The old (v2.0) parser is compatible with new (v2.1) structs. That is,
this won't break existing firmware or vbutil_firmware.
A new (v2.1) parser parsing an old (v2.0) struct will return 0 for the
flags.
This will be used to support the RO-normal code path in a subsequent CL.
BUG=chromium-os:17304
TEST=added unit tests; make && make runtests
Change-Id: I73bcd8acd3330b0d7d143061b5ef838e6d79cf1a
Reviewed-on: http://gerrit.chromium.org/gerrit/4030
Reviewed-by: Bill Richardson <wfrichar@chromium.org>
Tested-by: Randall Spangler <rspangler@chromium.org>
BUG=chromium-os:17457
TEST=make && make runtests
When this is merged into an actual firmware build, can test it:
* dev switch off -> no dev screen, won't boot self-signed kernel
* dev switch on --> dev warning screen, will boot self-signed kernel
(e.g., it acts like the Cr-48)
Change-Id: I985428256e48b7e05dd4d8fe582a0c0103bf5fb2
Reviewed-on: http://gerrit.chromium.org/gerrit/3901
Reviewed-by: Stefan Reinauer <reinauer@google.com>
Tested-by: Randall Spangler <rspangler@chromium.org>
BUG=chromium-os:17433
TEST=make && make runtests. Additional manual tests:
0. Insert a valid dev-signed USB key.
1. Boot with dev switch off.
`crossystem dev_boot_usb` should print 0.
2. Flip dev switch on.
`crossystem dev_boot_usb` should print 0.
Ctrl+U at dev screen should beep, but not boot USB.
3. Type `crossystem dev_boot_usb=1`. Should succeed.
`crossystem dev_boot_usb` should print 1.
4. Reboot system.
At the dev mode warning, press Ctrl+U
System should boot from USB key
`crossystem dev_boot_usb` should print 0.
5. Flip dev switch off.
`crossystem dev_boot_usb` should print 0.
6. Flip dev switch on.
`crossystem dev_boot_usb` should print 0.
Note that this does not apply to Cr-48, Alex, or ZGB.
Change-Id: Idf85fdd642f38f531c89e5fa5b1679e84936d4da
Reviewed-on: http://gerrit.chromium.org/gerrit/3875
Reviewed-by: Bill Richardson <wfrichar@chromium.org>
Reviewed-by: Stefan Reinauer <reinauer@google.com>
Tested-by: Randall Spangler <rspangler@chromium.org>
Pressing Tab at a firmware screen now displays real data, including
the recovery reason, HWID, and contents of VbNvStorage.
Entry point start/end time tracking in VbSharedData now refers to the
new wrapper APIs.
Added capability for calling firmware to request recovery mode (for
example, if it's unable to initialize RAM, can't find the SSD, etc.).
Previously, calling firmware had no (good) way to do this other than
faking the recovery button being pressed.
BUG=chromium-os:17018
TEST=emerge on x86 and tegra2_seaboard
Change-Id: I7d377f279842b30a10d945d13571c41c464633f1
Reviewed-on: http://gerrit.chromium.org/gerrit/3814
Reviewed-by: Simon Glass <sjg@chromium.org>
Tested-by: Randall Spangler <rspangler@chromium.org>
Third time's the charm. Now that we've moved to u-boot-next, this
won't break the ARM build.
BUG=chromium-os:17006
TEST=make && make runtests; emerge vboot_reference; emerge-tegra2_seaboard chromeos-bootimage
Change-Id: Ib4fa26c7a23868dd2ffd2b321ee8dc08c66ea322
Original-Change-Id: I771085dcdf79d9592de64f35e3b758111a80dd9f
Original-Reviewed-on: http://gerrit.chromium.org/gerrit/3263
Original-Reviewed-by: Simon Glass <sjg@chromium.org>
Reviewed-on: http://gerrit.chromium.org/gerrit/3803
Tested-by: Randall Spangler <rspangler@chromium.org>
Reviewed-by: Simon Glass <sjg@chromium.org>
These are used by the coming-soon vboot wrapper (vboot_api_kernel) to
display debug information when Tab is pressed at a BIOS screen.
BUG=chromium-os:17035
TEST=make && make runtests (runs new test!)
Change-Id: I4893f31e9333f4e9d458a6e347213eef22f770cd
Reviewed-on: http://gerrit.chromium.org/gerrit/3759
Reviewed-by: Bill Richardson <wfrichar@chromium.org>
Tested-by: Randall Spangler <rspangler@chromium.org>
This change teaches cgpt a new GUID type to be used for the Chrome OS
read/write firmware. The GUID is CAB6E88E-ABF3-4102-A07A-D4BB9BE3C1D3.
BUG=chrome-os-partner:4843
TEST=Built and installed on my host, used a separate change to repurpose
partition 11 for the R/W firmware using cgpt and the "firmware" type, inspected
the image using cgpt. Built and installed an image and used cgpt on the device
to inspect it's GPT.
Signed-off-by: Gabe Black <gabeblack@google.com>
Change-Id: I3b2801b2e1f71b3275bbddbc45fb63bde5bce5a7
Reviewed-on: http://gerrit.chromium.org/gerrit/3763
Reviewed-by: Bill Richardson <wfrichar@chromium.org>
Tested-by: Gabe Black <gabeblack@chromium.org>
With this change, the firmware creates and initializes the kernel space first,
then the firmware space. Thus, if the initialization is interrupted (by
cutting power) in between the two spaces, at the next boot the initialization
path will be taken again, since it is triggered by a missing firmware space.
A space creation succeeds when the space already exists (the space is
removed and recreated), so this eliminates two races. There is still
the possibility that the power is cut between creating the firmware
space and initializing it, but let's assume it's not a problem until
proven otherwise. (It won't be a security problem anyhow.)
BUG=chromium-os:17049
TEST=none (too hard to reproduce the race)
Change-Id: Iae4c1cc2b9a5056cb5d858e71b680e27a442357e
Reviewed-on: http://gerrit.chromium.org/gerrit/3520
Reviewed-by: Randall Spangler <rspangler@chromium.org>
Tested-by: Luigi Semenzato <semenzato@chromium.org>
This reverts commit 0184886c8cb35e8e01d610622df448a7cb063e06
(This works with uboot-next, but not uboot, which doesn't implement its half of the new wrapper API. So rolling back to leave uboot working.
Change-Id: I1f9e3c63e5bbdb20b9195cd68787bef89f24afee
Reviewed-on: http://gerrit.chromium.org/gerrit/3588
Reviewed-by: Randall Spangler <rspangler@chromium.org>
Tested-by: Randall Spangler <rspangler@chromium.org>
This is part 3 of the vboot wrapper API refactoring. It replaces the
function calls to utility.c functions with new API calls. (It also
fixes up some integer type mismatches in cryptolib that were causing
warnings on the H2C build; those had been fixed a while ago in H2C but
hadn't been propagated across.)
This is a re-commit of the original; I've verified it compiles on both
x86-alex and tegra2, for both vboot_reference and
vboot_reference-firmware, now that the patch from
1c1a883bc7 is checked in.
BUG=chromium-os:17006
TEST=make && make runtests, and emerged on both x86-alex and tegra2
Original-Change-Id: I771085dcdf79d9592de64f35e3b758111a80dd9f
Original-Reviewed-on: http://gerrit.chromium.org/gerrit/3263
Original-Reviewed-by: Simon Glass <sjg@chromium.org>
Tested-by: Randall Spangler <rspangler@chromium.org>
(cherry picked from commit bd81b3a7d3)
Change-Id: Iefdbfb3d10eb9aa385fb6dfc3bf0896f637cb64b
Reviewed-on: http://gerrit.chromium.org/gerrit/3582
Reviewed-by: Bill Richardson <wfrichar@chromium.org>
Tested-by: Randall Spangler <rspangler@chromium.org>
This is part 3 of the vboot wrapper API refactoring. It replaces the
function calls to utility.c functions with new API calls. (It also
fixes up some integer type mismatches in cryptolib that were causing
warnings on the H2C build; those had been fixed a while ago in H2C but
hadn't been propagated across.)
BUG=chromium-os:17006
TEST=make && make runtests
Change-Id: I771085dcdf79d9592de64f35e3b758111a80dd9f
Reviewed-on: http://gerrit.chromium.org/gerrit/3263
Reviewed-by: Simon Glass <sjg@chromium.org>
Tested-by: Randall Spangler <rspangler@chromium.org>
This is part 2 of the wrapper API refactor. It adds stub
implementations for the host, and changes the host-side utilities to
use them. Firmware implementation is unchanged in this CL (other than
a few updates to macros).
BUG=chromium_os:16997
TEST=make && make runtests
Change-Id: I63989bd11de1f2239ddae256beaccd31bfb5acef
Reviewed-on: http://gerrit.chromium.org/gerrit/3256
Reviewed-by: Stefan Reinauer <reinauer@chromium.org>
Tested-by: Randall Spangler <rspangler@chromium.org>
This is a temporary workaround for Tegra boards that don't reset the TPM
when the CPU is reset. It makes the firmware more lenient when execution
starts with an already locked TPM.
BUG=chromeos-partner:3574
TEST=none (yet)
Change-Id: If6a060595c1eb41e95e0935f8467de8bb6256b12
Reviewed-on: http://gerrit.chromium.org/gerrit/1429
Reviewed-by: Gaurav Shah <gauravsh@chromium.org>
Reviewed-by: Randall Spangler <rspangler@chromium.org>
Tested-by: Nick Sanders <nsanders@chromium.org>
BUG=chrome-os-partner:3698
TEST=manual
1. Run the firmware key/version autoupdate test; this rolls forward your stored TPM version numbers.
2. Put back the original firmware.
3. Reboot.
4. Press TAB at recovery screen.
5. Should see Recovery Reason 0x14.
Change-Id: I7791f594dbd8919e74d1e6b97b99775cf1e73d1d
Reviewed-on: http://gerrit.chromium.org/gerrit/567
Reviewed-by: Bill Richardson <wfrichar@chromium.org>
Tested-by: Randall Spangler <rspangler@chromium.org>
This CL builds upon earlier firmware and kernel changes (see CLs
related to the same bug, chromium-os:12522).
ARM firmware now simulates both Nvram storage and VDAT buffer, the
structures the x86 version uses extensively to communicate back and
forth between firmware/kernel/userland.
So, to make crossystem work on arm, all what's needed is to provide
architecture specific interface to Nvram and VDAT simulation, and
architecture specific processing for variables which are accessed on
ARM platforms in a different way.
The few discrepancies and platform specifics which had to be addressed
for ARM specifically are as follows:
- the Nvram contents are cached in the shared memory and available for
reading as part of /sys/kernel/debug/chromeos_arm. When writing
Nvram, the same file needs to be written, but only the 16 bytes
(representing the Nvram contents) are aacepted.
- the VDAT buffer also comes from the shared memory (as part of the
same sysfs file)
- when crossystem starts, it needs to read in this shared memory
contents, a` weak' function VbArchInit() is being added such that it
is provided on ARM platforms only, on x86 an empty stub is called.
- current developer/recovery request/ro firmware switch states are
retrieved through GPIO drivers. The GPIO numbers are defined in the
file, the GPIO driver is supposed to be configured before
crsossystem can operate.
- the BINF values are supplied through an array within shared memory,
it would be easy to refactor both x86 and ARM use the same code to
process BINF values, but with this submission the code is duplicated
to minimize x86 impact.
- the following crossystem variables do not have ARM equivalents,
thier values are reported as '(error)':
recoverysw_ec_boot
savedmem_base
savedmem_size
BUG=chromium-os:12522
TEST=manual:
. bring up a kaen system
. execute the following script to enable the appropriate GPIOSs:
for gpio in 56 59 168; do echo $gpio > /sys/class/gpio/export; done
. run `crossystem' and observe reasonable output values
. to verify that it reads GPIOs properly, try
echo $(./crossystem recoverysw_cur)
with the miniservo 'GOOG_REC' button pressed and released, observe
different readings (note that the state of the button is reversed,
the released button is reported as '1')
. to verify the write capabilities, note that the nvram contents can
be accessed using the following shell commands
echo 3 > /proc/sys/vm/drop_caches
2>/dev/null dd if=/dev/mmcblk0 of=/tmp/blk bs=16 count=1 && \
od -t x1 /tmp/blk | head -1
(the first command cause the device cache dropped, and the second
command accesses the device contents.
vvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvv
localhost var # echo $(./crossystem fwb_tries)
10
localhost var # echo 3 > /proc/sys/vm/drop_caches
localhost var # 2>/dev/null dd if=/dev/mmcblk0 of=/tmp/blk bs=16 count=1 && od -t x1 /tmp/blk | head -1
0000000 60 0a 00 be 00 00 00 00 00 00 00 02 00 00 00 a2
localhost var # ./crossystem fwb_tries=9
localhost var # echo $(./crossystem fwb_tries)
9
localhost var # echo 3 > /proc/sys/vm/drop_caches
localhost var # 2>/dev/null dd if=/dev/mmcblk0 of=/tmp/blk bs=16 count=1 && od -t x1 /tmp/blk | head -1
0000000 60 09 00 be 00 00 00 00 00 00 00 02 00 00 00 8a
localhost var #
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
Change-Id: Ie4c6ff44441d98a42b1057953208fdb90c08f46d
Reviewed-on: http://gerrit.chromium.org/gerrit/113
Reviewed-by: Randall Spangler <rspangler@chromium.org>
Tested-by: Vadim Bendebury <vbendeb@chromium.org>
Change-Id: I5ed3509a9d4e578cd2e98f493dab59bc2fbd5827
R=dlaurie@chromium.org
BUG=chrome-os-partner:2748
TEST=manual
crossystem fwb_tries=3
(reboot)
crossystem tried_fwb
(should print 1)
crossystem fwb_tries=0
(reboot)
crossystem tried_fwb
(should print 0)
In dev mode...
Boot a kernel signed with the same key as in the firmware
crossystem kernkey_vfy
(should print sig)
Boot a kernel signed with a different key than the firmware
crossystem kernkey_vfy
(should print hash)
Review URL: http://codereview.chromium.org/6711045
R=reinauer@chromium.org
BUG=chrome-os-partner:2578
TEST=manual
crossystem vdat_timers
should show 'LFS=0,0 LF=number1,number2 LK=number3,number4'
where number1 < number2 < number3 < number4
crossystem vdat_lfdebug
run from a dev mode console, should show
'check=12,0 index=0x00 tpmver=(hex number) lowestver=(hex number)'
crossystem vdat_flags
run from a dev mode console, flags should be 0x04.
Review URL: http://codereview.chromium.org/6685068
Change-Id: Id7b958ae300d10cdcdc1b17a1bb17b7e5069166f
Change-Id: I8d52765227fd3355431bebc77dfbe0106c889eca
BUG=chrome-os-partner:2748
TEST=compiles; will be porting to H2C next
Review URL: http://codereview.chromium.org/6672068
Change-Id: Ib147be7442b93ef429a9796e2b76bee27347e0b3
R=adlr@chromium.org
BUG=13150
TEST=manual
On a current firmware (0052G1+), use 'crossystem vbtest_errfunc=3
vbtest_errno=3' to force a reboot to recovery mode. Then use
'crossystem recovery_reason' to check the recovery reason.
It should be 71. It's not. (You'll get a range of other error reasons
due to a different firmware bug.)
Review URL: http://codereview.chromium.org/6670040
I re-factored the extend call into its own module, since it doesn't necessarily
need to be couple with rollbackfirmwaresetup.
BUG=chrome-os-partner:2372
TEST=Tried emerge-x86-generic and emerge-arm-generic vboot_reference.
Change-Id: I0d3115b10b686133e63e304570325ebdbd50ae3a
Review URL: http://codereview.chromium.org/6696006
Change-Id: I976c11c82c3d665a4feb88226e919f16c2440f60
BUG=chrome-os-partner:1657
TEST=manual - see below
make && make runtests
Then test verifying a test image in both dev mode (-b1, no key specified) and recovery mode (key specified)
build/utility/load_kernel_test -b1 ~/b/USB_images/0.11.224.0-alex/chromiumos_test_image.bin
build/utility/load_kernel_test ~/b/USB_images/0.11.224.0-alex/chromiumos_test_image.bin tests/devkeys/recovery_key.vbpubk
And make sure the firmware with this change actually boots to USB and SSD.
NOTE: u-boot-next needs to change to work with this change. will attempt a follow-up CL with that change
Review URL: http://codereview.chromium.org/6626045
