21aedee1ceab57dcbe8506d10a132dffd3a1917b |
|
29-Jan-2015 |
Julius Werner <jwerner@chromium.org> |
vboot2: Add sd->fw_version_secdata field to communicate to crossystem This patchs adds a new vb2_shared_data field to store the current rollback prevention version number stored in secdata (TPM). This information needs to be retrieved from there by coreboot (current hack) or vboot2 kernel verification (bright shiny future) so it can be passed along to the operating system and user space. BRANCH=veyron BUG=chrome-os-partner:35941 TEST=make runtests. Booted Jerry in recovery mode (with corresponding coreboot patch), ensured that crossystem tpm_fwver still shows the correct value. Change-Id: I2a0c3e51b158a35ac129d2abce19b40c6c6381a6 Signed-off-by: Julius Werner <jwerner@chromium.org> Reviewed-on: https://chromium-review.googlesource.com/244601 Reviewed-by: Randall Spangler <rspangler@chromium.org>
/external/vboot_reference/firmware/2lib/include/2struct.h
|
62d482ecddf5735076a085859cf40fcfa24671ee |
|
29-Jan-2015 |
Daisuke Nojiri <dnojiri@chromium.org> |
add vb2api_get_pcr_digest this api allows firmware to get the digest indicating boot mode status. BUG=chromium:451609 TEST=VBOOT2=1 make run2tests BRANCH=tot Signed-off-by: Daisuke Nojiri <dnojiri@chromium.org> Change-Id: Idca7bc5f6aed947689ad7cf219805aad35047c7d Reviewed-on: https://chromium-review.googlesource.com/244542
/external/vboot_reference/firmware/2lib/include/2struct.h
|
f10e9099286202f83ce4c1dc5ef1e85fcb5ccde7 |
|
17-Dec-2014 |
Julius Werner <jwerner@chromium.org> |
vboot2: Introduce vb2ex_hwcrypto API This patch extends the vboot2 API by three callback functions that the platform firmware may implement to offer hardware crypto engine support. For now we only support this for hash algorithms, and we will only allow it for firmware body hashes (not the keyblock or preamble which are too small to matter execution-time-wise anyway). The API is similar to the vb2api_*_hash() functions used to start body hashing in the first place, but we still take this round trip through vboot to allow it to do key/signature management and retain full control of the verification process. We also add a new preamble flag to explicitly disable this feature, so that we can later return to a solely software-based verification path through a firmware update in case a hardware crypto engine turns out to be insecure. CQ-DEPEND=CL:236435 BRANCH=None BUG=chrome-os-partner:32987 TEST='make runtests VBOOT2=1'. Manually booted on Pinky with and without HW crypto support and with the preamble flag set to confirm expected behavior. lib21/ parts untested except for compiling and new unit tests. Change-Id: I17c7d02f392089875a5942a5aafcf6a657354863 Signed-off-by: Julius Werner <jwerner@chromium.org> Reviewed-on: https://chromium-review.googlesource.com/236453 Reviewed-by: Randall Spangler <rspangler@chromium.org>
/external/vboot_reference/firmware/2lib/include/2struct.h
|
308d2540929cd95e2a565be95ce0b1d45d2fbed2 |
|
04-Dec-2014 |
Randall Spangler <rspangler@chromium.org> |
vboot2: Get rid of extra '2' at end of new struct names Now that lib20 and lib21 are distinct, they can have overlapping struct names. This will be cleaner in the long run, since vboot 2.0 (lib20) is just a temporary stepping stone to vboot 2.1 (lib21). It would be a shame to need to carry around the overhead of that extra digit forever. No functional changes, just a lot of renaming. BUG=chromium:423882 BRANCH=none TEST=make runtests && VBOOT2=1 make runtests (works with/withoug VBOOT2 flag) And compile firmware for veyron_pinky Change-Id: I25f348fd31e32d08ca576836dfdd1278828765a1 Signed-off-by: Randall Spangler <rspangler@chromium.org> Reviewed-on: https://chromium-review.googlesource.com/233183 Reviewed-by: Daisuke Nojiri <dnojiri@chromium.org>
/external/vboot_reference/firmware/2lib/include/2struct.h
|
6f1b82ac14f341d9733d6e95d518b3ee352002ef |
|
03-Dec-2014 |
Randall Spangler <rspangler@chromium.org> |
vboot2: Move old struct handling to lib20/ This is part 4 of a series of changes to rearrange the vboot2 library so that it's possible to start using the new-style data structs. This change moves knowledge of the old vboot1 data structs into lib20; 2lib now contains only code which is common to both vboot2.x libraries (that is, code which is data structure version agnostic). No functional changes; just rearranging code and tests. BUG=chromium:423882 BRANCH=none TEST=make runtests && VBOOT2=1 make runtests (works with/withoug VBOOT2 flag) And compile firmware for veyron_pinky CQ-DEPEND=CL:233051 Change-Id: I8f9e67157575e5be14952ef4809c3dfafd92596d Signed-off-by: Randall Spangler <rspangler@chromium.org> Reviewed-on: https://chromium-review.googlesource.com/233021 Reviewed-by: Bill Richardson <wfrichar@chromium.org>
/external/vboot_reference/firmware/2lib/include/2struct.h
|
108d991c678f80c99967bd07035de7418c81a072 |
|
03-Dec-2014 |
Randall Spangler <rspangler@chromium.org> |
vboot2: Move knowledge of vboot 2.1 data structures inside lib21/ Code which compiles against fwlib2 no longer knows or cares about the new data structures. This should shrink fwlib2 a bit. This is part 3 of 4 changes which split vboot 2.0 struct handling (old vboot1 structs) from vboot 2.1 struct handling (new style structs). No functional changes; just shuffling around code. BUG=chromium:423882 BRANCH=none TEST=make runtests && VBOOT2=1 make runtests (works with/withoug VBOOT2 flag) And compile firmware for veyron_pinky. Change-Id: Ibccd7d1974e07f38b90c19c924ef3b1ffcb77d62 Signed-off-by: Randall Spangler <rspangler@chromium.org> Reviewed-on: https://chromium-review.googlesource.com/233020 Reviewed-by: Bill Richardson <wfrichar@chromium.org>
/external/vboot_reference/firmware/2lib/include/2struct.h
|
59c29202d2d67b97f587152b5457ed89f7430a77 |
|
17-Nov-2014 |
Randall Spangler <rspangler@chromium.org> |
vboot2: Add host library functions to read/write new-format key objects And unit tests for them. BUG=chromium:423882 BRANCH=none TEST=make runtests && VBOOT2=1 make runtests Change-Id: I720bfb2537bae60f05b5ce28ab196a331a82eedf Signed-off-by: Randall Spangler <rspangler@chromium.org> Reviewed-on: https://chromium-review.googlesource.com/230931
/external/vboot_reference/firmware/2lib/include/2struct.h
|
efa37b87f2b4cd4b4f515e96201502ae0408cec7 |
|
13-Nov-2014 |
Randall Spangler <rspangler@chromium.org> |
vboot2: Add api-level functions to use new data structures And associated unit tests. And fix a memory overwrite in the old vb_api_tests.c, which apparently didn't touch a critical piece of the shared work buffer, but was still wrong. (This was a problem in the test, not in the code being tested.) BUG=chromium:423882 BRANCH=none TEST=VBOOT2=1 make runtests Change-Id: I322fb7e6bb5214b0adcf5d6d48a0cd238abba88e Signed-off-by: Randall Spangler <rspangler@chromium.org> Reviewed-on: https://chromium-review.googlesource.com/229738 Reviewed-by: Bill Richardson <wfrichar@chromium.org>
/external/vboot_reference/firmware/2lib/include/2struct.h
|
7c1eee09eff54c6e60a3b261e6df790c11331695 |
|
14-Nov-2014 |
Randall Spangler <rspangler@chromium.org> |
vboot2: Split vb2_guid into its own header file This allows the api header to include it without pulling in the rest of the vboot2 internal structs. No functional changes; just moving a struct definition. BUG=chromium:423882 BRANCH=none TEST=VBOOT2=1 make runtests Change-Id: Ife9408f9b597939a3cc85a10d534108e12f2d739 Signed-off-by: Randall Spangler <rspangler@chromium.org> Reviewed-on: https://chromium-review.googlesource.com/229793 Reviewed-by: Daisuke Nojiri <dnojiri@chromium.org>
/external/vboot_reference/firmware/2lib/include/2struct.h
|
43e0a9ed6c0b332631442fcf581e7456d62e4532 |
|
05-Nov-2014 |
Randall Spangler <rspangler@chromium.org> |
vboot2: Add code and tests for verifying vb2_fw_preamble2 This is the last low-level data structure verification code for the new data structures. Subsequent changes are the next level up the food chain. BUG=chromium:423882 BRANCH=none TEST=VBOOT2=1 make runtests Change-Id: I2e45106c27447eb624c1ed562e40b98088249742 Signed-off-by: Randall Spangler <rspangler@chromium.org> Reviewed-on: https://chromium-review.googlesource.com/228360 Reviewed-by: Daisuke Nojiri <dnojiri@chromium.org>
/external/vboot_reference/firmware/2lib/include/2struct.h
|
fe21172cc315b6249e78ee8bc17d1470e8b6b02b |
|
06-Nov-2014 |
Randall Spangler <rspangler@chromium.org> |
vboot2: Change preamble to contain a list of signatures Use struct vb2_signature2 objects to hold the hashes of firmware components, rather than a separate vb2_fw_preamble2_hash struct. Better for code reuse. BUG=chromium:423882 BRANCH=none TEST=VBOOT2=1 make runtests Change-Id: Ia9e23c1488a884f2d6fab4c4be51b25d3ff25c2f Signed-off-by: Randall Spangler <rspangler@chromium.org> Reviewed-on: https://chromium-review.googlesource.com/228241 Reviewed-by: Daisuke Nojiri <dnojiri@chromium.org>
/external/vboot_reference/firmware/2lib/include/2struct.h
|
6300a6439e121ac41ad336c7422dcdbb0d649c7c |
|
01-Nov-2014 |
Randall Spangler <rspangler@chromium.org> |
vboot2: be consistent in use of sig_algorithm vs sig_alg in vboot2 structs Previously, we had a mix of sig_algorithm and sig_alg member names, and it was hard to remember which struct used which variant. Prefer sig_alg because of the 80-column limit. Same with hash_alg vs. hash_algorithm BUG=chromium:423882 BRANCH=none TEST=VBOOT2=1 make runtests Change-Id: Ifbb60f3172549e29efc0fb1f7f693efa51eb7cc3 Signed-off-by: Randall Spangler <rspangler@chromium.org> Reviewed-on: https://chromium-review.googlesource.com/226943 Reviewed-by: Daisuke Nojiri <dnojiri@chromium.org>
/external/vboot_reference/firmware/2lib/include/2struct.h
|
6f7f5df816a8790d2464ee5bee3d46e30611da4c |
|
31-Oct-2014 |
Randall Spangler <rspangler@chromium.org> |
vboot2: un-nest data structures Originally, we designed the vboot data structures so that some of them had sub-structures. Then the variable-length data for each of the structures was at the end. So: struct vb2_keyblock { struct vb2_packed_key struct vb2_signature } // Followed by variable-length data for keyblock // Followed by variable-length data for packed key // Followed by variable-length data for signature This had the weird side effect that the header and data for the sub-structs were not contiguous. That wasn't too bad before, but it gets more complicated with the new data structures. Each structure now can also have a description. And keyblocks can have a list of signatures. Structures also couldn't really know their own size, since a sub-struct might have a 20-byte header, but then 2K of other data in between that and the data for the sub-struct itself. So, un-nest all the data structures. That is, the keyblock now contains the offset of the signature struct, rather than the signature struct itself. And then all the variable-length data for each struct immediately follows the struct itself. So: struct vb2_keyblock2 { // Offset of packed key // Offset of first signature } // Followed by variable-length data for keyblock struct vb2_packed_key // Followed by variable-length data for packed key struct vb2_signature2 // Followed by variable-length data for signature (desc, sig data) Verifying and traversing these objects is much more straightforward. And each struct can now know its own size. This first change rearranges the structures. Descriptions now immediately follow the fixed size structure headers. The next change adds better verification of the structures, using the fixed_size and total_size fields in the common header. BUG=chromium:423882 BRANCH=none TEST=VBOOT2=1 make runtests Change-Id: Ieb9148d6f26c3e59ea542f3a95e59d8019ccee21 Reviewed-on: https://chromium-review.googlesource.com/226824 Tested-by: Randall Spangler <rspangler@chromium.org> Reviewed-by: Bill Richardson <wfrichar@chromium.org> Commit-Queue: Randall Spangler <rspangler@chromium.org>
/external/vboot_reference/firmware/2lib/include/2struct.h
|
cc7cddb39c118780439f86613924257d56476078 |
|
31-Oct-2014 |
Randall Spangler <rspangler@chromium.org> |
vboot2: Add GUIDs for VB2_SIG_NONE signature types Signatures with VB2_SIG_NONE are unsigned hashes. To make it easier to locate these signatures in the keyblock's list of signatures, define GUIDs for them. BUG=chromium:423882 BRANCH=none TEST=VBOOT2=1 make runtests Change-Id: I5bf9424107d7703b1a191b1bdf02954192ffc583 Signed-off-by: Randall Spangler <rspangler@chromium.org> Reviewed-on: https://chromium-review.googlesource.com/226813 Reviewed-by: Daisuke Nojiri <dnojiri@chromium.org>
/external/vboot_reference/firmware/2lib/include/2struct.h
|
f6cfb974ce465cf977490fe26db9c8735da97571 |
|
24-Oct-2014 |
Randall Spangler <rspangler@chromium.org> |
vboot2: Add verification for common vb2 struct header All new-style structs have a common header. This adds a verification function for that common header, and tests for it. BUG=chromium:423882 BRANCH=none TEST=VBOOT2=1 make runtests Change-Id: I668486e77f7200c10b43aa2d17b4dd6639e5538e Signed-off-by: Randall Spangler <rspangler@chromium.org> Reviewed-on: https://chromium-review.googlesource.com/225459 Reviewed-by: Bill Richardson <wfrichar@chromium.org>
/external/vboot_reference/firmware/2lib/include/2struct.h
|
21f100c9d62bfb0d1ec2d26c132c82ce47ee9350 |
|
16-Oct-2014 |
Randall Spangler <rspangler@chromium.org> |
vboot2: new data structures These structures allow for simplication and feature expansion in vboot. They are NOT backwards-compatible with old vboot1 structs. This CL simply adds the new structs and unit tests for struct packing; future CLs will add support for them in the firmware library and futility. BUG=chromium:423882 BRANCH=none TEST=VBOOT2=1 make runtests Change-Id: I22532acf985dd74316bd30f17e750f993b6c53d7 Signed-off-by: Randall Spangler <rspangler@chromium.org> Reviewed-on: https://chromium-review.googlesource.com/224820 Reviewed-by: Bill Richardson <wfrichar@chromium.org>
/external/vboot_reference/firmware/2lib/include/2struct.h
|
6df3e33912baf2633ed27fce6fe166d87e2f04a8 |
|
03-Oct-2014 |
Bill Richardson <wfrichar@chromium.org> |
Add hwid digest field to GBB header This adds a field in the GBB header to store the sha256 digest of the HWID string, and updates gbb_utility so that it stores the digest when it modifies the HWID. Because this is a new field, the GBB_MINOR_VER is incremented. BUG=chromium:415227 BRANCH=ToT TEST=make runtests, VBOOT2=1 make runtests Since the GBB is in the RO firmware, there should be no side effects for existing devices (but even without that, they should handle a minor version change without complaint). Change-Id: Icdb2a0b564677b0b65e58df897d2ec5af3964998 Signed-off-by: Bill Richardson <wfrichar@chromium.org> Reviewed-on: https://chromium-review.googlesource.com/221360
/external/vboot_reference/firmware/2lib/include/2struct.h
|
f2f88042ed3a095819312c57d28e2d93e68d5c37 |
|
15-Oct-2014 |
Randall Spangler <rspangler@chromium.org> |
vboot2: Split crypto algorithms into their own header file This allows the algorithm list to be shared by code which simply needs to look at the vboot structures. No functional changes; just moving enums around and adding comments. BUG=chromium:423882 BRANCH=none TEST=make runtests; VBOOT2=1 make runtests Change-Id: Ia8cefeffb28d5eceb290540195193ea13e68e2c1 Signed-off-by: Randall Spangler <rspangler@chromium.org> Reviewed-on: https://chromium-review.googlesource.com/223541 Reviewed-by: Bill Richardson <wfrichar@chromium.org>
/external/vboot_reference/firmware/2lib/include/2struct.h
|
277dc5274c5c906c8d80d2ae4cc7679d234e8408 |
|
11-Aug-2014 |
Duncan Laurie <dlaurie@chromium.org> |
Add GBB flag to disable PD software sync In order to disable PD software sync but still do EC software sync it is useful to have a separate GBB flag for it. This will allow me to release a Samus P2B firmware image that will update the EC but not the PD, since the PD FW that comes on P2B devices cannot be updated with software sync. BUG=chrome-os-partner:30079 BRANCH=None TEST=flash BIOS with updated EC+PD: 1) no GBB flags to override behavior updates both EC and PD 2) GBB flag to disable EC software sync disables both EC and PD update 3) GBB flag to disable PD software sync disables only PD update Change-Id: I49ffb59238bee4a2dd66b24f2516e3ce46ea06cd Signed-off-by: Duncan Laurie <dlaurie@chromium.org> Reviewed-on: https://chromium-review.googlesource.com/211910 Reviewed-by: Bill Richardson <wfrichar@chromium.org> Reviewed-by: Randall Spangler <rspangler@chromium.org>
/external/vboot_reference/firmware/2lib/include/2struct.h
|
fc17308c39d23fe64959854dc5a858429b37539f |
|
24-Jun-2014 |
Daisuke Nojiri <dnojiri@chromium.org> |
vboot2: Scramble the GBB magic number Compiling in the GBB magic number as is causes any tools that search for the number to fail. This patch allows firmware to embed XOR'ed signature. TEST=Booted Nyan in normal mode. FAFT:firmware_DevMode passes. BUG=none BRANCH=none Signed-off-by: Daisuke Nojiri <dnojiri@chromium.org> Change-Id: Id18905a9969af3db24151e7c51332d0e94405108 Reviewed-on: https://chromium-review.googlesource.com/205416 Reviewed-by: Randall Spangler <rspangler@chromium.org> Commit-Queue: Daisuke Nojiri <dnojiri@chromium.org> Tested-by: Daisuke Nojiri <dnojiri@chromium.org>
/external/vboot_reference/firmware/2lib/include/2struct.h
|
3333e578497aafc4eb8c6e1e359f6e2b1dee633a |
|
14-May-2014 |
Randall Spangler <rspangler@chromium.org> |
vboot2: Add nvstorage and secdata functions This is the second of several CLs adding a more memory- and code-efficient firmware verification library. BUG=chromium:370082 BRANCH=none TEST=make clean && COV=1 make Change-Id: I1dd571e7511bff18469707d5a2e90068e68e0d6f Signed-off-by: Randall Spangler <rspangler@chromium.org> Reviewed-on: https://chromium-review.googlesource.com/199841 Reviewed-by: Bill Richardson <wfrichar@chromium.org>
/external/vboot_reference/firmware/2lib/include/2struct.h
|