The board ID fields are displayed by the Cr50 console command 'bid' as
follows: <board id>:<board id mask>:<board id flags>.
Make sure the user passes them in the same order when invoking the signer
to sign a board locked image.
BRANCH=none
BUG=none
TEST=verified proper order of the fields when generating and using a
prod signed image.
Change-Id: Ia4569c5e9e663b26edaa591bae881c719c4f199c
Signed-off-by: Vadim Bendebury <vbendeb@chromium.org>
Reviewed-on: https://chromium-review.googlesource.com/604218
Reviewed-by: Mary Ruthven <mruthven@chromium.org>
Recent signer improvements allow to include hex values into the
manifest, this also makes it easier to process values with bid D31
set, let's use strings instead of ints.
BRANCH=none
BUG=none
TEST=verified signing of a prod release
Change-Id: Ia05198991bfdd8dfd831545a9edf70f1e06f24f4
Signed-off-by: Vadim Bendebury <vbendeb@chromium.org>
Reviewed-on: https://chromium-review.googlesource.com/604217
Reviewed-by: Mary Ruthven <mruthven@chromium.org>
The new signer (version: 1.2 00840c1b6) allows hex values in the
manifest, which means there is no need to explicitly convert the
values before adding them to the manifest.
A nice side effect of this is the fact that there is no need to care
about the sign of the values any more, the signer does the right
thing.
BRANCH=none
BUG=none
TEST=built an image using the following invocation:
$ make BOARD=cr50 H1_DEVIDS='0x12009015 0x90e95664' -j
and successfully ran it on a device. Note that the old signer was
chocking on hex values exceeding 0x7fffffff, the new one handles
them properly.
Change-Id: I08c0339f922d287c82d56fb51570bfbf7107531e
Signed-off-by: Vadim Bendebury <vbendeb@chromium.org>
Reviewed-on: https://chromium-review.googlesource.com/598728
Reviewed-by: Nick Sanders <nsanders@chromium.org>
There needs to be a way to set a board ID fields in the Cr50 RW
header. This patch adds this capability to the board signer and
release image creator scripts.
create_released_image.sh is being modified to include chrome OS
command line option parsing bash library, and a new command line
parameter is defined, --cr50_board_id. Its value is a string of three
colon separated fields, <board id>:<board id mask>:<board id flags>,
where
<board id> is a 4 character ASCII string, the RLZ board code
<board id mask> and <board id flags> are two hex values, without
preceding 0x.
This value is passed to the bs script through environment variable
CR50_BOARD_ID (to be in sync with the bs script taking already
optional parameters like H1_DEVIDS from the environment).
The bs script is slightly refactored, code modifying the manifest to
splice in the device ID nodes is put into a function, and code adding
the board ID nodes to the manifest is also included in the new
function.
The three fields of the CR50_BOARD_ID string are converted to integers
and added to three nodes in the manifest (board_id, board_id_mask, and
board_id_flags respectively).
BRANCH=none
BUG=b:62294740
TEST=created a released image image using
create_released_image.sh --cr50_board_id RXXX:ffffff00:ff00 \
<rest of parameters>
using the modified usb_updater (under a different patch) verified
that the header fields have been created as expected.
Change-Id: I8374024de347f341ac16b72c2fa4a774e8385466
Signed-off-by: Vadim Bendebury <vbendeb@chromium.org>
Reviewed-on: https://chromium-review.googlesource.com/562918
Reviewed-by: Randall Spangler <rspangler@chromium.org>
This clean up is based on the review of a branch cherry-pick patch
(https://chromium-review.googlesource.com/c/556184).
Most of the comments apart from the suggestion of creating main() and
'workforce'() have been addressed.
BRANCH=cr50
BUG=b:62294740
TEST=verified that images created by running
H1_DEVIDS='xxx xxx' ./util/signer/bs elves elf.1 elf.2
H1_DEVIDS='xxx xxx' ./util/signer/bs
are still bootable on a Cr50.
Change-Id: I370526be060e11b8c640d35b1409a631233b0672
Signed-off-by: Vadim Bendebury <vbendeb@chromium.org>
Reviewed-on: https://chromium-review.googlesource.com/557997
Reviewed-by: Randall Spangler <rspangler@chromium.org>
The recent change of the code signer is not backwards compatible, a
new command line parameter must be added.
BRANCH=cr50
BUG=none
TEST=verified that
H1_DEVIDS='xxxx yyyyy' ./util/signer/bs
succeeds again.
Change-Id: I9a8e03c20aa4b7b689b1f5e4a1f786cf5857483f
Signed-off-by: Vadim Bendebury <vbendeb@chromium.org>
Reviewed-on: https://chromium-review.googlesource.com/527317
Reviewed-by: Mary Ruthven <mruthven@chromium.org>
We are still building two images - for prod and dev fused H1 chips.
This requires different pairs of RO images and calls for using
different keys when signing RW images.
Each produced image is of 512K bytes in size, the ROs are paced at
offsets 0 and 0x40000, the RWs at offsets 0x4000 and 0x4000.
The signed ROs come from their respective source, their processing is
limited to converting into binary format and verifying that their key
signatures match image designation (prod vs dev).
The RWs binaries are derived from RW elf files which are the result of
running 'make BOARD=cr50'. The elves are converted into binary format
and signed, the bs script is used for that.
The bs script is modified to accept the destination file name from the
shell variable, to detect signing failures (resulting in zero sized
binaries), and to fix error reporting.
The new script create_released_image.sh expects exactly six command
line parameters:
<prod RO A>.hex <prod RO B>.hex <dev RO A>.hex <dev RO B>.hex \
<RW.elf> <RW_B.elf>
and generates two cr50 binary images.
The generated images are placed in the directory named cr50.r<ro
vers>.w<rw vers> (the versions are retrieved from the binaries using
usb_updater), and then placed in the tarball with the same base name.
This naming convention is imposed by the ebuild pulling in the tarball
from the binary component server (BCS).
On the successful completion the script prints out commands which can
be used to upload the new tarball to the BCS.
BRANCH=none
BUG=b:35587234
TEST=ran the script to generate the r0.0.10.w0.0.18 release, verified
that all components of both imagea are properly signed (are
bootable and the key signature matches the prod/dev convention).
Change-Id: I87be1d44a721c979bdeeabf986d717e3a382db45
Signed-off-by: Vadim Bendebury <vbendeb@chromium.org>
Reviewed-on: https://chromium-review.googlesource.com/439907
Reviewed-by: Bill Richardson <wfrichar@chromium.org>
Reviewed-by: Caveh Jalali <caveh@google.com>
This is a 'semi official' utility script which re-signs previously
generated CR50 RW images.
By default the script uses ec.RW.elf and ec.RW_B.elf in build/cr50/RW
as inputs and util/signer/ec_RW-manifest-dev.json as the manifest, and
places the newly signed images into build/cr50/ec.bin.
The only outside dependency of this script is the signing utility itself,
which is expected to be available as $HOME/bin/codesighner.
The following command line options are accepted:
b1 - generate signature for the b1 version of the H1 chip
elves <elf1> <elf2> - sign the supplied elf files instead of the
default ones. Handy if the builder generated files need to be
signed
help - print this message
hex - generate hex output instead of binary
prod - sign with prod key (no debug image will be signed)
When invoked with 'hex' as a command line parameter, the script just
re-signs the supplied elf files and places them in 0.signed.hex and
1.signed.hex in the current directory.
This script also allows to sign dev images for running on prod RO. To
do that invoke this script as follows:
H1_DEVIDS='<dev id0> <dev id1>" ${progname} [other options, if any]
where <dev id0> <dev id1> are values reported by sysinfo command in the
DEV_ID: line when ran on the CR50 for which the image is built.
BRANCH=none
BUG=chrome-os-partner:57956
TEST=manual
tried signing dev and prod images, including sighing a dev image to
run on a prod device. All cases succeeded.
Change-Id: I879c4a08503a19a0c440b141aa1fd6b29cc70bf7
Signed-off-by: Vadim Bendebury <vbendeb@chromium.org>
Reviewed-on: https://chromium-review.googlesource.com/417221
Reviewed-by: Bill Richardson <wfrichar@chromium.org>
