diff options
| author | Bill Richardson <wfrichar@chromium.org> | 2014-09-03 14:20:10 -0700 |
|---|---|---|
| committer | chrome-internal-fetch <chrome-internal-fetch@google.com> | 2014-09-05 09:58:45 +0000 |
| commit | e051975c900caf43046a97cda682629915c62c7e (patch) | |
| tree | 1dc878a7cc14c2a61b6bc56d4545a9ee0ca06bc6 /tests/futility | |
| parent | 2e25e813419f2cd437164929543e452b28b89260 (diff) | |
| download | vboot-e051975c900caf43046a97cda682629915c62c7e.tar.gz | |
futility: sign command works on unsigned images
This allows the sign command to work on BIOS images with
invalid VBLOCK areas. When re-signing an existing image, the
length of the firmware body is part of the firmware preamble
in the VBLOCK areas. If those are invalid, the BIOS can
still be signed, but it will have to sign the entire FW_MAIN
area. That's a little slower to verify, so we'd prefer not
to do that, but it works.
BUG=chromium:224734
BRANCH=ToT
TEST=make runtests
Signed-off-by: Bill Richardson <wfrichar@chromium.org>
Change-Id: If58b5c86c5df12f004eabff72c22bfb1e84de7fd
Reviewed-on: https://chromium-review.googlesource.com/216229
Reviewed-by: Randall Spangler <rspangler@chromium.org>
Diffstat (limited to 'tests/futility')
| -rw-r--r-- | tests/futility/data_bios_peppy_mp_no_vblock.bin_expect.txt | 6 | ||||
| -rwxr-xr-x | tests/futility/test_resign_firmware.sh | 31 |
2 files changed, 36 insertions, 1 deletions
diff --git a/tests/futility/data_bios_peppy_mp_no_vblock.bin_expect.txt b/tests/futility/data_bios_peppy_mp_no_vblock.bin_expect.txt new file mode 100644 index 00000000..616530c5 --- /dev/null +++ b/tests/futility/data_bios_peppy_mp_no_vblock.bin_expect.txt @@ -0,0 +1,6 @@ +fc68bcb88bf9af1907289a9f377d658b3b9fe5b0 +bf39d0d3e30cbf6a121416d04df4603ad5310779 +e2c1c92d7d7aa7dfed5e8375edd30b7ae52b7450 +5d2b220899c4403d564092ada3f12d3cc4483223 +e2c1c92d7d7aa7dfed5e8375edd30b7ae52b7450 +5d2b220899c4403d564092ada3f12d3cc4483223 diff --git a/tests/futility/test_resign_firmware.sh b/tests/futility/test_resign_firmware.sh index d72ea05b..b1e397a3 100755 --- a/tests/futility/test_resign_firmware.sh +++ b/tests/futility/test_resign_firmware.sh @@ -21,6 +21,15 @@ ${SCRIPTDIR}/data/bios_peppy_mp.bin ${SCRIPTDIR}/data/bios_zgb_mp.bin " +# We also want to test that we can sign an image without any valid firmware +# preambles. That one won't be able to tell how much of the FW_MAIN region is +# the valid firmware, so it'll have to sign the entire region. +GOOD_VBLOCKS=${SCRIPTDIR}/data/bios_peppy_mp.bin +ONEMORE=bios_peppy_mp_no_vblock.bin +cp ${GOOD_VBLOCKS} ${ONEMORE} +${FUTILITY} load_fmap ${ONEMORE} VBLOCK_A:/dev/urandom VBLOCK_B:/dev/zero +INFILES="${INFILES} ${ONEMORE}" + count=0 for infile in $INFILES; do @@ -97,6 +106,26 @@ for infile in $INFILES; do done +# Make sure that the BIOS with the good vblocks signed the right size. +GOOD_OUT=${TMP}.${GOOD_VBLOCKS##*/}.new +MORE_OUT=${TMP}.${ONEMORE##*/}.new + +${FUTILITY} show ${GOOD_OUT} \ + | awk '/Firmware body size:/ {print $4}' > ${TMP}.good.body +${FUTILITY} dump_fmap -p ${GOOD_OUT} \ + | awk '/FW_MAIN_/ {print $3}' > ${TMP}.good.fw_main +# This should fail because they're different +if cmp ${TMP}.good.body ${TMP}.good.fw_main; then false; fi + +# Make sure that the BIOS with the bad vblocks signed the whole fw body +${FUTILITY} show ${MORE_OUT} \ + | awk '/Firmware body size:/ {print $4}' > ${TMP}.onemore.body +${FUTILITY} dump_fmap -p ${MORE_OUT} \ + | awk '/FW_MAIN_/ {print $3}' > ${TMP}.onemore.fw_main +# These should match +cmp ${TMP}.onemore.body ${TMP}.onemore.fw_main +cmp ${TMP}.onemore.body ${TMP}.good.fw_main + # cleanup -rm -rf ${TMP}* +rm -rf ${TMP}* ${ONEMORE} exit 0 |