This repository was archived by the owner on Aug 24, 2022. It is now read-only.
[Don't merge] kernelflinger: Enable logs on user build #120
Conversation
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Currently the rot data passed to keymaster is not right. Boot header version is not considered and vbmeta digest is set to null instead of the actual value. Tracked-On: OAM-99885 Signed-off-by: ji, zhenlong z <zhenlong.z.ji@intel.com>
Pass boot_patchlevel to trusty via KM_CONFIGURE_BOOT_PATCHLEVEL. Tracked-On: OAM-99223 Signed-off-by: yuxincui <yuxin.cui@intel.com>
Android 12 introduced boot/vendorboot image v4 and bootconfig feature. Basing on the vts requirement, cmdline parameters prefixed with 'androidboot' should be moved to bootconfig. Tracked-On: OAM-100125 Signed-off-by: ji, zhenlong z <zhenlong.z.ji@intel.com>
Move this declaration to the tpm mixin group, so users can enable/disable the tpm feature by mixin config. Tracked-On: OAM-100190 Signed-off-by: ji, zhenlong z <zhenlong.z.ji@intel.com>
The feature support 3 part files together at least before, cover the file will split into two parts
such as:
flash super super.img.part01 super.img.part02
Tracked-On: OAM-100238
Signed-off-by: Ai, Ting <ting.a.ai@intel.com>
Get 5 attestation_ids from boot config, including brand, device, product, manufacturer and model. Get attestation_ids serial from DMI. Pass attestation_ids to trusty via KM_SET_ATTESTATION_IDS. Tracked-On: OAM-100070 Signed-off-by: yuxincui <yuxin.cui@intel.com>
Add new function trusty_late_init() which is called between ExitBootService() and kernel jumping. Currently, only activate_vtd_vmcall() is called in trusty_late_init(). Tracked-On: OAM-101009 Signed-off-by: Yadong Qi <yadong.qi@intel.com>
1. Add some code to support virtual ab ota. 2. Sync some code with bootctrl. Tracked-On: OAM-100724 Signed-off-by: ji, zhenlong z <zhenlong.z.ji@intel.com>
Tracked-On: OAM-102309 Signed-off-by: Chen, Gang G <gang.g.chen@intel.com>
Tracked-On: OAM-102363 Signed-off-by: Chen, Gang G <gang.g.chen@intel.com>
Tracked-On: OAM-102680 Signed-off-by: Chen, Gang G <gang.g.chen@intel.com>
Clang-14 was throwing out below build errror: hardware/intel/kernelflinger/libkernelflinger/qsort.c:87:7: error: performing pointer subtraction with a null pointer has undefined behavior [-Werror,-Wnull-pointer-subtraction] loop: SWAPINIT(a, es); Tracked-On: OAM-103588 Signed-off-by: svenate <salini.venate@intel.com>
Removed c99 flag to fix below build error: error: "BoringSSL must be built in C11 mode or higher." As per commit in external/boringssl: "Try to require C11 (in non-MSVC compilers). Update-Note: If the build fails with an error about C11, remove -std=c99 or -std=gnu99 from your build. Refcounting will get faster" Tracked-On: OAM-103588 Signed-off-by: svenate <salini.venate@intel.com>
Added definition for pthread_rwlock_t to fix below error: error: unknown type name 'pthread_rwlock_t'. Tracked-On: OAM-103588 Signed-off-by: Vinay Kompella <vinay.kompella@intel.com> Signed-off-by: svenate <salini.venate@intel.com>
Only erase the first 4KB of the partition and set to 0. fs_mgr will format the partiton if all 0 in first 4kB. 1. Reduce flash time for installer.efi 2. Reduce flash time for fastboot on userdebug build Tracked-On: OAM-103471 Signed-off-by: Chen, Gang G <gang.g.chen@intel.com>
Previously there is a patch to handle this kind of issue, but that patch didn't consider all the scenarios where this kind of issue may happen. Tracked-On: OAM-103641 Signed-off-by: jizhenlo <zhenlong.z.ji@intel.com>
If you use PC to burn the ISO image to USB stick, and forget to plug out the USB stick from PC, then reboot your PC with USB stick plugged. Celadon ISO image will be installed to the PC automatically without notification. Thus it will damage the data in your PC. So we add UI to ask the user to confirm if continue or stop flashing celadon images to this device to avoid data damage. Tracked-On: OAM-103788 Signed-off-by: Chen, Gang G <gang.g.chen@intel.com>
Tracked-On: OAM-105551 Signed-off-by: Zheng, XianjunX <xianjunx.zheng@intel.com>
Tracked-On: OAM-106989 Signed-off-by: Zheng, XianjunX <xianjunx.zheng@intel.com>
Stored rollback slots should be removed when status changes during fastboot flash scenario. Tracked-On: OAM-110759 Signed-off-by: Zhong,Fangjian <fangjian.zhong@intel.com>
This reverts commit 7de1dfc as adb reboot/factory reset results in longer boot time. Tracked-On: OAM-111128 Signed-off-by: Jeevaka Prabu Badrappan <jeevaka.badrappan@intel.com>
Stored rollback slots should be removed when status changes during fastboot flashing unlock scenario. Tracked-On: OAM-111253 Signed-off-by: Zhong,Fangjian <fangjian.zhong@intel.com>
GangSecurity
force-pushed
the
tpm
branch
2 times, most recently
from
c3fae51 to
5889c4c
Compare
Removing drm-verity support as it no longer supported by google. Original Jira - OAM-106853 Tracked-On: OAM-112683 Signed-off-by: Tanuj Tekriwal <tanuj.tekriwal@intel.com>
We were getting following build errors-:
Error-1: hardware/intel/kernelflinger/libkernelflinger/vbmeta_ias.c:199:40: error: incomplete definition of type 'struct evp_pkey_st'
if (EVP_PKEY_RSA != EVP_PKEY_type(pkey->type)) {
external/boringssl/include/openssl/base.h:424:16: note: forward declaration of 'struct evp_pkey_st'
Solution-: instead of defining as reference pointer for pkey->type, use
function method instead.
Error-2: external/boringssl/include/openssl/base.h:333:9: error: unknown type name 'ptrdiff_t'
Solution-: include stddef.h file to resolve cyclic dependency.
Error-3: external/boringssl/include/openssl/bytestring.h:382:70: warning: declaration of 'struct tm' will not be visible outside of this function [-Wvisibility]
Solution-: include declartion of this in header file.
Original Jira - OAM-106853
Tracked-On: OAM-112683
Signed-off-by: Ankit Agrawal <ankit.agarwal@intel.com>
Tracked-On: OAM-123524 Signed-off-by: Chen, Gang G <gang.g.chen@intel.com>
test done: boot Tracked-On: OAM-123665 Signed-off-by: Chen, Gang G <gang.g.chen@intel.com>
Test Done: build success Tracked-On: OAM-123760 Signed-off-by: Chen, Gang G <gang.g.chen@intel.com>
Check if SOS cmdline contains console parameter, if so, check if kernel cmdline contains a console of same type. If so, remove the kernel's console parameter. This patch also change SBL cmdline's position from beginning to the end of cmd_conf. Tracked-On: OAM-123651 Signed-off-by: Ni, Erchang <erchang.ni@intel.com> Signed-off-by: Chen, Gang G <gang.g.chen@intel.com>
If there is no USB connection in bootloader fastboot mode, device should enter to normal mode after timeout. Test Done: Boot, flash, boot to normal mode after USB timeout Tracked-On: OAM-123898 Signed-off-by: Chen, Gang G <gang.g.chen@intel.com>
Tracked-On: OAM-123671 Signed-off-by: jizhenlo <zhenlong.z.ji@intel.com>
Some code is designed to execute in QNX only, need to ensure the underlying hypervisor's type. Tracked-On: OAM-123671 Signed-off-by: jizhenlo <zhenlong.z.ji@intel.com>
kernelflinger needs to pass ROT and ROLLBACK info to optee through ivshmem. Tracked-On: OAM-123671 Signed-off-by: jizhenlo <zhenlong.z.ji@intel.com>
Addressed high priority coverity issues related to Uninitialized variables. Test done: Build and boot android success. Tracked-On: OAM-122325 Signed-off-by: Balakrishnan Unnithan <balakrishnan.unnithan@intel.com> Signed-off-by: Alam, Sahibex <sahibex.alam@intel.com>
Addressed high priority coverity issues related to Memory illegal accesses Test done: Build and boot android success. Tracked-On: OAM-122325 Signed-off-by: Balakrishnan Unnithan <balakrishnan.unnithan@intel.com> Signed-off-by: AlamIntel <sahibex.alam@intel.com>
Test Done: boot Tracked-On: OAM-124099 Signed-off-by: Chen, Gang G <gang.g.chen@intel.com>
The purpuse is reporting every stage of kernelflinger exection time to android. It will be convenient to measure performance data and track regression How to use: adb shell getprop | grep FWS Test done: boot success Tracked-On: OAM-124577 Signed-off-by: Chen, Gang G <gang.g.chen@intel.com>
Addressed high priority coverity issues related to Uninitialized variables. Test done: Build and boot android success. Tracked-On: OAM-124671 Signed-off-by: Balakrishnan Unnithan <balakrishnan.unnithan@intel.com> Signed-off-by: AlamIntel <sahibex.alam@intel.com>
Addressed Medium priority coverity issues related to Explicit null dereferenced & integer overflow Test done: Build and boot android success. Tracked-On: OAM-125584 Signed-off-by: Alam, Sahibex <sahibex.alam@intel.com>
Test done: update kf4sbl, boot/reboot normally Tracked-On: OAM-123673 Signed-off-by: Zhao, Shirley <shirley.zhao@intel.com>
Partition offset should be added Test Done: fastboot oem setvm <vm_partition> fastboot erase metadata fastboot erase userdata fastboot oem unsetvm Tracked-On: OAM-126214 Signed-off-by: Chen, Gang G <gang.g.chen@intel.com>
1. partition UUID should be: CAB9B00C-CC1B-4C0F-B932-82920DA52251 2. add the sbss section to put the array to the head of bss section 3. the section is align to 2M, so align to the head to save the 3M memory size. 4. add .sbss.pae section for pae directory to save the memory size 5. move the share memory to the first dump region. 6. align share memory region definition 7. fix the pae enable exception issue 8. add the dump progress Test Done: 1. android boot 2. crashdump function works Tracked-On: OAM-126307 Signed-off-by: Bo He <bo.he@intel.com> Signed-off-by: Haoyu Tang <haoyu.tang@intel.com>
Test Done: 1. android boot 2. crashdump function works Tracked-On: OAM-126307 Signed-off-by: Bo He <bo.he@intel.com> Signed-off-by: Haoyu Tang <haoyu.tang@intel.com>
use 32 bit variable to store 64 bit TSC value cause overflow. Test Done: Boot success Tracked-On: OAM-126232 Signed-off-by: Chen, Gang G <gang.g.chen@intel.com>
Test done: update kf4sbl, boot/reboot normally Tracked-On: OAM-126069 Signed-off-by: Zhao, Shirley <shirley.zhao@intel.com>
Some VM has TPM support requirement while others not, so one Kernelflinger image should support multi VMs case Test Done: 1. compile and boot 2. boot one KF image for multi-VMs Tracked-On: OAM-126340 Signed-off-by: Chen, Gang G <gang.g.chen@intel.com>
Test Done: CIV install and boot Tracked-On: OAM-126419 Signed-off-by: Chen, Gang G <gang.g.chen@intel.com>
Get ROT from OPTEE TPM if optee is enabled Tracked-On: OAM-126574 Signed-off-by: Gang G Chen <gang.g.chen@intel.com>
Test Done: boot/reboot several times work normally Tracked-On: OAM-126533 Signed-off-by: Zhao, Shirley <shirley.zhao@intel.com>
how to lock/unlock device: adb reboot bootloader fastboot flashing lock fastboot flahsing unlock Test Done: Boot Tracked-On: OAM-126606 Signed-off-by: Gang G Chen <gang.g.chen@intel.com>
The command is required by fastboot client Test Done: 1. Enter bootloader mode: adb reboot bootloader 2. reboot bootloader: fastboot reboot bootloader 3. bootloader will reboot Tracked-On: OAM-125596 Signed-off-by: Chen, Gang G <gang.g.chen@intel.com>
Sign up for free
to subscribe to this conversation on GitHub.
Already have an account?
Sign in.
20 participants
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
Signed-off-by: Chen Gang G gang.g.chen@intel.com