cr50 signer: provide means of setting board ID

There needs to be a way to set a board ID fields in the Cr50 RW
header. This patch adds this capability to the board signer and
release image creator scripts.

create_released_image.sh is being modified to include chrome OS
command line option parsing bash library, and a new command line
parameter is defined, --cr50_board_id. Its value is a string of three
colon separated fields, <board id>:<board id mask>:<board id flags>,
where
  <board id> is a 4 character ASCII string, the RLZ board code
  <board id mask> and <board id flags> are two hex values, without
     preceding 0x.

This value is passed to the bs script through environment variable
CR50_BOARD_ID (to be in sync with the bs script taking already
optional parameters like H1_DEVIDS from the environment).

The bs script is slightly refactored, code modifying the manifest to
splice in the device ID nodes is put into a function, and code adding
the board ID nodes to the manifest is also included in the new
function.

The three fields of the CR50_BOARD_ID string are converted to integers
and added to three nodes in the manifest (board_id, board_id_mask, and
board_id_flags respectively).

BRANCH=none
BUG=b:62294740
TEST=created a released image image using

   create_released_image.sh --cr50_board_id RXXX:ffffff00:ff00 \
       <rest of parameters>

  using the modified usb_updater (under a different patch) verified
  that the header fields have been created as expected.

Change-Id: I8374024de347f341ac16b72c2fa4a774e8385466
Signed-off-by: Vadim Bendebury <vbendeb@chromium.org>
Reviewed-on: https://chromium-review.googlesource.com/562918
Reviewed-by: Randall Spangler <rspangler@chromium.org>

util/signer/bs

@@ -52,10 +52,59 @@ The same values can be obtained in the lsusb command output:
 note that the lsusb reported values are in hex and need to be prefixed with
 0x.
 
+Finally, this script also allows to specify the board ID fields of the RW
+headers. The fields come from the evironment variable CR50_BOARD_ID, which is
+required to include three colon separated fields. The first field is a four
+letter board RLZ code, the second field is board id mask in hex, no 0x prefix,
+and the third field - board ID flags, again, hex, no 0x prefix.
+
+CR50_BOARD_ID='XXYY:12:13' ${progname} [other options, if any]
+
+both H1_DEVIDS and CR50_BOARD_ID can be defined independently.
+
 EOF
   exit "${rv}"
 }
 
+# This function modifies the manifest to include device ID and board ID nodes,
+# if H1_DEVIDS and CR50_BOARD_ID are defined in the environment, respectively,
+tweak_manifest () {
+  local sub
+
+  # If defined, plug in dev ID nodes before the 'fuses' node.
+  if [[ -z "${do_prod}" && -n "${H1_DEVIDS}" ]]; then
+    echo "creating a customized DEV image for DEV IDS ${H1_DEVIDS}"
+    sub=$(printf "\\\n   \"DEV_ID0\": %d,\\\n   \"DEV_ID1\": %d," ${H1_DEVIDS})
+    sed -i "s/\"fuses\": {/\"fuses\": {${sub}/" "${tmpf}"
+  fi
+
+  if [[ -z "${CR50_BOARD_ID}" ]]; then
+    return
+  fi
+
+  # CR50_BOARD_ID is set, let's parse it and plug in the board ID related
+  # nodes into manifest before the 'fuses' node.
+  local bid_params
+  local rlz
+
+  bid_params=( $(echo $CR50_BOARD_ID | sed 's/:/ /g') )
+  # A very basic sanity check: it needs to consist of three colon separated
+  # fields.
+  if [[ ${#bid_params[@]} != 3 ]]; then
+    echo "Wrong board ID string \"$CR50_BOARD_ID\"}" >&2
+    exit 1
+  fi
+
+  # Convert board RLZ code from ASCII to hex
+  rlz="0x$(echo -n ${bid_params[0]} | hexdump -ve '/1 "%02x"')"
+
+  # Prepare text of all three board ID related nodes
+  sub="$(printf "\\\n\"board_id\": %d,\\\n" "${rlz}")"
+  sub+="$(printf "\"board_id_flags\": %d,\\\n" "0x${bid_params[1]}")"
+  sub+="$(printf "\"board_id_mask\": %d,\\\n" "0x${bid_params[2]}")"
+  sed -i "s/\"fuses\": {/${sub}\"fuses\": {/" "${tmpf}"
+}
+
 # This is the suggested location of the codesigner utility.
 BIN_ROOT="${HOME}/bin"
 
@@ -68,6 +117,7 @@ if [[ -z "${CROS_WORKON_SRCROOT}" ]]; then
   exit 1
 fi
 
+: ${CR50_BOARD_ID=}
 : ${H1_DEVIDS=}
 EC_ROOT="${CROS_WORKON_SRCROOT}/src/platform/ec"
 EC_BIN_ROOT="${EC_ROOT}/util/signer"
@@ -138,11 +188,7 @@ else
   dst_suffix='flat'
 fi
 
-if [[ -z "${do_prod}" && -n "${H1_DEVIDS}" ]]; then
-  echo "creating a customized DEV image for DEV IDS ${H1_DEVIDS}"
-  sub=$(printf "\\\n    \"DEV_ID0\": %d,\\\n    \"DEV_ID1\": %d," ${H1_DEVIDS})
-  sed -i "s/\"fuses\": {/\"fuses\": {${sub}/" "${tmpf}"
-fi
+tweak_manifest
 
 count=0
 for elf in ${elves[@]}; do

util/signer/create_released_image.sh

@@ -13,7 +13,6 @@
 #
 
 set -u
-set -e
 
 # A very crude RO verification function. The key signature found at a fixed
 # offset into the RO blob must match the RO type. Prod keys have bit D2 set to
@@ -110,6 +109,14 @@ prepare_image() {
 }
 
 # Execution starts here ===========================
+if [ -z "${CROS_WORKON_SRCROOT}" ]; then
+ echo "$(basename $0): This script must run inside Chrome OS chroot" >&2
+  exit 1
+fi
+
+SCRIPT_ROOT="${CROS_WORKON_SRCROOT}/src/scripts"
+. "${SCRIPT_ROOT}/build_library/build_common.sh" || exit 1
+
 TMPD="$(mktemp -d /tmp/$(basename $0).XXXXX)"
 trap "/bin/rm -rf ${TMPD}" SIGINT SIGTERM EXIT
 
@@ -119,15 +126,26 @@ dest_dir=
 IMAGE_SIZE='524288'
 export RESULT_FILE
 
-if [ -z "${CROS_WORKON_SRCROOT}" ]; then
- echo "$(basename $0): This script must run inside Chrome OS chroot" >&2
-  exit 1
-fi
+DEFINE_string cr50_board_id "" \
+  "Optional string representing Board ID field of the Cr50 RW header.
+Consists of three fields separated by colon: <RLZ>:<hex mask>:<hex flags>"
 
+# Do not put this before the DEFINE_ invocations - they routinely experience
+# error return values.
+set -e
+
+FLAGS_HELP="usage: $(basename $0) [flags] <blobs>
+
+blobs are:
+  <prod RO A>.hex <prod RO B>.hex <dev RO A>.hex <dev RO B>.hex \
+ <RW.elf> <RW_B.elf>"
+
+# Parse command line.
+FLAGS "$@" || exit 1
+
+eval set -- "${FLAGS_ARGV}"
 if [ "${#*}" != "6" ]; then
-  echo "six parameters are required: "
-  echo "<prod RO A>.hex " \
-    "<prod RO B>.hex <dev RO A>.hex <dev RO B>.hex <RW.elf> <RW_B.elf>" >&2
+  flags_help
   exit 1
 fi
 
@@ -145,6 +163,9 @@ dev_ro_b="${4}"
 rw_a="${5}"
 rw_b="${6}"
 
+# Used by the bs script.
+export CR50_BOARD_ID="${FLAGS_cr50_board_id}"
+
 prepare_image 'dev' "${dev_ro_a}" "${dev_ro_b}" "${rw_a}" "${rw_b}"
 prepare_image 'prod' "${prod_ro_a}" "${prod_ro_b}" "${rw_a}" "${rw_b}"
 tarball="${dest_dir}.tbz2"