diff options
Diffstat (limited to 'tests/futility/test_sign_kernel.sh')
-rwxr-xr-x | tests/futility/test_sign_kernel.sh | 103 |
1 files changed, 33 insertions, 70 deletions
diff --git a/tests/futility/test_sign_kernel.sh b/tests/futility/test_sign_kernel.sh index 2a8e8c13..fdc4daf5 100755 --- a/tests/futility/test_sign_kernel.sh +++ b/tests/futility/test_sign_kernel.sh @@ -17,12 +17,12 @@ dd if=/dev/urandom bs=512 count=1 of=${TMP}.bootloader.bin dd if=/dev/urandom bs=512 count=1 of=${TMP}.bootloader2.bin # default padding -padding=49152 +padding=65536 try_arch () { local arch=$1 - echo -n "${arch}: 1 " 1>&3 + echo -n "${arch}.a " 1>&3 # pack it up the old way ${FUTILITY} vbutil_kernel --debug \ @@ -34,19 +34,17 @@ try_arch () { --bootloader ${TMP}.bootloader.bin \ --vmlinuz ${SCRIPTDIR}/data/vmlinuz-${arch}.bin \ --arch ${arch} \ - --pad ${padding} \ --kloadaddr 0x11000 # verify the old way ${FUTILITY} vbutil_kernel --verify ${TMP}.blob1.${arch} \ - --pad ${padding} \ --signpubkey ${DEVKEYS}/recovery_key.vbpubk - ${FUTILITY} vbutil_kernel --verify ${TMP}.blob1.${arch} \ - --pad ${padding} \ + ${FUTILITY} vbutil_kernel2 --verify ${TMP}.blob1.${arch} \ --signpubkey ${DEVKEYS}/recovery_key.vbpubk --debug # pack it up the new way - ${FUTILITY} sign --debug \ + ${FUTILITY} vbutil_kernel2 --debug \ + --pack ${TMP}.blob2.${arch} \ --keyblock ${DEVKEYS}/recovery_kernel.keyblock \ --signprivate ${DEVKEYS}/recovery_kernel_data_key.vbprivk \ --version 1 \ @@ -54,15 +52,11 @@ try_arch () { --bootloader ${TMP}.bootloader.bin \ --vmlinuz ${SCRIPTDIR}/data/vmlinuz-${arch}.bin \ --arch ${arch} \ - --pad ${padding} \ - --kloadaddr 0x11000 \ - --outfile ${TMP}.blob2.${arch} + --kloadaddr 0x11000 # they should be identical cmp ${TMP}.blob1.${arch} ${TMP}.blob2.${arch} - echo -n "2 " 1>&3 - # repack it the old way ${FUTILITY} vbutil_kernel \ --repack ${TMP}.blob3.${arch} \ @@ -70,51 +64,30 @@ try_arch () { --signprivate ${DEVKEYS}/kernel_data_key.vbprivk \ --keyblock ${DEVKEYS}/kernel.keyblock \ --version 2 \ - --pad ${padding} \ --config ${TMP}.config2.txt \ --bootloader ${TMP}.bootloader2.bin # verify the old way ${FUTILITY} vbutil_kernel --verify ${TMP}.blob3.${arch} \ - --pad ${padding} \ --signpubkey ${DEVKEYS}/kernel_subkey.vbpubk - ${FUTILITY} vbutil_kernel --verify ${TMP}.blob3.${arch} \ - --pad ${padding} \ + ${FUTILITY} vbutil_kernel2 --verify ${TMP}.blob3.${arch} \ --signpubkey ${DEVKEYS}/kernel_subkey.vbpubk # repack it the new way - ${FUTILITY} sign --debug \ + ${FUTILITY} vbutil_kernel2 \ + --repack ${TMP}.blob4.${arch} \ + --oldblob ${TMP}.blob2.${arch} \ --signprivate ${DEVKEYS}/kernel_data_key.vbprivk \ --keyblock ${DEVKEYS}/kernel.keyblock \ --version 2 \ - --pad ${padding} \ --config ${TMP}.config2.txt \ - --bootloader ${TMP}.bootloader2.bin \ - ${TMP}.blob2.${arch} \ - ${TMP}.blob4.${arch} + --bootloader ${TMP}.bootloader2.bin # they should be identical cmp ${TMP}.blob3.${arch} ${TMP}.blob4.${arch} - echo -n "3 " 1>&3 - - # repack it the new way, in-place - cp ${TMP}.blob2.${arch} ${TMP}.blob5.${arch} - ${FUTILITY} sign --debug \ - --signprivate ${DEVKEYS}/kernel_data_key.vbprivk \ - --keyblock ${DEVKEYS}/kernel.keyblock \ - --version 2 \ - --pad ${padding} \ - --config ${TMP}.config2.txt \ - --bootloader ${TMP}.bootloader2.bin \ - ${TMP}.blob5.${arch} - - # they should be identical - cmp ${TMP}.blob3.${arch} ${TMP}.blob5.${arch} - - # and now just the vblocks... - echo -n "4 " 1>&3 + echo -n "${arch}.v " 1>&3 dd bs=${padding} count=1 if=${TMP}.blob1.${arch} of=${TMP}.blob1.${arch}.vb0 ${FUTILITY} vbutil_kernel \ @@ -127,12 +100,13 @@ try_arch () { --bootloader ${TMP}.bootloader.bin \ --vmlinuz ${SCRIPTDIR}/data/vmlinuz-${arch}.bin \ --arch ${arch} \ - --pad ${padding} \ --kloadaddr 0x11000 cmp ${TMP}.blob1.${arch}.vb0 ${TMP}.blob1.${arch}.vb1 dd bs=${padding} count=1 if=${TMP}.blob2.${arch} of=${TMP}.blob2.${arch}.vb0 - ${FUTILITY} sign --debug \ + ${FUTILITY} vbutil_kernel2 \ + --pack ${TMP}.blob2.${arch}.vb1 \ + --vblockonly \ --keyblock ${DEVKEYS}/recovery_kernel.keyblock \ --signprivate ${DEVKEYS}/recovery_kernel_data_key.vbprivk \ --version 1 \ @@ -140,23 +114,9 @@ try_arch () { --bootloader ${TMP}.bootloader.bin \ --vmlinuz ${SCRIPTDIR}/data/vmlinuz-${arch}.bin \ --arch ${arch} \ - --pad ${padding} \ - --kloadaddr 0x11000 \ - --vblockonly \ - ${TMP}.blob2.${arch}.vb1 - + --kloadaddr 0x11000 cmp ${TMP}.blob2.${arch}.vb0 ${TMP}.blob2.${arch}.vb1 - # and verify it the new way - dd bs=${padding} skip=1 if=${TMP}.blob2.${arch} of=${TMP}.blob2.${arch}.kb1 - ${FUTILITY} verify --debug \ - --pad ${padding} \ - --publickey ${DEVKEYS}/recovery_key.vbpubk \ - --fv ${TMP}.blob2.${arch}.kb1 \ - ${TMP}.blob2.${arch}.vb1 - - echo -n "5 " 1>&3 - dd bs=${padding} count=1 if=${TMP}.blob3.${arch} of=${TMP}.blob3.${arch}.vb0 ${FUTILITY} vbutil_kernel \ --repack ${TMP}.blob3.${arch}.vb1 \ @@ -165,36 +125,39 @@ try_arch () { --signprivate ${DEVKEYS}/kernel_data_key.vbprivk \ --keyblock ${DEVKEYS}/kernel.keyblock \ --version 2 \ - --pad ${padding} \ --config ${TMP}.config2.txt \ --bootloader ${TMP}.bootloader2.bin cmp ${TMP}.blob3.${arch}.vb0 ${TMP}.blob3.${arch}.vb1 dd bs=${padding} count=1 if=${TMP}.blob4.${arch} of=${TMP}.blob4.${arch}.vb0 - ${FUTILITY} sign --debug \ + ${FUTILITY} vbutil_kernel2 \ + --repack ${TMP}.blob4.${arch}.vb1 \ + --vblockonly \ + --oldblob ${TMP}.blob2.${arch} \ --signprivate ${DEVKEYS}/kernel_data_key.vbprivk \ --keyblock ${DEVKEYS}/kernel.keyblock \ --version 2 \ --config ${TMP}.config2.txt \ - --bootloader ${TMP}.bootloader2.bin \ - --pad ${padding} \ - --vblockonly \ - ${TMP}.blob2.${arch} \ - ${TMP}.blob4.${arch}.vb1 \ - + --bootloader ${TMP}.bootloader2.bin cmp ${TMP}.blob4.${arch}.vb0 ${TMP}.blob4.${arch}.vb1 - dd bs=${padding} skip=1 if=${TMP}.blob4.${arch} of=${TMP}.blob4.${arch}.kb1 - ${FUTILITY} verify --debug \ - --pad ${padding} \ - --publickey ${DEVKEYS}/kernel_subkey.vbpubk \ - --fv ${TMP}.blob4.${arch}.kb1 \ - ${TMP}.blob4.${arch}.vb1 # Note: We specifically do not test repacking with a different --kloadaddr, # because the old way has a bug and does not update params->cmd_line_ptr to # point at the new on-disk location. Apparently (and not surprisingly), no # one has ever done that. + +#HEY # pack it up the new way +#HEY ${FUTILITY} sign --debug \ +#HEY --vmlinuz ${SCRIPTDIR}/data/vmlinuz-${arch}.bin \ +#HEY --config ${TMP}.config.txt \ +#HEY --bootloader ${TMP}.bootloader.bin \ +#HEY --arch ${arch} \ +#HEY --keyblock ${DEVKEYS}/recovery_kernel.keyblock \ +#HEY --signprivate ${DEVKEYS}/recovery_kernel_data_key.vbprivk \ +#HEY --version 1 \ +#HEY --outfile ${TMP}.blob2.${arch} + } try_arch amd64 |