scottk/OpenCellular
1
0
Fork 0
mirror of https://github.com/Telecominfraproject/OpenCellular.git synced 2025-11-24 02:05:01 +00:00
Code Issues Packages Projects Releases Wiki Activity

make_dev_firmware: handle developer firmware keyblock correctly

Browse Source 
We should detect keyblock from existing firmware and decide if a developer
firmware keyblock should be used.

BUG=chromium-os:18946
TEST=./make_dev_firmware.sh -f zgb.bin -t zgb_dev.bin
      # seeing Using keyblocks (developer, normal)...
      ./make_dev_firmware.sh -f mario.bin -t mario_dev.bin
      # seeing Using keyblocks (normal, normal)...
      ./make_dev_firmware.sh -f arm.bin -t arm_dev.bin
      # seeing Using keyblocks (normal, normal)...

Change-Id: I74fa0db980e26a6a19a4393303e8c5b3260c84c7
Reviewed-on: http://gerrit.chromium.org/gerrit/5623
Tested-by: Hung-Te Lin <hungte@chromium.org>
Reviewed-by: Hung-Te Lin <hungte@chromium.org>
This commit is contained in:
Hung-Te Lin
2011-08-10 12:00:13 +08:00
parent 7f503e4064
commit 010630f18c
1 changed files with 29 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

29
scripts/image_signing/make_dev_firmware.sh
View File

@@ -39,6 +39,7 @@ set -e
# the image we are (temporary) working with # the image we are (temporary) working with
IMAGE="$(make_temp_file)" IMAGE="$(make_temp_file)"
IMAGE="$(readlink -f "$IMAGE")"
# a log file to keep the output results of executed command # a log file to keep the output results of executed command
EXEC_LOG="$(make_temp_file)" EXEC_LOG="$(make_temp_file)"
@@ -194,6 +195,34 @@ main() {
cp -f "$IMAGE" "$backup_image" cp -f "$IMAGE" "$backup_image"
fi fi
debug_msg "Detecting developer firmware keyblock"
local expanded_firmware_dir="$(make_temp_dir)"
local use_devfw_keyblock="$FLAGS_FALSE"
(cd "$expanded_firmware_dir"; dump_fmap -x "$IMAGE" >/dev/null 2>&1) ||
err_die "Failed to extract firmware image."
if [ -f "$expanded_firmware_dir/VBLOCK_A" ]; then
local has_dev=$FLAGS_TRUE has_norm=$FLAGS_TRUE
# In output of vbutil_keyblock, "!DEV" means "bootable on normal mode" and
# "DEV" means "bootable on developer mode". Here we try to match the pattern
# in output of vbutil_block, and disable the flags (has_dev, has_norm) if
# the pattern was not found.
vbutil_keyblock --unpack "$expanded_firmware_dir/VBLOCK_A" |
grep -qw '!DEV' || has_norm=$FLAGS_FALSE
vbutil_keyblock --unpack "$expanded_firmware_dir/VBLOCK_A" |
grep -qw '[^!]DEV' || has_dev=$FLAGS_FALSE
if [ "$has_norm" = "$FLAGS_FALSE" -a "$has_dev" = "$FLAGS_TRUE" ]; then
use_devfw_keyblock=$FLAGS_TRUE
fi
fi
if [ "$use_devfw_keyblock" = "$FLAGS_TRUE" ]; then
echo "Using keyblocks (developer, normal)..."
else
echo "Using keyblocks (normal, normal)..."
dev_firmware_prvkey="$firmware_prvkey"
dev_firmware_keyblock="$firmware_keyblock"
fi
# TODO(hungte) We can use vbutil_firmware to check if the current firmware is # TODO(hungte) We can use vbutil_firmware to check if the current firmware is
# valid so that we know keys and vbutil_firmware are all working fine. # valid so that we know keys and vbutil_firmware are all working fine.