From b9cc9550cf8a5d8ff3e9c92999d85d2bd8a54136 Mon Sep 17 00:00:00 2001
From: Hung-Te Lin <hungte@chromium.org>
Date: Tue, 2 Aug 2011 11:12:16 +0800
Subject: resign_firmwarefd: don't change preamble flag by default.

When preamble_flag is not assigned manually, resign_firwmarefd should not change
the preamble flag.

BUG=chromium-os:18207
TEST=# Prepare a bios.bin with preamble_flag=1 (ex, ARM firmware)
     ./resign_firmwarefd.sh bios.bin ..... # do not assign preamble
     vbutil_firmware --verify # see preamble_flag=1
     # Repeat with firmware having preamble_flag=0 (ex, x86 firmware like ZGB/Alex)
     # preamble_flag is 0 after resign_firmwarefd.

Change-Id: I50f88bbf51a28defaf1c4e5383ab856168a128fc
Reviewed-on: http://gerrit.chromium.org/gerrit/5133
Tested-by: Hung-Te Lin <hungte@chromium.org>
Reviewed-by: Bill Richardson <wfrichar@chromium.org>
Reviewed-by: Gaurav Shah <gauravsh@chromium.org>
---
 scripts/image_signing/resign_firmwarefd.sh | 23 ++++++++++++++++++-----
 1 file changed, 18 insertions(+), 5 deletions(-)

diff --git a/scripts/image_signing/resign_firmwarefd.sh b/scripts/image_signing/resign_firmwarefd.sh
index ad72a70e..9f70f409 100755
--- a/scripts/image_signing/resign_firmwarefd.sh
+++ b/scripts/image_signing/resign_firmwarefd.sh
@@ -84,11 +84,6 @@ if [ -z "$VERSION" ]; then
 fi
 echo "Using firmware version: $VERSION"
 
-if [ -n "$PREAMBLE_FLAG" ]; then
-  echo "Using firmware preamble flag: $PREAMBLE_FLAG"
-  PREAMBLE_FLAG="--flag $PREAMBLE_FLAG"
-fi
-
 # Parse offsets and size of firmware data and vblocks
 for i in "A" "B"
 do
@@ -121,6 +116,24 @@ temp_out_vb=$(make_temp_file)
 dd if="${SRC_FD}" of="${temp_fwimage}" skip="${fwA_offset}" bs=1 \
   count="${fwA_size}"
 
+# Extract existing preamble flag if not assigned yet.
+if [ -n "$PREAMBLE_FLAG" ]; then
+  PREAMBLE_FLAG="--flag $PREAMBLE_FLAG"
+else
+  temp_root_key=$(make_temp_file)
+  gbb_utility -g --rootkey="$temp_root_key" "${SRC_FD}"
+  dd if="${SRC_FD}" of="${temp_out_vb}" skip="${fwA_vblock_offset}" bs=1 \
+    count="${fwA_vblock_size}"
+  flag="$(vbutil_firmware \
+    --verify "${temp_out_vb}" \
+    --signpubkey "${temp_root_key}" \
+    --fv "${temp_fwimage}" |
+    grep "Preamble flags:" |
+    sed 's/.*: *//')" || flag=""
+  [ -z "$flag" ] || PREAMBLE_FLAG="--flag $flag"
+fi
+echo "Using firmware preamble flag: $PREAMBLE_FLAG"
+
 echo "Re-calculating Firmware A vblock"
 vbutil_firmware \
   --vblock "${temp_out_vb}" \
-- 
cgit v1.2.1