summaryrefslogtreecommitdiff
path: root/3rdparty/vboot
AgeCommit message (Collapse)Author
2024-07-24Update vboot submodule to upstream mainYu-Ping Wu
Updating from commit id b6f44e62: 2024-07-01 04:30:14 +0000 - (futility: updater: Increase try count from 8 to 10) to commit id 4b12d392: 2024-07-17 01:47:56 +0000 - (scripts: Add a script to convert a vbprivk to a PEM) This brings in 9 new commits: 4b12d392 scripts: Add a script to convert a vbprivk to a PEM 033d7bfa futility: updater: Increase try count from 10 to 11 f63e088e treewide: Ensure a space after if/for/while keywords 17a45712 2auxfw_sync: Clear display request before EC reset e529f947 2ec_sync: Reactivate VB2_CONTEXT_EC_SYNC_SLOW ca2d42d1 Android: Explicitly disable v1/v2 signing when using apksigner fc7a7a5d futility: flash: Print ro_start and ro_len for debug 86542905 Migrate to new Android.bp build system aa35a020 host/lib/host_p11_stub: Add missing includes Change-Id: Ida8a27dcb0acf83022aff0118827e3d310fae1a5 Signed-off-by: Yu-Ping Wu <yupingso@chromium.org> Reviewed-on: https://review.coreboot.org/c/coreboot/+/83612 Reviewed-by: Yidi Lin <yidilin@google.com> Tested-by: build bot (Jenkins) <no-reply@coreboot.org>
2024-07-023rdparty/vboot: Update submodule to upstream mainFelix Singer
Updating from commit id 09fcd218: 2024-02-23 06:42:12 +0000 - (Makefile: Test compiler for -Wincompatible-function-pointer-types) to commit id b6f44e62: 2024-07-01 04:30:14 +0000 - (futility: updater: Increase try count from 8 to 10) This brings in 58 new commits: b6f44e62 futility: updater: Increase try count from 8 to 10 cfc87db2 OWNERS: Add czapiga eabf5784 OWNERS: Remove twawrzynczak and quasisec f8af818e host: Add stub implementation for pkcs11 key aaf4ecbb crossystem: Add support for Panther Lake gpiochip de89c5cd make_dev_ssd: allow ptracers to write proc/mem ffc9cc15 utility: Add vbnv_util.py for debugging b6174bdb futility: show: Print keyblock signature size and data size 6e39c99f Android: Add support for doing zipalign before doing apksigner ead73381 futility: flash: Enhance WP status reporting by adding more instructions c3368084 futility: modify private key validation to work for both local and cloud c22d72f8 futility: flash: Correct the output syntax of 32bit hex f423ae13 crossystem: Drop support for tried_fwb and fwb_tries fc5488c7 futility: flash: Correct the allowlist of options 16dede85 Revert "futility: Split load_firmware_image() into two functions for AP and EC" ded07831 futility: Try to load ecrw versions regardless of image type 7a685705 futility: Refactor code for --manifest f5ad0856 futility: Add more checks for incompatible arguments 05659d33 futility/updater_manifest: Warn about inconsistent RW versions 6720827b futility: Support ecrw version for --manifest daae7e56 futility: Split load_firmware_image() into two functions for AP and EC 40c77bba futility: Warn about inconsistent RW_FWID_A and RW_FWID_B versions c168ac8e tests/futility/data: Update bios_geralt_cbfs.bin with swapped ecrw 512648ae host/lib: Add cbfstool_file_exists() and cbfstool_extract() e37e6511 sign_official_build: add missing info keyword 2c0758b4 sign_official_build: loem support for firmware 016f6149 scripts/image_signing/swap_ec_rw: Always add ecrw.* as raw CBFS file b26c700a scripts/image_signing/swap_ecrw: Support ecrw.version 2e8d1003 tlcl: Add const qualifier to TlclTakeOwnership arguments 96b8674c host: stop installing unused image signing scripts 8da83c43 Android: Handle update certs using for hardcoded certs 4ca60534 scripts/image_signing: Add swap_ec_rw d30d6b54 make_dev_ssd: Remove logic choosing editor value 4cc5d090 futility/dump_fmap: Fix error message prefix for '-x' e7062a58 futility/dump_fmap: Exit with error if specified section is not found 4489dd09 scripts: Remove newbitmaps directory 8dcc82b0 host/lib/cbfstool: Redesign cbfstool_get_config_value() API 856fd693 Android: Hack for now to let things silently fail instead of erroring 28845c97 sign_uefi: Handle case where the crdyshim key does not exist 201244c3 sign_uefi_unittest: Refactor in preparation for more tests 702f8b53 tests: Add tests for cbfstool_get_config_value() 52a21327 Android: Add support for gcloud KMS in android signing 3310c49f tests/futility/test_update.sh: Use unique test names for IFD tests 493f7afc sign_gsc_firmware: add support for Nightly target 5c307cad keycfg: more consistent typo fix 11e4f60b image_signing: Add missing arg in sign_uefi_kernel 37c730d8 keycfg: handle arrays appropriately in key_config 59c37697 sign_uefi: Add detached crdyboot signature b66926e2 sign_uefi: Refactor the is-pkcs11 function for reuse 94aa8b80 image_signing: Pass crdyshim private key to sign_uefi.py 0ac99bcb sign_uefi: Stop signing crdyboot files with sbsign 6f6a6432 vboot_reference-sys: replace denylist with allowlist 73ebd8f8 vboot_reference-sys: add vboot_host pkg-config fallback 476282ef make_dev_ssd: Skip firmware validity checks on nonchrome 9330a65a vboot_reference: Add support for allowing overlayfs 48c8833f sign_official_build: remove cloud-signing aa70bb19 create_new_keys.sh: add --arv-root-uri 38d1af69 sign_official_build: Dedup calls to sign_uefi.py Change-Id: I14aaf1e1e230107e7bae60195c7e4684bf5a0533 Signed-off-by: Felix Singer <felixsinger@posteo.net> Reviewed-on: https://review.coreboot.org/c/coreboot/+/83295 Tested-by: build bot (Jenkins) <no-reply@coreboot.org> Reviewed-by: Lean Sheng Tan <sheng.tan@9elements.com>
2024-02-24Update vboot submodule to upstream mainJulius Werner
Updating from commit id 3d37d2aa: 2024-01-15 Makefile: Support FIRMWARE_ARCH=mock for firmware unit tests to commit id 09fcd218: 2024-02-22 Makefile: Test compiler for -Wincompatible-function-pointer-types This brings in 26 new commits: 09fcd218 Makefile: Test compiler for -Wincompatible-function-pointer-types 00e8c2d8 tests: Run hwcrypto RSA tests for arm64 d3387824 firmware: Add vectorized modexp() implementation for arm64 (NEON) 8856e04b tests: Stop exporting ENABLE_HWCRYPTO_RSA_TESTS to test scripts 6abd9cc0 Makefile: Separate ${ARCH_DIR}, split arm/arm64, remove symlinks e7f567d1 test_update: Skip ifdtool-dependent tests when not available 1a0f8df8 libvboot_host: Check for undefined symbols c0806280 vboot_host: Expose dynamic library 2ff5784d vboot: Remove 2kernel.c from vboot_host library 6e472468 Add crdyshim keygen script and devkeys 8a711468 scripts/keygeneration: Move generate_ed25519_key to common.sh 57e2092d scripts/image_signing: Call futility instead of its symlinks 0fa2ea47 scripts/image_signing/make_dev_ssh.sh: Improve parameter removal 1d32db3b Makefile: Remove genfuzztestcases from runtestscripts prerequisites f6ff822b README: Add 'futility sign' and 'futility verify' to useful utilities a717c83d tests: Replace vbutil_{firmware,kernel} with 'futility sign' 94c82417 *.sh: Unify indentation with 2 spaces 23d25957 utility/dev_debug_vboot: Replace vbutil_firmware with 'futility verify' fd20901f cgpt/futility: bundle as a subtool dccc5a31 image_signing: Add support for signing Flexor kernel image 660b6675 futility/cmd_show: Add "::verified" summary to vblock parseable output 2fcff1e4 tests/*.sh: Replace vbutil_firmware with 'futility verify' c6b13823 make_dev_firmware.sh: Replace vbutil_firmware with 'futility show' d260d094 firmware: 2modpow_sse2: Clean up calculation of `mu` 2596679a Add -Wint-conversion and -Wincompatible-function-pointer-types 39fb6201 futility: update: Use ifdtool to unlock ME f8016c2b make_keyblock: change to parsing key prefix Change-Id: Ibc6daef30092b1b31f3dd08f3aed02ba31fd12d2 Signed-off-by: Julius Werner <jwerner@chromium.org> Reviewed-on: https://review.coreboot.org/c/coreboot/+/80709 Tested-by: build bot (Jenkins) <no-reply@coreboot.org> Reviewed-by: Yu-Ping Wu <yupingso@google.com>
2024-01-17Update vboot submodule to upstream mainYu-Ping Wu
Updating from commit id 32402941: 2024-01-08 19:53:43 +0000 - (treewide: Put the static keyword at the beginning of declarations) to commit id 3d37d2aa: 2024-01-15 06:21:04 +0000 - (Makefile: Support FIRMWARE_ARCH=mock for firmware unit tests) This brings in 2 new commits: 3d37d2aa Makefile: Support FIRMWARE_ARCH=mock for firmware unit tests ffe3fb20 make_keyblock: Add support for omitting extension Change-Id: I30425f0c50caf24800661568da8f72f6b4418d9c Signed-off-by: Yu-Ping Wu <yupingso@chromium.org> Reviewed-on: https://review.coreboot.org/c/coreboot/+/80006 Tested-by: build bot (Jenkins) <no-reply@coreboot.org> Reviewed-by: Yidi Lin <yidilin@google.com>
2024-01-093rdparty/vboot: Update submodule to upstream mainFelix Singer
Updating from commit id 7c3b60bb: 2023-12-21 20:34:49 +0000 - (firmware/2lib: Use SSE2 to speed-up Montgomery multiplication) to commit id 32402941: 2024-01-08 19:53:43 +0000 - (treewide: Put the static keyword at the beginning of declarations) This brings in 4 new commits: 32402941 treewide: Put the static keyword at the beginning of declarations 242d198b crossystem: Use external tool the clear the TPM c8a0802f tests: Remove unnecessary vb2_verify_fw.c from TEST20_NAMES list 706088b8 tests: Test HW crypto RSA signature verification Change-Id: I667376dfc3021fa6d213e3d89917ee228fd14a28 Signed-off-by: Felix Singer <felixsinger@posteo.net> Reviewed-on: https://review.coreboot.org/c/coreboot/+/79853 Tested-by: build bot (Jenkins) <no-reply@coreboot.org> Reviewed-by: Julius Werner <jwerner@chromium.org>
2023-12-26Update vboot submodule to upstream mainJulius Werner
Updating from commit id c0cb4bfa: 2023-12-08 signer: sign_android_image.sh should die when image repacking fails to commit id 7c3b60bb: 2023-10-13 firmware/2lib: Use SSE2 to speed-up Montgomery multiplication This brings in 3 new commits: 7c3b60bb firmware/2lib: Use SSE2 to speed-up Montgomery multiplication 8bb2f369 firmware: 2load_kernel: Set data_key allow_hwcrypto flag 2b183b58 vboot_reference: open drive rdonly when getting details 6ee22049 sign_official_build: switch from dgst to pkeyutl da69cf46 Makefile: Add support for make 4.3 Also update the implementations of the vb2ex_hwcrypto_modexp() callback to match the API changes made in vboot. Change-Id: Ia6e535f4e49045e24ab005ccd7dcbbcf250f96ac Signed-off-by: Julius Werner <jwerner@chromium.org> Reviewed-on: https://review.coreboot.org/c/coreboot/+/79685 Tested-by: build bot (Jenkins) <no-reply@coreboot.org> Reviewed-by: Jérémy Compostella <jeremy.compostella@intel.com> Reviewed-by: Subrata Banik <subratabanik@google.com>
2023-12-14Update vboot submodule to upstream mainYi Chou
Updating from commit id db533497: 2023-12-05 20:09:44 +0000 - (host/lib/pkcs11: Remove superfluous 'nss' directory from include paths) to commit id c0cb4bfa: 2023-12-08 09:14:32 +0000 - (signer: sign_android_image.sh should die when image repacking fails) This brings in 3 new commits: c0cb4bfa signer: sign_android_image.sh should die when image repacking fails 30e37712 tlcl: Add `TlclCreatePrimary()` support 12fa13e3 2api: Add firmware & kernel PCR support Change-Id: I354c1d07c3b506069d5b64bc2fc476dadc36e0e2 Signed-off-by: Yi Chou <yich@google.com> Reviewed-on: https://review.coreboot.org/c/coreboot/+/79484 Reviewed-by: Yu-Ping Wu <yupingso@google.com> Tested-by: build bot (Jenkins) <no-reply@coreboot.org>
2023-12-073rdparty/vboot: Update submodule to upstream mainFelix Singer
Updating from commit id ba7fd22d: 2023-11-29 01:50:20 +0000 - (Makefile: Always link libdl) to commit id db533497: 2023-12-05 20:09:44 +0000 - (host/lib/pkcs11: Remove superfluous 'nss' directory from include paths) This brings in 4 new commits: db533497 host/lib/pkcs11: Remove superfluous 'nss' directory from include paths 3307f1a7 tlcl: Add `TlclEvictControl()` support 0bd01137 tlcl: Remove the redundant bytes in TlclReadPublic 9afdf0f2 sign_official_build.sh: stop messing with +x Change-Id: Ib2ded699605dfa4032f4687e1e336297c0af1372 Signed-off-by: Felix Singer <felixsinger@posteo.net> Reviewed-on: https://review.coreboot.org/c/coreboot/+/79402 Tested-by: build bot (Jenkins) <no-reply@coreboot.org> Reviewed-by: Martin L Roth <gaumless@gmail.com>
2023-11-30Update vboot submodule to upstream mainJulius Werner
Updating from commit id f2b01bf0: 2023-10-27 Julius Werner firmware: Undeprecate VB2_RECOVERY_FW_GET_FW_BODY to commit id ba7fd22d: 2023-11-27 Julius Werner Makefile: Always link libdl This brings in 54 new commits: ba7fd22d Makefile: Always link libdl 1b30d195 sign_official_build: sign_update_payload with pkcs11 ca7a1427 sign_firmware: support loem key config a9623573 sign_official_build: add keys to default key config d41497dc sign_official_build: support loem key config da2450db sign_official_build: support sign with .vbprik2 files ee326142 getversion: Make reproducible 8aaf9e32 futility: fix a typo in help message of `read` 9ce505f4 futility: Fix incorrect warning about signing length 23a0ce4e scripts: add lib/keycfg.sh 2e34330b Makefile: Fix firmware build for FIRMWARE_ARCH=arm64 fd5937d1 tests/futility/test_show_and_verify: Add test cases for invalid data key 00aa0626 futility/cmd_vbutil_kernel: Drop --pad option for --verify c661ab76 futility/cmd_show: Drop --pad option c70511d7 tests/futility/test_show_and_verify: Add test cases for kernel vblocks c9100f46 signer: Use compression flags stored in the metadata file f1f3076f vboot: Add vb_keyb_from_private_key c39a2fc1 host: support signing with pkcs11 key for vbprik2 c6d44076 vboot: merge reading function of vb2/vb21 private key 6b8e759f vboot: replace custom prefix "pkcs11" to "remote" 481440d0 futility: Prefer to flash over CCD instead of C2D2 1244c06f futility/cmd_dump_fmap: Print an error if FMAP header not found cab69289 futility/cmd_show: Fix parseable output for kernel preamble flags 71a03dc6 futility/cmd_show: Make preamble parseable output consistent bdac62a4 futility/cmd_show: Make 'show' return 0 for invalid kernel body 135df2d7 futility/cmd_show: Show parseable "keyblock::valid" for valid keyblock 37f37fcd futility/cmd_show: Fix output for firmware body signature 79c244ff tests/futility/test_show_and_verify: Add test cases for bios_brya_mp.bin d4b6560f signer: Update mkfs.erofs pcluster value to 32K f79a2432 futility/cmd_sign: Fix a space in usage text a307fcb5 futility: updater: rename --ccd to --ccd_without_servod 6b9f66d3 futility: updater: Fix malloc overflow due to broken keyblock a94a784c updater: update: Support multiple Servos without --servo_port 25875bef tests/futility: Add test cases for VBOOT_CBFS_INTEGRATION 5f8e3973 futility/cmd_show: Fix typo "metatadata" 9d30a01f futility: Trim trailing spaces in kernel config c59794a6 sign_uefi: Support signing via pkcs11 68d4aa4b sign_uefi: Skip private key check if it's a pkcs11 URI 6b9d624b sign_uefi: Pass each key path separately 483f65e4 sign_official_build.sh: properly show errors on loem issues 516ee7bc sign_uefi: Use named args instead of positional 0eec8e25 vboot_reference-sys: Switch from Command to bindgen::Builder 46f5aab8 image_signing: support multiple release names f13af139 sign_official_build: Sudo invocation within bits of android signing 3f165374 futility: updater: Add optional serial number argument to --ccd 64379cc6 sign_official_build: add --debug flag 7160bf9f 2lib: Fix relocation issue when compiling locally with musl libc 0e27cdff vboot_reference-sys: Add vboot_host.h 2c82e73c Override use_apksigner FLAGS b43469c7 futility/cmd_show: Support --publickey FW_VBLOCK 0eb4da96 tests/futility: Update kern_preamble.bin as kernel_part.bin 68a03355 tests/futility: Move test_show_vs_verify.sh into test_show_and_verify.sh 8daf1474 tests/futility: Move 'futility show' tests to a separate file 34190e3d futility: Exit with error when metadata hash verification not supported 967aa462 firmware/2lib: Fix function comment for vb2api_get_firmware_size() Change-Id: I58b231d53f433a396b1ea8cd4e0ddc49a310e385 Signed-off-by: Julius Werner <jwerner@chromium.org> Reviewed-on: https://review.coreboot.org/c/coreboot/+/79313 Reviewed-by: Yu-Ping Wu <yupingso@google.com> Tested-by: build bot (Jenkins) <no-reply@coreboot.org> Reviewed-by: Uwe Poeche <uwe.poeche@siemens.com>
2023-11-20Update vboot submodule to upstream mainJulius Werner
Updating from commit id c59794a6: 2023-11-02 Nicholas Bishop sign_uefi: Support signing via pkcs11 to commit id f2b01bf0: 2023-10-27 Julius Werner firmware: Undeprecate VB2_RECOVERY_FW_GET_FW_BODY This brings in 66 new commits: c59794a6 sign_uefi: Support signing via pkcs11 68d4aa4b sign_uefi: Skip private key check if it's a pkcs11 URI 6b9d624b sign_uefi: Pass each key path separately 483f65e4 sign_official_build.sh: properly show errors on loem issues 516ee7bc sign_uefi: Use named args instead of positional 0eec8e25 vboot_reference-sys: Switch from Command to bindgen::Builder 46f5aab8 image_signing: support multiple release names f13af139 sign_official_build: Sudo invocation within bits of android signing 3f165374 futility: updater: Add optional serial number argument to --ccd 64379cc6 sign_official_build: add --debug flag 7160bf9f 2lib: Fix relocation issue when compiling locally with musl libc 0e27cdff vboot_reference-sys: Add vboot_host.h 2c82e73c Override use_apksigner FLAGS b43469c7 futility/cmd_show: Support --publickey FW_VBLOCK 0eb4da96 tests/futility: Update kern_preamble.bin as kernel_part.bin 68a03355 tests/futility: Move test_show_vs_verify.sh into test_show_and_verify.sh 8daf1474 tests/futility: Move 'futility show' tests to a separate file 34190e3d futility: Exit with error when metadata hash verification not supported 967aa462 firmware/2lib: Fix function comment for vb2api_get_firmware_size() f2b01bf0 firmware: Undeprecate VB2_RECOVERY_FW_GET_FW_BODY ef6d02df futility/vb2_helper: Add missing newline for error messages 886d13d7 PRESUBMIT: switch to cros format ac2e1a75 host/lib: Decouple openssl headers from HOSTLIB 86ec05f7 futility: updater: Add help info for --quirks 2850244e futility: updater: Abort if the unlock_csme_* is used on a locked device f1b5c88d devkeys: delete old unused firmware_bmpfv.bin 4444c5fe crossystem: Fix tpm_fwver for fwid < 12935 98ef339f 2lib: Prevent overwriting the value of fw_vboot2 c7517eb4 make_dev_ssd: support ChromeOS Kdump 8e3462cc tlcl: Increase the TPM_BUFFER_SIZE 740a2966 vboot_reference: Drop 'host' usage for 'internal' in flashrom.h 57877a44 vboot: Remove comments about physical dev switch 3401d16c 2lib: Fix typos, comments and formats fdf52d45 scripts/: Drop deprecated {g,s}et_gbb_flags.sh scripts bf76e9ee 2lib: Output the correct kernel_version 1ac4663e make_dev_firmware.sh: update pattern for matching wp status c57ab9f7 2lib: Add recovery reason VB2_RECOVERY_WIDEVINE_PREPARE e094ba31 tlcl: Reduce the variants of TPM2B b047600d sign_official_build: support key config for pkcs11 f8712b73 vboot: support signing with pkcs11 private key 17fe786f strip_boot_from_image.sh: sfill fast 6c856cd3 futility/updater: Fix EC software write protection logic 1dc5a421 futility: update: Deprecate --unlock_me by --quirk unlock_csme_nissa f0d88587 futility: update: Refactor the 'unlock ME' quirk(s) 81429ee9 futility: update: Do not update RO when the AP RO is locked a3beb737 futility: update: Revise the ordering or quirks 2c1844fa futility: update: Remove unused quirk 'unlock_wilco_me_for_update' 75530d32 tests/futility: Test with new signer_config.csv based firmware updater cba649fa 2lib: Expose 2hmac ab015448 2lib: Refactor hmac to vb2_hmac_calculate 3545f8b4 Revert "sign_uefi: Remove exception catching" 55f625a9 dump_fmap: Add offset and size to flash_ec format output a27ee336 keygeneration: add shellcheck source statements to help linting 055f9aa2 keygeneration: replace_recovery_key.sh: make minios key optional 6cb8ab60 scripts: delete unused values kernel command line 1f76c38b vboot: Drop phone recovery support ccf6b037 scripts: Legacy fix for set_gbb_flags.sh 8f03069e futility: Add basic README.md 88963df8 utility: Query platform wp status with futility 6c3817d2 utility: Drop cros_alias technical debt in dev_debug_vboot df85f512 scripts: Drop cros_alias technical debt in make_dev_firmware.sh 7395cd68 futility/updater_utils.c: Match on EC path to prepare for split 52518415 crossystem: Recover corrupted RW_NVRAM on flash writes 81f9ddaf futility/cmd_gbb_utility.md: Add basic GBB subcmd doc c4995268 futility/: Fix define confusion 69dab5a6 crossystem: Avoid writing duplicate entries to RW_NVRAM 6c37b520 Revert "crossystem: stop supporting legacy chromeos_acpi driver" Change-Id: Ic7ecdabcdd26df349b8abf1c5a77c806facfe1d8 Signed-off-by: Julius Werner <jwerner@chromium.org> Reviewed-on: https://review.coreboot.org/c/coreboot/+/78865 Reviewed-by: Yu-Ping Wu <yupingso@google.com> Tested-by: build bot (Jenkins) <no-reply@coreboot.org>
2023-11-01Revert "Update vboot submodule to upstream main"Martin L Roth
This reverts commit 6e03007bfa948d679f5d4d6998c12c581b390d1a. Reason for revert: Build fails - Jenkins test escappe. Signed-off-by: Martin Roth <gaumless@gmail.com> Change-Id: I726e2e1ce7dc3350a281dc30256b116580fd63c0 Reviewed-on: https://review.coreboot.org/c/coreboot/+/78844 Reviewed-by: Matt DeVillier <matt.devillier@gmail.com> Reviewed-by: Felix Singer <service+coreboot-gerrit@felixsinger.de> Reviewed-by: David Hendricks <david.hendricks@gmail.com>
2023-10-31Update vboot submodule to upstream mainJulius Werner
Updating from commit id 24cb127a: 2023-08-21 Nicholas Bishop sign_uefi_unittest.py: Fix long-line lint to commit id f2b01bf0: 2023-10-27 Julius Werner firmware: Undeprecate VB2_RECOVERY_FW_GET_FW_BODY This brings in 47 new commits: f2b01bf0 firmware: Undeprecate VB2_RECOVERY_FW_GET_FW_BODY ef6d02df futility/vb2_helper: Add missing newline for error messages 886d13d7 PRESUBMIT: switch to cros format ac2e1a75 host/lib: Decouple openssl headers from HOSTLIB 86ec05f7 futility: updater: Add help info for --quirks 2850244e futility: updater: Abort if the unlock_csme_* is used on a locked device f1b5c88d devkeys: delete old unused firmware_bmpfv.bin 4444c5fe crossystem: Fix tpm_fwver for fwid < 12935 98ef339f 2lib: Prevent overwriting the value of fw_vboot2 c7517eb4 make_dev_ssd: support ChromeOS Kdump 8e3462cc tlcl: Increase the TPM_BUFFER_SIZE 740a2966 vboot_reference: Drop 'host' usage for 'internal' in flashrom.h 57877a44 vboot: Remove comments about physical dev switch 3401d16c 2lib: Fix typos, comments and formats fdf52d45 scripts/: Drop deprecated {g,s}et_gbb_flags.sh scripts bf76e9ee 2lib: Output the correct kernel_version 1ac4663e make_dev_firmware.sh: update pattern for matching wp status c57ab9f7 2lib: Add recovery reason VB2_RECOVERY_WIDEVINE_PREPARE e094ba31 tlcl: Reduce the variants of TPM2B b047600d sign_official_build: support key config for pkcs11 f8712b73 vboot: support signing with pkcs11 private key 17fe786f strip_boot_from_image.sh: sfill fast 6c856cd3 futility/updater: Fix EC software write protection logic 1dc5a421 futility: update: Deprecate --unlock_me by --quirk unlock_csme_nissa f0d88587 futility: update: Refactor the 'unlock ME' quirk(s) 81429ee9 futility: update: Do not update RO when the AP RO is locked a3beb737 futility: update: Revise the ordering or quirks 2c1844fa futility: update: Remove unused quirk 'unlock_wilco_me_for_update' 75530d32 tests/futility: Test with new signer_config.csv based firmware updater cba649fa 2lib: Expose 2hmac ab015448 2lib: Refactor hmac to vb2_hmac_calculate 3545f8b4 Revert "sign_uefi: Remove exception catching" 55f625a9 dump_fmap: Add offset and size to flash_ec format output a27ee336 keygeneration: add shellcheck source statements to help linting 055f9aa2 keygeneration: replace_recovery_key.sh: make minios key optional 6cb8ab60 scripts: delete unused values kernel command line 1f76c38b vboot: Drop phone recovery support ccf6b037 scripts: Legacy fix for set_gbb_flags.sh 8f03069e futility: Add basic README.md 88963df8 utility: Query platform wp status with futility 6c3817d2 utility: Drop cros_alias technical debt in dev_debug_vboot df85f512 scripts: Drop cros_alias technical debt in make_dev_firmware.sh 7395cd68 futility/updater_utils.c: Match on EC path to prepare for split 52518415 crossystem: Recover corrupted RW_NVRAM on flash writes 81f9ddaf futility/cmd_gbb_utility.md: Add basic GBB subcmd doc c4995268 futility/: Fix define confusion 69dab5a6 crossystem: Avoid writing duplicate entries to RW_NVRAM 6c37b520 Revert "crossystem: stop supporting legacy chromeos_acpi driver" Change-Id: Ic7ecd1755d26df349b8abf1c5a77c806facfe1d8 Signed-off-by: Julius Werner <jwerner@chromium.org> Reviewed-on: https://review.coreboot.org/c/coreboot/+/78820 Reviewed-by: Felix Singer <service+coreboot-gerrit@felixsinger.de> Reviewed-by: Eric Lai <ericllai@google.com> Tested-by: build bot (Jenkins) <no-reply@coreboot.org> Reviewed-by: Yu-Ping Wu <yupingso@google.com>
2023-08-24Update vboot submodule to upstream mainYu-Ping Wu
Updating from commit id 0c11187c: 2023-08-07 11:41:45 +0000 - (vboot_reference: Rename Cr50 to GSC when applicable) to commit id 24cb127a: 2023-08-22 00:19:10 +0000 - (sign_uefi_unittest.py: Fix long-line lint) This brings in 24 new commits: 24cb127a sign_uefi_unittest.py: Fix long-line lint 52ac0c71 dump_fmap: Rename format name from 'pretty' to 'parser' 068376d9 dump_fmap: Add description about formats f67ae949 crossystem: stop supporting legacy chromeos_acpi driver e6bd72f7 Revert "futility/cmd_vpd: Add vpd listing subcommand" c7593acc futility: updater: fix build warning 'incompatible function pointer' 394fbfad crossystem: Binary search RW_NVRAM to find the active entry a5b80353 keygeneration: drop ec_{data,root}_key 1c9b603d futility: updater: Refactor manifest generation 0a4be4a0 futility: updater: Use signer_config for all boards by default f9d1f0b0 futility: Fix closing file in error path 4dbadfb3 vboot_reference: Remove VB2_RECOVERY_CR50_BOOT_MODE 11bdc1f5 futility: updater: Enable keyset in signer_config based manifest 35e69bcd futility: Change FLMSTR values set by --unlock_me 0ca8212b futility: updater: Use signer_config manifest instead of setvars 0e24a8ef scripts: use new fw updater pack/repack commands 4378179b futility/cmd_vpd: Add vpd listing subcommand 2fc252d8 futility: updater: Remove deprecated Glados platform quirks 3119182d x86/crossystem: Fix snprintf error for hostlib 06a0b9d0 sign_uefi: Remove exception catching bcfd831e sign_uefi: Clarify comment for removing signatures 4cb7b0e5 crossystem: support new chromeos_acpi driver eb37f19d vboot: remove trailing newline from sysfs ec173ee4 vboot: rename ReadFileString() to ReadFileFirstLine() Change-Id: I6c92791404dc1c6a3efc8bb9046fe5017ba794fb Signed-off-by: Yu-Ping Wu <yupingso@chromium.org> Reviewed-on: https://review.coreboot.org/c/coreboot/+/77381 Tested-by: build bot (Jenkins) <no-reply@coreboot.org> Reviewed-by: Yidi Lin <yidilin@google.com>
2023-08-10Update vboot submodule to upstream mainYu-Ping Wu
Updating from commit id 034907b2: 2023-06-03 08:10:11 +0000 - (vboot_reference: eliminate redundant call to write protect EC-RO) to commit id 0c11187c: 2023-08-07 11:41:45 +0000 - (vboot_reference: Rename Cr50 to GSC when applicable) This brings in 38 new commits: 0c11187c vboot_reference: Rename Cr50 to GSC when applicable 76c160e2 futility: updater: Support --unlock_me with --mode=output 48a12071 futility: Add `show` test for CBFS integration firmware b419912f futility: Pull file names into ft_show_bios() subtypes db56d9c5 futility: Clarify `name` and remove `data` argument of file type funcs 311f59e8 futility: Use -P for signing tests 854c71b9 tests: futility: Make test_show_contents easier to update 5f5a695e futility: Document machine parseable format guidelines 774c700f futility: Fix HWID digest footer output 8cc8b710 futility: Fix build with a single RW partition and CBFS verification 6d4b03e5 futility/cmd_read.c: Implement --split-path|-s switch 636d5b16 Correct a malloc() check in VbExStreamOpen() def2f5af firmware/2lib: Switch to RO immediately if only one slot present 9c9931b4 futility/cmd_read.c: Optimise to limit SPI transaction cb56129f checkpatch: Change max line length from 80 to 96 aa23241a tests: Fix run_vbutil_kernel_arg_tests.sh d7c26f52 futility: Follow-up fixes to CL:4548417 56490778 futility: add machine friendly print option 23e750b8 tests: Remove duplicate test for vb2api_fail() 612d140b futility: updater: fix custom label devices using customization_id 69cbe7ee Revert "futility: Avoid unnecessary servo control command" 290b72d6 vbutil_kernel: Drop alignment check for EFI stub 5d582eb5 sign_android_image.sh: Preserve capabilities for EROFS as well 8c30aaab futility: Avoid unnecessary servo control command 58f8bb5c futility: Fix flash teardown issue 2d9f9cdb sign_official_build: add cloud-signing param d0ceeee6 image_signing: sign_official_build: create a proper main() func 38cfb9b0 Revert "make_dev_ssd.sh: Add support for kdump" 2c43e4dd .clang-format: Change the ColumnLimit from 80 to 96 3107ce77 host/lib/flashrom_drv.c: Check chip len symmetrically across R/W ops 0549e3c1 2load_kernel: Change bootloader_address out-parameter to offset 979f61de Make sign_android_image.sh support EROFS image format as well. bb5ccd7d lib/flashrom_drv.c: Pass regions as pointer + size. 249a3477 vbutil_kernel: Move kernel's EFI boot stub into bootloader section c8998d5f host/lib: Use absolute path for flashrom 564d9274 futility/updater_utils.c: Drop flashrom cli producer 9bf3edf8 futility/updater.c: Clarify conditions of do_update 212643bd futility/updater.c: Use canonical defines Change-Id: I0947f0f6670328b779d2a8ef240ca196ef615cec Signed-off-by: Yu-Ping Wu <yupingso@chromium.org> Reviewed-on: https://review.coreboot.org/c/coreboot/+/77086 Tested-by: build bot (Jenkins) <no-reply@coreboot.org> Reviewed-by: Yidi Lin <yidilin@google.com>
2023-06-06vboot: Drop argument to select slot from `vb2ex_ec_protect()`Subrata Banik
vboot code changes have eliminated the redundant call to WP the EC-RO region as protecting RW flash implies protecting both RO and RW flash, so the call to protect RO is redundant. google/rex currently takes about 17 ms to lock down the EC. Along with vboot changes, this patch drops argument to choose between RO and RW slot to protect while calling into `vb2ex_ec_protect()`. It ensures vb2ex_ec_protect() is explicitly meant for protecting RW regions. w/o this patch: 517:waiting for EC to allow higher power draw 846,196 (17,297) w/ this patch: 517:waiting for EC to allow higher power draw 838,258 (9,719) Additionally, update vboot submodule to upstream main to avoid the compilation error. Updating from commit id 35f50c3154e5: Fix build error when compiling without -DNDEBUG to commit id 034907b279c9db: vboot_reference: eliminate redundant call to write protect EC-RO Change-Id: I2974f0cb43ba800c2aaeac4876ebaa052b5ee793 Signed-off-by: Subrata Banik <subratabanik@google.com> Reviewed-on: https://review.coreboot.org/c/coreboot/+/75521 Tested-by: build bot (Jenkins) <no-reply@coreboot.org> Reviewed-by: Himanshu Sahdev <himanshu.sahdev@intel.com> Reviewed-by: Harsha B R <harsha.b.r@intel.com> Reviewed-by: Julius Werner <jwerner@chromium.org>
2023-04-15Update vboot submodule to upstream mainMichał Żygowski
Updating from commit id 5b8596ce: 2sha256_arm: Fix data abort issue to commit id 35f50c31: Fix build error when compiling without -DNDEBUG This brings in 41 new commits. Signed-off-by: Michał Żygowski <michal.zygowski@3mdeb.com> Change-Id: I58f6740c34670ea5a501ff2ee8cfcf9d2a1c25e9 Reviewed-on: https://review.coreboot.org/c/coreboot/+/74401 Tested-by: build bot (Jenkins) <no-reply@coreboot.org> Reviewed-by: Julius Werner <jwerner@chromium.org> Reviewed-by: Yu-Ping Wu <yupingso@google.com>
2023-02-16Update vboot submodule to upstream mainYidi Lin
Updating from commit id ffb34f48: PRESUBMIT: disable automatic git cl presubmit to commit id 5b8596ce: 2sha256_arm: Fix data abort issue This brings in 15 new commits. Change-Id: I27a2dbd83114d7f5c075e0823f0c7948b82da694 Signed-off-by: Yidi Lin <yidilin@chromium.org> Reviewed-on: https://review.coreboot.org/c/coreboot/+/73058 Tested-by: build bot (Jenkins) <no-reply@coreboot.org> Reviewed-by: Yu-Ping Wu <yupingso@google.com>
2023-02-13Update vboot submodule to upstream mainYidi Lin
Updating from commit id ecb87bfc: Add PRESUBMIT.py to commit id 03c8969b: get_gbb_flags.sh: Use futility gbb --explicit This brings in 23 new commits. Change-Id: Ie5a20071f00e61e03193eef79b3b123cf25fe4e0 Signed-off-by: Yidi Lin <yidilin@chromium.org> Reviewed-on: https://review.coreboot.org/c/coreboot/+/72944 Tested-by: build bot (Jenkins) <no-reply@coreboot.org> Reviewed-by: Yu-Ping Wu <yupingso@google.com>
2023-01-05Update vboot submodule to upstream mainElyes Haouas
Updating from commit id 196b0843e9 : to a09b792e6a : Makefile: Remove old include directories This brings in 9 new commits. Fix: cc1: error: firmware/lib/cryptolib/include: No such file or directory [-Werror=missing-include-dirs] cc1: error: firmware/lib20/include: No such file or directory [-Werror=missing-include-dirs] Change-Id: I292d3a4046c1a1890a640747cbbd00e79e5e56b4 Signed-off-by: Elyes Haouas <ehaouas@noos.fr> Reviewed-on: https://review.coreboot.org/c/coreboot/+/71582 Reviewed-by: Julius Werner <jwerner@chromium.org> Tested-by: build bot (Jenkins) <no-reply@coreboot.org>
2022-12-15Update vboot submodule to upstream mainKarthikeyan Ramasubramanian
Updating from commit id 148e5b83: Makefile: Fix and simplify the RUNTEST test wrapper to commit id 196b0843: create_new_keys: use single AP RO Verification root key pair This brings in 30 new commits. Change-Id: Iedfc6cf0ff2dc1913a7a41a4302dc1951abf8a8a Signed-off-by: Karthikeyan Ramasubramanian <kramasub@google.com> Reviewed-on: https://review.coreboot.org/c/coreboot/+/70759 Tested-by: build bot (Jenkins) <no-reply@coreboot.org> Reviewed-by: Yu-Ping Wu <yupingso@google.com>
2022-10-27Update vboot submodule to upstream mainJakub Czapiga
Updating from commit id b827ddb9: 2022-09-01 06:37:33 +0000 - (tests: Ensure auxfw sync runs after EC sync) to commit id 148e5b83: 2022-10-25 09:36:59 +0000 - (Makefile: Fix and simplify the RUNTEST test wrapper) This brings in 28 new commits: 148e5b83 Makefile: Fix and simplify the RUNTEST test wrapper a9c47c41 futility/cmd_show: set uninitialized variable e18a6cda gscvd: presume GBB flags are zero when hashing the RO space contents 0b0aee9c gscvd: refactor discovering GBB in the image ff1749cb futility: add option to save ro_gscvd section in a blob 84c65cd3 vboot_reference: Check OS/firmware mismatch and report to UMA 9a1be550 cmd_update: avoid variable name aliasing d0f7fdf6 treewide: Fix copyrights and extra new lines at end of file 0ca75fd1 tpm_lite: Fix copyrights, line endings, extra new lines at end of file 4ca43a34 crossystem: arm: Retry if we fail to read a GPIO f1a7efc0 futility: updater: Scan patch files for the signer_config manifest 64803227 futility: updater: Support patching GSCVD 2aa69d0c futility: Remove validate_rec_mrc command 0ca7a9e4 firmware: host: futility: Add CBFS metadata hash support aaeb307f futility: Use ccd update mode for suzyq ti50 aa44b7cf vboot: gbb_flags_common should treat ccd_ti50 like ccd_cr50 ff8bb2d9 futility: Address double free 6a33a0fc treewide: Fix license headers to conform with linter b2b4f767 DIR_METADATA: Add V2 Test Plans. 5346938c futility gscvd: add option to print out root key hash 5790c0aa gscvd: add support for reading ranges from the image 499e5743 gbb_flags_common.sh: Restore tmpfile cleanup trap f3f9d2a6 scripts/OWNERS: Fix engeg email chromium -> google ce620761 tests: Remove --allow-multiple-definition linker option 956c2efb futility: Skip picking apart an x86 kernel if has the EFI stub 9f2e9804 Avoid build failures on recent distros 62cc7885 subprocess: Log subprocess arguments when running 3bd35108 2api: Add a new entry point for only loading and verifying the kernel Signed-off-by: Jakub Czapiga <jacz@semihalf.com> Change-Id: I9a16d6e02cee34140ec375ed6166f47560459140 Reviewed-on: https://review.coreboot.org/c/coreboot/+/68540 Reviewed-by: Julius Werner <jwerner@chromium.org> Reviewed-by: Yu-Ping Wu <yupingso@google.com> Tested-by: build bot (Jenkins) <no-reply@coreboot.org>
2022-09-02cbfs/vboot: Adapt to new vb2_digest APIJulius Werner
CL:3825558 changes all vb2_digest and vb2_hash functions to take a new hwcrypto_allowed argument, to potentially let them try to call the vb2ex_hwcrypto API for hash calculation. This change will open hardware crypto acceleration up to all hash calculations in coreboot (most notably CBFS verification). As part of this change, the vb2_digest_buffer() function has been removed, so replace existing instances in coreboot with the newer vb2_hash_calculate() API. Due to the circular dependency of these changes with vboot, this patch also needs to update the vboot submodule: Updating from commit id 18cb85b5: 2load_kernel.c: Expose load kernel as vb2_api to commit id b827ddb9: tests: Ensure auxfw sync runs after EC sync This brings in 15 new commits. Signed-off-by: Julius Werner <jwerner@chromium.org> Change-Id: I287d8dac3c49ad7ea3e18a015874ce8d610ec67e Reviewed-on: https://review.coreboot.org/c/coreboot/+/66561 Tested-by: build bot (Jenkins) <no-reply@coreboot.org> Reviewed-by: Jakub Czapiga <jacz@semihalf.com>
2022-08-02Update vboot submodule to upstream mainSubrata Banik
Updating from commit id a975eed306: 2kernel.c: check display request in vb2api_kernel_phase2 to commit id 18cb85b52d: 2load_kernel.c: Expose load kernel as vb2_api Signed-off-by: Subrata Banik <subratabanik@google.com> Change-Id: I58c5d54723683cef51e416fc6f58da000507fbcc Reviewed-on: https://review.coreboot.org/c/coreboot/+/66269 Reviewed-by: Julius Werner <jwerner@chromium.org> Reviewed-by: Yu-Ping Wu <yupingso@google.com> Tested-by: build bot (Jenkins) <no-reply@coreboot.org>
2022-07-20Update vboot submodule to upstream mainSelma Bensaid
Updating from commit id 61971455: vboot_ref/Makefile: Expose symbols irregardless of USE_FLASHROM to commit id a975eed3: 2kernel.c: check display request in vb2api_kernel_phase2 This brings in 20 new commits. BUG=b:172339016 TEST=builds with vboot_ref uprev. Signed-off-by: Selma Bensaid <selma.bensaid@intel.com> Change-Id: I8f9339f169c4c16216a9f380a7ca00a36098d7f8 Reviewed-on: https://review.coreboot.org/c/coreboot/+/65955 Tested-by: build bot (Jenkins) <no-reply@coreboot.org> Reviewed-by: Jérémy Compostella <jeremy.compostella@intel.com> Reviewed-by: Julius Werner <jwerner@chromium.org>
2022-06-17Update vboot submodule to upstream mainJulius Werner
Updating from commit id 25b94935: vboot_ref/futility: Wrap flashrom_drv behind USE_FLASHROM to commit id 61971455: vboot_ref/Makefile: Expose symbols irregardless of USE_FLASHROM This brings in 90 new commits. BUG=b:207808292,b:231152447 TEST=builds with vboot_ref uprev. Signed-off-by: Julius Werner <jwerner@chromium.org> Signed-off-by: Edward O'Callaghan <quasisec@google.com> Change-Id: Id542f555732b58e1205e757393f9d5fdbde2de68 Reviewed-on: https://review.coreboot.org/c/coreboot/+/64706 Tested-by: build bot (Jenkins) <no-reply@coreboot.org> Reviewed-by: Yu-Ping Wu <yupingso@google.com> Reviewed-by: Tim Wawrzynczak <twawrzynczak@chromium.org>
2022-01-04Update vboot submodule to upstream masterHsuan Ting Chen
Updating from commit id 13f601fb: 2021-09-24 12:25:24 +0000 - (vboot: boot from miniOS recovery kernels on disk) to commit id 25b94935: 2021-12-29 21:34:41 +0000 - (vboot_ref/futility: Wrap flashrom_drv behind USE_FLASHROM) This brings in 44 new commits. Signed-off-by: Hsuan Ting Chen <roccochen@chromium.org> Change-Id: Ife75d21ddfa0b956fdf7a638cd53b55b11f6cb7d Reviewed-on: https://review.coreboot.org/c/coreboot/+/60078 Tested-by: build bot (Jenkins) <no-reply@coreboot.org> Reviewed-by: Edward O'Callaghan <quasisec@chromium.org> Reviewed-by: Yu-Ping Wu <yupingso@google.com>
2021-09-29Update vboot submodule to upstream main (13f601f)Selma Bensaid
Updating from commit id c5a482ed: 2021-09-08 17:16:59 +0000 - (sign_official_build: disable gsetup for reven) to commit id 13f601f: 13f601f vboot: boot from miniOS recovery kernels on disk b This brings in 14 new commits. Signed-off-by: Selma Bensaid <selma.bensaid@intel.com> Change-Id: I66788ea434a6000435b97ce64107f3b5da882414 Reviewed-on: https://review.coreboot.org/c/coreboot/+/57994 Reviewed-by: Tim Wawrzynczak <twawrzynczak@chromium.org> Tested-by: build bot (Jenkins) <no-reply@coreboot.org>
2021-09-15Update vboot submodule to upstream mainHsuan Ting Chen
Updating from commit id 4423276b: 2021-08-31 17:41:34 +0000 - (crossystem: add a hwid override mechanism from chromeos-config) to commit id c5a482ed: 2021-09-08 17:16:59 +0000 - (sign_official_build: disable gsetup for reven) This brings in 10 new commits. Signed-off-by: Hsuan Ting Chen <roccochen@chromium.org> Change-Id: I67d4bfa182eae98bb23ae487f117c991502b66ed Reviewed-on: https://review.coreboot.org/c/coreboot/+/57639 Tested-by: build bot (Jenkins) <no-reply@coreboot.org> Reviewed-by: Julius Werner <jwerner@chromium.org> Reviewed-by: Yu-Ping Wu <yupingso@google.com>
2021-09-06Update vboot submodule to upstream mainThejaswani Putta
Updating from commit id ccc56f4: vboot: add x86 SHA256 ext support to commit id 4423276: crossystem: add a hwid override mechanism from chromeos-config Signed-off-by: Thejaswani Putta <thejaswani.putta@intel.com> Change-Id: I7bd73b9f6c0492f96c336b61e21ecae37b8f3606 Reviewed-on: https://review.coreboot.org/c/coreboot/+/57322 Tested-by: build bot (Jenkins) <no-reply@coreboot.org> Reviewed-by: Tim Wawrzynczak <twawrzynczak@chromium.org> Reviewed-by: Thejaswani Putta <thejaswani.putta@intel.corp-partner.google.com> Reviewed-by: Angel Pons <th3fanbus@gmail.com>
2021-07-01Update vboot submodule to upstream mainSubrata Banik
Updating from commit id b38e3a63: cros_ec: Use boot mode to check if EC can be trusted to commit id ccc56f4: vboot: add x86 SHA256 ext support Signed-off-by: Subrata Banik <subrata.banik@intel.com> Change-Id: I4e170e84a12646386d3fd84ae97add6c19f23809 Reviewed-on: https://review.coreboot.org/c/coreboot/+/55992 Tested-by: build bot (Jenkins) <no-reply@coreboot.org> Reviewed-by: Patrick Georgi <pgeorgi@google.com>
2021-05-30Update vboot submodule to upstream mainDaisuke Nojiri
Updating from commit id e681c37: change node locked version expectations to commit id b38e3a63: cros_ec: Use boot mode to check if EC can be trusted Change-Id: Id6de185af85a61a3843b302fef6fa0d4d3c17aef Signed-off-by: Daisuke Nojiri <dnojiri@chromium.org> Reviewed-on: https://review.coreboot.org/c/coreboot/+/55026 Reviewed-by: Julius Werner <jwerner@chromium.org> Tested-by: build bot (Jenkins) <no-reply@coreboot.org>
2021-05-16Update vboot submodule to upstream/main (e681c37)Aseda Aboagye
This commit updates the vboot submodule from commit 57c0c5b: cgpt: Move all GPT on SPI-NOR infra behind a flag to e681c37: change node locked version expectations Signed-off-by: Aseda Aboagye <aaboagye@google.com> Change-Id: Ifd130e3f66f1819f59f00703f0ad0c2278b544bf Reviewed-on: https://review.coreboot.org/c/coreboot/+/54307 Tested-by: build bot (Jenkins) <no-reply@coreboot.org> Reviewed-by: Julius Werner <jwerner@chromium.org>
2021-04-22Update vboot submodule to upstream mainBora Guvendik
Updating from commit id 9d4053df: 2020-11-20 01:51:08 +0000 - (Revert "Reland: Clean up implicit fall through.") to commit id 57c0c5be: 2021-04-09 11:45:39 +0800 - (cgpt: Move all GPT on SPI-NOR infra behind a flag) Signed-off-by: Bora Guvendik <bora.guvendik@intel.com> Change-Id: Id50a892f12ff3c4147c422c98b640ac047143128 Reviewed-on: https://review.coreboot.org/c/coreboot/+/52453 Reviewed-by: Angel Pons <th3fanbus@gmail.com> Reviewed-by: Furquan Shaikh <furquan@google.com> Tested-by: build bot (Jenkins) <no-reply@coreboot.org>
2020-11-25Update vboot submodule to upstream masterPatrick Georgi
Updating from commit id 9d4053d: 2020-11-20 01:51:08 +0000 - (Revert "Reland: Clean up implicit fall through.") to commit id 48195e5: 2020-11-24 10:23:45 +0000 - (Makefile: Test for warning flags before using them) This brings in 3 new commits. Change-Id: I64f27f346df264cb6eeeb4e3203fcca7d35f7e83 Signed-off-by: Patrick Georgi <pgeorgi@google.com> Reviewed-on: https://review.coreboot.org/c/coreboot/+/47906 Tested-by: build bot (Jenkins) <no-reply@coreboot.org> Reviewed-by: Idwer Vollering <vidwer@gmail.com>
2020-11-21Update vboot submodule to upstream masterJulius Werner
Updating from commit id 4c523ed1: vboot2: Add support for modexp acceleration to commit id 9d4053df: Revert "Reland: Clean up implicit fall through." This brings in 32 new commmits. Among the changes are restored support for older GCC/clang versions that do not support __attribute__((fallthrough)). Signed-off-by: Julius Werner <jwerner@chromium.org> Change-Id: I1110664bf71b4376bcdd9ba934a95031ba872c1d Reviewed-on: https://review.coreboot.org/c/coreboot/+/47784 Tested-by: build bot (Jenkins) <no-reply@coreboot.org> Reviewed-by: Joel Kitching <kitching@google.com> Reviewed-by: Angel Pons <th3fanbus@gmail.com>
2020-10-07Update vboot submodule to upstream masterKangheui Won
Updating from commit id 4bb06cc1: COIL: Change denylist to blocklist to commit id 4c523ed1: vboot2: Add support for modexp acceleration This brings in 10 new commmits. Change-Id: Iff6eb99c8ed3046b6fdb6c1e2892aab956f3b562 Signed-off-by: Kangheui Won <khwon@chromium.org> Reviewed-on: https://review.coreboot.org/c/coreboot/+/45986 Tested-by: build bot (Jenkins) <no-reply@coreboot.org> Reviewed-by: Martin Roth <martinroth@google.com> Reviewed-by: Eric Peers <epeers@google.com> Reviewed-by: Marshall Dawson <marshalldawson3rd@gmail.com>
2020-09-12Update vboot submodule to upstream masterIdwer Vollering
Updating from commit id fefcaa65: vboot: adjust VB2_SECDATA_KERNEL_FLAGS in non-recovery path to commit id 4bb06cc1: COIL: Change denylist to blocklist This brings in 20 new commmits. Signed-off-by: Idwer Vollering <vidwer@gmail.com> Change-Id: I0efef2f0ab6ecb89c8132cca2bd4ab7f71e85ced Reviewed-on: https://review.coreboot.org/c/coreboot/+/45299 Reviewed-by: Angel Pons <th3fanbus@gmail.com> Reviewed-by: Julius Werner <jwerner@chromium.org> Tested-by: build bot (Jenkins) <no-reply@coreboot.org>
2020-08-28Update vboot submodule to upstream masterKangheui Won
Updating from commit id 3932b1c: 2020-08-19 02:09:04 +0000 - inclusive: change usage of blacklist/whitelist to commit id fefcaa6: 2020-08-24 04:32:03 +0000 - vboot: adjust VB2_SECDATA_KERNEL_FLAGS in non-recovery path This brings in 2 new commits. Change-Id: Ia3ff764537b91f76ba6fa3ba2646638964800510 Signed-off-by: Kangheui Won <khwon@chromium.org> Reviewed-on: https://review.coreboot.org/c/coreboot/+/44732 Tested-by: build bot (Jenkins) <no-reply@coreboot.org> Reviewed-by: Julius Werner <jwerner@chromium.org> Reviewed-by: Edward O'Callaghan <quasisec@chromium.org>
2020-08-203rdparty/vboot: Update to latest masterPatrick Georgi
This also includes https://chromium-review.googlesource.com/2318026 which fixes an issue with duplicate symbols. Change-Id: Icf450616b3bcd8b7c01261c913cd172625dbd6ba Signed-off-by: Patrick Georgi <pgeorgi@google.com> Reviewed-on: https://review.coreboot.org/c/coreboot/+/44623 Tested-by: build bot (Jenkins) <no-reply@coreboot.org> Reviewed-by: Angel Pons <th3fanbus@gmail.com>
2020-07-273rdparty/vboot: Update submodule pointer to upstream masterPaul Menzel
Building depthcharge master currently fails as depthcharge commit 74ca8ae5 (depthcharge: Hide dev mode timeout description) changed the function signature according to vboot commit 59fd331b (vboot/ui: pass timer_disabled to vb2ex_display_ui()), which is not yet present in the vboot checkout: $ make […] CC drivers/ec/vboot_auxfw.depthcharge.o src/drivers/ec/vboot_auxfw.c: In function 'display_firmware_sync_screen': src/drivers/ec/vboot_auxfw.c:117:5: error: too many arguments to function 'vb2ex_display_ui' vb2ex_display_ui(VB2_SCREEN_FIRMWARE_SYNC, ^~~~~~~~~~~~~~~~ In file included from /dev/shm/coreboot-1/3rdparty/vboot/firmware/include/vb2_api.h:18, from src/drivers/ec/vboot_auxfw.c:17: /dev/shm/coreboot-1/3rdparty/vboot/firmware/include/../2lib/include/2api.h:1262:13: note: declared here vb2_error_t vb2ex_display_ui(enum vb2_screen screen, ^~~~~~~~~~~~~~~~ So update the submodule pointer from commit 68de90c7 (Allow building for non-CrOS environments) to commit ed23c084 (Reset EC when transitioning to dev mode). This brings in 7 new commits. Change-Id: Icd5408fb824fc5da470774b7f493b916dff17832 Signed-off-by: Paul Menzel <pmenzel@molgen.mpg.de> Reviewed-on: https://review.coreboot.org/c/coreboot/+/43517 Tested-by: build bot (Jenkins) <no-reply@coreboot.org> Reviewed-by: Yu-Ping Wu <yupingso@google.com> Reviewed-by: Joel Kitching <kitching@google.com>
2020-07-03Update vboot submodule to upstream masterPatrick Georgi
Updating from commit id c531000f: 2020-05-18 20:55:55 +0000 - (vboot: Add recovery reason code for CSE Lite SKU errors) to commit id 68de90c7: 2020-07-02 11:31:05 +0000 - (Allow building for non-CrOS environments) This brings in 59 new commits. Change-Id: I7f3c30511ff4acc60e3581bdab89d685dc7beaa5 Signed-off-by: Patrick Georgi <pgeorgi@google.com> Reviewed-on: https://review.coreboot.org/c/coreboot/+/43008 Reviewed-by: Paul Menzel <paulepanter@users.sourceforge.net> Reviewed-by: Arthur Heymans <arthur@aheymans.xyz> Reviewed-by: Angel Pons <th3fanbus@gmail.com> Tested-by: build bot (Jenkins) <no-reply@coreboot.org>
2020-05-26Update vboot submodule to upstream master (commit hash c531000)Furquan Shaikh
This change updates vboot submodule from commit hash 3aab301: vboot: Convert reboot-related errors to vboot2-style to commit hash c531000: vboot: Add recovery reason code for CSE Lite SKU errors Signed-off-by: Furquan Shaikh <furquan@google.com> Change-Id: Ifbf5a09e6602c3f6833e6e8fbbd3cee3f60f1b47 Reviewed-on: https://review.coreboot.org/c/coreboot/+/41536 Tested-by: build bot (Jenkins) <no-reply@coreboot.org> Reviewed-by: Aaron Durbin <adurbin@chromium.org> Reviewed-by: Sridhar Siricilla <sridhar.siricilla@intel.com> Reviewed-by: Angel Pons <th3fanbus@gmail.com>
2020-05-01Update vboot submodule to upstream masterYu-Ping Wu
Updating from commit id 55154620: vboot: Add screens for recovery using disk to commit id 3aab3014: vboot: Convert reboot-related errors to vboot2-style This brings in 3 new commits. Change-Id: I75be535e0b0f8080366b98e5ae2007452ad51738 Signed-off-by: Yu-Ping Wu <yupingso@google.com> Reviewed-on: https://review.coreboot.org/c/coreboot/+/40845 Reviewed-by: Joel Kitching <kitching@google.com> Tested-by: build bot (Jenkins) <no-reply@coreboot.org>
2020-04-23Update vboot submodule to upstream masterDaisuke Nojiri
Updating from commit id 46ff62c3: vboot: stop reading from ACPI for wpsw_boot to commit id 55154620: vboot: Add screens for recovery using disk This brings in 37 new commits. Signed-off-by: Daisuke Nojiri <dnojiri@chromium.org> Change-Id: Ie184cbe6cc18cea540966d5801472ae821ea3e86 Reviewed-on: https://review.coreboot.org/c/coreboot/+/40503 Reviewed-by: Julius Werner <jwerner@chromium.org> Tested-by: build bot (Jenkins) <no-reply@coreboot.org>
2020-04-14Update vboot submodule pointerDuncan Laurie
Update the pointer for vboot_reference so it can be used to compile depthcharge payload on the master branch. Change-Id: I5fc6e05896d7221a1e48ca86c6b15081488302b5 Signed-off-by: Duncan Laurie <dlaurie@google.com> Reviewed-on: https://review.coreboot.org/c/coreboot/+/39840 Tested-by: build bot (Jenkins) <no-reply@coreboot.org> Reviewed-by: Furquan Shaikh <furquan@google.com> Reviewed-by: Paul Menzel <paulepanter@users.sourceforge.net>
2020-03-07Update vboot submodule to upstream masterdnojiri
Updating from commit id 8b9732f5: 2020-01-28 02:32:08 +0000 - (2lib: Fix struct vb2_hash the way it was meant to be) to commit id 5059062d: 2020-03-05 02:40:39 (EFS: Implement EFS2 and NO_BOOT mode) This brings in 19 new commits. Change-Id: Ic33500921e2c1a6109c24ad36713b41ab6e43de9 Signed-off-by: dnojiri <dnojiri@chromium.org> Reviewed-on: https://review.coreboot.org/c/coreboot/+/39324 Reviewed-by: Julius Werner <jwerner@chromium.org> Reviewed-by: Joel Kitching <kitching@google.com> Reviewed-by: Angel Pons <th3fanbus@gmail.com> Tested-by: build bot (Jenkins) <no-reply@coreboot.org>
2020-02-19Update vboot submodule to upstream masterJoel Kitching
Updating from commit id 0e97e25e: 2020-01-28 02:32:08 +0000 - (2lib: Fix struct vb2_hash the way it was meant to be) to commit id 8b9732f5: 2020-02-18 05:55:01 +0000 - (vboot: do not call vb2_commit_data at end of VBSLK) This brings in 36 new commits. Change-Id: Icb0ab2c82c3264185171a32357944949afd2edce Signed-off-by: Joel Kitching <kitching@google.com> Reviewed-on: https://review.coreboot.org/c/coreboot/+/38953 Tested-by: build bot (Jenkins) <no-reply@coreboot.org> Reviewed-by: Paul Menzel <paulepanter@users.sourceforge.net> Reviewed-by: Patrick Georgi <pgeorgi@google.com>
2020-02-03Update vboot submodule to upstream masterJulius Werner
Updating from commit id 6ef33b99: 2019-11-22 Hung-Te Lin futility: updater: refactor: unify getting temp files for firmware images to commit id 0e97e25e: 2020-01-23 Julius Werner 2lib: Fix struct vb2_hash the way it was meant to be Change-Id: I539aba2f283804f67ff3ff4f98324b3d10b2bb54 Signed-off-by: Julius Werner <jwerner@chromium.org> Reviewed-on: https://review.coreboot.org/c/coreboot/+/38604 Tested-by: build bot (Jenkins) <no-reply@coreboot.org> Reviewed-by: Joel Kitching <kitching@google.com>
2020-01-22Update vboot submodule to upstream masterJulius Werner
Updating from commit id 2843aa62: 2019-12-12 Julius Werner 2lib: Move firmware body size reporting to separate function to commit id f5367d59: 2020-01-20 Joel Kitching vboot: translate recovery reason info from vboot 2->1 This brings in 27 new commits. Change-Id: I7d33337881fa2d36d6e562b0a390b56227cfad55 Signed-off-by: Julius Werner <jwerner@chromium.org> Reviewed-on: https://review.coreboot.org/c/coreboot/+/38498 Tested-by: build bot (Jenkins) <no-reply@coreboot.org> Reviewed-by: Joel Kitching <kitching@google.com>
2019-12-13security/vboot: Ensure firmware body size is respected againJulius Werner
CB:36845 simplified how coreboot finds the RW CBFS after vboot has and eliminated a layer of caching. Unfortunately, we missed the fact that the former cached value didn't exactly match the FMAP section... it was in fact truncated to the data actually used by vboot. That patch unintentionally broke this truncation which leads to performance regressions on certain CBFS accesses. This patch makes use of a new API function added to vboot (CL:1965920) which we can use to retrieve the real firmware body length as before. (Also stop making all the vb2_context pointers const. vboot generally never marks context pointers as const in its API functions, even when the function doesn't modify the context. Therefore constifying it inside coreboot just makes things weird because it prevents you from calling random API functions for no reason. If we really want const context pointers, that's a refactoring that would have to start inside vboot first.) This patch brings in upstream vboot commit 4b0408d2: 2019-12-12 Julius Werner 2lib: Move firmware body size reporting to separate function Change-Id: I167cd40cb435dbae7f09d6069c9f1ffc1d99fe13 Signed-off-by: Julius Werner <jwerner@chromium.org> Reviewed-on: https://review.coreboot.org/c/coreboot/+/37680 Tested-by: build bot (Jenkins) <no-reply@coreboot.org> Reviewed-by: Mathew King <mathewk@chromium.org>
2019-12-13Update vboot submodule to upstream masterJulius Werner
Updating from commit id 695c56dc: 2019-12-04 Julius Werner Makefile: Make loop unrolling fully controllable by the caller to commit id b10e5e32: 2019-12-09 Yu-Ping Wu vboot: Make 2nvstorage.h private to vboot_reference This brings in 19 new commits. Change-Id: I9cdccd25422aee26620d48d31f83bcf32a7b4809 Signed-off-by: Julius Werner <jwerner@chromium.org> Reviewed-on: https://review.coreboot.org/c/coreboot/+/37717 Reviewed-by: Mathew King <mathewk@chromium.org> Tested-by: build bot (Jenkins) <no-reply@coreboot.org>
2019-12-06vboot: update VbExNvStorageWrite functionJoel Kitching
Going forwards, vb2ex_commit_data will be used to flush both nvdata and secdata. The patch that is circularly dependent on this lies between a patch that makes vboot no longer build and the patch that fixes that, so we have to pull the whole thing in at once to sort out the mess. Updating from commit id 1c4dbaa0: 2019-11-18 Julius Werner Makefile: Fix typo for MOCK_TPM to commit id 695c56dc: 2019-12-04 Julius Werner Makefile: Make loop unrolling fully controllable by the caller BUG=b:124141368, chromium:1006689 TEST=make clean && make test-abuild BRANCH=none Change-Id: Ia2612da0df101cd3c46151dbce728633a39fada1 Signed-off-by: Joel Kitching <kitching@google.com> Signed-off-by: Julius Werner <jwerner@chromium.org> Reviewed-on: https://review.coreboot.org/c/coreboot/+/37315 Tested-by: build bot (Jenkins) <no-reply@coreboot.org> Reviewed-by: Aaron Durbin <adurbin@chromium.org>
2019-11-20Update vboot submodule to upstream masterTim Wawrzynczak
Updating from commit id ecdca931: 2019-11-13 06:14:05 +0000 - (vboot: move vb2_context inside vb2_shared_data (persistent context)) to commit id 1c4dbaa0: 2019-11-19 06:31:23 +0000 - (Makefile: Fix typo for MOCK_TPM) This brings in 17 new commits. Signed-off-by: Tim Wawrzynczak <twawrzynczak@chromium.org> Change-Id: I1952d7a26725e2c008b5009705b2e78ac0bb82df Reviewed-on: https://review.coreboot.org/c/coreboot/+/36936 Reviewed-by: Aaron Durbin <adurbin@chromium.org> Tested-by: build bot (Jenkins) <no-reply@coreboot.org>
2019-11-15vboot: use vboot persistent contextJoel Kitching
vb2_context object is now stored on the workbuf as part of vb2_shared_data. Use vboot's new API functions vb2api_init and vb2api_relocate to create and move the workbuf. BUG=b:124141368, chromium:994060 TEST=Build locally BRANCH=none Change-Id: I051be1e47bf79b15a1689d49a5d4c031e9363dfa Signed-off-by: Joel Kitching <kitching@google.com> Also-Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/third_party/coreboot/+/1902339 Reviewed-on: https://review.coreboot.org/c/coreboot/+/36300 Tested-by: build bot (Jenkins) <no-reply@coreboot.org> Reviewed-by: Patrick Georgi <pgeorgi@google.com> Reviewed-by: Stefan Reinauer <stefan.reinauer@coreboot.org> Reviewed-by: Maulik V Vaghela <maulik.v.vaghela@intel.com>
2019-11-14Update vboot submodule to upstream masterJoel Kitching
Updating from commit id b2c8984d: 2019-10-01 06:01:59 +0000 - (vboot: fix compile error with MOCK_TPM) to commit id 87276ffe: 2019-11-07 17:46:09 +0800 - (futility: updater: Clean up hard-coded section names to preserve) This brings in 48 new commits. Change-Id: Iabaadc63227b856d0a2b7f3b23fe8c41b28d8eae Signed-off-by: Joel Kitching <kitching@google.com> Reviewed-on: https://review.coreboot.org/c/coreboot/+/36813 Tested-by: build bot (Jenkins) <no-reply@coreboot.org> Reviewed-by: Julius Werner <jwerner@chromium.org>
2019-10-03Update vboot submodule to upstream masterPatrick Georgi
Updating from commit id e6700f4c: 2019-08-13 04:36:52 +0000 - (vboot: update vboot2 functions to use new vb2_error_t) to commit id b2c8984d: 2019-10-01 06:01:59 +0000 - (vboot: fix compile error with MOCK_TPM) This brings in 71 new commits. Change-Id: Id7cefa3ad5b30c955d18e469494fec32f6f58a48 Signed-off-by: Patrick Georgi <pgeorgi@google.com> Reviewed-on: https://review.coreboot.org/c/coreboot/+/35315 Tested-by: build bot (Jenkins) <no-reply@coreboot.org> Reviewed-by: Stefan Reinauer <stefan.reinauer@coreboot.org>
2019-08-21vboot: update vboot2 functions to use new vb2_error_tJoel Kitching
To make explicit when vboot2 error codes should be returned, use the new vb2_error_t type on all functions which return VB2_ERROR_* constants. Additionally, add required vboot submodule commit id e6700f4c: 2019-07-31 14:12:30 +0800 - (vboot: update vboot2 functions to use new vb2_error_t) NOTE: This patch was merged separately on the Chromium tree: https://chromium-review.googlesource.com/c/1728499 BUG=b:124141368, chromium:988410 TEST=make clean && make test-abuild BRANCH=none Change-Id: I804c2b407e496d0c8eb9833be629b7c40118415c Signed-off-by: Joel Kitching <kitching@google.com> Cq-Depend: chromium:1728292 Reviewed-on: https://review.coreboot.org/c/coreboot/+/34860 Tested-by: build bot (Jenkins) <no-reply@coreboot.org> Reviewed-by: Julius Werner <jwerner@chromium.org>
2019-08-21Update vboot submodule to upstream masterJoel Kitching
Updating from commit id 9c906110: 2019-08-06 06:07:01 +0000 - (vboot/tpm: fix return type inconsistencies) to commit id a5afd01f: 2019-08-08 11:02:44 -0700 - (Minor fixes for clang) This brings in 6 new commits. Change-Id: Ic334ce8a5f24a0119fa2aaf000ce76c4c9e4932a Signed-off-by: Joel Kitching <kitching@google.com> Reviewed-on: https://review.coreboot.org/c/coreboot/+/34859 Tested-by: build bot (Jenkins) <no-reply@coreboot.org> Reviewed-by: Paul Menzel <paulepanter@users.sourceforge.net> Reviewed-by: Julius Werner <jwerner@chromium.org>
2019-08-08Update vboot submodule to upstream masterJoel Kitching
Updating from commit id dac763c7: 2019-05-10 10:43:55 -0700 - (Make vboot -Wtype-limits compliant) to commit id 9c906110: 2019-08-06 06:07:01 +0000 - (vboot/tpm: fix return type inconsistencies) This brings in 68 new commits. Change-Id: Ia96347d8ed94db6f0ec5f5108cb98ab0c4087bd4 Signed-off-by: Joel Kitching <kitching@google.com> Reviewed-on: https://review.coreboot.org/c/coreboot/+/33858 Tested-by: build bot (Jenkins) <no-reply@coreboot.org> Reviewed-by: Julius Werner <jwerner@chromium.org>
2019-05-133rdparty: Uprev vboot submodule to upstream masterJulius Werner
This patch uprevs the vboot submodule to the new upstream HEAD commit dac763c782 Make vboot -Wtype-limits compliant Change-Id: I363e218e019b25483bc4c06315ca4e0e34599daf Signed-off-by: Julius Werner <jwerner@chromium.org> Reviewed-on: https://review.coreboot.org/c/coreboot/+/32748 Tested-by: build bot (Jenkins) <no-reply@coreboot.org> Reviewed-by: Joel Kitching <kitching@google.com> Reviewed-by: Patrick Georgi <pgeorgi@google.com>
2019-05-07Update vboot submodule to upstream masterJoel Kitching
Updating from commit id 304aa429: 2019-03-12 10:38:56 -0700 - (futility: updater: Unit test for preserving sections using FMAP flags) to commit id e7edff66: 2019-05-03 07:02:32 -0700 - (vboot: implement DISPLAY_INIT context and SD flag) This brings in 45 new commits. Change-Id: I7493e43bddc553f9724de46130ccb4cb44e18573 Signed-off-by: Joel Kitching <kitching@google.com> Reviewed-on: https://review.coreboot.org/c/coreboot/+/32612 Tested-by: build bot (Jenkins) <no-reply@coreboot.org> Reviewed-by: Patrick Georgi <pgeorgi@google.com>
2019-03-14Update vboot submodule to upstream masterJoel Kitching
Updating from commit id 1e177741: 2019-02-14 05:27:16 -0800 - (vboot: rename VB2_DISABLE_DEVELOPER_MODE) to commit id 304aa429: 2019-03-12 10:38:56 -0700 - (futility: updater: Unit test for preserving sections using FMAP flags) This brings in 18 new commits. Change-Id: Ie2889ed0217c38734eb2c496ca20f95b6a12b102 Signed-off-by: Joel Kitching <kitching@google.com> Reviewed-on: https://review.coreboot.org/c/coreboot/+/31872 Reviewed-by: Patrick Georgi <pgeorgi@google.com> Tested-by: build bot (Jenkins) <no-reply@coreboot.org>
2019-02-22Update vboot submodule to upstream masterJoel Kitching
Updating from commit id a32c930e: 2018-12-28 16:14:08 -0800 - (futility: updater: quirks: Support special released SNOW RO) to commit id 1e177741: 2019-02-14 05:27:16 -0800 - (vboot: rename VB2_DISABLE_DEVELOPER_MODE) This brings in 11 new commits. Change-Id: I59d83de49006a6d081b206716002697d39099aa4 Signed-off-by: Joel Kitching <kitching@google.com> Reviewed-on: https://review.coreboot.org/c/31542 Tested-by: build bot (Jenkins) <no-reply@coreboot.org> Reviewed-by: Patrick Georgi <pgeorgi@google.com>
2019-01-16Update vboot submodule to upstream masterPatrick Georgi
Updating from commit id 392211f0: 2018-04-23 13:07:25 -0700 - (Update Android signing to support signature scheme v2) to commit id a32c930e: 2018-12-28 16:14:08 -0800 - (futility: updater: quirks: Support special released SNOW RO) This brings in 159 new commits. Change-Id: I7fea9ff1e4109d4dbc979289172191f677438933 Signed-off-by: Patrick Georgi <pgeorgi@google.com> Reviewed-on: https://review.coreboot.org/c/30914 Tested-by: build bot (Jenkins) <no-reply@coreboot.org> Reviewed-by: Stefan Reinauer <stefan.reinauer@coreboot.org>
2018-04-26Update vboot submodule to upstream masterDuncan Laurie
Updating from commit id e0b38418: - image_signing: Add sha1sum of keys in keyset to VERSION.signer. To commit id 392211f0: - Update Android signing to support signature scheme v2 This fixes bulding with depthcharge master. Change-Id: I07b570f54b26a937a5a7c53ade464e0c7a550312 Signed-off-by: Duncan Laurie <dlaurie@chromium.org> Reviewed-on: https://review.coreboot.org/25837 Tested-by: build bot (Jenkins) <no-reply@coreboot.org> Reviewed-by: Martin Roth <martinroth@google.com>
2018-01-23Update vboot submodule to upstream masterMartin Roth
Updating from commit id f6780a36: 2017-12-01 14:54:40 -0800 - (firmware: header tweaks for depthcharge) to commit id e0b38418: 2018-01-16 04:08:26 -0800 - (image_signing: Add sha1sum of keys in keyset to VERSION.signer.) This brings in 25 new commits. Change-Id: If60f19decd91eaafec1d555c1e7d3ca0249d8068 Signed-off-by: Martin Roth <martinroth@google.com> Reviewed-on: https://review.coreboot.org/23332 Tested-by: build bot (Jenkins) <no-reply@coreboot.org> Reviewed-by: Patrick Georgi <pgeorgi@google.com> Reviewed-by: Stefan Reinauer <stefan.reinauer@coreboot.org>
2017-12-09Update vboot submodule to upstream masterMarc Jones
Updating from commit id 3b80572: 2017-10-12 16:35:30 -0700 - (tlcl, tpmc: extend GetVersion to report vendor specific data) to commit id f6780a3: 2017-12-01 14:54:40 -0800 - (firmware: header tweaks for depthcharge) This brings in 19 new commits. Change-Id: I49b1349cfd9266cd815b68759ae89bdffdd0d74b Signed-off-by: Marc Jones <marcj303@gmail.com> Reviewed-on: https://review.coreboot.org/22777 Reviewed-by: Aaron Durbin <adurbin@chromium.org> Tested-by: build bot (Jenkins) <no-reply@coreboot.org>
2017-10-22Update vboot submodule to upstream masterDaisuke Nojiri
Updating from commit id a52fc548 (image_signing: Remove legacy unified build feature) to commit id 3b805725 (tlcl, tpmc: extend GetVersion to report vendor specific data) This brings in 22 new commits. Change-Id: I51e44490e0ffd2c5cc73d439c1f3f8831d816be9 Signed-off-by: Daisuke Nojiri <dnojiri@chromium.org> Reviewed-on: https://review.coreboot.org/22004 Tested-by: build bot (Jenkins) <no-reply@coreboot.org> Reviewed-by: Aaron Durbin <adurbin@chromium.org>
2017-09-13Update vboot submodule to upstream masterDaisuke Nojiri
Updating from commit id 3f3a496a 2017-09-01 09:20:19 (image_signing: Fix loem.ini pattern for unibuilds) to commit id 753e34e9 2017-08-31 10:12:40 (futility: Make rwsig sign command produce EC_RW image) This brings in 5 new commits. This also updates Depthcharge stable commit ID. Updating from a843f262 2016-08-16 08:41:04 (kahlee: select emmc boot first if available) to commit id f3bb31fe 2017-08-15 17:15:33 (vboot: Support EC early firmware selection) This brings in 14 new commits. Change-Id: I17d034e87fa642c5e30e933eb98bcfe5ceaaa3a8 Signed-off-by: Daisuke Nojiri <dnojiri@chromium.org> Reviewed-on: https://review.coreboot.org/21490 Tested-by: build bot (Jenkins) <no-reply@coreboot.org> Reviewed-by: Julius Werner <jwerner@chromium.org> Reviewed-by: Aaron Durbin <adurbin@chromium.org>
2017-09-063rdparty/vboot: update to latest masterPatrick Georgi
Besides some internal changes that won't have much effect on coreboot, the newer version also supports building host tools on systems that self-designate as i686. Change-Id: I823bad862805cdec1dfecc8ba046f73ac206d3e8 Signed-off-by: Patrick Georgi <pgeorgi@google.com> Reviewed-on: https://review.coreboot.org/21302 Tested-by: build bot (Jenkins) <no-reply@coreboot.org> Reviewed-by: Paul Menzel <paulepanter@users.sourceforge.net> Reviewed-by: Paul Kocialkowski <contact@paulk.fr> Reviewed-by: Stefan Reinauer <stefan.reinauer@coreboot.org>
2017-08-23Update vboot submodule to upstream masterMartin Roth
Updating from commit id 8b714252 - 2017-07-18 02:36:16 (crossystem: Remove defunct sw_wpsw_bootfield) to commit id 8c4b8285 - 2017-08-14 20:37:45 -0700 (detachables: Skip "Enable Developer Mode" in DEV mode) This brings in 6 new commits. Change-Id: I7769035453796a162c6313cd0c87661ef1e64f89 Signed-off-by: Martin Roth <martinroth@google.com> Reviewed-on: https://review.coreboot.org/21074 Tested-by: build bot (Jenkins) <no-reply@coreboot.org> Reviewed-by: Marc Jones <marc@marcjonesconsulting.com> Reviewed-by: Marshall Dawson <marshalldawson3rd@gmail.com>
2017-07-31Update vboot submodule to upstream masterMartin Roth
Updating from commit id 04b3835b: 2017-06-12 06:47:41 -0700 - (Add a script to generate a keypair for signing Rose RW firmware.) to commit id 8b714252: 2017-07-18 02:36:16 -0700 - (crossystem: Remove defunct sw_wpsw_boot field) This brings in 19 new commits. Change-Id: Ib68068b1afc5a264623021325e19644e8b63f8f3 Signed-off-by: Martin Roth <martinroth@google.com> Reviewed-on: https://review.coreboot.org/20702 Tested-by: build bot (Jenkins) <no-reply@coreboot.org> Reviewed-by: Paul Menzel <paulepanter@users.sourceforge.net> Reviewed-by: Patrick Georgi <pgeorgi@google.com>
2017-06-17Update vboot submodule to upstream masterMartin Roth
Update from commit a1c5f7c0 vboot_reference: Add support for 3072-bit exponent 3 keys to commit 04b3835b Add a script to generate a keypair for signing Rose RW firmware This brings in 34 new commits. Change-Id: Ifa304af5c2cf0bcc466dfc4878dd9d08436eec75 Signed-off-by: Martin Roth <martinroth@google.com> Reviewed-on: https://review.coreboot.org/20228 Tested-by: build bot (Jenkins) <no-reply@coreboot.org> Reviewed-by: Marc Jones <marc@marcjonesconsulting.com> Reviewed-by: Paul Menzel <paulepanter@users.sourceforge.net> Reviewed-by: Philippe Mathieu-Daudé <philippe.mathieu.daude@gmail.com>
2017-03-273rdparty/vboot: Update to upstream masterMartin Roth
This brings in 70 new commits from the upstream vboot repository, dated October 31, 2016 to March 2, 2017 Change-Id: Iac9c2b0389afbfa02c1cccc38d39a12dac4a5ac4 Signed-off-by: Martin Roth <martinroth@google.com> Reviewed-on: https://review.coreboot.org/18953 Reviewed-by: Paul Menzel <paulepanter@users.sourceforge.net> Tested-by: build bot (Jenkins) Reviewed-by: Patrick Georgi <pgeorgi@google.com>
2016-11-103rdparty/vboot: update to latest masterFurquan Shaikh
Require new recovery reason for rec hash space lock failure in RO. Change-Id: I606d1a1f51a3a4c127b2933f6fb00ba2ec4885fc Signed-off-by: Furquan Shaikh <furquan@chromium.org> Reviewed-on: https://review.coreboot.org/17340 Reviewed-by: Aaron Durbin <adurbin@chromium.org> Tested-by: build bot (Jenkins)
2016-10-213rdparty/vboot: update to latest master for rotor supportMartin Roth
This pulls in the bdb support for futility so that rotor can build. Change-Id: Icfa432fb840bea3e1616933ed02cf34a681fa3ce Signed-off-by: Martin Roth <martinroth@google.com> Reviewed-on: https://review.coreboot.org/17061 Tested-by: build bot (Jenkins) Reviewed-by: Daisuke Nojiri <dnojiri@chromium.org>
2016-08-043rdparty/vboot: update to latest masterPatrick Georgi
Half a year has passed. Fixes went in. Probably bugs, too. However, nobody really supports our local vboot version anymore. Change-Id: I5042f23686dfe98e540c482f744e9df2d7df3b19 Signed-off-by: Patrick Georgi <pgeorgi@chromium.org> Reviewed-on: https://review.coreboot.org/16055 Tested-by: build bot (Jenkins) Reviewed-by: Duncan Laurie <dlaurie@chromium.org> Reviewed-by: Paul Menzel <paulepanter@users.sourceforge.net> Reviewed-by: Paul Kocialkowski <contact@paulk.fr>
2016-02-29vboot: Update to current master to support S3 resume signallingPatrick Georgi
This is used in coreboot-side vboot code now, to keep booting from the same RW section after wakeup - necessary when romstage is in RW and its use of the RAM init configuration cache may differ between versions. Change-Id: Ie531cf3ddc980154f48772b3ff87e23473010721 Signed-off-by: Patrick Georgi <pgeorgi@google.com> Reviewed-on: https://review.coreboot.org/13844 Tested-by: build bot (Jenkins) Reviewed-by: Stefan Reinauer <stefan.reinauer@coreboot.org>
2016-02-043rdparty/vboot: update to current masterPatrick Georgi
It provides a few extensions to the API that are required, such as vb2api_check_hash_get_digest() Change-Id: Ib4d8bdc29751f51f0f7532376175490a0ffd84b3 Signed-off-by: Patrick Georgi <pgeorgi@chromium.org> Reviewed-on: https://review.coreboot.org/13590 Tested-by: build bot (Jenkins) Reviewed-by: Stefan Reinauer <stefan.reinauer@coreboot.org>
2015-10-283rdparty/vboot: update to current masterPatrick Georgi
Change-Id: Idc300472f8d8821dd362d6dd075150f285f1d09b Signed-off-by: Patrick Georgi <pgeorgi@chromium.org> Reviewed-on: http://review.coreboot.org/12207 Tested-by: build bot (Jenkins) Reviewed-by: Furquan Shaikh <furquan@google.com>
2015-07-08vboot: Don't count boot attempts if lid is closedPatrick Georgi
This can be a problem with freshly updated devices that are periodically powered on while closed (as explained in the bug report). In this case, just don't count down. In case of actual errors (where we want the system to fall back to the old code), this now means that the retries have to happen with the lid open. Bump vboot's submodule revision for the vboot-side support of this. BUG=chromium:446945 TEST=to test the OS update side, follow the test protocol in https://code.google.com/p/chromium/issues/detail?id=446945#c43 With a servo, it can be sped up using the EC console interface to start the closed system - no need to wait 60min and plugging in power to get to that state. Change-Id: I0e39aadc52195fe53ee4a29a828ed9a40d28f5e6 Signed-off-by: Patrick Georgi <pgeorgi@chromium.org> Reviewed-on: http://review.coreboot.org/10851 Tested-by: build bot (Jenkins) Reviewed-by: Aaron Durbin <adurbin@chromium.org>
2015-05-053rdparty/vboot: Add vbootPatrick Georgi
This allows providing a verified boot mechanism in the default distribution, as well as reusing vboot code like its crypto primitives for reasonably secure checksums over CBFS files. Change-Id: I729b249776b2bf7aa4b2f69bb18ec655b9b08d90 Signed-off-by: Patrick Georgi <pgeorgi@chromium.org> Reviewed-on: http://review.coreboot.org/10107 Tested-by: build bot (Jenkins) Reviewed-by: Stefan Reinauer <stefan.reinauer@coreboot.org>
2015-05-053rdparty: Move to blobsPatrick Georgi
To move 3rdparty to 3rdparty/blobs (ie. below itself from git's broken perspective), we need to work around it - since some git implementations don't like the direct approach. Change-Id: I1fc84bbb37e7c8c91ab14703d609a739b5ca073c Signed-off-by: Patrick Georgi <pgeorgi@chromium.org> Reviewed-on: http://review.coreboot.org/10108 Tested-by: build bot (Jenkins) Reviewed-by: Stefan Reinauer <stefan.reinauer@coreboot.org>
2015-04-143rdparty: move checkout marker forwardStefan Reinauer
Move the 3rdparty marker to blobs.git commit 892a697 Change-Id: I8a51f301e08e49970b4747f004e0752617de8005 Signed-off-by: Stefan Reinauer <stefan.reinauer@coreboot.org> Reviewed-on: http://review.coreboot.org/9625 Reviewed-by: Marc Jones <marc.jones@se-eng.com> Tested-by: build bot (Jenkins)
2015-03-073rdparty: Update submodule to get Tegra 132 binariesMarc Jones
Change-Id: Ib5c967708e1f10e78a752ba28c02271f007fd137 Signed-off-by: Marc Jones <marc.jones@se-eng.com> Reviewed-on: http://review.coreboot.org/8613 Tested-by: build bot (Jenkins) Reviewed-by: Aaron Durbin <adurbin@google.com> Reviewed-by: Paul Menzel <paulepanter@users.sourceforge.net>
2015-02-273rdparty: Update to latest commit (for Intel microcode)Alexandru Gagniuc
This pulls in the Intel microcode from blobs, and allows us to move forward with relocating microcode updates in blobs. Change-Id: Iaa046cc20c7825aac168a6ed97c87be548634df3 Signed-off-by: Alexandru Gagniuc <mr.nuke.me@gmail.com> Reviewed-on: http://review.coreboot.org/8356 Tested-by: build bot (Jenkins) Reviewed-by: Paul Menzel <paulepanter@users.sourceforge.net> Reviewed-by: Kyösti Mälkki <kyosti.malkki@gmail.com>
2015-01-163rdparty: Update to latest commit in blobs repositoryDave Frodin
'blobs' now contains the update for the BaldEagle binaryPI. Change-Id: I7ed423b17cee926205792223d6355277bedad552 Signed-off-by: Dave Frodin <dave.frodin@se-eng.com> Reviewed-on: http://review.coreboot.org/8232 Tested-by: build bot (Jenkins) Reviewed-by: Stefan Reinauer <stefan.reinauer@coreboot.org>
2015-01-153rdparty: Update to latest commit in blobs repositoryDave Frodin
'blobs' now contains the update for the Mullins binaryPI. Change-Id: Ife5dc73a856697c23a6d6b27fd5280f972992631 Signed-off-by: Dave Frodin <dave.frodin@se-eng.com> Reviewed-on: http://review.coreboot.org/8230 Reviewed-by: Paul Menzel <paulepanter@users.sourceforge.net> Tested-by: build bot (Jenkins) Reviewed-by: Martin Roth <gaumless@gmail.com>
2014-12-283rdparty: Update to latest commit in blobs repositoryPaul Menzel
Commit bb932c56 (nyan*: I2C: Implement bus clear when 'ARB_LOST' error occurs) unintentionally reverted commit 16472743 (3dparty: Update to latest commit in blobs repository). Apply that commit again: 'blobs' now contains updates which allow binary AGESA to build with Clang. Pull those in, in anticipation of re-enabling -Werror on Clang builds. Change-Id: I2530b6c58d369f1741b1a77bdfd7bcdb64ac9feb Signed-off-by: Paul Menzel <paulepanter@users.sourceforge.net> Reviewed-on: http://review.coreboot.org/7963 Tested-by: build bot (Jenkins) Reviewed-by: Edward O'Callaghan <eocallaghan@alterapraxis.com>
2014-12-26nyan*: I2C: Implement bus clear when 'ARB_LOST' error occursTom Warren
This is a fix for the 'Lost arb' we're seeing on Nyan* during reboot stress testing. It occurs when we are slamming the default PMIC registers with pmic_write_reg(). Currently, I've only captured this a few times, and the bus clear seemed to work, as the PMIC writes continued (where they'd hang the system before bus clear) for a couple of regs, then it hangs hard, no messages, no 2nd lost arb, etc. So I've added code to the PMIC write function that will reset the SoC if any I2C error occurs. That seems to recover OK, i.e. on the next reboot the PMIC writes all go thru, boot is OK, kernel loads, etc. BUG=chrome-os-partner:28323 BRANCH=nyan TEST=Tested on nyan. Built for nyan and nyan_big. Original-Change-Id: I1ac5e3023ae22c015105b7f0fb7849663b4aa982 Original-Signed-off-by: Tom Warren <twarren@nvidia.com> Original-Reviewed-on: https://chromium-review.googlesource.com/197732 Original-Reviewed-by: Julius Werner <jwerner@chromium.org> Original-Reviewed-by: Jimmy Zhang <jimmzhang@nvidia.com> (cherry picked from commit f445127e2d9e223a5ef9117008a7ac7631a7980c) Signed-off-by: Marc Jones <marc.jones@se-eng.com> Change-Id: I584d55b99d65f1e278961db6bdde1845cb01f3bc Reviewed-on: http://review.coreboot.org/7897 Tested-by: build bot (Jenkins) Reviewed-by: David Hendricks <dhendrix@chromium.org>
2014-12-223dparty: Update to latest commit in blobs repositoryAlexandru Gagniuc
'blobs' now contains updates which allow binary AGESA to build with clang. Pull those in, in anticipation of re-enabling -Werror on clang builds. Change-Id: I734de0b93ebc1e78781f1d5f48e280badc3cf8b3 Signed-off-by: Alexandru Gagniuc <mr.nuke.me@gmail.com> Reviewed-on: http://review.coreboot.org/7884 Tested-by: build bot (Jenkins) Reviewed-by: Paul Menzel <paulepanter@users.sourceforge.net> Reviewed-by: Edward O'Callaghan <eocallaghan@alterapraxis.com>
2014-12-013rdparty: Update to latest commit in blobs repositoryPaul Menzel
Update to commit 9f68e20e (AMD KaveriPI: Add PI header files to support binary AGESA release), which is the latest commit in the blobs repository. Change-Id: I3d643f7565700272c22b59ed764c3269801f4413 Signed-off-by: Paul Menzel <paulepanter@users.sourceforge.net> Reviewed-on: http://review.coreboot.org/7595 Tested-by: build bot (Jenkins) Reviewed-by: Edward O'Callaghan <eocallaghan@alterapraxis.com>
2014-11-11blobs: Update to IPQ blob commitMarc Jones
Update the 3rdparty repo to the IPQ binary commit This got updated in error by commit:39bbc8cb97e2de2423cc31bee014ef56884d9f3c Original-Change-Id: I50fd7254eaf97ac44fb046e39ff1a81d2baad16f Original-Signed-off-by: Marc Jones <marc.jones@se-eng.com> Original-Reviewed-on: http://review.coreboot.org/7354 Original-Reviewed-by: Stefan Reinauer <stefan.reinauer@coreboot.org> (cherry picked from commit cfa06c746023fbb79169260012539253811525aa) Signed-off-by: Marc Jones <marc.jones@se-eng.com> Change-Id: Ibfa243d057f9a2d27e9e02e3e8d4fc6e1da61df0 Reviewed-on: http://review.coreboot.org/7437 Reviewed-by: Patrick Georgi <pgeorgi@google.com> Tested-by: Patrick Georgi <pgeorgi@google.com> Tested-by: build bot (Jenkins)
2014-11-09Kconfig: Hide DYNAMIC_CBMEM.Vladimir Serbinenko
Only one setting actually works (exact value depends on board). So no need to show it. Change-Id: I2a85719264bbac07791ef6a9279590ba768c309e Signed-off-by: Vladimir Serbinenko <phcoder@gmail.com> Reviewed-on: http://review.coreboot.org/7359 Reviewed-by: Kyösti Mälkki <kyosti.malkki@gmail.com> Tested-by: build bot (Jenkins)
2014-11-08blobs: Update to IPQ blob commitMarc Jones
Update the 3rdparty repo to the IPQ binary commit Change-Id: I50fd7254eaf97ac44fb046e39ff1a81d2baad16f Signed-off-by: Marc Jones <marc.jones@se-eng.com> Reviewed-on: http://review.coreboot.org/7354 Reviewed-by: Stefan Reinauer <stefan.reinauer@coreboot.org>
2014-09-01AMD Steppe Eagle: Update reference to BLOBs repo (3rdparty)Bruce Griffith
The BLOBs repo has been updated with AMD PI header files, peripheral BLOBs for the new Avalon southbridge, the AGESA binary PI BLOB for Steppe Eagle, the Steppe Eagle video BIOS, and platform security processor firmware. Change-Id: I8bb58a5cc572d2d75de33b14843d7d1893fff532 Signed-off-by: Bruce Griffith <Bruce.Griffith@se-eng.com> Reviewed-on: http://review.coreboot.org/6770 Tested-by: build bot (Jenkins) Reviewed-by: Paul Menzel <paulepanter@users.sourceforge.net> Reviewed-by: Marc Jones <marc.jones@se-eng.com>
2014-06-01acpigen: Add acpigen_emit_eisaid.Vladimir Serbinenko
Change-Id: Ib92142a133445018cd152dabe299792ba5f36548 Signed-off-by: Vladimir Serbinenko <phcoder@gmail.com> Reviewed-on: http://review.coreboot.org/5240 Tested-by: build bot (Jenkins) Reviewed-by: Kyösti Mälkki <kyosti.malkki@gmail.com>
2014-01-113rdparty: update to current HEADPatrick Georgi
It includes a sandybridge fix. Change-Id: I84ff1ac1622b10a4a4aa42517bac0c024c386998 Signed-off-by: Patrick Georgi <patrick@georgi-clan.de> Reviewed-on: http://review.coreboot.org/4642 Tested-by: build bot (Jenkins) Reviewed-by: Paul Menzel <paulepanter@users.sourceforge.net>
2013-07-18AMD Yangtze: Update 3rdparty hash for new blobsBruce Griffith
Change-Id: I87de13a7284bc38ac7cf2b18a147323c84a9a5c5 Signed-off-by: Bruce Griffith <Bruce.Griffith@se-eng.com> Reviewed-on: http://review.coreboot.org/3780 Tested-by: build bot (Jenkins) Reviewed-by: Stefan Reinauer <stefan.reinauer@coreboot.org>
2013-07-10Update 3rdparty hash for latest ARM BL1 binariesStefan Reinauer
Change-Id: Ice28114e5f53f510d305cd85d095044e2f4bd7b2 Signed-off-by: Stefan Reinauer <reinauer@google.com> Reviewed-on: http://review.coreboot.org/3740 Reviewed-by: Gabe Black <gabeblack@chromium.org> Reviewed-by: David Hendricks <dhendrix@chromium.org> Tested-by: build bot (Jenkins)