| 21aedee1ceab57dcbe8506d10a132dffd3a1917b |
|
29-Jan-2015 |
Julius Werner <jwerner@chromium.org> |
vboot2: Add sd->fw_version_secdata field to communicate to crossystem
This patchs adds a new vb2_shared_data field to store the current
rollback prevention version number stored in secdata (TPM). This
information needs to be retrieved from there by coreboot (current
hack) or vboot2 kernel verification (bright shiny future) so it can be
passed along to the operating system and user space.
BRANCH=veyron
BUG=chrome-os-partner:35941
TEST=make runtests. Booted Jerry in recovery mode (with corresponding
coreboot patch), ensured that crossystem tpm_fwver still shows the
correct value.
Change-Id: I2a0c3e51b158a35ac129d2abce19b40c6c6381a6
Signed-off-by: Julius Werner <jwerner@chromium.org>
Reviewed-on: https://chromium-review.googlesource.com/244601
Reviewed-by: Randall Spangler <rspangler@chromium.org>
/external/vboot_reference/firmware/2lib/include/2struct.h
|
| 62d482ecddf5735076a085859cf40fcfa24671ee |
|
29-Jan-2015 |
Daisuke Nojiri <dnojiri@chromium.org> |
add vb2api_get_pcr_digest
this api allows firmware to get the digest indicating boot mode status.
BUG=chromium:451609
TEST=VBOOT2=1 make run2tests
BRANCH=tot
Signed-off-by: Daisuke Nojiri <dnojiri@chromium.org>
Change-Id: Idca7bc5f6aed947689ad7cf219805aad35047c7d
Reviewed-on: https://chromium-review.googlesource.com/244542
/external/vboot_reference/firmware/2lib/include/2struct.h
|
| f10e9099286202f83ce4c1dc5ef1e85fcb5ccde7 |
|
17-Dec-2014 |
Julius Werner <jwerner@chromium.org> |
vboot2: Introduce vb2ex_hwcrypto API
This patch extends the vboot2 API by three callback functions that the
platform firmware may implement to offer hardware crypto engine support.
For now we only support this for hash algorithms, and we will only allow
it for firmware body hashes (not the keyblock or preamble which are too
small to matter execution-time-wise anyway). The API is similar to the
vb2api_*_hash() functions used to start body hashing in the first place,
but we still take this round trip through vboot to allow it to do
key/signature management and retain full control of the verification
process. We also add a new preamble flag to explicitly disable this
feature, so that we can later return to a solely software-based
verification path through a firmware update in case a hardware crypto
engine turns out to be insecure.
CQ-DEPEND=CL:236435
BRANCH=None
BUG=chrome-os-partner:32987
TEST='make runtests VBOOT2=1'. Manually booted on Pinky with and without
HW crypto support and with the preamble flag set to confirm expected
behavior. lib21/ parts untested except for compiling and new unit tests.
Change-Id: I17c7d02f392089875a5942a5aafcf6a657354863
Signed-off-by: Julius Werner <jwerner@chromium.org>
Reviewed-on: https://chromium-review.googlesource.com/236453
Reviewed-by: Randall Spangler <rspangler@chromium.org>
/external/vboot_reference/firmware/2lib/include/2struct.h
|
| 308d2540929cd95e2a565be95ce0b1d45d2fbed2 |
|
04-Dec-2014 |
Randall Spangler <rspangler@chromium.org> |
vboot2: Get rid of extra '2' at end of new struct names
Now that lib20 and lib21 are distinct, they can have overlapping
struct names. This will be cleaner in the long run, since vboot 2.0
(lib20) is just a temporary stepping stone to vboot 2.1 (lib21). It
would be a shame to need to carry around the overhead of that extra
digit forever.
No functional changes, just a lot of renaming.
BUG=chromium:423882
BRANCH=none
TEST=make runtests && VBOOT2=1 make runtests (works with/withoug VBOOT2 flag)
And compile firmware for veyron_pinky
Change-Id: I25f348fd31e32d08ca576836dfdd1278828765a1
Signed-off-by: Randall Spangler <rspangler@chromium.org>
Reviewed-on: https://chromium-review.googlesource.com/233183
Reviewed-by: Daisuke Nojiri <dnojiri@chromium.org>
/external/vboot_reference/firmware/2lib/include/2struct.h
|
| 6f1b82ac14f341d9733d6e95d518b3ee352002ef |
|
03-Dec-2014 |
Randall Spangler <rspangler@chromium.org> |
vboot2: Move old struct handling to lib20/
This is part 4 of a series of changes to rearrange the vboot2 library
so that it's possible to start using the new-style data structs. This
change moves knowledge of the old vboot1 data structs into lib20; 2lib
now contains only code which is common to both vboot2.x libraries
(that is, code which is data structure version agnostic).
No functional changes; just rearranging code and tests.
BUG=chromium:423882
BRANCH=none
TEST=make runtests && VBOOT2=1 make runtests (works with/withoug VBOOT2 flag)
And compile firmware for veyron_pinky
CQ-DEPEND=CL:233051
Change-Id: I8f9e67157575e5be14952ef4809c3dfafd92596d
Signed-off-by: Randall Spangler <rspangler@chromium.org>
Reviewed-on: https://chromium-review.googlesource.com/233021
Reviewed-by: Bill Richardson <wfrichar@chromium.org>
/external/vboot_reference/firmware/2lib/include/2struct.h
|
| 108d991c678f80c99967bd07035de7418c81a072 |
|
03-Dec-2014 |
Randall Spangler <rspangler@chromium.org> |
vboot2: Move knowledge of vboot 2.1 data structures inside lib21/
Code which compiles against fwlib2 no longer knows or cares about the
new data structures. This should shrink fwlib2 a bit. This is part 3
of 4 changes which split vboot 2.0 struct handling (old vboot1
structs) from vboot 2.1 struct handling (new style structs).
No functional changes; just shuffling around code.
BUG=chromium:423882
BRANCH=none
TEST=make runtests && VBOOT2=1 make runtests (works with/withoug VBOOT2 flag)
And compile firmware for veyron_pinky.
Change-Id: Ibccd7d1974e07f38b90c19c924ef3b1ffcb77d62
Signed-off-by: Randall Spangler <rspangler@chromium.org>
Reviewed-on: https://chromium-review.googlesource.com/233020
Reviewed-by: Bill Richardson <wfrichar@chromium.org>
/external/vboot_reference/firmware/2lib/include/2struct.h
|
| 59c29202d2d67b97f587152b5457ed89f7430a77 |
|
17-Nov-2014 |
Randall Spangler <rspangler@chromium.org> |
vboot2: Add host library functions to read/write new-format key objects
And unit tests for them.
BUG=chromium:423882
BRANCH=none
TEST=make runtests && VBOOT2=1 make runtests
Change-Id: I720bfb2537bae60f05b5ce28ab196a331a82eedf
Signed-off-by: Randall Spangler <rspangler@chromium.org>
Reviewed-on: https://chromium-review.googlesource.com/230931
/external/vboot_reference/firmware/2lib/include/2struct.h
|
| efa37b87f2b4cd4b4f515e96201502ae0408cec7 |
|
13-Nov-2014 |
Randall Spangler <rspangler@chromium.org> |
vboot2: Add api-level functions to use new data structures
And associated unit tests.
And fix a memory overwrite in the old vb_api_tests.c, which apparently
didn't touch a critical piece of the shared work buffer, but was still
wrong. (This was a problem in the test, not in the code being
tested.)
BUG=chromium:423882
BRANCH=none
TEST=VBOOT2=1 make runtests
Change-Id: I322fb7e6bb5214b0adcf5d6d48a0cd238abba88e
Signed-off-by: Randall Spangler <rspangler@chromium.org>
Reviewed-on: https://chromium-review.googlesource.com/229738
Reviewed-by: Bill Richardson <wfrichar@chromium.org>
/external/vboot_reference/firmware/2lib/include/2struct.h
|
| 7c1eee09eff54c6e60a3b261e6df790c11331695 |
|
14-Nov-2014 |
Randall Spangler <rspangler@chromium.org> |
vboot2: Split vb2_guid into its own header file
This allows the api header to include it without pulling in the rest
of the vboot2 internal structs.
No functional changes; just moving a struct definition.
BUG=chromium:423882
BRANCH=none
TEST=VBOOT2=1 make runtests
Change-Id: Ife9408f9b597939a3cc85a10d534108e12f2d739
Signed-off-by: Randall Spangler <rspangler@chromium.org>
Reviewed-on: https://chromium-review.googlesource.com/229793
Reviewed-by: Daisuke Nojiri <dnojiri@chromium.org>
/external/vboot_reference/firmware/2lib/include/2struct.h
|
| 43e0a9ed6c0b332631442fcf581e7456d62e4532 |
|
05-Nov-2014 |
Randall Spangler <rspangler@chromium.org> |
vboot2: Add code and tests for verifying vb2_fw_preamble2
This is the last low-level data structure verification code for the
new data structures. Subsequent changes are the next level up the
food chain.
BUG=chromium:423882
BRANCH=none
TEST=VBOOT2=1 make runtests
Change-Id: I2e45106c27447eb624c1ed562e40b98088249742
Signed-off-by: Randall Spangler <rspangler@chromium.org>
Reviewed-on: https://chromium-review.googlesource.com/228360
Reviewed-by: Daisuke Nojiri <dnojiri@chromium.org>
/external/vboot_reference/firmware/2lib/include/2struct.h
|
| fe21172cc315b6249e78ee8bc17d1470e8b6b02b |
|
06-Nov-2014 |
Randall Spangler <rspangler@chromium.org> |
vboot2: Change preamble to contain a list of signatures
Use struct vb2_signature2 objects to hold the hashes of firmware
components, rather than a separate vb2_fw_preamble2_hash struct.
Better for code reuse.
BUG=chromium:423882
BRANCH=none
TEST=VBOOT2=1 make runtests
Change-Id: Ia9e23c1488a884f2d6fab4c4be51b25d3ff25c2f
Signed-off-by: Randall Spangler <rspangler@chromium.org>
Reviewed-on: https://chromium-review.googlesource.com/228241
Reviewed-by: Daisuke Nojiri <dnojiri@chromium.org>
/external/vboot_reference/firmware/2lib/include/2struct.h
|
| 6300a6439e121ac41ad336c7422dcdbb0d649c7c |
|
01-Nov-2014 |
Randall Spangler <rspangler@chromium.org> |
vboot2: be consistent in use of sig_algorithm vs sig_alg in vboot2 structs
Previously, we had a mix of sig_algorithm and sig_alg member names,
and it was hard to remember which struct used which variant. Prefer
sig_alg because of the 80-column limit. Same with hash_alg
vs. hash_algorithm
BUG=chromium:423882
BRANCH=none
TEST=VBOOT2=1 make runtests
Change-Id: Ifbb60f3172549e29efc0fb1f7f693efa51eb7cc3
Signed-off-by: Randall Spangler <rspangler@chromium.org>
Reviewed-on: https://chromium-review.googlesource.com/226943
Reviewed-by: Daisuke Nojiri <dnojiri@chromium.org>
/external/vboot_reference/firmware/2lib/include/2struct.h
|
| 6f7f5df816a8790d2464ee5bee3d46e30611da4c |
|
31-Oct-2014 |
Randall Spangler <rspangler@chromium.org> |
vboot2: un-nest data structures
Originally, we designed the vboot data structures so that some of them
had sub-structures. Then the variable-length data for each of the
structures was at the end. So:
struct vb2_keyblock {
struct vb2_packed_key
struct vb2_signature
}
// Followed by variable-length data for keyblock
// Followed by variable-length data for packed key
// Followed by variable-length data for signature
This had the weird side effect that the header and data for the
sub-structs were not contiguous. That wasn't too bad before, but it
gets more complicated with the new data structures. Each structure
now can also have a description. And keyblocks can have a list of
signatures.
Structures also couldn't really know their own size, since a
sub-struct might have a 20-byte header, but then 2K of other data in
between that and the data for the sub-struct itself.
So, un-nest all the data structures. That is, the keyblock now
contains the offset of the signature struct, rather than the signature
struct itself. And then all the variable-length data for each struct
immediately follows the struct itself. So:
struct vb2_keyblock2 {
// Offset of packed key
// Offset of first signature
}
// Followed by variable-length data for keyblock
struct vb2_packed_key
// Followed by variable-length data for packed key
struct vb2_signature2
// Followed by variable-length data for signature (desc, sig data)
Verifying and traversing these objects is much more straightforward.
And each struct can now know its own size.
This first change rearranges the structures. Descriptions now
immediately follow the fixed size structure headers.
The next change adds better verification of the structures, using the
fixed_size and total_size fields in the common header.
BUG=chromium:423882
BRANCH=none
TEST=VBOOT2=1 make runtests
Change-Id: Ieb9148d6f26c3e59ea542f3a95e59d8019ccee21
Reviewed-on: https://chromium-review.googlesource.com/226824
Tested-by: Randall Spangler <rspangler@chromium.org>
Reviewed-by: Bill Richardson <wfrichar@chromium.org>
Commit-Queue: Randall Spangler <rspangler@chromium.org>
/external/vboot_reference/firmware/2lib/include/2struct.h
|
| cc7cddb39c118780439f86613924257d56476078 |
|
31-Oct-2014 |
Randall Spangler <rspangler@chromium.org> |
vboot2: Add GUIDs for VB2_SIG_NONE signature types
Signatures with VB2_SIG_NONE are unsigned hashes. To make it easier
to locate these signatures in the keyblock's list of signatures,
define GUIDs for them.
BUG=chromium:423882
BRANCH=none
TEST=VBOOT2=1 make runtests
Change-Id: I5bf9424107d7703b1a191b1bdf02954192ffc583
Signed-off-by: Randall Spangler <rspangler@chromium.org>
Reviewed-on: https://chromium-review.googlesource.com/226813
Reviewed-by: Daisuke Nojiri <dnojiri@chromium.org>
/external/vboot_reference/firmware/2lib/include/2struct.h
|
| f6cfb974ce465cf977490fe26db9c8735da97571 |
|
24-Oct-2014 |
Randall Spangler <rspangler@chromium.org> |
vboot2: Add verification for common vb2 struct header
All new-style structs have a common header. This adds a verification
function for that common header, and tests for it.
BUG=chromium:423882
BRANCH=none
TEST=VBOOT2=1 make runtests
Change-Id: I668486e77f7200c10b43aa2d17b4dd6639e5538e
Signed-off-by: Randall Spangler <rspangler@chromium.org>
Reviewed-on: https://chromium-review.googlesource.com/225459
Reviewed-by: Bill Richardson <wfrichar@chromium.org>
/external/vboot_reference/firmware/2lib/include/2struct.h
|
| 21f100c9d62bfb0d1ec2d26c132c82ce47ee9350 |
|
16-Oct-2014 |
Randall Spangler <rspangler@chromium.org> |
vboot2: new data structures
These structures allow for simplication and feature expansion in
vboot. They are NOT backwards-compatible with old vboot1 structs.
This CL simply adds the new structs and unit tests for struct packing;
future CLs will add support for them in the firmware library and
futility.
BUG=chromium:423882
BRANCH=none
TEST=VBOOT2=1 make runtests
Change-Id: I22532acf985dd74316bd30f17e750f993b6c53d7
Signed-off-by: Randall Spangler <rspangler@chromium.org>
Reviewed-on: https://chromium-review.googlesource.com/224820
Reviewed-by: Bill Richardson <wfrichar@chromium.org>
/external/vboot_reference/firmware/2lib/include/2struct.h
|
| 6df3e33912baf2633ed27fce6fe166d87e2f04a8 |
|
03-Oct-2014 |
Bill Richardson <wfrichar@chromium.org> |
Add hwid digest field to GBB header
This adds a field in the GBB header to store the sha256 digest of
the HWID string, and updates gbb_utility so that it stores the
digest when it modifies the HWID. Because this is a new field,
the GBB_MINOR_VER is incremented.
BUG=chromium:415227
BRANCH=ToT
TEST=make runtests, VBOOT2=1 make runtests
Since the GBB is in the RO firmware, there should be no side
effects for existing devices (but even without that, they should
handle a minor version change without complaint).
Change-Id: Icdb2a0b564677b0b65e58df897d2ec5af3964998
Signed-off-by: Bill Richardson <wfrichar@chromium.org>
Reviewed-on: https://chromium-review.googlesource.com/221360
/external/vboot_reference/firmware/2lib/include/2struct.h
|
| f2f88042ed3a095819312c57d28e2d93e68d5c37 |
|
15-Oct-2014 |
Randall Spangler <rspangler@chromium.org> |
vboot2: Split crypto algorithms into their own header file
This allows the algorithm list to be shared by code which simply needs
to look at the vboot structures.
No functional changes; just moving enums around and adding comments.
BUG=chromium:423882
BRANCH=none
TEST=make runtests; VBOOT2=1 make runtests
Change-Id: Ia8cefeffb28d5eceb290540195193ea13e68e2c1
Signed-off-by: Randall Spangler <rspangler@chromium.org>
Reviewed-on: https://chromium-review.googlesource.com/223541
Reviewed-by: Bill Richardson <wfrichar@chromium.org>
/external/vboot_reference/firmware/2lib/include/2struct.h
|
| 277dc5274c5c906c8d80d2ae4cc7679d234e8408 |
|
11-Aug-2014 |
Duncan Laurie <dlaurie@chromium.org> |
Add GBB flag to disable PD software sync
In order to disable PD software sync but still do EC software sync
it is useful to have a separate GBB flag for it.
This will allow me to release a Samus P2B firmware image that will
update the EC but not the PD, since the PD FW that comes on P2B
devices cannot be updated with software sync.
BUG=chrome-os-partner:30079
BRANCH=None
TEST=flash BIOS with updated EC+PD:
1) no GBB flags to override behavior updates both EC and PD
2) GBB flag to disable EC software sync disables both EC and PD update
3) GBB flag to disable PD software sync disables only PD update
Change-Id: I49ffb59238bee4a2dd66b24f2516e3ce46ea06cd
Signed-off-by: Duncan Laurie <dlaurie@chromium.org>
Reviewed-on: https://chromium-review.googlesource.com/211910
Reviewed-by: Bill Richardson <wfrichar@chromium.org>
Reviewed-by: Randall Spangler <rspangler@chromium.org>
/external/vboot_reference/firmware/2lib/include/2struct.h
|
| fc17308c39d23fe64959854dc5a858429b37539f |
|
24-Jun-2014 |
Daisuke Nojiri <dnojiri@chromium.org> |
vboot2: Scramble the GBB magic number
Compiling in the GBB magic number as is causes any tools that search for the
number to fail. This patch allows firmware to embed XOR'ed signature.
TEST=Booted Nyan in normal mode. FAFT:firmware_DevMode passes.
BUG=none
BRANCH=none
Signed-off-by: Daisuke Nojiri <dnojiri@chromium.org>
Change-Id: Id18905a9969af3db24151e7c51332d0e94405108
Reviewed-on: https://chromium-review.googlesource.com/205416
Reviewed-by: Randall Spangler <rspangler@chromium.org>
Commit-Queue: Daisuke Nojiri <dnojiri@chromium.org>
Tested-by: Daisuke Nojiri <dnojiri@chromium.org>
/external/vboot_reference/firmware/2lib/include/2struct.h
|
| 3333e578497aafc4eb8c6e1e359f6e2b1dee633a |
|
14-May-2014 |
Randall Spangler <rspangler@chromium.org> |
vboot2: Add nvstorage and secdata functions
This is the second of several CLs adding a more memory- and
code-efficient firmware verification library.
BUG=chromium:370082
BRANCH=none
TEST=make clean && COV=1 make
Change-Id: I1dd571e7511bff18469707d5a2e90068e68e0d6f
Signed-off-by: Randall Spangler <rspangler@chromium.org>
Reviewed-on: https://chromium-review.googlesource.com/199841
Reviewed-by: Bill Richardson <wfrichar@chromium.org>
/external/vboot_reference/firmware/2lib/include/2struct.h
|