| Commit message (Collapse) | Author | Age | Files | Lines |
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
BUG=b:251281342
BRANCH=None
TEST=set_gbb_flags.sh --servo targeting a Nereid succeeded.
Change-Id: Iea83ebacf2bbcdf9da70b38a94017811c07c063e
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/vboot_reference/+/3929937
Tested-by: Tirath Ramdas <tirath@google.com>
Reviewed-by: Jett Rink <jettrink@chromium.org>
Reviewed-by: Allen Webb <allenwebb@google.com>
Reviewed-by: Sam McNally <sammc@chromium.org>
Commit-Queue: Tirath Ramdas <tirath@google.com>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
A trap to delete tempfiles was mistakenly masked.
BUG=b:247920664
BRANCH=None
TEST=get_gbb_flags.sh; ls /tmp/tmp.* | wc -l == 0
Change-Id: I3b783395309ea2acb1bc75ffa19df62f81b90450
Signed-off-by: Evan Benn <evanbenn@chromium.org>
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/vboot_reference/+/3907130
Reviewed-by: Yu-Ping Wu <yupingso@chromium.org>
Commit-Queue: Yu-Ping Wu <yupingso@chromium.org>
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
BUG=None
BRANCH=None
TEST=None
Signed-off-by: Evan Benn <evanbenn@chromium.org>
Change-Id: Ia2d4426ad0807a51d4b0568bd6a750f8fb6021f7
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/vboot_reference/+/3907132
Reviewed-by: Mike Frysinger <vapier@chromium.org>
Reviewed-by: George Engelbrecht <engeg@google.com>
Commit-Queue: Mike Frysinger <vapier@chromium.org>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
This commits adds support for the `ensure_amd_psp_flags` script which
only needs to be few on certain AMD boards.
BRANCH=none
BUG=b:202397678
TEST=Verified that ensure_amd_psp_flags executes correctly
Change-Id: I6ae61083113497d1c63b5ed5a0bd608c525a0c6e
Signed-off-by: Robert Zieba <robertzieba@google.com>
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/vboot_reference/+/3821000
Reviewed-by: Mike Frysinger <vapier@chromium.org>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
This commit updates the `ensure_amd_psp_flags` script so that it will
ignore any artifacts that do not contain valid AMD AP images as long as
there are no soft-fuse bitsets present for the given board. This allows
all logic to be contained within this script.
BRANCH=none
BUG=b:202397678
TEST=Verified that script still works on AMD artifacts, tested that
Intel and ARM artifacts are ignored
Change-Id: I17a9414a36fbeb4a0ae9792c2e036deccd089870
Signed-off-by: Robert Zieba <robertzieba@google.com>
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/vboot_reference/+/3860383
Reviewed-by: Mike Frysinger <vapier@chromium.org>
|
|
|
|
|
|
|
|
|
|
|
| |
BUG=none
TEST=Ran script with new arg and ensured it disabled verity
BRANCH=none
Change-Id: I2cf4ca1a0a7b3663b05f7b2ef35fb6f9261b00a9
Signed-off-by: Steven 'Steve' Kendall <skend@google.com>
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/vboot_reference/+/3825117
Reviewed-by: Mike Frysinger <vapier@chromium.org>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
The script doesn't work on betty without --force. And in turn
dev_features_rootfs_verification doesn't work as well.
BUG=None
TEST=copy the script to betty and run
BRANCH=none
Change-Id: I70f48b97b470bb04fb9f5fff751df83c44d7defe
Signed-off-by: Shao-Chuan Lee <shaochuan@chromium.org>
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/vboot_reference/+/3818089
Reviewed-by: Hung-Te Lin <hungte@chromium.org>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
This commit adds a general security test script. This allows
some logic to be moved out of the signer as well as providing a single
entry point for the security tests run by the signer.
BRANCH=none
BUG=b:202397678
TEST=Verified that correct security tests ran with/without
`--keyset-is-mp`
Change-Id: Ib4c779a90d2fe9160c278f20d7ec61242f1d68cc
Signed-off-by: Robert Zieba <robertzieba@google.com>
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/vboot_reference/+/3820999
Reviewed-by: Mike Frysinger <vapier@chromium.org>
Commit-Queue: Mike Frysinger <vapier@chromium.org>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
This commit changes the order of the arguments for this script from
`<board> <image>` to `<image> <board>`. This brings the script in-line
with the existing ensure scripts.
BRANCH=none
BUG=b:202397678
TEST=Verified that script works with guybrush image
Change-Id: I7bf31eb0b6ab667b1c3c0e71c2388531bb3f1bc0
Signed-off-by: Robert Zieba <robertzieba@google.com>
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/vboot_reference/+/3820998
Reviewed-by: Mike Frysinger <vapier@chromium.org>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
crrev.com/c/3665477 started using `--unpack` rather than
`--sb_extract` for self-extracting firmware update bundles.
Unfortunately, existing prebuilt artifacts used by signer tests are
old and only support `--sb_extract`, and hence fail with recent
vboot_reference that includes this change.
This change simply reverts the option back to `--sb_extract` for
unpacking self-extracting bundles.
BRANCH=None
BUG=b:179170462
BUG=b:202397678
TEST=unittests
Change-Id: I528346a5d593caba7ca822820b9a38e994f0ea94
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/vboot_reference/+/3792485
Commit-Queue: Josh Horwich <jhorwich@chromium.org>
Reviewed-by: Mike Frysinger <vapier@chromium.org>
Reviewed-by: Prameet Shah <phshah@chromium.org>
Tested-by: Josh Horwich <jhorwich@chromium.org>
Auto-Submit: Josh Horwich <jhorwich@chromium.org>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Since crrev.com/c/2511121 we no longer use xattrs when using
unsquashfs on the Android system image. A side-effect of this change
is the loss of capabilities for a handful of Android binaries such as
/system/bin/run-as.
This change records the capabilities on the system image and applies
them manually to the output system image.
BUG=b:179170462
BRANCH=None
TEST=unittests
TEST=Locally sign hatch (ARC R) and kevin (ARC P) base images and
verify signed base image's system.raw.img contents
Signed-off-by: Josh Horwich <jhorwich@chromium.org>
Change-Id: Ied824d5ebf7a5139e71341abca810b14e67623e0
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/vboot_reference/+/3723017
Reviewed-by: Allen Webb <allenwebb@google.com>
Tested-by: Josh Horwich <jhorwich@chromium.org>
Reviewed-by: Prameet Shah <phshah@chromium.org>
Commit-Queue: Josh Horwich <jhorwich@chromium.org>
Reviewed-by: Yury Khmel <khmel@google.com>
Reviewed-by: Yury Khmel <khmel@chromium.org>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Currently there is no script to ensure that AMD PSP flags are set
correctly in a firmware image. This commit adds ensure_amd_psps_flags.sh
to handle that functionality. The script can check that certain flags
are set as well as checking that certain flags are not set.
BRANCH=none
BUG=b:202397678
TEST=Ran script with grunt, zork, MI and skyrim images, verified that
it responds correctly to PSP flag values
Signed-off-by: Robert Zieba <robertzieba@google.com>
Change-Id: Ie0864544b9b97704ee901d893b4d833c1ab068b9
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/vboot_reference/+/3526100
Reviewed-by: Mike Frysinger <vapier@chromium.org>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
This commit moves `extract_firmware_bundle` into common.sh as this
function is useful for other scripts as well. This commit also updates
this function to use the `--unpack` option as `--sb_extract` is now
deprecated.
BRANCH=none
BUG=b:202397678
TEST=Verified that scripts continue to work as expected
Signed-off-by: Robert Zieba <robertzieba@google.com>
Change-Id: Ib5596968f31a4b3b21fb81877d84b28660824818
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/vboot_reference/+/3665477
Reviewed-by: Mike Frysinger <vapier@chromium.org>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
This feature has not been needed since pre-2012 devices which have long
since reached their end of life. We can safely remove it to simplify the
code.
Also remove ZGB image, as it is no longer needed.
BUG=b:197114807
TEST=sudo FEATURES=test emerge vboot_reference
BRANCH=none
Signed-off-by: Jakub Czapiga <jacz@semihalf.com>
Cq-Depend: chromium:3650757
Change-Id: I889dc6300c5cb72bdfcb9c2b66d63e97d3f8c862
Disallow-Recycled-Builds: test-failures
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/vboot_reference/+/3578968
Commit-Queue: Jakub Czapiga <czapiga@google.com>
Auto-Submit: Jakub Czapiga <czapiga@google.com>
Tested-by: Jakub Czapiga <czapiga@google.com>
Reviewed-by: Julius Werner <jwerner@chromium.org>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Previous change I5e8b4d848f30f53fae58c721c9b7ddcfbfea9852
was reverted because the check did not pass if the
signing process adds new files to the image.
The new check alerts only when we miss files in the original image.
BUG=b:230434967
BRANCH=None
TEST=Run ./sign_official_build.sh locally
Signed-off-by: Daichi Hirono <hirono@chromium.org>
Change-Id: If8e9eeb9568fefcde92d737b356fa84b865b05c9
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/vboot_reference/+/3653721
Commit-Queue: Shao-Chuan Lee <shaochuan@chromium.org>
Tested-by: Daichi Hirono <hirono@chromium.org>
Commit-Queue: Daichi Hirono <hirono@chromium.org>
Auto-Submit: Daichi Hirono <hirono@chromium.org>
Reviewed-by: Shao-Chuan Lee <shaochuan@chromium.org>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
This reverts commit 48532e571bf79f32af972f6096681c11674c3825.
Reason for revert: Stable roll blocked due to unit test failures in platform/signing.
https://ci.chromium.org/ui/p/chromeos/builders/cq/fullcheckout-presubmit/b8813887760837459473/overview
Original change's description:
> signer: Check the list of android image files
>
> BUG=b:230434967
> BRANCH=None
> TEST=Run ./sign_official_build.sh locally
>
> Signed-off-by: Daichi Hirono <hirono@chromium.org>
>
> Change-Id: I5e8b4d848f30f53fae58c721c9b7ddcfbfea9852
> Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/vboot_reference/+/3607891
> Tested-by: Daichi Hirono <hirono@chromium.org>
> Commit-Queue: Daichi Hirono <hirono@chromium.org>
> Reviewed-by: Shao-Chuan Lee <shaochuan@chromium.org>
Bug: b:230434967
Change-Id: I185562d6dcbac4fd30b6dc4c331bd0b1508d58e8
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/vboot_reference/+/3644484
Commit-Queue: Daichi Hirono <hirono@chromium.org>
Tested-by: Daichi Hirono <hirono@chromium.org>
Reviewed-by: Shao-Chuan Lee <shaochuan@chromium.org>
Auto-Submit: Daichi Hirono <hirono@chromium.org>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Let's require the user of this script to explicitly provide the base
file name of the generated key.
BRANCH=none
BUG=b:221423468
TEST=verified generating the new key in various directories (local and
non local).
Verified that the script fails if the user does not supply the
required key file base name.
Change-Id: Iaf85e5822d06c65ca4b7d51f17579269576e4707
Signed-off-by: Vadim Bendebury <vbendeb@google.com>
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/vboot_reference/+/3630287
Tested-by: Vadim Bendebury <vbendeb@chromium.org>
Reviewed-by: Mike Frysinger <vapier@chromium.org>
Commit-Queue: Vadim Bendebury <vbendeb@chromium.org>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
GSC RW signing requires a 3070 bit RSA key. The codesigner tool when
invoked expects the public key in .pem format, the same format is used
by the RO codebase when incorporating the public key in the RO image.
This patch introduces a new accessory key generating script, which
invokes the appropriate opensssl command to generated the required key
pair.
BUG=b:221423468
BRANCH=none
TEST=ran scripts/keygeneration/accessory/create_new_gsc_key.sh and
observed two gsc keys generated:
ls -l *gsc*
-rw------- 1 vbendeb vbendeb 2451 Apr 21 20:42 gsc_3070.pem
-rw-r--r-- 1 vbendeb vbendeb 625 Apr 21 20:42 gsc_3070.pem.pub
in the FPGA setup confirmed that Ti50 RW can be signed and
verified using the generated key pair.
Signed-off-by: Vadim Bendebury <vbendeb@chromium.org>
Change-Id: I429c250f60aa1da28aa99f39dff40c3bcda71df6
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/vboot_reference/+/3600151
Reviewed-by: Andrey Pronin <apronin@chromium.org>
Reviewed-by: Mike Frysinger <vapier@chromium.org>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
BUG=b:230434967
BRANCH=None
TEST=Run ./sign_official_build.sh locally
Signed-off-by: Daichi Hirono <hirono@chromium.org>
Change-Id: I5e8b4d848f30f53fae58c721c9b7ddcfbfea9852
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/vboot_reference/+/3607891
Tested-by: Daichi Hirono <hirono@chromium.org>
Commit-Queue: Daichi Hirono <hirono@chromium.org>
Reviewed-by: Shao-Chuan Lee <shaochuan@chromium.org>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
This reverts commit 2981c0bacbaa0446562aaa04f23e3e9f07c86069, as that
patch is not the proper way to generate accessory keys.
BUG=b:221423468
BRANCH=none
TEST=none
Change-Id: I5500424b01ef45cc353468173f60f9b202b92b54
Signed-off-by: Vadim Bendebury <vbendeb@chromium.org>
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/vboot_reference/+/3600150
Reviewed-by: Mike Frysinger <vapier@chromium.org>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
GSC RW signing requires an 3070 bit RSA key. The codesigner tool when
invoked expects the public key in .pem format, the same format is used
by the RO codebase when incorporating the public key in the RO image.
This patch introduces a new key option, RSA3070_NOSIG_ALGOID. The keys
of this kind are not going to be processed by futility, hence no need
to specify the signing algorithm.
BUG=b:221423468
BRANCH=none
TEST=ran ./create_new_keys.sh and observed two gsc keys generated:
$ ls *gsc*
gsc_rw_3070.pem gsc_rw_3070.pem.pub
in the FPGA setup confirmed that Ti50 RW can be signed and
verified using the generated key pair.
Signed-off-by: Vadim Bendebury <vbendeb@chromium.org>
Change-Id: Ie676ba8043c34900388372270329a4903656d499
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/vboot_reference/+/3591642
Reviewed-by: Mike Frysinger <vapier@chromium.org>
Commit-Queue: Mike Frysinger <vapier@chromium.org>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Detect servo micro and C2D2 servo types and toggle cpu_fw_spi before and
after flash access is required.
BUG=b:220992685
TEST={get,set}_gbb_flags.sh --servo with C2D2 and servo micro
BRANCH=None
Cq-Depend: chromium:3470605
Change-Id: I9f8a9bcabe731001ed18150ca1db9820db20e0d3
Signed-off-by: Sam McNally <sammc@chromium.org>
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/vboot_reference/+/3469747
Reviewed-by: Edward O'Callaghan <quasisec@chromium.org>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
With introduction of Ti50 images the version of the eraseflashinfo
capable images must change, which will prevent signing scripts from
accepting Ti50 images from node locked signing.
Enforcing the version number is proving to be a larger pain that in is
worth: we do need to modify the version once in a while, and it takes
a lot of effort and time to propagate the version adjustment through
signing stages.
We already have a quorum requirement for eraseflashinfo capable node
locked images, this provides enough guarantee from accidental signing
or malicious signing of such an image, version number enforcement does
not add security.
BRANCH=none
BUG=b:219774807
TEST=none
Change-Id: Ifd5ac17540595d71210445e6ad573c81fc25a47a
Signed-off-by: Vadim Bendebury <vbendeb@chromium.org>
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/vboot_reference/+/3553419
Reviewed-by: Mary Ruthven <mruthven@chromium.org>
Reviewed-by: Andrey Pronin <apronin@chromium.org>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Allow custom programmers to be used instead of host for getting and
setting GBB flags via a --programmer/-p flag similar to the same flag
for futility. Also support --servo with the same semantics as the
futility flag - detecting the programmer to use from the current servod
instance mirroring the logic in futility. Only CCD is supported at this
stage.
When reading, include the FMAP section as well as the GBB section. For
writes over CCD, avoiding rescanning for the FMAP can save up to 1.8s.
BUG=None
TEST={get,set}_gbb_flags.sh --servo with and without servod running
BRANCH=None
Change-Id: Iecedf4c3d0cad6923aed4405ef4a72910f3f9f05
Signed-off-by: Sam McNally <sammc@chromium.org>
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/vboot_reference/+/3455562
Reviewed-by: Edward O'Callaghan <quasisec@chromium.org>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Update the defaultA=2 and defaultB=3 grub settings to
remove verification.
In change I930d0f3f1a3f8f54edd1dce7f8259e3c261af9a1 the default
options for grub were changed to be defaultA and defaultB instead
of 'set default=2'. Update the removal to support these new
configuration settings.
BRANCH=none
BUG=b:186240229
TEST=on a reven build run `/usr/share/vboot/bin/make_dev_ssd.sh --remove_rootfs_verification
--force`; reboot and confirm verity is disabled
Change-Id: I70ceed432c29865715c525a6ae13f0e7da8ee0ba
Signed-off-by: Jeffery Miller <jefferymiller@google.com>
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/vboot_reference/+/3445175
Reviewed-by: Nicholas Bishop <nicholasbishop@google.com>
Reviewed-by: Hung-Te Lin <hungte@chromium.org>
Commit-Queue: Nicholas Bishop <nicholasbishop@google.com>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
BUG=b:204378599
TEST=None
BRANCH=None
Signed-off-by: Evan Benn <evanbenn@chromium.org>
Cq-Depend: chrome-internal:4473134
Change-Id: I2316ec9e75e854352350e90055e717a258c43f6e
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/vboot_reference/+/3388968
Tested-by: Evan Benn <evanbenn@chromium.org>
Auto-Submit: Evan Benn <evanbenn@chromium.org>
Reviewed-by: Mike Frysinger <vapier@chromium.org>
Commit-Queue: Evan Benn <evanbenn@chromium.org>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
hps uses ed25519 keys so generate a pair of that type.
BUG=b:214495498
TEST=./create_new_hps_key.sh
BRANCH=none
Signed-off-by: Evan Benn <evanbenn@chromium.org>
Change-Id: I3f63ea5852b8e5959b7577e8b988284da043b449
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/vboot_reference/+/3394031
Reviewed-by: Mike Frysinger <vapier@chromium.org>
Commit-Queue: Evan Benn <evanbenn@chromium.org>
Tested-by: Evan Benn <evanbenn@chromium.org>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
create_new_hammer_like_keys.sh generates a key pair with hard-coded
filename "key_hammerlike.*". And we usually ask the croskeymanagers
team to manually rename it to the correct device name (e.g.
b:213403966). The manual step sometimes confuses people.
Modify the script to make create_new_hammer_like_keys.sh takes an extra
keyname argument and generates the correct filename at once.
BUG=b:213922329
TEST=1) normal usage
./create_new_hammer_like_keys.sh foo
2) error (two keyname provided)
./create_new_hammer_like_keys.sh foo bar
3) error (missing keyname)
./create_new_hammer_like_keys.sh
4) also check efs keygen
./create_new_ec_efs_key.sh
BRANCH=none
Change-Id: I2a2e24b77961ea2d744ac65d835446a74381e004
Signed-off-by: Ting Shen <phoenixshen@google.com>
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/vboot_reference/+/3398389
Reviewed-by: Hung-Te Lin <hungte@chromium.org>
Reviewed-by: Yu-Ping Wu <yupingso@chromium.org>
Tested-by: Ting Shen <phoenixshen@chromium.org>
Commit-Queue: Ting Shen <phoenixshen@chromium.org>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
project-cheets-private CL: crrev/i/4381092
BUG=b:208763957
TEST=arc.AppLoadingPerf, etc.
BRANCH=none
Signed-off-by: Satoshi Niwa <niwa@google.com>
Cq-Depend: chrome-internal:4381092
Change-Id: I95fe539294793f6894a8e4cd8e2bde4bbcf43c04
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/vboot_reference/+/3351476
Reviewed-by: Ryo Hashimoto <hashimoto@chromium.org>
Tested-by: Satoshi Niwa <niwa@chromium.org>
Auto-Submit: Satoshi Niwa <niwa@chromium.org>
Commit-Queue: Satoshi Niwa <niwa@chromium.org>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Add a shortcut to enable and disable earlycon and serial console.
Earlycon requires to setup the correct parameter in stdout-path for
ARM/ARM64 or SPCR table for x86.
BRANCH=none
BUG=b:168171144
TEST=./make_dev_ssd.sh -i $image --enable_earlycon (--disable_console)
Signed-off-by: Hsin-Yi Wang <hsinyi@chromium.org>
Change-Id: Ifc39c825bf0830bca9d72668b8451aff64708071
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/vboot_reference/+/2423643
Reviewed-by: Stephen Boyd <swboyd@chromium.org>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
This patch extends create_new_keys.sh to generate two additional key
pairs to use for AP RO verification signing. Both new pairs are
RSA4096/SHA256.
The script was ran to generate a new set of keys and the produced AP
RO verification key pairs were copied into tests/devkeys.
BRANCH=none
BUG=b:141191727
TEST=re-signed guybrush AP firmware image following the process
described in cmd_gscvd.c comments, created a Cr50 image
incorporating the new root public key hash, updated the DUT AP
and Cr50 firmware and observed successful AP RO validation.
Change-Id: I03cba1446fc5ffdfef662c5ce1ea3e61950477d4
Signed-off-by: Vadim Bendebury <vbendeb@google.com>
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/vboot_reference/+/3297447
Tested-by: Vadim Bendebury <vbendeb@chromium.org>
Reviewed-by: Mike Frysinger <vapier@chromium.org>
Commit-Queue: Vadim Bendebury <vbendeb@chromium.org>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
The reven board's first stage bootloader (bootia32.efi/bootx64.efi) is
signed by Microsoft so that it can boot with the default UEFI Secure
Boot keys. These two files should not be modified by the signing
scripts.
Implement this by adding a third argument to sign_uefi.sh,
"efi_glob". This argument is set to "*.efi" by default, maintaining the
existing behavior. If the key dir matches "*Reven*", the glob is changed
to "grub*.efi".
Tested by running sign_official_build.sh on a reven base image, once
with a keys dir matching "*Reven*", once with it not matching. When the
keys dir matches Reven, grub*.efi is signed but boot*.efi is not. When
the keys dir does not match Reven, both grub*.efi and boot*.efi are
signed:
Matching "*Reven*":
platform/vboot_reference/scripts/image_signing/sign_official_build.sh \
base build/images/reven/latest/chromiumos_base_image.bin \
platform/vboot_reference/tests/Reven \
build/images/reven/latest/chromiumos_base_image.bin.signed
Not matching:
platform/vboot_reference/scripts/image_signing/sign_official_build.sh \
base build/images/reven/latest/chromiumos_base_image.bin \
platform/vboot_reference/tests/devkeys \
build/images/reven/latest/chromiumos_base_image.bin.signed
BUG=b:205145491
TEST=Build a reven base image and test as described above
BRANCH=none
Change-Id: Iec2800c276ca82bfd6e5b465ff821b11e0b0bb08
Signed-off-by: Nicholas Bishop <nicholasbishop@google.com>
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/vboot_reference/+/3262479
Reviewed-by: Joseph Sussman <josephsussman@google.com>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
In the context of device mapper (dm), use "mapped device".
BUG=b:179221734
TEST=make runtests
BRANCH=none
Change-Id: I9245d8482e59db93bfe6cdcaafa503038ae5c9e3
Signed-off-by: Yu-Ping Wu <yupingso@chromium.org>
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/vboot_reference/+/3246662
Reviewed-by: Chen-Yu Tsai <wenst@chromium.org>
Reviewed-by: Hung-Te Lin <hungte@chromium.org>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
fstrim relies on the underlying device supporting it and on our
instances we're on lvm devices. Since we're fstrim'ing a mounted
loopback the ability to call fstrim is inherited by the parent device.
Something has changed in the kernel (see bug) that stopped us from
making the trim call on the loopback partition.
sfill with these options should accomplish the same thing (single
write with all zeros) as well as cleaning up inode space.
BRANCH=main
BUG=b:200038130
TEST=signer full tests with this commit.
Signed-off-by: engeg <engeg@google.com>
Change-Id: I8c71adfd59c11b5142aa367fb20222fc4b03a2ba
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/vboot_reference/+/3167191
Tested-by: George Engelbrecht <engeg@google.com>
Auto-Submit: George Engelbrecht <engeg@google.com>
Reviewed-by: Jason Clinton <jclinton@chromium.org>
Reviewed-by: Jared Loucks <jaredloucks@google.com>
Reviewed-by: Greg Edelston <gredelston@google.com>
Commit-Queue: George Engelbrecht <engeg@google.com>
Commit-Queue: Greg Edelston <gredelston@google.com>
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
More permanent fix todo, need to unblock reven-release.
BUG=b:199136347
TEST=shellcheck
BRANCH=none
Change-Id: I2b124f88aa2c5c70124888e2d64bd5a2c41f1a96
Signed-off-by: Jack Neus <jackneus@google.com>
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/vboot_reference/+/3149594
Reviewed-by: George Engelbrecht <engeg@google.com>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
partnum variable isn't defined.
BUG=none
TEST=none
Signed-off-by: Jae Hoon Kim <kimjae@chromium.org>
BRANCH=none
Change-Id: Ie4ce809e4331d04c10c60f0e9c1b883124018038
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/vboot_reference/+/3146295
Tested-by: Jae Hoon Kim <kimjae@chromium.org>
Auto-Submit: Jae Hoon Kim <kimjae@chromium.org>
Reviewed-by: George Engelbrecht <engeg@google.com>
Commit-Queue: George Engelbrecht <engeg@google.com>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
This reverts commit 1376cfbfdd3b0cbc14da190c744604c4f3d29a23.
Reason for revert: bad code (missing [[)
Original change's description:
> reven signing: skip install_gsetup_certs
>
> BUG=b:199136347,b:194500280
> TEST=none
> BRANCH=none
>
> Change-Id: Iba90c1f4dcc2fadf9cbadac1948d5037b0feb278
> Signed-off-by: Jack Neus <jackneus@google.com>
> Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/vboot_reference/+/3145774
> Reviewed-by: George Engelbrecht <engeg@google.com>
Bug: b:199136347,b:194500280
Change-Id: I9b1df358a18d043eb0d20d18ed17e1bafbd9e5f3
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/vboot_reference/+/3146076
Auto-Submit: Jack Neus <jackneus@google.com>
Commit-Queue: Rubber Stamper <rubber-stamper@appspot.gserviceaccount.com>
Commit-Queue: George Engelbrecht <engeg@google.com>
Bot-Commit: Rubber Stamper <rubber-stamper@appspot.gserviceaccount.com>
Reviewed-by: George Engelbrecht <engeg@google.com>
Tested-by: George Engelbrecht <engeg@google.com>
Tested-by: Jack Neus <jackneus@google.com>
|
|
|
|
|
|
|
|
|
|
|
| |
BUG=b:199136347,b:194500280
TEST=none
BRANCH=none
Change-Id: Iba90c1f4dcc2fadf9cbadac1948d5037b0feb278
Signed-off-by: Jack Neus <jackneus@google.com>
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/vboot_reference/+/3145774
Reviewed-by: George Engelbrecht <engeg@google.com>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Reasons that miniOS partitions might be empty is that the feature is not
enabled yet, but the partitions exist as it's using the newer
disk_layout_v3.
BUG=b:199021334
TEST=# run tests
Signed-off-by: Jae Hoon Kim <kimjae@chromium.org>
BRANCH=none
Change-Id: I2a6b68240428ab2f01394230840ff116c720b3df
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/vboot_reference/+/3145770
Tested-by: Jae Hoon Kim <kimjae@chromium.org>
Auto-Submit: Jae Hoon Kim <kimjae@chromium.org>
Reviewed-by: Julius Werner <jwerner@chromium.org>
Commit-Queue: Julius Werner <jwerner@chromium.org>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Add the missing line continuation backslash, caused by CL:3046439.
BUG=b:198232639
TEST=./sign_official_build.sh recovery ${IMAGE} tests/devkeys/ ${OUTPUT}
TEST=./sign_official_build.sh factory ${IMAGE} tests/devkeys/ ${OUTPUT}
BRANCH=none
Change-Id: I587747e33c47afc85264052c9ca59081d5524a72
Signed-off-by: Yu-Ping Wu <yupingso@chromium.org>
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/vboot_reference/+/3134894
Reviewed-by: Julius Werner <jwerner@chromium.org>
Commit-Queue: Julius Werner <jwerner@chromium.org>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
BUG=b:193618692
TEST=sign_official_build.sh can handle zstd-compressed Android image
BRANCH=none
Signed-off-by: Satoshi Niwa <niwa@google.com>
Cq-Depend: chrome-internal:4024687
Change-Id: Ie01e93e49da9b32245055f7e4b6fa4fb3fbefd8e
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/vboot_reference/+/3066801
Tested-by: Satoshi Niwa <niwa@chromium.org>
Reviewed-by: Kazuhiro Inaba <kinaba@chromium.org>
Reviewed-by: Yury Khmel <khmel@chromium.org>
Auto-Submit: Satoshi Niwa <niwa@chromium.org>
Commit-Queue: Satoshi Niwa <niwa@chromium.org>
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
verity is now in platform2.
BUG=chromium:886953
TEST=none
BRANCH=none
Change-Id: I55b8a88540b781658a02819de749ab2d20984658
Signed-off-by: Nicholas Bishop <nicholasbishop@google.com>
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/vboot_reference/+/3087641
Reviewed-by: Julius Werner <jwerner@chromium.org>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
This retries signing android image in case of integrity check failure.
The reason of failure is still unknown.
BUG=b:175081695
TEST=Locally image signing passed with adding temporary code that
emulates random diff file error. Confirmed recovery happened
and signing finished successfully.
BRANCH=none
Signed-off-by: Yury Khmel <khmel@google.com>
Change-Id: Iffc23145cae21f4f468b987d015f45fec95f29d0
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/vboot_reference/+/3057193
Reviewed-by: Mike Frysinger <vapier@chromium.org>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
This is a reland of 43325cb9b2568c4a03c849f3474fcee8de3ae893
Looks like this was reverted incorrectly in CL:3044633, culprit
turned out to be an unrelated flake (see b/194293181).
Original change's description:
> vboot/sign_official_build: re-sign miniOS partitions
>
> sign_official_build.sh needs to be taught how to re-sign miniOS
> partitions, depending on whether the particular image at hand
> contains them or not.
>
> BUG=b:188121855
> TEST=make clean && make runtests
> BRANCH=none
>
> Cq-Depend: chromium:3027786
> Signed-off-by: Joel Kitching <kitching@google.com>
> Change-Id: Iaf847e14588011dd0fea6b59405091ae36ef038f
> Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/vboot_reference/+/2989640
> Tested-by: Joel Kitching <kitching@chromium.org>
> Reviewed-by: Mike Frysinger <vapier@chromium.org>
> Commit-Queue: Joel Kitching <kitching@chromium.org>
Bug: b:188121855
Signed-off-by: Julius Werner <jwerner@google.com>
Change-Id: I2e29a6e85f7d41ad365365ffb7e694f0c291d4f3
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/vboot_reference/+/3046439
Reviewed-by: Sergey Frolov <sfrolov@google.com>
Reviewed-by: Joel Kitching <kitching@chromium.org>
Reviewed-by: Mike Frysinger <vapier@chromium.org>
Tested-by: Julius Werner <jwerner@chromium.org>
Bot-Commit: Rubber Stamper <rubber-stamper@appspot.gserviceaccount.com>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
This reverts commit 43325cb9b2568c4a03c849f3474fcee8de3ae893.
Reason for revert: b/194293181 suspect
Original change's description:
> vboot/sign_official_build: re-sign miniOS partitions
>
> sign_official_build.sh needs to be taught how to re-sign miniOS
> partitions, depending on whether the particular image at hand
> contains them or not.
>
> BUG=b:188121855
> TEST=make clean && make runtests
> BRANCH=none
>
> Cq-Depend: chromium:3027786
> Signed-off-by: Joel Kitching <kitching@google.com>
> Change-Id: Iaf847e14588011dd0fea6b59405091ae36ef038f
> Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/vboot_reference/+/2989640
> Tested-by: Joel Kitching <kitching@chromium.org>
> Reviewed-by: Mike Frysinger <vapier@chromium.org>
> Commit-Queue: Joel Kitching <kitching@chromium.org>
Bug: b:188121855
Change-Id: Ieb936a21d5ae09ed84eb65c9a3a3198a5b5b22a5
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/vboot_reference/+/3044633
Bot-Commit: Rubber Stamper <rubber-stamper@appspot.gserviceaccount.com>
Commit-Queue: Sergey Frolov <sfrolov@google.com>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
sign_official_build.sh needs to be taught how to re-sign miniOS
partitions, depending on whether the particular image at hand
contains them or not.
BUG=b:188121855
TEST=make clean && make runtests
BRANCH=none
Cq-Depend: chromium:3027786
Signed-off-by: Joel Kitching <kitching@google.com>
Change-Id: Iaf847e14588011dd0fea6b59405091ae36ef038f
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/vboot_reference/+/2989640
Tested-by: Joel Kitching <kitching@chromium.org>
Reviewed-by: Mike Frysinger <vapier@chromium.org>
Commit-Queue: Joel Kitching <kitching@chromium.org>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
After crrev/i/3949327, compression type is not simply determined by
ARC type.
BUG=b:180894807
TEST=sign_official_build.sh and check the log message
BRANCH=none
Signed-off-by: Satoshi Niwa <niwa@google.com>
Cq-Depend: chromium:2999963
Cq-Depend: chrome-internal:3949327
Change-Id: I4b1bf452e0d033b4bb8c2f2c1f91819741f9885c
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/vboot_reference/+/2999823
Tested-by: Satoshi Niwa <niwa@chromium.org>
Reviewed-by: Yury Khmel <khmel@chromium.org>
Reviewed-by: Satoshi Niwa <niwa@chromium.org>
Reviewed-by: Kazuhiro Inaba <kinaba@chromium.org>
Auto-Submit: Satoshi Niwa <niwa@chromium.org>
Commit-Queue: Satoshi Niwa <niwa@chromium.org>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
miniOS requires a distinct kernel data key, whose dev key pair
is added in this CL as minios_kernel_data_key.vb{pub,priv}k.
A distinct keyblock is also required. The keyblock should set
the kernel keyblock flag MINIOS_1. Other keyblocks are modified
appropriately to set MINIOS_0. Keyblocks were generated using
the following commands:
$ futility vbutil_keyblock
--flags 23
--datapubkey tests/devkeys/ec_data_key.vbpubk
--signprivate tests/devkeys/ec_root_key.vbprivk
--pack tests/devkeys/ec.keyblock
Keyblock file: tests/devkeys/ec.keyblock
Signature valid
Flags: 23 !DEV DEV !REC !MINIOS
Data key algorithm: 7 RSA4096 SHA256
Data key version: 1
Data key sha1sum: 5833470fe934be76753cb6501dbb8fbf88ab272b
$ futility vbutil_keyblock
--flags 23
--datapubkey tests/devkeys/firmware_data_key.vbpubk
--signprivate tests/devkeys/root_key.vbprivk
--pack tests/devkeys/firmware.keyblock
Keyblock file: tests/devkeys/firmware.keyblock
Signature valid
Flags: 23 !DEV DEV !REC !MINIOS
Data key algorithm: 7 RSA4096 SHA256
Data key version: 1
Data key sha1sum: e2c1c92d7d7aa7dfed5e8375edd30b7ae52b7450
$ futility vbutil_keyblock
--flags 27
--datapubkey tests/devkeys/recovery_kernel_data_key.vbpubk
--signprivate tests/devkeys/recovery_key.vbprivk
--pack tests/devkeys/recovery_kernel.keyblock
Keyblock file: tests/devkeys/recovery_kernel.keyblock
Signature valid
Flags: 27 !DEV DEV REC !MINIOS
Data key algorithm: 11 RSA8192 SHA512
Data key version: 1
Data key sha1sum: e78ce746a037837155388a1096212ded04fb86eb
$ futility vbutil_keyblock
--flags 43
--datapubkey tests/devkeys/minios_kernel_data_key.vbpubk
--signprivate tests/devkeys/recovery_key.vbprivk
--pack tests/devkeys/minios_kernel.keyblock
Keyblock file: tests/devkeys/minios_kernel.keyblock
Signature valid
Flags: 43 !DEV DEV REC MINIOS
Data key algorithm: 8 RSA4096 SHA512
Data key version: 1
Data key sha1sum: 65441886bc54cbfe3a7308b650806f4b61d8d142
$ futility vbutil_keyblock
--flags 23
--datapubkey tests/devkeys/kernel_data_key.vbpubk
--signprivate tests/devkeys/kernel_subkey.vbprivk
--pack tests/devkeys/kernel.keyblock
Keyblock file: tests/devkeys/kernel.keyblock
Signature valid
Flags: 23 !DEV DEV !REC !MINIOS
Data key algorithm: 4 RSA2048 SHA256
Data key version: 1
Data key sha1sum: d6170aa480136f1f29cf339a5ab1b960585fa444
$ futility vbutil_keyblock
--flags 26
--datapubkey tests/devkeys/installer_kernel_data_key.vbpubk
--signprivate tests/devkeys/recovery_key.vbprivk
--pack tests/devkeys/installer_kernel.keyblock
Keyblock file: tests/devkeys/installer_kernel.keyblock
Signature valid
Flags: 26 DEV REC !MINIOS
Data key algorithm: 11 RSA8192 SHA512
Data key version: 1
Data key sha1sum: e78ce746a037837155388a1096212ded04fb86eb
BUG=b:188121855
TEST=make clean && make runtests
BRANCH=none
Signed-off-by: Joel Kitching <kitching@google.com>
Change-Id: I5b3e4def83ff29ca156b3c84dfcb8398f4985e67
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/vboot_reference/+/2965485
Tested-by: Joel Kitching <kitching@chromium.org>
Reviewed-by: Julius Werner <jwerner@chromium.org>
Commit-Queue: Joel Kitching <kitching@chromium.org>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Update dependencies list, and use ${FUTILITY} rather than calling
futility directly.
BUG=b:188121855
TEST=make clean && make runtests
BRANCH=none
Signed-off-by: Joel Kitching <kitching@google.com>
Change-Id: I8a28465937ca82ea9e18edc5d613570a561a3e0e
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/vboot_reference/+/2989639
Reviewed-by: Joel Kitching <kitching@chromium.org>
Tested-by: Joel Kitching <kitching@chromium.org>
Commit-Queue: Joel Kitching <kitching@chromium.org>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
These two types are simply thin wrappers around vbutil_kernel
and are no longer used.
BUG=b:188121855
TEST=make clean && make runtests
BRANCH=none
Signed-off-by: Joel Kitching <kitching@google.com>
Change-Id: Ia9a13f2992eb9de9f6c65525739da5f8e945cb3e
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/vboot_reference/+/2989638
Tested-by: Joel Kitching <kitching@chromium.org>
Commit-Queue: Joel Kitching <kitching@chromium.org>
Reviewed-by: Mike Frysinger <vapier@chromium.org>
Reviewed-by: Julius Werner <jwerner@chromium.org>
|