diff options
author | Bill Richardson <wfrichar@chromium.org> | 2014-09-05 12:52:27 -0700 |
---|---|---|
committer | chrome-internal-fetch <chrome-internal-fetch@google.com> | 2014-09-12 03:39:40 +0000 |
commit | a1d9fe6eecf82540d31d34bba988e4838d295302 (patch) | |
tree | 94bc87f0c92ca76f85fcfcbd8a709bb6d776b778 /utility | |
parent | a19b00dfd0c17681b71bd61994854dff3f3576a3 (diff) | |
download | vboot-a1d9fe6eecf82540d31d34bba988e4838d295302.tar.gz |
futility: stop using the symlink names in utility scripts
We still create the symlinks (FOO -> futility), but this
change invokes those built-in functions with "futility FOO ..."
instead of using the FOO symlink.
Note that the scripts/ directory is unchanged. That's a
separate CL, since we don't have tests for that.
BUG=chromium:231547
BRANCH=ToT
TEST=make runtests
In addition to running "make runtests", I temporarily
modified the Makefile to avoid creating the symlinks at all.
The tests still passed.
Change-Id: I96863259b9df02a3611f759a7509bf4090ae03e8
Signed-off-by: Bill Richardson <wfrichar@chromium.org>
Reviewed-on: https://chromium-review.googlesource.com/216717
Reviewed-by: Randall Spangler <rspangler@chromium.org>
Diffstat (limited to 'utility')
-rwxr-xr-x | utility/dev_debug_vboot | 27 | ||||
-rwxr-xr-x | utility/dev_make_keypair | 7 | ||||
-rwxr-xr-x | utility/vbutil_what_keys | 14 |
3 files changed, 26 insertions, 22 deletions
diff --git a/utility/dev_debug_vboot b/utility/dev_debug_vboot index 698a5bd8..6e2724f5 100755 --- a/utility/dev_debug_vboot +++ b/utility/dev_debug_vboot @@ -244,7 +244,7 @@ trap cleanup EXIT # Make sure we have the programs we need -need="vbutil_key vbutil_keyblock vbutil_kernel vbutil_firmware" +need="futility" [ -z "${OPT_BIOS}" ] && need="$need flashrom" [ -z "${OPT_KERNEL}" ] && need="$need cgpt" require_utils $need @@ -269,13 +269,13 @@ set -e info "Extracting BIOS components..." if [ -n "${OPT_BIOS}" ]; then # If we've already got a file, just extract everything. - log dump_fmap -x "${OPT_BIOS}" + log futility dump_fmap -x "${OPT_BIOS}" fix_old_names else # Read it from the flash if log flashrom -p host -r bios.rom ; then # If we can read the whole BIOS at once, great. - log dump_fmap -x bios.rom + log futility dump_fmap -x bios.rom fix_old_names else # Otherwise pull just the components we want (implying new-style names) @@ -290,22 +290,25 @@ else fi info "Pulling root and recovery keys from GBB..." -log gbb_utility -g --rootkey rootkey.vbpubk --recoverykey recoverykey.vbpubk \ +log futility gbb_utility -g --rootkey rootkey.vbpubk \ + --recoverykey recoverykey.vbpubk \ "GBB" || logdie "Unable to extract keys from GBB" -log vbutil_key --unpack rootkey.vbpubk -log vbutil_key --unpack recoverykey.vbpubk -vbutil_key --unpack rootkey.vbpubk | +log futility vbutil_key --unpack rootkey.vbpubk +log futility vbutil_key --unpack recoverykey.vbpubk +futility vbutil_key --unpack rootkey.vbpubk | grep -q b11d74edd286c144e1135b49e7f0bc20cf041f10 && info " Looks like dev-keys" # Okay if one of the firmware verifications fails set +e for fw in A B; do infon "Verify firmware ${fw} with root key: " - log vbutil_firmware --verify "VBLOCK_${fw}" --signpubkey rootkey.vbpubk \ + log futility vbutil_firmware --verify "VBLOCK_${fw}" \ + --signpubkey rootkey.vbpubk \ --fv "FW_MAIN_${fw}" --kernelkey "kern_subkey_${fw}.vbpubk" ; result if [ "${LAST_RESULT}" = "0" ]; then # rerun to get version numbers - vbutil_firmware --verify "VBLOCK_${fw}" --signpubkey rootkey.vbpubk \ + futility vbutil_firmware --verify "VBLOCK_${fw}" \ + --signpubkey rootkey.vbpubk \ --fv "FW_MAIN_${fw}" > tmp.txt ver=$(format_as_tpm_version tmp.txt) info " TPM=${tpm_fwver}, this=${ver}" @@ -340,17 +343,17 @@ for kname in ${kernparts}; do fi infon "Kernel ${kname}: " - log vbutil_keyblock --unpack "${kfile}" ; result + log futility vbutil_keyblock --unpack "${kfile}" ; result if [ "${LAST_RESULT}" != "0" ]; then loghead od -Ax -tx1 "${kfile}" else # Test each kernel with each key for key in kern_subkey_A.vbpubk kern_subkey_B.vbpubk recoverykey.vbpubk; do infon " Verify ${kname} with $key: " - log vbutil_kernel --verify "${kfile}" --signpubkey "$key" ; result + log futility vbutil_kernel --verify "${kfile}" --signpubkey "$key" ; result if [ "${LAST_RESULT}" = "0" ]; then # rerun to get version numbers - vbutil_kernel --verify "${kfile}" --signpubkey "$key" > tmp.txt + futility vbutil_kernel --verify "${kfile}" --signpubkey "$key" > tmp.txt ver=$(format_as_tpm_version tmp.txt) info " TPM=${tpm_kernver} this=${ver}" fi diff --git a/utility/dev_make_keypair b/utility/dev_make_keypair index d1d34ad4..7486d9e1 100755 --- a/utility/dev_make_keypair +++ b/utility/dev_make_keypair @@ -56,14 +56,14 @@ function make_pair { dumpRSAPublicKey -cert "${base}_${len}.crt" > "${base}_${len}.keyb" # wrap the public key - vbutil_key \ + futility vbutil_key \ --pack "${base}.vbpubk" \ --key "${base}_${len}.keyb" \ --version 1 \ --algorithm $alg # wrap the private key - vbutil_key \ + futility vbutil_key \ --pack "${base}.vbprivk" \ --key "${base}_${len}.pem" \ --algorithm $alg @@ -79,4 +79,5 @@ make_pair "$1" "${2:-4}" # won't be signed, just checksummed. Developer kernels can only be run in # non-recovery mode with the developer switch enabled, but it won't hurt us to # turn on all the flags bits anyway. -vbutil_keyblock --pack "$1.keyblock" --datapubkey "$1.vbpubk" --flags 15 +futility vbutil_keyblock --pack "$1.keyblock" \ + --datapubkey "$1.vbpubk" --flags 15 diff --git a/utility/vbutil_what_keys b/utility/vbutil_what_keys index de426d89..215a7e7a 100755 --- a/utility/vbutil_what_keys +++ b/utility/vbutil_what_keys @@ -75,16 +75,16 @@ showbios() { local file="$1" space="$2" local hwid matchh rootkey matchn recoverykey matchr - hwid=$(gbb_utility --hwid "$file" | sed -e 's/^.*: *//') || return + hwid=$(futility gbb_utility --hwid "$file" | sed -e 's/^.*: *//') || return matchh=$(grep "$hwid" "$0" 2>/dev/null | sed -e 's/^# //') - gbb_utility --rootkey="$TMPFILE" "$file" >/dev/null - rootkey=$(vbutil_key --unpack "$TMPFILE" | grep sha1sum | \ + futility gbb_utility --rootkey="$TMPFILE" "$file" >/dev/null + rootkey=$(futility vbutil_key --unpack "$TMPFILE" | grep sha1sum | \ sed -e 's/^.*: *//') matchn=$(greppy "$rootkey") - gbb_utility --recoverykey="$TMPFILE" "$file" >/dev/null - recoverykey=$(vbutil_key --unpack "$TMPFILE" | grep sha1sum | \ + futility gbb_utility --recoverykey="$TMPFILE" "$file" >/dev/null + recoverykey=$(futility vbutil_key --unpack "$TMPFILE" | grep sha1sum | \ sed -e 's/^.*: *//') matchr=$(greppy "$recoverykey") @@ -116,12 +116,12 @@ dofile() { pstart=$(cgpt show -b -i "$pnum" "$file") dd if="$file" of="$TMPFILE" bs=512 count=128 skip="$pstart" 2>/dev/null - psum=$(vbutil_keyblock --unpack "$TMPFILE" 2>/dev/null | \ + psum=$(futility vbutil_keyblock --unpack "$TMPFILE" 2>/dev/null | \ grep sha1sum | sed -e 's/^.*: *//') if [ -n "$psum" ]; then match=$(greppy "$psum") - flags=$(vbutil_keyblock --unpack "$TMPFILE" 2>/dev/null | \ + flags=$(futility vbutil_keyblock --unpack "$TMPFILE" 2>/dev/null | \ grep Flags: | sed -e 's/^.*:[ 0-9]*//') else match="" |