Age | Commit message (Collapse) | Author |
|
This commit just moves the vboot sources into
the security directory and fixes kconfig/makefile paths.
Fix vboot2 headers
Change-Id: Icd87f95640186f7a625242a3937e1dd13347eb60
Signed-off-by: Philipp Deppenwiese <zaolin@das-labor.org>
Reviewed-on: https://review.coreboot.org/22074
Tested-by: build bot (Jenkins) <no-reply@coreboot.org>
Reviewed-by: Martin Roth <martinroth@google.com>
|
|
Add a Kconfig option to allow platforms to exclude specific files
from being copied from RO into RW sections.
BUG=b:65484600
TEST=Exclude apu/amdfw from the RW cbfs sections
Change-Id: I7723b63392c1620b75ceb6d8e25fe1ce2c75cf18
Signed-off-by: Martin Roth <martinroth@google.com>
Reviewed-on: https://review.coreboot.org/21899
Tested-by: build bot (Jenkins) <no-reply@coreboot.org>
Reviewed-by: Aaron Durbin <adurbin@chromium.org>
|
|
This patch makes coreboot set VBSD_EC_EFS flag if CONFIG_VBOOT_EC_EFS
is set. Depthcharge/Vboot uses this flag to determine whether it can
update EC when it's already running a RW copy.
BUG=b:65028930
BRANCH=none
TEST=Verify soft sync runs successfully on Fizz.
Change-Id: Ic51ddd4819262162a8d8519461c4ace57ee01cb5
Signed-off-by: Daisuke Nojiri <dnojiri@chromium.org>
Reviewed-on: https://review.coreboot.org/21489
Reviewed-by: Aaron Durbin <adurbin@chromium.org>
Tested-by: build bot (Jenkins) <no-reply@coreboot.org>
Reviewed-by: Julius Werner <jwerner@chromium.org>
|
|
CONFIG_MAINBOARD_VENDOR is customizable by OEM for Chrome OS
devices. However, VBOOT_FWID_MODEL indicates the firmware vendor and
hence if CHROMEOS is selected, then VBOOT_FWID_MODEL should always
prefix "Google_" instead of CONFIG_MAINBOARD_VENDOR.
BUG=b:65493192
Change-Id: I0a2280bfd6d535586bc14d9a3c4a8198287f08bc
Signed-off-by: Furquan Shaikh <furquan@chromium.org>
Reviewed-on: https://review.coreboot.org/21458
Tested-by: build bot (Jenkins) <no-reply@coreboot.org>
Reviewed-by: Julius Werner <jwerner@chromium.org>
|
|
It's standard practice in vboot that the FWID consists of
<board_name>.<version_number> (e.g. Google_Kevin.8785.57.0). In fact,
some tools rely on this and cut the string at the first dot to
separate the two.
The current Kconfig default in coreboot instead leads to ugly,
parser-breaking FWIDs like Google_Kevin4.5-1234-5678abcd. This patch
fixes that.
Change-Id: I65cd5285c69e2e485d55a41a65d735f6a2291c16
Signed-off-by: Julius Werner <jwerner@chromium.org>
Reviewed-on: https://review.coreboot.org/19487
Tested-by: build bot (Jenkins)
Reviewed-by: Aaron Durbin <adurbin@chromium.org>
Reviewed-by: Patrick Georgi <pgeorgi@google.com>
|
|
1. Select CONFIG_{TPM,TPM2} only when MOCK_SECDATA is not selected.
2. Provide tlcl_lib_init for mock TPM case.
BUG=b:37682566
TEST=Verified that when mock TPM is used, CONFIG_TPM is not set
anymore in coreboot config.
Change-Id: If3bdd1528e153b164e9d62ee9cbcc4c3666b8b66
Signed-off-by: Furquan Shaikh <furquan@chromium.org>
Reviewed-on: https://review.coreboot.org/19456
Tested-by: build bot (Jenkins)
Reviewed-by: Aaron Durbin <adurbin@chromium.org>
Reviewed-by: Julius Werner <jwerner@chromium.org>
|
|
This patch attempts to finish the separation between CONFIG_VBOOT and
CONFIG_CHROMEOS by moving the remaining options and code (including
image generation code for things like FWID and GBB flags, which are
intrinsic to vboot itself) from src/vendorcode/google/chromeos to
src/vboot. Also taking this opportunity to namespace all VBOOT Kconfig
options, and clean up menuconfig visibility for them (i.e. some options
were visible even though they were tied to the hardware while others
were invisible even though it might make sense to change them).
CQ-DEPEND=CL:459088
Change-Id: I3e2e31150ebf5a96b6fe507ebeb53a41ecf88122
Signed-off-by: Julius Werner <jwerner@chromium.org>
Reviewed-on: https://review.coreboot.org/18984
Tested-by: build bot (Jenkins)
Reviewed-by: Aaron Durbin <adurbin@chromium.org>
|
|
No board has ever tried to combine CONFIG_SEPARATE_VERSTAGE with
CONFIG_VBOOT_STARTS_IN_ROMSTAGE. There are probably many reasons why
this wouldn't work (e.g. x86 CAR migration logic currently always
assumes verstage code to run pre-migration). It would also not really
make sense: the reason we use separate verstages is to decrease
bootblock size (mitigating the boot speed cost of slow boot ROM SPI
drivers) and to allow the SRAM-saving RETURN_FROM_VERSTAGE trick,
neither of which would apply to the after-romstage case. It is better to
just forbid that case explicitly and give programmers more guarantees
about what the verstage is (e.g. now the assumption that it runs pre-RAM
is always valid).
Since Kconfig dependencies aren't always guaranteed in the face of
'select' statements, also add some explicit compile-time assertions to
the vboot code. We can simplify some of the loader logic which now no
longer needs to provide for the forbidden case. In addition, also try to
make some of the loader logic more readable by writing it in a more
functional style that allows us to put more assertions about which cases
should be unreachable in there, which will hopefully make it more robust
and fail-fast with future changes (e.g. addition of new stages).
Change-Id: Iaf60040af4eff711d9b80ee0e5950ce05958b3aa
Signed-off-by: Julius Werner <jwerner@chromium.org>
Reviewed-on: https://review.coreboot.org/18983
Reviewed-by: Aaron Durbin <adurbin@chromium.org>
Tested-by: build bot (Jenkins)
|
|
VBOOT_DYNAMIC_WORK_BUFFER and VBOOT_STARTS_IN_ROMSTAGE are equivalent in
practice. We can't have a dynamic work buffer unless we start in/after
romstage, and there'd be no reason to go with a static buffer if we do.
Let's get rid of one extra option and merge the two.
Change-Id: I3f953c8d2a8dcb3f65b07f548184d6dd0eb688fe
Signed-off-by: Julius Werner <jwerner@chromium.org>
Reviewed-on: https://review.coreboot.org/18979
Tested-by: build bot (Jenkins)
Reviewed-by: Aaron Durbin <adurbin@chromium.org>
|
|
CHIPSET_PROVIDES_VERSTAGE_MAIN_SYMBOL allows the SoC directory to
provide its own main() symbol that can execute code before the generic
verstage code runs. We have now established in other places (e.g. T210
ramstage) a sort of convention that SoCs which need to run code in any
stage before main() should just override stage_entry() instead. This
patch aligns the verstage with that model and gets rid of the extra
Kconfig option. This also removes the need for aliasing between main()
and verstage(). Like other stages the main verstage code is now just in
main() and can be called from stage_entry().
Change-Id: If42c9c4fbab51fbd474e1530023a30b69495d1d6
Signed-off-by: Julius Werner <jwerner@chromium.org>
Reviewed-on: https://review.coreboot.org/18978
Reviewed-by: Aaron Durbin <adurbin@chromium.org>
Tested-by: build bot (Jenkins)
|
|
Add a Kconfig value to enable other platforms to use the soft reboot
workaround.
TEST=Build and run on Galileo Gen2
Change-Id: I5a7ebd200229654128d367ecb50647ff69bb5258
Signed-off-by: Lee Leahy <leroy.p.leahy@intel.com>
Reviewed-on: https://review.coreboot.org/18798
Tested-by: Martin Roth <martinroth@google.com>
Reviewed-by: Aaron Durbin <adurbin@chromium.org>
|
|
1. Add a new index for recovery hash space in TPM - 0x100b
2. Add helper functions to read/write/lock recovery hash space in TPM
3. Add Kconfig option that can be selected by mainboards that want to
define this space.
4. Lock this new space while jumping from RO to RW.
BUG=chrome-os-partner:59355
BRANCH=None
TEST=Verified use of recovery hash space on reef.
Change-Id: I1cacd54f0a896d0f2af32d4b7c9ae581a918f9bb
Signed-off-by: Furquan Shaikh <furquan@chromium.org>
Reviewed-on: https://review.coreboot.org/17273
Tested-by: build bot (Jenkins)
Reviewed-by: Aaron Durbin <adurbin@chromium.org>
|
|
There's no need to be SPI specific w.r.t. how the flash is
connected. Therefore, use the RW boot device to write the
contents of VBNV. The erasable check was dropped because that
information isn't available. All regions should be aligned
accordingly on the platform for the underlying hardware
implementation. And once the VBNV region fills the erase
will fail.
BUG=chrome-os-partner:56151
Change-Id: I07fdc8613e0b3884e132a2f158ffeabeaa6da6ce
Signed-off-by: Aaron Durbin <adurbin@chromium.org>
Reviewed-on: https://review.coreboot.org/16206
Tested-by: build bot (Jenkins)
Reviewed-by: Duncan Laurie <dlaurie@chromium.org>
Reviewed-by: Paul Menzel <paulepanter@users.sourceforge.net>
Reviewed-by: Furquan Shaikh <furquan@google.com>
|
|
CONFIG_VBOOT was recently moved to be independent from CONFIG_CHROMEOS.
However, the latter still has some 'select' clauses to ensure that
required TPM libraries are built. The TPM is an essential part of vboot,
and without these libraries the vboot code cannot compile... therefore,
they should be moved under CONFIG_VBOOT.
Change-Id: I0145558e5127c65c6a82d62f25b5a39e24cb8726
Signed-off-by: Julius Werner <jwerner@chromium.org>
Reviewed-on: https://review.coreboot.org/16229
Tested-by: build bot (Jenkins)
Reviewed-by: Paul Menzel <paulepanter@users.sourceforge.net>
Reviewed-by: Aaron Durbin <adurbin@chromium.org>
|
|
Change-Id: Iff6b1b08b8159588b964d9637b16e1e0bfcca940
Signed-off-by: Elyes HAOUAS <ehaouas@noos.fr>
Reviewed-on: https://review.coreboot.org/15986
Tested-by: build bot (Jenkins)
Reviewed-by: Paul Menzel <paulepanter@users.sourceforge.net>
Reviewed-by: Martin Roth <martinroth@google.com>
|
|
This removes the newlines from all files found by the new
int-015-final-newlines script.
Change-Id: I65b6d5b403fe3fa30b7ac11958cc0f9880704ed7
Signed-off-by: Martin Roth <martinroth@google.com>
Reviewed-on: https://review.coreboot.org/15975
Tested-by: build bot (Jenkins)
Reviewed-by: Stefan Reinauer <stefan.reinauer@coreboot.org>
Reviewed-by: Paul Menzel <paulepanter@users.sourceforge.net>
|
|
VBOOT_VERIFY_FIRMWARE should be independent of CHROMEOS. This allows use
of verified boot library without having to stick to CHROMEOS.
BUG=chrome-os-partner:55639
Change-Id: Ia2c328712caedd230ab295b8a613e3c1ed1532d9
Signed-off-by: Furquan Shaikh <furquan@google.com>
Reviewed-on: https://review.coreboot.org/15867
Tested-by: build bot (Jenkins)
Reviewed-by: Duncan Laurie <dlaurie@chromium.org>
|