This is just a cosmetic tweak to make it a bit clearer that
mosys is the underlying interface for these particular vbnv
read/write functions.
BUG=none
BRANCH=none
TEST=it still compiles
Signed-off-by: David Hendricks <dhendrix@chromium.org>
Change-Id: Ide172bfecf608a30489d25026268aedfc421ce4d
Reviewed-on: https://chromium-review.googlesource.com/222062
Reviewed-by: Vadim Bendebury <vbendeb@chromium.org>
Reviewed-by: Randall Spangler <rspangler@chromium.org>
This handles VBNV data stored in SPI flash which happens to be
the exact same way we handle VBNV data stored in the EC.
BUG=chrome-os-partner:31529
BRANCH=none
TEST=with CL:221349 applied, crossystem on storm no longer
spews tons of errors
Change-Id: I021d9f430acfac34dff44a927361a5a0e5ae2ff8
Signed-off-by: David Hendricks <dhendrix@chromium.org>
Reviewed-on: https://chromium-review.googlesource.com/222061
Reviewed-by: Vadim Bendebury <vbendeb@chromium.org>
Reviewed-by: Randall Spangler <rspangler@chromium.org>
If we try to sign an image w/out Chrome, this file won't exist.
Run grep with the -s flag to silence those warnings.
BUG=chromium:418817
TEST=`cbuildbot storm-release` no longer warns
BRANCH=None
Change-Id: Ibac0978e3e4d9f89c00206a2dd21c1d71544f710
Reviewed-on: https://chromium-review.googlesource.com/221184
Reviewed-by: Gaurav Shah <gauravsh@chromium.org>
Tested-by: Mike Frysinger <vapier@chromium.org>
Commit-Queue: Mike Frysinger <vapier@chromium.org>
This gives recovery mode information on two boots back instead of one,
which may be handy for debugging.
It also allows determining whether a failure of the current boot
should try the other slot or go to recovery, using only information
stored in NV storage.
Added crossystem support for printing the fields, and unit tests.
BUG=chrome-os-partner:32585
BRANCH=none
TEST=make runtests; VBOOT2=1 make runtests
Change-Id: Ia9f4186210d30217b902db7c513ae4ab8851f8f4
Signed-off-by: Randall Spangler <rspangler@chromium.org>
Reviewed-on: https://chromium-review.googlesource.com/221230
Reviewed-by: Daisuke Nojiri <dnojiri@chromium.org>
Any of these:
make xrefs
make tags
make TAGS
should create "build/cscope.files", containing a list of the
source files used in preparing to run tests (minus any test
sources). If the 'ctags' or 'etags' programs are installed in the
chroot, they'll be run too.
BUG=none
BRANCH=ToT
TEST=manual
make xrefs
cat build/cscope.files
Change-Id: If1173af7edb41742bb348b728238d800ef66ad55
Signed-off-by: Bill Richardson <wfrichar@chromium.org>
Reviewed-on: https://chromium-review.googlesource.com/221425
Reviewed-by: Randall Spangler <rspangler@chromium.org>
Previously, we only kept that slot info in RAM. We read it from NV
storage, but never wrote it back.
Added a test to confirm proper behavior (and made sure it failed
before patching 2misc.c with the fix).
BUG=chrome-os-partner:32583
BRANCH=none
TEST=VBOOT2=1 make runtests
Change-Id: Ie12124d9cbe417914fbde14ea5086380d637240f
Signed-off-by: Randall Spangler <rspangler@chromium.org>
Reviewed-on: https://chromium-review.googlesource.com/221214
Reviewed-by: Daisuke Nojiri <dnojiri@chromium.org>
This just involves deleting the "set -o pipefail" line. With
bash, that meant that any program failure in a pipe would be
fatal. Without it, only the last program matters. This usually
means that the last command simply gets no input, in which case
the program just appears to do nothing instead of complaining
about whatever the problem was.
Since vbutil_what_keys is generally only used to help debug a
failure to boot, that's not a major problem.
BUG=chromium:419773
BRANCH=ToT
TEST=manual
Tried on a Pit, it works:
localhost ~ # /tmp/vbutil_what_keys /dev/mmcblk0
-e
IMAGE: /dev/mmcblk0
part 2 kernel: d6170aa480136f1f29cf339a5ab1b960585fa444 (!DEV DEV !REC) developer keys
part 4 kernel: d6170aa480136f1f29cf339a5ab1b960585fa444 (!DEV DEV !REC) developer keys
localhost ~ # flashrom -r /tmp/bios.bin
flashrom v0.9.4 : 904e8a5 : Sep 22 2014 20:47:40 UTC on Linux 3.8.11 (armv7l), built with libpci 3.1.10, GCC 4.8.x-google 20140307 (prerelease), little endian
Reading flash... SUCCESS
localhost ~ # /tmp/vbutil_what_keys /tmp/bios.bin
-e
BIOS: /tmp/bios.bin
hwid: PIT D3A-D4Q-A3L
root key: a026a7a4a0bf0fa32d6b7aa90a80d5ef01a3b799 Daisy MP-v3, Peach-Pi MP, Peach-Pit MP-v2, Snow MP
recovery key: 6d9a2ca8b3080a97e1e5a4efbc5386ead77c3c7f Peach-Pit MP-v2
localhost ~ #
Change-Id: I171da3bf688032f469d7a5cdb42278d8028b7e0d
Signed-off-by: Bill Richardson <wfrichar@chromium.org>
Reviewed-on: https://chromium-review.googlesource.com/221176
Reviewed-by: Mike Frysinger <vapier@chromium.org>
BUG=chromium:419773
BRANCH=ToT
TEST=manual
make MINIMAL=1 DESTDIR=FOO install
make MINIMAL= DESTDIR=BAR install
find FOO BAR -name vbutil_what_keys
It should only install the script into BAR/.
Change-Id: I48d3a780533c5b72cc18720d39b18ac286b07fd9
Signed-off-by: Bill Richardson <wfrichar@chromium.org>
Reviewed-on: https://chromium-review.googlesource.com/221177
Reviewed-by: Mike Frysinger <vapier@chromium.org>
When disabling verity with make_dev_ssh.sh, a bug in
vbutil_kernel caused the re-signed kernel size to be the entire
kernel partition instead of just the necessary bits. Until we can
improve the test coverage, I'm rolling back the changes that
introduced this bug.
BUG=chromium:418647
BRANCH=ToT
TEST=manual
Created a new test image with these changes. You can install it
and disable dm-verity and it works (although there seems to be an
unrelated browser startup issue on ToT).
Change-Id: I48e8427b05e191c9894c42056429a79d57bfc78d
Signed-off-by: Bill Richardson <wfrichar@chromium.org>
Reviewed-on: https://chromium-review.googlesource.com/220935
Reviewed-by: Randall Spangler <rspangler@chromium.org>
In AllocAndReadGptData() the code was changed to use the GPT header
to determine the LBA of the GPT entries. This change did not account
for devices that have an invalid header and it can attempt to read
from invalid block addresses on a device.
This commit happened here:
a2d72f7 vboot: cgpt: Refer to partition entries by entries_lba.
https://chromium-review.googlesource.com/213861
The subsequent steps in vboot, LoadKernel->GptInit->GptRepair will
fix a missing header and entries, so it is only necessary for one of
the headers to be valid.
This is commonly the case with a new USB stick that has an image
written to it as only the primary header will be valid in this case.
However it is also true if the primary header has been corrupted and
the secondary header is still valid.
The code has been changed to call CheckHeader() on the primary and
secondary headers before attempting to use the 'entries_lba' field
to read the entries from the device. AllocAndReadGptData() now only
fails if both headers are invalid.
A number of new unit tests are created to check for these failure
conditions. In order to support this I had to extend the vboot_kernel
test infrastructure to have a buffer for the mocked disk data instead
of just ignoring reads and writes. This is because many of the existing
tests assumed they could have an invalid GPT header and still pass.
Now that the header is checked it is necessary for a valid header to
be created before the tests can pass.
BUG=chrome-os-partner:32386
BRANCH=samus,auron
TEST=All unit tests pass when running 'make runtests'
In addition real-world testing was done by corrupting the primary
and/or secondary headers of USB stick to ensure that it will
successfully boot if one of the headers is valid.
Change-Id: I7f840a44742fa3ba9a124df29ab5749e4c5a40c1
Signed-off-by: Duncan Laurie <dlaurie@chromium.org>
Reviewed-on: https://chromium-review.googlesource.com/220757
Reviewed-by: Bill Richardson <wfrichar@chromium.org>
Reviewed-by: Nam Nguyen <namnguyen@chromium.org>
This adds a --strict mode to the show command, which requires
that all signatures be valid in order to exit cleanly. It also
creates a "verify" command, which is really just an alias for
"show --strict".
BUG=none
BRANCH=ToT
TEST=make runtests
Signed-off-by: Bill Richardson <wfrichar@chromium.org>
Change-Id: I1fed7db7fe7128191bcab0c615706ef4fe2709f5
Reviewed-on: https://chromium-review.googlesource.com/219732
Reviewed-by: Randall Spangler <rspangler@chromium.org>
BUG=none
BRANCH=ToT
TEST=make runtests
This also modifies the tests to compare the futility sign command
results against the vbutil_kernel results.
Signed-off-by: Bill Richardson <wfrichar@chromium.org>
Change-Id: Ibc659f134cc83982e3f0c0bcc108cc0eddbe228e
Reviewed-on: https://chromium-review.googlesource.com/219730
Reviewed-by: Randall Spangler <rspangler@chromium.org>
We have been traversing things by passing a file descriptor. Now
the caller should mmap the file first. This will allow the caller
to determine the file type before traversing into it, so we can
check args.
BUG=none
BRANCH=ToT
TEST=make runtests
Signed-off-by: Bill Richardson <wfrichar@chromium.org>
Change-Id: If69799bde0133689dc9fb5111e6ecb5ac61639c7
Reviewed-on: https://chromium-review.googlesource.com/219649
Reviewed-by: Randall Spangler <rspangler@chromium.org>
This adds new file types to prepare for signing kernel partitions
and raw firmware blobs (FW_MAIN_A/B).
BUG=none
BRANCH=ToT
TEST=make runtests
No new functionality yet.
Change-Id: Ic6b6b94bb99f00ab54609dfe1b753b53868abaca
Signed-off-by: Bill Richardson <wfrichar@chromium.org>
Reviewed-on: https://chromium-review.googlesource.com/219648
Reviewed-by: Randall Spangler <rspangler@chromium.org>
The original vbutil_kernel command used file read and write to
make changes. Futility prefers to use memory-mapped files. This
rewrites cmd_vbutil_kernel.c to use that scheme.
BUG=none
BRANCH=ToT
TEST=make runtests
The original cmd_vbutil_kernel.c is renamed, and a test written
to ensure that the refactored version produces identical results.
Signed-off-by: Bill Richardson <wfrichar@chromium.org>
Change-Id: Ic6c3e12429a5dcb271f8136a9edac70807d66120
Reviewed-on: https://chromium-review.googlesource.com/219647
Reviewed-by: Randall Spangler <rspangler@chromium.org>
Previously, you could extract FMAP areas like so:
futility dump_fmap -x bios.bin FW_MAIN_A VBLOCK_A ...
This lets you decide what to name each area as it's extracted:
futility dump_fmap -x bios.bin FW_MAIN_A:/tmp/rw_a ../vblock
BUG=none
BRANCH=ToT
TEST=make runtests
Signed-off-by: Bill Richardson <wfrichar@chromium.org>
Change-Id: If02b57e03294b0b0b1dbc216ef57afdd3bdf2960
Reviewed-on: https://chromium-review.googlesource.com/219646
Reviewed-by: Randall Spangler <rspangler@chromium.org>
Move the Debug() function into a common place instead of several
copies in different files, rename shared functions to start with
"futil_"
BUG=none
BRANCH=ToT
TEST=make runtests
Signed-off-by: Bill Richardson <wfrichar@chromium.org>
Change-Id: I6b844553dff95c24894dae611102716a8da5312d
Reviewed-on: https://chromium-review.googlesource.com/219645
Reviewed-by: Randall Spangler <rspangler@chromium.org>
If key is null in vb2_verify_digest(), we could attempt to dereference
it. In practice it never is, but for safety's sake we should avoid
the reference.
BUG=chrome-os-partner:32235
BRANCH=none
TEST=VBOOT2=1 make runtests
Change-Id: I5a817e432922ea4c3b439b696cd2f8d988d0fecc
Signed-off-by: Randall Spangler <rspangler@chromium.org>
Reviewed-on: https://chromium-review.googlesource.com/219574
Reviewed-by: Bill Richardson <wfrichar@chromium.org>
This provides help messages for the futility commands similar to
the way git does. These show the available commands:
futility
futility help
futility --help
While these show help for a specific command:
futility help COMMAND
futility --help COMMAND
futility COMMAND --help
BUG=none
BRANCH=ToT
TEST=manual
make runtests
And manually look at help messages for each command.
Change-Id: I1126471e242784c6ca7a2f11694fa7c505d833e8
Signed-off-by: Bill Richardson <wfrichar@chromium.org>
Reviewed-on: https://chromium-review.googlesource.com/219528
Reviewed-by: Randall Spangler <rspangler@chromium.org>
This utility is used by firmware tests and having it missing is causing subtle
FAFT test failures that are frustratingly difficult to track down.
BUG=chrome-os-partner:38032
BRANCH=none
TEST=successful run of firmware_UpdateKernelDataKeyVersion
Change-Id: I4dcf277ce2678001f6e68d89781b6166042ea96e
Signed-off-by: Duncan Laurie <dlaurie@chromium.org>
Reviewed-on: https://chromium-review.googlesource.com/219079
Reviewed-by: Bill Richardson <wfrichar@chromium.org>
This doesn't have any visible effect. It just brings the meaning
of the where-do-I-put-this variable more in line with common
convention.
BRANCH=ToT
BUG=none
CQ-DEPEND=CL:217940
TEST=lots...
make runtests
make DESTDIR=BAR install
make MINIMAL=1 DESTDIR=FOO install
emerge-$BOARD vboot_reference
sudo emerge vboot_reference
trybots: link-tot-paladin, daisy_spring-paladin
Change-Id: I8d72664da07535f663d8b2f13c872eece37978b9
Signed-off-by: Bill Richardson <wfrichar@chromium.org>
Reviewed-on: https://chromium-review.googlesource.com/217930
Reviewed-by: Mike Frysinger <vapier@chromium.org>
scripts/sign_data.sh is just a wrapper to do this:
./signature_digest_utility $1 $3 \
| openssl rsautl -sign -pkcs -inkey $2
AFAICT, that script is only invoked by the SignatureFile()
function in host/lib/file_keys.c, which is not referenced by
anything. I think I can remove both of those things.
Also remove utility/gbb_utility.cc, which should have been done
long ago in commit 6f39615.
BUG=none
BRANCH=ToT
TEST=make runalltests
Also ran it on daisy_spring-paladin and link-tot-paladin.
Change-Id: I16de5022765806f11bf6144d7ffd8cc849578a68
Signed-off-by: Bill Richardson <wfrichar@chromium.org>
Reviewed-on: https://chromium-review.googlesource.com/216719
Reviewed-by: Mike Frysinger <vapier@chromium.org>
We still create the symlinks (FOO -> futility), but this
change invokes those built-in functions with "futility FOO ..."
instead of using the FOO symlink.
Note that the scripts/ directory is unchanged. That's a
separate CL, since we don't have tests for that.
BUG=chromium:231547
BRANCH=ToT
TEST=make runtests
In addition to running "make runtests", I temporarily
modified the Makefile to avoid creating the symlinks at all.
The tests still passed.
Change-Id: I96863259b9df02a3611f759a7509bf4090ae03e8
Signed-off-by: Bill Richardson <wfrichar@chromium.org>
Reviewed-on: https://chromium-review.googlesource.com/216717
Reviewed-by: Randall Spangler <rspangler@chromium.org>
Since all of the functionality of the resign_firmwarefd.sh script
is built in to futility, let's just make that script invoke
futility to do the work. We'll come back and remove the script
entirely, once all outside references to it have been changed to
do the right thing.
BUG=chromium:224734
BRANCH=ToT
TEST=make runtests
Also tested by editing tests/futility/test_resign_firmware.sh to
invoke the resign_firmwarefd.sh script instead of futility.
Everything passed.
Signed-off-by: Bill Richardson <wfrichar@chromium.org>
Change-Id: Id068e551067a956cd7ddc3f9b9e23488261d8d94
Reviewed-on: https://chromium-review.googlesource.com/216716
Reviewed-by: Randall Spangler <rspangler@chromium.org>
Just reporting that the parent process is "/bin/bash" doesn't
help much. Let's also report the cmdline args given to the parent
and the cwd. This will help us identify which shell script is
calling futility with the wrong args.
BUG=chromium:231547
BRANCH=ToT
TEST=make runtests
Signed-off-by: Bill Richardson <wfrichar@chromium.org>
Change-Id: I800995ff269ab8d8c56cad8827d8de48a53cd150
Reviewed-on: https://chromium-review.googlesource.com/216715
If we're re-signing a valid BIOS image, we want to be sure that
we preserve the original firmware preamble flags (RO_NORMAL and
so forth) if the --flags option does not specifically override
it.
This change adds a test for that case, and makes it happen.
BUG=chromium:224734
BRANCH=ToT
TEST=make runtests
Signed-off-by: Bill Richardson <wfrichar@chromium.org>
Change-Id: I8cbde66abaf96ec82adf0205bedf57b1fd1b82a1
Reviewed-on: https://chromium-review.googlesource.com/216714
Reviewed-by: Randall Spangler <rspangler@chromium.org>
The previous version of gbb_utility always zeros data before
writing new values and we should keep this behavior, to simplify
firmware hash calculation and potential security concern.
BRANCH=none
BUG=chromium:413066
TEST=emerge gbb_utility; factory/bin/gooftool get_firmware_hash bios.bin
Original-Change-Id: Ic97a118cefc9698d52d9370b627670ff103d5e23
Change-Id: If38e15f35ee491cc80f96b360c63ee25f71c1854
Reviewed-on: https://chromium-review.googlesource.com/217700
Reviewed-by: Hung-Te Lin <hungte@chromium.org>
Commit-Queue: Hung-Te Lin <hungte@chromium.org>
Tested-by: Hung-Te Lin <hungte@chromium.org>
(cherry picked from commit 3c8d29c204c6feb91ad951e2e1c5190d4ca98a13)
Reviewed-on: https://chromium-review.googlesource.com/217711
Commit-Queue: Bill Richardson <wfrichar@chromium.org>
Tested-by: Bill Richardson <wfrichar@chromium.org>
Reviewed-by: Randall Spangler <rspangler@chromium.org>
This allows the sign command to work on BIOS images with
invalid VBLOCK areas. When re-signing an existing image, the
length of the firmware body is part of the firmware preamble
in the VBLOCK areas. If those are invalid, the BIOS can
still be signed, but it will have to sign the entire FW_MAIN
area. That's a little slower to verify, so we'd prefer not
to do that, but it works.
BUG=chromium:224734
BRANCH=ToT
TEST=make runtests
Signed-off-by: Bill Richardson <wfrichar@chromium.org>
Change-Id: If58b5c86c5df12f004eabff72c22bfb1e84de7fd
Reviewed-on: https://chromium-review.googlesource.com/216229
Reviewed-by: Randall Spangler <rspangler@chromium.org>
This adds a "load_fmap" command, which is pretty much the
opposite of the "dump_fmap -x" command. It allows you to
replace the content of any FMAP areas with new stuff, without
mucking around with dd. There's a test for it, too.
BUG=chromium:224734
BRANCH=ToT
TEST=make runtests
Signed-off-by: Bill Richardson <wfrichar@chromium.org>
Change-Id: I5a9ab249c9e63a9bb1a9b26feeb3ed757cd294f1
Reviewed-on: https://chromium-review.googlesource.com/216228
Reviewed-by: Randall Spangler <rspangler@chromium.org>
The "sign" command can perform the same operation as the old
resign_firmwarefd.sh script, only about 20 times faster. The
test for that will use the new command instead.
BUG=chromium:224734
BRANCH=ToT
TEST=make runtests
Change-Id: Ie7f7a0ab6fc00d7e06cb263733bf6e7246fdb023
Signed-off-by: Bill Richardson <wfrichar@chromium.org>
Reviewed-on: https://chromium-review.googlesource.com/216227
Reviewed-by: Randall Spangler <rspangler@chromium.org>
This resigns official MP-signed BIOS images, because that's the best way to
ensure we remain compatible forever. The resign_firmwarefd.sh script is
invoked make_dev_firmware.sh, which is used for development and bringup.
BUG=chromium:224734
BRANCH=ToT
TEST=make runtests
No new functionality, only a new test.
Change-Id: I4bf9cdd8321d126e1c1a45fc198ef46b0eeb5c36
Signed-off-by: Bill Richardson <wfrichar@chromium.org>
Reviewed-on: https://chromium-review.googlesource.com/216226
Reviewed-by: Randall Spangler <rspangler@chromium.org>
It doesn't yet handle block devices, but it can display normal files
containing a entire BIOS image, a GBB, a VBLOCK, a .vbpubk, a .vblock,
and a firmware preamble (VbFirmwarePreambleHeader).
The command-line options are not well-documented.
BUG=chromium:224734
BRANCH=ToT
TEST=make runtests
Change-Id: I181f6331ae23599302bbaee3f270e8af9586cf06
Reviewed-on: https://chromium-review.googlesource.com/216032
Commit-Queue: Bill Richardson <wfrichar@chromium.org>
Tested-by: Bill Richardson <wfrichar@chromium.org>
Reviewed-by: Randall Spangler <rspangler@chromium.org>
The futility.lds linker script was used to generate a table with
all the symbols in a specific section called .futil_cmds listed
in order under the symbol "futil_cmds". This allows the source files
to define a command and let the linker figure out the list of
compiled commands. Nevertheless, passing this linker script
makes the linker leave a gap of about 2MiB in the output ELF file.
Instead of mess up with linker scripts just to generate a table of
commands, this patch generates such table in the Makefile looking
at the included sources and compiling that table. The result is a
futility binary of about 88 KiB instead of the 2.1 MiB required
originally.
This patch also adds sys-boot/chromeos-u-boot to the list of ebuilds
tested by emerge_test.sh.
BUG=chromium:408926
BRANCH=None
TEST=BOARD=link ./emerge_test.sh
TEST=BOARD=daisy_spring ./emerge_test.sh
TEST=`readelf -S futility` shows no gap.
TEST=/usr/bin/futility shows no difference in the help output.
Change-Id: I9c0febc76140b404d48aa13e7f948e8ea77a41b5
Reviewed-on: https://chromium-review.googlesource.com/215496
Tested-by: Alex Deymo <deymo@chromium.org>
Reviewed-by: Bill Richardson <wfrichar@chromium.org>
Commit-Queue: Alex Deymo <deymo@chromium.org>
This creates a disk image and verifies a kernel can be loaded from it.
It is roughly analogous to vb2_firmware_tests.sh, but at the kernel
step instead of the firmware step.
This will get more interesting in the near future, with the upcoming
addition of a streaming API to read the kernel.
BUG=chromium:408265
BRANCH=none
TEST=make runtests
Change-Id: Icc9e6d0e318c4bd38fc9ab1ad704da99232822e1
Signed-off-by: Randall Spangler <rspangler@chromium.org>
Reviewed-on: https://chromium-review.googlesource.com/214508
Reviewed-by: Daisuke Nojiri <dnojiri@chromium.org>
This CL renames GPT_PMBR_SECTOR to GPT_PMBR_SECTORS and GPT_HEADER_SECTOR to
GPT_HEADER_SECTORS to better indicate that these are constants for sizes, not
location.
BRANCH=None
BUG=None
TEST=unittest
Change-Id: I26ed6d45d77dcb1eb714135edbb9e4124b54e953
Reviewed-on: https://chromium-review.googlesource.com/214830
Reviewed-by: Bill Richardson <wfrichar@chromium.org>
Tested-by: Nam Nguyen <namnguyen@chromium.org>
Commit-Queue: Nam Nguyen <namnguyen@chromium.org>
The functions that look for the FMAP and its entries should return more
useful values.
BUG=none
BRANCH=ToT
TEST=make runtests
No functional changes.
Change-Id: I4b62ea0de972bceb3d58f4ee8eb82ad065ddcbae
Signed-off-by: Bill Richardson <wfrichar@chromium.org>
Reviewed-on: https://chromium-review.googlesource.com/214630
Reviewed-by: Randall Spangler <rspangler@chromium.org>
Provide a PublicKeyLooksOkay() function to sanity-check VbPublicKey structs.
This was just part of PublicKeyRead(), but I want to separate the reading
from the checking.
BUG=chromium:224734
BRANCH=ToT
TEST=make runtests
Change-Id: I1dd808e623e2a7fdc2789e02305619111a7b01e6
Signed-off-by: Bill Richardson <wfrichar@chromium.org>
Reviewed-on: https://chromium-review.googlesource.com/214621
Reviewed-by: Randall Spangler <rspangler@chromium.org>
There are a number of tests that haven't even been compiled in a LOOOONG
time. Let's get them out of the way. We can always put them back later.
I'm adding a comment to this CL in the Makefile.
BUG=none
BRANCH=ToT
TEST=make runalltests
Change-Id: Id2d9f0b71fc40e4a260f54cf919c6af5e0ff85c5
Signed-off-by: Bill Richardson <wfrichar@chromium.org>
Reviewed-on: https://chromium-review.googlesource.com/214610
Reviewed-by: Randall Spangler <rspangler@chromium.org>
Several ebuilds depend on vboot_reference, either by checking out the
vboot_reference repo and building it or by using the installed libs
during build time. To simplify catching problems in other ebuilds
while changing code in vboot_reference, this patch adds a new script
that tries to emerge all the affected ebuilds.
BUG=None
BRANCH=None
TEST=`../platform/vboot_reference/emerge_test.sh` inside and outside the chroot
Change-Id: I0e9e61c35cbb191e0dafa5f8fa1e74d80bb7f8d4
Reviewed-on: https://chromium-review.googlesource.com/214635
Tested-by: Alex Deymo <deymo@chromium.org>
Reviewed-by: Bill Richardson <wfrichar@chromium.org>
This CL accesses the partition entry array through its header's
entries_lba value.
Previously, we assume the primary entry array lies on third sector, and
the secondary array lies (1 + 32) sectors from disk end. This assumption
was fine, even Wikipedia assumed the same.
But in order for us to support writing boot code to the third sector (as
required by some Freescale board), the primary entry array must be moved
to another location. Therefore, we must use "entries_lba" to locate the
arrays from now on.
BRANCH=none
BUG=chromium:406432
TEST=unittest
TEST=`cgpt create -p` and then `cgpt show`. Make sure the table
header and entries are properly moved.
Change-Id: Ia9008b0bb204f290b1f6240df562ce7d3a9bbff2
Reviewed-on: https://chromium-review.googlesource.com/213861
Reviewed-by: Bill Richardson <wfrichar@chromium.org>
Tested-by: Bill Richardson <wfrichar@chromium.org>
Commit-Queue: Nam Nguyen <namnguyen@chromium.org>
Tested-by: Nam Nguyen <namnguyen@chromium.org>
System libraries such as string.h and errno.h should be included with
<> instead of "" to avoid including them from the local directory.
BRANCH=None
BUG=None
TEST=FEATURES="test" emerge-link vboot_reference
Change-Id: I6734e14223fdad9060c6518790f52f1bcfcdf8e0
Reviewed-on: https://chromium-review.googlesource.com/214058
Commit-Queue: Alex Deymo <deymo@chromium.org>
Tested-by: Alex Deymo <deymo@chromium.org>
Reviewed-by: Bill Richardson <wfrichar@chromium.org>
Add a script that runs sanity checks on the versions in a keyset.
In particular, tests whether the actual key versions match those
in key.versions. Also runs consistency checks (for example: firmware
version should match kernel subkey version).
BUG=none
TEST=run on all of our keysets
BRANCH=none
Change-Id: I5b509ba33127364f6b63252ad167646eb7dce710
Reviewed-on: https://chromium-review.googlesource.com/190790
Reviewed-by: Mike Frysinger <vapier@chromium.org>
Tested-by: Gaurav Shah <gauravsh@chromium.org>
Update the unit tests which use it to use futility. No functional
changes to it, just relocation.
Remove the futility test which checks the exact list of supported
commands. This doesn't have a good way of handling
conditionally-compiled commands, and will be even harder to maintain
as we add more commands in the future. Presence of sub-commands is
still ensured by the other tests which use them (such as
vb2_firmware_tests.sh)
BUG=chromium:231547
BRANCH=none
TEST=make runtests && VBOOT2=1 make runtests
Change-Id: Idddb639276e4c6449d023d40ac7977123113bd28
Signed-off-by: Randall Spangler <rspangler@chromium.org>
Reviewed-on: https://chromium-review.googlesource.com/213191
Reviewed-by: Bill Richardson <wfrichar@chromium.org>
This just reformats the futility sources to conform to the Linux kernel
coding style. No functional changes.
BUG=chromium:224734
BRANCH=ToT
TEST=make runtests
Change-Id: I82df07dd3f8be2ad2f3df24cebe00a9a378b13f4
Signed-off-by: Bill Richardson <wfrichar@chromium.org>
Reviewed-on: https://chromium-review.googlesource.com/213915
Reviewed-by: Randall Spangler <rspangler@chromium.org>
chromeos-install always expects DM verity information from install source,
because even when --noenable_rootfs_verification is applied, the output image
will still include DM verity in kernel command line (just not enabled).
To support developers installing a modified image (by
--remove_rootfs_verification), we have to change the command line to keep DM
verity data, just like how --noenable_rootfs_verification is done.
BRANCH=none
BUG=none
TEST=make_dev_ssd.sh --noenable_rootfs_verification; reboot;
chromeos-install # success.
Change-Id: I3b2c8cbf1b89086ed91b5549c7147cd940fbda14
Reviewed-on: https://chromium-review.googlesource.com/207321
Tested-by: Hung-Te Lin <hungte@chromium.org>
Reviewed-by: Randall Spangler <rspangler@chromium.org>
Reviewed-by: Gaurav Shah <gauravsh@chromium.org>
Commit-Queue: Hung-Te Lin <hungte@chromium.org>
