aboutsummaryrefslogtreecommitdiff
path: root/projects/vboot
diff options
context:
space:
mode:
authorPaul Kocialkowski <contact@paulk.fr>2016-12-23 14:20:24 +0100
committerLeah Rowe <info@minifree.org>2017-01-15 14:24:45 +0000
commit112003a55671ffa5285145280988dc1248b26b08 (patch)
treee103e0f21ac52c28056db6211758217a41b0b3fd /projects/vboot
parent3d08effb91acf985bae9c4eb4386937ce7ed92a9 (diff)
downloadlibrebootfr-112003a55671ffa5285145280988dc1248b26b08.tar.gz
librebootfr-112003a55671ffa5285145280988dc1248b26b08.zip
Paper build system initial import into Libreboot
This is the initial import of the Paper build system into Libreboot. It was written as a flexible and painless replacement for the Libreboot build system, allowing to support many different configurations. It currently only supports the following CrOS devices: * Chromebook 13 CB5-311 (nyan big) * Chromebook 14 (nyan blaze) * Chromebook 11 (HiSense) (veyron jerry) * Chromebit CS10 (veyron mickey) * Chromebook Flip C100PA (veyron minnie) * Chromebook C201PA (veyron speedy) The build system also supports building various tools and provides various scripts to ease the installation on CrOS devices. Signed-off-by: Paul Kocialkowski <contact@paulk.fr>
Diffstat (limited to 'projects/vboot')
-rw-r--r--projects/vboot/configs/blobs22
-rw-r--r--projects/vboot/configs/blobs-ignore33
-rw-r--r--projects/vboot/configs/blobs-ignore-notes.txt5
-rw-r--r--projects/vboot/configs/revision1
-rw-r--r--projects/vboot/configs/targets2
-rw-r--r--projects/vboot/configs/tools/install5
-rw-r--r--projects/vboot/patches/0001-firmware-Developer-mode-timeout-delay-shortening-dow.patch34
-rw-r--r--projects/vboot/patches/0002-firmware-Text-based-screen-display-in-priority.patch61
-rw-r--r--projects/vboot/patches/0003-firmware-Hold-key-combination-in-developer-mode.patch50
-rw-r--r--projects/vboot/patches/0004-firmware-Screen-blank-and-wait-at-disabled-USB-boot-.patch56
-rw-r--r--projects/vboot/patches/0005-firmware-Separate-screen-and-wait-at-device-informat.patch80
-rw-r--r--projects/vboot/patches/0006-firmware-Localization-keys-removal.patch54
-rw-r--r--projects/vboot/patches/0007-firmware-Pass-VbDisplayInfo-information-structure-to.patch354
-rwxr-xr-xprojects/vboot/vboot147
14 files changed, 904 insertions, 0 deletions
diff --git a/projects/vboot/configs/blobs b/projects/vboot/configs/blobs
new file mode 100644
index 00000000..f47d47ff
--- /dev/null
+++ b/projects/vboot/configs/blobs
@@ -0,0 +1,22 @@
+tests/devkeys/firmware_bmpfv.bin
+tests/devkeys-pkc/firmware_bmpfv.bin
+tests/futility/data/bios_link_mp.bin
+tests/futility/data/bios_mario_mp.bin
+tests/futility/data/bios_peppy_mp.bin
+tests/futility/data/bios_zgb_mp.bin
+tests/futility/data/dingdong.signed
+tests/futility/data/dingdong.unsigned
+tests/futility/data/fw_gbb.bin
+tests/futility/data/fw_vblock.bin
+tests/futility/data/hoho.signed
+tests/futility/data/hoho.unsigned
+tests/futility/data/kern_preamble.bin
+tests/futility/data/minimuffin.signed
+tests/futility/data/minimuffin.unsigned
+tests/futility/data/rec_kernel_part.bin
+tests/futility/data/vmlinuz-amd64.bin
+tests/futility/data/vmlinuz-arm.bin
+tests/futility/data/zinger_mp_image.bin
+tests/futility/data/zinger.signed
+tests/futility/data/zinger.unsigned
+tests/preamble_tests
diff --git a/projects/vboot/configs/blobs-ignore b/projects/vboot/configs/blobs-ignore
new file mode 100644
index 00000000..8ce3e957
--- /dev/null
+++ b/projects/vboot/configs/blobs-ignore
@@ -0,0 +1,33 @@
+bdb/sha.c
+bdb/bdb_create.c
+cgpt/cgpt_wrapper.c
+firmware/lib/tpm_lite/include/tlcl_structures.h
+firmware/lib/cgptlib/crc32.c
+firmware/lib/cryptolib/padding.c
+firmware/2lib/2sha512.c
+firmware/2lib/2sha256.c
+firmware/bdb/secrets.c
+futility/cmd_gbb_utility.c
+scripts/image_signing/tag_image.sh
+scripts/image_signing/strip_boot_from_image.sh
+scripts/image_signing/make_dev_ssd.sh
+scripts/image_signing/tofactory.sh
+scripts/image_signing/sign_official_build.sh
+scripts/image_signing/sign_nv_cbootimage.sh
+tests/rsa_padding_test.h
+tests/bdb_sprw_test.c
+tests/crc32_test.c
+tests/vb2_api_tests.c
+tests/sha_test_vectors.h
+tests/gen_preamble_testdata.sh
+tests/load_kernel_tests.sh
+tests/vb21_host_misc_tests.c
+tests/run_vbutil_kernel_arg_tests.sh
+tests/cgptlib_test.c
+tests/vb2_sha_tests.c
+tests/futility/test_file_types.c
+tests/futility/test_file_types.sh
+tests/futility/test_dump_fmap.sh
+tests/testcases/padding_test_vectors.inc
+utility/bmpblk_font.c
+utility/vbutil_what_keys
diff --git a/projects/vboot/configs/blobs-ignore-notes.txt b/projects/vboot/configs/blobs-ignore-notes.txt
new file mode 100644
index 00000000..1999d4f5
--- /dev/null
+++ b/projects/vboot/configs/blobs-ignore-notes.txt
@@ -0,0 +1,5 @@
+./3rdparty/vboot/tests/testcases/padding_test_vectors.inc
+It's not a blob, see tests/rsa_padding_test.h for explanation.
+
+The text in this file is CC-BY-SA 4.0 or higher. All contributions to it must
+be made under the same license.
diff --git a/projects/vboot/configs/revision b/projects/vboot/configs/revision
new file mode 100644
index 00000000..79d3a325
--- /dev/null
+++ b/projects/vboot/configs/revision
@@ -0,0 +1 @@
+origin/release-R56-9000.B
diff --git a/projects/vboot/configs/targets b/projects/vboot/configs/targets
new file mode 100644
index 00000000..858f1915
--- /dev/null
+++ b/projects/vboot/configs/targets
@@ -0,0 +1,2 @@
+devices
+tools
diff --git a/projects/vboot/configs/tools/install b/projects/vboot/configs/tools/install
new file mode 100644
index 00000000..0fe502b5
--- /dev/null
+++ b/projects/vboot/configs/tools/install
@@ -0,0 +1,5 @@
+cgpt/cgpt:cgpt
+futility/futility:futility
+utility/crossystem:crossystem
+utility/tpmc:tpmc
+devkeys:devkeys
diff --git a/projects/vboot/patches/0001-firmware-Developer-mode-timeout-delay-shortening-dow.patch b/projects/vboot/patches/0001-firmware-Developer-mode-timeout-delay-shortening-dow.patch
new file mode 100644
index 00000000..c3e12f63
--- /dev/null
+++ b/projects/vboot/patches/0001-firmware-Developer-mode-timeout-delay-shortening-dow.patch
@@ -0,0 +1,34 @@
+From 0e8e89b19a4e47802ed6ea64a35da77665cc3d3f Mon Sep 17 00:00:00 2001
+From: Paul Kocialkowski <contact@paulk.fr>
+Date: Mon, 10 Aug 2015 20:33:23 +0200
+Subject: [PATCH 1/7] firmware: Developer mode timeout delay shortening (down
+ to 3 seconds)
+
+A timeout delay of 3 seconds, with no bip, is much more appreciable for users.
+
+Change-Id: If4bc879f350a4a0297395077e4f55e89f4fa764d
+Signed-off-by: Paul Kocialkowski <contact@paulk.fr>
+---
+ firmware/lib/vboot_audio.c | 6 +-----
+ 1 file changed, 1 insertion(+), 5 deletions(-)
+
+diff --git a/firmware/lib/vboot_audio.c b/firmware/lib/vboot_audio.c
+index 8f31171..7e92dc7 100644
+--- a/firmware/lib/vboot_audio.c
++++ b/firmware/lib/vboot_audio.c
+@@ -30,11 +30,7 @@
+ #define MAX_CUSTOM_DELAY 300000
+
+ /* These are visible externally only to make testing easier */
+-VbDevMusicNote default_notes_[] = { {20000, 0}, /* 20 seconds */
+- {250, 400}, /* two beeps */
+- {250, 0},
+- {250, 400},
+- {9250, 0} }; /* total 30 seconds */
++VbDevMusicNote default_notes_[] = { {3000, 0} }; /* three seconds */
+ uint32_t default_count_ = sizeof(default_notes_) / sizeof(VbDevMusicNote);
+
+ VbDevMusicNote short_notes_[] = { {2000, 0} }; /* two seconds */
+--
+2.10.2
+
diff --git a/projects/vboot/patches/0002-firmware-Text-based-screen-display-in-priority.patch b/projects/vboot/patches/0002-firmware-Text-based-screen-display-in-priority.patch
new file mode 100644
index 00000000..924d19bc
--- /dev/null
+++ b/projects/vboot/patches/0002-firmware-Text-based-screen-display-in-priority.patch
@@ -0,0 +1,61 @@
+From 5f402b9d365dbc17ea68803aeb9a95da01708b9f Mon Sep 17 00:00:00 2001
+From: Paul Kocialkowski <contact@paulk.fr>
+Date: Mon, 10 Aug 2015 22:44:50 +0200
+Subject: [PATCH 2/7] firmware: Text-based screen display in priority
+
+This allows showing text-based screen displays before looking at the GBB bitmaps
+since those encourage the use of non-free software (Chrome OS) and don't display
+enough information to the user.
+
+Change-Id: I1dc454cd5de1cf096a15957832a8114d4f758eac
+Signed-off-by: Paul Kocialkowski <contact@paulk.fr>
+---
+ firmware/lib/vboot_display.c | 17 ++++++-----------
+ 1 file changed, 6 insertions(+), 11 deletions(-)
+
+diff --git a/firmware/lib/vboot_display.c b/firmware/lib/vboot_display.c
+index 1abed92..50a2e54 100644
+--- a/firmware/lib/vboot_display.c
++++ b/firmware/lib/vboot_display.c
+@@ -335,20 +335,18 @@ static VbError_t VbDisplayScreenLegacy(VbCommonParams *cparams, uint32_t screen,
+ /* If the screen is blank, turn off the backlight; else turn it on. */
+ VbExDisplayBacklight(VB_SCREEN_BLANK == screen ? 0 : 1);
+
+- /* Look in the GBB first */
+- if (VBERROR_SUCCESS == VbDisplayScreenFromGBB(cparams, screen,
+- vncptr, locale))
++ /* Display default first */
++ if (VBERROR_SUCCESS == VbExDisplayScreen(screen, locale))
+ return VBERROR_SUCCESS;
+
+- /* If screen wasn't in the GBB bitmaps, fall back to a default */
+- return VbExDisplayScreen(screen, locale);
++ /* If default doesn't have anything to show, fall back to GBB bitmaps */
++ return VbDisplayScreenFromGBB(cparams, screen, vncptr, locale);
+ }
+
+ VbError_t VbDisplayScreen(VbCommonParams *cparams, uint32_t screen,
+ int force, VbNvContext *vncptr)
+ {
+ uint32_t locale;
+- GoogleBinaryBlockHeader *gbb = cparams->gbb;
+ VbError_t rv;
+
+ /* If requested screen is the same as the current one, we're done. */
+@@ -358,11 +356,8 @@ VbError_t VbDisplayScreen(VbCommonParams *cparams, uint32_t screen,
+ /* Read the locale last saved */
+ VbNvGet(vncptr, VBNV_LOCALIZATION_INDEX, &locale);
+
+- if (gbb->bmpfv_size == 0)
+- rv = VbExDisplayScreen(screen, locale);
+- else
+- rv = VbDisplayScreenLegacy(cparams, screen, force, vncptr,
+- locale);
++ rv = VbDisplayScreenLegacy(cparams, screen, force, vncptr,
++ locale);
+
+ if (rv == VBERROR_SUCCESS)
+ /* Keep track of the currently displayed screen */
+--
+2.10.2
+
diff --git a/projects/vboot/patches/0003-firmware-Hold-key-combination-in-developer-mode.patch b/projects/vboot/patches/0003-firmware-Hold-key-combination-in-developer-mode.patch
new file mode 100644
index 00000000..3da8642a
--- /dev/null
+++ b/projects/vboot/patches/0003-firmware-Hold-key-combination-in-developer-mode.patch
@@ -0,0 +1,50 @@
+From 78297c1fa4a158047e7bfa8bf0b3435fe498811d Mon Sep 17 00:00:00 2001
+From: Paul Kocialkowski <contact@paulk.fr>
+Date: Mon, 10 Aug 2015 22:59:50 +0200
+Subject: [PATCH 3/7] firmware: Hold key combination in developer mode
+
+This binds the Ctrl + H key combination to hold the developer mode screen.
+
+Change-Id: Ia76080eacd2e5e78b35b83d0f3783bfa5137794a
+Signed-off-by: Paul Kocialkowski <contact@paulk.fr>
+---
+ firmware/lib/vboot_api_kernel.c | 9 ++++++++-
+ 1 file changed, 8 insertions(+), 1 deletion(-)
+
+diff --git a/firmware/lib/vboot_api_kernel.c b/firmware/lib/vboot_api_kernel.c
+index e465fc3..2e31f08 100644
+--- a/firmware/lib/vboot_api_kernel.c
++++ b/firmware/lib/vboot_api_kernel.c
+@@ -308,6 +308,7 @@ VbError_t VbBootDeveloper(VbCommonParams *cparams, LoadKernelParams *p)
+ uint32_t use_legacy = 0;
+ uint32_t default_boot = 0;
+ uint32_t ctrl_d_pressed = 0;
++ uint32_t hold = 0;
+
+ VbAudioContext *audio = 0;
+
+@@ -473,6 +474,12 @@ VbError_t VbBootDeveloper(VbCommonParams *cparams, LoadKernelParams *p)
+ ctrl_d_pressed = 1;
+ goto fallout;
+ break;
++ case 0x08:
++ /* Ctrl+H = hold */
++ VBDEBUG(("VbBootDeveloper() - "
++ "hold developer mode screen\n"));
++ hold = 1;
++ break;
+ case 0x0c:
+ VBDEBUG(("VbBootDeveloper() - "
+ "user pressed Ctrl+L; Try legacy boot\n"));
+@@ -523,7 +530,7 @@ VbError_t VbBootDeveloper(VbCommonParams *cparams, LoadKernelParams *p)
+ VbCheckDisplayKey(cparams, key, &vnc);
+ break;
+ }
+- } while(VbAudioLooping(audio));
++ } while(hold || VbAudioLooping(audio));
+
+ fallout:
+
+--
+2.10.2
+
diff --git a/projects/vboot/patches/0004-firmware-Screen-blank-and-wait-at-disabled-USB-boot-.patch b/projects/vboot/patches/0004-firmware-Screen-blank-and-wait-at-disabled-USB-boot-.patch
new file mode 100644
index 00000000..e61ea0ac
--- /dev/null
+++ b/projects/vboot/patches/0004-firmware-Screen-blank-and-wait-at-disabled-USB-boot-.patch
@@ -0,0 +1,56 @@
+From 4560df9f84e342ef51cf071dccd01e3fb5838a37 Mon Sep 17 00:00:00 2001
+From: Paul Kocialkowski <contact@paulk.fr>
+Date: Mon, 10 Aug 2015 23:13:49 +0200
+Subject: [PATCH 4/7] firmware: Screen blank and wait at disabled USB boot
+ warning
+
+This blanks the screen before showing the disabled USB boot warning.
+It also waits for the user to press any key to come back to the developer mode
+screen.
+
+Change-Id: Ic23f1e0f8d269242a9b7af6941806951016e6eb4
+Signed-off-by: Paul Kocialkowski <contact@paulk.fr>
+---
+ firmware/lib/vboot_api_kernel.c | 12 +++++++++++-
+ 1 file changed, 11 insertions(+), 1 deletion(-)
+
+diff --git a/firmware/lib/vboot_api_kernel.c b/firmware/lib/vboot_api_kernel.c
+index 2e31f08..5cf45ec 100644
+--- a/firmware/lib/vboot_api_kernel.c
++++ b/firmware/lib/vboot_api_kernel.c
+@@ -376,6 +376,7 @@ VbError_t VbBootDeveloper(VbCommonParams *cparams, LoadKernelParams *p)
+ }
+ }
+
++developer_mode_screen:
+ /* Show the dev mode warning screen */
+ VbDisplayScreen(cparams, VB_SCREEN_DEVELOPER_WARNING, 0, &vnc);
+
+@@ -498,14 +499,23 @@ VbError_t VbBootDeveloper(VbCommonParams *cparams, LoadKernelParams *p)
+ if (!allow_usb) {
+ VBDEBUG(("VbBootDeveloper() - "
+ "USB booting is disabled\n"));
++
++ VbDisplayScreen(cparams, VB_SCREEN_BLANK, 1,
++ &vnc);
++
+ VbExDisplayDebugInfo(
+ "WARNING: Booting from external media "
+ "(USB/SD) has not been enabled. Refer "
+ "to the developer-mode documentation "
+- "for details.\n");
++ "for details.\n\n"
++ "Press any key to continue.\n\n");
+ VbExBeep(120, 400);
+ VbExSleepMs(120);
+ VbExBeep(120, 400);
++
++ while (!VbExKeyboardRead()) ;
++
++ goto developer_mode_screen;
+ } else {
+ /*
+ * Clear the screen to show we get the Ctrl+U
+--
+2.10.2
+
diff --git a/projects/vboot/patches/0005-firmware-Separate-screen-and-wait-at-device-informat.patch b/projects/vboot/patches/0005-firmware-Separate-screen-and-wait-at-device-informat.patch
new file mode 100644
index 00000000..eacd7559
--- /dev/null
+++ b/projects/vboot/patches/0005-firmware-Separate-screen-and-wait-at-device-informat.patch
@@ -0,0 +1,80 @@
+From 457f2227845335bed16b190499278a887eca3939 Mon Sep 17 00:00:00 2001
+From: Paul Kocialkowski <contact@paulk.fr>
+Date: Mon, 10 Aug 2015 23:53:48 +0200
+Subject: [PATCH 5/7] firmware: Separate screen and wait at device information
+ screen
+
+This blanks the screen (instead of redrawing it) at device information and
+waits for the user to press any key to come back to the developer mode screen.
+
+Change-Id: I16364e69ce5bbaba5689f9f7af29c593ddea8558
+Signed-off-by: Paul Kocialkowski <contact@paulk.fr>
+---
+ firmware/lib/vboot_api_kernel.c | 12 ++++++++++++
+ firmware/lib/vboot_display.c | 13 ++++++++-----
+ 2 files changed, 20 insertions(+), 5 deletions(-)
+
+diff --git a/firmware/lib/vboot_api_kernel.c b/firmware/lib/vboot_api_kernel.c
+index 5cf45ec..53ef5c7 100644
+--- a/firmware/lib/vboot_api_kernel.c
++++ b/firmware/lib/vboot_api_kernel.c
+@@ -481,6 +481,18 @@ developer_mode_screen:
+ "hold developer mode screen\n"));
+ hold = 1;
+ break;
++ case 0x09:
++ /* Ctrl+I = device information */
++ VBDEBUG(("VbBootDeveloper() - "
++ "device info\n"));
++
++ hold = 1;
++ VbDisplayDebugInfo(cparams, &vnc);
++
++ while (!VbExKeyboardRead()) ;
++
++ goto developer_mode_screen;
++ break;
+ case 0x0c:
+ VBDEBUG(("VbBootDeveloper() - "
+ "user pressed Ctrl+L; Try legacy boot\n"));
+diff --git a/firmware/lib/vboot_display.c b/firmware/lib/vboot_display.c
+index 50a2e54..6d8ed92 100644
+--- a/firmware/lib/vboot_display.c
++++ b/firmware/lib/vboot_display.c
+@@ -544,7 +544,7 @@ const char *RecoveryReasonString(uint8_t code)
+ return "We have no idea what this means";
+ }
+
+-#define DEBUG_INFO_SIZE 512
++#define DEBUG_INFO_SIZE 768
+
+ VbError_t VbDisplayDebugInfo(VbCommonParams *cparams, VbNvContext *vncptr)
+ {
+@@ -559,8 +559,8 @@ VbError_t VbDisplayDebugInfo(VbCommonParams *cparams, VbNvContext *vncptr)
+ VbError_t ret;
+ uint32_t i;
+
+- /* Redisplay current screen to overwrite any previous debug output */
+- VbDisplayScreen(cparams, disp_current_screen, 1, vncptr);
++ /* Blank screen */
++ VbDisplayScreen(cparams, VB_SCREEN_BLANK, 1, vncptr);
+
+ /* Add hardware ID */
+ VbRegionReadHWID(cparams, hwid, sizeof(hwid));
+@@ -669,8 +669,11 @@ VbError_t VbDisplayDebugInfo(VbCommonParams *cparams, VbNvContext *vncptr)
+ used += StrnAppend(buf + used, sha1sum, DEBUG_INFO_SIZE - used);
+ }
+
+- /* Make sure we finish with a newline */
+- used += StrnAppend(buf + used, "\n", DEBUG_INFO_SIZE - used);
++ /* Make sure we finish with newlines */
++ used += StrnAppend(buf + used, "\n\n", DEBUG_INFO_SIZE - used);
++
++ used += StrnAppend(buf + used, "Press any key to continue\n\n",
++ DEBUG_INFO_SIZE - used);
+
+ /* TODO: add more interesting data:
+ * - Information on current disks */
+--
+2.10.2
+
diff --git a/projects/vboot/patches/0006-firmware-Localization-keys-removal.patch b/projects/vboot/patches/0006-firmware-Localization-keys-removal.patch
new file mode 100644
index 00000000..fe0dd444
--- /dev/null
+++ b/projects/vboot/patches/0006-firmware-Localization-keys-removal.patch
@@ -0,0 +1,54 @@
+From 95a6212c5eef956289ab6a70ba0debb89508ce99 Mon Sep 17 00:00:00 2001
+From: Paul Kocialkowski <contact@paulk.fr>
+Date: Tue, 11 Aug 2015 00:07:18 +0200
+Subject: [PATCH 6/7] firmware: Localization keys removal
+
+Since we're using a text-based interface, binding the arrow keys to localization
+changes has no effect and only makes the screen flicker.
+
+Change-Id: I92dfe63d9d0826217653e29d3f26fb0ab29071f1
+Signed-off-by: Paul Kocialkowski <contact@paulk.fr>
+---
+ firmware/lib/vboot_api_kernel.c | 5 -----
+ 1 file changed, 5 deletions(-)
+
+diff --git a/firmware/lib/vboot_api_kernel.c b/firmware/lib/vboot_api_kernel.c
+index 53ef5c7..e03e042 100644
+--- a/firmware/lib/vboot_api_kernel.c
++++ b/firmware/lib/vboot_api_kernel.c
+@@ -273,7 +273,6 @@ int VbUserConfirms(VbCommonParams *cparams, uint32_t confirm_flags)
+ return 1;
+ }
+ }
+- VbCheckDisplayKey(cparams, key, &vnc);
+ }
+ VbExSleepMs(CONFIRM_KEY_DELAY);
+ }
+@@ -549,7 +548,6 @@ developer_mode_screen:
+ break;
+ default:
+ VBDEBUG(("VbBootDeveloper() - pressed key %d\n", key));
+- VbCheckDisplayKey(cparams, key, &vnc);
+ break;
+ }
+ } while(hold || VbAudioLooping(audio));
+@@ -613,7 +611,6 @@ VbError_t VbBootRecovery(VbCommonParams *cparams, LoadKernelParams *p)
+ VbDisplayScreen(cparams, VB_SCREEN_OS_BROKEN, 0, &vnc);
+ VBDEBUG(("VbBootRecovery() waiting for manual recovery\n"));
+ while (1) {
+- VbCheckDisplayKey(cparams, VbExKeyboardRead(), &vnc);
+ if (VbWantShutdown(cparams->gbb->flags))
+ return VBERROR_SHUTDOWN_REQUESTED;
+ VbExSleepMs(REC_KEY_DELAY);
+@@ -711,8 +708,6 @@ VbError_t VbBootRecovery(VbCommonParams *cparams, LoadKernelParams *p)
+ i = 4;
+ break;
+ }
+- } else {
+- VbCheckDisplayKey(cparams, key, &vnc);
+ }
+ if (VbWantShutdown(cparams->gbb->flags))
+ return VBERROR_SHUTDOWN_REQUESTED;
+--
+2.10.2
+
diff --git a/projects/vboot/patches/0007-firmware-Pass-VbDisplayInfo-information-structure-to.patch b/projects/vboot/patches/0007-firmware-Pass-VbDisplayInfo-information-structure-to.patch
new file mode 100644
index 00000000..7f090b6e
--- /dev/null
+++ b/projects/vboot/patches/0007-firmware-Pass-VbDisplayInfo-information-structure-to.patch
@@ -0,0 +1,354 @@
+From aecef39cda6a70c99bf0caff0452e47ad43a68d8 Mon Sep 17 00:00:00 2001
+From: Paul Kocialkowski <contact@paulk.fr>
+Date: Sun, 10 Jul 2016 23:43:16 +0200
+Subject: [PATCH 7/7] firmware: Pass VbDisplayInfo information structure to
+ VbExDisplayScreen
+
+This provides VbExDisplayScreen with an information structure
+(VbDisplayInfo) that contains various context information for display.
+
+Change-Id: Id9e07bb418f64e9286f07da11314cd63f925e301
+Signed-off-by: Paul Kocialkowski <contact@paulk.fr>
+---
+ firmware/include/vboot_api.h | 12 +++++++++-
+ firmware/lib/include/vboot_display.h | 2 +-
+ firmware/lib/vboot_api_kernel.c | 44 ++++++++++++++++++++++++------------
+ firmware/lib/vboot_display.c | 15 ++++++------
+ firmware/stub/vboot_api_stub.c | 3 ++-
+ tests/vboot_api_devmode_tests.c | 3 ++-
+ tests/vboot_api_kernel2_tests.c | 2 +-
+ tests/vboot_api_kernel3_tests.c | 2 +-
+ 8 files changed, 55 insertions(+), 28 deletions(-)
+
+diff --git a/firmware/include/vboot_api.h b/firmware/include/vboot_api.h
+index 950c1e2..ba53101 100644
+--- a/firmware/include/vboot_api.h
++++ b/firmware/include/vboot_api.h
+@@ -697,6 +697,15 @@ enum VbScreenType_t {
+ VB_SCREEN_OS_BROKEN = 0x208,
+ };
+
++/* Information on display context */
++typedef struct VbDisplayInfo {
++ uint32_t allow_usb;
++ uint32_t allow_legacy;
++ uint32_t use_usb;
++ uint32_t use_legacy;
++ uint32_t signed_only;
++} VbDisplayInfo;
++
+ /**
+ * Initialize and clear the display. Set width and height to the screen
+ * dimensions in pixels.
+@@ -725,7 +734,8 @@ VbError_t VbExDisplaySetDimension(uint32_t width, uint32_t height);
+ * to be simple ASCII text such as "NO GOOD" or "INSERT"; these screens should
+ * only be seen during development.
+ */
+-VbError_t VbExDisplayScreen(uint32_t screen_type, uint32_t locale);
++VbError_t VbExDisplayScreen(uint32_t screen_type, uint32_t locale,
++ VbDisplayInfo *info);
+
+ /**
+ * Write an image to the display, with the upper left corner at the specified
+diff --git a/firmware/lib/include/vboot_display.h b/firmware/lib/include/vboot_display.h
+index 0ab93f0..0574580 100644
+--- a/firmware/lib/include/vboot_display.h
++++ b/firmware/lib/include/vboot_display.h
+@@ -15,7 +15,7 @@
+ VbError_t VbDisplayScreenFromGBB(VbCommonParams *cparams, uint32_t screen,
+ VbNvContext *vncptr, uint32_t locale);
+ VbError_t VbDisplayScreen(VbCommonParams *cparams, uint32_t screen, int force,
+- VbNvContext *vncptr);
++ VbNvContext *vncptr, VbDisplayInfo *info);
+ VbError_t VbDisplayDebugInfo(VbCommonParams *cparams, VbNvContext *vncptr);
+ VbError_t VbCheckDisplayKey(VbCommonParams *cparams, uint32_t key,
+ VbNvContext *vncptr);
+diff --git a/firmware/lib/vboot_api_kernel.c b/firmware/lib/vboot_api_kernel.c
+index e03e042..7dcc754 100644
+--- a/firmware/lib/vboot_api_kernel.c
++++ b/firmware/lib/vboot_api_kernel.c
+@@ -300,11 +300,13 @@ VbError_t VbBootDeveloper(VbCommonParams *cparams, LoadKernelParams *p)
+ VbSharedDataHeader *shared =
+ (VbSharedDataHeader *)cparams->shared_data_blob;
+
++ VbDisplayInfo info;
+ uint32_t allow_usb = 0;
+ uint32_t allow_legacy = 0;
+ uint32_t disable_dev_boot = 0;
+ uint32_t use_usb = 0;
+ uint32_t use_legacy = 0;
++ uint32_t signed_only = 0;
+ uint32_t default_boot = 0;
+ uint32_t ctrl_d_pressed = 0;
+ uint32_t hold = 0;
+@@ -350,10 +352,22 @@ VbError_t VbBootDeveloper(VbCommonParams *cparams, LoadKernelParams *p)
+ }
+ }
+
++ VbNvGet(&vnc, VBNV_DEV_BOOT_SIGNED_ONLY, &signed_only);
++
++ if (fwmp.flags & FWMP_DEV_ENABLE_OFFICIAL_ONLY)
++ signed_only = 1;
++
++ info.allow_usb = allow_usb;
++ info.allow_legacy = allow_legacy;
++ info.use_usb = use_usb;
++ info.use_legacy = use_legacy;
++ info.signed_only = signed_only;
++
+ /* If dev mode is disabled, only allow TONORM */
+ while (disable_dev_boot) {
+ VBDEBUG(("%s() - dev_disable_boot is set.\n", __func__));
+- VbDisplayScreen(cparams, VB_SCREEN_DEVELOPER_TO_NORM, 0, &vnc);
++ VbDisplayScreen(cparams, VB_SCREEN_DEVELOPER_TO_NORM, 0, &vnc,
++ NULL);
+ VbExDisplayDebugInfo(dev_disable_msg);
+
+ /* Ignore space in VbUserConfirms()... */
+@@ -363,7 +377,7 @@ VbError_t VbBootDeveloper(VbCommonParams *cparams, LoadKernelParams *p)
+ VbNvSet(&vnc, VBNV_DISABLE_DEV_REQUEST, 1);
+ VbDisplayScreen(cparams,
+ VB_SCREEN_TO_NORM_CONFIRMED,
+- 0, &vnc);
++ 0, &vnc, NULL);
+ VbExSleepMs(5000);
+ return VBERROR_REBOOT_REQUIRED;
+ case -1:
+@@ -377,7 +391,7 @@ VbError_t VbBootDeveloper(VbCommonParams *cparams, LoadKernelParams *p)
+
+ developer_mode_screen:
+ /* Show the dev mode warning screen */
+- VbDisplayScreen(cparams, VB_SCREEN_DEVELOPER_WARNING, 0, &vnc);
++ VbDisplayScreen(cparams, VB_SCREEN_DEVELOPER_WARNING, 0, &vnc, &info);
+
+ /* Get audio/delay context */
+ audio = VbAudioOpen(cparams);
+@@ -425,7 +439,7 @@ developer_mode_screen:
+ }
+ VbDisplayScreen(cparams,
+ VB_SCREEN_DEVELOPER_TO_NORM,
+- 0, &vnc);
++ 0, &vnc, NULL);
+ /* Ignore space in VbUserConfirms()... */
+ switch (VbUserConfirms(cparams, 0)) {
+ case 1:
+@@ -436,7 +450,7 @@ developer_mode_screen:
+ VbDisplayScreen(
+ cparams,
+ VB_SCREEN_TO_NORM_CONFIRMED,
+- 0, &vnc);
++ 0, &vnc, NULL);
+ VbExSleepMs(5000);
+ return VBERROR_REBOOT_REQUIRED;
+ case -1:
+@@ -450,7 +464,7 @@ developer_mode_screen:
+ VbDisplayScreen(
+ cparams,
+ VB_SCREEN_DEVELOPER_WARNING,
+- 0, &vnc);
++ 0, &vnc, &info);
+ /* Start new countdown */
+ audio = VbAudioOpen(cparams);
+ }
+@@ -512,7 +526,7 @@ developer_mode_screen:
+ "USB booting is disabled\n"));
+
+ VbDisplayScreen(cparams, VB_SCREEN_BLANK, 1,
+- &vnc);
++ &vnc, NULL);
+
+ VbExDisplayDebugInfo(
+ "WARNING: Booting from external media "
+@@ -533,7 +547,7 @@ developer_mode_screen:
+ * key press.
+ */
+ VbDisplayScreen(cparams, VB_SCREEN_BLANK, 0,
+- &vnc);
++ &vnc, NULL);
+ if (VBERROR_SUCCESS == VbTryUsb(cparams, p)) {
+ VbAudioClose(audio);
+ return VBERROR_SUCCESS;
+@@ -542,7 +556,7 @@ developer_mode_screen:
+ VbDisplayScreen(
+ cparams,
+ VB_SCREEN_DEVELOPER_WARNING,
+- 0, &vnc);
++ 0, &vnc, &info);
+ }
+ }
+ break;
+@@ -608,7 +622,7 @@ VbError_t VbBootRecovery(VbCommonParams *cparams, LoadKernelParams *p)
+ shared->recovery_reason));
+ VbSetRecoverySubcode(shared->recovery_reason);
+ VbNvCommit();
+- VbDisplayScreen(cparams, VB_SCREEN_OS_BROKEN, 0, &vnc);
++ VbDisplayScreen(cparams, VB_SCREEN_OS_BROKEN, 0, &vnc, NULL);
+ VBDEBUG(("VbBootRecovery() waiting for manual recovery\n"));
+ while (1) {
+ if (VbWantShutdown(cparams->gbb->flags))
+@@ -637,7 +651,7 @@ VbError_t VbBootRecovery(VbCommonParams *cparams, LoadKernelParams *p)
+ VbDisplayScreen(cparams, VBERROR_NO_DISK_FOUND == retval ?
+ VB_SCREEN_RECOVERY_INSERT :
+ VB_SCREEN_RECOVERY_NO_GOOD,
+- 0, &vnc);
++ 0, &vnc, NULL);
+
+ /*
+ * Scan keyboard more frequently than media, since x86
+@@ -677,7 +691,7 @@ VbError_t VbBootRecovery(VbCommonParams *cparams, LoadKernelParams *p)
+ /* Ask the user to confirm entering dev-mode */
+ VbDisplayScreen(cparams,
+ VB_SCREEN_RECOVERY_TO_DEV,
+- 0, &vnc);
++ 0, &vnc, NULL);
+ /* SPACE means no... */
+ uint32_t vbc_flags =
+ VB_CONFIRM_SPACE_MEANS_NO |
+@@ -839,7 +853,7 @@ static VbError_t EcUpdateImage(int devidx, VbCommonParams *cparams,
+ return VBERROR_VGA_OPROM_MISMATCH;
+ }
+
+- VbDisplayScreen(cparams, VB_SCREEN_WAIT, 0, &vnc);
++ VbDisplayScreen(cparams, VB_SCREEN_WAIT, 0, &vnc, NULL);
+ }
+
+ rv = VbExEcUpdateImage(devidx, select, expected, expected_size);
+@@ -1250,13 +1264,13 @@ VbError_t VbSelectAndLoadKernel(VbCommonParams *cparams,
+ p.boot_flags |= BOOT_FLAG_RECOVERY;
+ retval = VbBootRecovery(cparams, &p);
+ VbExEcEnteringMode(0, VB_EC_RECOVERY);
+- VbDisplayScreen(cparams, VB_SCREEN_BLANK, 0, &vnc);
++ VbDisplayScreen(cparams, VB_SCREEN_BLANK, 0, &vnc, NULL);
+
+ } else if (p.boot_flags & BOOT_FLAG_DEVELOPER) {
+ /* Developer boot */
+ retval = VbBootDeveloper(cparams, &p);
+ VbExEcEnteringMode(0, VB_EC_DEVELOPER);
+- VbDisplayScreen(cparams, VB_SCREEN_BLANK, 0, &vnc);
++ VbDisplayScreen(cparams, VB_SCREEN_BLANK, 0, &vnc, NULL);
+
+ } else {
+ /* Normal boot */
+diff --git a/firmware/lib/vboot_display.c b/firmware/lib/vboot_display.c
+index 6d8ed92..84b7961 100644
+--- a/firmware/lib/vboot_display.c
++++ b/firmware/lib/vboot_display.c
+@@ -321,7 +321,7 @@ VbError_t VbDisplayScreenFromGBB(VbCommonParams *cparams, uint32_t screen,
+ */
+ static VbError_t VbDisplayScreenLegacy(VbCommonParams *cparams, uint32_t screen,
+ int force, VbNvContext *vncptr,
+- uint32_t locale)
++ uint32_t locale, VbDisplayInfo *info)
+ {
+ VbError_t retval;
+
+@@ -336,7 +336,7 @@ static VbError_t VbDisplayScreenLegacy(VbCommonParams *cparams, uint32_t screen,
+ VbExDisplayBacklight(VB_SCREEN_BLANK == screen ? 0 : 1);
+
+ /* Display default first */
+- if (VBERROR_SUCCESS == VbExDisplayScreen(screen, locale))
++ if (VBERROR_SUCCESS == VbExDisplayScreen(screen, locale, info))
+ return VBERROR_SUCCESS;
+
+ /* If default doesn't have anything to show, fall back to GBB bitmaps */
+@@ -344,7 +344,7 @@ static VbError_t VbDisplayScreenLegacy(VbCommonParams *cparams, uint32_t screen,
+ }
+
+ VbError_t VbDisplayScreen(VbCommonParams *cparams, uint32_t screen,
+- int force, VbNvContext *vncptr)
++ int force, VbNvContext *vncptr, VbDisplayInfo *info)
+ {
+ uint32_t locale;
+ VbError_t rv;
+@@ -357,7 +357,7 @@ VbError_t VbDisplayScreen(VbCommonParams *cparams, uint32_t screen,
+ VbNvGet(vncptr, VBNV_LOCALIZATION_INDEX, &locale);
+
+ rv = VbDisplayScreenLegacy(cparams, screen, force, vncptr,
+- locale);
++ locale, info);
+
+ if (rv == VBERROR_SUCCESS)
+ /* Keep track of the currently displayed screen */
+@@ -560,7 +560,7 @@ VbError_t VbDisplayDebugInfo(VbCommonParams *cparams, VbNvContext *vncptr)
+ uint32_t i;
+
+ /* Blank screen */
+- VbDisplayScreen(cparams, VB_SCREEN_BLANK, 1, vncptr);
++ VbDisplayScreen(cparams, VB_SCREEN_BLANK, 1, vncptr, NULL);
+
+ /* Add hardware ID */
+ VbRegionReadHWID(cparams, hwid, sizeof(hwid));
+@@ -725,13 +725,14 @@ VbError_t VbCheckDisplayKey(VbCommonParams *cparams, uint32_t key,
+ #endif
+
+ /* Force redraw of current screen */
+- return VbDisplayScreen(cparams, disp_current_screen, 1, vncptr);
++ return VbDisplayScreen(cparams, disp_current_screen, 1, vncptr,
++ NULL);
+ }
+
+ if (0 == memcmp(MagicBuffer, MAGIC_WORD, MAGIC_WORD_LEN)) {
+ if (VBEASTEREGG)
+ (void)VbDisplayScreen(cparams, disp_current_screen,
+- 1, vncptr);
++ 1, vncptr, NULL);
+ }
+
+ return VBERROR_SUCCESS;
+diff --git a/firmware/stub/vboot_api_stub.c b/firmware/stub/vboot_api_stub.c
+index 717c0f8..c086195 100644
+--- a/firmware/stub/vboot_api_stub.c
++++ b/firmware/stub/vboot_api_stub.c
+@@ -41,7 +41,8 @@ VbError_t VbExDisplaySetDimension(uint32_t width, uint32_t height)
+ return VBERROR_SUCCESS;
+ }
+
+-VbError_t VbExDisplayScreen(uint32_t screen_type, uint32_t locale)
++VbError_t VbExDisplayScreen(uint32_t screen_type, uint32_t locale,
++ VbDisplayInfo *info)
+ {
+ return VBERROR_SUCCESS;
+ }
+diff --git a/tests/vboot_api_devmode_tests.c b/tests/vboot_api_devmode_tests.c
+index abd8e85..6e8afbd 100644
+--- a/tests/vboot_api_devmode_tests.c
++++ b/tests/vboot_api_devmode_tests.c
+@@ -265,7 +265,8 @@ VbError_t VbExBeep(uint32_t msec, uint32_t frequency) {
+ return beep_return;
+ }
+
+-VbError_t VbExDisplayScreen(uint32_t screen_type, uint32_t locale) {
++VbError_t VbExDisplayScreen(uint32_t screen_type, uint32_t locale,
++ VbDisplayInfo *info) {
+ switch(screen_type) {
+ case VB_SCREEN_BLANK:
+ VBDEBUG(("VbExDisplayScreen(BLANK)\n"));
+diff --git a/tests/vboot_api_kernel2_tests.c b/tests/vboot_api_kernel2_tests.c
+index 433933b..d44fc1e 100644
+--- a/tests/vboot_api_kernel2_tests.c
++++ b/tests/vboot_api_kernel2_tests.c
+@@ -185,7 +185,7 @@ uint32_t VbTryLoadKernel(VbCommonParams *cparams, LoadKernelParams *p,
+ }
+
+ VbError_t VbDisplayScreen(VbCommonParams *cparams, uint32_t screen, int force,
+- VbNvContext *vncptr)
++ VbNvContext *vncptr, VbDisplayInfo *info)
+ {
+ if (screens_count < ARRAY_SIZE(screens_displayed))
+ screens_displayed[screens_count++] = screen;
+diff --git a/tests/vboot_api_kernel3_tests.c b/tests/vboot_api_kernel3_tests.c
+index 3eddb73..0403c71 100644
+--- a/tests/vboot_api_kernel3_tests.c
++++ b/tests/vboot_api_kernel3_tests.c
+@@ -195,7 +195,7 @@ VbError_t VbExEcUpdateImage(int devidx, enum VbSelectFirmware_t select,
+ }
+
+ VbError_t VbDisplayScreen(VbCommonParams *cparams, uint32_t screen, int force,
+- VbNvContext *vncptr)
++ VbNvContext *vncptr, VbDisplayInfo *info)
+ {
+ if (screens_count < ARRAY_SIZE(screens_displayed))
+ screens_displayed[screens_count++] = screen;
+--
+2.10.2
+
diff --git a/projects/vboot/vboot b/projects/vboot/vboot
new file mode 100755
index 00000000..2a062023
--- /dev/null
+++ b/projects/vboot/vboot
@@ -0,0 +1,147 @@
+#!/bin/bash
+
+# Copyright (C) 2016 Paul Kocialkowski <contact@paulk.fr>
+#
+# This program is free software: you can redistribute it and/or modify
+# it under the terms of the GNU General Public License as published by
+# the Free Software Foundation, either version 3 of the License, or
+# (at your option) any later version.
+#
+# This program is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with this program. If not, see <http://www.gnu.org/licenses/>.
+
+arguments() {
+ project_arguments_targets "$project" "$@"
+}
+
+usage() {
+ project_usage_actions "$project" "checkout"
+ project_usage_arguments "$project" "$@"
+}
+
+download() {
+ local repository=$project
+
+ project_download_git "$project" "$repository" "https://chromium.googlesource.com/chromiumos/platform/vboot_reference https://review.coreboot.org/vboot.git https://github.com/coreboot/vboot.git" "$@"
+}
+
+download_check() {
+ project_download_check_git "$project" "$repository" "$@"
+}
+
+extract() {
+ project_extract "$project" "$@"
+}
+
+extract_check() {
+ project_extract_check "$project" "$@"
+}
+
+update() {
+ local repository=$project
+
+ project_update_git "$project" "$repository" "$@"
+}
+
+update_check() {
+ local repository=$project
+
+ project_update_check_git "$project" "$repository" "$@"
+}
+
+checkout() {
+ local repository=$project
+
+ if git_project_check "$repository"
+ then
+ git_project_checkout "$project" "$repository" "$@"
+ fi
+}
+
+build() {
+ local target=$1
+
+ local repository=$project
+
+ project_sources_directory_missing_empty_error "$project" "$repository" "$@"
+
+ if git_project_check "$repository"
+ then
+ git_project_checkout "$project" "$repository" "$@"
+ fi
+
+ if [ "$target" = "tools" ]
+ then
+ local sources_path=$( project_sources_path "$project" "$repository" "$@" )
+ local build_path=$( project_build_path "$project" "$@" )
+
+ mkdir -p "$build_path"
+
+ make -C "$sources_path" BUILD="$build_path" -j$TASKS "host_stuff"
+ make -C "$sources_path" BUILD="$build_path" -j$TASKS "host_stuff"
+
+ cp -r "$sources_path/tests/devkeys" "$build_path"
+ fi
+}
+
+build_check() {
+ local target=$1
+
+ if [ "$target" = "tools" ]
+ then
+ project_build_check "$project" "$@"
+ fi
+}
+
+install() {
+ local target=$1
+
+ if [ "$target" = "tools" ]
+ then
+ project_install "$project" "$@"
+ fi
+}
+
+install_check() {
+ local target=$1
+
+ if [ "$target" = "tools" ]
+ then
+ project_install_check "$project" "$@"
+ fi
+}
+
+release() {
+ local target=$1
+
+ local repository=$project
+
+ if [ "$target" = "tools" ]
+ then
+ project_release_install_archive "$project" "$TOOLS" "$@"
+ fi
+
+ project_release_sources_git "$project" "$repository" "$@"
+}
+
+release_check() {
+ local target=$1
+
+ local repository=$project
+
+ if [ "$target" = "tools" ]
+ then
+ project_release_install_archive_check "$project" "$TOOLS" "$@"
+ fi
+
+ project_release_check_sources_git "$project" "$repository" "$@"
+}
+
+clean() {
+ project_clean "$project" "$@"
+}