| Commit message (Collapse) | Author | Age | Files | Lines |
|---|
| ... | |
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Follow up the code review comments on CL:995175, which was merged as
1493e938e45535f86b7132a83123c6319eacb217
("image_signing: sign UEFI binaries")
BUG=b:62189155
TEST=See CL:*613656
BRANCH=none
Change-Id: Ic01bfbbfe39fbfb85c0f313ab62bbcd3e2fbb9a3
Reviewed-on: https://chromium-review.googlesource.com/1024919
Commit-Ready: Edward Jee <edjee@google.com>
Tested-by: Edward Jee <edjee@google.com>
Reviewed-by: Mike Frysinger <vapier@chromium.org>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Follow up the code review comments on CL:995174, which was merged as
7dff0105d66fa597741604cf1652a72c7a8463ac
("keygeneration: add support for UEFI key generation")
BUG=b:62189155
TEST=With CL:*613656, set up a local signer and tested key generation
and signing.
Also, manually ran the scripts like the following.
$ export PATH=$(readlink -f ../../../cros-signing/signer/signingtools-bin):$PATH
$ cd scripts/keygeneration && ./create_new_keys.sh --uefi --output ./key
$ chmod -R u+w key/uefi
$ ./uefi/increment_kek_key.sh key/uefi
$ ./uefi/increment_kek_key.sh key/uefi
$ ./uefi/increment_db_child_key.sh key/uefi
$ ./uefi/increment_db_child_key.sh key/uefi
$ ./uefi/increment_db_child_key.sh key/uefi
$ ./uefi/increment_db_key.sh key/uefi
$ ./uefi/increment_db_child_key.sh key/uefi
$ ./uefi/increment_db_key.sh key/uefi
$ ./uefi/increment_db_child_key.sh key/uefi
$ ./uefi/increment_db_child_key.sh key/uefi
$ openssl x509 -noout -subject -in key/uefi/db/db.children/db_child.pem
BRANCH=none
Change-Id: I6c0cd47914a0a77970cd074fe087bba33c16cffc
Reviewed-on: https://chromium-review.googlesource.com/1024918
Commit-Ready: Edward Jee <edjee@google.com>
Tested-by: Edward Jee <edjee@google.com>
Reviewed-by: Mike Frysinger <vapier@chromium.org>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Follow up the code review comments on CL:995174, which was merged as
7dff0105d66fa597741604cf1652a72c7a8463ac
("keygeneration: add support for UEFI key generation")
BUG=b:62189155
TEST=See the following commit.
BRANCH=none
Change-Id: Id642029010e4eea51ec1f7d23240678f3f07e872
Reviewed-on: https://chromium-review.googlesource.com/1024917
Commit-Ready: Edward Jee <edjee@google.com>
Tested-by: Edward Jee <edjee@google.com>
Reviewed-by: Mike Frysinger <vapier@chromium.org>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Signature Scheme V2 was introduced in N.
TEST=(prepare)
1. Produce A.img by running the original sign_android_image.sh on a
test image.
2. Produce B.img by running the new sign_android_image.sh on the
same image.
TEST=Check Settings.apk with apksigner. Saw only v1 signature exists
with A.img, and only v2 exists with B.img, as expected.
Certificates on both APKs have the same fingerprint.
TEST=Login with A to create a new /data state, then login with B.
Platform apps still run. No signature error in logcat.
BRANCH=none
BUG=b:67942659
Change-Id: Ibabc399563bfdc92836856a377997405cc660483
Reviewed-on: https://chromium-review.googlesource.com/993153
Commit-Ready: Victor Hsieh <victorhsieh@chromium.org>
Tested-by: Victor Hsieh <victorhsieh@chromium.org>
Reviewed-by: Bernie Thompson <bhthompson@chromium.org>
Reviewed-by: Mike Frysinger <vapier@chromium.org>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Whiskers decided to leverage the key format of Hammer therefore this
script calls Hammer's one to generate a key pair and renames them to
key_whiskers*.
BUG=b:78254017
TEST=Run this script in the chroot and verify the generated key pair.
BRANCH=None
Change-Id: Iae7097a3b2da1b134fa1a986c669704bbbaca4e9
Reviewed-on: https://chromium-review.googlesource.com/1018591
Commit-Ready: Patrick Berny <pberny@chromium.org>
Tested-by: Patrick Berny <pberny@chromium.org>
Reviewed-by: Jason Clinton <jclinton@chromium.org>
Reviewed-by: Bob Moragues <moragues@chromium.org>
|
| |
|
|
|
|
|
|
|
|
|
|
| |
BUG=b:62189155
TEST=See CL:*601769
BRANCH=none
Change-Id: Id9569616bae0d5f44c1c96e18522ace244a5aae8
Reviewed-on: https://chromium-review.googlesource.com/995175
Commit-Ready: Edward Jee <edjee@google.com>
Tested-by: Edward Jee <edjee@google.com>
Reviewed-by: Jason Clinton <jclinton@chromium.org>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
BUG=b:62189155
TEST=With CL:*601769, set up a local signer and tested key generation
and signing.
Also, manually ran the scripts like the following.
$ export PATH=$(readlink -f ../../../cros-signing/signer/signingtools-bin):$PATH
$ cd scripts/keygeneration && ./create_new_keys.sh --uefi --board lakitu --output ./key
$ ./uefi/increment_kek_key.sh key/uefi lakitu
$ ./uefi/increment_kek_key.sh key/uefi lakitu
$ ./uefi/increment_db_child_key.sh key/uefi lakitu
$ ./uefi/increment_db_child_key.sh key/uefi lakitu
$ ./uefi/increment_db_child_key.sh key/uefi lakitu
$ ./uefi/increment_db_key.sh key/uefi lakitu
$ ./uefi/increment_db_child_key.sh key/uefi lakitu
$ ./uefi/increment_db_key.sh key/uefi lakitu
$ ./uefi/increment_db_child_key.sh key/uefi lakitu
$ ./uefi/increment_db_child_key.sh key/uefi lakitu
$ openssl x509 -noout -subject -in key/uefi/db.children/db_child.pem
BRANCH=none
Change-Id: I9276269a2a66c57f4e99deafec3b90d6cbf52244
Reviewed-on: https://chromium-review.googlesource.com/995174
Commit-Ready: Edward Jee <edjee@google.com>
Tested-by: Edward Jee <edjee@google.com>
Reviewed-by: Jason Clinton <jclinton@chromium.org>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Wand decided to leverage the key format of Hammer therefore this
script calls Hammer's one to generate a key pair and renames them to
key_wand*.
BUG=b:73799441
TEST=Run this script in the chroot and verify the generated key pair.
BRANCH=None
Change-Id: Id2749d78e0632bee66c09c4ee7aa1930534157b7
Reviewed-on: https://chromium-review.googlesource.com/991532
Commit-Ready: Marco Chen <marcochen@chromium.org>
Tested-by: Marco Chen <marcochen@chromium.org>
Reviewed-by: Nicolas Boichat <drinkcat@chromium.org>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
| |
Looks like we forgot to update the help text for set_gbb_flags.sh when
adding the DISABLE_FMWP flag. This patch fixes that.
BRANCH=None
BUG=None
TEST=None
Change-Id: Iae45e151ae786565f6a1a695a2e3c3d01f8c1d0a
Signed-off-by: Julius Werner <jwerner@chromium.org>
Reviewed-on: https://chromium-review.googlesource.com/976801
Reviewed-by: Randall Spangler <rspangler@chromium.org>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
It seems like there are some testing use cases where we want the device
to boot into the recovery installer but it is impractical to fully
simulate a user-triggered recovery. This has become impossible with the
recent change to always require manual recovery to boot an image, even
when the developer mode switch is enabled (CL:924458).
This patch adds a new GBB flag to support this use case. When the flag
is set, all recovery mode is manual recovery mode, regardless of wheter
the developer mode switch is on or not.
Since the GBB_FLAG_ENABLE_SERIAL was killed off before it ever really
worked anyway, we can safely reuse the bit reserved for it.
BRANCH=None
BUG=None
TEST=make runtests, manually confirmed on Kevin
Change-Id: I4f51dfd20b4ff04c522f53596896dccbceee52dc
Signed-off-by: Julius Werner <jwerner@chromium.org>
Reviewed-on: https://chromium-review.googlesource.com/976660
Reviewed-by: Randall Spangler <rspangler@chromium.org>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
This regenerates packages cache during signing the image once apks are
changed due timestamp and key update.
TEST=Build image, sign it useing devkeys and deploy to device. Perform
user sign-in and enable ARC. Test logcat and everything is clear.
BUG=b:74108152
Change-Id: I4809a1f87c8b8f52094054dbb4c8ba3e059aee89
Reviewed-on: https://chromium-review.googlesource.com/948064
Commit-Ready: Yury Khmel <khmel@google.com>
Tested-by: Yury Khmel <khmel@google.com>
Reviewed-by: Mike Frysinger <vapier@chromium.org>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Instead of only logging when ARC++ is not present, also report when we
found an ARC++ image about to be re-signed.
BUG=None
TEST=See info message when running sign_official_build.sh
BRANCH=None
Change-Id: I0d983d38048c4b8dace51e4ea25e23c7cf1da3d7
Reviewed-on: https://chromium-review.googlesource.com/942021
Commit-Ready: Nicolas Norvez <norvez@chromium.org>
Tested-by: Nicolas Norvez <norvez@chromium.org>
Reviewed-by: Victor Hsieh <victorhsieh@chromium.org>
Reviewed-by: Mike Frysinger <vapier@chromium.org>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
- move helper functions that detect which keys should be used depending
on the build flavor to a separate lib
- add unit tests for that lib
BUG=b:72947583
TEST=unit tests
TEST=run against caroline image, scripts detects 'cheets' build flavor
TEST=run against novato-arc64 image (SDK), script detects 'cheets' build
flavor
TEST=run against newbie image (AOSP), script detects 'aosp' build flavor
TEST=run against invalid build property 'paosp_cheets_...', script
aborts as expected
BRANCH=None
Change-Id: I5595c10a5a063e7658d0cf17c77dbeead429cd97
Reviewed-on: https://chromium-review.googlesource.com/923097
Commit-Ready: Nicolas Norvez <norvez@chromium.org>
Tested-by: Nicolas Norvez <norvez@chromium.org>
Reviewed-by: Mike Frysinger <vapier@chromium.org>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
The original "ro.product.name" of the Android image is modified by the
Chrome OS build process to change it to the CrOS device name instead,
which breaks the detection of the build flavor.
Instead, we now rely on the "ro.build.flavor" property which is not
modified.
If the build flavor is either cheets_* or sdk_google_cheets_*, we expect
the keys to be the cheets keys. AOSP keys are used for aosp_cheets_*
build flavors.
BUG=b:72947583
TEST=run against caroline image, scripts detects 'cheets' build flavor
TEST=run against novato-arc64 image (SDK), script detects 'cheets' build
flavor
TEST=run against newbie image (AOSP), script detects 'aosp' build flavor
TEST=run against invalid build property 'paosp_cheets_...', script
aborts as expected
BRANCH=None
Change-Id: I662436b256b59238b00c7374120f315b538fcd75
Reviewed-on: https://chromium-review.googlesource.com/911905
Commit-Ready: Nicolas Norvez <norvez@chromium.org>
Tested-by: Nicolas Norvez <norvez@chromium.org>
Reviewed-by: Victor Hsieh <victorhsieh@chromium.org>
Reviewed-by: Mike Frysinger <vapier@chromium.org>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
We deleted crosh workarounds logic years ago (e.g. CL:178932),
so drop references here too.
BUG=None
TEST=precq passes
BRANCH=None
Change-Id: I2b195a7ca863101be35a4bfde29d7950a96c1edd
Reviewed-on: https://chromium-review.googlesource.com/907069
Commit-Ready: ChromeOS CL Exonerator Bot <chromiumos-cl-exonerator@appspot.gserviceaccount.com>
Tested-by: Mike Frysinger <vapier@chromium.org>
Reviewed-by: David Riley <davidriley@chromium.org>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Following ag/3536780, aosp_cheets targets have their APKs signed with
keys https://android.googlesource.com/platform/build/+/master/target/product/security/
The image signing script now:
- detects if it's an aosp_cheets or cheets build
- checks the correct signing keys have been used in either case
- logs more information about the Android image
BUG=b:72947583
TEST=manually test sign_framework_apks against AOSP and cheets builds
TEST=aosp_cheets builds prior to ag/3536780 are now failing (expected)
TEST=aosp_cheets builds posterior to ag/3536780 are passing
TEST=cheets builds (before and after) are passing
TEST=check that commenting out ro.product.name in build.prop triggers an
error
TEST=check that an invalid value in ro.product.name triggers an error
BRANCH=None
Change-Id: I72abea5182fbfe76820e3f48831be04f39cb334e
Reviewed-on: https://chromium-review.googlesource.com/904726
Commit-Ready: Nicolas Norvez <norvez@chromium.org>
Tested-by: Nicolas Norvez <norvez@chromium.org>
Reviewed-by: Mike Frysinger <vapier@chromium.org>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
For the EC supporting EFS boot, the RO section contains a
public key, and the RW is signed. For running FAFT, should
replace the RO key to a known one (the dev key under
vboot_reference), such that FAFT tests can resign the RW
using a known private key.
For BIOS image, we use make_dev_firmware.sh to do a similar
job to replace the key in BIOS. This CL makes the
make_dev_firmware script support changing EC key.
BUG=b:71769443
BRANCH=none
TEST=Modify files
$ # Check the original BIOS and EC images
$ futility show ec.bin
$ futility show bios.bin
$ ./make_dev_firmware.sh --change_ec -f bios.bin -t new_bios.bin \
-e ec.bin -o new_ec.bin --backup_dir backup
$ # Check the new images, using new keys and verification succeeded
$ futility show new_ec.bin
$ futility show new_bios.bin
TEST=Modify live firmware
$ ./make_dev_firmware.sh --change_ec
And then run firmware_ECUpdateId with a Type-C charger.
TEST=Run sign_official_build.sh
$ sign_official_build.sh recovery recovery_image.bin \
~/trunk/src/platform/vboot_reference/tests/devkeys /tmp/out.bin
TEST=make runalltests
Change-Id: Id51e2c411a4e6d016e619cec91453ce918b7fff7
Reviewed-on: https://chromium-review.googlesource.com/889406
Commit-Ready: Wai-Hong Tam <waihong@google.com>
Tested-by: Wai-Hong Tam <waihong@google.com>
Reviewed-by: Daisuke Nojiri <dnojiri@chromium.org>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
To record sha1sum of keys in keyset can help loem or unibuild projects to verify
1. whether rekey process is performed correctly during the factory
build.
2. whether HWID database is updated correctly.
BUG=chromium:763328
TEST=1) modify loem.ini to match what coral is.
2) ~/trunk/src/platform/vboot_reference/scripts/image_signing/sign_official_build.sh
recovery ./chromeos_10308.0.0_coral_recovery_dev-channel_mp-v4.bin
./src/platform/vboot_reference/tests/loemkeys ./output.bin
3) verify output file - VERSION.signer.
BRANCH=none
Change-Id: I80deadb04d9dc0eb66fc5ac45dce84e6f41f1a16
Signed-off-by: Marco Chen <marcochen@chromium.org>
Reviewed-on: https://chromium-review.googlesource.com/866522
Reviewed-by: Simon Glass <sjg@chromium.org>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
The helper function - info redirects msg to stderr and appends some
backslash escapes so
1. it can't be redirected to VERSION.signer via stdout again.
2. Even if change to stderr, we also don't want these appended
msg.
BUG=chromium:760879
TEST==~/trunk/src/platform/vboot_reference/scripts/image_signing/sign_official_build.sh
recovery ../build/images/coral/latest/recovery_image.bin
../platform/vboot_reference/tests/devkeys
BRANCH=None
Change-Id: I46d560fb4cb93756fd02e32412410afb3a4db0e2
Reviewed-on: https://chromium-review.googlesource.com/861694
Commit-Ready: Marco Chen <marcochen@chromium.org>
Tested-by: Marco Chen <marcochen@chromium.org>
Reviewed-by: Simon Glass <sjg@chromium.org>
Reviewed-by: Mike Frysinger <vapier@chromium.org>
|
| |
|
|
|
|
|
|
|
|
|
|
| |
BRANCH=None
BUG=chromium:714598
TEST=signing images still works
Change-Id: Icc848e49b35aa29c1a1206fa9f351be6ec252b13
Reviewed-on: https://chromium-review.googlesource.com/852675
Commit-Ready: Mike Frysinger <vapier@chromium.org>
Tested-by: Mike Frysinger <vapier@chromium.org>
Reviewed-by: David Riley <davidriley@chromium.org>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
| |
Fix the indent and content of the help message.
BRANCH=none
BUG=none
TEST=./make_dev_ssd.sh -h
Change-Id: I12f0de807cf5cb8d6edf7f4a6acdc7c11d0114d9
Reviewed-on: https://chromium-review.googlesource.com/848620
Commit-Ready: Youcheng Syu <youcheng@chromium.org>
Tested-by: Youcheng Syu <youcheng@chromium.org>
Reviewed-by: Hung-Te Lin <hungte@chromium.org>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
We are not zeroing the free space properly before signing official images. This
patch fixes it by using fstrim instead of dd. More info can be found in
CL:751809.
BRANCH=none
BUG=chromium:780291
TEST=used sign_official_build.sh to sign two recovery images (these images produced <zero-space> file) with dev keys. Then generated delta update between the two new images. This time there was no <zero-space> file between the two images.
Change-Id: Ib97fb206f5c8bcfd97c43d075990c7fcdaad6f7e
Reviewed-on: https://chromium-review.googlesource.com/848237
Commit-Ready: Amin Hassani <ahassani@chromium.org>
Tested-by: Amin Hassani <ahassani@chromium.org>
Reviewed-by: Mike Frysinger <vapier@chromium.org>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
introduce get_gbb_flags.sh command to make automatic annotation
of power measurements easier.
Also, fix issue where declaring local variables on same line
as executing a command would obfuscate error code, thus not
triggering set -c and continuing execution.
https://github.com/koalaman/shellcheck/wiki/SC2155
Usage:
$ /usr/share/vboot/bin/get_gbb_flags.sh
[...]
ChromeOS GBB set flags: 0x00000329.
$ /usr/share/vboot/bin/get_gbb_flags.sh -e
[...]
ChromeOS GBB set flags: 0x00000329.
ChromeOS GBB set flags listed:
GBB_FLAG_DEV_SCREEN_SHORT_DELAY
GBB_FLAG_FORCE_DEV_SWITCH_ON
GBB_FLAG_DISABLE_FW_ROLLBACK_CHECK
GBB_FLAG_FAFT_KEY_OVERIDE
GBB_FLAG_DISABLE_EC_SOFTWARE_SYNC
BUG=chromium:760267
BRANCH=none
TEST=manual
emerge-soraka vboot_reference
cros deploy <IP> vboot_reference
(on DUT)
/usr/share/vboot/bin/get_gbb_flags.sh -e
<same output as above>
Change-Id: Idb3b993706c03e7f2831eed2cef12a04b9469fea
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
This patch makes sign_official_build.sh resign ec.bin and store
signed RW copies in bios.bin if the original ec.bin contains
signed RW copies.
BUG=b:66956286
BRANCH=none
CQ-DEPEND=CL:738794,CL:*490792
TEST=sign_official_build.sh recovery recovery_image.bin \
~/trunk/src/platform/vboot_reference/tests/devkeys /tmp/out.bin
Change-Id: I73c7d8da7d8e2f770e5952d0124f8d43bb13e592
Signed-off-by: Daisuke Nojiri <dnojiri@chromium.org>
Reviewed-on: https://chromium-review.googlesource.com/734295
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
This patch adds a script which generates a key pair for signing
& verifying EC-RW copies.
BUG=b:66956286
BRANCH=none
TEST=Verify the script generates indented key pair
Change-Id: Ia5aff7130587d4f1e18bcdfa514a953caa0cf183
Signed-off-by: Daisuke Nojiri <dnojiri@chromium.org>
Reviewed-on: https://chromium-review.googlesource.com/731824
Reviewed-by: C Shapiro <shapiroc@google.com>
Reviewed-by: Mike Frysinger <vapier@chromium.org>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Let's use the actual command/path used to call make_dev_ssd.sh,
instead of hard-coding './'.
BRANCH=none
BUG=none
TEST=/usr/share/vboot/bin/make_dev_ssd.sh --remove_rootfs_verification
outputs a command that can just be copy-pasted:
sudo /usr/share/vboot/bin/make_dev_ssd.sh --remove_rootfs_verification --partitions 4
(instead of:
sudo ./make_dev_ssd.sh --remove_rootfs_verification --partitions 4
)
Change-Id: I903f94acc1fb310926b149c1e79e4017bf513e27
Reviewed-on: https://chromium-review.googlesource.com/737810
Commit-Ready: Nicolas Boichat <drinkcat@chromium.org>
Tested-by: Nicolas Boichat <drinkcat@chromium.org>
Reviewed-by: Hung-Te Lin <hungte@chromium.org>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
The signer has no concept of model and doesn't need to. From its
perspective, it is simply generating a signature block based on a set of
instructions.
Changing the comments and variable name to reflect this.
BUG=b:68141451
TEST=None
BRANCH=None
Change-Id: Ia2a3e4a5273a4bcd9c5645db2cf0db80af6c28cf
Reviewed-on: https://chromium-review.googlesource.com/733857
Commit-Ready: C Shapiro <shapiroc@google.com>
Tested-by: C Shapiro <shapiroc@google.com>
Reviewed-by: Simon Glass <sjg@chromium.org>
Reviewed-by: Aaron Durbin <adurbin@chromium.org>
Reviewed-by: Jason Clinton <jclinton@chromium.org>
Reviewed-by: Mike Frysinger <vapier@chromium.org>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Staff decided to leverage the key format of Hammer therefore this
script calls Hammer's one to generate a key pair and renames them to
key_staff*.
BUG=b:66889892
TEST=Run this script in the chroot and verify the generated key pair.
BRANCH=None
Change-Id: I73162efaba47a8c08336805130ced0be25ab262a
Reviewed-on: https://chromium-review.googlesource.com/688522
Commit-Ready: Marco Chen <marcochen@chromium.org>
Tested-by: Marco Chen <marcochen@chromium.org>
Reviewed-by: Mike Frysinger <vapier@chromium.org>
|
| |
|
|
|
|
|
|
|
|
|
|
| |
BUG=None
TEST=ran against local devkeys
BRANCH=None
Change-Id: Ib1c88ae187f12aad4531e9c22da6cda2af1503e3
Reviewed-on: https://chromium-review.googlesource.com/691340
Commit-Ready: Mike Frysinger <vapier@chromium.org>
Tested-by: Mike Frysinger <vapier@chromium.org>
Reviewed-by: David Riley <davidriley@chromium.org>
|
| |
|
|
|
|
|
|
|
|
|
|
| |
BUG=None
TEST=ran against local devkeys
BRANCH=None
Change-Id: I76470e18ea2e66f6abb5a912c4055fc245cedc8a
Reviewed-on: https://chromium-review.googlesource.com/691339
Commit-Ready: Mike Frysinger <vapier@chromium.org>
Tested-by: Mike Frysinger <vapier@chromium.org>
Reviewed-by: David Riley <davidriley@chromium.org>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Android master puts that file at a different location, so use similar
logic to official signing script.
TEST="sign_android_image.sh passed locally for both caroline (NYC) &
caroline-bertha (master)."
BUG=b:65610114
BRANCH=none
Change-Id: If33bfbcaa7e6cff95f26ff26a91735c87880f3db
Reviewed-on: https://chromium-review.googlesource.com/686046
Commit-Ready: Garfield Tan <xutan@chromium.org>
Tested-by: Garfield Tan <xutan@chromium.org>
Reviewed-by: Victor Hsieh <victorhsieh@chromium.org>
Reviewed-by: Mike Frysinger <vapier@chromium.org>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
If the channel is missing or has whitespace, the test triggers
errors in the script because the test command has bad quoting.
BUG=None
TEST=script no longer fails on an empty lsb-release
BRANCH=None
Change-Id: Ic2e6ab91ca4ec10c298d122aee1f7f7236b52bf2
Reviewed-on: https://chromium-review.googlesource.com/680059
Commit-Ready: Mike Frysinger <vapier@chromium.org>
Tested-by: Mike Frysinger <vapier@chromium.org>
Reviewed-by: David Riley <davidriley@chromium.org>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
| |
This allows for quick local testing by creating a dummy rootfs.
BUG=chromium:714598
TEST=signing images still works
BRANCH=None
Change-Id: If252b119fd64686b46e9989d55bedbd1eec45700
Reviewed-on: https://chromium-review.googlesource.com/680039
Commit-Ready: Mike Frysinger <vapier@chromium.org>
Tested-by: Mike Frysinger <vapier@chromium.org>
Reviewed-by: David Riley <davidriley@chromium.org>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
| |
Nothing needs this, just something I noticed while debugging.
BUG=None
TEST=`ensure_sane_lsb-release.sh` no longer complains about comment lines
BRANCH=None
Change-Id: Ia39e6461db79a387cc59e5f88ec1216984bb4d28
Reviewed-on: https://chromium-review.googlesource.com/680058
Commit-Ready: Mike Frysinger <vapier@chromium.org>
Tested-by: Mike Frysinger <vapier@chromium.org>
Reviewed-by: Mike Frysinger <vapier@chromium.org>
|
| |
|
|
|
|
|
|
|
|
|
|
| |
BUG=None
TEST=ensure_sane_lsb-release.sh errors now include the full string
BRANCH=None
Change-Id: I460ec5e2127a57e7576214fe8fde9e511f940755
Reviewed-on: https://chromium-review.googlesource.com/680038
Commit-Ready: Mike Frysinger <vapier@chromium.org>
Tested-by: Mike Frysinger <vapier@chromium.org>
Reviewed-by: David Riley <davidriley@chromium.org>
|
| |
|
|
|
|
|
|
|
|
|
|
| |
BUG=chromium:381862
TEST=run against a loem.ini file with blank lines doesn't barf
BRANCH=None
Change-Id: Icf8f8a3ba518ca0f4e64e6eee9c694d47fa32362
Reviewed-on: https://chromium-review.googlesource.com/679754
Commit-Ready: Mike Frysinger <vapier@chromium.org>
Tested-by: Mike Frysinger <vapier@chromium.org>
Reviewed-by: C Shapiro <shapiroc@google.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
This feature was originally implemented before go/cros-unibuild-signing.
It only provided basis support to continue testing unibuilds, but didn't
deal with the actual required model specific cases.
Unibuilds have already been migrated away from this, so this feature is
now obsolete.
BUG=None
TEST=~/trunk/src/platform/vboot_reference/scripts/image_signing/sign_official_build.sh
recovery ../build/images/coral/latest/recovery_image.bin
../platform/vboot_reference/tests/devkeys
BRANCH=None
Change-Id: I58b569b97f0bf42a927a851e7bc0559cb1e26200
Reviewed-on: https://chromium-review.googlesource.com/660805
Commit-Ready: C Shapiro <shapiroc@google.com>
Tested-by: C Shapiro <shapiroc@google.com>
Reviewed-by: Simon Glass <sjg@chromium.org>
Reviewed-by: Mike Frysinger <vapier@chromium.org>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
For model specific signatures, the root key needs to be copied also for
the development case where the root key can be flashed into the RO
block.
BUG=b:65367246
TEST=./build_image --board=coral dev \
&& ./mod_image_for_recovery.sh --board=coral \
&& ~/trunk/src/platform/vboot_reference/scripts/image_signing/sign_official_build.sh \
recovery ../build/images/coral/latest/recovery_image.bin \
../platform/vboot_reference/tests/devkeys
BRANCH=None
Change-Id: I116850881d3c183b20e7d75e40deb13122f40c7a
Reviewed-on: https://chromium-review.googlesource.com/650546
Commit-Ready: C Shapiro <shapiroc@google.com>
Tested-by: C Shapiro <shapiroc@google.com>
Reviewed-by: C Shapiro <shapiroc@google.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
The grep pattern was too lenient and allowed for matches with the same
shared root key id. E.g. NASHER also matched NASHER360
This changes the pattern to match exactly to the end of the line.
BUG=b:65284008
TEST=grep -E "[0-9]+ = NASHER$" ~/tmp/loem.ini with actual loem.ini
that will exist on the signers
BRANCH=None
Change-Id: I80a870cd512825d30c7a39e4ac6f3cffc9ea808d
Reviewed-on: https://chromium-review.googlesource.com/647800
Commit-Ready: C Shapiro <shapiroc@google.com>
Tested-by: C Shapiro <shapiroc@google.com>
Reviewed-by: Aaron Durbin <adurbin@chromium.org>
Reviewed-by: YH Lin <yueherngl@chromium.org>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
updater4.sh uses the /keyset subdir from the firmware updater shellball
to indicate if it should use model specific keys or not. This won't
work for any case where the signers haven't been updated with model
specific keys yet.
Changed the output for unibuilds to be consistent with non-uni builds
where the /keyset subdir won't be created if loem.ini doesn't exist on
the signer.
BUG=b:65128657
TEST=crrev.com/c/626718 and crrev.com/c/636344 test cases, which cover
both the shared and non-shared key use cases
BRANCH=None
Change-Id: I38db1385fa99ac4a9843a750c336c58b74b127b4
Reviewed-on: https://chromium-review.googlesource.com/642031
Commit-Ready: Simon Glass <sjg@chromium.org>
Tested-by: Simon Glass <sjg@chromium.org>
Tested-by: C Shapiro <shapiroc@google.com>
Reviewed-by: Simon Glass <sjg@chromium.org>
Reviewed-by: Jason Clinton <jclinton@chromium.org>
Reviewed-by: Mike Frysinger <vapier@chromium.org>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Updated the current coral config to use the fake keys from the loemkeys
dev keyset (ACME) and then tested/debugged this flow based on that
config.
Fixed issue where key_id wasn't eval'd in bash when it was passed to
grep because it has ' quotes around it.
BUG=b:64842314
TEST=~/trunk/src/platform/vboot_reference/scripts/image_signing/sign_official_build.sh
recovery
../build/images/coral/R62-9877.0.2017_08_25_1030-a1/recovery_image.bin
../platform/vboot_reference/tests/loemkeys
coral_loem_signed_recovery.bin
BRANCH=None
Change-Id: I50a58e512e9a83dc2707951f12d709f9006d67ca
Reviewed-on: https://chromium-review.googlesource.com/636344
Commit-Ready: C Shapiro <shapiroc@google.com>
Tested-by: C Shapiro <shapiroc@google.com>
Reviewed-by: Simon Glass <sjg@chromium.org>
Reviewed-by: Mike Frysinger <vapier@chromium.org>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
We would like to have different signature versions for hammer
(1=dev, 2=premp, 3=mp), so we should pass --version to futility.
The default version stays 1.
BRANCH=none
BUG=b:35587169
TEST=openssl genrsa -3 -out key_hammer.pem 2048
futility create --desc="Hammer fake MP key" key_hammer.pem key_hammer
echo firmware_version=2 > key_hammer.version
../vboot_reference/scripts/image_signing/sign_official_build.sh \
accessory_rwsig build/hammer/ec.bin . \
ec-signed.bin key_hammer.version
futility show ec-signed.bin => Version: 0x00000002
TEST=Without passing a version file, version is still 1.
../vboot_reference/scripts/image_signing/sign_official_build.sh \
accessory_rwsig build/hammer/ec.bin . ec-signed.bin
futility show ec-signed.bin => Version: 0x00000001
Change-Id: I0cd9133404fb0d827bd2f0d3bcc71d5dd274734d
Reviewed-on: https://chromium-review.googlesource.com/631757
Commit-Ready: Nicolas Boichat <drinkcat@chromium.org>
Tested-by: Nicolas Boichat <drinkcat@chromium.org>
Reviewed-by: Mike Frysinger <vapier@chromium.org>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
For design context, see go/cros-unibuild-signing
This adds support for multiple, shared firmware images from a unified
build that needs to be signed with different OEM specific keys.
It uses a signer_config.csv file (that is generated by pack_firmware.py)
to determine which images need to be signed with which keys.
BUG=b:64842314
TEST=./build_image --board=coral dev
&& ./mod_image_for_recovery.sh --board=coral
&& ~/trunk/src/platform/vboot_reference/scripts/image_signing/sign_official_build.sh
recovery ../build/images/coral/latest/recovery_image.bin
../platform/vboot_reference/tests/devkeys
BRANCH=None
Change-Id: Id3711bbe73dfe652184bc046b5f642c30b8d1627
Reviewed-on: https://chromium-review.googlesource.com/626718
Commit-Ready: C Shapiro <shapiroc@google.com>
Tested-by: C Shapiro <shapiroc@google.com>
Reviewed-by: C Shapiro <shapiroc@google.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
This converts the script in one commit as nothing uses it directly,
so the chances of it breaking overall build is low.
- Convert to common.sh for more helpers
- Convert echo to info
- Convert to loopback devices to speed things up
- Fix quoting in a few places
- Drop cgpt usage since we use loopback partitions everywhere now
BRANCH=None
BUG=chromium:714598
TEST=running on an image still works
Change-Id: I6608db77792502f35522a6f793ccd800fdd6af4e
Reviewed-on: https://chromium-review.googlesource.com/505482
Commit-Ready: Mike Frysinger <vapier@chromium.org>
Tested-by: Mike Frysinger <vapier@chromium.org>
Reviewed-by: David Riley <davidriley@chromium.org>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
loader updates
This is the last place that uses grab_kernel_config. Convert it over
to accessing the kernel directly via loopbacks and delete the helper
function entirely. This avoids unnecessary copies and prevents any
more code from using it.
BRANCH=None
BUG=chromium:714598
TEST=dump_config still works
Change-Id: I16aa2c2568d15c43bb20b9d5dc18060915047506
Reviewed-on: https://chromium-review.googlesource.com/505481
Commit-Ready: Mike Frysinger <vapier@chromium.org>
Tested-by: Mike Frysinger <vapier@chromium.org>
Reviewed-by: David Riley <davidriley@chromium.org>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
This avoids copying GB of data for the rootfs & kernels by using loopback
devices instead.
BRANCH=None
BUG=chromium:714598
TEST=dump_config still works
Change-Id: I41cd71db3c567be811c4a59523c797c128a8e493
Reviewed-on: https://chromium-review.googlesource.com/505480
Commit-Ready: Mike Frysinger <vapier@chromium.org>
Tested-by: Mike Frysinger <vapier@chromium.org>
Reviewed-by: David Riley <davidriley@chromium.org>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
This avoids copying out the kernels just to read their configs.
Not super important as the signer doesn't use it, but we want to
kill off the grab_kernel_config helper.
BRANCH=None
BUG=chromium:714598
TEST=dump_config still works
Change-Id: I2533b1d4de6980120f277fea3a1d964cb4fbaf0d
Reviewed-on: https://chromium-review.googlesource.com/505479
Commit-Ready: Mike Frysinger <vapier@chromium.org>
Tested-by: Mike Frysinger <vapier@chromium.org>
Reviewed-by: David Riley <davidriley@chromium.org>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
kernels
This avoids copying in/out the kernels for their configs and to resign.
BRANCH=None
BUG=chromium:714598
TEST=signing images still works
Change-Id: Id13d5099da7f8a73ebd4d4e918188c7eb5b65a12
Reviewed-on: https://chromium-review.googlesource.com/505478
Commit-Ready: Mike Frysinger <vapier@chromium.org>
Tested-by: Mike Frysinger <vapier@chromium.org>
Reviewed-by: David Riley <davidriley@chromium.org>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
This changes the kernel config reading and the stateful vblock updating
to use loopback devices. This avoids having to copy out the kernels
many times over just to read them.
BRANCH=None
BUG=chromium:714598
TEST=signing images still works
Change-Id: Ibb49791a7db998e45b35ed15ddc12126e669c730
Reviewed-on: https://chromium-review.googlesource.com/505477
Commit-Ready: Mike Frysinger <vapier@chromium.org>
Tested-by: Mike Frysinger <vapier@chromium.org>
Reviewed-by: David Riley <davidriley@chromium.org>
Reviewed-by: Jorge Lucangeli Obes <jorgelo@chromium.org>
|
| |
|
|
|
|
|
|
|
|
|
|
|
| |
Replace commands using gbb_utility by the new 'gbb' futility command.
BRANCH=none
BUG=None
TEST=USE=test emerge-$BOARD vboot_reference
Change-Id: I8c1547d295a955373413482509a33964b0e0c06f
Signed-off-by: Hung-Te Lin <hungte@chromium.org>
Reviewed-on: https://chromium-review.googlesource.com/538442
Reviewed-by: Stefan Reinauer <reinauer@google.com>
|
