| Commit message (Collapse) | Author | Age | Files | Lines |
|---|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
The Makefile should respect the standard compilation setting
CPPFLAGS. For example, the cros-debug-add-NDEBUG function call in the
ebuild needs that to work.
BUG=none
TEST=USE=cros-debug emerge-corsola vboot_reference
TEST=USE=-cros-debug emerge-corsola vboot_reference
BRANCH=none
Change-Id: I9b3a404983b5db81fe401ef243de357c55f478b3
Signed-off-by: Yu-Ping Wu <yupingso@chromium.org>
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/vboot_reference/+/4426377
Commit-Queue: Julius Werner <jwerner@chromium.org>
Reviewed-by: Julius Werner <jwerner@chromium.org>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
We decided in to enable NDEBUG by default because cryptolib would spam
the debug output [1]. Now that cryptolib is gone (CL:400903), we should
be able to turn it on by default, so that assert() calls will no longer
be no-ops.
The DISABLE_NDEBUG make variable is replaced with NDEBUG.
[1] https://codereview.chromium.org/3004001
BUG=none
TEST=make NDEBUG=1 futil -j
TEST=emerge-corsola vboot_reference
BRANCH=none
Change-Id: Ic97d85f0cc14c05a1084d02c6a150e4cc7d3393e
Signed-off-by: Yu-Ping Wu <yupingso@chromium.org>
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/vboot_reference/+/4413341
Reviewed-by: Julius Werner <jwerner@chromium.org>
Commit-Queue: Julius Werner <jwerner@chromium.org>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Needed by chromeos-installer in postinstall, with the new
postinstall_cgpt_repair USE flag.
Also fix copyright lint.
BUG=b:197219816, b:257478857
BRANCH=None
TEST=emerge-reven vboot_reference
USE=postinstall_cgpt_repair emerge-reven chromeos-installer
Cq-Depend: chromium:4377945, chromium:4377717
Change-Id: I40170da35fac4e302673614c6a8ab99d5384ad5d
Signed-off-by: Ted Brandston <tbrandston@google.com>
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/vboot_reference/+/4377068
Reviewed-by: Edward O'Callaghan <quasisec@chromium.org>
Reviewed-by: Jeffery Miller <jefferymiller@google.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Add a new subcommand for getting/setting flash properties such as
the flash size and writeprotect configuration.
The operations provided by `futility flash` require less information
from the user and are less error prone than the equivalents provided by
`flashrom`.
For example, --wp-enable automatically choses the protection range based
on the firmware image and --wp-status gives a warning if the protection
range does not match the RO firmware region.
BUG=b:268574030
BRANCH=none
TEST=`futility flash --{flash-size,wp-enable,wp-disable,wp-status}`
Co-authored-by: Edward O'Callaghan <quasisec@google.com>
Signed-off-by: Edward O'Callaghan <quasisec@google.com>
Signed-off-by: Nikolai Artemiev <nartemiev@google.com>
Change-Id: I36d7468616a5bcdf3c4542d48652bd24c3377a61
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/vboot_reference/+/4279661
Reviewed-by: Edward O'Callaghan <quasisec@chromium.org>
Commit-Queue: Edward O'Callaghan <quasisec@chromium.org>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Emit a warning and continue when OpenSSL is newer than expected. The
chroot still uses an older version.
This was broken by:
0ca7a9e4 ("firmware: host: futility: Add CBFS metadata hash support")
BUG=b:245993083, b:246328810, b:197114807
BRANCH=none
TEST=make -C ~/cosarm/src/platform/vboot_reference/ USE_FLASHROM=0
See that the errors become warnings and the build completes
Change-Id: Id4e25e4ebad1d9ae1f6ee5425b3e6fe3cbd5d5e5
Signed-off-by: Simon Glass <sjg@chromium.org>
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/vboot_reference/+/4241424
Reviewed-by: Yu-Ping Wu <yupingso@chromium.org>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
When developers (or the lab) runs 'futility update' on a Chromebox to
update a remote DUT connected via servo, the updater will incorrectly
recognize the Chromebox as the 'host' = 'system' = 'DUT', selecting
wrong config and setting wrong cookies.
To fix that, we want to isolate and refactor how we identify and access
'host' and 'DUT'. The first step is to rename and move the 'system
property' related functions to 'dut properties' in the `updater_dut.c`.
No functional changes in this patch.
Only renamed functions and moved the implementation to different places.
BUG=b:247428499,b:255617349
TEST=make; run test
BRANCH=None
Change-Id: I5c1f9bb67a14fbcdd80958597290a2789f4c2dac
Signed-off-by: Hung-Te Lin <hungte@chromium.org>
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/vboot_reference/+/4181581
Reviewed-by: Yu-Ping Wu <yupingso@chromium.org>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Copy sha256_armv8a_ce_a64.S from [1] and make some small changes to make
it fit in vboot_reference build environment.
With this CL, the boot time gets 126ms improvement on Tentacruel.
The `vboot kernel verification` is reduced to 12ms.
[1]
https://github.com/OP-TEE/optee_os/blob/master/core/arch/arm/crypto/sha256_armv8a_ce_a64.S
BRANCH=corsola
BUG=b:263514393
TEST=make install_dut_test; ./build/tests/vb2_sha256_x86_tests
TEST=check `cbmem -t` on Tentacruel
Change-Id: Ic9abeae9687b2162d7ddadd46111ec20f34e771c
Signed-off-by: Yidi Lin <yidilin@chromium.org>
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/vboot_reference/+/4170144
Reviewed-by: Yu-Ping Wu <yupingso@chromium.org>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Add a command that reads AP firmware to a specified file path.
BUG=b:260531154
BRANCH=None
TEST=FEATURES=test emerge-grunt vboot_reference
TEST=futility read /tmp/bios
TEST=futility read /tmp/bios -p ec
TEST=env SERVOD_NAME=grunt futility read /tmp/bios --servo
Change-Id: I82fe0381b6f61ca4d67a9f5c27353e18ed4abe39
Signed-off-by: Evan Benn <evanbenn@chromium.org>
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/vboot_reference/+/4075310
Reviewed-by: Edward O'Callaghan <quasisec@chromium.org>
Reviewed-by: Yu-Ping Wu <yupingso@chromium.org>
Commit-Queue: Edward O'Callaghan <quasisec@chromium.org>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
lib20/include and lib/cryptolib no longer exist, so remove them from the
include path.
BRANCH=none
BUG=none
TEST=none
Signed-off-by: Julius Werner <jwerner@chromium.org>
Change-Id: Ia5e2893a1aaca6655565315a0e06131906668392
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/vboot_reference/+/4128690
Tested-by: Yu-Ping Wu <yupingso@chromium.org>
Reviewed-by: Yu-Ping Wu <yupingso@chromium.org>
Commit-Queue: Yu-Ping Wu <yupingso@chromium.org>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Shell scripts are hard to modify and hard to test, so port sign_uefi.sh
to Python. This is a fairly direct port that attempts to keep all the
behavior the same. In particular, there are no hard errors for missing
EFI/kernel files, or for failing to sign one of those files if it does
exist. It might be good to make the script more strict in the future,
but for now try to match the existing behavior.
Nothing actually calls the new script yet.
Also enable `black_check` in `PRESUBMIT.cfg` to enforce formatting.
BRANCH=none
BUG=b:261631233
TEST=make runtests
TEST=cros lint scripts/image_signing/sign_uefi*.py
Change-Id: I4b9b86607cc403779b0504758dd097b0d7237fef
Signed-off-by: Nicholas Bishop <nicholasbishop@google.com>
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/vboot_reference/+/4083506
Reviewed-by: Yu-Ping Wu <yupingso@chromium.org>
Reviewed-by: Mike Frysinger <vapier@chromium.org>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
The linking process during the installation phase of this package
breaks if you compile with make USE_FLASHROM=0. A new conditional has
been added to the make file that prevents utility/crossystem from
compiling if USE_FLASHROM is either not set or set to the number 0.
BUG=b:256682063
TEST=cros_run_unit_tests --board amd64-generic --packages vboot_reference
TEST=env USE="test -flashrom" emerge-amd64-generic vboot_reference
TEST=env USE="-flashrom" emerge-amd64-generic vboot_reference
BRANCH=none
Signed-off-by: Nobel Barakat nobelbarakat@google.com
Change-Id: Ia8cdd24653fdb74c9bb5f4de86b7711b138299cf
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/vboot_reference/+/4045302
Commit-Queue: Nobel Barakat <nobelbarakat@google.com>
Reviewed-by: Yu-Ping Wu <yupingso@chromium.org>
Tested-by: Nobel Barakat <nobelbarakat@google.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
The default make target 'all' should depend on either ${UTIL_FILES_SDK}
or ${UTIL_FILES_BOARD}. However, these variables are defined after the
'all' rule, so they actually evaluate to empty strings. This causes the
utility files such as 'crossystem' to be missing. The bug was introduced
by CL:3299836.
Fortunately, these files are also dependencies of the 'install' target.
Therefore this bug doesn't lead to any problem for the vboot_reference
package, because the utilities will be built in src_install().
BUG=none
TEST=make clean && make all -j8 && make install DESTDIR=./install
TEST=make run2tests -j
BRANCH=none
Change-Id: I0abb320e38f17fead373ba44521f3db5346add65
Signed-off-by: Yu-Ping Wu <yupingso@chromium.org>
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/vboot_reference/+/4045570
Reviewed-by: Hsuan Ting Chen <roccochen@chromium.org>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Remove the qemu logic from the Makefile. Document the RUNTEST, BUILD_RUN
and SRC_RUN variables. Ensure those variables are used consistently
throughout the Makefile and test scripts.
BUG=b:231084609
BRANCH=None
TEST=FEATURES=test emerge vboot_reference
TEST=FEATURES=test emerge-amd64-generic vboot_reference
TEST=FEATURES=test emerge-hatch coreboot
TEST=(coreboot upstream with this patch) make all
TEST=make BUILD=build1 runtests
TEST=make BUILD=build2 RUNTEST=env runtests
Cq-Depend: chromium:3934904
Change-Id: Ifd18463d681bedbf7464165f2df0181474b36791
Signed-off-by: Evan Benn <evanbenn@chromium.org>
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/vboot_reference/+/3831828
Reviewed-by: Yu-Ping Wu <yupingso@chromium.org>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
The `futility validate_rec_mrc` command was added to allow the
MrcCacheTest factory test to verify the MRC cache. However,
duplicating the verification logic between coreboot and futility is not
very maintainable. This caused problems recently when CB:67670 replaced
the checksum in the MRC header with a hash.
MrcCacheTest was changed to instead read eventlog to check that coreboot
successfully updated the cache: CL:3935801. Now `futility
validate_rec_mrc` is no longer used, so remove it.
BRANCH=none
BUG=b:242667207, b:249174725
TEST=emerge-nissa vboot_reference
Change-Id: I7b78cdbfdda37e70aef3675636ed347a4ea1694e
Signed-off-by: Reka Norman <rekanorman@google.com>
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/vboot_reference/+/3949072
Tested-by: Reka Norman <rekanorman@chromium.org>
Commit-Queue: Reka Norman <rekanorman@chromium.org>
Reviewed-by: Julius Werner <jwerner@chromium.org>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
The --allow-multiple-definition linker option was added in CL:6770 to
allow mocking functions. Now that we're exclusively using the weak
attribute (or equivalently test_mockable in vboot_reference) in other
firmware repositories (coreboot, depthcharge) for unit testing, the
--allow-multiple-definition option should no longer be needed.
In addition, one problem with --allow-multiple-definition is that, when
a function being mocked is automatically inlined by compiler
optimization, the mock function may not be called at all, leading to
unexpected behavior. Marking that function as test_mockable can prevent
this situation.
Therefore, add test_mockable to all the functions being mocked, and
remove the linker option from Makefile.
BUG=none
TEST=make -j32 test_setup && make runtests
BRANCH=none
Change-Id: Ifcd8138641d17bff689dd5093cdd69e4da9f0b0c
Signed-off-by: Yu-Ping Wu <yupingso@chromium.org>
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/vboot_reference/+/3744746
Reviewed-by: Jakub Czapiga <czapiga@google.com>
Commit-Queue: Jakub Czapiga <czapiga@google.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Emit a warning and continue when OpenSSL is newer than expected. The
chroot still uses an older version.
BUG=b:245993083, b:246328810
BRANCH=none
TEST=make -C ~/cosarm/src/platform/vboot_reference/ USE_FLASHROM=0
See that the errors become warnings
Signed-off-by: Simon Glass <sjg@chromium.org>
Change-Id: I85afba4007da3bc7c37abc04d744185c3362ad99
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/vboot_reference/+/3887562
Reviewed-by: Yu-Ping Wu <yupingso@chromium.org>
Reviewed-by: Julius Werner <jwerner@chromium.org>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Add vb2api_inject_kernel_subkey for bootloaders that only want to use
vboot for loading and verifying the kernel. The intended usage is:
vb2api_init();
vb2api_inject_kernel_subkey();
vb2api_load_kernel();
BUG=b:237093169
BRANCH=none
TEST=make && make runtests
Change-Id: Iea6e31826f89ec754496427427d124a35285c463
Signed-off-by: Nicholas Bishop <nicholasbishop@google.com>
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/vboot_reference/+/3732807
Reviewed-by: Yu-Ping Wu <yupingso@chromium.org>
Reviewed-by: Julius Werner <jwerner@chromium.org>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
This makes flashrom_get_wp() use the new libflashrom WP interface that
was recently added to flashrom and moves it to host/lib/flashrom_drv.c
with the other libflashrom wrapper functions.
BUG=b:223291615
BRANCH=none
TEST=flashrom --wp-disable; futility update -i image.bin \
futility prints: `Write protection: 0 (disabled; HW=0, SW=0).`
TEST=flashrom --wp-enable; futility update -i image.bin \
futility prints: `Write protection: 0 (disabled; HW=0, SW=1).`
Change-Id: Ib13eeb2f1f718443271b074969ff69e66149f401
Signed-off-by: Nikolai Artemiev <nartemiev@google.com>
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/vboot_reference/+/3540785
Commit-Queue: Edward O'Callaghan <quasisec@chromium.org>
Reviewed-by: Edward O'Callaghan <quasisec@chromium.org>
Reviewed-by: Hung-Te Lin <hungte@chromium.org>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
In vb2_get_gbb, abort if gbb_offset is zero. This ensures that functions
like vb2api_gbb_get_flags won't try to read garbage GBB data if the
context hasn't been properly initialized.
Some additional changes made to fix tests:
1. In vb2_set_boot_mode, don't access GBB unless needed.
2. In vb2api_get_dev_default_boot_target, use vb2api_gbb_get_flags
instead of vb2_get_gbb to make it easier to mock. This is needed for
depthcharge tests.
3. Make vb2api_get_debug_info tolerant of GBB not being set. This is
needed for depthcharge tests.
BUG=b:237093169
BRANCH=none
TEST=make && make runtests
Cq-Depend: chromium:3820402
Change-Id: I921d6cc4a5d91c8114c5e46748b4576a1e7716d0
Signed-off-by: Nicholas Bishop <nicholasbishop@google.com>
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/vboot_reference/+/3817941
Reviewed-by: Julius Werner <jwerner@chromium.org>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Move VbTryLoadKernel() and VbTryLoadMiniOsKernel() to depthcharge.
In addition, expose LoadKernel() and LoadMiniOsKernel() as
vb2api_load_kernel() and vb2api_load_minos_kernel(), respectively.
Since we remove VbTryLoadKernel() in vb2api_normal_boot(), rename
vb2api_normal_boot() to check_kernel_version() and call it in
vb2api_kernel_finalize().
Also, rename VbSelectAndLoadKernelParams, VbDiskInfo, and
VbExDiskHandle_t as vb2_kernel_params, vb2_disk_info, and
vb2ex_disk_handle_t, respectively.
BUG=b:172339016
BRANCH=none
TEST=make runtests
TEST=FW_NAME=tomato emerge-cherry depthcharge
Cq-Depend: chromium:3758201
Signed-off-by: Hsin-Te Yuan <yuanhsinte@google.com>
Change-Id: Iaf182ca81797fee24c6104dac9d4770ff75c7fb2
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/vboot_reference/+/3755923
Reviewed-by: Yu-Ping Wu <yupingso@chromium.org>
Reviewed-by: Julius Werner <jwerner@chromium.org>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
| |
Create tests/common/ to put some common files.
BUG=none
BRANCH=none
TEST=make runtests
Signed-off-by: Hsin-Te Yuan <yuanhsinte@google.com>
Change-Id: I8918b7a1e62d47fca6074ef123e2de6f46f1aa00
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/vboot_reference/+/3754814
Reviewed-by: Hsuan Ting Chen <roccochen@chromium.org>
Reviewed-by: Yu-Ping Wu <yupingso@chromium.org>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
We only check COV=1 in `make coverage` before. This will result in
deleting all files in the current working directory if we accidentally
tried `make coverage_init`.
Hide coverage_init and coverage_html if COV is not set.
BUG=none
BRANCH=none
TEST=make coverage_init and see the error message
TEST=make clean && COV=1 make coverage -j
Signed-off-by: Hsuan Ting Chen <roccochen@chromium.org>
Change-Id: I2d22b211b3d9e59d12faa0ab3d1c2ca8433598f7
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/vboot_reference/+/3747419
Reviewed-by: Yu-Ping Wu <yupingso@chromium.org>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Currently, make coverage is broken due to two issues:
1. The optimization option -O0 ignores the inline specifier in
firmware/2lib/2sha256_x86.c:46 and 52. This will violate the
compile-time constraint "i" and cause a build failure.
Fix this issue by using -Og instead of -O0.
2. The coverage_html requires ${COV_INFO}.* files which are generated in
coverage_init and runtests. We need to add prerequisites to prevent
potential errors while running with "-j".
BUG=none
BRANCH=none
TEST=make clean && COV=1 make coverage -j
Signed-off-by: Hsuan Ting Chen <roccochen@chromium.org>
Change-Id: If1f9de1dbc56f36afead9045c1f95349a5fa156c
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/vboot_reference/+/3755927
Reviewed-by: Yu-Ping Wu <yupingso@chromium.org>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Pass VbSelectAndLoadKernelParams kparams as a function argument instead
of using global variable kparams_ptr. Remove VbSelectAndLoadKernel and
replace its tests with the unit tests for vb2_set_boot_mode,
vb2api_kernel_phase2, vb2api_kernel_finalize, and vb2api_normal_boot.
BUG=b:172339016
BRANCH=none
TEST=make runtests
Cq-Depend: chromium:3731710
Signed-off-by: Hsin-Te Yuan <yuanhsinte@google.com>
Change-Id: I26895ced5e310b2894b9d42d0ad5514d3b0b930a
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/vboot_reference/+/3731412
Reviewed-by: Yu-Ping Wu <yupingso@chromium.org>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
This patch reworks whole BIOS image signing to support images with CBFS,
and with ponly RW/A slot. CBFS images will now be truncated to eliminate
unnecessary empty space, and will sign only the part of firmware area
which contains the data, and not empty space.
This patch also adds more checks for potential errors, and does not
allow for signing incorrect nor uses data from structures, which might
not be valid.
futility sign command tests are also greatly extended to cover a wide
variety of possible errors, which have to be handled correctly.
BUG=b:197114807
TEST=sudo emerge vboot_reference
TEST=build whole chromeos-bootimage after making it and coreboot use
`futility sign --type bios ...`
TEST=make runtests
BRANCH=none
Signed-off-by: Jakub Czapiga <jacz@semihalf.com>
Cq-Depend: chromium:3707104
Change-Id: I7c84aa38776e8890a87f0e9b7ec7f32d86f82c13
Disallow-Recycled-Builds: test-failures
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/vboot_reference/+/3575325
Tested-by: Jakub Czapiga <czapiga@google.com>
Reviewed-by: Julius Werner <jwerner@chromium.org>
Auto-Submit: Jakub Czapiga <czapiga@google.com>
Commit-Queue: Jakub Czapiga <czapiga@google.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
subproccess helpers are only used by flashrom.c at the moment. However we
temporarily need the symbols to bridge the gap with cbfstools/elogtool in
upstream coreboot. Furthmore, there are new additional use-cases for
subproccess in other parts of vboot_reference unrelated to flashrom
directly.
BUG=b:231152447
BRANCH=none
TEST=builds
Change-Id: Id8008eefd46efa329adf76323800bb7646bf922c
Signed-off-by: Edward O'Callaghan <quasisec@google.com>
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/vboot_reference/+/3697856
Tested-by: Edward O'Callaghan <quasisec@chromium.org>
Reviewed-by: Julius Werner <jwerner@chromium.org>
Commit-Queue: Julius Werner <jwerner@chromium.org>
Auto-Submit: Edward O'Callaghan <quasisec@chromium.org>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
With a series of UI callback functions removed from depthcharge (see the
long CL list in Cq-Depend below), now we can remove them from vboot2
API.
BUG=b:172339016
TEST=make runtests -j
TEST=emerge-corsola libpayload depthcharge
BRANCH=none
Cq-Depend: chromium:3581323, chromium:3581320, chromium:3587669
Cq-Depend: chromium:3611670, chromium:3631467, chromium:3631405
Cq-Depend: chromium:3677727, chromium:3681952
Change-Id: Icccaf81b8a6f16780bf68a6f1f3aa01689fc9ed8
Signed-off-by: Yu-Ping Wu <yupingso@chromium.org>
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/vboot_reference/+/3682754
Reviewed-by: Hsuan Ting Chen <roccochen@chromium.org>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
The updater_archive has two functions: the implementation of archives,
and the creation of manifest. Since we are having more support of
archives in different format and the logic of manifests is getting more
complicated, so it is better to move the manifest to its own file.
No functional changes, only internal refactoring.
BUG=None
TEST=make; run test
BRANCH=None
Change-Id: I01ff9561583357eac4c6add8a09384f1c4c9d671
Signed-off-by: Hung-Te Lin <hungte@chromium.org>
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/vboot_reference/+/3647407
Reviewed-by: Yu-Ping Wu <yupingso@chromium.org>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
The firmware archive files from buildbot are usually released in
tar+bzip2 format. Although the standard format of the archive
(chromeos-firmwareupdate) is ZIP, it is very helpful if the developers
can quickly run the update using the standard tar.bz2 archive files.
BUG=b:230679721
TEST=futility update --manifest -a \
~/Downloads/ChromeOS-firmware-R91-13885.3.0-asurada.tar.bz2
QEMU_LD_PREFIX=/build/cherry qemu-arm /build/cherry/usr/bin/futility \
update --manifest -a \
~/Downloads/ChromeOS-firmware-R91-13885.3.0-asurada.tar.bz2
BRANCH=None
Change-Id: Ibbab2e8226a00e8b5b292293af570eda37b31a8a
Signed-off-by: Hung-Te Lin <hungte@chromium.org>
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/vboot_reference/+/3644540
Reviewed-by: Yu-Ping Wu <yupingso@chromium.org>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Unfortunately the USE_FLASHROM build flag broke during a refactor
in commit f0af257a9b333b. This flag is needed for coreboot builds.
Resolve by putting relevant files under guards.
BUG=b:221234560,b:220833585
BRANCH=none
TEST=`USE_FLASHROM={0,1} make`
Signed-off-by: Edward O'Callaghan <quasisec@google.com>
Change-Id: Ic10a3909bf070897cef7f1556deef57eba6c57f3
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/vboot_reference/+/3493527
Tested-by: Edward O'Callaghan <quasisec@chromium.org>
Auto-Submit: Edward O'Callaghan <quasisec@chromium.org>
Reviewed-by: Martin Roth <martinroth@google.com>
Commit-Queue: Martin Roth <martinroth@google.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Bring sub-process and libflashrom wrapper implementations
under the common host/lib path to later be reconciled.
The WP implementation is left separated out due to the
lack of a libflashrom WP implementation which creates
circular dependencies for the moment.
BUG=b:207808292
BRANCH=none
TEST=none
Signed-off-by: Edward O'Callaghan <quasisec@google.com>
Change-Id: Ic759c4e9828778a0ef1443b163224aef2c7cba54
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/vboot_reference/+/3461093
Reviewed-by: Nikolai Artemiev <nartemiev@google.com>
Auto-Submit: Edward O'Callaghan <quasisec@chromium.org>
Tested-by: Edward O'Callaghan <quasisec@chromium.org>
Commit-Queue: Edward O'Callaghan <quasisec@chromium.org>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Use pkg-config to link with libcrosid when it's available.
Note that when futility is compiled from the coreboot tree, libcrosid
won't be available, at least at the moment, so expose -DUSE_CROSID to
the C code so we know when we have it available.
BUG=b:213251232
BRANCH=none
TEST=emerge-volteer -j vboot_reference
"lddtree /build/volteer/usr/bin/futility" lists libcrosid
Cq-Depend: chromium:3367251
Signed-off-by: Jack Rosenthal <jrosenth@chromium.org>
Change-Id: I8e69c5ce4570ac9df72440d0a34b6b03b5a36e77
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/vboot_reference/+/3368703
Reviewed-by: Raul Rangel <rrangel@chromium.org>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
We don't need the MOUNT_ENCRYPTED_KEY_PATH after we replaced the stale
TPM simulator with the driver-level TPM simulator.
It's time to remove it.
BUG=b:203195852, b:174807059
BRANCH=none
TEST=crossystem clear_tpm_owner_request=1
Signed-off-by: Yi Chou <yich@google.com>
Change-Id: I7c1c9c16697b1bbda9adea13448fdb9cffd9cc7b
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/vboot_reference/+/3358669
Reviewed-by: Julius Werner <jwerner@chromium.org>
Reviewed-by: Leo Lai <cylai@google.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Fix flags missed in CL:3306615.
BUG=b:206031372
TEST=make runtests
TEST=sudo emerge-guybrush sys-boot/depthcharge
BRANCH=none
Signed-off-by: Jakub Czapiga <jacz@semihalf.com>
Change-Id: Idbb205bb9e14f44a10806785fb9f7b29572f0626
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/vboot_reference/+/3347667
Reviewed-by: Yu-Ping Wu <yupingso@chromium.org>
Tested-by: Jakub Czapiga <czapiga@google.com>
Commit-Queue: Jakub Czapiga <czapiga@google.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Some users of futility do not need flashrom support such
as upstream coreboot. Allow for explicitly enabling the
paths.
BUG=b:203715651,b:209702505
BRANCH=none
TEST=builds
Signed-off-by: Edward O'Callaghan <quasisec@google.com>
Change-Id: I61095bf91e3d01bd008d3b790478a590758e88cd
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/vboot_reference/+/3350299
Tested-by: Edward O'Callaghan <quasisec@chromium.org>
Auto-Submit: Edward O'Callaghan <quasisec@chromium.org>
Reviewed-by: Yu-Ping Wu <yupingso@chromium.org>
Reviewed-by: Hsuan Ting Chen <roccochen@chromium.org>
Commit-Queue: Hsuan Ting Chen <roccochen@chromium.org>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Separate out all the flashrom worker code used in futility
to allow for later building a futility without flashrom
support.
BUG=b:203715651,b:209702505
BRANCH=none
TEST=builds
Signed-off-by: Edward O'Callaghan <quasisec@google.com>
Change-Id: I938141056424f8f93a598bbb288ee7c8770edc95
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/vboot_reference/+/3350298
Tested-by: Edward O'Callaghan <quasisec@chromium.org>
Auto-Submit: Edward O'Callaghan <quasisec@chromium.org>
Reviewed-by: Hung-Te Lin <hungte@chromium.org>
Commit-Queue: Edward O'Callaghan <quasisec@chromium.org>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
There are multiple flashrom calling wrapping code implementations
within vboot_ref. Work towards making a singular canonical
implementation.
BUG=b:207808292
BRANCH=none
TEST=`make`
Signed-off-by: Edward O'Callaghan <quasisec@google.com>
Change-Id: I8e133a11b777b4e80bb4e43a64a5349956cef8eb
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/vboot_reference/+/3325329
Tested-by: Edward O'Callaghan <quasisec@chromium.org>
Auto-Submit: Edward O'Callaghan <quasisec@chromium.org>
Reviewed-by: Nikolai Artemiev <nartemiev@google.com>
Commit-Queue: Edward O'Callaghan <quasisec@chromium.org>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Until now some variables had to be unset or set to NULL to disable their
respective features. This patch makes it possible to disable variables
by passing zero as a value.
BUG=b:206031372
TEST=make runtests
TEST=sudo emerge-guybrush sys-boot/depthcharge
BRANCH=none
Signed-off-by: Jakub Czapiga <jacz@semihalf.com>
Change-Id: I1c254ac8ea3237615a20334ba6a66c09a4abd791
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/vboot_reference/+/3306615
Tested-by: Jakub Czapiga <czapiga@google.com>
Auto-Submit: Jakub Czapiga <czapiga@google.com>
Reviewed-by: Julius Werner <jwerner@chromium.org>
Commit-Queue: Jakub Czapiga <czapiga@google.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
DETACHABLE and PHYSICAL_PRESENCE_KEYBOARD are unused in the code and can
be removed from the Makefile.
BUG=b:206031372
TEST=make runtests
BRANCH=none
Signed-off-by: Jakub Czapiga <jacz@semihalf.com>
Change-Id: I6d91f8bfa8342c95959014c3a0efcccf02f1d915
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/vboot_reference/+/3306614
Tested-by: Jakub Czapiga <czapiga@google.com>
Reviewed-by: Yu-Ping Wu <yupingso@chromium.org>
Commit-Queue: Jakub Czapiga <czapiga@google.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
This utility is used in key generation, so it really belongs in the SDK.
However, some autotests currently also want to generate keys on the DUT.
So let's just install it to both.
BUG=b:207452735
TEST=FEATURES=test emerge-dedede vboot_reference
TEST=sudo emerge vboot_reference && which dumpRSAPublicKey
BRANCH=none
Change-Id: Ic2395a10557773acffa22ea3c9a1e01cf581053b
Signed-off-by: Yu-Ping Wu <yupingso@chromium.org>
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/vboot_reference/+/3299839
Reviewed-by: Julius Werner <jwerner@chromium.org>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
The current rules for 'utils_install_sdk' and 'utils_install_board'
individually install the required list of binaries and scripts. When
there are overlapping files in 'UTIL_NAMES_SDK' and 'UTIL_NAMES_BOARD',
the second executed rule will fail with duplicate installation.
Instead of having a single phony target that installs all the files,
define a rule 'util_install-<FILE>' for each file to ensure that each
one will be installed at most once.
BUG=b:207452735
TEST=make runtests
TEST=emerge-dedede vboot_reference
TEST=FEATURES=test emerge-dedede vboot_reference
TEST=sudo emerge vboot_reference
BRANCH=none
Change-Id: I24c23a61c4ff7de851bf11541bc46c963bf35c22
Signed-off-by: Yu-Ping Wu <yupingso@chromium.org>
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/vboot_reference/+/3299836
Reviewed-by: Julius Werner <jwerner@chromium.org>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
BOOT_EXTERNAL_ON_DEV was not used anymore, so it was removed from the
Makefile and source code.
BUG=b:206031372
BRANCH=none
TEST=make runtests
TEST=emerge-guybrush depthcharge
Signed-off-by: Jakub Czapiga <jacz@semihalf.com>
Change-Id: I463a77f2de8f59954704495708025321ca1571d8
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/vboot_reference/+/3289345
Reviewed-by: Julius Werner <jwerner@chromium.org>
Reviewed-by: Yu-Ping Wu <yupingso@chromium.org>
Tested-by: Jakub Czapiga <czapiga@google.com>
Commit-Queue: Jakub Czapiga <czapiga@google.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Use libflashrom API over sub-processing the flashrom CLI.
Squash in,
vboot_reference/futility: Use image layout as fallback
Use the layout encoding within the image as the fallback if
we cannot read it from ROM. Also cleanup error paths while
here.
BUG=b:203715651
BRANCH=none
TEST=cros deploy to nocturne and ran:
`/usr/sbin/chromeos-firmwareupdate --mode=recovery --wp=1`.
&& `$ cros_run_unit_tests --board nocturne --packages vboot_reference`.
Cq-Depend: chromium:3249690, chromium:3281062, chromium:3288610
Signed-off-by: Edward O'Callaghan <quasisec@google.com>
Change-Id: I892aec510d8023abd42a07cbb036be79bc8b4498
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/vboot_reference/+/3247852
Tested-by: Edward O'Callaghan <quasisec@chromium.org>
Auto-Submit: Edward O'Callaghan <quasisec@chromium.org>
Commit-Queue: Edward O'Callaghan <quasisec@chromium.org>
Reviewed-by: Sam McNally <sammc@chromium.org>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
The help text of the new subcommand is as follows:
-------
This utility creates an RO verification space in the Chrome OS AP
firmware image or allows to validate a previously prepared image
containing the RO verification space.
Usage: futilitygscvd PARAMS <AP FIRMWARE FILE> [<root key hash>]
Creation of RO Verification space:
Required PARAMS:
-R|--ranges STRING Comma separated colon delimited
hex tuples <offset>:<size>, the
areas of the RO covered by the
signature
-r|--root_pub_key <file> The main public key, in .vbpubk
format, used to verify platform
key
-k|--keyblock <file> Signed platform public key in
.keyblock format, used for run
time RO verifcation
-p|--platform_priv <file> Private platform key in .vbprivk
format, used for signing RO
verification data
Optional PARAMS:
[--outfile] OUTFILE Output firmware image containing
RO verification information
Validation of RO Verification space:
The only required parameter is <AP FIRMWARE FILE>, if optional
<root key hash> is given, it is compared to the hash of the body
of the root key found in <AP_FIRMWARE_FILE>.
-h|--help Print this message
-------
When creating GVD section, the sha256 hash of the root public key
payload is printed on stdout, this is the hash to include in the GSC
image to for the root key verification.
Code converting ASCII hex string into binary is refactored into a misc
function.
BRANCH=none
BUG=b:141191727
TEST=testing included the following steps:
. modified guybrush coreboot to allocate an 8KB RO_GSCVD area in
FMAP and built a guybrush BIOS image
. filled GVD space as described in the source file comments
. verified the created space as described in the source file comments
. verified AP RO integrity on the GSC size using crrev.com/c/3172256
Change-Id: I51a80be5007a32d5286b93499f71da84f41b3d81
Signed-off-by: Vadim Bendebury <vbendeb@chromium.org>
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/vboot_reference/+/3174570
Reviewed-by: Julius Werner <jwerner@chromium.org>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Add new rule 'install_dut_test' to deploy dut-specific tests to the
device. Any tests included in the rule will be installed into
/usr/share/vboot/tests/.
Especially vb2_sha256_x86_tests uses sha-ni extension, which might not
be available on some platforms. So it needs to be deployed to the dut
and run there.
BUG=b:162551138
BRANCH=none
TEST=build with modified ebuild on hana & guybrush
Signed-off-by: Kangheui Won <khwon@chromium.org>
Change-Id: I9c6e00c8a9aca192ae283560383417c1215c221f
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/vboot_reference/+/3141250
Reviewed-by: Raul E Rangel <rrangel@chromium.org>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Add VbTryLoadMiniOsKernel() to vboot API, which boots from a miniOS
recovery kernel located on internal disk. In this boot path, an attempt
is made to verify and boot this kernel. Recovery proceeds from within
the miniOS kernel by downloading a recovery image over the network. No
USB disk is used in the process.
For more information, see go/nbr-firmware.
BUG=b:188121855, b:186682292
TEST=make clean && make runtests
BRANCH=none
Change-Id: Ic4d1fe5642a2bf71c51c78fd7830ad2b6e9eebeb
Signed-off-by: Yu-Ping Wu <yupingso@chromium.org>
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/vboot_reference/+/2856364
Reviewed-by: Julius Werner <jwerner@chromium.org>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
By passing TEST_PRINT=1 to make, VBOOT_DEBUG symbol will be defined and
hence cause the stub vb2ex_printf() to print to stderr. Note that
DEBUG=1 will also imply VBOOT_DEBUG as before.
BUG=none
TEST=make clean && TEST_PRINT=0 make run2tests
TEST=make clean && TEST_PRINT=1 make run2tests
BRANCH=none
Change-Id: I39353f7fdec0167aa054501bda9d6e23bf66b732
Signed-off-by: Yu-Ping Wu <yupingso@chromium.org>
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/vboot_reference/+/3161533
Reviewed-by: Julius Werner <jwerner@chromium.org>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Since all the screens and tests are already moved to depthcharge
in previous CLs, remove all internal UI functions and tests from
vboot.
BUG=b:172339016
TEST=DEBUG=1 make -j test_setup && make -j runtests
BRANCH=none
Signed-off-by: edisonhello <edisonhello@google.com>
Change-Id: Ifbd005a5761e5c354e010fc70487a63cd17cf4b3
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/vboot_reference/+/3139540
Reviewed-by: Julius Werner <jwerner@chromium.org>
Reviewed-by: Yu-Ping Wu <yupingso@chromium.org>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
This CL is a part of centralizing ui codes. The removed screens and unit
tests will be added in depthcharge.
Remove diagnostics menu, diagnostics storage and memory checking screens.
Remove unit tests for above screens and menu.
BUG=b:172339016
TEST=export CC=x86_64-pc-linux-gnu-clang DEBUG=1 DETACHABLE=0; \
make -j test_setup && make -j runtests
TEST=export CC=x86_64-pc-linux-gnu-clang DEBUG=1 DETACHABLE=1; \
make -j test_setup && make -j runtests
BRANCH=none
Cq-Depend: chromium:3138687
Signed-off-by: edisonhello <edisonhello@google.com>
Change-Id: I5eb1bee6a5f1aedb77298acbddab20156c1c086e
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/vboot_reference/+/3139537
Reviewed-by: Yu-Ping Wu <yupingso@chromium.org>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
These don't really belong together. We can get two cleaner test
files by splitting them apart.
This CL is part of a series to merge vboot1 and vboot2.0
kernel verification code; see b/181739551.
BUG=b:181739551, b:172337800, b:124141368
TEST=make clean && make runtests
BRANCH=none
Signed-off-by: Joel Kitching <kitching@google.com>
Change-Id: Idaa4c36214cc98bffdc50bdb5c071673829250ee
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/vboot_reference/+/3039164
Tested-by: Joel Kitching <kitching@chromium.org>
Reviewed-by: Julius Werner <jwerner@chromium.org>
Commit-Queue: Joel Kitching <kitching@chromium.org>
|
