futility: make resign_firmwarefd.sh simply invoke futility

Since all of the functionality of the resign_firmwarefd.sh script
is built in to futility, let's just make that script invoke
futility to do the work. We'll come back and remove the script
entirely, once all outside references to it have been changed to
do the right thing.

BUG=chromium:224734
BRANCH=ToT
TEST=make runtests

Also tested by editing tests/futility/test_resign_firmware.sh to
invoke the resign_firmwarefd.sh script instead of futility.
Everything passed.

Signed-off-by: Bill Richardson <wfrichar@chromium.org>
Change-Id: Id068e551067a956cd7ddc3f9b9e23488261d8d94
Reviewed-on: https://chromium-review.googlesource.com/216716
Reviewed-by: Randall Spangler <rspangler@chromium.org>
Reviewed-on: https://chromium-review.googlesource.com/227870
Tested-by: Daisuke Nojiri <dnojiri@chromium.org>
Reviewed-by: Daisuke Nojiri <dnojiri@chromium.org>
Commit-Queue: Daisuke Nojiri <dnojiri@chromium.org>

4 files changed, 34 insertions, 213 deletions

diff --git a/futility/cmd_show.c b/futility/cmd_show.c
index 0f5eecdf..41377bc9 100644
--- a/futility/cmd_show.c
+++ b/futility/cmd_show.c
@@ -113,7 +113,7 @@ int futil_cb_show_gbb(struct futil_traverse_state_s *state)
 	       state->component == CB_GBB ? state->in_filename : state->name);
 	printf("  Version:               %d.%d\n",
 	       gbb->major_version, gbb->minor_version);
-	printf("  Flags:                 0x08%x\n", gbb->flags);
+	printf("  Flags:                 0x%08x\n", gbb->flags);
 	printf("  Regions:                 offset       size\n");
 	printf("    hwid                 0x%08x   0x%08x\n",
 	       gbb->hwid_offset, gbb->hwid_size);
diff --git a/futility/cmd_sign.c b/futility/cmd_sign.c
index f7481759..8c59fb21 100644
--- a/futility/cmd_sign.c
+++ b/futility/cmd_sign.c
@@ -40,6 +40,7 @@ struct local_data_s {
 	VbKeyBlockHeader *devkeyblock;
 	uint32_t version;
 	uint32_t flags;
+	int flags_specified;
 	char *loemdir;
 	char *loemid;
 } option = {
@@ -111,7 +112,7 @@ int futil_cb_sign_fw_preamble(struct futil_traverse_state_s *state)
 	case CB_FMAP_VBLOCK_A:
 		fw_body_area = &state->cb_area[CB_FMAP_FW_MAIN_A];
 		/* Preserve the flags if they're not specified */
-		if (!option.flags)
+		if (!option.flags_specified)
 			option.flags = preamble->flags;
 		break;
 	case CB_FMAP_VBLOCK_B:
@@ -129,8 +130,6 @@ int futil_cb_sign_fw_preamble(struct futil_traverse_state_s *state)
 	}
 
 	/* Update the firmware size */
-	fprintf(stderr, "HEY: set FW size from %d to %d\n",
-		fw_body_area->len, fw_size);
 	fw_body_area->len = fw_size;
 
 whatever:
@@ -376,12 +375,14 @@ static int do_sign(int argc, char *argv[])
 			break;
 
 		case 'f':
+			option.flags_specified = 1;
 			option.flags = strtoul(optarg, &e, 0);
 			if (!*optarg || (e && *e)) {
 				fprintf(stderr,
 					"Invalid --flags \"%s\"\n", optarg);
 				errorcnt++;
 			}
+			break;
 		case 'd':
 			option.loemdir = optarg;
 			break;
diff --git a/scripts/image_signing/resign_firmwarefd.sh b/scripts/image_signing/resign_firmwarefd.sh
index d45af92b..237d7cb2 100755
--- a/scripts/image_signing/resign_firmwarefd.sh
+++ b/scripts/image_signing/resign_firmwarefd.sh
@@ -1,66 +1,21 @@
 #!/bin/sh
 
-# Copyright (c) 2011 The Chromium OS Authors. All rights reserved.
+# Copyright (c) 2014 The Chromium OS Authors. All rights reserved.
 # Use of this source code is governed by a BSD-style license that can be
 # found in the LICENSE file.
 
-# Script to resign a firmware image using a different set of keys
-# for use on signing servers.
-#
-# arguments: src_fd, dst_fd, firmware_datakey, and firmware_keyblock
-#
-# src_fd: Input firmware image (in .fd format)
-# dst_fd: output firmware image name
-# firmware_datakey: Key used to sign firmware data (in .vbprivk format)
-# firmware_keyblock: Key block for firmware data key (in .keyblock format)
-#
-# Both the dump_fmap tool and vbutil_firmware should be in the system path.
-#
-# This script parses the output of dump_fmap tool
-#
-# to determine the regions in the image containing "Firmware [A|B] Data" and
-# "Firmware [A|B] Key", which contain firmware data and firmware vblocks
-# respectively. It will then generate new vblocks using the set of keys
-# passed as arguments and output a new firmware image, with this new firmware
-# vblocks the old ones.
-#
-# Here is an example output of "dump_fmap -p" (section name, offset, size):
-# Boot Stub 3932160 262144
-# GBB Area 3670016 262144
-# Recovery Firmware 2490368 1048576
-# RO VPD 2359296 131072
-# Firmware A Key 196608 65536
-# Firmware A Data 262144 851968
-# Firmware B Key 1114112 65536
-# Firmware B Data 1179648 851968
-# RW VPD 152064 4096
-# Log Volume 0 131072
-#
-# This shows that Firmware A Data is at offset 262144(0x40000) in the .fd image
-# and is of size 851968(0xd0000) bytes. This can be extracted to generate new
-# vblocks which can then replace old vblock for Firmware A ("Firmware A Key"
-# region at offset 196608(0x30000) and size 65536(0x10000) ).
-
-# Load common constants and variables.
-. "$(dirname "$0")/common_minimal.sh"
-
 # Abort on error
 set -e
 
-# Check arguments
-if [ $# -lt 7 ] || [ $# -gt 11 ]; then
-  echo "Usage: $PROG src_fd dst_fd firmware_datakey firmware_keyblock" \
-    "dev_firmware_datakey dev_firmware_keyblock kernel_subkey [version]" \
-    "[flag] [loem_output_dir] [loemid]" \
-  exit 1
-fi
+# This script is obsolete. The required functionality is now provided by the
+# compiled futility executable, so all this does is invoke that. This wrapper
+# should go away Real Soon Now.
+
 
-# Make sure the tools we need are available.
-for prog in cut dump_fmap md5sum vbutil_firmware; do
-  type "${prog}" &>/dev/null || \
-    { echo "${prog} tool not found."; exit 1; }
-done
+# Which futility to run?
+[ -z "$FUTILITY" ] && FUTILITY=futility
 
+# required
 SRC_FD=$1
 DST_FD=$2
 FIRMWARE_DATAKEY=$3
@@ -68,165 +23,30 @@ FIRMWARE_KEYBLOCK=$4
 DEV_FIRMWARE_DATAKEY=$5
 DEV_FIRMWARE_KEYBLOCK=$6
 KERNEL_SUBKEY=$7
+# optional
 VERSION=$8
-# This is the --flags in vbutil_firmware. It currently has only two values:
-# 0 for RW-NORMAL firmware, and 1 for RO-NORMAL firmware (search "two_stop
-# firmware" for more information).
 PREAMBLE_FLAG=$9
 LOEM_OUTPUT_DIR=${10}
 LOEMID=${11}
 
-# Disables using developer keyblocks
-disable_dev_keyblock() {
-  DEV_FIRMWARE_KEYBLOCK=$FIRMWARE_KEYBLOCK
-  DEV_FIRMWARE_DATAKEY=$FIRMWARE_DATAKEY
-}
-
-# Compares if the contents in given files are the same.
-is_the_same_binary_file() {
-  local hash1="$(md5sum -b "$1" | cut -d' ' -f1)"
-  local hash2="$(md5sum -b "$2" | cut -d' ' -f1)"
-  [ "$hash1" = "$hash2" ]
-}
-
-# Extract firmware body section from SRC_FD and truncate it to its body size
-extract_firmware_image() {
-  local label="$1"
-  local root_key="$2"
-  local vblock_offset="$3"
-  local vblock_size="$4"
-  local vblock_image="$5"
-  local fw_offset="$6"
-  local fw_size="$7"
-  local fw_image="$8"
-  local fw_body_size=""
-
-  dd if="${SRC_FD}" of="${vblock_image}" skip="${vblock_offset}" bs=1 \
-    count="${vblock_size}" 2>/dev/null
-  dd if="${SRC_FD}" of="${fw_image}" skip="${fw_offset}" bs=1 \
-    count="${fw_size}" 2>/dev/null
-  fw_body_size="$(vbutil_firmware \
-    --verify "${vblock_image}" \
-    --signpubkey "${root_key}" \
-    --fv "${fw_image}" |
-    grep "Firmware body size:" |
-    sed 's/.*: *//')" || fw_body_size="${fw_size}"
-  if [ "${fw_body_size}" -gt "${fw_size}" ]; then
-    echo -n "Firmware ${label} body size exceeds its section: "
-    echo    "${fw_body_size} > ${fw_size}"
-    return 1
-  elif [ "${fw_body_size}" -lt "${fw_size}" ]; then
-    dd if="${SRC_FD}" of="${fw_image}" skip="${fw_offset}" bs=1 \
-      count="${fw_body_size}" 2>/dev/null
-  fi
-}
-
-if [ -z "$VERSION" ]; then
-  VERSION=1
-fi
-echo "Using firmware version: $VERSION"
-
-if [ ! -e $DEV_FIRMWARE_KEYBLOCK ] || [ ! -e $DEV_FIRMWARE_DATAKEY ] ; then
-  echo "No dev firmware keyblock/datakey found. Reusing normal keys."
-  disable_dev_keyblock
-fi
-
-# Parse offsets and size of firmware data and vblocks
-for i in "A" "B"
-do
-  line=$(dump_fmap -p $1 | grep "^Firmware $i Key") ||
-  line=$(dump_fmap -p $1 | grep "^VBLOCK_$i") ||
-   { echo "Couldn't parse vblock section $i from dump_fmap output";
-     exit 1; }
-
-  offset="$(echo $line | sed -r -e 's/.* ([0-9]+) [0-9]+$/\1/')"
-  eval fw${i}_vblock_offset=$((offset))
-  size="$(echo $line | sed -r -e 's/.* [0-9]+ ([0-9]+)$/\1/')"
-  eval fw${i}_vblock_size=$((size))
-
-  line=$(dump_fmap -p $1 | grep "^Firmware $i Data") ||
-  line=$(dump_fmap -p $1 | grep "^FW_MAIN_$i") ||
-  { echo "Couldn't parse Firmware $i section from dump_fmap output";
-    exit 1; }
-
-  offset="$(echo $line | sed -r -e 's/.* ([0-9]+) [0-9]+$/\1/')"
-  eval fw${i}_offset=$((offset))
-  size="$(echo $line | sed -r -e 's/.* [0-9]+ ([0-9]+)$/\1/')"
-  eval fw${i}_size=$((size))
-done
-
-temp_fwimage_a=$(make_temp_file)
-temp_fwimage_b=$(make_temp_file)
-temp_out_vb=$(make_temp_file)
-temp_root_key=$(make_temp_file)
-
-echo "Reading Root Key from GBB"
-gbb_utility -g --rootkey="$temp_root_key" "${SRC_FD}"
-
-echo "Extracting Firmware A and B"
-extract_firmware_image "A" "${temp_root_key}" \
-  "${fwA_vblock_offset}" "${fwA_vblock_size}" "${temp_out_vb}" \
-  "${fwA_offset}" "${fwA_size}" "${temp_fwimage_a}"
-extract_firmware_image "B" "${temp_root_key}" \
-  "${fwB_vblock_offset}" "${fwB_vblock_size}" "${temp_out_vb}" \
-  "${fwB_offset}" "${fwB_size}" "${temp_fwimage_b}"
-
-echo "Determining preamble flag from existing firmware"
-if [ -n "$PREAMBLE_FLAG" ]; then
-  PREAMBLE_FLAG="--flags $PREAMBLE_FLAG"
-else
-  dd if="${SRC_FD}" of="${temp_out_vb}" skip="${fwA_vblock_offset}" bs=1 \
-    count="${fwA_vblock_size}" 2>/dev/null
-  flag="$(vbutil_firmware \
-    --verify "${temp_out_vb}" \
-    --signpubkey "${temp_root_key}" \
-    --fv "${temp_fwimage_a}" |
-    grep "Preamble flags:" |
-    sed 's/.*: *//')" || flag=""
-  [ -z "$flag" ] || PREAMBLE_FLAG="--flags $flag"
-fi
-echo "Using firmware preamble flag: $PREAMBLE_FLAG"
-
-# Sanity check firmware type: "developer key block" should be only used if the
-# content in firmware A/B are different; otherwise always use normal key blocks.
-if is_the_same_binary_file "${temp_fwimage_a}" "${temp_fwimage_b}"; then
-  echo "Found firmware with same A/B content - ignoring DEV keyblock."
-  disable_dev_keyblock
-fi
-
-echo "Re-calculating Firmware A vblock"
-vbutil_firmware \
-  --vblock "${temp_out_vb}" \
-  --keyblock "${DEV_FIRMWARE_KEYBLOCK}" \
-  --signprivate "${DEV_FIRMWARE_DATAKEY}" \
-  --version "${VERSION}" \
+# pass optional args
+[ -n "$VERSION" ] && VERSION="--version $VERSION"
+[ -n "$PREAMBLE_FLAG" ] && PREAMBLE_FLAG="--flags $PREAMBLE_FLAG"
+[ -n "$LOEM_OUTPUT_DIR" ] && LOEM_OUTPUT_DIR="--loemdir $LOEM_OUTPUT_DIR"
+[ -n "$LOEMID" ] && LOEMID="--loemid $LOEMID"
+
+exec ${FUTILITY} sign \
+  --signprivate $FIRMWARE_DATAKEY \
+  --keyblock $FIRMWARE_KEYBLOCK \
+  --devsign $DEV_FIRMWARE_DATAKEY \
+  --devkeyblock $DEV_FIRMWARE_KEYBLOCK \
+  --kernelkey $KERNEL_SUBKEY \
+  $VERSION \
   $PREAMBLE_FLAG \
-  --fv "${temp_fwimage_a}" \
-  --kernelkey "${KERNEL_SUBKEY}"
-
-# Create a copy of the input image and put in the new vblock for firmware A
-cp "${SRC_FD}" "${DST_FD}"
-dd if="${temp_out_vb}" of="${DST_FD}" seek="${fwA_vblock_offset}" bs=1 \
-  count="${fwA_vblock_size}" conv=notrunc 2>/dev/null
-if [ -n "${LOEMID}" ]; then
-  cp "${temp_out_vb}" "${LOEM_OUTPUT_DIR}/vblock_A.${LOEMID}"
-fi
-
-echo "Re-calculating Firmware B vblock"
-vbutil_firmware \
-  --vblock "${temp_out_vb}" \
-  --keyblock "${FIRMWARE_KEYBLOCK}" \
-  --signprivate "${FIRMWARE_DATAKEY}" \
-  --version "${VERSION}" \
-  $PREAMBLE_FLAG \
-  --fv "${temp_fwimage_b}" \
-  --kernelkey "${KERNEL_SUBKEY}"
-
-# Destination image has already been created.
-dd if="${temp_out_vb}" of="${DST_FD}" seek="${fwB_vblock_offset}" bs=1 \
-  count="${fwB_vblock_size}" conv=notrunc 2>/dev/null
-if [ -n "${LOEMID}" ]; then
-  cp "${temp_out_vb}" "${LOEM_OUTPUT_DIR}/vblock_B.${LOEMID}"
-fi
+  $LOEM_OUTPUT_DIR \
+  $LOEMID \
+  $SRC_FD \
+  $DST_FD
 
-echo "New signed image was output to ${DST_FD}"
+echo UNABLE TO EXEC FUTILITY 1>&2
+exit 1
diff --git a/tests/futility/test_resign_firmware.sh b/tests/futility/test_resign_firmware.sh
index 94946a8d..59188938 100755
--- a/tests/futility/test_resign_firmware.sh
+++ b/tests/futility/test_resign_firmware.sh
@@ -67,7 +67,7 @@ for infile in $INFILES; do
   #OLD    ${KEYDIR}/dev_firmware.keyblock \
   #OLD    ${KEYDIR}/kernel_subkey.vbpubk \
   #OLD    14 \
-  #OLD    9 \
+  #OLD    8 \
   #OLD    ${loemdir} \
   #OLD    ${loemid}