cr50: provide build mode for signing with fob

We don't really have the ability to build the latest signer yet, but
this should not stop us from being able to build a properly signed
image using the ec makefiles.

As a stopgap measure the suggestion is to keep the latest signer
binary in ~/bin/codesigner in chroot, then with this patch applied
invoking make with CR50_DEV=1 will cause the proper sighner used and
proper signing procedure followed.

The signed targets need to be built in series to avoid concurrent use
of the signer fob, an addition dependency is being added to enforce
that.

BRANCH=none
BUG=chrome-os-partner:55557
TEST=ran make as follows:
   CR50_DEV=1 make BOARD=cr50
   touched the fob when requested, uploaded the generated
   build/cr50/ec.bin on a kevin-tpm2 using usb_updater, and observed
   it boot properly with the new version.

Change-Id: Ia9494bdc60b4bd3b8e5e09cbcbd8b27409c739d2
Signed-off-by: Vadim Bendebury <vbendeb@chromium.org>
Reviewed-on: https://chromium-review.googlesource.com/376885
Tested-by: Bill Richardson <wfrichar@chromium.org>
Reviewed-by: Bill Richardson <wfrichar@chromium.org>

Makefile.rules

@@ -45,8 +45,8 @@ cmd_flat_to_obj = $(CC) -T $(out)/firmware_image.lds -nostdlib $(CPPFLAGS) \
 # Allow the .roshared section to overlap other sections (itself)
 cmd_ec_elf_to_flat ?= $(OBJCOPY) --set-section-flags .roshared=share \
 				-O binary $< $@
-cmd_elf_to_signed ?= sudo $(out)/util/signer --key=util/signer/$(3) \
-	--input=$< --format=bin --output=$@.signed $(SIG_EXTRA) \
+cmd_elf_to_signed ?= sudo $(SIGNER) --key=util/signer/$(3) \
+	--input=$< --format=bin --output=$@.signed $(SIGNER_EXTRAS) \
 	&& sudo chown $(shell whoami) $@.signed && mv $@.signed $@
 cmd_elf_to_dis = $(OBJDUMP) -D $< > $@
 cmd_elf_to_hex = $(OBJCOPY) -O ihex $< $@
@@ -274,7 +274,7 @@ $(out)/RO/%.flat: $(out)/RO/%.elf  $(out)/RO/%.smap
 	$(call quiet,elf_to_signed,RO_SIGN,$(CR50_RO_KEY))
 
 $(out)/RW/%.flat: $(out)/RW/%.elf  $(out)/RW/%.smap
-	$(call quiet,elf_to_signed,RW_SIGN,loader-testkey-A.pem)
+	$(call quiet,elf_to_signed,RW_SIGN,$(CR50_RW_KEY))
 
 $(out)/RO/%.hex: $(out)/RO/%.flat
 	$(call quiet,bin_to_hex,OBJCOPY)

chip/g/build.mk

@@ -101,6 +101,18 @@ $(out)/RW/ec.RW_B.flat: $(out)/util/signer
 endif
 
 CR50_RO_KEY ?= rom-testkey-A.pem
+ifeq ($(CR50_DEV),)
+CR50_RW_KEY = loader-testkey-A.pem
+SIGNER = $(out)/util/signer
+SIGNER_EXTRAS =
+else
+SIGNER = $(HOME)/bin/codesigner
+CR50_RW_KEY = cr50_rom0-dev-blsign.pem.pub
+RW_SIGNER_EXTRAS = -x util/signer/fuses.xml
+RW_SIGNER_EXTRAS += -j util/signer/ec_RW-manifest-kevin_evt_1.json
+$(out)/RW/ec.RW_B.flat: $(out)/RW/ec.RW.flat
+$(out)/RW/ec.RW.flat $(out)/RW/ec.RW_B.flat: SIGNER_EXTRAS = $(RW_SIGNER_EXTRAS)
+endif
 
 # This file is included twice by the Makefile, once to determine the CHIP info
 # # and then again after defining all the CONFIG_ and HAS_TASK variables. We use

util/signer/ec_RW-manifest-kevin_evt_1.json

@@ -0,0 +1,157 @@
+{
+// List of fuses and their expected values.
+"fuses": {
+        "FLASH_PERSO_PAGE_LOCK": 5,  // individualized
+        "FW_DEFINED_DATA_BLK0": 2,  // kevin EVT 1
+        "FW_DEFINED_DATA_EXTRA_BLK6": 0  // escape hatch
+},
+// Rollback state.
+"info": {
+"0": -1,
+"1": -1,
+"2": -1,
+"3": -1,
+"4": -1,
+"5": -1,
+"6": -1,
+"7": -1,
+"8": -1,
+"9": -1,
+"10": -1,
+"11": -1,
+"12": -1,
+"13": -1,
+"14": -1,
+"15": -1,
+"16": -1,
+"17": -1,
+"18": -1,
+"19": -1,
+"20": -1,
+"21": -1,
+"22": -1,
+"23": -1,
+"24": -1,
+"25": -1,
+"26": -1,
+"27": -1,
+"28": -1,
+"29": -1,
+"30": -1,
+"31": -1,
+"32": -1,
+"33": -1,
+"34": -1,
+"35": -1,
+"36": -1,
+"37": -1,
+"38": -1,
+"39": -1,
+"40": -1,
+"41": -1,
+"42": -1,
+"43": -1,
+"44": -1,
+"45": -1,
+"46": -1,
+"47": -1,
+"48": -1,
+"49": -1,
+"50": -1,
+"51": -1,
+"52": -1,
+"53": -1,
+"54": -1,
+"55": -1,
+"56": -1,
+"57": -1,
+"58": -1,
+"59": -1,
+"60": -1,
+"61": -1,
+"62": -1,
+"63": -1,
+"64": -1,
+"65": -1,
+"66": -1,
+"67": -1,
+"68": -1,
+"69": -1,
+"70": -1,
+"71": -1,
+"72": -1,
+"73": -1,
+"74": -1,
+"75": -1,
+"76": -1,
+"77": -1,
+"78": -1,
+"79": -1,
+"80": -1,
+"81": -1,
+"82": -1,
+"83": -1,
+"84": -1,
+"85": -1,
+"86": -1,
+"87": -1,
+"88": -1,
+"89": -1,
+"90": -1,
+"91": -1,
+"92": -1,
+"93": -1,
+"94": -1,
+"95": -1,
+"96": -1,
+"97": -1,
+"98": -1,
+"99": -1,
+"100": -1,
+"101": -1,
+"102": -1,
+"103": -1,
+"104": -1,
+"105": -1,
+"106": -1,
+"107": -1,
+"108": -1,
+"109": -1,
+"110": -1,
+"111": -1,
+"112": -1,
+"113": -1,
+"114": -1,
+"115": -1,
+"116": -1,
+"117": -1,
+"118": -1,
+"119": -1,
+"120": -1,
+"121": -1,
+"122": -1,
+"123": -1,
+"124": -1,
+"125": -1,
+"126": -1,
+"127": -1
+},
+
+  // Note: tag needs to match what cros_personalize anticipated!
+  // https://cs.corp.google.com/search/?q=kCrosFwr
+  "tag": "00000000000000000000000000000000000000000000000000000000",
+
+  // cros_loader uses b1-dev key as key to verify RW with
+  "keyid": -1187158727,  // b1-dev key
+
+  "p4cl": 177,  // P4 sync cl for XML we link against. 177 == 0xb1.
+
+  "timestamp": 0,
+  "epoch": 0,  // FWR diversification contributor, 32 bits.
+  "major": 0,  // FW2_HIK_CHAIN counter.
+  "minor": 6,  // Harmless version field.
+  "applysec": -1,  // Mask to and with fuse BROM_APPLYSEC.
+  "config1": 13,  // Which BROM_CONFIG1 actions to take before launching.
+  "err_response": 0,  // Mask to or with fuse BROM_ERR_RESPONSE.
+  "expect_response": 3  // purgatory level when expectation fails.
+}