Patrick Georgi submitted this change.
Doc/security/vboot: Add a script generated device list
Add a script generated list of vboot enabled devices to the
documentation. Add a entry to the release checklist.
Change-Id: Ibb57d26c5f0cb8efd27ca9a97fd762c25b566f93
Signed-off-by: Marcello Sylvester Bauer <sylv@sylv.io>
Reviewed-on: https://review.coreboot.org/c/coreboot/+/39200
Tested-by: build bot (Jenkins) <no-reply@coreboot.org>
Reviewed-by: Patrick Rudolph <patrick.rudolph@9elements.com>
Reviewed-by: Patrick Georgi <pgeorgi@google.com>
---
M Documentation/releases/checklist.md
M Documentation/security/vboot/index.md
A Documentation/security/vboot/list_vboot.md
A util/vboot_list/description.md
A util/vboot_list/vboot_list.sh
5 files changed, 283 insertions(+), 0 deletions(-)
diff --git a/Documentation/releases/checklist.md b/Documentation/releases/checklist.md
index 706d08e..ea05c20 100644
--- a/Documentation/releases/checklist.md
+++ b/Documentation/releases/checklist.md
@@ -68,6 +68,7 @@
- [ ] Test the commit selected for release.
- [ ] Update release notes with actual commit id, push to repo.
- [ ] Run release script.
+- [ ] Run vboot_list script.
- [ ] Test the release from the actual release tarballs.
- [ ] Push signed Tag to repo.
- [ ] Announce that the release tag is done on IRC.
diff --git a/Documentation/security/vboot/index.md b/Documentation/security/vboot/index.md
index 400c2b5..997db8b 100644
--- a/Documentation/security/vboot/index.md
+++ b/Documentation/security/vboot/index.md
@@ -12,6 +12,8 @@
Google's vboot verifies the firmware and places measurements within the TPM.
+- [List of supported Devices](list_vboot.md)
+
***
## Root of Trust
diff --git a/Documentation/security/vboot/list_vboot.md b/Documentation/security/vboot/list_vboot.md
new file mode 100644
index 0000000..1bef823
--- /dev/null
+++ b/Documentation/security/vboot/list_vboot.md
@@ -0,0 +1,223 @@
+# VBOOT enabled devices
+
+## Emulation
+- QEMU x86 i440fx/piix4 (aka qemu -M pc)
+- QEMU x86 q35/ich9 (aka qemu -M q35, since v1.4)
+
+- Facebook Monolith
+
+- Auron_Paine (Acer C740 Chromebook)
+- Auron_Yuna (Acer Chromebook 15 (C910/CB5-531))
+- Buddy (Acer Chromebase 24)
+- Gandof (Toshiba Chromebook 2 (2015))
+- Lulu (Dell Chromebook 13 7310)
+- Samus (Google Chromebook Pixel (2015))
+- Mccloud (Acer Chromebox CXI)
+- Monroe (LG Chromebase 22CV241 & 22CB25S)
+- Panther (ASUS Chromebox CN60)
+- Tricky (Dell Chromebox 3010)
+- Zako (HP Chromebox G1)
+- Butterfly (HP Pavilion Chromebook 14)
+- Cheza
+- Banon (Acer Chromebook 15 (CB3-532))
+- Celes (Samsung Chromebook 3)
+- Cyan (Acer Chromebook R11 (C738T))
+- Edgar (Acer Chromebook 14 (CB3-431))
+- Kefka (Dell Chromebook 11 3180/3189)
+- Reks (Lenovo N22/N42 Chromebook)
+- Relm
+- Setzer (HP Chromebook 11 G5)
+- Terra (ASUS Chromebook C202SA/C300SA/C301SA)
+- Ultima (Lenovo Yoga 11e G3)
+- Wizpig
+- Daisy (Samsung Chromebook (2012))
+- DragonEgg
+- Drallion
+- Eve (Google Pixelbook)
+- Fizz
+- Karma
+- Endeavour
+- Foster
+- Gale (Google WiFi)
+- Asuka (Dell Chromebook 13 3380)
+- Caroline (Samsung Chromebook Pro)
+- Cave (Asus Chromebook Flip C302SA)
+- Chell (HP Chromebook 13 G1)
+- Glados Skylake Reference Board
+- Lars (Acer Chromebook 14 for Work (CP5-471))
+- Sentry (Lenovo Thinkpad 13 Chromebook)
+- Kevin (Samsung Chromebook Plus)
+- Gru
+- Bob (Asus Chromebook Flip C101PA)
+- Scarlet
+- Nefario
+- Rainier
+- Akemi
+- Dratini
+- Hatch
+- Jinlon
+- Kohaku
+- Kindred
+- Helios
+- Mushu
+- Palkia
+- Nightfury
+- Puff
+- Helios_Diskswap
+- Stryke
+- Guado (ASUS Chromebox CN62)
+- Jecht
+- Rikku (Acer Chromebox CXI2)
+- Tidus (Lenovo ThinkCentre Chromebox)
+- Aleena
+- Careena
+- Grunt
+- Liara
+- Nuwani
+- Treeya
+- Kukui
+- Krane
+- Kodama
+- Kakadu
+- Flapjack
+- Jacuzzi
+- Juniper
+- Kappa
+- Damu
+- Link (Google Chromebook Pixel (2013))
+- Mistral
+- Nyan
+- Nyan Big (Acer Chromebook 13 (CB5-311))
+- Nyan Blaze (HP Chromebook 14 G3)
+- Oak
+- Elm (Acer Chromebook R13)
+- Hana (Lenovo N23 Yoga Chromebook)
+- Parrot (Acer C7/C710 Chromebook)
+- Peach Pit (Samsung Chromebook 2 11\")
+- Atlas
+- Poppy
+- Nami
+- Nautilus
+- Nocturne
+- Rammus
+- Soraka
+- Banjo (Acer Chromebook 15 (CB3-531))
+- Candy (Dell Chromebook 11 3120)
+- Clapper (Lenovo N20 Chromebook)
+- Enguarde
+- Glimmer (Lenovo ThinkPad 11e Chromebook)
+- Gnawty (Acer Chromebook 11 (CB3-111/131,C730/C730E/C735))
+- Heli (Haier Chromebook G2)
+- Kip (HP Chromebook 11 G3 / G4 / G4 EE)
+- Ninja (AOpen Chromebox Commercial)
+- Orco (Lenovo 100S Chromebook)
+- Quawks (ASUS Chromebook C300)
+- Squawks (ASUS Chromebook C200)
+- Rambi
+- Sumo (AOpen Chromebase Commercial)
+- Swanky (Toshiba Chromebook 2)
+- Winky (Samsung Chromebook 2 (XE500C12))
+- Reef/Electro (Acer Chromebook Spin 11 R751T)
+- Pyro (Lenovo Thinkpad (Yoga) 11e Chromebook)
+- Sand (Acer Chromebook 15 CB515-1HT/1H)
+- Snappy (HP Chromebook x360 11 G1 EE)
+- Nasher
+- Coral
+- Arcada
+- Sarien
+- Falco (HP Chromebook 14)
+- Leon (Toshiba Chromebook)
+- Peppy (Acer C720/C720P Chromebook)
+- Wolf (Dell Chromebook 11)
+- Smaug (Google Pixel C)
+- Storm (OnHub Router TGR1900)
+- Stout (Lenovo Thinkpad X131e Chromebook)
+- Trogdor
+- Veyron_Jaq (Haier Chromebook 11)
+- Veyron_Jerry (Hisense Chromebook 11)
+- Veyron_Mighty (Haier Chromebook 11(edu))
+- Veyron_Minnie (ASUS Chromebook Flip C100)
+- Veyron_Speedy (ASUS C201 Chromebook)
+- Veyron_Mickey (Asus Chromebit CS10)
+- Veyron_Rialto
+
+## HP
+- Z220 SFF Workstation
+
+## Intel
+- Basking Ridge CRB
+- Cannonlake U LPDDR4 RVP
+- Cannonlake Y LPDDR4 RVP
+- Coffeelake U SO-DIMM DDR4 RVP
+- Coffeelake H SO-DIMM DDR4 RVP11
+- Whiskeylake U DDR4 RVP
+- Coffeelake S U-DIMM DDR4 RVP8
+- Cometlake U DDR4 RVP
+- Emerald Lake 2 CRB
+- Galileo
+- Glkrvp
+- Icelake U DDR4/LPDDR4 RVP
+- Icelake Y LPDDR4 RVP
+- Jasperlake DDR4/LPDDR4 RVP
+- Jasperlake DDR4/LPDDR4 RVP with Chrome EC
+- Kabylake LPDDR3 RVP3
+- Kabylake DDR3L RVP7
+- Kabylake DDR4 RVP8
+- Kabylake DDR4 RVP11
+- Kunimitsu
+- Strago
+- Tigerlake UP3 RVP
+- Tigerlake UP4 RVP
+- Whitetip Mountain 2 CRB
+
+## Lenovo
+- ThinkPad T400
+- ThinkPad T500
+- ThinkPad R400
+- ThinkPad R500
+- ThinkPad W500
+- ThinkPad T410
+- ThinkPad T420
+- ThinkPad T420s
+- ThinkPad T430
+- ThinkPad T430s
+- ThinkPad T431s
+- ThinkPad T440p
+- ThinkPad T520
+- ThinkPad W520
+- ThinkPad T530
+- ThinkPad W530
+- ThinkPad X131e
+- ThinkPad X1 carbon gen 1
+- ThinkPad X200 / X200s / X200t
+- ThinkPad X301
+- ThinkPad X201 / X201i / X201s / X201t
+- ThinkPad X220
+- ThinkPad X220i
+- ThinkPad X1
+- ThinkPad X230
+- ThinkPad X230t
+
+## OpenCellular
+- Elgon (GBCv2)
+
+## SAMSUNG
+- Lumpy
+- Stumpy
+
+## Siemens
+- MC APL1
+- MC APL2
+- MC APL3
+- MC APL4
+- MC APL5
+- MC APL6
+
+## Supermicro
+- X11SSH-TF
+- X11SSM-F
+
+## UP
+- Squared
diff --git a/util/vboot_list/description.md b/util/vboot_list/description.md
new file mode 100644
index 0000000..b994557
--- /dev/null
+++ b/util/vboot_list/description.md
@@ -0,0 +1,2 @@
+Tools to generate a list of vboot enabled devices to the documentation
+`Bash`
diff --git a/util/vboot_list/vboot_list.sh b/util/vboot_list/vboot_list.sh
new file mode 100755
index 0000000..f3e8975
--- /dev/null
+++ b/util/vboot_list/vboot_list.sh
@@ -0,0 +1,55 @@
+#!/usr/bin/env bash
+
+TOP="$( cd "$( dirname "${BASH_SOURCE[0]}" )"/../.. >/dev/null 2>&1 && pwd )"
+MAINBOARDS="src/mainboard"
+OUTPUT_FILE=${1:-$TOP/Documentation/security/vboot/list_vboot.md}
+
+function has_vboot
+{
+ local DIR=$1
+
+ grep -rq "config VBOOT" $DIR
+ return $?
+}
+
+function get_vendor_name
+{
+ local VENDORDIR=$1
+
+ sed -n '/config VENDOR/{n;s/^[\t[:space:]]\+bool "\(.*\)"/\1/;p;}' \
+ $VENDORDIR/Kconfig.name
+}
+
+function get_board_name
+{
+ local BOARDDIR=$1
+
+ sed -n '/config BOARD/{n;s/^[\t[:space:]]\+bool "\(->\s\+\)\?\(.*\)"/\2/;p;}' \
+ $BOARDDIR/Kconfig.name
+}
+
+function list_vboot_boards
+{
+ local VENDORDIR=$1
+ for BOARD in $(ls -d $VENDORDIR/*/)
+ do
+ has_vboot $BOARD || continue
+ get_board_name $BOARD
+ done
+}
+
+function generate_vboot_list
+{
+for VENDOR in $(ls -d $TOP/$MAINBOARDS/*/)
+do
+ has_vboot $VENDOR || continue
+ echo -e "\n## $(get_vendor_name $VENDOR)"
+ IFS=$'\n'
+ for BOARD in $(list_vboot_boards $VENDOR)
+ do
+ echo "- $BOARD"
+ done
+done
+}
+
+(echo "# VBOOT enabled devices"; generate_vboot_list) > $OUTPUT_FILE
To view, visit change 39200. To unsubscribe, or for help writing mail filters, visit settings.