| 782300d093a2fbf2ca24e446fb6d65f9f28e56a6 |
|
23-Sep-2014 |
Randall Spangler <rspangler@chromium.org> |
vboot2: Add previously tried slot and result to NV storage
This gives recovery mode information on two boots back instead of one,
which may be handy for debugging.
It also allows determining whether a failure of the current boot
should try the other slot or go to recovery, using only information
stored in NV storage.
Added crossystem support for printing the fields, and unit tests.
BUG=chrome-os-partner:32585
BRANCH=none
TEST=make runtests; VBOOT2=1 make runtests
Change-Id: Ia9f4186210d30217b902db7c513ae4ab8851f8f4
Signed-off-by: Randall Spangler <rspangler@chromium.org>
Reviewed-on: https://chromium-review.googlesource.com/221230
Reviewed-by: Daisuke Nojiri <dnojiri@chromium.org>
/external/vboot_reference/tests/vboot_nvstorage_test.c
|
| 9e1da784487fb8cfbe4e76693e07205b66675bda |
|
25-Jun-2014 |
Randall Spangler <rspangler@chromium.org> |
Add nvstorage / crossystem support for new vboot2 fields
This allows testing vboot2. These fields are ignored by original
vboot firmware.
BUG=chromium:370082
BRANCH=none
TEST=manual
crossystem -> fw_tried=A, fw_result=unknown, fw_try_next=A
crossystem fw_tried=B
echo $? -> 1
crossystem -> fw_tried=A, fw_result=unknown, fw_try_next=A
crossystem fw_try_next=B
crossystem -> fw_tried=A, fw_result=unknown, fw_try_next=B
crossystem fw_try_next=beats_me
echo $? -> 1
crossystem -> fw_tried=A, fw_result=unknown, fw_try_next=B
crossystem fw_try_next=A
crossystem -> fw_tried=A, fw_result=unknown, fw_try_next=A
crossystem fw_result=trying
crossystem -> fw_tried=A, fw_result=trying, fw_try_next=A
crossystem fw_result=bupkis
echo $? -> 1
crossystem -> fw_tried=A, fw_result=trying, fw_try_next=A
crossystem fw_result=success
crossystem -> fw_tried=A, fw_result=success, fw_try_next=A
crossystem fw_result=failure
crossystem -> fw_tried=A, fw_result=failure, fw_try_next=A
crossystem fw_result=unknown
crossystem -> fw_tried=A, fw_result=unknown, fw_try_next=A
crossystem -> fw_try_count = 0, fwb_tries = 0
crossystem fw_try_count=6
crossystem -> fw_try_count = 6, fwb_tries = 6
crossystem fwb_tries=0
crossystem -> fw_try_count = 0, fwb_tries = 0
Change-Id: I1532f3384f8c05de2a7ff3f35abcc35d18049491
Signed-off-by: Randall Spangler <rspangler@chromium.org>
Reviewed-on: https://chromium-review.googlesource.com/205475
/external/vboot_reference/tests/vboot_nvstorage_test.c
|
| 2500185a83b453580f187087fffc6376f19f8ff0 |
|
16-Aug-2013 |
Simon Glass <sjg@chromium.org> |
Add memory leak checking
Add checks that the vboot library does not leak memory. This works by
tracking VbExMalloc() calls and making sure that they have an associated
VbExFree().
Adjust host_signature to use VbExFree() instead of free(), so that this
scheme works correctly for existing code.
BUG=chrome-os-partner:21115
BRANCH=pit
TEST=FEATURES=test emerge-peach_pit vboot_reference
Change-Id: I6ccccfbcc162fc43fb75862cd0eddad78ce8b18a
Signed-off-by: Simon Glass <sjg@chromium.org>
Reviewed-on: https://chromium-review.googlesource.com/66175
/external/vboot_reference/tests/vboot_nvstorage_test.c
|
| 0c3ba249abb1dc60f5ebabccf84ff13206440b83 |
|
29-Mar-2013 |
Bill Richardson <wfrichar@chromium.org> |
Massive refactoring of external header files.
This reduces the number of exported header files to the minimum needed by
the existing userspace utilities and firmware implementations.
BUG=chromium:221544
BRANCH=none
TEST=manual, trybots
CQ-DEPEND=CL:47019,CL:47022,CL:47023
sudo FEATURES=test emerge vboot_reference
FEATURES=test emerge-$BOARD \
vboot_reference \
chromeos-cryptohome \
chromeos-installer \
chromeos-u-boot \
peach-u-boot \
depthcharge
Change-Id: I2946cc2dbaf5459a6c5eca92ca57d546498e6d85
Signed-off-by: Bill Richardson <wfrichar@chromium.org>
Reviewed-on: https://gerrit.chromium.org/gerrit/47021
Reviewed-by: Randall Spangler <rspangler@chromium.org>
/external/vboot_reference/tests/vboot_nvstorage_test.c
|
| ac8805e7e9bd40c03baf44e37b26f28d9b763ab5 |
|
16-Mar-2013 |
Gabe Black <gabeblack@chromium.org> |
Get rid of some crufty macros.
These were macros that were never used, or that were only set to one thing and
could be substituted up front.
I left in code guarded by the HAVE_ENDIAN_H and HAVE_LITTLE_ENDIAN macros even
though those are never defined because they guard a reportedly significantly
faster implementation of some functionality, at least according to a comment
in the source. It would be a good idea to enable that code path and see if it
really does make a big difference before removing it entirely.
BUG=None
TEST=Built for Link, Daisy, and the host with FEATURES=test. Built depthcharge
for Link and booted in normal mode.
BRANCH=None
Change-Id: I934a4dd0da169ac018ba07350d56924ab88b1acc
Signed-off-by: Gabe Black <gabeblack@google.com>
Reviewed-on: https://gerrit.chromium.org/gerrit/45687
Reviewed-by: Randall Spangler <rspangler@chromium.org>
Commit-Queue: Gabe Black <gabeblack@chromium.org>
Tested-by: Gabe Black <gabeblack@chromium.org>
/external/vboot_reference/tests/vboot_nvstorage_test.c
|
| 6dbf9d9160b2927d76017d0f51919e0880f9b2cc |
|
23-Jan-2013 |
Randall Spangler <rspangler@chromium.org> |
Improve coverage of vbnvstorage test
BUG=chromium-os:38139
BRANCH=none
TEST=make runtests
Change-Id: I93aabedb99fdeba01954a4b59e3e089b4087380c
Signed-off-by: Randall Spangler <rspangler@chromium.org>
Reviewed-on: https://gerrit.chromium.org/gerrit/41850
Reviewed-by: Bill Richardson <wfrichar@chromium.org>
/external/vboot_reference/tests/vboot_nvstorage_test.c
|
| a2326ee152ab5b8aee924ccf794cee38d54909bd |
|
24-Aug-2012 |
Stefan Reinauer <reinauer@chromium.org> |
Add CTRL-L in dev screen to support a "legacy boot option"
This option is disabled per default and can be enabled with
crossystem dev_boot_legacy=1
or by setting the GBB flag
GBB_FLAG_FORCE_DEV_BOOT_LEGACY 0x00000080
BUG=chrome-os-partner:6108
TEST=crossystem dev_boot_legacy=1
boot to dev mode screen, press CTRL-L, see SeaBIOS start
(other CLs needed)
BRANCH=link
Signed-off-by: Stefan Reinauer <reinauer@chromium.org>
Change-Id: I593d2be7cff5ca07b8d08012c4514a172bd75a38
Reviewed-on: https://gerrit.chromium.org/gerrit/31265
Reviewed-by: Stefan Reinauer <reinauer@chromium.org>
Tested-by: Stefan Reinauer <reinauer@chromium.org>
Reviewed-by: Randall Spangler <rspangler@chromium.org>
Commit-Ready: Stefan Reinauer <reinauer@chromium.org>
/external/vboot_reference/tests/vboot_nvstorage_test.c
|
| 29e8807ea045e119e3adeaec40c5f8421901b6fb |
|
19-Jun-2012 |
Randall Spangler <rspangler@chromium.org> |
Add clear TPM owner request
This adds two new flags to crossystem:
clear_tpm_owner_request
clear_tpm_owner_done
The first one requests that the firmware clear the TPM owner on the
next boot. When the firmware does this, it will set
clear_tpm_owner_request=0, and set clear_tpm_owner_done=1. The OS can
use the done-flag as a hint that trusted things guarded by the TPM are
no longer trustable.
BUG=chromium-os:31974
TEST=manual
crossystem
// both flags initially 0
crossystem clear_tpm_owner_request=1
crossystem clear_tpm_owner_done=1
// request=1, done=0; done can be cleared but not set by crossystem
reboot
tpmc getownership
// owned=no
crossystem
// request=0, done=1
crossystem clear_tpm_owner_done=0
crossystem
// both flags 0 again
Signed-off-by: Randall Spangler <rspangler@chromium.org>
Change-Id: I49f83f3c39c3efc3945116c51a241d255c2e42cd
Reviewed-on: https://gerrit.chromium.org/gerrit/25646
/external/vboot_reference/tests/vboot_nvstorage_test.c
|
| c0e3742996a84d3c503cfa002b09a0831bcb2c32 |
|
08-Jun-2012 |
Randall Spangler <rspangler@chromium.org> |
Remove unused test fields from VbNvStorage
Confirmed via codesearch that these fields are not used outside of
vboot_reference itself, and the only use inside vboot_reference is one
test which checked that the test error generation itself worked.
BUG=chromium-os:31668
TEST=make && make runtests
Signed-off-by: Randall Spangler <rspangler@chromium.org>
Change-Id: Ic393e126ca2853f7aaff19ffd6fcdbdb1c47689f
Reviewed-on: https://gerrit.chromium.org/gerrit/24895
Reviewed-by: Simon Glass <sjg@chromium.org>
/external/vboot_reference/tests/vboot_nvstorage_test.c
|
| 7272a6951107251a5c9b26330c506319a92a54b3 |
|
17-Nov-2011 |
Bill Richardson <wfrichar@chromium.org> |
Dev-mode allows booting self-signed kernels by default.
When you enter dev-mode,
Pressing Ctrl-U to boot from USB is DISABLED.
Booting any self-signed kernel from the SSD is ENABLED.
This replaces the "crossystem dev_boot_custom" argument with
"crossystem dev_boot_signed_only", which has the opposite polarity.
So if you want to dev-mode to only boot official kernels, you have to
explictly set it that way. If you leave dev-mode and then come back,
it will go back to the conditions shown above.
BUG=chrome-os-partner:5954
TEST=manual
Just run the factory flow. It was broken; this should fix it (except for any
workarounds that were added while it was broken; those may need to be
reverted).
Change-Id: I13e0edbc0e77c5d6ea609dabf771085006cd1805
Reviewed-on: https://gerrit.chromium.org/gerrit/11853
Reviewed-by: Hung-Te Lin <hungte@chromium.org>
Tested-by: Hung-Te Lin <hungte@chromium.org>
Reviewed-by: Stefan Reinauer <reinauer@chromium.org>
/external/vboot_reference/tests/vboot_nvstorage_test.c
|
| fa9d7782e837848a1aeb0e95295fa48ac23f7a26 |
|
09-Nov-2011 |
Bill Richardson <wfrichar@chromium.org> |
Dev-mode only boots official kernels by default
Although we're now using a single unified BIOS, it is pretty nice to be able
to get a shell in developer mode while still using verified boot for the
kernel and filesystem. Alex & ZGB implemented this by requiring the dev-mode
user to install a special dev-mode BIOS. We don't do that, but we DO require
setting a special flag with "crossystem" to accomplish the same thing.
In order to allow booting a self-signed kernel, you must boot in developer
mode, open a shell, and run this:
crossystem dev_boot_custom=1
Special note to internal developers: If you're in the habit (as I am) of
booting directly from a USB stick in dev-mode, you'll have to run this:
crossystem dev_boot_custom=1 dev_boot_usb=1
Just using dev_boot_usb=1 is no longer enough, because the USB kernel is
signed using the recovery key and by pressing Ctrl-U, we validate it with
the kernel data key. That worked before this change because any self-signed
kernel was fine, and that's how the USB key was treated. Now it actually
requires a verified signature until you enable dev_boot_custom=1 also.
BUG=chrome-os-partner:5954
TEST=manual
Boot once in normal mode, which clears the special flags. Then switch to
developer mode. You should be able to boot and get a root shell.
Run
crossystem dev_boot_usb=1
Obtain a USB recovery image that's keyed differently. For example, if you're
testing with dev-keys, use a PVT-signed image or vice-versa.
Reboot into dev-mode with the USB recovery stick inserted. At the dev-mode
screen, press Ctrl-U. You should hear a single beep, but it should not boot.
Press Ctrl-D to boot from the hard drive, log in to a shell and run
crossystem dev_boot_custom=1
Repeat the previous test. This time when you press Ctrl-U, it should boot
the recovery image. Turn the system off before it does anything.
That's it.
Change-Id: I1811ee9a188974b3f94c83c52b00b60028b86c69
Reviewed-on: https://gerrit.chromium.org/gerrit/11442
Tested-by: Bill Richardson <wfrichar@chromium.org>
Reviewed-by: Randall Spangler <rspangler@chromium.org>
/external/vboot_reference/tests/vboot_nvstorage_test.c
|
| daa807c51ef6d5bf6599e649d1777432bea8a3e5 |
|
11-Jul-2011 |
Randall Spangler <rspangler@chromium.org> |
Add support for dev_boot_usb flag
BUG=chromium-os:17433
TEST=make && make runtests. Additional manual tests:
0. Insert a valid dev-signed USB key.
1. Boot with dev switch off.
`crossystem dev_boot_usb` should print 0.
2. Flip dev switch on.
`crossystem dev_boot_usb` should print 0.
Ctrl+U at dev screen should beep, but not boot USB.
3. Type `crossystem dev_boot_usb=1`. Should succeed.
`crossystem dev_boot_usb` should print 1.
4. Reboot system.
At the dev mode warning, press Ctrl+U
System should boot from USB key
`crossystem dev_boot_usb` should print 0.
5. Flip dev switch off.
`crossystem dev_boot_usb` should print 0.
6. Flip dev switch on.
`crossystem dev_boot_usb` should print 0.
Note that this does not apply to Cr-48, Alex, or ZGB.
Change-Id: Idf85fdd642f38f531c89e5fa5b1679e84936d4da
Reviewed-on: http://gerrit.chromium.org/gerrit/3875
Reviewed-by: Bill Richardson <wfrichar@chromium.org>
Reviewed-by: Stefan Reinauer <reinauer@google.com>
Tested-by: Randall Spangler <rspangler@chromium.org>
/external/vboot_reference/tests/vboot_nvstorage_test.c
|
| cabe6b3514f3228b350a7d07d6cc7cb39eecaaf6 |
|
18-Mar-2011 |
Randall Spangler <rspangler@chromium.org> |
Use VbSharedData instead of VbNvStorage for fwb_tries and kernkey_vfy
Change-Id: I5ed3509a9d4e578cd2e98f493dab59bc2fbd5827
R=dlaurie@chromium.org
BUG=chrome-os-partner:2748
TEST=manual
crossystem fwb_tries=3
(reboot)
crossystem tried_fwb
(should print 1)
crossystem fwb_tries=0
(reboot)
crossystem tried_fwb
(should print 0)
In dev mode...
Boot a kernel signed with the same key as in the firmware
crossystem kernkey_vfy
(should print sig)
Boot a kernel signed with a different key than the firmware
crossystem kernkey_vfy
(should print hash)
Review URL: http://codereview.chromium.org/6711045
/external/vboot_reference/tests/vboot_nvstorage_test.c
|
| b17e8d353c50d46f0e5f29578f6294003692ea1d |
|
15-Mar-2011 |
Randall Spangler <rspangler@chromium.org> |
Add VB test error func/num
Change-Id: Ibe253963f0424935554fe91f166ef5040a723c6f
BUG=13107
TEST=make && make runtests
Review URL: http://codereview.chromium.org/6698032
/external/vboot_reference/tests/vboot_nvstorage_test.c
|
| 92e378e453c7c7186a06d9021fb64eb7985937f5 |
|
25-Feb-2011 |
Randall Spangler <rspangler@chromium.org> |
rename tried_fwb constants
Change-Id: Ib8018bfe29eed50766c699d832efe4f1afcabb1a
BUG=none
TEST=make && make runtests
Review URL: http://codereview.chromium.org/6597015
/external/vboot_reference/tests/vboot_nvstorage_test.c
|
| 172602829dc0d79ed65d7ed81225389f090b981f |
|
25-Feb-2011 |
Randall Spangler <rspangler@chromium.org> |
Add NV storage fields for firmware flags
1) Did firmware attempt RW slot B before slot A?
2) Did firmware check the kernel keyblock signature, or just its hash?
Added crossystem support as well.
BUG=chrome-os-partner:1657
TEST=make && make runtests
Review URL: http://codereview.chromium.org/6597011
Change-Id: I0d743ae87cedd938ba988170793717d3fdbd8ce9
/external/vboot_reference/tests/vboot_nvstorage_test.c
|
| 9e162cdaa7433dff01d3e47ba3a47cb8b39ff3a1 |
|
22-Feb-2011 |
Randall Spangler <rspangler@chromium.org> |
VbNvStorage cleanup and comments
BUG=12282
TEST=make && make runtests
Review URL: http://codereview.chromium.org/6469059
Change-Id: I912b53ae33d65305353a747cc0bdd2b1ea62a04f
/external/vboot_reference/tests/vboot_nvstorage_test.c
|
| b944534edd3799b3353f73bcb8ee90161d640c2b |
|
18-Feb-2011 |
Randall Spangler <rspangler@chromium.org> |
Add NV storage API to vboot reference
BUG=chromium-os:12282
TEST=make && make runtests
Review URL: http://codereview.chromium.org/6532040
Change-Id: I57099de54ed56aa722f1944568bbb58b71b14379
/external/vboot_reference/tests/vboot_nvstorage_test.c
|