This adds the pthread library to the linker flags for the static
futility build, which allows it to build with recent GCC versions.
BUG=None
BRACH=None
TEST=Build futility and futility_s with a recent GCC version
Change-Id: I16d9b94b76d6e9586278cfdc0b99ae749160138a
Signed-off-by: Paul Kocialkowski <contact@paulk.fr>
Reviewed-on: https://chromium-review.googlesource.com/805374
Reviewed-by: Martin Roth <martinroth@chromium.org>
The region API was a way for firmware and kernel verification to get
at various blocks of caller-provided data. In practice, we only used
it internally as a way to get at parts of the GBB. Prune it down to
access only the bits of GBB we still need, from the buffer we already
know we have.
In the long run we should use the same vb2ex_read_resource() API that
vb2 firmware verification does, but that should be done in a follow-up
CL since it'll need to be coordinated with support in depthcharge.
No change in functionality.
BUG=chromium:611535
BRANCH=none
TEST=make -j runtests; build bob firmware and boot it
Change-Id: I5715cb8d88274164a1a73ed4a56bbd93af46f9bf
Signed-off-by: Randall Spangler <rspangler@chromium.org>
Reviewed-on: https://chromium-review.googlesource.com/852798
Commit-Ready: ChromeOS CL Exonerator Bot <chromiumos-cl-exonerator@appspot.gserviceaccount.com>
Reviewed-by: Stefan Reinauer <reinauer@chromium.org>
Vboot firmware previously supported a rather complex audio looping
library. Our original intent was to allow developers to flash a
custom beep sequence / tune as an easter egg. We never fully
supported that, but the code to allow it lived on. Get rid of that.
Vboot also previously made no assumptions about the frequency of
VbExGetTimer(), which was only used by the vboot_audio library. So it
spent 10ms every boot measuring the frequency. Which is silly now,
because depthcharge implements that as a microsecond timer. Get rid
of that measurement and define the timer as a microsecond timer.
BUG=chromium:611535
BRANCH=none
TEST=make -j runtests; build bob firmware and boot it
Change-Id: I350246874fb36b00149423696285cfcaca0fc526
Signed-off-by: Randall Spangler <rspangler@chromium.org>
Reviewed-on: https://chromium-review.googlesource.com/847311
Reviewed-by: Shelley Chen <shchen@chromium.org>
introduce get_gbb_flags.sh command to make automatic annotation
of power measurements easier.
Also, fix issue where declaring local variables on same line
as executing a command would obfuscate error code, thus not
triggering set -c and continuing execution.
https://github.com/koalaman/shellcheck/wiki/SC2155
Usage:
$ /usr/share/vboot/bin/get_gbb_flags.sh
[...]
ChromeOS GBB set flags: 0x00000329.
$ /usr/share/vboot/bin/get_gbb_flags.sh -e
[...]
ChromeOS GBB set flags: 0x00000329.
ChromeOS GBB set flags listed:
GBB_FLAG_DEV_SCREEN_SHORT_DELAY
GBB_FLAG_FORCE_DEV_SWITCH_ON
GBB_FLAG_DISABLE_FW_ROLLBACK_CHECK
GBB_FLAG_FAFT_KEY_OVERIDE
GBB_FLAG_DISABLE_EC_SOFTWARE_SYNC
BUG=chromium:760267
BRANCH=none
TEST=manual
emerge-soraka vboot_reference
cros deploy <IP> vboot_reference
(on DUT)
/usr/share/vboot/bin/get_gbb_flags.sh -e
<same output as above>
Change-Id: Idb3b993706c03e7f2831eed2cef12a04b9469fea
Initial unit tests for detachable menu UI. With these tests, the
coverage is at 81.2% for lines for code and 87.5% for function
coverage. I will improve this to closer to 100%, but wanted to get
this in as it's still significantly better than before, which was 0%.
There are still a lot of tests in the code that are #if 0'd out
currently. I still need to go through an enabled/delete those.
BUG=b:65025540
BRANCH=None
TEST=run COV=1 make and make sure passes without errors
Change-Id: If17bfc24fb7f65deb3d2286cc39cdc311d8a6d93
Signed-off-by: Shelley Chen <shchen@chromium.org>
Reviewed-on: https://chromium-review.googlesource.com/830680
Reviewed-by: Randall Spangler <rspangler@chromium.org>
This removes utillib from the futility build and adds only the required
files from utillib to its build. Utillib includes arch-specific
components (required for crossystem) that only have a limited number of
supported architectures, which is undesirable for futility.
The number of archs that futility can run on is no longer restricted.
BUG=None
BRACH=None
TEST=Build futility and futility_s
Change-Id: Ia9ad2a72b374b5cc3d6004d36c0b7090dbcc97a2
Signed-off-by: Paul Kocialkowski <contact@paulk.fr>
Reviewed-on: https://chromium-review.googlesource.com/666625
Reviewed-by: Julius Werner <jwerner@chromium.org>
Reviewed-by: Patrick Georgi <pgeorgi@chromium.org>
This handles the aarch64 machine returned by uname as arm to allow
crossystem to build.
BUG=None
BRACH=None
TEST=Build futility and futility_s on ARMv8
Change-Id: I1d847568a36f47d084e7572b28e2603b9b6ec673
Signed-off-by: Paul Kocialkowski <contact@paulk.fr>
Reviewed-on: https://chromium-review.googlesource.com/785911
Reviewed-by: Julius Werner <jwerner@chromium.org>
Remove the old vboot1 vboot_nvstorage library (VbNv*() functions) and
use the vboot2 library (vb2_nv_*()) instead. This is needed in
preparation for moving to 64-byte records; no sense in implementing
that change twice...
Should be (better be) no change in system behavior.
BUG=chromium:789276
BRANCH=none
TEST=make runtests
compare output of crossystem before/after change (should be identical)
Change-Id: I10f9975b0824263064b9a74a3c6daadcecc085d3
Signed-off-by: Randall Spangler <rspangler@chromium.org>
Reviewed-on: https://chromium-review.googlesource.com/794732
The auto update process (especially firmware updater) needs static vboot
utilitys but normal OS images, including recovery images, don't need
that. We should build both dynamic and static binaries at the same time
for images to choose what they need.
Currently only `crossystem` will build static version. And after this
change is merged:
(cd /build/reef/usr/bin; file crossystem*)
crossystem: ELF 64-bit LSB shared object
crossystem_s: ELF 64-bit LSB executable
(cd /build/reef/usr/bin; du -sh crossystem*)
40K crossystem
808K crossystem_s
BUG=chromium:764753,chromium:765499
TEST=emerge-reef vboot_reference
BRANCH=None
Change-Id: Ibd66c87bb44c5593767aeb710240e0165103f016
Reviewed-on: https://chromium-review.googlesource.com/668274
Commit-Ready: Hung-Te Lin <hungte@chromium.org>
Tested-by: Hung-Te Lin <hungte@chromium.org>
Reviewed-by: Mike Frysinger <vapier@chromium.org>
This calls gen_test_cases.sh in the proper environment.
Also, prevent gen_test_cases.sh from overriding test_file, to
provide stable signature (and avoid large git diff for no reason).
BRANCH=none
BUG=chromium:684354
TEST=make gentestcases -j8; git diff => no changes
Change-Id: I556285fd1a07a4d84f4ebd3fd7881ae06743716e
Reviewed-on: https://chromium-review.googlesource.com/439064
Commit-Ready: Nicolas Boichat <drinkcat@chromium.org>
Tested-by: Nicolas Boichat <drinkcat@chromium.org>
Reviewed-by: Randall Spangler <rspangler@chromium.org>
Adding in basic menu support (using arrow keys)
for detachables, which do not have keyboards. Thus,
we can only do menu scrolling rather than the old
ctrl+D/U/L way. This is specifically for the developer
warning menu.
BUG=chrome-os-partner:61275
BRANCH=None
TEST=reboot system and try scrolling through menu
Change-Id: I39f56f5ca2fedd47df53ab246ec357d07c9c4af0
Signed-off-by: Shelley Chen <shchen@chromium.org>
Reviewed-on: https://chromium-review.googlesource.com/424353
Reviewed-by: Randall Spangler <rspangler@chromium.org>
If FOR_TEST is defined, 2common.h defines VB2_DEBUG() to be printf();
it should include stdio.h as well.
The HOSTLIB extern linktest links against the vboot1 stub functions,
but not the vboot2 stub functions, so it couldn't find vb2ex_printf().
BUG=chromium:682058
BRANCH=none
TEST=DEBUG=1 make runtests; DEBUG=1 emerge-reef vboot_reference depthcharge
Change-Id: Ibf981a70ca4087ce3d86b02d76e03063b2cfc9e5
Signed-off-by: Randall Spangler <rspangler@chromium.org>
Reviewed-on: https://chromium-review.googlesource.com/429310
Commit-Ready: Shelley Chen <shchen@chromium.org>
Reviewed-by: Shelley Chen <shchen@chromium.org>
This moves the UI loops out of vboot_api_kernel.c into vboot_ui.c, so
that it'll be easier to support different UIs for different form factors.
BUG=chromium:611535
BRANCH=none
TEST=make runtests; build_packages --board=reef chromeos-firmware; boot reef
Change-Id: I451b15f65aceb427ffdd94b19f44e91ebc10a860
Signed-off-by: Randall Spangler <rspangler@chromium.org>
Reviewed-on: https://chromium-review.googlesource.com/414289
Reviewed-by: Patrick Georgi <pgeorgi@chromium.org>
Reviewed-by: Shelley Chen <shchen@chromium.org>
Previously, the EC software sync process called VbDisplayScreen() from
several function calls deep. Refactor software sync so that the UI
decisions are at a higher level (in ec_sync_all.c) and isolated from
the low-level EC software sync functionality (in ec_sync.c).
This is one in a series of changes which are more clearly separating
out the UI, to make it easier to support multiple UI across a range of
devices.
BUG=chromium:611535
BRANCH=none
TEST=make runtests; build_packages --board=reef chromeos-firmware; boot reef
Change-Id: I40597abeb5b0cc8f5d8fc2098e4acbed4bf59bf6
Signed-off-by: Randall Spangler <rspangler@chromium.org>
Reviewed-on: https://chromium-review.googlesource.com/411921
Reviewed-by: Shelley Chen <shchen@chromium.org>
This was previously done inside vboot_api_kernel. But it has nothing to
do with kernel verification; that's just the only place where we could
easily put it given that vboot (currently) owns the firmware UI.
No outwardly-visible functionality changes.
BUG=chromium:611535
BRANCH=none
TEST=make runtests; emerge-kevin coreboot depthcharge
Change-Id: I8a434eb4449a5a86b129ecac61ad81d0ad55549c
Signed-off-by: Randall Spangler <rspangler@chromium.org>
Reviewed-on: https://chromium-review.googlesource.com/404920
This functionality allows factory to ensure that the recovery MRC cache
trained during finalization has the right signature and the checksum on
the data can be verified.
BUG=chrome-os-partner:59661
BRANCH=None
TEST=Verified checksum on recovery mrc cache.
Change-Id: Ic5bd9910b4542037ad86f6fb7a7d83b97be5c792
Signed-off-by: Furquan Shaikh <furquan@chromium.org>
Reviewed-on: https://chromium-review.googlesource.com/409680
Reviewed-by: Aaron Durbin <adurbin@chromium.org>
Reviewed-by: Randall Spangler <rspangler@chromium.org>
Originally, vboot1 code used VbExMalloc() and VbExFree() since it needed
to talk to EFI firmware that didn't have standard malloc() and free().
Now, coreboot and depthcharge implement them as wrappers around those
standard calls. vboot2 code already calls them directly, so let vboot1
code do that too.
BUG=chromium:611535
BRANCH=none
TEST=make runtests; emerge-kevin coreboot depthcharge
Change-Id: I49ad0e32e38d278dc3589bfaf494bcf0e4b0a4bd
Signed-off-by: Randall Spangler <rspangler@chromium.org>
Reviewed-on: https://chromium-review.googlesource.com/400905
Now that the vboot1 cryptolib code is gone, nothing uses stateful_util.
Remove it and its unit tests.
BUG=chromium:611535
BRANCH=none
TEST=make runtests; emerge-kevin coreboot depthcharge
Change-Id: I75b6014be00c5266545db10e87c1d9485fd1444b
Signed-off-by: Randall Spangler <rspangler@chromium.org>
Reviewed-on: https://chromium-review.googlesource.com/400904
Reviewed-by: Daisuke Nojiri <dnojiri@chromium.org>
The old vboot1 cryptolib hard-coded many of its padding arrays in a
padding.c file. Use the equivalent vboot2 apis instead.
This change is almost exclusively on the host and test side; the only
firmware impact is on a single line of debug output.
BUG=chromium:611535
BRANCH=none
TEST=make runtests; emerge-kevin coreboot depthcharge
Change-Id: If689ffd92f0255847bea2424950da4547b2c0df3
Signed-off-by: Randall Spangler <rspangler@chromium.org>
Reviewed-on: https://chromium-review.googlesource.com/400902
Reviewed-by: Daisuke Nojiri <dnojiri@chromium.org>
Another in a continued stream of refactoring. This change removes more
of the vb1 rsa library code and associated tests, in favor of their vb2
equivalents. This change touches only host-side code and its tests, not
firmware.
BUG=chromium:611535
BRANCH=none
TEST=make runtests; emerge-kevin coreboot depthcharge
Change-Id: I1973bc2f03c60da62232e30bab0fa5fe791b6b34
Signed-off-by: Randall Spangler <rspangler@chromium.org>
Reviewed-on: https://chromium-review.googlesource.com/400901
No need to have two implementations of this now.
BUG=chromium:611535
BRANCH=none
TEST=make runtests; emerge-kevin coreboot depthcharge
Change-Id: I18bac928eb09971c37f3e1d7cbfd2009999b1f31
Signed-off-by: Randall Spangler <rspangler@chromium.org>
Reviewed-on: https://chromium-review.googlesource.com/400899
Reviewed-by: Daisuke Nojiri <dnojiri@chromium.org>
No need to have two implementations of this now.
BUG=chromium:611535
BRANCH=none
TEST=make runtests; emerge-kevin coreboot depthcharge
Change-Id: Id3348eae80c5d85451981a44729164ff59f88648
Signed-off-by: Randall Spangler <rspangler@chromium.org>
Reviewed-on: https://chromium-review.googlesource.com/399121
Reviewed-by: Daisuke Nojiri <dnojiri@chromium.org>
Originally, we didn't trust the firmware to provide these functions from
a standard library. Now, with coreboot, we do.
BUG=chromium:611535
BRANCH=none
TEST=make runtests; emerge-kevin coreboot depthcharge
Change-Id: I4e624c40085f2b665275a38624340b2f6aabcf11
Signed-off-by: Randall Spangler <rspangler@chromium.org>
Reviewed-on: https://chromium-review.googlesource.com/399120
Reviewed-by: Daisuke Nojiri <dnojiri@chromium.org>
This patch makes futility show command support boot block descriptor (BDB)
of the common boot flow.
BUG=chromium:649554
BRANCH=none
TEST=make runtests. Ran futility show bdb.bin.
Change-Id: I5f199a32ab1c268351e822e37ed39e41ae19bc7a
Signed-off-by: Daisuke Nojiri <dnojiri@chromium.org>
Reviewed-on: https://chromium-review.googlesource.com/388631
Reviewed-by: Randall Spangler <rspangler@chromium.org>
'resign' sub-command signs a BDB using keys provided. It can resign only
the data key, the hashes, or both. Required keys vary depending on what
part of BDB is invalid and on what public key is specified in the command
line. It then detects what key is needed based on
the verification result and fails if the required key is not provided.
BUG=chromium:649554
BRANCH=none
TEST=make runtests. Ran futility bdb --create, --add, --resign, --verify
Change-Id: I589a5972f1d7e5066eb56e1c5efb4ee7089d41cd
Signed-off-by: Daisuke Nojiri <dnojiri@chromium.org>
Reviewed-on: https://chromium-review.googlesource.com/387118
Reviewed-by: Randall Spangler <rspangler@chromium.org>
futility bdb --add appends a new hash entry to the given BDB.
The resulting BDB does not have a valid signature and is expected to
be resigned by 'resign' sub-command after all hashes are added.
BUG=chromium:649554
BRANCH=none
TEST=make runtest. Ran futility bdb --add, then --resign, then --verify
(to be implemented)
Change-Id: Icdf185f8ac268a23bb3954f5e78df6f80e749e18
Signed-off-by: Daisuke Nojiri <dnojiri@chromium.org>
Reviewed-on: https://chromium-review.googlesource.com/387117
Reviewed-by: Randall Spangler <rspangler@chromium.org>
bdb command manipulates BDBs. '--create' sub-command creates a BDB.
Other sub-commands will follow in the successive patches.
BUG=chromium:649554
BRANCH=none
TEST=make runtests. Ran futility bdb --create using test keys and verify
it with bdb --verify (to be implemented).
Change-Id: Ib0a6165ac93efc7478b9d999d3c837d47cf81ddd
Reviewed-on: https://chromium-review.googlesource.com/386794
Commit-Ready: Daisuke Nojiri <dnojiri@chromium.org>
Tested-by: Daisuke Nojiri <dnojiri@chromium.org>
Reviewed-by: Randall Spangler <rspangler@chromium.org>
bdb_extend prints out secrets derived from the given BDS based on
the given BDB.
BUG=chromium:649555
BRANCH=none
TEST=make runtests. Ran bdb_extend -s bds.bin -b bdb.bin (with/without -m)
Change-Id: I8d9f73468992dad4cb93a422c0eae0977be9a16f
Signed-off-by: Daisuke Nojiri <dnojiri@chromium.org>
Reviewed-on: https://chromium-review.googlesource.com/385539
Defining these symbols weakly causes the output executable to hit
segmentation fault because ld chooses *UND* symbols over the definition
when they appear in *.a archive:
$ objdump -t build/libvboot_utilbdb.a
bdb.o:
0000000000000000 w *UND* 0000000000000000 bdb_rsa4096_verify
...
rsa.o
000000000000061f w F .text 0000000000000111 bdb_rsa4096_verify
...
This happens regardless whether the symbol is referenced or not;
or whether the object defining the symbol appears earlier than the
reference or not.
BUG=none
BRANCH=none
TEST=make runtests
Change-Id: Ib53a9010f2afdc2ba59369fb145aef4381db30d3
Signed-off-by: Daisuke Nojiri <dnojiri@chromium.org>
Reviewed-on: https://chromium-review.googlesource.com/387905
Reviewed-by: Randall Spangler <rspangler@chromium.org>
An earlier commit had added this:
ifeq (${TPM2_MODE},)
# TODO(apronin): tests for TPM2 case?
TEST_NAMES += \
tests/tlcl_tests \
tests/rollback_index2_tests
endif
but left this:
.PHONY: runmisctests
runmisctests: test_setup
${RUNTEST} ${BUILD_RUN}/tests/rollback_index2_tests
[...]
${RUNTEST} ${BUILD_RUN}/tests/tlcl_tests
So if TPM2_MODE is not null, those two test targets won't be
built. This CL puts those two into the same guard, so that
they won't be attempted if they're not built.
BUG=chrome-os-partner:57727
BRANCH=all
TEST=manual
Before, this fails:
FEATURES=test emerge-reef vboot_reference
Now, it passes.
Change-Id: Ic00f9f867d3d9c719d797907f00fda8bc5044504
Signed-off-by: Bill Richardson <wfrichar@chromium.org>
Reviewed-on: https://chromium-review.googlesource.com/388711
Reviewed-by: Aseda Aboagye <aaboagye@chromium.org>
Reviewed-by: Randall Spangler <rspangler@chromium.org>
Reviewed-by: Andrey Pronin <apronin@chromium.org>
Reviewed-by: Vadim Bendebury <vbendeb@chromium.org>
Some of the vboot 2.0 and 2.1 functions call common code that currently
lives inside the vb2.1 host library. To be able to use vboot 2.0 code
in futility, we always need to include the 2.1 sources.
BUG=chromium:611535
BRANCH=none
TEST=make runtests
Change-Id: Ib01622fa462d0bceda1e6041b5e3395ee7c2f94f
Signed-off-by: Randall Spangler <rspangler@chromium.org>
Reviewed-on: https://chromium-review.googlesource.com/356127
Reviewed-by: Daisuke Nojiri <dnojiri@chromium.org>
This replaces all calls to vboot1 VerifyFirmwarePreamble() with
equivalent vb2.0 functions. No effect on ToT firmware, which already
uses the vboot2.0 functions.
BUG=chromium:611535
BRANCH=none
TEST=make runtests
Change-Id: I5c84e9ed0e0c75e2ea8dbd9bfcde0597bc457f24
Signed-off-by: Randall Spangler <rspangler@chromium.org>
Reviewed-on: https://chromium-review.googlesource.com/349322
Reviewed-by: Daisuke Nojiri <dnojiri@chromium.org>
And nuke all the underlying code that is unused once those APIs are
gone. These APIs are not used by any project in ToT, having been
superseded last year by the vboot2 APIs.
No functional changes to live code, just lots of deletes.
CQ-DEPEND=CL:347414
BUG=chromium:611535
BRANCH=none
TEST=make runtests; build samus
Change-Id: I05ac752d74d1343dd03600b1c5e6ed22822e2802
Signed-off-by: Randall Spangler <rspangler@chromium.org>
Reviewed-on: https://chromium-review.googlesource.com/347257
I see warnings like this when building with USE=minimal (the default):
Package yaml-0.1 was not found in the pkg-config search path.
Perhaps you should add the directory containing `yaml-0.1.pc'
to the PKG_CONFIG_PATH environment variable
No package 'yaml-0.1' found
That's because we don't have a yaml dependency for the USE=minimal
build, yet we still unconditionally call `pkg-config --libs yaml-0.1`.
Let's move the pkg-config calls into 'ifeq' block where they're actually
used.
BRANCH=none
BUG=none
TEST=`emerge-${BOARD} vboot_reference` both with and without USE=minimal
Change-Id: I96a59848ee970abacbe4cc3c56bb35c7cf552f63
Signed-off-by: Brian Norris <briannorris@chromium.org>
Reviewed-on: https://chromium-review.googlesource.com/362620
Reviewed-by: Randall Spangler <rspangler@chromium.org>
This change replaces all calls to the old vboot1 SHA library with their
vboot2 equivalents.
This is the first in a long series of changes to move the core vboot kernel
verification into vb2, and the control/display loop out to depthcharge.
BUG=chromium:611535
BRANCH=none
TEST=make runtests; build samus firmware and boot it
Change-Id: I31986eb766176c0e39a192c5ce15730471c3cf94
Signed-off-by: Randall Spangler <rspangler@chromium.org>
Reviewed-on: https://chromium-review.googlesource.com/344342
Tested-by: Daisuke Nojiri <dnojiri@chromium.org>
Reviewed-by: Daisuke Nojiri <dnojiri@chromium.org>
This allows properly detecting an armv7l host architecture and setting
the right ARCH value so that e.g. crossystem can build fine.
BRANCH=none
BUG=none
TEST=Build host_stuff on an armv7l machine
Change-Id: I6a6ac74477eff41e73eca671d9dac229888c4e77
Signed-off-by: Paul Kocialkowski <contact@paulk.fr>
Reviewed-on: https://chromium-review.googlesource.com/360160
Reviewed-by: Randall Spangler <rspangler@chromium.org>
Reviewed-by: Julius Werner <jwerner@chromium.org>
Build a special version of TPM Lightweight Command Library in
libvboot_host for TPM2. Create the framework for implementation, stub
functions for now. libvboot_host is used by tpmc and other user-space
utilities that talk directly to tpm bypassing trunks/trousers.
BRANCH=none
BUG=chrome-os-partner:54981
BUG=chrome-os-partner:55210
TEST=Boot on kevin, verify that 'tpmc read' works.
Change-Id: I4cc41028041193041defc319687697eb9edb1f3e
Reviewed-on: https://chromium-review.googlesource.com/358623
Commit-Ready: Andrey Pronin <apronin@chromium.org>
Tested-by: Stephen Barber <smbarber@chromium.org>
Tested-by: Andrey Pronin <apronin@chromium.org>
Reviewed-by: Stephen Barber <smbarber@chromium.org>
TPM2 will have to use a different tlcl layer, the configuration option
will be provided by depthcharge at build time.
BRANCH=none
BUG=chrome-os-partner:50645
TEST=with the rest of the patches applied kevin/gru boards boot into
chrome OS with rollback counters read from/written to TPM2
Change-Id: I0694741f5317da2c3268ee9edfdf29caff2fc26c
Signed-off-by: Vadim Bendebury <vbendeb@chromium.org>
Reviewed-on: https://chromium-review.googlesource.com/356750
Reviewed-by: Randall Spangler <rspangler@chromium.org>
The secrets library clears, extends, and derives secrets which are used
by vboot SoC.
BUG=chrome-os-partner:51907
BRANCH=tot
TEST=make runtests
Change-Id: I38c93fd450364792cebc942694f848e10d0e9502
Signed-off-by: Daisuke Nojiri <dnojiri@chromium.org>
Reviewed-on: https://chromium-review.googlesource.com/349252
Reviewed-by: Randall Spangler <rspangler@chromium.org>
This patch adds HMAC. HMAC will be used to sign/verify NVM structures.
Hash algorithms can be selected from those supported
by enum vb2_hash_algorithm (i.e. SHA1, SHA256, or SHA512).
BUG=chrome-os-partner:51907
BRANCH=tot
TEST=make runtests
Change-Id: I6d349bc807874fe2a5512aabcd7fbf67a4eaa40a
Signed-off-by: Daisuke Nojiri <dnojiri@chromium.org>
Reviewed-on: https://chromium-review.googlesource.com/342880
Reviewed-by: Randall Spangler <rspangler@chromium.org>
vba_bdb_init initializes the vboot context and decides what to do next
based on the vboot register content. Possible actions are:
1. proceed to verify the current slot
2. reset to try the other slot
3. reset to recovery mode
bdb_sprw_test demonstrates these actions.
BUG=chrome-os-partner:51907
BRANCH=tot
TEST=make runtests
Change-Id: If72cdd575d09b9162a871f088064ca853b7fd74d
Signed-off-by: Daisuke Nojiri <dnojiri@chromium.org>
Reviewed-on: https://chromium-review.googlesource.com/342604
Reviewed-by: Randall Spangler <rspangler@chromium.org>
