Change-Id: I836796c45849c03172f2a4947f39302616d03f1b
BUG=none
TEST=manual - run on test platform, see alphabetized variables.
Review URL: http://codereview.chromium.org/6877054
Add the missing return statement to allow to tell between
different recovery reasons on legacy firmware.
Change-Id: I287e9d91dde040dd0edbe23422dc8914f81cc9f2
BUG=chromium-os:14295
TEST=manual
On a system with a chromeOS Flash USB drive plugged in:
- preserve currently running firmware
- corrupt both RW firmware sections
- restart the system (it comes up in recovery mode)
- login
- run `crossystem recovery_reason' and observe the result:
it used to print '66' before the fix, prints '3' after the fix.
- restore the firmware
Review URL: http://codereview.chromium.org/6879051
Developers may turn on developer switch, enter shell, and then try to run
make_dev_ssd without switching to developer firmware / dev root key.
And that would make the system showing "NO GOOD" or "INSERT" screen
after reboot.
For sanity check, we should check if firmware type is "developer" before running
make_dev_ssd.
BUG=none
TEST=(using normale firmware) make_dev_ssd # seeing the error messages
sudo chromeos-firmwareupdate --mode=todev; sudo reboot
(using developer firmware) make_dev_ssd # not seeing error
Change-Id: Id62959c91c39b0bbcca604c9e83fd087e3727b8b
R=rspangler@chromium.org
Review URL: http://codereview.chromium.org/6840047
Change the boot default option in partition 12 (ESP) when we want to disable
rootfs verification.
BUG=chromium-os:12424
TEST=./make_dev_ssd --remove_rootfs_verification --recovery_key -i USB_IMAGE
# the image is bootable by H2C and H2C BIOS(EFI).
# Not tried on non-EFI (syslinux) firmware, but it should work.
Change-Id: I7533bb73597041bbdc8cc57e4e8baaf6ca242309
R=wfrichar@chromium.org
Review URL: http://codereview.chromium.org/6813109
When we do perform firmware updates, we'd like to change the kernel subkey to ensure that new firmware and Chrome OS image stay in sync. This CL adds a scripts which makes it possible to do this revving in an automated manner.
The current versions rollback versions corresponding to the keyset are stored in key.versions. If we change the kernel subkey (to enforce firmware/Chrome OS lockstep), we must also update the firmware version. Similarly, since we modify the kernel subkey, we also generate a new set of kernel data keys. Thus, we also increment the kernel key version.
Change-Id: I364ab50bda115991dd4f69331d37291f66abbf36
BUG=chrome-os-partner:3274, chromium-os:8016
TEST=Manually tested using a newly generated keyset.
Review URL: http://codereview.chromium.org/6824059
Change-Id: I1c4240ebe5783ca923c310061e2a76947aa6601b
R=reinauer@chromium.org
BUG=chromium-os:14030
TEST=manual
On a Mario:
crossystem fwupdate_tries=3
crossystem fwupdate_tries # should be 3
cat /mnt/stateful_partition/.need_firmware_update # should be 3
crossystem fwupdate_tries=0
crossystem fwupdate_tries # should be 0
cat /mnt/stateful_partition/.need_firmware_update # should complain file doesn't exist
On a newer platform:
crossystem fwupdate_tries=3
crossystem fwupdate_tries # should be 3
cat /mnt/stateful_partition/.need_firmware_update # should complain file doesn't exist
crossystem fwupdate_tries=0
crossystem fwupdate_tries # should be 0
cat /mnt/stateful_partition/.need_firmware_update # should complain file doesn't exist
Review URL: http://codereview.chromium.org/6825047
There are lots of new and changed files here, but they're mostly localized
text strings and prerendered bitmaps of them.
There are a few that still need rendering by hand. These locales don't work
with ImageMagick:
ar el fa hi iw ja ko th vi zh-CN zh-TW
Change-Id: I1777f985460d46d5aedbb3fbc2fd3c159439c454
R=rspangler@chromium.org
BUG=chromium-os:13037
TEST=none
Review URL: http://codereview.chromium.org/6825032
Two things here: Use mktemp to create a unique and new temporary directory
to work in, and copy the published log file to a known path in a way that
can't be redirected with symlinks.
There are also a couple of minor tweaks to cleanup a little bit rot in the
information that the script provides.
BUG=chromium-os:8947
TEST=manual
Boot, wait 60 seconds, look for "/tmp/debug_vboot_noisy.log". It should
exist and contain useful and interesting data.
Change-Id: Iff9c5c86802ab7fcf3342e82ba128a1795dba16d
R=rspangler@chromium.org,wad@chromium.org,gauravsh@chromium.org
Review URL: http://codereview.chromium.org/6824018
Change-Id: Icf9abbff05f9b29664216079b5c008cb7906a4f6
BUG=chrome-os-partner:3229
TEST=manually on an image.
Review URL: http://codereview.chromium.org/6813047
Change-Id: I649b0d745316acc38b5a121dfd1c353c475ac44a
R=reinauer@chromium.org
BUG=chromium-os:13204
TEST=manual
crossystem # should not print vdat_lfdebug and vdat_lkdebug
crossystem --all # should print them
Review URL: http://codereview.chromium.org/6824020
This should be ready for the ARM team to pick up and work on. I added
a placeholder ARM implementation file, though it's not hooked up in
the Makefile yet.
As soon as you implement the VbNvStorage APIs, all the related
crossystem commands will start working. Ditto for VbSharedData.
The params which x86 gets from ACPI you'll need to get from u-boot
somehow, probably via your own kernel driver.
R=robotboy@chromium.org
BUG=chromium-os:12522
TEST=emerge-x86-alex vboot_reference, make sure it still works on x86
Review URL: http://codereview.chromium.org/6780008
Change-Id: I628ee56508421b937ed50db7cb9b8385408d2f5e
EntryWiped takes a byte value wipe_value of range [00:ff] as one of its
arguments that pack_firmware_image uses the value to "wipe" the entry.
R=yjlou@chromium.org
BUG=chrome-os-partner:3089
TEST=emerge-tegra2_seaboard chromeos-bios
Review URL: http://codereview.chromium.org/6799009
Change-Id: Ib2265caf5cfbd6d297465684e87f5a299cd4d043
Adding --recovery_key enables make_dev_ssd to process recovery images (including
USB bootable images).
R=gauravsh@chromium.org
BUG=chromium-os:12424
TEST=./make_dev_ssd.sh --remove_rootfs_verification --recovery_key -i /dev/sdd
# then use the USB to boot on a H2C device - success.
Review URL: http://codereview.chromium.org/6799007
Change-Id: Ie983f08ff8eba9472800b2f4097915ce380a0c50
This should let the signer catch errors where there are errors parsing verity output. And failing verification if rootfs hash verification is turned off for whatever reason.
Change-Id: I1e3f239a5b6afab31accdd8f0a737b8685530e8d
BUG=chrome-os-partner:3093, chrome-os-partner:3104
TEST=manually on a badly signed image (verification fails now)
Review URL: http://codereview.chromium.org/6720043
(This helps us do some instrumented fuzz testing with "bunny the fuzzer".)
Change-Id: I4d06129d577115b9dd5cd9bec2c2e1b526490456
BUG=chromium-os:13690
TEST="CC=/usr/local/google/bunny-0.93/bunny-gcc make -k" now builds vbutil_*, and regular gcc/make did not break.
STATUS=Fixed
Review URL: http://codereview.chromium.org/6783006
To make the output of kernel_config from make_dev_ssd more close to the original
images, we should eliminate the trailing newline/space.
BUG=chromium-os:13516
TEST=make_dev_ssd.sh # succcess
Change-Id: I17f030f8815dea22b04058456d98db6911888ef6
R=rspangler@chromium.org,clchiou@chromium.org
Review URL: http://codereview.chromium.org/6735009
The script to resign firmware (resign_firmwarefd.sh) has changed its syntax, due to the new "dev
firmware" design.
BUG=chromium-os:13375
TEST=./make_dev_firmware.sh
# seeing the "changed firmware to Developer Keys" message.
Change-Id: Id553f3ce1641f13e732bd5e208cb2fb00ca9c078
R=rspangler@chromium.org,gauravsh@chromium.org
Review URL: http://codereview.chromium.org/6727019
This reverts commit bc7a84d9a1.
It was a false alarm that --kloadaddr causes chromeos-install on a
x86 targets to fail. The error of chromeos-install cannot be
reproduced, and judging by the reported error message, the error
should not be attributed to --kloadaddr, which has no effect in x86
targets. So --kloadaddr is restored.
Verification process are below:
(Verify that --kloadaddr option is restored)
$ dump_kernel_config -h
Expected argument after options
dump_kernel_config - Prints the kernel command line
Usage: dump_kernel_config [--kloadaddr <ADDRESS>] <image/blockdevice>
(Setup a x86 target with kernel-next profile)
$ rm -rf /build/${X86_TARGET}
$ ./setup_board --board=${X86_TARGET} --profile=kernel-next
$ ./build_packages --board=${X86_TARGET}
$ ./build_image --board=${X86_TARGET}
(Run chromeos-install on target machine successfully)
$ /usr/sbin/chromeos-install
(Change directory to where image sits)
$ cd ~/trunk/src/build/images/${X86_TARGET}/latest
(Unpack Chromium OS image)
$ ./unpack_partitions.sh chromiumos_image.bin
(Verify that dump_kernel_config runs successfully)
$ dump_kernel_config part_2
console=tty2 init=/sbin/init add_efi_memmap boot=local noresume noswap
i915.modeset=1 cros_secure kern_guid=%U tpm_tis.force=1
tpm_tis.interrupts=0 nmi_watchdog=panic,lapic i8042.nomux=1
root=/dev/dm-0 quiet loglevel=1 rootwait ro dm_verity.error_behavior=3
dm_verity.max_bios=-1 dm_verity.dev_wait=1 dm="vroot none ro,0 1740800
verity %U+1 %U+1 1740800 1 sha1
c357e07395150770ce25ebc0e3c6d15941675c58"
(Run load_kernel_test)
$ load_kernel_test -b 2 chromiumos_image.bin
/usr/share/vboot/devkeys/recovery_key.vbpubk
Read 2088 bytes of key from /usr/share/vboot/devkeys/recovery_key.vbpubk
bootflags = 6
Reading from image: chromiumos_image.bin
Ending LBA: 3989538
Read(1, 1)
Read(2, 32)
Read(3989506, 32)
Read(3989538, 1)
Read(4096, 128)
Read(4224, 6472)
LoadKernel() returned 0
Partition number: 2
Bootloader address: 4345856
Bootloader size: 16384
Partition guid: b2a453b0-a64a-5c4d-a957-1388cea384a5
R=marcheu@chromium.org,sjg@chromium.org
BUG=none
TEST=see verification process above
Review URL: http://codereview.chromium.org/6685079
Change-Id: I932753197550b853495f2c03e8880ad71df765a7
A convenient value that firmware to identity the blank screen.
TEST=emerge-tegra2_seaboard vboot_reference-firmware successfully
BUG=chromium-os:1305
Change-Id: Ib38f0c5ba571e95c966ae58c81d22487e416e666
R=clchious@chromium.org
Review URL: http://codereview.chromium.org/6712029
R=petkov@chromium.org
BUG=chromium-os:13322
TEST=manual
The following command lines should cause crossystem to fail with a
warning about a poorly formed parameter:
crossystem ''
crossystem '=cros_debug'
crossystem '?cros_debug'
The following command line should warn that you can't use both = and ?:
crossystem cros_debug?=0
(that is, it warns, not just compares with '=0')
The following should print 'UNEQUAL'
crossystem cros_debug? || echo UNEQUAL
(because it's comparing cros_debug with an empty string)
Review URL: http://codereview.chromium.org/6718012
Change-Id: I2e2851515f4914b16aba64065600fb92d9ad1a63
Change-Id: I5ed3509a9d4e578cd2e98f493dab59bc2fbd5827
R=dlaurie@chromium.org
BUG=chrome-os-partner:2748
TEST=manual
crossystem fwb_tries=3
(reboot)
crossystem tried_fwb
(should print 1)
crossystem fwb_tries=0
(reboot)
crossystem tried_fwb
(should print 0)
In dev mode...
Boot a kernel signed with the same key as in the firmware
crossystem kernkey_vfy
(should print sig)
Boot a kernel signed with a different key than the firmware
crossystem kernkey_vfy
(should print hash)
Review URL: http://codereview.chromium.org/6711045
R=reinauer@chromium.org
BUG=chrome-os-partner:2578
TEST=manual
crossystem vdat_timers
should show 'LFS=0,0 LF=number1,number2 LK=number3,number4'
where number1 < number2 < number3 < number4
crossystem vdat_lfdebug
run from a dev mode console, should show
'check=12,0 index=0x00 tpmver=(hex number) lowestver=(hex number)'
crossystem vdat_flags
run from a dev mode console, flags should be 0x04.
Review URL: http://codereview.chromium.org/6685068
Change-Id: Id7b958ae300d10cdcdc1b17a1bb17b7e5069166f
Change-Id: I8d52765227fd3355431bebc77dfbe0106c889eca
BUG=chrome-os-partner:2748
TEST=compiles; will be porting to H2C next
Review URL: http://codereview.chromium.org/6672068
Firmware specification has several sections that are overlapped. This CL allows
limited overlapping that only "pure" fmap areas can be overlapped.
See also CL=6694022,6696016 for its application.
BUG=chrome-os-partner:2333
TEST=emerge vboot_reference && emerge-${ARM_BOARD} chromeos-bios
Review URL: http://codereview.chromium.org/6677040
Change-Id: I9ca34caec3665136b1babd08cd074cf733cf0d51
We need to also assign the target in dev_debug_vboot.
BUG=chromium-os:11339
TEST=flashrom -p internal:bus=lpc
dev_debug_vboot # still seeing success
Change-Id: I33cfed77dba5afb668f6d9036ecc077e3bcb19d0
R=wfrichar@chromium.org
Review URL: http://codereview.chromium.org/6698022