summaryrefslogtreecommitdiff
path: root/src/security
diff options
context:
space:
mode:
authorHung-Te Lin <hungte@chromium.org>2019-09-27 12:23:20 +0800
committerPatrick Georgi <pgeorgi@google.com>2019-09-30 11:33:20 +0000
commit117453e89010069561f15117ff8279dca1f635e4 (patch)
tree5575847ad0a319d0bd30e7a5359c4d060a3eff58 /src/security
parent544bc2693a515b5fa72c767d637a9f99f998a572 (diff)
downloadcoreboot-117453e89010069561f15117ff8279dca1f635e4.tar.xz
vboot: create board-specific test-only GBB HWID if not set
The HWID in vboot GBB is an identifier for machine model. On Chrome OS, that should be provisioned in manufacturing process (by collecting real hardware information), and will be checked in system startup. For bring up developers, they usually prefer to generate a test-only string for HWID. However that format was not well documented and cause problems. Further more, most Chromebooks are using HWID v3+ today while the test-only HWID is usually v2. Non-Chrome OS developers may also prefer their own format. To simplify development process, the GBB_CONFIG now defaults to empty string, and will be replaced by a board-specific test-only v2 HWID automatically. Developers can still override that in mainboard Kconfig if they prefer v3 or other arbitrary format. BUG=b:140067412 TEST=Built 'kukui' successfully. Removed kukui GBB config and built again, still seeing correct test HWID. Change-Id: I0cda17a374641589291ec8dfb1d66c553f7cbf35 Signed-off-by: Hung-Te Lin <hungte@chromium.org> Reviewed-on: https://review.coreboot.org/c/coreboot/+/35634 Tested-by: build bot (Jenkins) <no-reply@coreboot.org> Reviewed-by: Patrick Georgi <pgeorgi@google.com>
Diffstat (limited to 'src/security')
-rw-r--r--src/security/vboot/Kconfig7
-rw-r--r--src/security/vboot/Makefile.inc5
2 files changed, 11 insertions, 1 deletions
diff --git a/src/security/vboot/Kconfig b/src/security/vboot/Kconfig
index 1e372d86ba..d6d74cac73 100644
--- a/src/security/vboot/Kconfig
+++ b/src/security/vboot/Kconfig
@@ -228,7 +228,12 @@ menu "GBB configuration"
config GBB_HWID
string "Hardware ID"
- default "NOCONF HWID"
+ default ""
+ help
+ A hardware identifier for device. On Chrome OS this is used for auto
+ update and recovery, and will be generated when manufacturing by the
+ factory software, in a strictly defined format.
+ Leave empty to get a test-only Chrome OS HWID v2 string generated.
config GBB_BMPFV_FILE
string "Path to bmpfv image"
diff --git a/src/security/vboot/Makefile.inc b/src/security/vboot/Makefile.inc
index 3078e30e21..abb8863c02 100644
--- a/src/security/vboot/Makefile.inc
+++ b/src/security/vboot/Makefile.inc
@@ -239,6 +239,11 @@ $(obj)/gbb.stub: $(obj)/coreboot.rom $(FUTILITY)
mv $@.tmp $@
endif
+# Generate a test-only HWID
+ifeq ($(CONFIG_GBB_HWID),)
+CONFIG_GBB_HWID := $$($(top)/util/chromeos/gen_test_hwid.sh "$(CONFIG_MAINBOARD_PART_NUMBER)")
+endif
+
$(obj)/gbb.region: $(obj)/gbb.stub
@printf " SETUP GBB\n"
cp $< $@.tmp