This fixes a number of bugs, adds a bunch of commands, and essentially makes
cgpt ready to use as a replacement for gpt. Still to do is to add commands
and options that will let it generated intentionally bad partitions, for use
in testing.
Review URL: http://codereview.chromium.org/2719008
Firmware-side code for LoadKernel() is in place now. LoadFirmware() replacement coming soon.
The new functions are implemented in parallel to the existing ones (i.e., everything that used to work still does).
Review URL: http://codereview.chromium.org/2745007
Rollback_index funcs now all return 0 if succcess, nonzero if error.
(Note: not fully implemented; Luigi, please clean this up in a
subsequent CL)
LoadKernel() checks return codes from TPM funcs.
LoadKernel() only looks at versions from TPM in normal boot mode.
Review URL: http://codereview.chromium.org/2735004
Supports passing back the kernel sign key blob, and updating the
firmware data hash during decompression. Doesn't require data for
both firmware volumes before deciding which one to boot.
Intended to replace VerifyFirmwareDriver_f().
Review URL: http://codereview.chromium.org/2691006
We know where to look, and we'll look there regardless. We don't care where
the header creator thinks it should be.
Update tests to match.
Oh, and don't assume that I mean "/dev/FOO" if I just say "FOO". That's
really annoying.
Review URL: http://codereview.chromium.org/2606002
The kernel rollback test needs to be rebaselined to use the LoadKernel() (or may combined with load_kernel_test). Will do that as a separate CL when that is close to its final form.
Review URL: http://codereview.chromium.org/2584001
* now -g (get mode) becomes default
* properties are now managed in a more generalized way so adding new property would be more easy
Review URL: http://codereview.chromium.org/2549001
Also includes part of LoadKernel(), which I'll split into a separate
CL. With some hacks, gets into VerifyKernel() before dying because
I'm not passing in the right key blob.
cgptlib is now pretty stable, and worth looking at. LoadKernel() less so.
Thanks,
Randall
Review URL: http://codereview.chromium.org/2438005
With this change, just like the kernel signing utility, the firmware signing utility now supports outputting the key signature (subkey) header and reusing it to generate new signed firmware images without requiring the root key (assuming the firmware signing key doesn't change).
Also, some minor comment fixes I missed the last time around.
Review URL: http://codereview.chromium.org/2366004
This allows for using an existing key signature (subkey) header to generate new signed images if the kernel signing is unchanged. This obviates the need to take out the firmware private key each time a new signed kernel image is generated.
A similar change will also be propagated to the firmware signing utility. We would REALLY like to reduce the need to take out the verified boot private root key (used for generating R/W firmware key signature headers) everytime we generate a new signed R/W firmware image.
Review URL: http://codereview.chromium.org/2372001
Rather than copying individual fields. More suitable for use in LoadKernel().
Added StatefulSkip(), so that fields in the input stream can be skipped more cleanly.
Review URL: http://codereview.chromium.org/2327001
This option makes the signing utility just output the kernel subkey (key signature) header which can be used to generate subsequent signed kernel images without needing the firmware root key and using the same kernel signing key. (This feature will be a part of a subsequent CL).
Review URL: http://codereview.chromium.org/2310002
