summaryrefslogtreecommitdiff
path: root/utility/dev_debug_vboot
Commit message (Collapse)AuthorAgeFilesLines
* vboot_reference: Check OS/firmware mismatch and report to UMAYuanpeng Ni2022-10-221-0/+27
| | | | | | | | | | | | | | | Compare fwid with firmware installer manifest to see if they mismatch, then report the result to UMA. BUG=b:211005753 TEST=Manual test BRANCH=None Signed-off-by: Yuanpeng Ni <yuanpengni@chromium.org> Change-Id: Id5ed7ad95f4f5439d30fdad9314e8e2b317834ab Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/vboot_reference/+/3960435 Reviewed-by: Jae Hoon Kim <kimjae@chromium.org> Reviewed-by: Hung-Te Lin <hungte@chromium.org>
* treewide: Fix copyrights and extra new lines at end of fileJakub Czapiga2022-10-211-1/+1
| | | | | | | | | | | | | BUG=none BRANCH=none TEST=make runtests Signed-off-by: Jakub Czapiga <jacz@semihalf.com> Change-Id: If93a65ba58c4973d4b344229c7ee26685395bbbf Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/vboot_reference/+/3964274 Reviewed-by: Yu-Ping Wu <yupingso@chromium.org> Commit-Queue: Jakub Czapiga <czapiga@google.com> Tested-by: Jakub Czapiga <czapiga@google.com>
* Change invocation of "gbb_utility" to "futility gbb"Hung-Te Lin2017-06-211-1/+1
| | | | | | | | | | | | | Replace commands using gbb_utility by the new 'gbb' futility command. BRANCH=none BUG=None TEST=USE=test emerge-$BOARD vboot_reference Change-Id: I8c1547d295a955373413482509a33964b0e0c06f Signed-off-by: Hung-Te Lin <hungte@chromium.org> Reviewed-on: https://chromium-review.googlesource.com/538442 Reviewed-by: Stefan Reinauer <reinauer@google.com>
* cgpt: Add support for NVMeGwendal Grignou2016-10-211-1/+1
| | | | | | | | | | | | | | | | | | | | find: A p is added betwen device name and partition whenever the last character of a device is a number, as written in disk_name() in kernel block/partition-generic.c file. debug_vboot: Add regex for nvme device. BUG=chromium:655192 BRANCH=none TEST=Check that when a machine boots from NVMe, chromeos-setgoodkernel set "successful" field properly. Run " dev_debug_vboot --cleanup", check the NVMe device kernel partitions are verified. Change-Id: I6a9342c95500fa582f51f06e48c1ff90684c2a27 Signed-off-by: Gwendal Grignou <gwendal@chromium.org> Reviewed-on: https://chromium-review.googlesource.com/398338 Reviewed-by: Mike Frysinger <vapier@chromium.org>
* Allow /etc/defaults/vboot_reference to customise some utilitiesBill Richardson2014-12-061-16/+37
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | The dev_debug_vboot program can sometimes interfere with automated firmware testing because it takes too long to read the BIOS flash. Limiting the sections of flash that are read may help, but in some cases skipping this program entirely may be better. This CL does three things: 1. dev_debug_vboot will read only some sections of the BIOS flash, falling back to reading the whole thing only if it fails at that. 2. dev_debug_vboot will source /etc/default/vboot_reference if it exists. Putting DEV_DEBUG_FORCE=1 in that file will prevent dev_debug_vboot from reading the flash at all unless it's invoked with --force option. 3. The Makefile will create the /etc/default/vboot_reference file in the install directory, setting DEV_DEBUG_FORCE to the value in effect at build time. This will let a future CL change the default behavior for each target. BUG=chromium:438854 BRANCH=none TEST=manual Built and tested on Samus. /etc/default/vboot_reference was present, containing "DEV_DEBUG_FORCE=". The dev_debug_vboot script ran normally. Manually changing /etc/default/vboot_reference to contain "DEV_DEBUG_FORCE=1" and rebooting caused dev_debug_vboot to stop before reading the BIOS flash. I also manually forced various flashrom invocations to fail to test each part of the new flow. Change-Id: Ib319dd16b9026162d01f435f15570ec8ba99c512 Signed-off-by: Bill Richardson <wfrichar@chromium.org> Reviewed-on: https://chromium-review.googlesource.com/233228 Reviewed-by: David Hendricks <dhendrix@chromium.org> Reviewed-by: Stefan Reinauer <reinauer@chromium.org>
* futility: stop using the symlink names in utility scriptsBill Richardson2014-09-121-12/+15
| | | | | | | | | | | | | | | | | | | | | | We still create the symlinks (FOO -> futility), but this change invokes those built-in functions with "futility FOO ..." instead of using the FOO symlink. Note that the scripts/ directory is unchanged. That's a separate CL, since we don't have tests for that. BUG=chromium:231547 BRANCH=ToT TEST=make runtests In addition to running "make runtests", I temporarily modified the Makefile to avoid creating the symlinks at all. The tests still passed. Change-Id: I96863259b9df02a3611f759a7509bf4090ae03e8 Signed-off-by: Bill Richardson <wfrichar@chromium.org> Reviewed-on: https://chromium-review.googlesource.com/216717 Reviewed-by: Randall Spangler <rspangler@chromium.org>
* Change flashrom target selection parameter.Hung-Te Lin2013-08-211-3/+3
| | | | | | | | | | | | | | | The "-p internal:bus=*" is now deprecated by "-p {host,ec}" because we may have EC on SPI bus. BUG=none TEST=manually executed dev_debug_vboot and see correct output. BRANCH=none Change-Id: I6363c09c2ebf57812bf35b7db220303a2786db20 Reviewed-on: https://gerrit.chromium.org/gerrit/66321 Tested-by: Hung-Te Lin <hungte@chromium.org> Reviewed-by: Yung-Chieh Lo <yjlou@chromium.org> Commit-Queue: Hung-Te Lin <hungte@chromium.org>
* New and improved dev_debug_vbootBill Richardson2011-11-091-131/+270
| | | | | | | | | | | | | | | | | | | | | | | This new version adds a bunch more output, displays the TPM rollback version values (if it can; Cr-48 doesn't export this info through crossystem), looks for and validates all kernels on all devices, etc. It also add some command-line arguments to use to examine files containing BIOS, kernel, and disk images. BUG=chromium-os:6676 TEST=manual Boot, wait a minute or so, then log in and go to chrome://system Click the Expand button for "verified boot". You should see a bunch of useful text describing the firmware and kernel partitions. I tried this on Cr-48, Stumpy, and Kaen. Change-Id: I2d9aa0fcb0c12cf2b951ce9e2316b89532901125 Reviewed-on: https://gerrit.chromium.org/gerrit/11327 Reviewed-by: Bill Richardson <wfrichar@chromium.org> Tested-by: Bill Richardson <wfrichar@chromium.org>
* Expand dev_debug_vboot to cover both x86 and arm platforms.Vadim Bendebury2011-06-021-9/+43
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | The script needs to use proper device names when looking for 'hard drive' and USB storage. This change makes these names platforms specific. Another change is to look for the USB device when running off SSD and include it in report if found. BUG=chromium-os:15896 TEST=manual Ran dev_debug_vboot in the four permutations (on Alex or Kaen, off USB or SSD), observed expected results reported, for instance when running off USB stick on Kaen with a valid system installed on the SSD partitions 2/4: localhost chronos # dev_debug_vboot Saving verbose log as /tmp/debug_vboot_IhtMvRsGt/noisy.log Extracting BIOS image from flash... Extracting kernel images from drives... Extracting BIOS components... Pulling root and recovery keys from GBB... Verify firmware A with root key... OK Verify firmware B with root key... OK Test kernel_subkey_a.vbpubk... OK Test kernel_subkey_b.vbpubk... OK Test hd_kern_a.blob... OK Test hd_kern_b.blob... OK Test usb_kern_a.blob... OK Verify hd_kern_a.blob with kernel_subkey_a.vbpubk... OK Verify hd_kern_b.blob with kernel_subkey_a.vbpubk... FAILED Verify usb_kern_a.blob with kernel_subkey_a.vbpubk... FAILED Verify hd_kern_a.blob with kernel_subkey_b.vbpubk... OK Verify hd_kern_b.blob with kernel_subkey_b.vbpubk... FAILED Verify usb_kern_a.blob with kernel_subkey_b.vbpubk... FAILED Verify hd_kern_a.blob with recoverykey.vbpubk... FAILED Verify hd_kern_b.blob with recoverykey.vbpubk... FAILED Verify usb_kern_a.blob with recoverykey.vbpubk... OK exporting log file as /var/log/debug_vboot_noisy.log On the same system after corrupting the SSD kernel: localhost tmp # dev_debug_vboot Saving verbose log as /tmp/debug_vboot_uLSfFS2g9/noisy.log Extracting BIOS image from flash... Extracting kernel images from drives... Extracting BIOS components... Pulling root and recovery keys from GBB... Verify firmware A with root key... OK Verify firmware B with root key... OK Test kernel_subkey_a.vbpubk... OK Test kernel_subkey_b.vbpubk... OK Test hd_kern_a.blob... FAILED Test hd_kern_b.blob... OK Test usb_kern_a.blob... OK Verify hd_kern_a.blob with kernel_subkey_a.vbpubk... FAILED Verify hd_kern_b.blob with kernel_subkey_a.vbpubk... FAILED Verify usb_kern_a.blob with kernel_subkey_a.vbpubk... FAILED Verify hd_kern_a.blob with kernel_subkey_b.vbpubk... FAILED Verify hd_kern_b.blob with kernel_subkey_b.vbpubk... FAILED Verify usb_kern_a.blob with kernel_subkey_b.vbpubk... FAILED Verify hd_kern_a.blob with recoverykey.vbpubk... FAILED Verify hd_kern_b.blob with recoverykey.vbpubk... FAILED Verify usb_kern_a.blob with recoverykey.vbpubk... OK exporting log file as /var/log/debug_vboot_noisy.log Change-Id: I4f4cd2377c6acf3db433d629ed0a5c43a5d1a76c Signed-off-by: Vadim Bendebury <vbendeb@chromium.org> Reviewed-on: http://gerrit.chromium.org/gerrit/1938 Reviewed-by: Bill Richardson <wfrichar@chromium.org>
* Fix stupid typo in informational message.Bill Richardson2011-04-191-1/+1
| | | | | | | | | | Change-Id: Ic8e7ddd37550d88e7f2a84331b6e49a96723efa9 R=rspangler@chromium.org BUG=chromium-os:8947 TEST=none Review URL: http://codereview.chromium.org/6883024
* Put the final output of dev_debug_vboot under /var/log/Bill Richardson2011-04-121-7/+4
| | | | | | | | | | | | | | Change-Id: I9e7a947541eb6a5b56556038a254ad4017b349b4 R=jimhebert@chromium.org,gauravsh@chromium.org BUG=chromium-os:8947 TEST=manual Boot, wait 60 seconds, navigate to chrome://system. Click the "Expand" button for "verified boot". You should see useful information. Review URL: http://codereview.chromium.org/6840005
* Address symlink attack on dev_debug_vboot.Bill Richardson2011-04-081-18/+23
| | | | | | | | | | | | | | | | | | | | | Two things here: Use mktemp to create a unique and new temporary directory to work in, and copy the published log file to a known path in a way that can't be redirected with symlinks. There are also a couple of minor tweaks to cleanup a little bit rot in the information that the script provides. BUG=chromium-os:8947 TEST=manual Boot, wait 60 seconds, look for "/tmp/debug_vboot_noisy.log". It should exist and contain useful and interesting data. Change-Id: Iff9c5c86802ab7fcf3342e82ba128a1795dba16d R=rspangler@chromium.org,wad@chromium.org,gauravsh@chromium.org Review URL: http://codereview.chromium.org/6824018
* vboot_reference/dev_debug_vboot: use new flashrom syntaxHung-Te Lin2011-03-161-2/+2
| | | | | | | | | | | | | | We need to also assign the target in dev_debug_vboot. BUG=chromium-os:11339 TEST=flashrom -p internal:bus=lpc dev_debug_vboot # still seeing success Change-Id: I33cfed77dba5afb668f6d9036ecc077e3bcb19d0 R=wfrichar@chromium.org Review URL: http://codereview.chromium.org/6698022
* Support new flashmap layout in dev_debug_vboot.Bill Richardson2011-03-031-6/+32
| | | | | | | | | | | | | | Make dev_debug_vboot look first for the new section names, then the old ones. Change-Id: I723f022bbbb23257c7c57db9543d7c35f524f95d BUG=chromium-os:12611 TEST=manual Rerun the steps that reproduce the problem as reported in the initial bug report. You should see much more information. Review URL: http://codereview.chromium.org/6621003
* Add a few more commands to help debug verified boot.Bill Richardson2010-11-011-0/+9
| | | | | | | | | | | | | | | | | BUG=chromium-os:8160 TEST=manual Refer to http://code.google.com/p/chromium-os/issues/detail?id=8237 for testing instructions. To specifically test for this change, the log file should contain the string (and output from running) "od -Ax -tx1 hd_kern_a.blob | head" Change-Id: I910d1f0e41c03afd34bfa5139825e479d7124d71 Review URL: http://codereview.chromium.org/4242001
* Add option to dev_debug_vboot to clean up after runningBill Richardson2010-10-291-12/+45
| | | | | | | | | | | | | | | Also provide a bit more output, stop and tell us if it's not running on a Chrome OS BIOS. Change-Id: I0e6a5680ec050b3f4d0a5c7adc87ca2441ba6d06 BUG=chromium-os:8236 TEST=manual From a root shell, run "dev_debug_vboot --cleanup", then look in /tmp/dev_debug/. You should see only the file noisy.log Review URL: http://codereview.chromium.org/4108012
* Modify dev_debug_vboot for better usefulnessBill Richardson2010-10-251-54/+107
| | | | | | | | | | | | | | | | | * Display only the synopsis on stdout * Keep a verbose log of all activity in the scratch directory. * Add more checks * Providing a directory argument will use the images found there instead of trying to extract them from the system (for use on host machines). Change-Id: I065a18c9467c625cc33484ee5556d955dc79b01d BUG=none TEST=manual Get a root shell and run "dev_debug_vboot". You should see nicer output. Review URL: http://codereview.chromium.org/4106001
* New tools to help debug vboot failures.Bill Richardson2010-09-091-0/+67
This adds some tools to help us figure out why a particular kernel isn't booting. Often we suspect it's because it was signed with the wrong keys, or has flags restricting its use to certain boot modes. This change adds some tools to extract and display all the keys from the BIOS, and try them on the various kernels. We also display the sha1sum of all the keys we find, to make comparing them easier. Change-Id: I38e447bf95cb6c3a0b87aa949611bb135f2f94b4 BUG=chromeos-partner:888 TEST=manual To test, obtain a root shell, and run dev_debug_vboot. You should see lots of useful information go by. Review URL: http://codereview.chromium.org/3303018
View Lorry Controller Status