1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
|
# SPDX-License-Identifier: GPL-2.0+
# Copyright (c) 2018 Google, Inc
# Written by Simon Glass <sjg@chromium.org>
#
# Support for a Chromium OS Google Binary Block, used to record read-only
# information mostly used by firmware.
from collections import OrderedDict
from u_boot_pylib import command
from binman.entry import Entry, EntryArg
from dtoc import fdt_util
from u_boot_pylib import tools
# Build GBB flags.
# (src/platform/vboot_reference/firmware/include/gbb_header.h)
gbb_flag_properties = {
'dev-screen-short-delay': 0x1,
'load-option-roms': 0x2,
'enable-alternate-os': 0x4,
'force-dev-switch-on': 0x8,
'force-dev-boot-usb': 0x10,
'disable-fw-rollback-check': 0x20,
'enter-triggers-tonorm': 0x40,
'force-dev-boot-legacy': 0x80,
'faft-key-override': 0x100,
'disable-ec-software-sync': 0x200,
'default-dev-boot-legacy': 0x400,
'disable-pd-software-sync': 0x800,
'disable-lid-shutdown': 0x1000,
'force-dev-boot-fastboot-full-cap': 0x2000,
'enable-serial': 0x4000,
'disable-dwmp': 0x8000,
}
class Entry_gbb(Entry):
"""An entry which contains a Chromium OS Google Binary Block
Properties / Entry arguments:
- hardware-id: Hardware ID to use for this build (a string)
- keydir: Directory containing the public keys to use
- bmpblk: Filename containing images used by recovery
Chromium OS uses a GBB to store various pieces of information, in particular
the root and recovery keys that are used to verify the boot process. Some
more details are here:
https://www.chromium.org/chromium-os/firmware-porting-guide/2-concepts
but note that the page dates from 2013 so is quite out of date. See
README.chromium for how to obtain the required keys and tools.
"""
def __init__(self, section, etype, node):
super().__init__(section, etype, node)
self.hardware_id, self.keydir, self.bmpblk = self.GetEntryArgsOrProps(
[EntryArg('hardware-id', str),
EntryArg('keydir', str),
EntryArg('bmpblk', str)])
# Read in the GBB flags from the config
self.gbb_flags = 0
flags_node = node.FindNode('flags')
if flags_node:
for flag, value in gbb_flag_properties.items():
if fdt_util.GetBool(flags_node, flag):
self.gbb_flags |= value
def ObtainContents(self):
gbb = 'gbb.bin'
fname = tools.get_output_filename(gbb)
if not self.size:
self.Raise('GBB must have a fixed size')
gbb_size = self.size
bmpfv_size = gbb_size - 0x2180
if bmpfv_size < 0:
self.Raise('GBB is too small (minimum 0x2180 bytes)')
keydir = tools.get_input_filename(self.keydir)
stdout = self.futility.gbb_create(
fname, [0x100, 0x1000, bmpfv_size, 0x1000])
if stdout is not None:
stdout = self.futility.gbb_set(
fname,
hwid=self.hardware_id,
rootkey='%s/root_key.vbpubk' % keydir,
recoverykey='%s/recovery_key.vbpubk' % keydir,
flags=self.gbb_flags,
bmpfv=tools.get_input_filename(self.bmpblk))
if stdout is not None:
self.SetContents(tools.read_file(fname))
else:
# Bintool is missing; just use the required amount of zero data
self.record_missing_bintool(self.futility)
self.SetContents(tools.get_bytes(0, gbb_size))
return True
def AddBintools(self, btools):
super().AddBintools(btools)
self.futility = self.AddBintool(btools, 'futility')
|