flashrom_tester prints hints on how to modify hardware write protect
state as follows:
...
> connect the battery (and/or open the WP screw)
...
> disconnect the battery (and/or open the WP screw)
...
The first advice should be "[...] close the WP screw".
TEST=`flashrom_tester --flashrom_binary=$(which flashrom) \
internal Erase_and_Write Fail_to_verify`
Change-Id: I45f06db51e92e68bf724b13bdf5b31bba511d270
Signed-off-by: Brian Norris <briannorris@chromium.org>
Reviewed-on: https://review.coreboot.org/c/flashrom/+/82083
Reviewed-by: Hsuan-ting Chen <roccochen@google.com>
Reviewed-by: Evan Benn <evanbenn@gmail.com>
Reviewed-by: Anastasia Klimchuk <aklm@chromium.org>
Reviewed-by: Angel Pons <th3fanbus@gmail.com>
Tested-by: build bot (Jenkins) <no-reply@coreboot.org>
partial_lock_test (Lock_top_quad, Lock_bottom_quad, Lock_bottom_half,
and Lock_top_half) tries to:
1. Disable HWWP
2. Lock partial
3. Enable HWWP
4. Try to write the locked partial and expect a failure
...
The 4th step only works on flashrom binary since the binary will set
FLASHROM_FLAG_VERIFY_AFTER_WRITE=1 by default and it will error out
while verifying.
But libflashrom does not set any flag beforehand, so it has
FLASHROM_FLAG_VERIFY_AFTER_WRITE=0 and thus it will think the write
command works normally and raise no error. This causes the issue that
flashrom_tester with libflashrom has been failed until today.
To solve this issue, there are two solutions:
1. Take care of the default flags in libflashrom
2. Always pass --noverify to flashrom binary and verify it afterwards.
To make both methods more consistent, I fix it with approach 1.
BUG=b:304439294
BRANCH=none
TEST=flashrom_tester internal --libflashrom Lock_top_quad
Change-Id: I7a8ac0c0984fef3cd9e73ed8d8097ddf429e54b2
Signed-off-by: roccochen@chromium.com <roccochen@chromium.org>
Reviewed-on: https://review.coreboot.org/c/flashrom/+/79304
Reviewed-by: Anastasia Klimchuk <aklm@chromium.org>
Tested-by: build bot (Jenkins) <no-reply@coreboot.org>
flashrom cli supports include regions for all of read write and verify,
as well as omitting the read/write/verify file if an include region with
file is specified. Use an enum to allow only one operation at a time.
Unify the read and write region implementations.
BUG=b:235916336
BRANCH=None
TEST=None
Change-Id: I1cb46bb1b26949fd9c19949c43708a8b652e00da
Signed-off-by: Evan Benn <evanbenn@chromium.org>
Reviewed-on: https://review.coreboot.org/c/flashrom/+/71973
Tested-by: build bot (Jenkins) <no-reply@coreboot.org>
Reviewed-by: Peter Marheine <pmarheine@chromium.org>
Reviewed-by: Edward O'Callaghan <quasisec@chromium.org>
Rename wp_toggle_test to wp_region_list_test. Make it test one thing,
wp_list. lock_test does the test of set_hw/set_sw functionality so that
was redundant here.
BUG=b:235916336
BRANCH=None
TEST=None
Change-Id: I314aa8d9708c39cc162a8d5e95ca3e019c2fb5b8
Signed-off-by: Evan Benn <evanbenn@chromium.org>
Reviewed-on: https://review.coreboot.org/c/flashrom/+/71971
Tested-by: build bot (Jenkins) <no-reply@coreboot.org>
Reviewed-by: Peter Marheine <pmarheine@chromium.org>
Reviewed-by: Edward O'Callaghan <quasisec@chromium.org>
None of these targets have been maintained or used for several years:
dediprog:
- Wasn't accepted by the argument filter in main.rs.
ec:
- Is incompatible with most tests because the EC only supports one
protection range.
servo:
- Has been broken for >3 years because it uses the programmer string
"ft2231_spi:type=servo-v2", where "ft2231" should be "ft2232".
BUG=b:239357853
BRANCH=none
TEST=flashrom_tester on dedede
Change-Id: Iee94f6bb5ff8c5451acb8bcaabf28119006d0ef5
Signed-off-by: Nikolai Artemiev <nartemiev@google.com>
Reviewed-on: https://review.coreboot.org/c/flashrom/+/69921
Tested-by: build bot (Jenkins) <no-reply@coreboot.org>
Reviewed-by: Edward O'Callaghan <quasisec@chromium.org>
partial_lock test was bypassing the WriteProtectState cache of the
software write protect by directly calling env.cmd.wp_range. It was also
unnesesarily disabling software WP. Fix those issues and more clearly
document what the test is doing and expecting.
BUG=b:244663741
BRANCH=None
TEST=flashrom_tester --libflashrom host
Change-Id: Ic3f89ff5d22e74e4e6c94e755b936e58cb27182d
Signed-off-by: Evan Benn <evanbenn@chromium.org>
Reviewed-on: https://review.coreboot.org/c/flashrom/+/69418
Reviewed-by: Peter Marheine <pmarheine@chromium.org>
Reviewed-by: Edward O'Callaghan <quasisec@chromium.org>
Tested-by: build bot (Jenkins) <no-reply@coreboot.org>
wp_toggle and wp_range had some confusing behaviour where enabling wp
would set a range, but disabling wp would not unset the range
(explicitly). This was a way to workaround the MTD kernel driver
semantics. Now make things very explicit, enabling software write
protect will set the range to the whole chip. Disabling write protect
will set the range to 0,0. This makes all drivers behave the same as
MTD, and documents the exact behaviour explicitly.
BUG=b:244663741
BRANCH=None
TEST=flashrom_tester --libflashrom host # MTD and non-MTD
TEST=flashrom_tester --flashrom_binary # MTD and non-MTD
Change-Id: Ia01d612d988e6580a7c5f0fd448ccc319ce9b181
Signed-off-by: Evan Benn <evanbenn@chromium.org>
Reviewed-on: https://review.coreboot.org/c/flashrom/+/69417
Tested-by: build bot (Jenkins) <no-reply@coreboot.org>
Reviewed-by: Edward O'Callaghan <quasisec@chromium.org>
Remove the WriteProtectState 'stack' implementation and the push
function. This functionality allowed states to be stacked and then
automatically unrolled via RAII lifetimes. This was useful. However this
unrolling could make errors in a flashrom_tester run much harder to
understand, as the actual failure would be followed by multiple write
protect calls that could subsequently fail, potentially causing panicing
inside the panic handler and the process to be hard aborted and the
restore golden image function would not be run.
The new approach is to prefer code simplicity. Ideally this makes errors
easier to diagnose from logs. To that end the lifetime has been
simplified. The stack has been removed. The mutex has been removed.
This means tests may not be running in the same environment they were
previously. However if they continue to specify their requirements with
set_sw and set_hw there will be no difference and the errors will be
clear.
BUG=b:259494812
BRANCH=None
TEST=flashrom_tester --libflashrom host
Change-Id: I1c4251f69b42a327383b8a99fa933f411feb9568
Signed-off-by: Evan Benn <evanbenn@chromium.org>
Reviewed-on: https://review.coreboot.org/c/flashrom/+/69401
Tested-by: build bot (Jenkins) <no-reply@coreboot.org>
Reviewed-by: Edward O'Callaghan <quasisec@chromium.org>
Document clearly what the test is doing and expects. Do not use the
push() function as it confuses the logs in the case of error.
BUG=b:258357944
BRANCH=None
TEST=flashrom_tester --libflashrom host Lock
Change-Id: Ibad559a8ff9696fd91f45bca9d9ceb6e90c41393
Signed-off-by: Evan Benn <evanbenn@chromium.org>
Reviewed-on: https://review.coreboot.org/c/flashrom/+/69400
Reviewed-by: Peter Marheine <pmarheine@chromium.org>
Reviewed-by: Edward O'Callaghan <quasisec@chromium.org>
Tested-by: build bot (Jenkins) <no-reply@coreboot.org>
Add the atty crate as a dependency. Print log and report in color only
when isatty is true.
BUG=b:246250254
BRANCH=None
TEST=ssh dut flashrom_tester # no color
TEST=ssh -t dut flashrom_tester # color
Change-Id: Ia3cc527fb98e53eda6773622340cf10764df2cba
Signed-off-by: Evan Benn <evanbenn@chromium.org>
Reviewed-on: https://review.coreboot.org/c/flashrom/+/69270
Tested-by: build bot (Jenkins) <no-reply@coreboot.org>
Reviewed-by: Angel Pons <th3fanbus@gmail.com>
Reviewed-by: Edward O'Callaghan <quasisec@chromium.org>
layout_file is part of the test environment, move it from a global to
a member of the TestEnv struct. This allows layout to be part of the
tempdir in a subsequent patch.
BUG=b:243460685
BRANCH=None
TEST=/usr/bin/flashrom_tester --flashrom_binary /usr/sbin/flashrom host
TEST=/usr/bin/flashrom_tester --libflashrom host
Change-Id: Ia7e8efeb4fbac0a46627f079956d671aed43f1c7
Signed-off-by: Evan Benn <evanbenn@chromium.org>
Reviewed-on: https://review.coreboot.org/c/flashrom/+/69063
Reviewed-by: Edward O'Callaghan <quasisec@chromium.org>
Reviewed-by: Angel Pons <th3fanbus@gmail.com>
Tested-by: build bot (Jenkins) <no-reply@coreboot.org>
flashrom_tester 'flashrom' crate was implemented using the flashrom
commandline. Add a second implementation using the libflashrom interface
via the libflashrom and libflashrom-sys rust bindings.
BUG=b:230545739
BRANCH=None
TEST=cargo test
TEST=on grunt (AMD)
TEST=/usr/bin/flashrom_tester --libflashrom host
TEST=/usr/bin/flashrom_tester --flashrom_binary /usr/sbin/flashrom host
Change-Id: Ic4db6c829d7e8dc707a10c10e1ca0d9b8abccdec
Signed-off-by: Evan Benn <evanbenn@chromium.org>
Reviewed-on: https://review.coreboot.org/c/flashrom/+/65282
Tested-by: build bot (Jenkins) <no-reply@coreboot.org>
Reviewed-by: Edward O'Callaghan <quasisec@chromium.org>
crossystem uses flashrom to gather data on some platforms. To avoid
firmware lock deadlock, call crossystem before initialising libflashrom.
When querying hardware write protect status, provide an argument to
crossystem so that only that field is queried. This also avoids the
deadlock, and improves performance.
BUG=b:239496316
BRANCH=None
TEST=on trogdor(arm), grunt(amd), hatch(intel):
TEST=flashrom_tester --libflashrom /usr/sbin/flashrom host Coreboot_ELOG_sanity
TEST=flashrom_tester /usr/sbin/flashrom host Coreboot_ELOG_sanity
Change-Id: I7d94cfc6ccbfbec91f12151eb0004724ccfc4e00
Signed-off-by: Evan Benn <evanbenn@chromium.org>
Reviewed-on: https://review.coreboot.org/c/flashrom/+/65962
Tested-by: build bot (Jenkins) <no-reply@coreboot.org>
Reviewed-by: Edward O'Callaghan <quasisec@chromium.org>
Write a newline after the hardware write protect prompt. Automated tests
read stdout and wait for this message, and split on newline, so write a
newline.
Also modify the function to not be recursive. Try to handle a closed
input correctly - panicing in that case. Behaviour is now to wait for
a newline instead of for 1 character.
BUG=b:240512896
BRANCH=None
TEST=tast run localhost:2222 firmware.FlashromTester
TEST=flashrom_tester < /dev/null
TEST=flashrom_tester; type some things, hold enter, then close stdin
Change-Id: I07ec242ca0d41787030d5d27fc88d78ed884d746
Signed-off-by: Evan Benn <evanbenn@chromium.org>
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/third_party/flashrom/+/3809595
Reviewed-by: Nikolai Artemiev <nartemiev@google.com>
Reviewed-on: https://review.coreboot.org/c/flashrom/+/66587
Tested-by: build bot (Jenkins) <no-reply@coreboot.org>
Reviewed-by: Angel Pons <th3fanbus@gmail.com>
Reviewed-by: Anastasia Klimchuk <aklm@chromium.org>
Reviewed-by: Edward O'Callaghan <quasisec@chromium.org>
Instead of printing stderr in each function separately, print all stderr
in the dispatch function.
BUG=None
BRANCH=None
TEST=/usr/bin/flashrom_tester --debug host Lock_top_quad
Change-Id: Id76f83c8c089537aa44aa13533c75900eb6ed175
Signed-off-by: Evan Benn <evanbenn@chromium.org>
Reviewed-on: https://review.coreboot.org/c/flashrom/+/65279
Reviewed-by: Edward O'Callaghan <quasisec@chromium.org>
Tested-by: build bot (Jenkins) <no-reply@coreboot.org>
built-0.3 depends on git2-0.9, which is our only user of url-1, which is
our only user of idna-0.1, which depends on rustc-serialize, which
suffers from RUSTSEC-2022-0004. That's a mouthful :)
BUG=b:239449434
TEST=CQ
BRANCH=none
Change-Id: I0d39b417fd2291838e85f91a2af1c8a4fe28a6c2
Signed-off-by: George Burgess IV <gbiv@google.com>
Signed-off-by: Evan Benn <evanbenn@chromium.org>
Reviewed-on: https://review.coreboot.org/c/flashrom/+/66140
Tested-by: build bot (Jenkins) <no-reply@coreboot.org>
Reviewed-by: Angel Pons <th3fanbus@gmail.com>
write_file_with_layout test was checking that writing to a region was
failing, and assuming that was because write protect is working as
expected. Other failures are possible, so check that a write to a non
write protected region can succeed.
BUG=b:235916336
BRANCH=None
TEST=/usr/bin/flashrom_tester --debug host Lock_top_quad
Change-Id: I2b220f323e259f5c7bfae06f6cf996b22e264555
Signed-off-by: Evan Benn <evanbenn@chromium.org>
Reviewed-on: https://review.coreboot.org/c/flashrom/+/65278
Reviewed-by: Edward O'Callaghan <quasisec@chromium.org>
Reviewed-by: Peter Marheine <pmarheine@chromium.org>
Tested-by: build bot (Jenkins) <no-reply@coreboot.org>
Use a type implementing Error instead of a string for errors. Error
implements Display so can be easily converted to a String. This will
allow libflashrom to be more easily integrated.
BUG=b:230545739
BRANCH=None
TEST=cargo test
Change-Id: Id166053c7edfd07576e7823692cfa0ea4d438948
Signed-off-by: Evan Benn <evanbenn@chromium.org>
Reviewed-on: https://review.coreboot.org/c/flashrom/+/65277
Reviewed-by: Peter Marheine <pmarheine@chromium.org>
Tested-by: build bot (Jenkins) <no-reply@coreboot.org>
Reviewed-by: Edward O'Callaghan <quasisec@chromium.org>
Make elog_sanity_test read the elog region itself, instead of calling
out to elogtool. This avoids the need to subprocess and resolves
a deadlock when elogtool attempts to obtain a flash reading lock.
TEST=/usr/bin/flashrom_tester host Coreboot_ELOG_sanity
TEST=flashrom --image RW_ELOG -p host -r /tmp/file.tmp2 # comparison
TEST=hexdump the file and check magic signature == 0x474f4c45
Change-Id: I8ac63e15e063f9c0928e3e185154bb083b367ba9
Signed-off-by: Evan Benn <evanbenn@chromium.org>
Reviewed-on: https://review.coreboot.org/c/flashrom/+/65119
Tested-by: build bot (Jenkins) <no-reply@coreboot.org>
Reviewed-by: Peter Marheine <pmarheine@chromium.org>
Reviewed-by: Edward O'Callaghan <quasisec@chromium.org>
To allow FlashromCmd to be reimplemented with libflashrom move all
concrete cmd functions into the FlashromCmd type that implements the
Flashrom trait. This allows users to be generalised upon the Flashrom
trait as the contract rather than the concrete FlashromCmd type.
Change-Id: Ie2b4e7e91d69043fd50d1c57f6585fc9946fab10
Signed-off-by: Evan Benn <evanbenn@chromium.org>
Reviewed-on: https://review.coreboot.org/c/flashrom/+/64849
Tested-by: build bot (Jenkins) <no-reply@coreboot.org>
Reviewed-by: Peter Marheine <pmarheine@chromium.org>
Reviewed-by: Edward O'Callaghan <quasisec@chromium.org>
An issue was discovered in the sys-info crate before 0.8.0 for Rust.
sys_info::disk_info calls can trigger a double free. To prevent any
potential problems, update this crate to version 0.9 (as of writing,
sys-info version 0.9.1 is the latest).
Refer to CVE-2020-36434 for more details about the sys-info crate bug.
TEST=Run `cargo build` in `util/flashrom_tester`, it still works fine.
Change-Id: I3b6b21e830ff3107860f7bcbfe2d58b29efe0c12
Signed-off-by: Angel Pons <th3fanbus@gmail.com>
Reviewed-on: https://review.coreboot.org/c/flashrom/+/63975
Reviewed-by: Edward O'Callaghan <quasisec@chromium.org>
Reviewed-by: Anastasia Klimchuk <aklm@chromium.org>
Reviewed-by: Peter Marheine <pmarheine@chromium.org>
Reviewed-by: Jack Rosenthal <jrosenth@chromium.org>
Reviewed-by: Tim Wawrzynczak <twawrzynczak@chromium.org>
Tested-by: build bot (Jenkins) <no-reply@coreboot.org>
Since interrupting the test process may be dangerous (leaving the flash
in an inconsistent state), we'll catch SIGINT and print a warning the
first time, also using it as a signal that we should stop at a
convenient time. Any following SIGINT will be handled as normal (killing
the process).
BUG=b:143251344
TEST=Run tool and verify it exits after a test with a single ^C, exits
immediately given two.
BRANCH=None
Original-Cq-Depend: chromium:2059548
Original-Change-Id: Ib8a7799cba6dbca57dc7f1d3c87521f132c21818
Original-Signed-off-by: Peter Marheine <pmarheine@chromium.org>
Original-Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/third_party/flashrom/+/2050050
Original-Tested-by: Edward O'Callaghan <quasisec@chromium.org>
Original-Reviewed-by: Edward O'Callaghan <quasisec@chromium.org>
Change-Id: If43aea0580fcc7e698daad2ffe085a3c9da5bc41
Signed-off-by: Edward O'Callaghan <quasisec@google.com>
Reviewed-on: https://review.coreboot.org/c/flashrom/+/49915
Tested-by: build bot (Jenkins) <no-reply@coreboot.org>
Reviewed-by: Angel Pons <th3fanbus@gmail.com>
The following is a E2E tester for a specific chip/chipset
combo. The tester itself is completely self-contained and
allows the user to specify which tests they wish to preform.
Supported tests include:
- chip-name
- read
- write
- erase
- wp-locking
Change-Id: Ic2905a76cad90b1546b9328d668bf8abbf8aed44
Signed-off-by: Edward O'Callaghan <quasisec@google.com>
Reviewed-on: https://review.coreboot.org/c/flashrom/+/38951
Tested-by: build bot (Jenkins) <no-reply@coreboot.org>
Reviewed-by: David Hendricks <david.hendricks@gmail.com>
