scottk/OpenCellular
1
0
Fork 0
mirror of https://github.com/Telecominfraproject/OpenCellular.git synced 2025-11-24 10:14:55 +00:00
Code Issues Packages Projects Releases Wiki Activity
1,653 Commits 52 Branches 2 Tags
5a9f498182586f64865b51c874619d674f5d842c
Commit Graph

4 Commits

Author SHA1 Message Date
Randall Spangler
13b109762a vboot: use vb2 verification functions for kernel verification 
This removes old vboot1 functions in favor of the new vboot2 functions.

BUG=chromium:611535
BRANCH=none
TEST=make runtests; emerge-kevin coreboot depthcharge

Change-Id: Idc64f7714bbd9d4fa82d14b6b5d73d71c61de854
Signed-off-by: Randall Spangler <rspangler@chromium.org>
Reviewed-on: https://chromium-review.googlesource.com/400900
Reviewed-by: Daisuke Nojiri <dnojiri@chromium.org>
 2016-10-29 19:41:08 -07:00
Randall Spangler
664096bd1a vboot: use standard memcmp, memcpy, memset 
Originally, we didn't trust the firmware to provide these functions from
a standard library.  Now, with coreboot, we do.

BUG=chromium:611535
BRANCH=none
TEST=make runtests; emerge-kevin coreboot depthcharge

Change-Id: I4e624c40085f2b665275a38624340b2f6aabcf11
Signed-off-by: Randall Spangler <rspangler@chromium.org>
Reviewed-on: https://chromium-review.googlesource.com/399120
Reviewed-by: Daisuke Nojiri <dnojiri@chromium.org>
 2016-10-23 13:33:38 -07:00
Furquan Shaikh
55484550bc VbVerifyMemoryBootImage: Allow integrity-only check in dev mode with 
FASTBOOT_FULL_CAP set

This change allows developers to boot dev-signed boot images in
unlocked mode if DEV_BOOT_FASTBOOT_FULL_CAP is set in VbNvStorage or
GBB_FLAG_FORCE_DEV_BOOT_FASTBOOT_FULL_CAP is set.

BUG=chrome-os-partner:47002
BRANCH=None
TEST=Compiles successfully. make -j runtests

Change-Id: I56e3879594da1b57051dfe242ff347ac970c96bb
Signed-off-by: Furquan Shaikh <furquan@google.com>
Reviewed-on: https://chromium-review.googlesource.com/309606
Commit-Ready: Furquan Shaikh <furquan@chromium.org>
Tested-by: Furquan Shaikh <furquan@chromium.org>
Reviewed-by: Aaron Durbin <adurbin@chromium.org>
 2015-10-28 20:44:39 -07:00
Furquan Shaikh
f274360326 fastboot: Add routine for verifying kernel image loaded in memory 
This API allows fastboot boot from memory command to verify that the
image loaded in memory is signed properly using recovery keys. Thus,
only officially signed recovery images can be booted using fastboot
boot command in recovery mode.

However, if GBB_FLAG_FORCE_DEV_BOOT_FASTBOOT_FULL_CAP is set, then
this routine will not perform any check and return okay for any image
sent by fastboot boot.

BUG=chrome-os-partner:40196
BRANCH=None
TEST=Compiles successfully. With GBB override for FASTBOOT_FULL_CAP
set any signed image is allowed to boot. With FASTBOOT_FULL_CAP not
set, then only officially signed image is allowed to boot. (make -j
runtests successful)

Change-Id: I78028853bd1ad09d3c610a687f327560557d5681
Signed-off-by: Furquan Shaikh <furquan@google.com>
Reviewed-on: https://chromium-review.googlesource.com/272696
Reviewed-by: Randall Spangler <rspangler@chromium.org>
Commit-Queue: Furquan Shaikh <furquan@chromium.org>
Trybot-Ready: Furquan Shaikh <furquan@chromium.org>
Tested-by: Furquan Shaikh <furquan@chromium.org>
 2015-05-27 23:18:43 +00:00