| Commit message (Collapse) | Author | Age | Files | Lines |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Running auxfw sync after EC sync is intentional, and the order should
not be swapped. Therefore add a check in the mock vb2api_auxfw_sync().
BUG=none
TEST=make run2tests
BRANCH=none
Change-Id: I60104378d4abf509cd379dc30818d79dd0606ee3
Signed-off-by: Yu-Ping Wu <yupingso@chromium.org>
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/vboot_reference/+/3863492
Reviewed-by: Hsuan Ting Chen <roccochen@chromium.org>
Commit-Queue: Hsuan Ting Chen <roccochen@chromium.org>
Reviewed-by: Julius Werner <jwerner@chromium.org>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
This patch moves the connection to the vb2ex_hwcrypto API further down
the stack, into the low-level vb2_digest and vb2_hash APIs. These
functions will now take an extra allow_hwcrypto argument that the caller
can use to deny or allow hwcrypto by policy. If allowed, the function
will try HW crypto first and fall back to the software implementation if
the selected algorithm is not supported. vb2_hwcrypto_allowed() is made
available to external callers as a vb2api function to make that decision
in most cases (for others, like userspace tools and testing, HW crypto
is generally not used anyway and they can just pass `false`).
Since vb2ex_hwcrypto_digest_init() takes a data_size argument for the
total amount of bytes expected, vb2_digest_init() will now also need to
take this extra argument. But since the total data size cannot always be
known in advance, callers are allowed to pass 0 to indicate that the
size is unknown. The software implementations work either way, and HW
crypto implementations will now need to check if data_size is 0 and
return HWCRYPTO_UNSUPPORTED if they cannot handle this case.
While we're touching everything anyway, let's take this opportunity to
retire the vb2_digest_buffer() API in favor of the newer and usually
more convenient vb2_hash_calculate(), so we can limit the amount of
separate APIs we have to support going forward.
BRANCH=none
BUG=b:240624460
TEST=runtests
Signed-off-by: Julius Werner <jwerner@chromium.org>
Cq-Depend: chromium:3854282
Change-Id: I34c3f54e31742619d422d1cd871bdb77ad0439b7
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/vboot_reference/+/3825558
Reviewed-by: Yu-Ping Wu <yupingso@chromium.org>
|
|
|
|
|
|
|
|
|
|
|
| |
BUG=b:231084609
BRANCH=None
TEST=None
Change-Id: Id76f2469faa13c136c6ec2761577acec4ad810e5
Signed-off-by: Evan Benn <evanbenn@chromium.org>
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/vboot_reference/+/3831833
Reviewed-by: Hung-Te Lin <hungte@chromium.org>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
In vb2_get_gbb, abort if gbb_offset is zero. This ensures that functions
like vb2api_gbb_get_flags won't try to read garbage GBB data if the
context hasn't been properly initialized.
Some additional changes made to fix tests:
1. In vb2_set_boot_mode, don't access GBB unless needed.
2. In vb2api_get_dev_default_boot_target, use vb2api_gbb_get_flags
instead of vb2_get_gbb to make it easier to mock. This is needed for
depthcharge tests.
3. Make vb2api_get_debug_info tolerant of GBB not being set. This is
needed for depthcharge tests.
BUG=b:237093169
BRANCH=none
TEST=make && make runtests
Cq-Depend: chromium:3820402
Change-Id: I921d6cc4a5d91c8114c5e46748b4576a1e7716d0
Signed-off-by: Nicholas Bishop <nicholasbishop@google.com>
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/vboot_reference/+/3817941
Reviewed-by: Julius Werner <jwerner@chromium.org>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Move VbTryLoadKernel() and VbTryLoadMiniOsKernel() to depthcharge.
In addition, expose LoadKernel() and LoadMiniOsKernel() as
vb2api_load_kernel() and vb2api_load_minos_kernel(), respectively.
Since we remove VbTryLoadKernel() in vb2api_normal_boot(), rename
vb2api_normal_boot() to check_kernel_version() and call it in
vb2api_kernel_finalize().
Also, rename VbSelectAndLoadKernelParams, VbDiskInfo, and
VbExDiskHandle_t as vb2_kernel_params, vb2_disk_info, and
vb2ex_disk_handle_t, respectively.
BUG=b:172339016
BRANCH=none
TEST=make runtests
TEST=FW_NAME=tomato emerge-cherry depthcharge
Cq-Depend: chromium:3758201
Signed-off-by: Hsin-Te Yuan <yuanhsinte@google.com>
Change-Id: Iaf182ca81797fee24c6104dac9d4770ff75c7fb2
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/vboot_reference/+/3755923
Reviewed-by: Yu-Ping Wu <yupingso@chromium.org>
Reviewed-by: Julius Werner <jwerner@chromium.org>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
This patch adds --keyset option for sign command for BIOS_IMAGE,
RAW_FIRMWARE, RAW_KERNEL and KERN_PREAMBLE file types. The default value
of this option is '/usr/share/vboot/devkeys'. It allows futility to load
public and private keys, and keyblocks from under this path, when they
were not provided manually using their respective options.
Files loaded by default for BIOS_IMAGE and RAW_FIRMWARE:
- ${keysetdir}/firmware_data_key.vbprivk
- ${keysetdir}/firmware.keyblock
- ${keysetdir}/kernel_subkey.vbpubk
Files loaded by default for RAW_KERNEL:
- ${keysetdir}/kernel_data_key.vbprivk
- ${keysetdir}/kernel.keyblock
File loaded by default for KERN_PREAMBLE:
- ${keysetdir}/kernel_data_key.vbprivk
BUG=none
BRANCH=none
TEST=make runfutiltests
Signed-off-by: Jakub Czapiga <jacz@semihalf.com>
Change-Id: Ic4026d501d88e0de7d2c6f52c7494c639d08bd15
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/vboot_reference/+/3740601
Auto-Submit: Jakub Czapiga <czapiga@google.com>
Reviewed-by: Julius Werner <jwerner@chromium.org>
Commit-Queue: Julius Werner <jwerner@chromium.org>
Tested-by: Jakub Czapiga <czapiga@google.com>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
In preparation for moving VbTryLoadKernel to depthcharge, move the
VB2_NV_DISPLAY_REQUEST check from vb2api_normal_boot to
vb2api_kernel_phase2.
BUG=b:172339016
BRANCH=none
TEST=make runtests
Signed-off-by: Hsin-Te Yuan <yuanhsinte@google.com>
Change-Id: I3629d8dbbcaba23220152543ba77558c8bbcdc7b
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/vboot_reference/+/3752431
Reviewed-by: Yu-Ping Wu <yupingso@chromium.org>
Reviewed-by: Hsuan Ting Chen <roccochen@chromium.org>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Introduce set_boot_mode to set up the corresponding ctx flags and call
vb2_set_boot_mode to set ctx->boot_mode to be consistent with those
flags.
BUG=none
BRANCH=none
TEST=make runtests
Signed-off-by: Hsin-Te Yuan <yuanhsinte@google.com>
Change-Id: I7020639521af30bcdb6edcfac4c1a5b21ca8815e
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/vboot_reference/+/3750959
Reviewed-by: Yu-Ping Wu <yupingso@chromium.org>
Reviewed-by: Hsuan Ting Chen <roccochen@chromium.org>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Create tests/common/ to put some common files.
BUG=none
BRANCH=none
TEST=make runtests
Signed-off-by: Hsin-Te Yuan <yuanhsinte@google.com>
Change-Id: I8918b7a1e62d47fca6074ef123e2de6f46f1aa00
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/vboot_reference/+/3754814
Reviewed-by: Hsuan Ting Chen <roccochen@chromium.org>
Reviewed-by: Yu-Ping Wu <yupingso@chromium.org>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
When the hash file of auxfw is not found in the CBFS, VB2_ERROR_UNKNOWN
will be returned from vb2ex_auxfw_check(), causing the device to enter
reboot loop. Similar to how we handle missing ecrw.hash, vb2api_fail()
should be called, so that the device will try to boot from the other
slot, and if the hash is still missing, recovery will be triggered.
Call vb2api_fail() from vb2api_auxfw_sync() using the 3-argument form of
VB2_TRY(). Add a unit test to prevent regression.
BUG=b:237745301
TEST=make run2tests
TEST=emerge-corsola libpayload
BRANCH=none
Change-Id: I789c63b10201bd1852bc087199ec7b226ec85ba8
Signed-off-by: Yu-Ping Wu <yupingso@chromium.org>
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/vboot_reference/+/3742863
Reviewed-by: Julius Werner <jwerner@chromium.org>
Commit-Queue: Julius Werner <jwerner@chromium.org>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Pass VbSelectAndLoadKernelParams kparams as a function argument instead
of using global variable kparams_ptr. Remove VbSelectAndLoadKernel and
replace its tests with the unit tests for vb2_set_boot_mode,
vb2api_kernel_phase2, vb2api_kernel_finalize, and vb2api_normal_boot.
BUG=b:172339016
BRANCH=none
TEST=make runtests
Cq-Depend: chromium:3731710
Signed-off-by: Hsin-Te Yuan <yuanhsinte@google.com>
Change-Id: I26895ced5e310b2894b9d42d0ad5514d3b0b930a
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/vboot_reference/+/3731412
Reviewed-by: Yu-Ping Wu <yupingso@chromium.org>
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
BUG=none
TEST=make runtests
BRANCH=none
Signed-off-by: Hsin-Te Yuan <yuanhsinte@google.com>
Change-Id: I406bcf806a6bbe21faa5f069381b73d43a7550b2
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/vboot_reference/+/3737566
Reviewed-by: Julius Werner <jwerner@chromium.org>
Reviewed-by: Yu-Ping Wu <yupingso@chromium.org>
Tested-by: Hsuan Ting Chen <roccochen@chromium.org>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
In vb2api_fw_phase1, use the boot_mode set by vb2_set_boot_mode to
determine whether to initialize display. This fixes the edge case where
VB2_NV_DIAG_REQUEST is set, but vb2api_diagnostic_ui_enabled() is 0.
BUG=none
TEST=make runtests
BRANCH=none
Signed-off-by: Hsin-Te Yuan <yuanhsinte@google.com>
Change-Id: Iecb9f52b056906bcd1d7da324390672adc5112c7
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/vboot_reference/+/3737563
Reviewed-by: Hsuan Ting Chen <roccochen@chromium.org>
Reviewed-by: Yu-Ping Wu <yupingso@chromium.org>
Reviewed-by: Julius Werner <jwerner@chromium.org>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
This patch reworks whole BIOS image signing to support images with CBFS,
and with ponly RW/A slot. CBFS images will now be truncated to eliminate
unnecessary empty space, and will sign only the part of firmware area
which contains the data, and not empty space.
This patch also adds more checks for potential errors, and does not
allow for signing incorrect nor uses data from structures, which might
not be valid.
futility sign command tests are also greatly extended to cover a wide
variety of possible errors, which have to be handled correctly.
BUG=b:197114807
TEST=sudo emerge vboot_reference
TEST=build whole chromeos-bootimage after making it and coreboot use
`futility sign --type bios ...`
TEST=make runtests
BRANCH=none
Signed-off-by: Jakub Czapiga <jacz@semihalf.com>
Cq-Depend: chromium:3707104
Change-Id: I7c84aa38776e8890a87f0e9b7ec7f32d86f82c13
Disallow-Recycled-Builds: test-failures
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/vboot_reference/+/3575325
Tested-by: Jakub Czapiga <czapiga@google.com>
Reviewed-by: Julius Werner <jwerner@chromium.org>
Auto-Submit: Jakub Czapiga <czapiga@google.com>
Commit-Queue: Jakub Czapiga <czapiga@google.com>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Extract the middle part of VbSelectAndLoadKernel as vb2api_kernel_phase2
and call it from VbSelectAndLoadKernel. Also, remove vb2_nv_init in
VbSelectAndLoadKernel. Furthermore, publicize vb2_normal_boot as
vb2api_normal_boot in preparation for moving the content of
VbSelectAndLoadKernel to depthcharge. Besides, when NO_BOOT is set,
manual recovery should be disallowed (unless
VB2_GBB_FLAG_FORCE_MANUAL_RECOVERY is set). Therefore, print the NO_BOOT
debug log only for the broken screen case.
BUG=b:172339016
BRANCH=none
TEST=make runtests
Signed-off-by: Hsin-Te Yuan <yuanhsinte@google.com>
Change-Id: I4dc5ee4fb80ecc8c24a992a489c3bf6fe267046d
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/vboot_reference/+/3720975
Reviewed-by: Hsuan Ting Chen <roccochen@chromium.org>
Reviewed-by: Yu-Ping Wu <yupingso@chromium.org>
|
|
|
|
|
|
|
|
|
|
|
|
| |
BUG=none
BRANCH=none
TEST=make runtests
Signed-off-by: Jakub Czapiga <czapiga@google.com>
Change-Id: I364ac6ace35705f1cfdaec71297523d4c2132b75
Disallow-Recycled-Builds: test-failures
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/vboot_reference/+/3695417
Reviewed-by: Julius Werner <jwerner@chromium.org>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
This feature has not been needed since pre-2012 devices which have long
since reached their end of life. We can safely remove it to simplify the
code.
Also remove ZGB image, as it is no longer needed.
BUG=b:197114807
TEST=sudo FEATURES=test emerge vboot_reference
BRANCH=none
Signed-off-by: Jakub Czapiga <jacz@semihalf.com>
Cq-Depend: chromium:3650757
Change-Id: I889dc6300c5cb72bdfcb9c2b66d63e97d3f8c862
Disallow-Recycled-Builds: test-failures
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/vboot_reference/+/3578968
Commit-Queue: Jakub Czapiga <czapiga@google.com>
Auto-Submit: Jakub Czapiga <czapiga@google.com>
Tested-by: Jakub Czapiga <czapiga@google.com>
Reviewed-by: Julius Werner <jwerner@chromium.org>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Introduce a new vboot context flag VB2_CONTEXT_DISABLE_TPM to indicate
whether TPM should be disabled before jumping to kernel. This allows us
to move the vb2ex_tpm_set_mode(VB2_TPM_MODE_DISABLED) call from vboot to
depthcharge. See CL:3653659 for details.
BUG=b:223662000, b:232743820
TEST=make runtests
TEST=emerge-cherry depthcharge
BRANCH=cherry
Cq-Depend: chromium:3653659
Change-Id: Ie7bcc3c7bf01346a3bc1f9e14b30017a4c3148ac
Signed-off-by: Yu-Ping Wu <yupingso@chromium.org>
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/vboot_reference/+/3653207
Reviewed-by: Julius Werner <jwerner@chromium.org>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Old names are not in use for very long time, so remove them.
BUG=b:197114807
TEST=cros-workon-volteer start vboot_reference && \
FW_NAME=voxel emerge-volteer vboot_reference coreboot
chromeos-bootimage
TEST=sudo FEATURES=test emerge vboot_reference
BRANCH=none
Signed-off-by: Jakub Czapiga <jacz@semihalf.com>
Change-Id: I07916b82a721481c982b291e228df0772e0fc2a2
Disallow-Recycled-Builds: test-failures
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/vboot_reference/+/3575323
Auto-Submit: Jakub Czapiga <czapiga@google.com>
Commit-Queue: Jakub Czapiga <czapiga@google.com>
Reviewed-by: Julius Werner <jwerner@chromium.org>
Tested-by: Jakub Czapiga <czapiga@google.com>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
This adds a keyblock holding the arv_platform public key that is signed
with the arv_root private key. The SHA-256 of the root key is
3d74429f35be8d34bcb425d4397e2218e6961afed456a78ce30047f5b54ed158.
Command to build:
./build/futility/futility vbutil_keyblock \
--pack tests/devkeys/arv_platform.keyblock \
--datapubkey tests/devkeys/arv_platform.vbpubk \
--signprivate tests/devkeys/arv_root.vbprivk
BUG=b:161483233
TEST=above command
BRANCH=None
Signed-off-by: Alyssa Haroldsen <kupiakos@google.com>
Change-Id: I7989c081e4a3ad79f957e3e6d8a3b2314e06152f
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/vboot_reference/+/3584691
Reviewed-by: Jett Rink <jettrink@chromium.org>
Commit-Queue: Alyssa Haroldsen <kupiakos@google.com>
Tested-by: Alyssa Haroldsen <kupiakos@google.com>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Per discussion, the 'custom_label_tag' is easier to read than
'customlabel_tag'. We should rename it before any real devices
have started using the different names.
BUG=b:169766857
TEST=make; build and run test
BRANCH=None
Change-Id: I3672e7b20bc85f79796470ba1a58c2896d26ff88
Signed-off-by: Hung-Te Lin <hungte@chromium.org>
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/vboot_reference/+/3534491
Reviewed-by: Yu-Ping Wu <yupingso@chromium.org>
Commit-Queue: Yu-Ping Wu <yupingso@chromium.org>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Support new VPD name 'customlabel_tag' for the custom label program.
For shipped devices (firmware is already locked and write protected) we
still support the legacy name.
The quirk 'allow_empty_wl_tag' also renamed to
'allow_empty_customlabel_tag'.
This is usually not recommended, but given no devices have used this
quirk in the CBFS quirks, it should be fine to change the quirk name.
BUG=b:169766857
TEST=make; build and run test
BRANCH=None
Change-Id: Ia29051a4e829d853cc60488f286d575c20f52f20
Signed-off-by: Hung-Te Lin <hungte@chromium.org>
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/vboot_reference/+/3503199
Reviewed-by: Yu-Ping Wu <yupingso@chromium.org>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Currently, Depthcharge prevents the kernel from being loaded if
NO_BOOT flag is set. This makes sense only when EC sync is enabled.
This patch makes VbSelectAndLoadKernel ignore NO_BOOT flag if
VB2_CONTEXT_EC_SYNC_SUPPORTED isn't set.
BUG=b:216317864
BRANCH=None
TEST=None
Change-Id: Ic501f430754947dfa8a2243dcb12d31232b18b75
Signed-off-by: Daisuke Nojiri <dnojiri@chromium.org>
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/vboot_reference/+/3433028
Reviewed-by: Tim Wawrzynczak <twawrzynczak@chromium.org>
Reviewed-by: Julius Werner <jwerner@chromium.org>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
This attempts to converge the signatures of host/lib/flashrom
with that of 'futility/updater_utils.h:struct firmware_image'.
with the eventual goal of converging the multiple flashrom
wrapper implementations.
BUG=b:207808292
BRANCH=none
TEST=`$ cros_run_unit_tests --board nocturne --packages vboot_reference`
Cq-Depend: chromium:3399963
Signed-off-by: Edward O'Callaghan <quasisec@google.com>
Change-Id: I016dacbdca6f1108def0dbc608d83e0066a30023
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/vboot_reference/+/3301571
Reviewed-by: Sam McNally <sammc@chromium.org>
Tested-by: Edward O'Callaghan <quasisec@chromium.org>
Auto-Submit: Edward O'Callaghan <quasisec@chromium.org>
Commit-Queue: Edward O'Callaghan <quasisec@chromium.org>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
The preserve_me quirk allows avoiding modifying the ME region while it
may be running. Its apply function attempts to skip itself when not
flashing the OS-bundled firmware by checking for whether an archive is
set, but this doesn't work since in the absence of an actual archive
file, a filesystem archive implementation is used instead.
While flashing over a non-host programmer the ME is not running and
therefore it is safe to update the ME region.
Add unit test cases for the preserve_me quirk applying successfully when
using the default host programmer and being skipped when using another
programmer.
BUG=b:213706510
TEST=futility update -p dummy... with preserve_me quirk skips the quirk;
chromeos-firmwareupdate with a preserve_me quirk applies the quirk
BRANCH=none
Change-Id: Ie5578c9b3cf7eba55626bb931589bf360fe28269
Signed-off-by: Sam McNally <sammc@chromium.org>
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/vboot_reference/+/3450060
Reviewed-by: Edward O'Callaghan <quasisec@chromium.org>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Command does not need to run under sudo and sudo will not be available
once we start running the test scripts under platform2_test.py.
BUG=b:207787495
BRANCH=none
TEST=`cros_run_unit_tests --board grunt --packages vboot_reference`
Signed-off-by: Nikolai Artemiev <nartemiev@google.com>
Change-Id: I795519c4b45e410f5ddc3c55dceab1ae1de02dbc
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/vboot_reference/+/3428421
Reviewed-by: Edward O'Callaghan <quasisec@chromium.org>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
2lib used vb2_api_allow_recovery() to differentiate between manual and
non-manual recovery in 2kernel and UI related areas.
With introducing the ctx->boot_mode, we could decide if it is a manual
recovery or a broken screen (a.k.a non-manual recovery in the original
design) once in vb2api_fw_phase1 and use this boot mode instead for
further justifications.
Also deprecate the sd flag VB2_SD_FLAG_MANUAL_RECOVERY and use the boot
mode instead to determine if it is a manual recovery boot.
BUG=b:181931817
BRANCH=none
TEST=make clean && make runtests
TEST=emerge coreboot vboot_reference depthcharge
Cq-Depend: chromium:3282875
Signed-off-by: Hsuan Ting Chen <roccochen@chromium.org>
Change-Id: Ief4ff6cf82285c5857f0051c1f348ad0f269b4a8
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/vboot_reference/+/3121926
Reviewed-by: Yu-Ping Wu <yupingso@chromium.org>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
In depthcharge, display availability is checked as part of performing
AUX FW update. In vboot tests, display availability is checked as part
of checking for the AUX FW update. Match the test behavior with the
implementation in depthcharge.
BUG=b:210127173
BRANCH=None
TEST=Ensure that all the tests passed successfully using the following
command:
cros_workon_make --board=dedede vboot_reference --test
Signed-off-by: Karthikeyan Ramasubramanian <kramasub@google.com>
Change-Id: Ifc58f94bd64c3a90f80e40d97de8938a04dcba6f
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/vboot_reference/+/3346284
Tested-by: Karthikeyan Ramasubramanian <kramasub@chromium.org>
Reviewed-by: Julius Werner <jwerner@chromium.org>
Reviewed-by: Yu-Ping Wu <yupingso@chromium.org>
Reviewed-by: Tim Wawrzynczak <twawrzynczak@chromium.org>
Commit-Queue: Bob Moragues <moragues@chromium.org>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
This reverts commit f0ba3fe277fdc623565eab0725aed743e24a1a44.
Reason for revert: We can try another reland after the coreboot
CL https://review.coreboot.org/c/coreboot/+/58253 is
downstreamed and the guybrush psp_verstage.bin is signed again.
Original change's description:
> Revert "2api: Add vb2_boot_mode in vb2_context denoted the current boot mode"
>
> This reverts commit 2cf76574dbf57c70da3a835f2a45d5619dc058f5.
>
> Reason for revert: b:202258389
>
> Original change's description:
> > 2api: Add vb2_boot_mode in vb2_context denoted the current boot mode
> >
> > Add enum vb2_boot_mode which denotes the most relevant boot mode between
> > normal, manual recovery, broken recovery, diagnostic, and developer.
> >
> > The boot mode constant stores in vb2_context, is exposed externally, and
> > decided in vb2api_fw_phase1.
> >
> > Split out the logic of manual recovery and broken screen. (The broken
> > recovery is a recovery boot with !vb2api_allow_recovery)
> >
> > Add the fifth boot mode, diagnostic boot mode
> >
> > A boot could match more the one boot mode, this api will pick the most
> > relevant boot mode based on the following order:
> > 1. Manual recovery boot
> > 2. Broken recovery boot
> > 3. Diagnostics boot
> > 4. Developer boot
> > 5. Normal boot
> >
> > This constant is used in:
> > * lib/vboot_api_kernel.c: VbSelectAndLoadKernel()
> > * lib/vboot_kernel.c: replace the original vb2_boot_mode
> > * coreboot/bootmode for adding elogs
> >
> > Also bump the vb2sd minor version from 0 to 1.
> >
> > BUG=b:185551931, b:177196147, b:181931817
> > BRANCH=none
> > TEST=CC=x86_64-pc-linux-gnu-clang;
> > make clean && make runtests
> > TEST=emerge coreboot vboot_reference depthcharge
> >
> > Signed-off-by: Hsuan Ting Chen <roccochen@chromium.org>
> > Change-Id: I421e4d51c261ba2bdec996a5fb2ebccb33513fa4
> > Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/vboot_reference/+/2944250
> > Reviewed-by: Yu-Ping Wu <yupingso@chromium.org>
>
> Bug: b:185551931, b:177196147, b:181931817
> Change-Id: Ic184a24f5b580bcaf40d75045476ae77c674dd3d
> Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/vboot_reference/+/3209725
> Bot-Commit: Rubber Stamper <rubber-stamper@appspot.gserviceaccount.com>
> Commit-Queue: Bhanu Prakash Maiya <bhanumaiya@google.com>
Bug: b:185551931, b:177196147, b:181931817
Change-Id: Ie480bf76eb0164f6e498b72e0533cd5c5762d6f6
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/vboot_reference/+/3274699
Reviewed-by: Hsuan Ting Chen <roccochen@chromium.org>
Tested-by: Hsuan Ting Chen <roccochen@chromium.org>
Reviewed-by: Yu-Ping Wu <yupingso@chromium.org>
Commit-Queue: Hsuan Ting Chen <roccochen@chromium.org>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
This reverts commit b9644352d7717d4f564be90aac6c41bef583d930.
Reason for revert: We can try another reland after the coreboot
CL https://review.coreboot.org/c/coreboot/+/58253 is
downstreamed and the guybrush psp_verstage.bin is signed again.
Original change's description:
> Revert "2lib/2api: Deprecate vb2ex_ec_trusted()"
>
> This reverts commit 7c73bb07fd3ca45ce650b993a9c6a5850ddb2707.
>
> Reason for revert: b:202258389
>
> Original change's description:
> > 2lib/2api: Deprecate vb2ex_ec_trusted()
> >
> > coreboot will support check the EC_IN_RW during verstage_main(), which
> > performs the equivalent tasks as vb2ex_ec_trusted().
> >
> > In the previous CL, we remove the check of vb2ex_ec_trusted(), so the
> > whole implementation of this function among vboot_reference and
> > depthcharge could be deprecated and removed.
> >
> > BUG=b:181931817
> > BRANCH=none
> > TEST=CC=x86_64-pc-linux-gnu-clang;
> > make clean && make runtests
> > TEST=emerge coreboot vboot_reference depthcharge
> >
> > Cq-Depend: chromium:3139956
> > Signed-off-by: Hsuan Ting Chen <roccochen@chromium.org>
> > Change-Id: I4f592d7dec2480475762e1336791cbb34fa143ba
> > Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/vboot_reference/+/3139539
> > Reviewed-by: Julius Werner <jwerner@chromium.org>
> > Reviewed-by: Yu-Ping Wu <yupingso@chromium.org>
>
> Bug: b:181931817
> Change-Id: Ia127ce89b7f9413db9fd6ca4561ad06efb36d7e1
> Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/vboot_reference/+/3211006
> Bot-Commit: Rubber Stamper <rubber-stamper@appspot.gserviceaccount.com>
> Commit-Queue: Bhanu Prakash Maiya <bhanumaiya@google.com>
Bug: b:181931817
Cq-Depend: chromium:3275254
Change-Id: I2c4db28b5800e5756f6f12b8bf69924f373a5c58
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/vboot_reference/+/3274698
Tested-by: Hsuan Ting Chen <roccochen@chromium.org>
Reviewed-by: Yu-Ping Wu <yupingso@chromium.org>
Commit-Queue: Hsuan Ting Chen <roccochen@chromium.org>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
This patch extends create_new_keys.sh to generate two additional key
pairs to use for AP RO verification signing. Both new pairs are
RSA4096/SHA256.
The script was ran to generate a new set of keys and the produced AP
RO verification key pairs were copied into tests/devkeys.
BRANCH=none
BUG=b:141191727
TEST=re-signed guybrush AP firmware image following the process
described in cmd_gscvd.c comments, created a Cr50 image
incorporating the new root public key hash, updated the DUT AP
and Cr50 firmware and observed successful AP RO validation.
Change-Id: I03cba1446fc5ffdfef662c5ce1ea3e61950477d4
Signed-off-by: Vadim Bendebury <vbendeb@google.com>
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/vboot_reference/+/3297447
Tested-by: Vadim Bendebury <vbendeb@chromium.org>
Reviewed-by: Mike Frysinger <vapier@chromium.org>
Commit-Queue: Vadim Bendebury <vbendeb@chromium.org>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Unfortunately, CL:3168437 introduced a new problem when booting with a
broken TPM: secdata accessors no longer return failure but instead just
abort when booting in normal mode and continue when we're in recovery
mode. The problem is that when accessing secdata very early in
vb2api_fw_phase1(), we have not decided whether we're booting in
recovery mode yet. If vb2_secdata_firmware_init() fails, we will call
vb2api_fail() and then continue knowing that vb2_check_recovery() will
later see the recovery reason in NVRAM and decide to boot directly into
recovery from here. But if the code in-between accesses secdata, the
VB2_CONTEXT_RECOVERY_MODE flag is technically not yet set, so our
secdata accessor thinks we are booting in normal mode and something
terrible happened (because it shouldn't be possible to boot in normal
mode when secdata_init failed), so it aborts.
In order to try to solve this problem in a more general way, introduce a
new VB2_SD_STATUS_RECOVERY_DECIDED status flag that gets set once we
reach the point where we have conclusively decided whether we are
booting into recovery mode and set the appropriate context flags. Any
code using VB2_REC_OR_DIE() before that point will play it safe and
assume that we may still go into recovery mode, so we shouldn't abort.
BRANCH=none
BUG=none
TEST=none
Signed-off-by: Julius Werner <jwerner@chromium.org>
Change-Id: Ic3daa8dac932286257cbceebfff8712d25c3a97a
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/vboot_reference/+/3301540
Reviewed-by: Hsuan Ting Chen <roccochen@chromium.org>
Reviewed-by: Yu-Ping Wu <yupingso@chromium.org>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
BOOT_EXTERNAL_ON_DEV was not used anymore, so it was removed from the
Makefile and source code.
BUG=b:206031372
BRANCH=none
TEST=make runtests
TEST=emerge-guybrush depthcharge
Signed-off-by: Jakub Czapiga <jacz@semihalf.com>
Change-Id: I463a77f2de8f59954704495708025321ca1571d8
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/vboot_reference/+/3289345
Reviewed-by: Julius Werner <jwerner@chromium.org>
Reviewed-by: Yu-Ping Wu <yupingso@chromium.org>
Tested-by: Jakub Czapiga <czapiga@google.com>
Commit-Queue: Jakub Czapiga <czapiga@google.com>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Remove function VbExIsShutdownRequested, since this function is not used
in vboot anymore after UI code is centralized.
Remove VB_SHUTDOWN_* macros since they are not used in vboot now. These
macros will be added in depthcharge in the dependent CL.
BUG=b:172339016
TEST=DEBUG=1 make -j test_setup && make -j runtests
BRANCH=none
Cq-Depend: chromium:3142698
Signed-off-by: edisonhello <edisonhello@google.com>
Change-Id: I024b34212a5c9e42b880d51d21c7a90a6170b3c3
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/vboot_reference/+/3143814
Reviewed-by: Yu-Ping Wu <yupingso@chromium.org>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
To support booting from the non-active miniOS partition in recovery UI,
add minios_flags argument to VbTryLoadMiniOsKernel. Currently there is
only one flag: VB_MINIOS_FLAG_NON_ACTIVE. When it is set, we will
attempt to boot from the non-active partition only.
BUG=b:200750322
TEST=make runtests
BRANCH=none
Cq-Depend: chromium:3219727
Change-Id: I6221f10c09de2487e89e6113981bc9e9755d67f4
Signed-off-by: Yu-Ping Wu <yupingso@chromium.org>
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/vboot_reference/+/3219901
Reviewed-by: Julius Werner <jwerner@chromium.org>
Reviewed-by: Jae Hoon Kim <kimjae@chromium.org>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
This reverts commit 7c73bb07fd3ca45ce650b993a9c6a5850ddb2707.
Reason for revert: b:202258389
Original change's description:
> 2lib/2api: Deprecate vb2ex_ec_trusted()
>
> coreboot will support check the EC_IN_RW during verstage_main(), which
> performs the equivalent tasks as vb2ex_ec_trusted().
>
> In the previous CL, we remove the check of vb2ex_ec_trusted(), so the
> whole implementation of this function among vboot_reference and
> depthcharge could be deprecated and removed.
>
> BUG=b:181931817
> BRANCH=none
> TEST=CC=x86_64-pc-linux-gnu-clang;
> make clean && make runtests
> TEST=emerge coreboot vboot_reference depthcharge
>
> Cq-Depend: chromium:3139956
> Signed-off-by: Hsuan Ting Chen <roccochen@chromium.org>
> Change-Id: I4f592d7dec2480475762e1336791cbb34fa143ba
> Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/vboot_reference/+/3139539
> Reviewed-by: Julius Werner <jwerner@chromium.org>
> Reviewed-by: Yu-Ping Wu <yupingso@chromium.org>
Bug: b:181931817
Change-Id: Ia127ce89b7f9413db9fd6ca4561ad06efb36d7e1
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/vboot_reference/+/3211006
Bot-Commit: Rubber Stamper <rubber-stamper@appspot.gserviceaccount.com>
Commit-Queue: Bhanu Prakash Maiya <bhanumaiya@google.com>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
This reverts commit 2cf76574dbf57c70da3a835f2a45d5619dc058f5.
Reason for revert: b:202258389
Original change's description:
> 2api: Add vb2_boot_mode in vb2_context denoted the current boot mode
>
> Add enum vb2_boot_mode which denotes the most relevant boot mode between
> normal, manual recovery, broken recovery, diagnostic, and developer.
>
> The boot mode constant stores in vb2_context, is exposed externally, and
> decided in vb2api_fw_phase1.
>
> Split out the logic of manual recovery and broken screen. (The broken
> recovery is a recovery boot with !vb2api_allow_recovery)
>
> Add the fifth boot mode, diagnostic boot mode
>
> A boot could match more the one boot mode, this api will pick the most
> relevant boot mode based on the following order:
> 1. Manual recovery boot
> 2. Broken recovery boot
> 3. Diagnostics boot
> 4. Developer boot
> 5. Normal boot
>
> This constant is used in:
> * lib/vboot_api_kernel.c: VbSelectAndLoadKernel()
> * lib/vboot_kernel.c: replace the original vb2_boot_mode
> * coreboot/bootmode for adding elogs
>
> Also bump the vb2sd minor version from 0 to 1.
>
> BUG=b:185551931, b:177196147, b:181931817
> BRANCH=none
> TEST=CC=x86_64-pc-linux-gnu-clang;
> make clean && make runtests
> TEST=emerge coreboot vboot_reference depthcharge
>
> Signed-off-by: Hsuan Ting Chen <roccochen@chromium.org>
> Change-Id: I421e4d51c261ba2bdec996a5fb2ebccb33513fa4
> Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/vboot_reference/+/2944250
> Reviewed-by: Yu-Ping Wu <yupingso@chromium.org>
Bug: b:185551931, b:177196147, b:181931817
Change-Id: Ic184a24f5b580bcaf40d75045476ae77c674dd3d
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/vboot_reference/+/3209725
Bot-Commit: Rubber Stamper <rubber-stamper@appspot.gserviceaccount.com>
Commit-Queue: Bhanu Prakash Maiya <bhanumaiya@google.com>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Add enum vb2_boot_mode which denotes the most relevant boot mode between
normal, manual recovery, broken recovery, diagnostic, and developer.
The boot mode constant stores in vb2_context, is exposed externally, and
decided in vb2api_fw_phase1.
Split out the logic of manual recovery and broken screen. (The broken
recovery is a recovery boot with !vb2api_allow_recovery)
Add the fifth boot mode, diagnostic boot mode
A boot could match more the one boot mode, this api will pick the most
relevant boot mode based on the following order:
1. Manual recovery boot
2. Broken recovery boot
3. Diagnostics boot
4. Developer boot
5. Normal boot
This constant is used in:
* lib/vboot_api_kernel.c: VbSelectAndLoadKernel()
* lib/vboot_kernel.c: replace the original vb2_boot_mode
* coreboot/bootmode for adding elogs
Also bump the vb2sd minor version from 0 to 1.
BUG=b:185551931, b:177196147, b:181931817
BRANCH=none
TEST=CC=x86_64-pc-linux-gnu-clang;
make clean && make runtests
TEST=emerge coreboot vboot_reference depthcharge
Signed-off-by: Hsuan Ting Chen <roccochen@chromium.org>
Change-Id: I421e4d51c261ba2bdec996a5fb2ebccb33513fa4
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/vboot_reference/+/2944250
Reviewed-by: Yu-Ping Wu <yupingso@chromium.org>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
coreboot will support check the EC_IN_RW during verstage_main(), which
performs the equivalent tasks as vb2ex_ec_trusted().
In the previous CL, we remove the check of vb2ex_ec_trusted(), so the
whole implementation of this function among vboot_reference and
depthcharge could be deprecated and removed.
BUG=b:181931817
BRANCH=none
TEST=CC=x86_64-pc-linux-gnu-clang;
make clean && make runtests
TEST=emerge coreboot vboot_reference depthcharge
Cq-Depend: chromium:3139956
Signed-off-by: Hsuan Ting Chen <roccochen@chromium.org>
Change-Id: I4f592d7dec2480475762e1336791cbb34fa143ba
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/vboot_reference/+/3139539
Reviewed-by: Julius Werner <jwerner@chromium.org>
Reviewed-by: Yu-Ping Wu <yupingso@chromium.org>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Add VbTryLoadMiniOsKernel() to vboot API, which boots from a miniOS
recovery kernel located on internal disk. In this boot path, an attempt
is made to verify and boot this kernel. Recovery proceeds from within
the miniOS kernel by downloading a recovery image over the network. No
USB disk is used in the process.
For more information, see go/nbr-firmware.
BUG=b:188121855, b:186682292
TEST=make clean && make runtests
BRANCH=none
Change-Id: Ic4d1fe5642a2bf71c51c78fd7830ad2b6e9eebeb
Signed-off-by: Yu-Ping Wu <yupingso@chromium.org>
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/vboot_reference/+/2856364
Reviewed-by: Julius Werner <jwerner@chromium.org>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
This CL is a revert to CL:300621.
In that CL, we adjusted the order of checking dev switch
(vb2_check_dev_switch) and move it after the check for recovery step
(vb2_check_recovery). The reason of that adjustment was because
vb2_check_dev_switch might return very early if the TPM is broken and
it failed to retrieve the secdata.
However, retrieving the secdata becomes a function which cannot fail
nowadays and it is not necessary to handle that scenario of the early
return in vb2_check_dev_switch. So we adjust them back to the original
order.
We also remove the related outdated unit tests in vb2_api_tests.c
BUG=none
BRANCH=none
TEST=CC=x86_64-pc-linux-gnu-clang;
make clean && make runtests
Signed-off-by: Hsuan Ting Chen <roccochen@chromium.org>
Change-Id: Iada8092e73ed9282242b1d67d101c836860e13c6
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/vboot_reference/+/3168437
Reviewed-by: Yu-Ping Wu <yupingso@chromium.org>
Reviewed-by: Julius Werner <jwerner@chromium.org>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
The test uses sha-ni extension, so it crashes on platforms without
sha-ni. Add cpuid checks to avoid that.
BUG=b:162551138
BRANCH=none
TEST=run test on Haswell, which doesn't have sha-ni
Signed-off-by: Kangheui Won <khwon@chromium.org>
Change-Id: I6e18843a723d022c67832ef970d4dc470c1aadce
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/vboot_reference/+/3140849
Reviewed-by: Raul E Rangel <rrangel@chromium.org>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Since all the screens and tests are already moved to depthcharge
in previous CLs, remove all internal UI functions and tests from
vboot.
BUG=b:172339016
TEST=DEBUG=1 make -j test_setup && make -j runtests
BRANCH=none
Signed-off-by: edisonhello <edisonhello@google.com>
Change-Id: Ifbd005a5761e5c354e010fc70487a63cd17cf4b3
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/vboot_reference/+/3139540
Reviewed-by: Julius Werner <jwerner@chromium.org>
Reviewed-by: Yu-Ping Wu <yupingso@chromium.org>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
This CL is a part of centralizing ui codes. The removed screens and unit
tests will be added in depthcharge.
Remove diagnostics menu, diagnostics storage and memory checking screens.
Remove unit tests for above screens and menu.
BUG=b:172339016
TEST=export CC=x86_64-pc-linux-gnu-clang DEBUG=1 DETACHABLE=0; \
make -j test_setup && make -j runtests
TEST=export CC=x86_64-pc-linux-gnu-clang DEBUG=1 DETACHABLE=1; \
make -j test_setup && make -j runtests
BRANCH=none
Cq-Depend: chromium:3138687
Signed-off-by: edisonhello <edisonhello@google.com>
Change-Id: I5eb1bee6a5f1aedb77298acbddab20156c1c086e
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/vboot_reference/+/3139537
Reviewed-by: Yu-Ping Wu <yupingso@chromium.org>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
This CL is a part of centralizing ui codes. The removed screens and unit
tests will be added in depthcharge.
Remove developer menu and its action function.
Remove developer mode, developer to norm, developer boot external,
developer invalid disk, developer select altfw screens.
Remove unit tests for above screens and menu.
BUG=b:172339016
TEST=export CC=x86_64-pc-linux-gnu-clang DEBUG=1 DETACHABLE=0; \
make -j test_setup && make -j runtests
TEST=export CC=x86_64-pc-linux-gnu-clang DEBUG=1 DETACHABLE=1; \
make -j test_setup && make -j runtests
BRANCH=none
Cq-Depend: chromium:3132550
Signed-off-by: edisonhello <edisonhello@google.com>
Change-Id: I45332f8e059eba612231362cc56a70da1336c7c2
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/vboot_reference/+/3132504
Reviewed-by: Yu-Ping Wu <yupingso@chromium.org>
Reviewed-by: Julius Werner <jwerner@chromium.org>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
This CL is a part of centralizing ui codes. The removed screens and unit
tests will be added in depthcharge.
Remove manual recovery menu and its action function.
Remove recovery select, recovery phone step *, recovery disk step *,
recovery invalid screens.
Add vb2ex_manual_recovery_ui declaration.
Remove unit tests of above screens, menu and actions.
BUG=b:172339016
TEST=Hayato booted into developer mode
TEST=Hayato showed manual recovery screen
TEST=export CC=x86_64-pc-linux-gnu-clang DEBUG=1 DETACHABLE=0; \
make -j test_setup && make -j runtests
TEST=export CC=x86_64-pc-linux-gnu-clang DEBUG=1 DETACHABLE=1; \
make -j test_setup && make -j runtests
BRANCH=none
Cq-Depend: chromium:3099529
Signed-off-by: edisonhello <edisonhello@google.com>
Change-Id: I330098200d45d094d4faab90b96355b5b19e3fea
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/vboot_reference/+/3116108
Reviewed-by: Julius Werner <jwerner@chromium.org>
Reviewed-by: Yu-Ping Wu <yupingso@chromium.org>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Remove broken recovery screen in vboot, and migrate to depthcharge.
Remove broken recovery related tests in vboot.
BUG=b:172339016
TEST=Hayato booted into developer mode
TEST=export CC=x86_64-pc-linux-gnu-clang DEBUG=1 DETACHABLE=0; \
make -j test_setup && make -j runtests
TEST=export CC=x86_64-pc-linux-gnu-clang DEBUG=1 DETACHABLE=1; \
make -j test_setup && make -j runtests
BRANCH=none
Cq-Depend: chromium:3116129
Change-Id: I7d830e992d9ae1703befba570dfbe3061319b9fe
Signed-off-by: edisonhello <edisonhello@google.com>
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/vboot_reference/+/3060559
Reviewed-by: Julius Werner <jwerner@chromium.org>
Reviewed-by: Yu-Ping Wu <yupingso@chromium.org>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Prepare for copying UI functions to depthcharge.
Rename UI functions which will be copied to depthcharge in vboot
in order to avoid linking time error after copying the functions.
BUG=b:172339016
TEST=export CC=x86_64-pc-linux-gnu-clang DEBUG=1 DETACHABLE=0; \
make -j test_setup && make -j runtests
TEST=export CC=x86_64-pc-linux-gnu-clang DEBUG=1 DETACHABLE=1; \
make -j test_setup && make -j runtests
TEST=Hayato booted into developer mode
BRANCH=none
Change-Id: I840de3121dc2ccd8f6d05ec8a1538c3761f806da
Signed-off-by: edisonhello <edisonhello@google.com>
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/vboot_reference/+/3060558
Reviewed-by: Julius Werner <jwerner@chromium.org>
Reviewed-by: Yu-Ping Wu <yupingso@chromium.org>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Currently the EC is trusted if any of the conditions are met:
* The ctx flag VB2_CONTEXT_EC_TRUSTED is set.
* vb2ex_ec_trusted() returns trusted.
With introducing the boot mode area in ctx, the vb2ex_ec_trusted will be
deprecated and the VB2_CONTEXT_EC_TRUSTED will become the only condition
to decide if EC is trusted.
This CL clears the flag while EC jumps to RW, which is the prerequisite
before landing the coreboot changes.
Also update the tests of ec_sync()
BRANCH=none
BUG=b:181931817
TEST=emerge-trogdor coreboot vboot_reference depthcharge
Signed-off-by: Hsuan Ting Chen <roccochen@chromium.org>
Change-Id: I4711093353f5a92157c4c00c859c01f08fc3607f
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/vboot_reference/+/3139538
Reviewed-by: Yu-Ping Wu <yupingso@chromium.org>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
The compiler is too zealous when deciding which addresses are allowed
to be accessed. While it is correct in principal, in some controlled
cases the code indeed needs to calculate addresses which are beyond
the structures boundaries.
This patch modifies the code to placate the compiler.
BRANCH=none
BUG=none
TEST='make run2tests' inside chroot does not fail to compile and
passes.
Change-Id: Iba99714da569a5f28ae95939e93ee1d09da20caa
Signed-off-by: Vadim Bendebury <vbendeb@google.com>
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/vboot_reference/+/3133544
Tested-by: Vadim Bendebury <vbendeb@chromium.org>
Reviewed-by: Yu-Ping Wu <yupingso@chromium.org>
Reviewed-by: Daisuke Nojiri <dnojiri@chromium.org>
Commit-Queue: Vadim Bendebury <vbendeb@chromium.org>
|