summaryrefslogtreecommitdiff
path: root/src/vendorcode/google
AgeCommit message (Collapse)Author
2015-09-30vboot: provide a unified flow for separate verstageAaron Durbin
The vboot verification in a stage proper is unified replacing duplicate code in the tegra SoC code. The original verstage.c file is renamed to reflect its real purpose. The support for a single verstage flow is added to the vboot2 directory proper. BUG=chrome-os-partner:44827 BRANCH=None TEST=Built glados. Change-Id: I14593e1fc69a1654fa27b512eb4b612395b94ce5 Signed-off-by: Aaron Durbin <adurbin@chromium.org> Reviewed-on: http://review.coreboot.org/11744 Tested-by: build bot (Jenkins) Reviewed-by: Patrick Georgi <pgeorgi@google.com>
2015-09-29chromeos: vboot-related functions move to common vboot codePaul Kocialkowski
This moves a few vboot-prefixed functions that were defined in chromeos.c to vboot_common.c, since those are only relevant to vboot and depend on the vboot handoff data. This allows more separation between CONFIG_CHROMEOS and what CONFIG_CHROMEOS selects, so that each separate option (such as CONFIG_VBOOT_VERIFY_FIRMWARE) can be enabled separately. Thus, the actual definitions of these functions will only be declared when CONFIG_VBOOT_VERIFY_FIRMWARE is set, so the check before calling vboot_skip_display_init in bootmode was also adapted. Change-Id: I52f8a408645566dac0a2100e819c8ed5d3d88ea5 Signed-off-by: Paul Kocialkowski <contact@paulk.fr> Reviewed-on: http://review.coreboot.org/11497 Reviewed-by: Aaron Durbin <adurbin@chromium.org> Tested-by: build bot (Jenkins) Reviewed-by: Paul Menzel <paulepanter@users.sourceforge.net>
2015-09-23chromeos: vboot and chromeos dependency removal for sw write protect statePaul Kocialkowski
This removes the dependency on chromeos and vboot for the sw write protect state function: vboot_get_sw_write_protect, renamed to get_sw_write_protect_state to both reflect this change and become consistent with the definition of get_write_protect_state that is already in use. Change-Id: I47ce31530a03f6749e0f370e5d868466318b3bb6 Signed-off-by: Paul Kocialkowski <contact@paulk.fr> Reviewed-on: http://review.coreboot.org/11496 Tested-by: build bot (Jenkins) Reviewed-by: Aaron Durbin <adurbin@chromium.org>
2015-09-22coreboot: introduce commonlibAaron Durbin
Instead of reaching into src/include and re-writing code allow for cleaner code sharing within coreboot and its utilities. The additional thing needed at this point is for the utilities to provide a printk() declaration within a <console/console.h> file. That way code which uses printk() can than be mapped properly to verbosity of utility parameters. Change-Id: I9e46a279569733336bc0a018aed96bc924c07cdd Signed-off-by: Aaron Durbin <adurbin@chromium.org> Reviewed-on: http://review.coreboot.org/11592 Tested-by: build bot (Jenkins) Reviewed-by: Alexandru Gagniuc <mr.nuke.me@gmail.com>
2015-09-17vbnv: check alignment of nvram in advanceDaisuke Nojiri
Currently, erase operation only works if the region is sector-aligned. These asserts ensure we can erase the region when it's all used up. Erase operation can be updated to handle unaligned erases by read, update, write-back cycle. However, these asserts will still remain useful in case the adjacent region contains critical data and mis-updating it can cause a critical failure. Additionaly we should write a FAFT test but it's more reliable to catch it here since FAFT can fail in many ways. BUG=none BRANCH=master TEST=tested on samus using misaligned nvram region Change-Id: I3add4671ed354d9763e21bf96616c8aeca0cb777 Signed-off-by: Patrick Georgi <pgeorgi@chromium.org> Original-Commit-Id: fc001a4d3446cf96b76367dde492c3453aa948c6 Original-Change-Id: Ib4df8f620bf7531b345364fa4c3e274aba09f677 Original-Signed-off-by: Daisuke Nojiri <dnojiri@chromium.org> Original-Reviewed-on: https://chromium-review.googlesource.com/297801 Reviewed-on: http://review.coreboot.org/11654 Tested-by: build bot (Jenkins) Reviewed-by: Patrick Georgi <pgeorgi@google.com>
2015-09-09verstage: use common program.ld for linkingAaron Durbin
There's no reason to have a separate verstage.ld now that there is a unified stage linking strategy. Moreover verstage support is throughout the code base as it is so bring in those link script macros into the common memlayout.h as that removes one more specific thing a board/chipset needs to do in order to turn on verstage. BUG=chrome-os-partner:44827 BRANCH=None TEST=None Change-Id: I1195e06e06c1f81a758f68a026167689c19589dd Signed-off-by: Aaron Durbin <adubin@chromium.org> Reviewed-on: http://review.coreboot.org/11516 Tested-by: build bot (Jenkins) Reviewed-by: Patrick Georgi <pgeorgi@google.com>
2015-08-26Chromeos: Remove Kconfig workaround for VIRTUAL_DEV_SWITCH warningsMartin Roth
With VIRTUAL_DEV_SWITCH moved under 'config CHROMEOS' in all of the mainboards, this is no longer needed. Change-Id: I5fbea17969f6b0c3b8a5dcd519ab9d36eb2ad6f1 Signed-off-by: Martin Roth <martinroth@google.com> Reviewed-on: http://review.coreboot.org/11337 Tested-by: build bot (Jenkins) Reviewed-by: Aaron Durbin <adurbin@chromium.org>
2015-08-11chromeos: Allow for VB_SOURCE overridePaul Kocialkowski
One may prefer to include vboot from another directory than 3rdparty for convenience. This is especially the case in Libreboot, where 3rdparty is not checked out at all. Change-Id: I13167eb604a777a2ba87c3567f134ef3ff9610e4 Signed-off-by: Paul Kocialkowski <contact@paulk.fr> Reviewed-on: http://review.coreboot.org/11116 Tested-by: build bot (Jenkins) Reviewed-by: Patrick Georgi <pgeorgi@google.com>
2015-08-10chromeos: vboot: Adaptations for using a separate object out directoryPaul Kocialkowski
$(obj) might be defined either as a relative or an absolute path. Thus, it has to be filtered out before adding $(top) to it (in case of an absolute path) when building vboot. It is then provided separately in CFLAGS (as an absolute path). In addition, VB2_LIB inherits $(obj), so it might also already be an absolute path, and prefixing $(top) to it doesn't apply. Thus, the absolute path to it should be passed to the vboot make command. Change-Id: I13e893ebdf22c4513ee40d9331a30ac7de8f9788 Signed-off-by: Paul Kocialkowski <contact@paulk.fr> Reviewed-on: http://review.coreboot.org/11120 Tested-by: build bot (Jenkins) Reviewed-by: Patrick Georgi <pgeorgi@google.com>
2015-07-29arm, arm64, mips: Add rough static stack size checks with -Wstack-usageJulius Werner
We've seen an increasing need to reduce stack sizes more and more for space reasons, and it's always guesswork because no one has a good idea how little is too litte. We now have boards with 3K and 2K stacks, and old pieces of common code often allocate large temporary buffers that would lead to very dangerous and hard to detect bugs when someone eventually tries to use them on one of those. This patch tries improve this situation at least a bit by declaring 2K as the minimum stack size all of coreboot code should work with. It checks all function frames with -Wstack-usage=1536 to make sure we don't allocate more than 1.5K in a single buffer. This is of course not a perfect test, but it should catch the most common situation of declaring a single, large buffer in some close-to-leaf function (with the assumption that 0.5K is hopefully enough for all the "normal" functions above that). Change one example where we were a bit overzealous and put a 1K buffer into BSS back to stack allocation, since it actually conforms to this new assumption and frees up another kilobyte of that highly sought-after verstage space. Not touching x86 with any of this since it's lack of __PRE_RAM__ BSS often requires it to allocate way more on the stack than would usually be considered sane. BRANCH=veyron BUG=None TEST=Compiled Cosmos, Daisy, Falco, Blaze, Pit, Storm, Urara and Pinky, made sure they still build as well as before and don't show any stack usage warnings. Change-Id: Idc53d33bd8487bbef49d3ecd751914b0308006ec Signed-off-by: Patrick Georgi <pgeorgi@chromium.org> Original-Commit-Id: 8e5931066575e256dfc2295c3dab7f0e1b65417f Original-Change-Id: I30bd9c2c77e0e0623df89b9e5bb43ed29506be98 Original-Signed-off-by: Julius Werner <jwerner@chromium.org> Original-Reviewed-on: https://chromium-review.googlesource.com/236978 Original-Reviewed-by: David Hendricks <dhendrix@chromium.org> Original-Reviewed-by: Aaron Durbin <adurbin@chromium.org> Reviewed-on: http://review.coreboot.org/9729 Tested-by: build bot (Jenkins) Reviewed-by: Stefan Reinauer <stefan.reinauer@coreboot.org>
2015-07-23vboot: set software write protect flagDaisuke Nojiri
TEST=built for samus and veyron_jerry Change-Id: I7173f46d2ed2e323bff227a484c32c4bb6f6c828 Signed-off-by: Daisuke Nojiri <dnojiri@chromium.org> Reviewed-on: http://review.coreboot.org/11028 Tested-by: build bot (Jenkins) Reviewed-by: Aaron Durbin <adurbin@chromium.org>
2015-07-15cbfs: hardcode file alignmentPatrick Georgi
Assume that it's 64 byte. Change-Id: I168facd92f64c2cf99c26c350c60317807a4aed4 Signed-off-by: Patrick Georgi <pgeorgi@chromium.org> Reviewed-on: http://review.coreboot.org/10919 Tested-by: build bot (Jenkins) Reviewed-by: Aaron Durbin <adurbin@chromium.org>
2015-07-08vboot: Don't count boot attempts if lid is closedPatrick Georgi
This can be a problem with freshly updated devices that are periodically powered on while closed (as explained in the bug report). In this case, just don't count down. In case of actual errors (where we want the system to fall back to the old code), this now means that the retries have to happen with the lid open. Bump vboot's submodule revision for the vboot-side support of this. BUG=chromium:446945 TEST=to test the OS update side, follow the test protocol in https://code.google.com/p/chromium/issues/detail?id=446945#c43 With a servo, it can be sped up using the EC console interface to start the closed system - no need to wait 60min and plugging in power to get to that state. Change-Id: I0e39aadc52195fe53ee4a29a828ed9a40d28f5e6 Signed-off-by: Patrick Georgi <pgeorgi@chromium.org> Reviewed-on: http://review.coreboot.org/10851 Tested-by: build bot (Jenkins) Reviewed-by: Aaron Durbin <adurbin@chromium.org>
2015-06-30vboot: move vbnv_* sources around a bit more.Patrick Georgi
The many different places to put vboot verification in can be confusing. Instead of using libverstage (which isn't enough since those functions are sometimes called outside that, too), mention all stages where it can resides explicitly. Change-Id: I9360face822ada7018a1cfdfced8da29b347cbb4 Signed-off-by: Patrick Georgi <pgeorgi@chromium.org> Reviewed-on: http://review.coreboot.org/10722 Tested-by: build bot (Jenkins) Reviewed-by: Stefan Reinauer <stefan.reinauer@coreboot.org>
2015-06-30chromeos: push vbnv_* accessors from verstage to libverstagePatrick Georgi
That way they're available wherever the verstage code ends up, bootblock, verstage or romstage. Change-Id: I6e59a40761f95a98d96a9b72e3bbcc59caae9b1a Signed-off-by: Patrick Georgi <pgeorgi@chromium.org> Reviewed-on: http://review.coreboot.org/10706 Tested-by: build bot (Jenkins) Reviewed-by: Stefan Reinauer <stefan.reinauer@coreboot.org>
2015-06-30Add Kconfig flag to specify if there's a lid switchPatrick Georgi
Not all devices have a lid switch, so we need to state this somehow. Since the alternative would be to extend get_lid_switch()'s semantics to become a tri-state (open, closed, N/A), do this through Kconfig. BRANCH=none BUG=chromium:446945 TEST=none Change-Id: Icc50f72535f256051a59925a178fb27b2e8f7e55 Signed-off-by: Patrick Georgi <pgeorgi@chromium.org> Original-Commit-Id: d20a1d1a22d64546a5d8761b18ab29732ec0b848 Original-Change-Id: Ie8ac401fbaad5b5a9f1dec2b67847c81f4cc94aa Original-Signed-off-by: Patrick Georgi <pgeorgi@google.com> Original-Reviewed-on: https://chromium-review.googlesource.com/273850 Original-Reviewed-by: Stefan Reinauer <reinauer@chromium.org> Original-Tested-by: Patrick Georgi <pgeorgi@chromium.org> Original-Commit-Queue: Patrick Georgi <pgeorgi@chromium.org> Reviewed-on: http://review.coreboot.org/10692 Tested-by: build bot (Jenkins) Reviewed-by: Stefan Reinauer <stefan.reinauer@coreboot.org>
2015-06-29vboot2: Enable VBOOT_DYNAMIC_WORK_BUFFER on x86Stefan Reinauer
Change-Id: Iaadbd52d948000d1ed46865b83bdb0f4926ca429 Signed-off-by: Stefan Reinauer <stefan.reinauer@coreboot.org> Reviewed-on: http://review.coreboot.org/10677 Tested-by: build bot (Jenkins) Reviewed-by: Aaron Durbin <adurbin@chromium.org> Reviewed-by: Patrick Georgi <pgeorgi@google.com>
2015-06-29vboot2: consolidate vboot2 buffer initializationPatrick Georgi
Instead of calling the init function to clear out vboot2 data structures in multiple places, move the function and call close to verstage_main(). Change-Id: If42e18a8e4581f22f7a7aced70ccbe3188bb0cd5 Signed-off-by: Patrick Georgi <pgeorgi@chromium.org> Reviewed-on: http://review.coreboot.org/10701 Reviewed-by: Stefan Reinauer <stefan.reinauer@coreboot.org> Tested-by: build bot (Jenkins) Reviewed-by: Aaron Durbin <adurbin@chromium.org>
2015-06-26google/chromeos: always enable VBOOT_VERIFY_FIRMWARE with CHROMEOSPatrick Georgi
Change-Id: Icc3cf64f259d4ebd7900ad91163276774e5422ab Signed-off-by: Patrick Georgi <pgeorgi@chromium.org> Reviewed-on: http://review.coreboot.org/10661 Tested-by: build bot (Jenkins) Reviewed-by: Stefan Reinauer <stefan.reinauer@coreboot.org>
2015-06-26vboot: Init vb2 work memory area before calling verstagePatrick Georgi
Otherwise it'll determine some offsets from uninitialized data and hilarity ensues. Change-Id: I6a671987857cfd3f3cd6078aebd13dd09fc79020 Signed-off-by: Patrick Georgi <pgeorgi@chromium.org> Reviewed-on: http://review.coreboot.org/10660 Tested-by: build bot (Jenkins) Reviewed-by: Stefan Reinauer <stefan.reinauer@coreboot.org>
2015-06-23chromeos: vpd: properly null terminate valuesStephen Barber
VPD strings are not null terminated, so we can't use strcpy on them in cros_vpd_gets. BUG=none BRANCH=none TEST=add serial_number followed by cam_calib_data to VPD on smaug; make sure that smaug boots and serial number matches exactly (no garbage) Change-Id: Id72885517b3d0b1934ba329c1ef0d89a67bd2bb4 Signed-off-by: Patrick Georgi <pgeorgi@chromium.org> Original-Commit-Id: 56bbe6688b11043360a046a250d1ea93db4d9f0e Original-Change-Id: I811dfc2f0830a91410eb69961a6565080ff78267 Original-Signed-off-by: Stephen Barber <smbarber@chromium.org> Original-Reviewed-on: https://chromium-review.googlesource.com/280836 Original-Reviewed-by: David Hendricks <dhendrix@chromium.org> Original-Reviewed-by: Benson Leung <bleung@chromium.org> Reviewed-on: http://review.coreboot.org/10627 Tested-by: build bot (Jenkins) Reviewed-by: Furquan Shaikh <furquan@google.com> Reviewed-by: Paul Menzel <paulepanter@users.sourceforge.net>
2015-06-09vboot: add new firmware indiciesAaron Durbin
Some patches landed that didn't introduce the Kconfig options for additional firmware components. Add them. Change-Id: I0a0b7f0291389d126a7c491f710618a278cfb5d7 Signed-off-by: Aaron Durbin <adurbin@chromium.org> Reviewed-on: http://review.coreboot.org/10470 Tested-by: build bot (Jenkins) Reviewed-by: Patrick Georgi <pgeorgi@google.com>
2015-06-02assets: abstract away the firmware assets used for bootingAaron Durbin
As there can be more than one source of firmware assets this patch generalizes the notion of locating a particular asset. struct asset is added along with some helper functions for working on assets as a first class citizen. Change-Id: I2ce575d1e5259aed4c34c3dcfd438abe9db1d7b9 Signed-off-by: Aaron Durbin <adurbin@chromium.org> Reviewed-on: http://review.coreboot.org/10264 Reviewed-by: Patrick Georgi <pgeorgi@google.com> Tested-by: build bot (Jenkins)
2015-06-02cbfs: new API and better program loadingAaron Durbin
A new CBFS API is introduced to allow making CBFS access easier for providing multiple CBFS sources. That is achieved by decoupling the cbfs source from a CBFS file. A CBFS source is described by a descriptor. It contains the necessary properties for walking a CBFS to locate a file. The CBFS file is then decoupled from the CBFS descriptor in that it's no longer needed to access the contents of the file. All of this is accomplished using the regions infrastructure by repsenting CBFS sources and files as region_devices. Because region_devices can be chained together forming subregions this allows one to decouple a CBFS source from a file. This also allows one to provide CBFS files that came from other sources for payload and/or stage loading. The program loading takes advantage of those very properties by allowing multiple sources for locating a program. Because of this we can reduce the overhead of loading programs because it's all done in the common code paths. Only locating the program is per source. Change-Id: I339b84fce95f03d1dbb63a0f54a26be5eb07f7c8 Signed-off-by: Aaron Durbin <adurbin@chromium.org> Reviewed-on: http://review.coreboot.org/9134 Tested-by: build bot (Jenkins) Tested-by: Raptor Engineering Automated Test Stand <noreply@raptorengineeringinc.com> Reviewed-by: Patrick Georgi <pgeorgi@google.com>
2015-06-02vboot: Increase max parsed fw components to 6Furquan Shaikh
With addition of bl31 and trusty, we need to increase the number of parsed fw components in vboot to 6. CQ-DEPEND=CL:273866 BUG=chrome-os-partner:40713 BRANCH=None TEST=Compiles successfully and vboot finds trusty and bl31. Change-Id: I3597e98370bbaef4d2e563c868eed59b2e18adca Signed-off-by: Patrick Georgi <pgeorgi@chromium.org> Original-Commit-Id: 0ff87fdbc7779e6ee410905d1618281411b38a93 Original-Change-Id: Ia403f895b50cc5349bb700d01f62e13c679f68f4 Original-Signed-off-by: Furquan Shaikh <furquan@google.com> Original-Reviewed-on: https://chromium-review.googlesource.com/273865 Original-Tested-by: Furquan Shaikh <furquan@chromium.org> Original-Reviewed-by: Aaron Durbin <adurbin@chromium.org> Original-Commit-Queue: Furquan Shaikh <furquan@chromium.org> Original-Trybot-Ready: Furquan Shaikh <furquan@chromium.org> Reviewed-on: http://review.coreboot.org/10391 Tested-by: build bot (Jenkins) Reviewed-by: Furquan Shaikh <furquan@google.com>
2015-05-29chromeos: always enable timestampsStefan Reinauer
Timestamps should not be forced on by a subset of chipsets. However, they are a requirement on Chrome OS platforms, so have CONFIG_CHROMEOS select it. Change-Id: I408c6b17aa8721a3abec69020084174e414a8940 Signed-off-by: Stefan Reinauer <reinauer@chromium.org> Reviewed-on: http://review.coreboot.org/10357 Reviewed-by: Aaron Durbin <adurbin@chromium.org> Reviewed-by: Patrick Georgi <pgeorgi@google.com> Tested-by: build bot (Jenkins)
2015-05-27Move TPM code out of chromeosVladimir Serbinenko
This code is not specific to ChromeOS and is useful outside of it. Like with small modifications it can be used to disable TPM altogether. Change-Id: I8c6baf0a1f7c67141f30101a132ea039b0d09819 Signed-off-by: Vladimir Serbinenko <phcoder@gmail.com> Reviewed-on: http://review.coreboot.org/10269 Tested-by: build bot (Jenkins) Reviewed-by: Aaron Durbin <adurbin@chromium.org>
2015-05-26vboot: move to region_devicesAaron Durbin
Now that vboot is using offsets for everything remove the pass through vboot_get_region() and use region_devices as first class citizens. Change-Id: I1a86f3725e5bce38e6ca31e9641b1a8f4ac50e96 Signed-off-by: Aaron Durbin <adurbin@chromium.org> Reviewed-on: http://review.coreboot.org/10225 Tested-by: build bot (Jenkins) Reviewed-by: Patrick Georgi <pgeorgi@google.com>
2015-05-26fmap: new API using region_deviceAaron Durbin
Instead of being pointer based use the region infrastrucutre. Additionally, this removes the need for arch-specific compilation paths. The users of the new API can use the region APIs to memory map or read the region provided by the new fmap API. Change-Id: Ie36e9ff9cb554234ec394b921f029eeed6845aee Signed-off-by: Aaron Durbin <adurbin@chromium.org> Reviewed-on: http://review.coreboot.org/9170 Tested-by: build bot (Jenkins) Reviewed-by: Patrick Georgi <pgeorgi@google.com>
2015-05-26vboot: use only offsets for tracking firmware componentsAaron Durbin
Because of the fmap API returning pointers to represent regions within the boot device a vboot_region structure was used to track the case where offsets could be pointers on x86 but not on !x86. Normalize this tracking to use offsets only as it provides consistency in the code. Change-Id: I63c08b31ace3bd0e66ebc17e308f87eb5f857c86 Signed-off-by: Aaron Durbin <adurbin@chromium.org> Reviewed-on: http://review.coreboot.org/10221 Tested-by: build bot (Jenkins) Reviewed-by: Patrick Georgi <pgeorgi@google.com>
2015-05-21Remove address from GPLv2 headersPatrick Georgi
As per discussion with lawyers[tm], it's not a good idea to shorten the license header too much - not for legal reasons but because there are tools that look for them, and giving them a standard pattern simplifies things. However, we got confirmation that we don't have to update every file ever added to coreboot whenever the FSF gets a new lease, but can drop the address instead. util/kconfig is excluded because that's imported code that we may want to synchronize every now and then. $ find * -type f -exec sed -i "s:Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, *MA[, ]*02110-1301[, ]*USA:Foundation, Inc.:" {} + $ find * -type f -exec sed -i "s:Foundation, Inc., 51 Franklin Street, Suite 500, Boston, MA 02110-1335, USA:Foundation, Inc.:" {} + $ find * -type f -exec sed -i "s:Foundation, Inc., 59 Temple Place[-, ]*Suite 330, Boston, MA *02111-1307[, ]*USA:Foundation, Inc.:" {} + $ find * -type f -exec sed -i "s:Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA.:Foundation, Inc.:" {} + $ find * -type f -a \! -name \*.patch \ -a \! -name \*_shipped \ -a \! -name LICENSE_GPL \ -a \! -name LGPL.txt \ -a \! -name COPYING \ -a \! -name DISCLAIMER \ -exec sed -i "/Foundation, Inc./ N;s:Foundation, Inc.* USA\.* *:Foundation, Inc. :;s:Foundation, Inc. $:Foundation, Inc.:" {} + Change-Id: Icc968a5a5f3a5df8d32b940f9cdb35350654bef9 Signed-off-by: Patrick Georgi <pgeorgi@chromium.org> Reviewed-on: http://review.coreboot.org/9233 Tested-by: build bot (Jenkins) Reviewed-by: Vladimir Serbinenko <phcoder@gmail.com>
2015-05-19vboot: remove vboot_context.hAaron Durbin
The vboot_context.h file hasn't been used since commit 6d65f796db. Remove it. Change-Id: I57a6c619c6e1f57be6963da2954329bc9c007dd8 Signed-off-by: Aaron Durbin <adurbin@chromium.org> Reviewed-on: http://review.coreboot.org/10223 Tested-by: build bot (Jenkins) Reviewed-by: Paul Menzel <paulepanter@users.sourceforge.net> Reviewed-by: Patrick Georgi <pgeorgi@google.com>
2015-05-13vboot: fix die() hang for recovery pathAaron Durbin
When we are taking the recovery path there is no slot or components to fill out. Change-Id: Ic97a247629365ef54a340c4398cb7491935edc11 Signed-off-by: Aaron Durbin <adurbin@chromium.org> Reviewed-on: http://review.coreboot.org/10198 Tested-by: build bot (Jenkins) Reviewed-by: Stefan Reinauer <stefan.reinauer@coreboot.org> Reviewed-by: Paul Menzel <paulepanter@users.sourceforge.net>
2015-05-13vboot: indicate verstage loading on consoleAaron Durbin
There was no indication of verstage being loaded. Provide this output so that one can follow the flow from console messages. Change-Id: I67ae6bb334608fe10a4a12fe690498afaf6b8366 Signed-off-by: Aaron Durbin <adurbin@chromium.org> Reviewed-on: http://review.coreboot.org/10195 Tested-by: build bot (Jenkins) Reviewed-by: Stefan Reinauer <stefan.reinauer@coreboot.org>
2015-05-13vboot: handle RELOCATABLE_RAMSTAGEAaron Durbin
The support for RELOCATABLE_RAMSTAGE was accidentally omitted in the vboot loader. Add said support. Change-Id: I569918823253c33f698acefd6a619133543c7aef Signed-off-by: Aaron Durbin <adurbin@chromium.org> Reviewed-on: http://review.coreboot.org/10184 Reviewed-by: Stefan Reinauer <stefan.reinauer@coreboot.org> Tested-by: build bot (Jenkins)
2015-05-11vboot: allow for dynamic work buffersAaron Durbin
The vboot library currently relies on link-time known address and sizes of the work buffer. Not all platforms can provide such semantics. Therefore, add an option to use cbmem for the work buffer. This implies such platforms can only do verification of the firmware after main memory has been initialized. Change-Id: If0b0f6b2a187b5c1fb56af08b6cb384a935be096 Signed-off-by: Aaron Durbin <adurbin@chromium.org> Reviewed-on: http://review.coreboot.org/10157 Tested-by: build bot (Jenkins) Reviewed-by: Patrick Georgi <pgeorgi@google.com>
2015-05-11vboot: add vb2_working_data_size()Aaron Durbin
Instead of using the symbols directly provide a size function to provide symmetry between getting the work data and size. It also allows for an abstraction where the linker symbols may not be the only source of this information. Change-Id: I4568064a0050d118c3544ab1ea59a08eb0bad8e4 Signed-off-by: Aaron Durbi <adurbin@chromium.org> Reviewed-on: http://review.coreboot.org/10156 Tested-by: build bot (Jenkins) Reviewed-by: Patrick Georgi <pgeorgi@google.com>
2015-05-11chromeos: remove vboot_verify_firmware()Aaron Durbin
vboot_verify_firmware() was only defined to ease upstreaming. It was only an empty inline as it is so remove it. Additionally, vboot2 does not require romstage_handoff so there's no need in adding it for the nyan boards. Change-Id: I4d84ac9fb60c756cf10742f26503f7f11af5f57b Signed-off-by: Aaron Durbin <adurbin@chromium.org> Reviewed-on: http://review.coreboot.org/10155 Tested-by: build bot (Jenkins) Reviewed-by: Patrick Georgi <pgeorgi@google.com>
2015-05-11vboot: inject vboot loader for stage loadingAaron Durbin
As previously done the vboot loader can be optionally inserted in the stage loading logic in order to decide the source of each stage. This current patch allows for verstage to be loaded and interrogated for the source of all subsequent stages. Additionally, it's also possible to build this logic directly into one of the additional stages. Note that this patch does not allow x86 to work. Change-Id: Iece018f01b220720c2803dc73c60b2c080d637d0 Signed-off-by: Aaron Durbin <adurbin@chromium.org> Reviewed-on: http://review.coreboot.org/10154 Reviewed-by: Patrick Georgi <pgeorgi@google.com> Tested-by: build bot (Jenkins)
2015-05-11vboot2: Use the right set of compiler flags for building vboot librariesPatrick Georgi
This make it pass through -fno-stack-protector, and also uses libverstage fields consistently. verstage is for 'stage' stuff, libverstage for all the vboot logic. Change-Id: I3032e072414bed52effd2dc5057896781ad562c6 Signed-off-by: Patrick Georgi <pgeorgi@google.com> Reviewed-on: http://review.coreboot.org/10174 Reviewed-by: Aaron Durbin <adurbin@chromium.org> Tested-by: build bot (Jenkins)
2015-05-11vboot: allow options to be selected from .configAaron Durbin
In order to allow easier setting of variables without changing mainboards and/or chipset Kconfig files allow the vboot options to be selected by the user. Change-Id: I6e995eb209b4cd63c73ef679d0c5699759d129f5 Signed-off-by: Aaron Durbin <adurbin@chromium.org> Reviewed-on: http://review.coreboot.org/10153 Tested-by: build bot (Jenkins) Reviewed-by: Patrick Georgi <pgeorgi@google.com>
2015-05-11vboot: fix vboot_reference compilationAaron Durbin
The VB_FIRMWARE_ARCH variable was not being set correctly, and the VBOOT_STARTS_IN_BOOTBLOCK Kconfig option was not properly prefixed with CONFIG_. Correct both of these oversights. Change-Id: Id27974c285d2629bd47b90b6a93aca1ec8a76512 Signed-off-by: Aaron Durbin <adurbin@chromium.org> Reviewed-on: http://review.coreboot.org/10152 Tested-by: build bot (Jenkins) Reviewed-by: Patrick Georgi <pgeorgi@google.com>
2015-05-11chromeos: add missing vboot functionsAaron Durbin
Somewhere along the development path the following vboot functions were dropped: int vboot_enable_developer(void) int vboot_enable_recovery(void) Add them back, but also refactor the flag extraction so as not duplicate all that same logic. Change-Id: Id58f3b99f29caeff98b2d3111cfa28241d15b54f Signed-off-by: Aaron Durbin <adurbin@chromium.org> Reviewed-on: http://review.coreboot.org/10151 Tested-by: build bot (Jenkins) Reviewed-by: Patrick Georgi <pgeorgi@google.com>
2015-05-07vboot2: Replace hard coded 'fallback' prefix with Kconfig variablePatrick Georgi
Change-Id: I9cbdf06f4d0956b5374915f8af7501c6f75b4687 Signed-off-by: Patrick Georgi <pgeorgi@chromium.org> Reviewed-on: http://review.coreboot.org/10113 Tested-by: build bot (Jenkins) Reviewed-by: Patrick Georgi <pgeorgi@google.com>
2015-05-053rdparty/vboot: Add vbootPatrick Georgi
This allows providing a verified boot mechanism in the default distribution, as well as reusing vboot code like its crypto primitives for reasonably secure checksums over CBFS files. Change-Id: I729b249776b2bf7aa4b2f69bb18ec655b9b08d90 Signed-off-by: Patrick Georgi <pgeorgi@chromium.org> Reviewed-on: http://review.coreboot.org/10107 Tested-by: build bot (Jenkins) Reviewed-by: Stefan Reinauer <stefan.reinauer@coreboot.org>
2015-05-053rdparty: move to 3rdparty/blobsPatrick Georgi
There's now room for other repositories under 3rdparty. Change-Id: I51b02d8bf46b5b9f3f8a59341090346dca7fa355 Signed-off-by: Patrick Georgi <pgeorgi@chromium.org> Reviewed-on: http://review.coreboot.org/10109 Tested-by: build bot (Jenkins) Reviewed-by: Stefan Reinauer <stefan.reinauer@coreboot.org>
2015-05-053rdparty: Move to blobsPatrick Georgi
To move 3rdparty to 3rdparty/blobs (ie. below itself from git's broken perspective), we need to work around it - since some git implementations don't like the direct approach. Change-Id: I1fc84bbb37e7c8c91ab14703d609a739b5ca073c Signed-off-by: Patrick Georgi <pgeorgi@chromium.org> Reviewed-on: http://review.coreboot.org/10108 Tested-by: build bot (Jenkins) Reviewed-by: Stefan Reinauer <stefan.reinauer@coreboot.org>
2015-05-05vboot2: Fix compiler flags dropped during verstage/libverstage splitAaron Durbin
verstage still needs to be built with its flags. Change-Id: I125e4be283d3838fc7ce6587bf9996731540d517 Signed-off-by: Aaron Durbin <adurbin@chromium.org> Signed-off-by: Patrick Georgi <pgeorgi@chromium.org> Reviewed-on: http://review.coreboot.org/10098 Tested-by: build bot (Jenkins)
2015-05-05console: rename do_vtxprintf to do_printk_va_list and use itAaron Durbin
The name is more consistent with what we have elsewhere, and the callsite didn't build at all (with vboot enabled) Change-Id: I3576f3b8f737d360f68b67b6ce1683199948776d Signed-off-by: Aaron Durbin <adurbin@chromium.org> Signed-off-by: Patrick Georgi <pgeorgi@chromium.org> Reviewed-on: http://review.coreboot.org/10096 Tested-by: build bot (Jenkins)
2015-05-05vboot: Remove vboot_get_payload()Aaron Durbin
It's not used at all. Change-Id: I97bf02a9277f6ca348443c6886f77b4dfc70da78 Signed-off-by: Aaron Durbin <adurbin@chromium.org> Signed-off-by: Patrick Georgi <pgeorgi@chromium.org> Reviewed-on: http://review.coreboot.org/10095 Tested-by: build bot (Jenkins)
2015-04-30vboot: split class in library and stagePatrick Georgi
The build system includes a bunch of files into verstage that also exist in romstage - generic drivers etc. These create link time conflicts when trying to link both the verstage copy and romstage copy together in a combined configuration, so separate "stage" parts (that allow things to run) from "library" parts (that contain the vboot specifics). Change-Id: Ieed910fcd642693e5e89e55f3e6801887d94462f Signed-off-by: Patrick Georgi <pgeorgi@chromium.org> Reviewed-on: http://review.coreboot.org/10041 Tested-by: build bot (Jenkins) Reviewed-by: Paul Menzel <paulepanter@users.sourceforge.net> Reviewed-by: Aaron Durbin <adurbin@chromium.org>
2015-04-30chromeos: Use __attribute__ normal formPatrick Georgi
Change-Id: Idf99c1491386578ac2471ca5cc8a153d2b5225e4 Signed-off-by: Patrick Georgi <pgeorgi@chromium.org> Reviewed-on: http://review.coreboot.org/10044 Reviewed-by: Paul Menzel <paulepanter@users.sourceforge.net> Tested-by: build bot (Jenkins) Reviewed-by: Aaron Durbin <adurbin@chromium.org>
2015-04-30chromeos: Add missing headersPatrick Georgi
Builds with CHROMEOS fail due to missing includes. Change-Id: I8c88bca8f8cc3247d3f3311777f794c4fdfee3c1 Signed-off-by: Patrick Georgi <pgeorgi@chromium.org> Reviewed-on: http://review.coreboot.org/10029 Tested-by: build bot (Jenkins) Reviewed-by: Aaron Durbin <adurbin@chromium.org>
2015-04-30vboot: add and rejuggle Kconfig optionsAaron Durbin
The ChromeOS machines employing vboot verfication require different combinations of support: 1. When vboot verification starts. 2. Is the vboot code a separate stage or program? 3. If a separate stage, does the that vboot program (verstage) return to the stage that loaded the verstage? For the above, #1 is dependent on when to load/run vboot logic which is orthogonal to #2. However, #3 is dependent on #2. The logic to act on the combinations follows in subsequent patches. Change-Id: I39ef7a7c2858e7de43aa99c38121e85a57f1f2f6 Signed-off-by: Aaron Durbin <adurbin@chromium.org> Reviewed-on: http://review.coreboot.org/10024 Tested-by: build bot (Jenkins) Reviewed-by: Patrick Georgi <pgeorgi@google.com>
2015-04-30vboot: move Kconfig options for stage indiciesAaron Durbin
With vboot1 out of the way place all the associated Kconfig options in vboot2's Kconfig file (excluding main vboot verify option). More options will be added to accomodate vboot's various combinations of use cases. Change-Id: I17b06d741a36a5e2fefb2757651a61bfed61ae1e Signed-off-by: Aaron Durbin <adurbin@chromium.org> Reviewed-on: http://review.coreboot.org/10023 Reviewed-by: Patrick Georgi <pgeorgi@google.com> Tested-by: build bot (Jenkins)
2015-04-28vboot: remove vboot_helper.cAaron Durbin
This file was moved previously to get it out of the way for easier merging from the chromium repo. It's not used currently so remove it. Change-Id: I8e691623f29ac2218b83bc46f5b4a348e0e1b3ef Signed-off-by: Aaron Durbin <adurbin@chromium.org> Reviewed-on: http://review.coreboot.org/9960 Tested-by: build bot (Jenkins) Reviewed-by: Patrick Georgi <pgeorgi@google.com> Reviewed-by: Paul Menzel <paulepanter@users.sourceforge.net>
2015-04-28chromeos: remove VBOOT2_VERIFY_FIRMWARE optionAaron Durbin
There's no need to have the VBOOT2_VERIFY_FIRMWARE distinction because it's the only game in town. Change-Id: I82aab665934c27829e1a04115bf499ae527a91aa Signed-off-by: Aaron Durbin <adurbin@chromium.org> Reviewed-on: http://review.coreboot.org/9958 Tested-by: build bot (Jenkins) Reviewed-by: Patrick Georgi <pgeorgi@google.com>
2015-04-28vboot: remove vboot1Aaron Durbin
In preparation for moving to vboot2 for all verified boot paths bring over Kconfig options to the common area from vboot1. Also remove vboot1 directory entirely. Change-Id: Iccc4b570216f834886618f0ba5f2e1dd6c01db4b Signed-off-by: Aaron Durbin <adurbin@chromium.org> Reviewed-on: http://review.coreboot.org/9957 Tested-by: build bot (Jenkins) Reviewed-by: Patrick Georgi <pgeorgi@google.com>
2015-04-28vboot2: Allow merging verstage into bootblockPatrick Georgi
Change-Id: I31cd7f84db8b7176c8854f33421aab5c176cd5ce Signed-off-by: Patrick Georgi <pgeorgi@chromium.org> Reviewed-on: http://review.coreboot.org/10007 Tested-by: build bot (Jenkins) Reviewed-by: Stefan Reinauer <stefan.reinauer@coreboot.org>
2015-04-28vboot2: Always enable timestampsPatrick Georgi
The vboot2 code requires them. Change-Id: I9afaf9b373297b0eebce9ffd7cc05766dee7d6fd Signed-off-by: Patrick Georgi <pgeorgi@chromium.org> Reviewed-on: http://review.coreboot.org/10006 Tested-by: build bot (Jenkins) Reviewed-by: Stefan Reinauer <stefan.reinauer@coreboot.org>
2015-04-28vboot2: get rid of global variable that is used locally and only oncePatrick Georgi
Change-Id: Iaf6d6a8857451fb16916aaae97a6fd5c51bc8cc4 Signed-off-by: Patrick Georgi <pgeorgi@chromium.org> Reviewed-on: http://review.coreboot.org/10005 Tested-by: build bot (Jenkins) Reviewed-by: Stefan Reinauer <stefan.reinauer@coreboot.org>
2015-04-28vboot2: Build verstage archive, then use that for building the stagePatrick Georgi
This slightly streamlines integrating the vboot2 library and prepares for merging verstage and bootblock on selected devices. Change-Id: I2163d1411d0c0c6bf80bce64796e1b6a5a02b802 Signed-off-by: Patrick Georgi <pgeorgi@chromium.org> Reviewed-on: http://review.coreboot.org/10004 Tested-by: build bot (Jenkins) Reviewed-by: Stefan Reinauer <stefan.reinauer@coreboot.org>
2015-04-27cbmem: add and use a function to dump console bufferVadim Bendebury
The new function can be compiled in only when serial console is disabled. When invoked, this function initializes the serial interface and dumps the contents of the CBMEM console buffer to serial output. BRANCH=none BUG=chromium:475347 TEST=compiled for different platforms with and without serial console enabled. No actual test of this function yet. Change-Id: Ia8d16649dc9d09798fa6970f2cfd893438e00dc5 Signed-off-by: Patrick Georgi <pgeorgi@chromium.org> Original-Commit-Id: a38a8254dd788ad188ba2509b9ae117d6f699579 Original-Change-Id: Ib85759a2727e31ba1ca21da7e6c346e434f83b52 Original-Signed-off-by: Vadim Bendebury <vbendeb@chromium.org> Original-Reviewed-on: https://chromium-review.googlesource.com/265293 Original-Reviewed-by: Aaron Durbin <adurbin@chromium.org> Reviewed-on: http://review.coreboot.org/9984 Tested-by: build bot (Jenkins) Reviewed-by: Stefan Reinauer <stefan.reinauer@coreboot.org>
2015-04-27vboot: #include "fmap.h" for declarationsAaron Durbin
In the spirit of include what you use actually #include the header necessary for fmap calls. Change-Id: I7acede51d7139234c0520281799dad3a8d33454f Signed-off-by: Aaron Durbin <adurbin@chromium.org> Reviewed-on: http://review.coreboot.org/9968 Tested-by: build bot (Jenkins) Reviewed-by: Patrick Georgi <pgeorgi@google.com>
2015-04-22elog: enable by default for CHROMEOSPatrick Georgi
elog breaks the build if ELOG_FLASH_BASE isn't configured - and CHROMEOS isn't enabled, since with Chrome OS builds, it just uses fmap to find out the base. So it makes sense to enable it on all Chrome OS builds - if the code never uses it, the linker will drop it soon enough. Change-Id: I7ee129fadf75caf15fb9bd32b0acf6f7d9d015d8 Signed-off-by: Patrick Georgi <pgeorgi@chromium.org> Reviewed-on: http://review.coreboot.org/9965 Tested-by: build bot (Jenkins) Reviewed-by: Stefan Reinauer <stefan.reinauer@coreboot.org>
2015-04-22chromeos: fix some compilation issuesAaron Durbin
This fixes some compilation issues observed with CONFIG_CHROMEOS. Nothing within the vbootX subdirectories is functional yet, but a partial compilation within the chromeos direction works now. Notable fixes: duplicate definitions and missing prototypes. Change-Id: I53c7b6dcf06b8bcf41a8555094b48968c0740026 Signed-off-by: Aaron Durbin <adurbin@chromium.org> Reviewed-on: http://review.coreboot.org/9936 Tested-by: build bot (Jenkins) Reviewed-by: Patrick Georgi <pgeorgi@google.com>
2015-04-22chromeos: make functions visible with CONFIG_CHROMEOSPatrick Georgi
They were keyed to VBOOT_VERIFY_FIRMWARE which made them invisible under some circumstances. Change-Id: I61c56b4d245351fae0ec14f80bcd17ba93184651 Signed-off-by: Patrick Georgi <pgeorgi@chromium.org> Reviewed-on: http://review.coreboot.org/9956 Tested-by: build bot (Jenkins) Reviewed-by: Aaron Durbin <adurbin@chromium.org>
2015-04-22chromeos: Drop {developer,recovery}_mode_enabledPatrick Georgi
They were already moved to src/lib/bootmode.c in commit 5687fc9 Declare recovery and developer modes outside ChromeOS Change-Id: Ia27a0c79baa364ce3779a8a699e9246d26d02ecb Signed-off-by: Patrick Georgi <pgeorgi@chromium.org> Reviewed-on: http://review.coreboot.org/9951 Tested-by: build bot (Jenkins) Reviewed-by: Paul Menzel <paulepanter@users.sourceforge.net> Reviewed-by: Aaron Durbin <adurbin@chromium.org>
2015-04-22vboot2: CFLAGS_* doesn't contain preprocessor flags anymorePatrick Georgi
The preprocessor flags that are manipulated in that line are managed exclusively in CPPFLAGS since commit 58f73a69. Change-Id: I2263401a292b4f7435659b24cf4f695a927015ef Signed-off-by: Patrick Georgi <pgeorgi@chromium.org> Reviewed-on: http://review.coreboot.org/9948 Tested-by: build bot (Jenkins) Reviewed-by: Paul Menzel <paulepanter@users.sourceforge.net> Reviewed-by: Aaron Durbin <adurbin@chromium.org>
2015-04-22vboot: route all resets through a single functionVadim Bendebury
It is necessary to trigger console buffer contents dump on reset. Let's make sure all vboot resets are routed through the same function. BRANCH=none BUG=chromium:475347 TEST=built and booted storm Change-Id: I0d8580fb65417ba4b06dfae763dd6455afc8fc26 Signed-off-by: Patrick Georgi <pgeorgi@chromium.org> Original-Commit-Id: 9788e2043cb1bd5df7e30574f7df4de4f25caa0d Original-Change-Id: Iafca416700c51a0546249438ca583a415a1ca944 Original-Signed-off-by: Vadim Bendebury <vbendeb@chromium.org> Original-Reviewed-on: https://chromium-review.googlesource.com/265292 Original-Reviewed-by: Julius Werner <jwerner@chromium.org> Reviewed-on: http://review.coreboot.org/9931 Tested-by: build bot (Jenkins) Reviewed-by: Stefan Reinauer <stefan.reinauer@coreboot.org>
2015-04-22vboot: add mocked secdataDaisuke Nojiri
This patch allows a board without a secdata storage (typically TPM) to pass the verification stage if recovery path is taken. It's useful for bringup when the actual board is not ready. BUG=none BRANCH=none TEST=booted the kernel from a usb stick on a cygnus reference board Change-Id: I5ab97d1198057d102a1708338d71c606fe106c75 Signed-off-by: Patrick Georgi <pgeorgi@chromium.org> Original-Commit-Id: 5d45acee31fd5b7bfe7444f12e3622bae49fc329 Original-Signed-off-by: Daisuke Nojiri <dnojiri@chromium.org> Original-Reviewed-on: https://chrome-internal-review.googlesource.com/212418 Original-Reviewed-by: Daisuke Nojiri <dnojiri@google.com> Original-Commit-Queue: Daisuke Nojiri <dnojiri@google.com> Original-Tested-by: Daisuke Nojiri <dnojiri@google.com> Original-Change-Id: Iddd9af19a2b6428704254af0c17b642e7a976fb8 Original-Reviewed-on: https://chromium-review.googlesource.com/265046 Reviewed-on: http://review.coreboot.org/9919 Tested-by: build bot (Jenkins) Reviewed-by: Stefan Reinauer <stefan.reinauer@coreboot.org>
2015-04-22vpd: process WiFi MACs along with ethernet MACsVadim Bendebury
coreboot is expected to read all MAC addresses from the VPD and put them in the coreboot table entry, depthcharge is expected to associate different MAC addresses with different kernel device tree nodes. This patch adds processing of wifi_macX keys. The order of MAC addresses in the coreboot table is such that the wifi_macX entries follow ethrnet_macX entries, ordered by X. BRANCH=none BUG=chrome-os-partner:36584 TEST=with the rest patches applied verified the contents of the kernel device tree on an urara board. Change-Id: I6523e168d2fea201a4956bc2a2d605b07ddac452 Signed-off-by: Patrick Georgi <pgeorgi@chromium.org> Original-Commit-Id: 36c12ee1d3ce9d2797902f0e098651067c2283ed Original-Change-Id: Ib87e4815243f34ab258325839cbc12d16120bf89 Original-Signed-off-by: Vadim Bendebury <vbendeb@chromium.org> Original-Reviewed-on: https://chromium-review.googlesource.com/262843 Original-Reviewed-by: Aaron Durbin <adurbin@chromium.org> Reviewed-on: http://review.coreboot.org/9896 Tested-by: build bot (Jenkins) Reviewed-by: Stefan Reinauer <stefan.reinauer@coreboot.org>
2015-04-22vpd: decode calibration data into binaryVadim Bendebury
The preferred way of communicating WiFi calibration data to the kernel is binary blob. But this data is stored in the VPD, and must be in ASCII, so it is encoded using base64. With the recent addition of the bas64 decoder it is possible to convert the VPD representation to the form preferred by the kernel. BRANCH=none BUG=chromium:450169 TEST=with the rest of the patches applied verified that on both storm and urara the device tree contains the required binary data. Change-Id: I89da94bb425767eedc5e2d576e507663afad65ed Signed-off-by: Patrick Georgi <pgeorgi@chromium.org> Original-Commit-Id: c2ae38ded24394e0640b5d077e2231cf956397c5 Original-Change-Id: If8a7d0883ea8bb21a13bf203b25ee9f8a08903a9 Original-Signed-off-by: Vadim Bendebury <vbendeb@chromium.org> Original-Reviewed-on: https://chromium-review.googlesource.com/262842 Reviewed-on: http://review.coreboot.org/9895 Tested-by: build bot (Jenkins) Reviewed-by: Stefan Reinauer <stefan.reinauer@coreboot.org>
2015-04-22vpd: populate coreboot table with serialnoStephen Barber
BRANCH=none BUG=chrome-os-partner:37813 TEST=devicetree is populated with with "compatible", "hardware", and "serialno" properties Change-Id: Ibe84aa05702d2a33456c6c33d15a4c7d4a6d45d7 Signed-off-by: Patrick Georgi <pgeorgi@chromium.org> Original-Commit-Id: 61408d969f5d6e1e40f919b3defd5f1622391c9e Original-Change-Id: I02f360f4e5385042f56eb2b2f29072e393a24fc9 Original-Signed-off-by: Stephen Barber <smbarber@chromium.org> Original-Reviewed-on: https://chromium-review.googlesource.com/259141 Original-Reviewed-by: Aaron Durbin <adurbin@chromium.org> Reviewed-on: http://review.coreboot.org/9882 Tested-by: build bot (Jenkins) Reviewed-by: Stefan Reinauer <stefan.reinauer@coreboot.org>
2015-04-22vboot2: provide config option to clear dev mode state on recoveryVadim Bendebury
On embedded devices with limited input capabilities it is necessary to clear the developer mode condition when entering recovery. The new configuration option will enable such behavior using the new vboot2 flag. CQ-DEPEND=CL:261630 BRANCH=storm BUG=chrome-os-partner:36059 TEST=with the rest of the patches applies observed desired behavior on SP5 Change-Id: I99c3d1330bea9980a2af3b9fd99e29ab96f2cf07 Signed-off-by: Patrick Georgi <pgeorgi@chromium.org> Original-Commit-Id: 4c0a6315d6b4ede8d43e736ee6c82f1023f4716d Original-Change-Id: I8e4a521e574b53a670daf692f7b45dc21635f272 Original-Signed-off-by: Vadim Bendebury <vbendeb@chromium.org> Original-Reviewed-on: https://chromium-review.googlesource.com/261620 Original-Reviewed-by: Aaron Durbin <adurbin@chromium.org> Reviewed-on: http://review.coreboot.org/9878 Tested-by: build bot (Jenkins) Reviewed-by: Stefan Reinauer <stefan.reinauer@coreboot.org>
2015-04-22vboot2: ignore physical dev switch in case virtual mode is configuredVadim Bendebury
It is better to explicitly disable the call to read the physical switch setting than to leave it up to implementation. In fact no implementation would be even required. BRANCH=none BUG=none TEST=verified that storm works as expected Change-Id: I4b39827dba34ec0124960d0634e45d4554252d9b Signed-off-by: Patrick Georgi <pgeorgi@chromium.org> Original-Commit-Id: c9fd014f1bfec6570b20ed8fed16d14d7e4e11b9 Original-Change-Id: I5d6d223f0c684e105a5e3d0b407e0fb181c7a7df Original-Signed-off-by: Vadim Bendebury <vbendeb@chromium.org> Original-Reviewed-on: https://chromium-review.googlesource.com/261588 Original-Reviewed-by: Julius Werner <jwerner@chromium.org> Reviewed-on: http://review.coreboot.org/9876 Tested-by: build bot (Jenkins) Reviewed-by: Stefan Reinauer <stefan.reinauer@coreboot.org>
2015-04-22vboot: when configured, pass the wipeout request to vbootVadim Bendebury
It has become necessary to be able to "factory reset" certain devices on firmware request. The vboot package has been modified to provide the necessary API, this patch introduces a configuration option and uses the API when enabled. CQ-DEPEND=CL:259857 BRANCH=storm BUG=chrome-os-partner:37219 TEST=with all the patches applied, on storm, holding the recovery button at startup for 10 seconds, causes 'crossystem wipeout_request' to report '1'. Change-Id: I5e57bc05af3753f451626021ba30c7726badb7b4 Signed-off-by: Patrick Georgi <pgeorgi@chromium.org> Original-Commit-Id: f70e03e9a8c55bf3c45b075ae4fecfd25da4f446 Original-Change-Id: I4c2192da4fabfdef34d527e5b80d137634eb6987 Original-Signed-off-by: Vadim Bendebury <vbendeb@chromium.org> Original-Reviewed-on: https://chromium-review.googlesource.com/259843 Original-Reviewed-by: David Hendricks <dhendrix@chromium.org> Reviewed-on: http://review.coreboot.org/9862 Tested-by: build bot (Jenkins) Reviewed-by: Stefan Reinauer <stefan.reinauer@coreboot.org>
2015-04-21arm(64): Globally replace writel(v, a) with write32(a, v)Julius Werner
This patch is a raw application of the following spatch to src/: @@ expression A, V; @@ - writel(V, A) + write32(A, V) @@ expression A, V; @@ - writew(V, A) + write16(A, V) @@ expression A, V; @@ - writeb(V, A) + write8(A, V) @@ expression A; @@ - readl(A) + read32(A) @@ expression A; @@ - readb(A) + read8(A) BRANCH=none BUG=chromium:444723 TEST=None (depends on next patch) Change-Id: I5dd96490c85ee2bcbc669f08bc6fff0ecc0f9e27 Signed-off-by: Patrick Georgi <pgeorgi@chromium.org> Original-Commit-Id: 64f643da95d85954c4d4ea91c34a5c69b9b08eb6 Original-Change-Id: I366a2eb5b3a0df2279ebcce572fe814894791c42 Original-Signed-off-by: Julius Werner <jwerner@chromium.org> Original-Reviewed-on: https://chromium-review.googlesource.com/254864 Reviewed-on: http://review.coreboot.org/9836 Tested-by: build bot (Jenkins) Reviewed-by: Stefan Reinauer <stefan.reinauer@coreboot.org>
2015-04-20chromeos: vboot2: Add TPM PCR extension supportJulius Werner
ChromeOS/vboot devices expect the TPM PCRs 0 and 1 to be extended with digests that attest the chosen boot mode (developer/recovery) and the HWID in a secure way. This patch uses the newly added vboot2 support functions to fetch these digests and store them in the TPM. CQ-DEPEND=CL:244542 BRANCH=veyron BUG=chromium:451609 TEST=Booted Jerry. Confirmed that PCR0 contains the same value as on my vboot1 Blaze and Falco (and PCR1 contains some non-zero hash). Original-Change-Id: I7037b8198c09fccee5440c4c85f0821166784cec Original-Signed-off-by: Julius Werner <jwerner@chromium.org> Original-Reviewed-on: https://chromium-review.googlesource.com/245119 Original-Reviewed-by: Aaron Durbin <adurbin@chromium.org> Original-Reviewed-by: Daisuke Nojiri <dnojiri@chromium.org> (cherry picked from commit 8b44e13098cb7493091f2ce6c4ab423f2cbf0177) Signed-off-by: Aaron Durbin <adurbin@chromium.org> Change-Id: I549de8c07353683633fbf73e4ee62ba0ed72ff89 Reviewed-on: http://review.coreboot.org/9706 Tested-by: build bot (Jenkins) Reviewed-by: Stefan Reinauer <stefan.reinauer@coreboot.org> Reviewed-by: Paul Menzel <paulepanter@users.sourceforge.net>
2015-04-20vboot2 workbuf alignment is now 16 bytes, not 8Bill Richardson
BUG=chromium:452179 BRANCH=ToT CQ-DEPEND=CL:243362 TEST=manual emerge-veyron_pinky coreboot Original-Change-Id: Ibcbaea2990e5e06ea7cfaaa5412ef7c1477f5fcc Original-Signed-off-by: Bill Richardson <wfrichar@chromium.org> Original-Reviewed-on: https://chromium-review.googlesource.com/243380 Original-Reviewed-by: Randall Spangler <rspangler@chromium.org> (cherry picked from commit 8e5c18eeb21944bdcb064b4491c6781d16ef5608) Signed-off-by: Aaron Durbin <adurbin@chromium.org> Change-Id: I26f6fb67655cb1dfbdcdc48530ef6bfeb1aa692a Reviewed-on: http://review.coreboot.org/9705 Tested-by: build bot (Jenkins) Reviewed-by: Patrick Georgi <pgeorgi@google.com>
2015-04-18vboot2: provide path for booting using alternative CBFS instancesVadim Bendebury
When CONFIG_MULTIPLE_CBFS_INSTANCES is enabled, the image is expected to have CBFS instances in rw-a and rw-b sections of the bootrom. This patch adds code which makes sure that CBFS header points at the proper bootrpom section as determined by vboot, and the RW stages load from that section. BRANCH=storm BUG=chrome-os-partner:34161, chromium:445938 TEST=with the rest of the patches in, STORM boots all the way into Linux login prompt. Original-Change-Id: I187e3d3e65d548c672fdf3b42419544d3bd11ea1 Original-Signed-off-by: Vadim Bendebury <vbendeb@chromium.org> Original-Reviewed-on: https://chromium-review.googlesource.com/237662 Original-Reviewed-by: Aaron Durbin <adurbin@chromium.org> (cherry picked from commit 71ad0bb41b183374a84a5b9fb92c3afd813ceace) Signed-off-by: Aaron Durbin <adurbin@chromium.org> Change-Id: Ia05cb713981c44da8cb379b72dfbe17fe1f6c5ff Reviewed-on: http://review.coreboot.org/9704 Tested-by: build bot (Jenkins) Reviewed-by: Stefan Reinauer <stefan.reinauer@coreboot.org>
2015-04-18vboot2: Implement new vb2ex_hwcrypto APIJulius Werner
This patch aligns our verstage code to the new API addition in vboot2. The hardware crypto functions are stubbed out by default and just pretend that all algorithms are unsupported, causing vboot to fall back to the normal software hashing code. These weak symbols can be overridden by individual platform code to provide actual hardware crypto engine support. CQ-DEPEND=CL:236453 BRANCH=None BUG=chrome-os-partner:32987 TEST=Booted Pinky, confirmed vboot falls back to software crypto. Original-Change-Id: Idf6a38febd163aa2bff6e9a0e207213f01ca8324 Original-Signed-off-by: Julius Werner <jwerner@chromium.org> Original-Reviewed-on: https://chromium-review.googlesource.com/236435 Original-Reviewed-by: Randall Spangler <rspangler@chromium.org> (cherry picked from commit 9b5ee7f575f1aa3b0eb6ef78947ca93a4818f57b) Signed-off-by: Aaron Durbin <adurbin@chromium.org> Change-Id: I6f0e19255a9bc5c5cd1767db76f1e47897ef0798 Reviewed-on: http://review.coreboot.org/9703 Tested-by: build bot (Jenkins) Reviewed-by: Stefan Reinauer <stefan.reinauer@coreboot.org>
2015-04-18vboot: make vboot2_verify_firmware returnDaisuke Nojiri
this allows each board to decide what to do after firmware verification is done. some board needs to return back to the previous stage and let the previous stage kick off the verified stage. this also makes it more visible what is going to happen in the verstage since stage_exit now resides in main(). BUG=none BRANCH=tot TEST=booted cosmos dev board. booted blaze in normal and recovery mode. built for all current boards. Original-Signed-off-by: Daisuke Nojiri <dnojiri@chromium.org> Original-Change-Id: I3cb466cedf2a9c2b0d48fc4b0f73f76d0714c0c7 Original-Reviewed-on: https://chromium-review.googlesource.com/232517 (cherry picked from commit 495704f36aa54ba12231d396376f01289d083f58) Signed-off-by: Aaron Durbin <adurbin@chromium.org> Change-Id: Ic20dfd3fa93849befc2b37012a5e0907fe83e8e2 Reviewed-on: http://review.coreboot.org/9702 Tested-by: build bot (Jenkins) Reviewed-by: Stefan Reinauer <stefan.reinauer@coreboot.org>
2015-04-17chromeos: Provide common watchdog reboot supportJulius Werner
Many ChromeOS devices use a GPIO to reset the system, in order to guarantee that the TPM cannot be reset without also resetting the CPU. Often chipset/SoC hardware watchdogs trigger some kind of built-in CPU reset, bypassing this GPIO and thus leaving the TPM locked. These ChromeOS devices need to detect that condition in their bootblock and trigger a second (proper) reboot. This patch adds some code to generalize this previously mainboard-specific functionality and uses it on Veyron boards. It also provides some code to add the proper eventlog entry for a watchdog reset. Since the second reboot has to happen before firmware verification and the eventlog is usually only initialized afterwards, we provide the functionality to place a tombstone in a memlayout-defined location (which could be SRAM or some MMIO register that is preserved across reboots). [pg: Integrates 'mips: Temporarily work around build error caused by <arch/io.h> mismatch] BRANCH=veyron BUG=chrome-os-partner:35705 TEST=Run 'mem w 0xff800000 0x9' on a Jerry, watch how a "Hardware watchdog reset" event appears in the eventlog after the reboot. Change-Id: I0a33820b236c9328b2f9b20905b69cb934326f2a Signed-off-by: Patrick Georgi <pgeorgi@chromium.org> Original-Commit-Id: fffc484bb89f5129d62739dcb44d08d7f5b30b33 Original-Change-Id: I7ee1d02676e9159794d29e033d71c09fdf4620fd Original-Signed-off-by: Julius Werner <jwerner@chromium.org> Original-Reviewed-on: https://chromium-review.googlesource.com/242404 Original-Reviewed-by: Aaron Durbin <adurbin@chromium.org> Original-Commit-Id: c919c72ddc9d2e1e18858c0bf49c0ce79f2bc506 Original-Change-Id: I509c842d3393bd810e89ebdf0dc745275c120c1d Original-Signed-off-by: Julius Werner <jwerner@chromium.org> Original-Reviewed-on: https://chromium-review.googlesource.com/242504 Original-Reviewed-by: David Hendricks <dhendrix@chromium.org> Reviewed-on: http://review.coreboot.org/9749 Tested-by: build bot (Jenkins) Reviewed-by: Stefan Reinauer <stefan.reinauer@coreboot.org>
2015-04-17chromeos: Move memlayout.h/symbols.h into common directoryJulius Werner
Turns out there are uses for memlayout regions not specific to vboot2. Rather than add yet another set of headers for a single region, let's make the vboot2 one common for chromeos. BRANCH=veyron BUG=chrome-os-partner:35705 TEST=Booted Jerry, compiled Blaze, Cosmos, Ryu and Storm. Change-Id: I228e0ffce1ccc792e7f5f5be6facaaca2650d818 Signed-off-by: Patrick Georgi <pgeorgi@chromium.org> Original-Commit-Id: c6d7aab9f4e6d0cfa12aa0478288e54ec3096d9b Original-Change-Id: I1dd7d9c4b6ab24de695d42a38913b6d9b952d49b Original-Signed-off-by: Julius Werner <jwerner@chromium.org> Original-Reviewed-on: https://chromium-review.googlesource.com/242630 Original-Reviewed-by: Aaron Durbin <adurbin@chromium.org> Reviewed-on: http://review.coreboot.org/9748 Tested-by: build bot (Jenkins) Reviewed-by: Stefan Reinauer <stefan.reinauer@coreboot.org>
2015-04-17veyron: move setup_chromeos_gpios() prototype to board.hJulius Werner
I always had that TODO comment in there but I had already forgotten what I even meant by it. It's really just a simple cleanup... this function is (currently) veyron-specific and doesn't belong in common code. BRANCH=veyron BUG=None TEST=Booted Jerry. Change-Id: Iccd6130c90e67b8ee905e188857c99deda966f14 Signed-off-by: Patrick Georgi <pgeorgi@chromium.org> Original-Commit-Id: d188398704575ad2fedc2a715e609521da2332b0 Original-Change-Id: I6ce701a15a6542a615d3d81f70aa71662567d4fa Original-Signed-off-by: Julius Werner <jwerner@chromium.org> Original-Reviewed-on: https://chromium-review.googlesource.com/241190 Reviewed-on: http://review.coreboot.org/9733 Tested-by: build bot (Jenkins) Reviewed-by: Stefan Reinauer <stefan.reinauer@coreboot.org>
2015-04-14timestamps: You can never have enough of them!Julius Werner
Now that we have timestamps in pre-RAM stages, let's actually make use of them. This patch adds several timestamps to both the bootblock and especially the verstage to allow more fine-grained boot time tracking. Some of the introduced timestamps can appear more than once per boot. This doesn't seem to be a problem for both coreboot and the cbmem utility, and the context makes it clear which operation was timestamped at what point. Also simplifies cbmem's timestamp printing routine a bit, fixing a display bug when a timestamp had a section of exactly ",000," in it (e.g. 1,000,185). BRANCH=None BUG=None TEST=Booted Pinky, Blaze and Falco, confirmed that all timestamps show up and contained sane values. Booted Storm (no timestamps here since it doesn't support pre-RAM timestamps yet). Change-Id: I7f4d6aba3ebe3db0d003c7bcb2954431b74961b3 Signed-off-by: Patrick Georgi <pgeorgi@chromium.org> Original-Commit-Id: 7a2ce81722aba85beefcc6c81f9908422b8da8fa Original-Change-Id: I5979bfa9445a9e0aba98ffdf8006c21096743456 Original-Signed-off-by: Julius Werner <jwerner@chromium.org> Original-Reviewed-on: https://chromium-review.googlesource.com/234063 Original-Reviewed-by: Aaron Durbin <adurbin@chromium.org> Reviewed-on: http://review.coreboot.org/9608 Tested-by: build bot (Jenkins) Reviewed-by: Stefan Reinauer <stefan.reinauer@coreboot.org>
2015-04-14rk3288: Add CBMEM console support and fix RETURN_FROM_VERSTAGEJulius Werner
Since we can now reduce our vboot2 work buffer by 4K, we can use all that hard-earned space for the CBMEM console instead (and 4K are unfortunately barely enough for all the stuff we dump with vboot2). Also add console_init() and exception_init() to the verstage for CONFIG_RETURN_FROM_VERSTAGE, which was overlooked before (our model requires those functions to be called again at the beginning of every stage... even though some consoles like UARTs might not need it, others like the CBMEM console do). In the !RETURN_FROM_VERSTAGE case, this is expected to be done by the platform-specific verstage entry wrapper, and already in place for the only implementation we have for now (tegra124). (Technically, there is still a bug in the case where EARLY_CONSOLE is set but BOOTBLOCK_CONSOLE isn't, since both verstage and romstage would run init_console_ptr() as if they were there first, so the romstage overwrites the verstage's output. I don't think it's worth fixing that now, since EARLY_CONSOLE && !BOOTBLOCK_CONSOLE is a pretty pointless use-case and I think we should probably just get rid of the CONFIG_BOOTBLOCK_CONSOLE option eventually.) BRANCH=None BUG=None TEST=Booted Pinky. Change-Id: I87914df3c72f0262eb89f337454009377a985497 Signed-off-by: Patrick Georgi <pgeorgi@chromium.org> Original-Commit-Id: 85486928abf364c5d5d1cf69f7668005ddac023c Original-Change-Id: Id666cb7a194d32cfe688861ab17c5e908bc7760d Original-Signed-off-by: Julius Werner <jwerner@chromium.org> Original-Reviewed-on: https://chromium-review.googlesource.com/232614 Reviewed-on: http://review.coreboot.org/9607 Tested-by: build bot (Jenkins) Reviewed-by: Stefan Reinauer <stefan.reinauer@coreboot.org>
2015-04-14CBFS: Correct ROM_SIZE for ARM boards, use CBFS_SIZE for cbfstoolJulius Werner
Some projects (like ChromeOS) put more content than described by CBFS onto their image. For top-aligned images (read: x86), this has traditionally been achieved with a CBFS_SIZE Kconfig (which denotes the area actually managed by CBFS, as opposed to ROM_SIZE) that is used to calculate the CBFS entry start offset. On bottom-aligned boards, many define a fake (smaller) ROM_SIZE for only the CBFS part, which is not consistently done and can be an issue because ROM_SIZE is expected to be a power of two. This patch changes all non-x86 boards to describe their actual (physical) ROM size via one of the BOARD_ROMSIZE_KB_xxx options as a mainboard Kconfig select (which is the correct place to declare unchangeable physical properties of the board). It also changes the cbfstool create invocation to use CBFS_SIZE as the -s parameter for those architectures, which defaults to ROM_SIZE but gets overridden for special use cases like ChromeOS. This has the advantage that cbfstool has a consistent idea of where the area it is responsible for ends, which offers better bounds-checking and is needed for a subsequent fix. Also change the FMAP offset to default to right behind the (now consistently known) CBFS region for non-x86 boards, which has emerged as a de-facto standard on those architectures and allows us to reduce the amount of custom configuration. In the future, the nightmare that is ChromeOS's image build system could be redesigned to enforce this automatically, and also confirm that it doesn't overwrite any space used by CBFS (which is now consistently defined as the file size of coreboot.rom on non-x86). CQ-DEPEND=CL:231576,CL:231475 BRANCH=None BUG=chromium:422501 TEST=Built and booted on Veyron_Pinky. Change-Id: I89aa5b30e25679e074d4cb5eee4c08178892ada6 Signed-off-by: Patrick Georgi <pgeorgi@chromium.org> Original-Commit-Id: e707c67c69599274b890d0686522880aa2e16d71 Original-Change-Id: I4fce5a56a8d72f4c4dd3a08c129025f1565351cc Original-Signed-off-by: Julius Werner <jwerner@chromium.org> Original-Reviewed-on: https://chromium-review.googlesource.com/229974 Original-Reviewed-by: Aaron Durbin <adurbin@chromium.org> Reviewed-on: http://review.coreboot.org/9619 Tested-by: build bot (Jenkins) Reviewed-by: Stefan Reinauer <stefan.reinauer@coreboot.org>
2015-04-13Fix dependency issue in Chrome OS vendor codeStefan Reinauer
make *config was complaining about mainboards selecting a virtual dev switch when CONFIG_CHROMEOS is not enabled. While the long term cleanup should be to move the option out of CONFIG_CHROMEOS and make it not be a user changeable option, this approach is contained to vendorcode/ and gets rid of the warning. Change-Id: Id090eb31d1307af7a0d1f9fbe641534dc24b24a9 Signed-off-by: Stefan Reinauer <stefan.reinauer@coreboot.org> Reviewed-on: http://review.coreboot.org/9301 Tested-by: build bot (Jenkins) Reviewed-by: Patrick Georgi <pgeorgi@google.com>
2015-04-13vboot: remove vboot_handoff.h from chromeos.hDaisuke Nojiri
chromeos.h includes vboot_handoff.h, which includes vboot_api.h. since vboot_api.h is not available to non-chromeos projects, build fails for some boards (e.g. glados). this change removes (unnecessary) inclusion of vboot_handoff.h in chromeos.h and fixes other files which rely on indirect inclusion of vboot_handoff.h by making it direct. BUG=none BRANCH=tot TEST=built for cosmos, falco, lumpy, nyan_blaze, parrot, rambi, rush_ryu, samus, storm, veyron_pinky Change-Id: I465e3657c6a0944bc75a669e5e52e74d46b3ec6c Signed-off-by: Stefan Reinauer <reinauer@chromium.org> Original-Commit-Id: 6ace70d721aceae9257288815ce8fd7c6c74b8f5 Original-Signed-off-by: Daisuke Nojiri <dnojiri@chromium.org> Original-Change-Id: I12612773372e358584d12fffaf5f968a46083fab Original-Reviewed-on: https://chromium-review.googlesource.com/245864 Original-Tested-by: Leroy P Leahy <leroy.p.leahy@intel.com> Original-Reviewed-by: Leroy P Leahy <leroy.p.leahy@intel.com> Original-Reviewed-by: Julius Werner <jwerner@chromium.org> Reviewed-on: http://review.coreboot.org/9566 Tested-by: build bot (Jenkins) Reviewed-by: Patrick Georgi <pgeorgi@google.com>
2015-04-13vboot2: Fill vboot1 handoff with correct TPM firmware versionJulius Werner
sd->fw_version represents the version of the *current* firmware, which is not necessarily the same as the one stored in the TPM (and may be 0 in recovery mode). Use the newly added sd->fw_version_secdata instead which contains a more correct value. CQ-DEPEND=CL:244601 BRANCH=veyron BUG=chrome-os-partner:35941 TEST=Booted Jerry in recovery mode, confirmed crossystem tpm_fwver was corrent (and not 0). Change-Id: I30f5998da5ac518d6fcb7a651eba4e1fabc14478 Signed-off-by: Stefan Reinauer <reinauer@chromium.org> Original-Commit-Id: eb8142f69cea34e11f9081caafcaae7a15cc3801 Original-Change-Id: Id95bd8c6412f2e8b2ae643c3b5a3dee13d0d47be Original-Signed-off-by: Julius Werner <jwerner@chromium.org> Original-Reviewed-on: https://chromium-review.googlesource.com/244591 Original-Reviewed-by: Randall Spangler <rspangler@chromium.org> Reviewed-on: http://review.coreboot.org/9565 Tested-by: build bot (Jenkins) Reviewed-by: Patrick Georgi <pgeorgi@google.com>
2015-04-13The vboot_reference fwlib2 target has changed to fwlib20Bill Richardson
There are multiple vboot APIs (1.0, 2.0, 2.1). We have to be explicit about which library we want to link with. When building firmware, the vboot_reference Makefile should be invoked in one of three ways: TARGET OUTPUT VERSION fwlib vboot_fw.a 1.0 fwlib20 vboot_fw20.a 2.0 fwlib21 vboot_fw21.a 2.1 BUG=chromium:228932 BRANCH=ToT CQ-DEPEND=CL:243980 TEST=manual emerge-veyron_pinky vboot_reference coreboot emerge-samus vboot_reference coreboot emerge-daisy_spring vboot_reference chromeos-u-boot Change-Id: I7dde513c49b8148bf46e8768ae438e1a85af4243 Signed-off-by: Stefan Reinauer <reinauer@chromium.org> Original-Commit-Id: 5e339cadad4815f061d4e5e20a9c9733f64cc90b Original-Change-Id: I850646117211930d9215693c48f2c30d55a984d3 Original-Signed-off-by: Bill Richardson <wfrichar@chromium.org> Original-Reviewed-on: https://chromium-review.googlesource.com/243981 Original-Reviewed-by: Randall Spangler <rspangler@chromium.org> Reviewed-on: http://review.coreboot.org/9564 Tested-by: build bot (Jenkins) Reviewed-by: Patrick Georgi <pgeorgi@google.com>
2015-04-13chromeos: add get_recovery_mode_from_vbnv() to vbnv_flashDavid Hendricks
The first platform that used flash-backed VBNV data has a physical recovery switch, get_recovery_mode_from_vbnv() was never implemented. This patch adds get_recovery_mode_from_vbnv() similarly to how it's implemented for other vbnv storage in other places. BUG=chrome-os-partner:34436 BRANCH=none TEST=needs testing Change-Id: Ifd795c5c1ff0f23619fd2125b4795571af03ece1 Signed-off-by: Stefan Reinauer <reinauer@chromium.org> Original-Commit-Id: 09f1bf96089bf9d159e4220c1f4d99388d709545 Original-Signed-off-by: David Hendricks <dhendrix@chromium.org> Original-Change-Id: I9cf18c988eaa4b7e720d6c66a02b1c5c63b473e9 Original-Reviewed-on: https://chromium-review.googlesource.com/239978 Original-Reviewed-by: Julius Werner <jwerner@chromium.org> Reviewed-on: http://review.coreboot.org/9563 Tested-by: build bot (Jenkins) Reviewed-by: Patrick Georgi <pgeorgi@google.com>
2015-04-13chromeos: Reverse FMAP signature constant to avoid having it in .rodataJulius Werner
Even though coreboot always hardcodes the FMAP offset, the same is not possible for all other tools that manipulate ROM images. Some need to manually find the FMAP by searching for it's magic number (ASCII "__FMAP__"). If we do something like 'memcmp(fmap_buffer, "__FMAP__", ...) in coreboot code, it has the unfortunate side effect that the compiler will output that very same magic number as a constant in the .rodata section to compare against. Other tools may mistake this for the "real" FMAP location and get confused. This patch reverses the constant defined in coreboot and changes the only use of it correspondingly. It is not impossible but extremely unlikely (at the current state of the art) that any compiler would be clever enough to understand this pattern and optimize it back to a straight memcmp() (GCC 4.9 definitely doesn't), so it should solve the problem at least for another few years/decades. BRANCH=veyron BUG=chromium:447051 TEST=Made sure the new binaries actually contain "__PAMF__" in their .rodata. Booted Pinky. Independently corrupted both the first and the last byte of the FMAP signature with a hex editor and confirmed that signature check fails in both cases. Change-Id: I314b5e7e4d78352f409e73a3ed0e71d1b56fe774 Signed-off-by: Stefan Reinauer <reinauer@chromium.org> Original-Commit-Id: 1359d2d4502eb34a043dffab35cf4a5b033ed65a Original-Change-Id: I725652ef2a77f7f99884b46498428c3d68cd0945 Original-Signed-off-by: Julius Werner <jwerner@chromium.org> Original-Reviewed-on: https://chromium-review.googlesource.com/240723 Original-Reviewed-by: Daisuke Nojiri <dnojiri@chromium.org> Original-Reviewed-by: David Hendricks <dhendrix@chromium.org> Reviewed-on: http://review.coreboot.org/9562 Tested-by: build bot (Jenkins) Reviewed-by: Patrick Georgi <pgeorgi@google.com>
2015-04-13vbnv flash: use proper SPI flash offset for NVRAMVadim Bendebury
The current vbnv flash code mistakenly uses the offset into the NVRAM area as the absolute offset into the SPI NOR. This causes overwrites RO section of the flash (when it is not protected) and causes failures to retrieve the NVRAM contents by the user space apps. This patch makes sure that the correct offset is used when accessing NVRAM area in the SPI flash. BRANCH=storm BUG=chrome-os-partner:35316 TEST=run the update code on storm. - no more RO section corruption observed - running 'crossystem recovery_request=1' at Linux prompt causes the next boot happen in recovery mode Change-Id: Iba96cd2e0e5e01c990f8c1de8d2a2233cd9e9bc9 Signed-off-by: Stefan Reinauer <reinauer@chromium.org> Original-Commit-Id: 9fd15ff4b7aa77536723edbb94fa81f0ae767aed Original-Change-Id: I86fe4b9a35f7c16b72abf49cfbfcd42cc87937e3 Original-Signed-off-by: Vadim Bendebury <vbendeb@chromium.org> Original-Reviewed-on: https://chromium-review.googlesource.com/240143 Original-Reviewed-by: Daisuke Nojiri <dnojiri@chromium.org> Reviewed-on: http://review.coreboot.org/9561 Tested-by: build bot (Jenkins) Reviewed-by: Patrick Georgi <pgeorgi@google.com>
2015-04-13chromeos: Move common VBNV offsets to a headerDavid Hendricks
Some common VBNV variable offsets were defined in multiple vbnv_* source files. This moves them to a header so that we can avoid duplicating them in the future. BUG=none BRANCH=none TEST=compiled for nyan_blaze and rambi Change-Id: Ic292e546b665b40678b4de598783c1f6bfa35426 Signed-off-by: Stefan Reinauer <reinauer@chromium.org> Original-Commit-Id: fd776f303a3d057d4b70997e7bb6bc85767e2278 Original-Signed-off-by: David Hendricks <dhendrix@chromium.org> Original-Change-Id: Ifcc13c90a910b86d4f9bb0027d913572c1d6d00b Original-Reviewed-on: https://chromium-review.googlesource.com/239977 Original-Reviewed-by: Aaron Durbin <adurbin@chromium.org> Original-Reviewed-by: Julius Werner <jwerner@chromium.org> Original-Reviewed-by: Randall Spangler <rspangler@chromium.org> Reviewed-on: http://review.coreboot.org/9560 Tested-by: build bot (Jenkins) Reviewed-by: Patrick Georgi <pgeorgi@google.com>
2015-04-13vboot1: Set BEFORE_OPROM_LOAD flag for VbInit()Duncan Laurie
This sets the new VB_INIT_FLAG_BEFORE_OPROM_LOAD flag for VbInit() to indicate that we are running from early firmware before option rom loading has occurred so it can do the right thing when it checks whether or not to tell the system to reboot after setting the VbNv flag. BUG=chrome-os-partner:32379 BRANCH=samus TEST=pass FAFT tests on samus Change-Id: Id432dc154736baa799d9ddf5a6a25bccc66217ef Signed-off-by: Stefan Reinauer <reinauer@chromium.org> Original-Commit-Id: 8a576b0bf4b912f85a4e82bfe2cf13c838a069cc Original-Signed-off-by: Duncan Laurie <dlaurie@chromium.org> Original-Change-Id: I6968fcb6cda74e88f56bea6ea9bbf77cc795b8d6 Original-Reviewed-on: https://chromium-review.googlesource.com/230887 Original-Reviewed-by: Aaron Durbin <adurbin@chromium.org> Reviewed-on: http://review.coreboot.org/9559 Tested-by: build bot (Jenkins) Reviewed-by: Patrick Georgi <pgeorgi@google.com>
2015-04-13vboot1: Fix compilation error with CONFIG_ARCH_ROMSTAGE_ARM64 enabledYidi Lin
make: *** No rule to make target `build/lib/memset.rmodules.o', needed by `build/vendorcode/google/chromeos/vboot1/vbootstub.elf'. Stop. Fix the error by refering to ./src/arch/arm64/Makefile.inc: rmodules_arm64-y += ../../lib/memset.c rmodules_arm64-y += ../../lib/memcpy.c BRANCH=none BUG=none TEST=build pass on our own MT8173 board Change-Id: Ic870136db1ec9405e3d30caf6085f056bc46a5c2 Signed-off-by: Stefan Reinauer <reinauer@chromium.org> Original-Commit-Id: d317dbe8732abbf7e785466e7d1e07425aac326f Original-Change-Id: I69a7db83154a23f7878e9c604c9b541fb6fa308d Original-Reviewed-on: https://chromium-review.googlesource.com/237974 Original-Reviewed-by: Stefan Reinauer <reinauer@chromium.org> Original-Reviewed-by: Furquan Shaikh <furquan@chromium.org> Original-Commit-Queue: Yidi Lin <yidi.lin@mediatek.com> Original-Tested-by: Yidi Lin <yidi.lin@mediatek.com> Reviewed-on: http://review.coreboot.org/9591 Tested-by: build bot (Jenkins) Reviewed-by: Patrick Georgi <pgeorgi@google.com>
2015-04-13vboot2: use offset to vboot2 work buffer instead of absolute addressDaisuke Nojiri
this change makes vb2_working_data struct point to the vboot work buffer by the offset instead of by the absolute address, which can be different depending on the context (e.g. subprocessor v.s. main cpu). BUG=none BRANCH=tot TEST=booted veyron pinky Change-Id: I2191ca756c4f49441b3a357338f9c84564b58918 Signed-off-by: Stefan Reinauer <reinauer@chromium.org> Original-Commit-Id: 93f8b1da2b2c81aa3a33892987a71e9e1e7a8eff Original-Change-Id: I4e4c12613304586b7395c5173cf08b8093f59521 Original-Signed-off-by: Daisuke Nojiri <dnojiri@chromium.org> Original-Reviewed-on: https://chromium-review.googlesource.com/236583 Original-Reviewed-by: Julius Werner <jwerner@chromium.org> Reviewed-on: http://review.coreboot.org/9588 Tested-by: build bot (Jenkins) Reviewed-by: Patrick Georgi <pgeorgi@google.com>