Age | Commit message (Collapse) | Author |
|
We introduce two new functions to create region objects. They allow us
to check for integer overflows (region_create_untrusted()) or assert
their absence (region_create()).
This fixes potential overflows in region_overlap() checks in SMI
handlers, where we would wrongfully report MMIO as *not* overlapping
SMRAM.
Also, two cases of strtol() in parse_region() (cbfstool), where the
results were implicitly converted to `size_t`, are replaced with the
unsigned strtoul().
FIT payload support is left out, as it doesn't use the region API
(only the struct).
Change-Id: I4ae3e6274c981c9ab4fb1263c2a72fa68ef1c32b
Ticket: https://ticket.coreboot.org/issues/522
Found-by: Vadim Zaliva <lord@digamma.ai>
Signed-off-by: Nico Huber <nico.h@gmx.de>
Reviewed-on: https://review.coreboot.org/c/coreboot/+/79905
Tested-by: build bot (Jenkins) <no-reply@coreboot.org>
Reviewed-by: Felix Held <felix-coreboot@felixheld.de>
|
|
On x86_64 romstage can contain page tables and a page table pointer
which have an larger alignment requirement of 4096. Instead of
hardcoding it, read if from the ELF phdrs.
Change-Id: I94e4a4209b7441ecb2966a1342c3d46625771bb8
Signed-off-by: Arthur Heymans <arthur@aheymans.xyz>
Reviewed-on: https://review.coreboot.org/c/coreboot/+/82102
Reviewed-by: Shuo Liu <shuo.liu@intel.com>
Tested-by: build bot (Jenkins) <no-reply@coreboot.org>
Reviewed-by: Jérémy Compostella <jeremy.compostella@intel.com>
Reviewed-by: Julius Werner <jwerner@chromium.org>
|
|
SELF has the fields wired up for 64bit, but adding flat images cuts the
upper half.
Change-Id: I3b48b8face921e942fb0e01eace791ad3e1669a0
Signed-off-by: Patrick Georgi <patrick@coreboot.org>
Reviewed-on: https://review.coreboot.org/c/coreboot/+/80576
Reviewed-by: ron minnich <rminnich@gmail.com>
Tested-by: build bot (Jenkins) <no-reply@coreboot.org>
|
|
In the unlikely but possible event where the name of the CBFS file is
longer than 232 characters, `cbfs_create_file_header()' would overflow
the buffer it allocated when it copies the CBFS filename.
Change-Id: If1825b5af21f7a20ce2a7ccb2d45b195c2fb67b0
Signed-off-by: Jeremy Compostella <jeremy.compostella@intel.com>
Reviewed-on: https://review.coreboot.org/c/coreboot/+/78500
Tested-by: build bot (Jenkins) <no-reply@coreboot.org>
Reviewed-by: Eric Lai <ericllai@google.com>
Reviewed-by: Julius Werner <jwerner@chromium.org>
|
|
For x86 eXecute-In-Place (XIP) .data section support, cbfstool need to
to skip relocation of the .data section symbols in addition to
.car.data section symbols.
To support this requirement, this patch makes the `-S` option take a
multiple section names separated by commas.
TEST=With `-S ".car.data .data"`, XIP pre-memory stages with
a `.data` section do not have any of the `.car.data` or `.data`
section symbols relocated.
Change-Id: Icf09ee5a318e37c5da94bba6c0a0f39485963d3a
Signed-off-by: Jeremy Compostella <jeremy.compostella@intel.com>
Reviewed-on: https://review.coreboot.org/c/coreboot/+/77560
Tested-by: build bot (Jenkins) <no-reply@coreboot.org>
Reviewed-by: Julius Werner <jwerner@chromium.org>
|
|
Signed-off-by: Maximilian Brune <maximilian.brune@9elements.com>
Change-Id: Ica512d21d1cef8ccffbc093016c7a3bfcf901b14
Reviewed-on: https://review.coreboot.org/c/coreboot/+/73488
Reviewed-by: Lean Sheng Tan <sheng.tan@9elements.com>
Tested-by: build bot (Jenkins) <no-reply@coreboot.org>
|
|
With commit 34a7e66faa46 ("util/cbfstool: Add a new mechanism to
provide a memory map"), builds are failing on 32-bit platforms with:
../cbfstool/cbfstool.c:397:30: error: format specifies type 'unsigned long' but the argument has type 'size_t' (aka 'unsigned int') [-Werror,-Wformat]
printf("Image SIZE %lu\n", image_size);
~~~ ^~~~~~~~~~
%zu
Change the format specifier from %lu to %zu.
TEST=`emerge-cherry coreboot-utils` now succeeds
Change-Id: I3602f57cf91c330122019bfa921faef6deb2b4ce
Signed-off-by: Reka Norman <rekanorman@chromium.org>
Reviewed-on: https://review.coreboot.org/c/coreboot/+/70848
Reviewed-by: Elyes Haouas <ehaouas@noos.fr>
Tested-by: build bot (Jenkins) <no-reply@coreboot.org>
Reviewed-by: Angel Pons <th3fanbus@gmail.com>
Reviewed-by: Paul Menzel <paulepanter@mailbox.org>
|
|
Clang -Wshadow is more rigorous than GCC and picks a shadowing of the
optarg global variable in /usr/include/bits/getopt_core.h .
TESTED: builds with both gcc and clang.
Change-Id: Ifc362c84511abb6a000671f03498e841d7747074
Signed-off-by: Arthur Heymans <arthur@aheymans.xyz>
Reviewed-on: https://review.coreboot.org/c/coreboot/+/70508
Reviewed-by: Kapil Porwal <kapilporwal@google.com>
Reviewed-by: Tarun Tuli <taruntuli@google.com>
Tested-by: build bot (Jenkins) <no-reply@coreboot.org>
Reviewed-by: Angel Pons <th3fanbus@gmail.com>
Reviewed-by: Subrata Banik <subratabanik@google.com>
|
|
This replaces the mechanism with --ext-win-base --ext-win-size with a
more generic mechanism where cbfstool can be provided with an arbitrary
memory map.
This will be useful for AMD platforms with flash sizes larger than 16M
where only the lower 16M half gets memory mapped below 4G. Also on Intel
system the IFD allows for a memory map where the "top of flash" !=
"below 4G". This is for instance the case by default on Intel APL.
TEST: google/brya build for chromeos which used --ext-win-base remains
the same after this change with BUILD_TIMELESS=1.
Change-Id: I38ab4c369704497f711e14ecda3ff3a8cdc0d089
Signed-off-by: Arthur Heymans <arthur@aheymans.xyz>
Reviewed-on: https://review.coreboot.org/c/coreboot/+/68160
Tested-by: build bot (Jenkins) <no-reply@coreboot.org>
Reviewed-by: Julius Werner <jwerner@chromium.org>
|
|
Handle the possible memory leak scenario.
Foundby=klocwork
BUG=NONE
TEST=Boot to OS on Nivviks
Change-Id: I01c4643d1e671d9bd9971ac6db8031634fffd61e
Signed-off-by: Shaik Shahina <shahina.shaik@intel.com>
Reviewed-on: https://review.coreboot.org/c/coreboot/+/69220
Reviewed-by: Shahina Shaik <shahina.shaik@intel.corp-partner.google.com>
Tested-by: build bot (Jenkins) <no-reply@coreboot.org>
Reviewed-by: Yu-Ping Wu <yupingso@google.com>
|
|
Metadata Hash is usually present inside the first segment of BIOS. On
board where vboot starts in bootblock, it is present in bootblock. On
boards where vboot starts before bootblock, it is present in file
containing verstage. Update cbfstool to check for metadata hash in file
containing verstage besides bootblock.
Add a new CBFS file type for the concerned file and exclude it from CBFS
verification.
BUG=b:227809919
TEST=Build and boot to OS in Skyrim with CBFS verification enabled using
x86 and PSP verstages.
Change-Id: Ib4dfba6a9cdbda0ef367b812f671c90e5f90caf8
Signed-off-by: Karthikeyan Ramasubramanian <kramasub@google.com>
Reviewed-on: https://review.coreboot.org/c/coreboot/+/66942
Reviewed-by: Julius Werner <jwerner@chromium.org>
Reviewed-by: Yu-Ping Wu <yupingso@google.com>
Reviewed-by: Raul Rangel <rrangel@chromium.org>
Tested-by: build bot (Jenkins) <no-reply@coreboot.org>
|
|
CL:3825558 changes all vb2_digest and vb2_hash functions to take a new
hwcrypto_allowed argument, to potentially let them try to call the
vb2ex_hwcrypto API for hash calculation. This change will open hardware
crypto acceleration up to all hash calculations in coreboot (most
notably CBFS verification). As part of this change, the
vb2_digest_buffer() function has been removed, so replace existing
instances in coreboot with the newer vb2_hash_calculate() API.
Due to the circular dependency of these changes with vboot, this patch
also needs to update the vboot submodule:
Updating from commit id 18cb85b5:
2load_kernel.c: Expose load kernel as vb2_api
to commit id b827ddb9:
tests: Ensure auxfw sync runs after EC sync
This brings in 15 new commits.
Signed-off-by: Julius Werner <jwerner@chromium.org>
Change-Id: I287d8dac3c49ad7ea3e18a015874ce8d610ec67e
Reviewed-on: https://review.coreboot.org/c/coreboot/+/66561
Tested-by: build bot (Jenkins) <no-reply@coreboot.org>
Reviewed-by: Jakub Czapiga <jacz@semihalf.com>
|
|
Check return value of cbfs_truncate_space() in cbfs_truncate().
Remove return from cbfs_image_from_buffer() to inform about invalid
image region when incorrect offset header was provided.
Also change header offset provided to mentioned function in
cbfs_expand_to_region() and cbfs_truncate_space() from zero
to HEADER_OFFSET_UNKNOWN, as they do not support images with cbfs master
header.
Signed-off-by: Jakub Czapiga <jacz@semihalf.com>
Change-Id: Ib009212692fb3594a826436df765860f54837154
Reviewed-on: https://review.coreboot.org/c/coreboot/+/66334
Tested-by: build bot (Jenkins) <no-reply@coreboot.org>
Reviewed-by: Julius Werner <jwerner@chromium.org>
|
|
Since there are many identifiers whose name contain "__unused" in
headers of musl libc, introducing a macro which expands "__unused" to
the source of a util may have disastrous effect during its compiling
under a musl-based platform.
However, it is hard to detect musl at build time as musl is notorious
for having explicitly been refusing to add a macro like "__MUSL__" to
announce its own presence.
Using __always_unused and __maybe_unused for everything may be a good
idea. This is how it works in the Linux kernel, so that would at least
make us match some other standard rather than doing our own thing
(especially since the other compiler.h shorthand macros are also
inspired by Linux).
Signed-off-by: Bill XIE <persmule@hardenedlinux.org>
Change-Id: I547ae3371d7568f5aed732ceefe0130a339716a9
Reviewed-on: https://review.coreboot.org/c/coreboot/+/65717
Tested-by: build bot (Jenkins) <no-reply@coreboot.org>
Reviewed-by: Felix Singer <felixsinger@posteo.net>
Reviewed-by: Julius Werner <jwerner@chromium.org>
|
|
This patch adds a new line to `cbfstool print -v` output that records
the overall CBFS verification health of the image. While this info was
already visible from individual fields before, it's nice to have a
one-stop location to see "this is a good image" without having to
carefully parse a lot of output manually.
Also add a few lines to the Makefile that check whether this field is
valid for the final image (it always should be, but hopefully this check
will allow us to catch regressions like the one fixed by CB:64547 sooner
in the future).
BUG=b:233263447
Signed-off-by: Julius Werner <jwerner@chromium.org>
Change-Id: I1b74b01a55b22294556007aaee835d0fdb9e1c63
Reviewed-on: https://review.coreboot.org/c/coreboot/+/64657
Tested-by: build bot (Jenkins) <no-reply@coreboot.org>
Reviewed-by: Yu-Ping Wu <yupingso@google.com>
|
|
The Intel Firmware Interface Table (FIT) is a bit of an annoying outlier
among CBFS files because it gets manipulated by a separate utility
(ifittool) after cbfstool has already added it to the image. This will
break file hashes created for CBFS verification.
This is not actually a problem when booting, since coreboot never
actually loads the FIT from CBFS -- instead, it's only in the image for
use by platform-specific mechanisms that run before coreboot's
bootblock. But having an invalid file hash in the CBFS image is
confusing when you want to verify that the image is correctly built for
verification.
This patch adds a new CBFS file type "intel_fit" which is only used for
the intel_fit (and intel_fit_ts, if applicable) file containing the FIT.
cbfstool will avoid generating and verifying file hashes for this type,
like it already does for the "bootblock" and "cbfs header" types. (Note
that this means that any attempt to use the CBFS API to actually access
this file from coreboot will result in a verification error when CBFS
verification is enabled.)
Signed-off-by: Julius Werner <jwerner@chromium.org>
Change-Id: I1c1bb6dab0c9ccc6e78529758a42ad3194cd130c
Reviewed-on: https://review.coreboot.org/c/coreboot/+/64736
Tested-by: build bot (Jenkins) <no-reply@coreboot.org>
Reviewed-by: Arthur Heymans <arthur@aheymans.xyz>
|
|
There are too many "FIT" in firmware land. In order to reduce possible
confusion of CBFS_TYPE_FIT with the Intel Firmware Interface Table, this
patch renames it to CBFS_TYPE_FIT_PAYLOAD (including the cbfstool
argument, so calling scripts will now need to replace `-t fit` with `-t
fit_payload`).
Signed-off-by: Julius Werner <jwerner@chromium.org>
Change-Id: I826cefce54ade06c6612c8a7bb53e02092e7b11a
Reviewed-on: https://review.coreboot.org/c/coreboot/+/64735
Tested-by: build bot (Jenkins) <no-reply@coreboot.org>
Reviewed-by: Yu-Ping Wu <yupingso@google.com>
|
|
cb_err_t was meant to be used in place of `enum cb_err` in all
situations, but the choice to use a typedef here seems to be
controversial. We should not be arbitrarily using two different
identifiers for the same thing across the codebase, so since there are
no use cases for serializing enum cb_err at the moment (which would be
the primary reason to typedef a fixed-width integer instead), remove
cb_err_t again for now.
Signed-off-by: Julius Werner <jwerner@chromium.org>
Change-Id: Iaec36210d129db26d51f0a105d3de070c03b686b
Reviewed-on: https://review.coreboot.org/c/coreboot/+/62600
Tested-by: build bot (Jenkins) <no-reply@coreboot.org>
Reviewed-by: Yu-Ping Wu <yupingso@google.com>
Reviewed-by: Tim Wawrzynczak <twawrzynczak@chromium.org>
|
|
Instead of maintaining another set of byteswapping functions in
cbfstool, this change removes swab.h and replaces it with
bsd/sysincludes.h from commonlib. Callers have been updated to use
be32toh/be64toh/htobe32/htobe64 instead of ntohl/ntohll/htonl/htonll
respectively.
Change-Id: I54195865ab4042fcf83609fcf67ef8f33994d68e
Signed-off-by: Alex James <theracermaster@gmail.com>
Reviewed-on: https://review.coreboot.org/c/coreboot/+/60233
Tested-by: build bot (Jenkins) <no-reply@coreboot.org>
Reviewed-by: Angel Pons <th3fanbus@gmail.com>
Reviewed-by: Julius Werner <jwerner@chromium.org>
|
|
`cbfstool locate` and the associated -T switch were removed a looong
time ago (2015 in CB:11671). However, getopt and the help text weren't
cleaned up correctly. Fix that.
Signed-off-by: Julius Werner <jwerner@chromium.org>
Change-Id: Ib098278d68df65d348528fbfd2496b5737ca6246
Reviewed-on: https://review.coreboot.org/c/coreboot/+/60085
Tested-by: build bot (Jenkins) <no-reply@coreboot.org>
Reviewed-by: Raul Rangel <rrangel@chromium.org>
|
|
The whole point of moving do_cbfs_locate() later (CB:59877) was that it
could use the file size that is actually going to be inserted into CBFS,
rather than the on-disk file size. Unfortunately, after all that work I
forgot to actually make it do that. This patch fixes that.
Since there is no more use case for do_cbfs_locate() having to figure
out the file size on its own, and that generally seems to be a bad idea
(as the original issue shows), also remove that part of it completely
and make the data_size parameter mandatory.
Signed-off-by: Julius Werner <jwerner@chromium.org>
Change-Id: I1af35e8e388f78aae3593c029afcfb4e510d2b8f
Reviewed-on: https://review.coreboot.org/c/coreboot/+/60084
Tested-by: build bot (Jenkins) <no-reply@coreboot.org>
Reviewed-by: Raul Rangel <rrangel@chromium.org>
|
|
In cbfs_add_component(), the |offset| variable confusingly jumps back
and forth between host address space and flash address space in some
cases. This patch tries to clean that logic up a bit by converting it
to flash address space very early in the function, and then keeping it
that way afterwards. convert() implementations that need the host
address space value should store it in a different variable to reduce
the risk of confusion. This should also fix a tiny issue where
--gen-attribute might have previously encoded the base address as given
in CBFS -- it probably makes more sense to always have it store a
consistent format (i.e. always flash address).
Also revert the unnecessary check for --base-address in
add_topswap_bootblock() that was added in CB:59877. On closer
inspection, the function actually doesn't use the passed in *offset at
all and uses it purely as an out-parameter. So while our current
Makefile does pass --base-address when adding the bootblock, it actually
has no effect and is redundant for the topswap case.
Signed-off-by: Julius Werner <jwerner@chromium.org>
Change-Id: Idf4721c5b0700789ddb81c1618d740b3e7f486cb
Reviewed-on: https://review.coreboot.org/c/coreboot/+/60018
Tested-by: build bot (Jenkins) <no-reply@coreboot.org>
Reviewed-by: Tim Wawrzynczak <twawrzynczak@chromium.org>
Reviewed-by: Raul Rangel <rrangel@chromium.org>
Reviewed-by: Paul Menzel <paulepanter@mailbox.org>
|
|
The placement calculation logic in cbfs_add_component() has become quite
a mess, and this patch can only fix that to a limited degree. The
interaction between all the different pathways of how the `offset`
variable can be set and at what point exactly the final placement offset
is decided can get quite convoluted. In particular, one existing problem
is that the offset for a file added with the --align flag is decided
before the convert() function is called, which may change the form (and
thereby the size) of the file again after its location was found --
resulting in a location that ends up being too small, or being unable to
find a location for a file that should fit. This used to be okay under
the assumption that forced alignment should really only be necessary for
use cases like XIP where the file is directly "used" straight from its
location on flash in some way, and those cases can never be compressed
-- however, recent AMD platforms have started using the --align flag to
meet the requirements of their SPI DMA controller and broken this
assumption.
This patch fixes that particular problem and hopefully eliminates a bit
of the convolution by moving the offset decision point in the --align
case after the convert() step. This is safe when the steps in-between
(add_topswap_bootblock() and convert() itself) do not rely on the
location having already been decided by --align before that point. For
the topswap case this is easy, because in practice we always call it
with --base-address (and as far as I can tell that's the only way it was
ever meant to work?) -- so codify that assumption in the function. For
convert() this mostly means that the implementations that do touch the
offset variable (mkstage and FSP) need to ensure they take care of the
alignment themselves. The FSP case is particularly complex so I tried to
rewrite the code in a slightly more straight-forward way and clearly
document the supported cases, which should hopefully make it easier to
see that the offset variable is handled correctly in all of them. For
mkstage the best solution seems to be to only have it touch the offset
variable in the XIP case (where we know compression must be disabled, so
we can rely on it not changing the file size later), and have the extra
space for the stage header directly taken care of by do_cbfs_locate() so
that can happen after convert().
NOTE: This is changing the behavior of `cbfstool add -t fsp` when
neither --base-address nor --xip are passed (e.g. FSP-S). Previously,
cbfstool would implicitly force an alignment of 4K. As far as I can tell
from the comments, this is unnecessary because this binary is loaded
into RAM and CBFS placement does not matter, so I assume this is an
oversight caused by accidentally reusing code that was only meant for
the XIP case.
Signed-off-by: Julius Werner <jwerner@chromium.org>
Change-Id: Ia49a585988f7a74944a6630b77b3ebd79b3a9897
Reviewed-on: https://review.coreboot.org/c/coreboot/+/59877
Tested-by: build bot (Jenkins) <no-reply@coreboot.org>
Reviewed-by: Patrick Georgi <patrick@coreboot.org>
Reviewed-by: Raul Rangel <rrangel@chromium.org>
Reviewed-by: Tim Wawrzynczak <twawrzynczak@chromium.org>
|
|
Change-Id: Ib672ba8ed418b1a76e4a48951eabda6923358e7a
Signed-off-by: Arthur Heymans <arthur@aheymans.xyz>
Reviewed-on: https://review.coreboot.org/c/coreboot/+/55581
Reviewed-by: Kyösti Mälkki <kyosti.malkki@gmail.com>
Tested-by: build bot (Jenkins) <no-reply@coreboot.org>
|
|
The -a flag was already implemented, it just wasn't exposed for the
add-payload command.
Setting the alignment of the payload will enable using the SPI DMA
controller to read the payload on AMD devices.
BUG=b:179699789
TEST=cbfstool foo.bin add-payload -a 64 ...
Signed-off-by: Raul E Rangel <rrangel@chromium.org>
Change-Id: I9f4aea5f0cbeaa8e761212041099b37f4718ac39
Reviewed-on: https://review.coreboot.org/c/coreboot/+/55973
Tested-by: build bot (Jenkins) <no-reply@coreboot.org>
Reviewed-by: Martin Roth <martinroth@google.com>
|
|
The dereferced parameter is never updated so passing a copy would work
too.
Change-Id: Ie36f64f55d4fc7034780116c28aaed65aa304d5e
Signed-off-by: Arthur Heymans <arthur@aheymans.xyz>
Reviewed-on: https://review.coreboot.org/c/coreboot/+/55792
Reviewed-by: Julius Werner <jwerner@chromium.org>
Tested-by: build bot (Jenkins) <no-reply@coreboot.org>
|
|
The CBFS stage header is part of the file data (not the header) from
CBFS's point of view, which is problematic for verification: in pre-RAM
environments, there's usually not enough scratch space in CBFS_CACHE to
load the full stage into memory, so it must be directly loaded into its
final destination. However, that destination is decided from reading the
stage header. There's no way we can verify the stage header without
loading the whole file and we can't load the file without trusting the
information in the stage header.
To solve this problem, this patch changes the CBFS stage format to move
the stage header out of the file contents and into a separate CBFS
attribute. Attributes are part of the metadata, so they have already
been verified before the file is loaded.
Since CBFS stages are generally only meant to be used by coreboot itself
and the coreboot build system builds cbfstool and all stages together in
one go, maintaining backwards-compatibility should not be necessary. An
older version of coreboot will build the old version of cbfstool and a
newer version of coreboot will build the new version of cbfstool before
using it to add stages to the final image, thus cbfstool and coreboot's
stage loader should stay in sync. This only causes problems when someone
stashes away a copy of cbfstool somewhere and later uses it to try to
extract stages from a coreboot image built from a different revision...
a debugging use-case that is hopefully rare enough that affected users
can manually deal with finding a matching version of cbfstool.
The SELF (payload) format, on the other hand, is designed to be used for
binaries outside of coreboot that may use independent build systems and
are more likely to be added with a potentially stale copy of cbfstool,
so it would be more problematic to make a similar change for SELFs. It
is not necessary for verification either, since they're usually only
used in post-RAM environments and selfload() already maps SELFs to
CBFS_CACHE before loading them to their final destination anyway (so
they can be hashed at that time).
Signed-off-by: Julius Werner <jwerner@chromium.org>
Change-Id: I8471ad7494b07599e24e82b81e507fcafbad808a
Reviewed-on: https://review.coreboot.org/c/coreboot/+/46484
Tested-by: build bot (Jenkins) <no-reply@coreboot.org>
Reviewed-by: Aaron Durbin <adurbin@chromium.org>
|
|
The --alignment flag is currently only handled by cbfstool add, but
there seems little reason to not handle it for all file-adding commands
(the help text actually mentions it for add-stage as well but it doesn't
currently work there). This patch moves the related code (and the
related baseaddress handling) into cbfs_add_component(). As a nice side
effect this allows us to rearrange cbfs_add_component() such that we can
conclusively determine whether we need a hash attribute before trying to
align the file, allowing that code to correctly infer the final header
size even when a hash attribute was implicitly added (for an image built
with CBFS verification enabled).
Signed-off-by: Julius Werner <jwerner@chromium.org>
Change-Id: Idc6d68b2c7f30e5d136433adb3aec5a87053f992
Reviewed-on: https://review.coreboot.org/c/coreboot/+/47823
Reviewed-by: Patrick Georgi <pgeorgi@google.com>
Tested-by: build bot (Jenkins) <no-reply@coreboot.org>
|
|
To support the new CONFIG_CBFS_VERIFICATION feature, cbfstool needs to
update the metadata hash embedded in the bootblock code every time it
adds or removes a CBFS file. This can lead to problems on certain
platforms where the bootblock needs to be specially wrapped in some
platform-specific data structure so that the platform's masked ROM can
recognize it. If that data structure contains any form of hash or
signature of the bootblock code that is checked on every boot, it will
no longer match if cbfstool modifies it after the fact.
In general, we should always try to disable these kinds of features
where possible (they're not super useful anyway). But for platforms
where the hardware simply doesn't allow that, this patch introduces the
concept of "platform fixups" to cbfstool. Whenever cbfstool finds a
metadata hash anchor in a CBFS image, it will run all built-in "fixup
probe" functions on that bootblock to check if it can recognize it as
the wrapper format for a platform known to have such an issue. If so, it
will register a corresponding fixup function that will run whenever it
tries to write back modified data to that bootblock. The function can
then modify any platform-specific headers as necessary.
As first supported platform, this patch adds a fixup for Qualcomm
platforms (specifically the header format used by sc7180), which
recalculates the bootblock body hash originally added by
util/qualcomm/createxbl.py.
(Note that this feature is not intended to support platform-specific
signature schemes like BootGuard directly in cbfstool. For anything that
requires an actual secret key, it should be okay if the user needs to
run a platform-specific signing tool on the final CBFS image before
flashing. This feature is intended for the normal unsigned case (which
on some platforms may be implemented as signing with a well-known key)
so that on a board that is not "locked down" in any way the normal use
case of manipulating an image with cbfstool and then directly flashing
the output file stays working with CONFIG_CBFS_VERIFICATION.)
Signed-off-by: Julius Werner <jwerner@chromium.org>
Change-Id: I02a83a40f1d0009e6f9561ae5d2d9f37a510549a
Reviewed-on: https://review.coreboot.org/c/coreboot/+/41122
Reviewed-by: Angel Pons <th3fanbus@gmail.com>
Reviewed-by: Aaron Durbin <adurbin@chromium.org>
Tested-by: build bot (Jenkins) <no-reply@coreboot.org>
|
|
This patch adds support for the new CONFIG_CBFS_VERIFICATION feature to
cbfstool. When CBFS verification is enabled, cbfstool must automatically
add a hash attribute to every CBFS file it adds (with a handful of
exceptions like bootblock and "header" pseudofiles that are never read
by coreboot code itself). It must also automatically update the metadata
hash that is embedded in the bootblock code. It will automatically find
the metadata hash by scanning the bootblock for its magic number and use
its presence to auto-detect whether CBFS verification is enabled for an
image (and which hash algorithm to use).
Signed-off-by: Julius Werner <jwerner@chromium.org>
Change-Id: I61a84add8654f60c683ef213b844a11b145a5cb7
Reviewed-on: https://review.coreboot.org/c/coreboot/+/41121
Reviewed-by: Angel Pons <th3fanbus@gmail.com>
Tested-by: build bot (Jenkins) <no-reply@coreboot.org>
|
|
cbfstool has always had a CBFS_FILENAME_ALIGN that forces the filename
field to be aligned upwards to the next 16-byte boundary. This was
presumably done to align the file contents (which used to come
immediately after the filename field).
However, this hasn't really worked right ever since we introduced CBFS
attributes. Attributes come between the filename and the contents, so
what this code currently does is fill up the filename field with extra
NUL-bytes to the boundary, and then just put the attributes behind it
with whatever size they may be. The file contents don't end up with any
alignment guarantee and the filename field is just wasting space.
This patch removes the old FILENAME_ALIGN, and instead adds a new
alignment of 4 for the attributes. 4 seems like a reasonable alignment
to enforce since all existing attributes (with the exception of weird
edge cases with the padding attribute) already use sizes divisible by 4
anyway, and the common attribute header fields have a natural alignment
of 4. This means file contents will also have a minimum alignment
guarantee of 4 -- files requiring a larger guarantee can still be added
with the --alignment flag as usual.
Signed-off-by: Julius Werner <jwerner@chromium.org>
Change-Id: I43f3906977094df87fdc283221d8971a6df01b53
Reviewed-on: https://review.coreboot.org/c/coreboot/+/47827
Tested-by: build bot (Jenkins) <no-reply@coreboot.org>
Reviewed-by: Angel Pons <th3fanbus@gmail.com>
Reviewed-by: Aaron Durbin <adurbin@chromium.org>
|
|
The *location argument to parse_elf_to_stage() is a relic from code all
the way back to 2009 where this function was still used to parse XIP
stages. Nowadays we have a separate parse_elf_to_xip_stage() for that,
so there is no need to heed XIP concerns here. Having a pointer to
represent the location in flash is absolutely irrelevant to a non-XIP
stage, and it is used incorrectly -- we just get lucky that no code path
in cbfstool can currently lead to that value being anything other than
0, otherwise the adjustment of data_start to be no lower than *location
could easily screw things up. This patch removes it.
Signed-off-by: Julius Werner <jwerner@chromium.org>
Change-Id: Ia7f850c0edd7536ed3bef643efaae7271599313d
Reviewed-on: https://review.coreboot.org/c/coreboot/+/49369
Tested-by: build bot (Jenkins) <no-reply@coreboot.org>
Reviewed-by: Angel Pons <th3fanbus@gmail.com>
Reviewed-by: Aaron Durbin <adurbin@chromium.org>
|
|
Fix regression from commit 0dcc0662f3 util/cbfstool: Introduce
concept of mmap_window.
Use of region_end() wraps around at 4 GiB, if utility is run in
32bit userspace. The build completes with an invalid coreboot.rom,
while one can find error message in stdout or make.log:
E: Host address(ffc002e4) not in any mmap window!
Change-Id: Ib9b6b60c7b5031122901aabad7b3aa8d59f1bc68
Signed-off-by: Furquan Shaikh <furquan@google.com>
Signed-off-by: Kyösti Mälkki <kyosti.malkki@gmail.com>
Reviewed-on: https://review.coreboot.org/c/coreboot/+/50618
Tested-by: build bot (Jenkins) <no-reply@coreboot.org>
Reviewed-by: Paul Menzel <paulepanter@users.sourceforge.net>
Reviewed-by: Angel Pons <th3fanbus@gmail.com>
|
|
All x86 platforms until now have memory mapped up to a maximum of
16MiB of SPI flash just below 4G boundary in host address space. For
newer platforms, cbfstool needs to be able to accommodate additional
windows in the host address space for mapping SPI flash size greater
than 16MiB.
This change adds two input parameters to cbfstool ext-win-base and
ext-win-size which a platform can use to provide the details of the
extended window in host address space. The extended window does not
necessarily have to be contiguous with the standard decode window
below 4G. But, it is left upto the platform to ensure that the fmap
sections are defined such that they do not cross the window boundary.
create_mmap_windows() uses the input parameters from the platform for
the extended window and the flash size to determine if extended mmap
window is used. If the entire window in host address space is not
covered by the SPI flash region below the top 16MiB, then mapping is
assumed to be done at the top of the extended window in host space.
BUG=b:171534504
Change-Id: Ie8f95993e9c690e34b0e8e792f9881c81459c6b6
Signed-off-by: Furquan Shaikh <furquan@google.com>
Reviewed-on: https://review.coreboot.org/c/coreboot/+/47882
Reviewed-by: Duncan Laurie <dlaurie@chromium.org>
Reviewed-by: Tim Wawrzynczak <twawrzynczak@chromium.org>
Tested-by: build bot (Jenkins) <no-reply@coreboot.org>
|
|
This change adds the concept of mmap_window to describe how the SPI
flash address space is mapped to host address space on x86
platforms. It gets rid of the assumption that the SPI flash address
space is mapped only below the 4G boundary in host space. This is
required in follow up changes to be able to add more decode windows
for the SPI flash into the host address space.
Currently, a single mmap window is added i.e. the default x86 decode
window of maximum 16MiB size living just below the 4G boundary. If the
window is smaller than 16MiB, then it is mapped at the top of the host
window.
BUG=b:171534504
TEST=Verified using abuild with timeless option for all coreboot
boards that there is no change in the resultant coreboot.rom file.
Change-Id: I8dd3d1c922cc834c1e67f279ffce8fa438d8209c
Signed-off-by: Furquan Shaikh <furquan@google.com>
Reviewed-on: https://review.coreboot.org/c/coreboot/+/47831
Tested-by: build bot (Jenkins) <no-reply@coreboot.org>
Reviewed-by: Tim Wawrzynczak <twawrzynczak@chromium.org>
Reviewed-by: Duncan Laurie <dlaurie@chromium.org>
|
|
This change renames the macro `IS_TOP_ALIGNED_ADDRESS` to
`IS_HOST_SPACE_ADDRESS` to make it clear that the macro checks if
given address is an address in the host space as opposed to the SPI
flash space.
BUG=b:171534504
Change-Id: I84bb505df62ac41f1d364a662be145603c0bd5fa
Signed-off-by: Furquan Shaikh <furquan@google.com>
Reviewed-on: https://review.coreboot.org/c/coreboot/+/47830
Reviewed-by: Tim Wawrzynczak <twawrzynczak@chromium.org>
Reviewed-by: Duncan Laurie <dlaurie@chromium.org>
Tested-by: build bot (Jenkins) <no-reply@coreboot.org>
|
|
cbfstool overloads baseaddress to represent multiple things:
1. Address in SPI flash space
2. Address in host space (for x86 platforms)
3. Offset from end of region (accepted as negative number)
This was done so that the different functions that use these
addresses/offsets don't need to be aware of what the value represents
and can use the helper functions convert_to_from* to get the required
values.
Thus, even if the user provides a negative value to represent offset
from end of region, it was stored as an unsigned integer. There are
special checks in convert_to_from_top_aligned which guesses if the
value provided is really an offset from the end of region and converts
it to an offset from start of region.
This has worked okay until now for x86 platforms because there is a
single fixed decode window mapping the SPI flash to host address
space. However, going forward new platforms might need to support more
decode windows that are not contiguous in the host space. Thus, it is
important to distinguish between offsets from end of region and
addresses in host/SPI flash space and treat them separately.
As a first step towards supporting this requirement for multiple
decode windows on new platforms, this change handles the negative
offset provided as input in dispatch_command before the requested cbfs
operation is performed.
This change adds baseaddress_input, headeroffset_input and
cbfsoffset_input to struct param and converts them to offsets from
start of region before storing into baseaddress, headeroffset and
cbfsoffset if the inputs are negative.
In follow up changes, cbfstool will be extended to add support
for multiple decode windows.
BUG=b:171534504
TEST=Verified using abuild with timeless option for all coreboot
boards that there is no change in the resultant coreboot.rom file.
Change-Id: Ib74a7e6ed9e88fbc5489640d73bedac14872953f
Signed-off-by: Furquan Shaikh <furquan@google.com>
Reviewed-on: https://review.coreboot.org/c/coreboot/+/47829
Reviewed-by: Duncan Laurie <dlaurie@chromium.org>
Reviewed-by: Tim Wawrzynczak <twawrzynczak@chromium.org>
Tested-by: build bot (Jenkins) <no-reply@coreboot.org>
|
|
With the upcoming introduction of CBFS verification, a lot more CBFS
files will have hashes. The current cbfstool default of always printing
hash attributes when they exist will make cbfstool print very messy.
Therefore, hide hash attribute output unless the user passed -v.
It would also be useful to be able to get file attributes like hashes in
machine parseable output. Unfortunately, our machine parseable format
(-k) doesn't really seem designed to be extensible. To avoid breaking
older parsers, this patch adds new attribute output behind -v (which
hopefully no current users pass since it doesn't change anything for -k
at the moment). With this patch cbfstool print -k -v may print an
arbitrary amount of extra tokens behind the predefined ones on a file
line. Tokens always begin with an identifying string (e.g. 'hash'),
followed by extra fields that should be separated by colons. Multiple
tokens are separated by the normal separator character (tab).
cbfstool print -k -v may also print additional information that applies
to the whole CBFS on separate lines. These lines will always begin with
a '[' (which hopefully nobody would use as a CBFS filename character
although we technically have no restrictions at the moment).
Signed-off-by: Julius Werner <jwerner@chromium.org>
Change-Id: I9e16cda393fa0bc1d8734d4b699e30e2ae99a36d
Reviewed-on: https://review.coreboot.org/c/coreboot/+/41119
Tested-by: build bot (Jenkins) <no-reply@coreboot.org>
Reviewed-by: Aaron Durbin <adurbin@chromium.org>
|
|
This patch reduces some code duplication in cbfstool by switching it to
use the CBFS data structure definitions in commonlib rather than its own
private copy. In addition, replace a few custom helpers related to hash
algorithms with the official vboot APIs of the same purpose.
Signed-off-by: Julius Werner <jwerner@chromium.org>
Change-Id: I22eae1bcd76d85fff17749617cfe4f1de55603f4
Reviewed-on: https://review.coreboot.org/c/coreboot/+/41117
Tested-by: build bot (Jenkins) <no-reply@coreboot.org>
Reviewed-by: Aaron Durbin <adurbin@chromium.org>
Reviewed-by: Wim Vervoorn <wvervoorn@eltan.com>
|
|
Our current cbfstool has always added a compression attribute to the
CBFS file header for all files that used the cbfstool_convert_raw()
function (basically anything other than a stage or payload), even if the
compression type was NONE. This was likely some sort of oversight, since
coreboot CBFS reading code has always accepted the absence of a
compression attribute to mean "no compression". This patch fixes the
behavior to avoid adding the attribute in these cases.
Change-Id: Ic4a41152db9df66376fa26096d6f3a53baea51de
Signed-off-by: Julius Werner <jwerner@chromium.org>
Reviewed-on: https://review.coreboot.org/c/coreboot/+/46835
Tested-by: build bot (Jenkins) <no-reply@coreboot.org>
Reviewed-by: Aaron Durbin <adurbin@chromium.org>
|
|
For add-stage command, --pow2page is equivalent of passing
-P log2ceil(sizeof stage). The sizeof stage can be hard to
determine in Makefile to be passed on the commandline.
Change-Id: If4b5329c1df5afe49d27ab10220095d747024ad6
Signed-off-by: Kyösti Mälkki <kyosti.malkki@gmail.com>
Reviewed-on: https://review.coreboot.org/c/coreboot/+/41832
Tested-by: build bot (Jenkins) <no-reply@coreboot.org>
Reviewed-by: Nico Huber <nico.h@gmx.de>
|
|
This change drops the check for IS_TOP_ALIGNED_ADDRESS() before
setting offset to 0 in cbfstool_convert_fsp(). If the user provides a
baseaddress to relocate the FSP to, then the offset should be set to 0
since there is no requirement on where the file ends up in cbfs. This
allows the user to relocate the FSP to an address in lower DRAM.
BUG=b:155322763
Signed-off-by: Furquan Shaikh <furquan@google.com>
Change-Id: Ibeadbf06881f7659b2ac7d62d2152636c853fb9f
Reviewed-on: https://review.coreboot.org/c/coreboot/+/42263
Tested-by: build bot (Jenkins) <no-reply@coreboot.org>
Reviewed-by: Raul Rangel <rrangel@chromium.org>
Reviewed-by: Aaron Durbin <adurbin@chromium.org>
|
|
Used commands:
perl -i -p0e 's|\/\*[\s*]*.*is free software[:;][\s*]*you[\s*]*can[\s*]*redistribute[\s*]*it[\s*]*and\/or[\s*]*modify[\s*]*it[\s*]*under[\s*]*the[\s*]*terms[\s*]*of[\s*]*the[\s*]*GNU[\s*]*General[\s*]*Public[\s*]*License[\s*]*as[\s*]*published[\s*]*by[\s*]*the[\s*]*Free[\s*]*Software[\s*]*Foundation[;,][\s*]*version[\s*]*2[\s*]*of[\s*]*the[\s*]*License.[\s*]*This[\s*]*program[\s*]*is[\s*]*distributed[\s*]*in[\s*]*the[\s*]*hope[\s*]*that[\s*]*it[\s*]*will[\s*]*be[\s*]*useful,[\s*]*but[\s*]*WITHOUT[\s*]*ANY[\s*]*WARRANTY;[\s*]*without[\s*]*even[\s*]*the[\s*]*implied[\s*]*warranty[\s*]*of[\s*]*MERCHANTABILITY[\s*]*or[\s*]*FITNESS[\s*]*FOR[\s*]*A[\s*]*PARTICULAR[\s*]*PURPOSE.[\s*]*See[\s*]*the[\s*]*GNU[\s*]*General[\s*]*Public[\s*]*License[\s*]*for[\s*]*more[\s*]*details.[\s*]*\*\/|/* SPDX-License-Identifier: GPL-2.0-only */|' $(cat filelist)
perl -i -p0e 's|This[\s*]*program[\s*]*is[\s*]*free[\s*]*software[:;][\s*]*you[\s*]*can[\s*]*redistribute[\s*]*it[\s*]*and/or[\s*]*modify[\s*]*it[\s*]*under[\s*]*the[\s*]*terms[\s*]*of[\s*]*the[\s*]*GNU[\s*]*General[\s*]*Public[\s*]*License[\s*]*as[\s*]*published[\s*]*by[\s*]*the[\s*]*Free[\s*]*Software[\s*]*Foundation[;,][\s*]*either[\s*]*version[\s*]*2[\s*]*of[\s*]*the[\s*]*License,[\s*]*or[\s*]*.at[\s*]*your[\s*]*option.*[\s*]*any[\s*]*later[\s*]*version.[\s*]*This[\s*]*program[\s*]*is[\s*]*distributed[\s*]*in[\s*]*the[\s*]*hope[\s*]*that[\s*]*it[\s*]*will[\s*]*be[\s*]*useful,[\s*]*but[\s*]*WITHOUT[\s*]*ANY[\s*]*WARRANTY;[\s*]*without[\s*]*even[\s*]*the[\s*]*implied[\s*]*warranty[\s*]*of[\s*]*MERCHANTABILITY[\s*]*or[\s*]*FITNESS[\s*]*FOR[\s*]*A[\s*]*PARTICULAR[\s*]*PURPOSE.[\s*]*See[\s*]*the[\s*]*GNU[\s*]*General[\s*]*Public[\s*]*License[\s*]*for[\s*]*more[\s*]*details.[\s*]*\*\/|/* SPDX-License-Identifier: GPL-2.0-or-later */|' $(cat filelist)
perl -i -p0e 's|\/\*[\s*]*.*This[\s*#]*program[\s*#]*is[\s*#]*free[\s*#]*software[;:,][\s*#]*you[\s*#]*can[\s*#]*redistribute[\s*#]*it[\s*#]*and/or[\s*#]*modify[\s*#]*it[\s*#]*under[\s*#]*the[\s*#]*terms[\s*#]*of[\s*#]*the[\s*#]*GNU[\s*#]*General[\s*#]*Public[\s*#]*License[\s*#]*as[\s*#]*published[\s*#]*by[\s*#]*the[\s*#]*Free[\s*#]*Software[\s*#]*Foundation[;:,][\s*#]*either[\s*#]*version[\s*#]*3[\s*#]*of[\s*#]*the[\s*#]*License[;:,][\s*#]*or[\s*#]*.at[\s*#]*your[\s*#]*option.*[\s*#]*any[\s*#]*later[\s*#]*version.[\s*#]*This[\s*#]*program[\s*#]*is[\s*#]*distributed[\s*#]*in[\s*#]*the[\s*#]*hope[\s*#]*that[\s*#]*it[\s*#]*will[\s*#]*be[\s*#]*useful[;:,][\s*#]*but[\s*#]*WITHOUT[\s*#]*ANY[\s*#]*WARRANTY[;:,][\s*#]*without[\s*#]*even[\s*#]*the[\s*#]*implied[\s*#]*warranty[\s*#]*of[\s*#]*MERCHANTABILITY[\s*#]*or[\s*#]*FITNESS[\s*#]*FOR[\s*#]*A[\s*#]*PARTICULAR[\s*#]*PURPOSE.[\s*#]*See[\s*#]*the[\s*#]*GNU[\s*#]*General[\s*#]*Public[\s*#]*License[\s*#]*for[\s*#]*more[\s*#]*details.[\s*]*\*\/|/* SPDX-License-Identifier: GPL-3.0-or-later */|' $(cat filelist)
perl -i -p0e 's|(\#\#*)[\w]*.*is free software[:;][\#\s]*you[\#\s]*can[\#\s]*redistribute[\#\s]*it[\#\s]*and\/or[\#\s]*modify[\#\s]*it[\s\#]*under[\s \#]*the[\s\#]*terms[\s\#]*of[\s\#]*the[\s\#]*GNU[\s\#]*General[\s\#]*Public[\s\#]*License[\s\#]*as[\s\#]*published[\s\#]*by[\s\#]*the[\s\#]*Free[\s\#]*Software[\s\#]*Foundation[;,][\s\#]*version[\s\#]*2[\s\#]*of[\s\#]*the[\s\#]*License.*[\s\#]*This[\s\#]*program[\s\#]*is[\s\#]*distributed[\s\#]*in[\s\#]*the[\s\#]*hope[\s\#]*that[\s\#]*it[\s\#]*will[\#\s]*be[\#\s]*useful,[\#\s]*but[\#\s]*WITHOUT[\#\s]*ANY[\#\s]*WARRANTY;[\#\s]*without[\#\s]*even[\#\s]*the[\#\s]*implied[\#\s]*warranty[\#\s]*of[\#\s]*MERCHANTABILITY[\#\s]*or[\#\s]*FITNESS[\#\s]*FOR[\#\s]*A[\#\s]*PARTICULAR[\#\s]*PURPOSE.[\#\s]*See[\#\s]*the[\#\s]*GNU[\#\s]*General[\#\s]*Public[\#\s]*License[\#\s]*for[\#\s]*more[\#\s]*details.\s(#* *\n)*|\1 SPDX-License-Identifier: GPL-2.0-only\n\n|' $(cat filelist)
perl -i -p0e 's|(\#\#*)[\w*]*.*is free software[:;][\s*]*you[\s*]*can[\s*]*redistribute[\s*]*it[\s*]*and\/or[\s*]*modify[\s*]*it[\s*]*under[\s*]*the[\s*]*terms[\s*]*of[\s*]*the[\s*]*GNU[\s*]*General[\s*]*Public[\s*]*License[\s*]*as[\s*]*published[\s*]*by[\s*]*the[\s*]*Free[\s*]*Software[\s*]*Foundation[;,][\s*]*version[\s*]*2[\s*]*of[\s*]*the[\s*]*License.[\s*]*This[\s*]*program[\s*]*is[\s*]*distributed[\s*]*in[\s*]*the[\s*]*hope[\s*]*that[\s*]*it[\s*]*will[\s*]*be[\s*]*useful,[\s*]*but[\s*]*WITHOUT[\s*]*ANY[\s*]*WARRANTY;[\s*]*without[\s*]*even[\s*]*the[\s*]*implied[\s*]*warranty[\s*]*of[\s*]*MERCHANTABILITY[\s*]*or[\s*]*FITNESS[\s*]*FOR[\s*]*A[\s*]*PARTICULAR[\s*]*PURPOSE.[\s*]*See[\s*]*the[\s*]*GNU[\s*]*General[\s*]*Public[\s*]*License[\s*]*for[\s*]*more[\s*]*details.\s(#* *\n)*|\1 SPDX-License-Identifier: GPL-2.0-only\n\n|' $(cat filelist)
Change-Id: I1008a63b804f355a916221ac994701d7584f60ff
Signed-off-by: Patrick Georgi <pgeorgi@google.com>
Signed-off-by: Elyes HAOUAS <ehaouas@noos.fr>
Reviewed-on: https://review.coreboot.org/c/coreboot/+/41177
Tested-by: build bot (Jenkins) <no-reply@coreboot.org>
|
|
We have the git history which is a more reliable librarian.
Change-Id: Idbcc5ceeb33804204e56d62491cb58146f7c9f37
Signed-off-by: Patrick Georgi <pgeorgi@google.com>
Reviewed-on: https://review.coreboot.org/c/coreboot/+/41175
Tested-by: build bot (Jenkins) <no-reply@coreboot.org>
Reviewed-by: ron minnich <rminnich@gmail.com>
|
|
CB:29744 ("util/cbfstool: Add optional argument ibb") added support
for non-ASCII characters for long_options. However, there is a check
later on which errors out since this character is not one of the
commands[i].optstring.
This change adds a function valid_opt() which does the following
things:
1. Checks if the returned optchar is among the list of optstring
supported by the command.
2. Checks if the returned optchar is a valid non-ASCII
option. Currently, we do not maintain a list of non-ASCII options
supported by each command. So, this function returns true if the
optchar returned by getopt_long falls within the allowed range.
Signed-off-by: Furquan Shaikh <furquan@google.com>
Change-Id: I27a4f9af9850e4c892573202904fa9e5fbb64df6
Reviewed-on: https://review.coreboot.org/c/coreboot/+/40375
Tested-by: build bot (Jenkins) <no-reply@coreboot.org>
Reviewed-by: Julius Werner <jwerner@chromium.org>
Reviewed-by: Aaron Durbin <adurbin@chromium.org>
|
|
* Mark files in CBFS as IBB (Initial BootBlock)
* Will be used to identify the IBB by any TEE
Change-Id: Idb4857c894b9ee1edc464c0a1216cdda29937bbd
Signed-off-by: Philipp Deppenwiese <zaolin.daisuki@gmail.com>
Reviewed-on: https://review.coreboot.org/c/coreboot/+/29744
Tested-by: build bot (Jenkins) <no-reply@coreboot.org>
|
|
The flag is useful for updaters to determine which areas to leave
alone, such as VPD (vital product data) regions that are set in
factory and might contain unique (MAC addresses) or hard to obtain
(calibration output) data.
It's also useful to see which regions are marked as such.
Change-Id: Ic0a229d474b32ac156cfabc917714ce9d339bac6
Signed-off-by: Patrick Georgi <pgeorgi@google.com>
Reviewed-on: https://review.coreboot.org/c/coreboot/+/33604
Tested-by: build bot (Jenkins) <no-reply@coreboot.org>
Reviewed-by: Paul Menzel <paulepanter@users.sourceforge.net>
Reviewed-by: Martin Roth <martinroth@google.com>
|
|
The ifittool is used instead. Drop old code.
Change-Id: I70fec5fef9ffd1ba3049badb398783f31aefb02f
Signed-off-by: Patrick Rudolph <patrick.rudolph@9elements.com>
Reviewed-on: https://review.coreboot.org/c/coreboot/+/31496
Tested-by: build bot (Jenkins) <no-reply@coreboot.org>
Reviewed-by: Philipp Deppenwiese <zaolin.daisuki@gmail.com>
|
|
Fix typo of 'top-aligned'
BUG=N/A
TEST=Intel CherryHill CRB
Change-Id: I6dc2f150d8ec245070257384b406a570498400b2
Signed-off-by: Frans Hendriks <fhendriks@eltan.com>
Reviewed-on: https://review.coreboot.org/c/30337
Reviewed-by: Angel Pons <th3fanbus@gmail.com>
Reviewed-by: HAOUAS Elyes <ehaouas@noos.fr>
Reviewed-by: Tristan Corrick <tristan@corrick.kiwi>
Tested-by: build bot (Jenkins) <no-reply@coreboot.org>
|
|
Add an unprocessed flag (-U) which modifies how files are exported.
In the case of a compressed raw file, extract without decompressing.
In the case of a stage or payload, extract without decompressing or
converting to an ELF.
This can be useful for verifying the integrity of a stage or payload,
since converting to an ELF may not be a deterministic process on
different platforms or coreboot versions.
BUG=b:111577108
TEST=USE=cb_legacy_tianocore emerge-eve edk2 coreboot-utils chromeos-bootimage
cd /build/eve/firmware
/build/eve/usr/bin/cbfstool image.bin extract -r RW_LEGACY \
-n payload -f /tmp/payload_1 -U
START=$((16#`xxd -s 20 -l 4 -p tianocore.cbfs`))
SIZE=$((16#`xxd -s 8 -l 4 -p tianocore.cbfs`))
dd if=tianocore.cbfs skip=$START count=$SIZE bs=1 > /tmp/payload_2
diff /tmp/payload_1 /tmp/payload_2
rm /tmp/payload_1 /tmp/payload_2
Change-Id: I351d471d699daedd51adf4a860661877f25607e6
Signed-off-by: Joel Kitching <kitching@chromium.org>
Reviewed-on: https://review.coreboot.org/29616
Tested-by: build bot (Jenkins) <no-reply@coreboot.org>
Reviewed-by: Aaron Durbin <adurbin@chromium.org>
Reviewed-by: Patrick Georgi <pgeorgi@google.com>
Reviewed-by: Julius Werner <jwerner@chromium.org>
|
|
Fix a typo and make comments more consistent (start with
capital letter).
BUG=None
TEST=None
Change-Id: I97bff5e05596fc6973f0729e276a2e45b291120d
Signed-off-by: Joel Kitching <kitching@google.com>
Reviewed-on: https://review.coreboot.org/29025
Tested-by: build bot (Jenkins) <no-reply@coreboot.org>
Reviewed-by: Marc Jones <marc@marcjonesconsulting.com>
|
|
In case multiple FMAP regions are specified, print the FMAP name.
Useful if VBOOT is enabled and multiple CBFS are printed.
Change-Id: Id6f29ebeda8a9bde6dfe39362e0f2a5e33c86b26
Signed-off-by: Patrick Rudolph <patrick.rudolph@9elements.com>
Reviewed-on: https://review.coreboot.org/26862
Reviewed-by: Philipp Deppenwiese <zaolin.daisuki@gmail.com>
Reviewed-by: Paul Menzel <paulepanter@users.sourceforge.net>
Reviewed-by: Aaron Durbin <adurbin@chromium.org>
Tested-by: build bot (Jenkins) <no-reply@coreboot.org>
|
|
Once a second bootblock has been added using topswap (-j)
option, Update the entries in second FIT using -j option with
update-fit command.
Additionally add a -q option which allows to insert the address of
a FMAP region (which should hold a microcode) as the first entry in
the second FIT.
BUG=None
BRANCH=None
TEST= Create ROM images with -j options and update FIT using -q option.
example:
./build/util/cbfstool/cbfstool coreboot.tmp create \
-M build/fmap.fmap -r COREBOOT,FW_MAIN_A,FW_MAIN_B,RW_LEGACY
build/util/cbfstool/cbfstool coreboot.tmp add \
-f build/cbfs/fallback/bootblock.bin -n bootblock -t \
bootblock -b -49152 -j 0x10000
build/util/cbfstool/cbfstool coreboot.tmp add-master-header -j 0x10000
build/util/cbfstool/cbfstool coreboot.tmp add -f build/cpu_microcode_blob.bin \
-n cpu_microcode_blob.bin -t microcode -r COREBOOT -a 16
build/util/cbfstool/cbfstool coreboot.tmp. update-fit \
-n cpu_microcode_blob.bin -x 4 -j 0x10000 -q FW_MAIN_A
Also try the failure scenarion by providing invalid topswap size.
Change-Id: I9a417031c279038903cdf1761a791f2da0fe8644
Signed-off-by: Rizwan Qureshi <rizwan.qureshi@intel.com>
Reviewed-on: https://review.coreboot.org/26836
Reviewed-by: Subrata Banik <subrata.banik@intel.com>
Reviewed-by: Aaron Durbin <adurbin@chromium.org>
Reviewed-by: Furquan Shaikh <furquan@google.com>
Tested-by: build bot (Jenkins) <no-reply@coreboot.org>
|
|
Add an option '-j' which takes the size of topswap boundary.
This option serves both as a bool and a size for creating
a second bootblock to be used with topswap feature in Intel CPUs.
'-j' is also used in conjunction with add-master-header to
update the location of cbfs master header in the second bootblock.
BUG=None
BRANHC=None
TEST=add bootblock entry to the image with -j option specifying different
topswap sizes and also use the -j option for add-master-header.
Change-Id: I3e455dc8b7f54e55f2229491695cf4218d9cfef8
Signed-off-by: Rizwan Qureshi <rizwan.qureshi@intel.com>
Signed-off-by: Aamir Bohra <aamir.bohra@intel.com>
Reviewed-on: https://review.coreboot.org/22537
Reviewed-by: Subrata Banik <subrata.banik@intel.com>
Reviewed-by: Aaron Durbin <adurbin@chromium.org>
Reviewed-by: Furquan Shaikh <furquan@google.com>
Tested-by: build bot (Jenkins) <no-reply@coreboot.org>
|
|
In order to support booting a GNU/Linux payload on non x86, the FIT format
should be used, as it is the defacto standard on ARM.
Due to greater complexity of FIT it is not converted to simple ELF format.
Add support for autodecting FIT payloads and add them as new CBFS_TYPE 'fit'.
The payload is included as is, with no special header.
The code can determine the type at runtime using the CBFS_TYPE field.
Support for parsing FIT payloads in coreboot is added in a follow on
commit.
Compression of FIT payloads is not supported, as the FIT sections might be
compressed itself.
Starting at this point a CBFS payload/ can be either of type FIT or SELF.
Tested on Cavium SoC.
Change-Id: Ic5fc30cd5419eb76c4eb50cca3449caea60270de
Signed-off-by: Patrick Rudolph <patrick.rudolph@9elements.com>
Reviewed-on: https://review.coreboot.org/25860
Tested-by: build bot (Jenkins) <no-reply@coreboot.org>
Reviewed-by: Julius Werner <jwerner@chromium.org>
|
|
Change-Id: I122acaf9129afaa7b3ae8fd50d8717138809132e
Signed-off-by: Elyes HAOUAS <ehaouas@noos.fr>
Reviewed-on: https://review.coreboot.org/26669
Tested-by: build bot (Jenkins) <no-reply@coreboot.org>
Reviewed-by: Patrick Georgi <pgeorgi@google.com>
|
|
It seems this was never used and the usage doesn't mention it either.
Change-Id: I9240c0ed5453beff6ae46fae3748c68a0da30477
Signed-off-by: Nico Huber <nico.h@gmx.de>
Reviewed-on: https://review.coreboot.org/26324
Reviewed-by: Paul Menzel <paulepanter@users.sourceforge.net>
Reviewed-by: Julius Werner <jwerner@chromium.org>
Tested-by: build bot (Jenkins) <no-reply@coreboot.org>
|
|
In preparation of having FIT payloads, which aren't converted to simple ELF,
rename the CBFS type payload to actually show the format the payload is
encoded in.
Another type CBFS_TYPE_FIT will be added to have two different payload
formats. For now this is only a cosmetic change.
Change-Id: I39ee590d063b3e90f6153fe655aa50e58d45e8b0
Signed-off-by: Patrick Rudolph <patrick.rudolph@9elements.com>
Reviewed-on: https://review.coreboot.org/25986
Tested-by: build bot (Jenkins) <no-reply@coreboot.org>
Reviewed-by: Jonathan Neuschäfer <j.neuschaefer@gmx.net>
Reviewed-by: Aaron Durbin <adurbin@chromium.org>
Reviewed-by: Julius Werner <jwerner@chromium.org>
|
|
The layout command prints all FMAP regions in the final image among with
the region size. Extend this command to show the offset of each region
in the image.
Change-Id: I5f945ba046bd2f1cb50a93e90eb887f60c6fde8a
Signed-off-by: Werner Zeh <werner.zeh@siemens.com>
Reviewed-on: https://review.coreboot.org/25851
Tested-by: build bot (Jenkins) <no-reply@coreboot.org>
Reviewed-by: Paul Menzel <paulepanter@users.sourceforge.net>
Reviewed-by: Patrick Georgi <pgeorgi@google.com>
Reviewed-by: Aaron Durbin <adurbin@chromium.org>
|
|
The list of supported architectures in the usage output of cbfstool is
currently hardcoded and outdated.
Use the arch_names array in common.c to provide and up-to-date list.
Change-Id: I3e7ed67c3bfd928b304c314fcc8e1bea35561662
Signed-off-by: Jonathan Neuschäfer <j.neuschaefer@gmx.net>
Reviewed-on: https://review.coreboot.org/25590
Tested-by: build bot (Jenkins) <no-reply@coreboot.org>
Reviewed-by: Patrick Georgi <pgeorgi@google.com>
|
|
The initial lookup for cbfs location for xip stages is implicitly
using the ELF size assuming it's relatively equivalent. However,
if the ELF that is being converted contains debug information or
other metadata then the location lookup can fail because the ELF is
considerably bigger than the real footprint.
BUG=b:70801221
Change-Id: I47024dcd8205a09885d3a3f76e255eb5e3c55d9e
Signed-off-by: Aaron Durbin <adurbin@chromium.org>
Reviewed-on: https://review.coreboot.org/22936
Reviewed-by: Furquan Shaikh <furquan@google.com>
Tested-by: build bot (Jenkins) <no-reply@coreboot.org>
|
|
This patch adds '-p' to the 'add' command. It allows the add
command to specify the size of the padding added with the file
being added. This is useful to reserve an extra space in case
the file is too big to be relocated.
BUG=b:68660966
BRANCH=none
TEST=emerge-fizz coreboot &&
cbfstool image.bin add -n ecrw -f EC_RW.bin -p 0x10 ...
Verify image.bin has extra space in the file header.
Change-Id: I64bc54fd10a453b4da467bc69d9590e61b0f7ead
Signed-off-by: Daisuke Nojiri <dnojiri@chromium.org>
Reviewed-on: https://review.coreboot.org/22239
Tested-by: build bot (Jenkins) <no-reply@coreboot.org>
Reviewed-by: Julius Werner <jwerner@chromium.org>
|
|
It does the opposite to "expand", removing a trailing empty file from
CBFS. It also returns the size of the CBFS post processing on stdout.
BUG=b:65853903
BRANCH=none
TEST=`cbfstool test.bin truncate -r FW_MAIN_A` removes the trailing
empty file in FW_MAIN_A. Without a trailing empty file, the region is
left alone (tested using COREBOOT which comes with a master header
pointer).
Change-Id: I0c747090813898539f3428936afa9d8459adee9c
Signed-off-by: Patrick Georgi <pgeorgi@google.com>
Reviewed-on: https://review.coreboot.org/21608
Tested-by: build bot (Jenkins) <no-reply@coreboot.org>
Reviewed-by: Aaron Durbin <adurbin@chromium.org>
|
|
vboot images come with multiple regions carrying CBFS file systems. To
expedite hashing (from slow flash memory), the FW_MAIN_* regions are
truncated since they typically have pretty large unused space at the
end that is of no interest.
For test purposes it can be useful to re-engage that space, so add a
command that creates a new empty file entry covering that area (except
for the last 4 bytes for the master header pointer, as usual).
BUG=b:65853903
BRANCH=none
TEST=`cbfstool test.bin expand -r FW_MAIN_A` creates a new empty file of
the expected size on a Chrome OS firmware image.
Change-Id: I160c8529ce4bfcc28685166b6d9035ade4f6f1d1
Signed-off-by: Patrick Georgi <pgeorgi@google.com>
Reviewed-on: https://review.coreboot.org/21598
Reviewed-by: Aaron Durbin <adurbin@chromium.org>
Tested-by: build bot (Jenkins) <no-reply@coreboot.org>
|
|
It's a BSD function, also, we missed to include `endian.h`.
Just including `endian.h` doesn't fix the problem for everyone.
Instead of digging deeper, just use our own endian-conversion from
`commonlib`.
Change-Id: Ia781b2258cafb0bcbe8408752a133cd28a888786
Reported-by: Werner Zeh <werner.zeh@siemens.com>
Signed-off-by: Nico Huber <nico.huber@secunet.com>
Reviewed-on: https://review.coreboot.org/18157
Reviewed-by: Paul Menzel <paulepanter@users.sourceforge.net>
Tested-by: build bot (Jenkins)
Reviewed-by: Patrick Georgi <pgeorgi@google.com>
Reviewed-by: Werner Zeh <werner.zeh@siemens.com>
|
|
cbfstool ... add ... -c precompression assumes the input file to be
created by cbfs-compression-tool's compress command and uses that to add
the file with correct metadata.
When adding the locale_*.bin files to Chrome OS images, this provides a
nice speedup (since we can parallelize the precompression and avoid
compressing everything twice) while creating a bit-identical file.
Change-Id: Iadd106672c505909528b55e2cd43c914b95b6c6d
Signed-off-by: Patrick Georgi <pgeorgi@chromium.org>
Reviewed-on: https://review.coreboot.org/18102
Tested-by: build bot (Jenkins)
Reviewed-by: Nico Huber <nico.h@gmx.de>
|
|
It's usually not too interesting, so hide it behind -v.
Change-Id: Icffb5ea4d70300ab06dfa0c9134d265433260368
Signed-off-by: Patrick Georgi <pgeorgi@chromium.org>
Reviewed-on: https://review.coreboot.org/17899
Tested-by: build bot (Jenkins)
Reviewed-by: Aaron Durbin <adurbin@chromium.org>
|
|
We might not care much about this buffer, but we really use it later
on...
Change-Id: Ia16270f836d05d8b454e77de7b5babeb6bb05d6d
Signed-off-by: Patrick Georgi <pgeorgi@chromium.org>
Found-by: Coverity Scan #1294797
Reviewed-on: https://review.coreboot.org/17860
Reviewed-by: Nico Huber <nico.h@gmx.de>
Tested-by: build bot (Jenkins)
|
|
So far, cbfstool write, when used with the -u/-d options (to "fill
upwards/downwards") left the parts of the region alone for which there
was no new data to write.
When adding -i [0..255], these parts are overwritten with the given
value.
BUG=chromium:595715
BRANCH=none
TEST=cbfstool write -u -i 0 ... does the right thing (fill the unused
space with zeroes)
Change-Id: I1b1c0eeed2862bc9fe5f66caae93b08fe21f465c
Signed-off-by: Patrick Georgi <pgeorgi@chromium.org>
Original-Commit-Id: baf378c5f2afdae9946600ef6ff07408a3668fe0
Original-Change-Id: I3752f731f8e6592b1a390ab565aa56e6b7de6765
Original-Signed-off-by: Patrick Georgi <pgeorgi@google.com>
Original-Reviewed-on: https://chromium-review.googlesource.com/417319
Original-Commit-Ready: Patrick Georgi <pgeorgi@chromium.org>
Original-Tested-by: Patrick Georgi <pgeorgi@chromium.org>
Original-Reviewed-by: Stefan Reinauer <reinauer@chromium.org>
Reviewed-on: https://review.coreboot.org/17787
Tested-by: build bot (Jenkins)
Reviewed-by: Martin Roth <martinroth@google.com>
|
|
We never specified what value add-int should write by default.
Change-Id: I240be4842fc374690c4a718fc4d8f0a03d63003c
Signed-off-by: Patrick Georgi <pgeorgi@chromium.org>
Reviewed-on: https://review.coreboot.org/17796
Tested-by: build bot (Jenkins)
Reviewed-by: Martin Roth <martinroth@google.com>
Reviewed-by: Paul Menzel <paulepanter@users.sourceforge.net>
|
|
Change-Id: Ic5a3be1128f2f9a53d21e0a2c577192962260df6
Signed-off-by: Patrick Georgi <pgeorgi@chromium.org>
Reviewed-on: https://review.coreboot.org/17018
Tested-by: build bot (Jenkins)
Reviewed-by: Werner Zeh <werner.zeh@siemens.com>
Reviewed-by: Paul Menzel <paulepanter@users.sourceforge.net>
|
|
Add a --force/-F option and enable it for cbfstool write, where it has
the effect of not testing if the fmap region contains a CBFS or if the
data to write is a CBFS image.
Change-Id: I02f72841a20db3d86d1b67ccf371bd40bb9a4d51
Signed-off-by: Patrick Georgi <pgeorgi@chromium.org>
Reviewed-on: https://review.coreboot.org/16998
Tested-by: build bot (Jenkins)
Reviewed-by: Paul Menzel <paulepanter@users.sourceforge.net>
Reviewed-by: Martin Roth <martinroth@google.com>
|
|
Change-Id: I66de6a33b43c284198c0a0a97c5c6a10f9b96e02
Signed-off-by: Nico Huber <nico.h@gmx.de>
Reviewed-on: https://review.coreboot.org/16019
Tested-by: build bot (Jenkins)
Reviewed-by: Omar Pakker
Reviewed-by: Paul Menzel <paulepanter@users.sourceforge.net>
Reviewed-by: Stefan Reinauer <stefan.reinauer@coreboot.org>
|
|
The interface to strtoul() is a weird mess. It may or may not set errno
if no conversion is done. So check for empty strings and trailing
characters.
Change-Id: I82373d2a0102fc89144bd12376b5ea3b10c70153
Signed-off-by: Nico Huber <nico.h@gmx.de>
Reviewed-on: https://review.coreboot.org/16012
Tested-by: build bot (Jenkins)
Reviewed-by: Idwer Vollering <vidwer@gmail.com>
Reviewed-by: Julius Werner <jwerner@chromium.org>
Reviewed-by: Paul Menzel <paulepanter@users.sourceforge.net>
Reviewed-by: Stefan Reinauer <stefan.reinauer@coreboot.org>
Reviewed-by: Patrick Georgi <pgeorgi@google.com>
|
|
If '-b' isn't passed when adding an FSP file type to CBFS allow
the currently linked address to be used. i.e. don't relocate the
FSP module and just add it to CBFS.
Change-Id: I61fefd962ca9cf8aff7a4ca2bea52341ab41d67b
Signed-off-by: Aaron Durbin <adurbin@chromium.org>
Reviewed-on: https://review.coreboot.org/14839
Tested-by: build bot (Jenkins)
Reviewed-by: Furquan Shaikh <furquan@google.com>
|
|
FSP 2.0 uses the same relocate logic as FSP 1.1. Thus, rename
fsp1_1_relocate to more generic fsp_component_relocate that can be
used by cbfstool to relocate either FSP 1.1 or FSP 2.0
components. Allow FSP1.1 driver to still call fsp1_1_relocate which
acts as a wrapper for fsp_component_relocate.
Change-Id: I14a6efde4d86a340663422aff5ee82175362d1b0
Signed-off-by: Furquan Shaikh <furquan@google.com>
Reviewed-on: https://review.coreboot.org/14749
Tested-by: build bot (Jenkins)
Reviewed-by: Aaron Durbin <adurbin@chromium.org>
Reviewed-by: Werner Zeh <werner.zeh@siemens.com>
|
|
Currently, convert_fsp assumes that the component is always XIP. This
is no longer true with FSP 2.0 and Apollolake platform. Thus, add the
option -y|--xip for FSP which will allow the caller to mention whether
the FSP component being added is XIP or not. Add this option to
Makefiles of current FSP drivers (fsp1_0 and fsp1_1).
Change-Id: I1e41d0902bb32afaf116bb457dd9265a5bcd8779
Signed-off-by: Furquan Shaikh <furquan@google.com>
Reviewed-on: https://review.coreboot.org/14748
Reviewed-by: Aaron Durbin <adurbin@chromium.org>
Tested-by: build bot (Jenkins)
|
|
A previous patch [1] to make top-aligned addresses work within per
fmap regions caused a significant regression in the semantics of
adding programs that need to be execute-in-place (XIP) on x86
systems. Correct the regression by providing new function,
convert_to_from_absolute_top_aligned(), which top aligns against
the entire boot media.
[1] 9731119b cbfstool: make top-aligned address work per-region
Change-Id: I3b685abadcfc76dab8846eec21e9114a23577578
Signed-off-by: Aaron Durbin <adurbin@chromium.org>
Reviewed-on: https://review.coreboot.org/14608
Tested-by: build bot (Jenkins)
Reviewed-by: Duncan Laurie <dlaurie@google.com>
Reviewed-by: Furquan Shaikh <furquan@google.com>
|
|
This reverts commit 272a1f05b943d781acb8c04c01874bde9df3b774.
In Chrome OS this command's usage was dropped in favor of another
solution. As it's not used drop the support for it.
Change-Id: I58b51446d3a8b5fed7fc391025225fbe38ffc007
Signed-off-by: Aaron Durbin <adurbin@chromium.org>
Reviewed-on: https://review.coreboot.org/14261
Tested-by: build bot (Jenkins)
Reviewed-by: Paul Menzel <paulepanter@users.sourceforge.net>
Reviewed-by: Martin Roth <martinroth@google.com>
Reviewed-by: Patrick Georgi <pgeorgi@google.com>
|
|
While assembling CBFS images within the RW slots on Chrome OS
machines the current approach is to 'cbfstool copy' from the
RO CBFS to each RW CBFS. Additional fixups are required such
as removing unneeded files from the RW CBFS (e.g. verstage)
as well as removing and adding back files with the proper
arguments (FSP relocation as well as romstage XIP relocation).
This ends up leaving holes in the RW CBFS. To speed up RW
CBFS slot hashing it's beneficial to pack all non-empty files
together at the beginning of the CBFS. Therefore, provide
the 'compact' command which bubbles all the empty entries to
the end of the CBFS.
Change-Id: I8311172d71a2ccfccab384f8286cf9f21a17dec9
Signed-off-by: Aaron Durbin <adurbin@chromium.org>
Reviewed-on: https://review.coreboot.org/13479
Tested-by: build bot (Jenkins)
Reviewed-by: Patrick Georgi <pgeorgi@google.com>
|
|
In order to more easily process the output of 'cbfstool print'
with other tools provide a -k option which spits out the
tab-separated header and fields:
Name Offset Type Metadata Size Data Size Total Size
ALIGN_UP(Offset + Total Size, 64) would be the start
of the next entry. Also, one can analzye the overhead
and offsets of each file more easily.
Example output (note: tabs aren't in here):
$ ./coreboot-builds/sharedutils/cbfstool/cbfstool test.serial.bin print
-r FW_MAIN_A -k
Performing operation on 'FW_MAIN_A' region...
Name Offset Type Metadata Size Data Size Total Size
cmos_layout.bin 0x0 cmos_layout 0x38 0x48c 0x4c4
dmic-2ch-48khz-16b.bin 0x500 raw 0x48 0xb68 0xbb0
dmic-2ch-48khz-32b.bin 0x10c0 raw 0x48 0xb68 0xbb0
nau88l25-2ch-48khz-24b.bin 0x1c80 raw 0x48 0x54 0x9c
ssm4567-render-2ch-48khz-24b.bin 0x1d40 raw 0x58 0x54 0xac
ssm4567-capture-4ch-48khz-32b.bin 0x1e00 raw 0x58 0x54 0xac
vbt.bin 0x1ec0 optionrom 0x38 0x1000 0x1038
spd.bin 0x2f00 spd 0x38 0x600 0x638
config 0x3540 raw 0x38 0x1ab7 0x1aef
revision 0x5040 raw 0x38 0x25e 0x296
font.bin 0x5300 raw 0x38 0x77f 0x7b7
vbgfx.bin 0x5ac0 raw 0x38 0x32f8 0x3330
locales 0x8e00 raw 0x28 0x2 0x2a
locale_en.bin 0x8e40 raw 0x38 0x29f6 0x2a2e
u-boot.dtb 0xb880 mrc_cache 0x38 0xff1 0x1029
(empty) 0xc8c0 null 0x64 0xadf4 0xae58
fallback/ramstage 0x17740 stage 0x38 0x15238 0x15270
(empty) 0x2c9c0 null 0x64 0xd2c4 0xd328
fallback/payload 0x39d00 payload 0x38 0x12245 0x1227d
cpu_microcode_blob.bin 0x4bf80 microcode 0x60 0x17000 0x17060
(empty) 0x63000 null 0x28 0x37cf98 0x37cfc0
Change-Id: I1c5f8c1b5f2f980033d6c954c9840299c6268431
Signed-off-by: Aaron Durbin <adurbin@chromium.org>
Reviewed-on: https://review.coreboot.org/13475
Tested-by: build bot (Jenkins)
Reviewed-by: Patrick Georgi <pgeorgi@google.com>
|
|
There can be an error when a cbfs file is added aligned or as
xip-stage and hashing of this file is enabled. This commit
resolves this error. Though adding a file to a fixed position
while hashing is used can still lead to errors.
Change-Id: Icd98d970891410538909db2830666bf159553133
Signed-off-by: Werner Zeh <werner.zeh@siemens.com>
Reviewed-on: https://review.coreboot.org/13136
Tested-by: build bot (Jenkins)
Reviewed-by: Aaron Durbin <adurbin@chromium.org>
Reviewed-by: Patrick Georgi <pgeorgi@google.com>
|
|
Add functionality to cbfstool to generate file attributes
for position and alignment constraints. This new feature
can be activated with the -g option and will generate,
once the option has been enabled, additional attributes
for the files where position, xip or alignment was specified.
Change-Id: I3db9bd2c20d26b168bc7f320362ed41be349ae3a
Signed-off-by: Werner Zeh <werner.zeh@siemens.com>
Reviewed-on: https://review.coreboot.org/12967
Reviewed-by: Aaron Durbin <adurbin@chromium.org>
Tested-by: build bot (Jenkins)
|
|
cbfs_add calculated a base address out of the alignment specification
and stored it in param.baseaddress.
This worked when every cbfstool invocation only added a single file, but
with -r REGION1,REGION2,... multiple additions can happen.
In that case, the second (and later) additions would have both alignment
and baseaddress set, which isn't allowed, aborting the process.
Change-Id: I8c5a512dbe3c97e08c5bcd92b5541b58f65c63b3
Signed-off-by: Patrick Georgi <pgeorgi@chromium.org>
Reviewed-on: https://review.coreboot.org/13063
Tested-by: build bot (Jenkins)
Reviewed-by: Stefan Reinauer <stefan.reinauer@coreboot.org>
|
|
cbfstool tries opening the input file for write access even if the
command does not require modifying the file.
Let's not request write access unless it is necessary, this way one
can examine write protected files without sudo.
BRANCH=none
BUG=none
TEST=running
cbfstool /build/<board>/firmware/image.bin print
in chroot does not require root access any more.
Change-Id: Ic4e4cc389b160da190e44a676808f5c4e6625567
Signed-off-by: Patrick Georgi <pgeorgi@chromium.org>
Original-Commit-Id: ef6a8e25d9e257d7de4cc6b94e510234fe20a56d
Original-Change-Id: I871f32f0662221ffbdb13bf0482cb285ec184d07
Original-Signed-off-by: Vadim Bendebury <vbendeb@chromium.org>
Original-Reviewed-on: https://chromium-review.googlesource.com/317300
Original-Reviewed-by: Aaron Durbin <adurbin@chromium.org>
Reviewed-on: https://review.coreboot.org/12931
Tested-by: build bot (Jenkins)
Reviewed-by: Martin Roth <martinroth@google.com>
|
|
hashcbfs was spliced in a line early, mixing up 'extract' and 'cbfshash'
help texts.
Change-Id: I86d4edb9eec0685a290b2dd4c2dc45d3611eba9a
Signed-off-by: Patrick Georgi <pgeorgi@chromium.org>
Reviewed-on: https://review.coreboot.org/12922
Tested-by: build bot (Jenkins)
Reviewed-by: Werner Zeh <werner.zeh@siemens.com>
Reviewed-by: Aaron Durbin <adurbin@chromium.org>
|
|
Remove duplicate line which sets baseaddress parameter.
Change-Id: Idfbb0297e413344be892fa1ecc676a64d20352bf
Signed-off-by: Werner Zeh <werner.zeh@siemens.com>
Reviewed-on: https://review.coreboot.org/12904
Tested-by: build bot (Jenkins)
Reviewed-by: Patrick Georgi <pgeorgi@google.com>
Reviewed-by: Paul Menzel <paulepanter@users.sourceforge.net>
|
|
The cbfs master header's offset and romsize fields are absolute values
within the boot media proper. Therefore, when adding a master header
provide the offset of the CBFS region one is operating on as well as
the absolute end offset (romsize) to match expectations.
Built with and without CBFS_SIZE != ROM_SIZE on x86 and ARM device. Manually
inspected the master headers within the images to confirm proper caclulations.
Change-Id: Id0623fd713ee7a481ce3326f4770c81beda20f64
Signed-off-by: Aaron Durbin <adurbin@chromium.org>
Reviewed-on: https://review.coreboot.org/12825
Tested-by: build bot (Jenkins)
Tested-by: Raptor Engineering Automated Test Stand <noreply@raptorengineeringinc.com>
Reviewed-by: Timothy Pearson <tpearson@raptorengineeringinc.com>
|
|
For the purposes of maintaining integrity of a CBFS allow one to
hash a CBFS over a given region. The hash consists of all file
metadata and non-empty file data. The resulting digest is saved
to the requested destination region.
BUG=chrome-os-partner:48412
BUG=chromium:445938
BRANCH=None
TEST=Integrated with glados chrome os build. vboot verification
works using the same code to generate the hash in the tooling
as well as at runtime on the board in question.
Change-Id: Ib0d6bf668ffd6618f5f73e1217bdef404074dbfc
Signed-off-by: Aaron Durbin <adurbin@chromium.org>
Reviewed-on: https://review.coreboot.org/12790
Tested-by: build bot (Jenkins)
Reviewed-by: Patrick Georgi <pgeorgi@google.com>
|
|
These need to go together, so the commit became a bit larger than
typial.
- Add an option -R for the copy source fmap region.
Use: cbfstool copy -r target-region -R source-region.
- Don't generate a CBFS master header because for fmap regions, we
assume that the region starts with a file header.
Use cbfstool add-master-header to add it afterwards, if necessary.
- Don't copy files of type "cbfs master header" (which are what cbfstool
add-master-header creates)
- Leave room for the master header pointer
- Remove -D command line option as it's no longer used.
BUG=chromium:445938
BRANCH=none
TEST=Manual test on image and integration test w/ bundle_firmware
changes.
CQ-DEPEND=CL:313770,CL:313771
Change-Id: I2a11cda42caee96aa763f162b5f3bc11bb7992f9
Signed-off-by: Patrick Georgi <pgeorgi@google.com>
Signed-off-by: Aaron Durbin <adurbin@chromium.org>
Reviewed-on: https://review.coreboot.org/12788
Tested-by: build bot (Jenkins)
|
|
This allows adding support for FMAP based cbfstool copy more easily.
BUG=chromium:445938
Change-Id: I72e7bc4da7d27853e324400f76f86136e3d8726e
Signed-off-by: Patrick Georgi <pgeorgi@google.com>
Reviewed-on: https://review.coreboot.org/12787
Tested-by: build bot (Jenkins)
|
|
The former interpretation sprung from the x86 way of doing things
(assuming top-alignment to 4GB). Extend the mechanism to work with CBFS
regions residing elsewhere.
It's compatible with x86 because the default region there resides at the
old location, so things fall in place. It also makes more complex
layouts and non-x86 layouts work with negative base addresses.
Change-Id: Ibcde973d85bad5d1195d657559f527695478f46c
Signed-off-by: Patrick Georgi <pgeorgi@chromium.org>
Reviewed-on: https://review.coreboot.org/12683
Reviewed-by: Aaron Durbin <adurbin@chromium.org>
Tested-by: build bot (Jenkins)
|
|
The help text had gotten kind of sloppy. There was a missing newline
in the add-stage command, some of the lines were too long, etc.
Change-Id: If7bdc519ae062fb4ac6fc67e6b55af1e80eabe33
Signed-off-by: Martin Roth <martinroth@google.com>
Reviewed-on: https://review.coreboot.org/12646
Tested-by: build bot (Jenkins)
Reviewed-by: Paul Menzel <paulepanter@users.sourceforge.net>
Reviewed-by: Alexander Couzens <lynxis@fe80.eu>
|
|
It encourages users from writing to the FSF without giving an address.
Linux also prefers to drop that and their checkpatch.pl (that we
imported) looks out for that.
This is the result of util/scripts/no-fsf-addresses.sh with no further
editing.
Change-Id: Ie96faea295fe001911d77dbc51e9a6789558fbd6
Signed-off-by: Patrick Georgi <pgeorgi@chromium.org>
Reviewed-on: http://review.coreboot.org/11888
Tested-by: build bot (Jenkins)
Reviewed-by: Alexandru Gagniuc <mr.nuke.me@gmail.com>
Reviewed-by: Ronald G. Minnich <rminnich@gmail.com>
|
|
In order to prepare allowing for one to extract a stage
into an ELF file provide an optional -m ARCH option. This
allows one to indicate to cbfstool what architecture type
the ELF file should be in.
Longer term each stage and payload will have an attribute
associated with it which indicates the attributes of
the executable.
Change-Id: Id190c9719908afa85d5a3b2404ff818009eabb4c
Signed-off-by: Aaron Durbin <adurbin@chromium.org>
Reviewed-on: http://review.coreboot.org/12217
Tested-by: build bot (Jenkins)
Reviewed-by: Patrick Georgi <pgeorgi@google.com>
Reviewed-by: Paul Menzel <paulepanter@users.sourceforge.net>
|
|
Cygwin complains:
cbfstool.c: 1075:5 error: array subscript has type 'char' [-Werror=char-subscripts]
so add an explicit cast.
Change-Id: Ie89153518d6af2bacce3f48fc7952fee17a688dd
Signed-off-by: Stefan Reinauer <stefan.reinauer@coreboot.org>
Reviewed-on: http://review.coreboot.org/11666
Tested-by: build bot (Jenkins)
Reviewed-by: Zheng Bao <zheng.bao@amd.com>
Reviewed-by: Julius Werner <jwerner@chromium.org>
Reviewed-by: Ronald G. Minnich <rminnich@gmail.com>
|
|
Change-Id: Iaee7e2c74fe9f63d4d4878278bd445af393942f4
Signed-off-by: Patrick Georgi <pgeorgi@google.com>
Reviewed-on: http://review.coreboot.org/11920
Tested-by: build bot (Jenkins)
Reviewed-by: Aaron Durbin <adurbin@chromium.org>
Reviewed-by: Paul Menzel <paulepanter@users.sourceforge.net>
|
|
When adding an FSP blob relocate it to its final
destination. This allows FSP to not be hard coded in
the cbfs. In order for the include paths to work
correctly w/ the edk 2 headers we need to supply
a neutered ProcessorBind.h to match up with the
tool environment such that one can get the UEFI
Platform Initialization type definitions.
BUG=chrome-os-partner:44827
BRANCH=None
TEST=Built glados and booted. Also added FSP with -b and manually
adjusted location in fsp cache-as-ram. Booted as well.
Change-Id: I830d93578fdf745a51195109cf18d94a83ee8cd3
Signed-off-by: Aaron Durbin <adurbin@chromium.org>
Reviewed-on: http://review.coreboot.org/11778
Tested-by: build bot (Jenkins)
Reviewed-by: Patrick Georgi <pgeorgi@google.com>
|
|
They allow optimizing a verification of a whole CBFS image by only
dealing with the headers (assuming you choose to trust the hash
algorithm(s)).
The format allows for multiple hashes for a single file, and cbfstool
can handle them, but right now it can't generate such headers.
Loosely based on Sol's work in http://review.coreboot.org/#/c/10147/,
but using the compatible file attribute format. vboot is now a hard
dependency of the build process, but we import it into the tree for
quite a while now.
Change-Id: I9f14f30537d676ce209ad612e7327c6f4810b313
Signed-off-by: Patrick Georgi <patrick@georgi-clan.de>
Reviewed-on: http://review.coreboot.org/11767
Tested-by: build bot (Jenkins)
Reviewed-by: Aaron Durbin <adurbin@chromium.org>
|
|
Up to now, if both fmap and a master header existed, the master header
was used. Now, use the master header only if no fmap is found.
Change-Id: Iafbf2c9dc325597e23a9780b495549b5d912e9ad
Signed-off-by: Patrick Georgi <pgeorgi@chromium.org>
Reviewed-on: http://review.coreboot.org/11629
Tested-by: build bot (Jenkins)
Reviewed-by: Aaron Durbin <adurbin@chromium.org>
|