Chromium Code Reviews
chromiumcodereview-hr@appspot.gserviceaccount.com (chromiumcodereview-hr) | Please choose your nickname with Settings | Help | Chromium Project | Gerrit Changes | Sign out
(790)

Issues Search
    My Issues | Starred     Open | Closed | All

Side by Side Diff: README

Issue 2845001: Rework the vboot_reference make system. (Closed) Base URL: ssh://git@chromiumos-git/vboot_reference.git
Patch Set: Rework the vboot_reference make system. Created 10 years, 6 months ago
Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.
Jump to:
View unified diff | Download patch
« no previous file with comments | « Makefile ('k') | cgpt/Makefile » ('j') | no next file with comments »
Toggle Intra-line Diffs ('i') | Expand Comments ('e') | Collapse Comments ('c') | Show Comments Hide Comments ('s')
OLDNEW
1 This directory contains a reference implementation for Chrome OS 1 This directory contains a reference implementation for Chrome OS
2 verified boot in firmware. 2 verified boot in firmware.
3 3
4 ---------- 4 ----------
5 Directory Structure 5 Directory Structure
6 ---------- 6 ----------
7 7
8 The source is organized into distinct modules - 8 The source is organized into distinct modules -
9 9
10 vboot_firmware/ - Contains ONLY the code required by the BIOS to validate 10 vboot_firmware/ - Contains ONLY the code required by the BIOS to validate
11 the secure boot components. There shouldn't be any code in here that signs 11 the secure boot components. There shouldn't be any code in here that signs
12 or generates images. BIOS should require ONLY this directory to implement 12 or generates images. BIOS should require ONLY this directory to implement
13 secure boot. Refer to vboot_firmware/README for futher details. 13 secure boot. Refer to vboot_firmware/README for futher details.
14 14
15 cgptlib/ - Work in progress for handling GPT headers. Parts of this will no 15 cgptlib/ - Work in progress for handling GPT headers. Parts of this will no
16 doubt be migrated into vboot_firmware/ 16 doubt be migrated into vboot_firmware/
17 17
18 misclibs/ - Miscellaneous functions used by userland utilities. 18 misclibs/ - Miscellaneous functions used by userland utilities.
19 19
20 utility/ - Utilities for generating and verifying signed 20 utility/ - Utilities for generating and verifying signed
21 firmware and kernel images, as well as arbitrary blobs. 21 firmware and kernel images, as well as arbitrary blobs.
22 22
23 vfirmware/ and vkernel/ - Functions for generating, verifying, and 23 vfirmware/ and vkernel/ - Functions for generating, verifying, and
24 manipulating signed firmware and kernel images. 24 manipulating signed firmware and kernel images.
25 25
26 tests/ - User-land tests and benchmarks that test the reference 26 tests/ - User-land tests and benchmarks that test the reference
27 implementation. Please have a look at these if you'd like to 27 implementation. Please have a look at these if you'd like to
28 understand how to use the reference implementation. 28 understand how to use the reference implementation.
29 29
30 build/ - a directory where the generated files go to.
31
32 --------------------
33 Building and testing
34 --------------------
35
36 The suite can be built on the host or in the chroot environment.
37
38 Building on the host could fail if certain packages are not installed. If
39 there are host environment build problems due to missing .h files, try
40 researching what packages the files belong to and install the missing packages
41 before reporting a problem.
42
43 To build the software run
44
45 make
46
47 in the top level directory. The build output is placed in the ./build
48 directory.
49
50 To run the tests either invoke
51
52 RUNTESTS=1 make
53
54 in the top level directory or
55
56 cd tests
57 BUILD=../build make runtests
58
30 59
31 ---------- 60 ----------
32 Some useful utilities: 61 Some useful utilities:
33 ---------- 62 ----------
34 63
35 firmware_utility.c To generate verified boot firmware images. 64 firmware_utility.c To generate verified boot firmware images.
36 65
37 kernel_utility.c To generate verified boot kernel images. 66 kernel_utility.c To generate verified boot kernel images.
38 67
39 dumpRSAPublicKey.c Dump RSA Public key (from a DER-encoded X509 68 dumpRSAPublicKey.c Dump RSA Public key (from a DER-encoded X509
(...skipping 75 matching lines...) Expand 10 before | Expand all | Expand 10 after
115 144
116 ---------- 145 ----------
117 Generating a signed kernel image: 146 Generating a signed kernel image:
118 ---------- 147 ----------
119 148
120 The steps for generating a signed kernel image are similar to that of 149 The steps for generating a signed kernel image are similar to that of
121 a firmware image. Since verification is chained - RO firmware verifies 150 a firmware image. Since verification is chained - RO firmware verifies
122 RW firmware which verifies the kernel, only the keys change. An additional 151 RW firmware which verifies the kernel, only the keys change. An additional
123 kernel signing key must be generated. The firmware signing generated above 152 kernel signing key must be generated. The firmware signing generated above
124 is the root key equivalent for signed kernel images. 153 is the root key equivalent for signed kernel images.
OLDNEW
« no previous file with comments | « Makefile ('k') | cgpt/Makefile » ('j') | no next file with comments »

Powered by Google App Engine
This is Rietveld 408576698