This change adds an additional (optional) section to the .yaml file which
can enumerate the names of the locales. If present, these names will be
appended to the end of the bmpblock and the (new) locale_string_offset field
in the BmpBlockHeader will point to it. The names are encoded as a series of
null-terminated ASCII strings. The end of the series is indicated by an
extra null (for example, "en_US\0fr\0\0" names two locales).
The BIOS does not use this information. Factory or OOBE could use it to
select the initiale locale for the BIOS screens from the list of locales
included in the BmpBlock.
BUG=chrome-os-partner:3868
TEST=none
Change-Id: I34fd9ece27343d56ec43772de975ac6f2ad7c9a6
Reviewed-on: http://gerrit.chromium.org/gerrit/1156
Reviewed-by: Hung-Te Lin <hungte@chromium.org>
Tested-by: Bill Richardson <wfrichar@chromium.org>
With version 1.0, the BIOS displays its screens using composited images, but
we still have to create a new bmp image for every HWID. Version 1.1 lets us
render the ASCII HWID string directly, so the BIOS screens don't need
modification just because the HWID changes.
In the yaml file, we just replace the hwid image with a magic string, like
so:
bmpblock: 1.1
[...]
screens:
en_remove:
- [ 0, 0, remove_bg]
- [256, 534, en_model_text]
- [314, 534, $HWID]
- [192, 479, url]
- [195, 453, en_remove_text]
This change modifies the bmpblk_utility to accept and generate both 1.0 and
1.1 versions. It also updates the supporting scripts (most of which aren't
needed anymore) and adds a new DEFAULT.yaml file which can be used as the
basis for all locales.
BUG=chrome-os-partner:3264
TEST=none (manual)
Change-Id: I012349393848393928282
Reviewed-on: http://gerrit.chromium.org/gerrit/378
Tested-by: Bill Richardson <wfrichar@chromium.org>
Reviewed-by: Bill Richardson <wfrichar@chromium.org>
BUG=chromium-os:11490
TEST=manual
cd src/platform/vboot_reference
make
make runbmptests
Change-Id: Ia887fc1aa1de873c6da6c04995bc0a9ad6b364aa
Review URL: http://codereview.chromium.org/6541001
This ensures that equivalent yaml files produce identical bmpblock binaries.
BUG=chromium-os:12158
TEST=manual
cd src/platform/vboot_reference
make
make runbmptests
Change-Id: Ic8103ff90e57034d72fb3920a6c198c77768f162
Review URL: http://codereview.chromium.org/6533012
This lets bmpbklk_utility generate BMPBLOCKs with EFIv1-compressed bitmaps.
It also adds the ability to display or unpack BMPBLOCK blobs.
The compression/decompression routines come from the tianocore EDK on
sourceforge and are written in C, so now there's a mix of C and C++, but it
works just fine.
BUG=chromium-os:11491
TEST=manual
cd src/platform/vboot_reference
make
make runbmptests
Review URL: http://codereview.chromium.org/6508006
Change-Id: Ie05e1a3fd42f4694447c8c440b2432af4ac0f601
This replaces http://codereview.chromium.org/6307007. The only difference is
the Makefile. The vboot_reference ebuild has been changed so that we only
attempt to build bmpblk_utility on the host.
Change-Id: I4902703baba155e0d2d7646d19b233aa695c282f
BUG=chromium-os:11017,chromium-os:10599
TEST=none
No test needed. If buildbot is green, it's verified.
Review URL: http://codereview.chromium.org/6334111
Revert "This change define the data structure of bmp block and implements the create more of bmpblk_utility. It reads a YAML config file, parse the informations, and creates bmpblock file as output."
This reverts commit 95b0ae01ea.
BUG=none
TEST=emerge-x86 vboot_reference
TBR=waihong@chromium.org
Change-Id: If1692ca12ddb61b7814ca7dddccee5a395c8bed1
The list mode and extract mode will be implemented later.
Change-Id: I2b34b323814b1d6b0a369b0e4b2bfa7cf960ff4a
BUG=chromium-os:11017
TEST=build and run, use bvi to check its output.
Review URL: http://codereview.chromium.org/6307007
Non-x86 platforms (ex, ARM) may need to create GBB from scratch.
The new "create" (-c) creates a GBB blob by given property maximum sizes.
The list must follow same order as specified in GBB header.
BUG=chromium-os:1302
TEST=gbb_utility -c 0x100,0x1000,0x03DE80,0x1000 gbb.blob
gbb_utility -s --hwid='test' gbb_blob
gbb_utility -s --rootkey='some_rootkey' gbb_blob
gbb_utility -g --hwid --rootkey='rk.bin' gbb_blob # output hwid=test
Change-Id: Ic854609effa32020f9536bc2d3f8457dff1c3719
Review URL: http://codereview.chromium.org/6173001
* now -g (get mode) becomes default
* properties are now managed in a more generalized way so adding new property would be more easy
Review URL: http://codereview.chromium.org/2549001
With this change, just like the kernel signing utility, the firmware signing utility now supports outputting the key signature (subkey) header and reusing it to generate new signed firmware images without requiring the root key (assuming the firmware signing key doesn't change).
Also, some minor comment fixes I missed the last time around.
Review URL: http://codereview.chromium.org/2366004
This allows for using an existing key signature (subkey) header to generate new signed images if the kernel signing is unchanged. This obviates the need to take out the firmware private key each time a new signed kernel image is generated.
A similar change will also be propagated to the firmware signing utility. We would REALLY like to reduce the need to take out the verified boot private root key (used for generating R/W firmware key signature headers) everytime we generate a new signed R/W firmware image.
Review URL: http://codereview.chromium.org/2372001
This option makes the signing utility just output the kernel subkey (key signature) header which can be used to generate subsequent signed kernel images without needing the firmware root key and using the same kernel signing key. (This feature will be a part of a subsequent CL).
Review URL: http://codereview.chromium.org/2310002
For the --generate operation, the --in <file> option is gone and there are
three new required options:
--vmlinuz <file> Embedded kernel image
--config <file> Embedded kernel command-line parameters
--bootloader <file> Embedded bootloader stub
This takes the specified kernel, extracts the 32-bit component, and combines
that with the configuration file (essentially just the kernel cmdline
string) and the bootstub image . The resulting blob is signed and ready to
put in a kernel partition.
There's also an optional --padding parameter, to specify how much extra
(unsigned) space to leave between the signature header and the kernel blob.
The default is 0x4000, which is about four times as much needed when using
the largest signature size we currently support.
Review URL: http://codereview.chromium.org/2283005
This CL adds 2 things:
- Instead of having a kernel config, now we have a kernel preamble which contains some important parameters needed by the bootloader in the firmware to kernel hand-off. These parameters are verified using a separate preamble signature in addition to the kernel signature on actual kernel image data.
- Adds a new VerifyKernelHeader() API function which verifies the kernel verified boot header excluding the kernel data and also extracts parameters out of this header needed to verify the actual kernel image data (if deemed necessary). This allows for vboot header verification and data verification to be performed separately.
Review URL: http://codereview.chromium.org/2234003
The kernel_config is now stored as a 4K binary block instead of the kconfig_options structure that was being used before. Since the verified boot code doesn't care what kernel config options are (other than the length of the kernel image and for verifying them before the rest of kernel), it is ok to keep them as a blackbox.
This CL also changes the verified boot kernel layout - VBlock Data followed by Kernel Config followed by the Kernel Image. This will allow them to be stored separately, or as a concatenated block (for easy memory mapping during kernel load). This should ease the process of generating a layout for verified boot kernel images which is also compatible with legacy BIOSes that don't support this mechanism.
Finally, there is also a new firmware API function to determine the size of a kernel verified boot block, given a pointer to its beginning (for determining the offset to the kernel config and data).
Review URL: http://codereview.chromium.org/1732022
The CL adds the --config and --vblock option to kernel_utility.
--config <file> uses the file to populate the configuration portion within a signed vbootimage
Currently, the configuration file is assumed to only contain command line options to be passed to the kernel. In the future, we might want to change it so that it contains information about the kernel load address, entry points, etc. (refer to rspangler@ drive map design doc)
--vblock makes the tool only output the verification header instead of a one monolithic signed kernel image containing the verification information (with config information contained within it) followed by the actual kernel image
Review URL: http://codereview.chromium.org/1752013
Needed if the verification block needs to be stored separately than the actual firmware data instead of one monlithic blob.
TEST = Tried the new option and verified that the output is correct.
Review URL: http://codereview.chromium.org/1525032
Refactor and restructure reference code into individual self-contain modules. I have revamped the way the code is structured to make it easy to determine which parts belong in the firmware and which are used by userland tools.
common/ - common utilities and stub functions (Firmware)
cryptolib/ - crypto library (Firmware)
misclibs/ - miscellaneous userland libraries (Userland)
sctips/ - Miscellaenous scripts (Userland)
tests/ - Tests (Userland)
vfirmware/ - Verified Firmware Implementation
vfirmware/firmware_image_fw.c (Firmware)
vfirmware/firmware_image.c (Userland)
vkernel/ - Verified Kernel Implementation
vkernel/kernel_image_fw.c (Firmware)
vkernel/kernel_image.c (Userland)
Review URL: http://codereview.chromium.org/1581005
