The support for RELOCATABLE_RAMSTAGE was accidentally omitted in
the vboot loader. Add said support.
Change-Id: I569918823253c33f698acefd6a619133543c7aef
Signed-off-by: Aaron Durbin <adurbin@chromium.org>
Reviewed-on: http://review.coreboot.org/10184
Reviewed-by: Stefan Reinauer <stefan.reinauer@coreboot.org>
Tested-by: build bot (Jenkins)
The vboot library currently relies on link-time known
address and sizes of the work buffer. Not all platforms
can provide such semantics. Therefore, add an option
to use cbmem for the work buffer. This implies such platforms
can only do verification of the firmware after main memory
has been initialized.
Change-Id: If0b0f6b2a187b5c1fb56af08b6cb384a935be096
Signed-off-by: Aaron Durbin <adurbin@chromium.org>
Reviewed-on: http://review.coreboot.org/10157
Tested-by: build bot (Jenkins)
Reviewed-by: Patrick Georgi <pgeorgi@google.com>
Instead of using the symbols directly provide a size
function to provide symmetry between getting the work
data and size. It also allows for an abstraction where
the linker symbols may not be the only source of this
information.
Change-Id: I4568064a0050d118c3544ab1ea59a08eb0bad8e4
Signed-off-by: Aaron Durbi <adurbin@chromium.org>
Reviewed-on: http://review.coreboot.org/10156
Tested-by: build bot (Jenkins)
Reviewed-by: Patrick Georgi <pgeorgi@google.com>
vboot_verify_firmware() was only defined to ease upstreaming.
It was only an empty inline as it is so remove it. Additionally,
vboot2 does not require romstage_handoff so there's no need in
adding it for the nyan boards.
Change-Id: I4d84ac9fb60c756cf10742f26503f7f11af5f57b
Signed-off-by: Aaron Durbin <adurbin@chromium.org>
Reviewed-on: http://review.coreboot.org/10155
Tested-by: build bot (Jenkins)
Reviewed-by: Patrick Georgi <pgeorgi@google.com>
As previously done the vboot loader can be optionally
inserted in the stage loading logic in order to
decide the source of each stage. This current patch
allows for verstage to be loaded and interrogated
for the source of all subsequent stages. Additionally,
it's also possible to build this logic directly into
one of the additional stages.
Note that this patch does not allow x86 to work.
Change-Id: Iece018f01b220720c2803dc73c60b2c080d637d0
Signed-off-by: Aaron Durbin <adurbin@chromium.org>
Reviewed-on: http://review.coreboot.org/10154
Reviewed-by: Patrick Georgi <pgeorgi@google.com>
Tested-by: build bot (Jenkins)
This make it pass through -fno-stack-protector, and also uses
libverstage fields consistently.
verstage is for 'stage' stuff, libverstage for all the vboot logic.
Change-Id: I3032e072414bed52effd2dc5057896781ad562c6
Signed-off-by: Patrick Georgi <pgeorgi@google.com>
Reviewed-on: http://review.coreboot.org/10174
Reviewed-by: Aaron Durbin <adurbin@chromium.org>
Tested-by: build bot (Jenkins)
In order to allow easier setting of variables without
changing mainboards and/or chipset Kconfig files allow
the vboot options to be selected by the user.
Change-Id: I6e995eb209b4cd63c73ef679d0c5699759d129f5
Signed-off-by: Aaron Durbin <adurbin@chromium.org>
Reviewed-on: http://review.coreboot.org/10153
Tested-by: build bot (Jenkins)
Reviewed-by: Patrick Georgi <pgeorgi@google.com>
The VB_FIRMWARE_ARCH variable was not being set correctly,
and the VBOOT_STARTS_IN_BOOTBLOCK Kconfig option was not properly
prefixed with CONFIG_. Correct both of these oversights.
Change-Id: Id27974c285d2629bd47b90b6a93aca1ec8a76512
Signed-off-by: Aaron Durbin <adurbin@chromium.org>
Reviewed-on: http://review.coreboot.org/10152
Tested-by: build bot (Jenkins)
Reviewed-by: Patrick Georgi <pgeorgi@google.com>
Somewhere along the development path the following
vboot functions were dropped:
int vboot_enable_developer(void)
int vboot_enable_recovery(void)
Add them back, but also refactor the flag extraction
so as not duplicate all that same logic.
Change-Id: Id58f3b99f29caeff98b2d3111cfa28241d15b54f
Signed-off-by: Aaron Durbin <adurbin@chromium.org>
Reviewed-on: http://review.coreboot.org/10151
Tested-by: build bot (Jenkins)
Reviewed-by: Patrick Georgi <pgeorgi@google.com>
Change-Id: I9cbdf06f4d0956b5374915f8af7501c6f75b4687
Signed-off-by: Patrick Georgi <pgeorgi@chromium.org>
Reviewed-on: http://review.coreboot.org/10113
Tested-by: build bot (Jenkins)
Reviewed-by: Patrick Georgi <pgeorgi@google.com>
This allows providing a verified boot mechanism in the
default distribution, as well as reusing vboot code like
its crypto primitives for reasonably secure checksums over
CBFS files.
Change-Id: I729b249776b2bf7aa4b2f69bb18ec655b9b08d90
Signed-off-by: Patrick Georgi <pgeorgi@chromium.org>
Reviewed-on: http://review.coreboot.org/10107
Tested-by: build bot (Jenkins)
Reviewed-by: Stefan Reinauer <stefan.reinauer@coreboot.org>
There's now room for other repositories under 3rdparty.
Change-Id: I51b02d8bf46b5b9f3f8a59341090346dca7fa355
Signed-off-by: Patrick Georgi <pgeorgi@chromium.org>
Reviewed-on: http://review.coreboot.org/10109
Tested-by: build bot (Jenkins)
Reviewed-by: Stefan Reinauer <stefan.reinauer@coreboot.org>
To move 3rdparty to 3rdparty/blobs (ie. below itself
from git's broken perspective), we need to work around
it - since some git implementations don't like the direct
approach.
Change-Id: I1fc84bbb37e7c8c91ab14703d609a739b5ca073c
Signed-off-by: Patrick Georgi <pgeorgi@chromium.org>
Reviewed-on: http://review.coreboot.org/10108
Tested-by: build bot (Jenkins)
Reviewed-by: Stefan Reinauer <stefan.reinauer@coreboot.org>
verstage still needs to be built with its flags.
Change-Id: I125e4be283d3838fc7ce6587bf9996731540d517
Signed-off-by: Aaron Durbin <adurbin@chromium.org>
Signed-off-by: Patrick Georgi <pgeorgi@chromium.org>
Reviewed-on: http://review.coreboot.org/10098
Tested-by: build bot (Jenkins)
The name is more consistent with what we have elsewhere,
and the callsite didn't build at all (with vboot enabled)
Change-Id: I3576f3b8f737d360f68b67b6ce1683199948776d
Signed-off-by: Aaron Durbin <adurbin@chromium.org>
Signed-off-by: Patrick Georgi <pgeorgi@chromium.org>
Reviewed-on: http://review.coreboot.org/10096
Tested-by: build bot (Jenkins)
It's not used at all.
Change-Id: I97bf02a9277f6ca348443c6886f77b4dfc70da78
Signed-off-by: Aaron Durbin <adurbin@chromium.org>
Signed-off-by: Patrick Georgi <pgeorgi@chromium.org>
Reviewed-on: http://review.coreboot.org/10095
Tested-by: build bot (Jenkins)
As the first step in adding support for FSP 1.1, add common header files
for EDK2. Internally FSP is based upon EDK2 and uses the defines and
data structures within these files for its interface.
These files come from revision 16227 of the open source EDK2 tree at
https://svn.code.sf.net/p/edk2/code/trunk/edk2. These files are
provided in an EDK2 style tree to allow direct comparison with the EDK2
tree.
Updates may be done manually to these files but only to support FSP 1.1
on UEFI 2.4. A uefi_2.5 tree should be added in the future as FSP
binaries migrate to UEFI 2.5.
Note: All the files were modified to use Linux line termination.
BRANCH=none
BUG=None
TEST=Build for Braswell or Skylake boards using FSP 1.1.
Change-Id: Ide5684b7eb6392e12f9f2f24215f5370c2d47c70
Signed-off-by: Lee Leahy <leroy.p.leahy@intel.com>
Reviewed-on: http://review.coreboot.org/9943
Tested-by: build bot (Jenkins)
Reviewed-by: Paul Menzel <paulepanter@users.sourceforge.net>
Reviewed-by: Patrick Georgi <pgeorgi@google.com>
The build system includes a bunch of files into verstage that
also exist in romstage - generic drivers etc.
These create link time conflicts when trying to link both the
verstage copy and romstage copy together in a combined configuration,
so separate "stage" parts (that allow things to run) from "library" parts
(that contain the vboot specifics).
Change-Id: Ieed910fcd642693e5e89e55f3e6801887d94462f
Signed-off-by: Patrick Georgi <pgeorgi@chromium.org>
Reviewed-on: http://review.coreboot.org/10041
Tested-by: build bot (Jenkins)
Reviewed-by: Paul Menzel <paulepanter@users.sourceforge.net>
Reviewed-by: Aaron Durbin <adurbin@chromium.org>
Builds with CHROMEOS fail due to missing includes.
Change-Id: I8c88bca8f8cc3247d3f3311777f794c4fdfee3c1
Signed-off-by: Patrick Georgi <pgeorgi@chromium.org>
Reviewed-on: http://review.coreboot.org/10029
Tested-by: build bot (Jenkins)
Reviewed-by: Aaron Durbin <adurbin@chromium.org>
The ChromeOS machines employing vboot verfication require
different combinations of support:
1. When vboot verification starts.
2. Is the vboot code a separate stage or program?
3. If a separate stage, does the that vboot program (verstage) return
to the stage that loaded the verstage?
For the above, #1 is dependent on when to load/run vboot logic which
is orthogonal to #2. However, #3 is dependent on #2. The logic
to act on the combinations follows in subsequent patches.
Change-Id: I39ef7a7c2858e7de43aa99c38121e85a57f1f2f6
Signed-off-by: Aaron Durbin <adurbin@chromium.org>
Reviewed-on: http://review.coreboot.org/10024
Tested-by: build bot (Jenkins)
Reviewed-by: Patrick Georgi <pgeorgi@google.com>
With vboot1 out of the way place all the associated Kconfig
options in vboot2's Kconfig file (excluding main vboot verify
option). More options will be added to accomodate vboot's various
combinations of use cases.
Change-Id: I17b06d741a36a5e2fefb2757651a61bfed61ae1e
Signed-off-by: Aaron Durbin <adurbin@chromium.org>
Reviewed-on: http://review.coreboot.org/10023
Reviewed-by: Patrick Georgi <pgeorgi@google.com>
Tested-by: build bot (Jenkins)
The second step in adding support for FSP 1.1 is to add the header
files.
Updates may be done manually to these files but only to support FSP 1.1.
An FSPx_y tree should be added in the future as FSP binaries migrate
to new FSP specifications.
The files are provided in an EDK2 style tree to allow direct comparison
with the EDK2 tree.
BRANCH=none
BUG=None
TEST=Build for Braswell or Skylake boards using FSP 1.1.
Change-Id: If0e2fbe3cf9d39b18009552af5c861eff24043a0
Signed-off-by: Lee Leahy <leroy.p.leahy@intel.com>
Reviewed-on: http://review.coreboot.org/9974
Tested-by: build bot (Jenkins)
Reviewed-by: Aaron Durbin <adurbin@chromium.org>
- Remove Kconfig files that are no longer used:
src/vencorcode/Kconfig
src/soc/marvell/Kconfig
- Fix the drivers/sil/Kconfig to point to drivers/sil/3114 which had
the same code.
- Make sure all Kconfig files have linefeeds at the end. This can cause
problems, although it wasn't in this case.
- Include cpu/intel/model_65x/Kconfig which was not being included.
Change-Id: Ia57a1e0433e302fa9be557525dc966cae57059c9
Signed-off-by: Martin Roth <gaumless@gmail.com>
Reviewed-on: http://review.coreboot.org/9998
Tested-by: build bot (Jenkins)
Reviewed-by: Stefan Reinauer <stefan.reinauer@coreboot.org>
This file was moved previously to get it out of the way
for easier merging from the chromium repo. It's not used
currently so remove it.
Change-Id: I8e691623f29ac2218b83bc46f5b4a348e0e1b3ef
Signed-off-by: Aaron Durbin <adurbin@chromium.org>
Reviewed-on: http://review.coreboot.org/9960
Tested-by: build bot (Jenkins)
Reviewed-by: Patrick Georgi <pgeorgi@google.com>
Reviewed-by: Paul Menzel <paulepanter@users.sourceforge.net>
There's no need to have the VBOOT2_VERIFY_FIRMWARE
distinction because it's the only game in town.
Change-Id: I82aab665934c27829e1a04115bf499ae527a91aa
Signed-off-by: Aaron Durbin <adurbin@chromium.org>
Reviewed-on: http://review.coreboot.org/9958
Tested-by: build bot (Jenkins)
Reviewed-by: Patrick Georgi <pgeorgi@google.com>
In preparation for moving to vboot2 for all verified
boot paths bring over Kconfig options to the common
area from vboot1. Also remove vboot1 directory entirely.
Change-Id: Iccc4b570216f834886618f0ba5f2e1dd6c01db4b
Signed-off-by: Aaron Durbin <adurbin@chromium.org>
Reviewed-on: http://review.coreboot.org/9957
Tested-by: build bot (Jenkins)
Reviewed-by: Patrick Georgi <pgeorgi@google.com>
This slightly streamlines integrating the vboot2 library and
prepares for merging verstage and bootblock on selected devices.
Change-Id: I2163d1411d0c0c6bf80bce64796e1b6a5a02b802
Signed-off-by: Patrick Georgi <pgeorgi@chromium.org>
Reviewed-on: http://review.coreboot.org/10004
Tested-by: build bot (Jenkins)
Reviewed-by: Stefan Reinauer <stefan.reinauer@coreboot.org>
The new function can be compiled in only when serial console is
disabled.
When invoked, this function initializes the serial interface and dumps
the contents of the CBMEM console buffer to serial output.
BRANCH=none
BUG=chromium:475347
TEST=compiled for different platforms with and without serial console
enabled. No actual test of this function yet.
Change-Id: Ia8d16649dc9d09798fa6970f2cfd893438e00dc5
Signed-off-by: Patrick Georgi <pgeorgi@chromium.org>
Original-Commit-Id: a38a8254dd788ad188ba2509b9ae117d6f699579
Original-Change-Id: Ib85759a2727e31ba1ca21da7e6c346e434f83b52
Original-Signed-off-by: Vadim Bendebury <vbendeb@chromium.org>
Original-Reviewed-on: https://chromium-review.googlesource.com/265293
Original-Reviewed-by: Aaron Durbin <adurbin@chromium.org>
Reviewed-on: http://review.coreboot.org/9984
Tested-by: build bot (Jenkins)
Reviewed-by: Stefan Reinauer <stefan.reinauer@coreboot.org>
In the spirit of include what you use actually #include
the header necessary for fmap calls.
Change-Id: I7acede51d7139234c0520281799dad3a8d33454f
Signed-off-by: Aaron Durbin <adurbin@chromium.org>
Reviewed-on: http://review.coreboot.org/9968
Tested-by: build bot (Jenkins)
Reviewed-by: Patrick Georgi <pgeorgi@google.com>
Prepare for FSP 1.1 integration by moving the FSP to a FSP 1.0 specific
directory. See follow-on patches for sharing of common code.
Change-Id: Ic58cb4074c65b91d119909132a012876d7ee7b74
Signed-off-by: Marc Jones <marc.jones@se-eng.com>
Reviewed-on: http://review.coreboot.org/9970
Tested-by: build bot (Jenkins)
Reviewed-by: Aaron Durbin <adurbin@chromium.org>
elog breaks the build if ELOG_FLASH_BASE isn't configured -
and CHROMEOS isn't enabled, since with Chrome OS builds, it
just uses fmap to find out the base.
So it makes sense to enable it on all Chrome OS builds - if
the code never uses it, the linker will drop it soon enough.
Change-Id: I7ee129fadf75caf15fb9bd32b0acf6f7d9d015d8
Signed-off-by: Patrick Georgi <pgeorgi@chromium.org>
Reviewed-on: http://review.coreboot.org/9965
Tested-by: build bot (Jenkins)
Reviewed-by: Stefan Reinauer <stefan.reinauer@coreboot.org>
This fixes some compilation issues observed with CONFIG_CHROMEOS.
Nothing within the vbootX subdirectories is functional yet, but
a partial compilation within the chromeos direction works now.
Notable fixes: duplicate definitions and missing prototypes.
Change-Id: I53c7b6dcf06b8bcf41a8555094b48968c0740026
Signed-off-by: Aaron Durbin <adurbin@chromium.org>
Reviewed-on: http://review.coreboot.org/9936
Tested-by: build bot (Jenkins)
Reviewed-by: Patrick Georgi <pgeorgi@google.com>
They were keyed to VBOOT_VERIFY_FIRMWARE which made them invisible
under some circumstances.
Change-Id: I61c56b4d245351fae0ec14f80bcd17ba93184651
Signed-off-by: Patrick Georgi <pgeorgi@chromium.org>
Reviewed-on: http://review.coreboot.org/9956
Tested-by: build bot (Jenkins)
Reviewed-by: Aaron Durbin <adurbin@chromium.org>
They were already moved to src/lib/bootmode.c in
commit 5687fc9 Declare recovery and developer modes outside ChromeOS
Change-Id: Ia27a0c79baa364ce3779a8a699e9246d26d02ecb
Signed-off-by: Patrick Georgi <pgeorgi@chromium.org>
Reviewed-on: http://review.coreboot.org/9951
Tested-by: build bot (Jenkins)
Reviewed-by: Paul Menzel <paulepanter@users.sourceforge.net>
Reviewed-by: Aaron Durbin <adurbin@chromium.org>
The preprocessor flags that are manipulated in that line are
managed exclusively in CPPFLAGS since commit 58f73a69.
Change-Id: I2263401a292b4f7435659b24cf4f695a927015ef
Signed-off-by: Patrick Georgi <pgeorgi@chromium.org>
Reviewed-on: http://review.coreboot.org/9948
Tested-by: build bot (Jenkins)
Reviewed-by: Paul Menzel <paulepanter@users.sourceforge.net>
Reviewed-by: Aaron Durbin <adurbin@chromium.org>
It is necessary to trigger console buffer contents dump on reset.
Let's make sure all vboot resets are routed through the same function.
BRANCH=none
BUG=chromium:475347
TEST=built and booted storm
Change-Id: I0d8580fb65417ba4b06dfae763dd6455afc8fc26
Signed-off-by: Patrick Georgi <pgeorgi@chromium.org>
Original-Commit-Id: 9788e2043cb1bd5df7e30574f7df4de4f25caa0d
Original-Change-Id: Iafca416700c51a0546249438ca583a415a1ca944
Original-Signed-off-by: Vadim Bendebury <vbendeb@chromium.org>
Original-Reviewed-on: https://chromium-review.googlesource.com/265292
Original-Reviewed-by: Julius Werner <jwerner@chromium.org>
Reviewed-on: http://review.coreboot.org/9931
Tested-by: build bot (Jenkins)
Reviewed-by: Stefan Reinauer <stefan.reinauer@coreboot.org>
This patch allows a board without a secdata storage (typically TPM) to pass
the verification stage if recovery path is taken. It's useful for bringup
when the actual board is not ready.
BUG=none
BRANCH=none
TEST=booted the kernel from a usb stick on a cygnus reference board
Change-Id: I5ab97d1198057d102a1708338d71c606fe106c75
Signed-off-by: Patrick Georgi <pgeorgi@chromium.org>
Original-Commit-Id: 5d45acee31fd5b7bfe7444f12e3622bae49fc329
Original-Signed-off-by: Daisuke Nojiri <dnojiri@chromium.org>
Original-Reviewed-on: https://chrome-internal-review.googlesource.com/212418
Original-Reviewed-by: Daisuke Nojiri <dnojiri@google.com>
Original-Commit-Queue: Daisuke Nojiri <dnojiri@google.com>
Original-Tested-by: Daisuke Nojiri <dnojiri@google.com>
Original-Change-Id: Iddd9af19a2b6428704254af0c17b642e7a976fb8
Original-Reviewed-on: https://chromium-review.googlesource.com/265046
Reviewed-on: http://review.coreboot.org/9919
Tested-by: build bot (Jenkins)
Reviewed-by: Stefan Reinauer <stefan.reinauer@coreboot.org>
coreboot is expected to read all MAC addresses from the VPD and put
them in the coreboot table entry, depthcharge is expected to associate
different MAC addresses with different kernel device tree nodes.
This patch adds processing of wifi_macX keys. The order of MAC
addresses in the coreboot table is such that the wifi_macX entries
follow ethrnet_macX entries, ordered by X.
BRANCH=none
BUG=chrome-os-partner:36584
TEST=with the rest patches applied verified the contents of the kernel
device tree on an urara board.
Change-Id: I6523e168d2fea201a4956bc2a2d605b07ddac452
Signed-off-by: Patrick Georgi <pgeorgi@chromium.org>
Original-Commit-Id: 36c12ee1d3ce9d2797902f0e098651067c2283ed
Original-Change-Id: Ib87e4815243f34ab258325839cbc12d16120bf89
Original-Signed-off-by: Vadim Bendebury <vbendeb@chromium.org>
Original-Reviewed-on: https://chromium-review.googlesource.com/262843
Original-Reviewed-by: Aaron Durbin <adurbin@chromium.org>
Reviewed-on: http://review.coreboot.org/9896
Tested-by: build bot (Jenkins)
Reviewed-by: Stefan Reinauer <stefan.reinauer@coreboot.org>
The preferred way of communicating WiFi calibration data to the kernel
is binary blob. But this data is stored in the VPD, and must be in
ASCII, so it is encoded using base64.
With the recent addition of the bas64 decoder it is possible to
convert the VPD representation to the form preferred by the kernel.
BRANCH=none
BUG=chromium:450169
TEST=with the rest of the patches applied verified that on both storm
and urara the device tree contains the required binary data.
Change-Id: I89da94bb425767eedc5e2d576e507663afad65ed
Signed-off-by: Patrick Georgi <pgeorgi@chromium.org>
Original-Commit-Id: c2ae38ded24394e0640b5d077e2231cf956397c5
Original-Change-Id: If8a7d0883ea8bb21a13bf203b25ee9f8a08903a9
Original-Signed-off-by: Vadim Bendebury <vbendeb@chromium.org>
Original-Reviewed-on: https://chromium-review.googlesource.com/262842
Reviewed-on: http://review.coreboot.org/9895
Tested-by: build bot (Jenkins)
Reviewed-by: Stefan Reinauer <stefan.reinauer@coreboot.org>
On embedded devices with limited input capabilities it is necessary to
clear the developer mode condition when entering recovery. The new
configuration option will enable such behavior using the new vboot2
flag.
CQ-DEPEND=CL:261630
BRANCH=storm
BUG=chrome-os-partner:36059
TEST=with the rest of the patches applies observed desired behavior on
SP5
Change-Id: I99c3d1330bea9980a2af3b9fd99e29ab96f2cf07
Signed-off-by: Patrick Georgi <pgeorgi@chromium.org>
Original-Commit-Id: 4c0a6315d6b4ede8d43e736ee6c82f1023f4716d
Original-Change-Id: I8e4a521e574b53a670daf692f7b45dc21635f272
Original-Signed-off-by: Vadim Bendebury <vbendeb@chromium.org>
Original-Reviewed-on: https://chromium-review.googlesource.com/261620
Original-Reviewed-by: Aaron Durbin <adurbin@chromium.org>
Reviewed-on: http://review.coreboot.org/9878
Tested-by: build bot (Jenkins)
Reviewed-by: Stefan Reinauer <stefan.reinauer@coreboot.org>
It is better to explicitly disable the call to read the physical
switch setting than to leave it up to implementation. In fact no
implementation would be even required.
BRANCH=none
BUG=none
TEST=verified that storm works as expected
Change-Id: I4b39827dba34ec0124960d0634e45d4554252d9b
Signed-off-by: Patrick Georgi <pgeorgi@chromium.org>
Original-Commit-Id: c9fd014f1bfec6570b20ed8fed16d14d7e4e11b9
Original-Change-Id: I5d6d223f0c684e105a5e3d0b407e0fb181c7a7df
Original-Signed-off-by: Vadim Bendebury <vbendeb@chromium.org>
Original-Reviewed-on: https://chromium-review.googlesource.com/261588
Original-Reviewed-by: Julius Werner <jwerner@chromium.org>
Reviewed-on: http://review.coreboot.org/9876
Tested-by: build bot (Jenkins)
Reviewed-by: Stefan Reinauer <stefan.reinauer@coreboot.org>
It has become necessary to be able to "factory reset" certain devices
on firmware request.
The vboot package has been modified to provide the necessary API, this
patch introduces a configuration option and uses the API when
enabled.
CQ-DEPEND=CL:259857
BRANCH=storm
BUG=chrome-os-partner:37219
TEST=with all the patches applied, on storm, holding the recovery
button at startup for 10 seconds, causes 'crossystem
wipeout_request' to report '1'.
Change-Id: I5e57bc05af3753f451626021ba30c7726badb7b4
Signed-off-by: Patrick Georgi <pgeorgi@chromium.org>
Original-Commit-Id: f70e03e9a8c55bf3c45b075ae4fecfd25da4f446
Original-Change-Id: I4c2192da4fabfdef34d527e5b80d137634eb6987
Original-Signed-off-by: Vadim Bendebury <vbendeb@chromium.org>
Original-Reviewed-on: https://chromium-review.googlesource.com/259843
Original-Reviewed-by: David Hendricks <dhendrix@chromium.org>
Reviewed-on: http://review.coreboot.org/9862
Tested-by: build bot (Jenkins)
Reviewed-by: Stefan Reinauer <stefan.reinauer@coreboot.org>
This patch is a raw application of the following spatch to src/:
@@
expression A, V;
@@
- writel(V, A)
+ write32(A, V)
@@
expression A, V;
@@
- writew(V, A)
+ write16(A, V)
@@
expression A, V;
@@
- writeb(V, A)
+ write8(A, V)
@@
expression A;
@@
- readl(A)
+ read32(A)
@@
expression A;
@@
- readb(A)
+ read8(A)
BRANCH=none
BUG=chromium:444723
TEST=None (depends on next patch)
Change-Id: I5dd96490c85ee2bcbc669f08bc6fff0ecc0f9e27
Signed-off-by: Patrick Georgi <pgeorgi@chromium.org>
Original-Commit-Id: 64f643da95d85954c4d4ea91c34a5c69b9b08eb6
Original-Change-Id: I366a2eb5b3a0df2279ebcce572fe814894791c42
Original-Signed-off-by: Julius Werner <jwerner@chromium.org>
Original-Reviewed-on: https://chromium-review.googlesource.com/254864
Reviewed-on: http://review.coreboot.org/9836
Tested-by: build bot (Jenkins)
Reviewed-by: Stefan Reinauer <stefan.reinauer@coreboot.org>
ChromeOS/vboot devices expect the TPM PCRs 0 and 1 to be extended with
digests that attest the chosen boot mode (developer/recovery) and the
HWID in a secure way. This patch uses the newly added vboot2 support
functions to fetch these digests and store them in the TPM.
CQ-DEPEND=CL:244542
BRANCH=veyron
BUG=chromium:451609
TEST=Booted Jerry. Confirmed that PCR0 contains the same value as on my
vboot1 Blaze and Falco (and PCR1 contains some non-zero hash).
Original-Change-Id: I7037b8198c09fccee5440c4c85f0821166784cec
Original-Signed-off-by: Julius Werner <jwerner@chromium.org>
Original-Reviewed-on: https://chromium-review.googlesource.com/245119
Original-Reviewed-by: Aaron Durbin <adurbin@chromium.org>
Original-Reviewed-by: Daisuke Nojiri <dnojiri@chromium.org>
(cherry picked from commit 8b44e13098cb7493091f2ce6c4ab423f2cbf0177)
Signed-off-by: Aaron Durbin <adurbin@chromium.org>
Change-Id: I549de8c07353683633fbf73e4ee62ba0ed72ff89
Reviewed-on: http://review.coreboot.org/9706
Tested-by: build bot (Jenkins)
Reviewed-by: Stefan Reinauer <stefan.reinauer@coreboot.org>
Reviewed-by: Paul Menzel <paulepanter@users.sourceforge.net>
