summaryrefslogtreecommitdiff
path: root/utility
diff options
context:
space:
mode:
authorBill Richardson <wfrichar@chromium.org>2014-09-05 12:52:27 -0700
committerchrome-internal-fetch <chrome-internal-fetch@google.com>2014-09-12 03:39:40 +0000
commita1d9fe6eecf82540d31d34bba988e4838d295302 (patch)
tree94bc87f0c92ca76f85fcfcbd8a709bb6d776b778 /utility
parenta19b00dfd0c17681b71bd61994854dff3f3576a3 (diff)
downloadvboot-a1d9fe6eecf82540d31d34bba988e4838d295302.tar.gz
futility: stop using the symlink names in utility scripts
We still create the symlinks (FOO -> futility), but this change invokes those built-in functions with "futility FOO ..." instead of using the FOO symlink. Note that the scripts/ directory is unchanged. That's a separate CL, since we don't have tests for that. BUG=chromium:231547 BRANCH=ToT TEST=make runtests In addition to running "make runtests", I temporarily modified the Makefile to avoid creating the symlinks at all. The tests still passed. Change-Id: I96863259b9df02a3611f759a7509bf4090ae03e8 Signed-off-by: Bill Richardson <wfrichar@chromium.org> Reviewed-on: https://chromium-review.googlesource.com/216717 Reviewed-by: Randall Spangler <rspangler@chromium.org>
Diffstat (limited to 'utility')
-rwxr-xr-xutility/dev_debug_vboot27
-rwxr-xr-xutility/dev_make_keypair7
-rwxr-xr-xutility/vbutil_what_keys14
3 files changed, 26 insertions, 22 deletions
diff --git a/utility/dev_debug_vboot b/utility/dev_debug_vboot
index 698a5bd8..6e2724f5 100755
--- a/utility/dev_debug_vboot
+++ b/utility/dev_debug_vboot
@@ -244,7 +244,7 @@ trap cleanup EXIT
# Make sure we have the programs we need
-need="vbutil_key vbutil_keyblock vbutil_kernel vbutil_firmware"
+need="futility"
[ -z "${OPT_BIOS}" ] && need="$need flashrom"
[ -z "${OPT_KERNEL}" ] && need="$need cgpt"
require_utils $need
@@ -269,13 +269,13 @@ set -e
info "Extracting BIOS components..."
if [ -n "${OPT_BIOS}" ]; then
# If we've already got a file, just extract everything.
- log dump_fmap -x "${OPT_BIOS}"
+ log futility dump_fmap -x "${OPT_BIOS}"
fix_old_names
else
# Read it from the flash
if log flashrom -p host -r bios.rom ; then
# If we can read the whole BIOS at once, great.
- log dump_fmap -x bios.rom
+ log futility dump_fmap -x bios.rom
fix_old_names
else
# Otherwise pull just the components we want (implying new-style names)
@@ -290,22 +290,25 @@ else
fi
info "Pulling root and recovery keys from GBB..."
-log gbb_utility -g --rootkey rootkey.vbpubk --recoverykey recoverykey.vbpubk \
+log futility gbb_utility -g --rootkey rootkey.vbpubk \
+ --recoverykey recoverykey.vbpubk \
"GBB" || logdie "Unable to extract keys from GBB"
-log vbutil_key --unpack rootkey.vbpubk
-log vbutil_key --unpack recoverykey.vbpubk
-vbutil_key --unpack rootkey.vbpubk |
+log futility vbutil_key --unpack rootkey.vbpubk
+log futility vbutil_key --unpack recoverykey.vbpubk
+futility vbutil_key --unpack rootkey.vbpubk |
grep -q b11d74edd286c144e1135b49e7f0bc20cf041f10 &&
info " Looks like dev-keys"
# Okay if one of the firmware verifications fails
set +e
for fw in A B; do
infon "Verify firmware ${fw} with root key: "
- log vbutil_firmware --verify "VBLOCK_${fw}" --signpubkey rootkey.vbpubk \
+ log futility vbutil_firmware --verify "VBLOCK_${fw}" \
+ --signpubkey rootkey.vbpubk \
--fv "FW_MAIN_${fw}" --kernelkey "kern_subkey_${fw}.vbpubk" ; result
if [ "${LAST_RESULT}" = "0" ]; then
# rerun to get version numbers
- vbutil_firmware --verify "VBLOCK_${fw}" --signpubkey rootkey.vbpubk \
+ futility vbutil_firmware --verify "VBLOCK_${fw}" \
+ --signpubkey rootkey.vbpubk \
--fv "FW_MAIN_${fw}" > tmp.txt
ver=$(format_as_tpm_version tmp.txt)
info " TPM=${tpm_fwver}, this=${ver}"
@@ -340,17 +343,17 @@ for kname in ${kernparts}; do
fi
infon "Kernel ${kname}: "
- log vbutil_keyblock --unpack "${kfile}" ; result
+ log futility vbutil_keyblock --unpack "${kfile}" ; result
if [ "${LAST_RESULT}" != "0" ]; then
loghead od -Ax -tx1 "${kfile}"
else
# Test each kernel with each key
for key in kern_subkey_A.vbpubk kern_subkey_B.vbpubk recoverykey.vbpubk; do
infon " Verify ${kname} with $key: "
- log vbutil_kernel --verify "${kfile}" --signpubkey "$key" ; result
+ log futility vbutil_kernel --verify "${kfile}" --signpubkey "$key" ; result
if [ "${LAST_RESULT}" = "0" ]; then
# rerun to get version numbers
- vbutil_kernel --verify "${kfile}" --signpubkey "$key" > tmp.txt
+ futility vbutil_kernel --verify "${kfile}" --signpubkey "$key" > tmp.txt
ver=$(format_as_tpm_version tmp.txt)
info " TPM=${tpm_kernver} this=${ver}"
fi
diff --git a/utility/dev_make_keypair b/utility/dev_make_keypair
index d1d34ad4..7486d9e1 100755
--- a/utility/dev_make_keypair
+++ b/utility/dev_make_keypair
@@ -56,14 +56,14 @@ function make_pair {
dumpRSAPublicKey -cert "${base}_${len}.crt" > "${base}_${len}.keyb"
# wrap the public key
- vbutil_key \
+ futility vbutil_key \
--pack "${base}.vbpubk" \
--key "${base}_${len}.keyb" \
--version 1 \
--algorithm $alg
# wrap the private key
- vbutil_key \
+ futility vbutil_key \
--pack "${base}.vbprivk" \
--key "${base}_${len}.pem" \
--algorithm $alg
@@ -79,4 +79,5 @@ make_pair "$1" "${2:-4}"
# won't be signed, just checksummed. Developer kernels can only be run in
# non-recovery mode with the developer switch enabled, but it won't hurt us to
# turn on all the flags bits anyway.
-vbutil_keyblock --pack "$1.keyblock" --datapubkey "$1.vbpubk" --flags 15
+futility vbutil_keyblock --pack "$1.keyblock" \
+ --datapubkey "$1.vbpubk" --flags 15
diff --git a/utility/vbutil_what_keys b/utility/vbutil_what_keys
index de426d89..215a7e7a 100755
--- a/utility/vbutil_what_keys
+++ b/utility/vbutil_what_keys
@@ -75,16 +75,16 @@ showbios() {
local file="$1" space="$2"
local hwid matchh rootkey matchn recoverykey matchr
- hwid=$(gbb_utility --hwid "$file" | sed -e 's/^.*: *//') || return
+ hwid=$(futility gbb_utility --hwid "$file" | sed -e 's/^.*: *//') || return
matchh=$(grep "$hwid" "$0" 2>/dev/null | sed -e 's/^# //')
- gbb_utility --rootkey="$TMPFILE" "$file" >/dev/null
- rootkey=$(vbutil_key --unpack "$TMPFILE" | grep sha1sum | \
+ futility gbb_utility --rootkey="$TMPFILE" "$file" >/dev/null
+ rootkey=$(futility vbutil_key --unpack "$TMPFILE" | grep sha1sum | \
sed -e 's/^.*: *//')
matchn=$(greppy "$rootkey")
- gbb_utility --recoverykey="$TMPFILE" "$file" >/dev/null
- recoverykey=$(vbutil_key --unpack "$TMPFILE" | grep sha1sum | \
+ futility gbb_utility --recoverykey="$TMPFILE" "$file" >/dev/null
+ recoverykey=$(futility vbutil_key --unpack "$TMPFILE" | grep sha1sum | \
sed -e 's/^.*: *//')
matchr=$(greppy "$recoverykey")
@@ -116,12 +116,12 @@ dofile() {
pstart=$(cgpt show -b -i "$pnum" "$file")
dd if="$file" of="$TMPFILE" bs=512 count=128 skip="$pstart" 2>/dev/null
- psum=$(vbutil_keyblock --unpack "$TMPFILE" 2>/dev/null | \
+ psum=$(futility vbutil_keyblock --unpack "$TMPFILE" 2>/dev/null | \
grep sha1sum | sed -e 's/^.*: *//')
if [ -n "$psum" ]; then
match=$(greppy "$psum")
- flags=$(vbutil_keyblock --unpack "$TMPFILE" 2>/dev/null | \
+ flags=$(futility vbutil_keyblock --unpack "$TMPFILE" 2>/dev/null | \
grep Flags: | sed -e 's/^.*:[ 0-9]*//')
else
match=""