This makes it easy to integrate firmware signing into the signer
since we can reuse the base signing script.
BUG=chromium-os:10094
TEST=try signing both firmware and normal images.
Change-Id: I8beb598e267de33a2c3468dcf8d7c4b74d4de9fd
Reviewed-on: https://gerrit.chromium.org/gerrit/24654
Reviewed-by: Mike Frysinger <vapier@chromium.org>
Commit-Ready: Gaurav Shah <gauravsh@chromium.org>
Tested-by: Gaurav Shah <gauravsh@chromium.org>
Align_rootfs was written to auto-fetch the previous release of a given
image, but that logic has bit-rotted. This CL is a quick hack to use
--src_image instead.
BUG=chromium-os:31124
TEST=Hand ran.
Change-Id: I530c6f82c42993648cecb5d59172010d61dd1603
Reviewed-on: https://gerrit.chromium.org/gerrit/23168
Commit-Ready: Don Garrett <dgarrett@chromium.org>
Reviewed-by: Don Garrett <dgarrett@chromium.org>
Tested-by: Don Garrett <dgarrett@chromium.org>
This just adds the vbutil_ec tool (and a simple test of the library
functions related to it).
BUG=chrome-os-partner:7459, chromium-os:27142
TEST=manual
make
make runtests
Change-Id: I2a2c4e7cfb8ac6ce2229c5de4252a5cc89321fa5
Reviewed-on: https://gerrit.chromium.org/gerrit/21868
Commit-Ready: Bill Richardson <wfrichar@chromium.org>
Tested-by: Bill Richardson <wfrichar@chromium.org>
Reviewed-by: Stefan Reinauer <reinauer@google.com>
Reviewed-by: Vadim Bendebury <vbendeb@chromium.org>
The retry logic has brought down the number of flakes significantly (from
multiple errors a day to ~one every other day). But let's up the retry
count, and have it sleep longer after each failure, so hopefully we can
bring down the flake count even further.
BUG=chrome-os-partner:8156
TEST=`./signing_poller.py -s` signs local images fine
Change-Id: I98bc947836514d8b931568f87f7f9a373f771b79
Reviewed-on: https://gerrit.chromium.org/gerrit/21468
Reviewed-by: Gaurav Shah <gauravsh@chromium.org>
Tested-by: Mike Frysinger <vapier@chromium.org>
Commit-Ready: Mike Frysinger <vapier@chromium.org>
The kernels we are running the signers on flake out from time to time
when mounting the loop back images. Have the mount code detect this
edge case and automatically retry when the flake hits.
BUG=chrome-os-partner:8156
TEST=`./signing_poller.py -s` signs local images fine
Change-Id: Iaa08445904aa26f0aa7240504f6c7a96e6ef3bbb
Reviewed-on: https://gerrit.chromium.org/gerrit/21055
Reviewed-by: Gaurav Shah <gauravsh@chromium.org>
Commit-Ready: Mike Frysinger <vapier@chromium.org>
Tested-by: Mike Frysinger <vapier@chromium.org>
The common code takes care of cleaning up temporary files for us if we
use the right helpers. These scripts don't though, so the temp files
end up not getting cleaned and over time, /tmp/ files up with crap.
The common helper takes care of unmounting and removing, so converting
these files over should be safe.
BUG=None
TEST=`./signer/signer_poller.py -s` signs local images and leaves no /tmp/tmp.* junk
Change-Id: I87aa122895997a5ec0017665203fdc8d14e0ab2a
Reviewed-on: https://gerrit.chromium.org/gerrit/20329
Reviewed-by: Gaurav Shah <gauravsh@chromium.org>
Commit-Ready: Mike Frysinger <vapier@chromium.org>
Tested-by: Mike Frysinger <vapier@chromium.org>
If we try to run the signing_poller daemon as non-root, it fails to set
the channel. Detect if the lsb file is writable, and if not, switch to
using sudo on the fly.
BUG=None
TEST=`./signer/signing_poller.py` as non-root and setting the channel works
Change-Id: Iadb10ae68582edfb332f33d3b101c83949ee9502
Reviewed-on: https://gerrit.chromium.org/gerrit/20089
Reviewed-by: Gaurav Shah <gauravsh@chromium.org>
Tested-by: Mike Frysinger <vapier@chromium.org>
Commit-Ready: Mike Frysinger <vapier@chromium.org>
Investigations in crosbug.com/26483 revealed a bug in loop device handling
if 'umount -d' was called on loop devices mounted using 'mount -o loop'.
This CL changes all invocations of umount to remove the -d option since they
are always in the context of a loop device creating using -o loop.
BUG=chrome-os-partner:8156
TEST=none
Change-Id: I96f30664c3f9148d3b57d430002512d8e94b66bc
Reviewed-on: https://gerrit.chromium.org/gerrit/19858
Reviewed-by: David James <davidjames@chromium.org>
Commit-Ready: Gaurav Shah <gauravsh@chromium.org>
Tested-by: Gaurav Shah <gauravsh@chromium.org>
Similar to the canary channel, the dogfood channel images can have their
own app id that is distinct from the board app id.
BUG=chromium-os:25702, chrome-os-partner:8441
TEST=on a dogfood-channel image
Change-Id: Ic993a40d905b224072d325a69e47fdb6633c2e22
Reviewed-on: https://gerrit.chromium.org/gerrit/18039
Tested-by: Gaurav Shah <gauravsh@chromium.org>
Reviewed-by: Scott Zawalski <scottz@chromium.org>
If the channel is canary, allow appid to match the value of
expected_appid_canary in the ensure sane lsb release test
configuration.
BUG=chromium-os:25437
TEST=manually tested on an image with and without the channel being canary.
Change-Id: I6bf71adbe0fc090ef777c28d24c53eaa8be18404
Reviewed-on: https://gerrit.chromium.org/gerrit/15509
Tested-by: Gaurav Shah <gauravsh@chromium.org>
Reviewed-by: Scott Zawalski <scottz@chromium.org>
Commit-Ready: Gaurav Shah <gauravsh@chromium.org>
The test is run on a recovery image by the signer. We care more about the
parameters on the kernel partition 4 (the SSD install kernel) than 2.
It'd be nice to have security test on the recovery kernel too and I have
marked that as a TODO for now.
BUG=chromium-os:24077
TEST=tested on a R17 and R18 mario, alex and zgb image.
Change-Id: Ia27ceaefb24dff64115f08b1cc6bbb75d1900071
Reviewed-on: https://gerrit.chromium.org/gerrit/12970
Reviewed-by: Jim Hebert <jimhebert@chromium.org>
Tested-by: Gaurav Shah <gauravsh@chromium.org>
Correctly handle the lack of valid dm config parameters in the kernel
command line (dm="..."). In particular, skip trying to perform a rootfs
hash update for that kernel partition.
This change has the side effect of properly signing new recovery images
with the in-flight changes recovery install changes being done as part of
crosbug.com/22530.
Also fix verification of recovery images to consider both kernel partitions
for determing the hash to compare the calculated value against.
Finally, remove dd's verbose output while signing the firmware.
BUG=chromium-os:22530
TEST=manually re-signed new (Alex) and old (Lumpy) recovery image. Verified
that recovery install works.
Change-Id: Ied9f82f2e77ed581875cec0b43ce45fd98186db2
Reviewed-on: https://gerrit.chromium.org/gerrit/12588
Tested-by: Gaurav Shah <gauravsh@chromium.org>
Reviewed-by: Will Drewry <wad@chromium.org>
Commit-Ready: Gaurav Shah <gauravsh@chromium.org>
We recently fixed a bug in the sign_firmware.sh script to perform
root key replacement after signing FWA and FWB to allow
resign_firmwarefd.sh to correctly determine the preamble flag to use.
As it turns out, the sign_official_build.sh script used by the signer
for in-place firmware re-signing was using a different code path (by
directly calling resign_firmwarefd.sh).
This change makes sign_official_build script call sign_firmware.sh instead.
BUG=chrome-os-partner:6874
TEST=tried signing a vanilla lumpy image with and without the fix, and
observed the value of preamble flag used.
Change-Id: Icffb1d86fbe44f69e444da51fe251ad3427635c6
Reviewed-on: https://gerrit.chromium.org/gerrit/12471
Reviewed-by: Duncan Laurie <dlaurie@chromium.org>
Tested-by: Gaurav Shah <gauravsh@chromium.org>
If the FW_A and FW_B contents are the same, we should not resign with
DEV/NORM keyblocks.
BUG=chrome-os-partner:6942
TEST=(to sign) ./resign_firmwarefd.sh bios.bin new.bin \
../../tests/devkeys/firmware_data_key.vbprivk
../../tests/devkeys/firmware.keyblock \
../../tests/devkeys/dev_firmware_data_key.vbprivk \
../../tests/devkeys/dev_firmware.keyblock \
../../tests/devkeys/kernel_subkey.vbpubk
(to verify) dump_fmap -x new.bin
vbutil_keyblock --unpack VBLOCK_A | grep Flags
vbutil_keyblock --unpack VBLOCK_B | grep Flags
When the input (bios.bin) have DEV FW (ex, zgb/alex), then output
is A=6, B=7; when the input is old or new firmware without DEV
(ex, mario/s*y/l*y), output is A=7, B=7, and you'lll see
"Found firmware with same A/B content - ignore DEV keyblock."
meessage during resign process.
Change-Id: I10cbbf7370f35a40673b328b70c83e7d1213a45d
Reviewed-on: https://gerrit.chromium.org/gerrit/12371
Commit-Ready: Hung-Te Lin <hungte@chromium.org>
Reviewed-by: Hung-Te Lin <hungte@chromium.org>
Tested-by: Hung-Te Lin <hungte@chromium.org>
For key generation, only generate dev firmware keyblocks, if the
--devkeyblock option is passed. For signing, re-use normal firmware
keyblock and data key if no dev keyblocks or data key are found in
the keyset directory.
BUG=chrome-os-partner:6942
TEST=manual
- tested key generation with/without the new flag
- tested signing with or without the presence of dev keyblock
Change-Id: Ic4bf72cb194461e07fcc0f6de39d4e16d1c979a6
Reviewed-on: https://gerrit.chromium.org/gerrit/12038
Reviewed-by: Hung-Te Lin <hungte@chromium.org>
Tested-by: Gaurav Shah <gauravsh@chromium.org>
Commit-Ready: Gaurav Shah <gauravsh@chromium.org>
resign_firmwarefd.sh needs a verifiable copy of the firmware (and associated root key)
to determine the preamble flag value to use.
BUG=chrome-os-partner:6874
TEST=manually tested resigning a firmware .bin using sign_firmware.sh. Verified correct
preamble flag determination.
Change-Id: Ifb132f54f4891dec4fa7250d3a00e7b4feda24c1
Reviewed-on: https://gerrit.chromium.org/gerrit/11776
Reviewed-by: Duncan Laurie <dlaurie@chromium.org>
Commit-Ready: Gaurav Shah <gauravsh@chromium.org>
Tested-by: Gaurav Shah <gauravsh@chromium.org>
We should have been using Droid Sans, not Helvetica, and some of the
non-Roman locales need special handling to render clearly and correctly. We
also get better results if we avoid scaling after rendering the text.
Added scripts/newbitmaps/Makefile to regenerate it all, updated the READMEs.
Since Hung-Te figured out how to use pango-view to render the UTF-8
reliably, we don't need to keep all the pre-rendered locale images anymore
either.
This provides the x86 bmpblock for Stumpy PVT. We may need some more
tweaking for Lumpy and/or ARM.
BUG=chrome-os-partner:6595
TEST=manual
Put the new screens into the bios:
gbb_utility -s --flags=0 -b bmpblock_x86.bin OLDBIOS NEWBIOS
flashrom -w NEWBIOS
Then reboot and look at the BIOS screens. The lettering is much clearer.
Change-Id: Icb07bc6d131920730f41348c7de9151e42cc9518
Reviewed-on: https://gerrit.chromium.org/gerrit/11007
Tested-by: Bill Richardson <wfrichar@chromium.org>
Reviewed-by: Hung-Te Lin <hungte@chromium.org>
BUG=chrome-os-partner:6595
TEST=manual
User our new officially finally final localizations for Stumpy.
Start by removing some of the subtle speckles from the background images so
they'll compress a little better, then modify the Makefile to autogenerate
the bitmap blob (for x86, anyway).
Note: the size improvment isn't much, but every little bit helps. With all
43 locales, bmpblock.bin was 659798 bytes. Now it's 665142 (5344 bytes saved).
And, no, we can't fit all 43 locales in our current BIOS. Yet.
Change-Id: I78cf8215f3da41a7ebc0e354cd1964c427a8c651
Reviewed-on: https://gerrit.chromium.org/gerrit/10879
Tested-by: Bill Richardson <wfrichar@chromium.org>
Reviewed-by: Hung-Te Lin <hungte@chromium.org>
* Updated the text strings using the latest results from the localization
experts.
* Strip the leading byte-order-mark and trailing whitespace from the text
files, since it's not used for anything and sometimes renders as a box.
* Added options to the text_to_bmp script to handle right-to-left languages
and to override the font.
* Added scripts/newbitmaps/strings/localized_text/Makefile to regenerate all
the bitmaps from the text strings. This handles right-to-left languages
correctly.
* Modified make_default_yaml so that the th/model.txt string is moved up a
bit to align it properly with the HWID.
* Regenerated DEFAULT.yaml using the new bitmaps.
BUG=chromium-os:13037
TEST=none
Change-Id: I095830a46ba831742d437867a9caac88c8e28de1
Reviewed-on: http://gerrit.chromium.org/gerrit/8834
Tested-by: Bill Richardson <wfrichar@chromium.org>
Reviewed-by: Hung-Te Lin <hungte@chromium.org>
To prevent execution permissions lost after being copied to /tmp, force adding
a+rx to the staging file.
BUG=chromium-os:20797
TEST=sudo sign_official_build.sh ssd \
x86-zgb-0.16.1089.0.bin ../../tests/devkeys ssd_image.bin
Change-Id: Ibee12dbb3faea9f6b05600d1343620e0af8633fb
Reviewed-on: http://gerrit.chromium.org/gerrit/8263
Tested-by: Hung-Te Lin <hungte@chromium.org>
Reviewed-by: Gaurav Shah <gauravsh@chromium.org>
Commit-Ready: Gaurav Shah <gauravsh@chromium.org>
Work around the fact that we have 3 different verity kernel arguments depending
on the image being signed (legacy parameters, new key=value parameters, new key=
value parameters with salt).
Since the signer is not branch conscious, expect and use the old verity binary to
be present when legacy kernel arguments are specified. The last 2 types of verity
arguments can be distinguished based on whether a salt is present.
BUG=chromium-os:20640
TEST=manually tested by signing r14, r15 and r16 images and verifying
that kernel parameters are set correctly.
Change-Id: I96ecf6f506a94509a64ef12d7a108e977f94c23c
Reviewed-on: http://gerrit.chromium.org/gerrit/8214
Commit-Ready: Gaurav Shah <gauravsh@chromium.org>
Tested-by: Gaurav Shah <gauravsh@chromium.org>
Reviewed-by: David McMahon <djmm@chromium.org>
Tested-by: David McMahon <djmm@chromium.org>
This is again working around the fact that the signer isn't branch
conscious. Depending on which branch you look at, there are 3 possible
verity parameter styles in use.
This CL allows the kernel parameter test to allow multiple alternatives
for verity dm= parameters.
BUG=chromium-os:20640
TEST=manually tried with a R16, R15 and R14 image
Change-Id: I07554594d6adbdfd1988395d3e91edfd603d8cd4
Reviewed-on: http://gerrit.chromium.org/gerrit/8067
Reviewed-by: Jim Hebert <jimhebert@chromium.org>
Commit-Ready: Gaurav Shah <gauravsh@chromium.org>
Tested-by: Gaurav Shah <gauravsh@chromium.org>
BUG=chromium-os:17138
TEST=tested changes on vm8-m2, was able to successfully run au-generate.py
and it used the cgpt binary from au-generate.zip
Change-Id: Ia57f1be4b0d669cad430e51977cce6e26d704320
Reviewed-on: http://gerrit.chromium.org/gerrit/7796
Reviewed-by: Gaurav Shah <gauravsh@chromium.org>
Reviewed-by: Eric Blake <eblake@chromium.org>
Tested-by: Eric Blake <eblake@chromium.org>
To prevent hard-coding the procedure to repack a firmware updater, this CL
supports using new "--sb_repack" mode supported by updater so that signer does
not need to care about how the updater is packed anymore.
BUG=chromium-os:20027
TEST=./sign_official_build.sh ssd \
~/trunk/src/build/images/x86-zgb/latest/chromiumos_image.bin \
../../tests/devkeys \
~/trunk/src/build/images/x86-zgb/latest/chromiumos_new_image.bin
# success
Change-Id: I035dfaa86b05b85748e69ec039769b0c08d33f64
Reviewed-on: http://gerrit.chromium.org/gerrit/7311
Tested-by: Hung-Te Lin <hungte@chromium.org>
Reviewed-by: Gaurav Shah <gauravsh@chromium.org>
There were some locale bitmaps displayed as question marks (like ???) due to
missing font with ImageMagick. Since we use Pango now, this CL updates the
bitmaps from those locales:
ar el fa hi iw ja ko th vi zh_CN zh_TW
BUG=chromium-os:13037
TEST=for X in ar el fa hi iw ja ko th vi zh_CN zh_TW; do
display $X; done
# all pictures looks fine - at least no question marks anymore
Change-Id: I4b4c443d6afb25cf603f3371a47677744ea9358d
Reviewed-on: http://gerrit.chromium.org/gerrit/7326
Reviewed-by: Bill Richardson <wfrichar@chromium.org>
Tested-by: Hung-Te Lin <hungte@chromium.org>
BUG=chromium-os:18631
TEST=manual
Boot to recovery mode screen. HWID should be the same size and shape as the
rest of the text.
Change-Id: Iee0b0611c1319a304d911b710dd7f35ef999a1eb
Reviewed-on: http://gerrit.chromium.org/gerrit/6667
Reviewed-by: Randall Spangler <rspangler@chromium.org>
Tested-by: Bill Richardson <wfrichar@chromium.org>
The vboot_api.h doesn't require the BIOS display the ASCII HWID in
a graphical form (ARM U-Boot doesn't know how), so we have to do it
ourselves. This change makes that possible.
Summary of changes:
* bmpblk_font.h defines a structure to map ASCII chars to BMPs
* bmpblk_font utility generates that font structure
* bmpblock format is bumped to version 1.2
- YAML file specifies font to use for $HWID
- make_default_yaml updated to emit the new format
- README updated to describe the difference
BUG=chromium-os:18631
TEST=manual
I've tested this on ARM, like so:
Inside the chroot, build a U-Boot that uses it:
emerge-tegra2_kaen vboot_reference vboot_reference-firmware
emerge-tegra2_kaen tegra-bct tegra2-public-firmware-fdts \
chromeos-u-boot chromeos-bootimage
Outside chroot, but in src/platform/vboot_reference:
make
<copy ./build/utility/bmpblk_font and ./build/utility/bmpblk_utility to
somewhere in your $PATH>
make clean
cd scripts/newbitmaps/fonts
bmpblk_font --outfile ../images/hwid_fonts.bin outdir/*
cd scripts/newbitmaps/images
make arm
cd out_arm
<edit DEFAULT.yaml>
bmpblk_utility -z 2 -c DEFAULT.yaml arm_bmpblock.bin
<use gbb_utility to replace the bitmaps in the U-Boot image, boot it>
The HWID string is displayed.
Change-Id: I782004a0f30c57fa1f3bb246e8c59a02c5e9f561
Reviewed-on: http://gerrit.chromium.org/gerrit/6544
Reviewed-by: Bill Richardson <wfrichar@chromium.org>
Tested-by: Bill Richardson <wfrichar@chromium.org>
bmpblk_utility correctly supports this field, which can be used by the
factory process to map the localization to the correct locale. We forgot to
put the entries in the DEFAULT.yaml file. This change corrects that for
future releases.
BUG=none
TEST=none
Change-Id: Iea65d7439e6ef8cc8730ec1b862abba87041d93f
Reviewed-on: http://gerrit.chromium.org/gerrit/6424
Reviewed-by: Randall Spangler <rspangler@chromium.org>
Reviewed-by: Bill Richardson <wfrichar@chromium.org>
Tested-by: Bill Richardson <wfrichar@chromium.org>
We should detect keyblock from existing firmware and decide if a developer
firmware keyblock should be used.
BUG=chromium-os:18946
TEST=./make_dev_firmware.sh -f zgb.bin -t zgb_dev.bin
# seeing Using keyblocks (developer, normal)...
./make_dev_firmware.sh -f mario.bin -t mario_dev.bin
# seeing Using keyblocks (normal, normal)...
./make_dev_firmware.sh -f arm.bin -t arm_dev.bin
# seeing Using keyblocks (normal, normal)...
Change-Id: I74fa0db980e26a6a19a4393303e8c5b3260c84c7
Reviewed-on: http://gerrit.chromium.org/gerrit/5623
Tested-by: Hung-Te Lin <hungte@chromium.org>
Reviewed-by: Hung-Te Lin <hungte@chromium.org>
Since both UEFI BIOS and U-Boot display BMP images (although with different
compression schemes), we might as well just use that format for the master
images.
We may still need to crop, scale, or compress these master images to the
platform-specific formats, of course. This change also adds an example
Makefile to produce the scaled images for x86 platforms.
BUG=chromium-os:18631
TEST=none
Change-Id: Idd18d66ea46502065c6f3707f625908a892a0cbd
Reviewed-on: http://gerrit.chromium.org/gerrit/5619
Tested-by: Bill Richardson <wfrichar@chromium.org>
Reviewed-by: Hung-Te Lin <hungte@chromium.org>
This change moves the old bitmaps (Mario, Alex, ZGB) and their supporting
scripts into a subdirectory, and creates a new set of images at 1366x768, in
PNG format.
This is preparation for providing a complete set of localized BIOS screens
to use as the master for all new platforms.
The plan is that these master images will be scaled, cropped, and converted
into the correct formats for each target platform, and those binary
bmpblocks saved in their own package. Only if a translation changes should
we need to regenerate the bmpblocks.
These new images do NOT (yet) include locales that cannot be rendered
correctly by ImageMagick, and not all of them have been fully vetted by the
localization team.
BUG=chromium-os:13037
TEST=none
Change-Id: Ic25832aad3c6cc36879db204c2579395014af311
Reviewed-on: http://gerrit.chromium.org/gerrit/5508
Reviewed-by: Hung-Te Lin <hungte@chromium.org>
Reviewed-by: Tom Wai-Hong Tam <waihong@chromium.org>
Tested-by: Bill Richardson <wfrichar@chromium.org>
Reviewed-by: Bill Richardson <wfrichar@chromium.org>
Parsing fmap information becomes easier after dump_fmap adds "-p" mode, and
prevents the dependency because dump_fmap is in same repo with signing scripts.
BUG=none, pure refine to reduce dependency and less error messages
TEST=./resign_firmwarefd.sh mario_bios.bin output.bin \
devkeys/firmware_data_key.vbprivk devkeys/firmware.keyblock \
devkeys/firmware_data_key.vbprivk devkeys/firmware.keyblock \
devkeys/kernel_subkey.vbpubk
# Also verified with modern firmware like ZGB/Alex and ARM.
Change-Id: Ia40ecd9ab641250272952e20ab058e780eb7770b
Reviewed-on: http://gerrit.chromium.org/gerrit/5132
Tested-by: Hung-Te Lin <hungte@chromium.org>
Reviewed-by: Gaurav Shah <gauravsh@chromium.org>
When preamble_flag is not assigned manually, resign_firwmarefd should not change
the preamble flag.
BUG=chromium-os:18207
TEST=# Prepare a bios.bin with preamble_flag=1 (ex, ARM firmware)
./resign_firmwarefd.sh bios.bin ..... # do not assign preamble
vbutil_firmware --verify # see preamble_flag=1
# Repeat with firmware having preamble_flag=0 (ex, x86 firmware like ZGB/Alex)
# preamble_flag is 0 after resign_firmwarefd.
Change-Id: I50f88bbf51a28defaf1c4e5383ab856168a128fc
Reviewed-on: http://gerrit.chromium.org/gerrit/5133
Tested-by: Hung-Te Lin <hungte@chromium.org>
Reviewed-by: Bill Richardson <wfrichar@chromium.org>
Reviewed-by: Gaurav Shah <gauravsh@chromium.org>
The two-stop firmware relies on the "flag" field which may be useful for the
resign_firmwarefd.sh.
BUG=chrome-os-partner:5095
TEST=./resign_firmwarefd [params] 1
vbutil_firmware --verify ..... # seeing flag = 1
Change-Id: I56b44ee5b610e36384e15e6eb31286f0f838734b
Reviewed-on: http://gerrit.chromium.org/gerrit/4561
Tested-by: Hung-Te Lin <hungte@chromium.org>
Reviewed-by: Gaurav Shah <gauravsh@chromium.org>
The %U is better since arm and x86 both supports it now.
BUG=chromium-os:15683
TEST=./make_dev_ssd.sh # need latest kernel patch
Change-Id: I94a6471788d3496cfa7ef263493e89877bb2b593
Reviewed-on: http://gerrit.chromium.org/gerrit/3551
Reviewed-by: Che-Liang Chiou <clchiou@chromium.org>
Tested-by: Hung-Te Lin <hungte@chromium.org>
