I'm about to add a new test to fix some borkage with cgpt. First step is to
clean up the script a little bit.
BUG=none (yet)
BRANCH=all
TEST=manual
make && make runtests
Change-Id: I2311b5eb20aff80c4a0435cf1d10331c679af3c0
Signed-off-by: Bill Richardson <wfrichar@chromium.org>
Reviewed-on: https://gerrit.chromium.org/gerrit/31379
Reviewed-by: Randall Spangler <rspangler@chromium.org>
When we changed the bmpblk version from 1.2 to 2.0, the tests weren't
updated.
BUG=chrome-os-partner:11078
BRANCH=all
TEST=manual
make && make runtests
Change-Id: I244a9aeeb34be912fe6058687394c37d0e474890
Signed-off-by: Bill Richardson <wfrichar@chromium.org>
Reviewed-on: https://gerrit.chromium.org/gerrit/31377
Reviewed-by: Randall Spangler <rspangler@chromium.org>
The current kernel parameter parsing logic uses word boundaries (\b) to
keep from replacing parameters inside of other parameters (like "level=1"
mangling "loglevel=1" into "log"), but this fails when the last character
isn't a "word" character. e.g. "\bconsole=\b" doesn't match "console=".
Change the \b to a space. Since we're already using spaces as our split
marker, this shouldn't be a problem.
BRANCH=None
BUG=chrome-os-partner:12780
BUG=chromium-os:33868
TEST=ran `ensure_secure_kernelparams.sh` on an image with 'console=' and saw it work
Change-Id: Id69250179ea76aabfed9cd21c1c59483d78a215d
Reviewed-on: https://gerrit.chromium.org/gerrit/31356
Reviewed-by: David McMahon <djmm@chromium.org>
Commit-Ready: Mike Frysinger <vapier@chromium.org>
Tested-by: Mike Frysinger <vapier@chromium.org>
When checking kernel params fail, it's useful to know all the variables
as to what it's doing. So dump some state when an error occurs.
BRANCH=None
BUG=None
TEST=ran `ensure_secure_kernelparams.sh` on a bad image and saw useful output
TEST=ran `ensure_secure_kernelparams.sh` on a good image and saw no output
Change-Id: I0e499f87a6d8feed80da72aba75e1e6c1b4076c9
Reviewed-on: https://gerrit.chromium.org/gerrit/31355
Reviewed-by: David McMahon <djmm@chromium.org>
Commit-Ready: Mike Frysinger <vapier@chromium.org>
Tested-by: Mike Frysinger <vapier@chromium.org>
These fields are part of the version 1 struct, but were mistakenly
labeled as version 2 fields. Since ZGB firmware produces a version 1
struct, crossystem was treating the fields as unavailable.
BUG=chromium-os:33685
TEST=crossystem tpm_fwver tpm_kernver
BRANCH=none (OS utility change, not firmware, and affects only Alex/ZGB)
Change-Id: Ic857ee2da9a7ae7f0d42317b711bf102d068de64
Signed-off-by: Randall Spangler <rspangler@chromium.org>
Reviewed-on: https://gerrit.chromium.org/gerrit/30904
Tested-by: Sonny Rao <sonnyrao@chromium.org>
Reviewed-by: Sonny Rao <sonnyrao@chromium.org>
Both for_help_* and Url bitmaps have margin, so it looks too large as a
"margin*2 + 5(x_pad)" gap on screen.
BRANCH=none
BUG=chrome-os-partner:12893
TEST=make # All bitmaps generated.
Change-Id: Ic8d3e9180e52b7476b07367a027793cea0ed3109
Reviewed-on: https://gerrit.chromium.org/gerrit/30988
Tested-by: Hung-Te Lin <hungte@chromium.org>
Reviewed-by: Dave Parker <dparker@chromium.org>
Commit-Ready: Hung-Te Lin <hungte@chromium.org>
On very large HDDs, the sector count was wrapping around. Switch most
calculations to bytes using uint64_t, and use BLKGETSIZE64 for checking
the loopback device size.
BUG=chrome-os-partner:12705
TEST=parrot build, manual testing
STATUS=Fixed
Change-Id: I1f7aea81151ed5cc130b1f6a05fda83f7a85150f
Signed-off-by: Kees Cook <keescook@chromium.org>
Reviewed-on: https://gerrit.chromium.org/gerrit/31073
Reviewed-by: Elly Jones <ellyjones@chromium.org>
"insert_sd_usb2" message didn't include the "ChromeOS is missing or damaged"
text, also is too long for certain locales.
We should revise message and check if the locale fits screen width.
BRANCH=none
BUG=none
TEST=cd strings; make # all pass
Change-Id: Ie9cb5e4ecd6d143772ffa8e7de29c202e9bde130
Reviewed-on: https://gerrit.chromium.org/gerrit/30824
Tested-by: Hung-Te Lin <hungte@chromium.org>
Reviewed-by: Dave Parker <dparker@chromium.org>
Commit-Ready: Hung-Te Lin <hungte@chromium.org>
The difference of firmware bitmaps won't rely on platform (x86/arm) in future;
instead, things will differ by rescaling & message contents.
To support that, we need to change build target from "platform" to "profiles".
To build all platforms, run "make" in top leve (or "make all" in images).
To debug (en locale without rescaling), run "make" in images folder.
To debug a specific profile, run "make $PROFILE" in images folder.
BRANCH=none
BUG=chrome-os-partner:11078, chrome-os-partner:12790
TEST=make # all profiles generated in images/out_*/*.bin
Change-Id: Iaabf160b1b2bc844d230188eb593daa8a597d378
Reviewed-on: https://gerrit.chromium.org/gerrit/30683
Commit-Ready: Hung-Te Lin <hungte@chromium.org>
Reviewed-by: Hung-Te Lin <hungte@chromium.org>
Tested-by: Hung-Te Lin <hungte@chromium.org>
PNG files are better for editing and checking than BMP files.
Also smaller file size.
BRANCH=none
BUG=none
TEST=make # x86 & arm bitmap blocks generated.
Change-Id: I828779aafa4938cb21356a8c42dee27b1b3ad8ae
Reviewed-on: https://gerrit.chromium.org/gerrit/30682
Commit-Ready: Hung-Te Lin <hungte@chromium.org>
Reviewed-by: Hung-Te Lin <hungte@chromium.org>
Tested-by: Hung-Te Lin <hungte@chromium.org>
Inspired by https://gerrit.chromium.org/gerrit/#/c/30631/
- Increase gray colored text contrast
- Enlarge font size to 17pt
- Change standard font to Verdata (which is wider than usually fonts,
to provide better quality when stretched in horizontal)
- Decomposed tonorm_confirmation & devmode so we can have better control
to verif_* prompt, and look more similar to original mock.
BUG=chrome-os-partner:11078
TEST=make # All platforms generated
BRANCH=none
Change-Id: If019b5767f13556df0e4da77f6457e092fa06016
Reviewed-on: https://gerrit.chromium.org/gerrit/30679
Commit-Ready: Hung-Te Lin <hungte@chromium.org>
Reviewed-by: Hung-Te Lin <hungte@chromium.org>
Tested-by: Hung-Te Lin <hungte@chromium.org>
We need the text for "SD or USB2" (i.e., not USB3).
BRANCH=none
BUG=chrome-os-partner:12790
TEST=none, only adding text translation resource.
Change-Id: Id70a2565bb1fb0b6a4ed92d3fceddbc72e60d77a
Reviewed-on: https://gerrit.chromium.org/gerrit/30663
Commit-Ready: Hung-Te Lin <hungte@chromium.org>
Reviewed-by: Hung-Te Lin <hungte@chromium.org>
Tested-by: Hung-Te Lin <hungte@chromium.org>
BUG=none
BRANCH=none
TEST=manual
Use it to dump the FMAP from a firmware image:
dump_fmap -h /build/link/firmware/image-link.bin
Change-Id: I94fb9396ea886b072845fadef6ef1e1e2ff85a59
Signed-off-by: Bill Richardson <wfrichar@chromium.org>
Reviewed-on: https://gerrit.chromium.org/gerrit/30784
Reviewed-by: Randall Spangler <rspangler@chromium.org>
BUG=chromium-os:33608
TEST=Run 'make' in newbitmaps directory to generate new bmpblock.
Run on DUT. Observe spacing in the footer section is closer
together.
Change-Id: I96987e827fd395f13244dbc58db600de5dc30958
Reviewed-on: https://gerrit.chromium.org/gerrit/30610
Reviewed-by: Hung-Te Lin <hungte@chromium.org>
Commit-Ready: Dave Parker <dparker@chromium.org>
Tested-by: Dave Parker <dparker@chromium.org>
At DEV screen:
- Space triggers TONORM
- Enter is ignored unless new GBB flag is set
At TONORM screen:
- Enter always means YES
- Space is ignored
So, if you hold the space key at the dev screen, you'll go to tonorm
and stay there until you press Enter or Esc. If you hold the Enter
key at the dev screen, nothing will happen.
Add a GBB flag to allow Enter to trigger the TONORM screen; this will
be used by FAFT testing.
BRANCH=all
BUG=chrome-os-partner:12699
TEST=manual
1. press enter at dev screen. nothing happens.
2. press space at dev screen. tonorm.
3. press space at tonorm. nothing happens.
4. press enter at tonorm. turns off dev mode.
Change-Id: I9f3128d5114e1486911cc4d76d0ccd5649de1680
Signed-off-by: Randall Spangler <rspangler@chromium.org>
Reviewed-on: https://gerrit.chromium.org/gerrit/30456
Reviewed-by: Tom Wai-Hong Tam <waihong@chromium.org>
mkfs.ext4 does not use the resize= hint for calculating inode ratios.
This means very tiny initial filesystems will not get enough inodes
once it has been resized. This calculates the desired inode ratio based
on the expected final size of the filesystem.
BUG=chrome-os-partner:12678
TEST=lumpy build, manual testing
STATUS=Fixed
Change-Id: I216aaaa6e0ef50e82265ee46ecac5a65bb077387
Signed-off-by: Kees Cook <keescook@chromium.org>
Reviewed-on: https://gerrit.chromium.org/gerrit/30579
Reviewed-by: Gaurav Shah <gauravsh@chromium.org>
The value of the ChromeOS write protect switch is now provided through the new
chromeos_arm platform device which avoids the mismatch between U-Boot and
kernel GPIO numbering.
BUG=chrome-os-partner:11297
TEST=gmerge-ed onto a snow and verified that crossystem got the right value of
the write protect switch.
BRANCH=snow
Change-Id: I466370e4f6bf2d14c067518a9d620e9e60142a0b
Signed-off-by: Gabe Black <gabeblack@google.com>
Reviewed-on: https://gerrit.chromium.org/gerrit/30534
Reviewed-by: Simon Glass <sjg@chromium.org>
Commit-Ready: Randall Spangler <rspangler@chromium.org>
Reviewed-by: Randall Spangler <rspangler@chromium.org>
BUG=chrome-os-partner:12701
TEST=Disable the 'clean' step in the Makefile and
run 'make' in newbitmaps directory. Use the bitmap_viewer to
verify the HWID is correctly aligned when compared with the "Model"
text.
Change-Id: Icd3977f50461492a0999059ccd4982d16a373dce
Reviewed-on: https://gerrit.chromium.org/gerrit/30453
Reviewed-by: Hung-Te Lin <hungte@chromium.org>
Commit-Ready: Dave Parker <dparker@chromium.org>
Tested-by: Dave Parker <dparker@chromium.org>
BUG=None
TEST=Run 'make' in newbitmaps dir with "clean" removed from the default
step in the Makefile. Use bitmap_viewer to check that the images do not
show grainy color dithering.
Change-Id: I6dff41338a7e54d090bb2f6dedb982fdaa31e657
Reviewed-on: https://gerrit.chromium.org/gerrit/30308
Reviewed-by: Hung-Te Lin <hungte@chromium.org>
Commit-Ready: Dave Parker <dparker@chromium.org>
Tested-by: Dave Parker <dparker@chromium.org>
This adds two new flags to crossystem:
clear_tpm_owner_request
clear_tpm_owner_done
The first one requests that the firmware clear the TPM owner on the
next boot. When the firmware does this, it will set
clear_tpm_owner_request=0, and set clear_tpm_owner_done=1. The OS can
use the done-flag as a hint that trusted things guarded by the TPM are
no longer trustable.
BUG=chromium-os:31974
TEST=manual
crossystem
// both flags initially 0
crossystem clear_tpm_owner_request=1
crossystem clear_tpm_owner_done=1
// request=1, done=0; done can be cleared but not set by crossystem
reboot
tpmc getownership
// owned=no
crossystem
// request=0, done=1
crossystem clear_tpm_owner_done=0
crossystem
// both flags 0 again
Signed-off-by: Randall Spangler <rspangler@chromium.org>
Change-Id: I49f83f3c39c3efc3945116c51a241d255c2e42cd
Reviewed-on: https://gerrit.chromium.org/gerrit/25646
It's not yet possible to verify the kernel in an Chromium OS image
with the Sandbox Version of U-Boot due to the lack of keys. For now,
stub out the verification process and behave as if everything is ok:
Sandbox U-Boot is only interested in the selected kernel and boot mode
at this point.
BUG=chromium-os:32603
TEST=With this change, it's possible to get valid answers from
vboot_twostop command with Sanbox U-Boot.
Change-Id: I3b1142889657315675eacd3a1d1448aeee7ccb62
Signed-off-by: Taylor Hutt <thutt@chromium.org>
Reviewed-on: https://gerrit.chromium.org/gerrit/30256
Reviewed-by: Simon Glass <sjg@chromium.org>
Reviewed-by: Randall Spangler <rspangler@chromium.org>
Presently kernel load address and buffer size are programmed in the
u-boot device tree. There is no reason for this: the address and size
are part of the vboot encapsulation headers. Duplicating this
information hardcoded in the device tree does not bring any benefit
and is in fact harmful, as it is easy to get out of sync.
A better way of doing things is to derive kernel load address and size
from the appropriate vboot header. ARM people object to this, as they
want the very same kernel blob operate on devices with DRAM mapped to
different address ranges.
The suggested solution is to exclude the kernel memory section from
the device tree on the platforms where the load address could be
safely taken from the vboot header. In this case u-boot will pass
address of zero to vboot, which will know to derive the address/size
from the appropriate header. vboot then rewrites fields of the u-boot
supplied structure with actual address and size of the kernel blob.
There is no sanity check yet, as it is presumed that there is enough
memory to load any kernel and u-boot does not use the space above
0x100000 for at least 16 megabytes (the kernel partition size). On x86
platform the check could be verify that the top of the kernel space is
well below the stack.
BUG=chrome-os-partner:11994
TEST=manual
. with the appropriate u-boot change run a Link target through a
FAFT cycle, observe it succeed.
Change-Id: I3c2c2cefb1e31d16ac497a01894bf32638479ed7
Signed-off-by: Vadim Bendebury <vbendeb@chromium.org>
Reviewed-on: https://gerrit.chromium.org/gerrit/29038
Reviewed-by: Kees Cook <keescook@chromium.org>
Reviewed-by: Doug Anderson <dianders@chromium.org>
Reviewed-by: Bill Richardson <wfrichar@chromium.org>
Reviewed-by: Randall Spangler <rspangler@chromium.org>
Reviewed-by: Simon Glass <sjg@chromium.org>
Commit-Ready: Bill Richardson <wfrichar@chromium.org>
Add a definition of kBootStateSHA1Digests[]. Without this, it is not
possible to build the Sanbox version of U-Boot.
BUG=chromium-os:32603
TEST=Allows vboot to link when using mocked TPM with U-Boot Sandbox
Change-Id: Ie84f4ba3f1c266ed8063fbf6aea0093dd21f638b
Signed-off-by: Taylor Hutt <thutt@chromium.org>
Reviewed-on: https://gerrit.chromium.org/gerrit/30200
Reviewed-by: Randall Spangler <rspangler@chromium.org>
Reviewed-by: Simon Glass <sjg@chromium.org>
Reviewed-by: Kees Cook <keescook@chromium.org>
BUG=None
TEST=Run 'make' in newbitmaps directory but remove the "clean"
step in the Makefile. Use the bmp_viewer utility to verify
all graphic elements are scaled.
Change-Id: Ifd62c2ba3a6c354c4de7d9fd052d76de36842fb6
Reviewed-on: https://gerrit.chromium.org/gerrit/30126
Reviewed-by: Hung-Te Lin <hungte@chromium.org>
Commit-Ready: Dave Parker <dparker@chromium.org>
Tested-by: Dave Parker <dparker@chromium.org>
According to new flow, we need "confirm" screens for TONORM.
Also simplified default_source folder, with better hints and using PNG image
source. image/assets/* are files from issue page.
BUG=chrome-os-partner:11078
TEST=make # x86 and arm bitmaps both works.
Change-Id: I3701d6ed5a944305e12a01c1841a197d3e18a8cd
Reviewed-on: https://gerrit.chromium.org/gerrit/29983
Reviewed-by: Bill Richardson <wfrichar@chromium.org>
Commit-Ready: Hung-Te Lin <hungte@chromium.org>
Tested-by: Hung-Te Lin <hungte@chromium.org>
We need to alert user his change has been accepted for 5 seconds.
BUG=chrome-os-partner:11078
TEST=emerge-daisy vboot_reference-firmware vboot_reference chromeos-u-boot chromeos-boogimage
Change-Id: I6a3b13e7543479fbd6543d759093ecf501fb1d04
Reviewed-on: https://gerrit.chromium.org/gerrit/29982
Reviewed-by: Bill Richardson <wfrichar@chromium.org>
Reviewed-by: Randall Spangler <rspangler@chromium.org>
Commit-Ready: Hung-Te Lin <hungte@chromium.org>
Tested-by: Hung-Te Lin <hungte@chromium.org>
The bmpblk build scripts used to rely on lots of pre-generated resources, and
the HWID font data was fixed to x86 special size & scaling parameters.
Since the screens now rely on more platform dependent parameters, this CL
refined whole flow so fonts are now generated and processed (ex, re-scale) in
the same way as other text messages.
BUG=chrome-os-partner:11078
TEST=make # x86 and arm bitmaps both works.
Change-Id: I59a4fb31718ef052c6b54cd4642f4fc487893f2b
Reviewed-on: https://gerrit.chromium.org/gerrit/29873
Tested-by: Hung-Te Lin <hungte@chromium.org>
Reviewed-by: Bill Richardson <wfrichar@chromium.org>
Commit-Ready: Hung-Te Lin <hungte@chromium.org>
ImageMagick may produce 1bpp mode for background if the image is modified (ex,
x86 output). We need to ensure the output to be 8bpp mode for firmware to
render images correctly.
BUG=chrome-os-partner:11078
TEST=make x86 # all images are in 8bpp mode.
Change-Id: Ia6e4fbc5e7580ebbb51e1067bcf554ee06f1fbc5
Reviewed-on: https://gerrit.chromium.org/gerrit/29868
Tested-by: Hung-Te Lin <hungte@chromium.org>
Reviewed-by: Bill Richardson <wfrichar@chromium.org>
Commit-Ready: Hung-Te Lin <hungte@chromium.org>
An initial draft of missing screens, with only English messages (*.txt in
localized folders are now all English - will update them once translation is
ready).
BUG=chrome-os-partner:11078
TEST=make; bitmap_viewer DEFAULT.yaml # see basic screen.
Change-Id: I3209e18bf604030cf8e92d264781add33aab84fe
Reviewed-on: https://gerrit.chromium.org/gerrit/29765
Tested-by: Hung-Te Lin <hungte@chromium.org>
Reviewed-by: Bill Richardson <wfrichar@chromium.org>
Commit-Ready: Hung-Te Lin <hungte@chromium.org>
Libraries (-llzma, -lyaml) should be in end of dependency list, otherwise
linking in static mode (-static) would fail.
BUG=none
TEST=emerge vboot_reference
Change-Id: Idd072443d042edfb214f5a958abd064bc18573ed
Reviewed-on: https://gerrit.chromium.org/gerrit/29738
Tested-by: Hung-Te Lin <hungte@chromium.org>
Reviewed-by: Tom Wai-Hong Tam <waihong@chromium.org>
Commit-Ready: Hung-Te Lin <hungte@chromium.org>
X86 (coreboot) uses 800x600 resolution while ARM systems (uboot) initialze LCD
as its maximum size, so we must refine the bmpblk build scripts to generate
output with different scaling parameters.
BUG=chrome-os-partner:11078
TEST=make # got ARM bmpblock and verified to work on daisy.
Change-Id: Ib9e9a0dc3b6695cef451772391f207a5b57977df
Reviewed-on: https://gerrit.chromium.org/gerrit/29606
Reviewed-by: Dave Parker <dparker@chromium.org>
Reviewed-by: Bill Richardson <wfrichar@chromium.org>
Commit-Ready: Hung-Te Lin <hungte@chromium.org>
Tested-by: Hung-Te Lin <hungte@chromium.org>
Reviewed-by: Tom Wai-Hong Tam <waihong@chromium.org>
To support rendering messages in multiple resolution profiles, we need to keep
the images in its original format.
BUG=chrome-os-partner:11078
TEST=./text_to_png # images were converted correctly.
Change-Id: I6e13331eddfa4c40b17b67b5cf56b5a0284e3b34
Reviewed-on: https://gerrit.chromium.org/gerrit/29605
Reviewed-by: Dave Parker <dparker@chromium.org>
Reviewed-by: Bill Richardson <wfrichar@chromium.org>
Commit-Ready: Hung-Te Lin <hungte@chromium.org>
Tested-by: Hung-Te Lin <hungte@chromium.org>
NOTE: Only the "launch countries" have a full set of updated
text strings...and those strings were translated via
translate.google.com and need fixing-up prior to use in a
real product.
BUG=chrome-os-partner:11078
TEST=install bmpblock_x86.bin into a firmware image with
gbb_utility -s -b bmpblock_x86.bin image.bin
Verify the four firmware screens are displayed correctly.
Original-Change-Id: Ib8ff142e9a938a6a3bf949153594cc013c8bb311
Reviewed-on: https://gerrit.chromium.org/gerrit/28574
Reviewed-by: Dave Parker <dparker@chromium.org>
Tested-by: Dave Parker <dparker@chromium.org>
(cherry picked from commit 7c41920b754cb0d18da9a125f76d3f1ef90e04f4)
Change-Id: I534beaea5be95b549a6305d4b2911abeb983e034
Reviewed-on: https://gerrit.chromium.org/gerrit/29603
Reviewed-by: Dave Parker <dparker@chromium.org>
Reviewed-by: Bill Richardson <wfrichar@chromium.org>
Commit-Ready: Hung-Te Lin <hungte@chromium.org>
Tested-by: Hung-Te Lin <hungte@chromium.org>
This is to avoid confusion with the canonical common.mk file that is
a CrOS build system.
BUG=chromium-os:33327
TEST=`cros_run_unit_tests --board x86-alex -p vboot_reference` still works
Change-Id: I4b6719d58a4a8ab44b62c23c0e2c45b154374958
Reviewed-on: https://gerrit.chromium.org/gerrit/29578
Reviewed-by: Randall Spangler <rspangler@chromium.org>
Commit-Ready: Mike Frysinger <vapier@chromium.org>
Tested-by: Mike Frysinger <vapier@chromium.org>
Since we've moved away from flag-files in session manager to
enable certain dev/test-mode features, our strategy of checking
for those flag files on the signer fell behind. This test adopts
a scheme that any use flag starting with "test_" or "dangerous_"
is blacklisted from release signing.
BUG=chromium-os:32430
TEST=ran the script against both a 'base' and 'test' image
from the builder/ToT. Passes/fails as expected.
Change-Id: I54d6ef17d52371c7543d5705e0939e000db85e51
Reviewed-on: https://gerrit.chromium.org/gerrit/29034
Reviewed-by: Chris Masone <cmasone@chromium.org>
Tested-by: Jim Hebert <jimhebert@chromium.org>
Commit-Ready: Jim Hebert <jimhebert@chromium.org>
Some EC's are slow to program their firmware. This could happen at any boot
as part of software sync. This adds the VB_INIT_FLAG_EC_SLOW_UPDATE input
flag to VbInit(), so that vboot knows to display the EC-is-being-programmed
screen when that flag is set.
BUG=chrome-os-partner:12255
TEST=none
This isn't activated yet by anything, so there's nothing to test.
Change-Id: Id4d12e463fcdee017b7c52b53a2facefc33b745f
Signed-off-by: Bill Richardson <wfrichar@chromium.org>
Reviewed-on: https://gerrit.chromium.org/gerrit/29370
Reviewed-by: Randall Spangler <rspangler@chromium.org>
The encrypted partition has been plagued with TPM problems, which means
systems that have a wedged TPM, or interrupt the TPM Ownership, Lockbox
creation, etc, all fail to keep the encrypted partition across a reboot.
As a result, we're forced to write the encryption key to disk initially,
and then throw it away once the system key from NVRAM can be used to
encrypt it.
On most systems that have a sane unowned TPM, the key will only be on
disk until the first login finishes and Cryptohome can Finalize the
NVRAM area. For all the other systems, they will continue to run, but
with their encryption key effectively in the clear. Technically, this
is not a regression from R21, so at least we can move forward and work
to improve this in the future.
Some attempt is made to wipe out the key, but this is especially ugly for
SSDs, since doing a "shred" just means the blocks will get moved around.
When ext4 supports "secure delete", we can move to that instead.
BUG=chromium-os:32951
TEST=alex build, manual testing
Change-Id: I9b9a0190ea0f47a277a150eb0882e4a507ff2927
Signed-off-by: Kees Cook <keescook@chromium.org>
Reviewed-on: https://gerrit.chromium.org/gerrit/29123
Reviewed-by: Gaurav Shah <gauravsh@chromium.org>
This is more reliable than reading them through FDT/ACPI, since it reflects
the positions as shown to verified boot code.
Notes:
1. This affects ALL platforms with virtual dev switches (x86 AND arm)
2. The fix should have no effect on older platforms, but I haven't tested those.
BUG=chrome-os-partner:11805
TEST=manual
1. boot in normal mode.
devsw_boot = 0 # Developer switch position at boot
recovery_reason = 0 # Recovery mode reason for current boot
recoverysw_boot = 0 # Recovery switch position at boot
wpsw_boot = 1 # Firmware write protect hardware switch position at boot
2. boot in developer mode.
localhost ~ # crossystem
devsw_boot = 1 # Developer switch position at boot
recovery_reason = 0 # Recovery mode reason for current boot
recoverysw_boot = 0 # Recovery switch position at boot
wpsw_boot = 1 # Firmware write protect hardware switch position at boot
3. boot in developer-recovery mode using keyboard combo.
devsw_boot = 1 # Developer switch position at boot
recovery_reason = 2 # Recovery mode reason for current boot
recoverysw_boot = 1 # Recovery switch position at boot
wpsw_boot = 1 # Firmware write protect hardware switch position at boot
4. disable WP and reboot. wpsw_boot should be 0.
Change-Id: If4156b5e14c6923c5b331c7e5feaabbffe1dad37
Reviewed-on: https://gerrit.chromium.org/gerrit/29199
Commit-Ready: Randall Spangler <rspangler@chromium.org>
Reviewed-by: Randall Spangler <rspangler@chromium.org>
Tested-by: Randall Spangler <rspangler@chromium.org>
The SHA256 constants and some algo definitions are currently in the
.data segment, this wastes precious RAM on the EC where read-only data
are stored in flash only.
BUG=chrome-os-partner:12271
TEST=sudo emerge vboot_reference &&
emerge-daisy vboot_reference vboot_reference-firmware chromeos-ec
and manually check the content of the .data segment in the EC binary.
Change-Id: I67b8c0f2843312651e8ac287cea2f8cb5f075453
Reviewed-on: https://gerrit.chromium.org/gerrit/29273
Tested-by: Vincent Palatin <vpalatin@chromium.org>
Reviewed-by: Randall Spangler <rspangler@chromium.org>
Commit-Ready: Vincent Palatin <vpalatin@chromium.org>
Some systems take a long time to program the EC firmware (because it's
behind a really slow I2C bus or something). This could happen at any boot as
part of software sync. If it's necessary to reprogram the EC on a slow
system, we need to display a BIOS screen to the user so he/she doesn't think
it's bricked.
This CL is just to add a new default bitmap so we'll have something to
display when we need it. Nothing actually uses it yet.
BUG=chrome-os-partner:12254
TEST=none
There should be no user-visible changes. We don't invoke this screen yet.
Change-Id: Icb922f933e2e921472dbdff7a26a3ca4d58fbba3
Signed-off-by: Bill Richardson <wfrichar@chromium.org>
Reviewed-on: https://gerrit.chromium.org/gerrit/29241
Reviewed-by: Hung-Te Lin <hungte@chromium.org>
