diff options
-rw-r--r-- | Documentation/releases/checklist.md | 1 | ||||
-rw-r--r-- | Documentation/security/vboot/index.md | 2 | ||||
-rw-r--r-- | Documentation/security/vboot/list_vboot.md | 223 | ||||
-rw-r--r-- | util/vboot_list/description.md | 2 | ||||
-rwxr-xr-x | util/vboot_list/vboot_list.sh | 55 |
5 files changed, 283 insertions, 0 deletions
diff --git a/Documentation/releases/checklist.md b/Documentation/releases/checklist.md index 706d08e379..ea05c2036a 100644 --- a/Documentation/releases/checklist.md +++ b/Documentation/releases/checklist.md @@ -68,6 +68,7 @@ be more frequent than was needed, so we scaled it back to twice a year. - [ ] Test the commit selected for release. - [ ] Update release notes with actual commit id, push to repo. - [ ] Run release script. +- [ ] Run vboot_list script. - [ ] Test the release from the actual release tarballs. - [ ] Push signed Tag to repo. - [ ] Announce that the release tag is done on IRC. diff --git a/Documentation/security/vboot/index.md b/Documentation/security/vboot/index.md index 400c2b5149..997db8be80 100644 --- a/Documentation/security/vboot/index.md +++ b/Documentation/security/vboot/index.md @@ -12,6 +12,8 @@ Google's verified boot support consists of: Google's vboot verifies the firmware and places measurements within the TPM. +- [List of supported Devices](list_vboot.md) + *** ## Root of Trust diff --git a/Documentation/security/vboot/list_vboot.md b/Documentation/security/vboot/list_vboot.md new file mode 100644 index 0000000000..1bef8234be --- /dev/null +++ b/Documentation/security/vboot/list_vboot.md @@ -0,0 +1,223 @@ +# VBOOT enabled devices + +## Emulation +- QEMU x86 i440fx/piix4 (aka qemu -M pc) +- QEMU x86 q35/ich9 (aka qemu -M q35, since v1.4) + +## Facebook +- Facebook Monolith + +## Google +- Auron_Paine (Acer C740 Chromebook) +- Auron_Yuna (Acer Chromebook 15 (C910/CB5-531)) +- Buddy (Acer Chromebase 24) +- Gandof (Toshiba Chromebook 2 (2015)) +- Lulu (Dell Chromebook 13 7310) +- Samus (Google Chromebook Pixel (2015)) +- Mccloud (Acer Chromebox CXI) +- Monroe (LG Chromebase 22CV241 & 22CB25S) +- Panther (ASUS Chromebox CN60) +- Tricky (Dell Chromebox 3010) +- Zako (HP Chromebox G1) +- Butterfly (HP Pavilion Chromebook 14) +- Cheza +- Banon (Acer Chromebook 15 (CB3-532)) +- Celes (Samsung Chromebook 3) +- Cyan (Acer Chromebook R11 (C738T)) +- Edgar (Acer Chromebook 14 (CB3-431)) +- Kefka (Dell Chromebook 11 3180/3189) +- Reks (Lenovo N22/N42 Chromebook) +- Relm +- Setzer (HP Chromebook 11 G5) +- Terra (ASUS Chromebook C202SA/C300SA/C301SA) +- Ultima (Lenovo Yoga 11e G3) +- Wizpig +- Daisy (Samsung Chromebook (2012)) +- DragonEgg +- Drallion +- Eve (Google Pixelbook) +- Fizz +- Karma +- Endeavour +- Foster +- Gale (Google WiFi) +- Asuka (Dell Chromebook 13 3380) +- Caroline (Samsung Chromebook Pro) +- Cave (Asus Chromebook Flip C302SA) +- Chell (HP Chromebook 13 G1) +- Glados Skylake Reference Board +- Lars (Acer Chromebook 14 for Work (CP5-471)) +- Sentry (Lenovo Thinkpad 13 Chromebook) +- Kevin (Samsung Chromebook Plus) +- Gru +- Bob (Asus Chromebook Flip C101PA) +- Scarlet +- Nefario +- Rainier +- Akemi +- Dratini +- Hatch +- Jinlon +- Kohaku +- Kindred +- Helios +- Mushu +- Palkia +- Nightfury +- Puff +- Helios_Diskswap +- Stryke +- Guado (ASUS Chromebox CN62) +- Jecht +- Rikku (Acer Chromebox CXI2) +- Tidus (Lenovo ThinkCentre Chromebox) +- Aleena +- Careena +- Grunt +- Liara +- Nuwani +- Treeya +- Kukui +- Krane +- Kodama +- Kakadu +- Flapjack +- Jacuzzi +- Juniper +- Kappa +- Damu +- Link (Google Chromebook Pixel (2013)) +- Mistral +- Nyan +- Nyan Big (Acer Chromebook 13 (CB5-311)) +- Nyan Blaze (HP Chromebook 14 G3) +- Oak +- Elm (Acer Chromebook R13) +- Hana (Lenovo N23 Yoga Chromebook) +- Parrot (Acer C7/C710 Chromebook) +- Peach Pit (Samsung Chromebook 2 11\") +- Atlas +- Poppy +- Nami +- Nautilus +- Nocturne +- Rammus +- Soraka +- Banjo (Acer Chromebook 15 (CB3-531)) +- Candy (Dell Chromebook 11 3120) +- Clapper (Lenovo N20 Chromebook) +- Enguarde +- Glimmer (Lenovo ThinkPad 11e Chromebook) +- Gnawty (Acer Chromebook 11 (CB3-111/131,C730/C730E/C735)) +- Heli (Haier Chromebook G2) +- Kip (HP Chromebook 11 G3 / G4 / G4 EE) +- Ninja (AOpen Chromebox Commercial) +- Orco (Lenovo 100S Chromebook) +- Quawks (ASUS Chromebook C300) +- Squawks (ASUS Chromebook C200) +- Rambi +- Sumo (AOpen Chromebase Commercial) +- Swanky (Toshiba Chromebook 2) +- Winky (Samsung Chromebook 2 (XE500C12)) +- Reef/Electro (Acer Chromebook Spin 11 R751T) +- Pyro (Lenovo Thinkpad (Yoga) 11e Chromebook) +- Sand (Acer Chromebook 15 CB515-1HT/1H) +- Snappy (HP Chromebook x360 11 G1 EE) +- Nasher +- Coral +- Arcada +- Sarien +- Falco (HP Chromebook 14) +- Leon (Toshiba Chromebook) +- Peppy (Acer C720/C720P Chromebook) +- Wolf (Dell Chromebook 11) +- Smaug (Google Pixel C) +- Storm (OnHub Router TGR1900) +- Stout (Lenovo Thinkpad X131e Chromebook) +- Trogdor +- Veyron_Jaq (Haier Chromebook 11) +- Veyron_Jerry (Hisense Chromebook 11) +- Veyron_Mighty (Haier Chromebook 11(edu)) +- Veyron_Minnie (ASUS Chromebook Flip C100) +- Veyron_Speedy (ASUS C201 Chromebook) +- Veyron_Mickey (Asus Chromebit CS10) +- Veyron_Rialto + +## HP +- Z220 SFF Workstation + +## Intel +- Basking Ridge CRB +- Cannonlake U LPDDR4 RVP +- Cannonlake Y LPDDR4 RVP +- Coffeelake U SO-DIMM DDR4 RVP +- Coffeelake H SO-DIMM DDR4 RVP11 +- Whiskeylake U DDR4 RVP +- Coffeelake S U-DIMM DDR4 RVP8 +- Cometlake U DDR4 RVP +- Emerald Lake 2 CRB +- Galileo +- Glkrvp +- Icelake U DDR4/LPDDR4 RVP +- Icelake Y LPDDR4 RVP +- Jasperlake DDR4/LPDDR4 RVP +- Jasperlake DDR4/LPDDR4 RVP with Chrome EC +- Kabylake LPDDR3 RVP3 +- Kabylake DDR3L RVP7 +- Kabylake DDR4 RVP8 +- Kabylake DDR4 RVP11 +- Kunimitsu +- Strago +- Tigerlake UP3 RVP +- Tigerlake UP4 RVP +- Whitetip Mountain 2 CRB + +## Lenovo +- ThinkPad T400 +- ThinkPad T500 +- ThinkPad R400 +- ThinkPad R500 +- ThinkPad W500 +- ThinkPad T410 +- ThinkPad T420 +- ThinkPad T420s +- ThinkPad T430 +- ThinkPad T430s +- ThinkPad T431s +- ThinkPad T440p +- ThinkPad T520 +- ThinkPad W520 +- ThinkPad T530 +- ThinkPad W530 +- ThinkPad X131e +- ThinkPad X1 carbon gen 1 +- ThinkPad X200 / X200s / X200t +- ThinkPad X301 +- ThinkPad X201 / X201i / X201s / X201t +- ThinkPad X220 +- ThinkPad X220i +- ThinkPad X1 +- ThinkPad X230 +- ThinkPad X230t + +## OpenCellular +- Elgon (GBCv2) + +## SAMSUNG +- Lumpy +- Stumpy + +## Siemens +- MC APL1 +- MC APL2 +- MC APL3 +- MC APL4 +- MC APL5 +- MC APL6 + +## Supermicro +- X11SSH-TF +- X11SSM-F + +## UP +- Squared diff --git a/util/vboot_list/description.md b/util/vboot_list/description.md new file mode 100644 index 0000000000..b994557f6c --- /dev/null +++ b/util/vboot_list/description.md @@ -0,0 +1,2 @@ +Tools to generate a list of vboot enabled devices to the documentation +`Bash` diff --git a/util/vboot_list/vboot_list.sh b/util/vboot_list/vboot_list.sh new file mode 100755 index 0000000000..f3e8975e96 --- /dev/null +++ b/util/vboot_list/vboot_list.sh @@ -0,0 +1,55 @@ +#!/usr/bin/env bash + +TOP="$( cd "$( dirname "${BASH_SOURCE[0]}" )"/../.. >/dev/null 2>&1 && pwd )" +MAINBOARDS="src/mainboard" +OUTPUT_FILE=${1:-$TOP/Documentation/security/vboot/list_vboot.md} + +function has_vboot +{ + local DIR=$1 + + grep -rq "config VBOOT" $DIR + return $? +} + +function get_vendor_name +{ + local VENDORDIR=$1 + + sed -n '/config VENDOR/{n;s/^[\t[:space:]]\+bool "\(.*\)"/\1/;p;}' \ + $VENDORDIR/Kconfig.name +} + +function get_board_name +{ + local BOARDDIR=$1 + + sed -n '/config BOARD/{n;s/^[\t[:space:]]\+bool "\(->\s\+\)\?\(.*\)"/\2/;p;}' \ + $BOARDDIR/Kconfig.name +} + +function list_vboot_boards +{ + local VENDORDIR=$1 + for BOARD in $(ls -d $VENDORDIR/*/) + do + has_vboot $BOARD || continue + get_board_name $BOARD + done +} + +function generate_vboot_list +{ +for VENDOR in $(ls -d $TOP/$MAINBOARDS/*/) +do + has_vboot $VENDOR || continue + echo -e "\n## $(get_vendor_name $VENDOR)" + IFS=$'\n' + for BOARD in $(list_vboot_boards $VENDOR) + do + echo "- $BOARD" + done +done +} + +(echo "# VBOOT enabled devices"; generate_vboot_list) > $OUTPUT_FILE |