Google Git
Sign in
chromium / chromiumos / platform / firmware / refs/heads/release-R70-11021.B
commit697a4648233394678c9d65c7d50c3c140b1aa684[log] [tgz]
authorHung-Te Lin <[email protected]>Thu Oct 11 06:52:47 2018
committerChromeOS Commit Bot <[email protected]>Fri Oct 12 05:28:49 2018
tree65a5e90351600d1d9ddba4b8c9ff74aed6a06e80
parent2913c4e264404048591088227b1a04fdfc9e8786 [diff]
pack_firmware: Keep extra firmware images in top level folder.

The signer bot does not process bin/*.bin, but currently all files
listed in EXTRA (which will be copied by CopyElfs) will live in bin/ sub
folder.

"Extra firmware images" is eliminated in M71+, so we want some simple
work around for M69 and M70, by copying files directly if the file
name looks like *.bin.

BUG=chromium:894324
TEST=Revert CL:*684050, then run: emerge-daisy chromeos-firmware-daisy;
     chromeos-firmwareupdate -V | grep '\.bin'
     # 7f5b0669d9f43b0075cded5688a0a343 *./bios-snow-2695.132.ro.bin
     # 673c3efd476ac9a803cfc2f724c24806 *./bios_rw.bin
     # 0d2c9045017a843ad16d492897481d88 *./ec-2695.132.bin
     # 3849d1915bc50fb1a9a168c648517d37 *./bios-snow-2695.132.rw.bin
     # e9306cb76c8e636b4f5847cc7702abe7 *./bios.bin

Change-Id: Ie718e7a7e14606f01f7fc934c8f8c7ece0e63be0
Reviewed-on: https://chromium-review.googlesource.com/c/1278545
Tested-by: Hung-Te Lin <[email protected]>
Trybot-Ready: Hung-Te Lin <[email protected]>
Reviewed-by: Mike Frysinger <[email protected]>
Commit-Queue: Hung-Te Lin <[email protected]>
1 file changed
tree: 65a5e90351600d1d9ddba4b8c9ff74aed6a06e80
  1. _docs/
  2. functest/
  3. lib/
  4. local_flashrom/
  5. pack_dist/
  6. sbin/
  7. src/
  8. test/
  9. unittests/
  10. utils/
  11. .gitignore
  12. COMMIT-QUEUE.ini
  13. LICENSE
  14. make_test_files.sh
  15. OWNERS
  16. pack_firmware.py
  17. pack_firmware_functest.py
  18. pack_firmware_unittest.py
  19. pack_firmware_utils.py
  20. pack_stub
  21. PRESUBMIT.cfg
  22. README.md
  23. setvars_template
README.md

ChromeOS Firmware Updater

This repository contains the firmware updater (chromeos-firmwareupdate) that will update firmware images related to verified boot, usually AP (also known as BIOS or MAIN) and EC.

Introduction

Auto update is one of the most important feature in Chrome OS. Updating firmware is one of the most complicated process, since all Chromebooks come with firmware that implemented verified boot and must be able to update in background silently.

Using Firmware Updater

The firmware updater was made as a “shellball”, a self-executable file containing updater logic (shell scripts), utility programs, and firmware images.

In all modes, updater will try to preserve few firmware data, for example the VPD sections (RO_VPD, RW_VPD), HWID and GBB flags (in GBB section).

Update manually

Usually you can find the updater in /usr/sbin/chromeos-firmwareupdate on a ChromeOS device (or the rootfs partition of a disk image).

To look at its contents (firmware images and versions):

chromeos-firmwareupdate -V

Usually for people who wants to “update all my firmware to right states”, do:

chromeos-firmwareupdate --mode=recovery

The recovery mode will try to update RO+RW if your write protection is not enabled, otherwise only RW.

If your are not sure about write protection status but you only want RW to be updated, run:

chromeos-firmwareupdate --mode=recovery --wp=1

The --wp argument will override you real write protection status.

Simulating ChromeOS Auto Update

The ChromeOS Auto Update (update_engine) runs updater in a different way - a two-step trial process.

If you want to simulate and test that, do:

chromeos-firmwareupdate --mode=autoupdate --wp=1

Building Firmware Updater

The updater is provided by the virtual/chromeos-firmware package in Chromium OS source tree, which will be replaced and includes the chromeos-base/chromeos-firmware-${BOARD} package in private board overlays.

To build an updater locally, in chroot run:

emerge-${BOARD} chromeos-firmware-${BOARD}

If your board overlay has defined USE flags bootimage or cros_ec, chromeos-firwmare-${BOARD} package will add dependency to firmware and EC source packages (chromeos-bootimage and chromeos-ec), and have the firmware images in /build/${BOARD}/firmware/{image,ec}.bin. A “local” updater will be also generated in /build/${BOARD}/firmware/updater.sh so you can run it to test the locally built firmware images.

In other words, you can remove bootimage and cros_ec in branches that you don't need firmware from source, for example the factory branches or ToT, especially if there are external partners who only has access to particular board private overlays. To do that, find the make.conf in board overlay and add USE="-bootimage -cros_ec".

Manipulating Firmware Updater Packages

The firmware updater packages lives in private board overlays: src/private-overlays/overlay-${BOARD}-private/chromeos-base/chromeos-firmware-${BOARD}/chromeos-firmware-${BOARD}-9999.ebuild. Find a template here in chromiumos-base/chromeos-firmware-null.

Usually there are few fields you have to fill:

CROS_FIRMWARE_MAIN_IMAGE

A reference to the Main (AP) firmware image, which usually comes from emerge-${BOARD} chromeos-booimage then /build/${BOARD}/firmware/image.bin.

Usually this implies both RO and RW. See CROS_FIRMWARE_MAIN_RW_IMAGE below for more information.

You have to run ebuild-${BOARD} chromeos-firmware-${BOARD}.ebuild manifest whenever you've changed the image files (CROS_FIRMWARE_*_IMAGE).

CROS_FIRMWARE_MAIN_RW_IMAGE

A reference to the Main (AP) firmware image and only used for RW sections.

If this value is set, CROS_FIRMWARE_MAIN_IMAGE will be used for RO and this will be used for RW.

CROS_FIRMWARE_EC_IMAGE

A reference to the Embedded Controller (EC) firmware image, which usually comes from emerge-${BOARD} chromeos-ec then /build/${BOARD}/firmware/ec.bin.

Technical Details

CROS_FIRMWARE_SCRIPT and packaging

The firmware updater is built by running pack_firmware.py, which collects firmware image and extra files, all files under pack_dist folder, archived by running shar, with a special bootstrap stub pack_stub.

Since the verified boot has been evolved with so much differences, we put the updating logic in different files according to the generation of firmware: pack_dist/updater*.sh. Most Chromebooks today should use updater4.sh.

Usually we will increase a “logic version” when the verified boot has been changed so much that the updater code for previous versions would almost won't work. Currently we have defined these versions (Use Developer Info page to find the mapping from board names to product names):

  • Version 1: (EOL) mario (CR48), using H2C BIOS.
  • Version 2: (EOL) alex and zgb.
  • Version 3: lumpy, stumpy, butterfly, stout, parrot.
  • Version 4: Everything after version 3 until now.
  • Version 5: Was created for vboot2, but now it's merged back to Version 4.

This will be mapped to what you should set in the CROS_FIRMWARE_SCRIPT value in ebuild files.

Updater logic

Here's a detailed list of how each updater mode works:

Diagram

  • --mode=autoupdate: Invoked by update_engine when a payload is installed.

    1. Check if WP is enabled.
    2. If WP is enabled, update RW / inactive and exit. After system reboot. The update_engine will invoke chromeos-setgoodfirmware after 60 secs, which will update or mark booted RW firmware to active.
    3. If WP is disabled, check if the RO section is same as CROS_FIRMWARE_MAIN_IMAGE. If yes, go 2. Otherwise, do --mode=recovery.

  • --mode=recovery: Invoked by recovery shim after installed.

    1. Check if WP is enabled.
    2. If WP is enabled, update both RW/A, RW/B and exit.
    3. If WP is disabled, update whole image except reserved sections (GBB, VPD). This includes RO, RW/A, and RW/B.

  • --mode=factory_install: Used for factory initial imaging.

    1. Check if WP is enabled, and exit with failure if enabled.
    2. Update whole image except reserved sections (GBB, VPD). This includes RO, RW/A, and RW/B.