: Joel Kitching <kitching@chromium.org>
Commit-Queue: Joel Kitching <kitching@chromium.org>
Reviewed-by: Julius Werner <jwerner@chromium.org>
|
