diff options
author | Wai-Hong Tam <waihong@google.com> | 2018-01-25 17:45:06 -0800 |
---|---|---|
committer | chrome-bot <chrome-bot@chromium.org> | 2018-02-02 13:19:42 -0800 |
commit | 3585eb3d21da676db3d87e9e0490a0df92d597d2 (patch) | |
tree | b6b587d908f819de990b40b5fde005ce671f670c /scripts/image_signing/common_minimal.sh | |
parent | b5c00dbcba5ab315c7f90bf474143eac4bcfde10 (diff) | |
download | vboot-3585eb3d21da676db3d87e9e0490a0df92d597d2.tar.gz |
make_dev_firmware.sh supports switching EC RO key
For the EC supporting EFS boot, the RO section contains a
public key, and the RW is signed. For running FAFT, should
replace the RO key to a known one (the dev key under
vboot_reference), such that FAFT tests can resign the RW
using a known private key.
For BIOS image, we use make_dev_firmware.sh to do a similar
job to replace the key in BIOS. This CL makes the
make_dev_firmware script support changing EC key.
BUG=b:71769443
BRANCH=none
TEST=Modify files
$ # Check the original BIOS and EC images
$ futility show ec.bin
$ futility show bios.bin
$ ./make_dev_firmware.sh --change_ec -f bios.bin -t new_bios.bin \
-e ec.bin -o new_ec.bin --backup_dir backup
$ # Check the new images, using new keys and verification succeeded
$ futility show new_ec.bin
$ futility show new_bios.bin
TEST=Modify live firmware
$ ./make_dev_firmware.sh --change_ec
And then run firmware_ECUpdateId with a Type-C charger.
TEST=Run sign_official_build.sh
$ sign_official_build.sh recovery recovery_image.bin \
~/trunk/src/platform/vboot_reference/tests/devkeys /tmp/out.bin
TEST=make runalltests
Change-Id: Id51e2c411a4e6d016e619cec91453ce918b7fff7
Reviewed-on: https://chromium-review.googlesource.com/889406
Commit-Ready: Wai-Hong Tam <waihong@google.com>
Tested-by: Wai-Hong Tam <waihong@google.com>
Reviewed-by: Daisuke Nojiri <dnojiri@chromium.org>
Diffstat (limited to 'scripts/image_signing/common_minimal.sh')
-rw-r--r-- | scripts/image_signing/common_minimal.sh | 33 |
1 files changed, 32 insertions, 1 deletions
diff --git a/scripts/image_signing/common_minimal.sh b/scripts/image_signing/common_minimal.sh index c130b918..43dfd109 100644 --- a/scripts/image_signing/common_minimal.sh +++ b/scripts/image_signing/common_minimal.sh @@ -10,7 +10,8 @@ # Determine script directory SCRIPT_DIR=$(dirname $0) PROG=$(basename $0) -GPT=${GPT:-"cgpt"} +: ${GPT:=cgpt} +: ${FUTILITY:=futility} # The tag when the rootfs is changed. TAG_NEEDS_TO_BE_SIGNED="/root/.need_to_be_signed" @@ -349,6 +350,31 @@ rw_mount_disabled() { return 1 } +# Functions for CBFS management +# ---------------------------------------------------------------------------- + +# Get the compression algorithm used for the given CBFS file. +# Args: INPUT_CBFS_IMAGE CBFS_FILE_NAME +get_cbfs_compression() { + cbfstool "$1" print -r "FW_MAIN_A" | awk -vname="$2" '$1 == name {print $5}' +} + +# Store a file in CBFS. +# Args: INPUT_CBFS_IMAGE INPUT_FILE CBFS_FILE_NAME +store_file_in_cbfs() { + local image="$1" + local file="$2" + local name="$3" + local compression=$(get_cbfs_compression "$1" "${name}") + cbfstool "${image}" remove -r "FW_MAIN_A,FW_MAIN_B" -n "${name}" || return + # This add can fail if + # 1. Size of a signature after compression is larger + # 2. CBFS is full + # These conditions extremely unlikely become true at the same time. + cbfstool "${image}" add -r "FW_MAIN_A,FW_MAIN_B" -t "raw" \ + -c "${compression}" -f "${file}" -n "${name}" || return +} + # Misc functions # ---------------------------------------------------------------------------- @@ -385,4 +411,9 @@ no_chronos_password() { fi } +# Returns true if given ec.bin is signed or false if not. +is_ec_rw_signed() { + ${FUTILITY} dump_fmap "$1" | grep -q KEY_RO +} + trap "cleanup_temps_and_mounts" EXIT |