From d8b597f33e75d04b84be7c9d7081a3b97821617d Mon Sep 17 00:00:00 2001 From: Paul Kocialkowski Date: Sun, 11 Oct 2015 11:48:46 -0400 Subject: Chromebook C201 (codename veyron_speedy) support This introduces Libreboot support for the Asus Chromebook C201 (codename veyron_speedy). At this point, this produces a standalone Libreboot image that can be flashed to the RO Coreboot partition of the SPI flash, as well as the Libreboot version that can be flash to the RO Firmware ID partition. Libreboot on the Chromebook C201 uses the depthcharge bootloader, modified to display text messages instead of ChromeOS bitmaps (that encourage the use of ChromeOS). For convenience, an installation script, chromebook-flash-replace, is provided along with a description of the flash layout, to ease the replacement of the Coreboot and RO Firmware ID partitions on the full SPI flash image. Signed-off-by: Paul Kocialkowski --- (limited to 'resources/depthcharge') diff --git a/resources/depthcharge/patch/0001-arm-armv7-a-march-abi-flag-for-ARMv7-hardware.patch b/resources/depthcharge/patch/0001-arm-armv7-a-march-abi-flag-for-ARMv7-hardware.patch new file mode 100644 index 0000000..f295a63 --- /dev/null +++ b/resources/depthcharge/patch/0001-arm-armv7-a-march-abi-flag-for-ARMv7-hardware.patch @@ -0,0 +1,30 @@ +From 095ae6281bb2d5bdab288fa042e5c4daa05c5ca3 Mon Sep 17 00:00:00 2001 +From: Paul Kocialkowski +Date: Mon, 3 Aug 2015 14:39:42 +0200 +Subject: [PATCH 1/7] arm: armv7-a march abi flag for ARMv7 hardware + +Specifying the march is required to get depthcharge to build with e.g. the arm +toolchain built by coreboot's crossgcc script. Without this flag, the toolchain +will complain that some ARM mrc/mcr ASM instructions are not defined. + +Signed-off-by: Paul Kocialkowski +--- + src/arch/arm/build_vars | 2 +- + 1 file changed, 1 insertion(+), 1 deletion(-) + +diff --git a/src/arch/arm/build_vars b/src/arch/arm/build_vars +index b2fce32..455e370 100644 +--- a/src/arch/arm/build_vars ++++ b/src/arch/arm/build_vars +@@ -17,7 +17,7 @@ + + VB_FIRMWARE_ARCH=arm + ifeq ($(CONFIG_ARCH_ARM_V7),y) +-ARCH_ABI_FLAGS += -mthumb ++ARCH_ABI_FLAGS += -mthumb -march=armv7-a + endif + + ifeq ($(CONFIG_ARCH_ARM_V8),y) +-- +1.9.1 + diff --git a/resources/depthcharge/patch/0002-Coreboot-image-integration-removal.patch b/resources/depthcharge/patch/0002-Coreboot-image-integration-removal.patch new file mode 100644 index 0000000..28ee21a --- /dev/null +++ b/resources/depthcharge/patch/0002-Coreboot-image-integration-removal.patch @@ -0,0 +1,33 @@ +From 4e7d727edf1939904bc516d569ceef9e295f454c Mon Sep 17 00:00:00 2001 +From: Paul Kocialkowski +Date: Mon, 3 Aug 2015 14:49:34 +0200 +Subject: [PATCH 2/7] Coreboot image integration removal + +There is no need to integrate the built depthcharge binary inside a coreboot +image right after building it, coreboot will handle this on its own. + +Signed-off-by: Paul Kocialkowski +--- + src/Makefile.inc | 6 ------ + 1 file changed, 6 deletions(-) + +diff --git a/src/Makefile.inc b/src/Makefile.inc +index a73785b..564dd13 100644 +--- a/src/Makefile.inc ++++ b/src/Makefile.inc +@@ -77,12 +77,6 @@ $(eval $(call declare_bin,$1,$2 $$$$(VB_LIB),$3)) + + $1.payload: $1.elf + @printf " PAYLOAD $$(subst $$(obj)/,,$$@)\n" +- $$(Q)-rm -f $1.rom $1.bb +- $$(Q)dd if=/dev/zero of=$1.bb bs=512 count=1 +- $$(Q)cbfstool $1.rom create -m $$(ARCH) -s 1024K -B $1.bb +- $$(Q)cbfstool $1.rom add-payload -f $$< -n dc.elf -c lzma +- $$(Q)cbfstool $1.rom extract -n dc.elf -f $$@ +- $$(Q)rm -f $1.rom $1.bb + + $(notdir $1)_unified: $1.bin $1.payload + PHONY += $(notdir $1)_unified +-- +1.9.1 + diff --git a/resources/depthcharge/patch/0003-DOTCONFIG-location-correction.patch b/resources/depthcharge/patch/0003-DOTCONFIG-location-correction.patch new file mode 100644 index 0000000..af070de --- /dev/null +++ b/resources/depthcharge/patch/0003-DOTCONFIG-location-correction.patch @@ -0,0 +1,29 @@ +From 72bb1a69cf6c0f58d3c1a8f6ba98334640818566 Mon Sep 17 00:00:00 2001 +From: Paul Kocialkowski +Date: Sun, 9 Aug 2015 12:06:28 +0200 +Subject: [PATCH 3/7] DOTCONFIG location correction + +The configuration file doesn't have to be in src and HAVE_DOTCONFIG holds its +current location. + +Signed-off-by: Paul Kocialkowski +--- + Makefile | 2 +- + 1 file changed, 1 insertion(+), 1 deletion(-) + +diff --git a/Makefile b/Makefile +index a1a9d33..13305cd 100644 +--- a/Makefile ++++ b/Makefile +@@ -73,7 +73,7 @@ all: help + + else + +-include $(src)/.config ++include $(HAVE_DOTCONFIG) + + ifeq ($(CONFIG_ARCH_X86),y) + ARCH = x86 +-- +1.9.1 + diff --git a/resources/depthcharge/patch/0004-Adaptation-for-a-read-only-boot-path-when-no-vboot-h.patch b/resources/depthcharge/patch/0004-Adaptation-for-a-read-only-boot-path-when-no-vboot-h.patch new file mode 100644 index 0000000..890791b --- /dev/null +++ b/resources/depthcharge/patch/0004-Adaptation-for-a-read-only-boot-path-when-no-vboot-h.patch @@ -0,0 +1,132 @@ +From 5ad9900434045ea97c536c98cb514bdb43114c12 Mon Sep 17 00:00:00 2001 +From: Paul Kocialkowski +Date: Sun, 9 Aug 2015 12:09:35 +0200 +Subject: [PATCH 4/7] Adaptation for a read-only boot path when no vboot + handoff data is found + +When no vboot handoff data is found, this makes the unified depthcharge build +attempt to follow the read-only boot path. + +vboot_select_firmware is called to grab the kernel key from the firmware header, +but it won't actually jump to a RW version of depthcharge. + +Signed-off-by: Paul Kocialkowski +--- + src/image/Makefile.inc | 1 + + src/image/startrw_stub.c | 34 ++++++++++++++++++++++++++++++++++ + src/vboot/main.c | 17 ++++++++++++++++- + src/vboot/util/commonparams-unified.c | 11 +++++++++-- + 4 files changed, 60 insertions(+), 3 deletions(-) + create mode 100644 src/image/startrw_stub.c + +diff --git a/src/image/Makefile.inc b/src/image/Makefile.inc +index 95aeda1..4b74c11 100644 +--- a/src/image/Makefile.inc ++++ b/src/image/Makefile.inc +@@ -18,6 +18,7 @@ + depthcharge-y += fmap.c + depthcharge-y += index.c + readonly-y += startrw.c ++unified-y += startrw_stub.c + + trampoline-y += load_elf.c + +diff --git a/src/image/startrw_stub.c b/src/image/startrw_stub.c +new file mode 100644 +index 0000000..8e40302 +--- /dev/null ++++ b/src/image/startrw_stub.c +@@ -0,0 +1,34 @@ ++/* ++ * Copyright 2012 Google Inc. ++ * ++ * See file CREDITS for list of people who contributed to this ++ * project. ++ * ++ * This program is free software; you can redistribute it and/or ++ * modify it under the terms of the GNU General Public License as ++ * published by the Free Software Foundation; either version 2 of ++ * the License, or (at your option) any later version. ++ * ++ * This program is distributed in the hope that it will be useful, ++ * but without any warranty; without even the implied warranty of ++ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the ++ * GNU General Public License for more details. ++ * ++ * You should have received a copy of the GNU General Public License ++ * along with this program; if not, write to the Free Software ++ * Foundation, Inc., 59 Temple Place, Suite 330, Boston, ++ * MA 02111-1307 USA ++ */ ++ ++#include ++#include ++ ++#include "base/elf.h" ++#include "image/enter_trampoline.h" ++#include "image/startrw.h" ++#include "image/symbols.h" ++ ++int start_rw_firmware(const void *compressed_image, uint32_t size) ++{ ++ return 0; ++} +diff --git a/src/vboot/main.c b/src/vboot/main.c +index 7dc05f5..97a218d 100644 +--- a/src/vboot/main.c ++++ b/src/vboot/main.c +@@ -82,6 +82,20 @@ static int vboot_init_handoff() + return vboot_do_init_out_flags(vboot_handoff->init_params.out_flags); + } + ++static int vboot_init_ro() ++{ ++ // Set up the common param structure, clearing shared data. ++ if (common_params_init(1)) ++ return 1; ++ ++ // Initialize vboot. ++ if (vboot_init()) ++ return 1; ++ ++ // Select firmware. ++ return vboot_select_firmware(); ++} ++ + int main(void) + { + // Let the world know we're alive. +@@ -108,7 +122,8 @@ int main(void) + + // Set up the common param structure, not clearing shared data. + if (vboot_init_handoff()) +- halt(); ++ if (vboot_init_ro()) ++ halt(); + + /* Fastboot is only entered in recovery path */ + if (vboot_in_recovery()) +diff --git a/src/vboot/util/commonparams-unified.c b/src/vboot/util/commonparams-unified.c +index 10fcb93..575dcfd 100644 +--- a/src/vboot/util/commonparams-unified.c ++++ b/src/vboot/util/commonparams-unified.c +@@ -28,7 +28,14 @@ + int find_common_params(void **blob, int *size) + { + struct vboot_handoff *vboot_handoff = lib_sysinfo.vboot_handoff; +- *blob = &vboot_handoff->shared_data[0]; +- *size = ARRAY_SIZE(vboot_handoff->shared_data); ++ ++ if (vboot_handoff != NULL) { ++ *blob = &vboot_handoff->shared_data[0]; ++ *size = ARRAY_SIZE(vboot_handoff->shared_data); ++ } else { ++ *blob = shared_data_blob; ++ *size = sizeof(shared_data_blob); ++ } ++ + return 0; + } +-- +1.9.1 + diff --git a/resources/depthcharge/patch/0005-Proper-firmware-index-report-for-read-only-boot-path.patch b/resources/depthcharge/patch/0005-Proper-firmware-index-report-for-read-only-boot-path.patch new file mode 100644 index 0000000..d883cbd --- /dev/null +++ b/resources/depthcharge/patch/0005-Proper-firmware-index-report-for-read-only-boot-path.patch @@ -0,0 +1,70 @@ +From dce70fb042d91ba74359a6dfb519f31d77e2c328 Mon Sep 17 00:00:00 2001 +From: Paul Kocialkowski +Date: Mon, 10 Aug 2015 20:24:50 +0200 +Subject: [PATCH 5/7] Proper firmware index report for read-only boot path + +When booting from a read-only boot path, the active firmware to report is RO. +This is detected with the lack of a vboot handoff pointer. + +Signed-off-by: Paul Kocialkowski +--- + src/vboot/crossystem/fdt.c | 2 +- + src/vboot/firmware_id.c | 6 +++++- + src/vboot/firmware_id.h | 1 + + 3 files changed, 7 insertions(+), 2 deletions(-) + +diff --git a/src/vboot/crossystem/fdt.c b/src/vboot/crossystem/fdt.c +index ca39dac..a79b192 100644 +--- a/src/vboot/crossystem/fdt.c ++++ b/src/vboot/crossystem/fdt.c +@@ -73,7 +73,7 @@ static int install_crossystem_data(DeviceTreeFixup *fixup, DeviceTree *tree) + nvstorage_flash_get_blob_size()); + } + +- int fw_index = vdat->firmware_index; ++ int fw_index = get_active_fw_index(vdat); + const char *fwid; + int fwid_size; + +diff --git a/src/vboot/firmware_id.c b/src/vboot/firmware_id.c +index 3662921..955bc84 100644 +--- a/src/vboot/firmware_id.c ++++ b/src/vboot/firmware_id.c +@@ -36,6 +36,7 @@ static struct fwid { + } fw_fmap_ops[] = { + {VDAT_RW_A, "RW_FWID_A", NULL, 0, "RW A: ID NOT FOUND"}, + {VDAT_RW_B, "RW_FWID_B", NULL, 0, "RW B: ID NOT FOUND"}, ++ {VDAT_RO, "RO_FRID", NULL, 0, "RO: ID NOT FOUND"}, + {VDAT_RECOVERY, "RO_FRID", NULL, 0, "RO: ID NOT FOUND"}, + }; + +@@ -130,10 +131,13 @@ static VbSharedDataHeader *get_vdat(void) + return NULL; + } + +-static inline int get_active_fw_index(VbSharedDataHeader *vdat) ++int get_active_fw_index(VbSharedDataHeader *vdat) + { + int fw_index = VDAT_UNKNOWN; + ++ if (lib_sysinfo.vboot_handoff == NULL) ++ return VDAT_RO; ++ + if (vdat) + fw_index = vdat->firmware_index; + +diff --git a/src/vboot/firmware_id.h b/src/vboot/firmware_id.h +index fb6f206..090e9d1 100644 +--- a/src/vboot/firmware_id.h ++++ b/src/vboot/firmware_id.h +@@ -49,6 +49,7 @@ int get_rwb_fw_size(void); + * Get firmware details for currently active fw type. It looks up vdat, + * identifies fw_index and returns appropriate id and size for that index. + */ ++int get_active_fw_index(VbSharedDataHeader *vdat); + const char *get_active_fw_id(void); + int get_active_fw_size(void); + +-- +1.9.1 + diff --git a/resources/depthcharge/patch/0006-fdt-nonvolatile-context-storage-report-to-mkbp-for-E.patch b/resources/depthcharge/patch/0006-fdt-nonvolatile-context-storage-report-to-mkbp-for-E.patch new file mode 100644 index 0000000..7b39db6 --- /dev/null +++ b/resources/depthcharge/patch/0006-fdt-nonvolatile-context-storage-report-to-mkbp-for-E.patch @@ -0,0 +1,30 @@ +From 9eb389b0273cf07add859cd162c1411d15806149 Mon Sep 17 00:00:00 2001 +From: Paul Kocialkowski +Date: Mon, 10 Aug 2015 20:30:14 +0200 +Subject: [PATCH 6/7] fdt: nonvolatile-context-storage report to mkbp for EC NV + storage + +This allows old versions of crossystem to detect that it should use mosys to +access NV storage in case it is stored on the EC. + +Signed-off-by: Paul Kocialkowski +--- + src/vboot/crossystem/fdt.c | 2 +- + 1 file changed, 1 insertion(+), 1 deletion(-) + +diff --git a/src/vboot/crossystem/fdt.c b/src/vboot/crossystem/fdt.c +index a79b192..0487513 100644 +--- a/src/vboot/crossystem/fdt.c ++++ b/src/vboot/crossystem/fdt.c +@@ -56,7 +56,7 @@ static int install_crossystem_data(DeviceTreeFixup *fixup, DeviceTree *tree) + dt_add_string_prop(node, "nonvolatile-context-storage","nvram"); + } else if (CONFIG_NV_STORAGE_CROS_EC) { + dt_add_string_prop(node, +- "nonvolatile-context-storage", "cros-ec"); ++ "nonvolatile-context-storage", "mkbp"); + } else if (CONFIG_NV_STORAGE_DISK) { + dt_add_string_prop(node, "nonvolatile-context-storage", "disk"); + dt_add_u32_prop(node, "nonvolatile-context-lba", +-- +1.9.1 + diff --git a/resources/depthcharge/patch/0007-vboot-Display-callbacks-for-developer-and-recovery-m.patch b/resources/depthcharge/patch/0007-vboot-Display-callbacks-for-developer-and-recovery-m.patch new file mode 100644 index 0000000..4de5a67 --- /dev/null +++ b/resources/depthcharge/patch/0007-vboot-Display-callbacks-for-developer-and-recovery-m.patch @@ -0,0 +1,208 @@ +From dc7421b033667ccbad3429e6ed118c849f3b05ca Mon Sep 17 00:00:00 2001 +From: Paul Kocialkowski +Date: Tue, 11 Aug 2015 11:22:54 +0200 +Subject: [PATCH 7/7] vboot: Display callbacks for developer and recovery mode + screens + +We don't want to use bitmaps stored in GBB since they recommend the use of non- +free software (Chrome OS), so this implements a text-based interface instead. + +Signed-off-by: Paul Kocialkowski +--- + src/vboot/callbacks/display.c | 157 ++++++++++++++++++++++++++++++++++++++---- + 1 file changed, 145 insertions(+), 12 deletions(-) + +diff --git a/src/vboot/callbacks/display.c b/src/vboot/callbacks/display.c +index efa0691..2341621 100644 +--- a/src/vboot/callbacks/display.c ++++ b/src/vboot/callbacks/display.c +@@ -84,9 +84,16 @@ void print_on_center(const char *msg) + print_string(msg); + } + +-VbError_t VbExDisplayScreen(uint32_t screen_type) ++VbError_t VbExDisplayScreen(uint32_t screen_type, VbNvContext *vnc) + { +- const char *msg = NULL; ++ unsigned int rows, cols; ++ uint32_t boot_signed_only = 0; ++ uint32_t boot_usb = 0; ++ const char *fw_id; ++ int fw_index; ++ void *blob = NULL; ++ int size = 0; ++ char *msg; + + /* + * Show the debug messages for development. It is a backup method +@@ -98,31 +105,157 @@ VbError_t VbExDisplayScreen(uint32_t screen_type) + video_console_clear(); + break; + case VB_SCREEN_DEVELOPER_WARNING: +- msg = "developer mode warning"; ++ video_console_clear(); ++ video_console_set_cursor(0, 0); ++ ++ if (vnc != NULL) { ++ VbNvGet(vnc, VBNV_DEV_BOOT_SIGNED_ONLY, ++ &boot_signed_only); ++ ++ VbNvGet(vnc, VBNV_DEV_BOOT_USB, &boot_usb); ++ } ++ ++ print_string( ++ "Welcome to developer mode!\n\n" ++ "Useful key combinations:\n" ++ "- Ctrl + H: Hold developer mode\n" ++ "- Ctrl + D: Continue booting\n"); ++ ++ if (boot_usb) ++ print_string("- Ctrl + U: Boot from external media\n"); ++ ++ print_string( ++ "- Ctrl + L: Boot from legacy media\n" ++ "- Ctrl + I: Show device information\n" ++ "- Space: Disable developer mode\n\n" ++ "This screen is shown for 3 seconds (if not held).\n\n"); ++ ++ if (vnc != NULL) { ++ if (!boot_signed_only) ++ print_string( ++ "Warning: this device will boot " ++ "unsigned kernels!\n"); ++ ++ if (boot_usb) ++ print_string( ++ "Warning: this device will boot from " ++ "external media!\n"); ++ ++ if (!boot_signed_only || boot_usb) ++ print_string("\n"); ++ } ++ ++ find_common_params(&blob, &size); ++ ++ if (blob != NULL) { ++ VbSharedDataHeader *vdat = (VbSharedDataHeader *) blob; ++ fw_index = get_active_fw_index(vdat); ++ fw_id = get_fw_id(fw_index); ++ ++ if (fw_id == NULL) ++ fw_id = "NOT FOUND"; ++ ++ print_string("Active firmware id: "); ++ print_string(fw_id); ++ ++ switch (fw_index) { ++ case VDAT_RW_A: ++ print_string(" (RW A)\n"); ++ break; ++ case VDAT_RW_B: ++ print_string(" (RW A)\n"); ++ break; ++ case VDAT_RO: ++ print_string(" (RO)\n"); ++ break; ++ default: ++ print_string(" (UNKNOWN)\n"); ++ break; ++ } ++ } + break; + case VB_SCREEN_DEVELOPER_EGG: +- msg = "easter egg"; ++ video_console_clear(); ++ print_on_center("Free as in Freedom!"); + break; + case VB_SCREEN_RECOVERY_REMOVE: +- msg = "remove inserted devices"; ++ video_console_clear(); ++ print_on_center( ++ "Please remove any external media before accessing " ++ "recovery screen."); + break; + case VB_SCREEN_RECOVERY_INSERT: +- msg = "insert recovery image"; +- break; + case VB_SCREEN_RECOVERY_NO_GOOD: +- msg = "insert image invalid"; ++ video_console_clear(); ++ print_string( ++ "Welcome to recovery mode!\n\n" ++ "Useful key combinations:\n" ++ "- Ctrl + D: Enable developer mode\n\n"); ++ ++ if (screen_type == VB_SCREEN_RECOVERY_NO_GOOD) ++ print_on_center( ++ "Invalid recovery media, please instert a " ++ "valid one."); ++ else ++ print_on_center( ++ "Please insert an external recovery media."); ++ break; ++ case VB_SCREEN_RECOVERY_TO_DEV: ++ video_console_clear(); ++ video_get_rows_cols(&rows, &cols); ++ ++ video_console_set_cursor(0, 0); ++ ++ print_string( ++ "Enabling developer mode will allow booting unsigned " ++ "kernels and booting from external media (when enabled " ++ "with crossystem).\n\n" ++ "Developer mode can be disabled via the developer mode " ++ "screen."); ++ ++ msg = "Developer mode will be enabled."; ++ video_console_set_cursor((cols - strlen(msg)) / 2, rows / 2); ++ print_string(msg); ++ ++ msg = "Press enter to confirm or escape to go back."; ++ video_console_set_cursor((cols - strlen(msg)) / 2, ++ rows / 2 + 2); ++ print_string(msg); ++ break; ++ case VB_SCREEN_DEVELOPER_TO_NORM: ++ video_console_clear(); ++ video_get_rows_cols(&rows, &cols); ++ ++ video_console_set_cursor(0, 0); ++ ++ print_string( ++ "Disabling developer mode will restrict boot to signed " ++ "kernels stored on internal memory only.\n\n" ++ "Developer mode can be enabled again via the recovery " ++ "mode screen."); ++ ++ msg = "Developer mode will be disabled."; ++ video_console_set_cursor((cols - strlen(msg)) / 2, rows / 2); ++ print_string(msg); ++ ++ msg = "Press enter to confirm or escape to go back."; ++ video_console_set_cursor((cols - strlen(msg)) / 2, ++ rows / 2 + 2); ++ print_string(msg); + break; + case VB_SCREEN_WAIT: +- msg = "wait for ec update"; ++ video_console_clear(); ++ print_on_center("Waiting for EC update..."); ++ break; ++ case VB_SCREEN_TO_NORM_CONFIRMED: ++ video_console_clear(); ++ print_on_center("Disabling developer mode."); + break; + default: + printf("Not a valid screen type: %d.\n", screen_type); + return VBERROR_INVALID_SCREEN_INDEX; + } + +- if (msg) +- print_on_center(msg); +- + return VBERROR_SUCCESS; + } + +-- +1.9.1 + -- cgit v0.9.1