scottk/OpenCellular
1
0
Fork 0
mirror of https://github.com/Telecominfraproject/OpenCellular.git synced 2025-12-10 01:45:42 +00:00
Code Issues Packages Projects Releases Wiki Activity
1,778 Commits 52 Branches 2 Tags
3abb4fe45e0e25d203c77d1a5ed1afd49a5a594c
Commit Graph

1778 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Mike Frysinger
3abb4fe45e image_signing: sign_official_build.sh: switch initial image signing to loopbacks 
This changes the kernel config reading and the stateful vblock updating
to use loopback devices.  This avoids having to copy out the kernels
many times over just to read them.

BRANCH=None
BUG=chromium:714598
TEST=signing images still works

Change-Id: Ibb49791a7db998e45b35ed15ddc12126e669c730
Reviewed-on: https://chromium-review.googlesource.com/505477
Commit-Ready: Mike Frysinger <vapier@chromium.org>
Tested-by: Mike Frysinger <vapier@chromium.org>
Reviewed-by: David Riley <davidriley@chromium.org>
Reviewed-by: Jorge Lucangeli Obes <jorgelo@chromium.org>
 2017-06-23 22:56:47 -07:00
Erdi Chen
7662a7e3d0 cgpt: show: Print partition size with 64-bit format 
Partition size on 4TB drive can overflow 32-bit integers. Running "cgpt
show /dev/sda" prints negative number for the state partition (sda1).

BRANCH=none
BUG=none
TEST=Run "cgpt show /dev/sda" with 4TB drive.

Change-Id: I56f3b43594028695745de8c5a1626d940a3b4c5b
Reviewed-on: https://chromium-review.googlesource.com/546879
Commit-Ready: Erdi Chen <erdi@google.com>
Tested-by: Erdi Chen <erdi@google.com>
Reviewed-by: Mike Frysinger <vapier@chromium.org>
 2017-06-23 22:56:43 -07:00
Shelley Chen
7bd4c0375b detachables: Fix language menu size in recovery 
BUG=b:35585623
BRANCH=None
TEST=Reboot into recovery, scroll to language menu
     and make sure that you can scroll and select
     other languages.

Change-Id: I6fe7f0550b05e33eaeef928cd23932f5a40fe9ad
Signed-off-by: Shelley Chen <shchen@chromium.org>
Reviewed-on: https://chromium-review.googlesource.com/544897
Reviewed-by: Randall Spangler <rspangler@chromium.org>
 2017-06-22 17:03:50 -07:00
Shelley Chen
05418ff02c detachables: Highlight selection w/ Debug Info 
Currently with detachable menu, when debug info is
displayed, the current selection is not highlighted.
Changing call in VbDisplayDebugInfo from
VbDisplaySecreen to VbDisplayMenu to ensure
selection is highlighted.  This will have no effect
on firmware screens for non-detachables.

BUG=b:35585623
BRANCH=None
TEST=Compile with and without  USE=detachable_ui
     Reboot and display debug info.  Make sure
     that for detachable menu, selection remains
     highlighted and for non-detachable screens,
     The screen displays as usual.

Change-Id: I0a7a2c4e0ae3ffb82e13dc92a319288d4ccb3997
Signed-off-by: Shelley Chen <shchen@chromium.org>
Reviewed-on: https://chromium-review.googlesource.com/541758
Reviewed-by: Randall Spangler <rspangler@chromium.org>
Reviewed-by: Furquan Shaikh <furquan@chromium.org>
Reviewed-by: Stefan Reinauer <reinauer@google.com>
 2017-06-22 17:03:50 -07:00
Hung-Te Lin
01dc818924 Change invocation of "gbb_utility" to "futility gbb" 
Replace commands using gbb_utility by the new 'gbb' futility command.

BRANCH=none
BUG=None
TEST=USE=test emerge-$BOARD vboot_reference

Change-Id: I8c1547d295a955373413482509a33964b0e0c06f
Signed-off-by: Hung-Te Lin <hungte@chromium.org>
Reviewed-on: https://chromium-review.googlesource.com/538442
Reviewed-by: Stefan Reinauer <reinauer@google.com>
 2017-06-21 23:38:08 -07:00
Randall Spangler
3522e574a2 2lib: Add test_mockable attribute 
Some tests mock library functions.  This previously worked due to adding

  CFLAGS += -Xlinker --allow-multiple-definition

to the test binaries.  But the new version of binutils seems to need
the default implementation to be weak if compiled with -O2 in some
cases.  Add test_mockable for use with functions where this is now
needed.

BUG=chromium:723906
BRANCH=none
TEST=Add CFLAGS += -O2 to the makefile, then make -j runtests
     Tests break before this change with -O2, and work afterwards

Change-Id: I95996a3e1086251442055765295a75de4c20ee3c
Signed-off-by: Randall Spangler <rspangler@chromium.org>
Reviewed-on: https://chromium-review.googlesource.com/527601
Commit-Ready: Manoj Gupta <manojgupta@chromium.org>
Tested-by: Rahul Chaudhry <rahulchaudhry@chromium.org>
Reviewed-by: Rahul Chaudhry <rahulchaudhry@chromium.org>
 2017-06-20 17:24:20 -07:00
C Shapiro
4007d6ff21 Unified build support for multi-firmware signing 
Unified builds break down multiple firmware images for each model;
however, the signing script didn't have support for this.

This updates the signing script to iterate over all models in a unified
build and sign each firmware image separately.

BUG=chromium:734485
TEST=sign_official_build.sh recovery for reef and reef-uni
BRANCH=none

Change-Id: Ia2b5b8bd36ac77aeb7944362186d1d5739e6ff3d
Reviewed-on: https://chromium-review.googlesource.com/540131
Commit-Ready: C Shapiro <shapiroc@google.com>
Tested-by: C Shapiro <shapiroc@google.com>
Reviewed-by: Simon Glass <sjg@chromium.org>
Reviewed-by: Jason Clinton <jclinton@chromium.org>
 2017-06-20 13:38:10 -07:00
Hung-Te Lin
c8d08ca313 futility: Change 'gbb_utility' to sub command 'gbb'. 
'gbb_utility' is the command name before it has been merged to futility.
However, it's pretty long and redundant today if we have to type
'futility gbb_utility ...'. New features of futility are now implemented
as sub-commands (futility cmd) instead of symlinks (for example,
'create', 'show', 'sign', 'verify') so it seems reasonable to just
change gbb_utility to a sub-command style name 'gbb'.

Meanwhile, for backward compatibility, the 'gbb_utility' name is still
supported so symlinks will still work.

BRANCH=none
BUG=None
TEST=emerge vboot_reference; futility gbb

Change-Id: I4de59bcc564576420ab71157cb166fc8a42e85ad
Signed-off-by: Hung-Te Lin <hungte@chromium.org>
Reviewed-on: https://chromium-review.googlesource.com/538398
Reviewed-by: Randall Spangler <rspangler@chromium.org>
 2017-06-20 11:30:47 -07:00
Mike Frysinger
2d160adf72 image_signing: sign_official_build.sh: switch verification to loopbacks 
Rather than copy out the rootfs to a temp file and perform checks on that,
run the checks directly on the image.  This saves us from having to copy
many GB worth of data which can be expensive on the VMs (slow disk I/O).

BRANCH=None
BUG=chromium:714598
TEST=signing images still works

Change-Id: Ie7d1c432aacb69e57b6c5fd9ab810b8d0b054860
Reviewed-on: https://chromium-review.googlesource.com/505476
Commit-Ready: Mike Frysinger <vapier@chromium.org>
Tested-by: Mike Frysinger <vapier@chromium.org>
Reviewed-by: David Riley <davidriley@chromium.org>
 2017-06-15 15:17:17 -07:00
Furquan Shaikh
b688d42ad1 futility: Fix issues with validation of recovery MRC cache 
1. Current assumption in the validation function is that there is only
1 metadata block present in the cache. However, this is not always
true (e.g. KBL boards). Thus, update the check to ensure that only 1
metadata block is actually used if multiple such blocks are present.

2. Add a check to ensure that the offset provided is not greater than
the file size.

BUG=b:62654773
BRANCH=None
TEST=Verified that "futility validate_rec_mrc" works fine with the
image provided in bug. Also, verified this works fine for poppy.

Change-Id: I84b55d1daf884326a2e970e2ac73110c5eeeaa45
Signed-off-by: Furquan Shaikh <furquan@chromium.org>
Reviewed-on: https://chromium-review.googlesource.com/537074
Reviewed-by: Aaron Durbin <adurbin@chromium.org>
 2017-06-15 15:17:15 -07:00
Marco Chen
04b3835b69 Add a script to generate a keypair for signing Rose RW firmware. 
Rose decided to leverage the key format of Hammer therefore this script calls
Hammer's one to generate a key pair and renames them to key_rose*.

BUG=b:37693819
TEST=None
BRANCH=None

Change-Id: I1f31afe89a00895434a169401ab76b594ad0a403
Reviewed-on: https://chromium-review.googlesource.com/529504
Commit-Ready: Wei-Ning Huang <wnhuang@chromium.org>
Tested-by: Marco Chen <marcochen@chromium.org>
Reviewed-by: Mike Frysinger <vapier@chromium.org>
 2017-06-12 06:47:41 -07:00
Mike Frysinger
4df2f6f4e2 keygeneration: make helper script executable 
BUG=b:35587169
TEST=None
BRANCH=None

Change-Id: I2098f39dd17893c5e30ed495eaa87935efbcb0ee
Reviewed-on: https://chromium-review.googlesource.com/526613
Commit-Ready: Mike Frysinger <vapier@chromium.org>
Tested-by: Mike Frysinger <vapier@chromium.org>
Reviewed-by: Marco Chen <marcochen@chromium.org>
 2017-06-10 03:10:21 -07:00
Marco Chen
670ca01555 Add a script to generate a keypair for signing accessory RW firmware. 
BUG=b:35587169
TEST=None
BRANCH=None

Change-Id: Ibb309c34ca22d30138cb62d698eafb6ee77add8c
Reviewed-on: https://chromium-review.googlesource.com/520368
Commit-Ready: Marco Chen <marcochen@chromium.org>
Tested-by: Marco Chen <marcochen@chromium.org>
Reviewed-by: Vincent Palatin <vpalatin@chromium.org>
Reviewed-by: Mike Frysinger <vapier@chromium.org>
 2017-06-06 08:52:17 -07:00
Mike Frysinger
fda1300464 keygeneration: add some output helpers 
These use the same forms as in other shell projects in CrOS.

BUG=b:35587169
TEST=ran create_new_android_keys.sh and new output works
BRANCH=None

Change-Id: Id75fd77203795d7837537f12ab948376a7ad105e
Reviewed-on: https://chromium-review.googlesource.com/520786
Commit-Ready: Mike Frysinger <vapier@chromium.org>
Tested-by: Mike Frysinger <vapier@chromium.org>
Reviewed-by: Nicolas Boichat <drinkcat@chromium.org>
 2017-06-01 23:49:33 -07:00
Shelley Chen
de4cefc915 detachables: Remove locale switch on up arrow 
This was old code that switched locale when pressing up
arrow.

BUG=b:35585623
BRANCH=None
TEST=Boot to recovery and make sure up arrow doesn't
     change the locale.

Change-Id: Ibb4d2785170a2e36d599e4af56de3dfd922c5957
Signed-off-by: Shelley Chen <shchen@chromium.org>
Reviewed-on: https://chromium-review.googlesource.com/517283
Reviewed-by: Randall Spangler <rspangler@chromium.org>
 2017-05-27 10:35:41 -07:00
Shelley Chen
46802fddeb detachables: Adding language selection menu 
Handle displaying of language menu.

BUG=b:35585623
BRANCH=None
TEST=Reboot and select Language from menu, select language
     and make sure displays menu items in current language.

Change-Id: I518021c5278895e95cb4afdde044091c5bec7233
Signed-off-by: Shelley Chen <shchen@chromium.org>
Reviewed-on: https://chromium-review.googlesource.com/477093
Reviewed-by: Randall Spangler <rspangler@chromium.org>
 2017-05-27 10:35:41 -07:00
Shelley Chen
87666b349e detachables: Reset timer every time user moves the cursor 
In dev mode, after 30 seconds of inactivity, we'll get
the usual loud beep and automatic boot from disk.

BUG=b:35585623
BRANCH=None
TEST=reboot and make sure that fw screen timeout only occurs
     after 30 seconds of inactivity.

Change-Id: Id6552f7213a52ed8c0f083a8388719a8fe79fa77
Signed-off-by: Shelley Chen <shchen@chromium.org>
Reviewed-on: https://chromium-review.googlesource.com/457841
Reviewed-by: Randall Spangler <rspangler@chromium.org>
 2017-05-26 14:35:33 -07:00
Shelley Chen
2b8ea31e67 detachables: Use locale bitmaps instead of text 
BUG=b:35585623
BRANCH=None
TEST=reboot and make sure that the bitmaps show up

Change-Id: I92a9cf7dc808a22c7ace25763d4ef49824a93054
Signed-off-by: Shelley Chen <shchen@chromium.org>
Reviewed-on: https://chromium-review.googlesource.com/457840
 2017-05-26 14:35:32 -07:00
Shelley Chen
2ed9ca605c detachables: New code path for displaying detachable menus 
BUG=b:35585623
BRANCH=None
TEST=None
CQ-DEPEND=CL:457863

Change-Id: Ib2f8d93334cecfd80169842994ea7561baf41378
Signed-off-by: Shelley Chen <shchen@chromium.org>
Reviewed-on: https://chromium-review.googlesource.com/457839
 2017-05-25 22:51:14 -07:00
Patrick Berny
05f6675acd rowan: Add preMP keys to vbutil_what_keys 
BUG=none
BRANCH=ToT
TEST=ensure Rowan PreMP keys are correctly output by
     'vbutil_what_keys chromeos_9547.0.0_rowan_recovery_canary-
channel_premp.bin'

Change-Id: I292425106a0b2d8e42f8a31de18edd0e63618842
Reviewed-on: https://chromium-review.googlesource.com/514984
Commit-Ready: Patrick Berny <pberny@chromium.org>
Tested-by: Patrick Berny <pberny@chromium.org>
Reviewed-by: Patrick Berny <pberny@chromium.org>
Reviewed-by: Mike Frysinger <vapier@chromium.org>
 2017-05-25 17:15:57 -07:00
Mike Frysinger
b568c66bd7 image_signing: ensure_secure_kernelparams.sh: use loopback devices for speed 
Rather than read out the whole kernel partition just to dump the kernel
config, set the image up via a loopback device and read from there.

BRANCH=None
BUG=chromium:714598
TEST=signing images still works

Change-Id: I3797a0e77315e8baf6f481f31c44b889ac6d098a
Reviewed-on: https://chromium-review.googlesource.com/505475
Commit-Ready: Mike Frysinger <vapier@chromium.org>
Tested-by: Mike Frysinger <vapier@chromium.org>
Reviewed-by: Mike Frysinger <vapier@chromium.org>
 2017-05-23 23:59:31 -07:00
Caveh Jalali
2c85972148 define callback APIs for auxiliary firmware update. 
TEST="COV=1 make" passes
	depthcharge still compiles
	in combination with follow-up CLs, ps8751 firmware update
	succeeds.

BUG=b:35586896

Change-Id: Ibadc41e56e4e25ee0aba5c83caa0e3596fb9ad20
Reviewed-on: https://chromium-review.googlesource.com/505259
Commit-Ready: Caveh Jalali <caveh@google.com>
Tested-by: Caveh Jalali <caveh@google.com>
Reviewed-by: Randall Spangler <rspangler@chromium.org>
 2017-05-23 23:59:11 -07:00
Rizwan Qureshi
f7ce794999 vboot_ui_menu: Show Developer options on USB failure 
In the current implementation, if the boot from USB fails after pressing
Ctrl-U or selecting "Boot USB Image", only a blank screen is shown instead of
a menu. There is no option for the user to do anything else except wait for the
timeout, after which boot from fixed disk is attempted. This does not seem like
an intuitive boot flow.
Hence, if the USB boot fails display the current menu, allowing the user to
attempt something else.

BUG=None
BRANCH=None
TEST= verfied that menu is displayed on USB boot failure from developer screen.

Change-Id: Ide3967be7bba3d87c8a545a0f4ed52da44150fd0
Signed-off-by: Rizwan Qureshi <rizwan.qureshi@intel.com>
Reviewed-on: https://chromium-review.googlesource.com/509671
Commit-Ready: Rizwan Qureshi <rizwan.qureshi@intel.corp-partner.google.com>
Tested-by: Rizwan Qureshi <rizwan.qureshi@intel.corp-partner.google.com>
Reviewed-by: Shelley Chen <shchen@chromium.org>
 2017-05-23 03:03:16 -07:00
Mike Frysinger
9d11bb1b1d image_signing: unify output helpers 
We have `err_die` and `die` helpers that do the same thing, but some
scripts just have to know which one to use based on their runtime.
Just unify them as the more common `die` so all scripts can use it.

Similarly, we provide info, warn, and error to dev scripts, but not
to the runtime ones.  Add small stubs in common_minimal.sh so the
API is consistent.

BRANCH=None
BUG=chromium:718184
TEST=scripts still work

Change-Id: Id44fb27900c37f4e357d20817f909e4534d1c5b3
Reviewed-on: https://chromium-review.googlesource.com/507990
Tested-by: Mike Frysinger <vapier@chromium.org>
Reviewed-by: David Riley <davidriley@chromium.org>
Commit-Queue: Mike Frysinger <vapier@chromium.org>
 2017-05-19 04:13:09 +00:00
Mike Frysinger
b660356d51 image_signing: fix key insert logic 
We don't want to override the common trap as the common sh files already
have handlers installed to clean up files/mounts.  Re-use those helpers
to avoid leaking loopback mounts.

BRANCH=None
BUG=chromium:718184
TEST=signing images still works

Change-Id: I749ce5075194356219fea51152154fdc5a2e3b99
Reviewed-on: https://chromium-review.googlesource.com/505575
Reviewed-by: Eric Caruso <ejcaruso@chromium.org>
Tested-by: Mike Frysinger <vapier@chromium.org>
Commit-Queue: Mike Frysinger <vapier@chromium.org>
 2017-05-16 17:43:14 +00:00
Mike Frysinger
36e030df80 image_signing: strip_boot_from_image.sh: convert to info/error helpers 
This makes the output easier to follow when multiple scripts are being run.

BRANCH=None
BUG=chromium:714598
TEST=signing images still works

Change-Id: I48edde260e1d1db88f65624c7ff46ad2ac1cc2f4
Reviewed-on: https://chromium-review.googlesource.com/498100
Commit-Ready: Mike Frysinger <vapier@chromium.org>
Tested-by: Mike Frysinger <vapier@chromium.org>
Reviewed-by: David Riley <davidriley@chromium.org>
 2017-05-13 15:25:43 -07:00
Mike Frysinger
9e7caccd35 image_signing: resign_image.sh: drop unused script 
This script hasn't been executed by image_signing or the cros-signer
code, and cs/ doesn't turn up any hits.  Scrub it from the codebase.

BRANCH=None
BUG=chromium:714598
TEST=signing images still works

Change-Id: Ief4256a8ceab753d5c1fd6d0f3d81609e11f62a9
Reviewed-on: https://chromium-review.googlesource.com/500329
Commit-Ready: Mike Frysinger <vapier@chromium.org>
Tested-by: Mike Frysinger <vapier@chromium.org>
Reviewed-by: David Riley <davidriley@chromium.org>
 2017-05-13 11:53:20 -07:00
Mike Frysinger
3c8496cc86 image_signing: sign_official_build.sh: convert to info/error helpers 
This makes the output easier to follow when multiple scripts are being run.

BRANCH=None
BUG=chromium:714598
TEST=signing images still works

Change-Id: I4097fd58f349dc84c242dd12d6a94e12f387a1f0
Reviewed-on: https://chromium-review.googlesource.com/498232
Commit-Ready: Mike Frysinger <vapier@chromium.org>
Tested-by: Mike Frysinger <vapier@chromium.org>
Reviewed-by: David Riley <davidriley@chromium.org>
 2017-05-13 11:53:20 -07:00
Mike Frysinger
ad16cf327e image_signing: ensure_sane_lsb-release.sh: convert to info/error helpers 
This makes the output easier to follow when multiple scripts are being run.

BRANCH=None
BUG=chromium:714598
TEST=signing images still works

Change-Id: I7351e1ff63bb7e88e4449dd2718685fef7ec031d
Reviewed-on: https://chromium-review.googlesource.com/498267
Commit-Ready: Mike Frysinger <vapier@chromium.org>
Tested-by: Mike Frysinger <vapier@chromium.org>
Reviewed-by: David Riley <davidriley@chromium.org>
 2017-05-13 01:04:43 -07:00
Mike Frysinger
5fa64e2eae image_signing: ensure_no_nonrelease_files.sh: convert to info/error helpers 
This makes the output easier to follow when multiple scripts are being run.

BRANCH=None
BUG=chromium:714598
TEST=signing images still works

Change-Id: I666d3f5beee4b4e3e9903d546ef66917990a659e
Reviewed-on: https://chromium-review.googlesource.com/498231
Commit-Ready: Mike Frysinger <vapier@chromium.org>
Tested-by: Mike Frysinger <vapier@chromium.org>
Reviewed-by: David Riley <davidriley@chromium.org>
 2017-05-12 22:49:01 -07:00
Mike Frysinger
eb7c7632fe image_signing: make_dev_ssd.sh: convert to info/error helpers 
This makes the output easier to follow when multiple scripts are being run.

BRANCH=None
BUG=chromium:714598
TEST=signing images still works

Change-Id: I96e20f38b6a51ad4dc8064fa3fb3d4302c47888f
Reviewed-on: https://chromium-review.googlesource.com/497302
Commit-Ready: Mike Frysinger <vapier@chromium.org>
Tested-by: Mike Frysinger <vapier@chromium.org>
Reviewed-by: David Riley <davidriley@chromium.org>
 2017-05-12 20:58:06 -07:00
Mike Frysinger
3a6d6f886e image_signing: common.sh: prefix helper messages with $PROG by default 
This makes the output easier to follow when multiple scripts are being run.

BRANCH=None
BUG=chromium:714598
TEST=signing images still works

Change-Id: I072994dd07cf559a60e8a139eaeaf000cbbf72e3
Reviewed-on: https://chromium-review.googlesource.com/497301
Commit-Ready: Mike Frysinger <vapier@chromium.org>
Tested-by: Mike Frysinger <vapier@chromium.org>
Reviewed-by: David Riley <davidriley@chromium.org>
 2017-05-11 01:58:55 -07:00
Mike Frysinger
f68d76c1cd image_signing: do not fail when chronos does not exist 
If the device doesn't create a chronos user, don't throw errors.
For some embedded systems, they don't need a chronos user.

BRANCH=None
BUG=chromium:714598
TEST=signing images still works

Change-Id: I4604beae1e647e024a04583471b8a7d0d4f188fa
Reviewed-on: https://chromium-review.googlesource.com/500027
Commit-Ready: Mike Frysinger <vapier@chromium.org>
Tested-by: Mike Frysinger <vapier@chromium.org>
Reviewed-by: David Riley <davidriley@chromium.org>
 2017-05-11 01:58:53 -07:00
Mike Frysinger
0dfff398fc image_signing: swap_rootfs.sh: drop unused script 
This script hasn't been executed by image_signing or the cros-signer
code, and cs/ doesn't turn up any hits.  Scrub it from the codebase.

BRANCH=None
BUG=chromium:714598
TEST=signing images still works

Change-Id: Ic9cf90929f949a7f6b4e41e5b819d6f786c1c833
Reviewed-on: https://chromium-review.googlesource.com/500328
Commit-Ready: Mike Frysinger <vapier@chromium.org>
Tested-by: Mike Frysinger <vapier@chromium.org>
Reviewed-by: David Riley <davidriley@chromium.org>
 2017-05-10 11:58:28 -07:00
Mike Frysinger
1aabe7111e image_signing: output pubkey in DER format 
BRANCH=None
BUG=chromium:718184
TEST=new imageloader works

Change-Id: I430ed616954c820d3d1607eefd4f8e1c60863a8f
Reviewed-on: https://chromium-review.googlesource.com/497914
Commit-Ready: Mike Frysinger <vapier@chromium.org>
Tested-by: Mike Frysinger <vapier@chromium.org>
Reviewed-by: Greg Kerr <kerrnel@chromium.org>
 2017-05-10 11:58:19 -07:00
Duncan Laurie
42f57403ae vboot: Add multiboot kernel type 
Add a kernel type for signing multiboot kernel images.

BUG=b:38040849
BRANCH=none
TEST=properly sign a multiboot kernel image and then verify
the resulting image.

Change-Id: If00e7c85244bc59853c305e42543f34c5fabf356
Signed-off-by: Duncan Laurie <dlaurie@google.com>
Reviewed-on: https://chromium-review.googlesource.com/497933
Reviewed-by: Randall Spangler <rspangler@chromium.org>
 2017-05-08 12:40:52 -07:00
Duncan Laurie
eab2668a1a futility: Verify linux kernel signature 
Verify the linux kernel signature on images before assuming
they contain a linux kernel.  This allows non-linux images
on x86 to be left unmodified when signed.

BUG=b:38040849
BRANCH=none
TEST=sign a multiboot kernel image that remains unmodified, and
ensure that x86 linux kernels are still updated properly and
can still be booted.

Change-Id: Ib7ba2d59ebe6413ab355aa7c0a9ee2e32c3ed98a
Signed-off-by: Duncan Laurie <dlaurie@google.com>
Reviewed-on: https://chromium-review.googlesource.com/497932
Reviewed-by: Randall Spangler <rspangler@chromium.org>
 2017-05-08 12:40:52 -07:00
Mike Frysinger
f3df71d44c image_signing: set_channel: use new lsbval helper 
Minor clean up to the logic.

BUG=None
TEST=`./set_channel recovery_image.bin stable-channel` changed the lsb-release file to stable
BRANCH=None

Change-Id: Idf12b643f88e373b528b50e269537b861052b448
Reviewed-on: https://chromium-review.googlesource.com/414225
Commit-Ready: Mike Frysinger <vapier@chromium.org>
Tested-by: Mike Frysinger <vapier@chromium.org>
Reviewed-by: Hung-Te Lin <hungte@chromium.org>
 2017-05-07 09:45:58 -07:00
Mike Frysinger
febef2af40 image_signing: fix signing of zip/crx files 
Restore the search logic for manifests in subdirs.

BRANCH=None
BUG=chromium:697645
TEST=signed adb/fastboot zip archives

Change-Id: I07a417216ea463cb00d6ead7cd3b61d6e6fa507d
Reviewed-on: https://chromium-review.googlesource.com/494207
Commit-Ready: Hsinyu Chao <hychao@chromium.org>
Tested-by: Mike Frysinger <vapier@chromium.org>
Reviewed-by: Eric Caruso <ejcaruso@chromium.org>
 2017-05-04 06:07:01 -07:00
Eric Caruso
1919b169bf image_signing: change files sign_oci_container looks for 
Since we're packing containers in a format imageloader understands,
we need to consume imageloader's manifest and produce a signature
it knows to look for.

BRANCH=ToT
BUG=chromium:697645
TEST=package adb container, verify imageloader.sig.2 is present

Change-Id: Ied9cdacf1d448a094c1b171bc2bf3b2ae54eb517
Reviewed-on: https://chromium-review.googlesource.com/457102
Commit-Ready: Eric Caruso <ejcaruso@chromium.org>
Tested-by: Eric Caruso <ejcaruso@chromium.org>
Reviewed-by: Stephen Barber <smbarber@chromium.org>
Reviewed-by: Mike Frysinger <vapier@chromium.org>
 2017-04-26 16:19:51 -07:00
Mike Frysinger
510e7a2b03 devkeys: switch container key from RSA to EC 
Created by doing:
  openssl ecparam -name prime256v1 -out prime256v1.pem
  openssl ecparam -genkey -noout -out cros-oci-container.pem -in prime256v1.pem
  openssl pkey -in cros-oci-container.pem -out cros-oci-container-pub.pem -pubout

BUG=chromium:660209
TEST=`./sign_official_build.sh oci-container fastboot/ ../tests/devkeys` still works
BRANCH=None

Change-Id: I4171b2d9d9788cccf082d613b1de6e7ca9d0b005
Reviewed-on: https://chromium-review.googlesource.com/461418
Commit-Ready: Dylan Reid <dgreid@chromium.org>
Tested-by: Dylan Reid <dgreid@chromium.org>
Reviewed-by: Eric Caruso <ejcaruso@chromium.org>
 2017-04-26 16:19:50 -07:00
Bill Richardson
748af73c67 Add missing arg to debug message 
BUG=none
BRANCH=all
TEST=none

Change-Id: Ic7b318fbc05a2b25f4923d08381186c8b37a5999
Signed-off-by: Bill Richardson <wfrichar@chromium.org>
Reviewed-on: https://chromium-review.googlesource.com/475117
Reviewed-by: Randall Spangler <rspangler@chromium.org>
 2017-04-12 20:22:36 -07:00
Shelley Chen
fa0f483782 detachables: Define VbExDisplayMenu() 
Create new callback for drawing detachable firmware menus

BUG=b:35585623
BRANCH=None
TEST=None

Change-Id: Ief207f6119f00151e2d480549aaac3a8755cb1b4
Signed-off-by: Shelley Chen <shchen@chromium.org>
Reviewed-on: https://chromium-review.googlesource.com/457838
Reviewed-by: Stefan Reinauer <reinauer@chromium.org>
 2017-03-29 13:43:11 -07:00
Victor Hsieh
cfbc083efe Preserve compress method when re-sign Android image 
TEST=sign_android_image.sh rootfs /path/to/tests/devkeys/android
     # unsquash -s still shows gzip (previous script always use lzo)
BUG=chromium:705247
BRANCH=none

Change-Id: If95686d293123a069ce36bc53cbea3a08aa3e7ab
Reviewed-on: https://chromium-review.googlesource.com/461205
Commit-Ready: Victor Hsieh <victorhsieh@chromium.org>
Tested-by: Victor Hsieh <victorhsieh@chromium.org>
Reviewed-by: Mike Frysinger <vapier@chromium.org>
 2017-03-28 17:16:52 -07:00
Nicolas Boichat
a1c5f7c006 vboot_reference: Add support for 3072-bit exponent 3 keys 
This also adds the required tests (keys, testcases), and some
additional tests in vb2_rsa_utility_tests.c that were not
added when 2048-bit exponent 3 support was added.

BRANCH=none
BUG=chromium:684354
TEST=make runtests

Change-Id: I56d22302c2254ef500b9d2d290a79d8c8bc39942
Reviewed-on: https://chromium-review.googlesource.com/449060
Commit-Ready: Nicolas Boichat <drinkcat@chromium.org>
Tested-by: Nicolas Boichat <drinkcat@chromium.org>
Reviewed-by: Randall Spangler <rspangler@chromium.org>
 2017-03-16 11:25:47 -07:00
Nicolas Boichat
114ac2079e vbutil_keyblock: Force checking the signature if signpubkey is provided 
Previously, futility vbutil_keyblock --unpack would just ignore the error
if the keyblock was not signed (but a signing public key was provided).

This fix would have caught the regression introduced by
939cc3a "futility: Use only vboot 2.0 APIs for keyblocks"

BUG=chromium:611535
BRANCH=none
TEST=make runtests on m/master => fails
TEST=make runtests with CL:448399 => succeeds

Change-Id: Id7f0a248863aae2f41c2fa46fbb8a37848e707a9
Reviewed-on: https://chromium-review.googlesource.com/449058
Commit-Ready: Nicolas Boichat <drinkcat@chromium.org>
Tested-by: Nicolas Boichat <drinkcat@chromium.org>
Reviewed-by: Randall Spangler <rspangler@chromium.org>
 2017-03-16 11:25:47 -07:00
Nicolas Boichat
e0a3f85a46 host_keyblock: Fix vb2_create_keyblock_external 
939cc3a "futility: Use only vboot 2.0 APIs for keyblocks" introduced
2 subtle bugs, and we could still pass unit tests. Until we start
adding more signing algorithms and sig_data_size != 0.

BUG=chromium:611535
BRANCH=none
TEST=make runtests

Change-Id: Ief95e5ab773185b59276cf06d1efaa29f1212466
Reviewed-on: https://chromium-review.googlesource.com/448399
Commit-Ready: Nicolas Boichat <drinkcat@chromium.org>
Tested-by: Nicolas Boichat <drinkcat@chromium.org>
Reviewed-by: Randall Spangler <rspangler@chromium.org>
 2017-03-16 11:25:46 -07:00
Shelley Chen
50d1282e85 poppy: center detachable menu text 
BUG=b:35585623
BRANCH=None
TEST=reboot and make sure menu is centered in fw screen
CQ-DEPEND=CL:447818

Change-Id: I7ce5063adab978338af18ad2befe65107fdea21f
Signed-off-by: Shelley Chen <shchen@chromium.org>
Reviewed-on: https://chromium-review.googlesource.com/447838
Reviewed-by: Randall Spangler <rspangler@chromium.org>
 2017-03-02 22:02:21 -08:00
Shelley Chen
97a8aa97c3 poppy: define VbExDisplayGetDimension() 
callback to get rows/cols of display

BUG=b:35585623
BRANCH=None
TEST=make sure code compiles

Change-Id: I276975b2f0eecceb66a30ceaa449ab76a440026d
Signed-off-by: Shelley Chen <shchen@chromium.org>
Reviewed-on: https://chromium-review.googlesource.com/447837
Reviewed-by: Randall Spangler <rspangler@chromium.org>
 2017-03-02 09:33:57 -08:00
Shelley Chen
48a67d3ca7 poppy: Disable arrow keys for language switch 
Previously, could use arrow keys to change language
in fw screen.  Disabling this in detachable menu
because will be using menu to switch languages.

BUG=b:35585623
BRANCH=None
TEST=reboot and try to use right/left arrows.  Make
     sure they don't do anything.

Change-Id: Ic720ea4ec9e6b7ae1676fdf60d27e2c74e48f736
Signed-off-by: Shelley Chen <shchen@chromium.org>
Reviewed-on: https://chromium-review.googlesource.com/444945
Reviewed-by: Randall Spangler <rspangler@chromium.org>
 2017-03-02 09:33:57 -08:00