Print a debug error and beep when user tries to enable normal mode
when FORCE_DEV gbb flag is enabled.
BUG=b:67828898
BRANCH=None
TEST=Boot up with gbb flag 0x8 enabled. Select "Enabled OS
Verification" and select confirm. Should see error message
printed and a beep. Confirm switching to normal mode
screen will not appear.
Change-Id: Ic02558eb4a86555cebc9c1cd6972d0f0600b4ff1
Signed-off-by: Shelley Chen <shchen@chromium.org>
Reviewed-on: https://chromium-review.googlesource.com/730415
Reviewed-by: Randall Spangler <rspangler@chromium.org>
Reviewed-by: Julius Werner <jwerner@chromium.org>
Depthcharge currently asks EC whether recovery was requested manually
or not without verifying EC is in RO or not. If EC-RW is compromised,
recovery switch state can be spoofed.
This patch makes Depthcharge check EC_IN_RW to determine whether EC
is in RO or not. Only if it's in RO and it says recovery button was
pressed at boot, we proceed to the recovery process.
All other recovery requests including manual recovery requested by a
(compromised) host will end up with 'broken' screen.
BUG=b:66516882
BRANCH=none
TEST=Boot Fizz. make runtests.
Change-Id: I01d2df05fe22e79bbc949f5cb83db605147667b3
Signed-off-by: Daisuke Nojiri <dnojiri@chromium.org>
Reviewed-on: https://chromium-review.googlesource.com/693008
Reviewed-by: Randall Spangler <rspangler@chromium.org>
Selecting cancel from DEV_MENU should not set the selected_idx
to loc. It should be set to power off.
BUG=b:35585623
BRANCH=None
TEST=go to DEV_MENU, hit cancel and make sure that power off is
selected item
Change-Id: I8cae397c7174b5bd52a3a27736cd3d5a57412e63
Signed-off-by: Shelley Chen <shchen@chromium.org>
Reviewed-on: https://chromium-review.googlesource.com/667933
Reviewed-by: Julius Werner <jwerner@chromium.org>
BUG=b:65546569
BRANCH=None
TEST=Boot into recovery, selection Disabled OS Verification.
Ensure that in next menu, Cancel is selected.
Also, setting default for TO_NORM menu to Confirm.
Change-Id: Ibf72ec15aa38b1b815be97a08cfe7c9ee2615390
Signed-off-by: Shelley Chen <shchen@chromium.org>
Reviewed-on: https://chromium-review.googlesource.com/665356
Reviewed-by: Julius Werner <jwerner@chromium.org>
Add in check at TO_DEV menu screen to make sure that the navigation
keys (up/down, volup/voldown) are trusted. Beep when user tries to
use unstrusted keys (usb keyboard) in the TO_DEV menu so that the user
knows they're doing something wrong. USB keyboard return key will
still work in the TO_DEV menu.
BUG=b:65546569
BRANCH=None
TEST=test out using up/down keys in TO_DEV menu and make sure that
they are disabled and hear beeps.
Change-Id: Ifc7183c7ca35efaf079abb196a90ab7305380642
Signed-off-by: Shelley Chen <shchen@chromium.org>
Reviewed-on: https://chromium-review.googlesource.com/665355
Reviewed-by: Julius Werner <jwerner@chromium.org>
Chromebox ECs perform EFS: verifying firmware before the AP boots.
This patch adds support for EC EFS.
EC EFS uses two slots: one is active slot and one is used for update.
AP is agnostic about which slot is active and which slot is for
update. Instead, AP recognizes one slot as 'active' and the other
as 'update' (or non active) slot.
After update is successful, AP issues a cold reboot command to
activate the new slot.
BUG=b:65028930,b:65264494
BRANCH=none
CQ-DEPEND=CL:616248
TEST=buildall. On Fizz, verify:
1. RW_B is old and updated by soft sync. RW_B is activated and
executed after reboot. System continues to boot to OS.
2. RW_A is old and updated by soft sync. RW_A is activated and
executed after reboot. System continues to boot to OS.
Change-Id: I6ca7686eb28b0b548785cf2c02eca1b67018f469
Signed-off-by: Daisuke Nojiri <dnojiri@chromium.org>
Reviewed-on: https://chromium-review.googlesource.com/616346
Add tpm_lite library support for the IFX specific TPM_FieldUpgrade
subcommand "FieldUpgradeInfoRequest2". Expose this via tpmc so it can
be used from shell scripts.
BRANCH=none
BUG=chromium:728130
TEST=Builds and tpmc ifxfieldupgradeinfo prints plausible results.
Change-Id: Ie58ebccef7fe90f7fca65d7cd9c78e1f16f9f29a
Reviewed-on: https://chromium-review.googlesource.com/562772
Commit-Ready: Mattias Nissler <mnissler@chromium.org>
Tested-by: Mattias Nissler <mnissler@chromium.org>
Reviewed-by: Mattias Nissler <mnissler@chromium.org>
When user first starts up recovery (3 finger salute), display
usb insert instructions and original insert graphic until user
starts pushing volume buttons. If the user pushes power button
during while the icon is displayed (no menu items), device will
shut down (this is to accomodate users that accidentally enter
the recovery screen and want to exit quickly). Upon user
pressing the volume buttons, the insert icon will disappear
and user will see the menu items and be able to scroll up/down.
BUG=b:64400325
BRANCH=None
TEST=boot into recovery. Make sure graphic shown until start
pushing volume buttons.
Change-Id: I4a5001271a0b84d1237d4bbc6a098afa10cb9372
Signed-off-by: Shelley Chen <shchen@chromium.org>
Reviewed-on: https://chromium-review.googlesource.com/617600
Reviewed-by: Julius Werner <jwerner@chromium.org>
call VbExUpdateAuxFw() uncontidionally, instead of when we know we
need to do an update. Vb*AuxFw() already maintains state, so this
doesn't change when we (attempt) to update firmware.
however, this does allow us to iterate over all firmware drivers to
call their .protect() method. previously, we would only call
.protect() after an actual firmware update.
updated unit tests to match the new logic.
BRANCH=none
BUG=b:35585700
TEST=verified i2c tunnels are protected on reef using
ectool i2cprotect N status.
Change-Id: I9244db28ed181f568d117092307293202257735b
Signed-off-by: Caveh Jalali <caveh@google.com>
Reviewed-on: https://chromium-review.googlesource.com/620281
Reviewed-by: Julius Werner <jwerner@chromium.org>
vb2_update_selection considered only KEY_UP and KEY_DOWN inputs to
update the selection. This resulted in volume buttons not working on
firmware screen to update the selection. Add volume buttons as valid
inputs in vb2_update_selection.
BUG=b:64839396
BRANCH=None
TEST=Verified that volume buttons work on firmware screen.
Change-Id: I08bfa91eafb170fb450649a2abaafe7f4d58e17b
Signed-off-by: Furquan Shaikh <furquan@chromium.org>
Reviewed-on: https://chromium-review.googlesource.com/621787
Reviewed-by: Aaron Durbin <adurbin@chromium.org>
Reviewed-by: Shelley Chen <shchen@chromium.org>
When DUT is already in dev mode, don't let user select the "Enable
Developer Mode" selection in the menu. Add disabled_idx_mask to
VbExDisplayMenu API to allow for disabling of menu items in the future
if needed.
BUG=b:63078243, b:35585623
BRANCH=None
TEST=reboot into recovery with DUT already in dev mode. Make sure
can't scroll to "Enable Developer Mode: entry.
reboot into recovery with DUT in normal mode. Make sure
"Enable Developer Mode" entry is selectable.
CQ-DEPEND=CL:565335
Change-Id: Ic71fe6aa2e41337787a0c2278f729356edb155fd
Signed-off-by: Shelley Chen <shchen@chromium.org>
Reviewed-on: https://chromium-review.googlesource.com/598430
Reviewed-by: Julius Werner <jwerner@chromium.org>
Set current selection to power off after exiting the languages menu.
Previously, we were just defaulting to selecting the 0 index. However,
this won't work anymore if we hide the "Enable Developer Mode" entry
in the recovery menu due to that entry being at the 0th index.
BUG=b:63078243, b:35585623
BRANCH=None
TEST=Boot into recovery when machine in normal mode.
Select languages menu, make language selection and make sure
that when return to recovery menu, power off item is selected.
Change-Id: I479c2270ca99197fd8c44386ab1ca4526ae7d64a
Signed-off-by: Shelley Chen <shchen@chromium.org>
Reviewed-on: https://chromium-review.googlesource.com/565527
Reviewed-by: Randall Spangler <rspangler@chromium.org>
For detachables, the short delay is to fast to them to read/choose
options. Setting timeout to 30 seconds once user starts scrolling
through the menu. If no action is taken by the user, will retain
the short delay timeout.
BUG=b:63056097, b:35585623
BRANCH=None
TEST=reboot with gbb flag bit 1 enabled and ensure using short delay.
reboot and press volume button and make sure using long delay.
reboot and make sure short delay performed again upon reboot.
reboot and make sure gbb flag bit 1 = 0 and make sure long delay
still working as expected.
Change-Id: I31e3ca8aff6b29abca70ca9587deae7f6443d837
Signed-off-by: Shelley Chen <shchen@chromium.org>
Reviewed-on: https://chromium-review.googlesource.com/563817
Reviewed-by: Randall Spangler <rspangler@chromium.org>
this adds calls to depthcharge (using callbacks) to do auxiliary
firmware updates. in particular, this is intended to trigger TCPC
updates, but other programmables could also be updated.
no firmware updates take place until a board file has actually
registered a firmware update "driver". board file updates to follow.
TEST="COV=1 make" passes.
depthcharge boots on snappy.
with additional follow-on CLs, we can update the ps8751.
the companion depthcharge changes are here:
https://chromium-review.googlesource.com/c/498150/
the working design doc is here:
https://docs.google.com/a/google.com/document/d/1uzS0b3O3Us1QI2Sx7LDkjEfHmuhYB2BolrAoNwCVoc0/edit?usp=sharing
these features depend on vboot API updates:
CQ-DEPEND=CL:498150
BUG=b:35586896
BRANCH=none
Change-Id: If0d634eab08b429a8e7e80f5fe11eab3705bba0f
Signed-off-by: Caveh Jalali <caveh@google.com>
Reviewed-on: https://chromium-review.googlesource.com/505260
Reviewed-by: Stefan Reinauer <reinauer@chromium.org>
BUG=b:35585623
BRANCH=None
TEST=Reboot into recovery, scroll to language menu
and make sure that you can scroll and select
other languages.
Change-Id: I6fe7f0550b05e33eaeef928cd23932f5a40fe9ad
Signed-off-by: Shelley Chen <shchen@chromium.org>
Reviewed-on: https://chromium-review.googlesource.com/544897
Reviewed-by: Randall Spangler <rspangler@chromium.org>
Currently with detachable menu, when debug info is
displayed, the current selection is not highlighted.
Changing call in VbDisplayDebugInfo from
VbDisplaySecreen to VbDisplayMenu to ensure
selection is highlighted. This will have no effect
on firmware screens for non-detachables.
BUG=b:35585623
BRANCH=None
TEST=Compile with and without USE=detachable_ui
Reboot and display debug info. Make sure
that for detachable menu, selection remains
highlighted and for non-detachable screens,
The screen displays as usual.
Change-Id: I0a7a2c4e0ae3ffb82e13dc92a319288d4ccb3997
Signed-off-by: Shelley Chen <shchen@chromium.org>
Reviewed-on: https://chromium-review.googlesource.com/541758
Reviewed-by: Randall Spangler <rspangler@chromium.org>
Reviewed-by: Furquan Shaikh <furquan@chromium.org>
Reviewed-by: Stefan Reinauer <reinauer@google.com>
Some tests mock library functions. This previously worked due to adding
CFLAGS += -Xlinker --allow-multiple-definition
to the test binaries. But the new version of binutils seems to need
the default implementation to be weak if compiled with -O2 in some
cases. Add test_mockable for use with functions where this is now
needed.
BUG=chromium:723906
BRANCH=none
TEST=Add CFLAGS += -O2 to the makefile, then make -j runtests
Tests break before this change with -O2, and work afterwards
Change-Id: I95996a3e1086251442055765295a75de4c20ee3c
Signed-off-by: Randall Spangler <rspangler@chromium.org>
Reviewed-on: https://chromium-review.googlesource.com/527601
Commit-Ready: Manoj Gupta <manojgupta@chromium.org>
Tested-by: Rahul Chaudhry <rahulchaudhry@chromium.org>
Reviewed-by: Rahul Chaudhry <rahulchaudhry@chromium.org>
This was old code that switched locale when pressing up
arrow.
BUG=b:35585623
BRANCH=None
TEST=Boot to recovery and make sure up arrow doesn't
change the locale.
Change-Id: Ibb4d2785170a2e36d599e4af56de3dfd922c5957
Signed-off-by: Shelley Chen <shchen@chromium.org>
Reviewed-on: https://chromium-review.googlesource.com/517283
Reviewed-by: Randall Spangler <rspangler@chromium.org>
Handle displaying of language menu.
BUG=b:35585623
BRANCH=None
TEST=Reboot and select Language from menu, select language
and make sure displays menu items in current language.
Change-Id: I518021c5278895e95cb4afdde044091c5bec7233
Signed-off-by: Shelley Chen <shchen@chromium.org>
Reviewed-on: https://chromium-review.googlesource.com/477093
Reviewed-by: Randall Spangler <rspangler@chromium.org>
In dev mode, after 30 seconds of inactivity, we'll get
the usual loud beep and automatic boot from disk.
BUG=b:35585623
BRANCH=None
TEST=reboot and make sure that fw screen timeout only occurs
after 30 seconds of inactivity.
Change-Id: Id6552f7213a52ed8c0f083a8388719a8fe79fa77
Signed-off-by: Shelley Chen <shchen@chromium.org>
Reviewed-on: https://chromium-review.googlesource.com/457841
Reviewed-by: Randall Spangler <rspangler@chromium.org>
In the current implementation, if the boot from USB fails after pressing
Ctrl-U or selecting "Boot USB Image", only a blank screen is shown instead of
a menu. There is no option for the user to do anything else except wait for the
timeout, after which boot from fixed disk is attempted. This does not seem like
an intuitive boot flow.
Hence, if the USB boot fails display the current menu, allowing the user to
attempt something else.
BUG=None
BRANCH=None
TEST= verfied that menu is displayed on USB boot failure from developer screen.
Change-Id: Ide3967be7bba3d87c8a545a0f4ed52da44150fd0
Signed-off-by: Rizwan Qureshi <rizwan.qureshi@intel.com>
Reviewed-on: https://chromium-review.googlesource.com/509671
Commit-Ready: Rizwan Qureshi <rizwan.qureshi@intel.corp-partner.google.com>
Tested-by: Rizwan Qureshi <rizwan.qureshi@intel.corp-partner.google.com>
Reviewed-by: Shelley Chen <shchen@chromium.org>
Add a kernel type for signing multiboot kernel images.
BUG=b:38040849
BRANCH=none
TEST=properly sign a multiboot kernel image and then verify
the resulting image.
Change-Id: If00e7c85244bc59853c305e42543f34c5fabf356
Signed-off-by: Duncan Laurie <dlaurie@google.com>
Reviewed-on: https://chromium-review.googlesource.com/497933
Reviewed-by: Randall Spangler <rspangler@chromium.org>
This also adds the required tests (keys, testcases), and some
additional tests in vb2_rsa_utility_tests.c that were not
added when 2048-bit exponent 3 support was added.
BRANCH=none
BUG=chromium:684354
TEST=make runtests
Change-Id: I56d22302c2254ef500b9d2d290a79d8c8bc39942
Reviewed-on: https://chromium-review.googlesource.com/449060
Commit-Ready: Nicolas Boichat <drinkcat@chromium.org>
Tested-by: Nicolas Boichat <drinkcat@chromium.org>
Reviewed-by: Randall Spangler <rspangler@chromium.org>
Previously, could use arrow keys to change language
in fw screen. Disabling this in detachable menu
because will be using menu to switch languages.
BUG=b:35585623
BRANCH=None
TEST=reboot and try to use right/left arrows. Make
sure they don't do anything.
Change-Id: Ic720ea4ec9e6b7ae1676fdf60d27e2c74e48f736
Signed-off-by: Shelley Chen <shchen@chromium.org>
Reviewed-on: https://chromium-review.googlesource.com/444945
Reviewed-by: Randall Spangler <rspangler@chromium.org>
Replacing right arrow key with return for selection
when keyboard is available because it's more obvious.
BUG=b:35585623
BRANCH=None
TEST=reboot and make sure return selects menu item.
Change-Id: I6b2fbd8cddcd98c49638a6b9d79b47da1ca6545f
Signed-off-by: Shelley Chen <shchen@chromium.org>
Reviewed-on: https://chromium-review.googlesource.com/444944
Reviewed-by: Randall Spangler <rspangler@chromium.org>
Putting ctrl+D, ctrl+U, ctrl+L shortcuts
back in from the fw screens.
BUG=b:35585623
BRANCH=None
TEST=reboot and try ctrl+D, etc. in fw screen to
make sure that they have desired effects.
Change-Id: I5ca555658eddabeeea6a2f64794e6839f35d75f7
Signed-off-by: Shelley Chen <shchen@chromium.org>
Reviewed-on: https://chromium-review.googlesource.com/443349
Reviewed-by: Randall Spangler <rspangler@chromium.org>
Since we're now using VB2_DEBUG, no need to explicitly
print out __func__ anymore.
BUG=b:35585623
BRANCH=None
TEST=reboot and make sure still see serial output in
AP console.
Change-Id: Ica524d4e50c61681e466815ffb93d33ceee215aa
Signed-off-by: Shelley Chen <shchen@chromium.org>
Reviewed-on: https://chromium-review.googlesource.com/443348
Reviewed-by: Randall Spangler <rspangler@chromium.org>
Using new base screen only and leaving center
blank for displaying the detachable menu items.
BUG=b:35585623
BRANCH=None
TEST=reboot and make sure icons don't show up
in FW screens.
Change-Id: I705dac43441f386ebceb58533fa0e336541fcd3c
Signed-off-by: Shelley Chen <shchen@chromium.org>
Reviewed-on: https://chromium-review.googlesource.com/442692
Reviewed-by: Randall Spangler <rspangler@chromium.org>
More reliable than simply assuming that VB2_SIG_RSA8192 is the last
signature.
BRANCH=none
BUG=chromium:684354
TEST=rm tests/testkeys/key_*; make genkeys -j
TEST=make runtests -j
Change-Id: I755b3afb50313fcdf292fb3cd5b0dfe09f8593e3
Reviewed-on: https://chromium-review.googlesource.com/438948
Commit-Ready: Nicolas Boichat <drinkcat@chromium.org>
Tested-by: Nicolas Boichat <drinkcat@chromium.org>
Reviewed-by: Randall Spangler <rspangler@chromium.org>
This flag will be used by cr50 to disable case-closed debugging
unlock. Here, we're just defining the flag.
BUG=chrome-os-partner:62205
BRANCH=reef
TEST=build_packages --board=reef chromeos_firmware
Change-Id: If86e112948e1c95a767808b2f92dd8fe35abf46c
Signed-off-by: Randall Spangler <rspangler@chromium.org>
Reviewed-on: https://chromium-review.googlesource.com/440846
Reviewed-by: Shelley Chen <shchen@chromium.org>
Prevent scrolling off for low res displays
BUG=chrome-os-partner:61275
BRANCH=None
TEST=reboot snappy and make sure menu doesn't cause
screen to scroll.
Change-Id: Ic5641c7c43ab3872dcb321df2629e228e86ddbb6
Signed-off-by: Shelley Chen <shchen@chromium.org>
Reviewed-on: https://chromium-review.googlesource.com/434249
Reviewed-by: Randall Spangler <rspangler@chromium.org>
