The standalone accessories are using a key name like this:
key_<product>.pem or key_<product>.vbprik2
when it doesn't exist, fallback using key.pem or key.vbprik2.
BRANCH=none
BUG=chrome-os-partner:47557
TEST=manual:
./scripts/image_signing/sign_official_build.sh accessory_usbpd ../ec/build/zinger/ec.bin tests/devkeys-acc /tmp/ec-zinger.TEST.SIGNED.bin
./scripts/image_signing/sign_official_build.sh accessory_rwsig ../ec/private/build/hadoken/keyboard_app.bin tests/devkeys-acc /tmp/ec-hadoken.TEST.SIGNED.bin
./scripts/image_signing/sign_official_build.sh accessory_rwsig ../ec/private/build/hadoken/keyboard_app.bin /tmp /tmp/ec-hadoken.TEST.SIGNED.bin
Change-Id: I68863664bdb9da1695e91b1986f3a0148af7da26
Reviewed-on: https://chromium-review.googlesource.com/312836
Commit-Ready: Vincent Palatin <vpalatin@chromium.org>
Tested-by: Vincent Palatin <vpalatin@chromium.org>
Reviewed-by: Mike Frysinger <vapier@chromium.org>
My previous patch using futility to re-sign standalone accessory
firmware images had a mistake in the key directory path : fix it.
Also add RSA-2048 'accessory' keys for signer unit testing.
BRANCH=smaug, samus
BUG=chrome-os-partner:46635
TEST=run cros-signing unittests (./signing_unittests.py)
Change-Id: Ia2f641c85337c67f81968be4730643a6ad5f22cf
Reviewed-on: https://chromium-review.googlesource.com/309530
Commit-Ready: Vincent Palatin <vpalatin@chromium.org>
Tested-by: Vincent Palatin <vpalatin@chromium.org>
Reviewed-by: Bill Richardson <wfrichar@chromium.org>
Use futility to re-sign standalone accessory firmware images either the
former "usbpd1" used by USB Power Delivery firmware generated from the
EC codebase or the new "rwsig" format.
BRANCH=smaug, samus
BUG=chrome-os-partner:46635
TEST=manual:
openssl genrsa -F4 -out key_zinger.pem 2048
openssl genrsa -F4 -out key_hadoken.pem 2048
futility create --desc="Hadoken fake MP key" key_hadoken.pem key_hadoken
./scripts/image_signing/sign_official_build.sh accessory_usbpd build/zinger/ec.bin . build/zinger/ec.SIGNED.bin
./scripts/image_signing/sign_official_build.sh accessory_rwsig build/hadoken/keyboard_app.bin . build/hadoken/keyboard_app.SIGNED.bin
and compare the re-signed files with the original files.
Change-Id: I586ba3e4349929782e734af1590f394824e7dd44
Reviewed-on: https://chromium-review.googlesource.com/306795
Commit-Ready: Vincent Palatin <vpalatin@chromium.org>
Tested-by: Vincent Palatin <vpalatin@chromium.org>
Reviewed-by: Bill Richardson <wfrichar@chromium.org>
This reverts commit 82dec09bd5.
This flag doesn't exist on Ubuntu Precise which is what the signers
are running atm. Until we get them upgraded to Trusty, back this
change out.
BUG=chromium:530730
TEST=`./signing_unittests.py` passes
BRANCH=None
Change-Id: I9ba508c1531dbb169fd020d06ab102f6576b7342
Reviewed-on: https://chromium-review.googlesource.com/306310
Commit-Ready: Mike Frysinger <vapier@chromium.org>
Tested-by: Mike Frysinger <vapier@chromium.org>
Reviewed-by: Amey Deshpande <ameyd@google.com>
Specifically, this patch updates 'root_hexdigest' in legacy bootloader
templates in EFI system partition to match the signed rootfs.
BRANCH=None
BUG=chromium:512940
TEST=Ran sign_official_build.sh locally and booted the image on kvm
(using BIOS).
TEST=Ran signing_unittests.py by locally changing vboot_stable_hash to
include this patch.
$ ./sign_official_build.sh base chromiumos_base_image.bin \
../../tests/devkeys chromiumos_base_image_signed.bin
Change-Id: Ied021c4464b113a64508f5081605069bdcecbc1f
Reviewed-on: https://chromium-review.googlesource.com/301742
Commit-Ready: Amey Deshpande <ameyd@google.com>
Tested-by: Amey Deshpande <ameyd@google.com>
Reviewed-by: Mike Frysinger <vapier@chromium.org>
BRANCH=None
BUG=chrome-os-partner:44227
TEST='sign_official_build.sh recovery_kernel boot.img keys
boot.img.recovery-signed' works fine and able to boot in locked recovery mode
using fastboot boot.
Change-Id: Iabde28bb2068b8294fc3d03f2f771c63368ecbb5
Signed-off-by: Furquan Shaikh <furquan@google.com>
Reviewed-on: https://chromium-review.googlesource.com/300250
Commit-Ready: Furquan Shaikh <furquan@chromium.org>
Tested-by: Furquan Shaikh <furquan@chromium.org>
Reviewed-by: David Riley <davidriley@chromium.org>
Often the partitions we extract have extra space in them, but the dd
utility will still write out the excess zeros. That can mean we write
out hundreds of megs of data which could otherwise be skipped. We thus
waste a good amount of I/O and storage.
For now, only use this flag when extracting a partition to a new file
as this should be safe (there's no pre-existing data to clobber/merge).
BUG=chromium:530730
TEST=`./signing_unittests.py` passes
BRANCH=None
Change-Id: Ic32665cf7c38fc0a5efc3f8b227fa8ff408ca9e3
Reviewed-on: https://chromium-review.googlesource.com/299450
Commit-Ready: Mike Frysinger <vapier@chromium.org>
Tested-by: Mike Frysinger <vapier@chromium.org>
Reviewed-by: David Riley <davidriley@chromium.org>
This should speed up the copies significantly by using less disk
storage & I/O when the unpacked file is not sparse already. This
option has been in cp for a long time, and works in Ubuntu Precise
(coreutils-8.13) & Trusty (coreutils-8.21).
BUG=chromium:530730
TEST=`./signing_unittests.py` passes
BRANCH=None
Change-Id: I82192455a623eabf96abf4f25296f3dc0c129ca2
Reviewed-on: https://chromium-review.googlesource.com/299440
Commit-Ready: Mike Frysinger <vapier@chromium.org>
Tested-by: Mike Frysinger <vapier@chromium.org>
Reviewed-by: David Riley <davidriley@chromium.org>
Reviewed-by: Amey Deshpande <ameyd@google.com>
Rather than use the existence of the output as a marker for running the
gbb step, key off the loem index. We want to run it the first time and
not bother after that.
BUG=chrome-os-partner:44227
BRANCH=None
TEST=signer can still sign loem keysets
Change-Id: I26e9ccaf1333f769d6993a8e0d84c63644bb2597
Reviewed-on: https://chromium-review.googlesource.com/298980
Reviewed-by: David Riley <davidriley@chromium.org>
Tested-by: Mike Frysinger <vapier@chromium.org>
The "function" keyword is not portable -- use the normal function style.
The awk command uses a non-portable regex (the word anchor \>). Rework
it to avoid regexes entirely.
BUG=chromium:475101
TEST=keyset_version_check.sh works on a POSIX system
BRANCH=None
Change-Id: I5446f63aa9181d06da1898aafb8fab17f5042989
Reviewed-on: https://chromium-review.googlesource.com/296562
Commit-Ready: Mike Frysinger <vapier@chromium.org>
Tested-by: Mike Frysinger <vapier@chromium.org>
Reviewed-by: David Riley <davidriley@chromium.org>
Signer was calling sign_official_build.sh in a manner that wasn't
being accepted correctly. Also add test keys from firmware branch.
BUG=chrome-os-partner:44227
TEST=sign_official_build.sh nv_lp0_firmware tegra_lp0_resume.fw tests/devkeys tegra_lp0_resume.fw.signed versions.default
BRANCH=signer
Change-Id: Icd298ac75e3da746220826dc2fb9cc2466e41f1d
Signed-off-by: David Riley <davidriley@chromium.org>
Reviewed-on: https://chromium-review.googlesource.com/297802
Reviewed-by: Furquan Shaikh <furquan@chromium.org>
The new nvidia logic expects to have the "real" output filename and not
yet another temp path. Since sign_firmware.sh supports being passed in
the input as the output and doing in-place signing, just document it and
update the callers.
BUG=chrome-os-partner:44227
BRANCH=None
TEST=signer outputs pubkey.sha to the same location as the output firmware
Change-Id: Iadc5dc5aaace6be9e22ff2c55bfbc58b7e1b3ef0
Reviewed-on: https://chromium-review.googlesource.com/296574
Commit-Ready: Mike Frysinger <vapier@chromium.org>
Tested-by: Mike Frysinger <vapier@chromium.org>
Reviewed-by: David Riley <davidriley@chromium.org>
If nv_pkc.pem file is present for a device, use nv_pkc_signing for
adding PKC signature in the firmware image.
BUG=chrome-os-partner:44227
BRANCH=None
TEST=unittests run fine. verified image boots on fused system.
Change-Id: I9b2f48da55137a0e4a75f23d16d3779be1aa94c8
Signed-off-by: Furquan Shaikh <furquan@google.com>
Reviewed-on: https://chromium-review.googlesource.com/296452
Commit-Ready: Furquan Shaikh <furquan@chromium.org>
Tested-by: Furquan Shaikh <furquan@chromium.org>
Reviewed-by: Mike Frysinger <vapier@chromium.org>
There are two new GBB flags added (lid/fastboot) and we should update the
description in set_gbb_flags.
BRANCH=none
BUG=none
TEST=emerge-link vboot_reference
Change-Id: I0d16df03e9427ec1c8780fbb6be10c31eed9bf9e
Signed-off-by: Hung-Te Lin <hungte@chromium.org>
Reviewed-on: https://chromium-review.googlesource.com/286052
Reviewed-by: Bill Richardson <wfrichar@chromium.org>
This patch checks for 'cros_legacy' in the kernel config, and skips
running strip_boot_from_image.sh if present. This is because
'cros_installer postinst' on legacy BIOS relies on presence of /boot in
rootfs.
BRANCH=signer
BUG=b:20947354
TEST=Ran the script with devkeys, and checked presence of /boot in the
signed .bin file by mounting locally
$ ./sign_official_build.sh ssd chromiumos_image.bin ../../tests/devkeys \
chromiumos_image_signed.bin ../../tests/devkeys/key.versions
Change-Id: Ieb919067b353839019bc1c561d7bb66bebac1040
Reviewed-on: https://chromium-review.googlesource.com/272742
Tested-by: Amey Deshpande <ameyd@google.com>
Reviewed-by: Mike Frysinger <vapier@chromium.org>
Commit-Queue: Amey Deshpande <ameyd@google.com>
This patch changes ensure_no_nonrelease_files.sh to use per-board
release file blacklist instead of the default one. It also uses this
opportunity to make ensure_no_nonrelease_files.sh consistently
formatted.
BRANCH=none
TEST=Ran ./security_test_image on a lakitu image and --vboot_hash
pointing to this commit, and verified ensure_no_nonrelease_files.sh passes.
BUG=brillo:823
Change-Id: I2cff56192a5ff0b917faba7549e7adafb4757a47
Reviewed-on: https://chromium-review.googlesource.com/267335
Reviewed-by: Mike Frysinger <vapier@chromium.org>
Commit-Queue: Amey Deshpande <ameyd@google.com>
Tested-by: Amey Deshpande <ameyd@google.com>
The '--save_config' and '--set_config' are found to be very useful for
developers but it's sometimes inconvenient that developer must specify a
temporary path and to know the implicit rules of how the files are generated.
Since most people just want to do in-place editing, we can add a --edit_config
so developers can simply invoke "make_dev_ssd --edit_config --partitions 2" to
start changing kernel command line without worrying about where to store the
temporary files.
BRANCH=none
BUG=none
TEST=./make_dev_ssd.sh --edit_config --partition 2
Change-Id: Ib8f19115df31f3f250b4378201d0f7ea562fec15
Reviewed-on: https://chromium-review.googlesource.com/266814
Tested-by: Hung-Te Lin <hungte@chromium.org>
Reviewed-by: Bill Richardson <wfrichar@chromium.org>
Reviewed-by: Randall Spangler <rspangler@chromium.org>
Commit-Queue: Hung-Te Lin <hungte@chromium.org>
This is largely geared for testing for quickly creating a set of loem keys.
BUG=chromium:381862
TEST=`./add_loem_keys.sh 0` converted an existing keyset to a loem keyset
TEST=`./add_loem_keys.sh 3` added three more keysets
TEST=ran sign_official_build.sh with new keysets against a recovery.bin
BRANCH=none
Change-Id: I598b7a453b747a231df850657df50bede01768c2
Reviewed-on: https://chromium-review.googlesource.com/203940
Reviewed-by: Gaurav Shah <gauravsh@chromium.org>
Tested-by: Mike Frysinger <vapier@chromium.org>
Commit-Queue: Mike Frysinger <vapier@chromium.org>
Removing rootfs verification or resigning kernels can lead to an
unusable system if the dev_boot_signed_only flag is set. Add a sanity
check to print out an error when this happens.
BRANCH=none
BUG=none
TEST=manual
Run /usr/share/vboot/bin/make_dev_ssd.sh with the dev_boot_signed_only
flag set to 1 and observe that an error message is printed.
Change-Id: If116538152ee3122e3b742918bf1676982754fdd
Reviewed-on: https://chromium-review.googlesource.com/260970
Trybot-Ready: Chirantan Ekbote <chirantan@chromium.org>
Tested-by: Chirantan Ekbote <chirantan@chromium.org>
Reviewed-by: Randall Spangler <rspangler@chromium.org>
Reviewed-by: Hung-Te Lin <hungte@chromium.org>
Commit-Queue: Chirantan Ekbote <chirantan@chromium.org>
When trying to build out-of-tree, running `git status` will attempt to
write to the .git/ dir which causes a sandbox violation.
Since this code doesn't seem to actually do anything, drop it.
BUG=chromium:466499
TEST=precq still passes
TEST=build now passes when building out of tree
TEST=`./scripts/getversion.sh` produces good output with clean & dirty trees
BRANCH=None
Change-Id: Ia722fedef692876ffc87109b3a1d2e4a76235532
Reviewed-on: https://chromium-review.googlesource.com/259541
Trybot-Ready: Mike Frysinger <vapier@chromium.org>
Reviewed-by: Bill Richardson <wfrichar@chromium.org>
Commit-Queue: Mike Frysinger <vapier@chromium.org>
Tested-by: Mike Frysinger <vapier@chromium.org>
Some Brillo devices may have smaller kernel partition and we need to reduce the
size limit.
BUG=none
BRANCH=none
TEST=make_dev_ssd.sh applied on a Brillo config with 8MB kernel partition.
Change-Id: I9ca37445a6cdb20138f13dbe975c207383a1474c
Reviewed-on: https://chromium-review.googlesource.com/255341
Tested-by: Hung-Te Lin <hungte@chromium.org>
Reviewed-by: Mao Huang <littlecvr@chromium.org>
Commit-Queue: Hung-Te Lin <hungte@chromium.org>
Forgot to update the bitsizes in the variable constants.
BUG=chromium:454651
TEST=`./create_new_keys.sh` still generates 8k keys
TEST=`./create_new_keys.sh --4k` now generates 4k keys
BRANCH=None
Change-Id: Ie285649f4d58ad2e2cba71f4cab737cc2235e3ab
Reviewed-on: https://chromium-review.googlesource.com/245890
Reviewed-by: Mike Frysinger <vapier@chromium.org>
Tested-by: Mike Frysinger <vapier@chromium.org>
While we do this, clean up:
- use braces everywhere
- convert local vars from $VAR to $var
- parse all command line args properly
- run in `set -e` mode
BUG=chromium:454651
TEST=`./create_new_keys.sh` still generates sane keys
TEST=`./create_new_keys.sh --help` shows help output
TEST=`./create_new_keys.sh --asdfasdf` shows an error
TEST=`./create_new_keys.sh` outside chroot (w/out vboot binaries) aborts after first failure
BRANCH=None
Change-Id: I1ba0db0b24c0f2f10cf397b47115f0e98384d991
Reviewed-on: https://chromium-review.googlesource.com/245317
Reviewed-by: Hung-Te Lin <hungte@chromium.org>
Commit-Queue: Mike Frysinger <vapier@chromium.org>
Tested-by: Mike Frysinger <vapier@chromium.org>
The signing scripts pass a bunch of args around, including paths
to the keys used to sign dev-mode-specific firmware. That was
only used on Alex and ZGB, so all the newer systems don't have
those keys and the script falls over.
This uses the normal firmware keys if the dev-firmware keys don't
exist. This was an oversight with the original CL that touched
resign_firmwarefd.sh
BUG=chromium:453901
BRANCH=ToT
TEST=manual
Download a newer signed recovery image, say for nyan, and save it as
scripts/image_signing/nyan-recovery-mp.bin
Temporarily delete the developer firmware keys from the devkeys:
rm -f tests/devkeys/dev_firmware*
Now try resigning the recovery image:
cd scripts/image_signing
./sign_official_build.sh recovery nyan-recovery-mp.bin \
../../tests/devkeys/ signed.bin \
../../tests/devkeys/key.versions
It should work.
Change-Id: I474811158cb33e16ad09c16b0db825c40217dd70
Signed-off-by: Bill Richardson <wfrichar@chromium.org>
Reviewed-on: https://chromium-review.googlesource.com/245151
Reviewed-by: Mike Frysinger <vapier@chromium.org>
Old images don't put kernel on partition 4 and rely on vblock for installation.
The signer script has to support both old and new images, by testing if kernel
partition has valid data.
BRANCH=signer
BUG=chromium:449450
TEST=(get old image without kernel blob on partition 4)
sign_official_build.sh usb image.bin ../../tests/devkeys signed.bin \
../../tests/devkeys/key.versions
Change-Id: I92542ffb162660d86c30d9598fe1ca59ff69afe4
Signed-off-by: Hung-Te Lin <hungte@chromium.org>
Reviewed-on: https://chromium-review.googlesource.com/243874
Reviewed-by: Mike Frysinger <vapier@chromium.org>
For each mount_image_partition, we have to unmount explicitly before doing other
changes (especially when using dd) to image. Otherwise system may flush data
when releaseing loop device and cause output image to be corrupted.
BUG=chromium:449450
TEST=sign_official_build.sh factory factory_install_shim.bin \
../../../tests/devkeys signed.bin ../../../tests/devkeys/key.versions
sign_official_build.sh verify signed.bin
BRANCH=signer
Change-Id: I20756d9769c3737e25cfea348a9a4d64cc43b202
Signed-off-by: Hung-Te Lin <hungte@chromium.org>
Reviewed-on: https://chromium-review.googlesource.com/243496
Reviewed-by: Mike Frysinger <vapier@chromium.org>
The shar utility changed the flag name and newer versions no longer
accept -w. Mung the shellball on the fly to use the newer flag.
BUG=chrome-os-partner:33719
TEST=signing old firmware shellball inside chroot passes
BRANCH=none
Change-Id: If5c2da3062bd72062baa779bb26ea56304c31558
Reviewed-on: https://chromium-review.googlesource.com/241064
Reviewed-by: Hung-Te Lin <hungte@chromium.org>
Commit-Queue: Mike Frysinger <vapier@chromium.org>
Tested-by: Mike Frysinger <vapier@chromium.org>
Some devices may use rootdev=/dev/dm-1 as root device (the default one was
dm-0, according to build scripts). Running make_dev_ssd.sh
--remove_rootfs_verification on these devices will fail changing rootdev kernel
command line, and cause people not able to re-mount root device as writable.
To support running make_dev_ssd on these devices, we want to change the rootdev
pattern to dm[0-9].
BUG=chromium:428041.
TEST=make_dev_ssd.sh --remove_rootfs_verification
BRANCH=none
Change-Id: Idfd251c58e7d39b0b80ec1fc68989c2f49bdd1b2
Reviewed-on: https://chromium-review.googlesource.com/226782
Tested-by: Hung-Te Lin <hungte@chromium.org>
Reviewed-by: Bill Richardson <wfrichar@chromium.org>
Commit-Queue: Mike Frysinger <vapier@chromium.org>
ChromiumOS images have recently changed the installable vblock from stateful
partition to kernel + vblock in slot B. sign_official_build script should
follow that layout so other scripts (ex, cros_generate_update_payload) won't
find wrong blob.
BRANCH=none
BUG=chrome-os-partner:32156
TEST=for image_t in ssd usb install recovery; do
./sign_official_build.sh $image_t IMAGE KEYDIR output$image_t.bin
./sign_official_build.sh verify output$image_t.bin
done
# Also boots images without problem.
Change-Id: I04e2b50f3f3355263ba6de9567b4a82c040c5826
Reviewed-on: https://chromium-review.googlesource.com/221890
Reviewed-by: Hung-Te Lin <hungte@chromium.org>
Tested-by: Hung-Te Lin <hungte@chromium.org>
Commit-Queue: Hung-Te Lin <hungte@chromium.org>
If we try to sign an image w/out Chrome, this file won't exist.
Run grep with the -s flag to silence those warnings.
BUG=chromium:418817
TEST=`cbuildbot storm-release` no longer warns
BRANCH=None
Change-Id: Ibac0978e3e4d9f89c00206a2dd21c1d71544f710
Reviewed-on: https://chromium-review.googlesource.com/221184
Reviewed-by: Gaurav Shah <gauravsh@chromium.org>
Tested-by: Mike Frysinger <vapier@chromium.org>
Commit-Queue: Mike Frysinger <vapier@chromium.org>
scripts/sign_data.sh is just a wrapper to do this:
./signature_digest_utility $1 $3 \
| openssl rsautl -sign -pkcs -inkey $2
AFAICT, that script is only invoked by the SignatureFile()
function in host/lib/file_keys.c, which is not referenced by
anything. I think I can remove both of those things.
Also remove utility/gbb_utility.cc, which should have been done
long ago in commit 6f39615.
BUG=none
BRANCH=ToT
TEST=make runalltests
Also ran it on daisy_spring-paladin and link-tot-paladin.
Change-Id: I16de5022765806f11bf6144d7ffd8cc849578a68
Signed-off-by: Bill Richardson <wfrichar@chromium.org>
Reviewed-on: https://chromium-review.googlesource.com/216719
Reviewed-by: Mike Frysinger <vapier@chromium.org>
Since all of the functionality of the resign_firmwarefd.sh script
is built in to futility, let's just make that script invoke
futility to do the work. We'll come back and remove the script
entirely, once all outside references to it have been changed to
do the right thing.
BUG=chromium:224734
BRANCH=ToT
TEST=make runtests
Also tested by editing tests/futility/test_resign_firmware.sh to
invoke the resign_firmwarefd.sh script instead of futility.
Everything passed.
Signed-off-by: Bill Richardson <wfrichar@chromium.org>
Change-Id: Id068e551067a956cd7ddc3f9b9e23488261d8d94
Reviewed-on: https://chromium-review.googlesource.com/216716
Reviewed-by: Randall Spangler <rspangler@chromium.org>
Add a script that runs sanity checks on the versions in a keyset.
In particular, tests whether the actual key versions match those
in key.versions. Also runs consistency checks (for example: firmware
version should match kernel subkey version).
BUG=none
TEST=run on all of our keysets
BRANCH=none
Change-Id: I5b509ba33127364f6b63252ad167646eb7dce710
Reviewed-on: https://chromium-review.googlesource.com/190790
Reviewed-by: Mike Frysinger <vapier@chromium.org>
Tested-by: Gaurav Shah <gauravsh@chromium.org>
chromeos-install always expects DM verity information from install source,
because even when --noenable_rootfs_verification is applied, the output image
will still include DM verity in kernel command line (just not enabled).
To support developers installing a modified image (by
--remove_rootfs_verification), we have to change the command line to keep DM
verity data, just like how --noenable_rootfs_verification is done.
BRANCH=none
BUG=none
TEST=make_dev_ssd.sh --noenable_rootfs_verification; reboot;
chromeos-install # success.
Change-Id: I3b2c8cbf1b89086ed91b5549c7147cd940fbda14
Reviewed-on: https://chromium-review.googlesource.com/207321
Tested-by: Hung-Te Lin <hungte@chromium.org>
Reviewed-by: Randall Spangler <rspangler@chromium.org>
Reviewed-by: Gaurav Shah <gauravsh@chromium.org>
Commit-Queue: Hung-Te Lin <hungte@chromium.org>
In order to disable PD software sync but still do EC software sync
it is useful to have a separate GBB flag for it.
This will allow me to release a Samus P2B firmware image that will
update the EC but not the PD, since the PD FW that comes on P2B
devices cannot be updated with software sync.
BUG=chrome-os-partner:30079
BRANCH=None
TEST=flash BIOS with updated EC+PD:
1) no GBB flags to override behavior updates both EC and PD
2) GBB flag to disable EC software sync disables both EC and PD update
3) GBB flag to disable PD software sync disables only PD update
Change-Id: I49ffb59238bee4a2dd66b24f2516e3ce46ea06cd
Signed-off-by: Duncan Laurie <dlaurie@chromium.org>
Reviewed-on: https://chromium-review.googlesource.com/211910
Reviewed-by: Bill Richardson <wfrichar@chromium.org>
Reviewed-by: Randall Spangler <rspangler@chromium.org>
Rather than leave the default set of keys in the firmware untouched
(which are dev keys), insert the first loem keyset we find. This is
for people who extract the bios.bin by hand and then blindly burn it
into their flash. This way they'll still get some valid loem keys.
It's not a great solution, but it's better than nothing.
BUG=chromium:381862
TEST=signed recovery image by hand w/loemkeys and looked at packed bios.bin
TEST=signed recovery image by hand w/devkeys and looked at packed bios.bin
TEST=signed recovery image by hand w/custom loemkeys and looked at packed bios.bin
BRANCH=none
Change-Id: I8db1e34d9f4d85be6edf81fecf79a72031571b01
Reviewed-on: https://chromium-review.googlesource.com/204262
Reviewed-by: Hung-Te Lin <hungte@chromium.org>
Commit-Queue: Mike Frysinger <vapier@chromium.org>
Tested-by: Mike Frysinger <vapier@chromium.org>
The common.sh file already defines these variables/funcs, so drop them.
BUG=chromium:381862
TEST=`./create_new_keys.sh` created new keys correctly
BRANCH=none
Change-Id: Ie7f0f683d4971c188d4629b520938b4b65bb0a9f
Reviewed-on: https://chromium-review.googlesource.com/203685
Reviewed-by: Gaurav Shah <gauravsh@chromium.org>
Tested-by: Mike Frysinger <vapier@chromium.org>
With an loem keyset in a recovery shellball, we don't want to write the
rootkeys & vblocks to the firmware image directly. Instead, we'll put
them into a keyset subdir that the firmware updater will process later.
bios.bin
keyset/
rootkey.LOEMID
vblock_A.LOEMID
vblock_B.LOEMID
We still write the recovery key to the firmware image though as that is
shared between all the keysets.
BUG=chromium:381862
TEST=Ran against a recovery image with devkeys & loemkeys and checked shellball
TEST=`cbuildbot daisy-release` works
BRANCH=none
Change-Id: I6fc99c71e6c7dee25f7f9a466a97314ff750fda9
Reviewed-on: https://chromium-review.googlesource.com/203682
Reviewed-by: Gaurav Shah <gauravsh@chromium.org>
Commit-Queue: Mike Frysinger <vapier@chromium.org>
Tested-by: Mike Frysinger <vapier@chromium.org>
Make ensure_no_nonrelease_files.sh stop grepping
/etc/session_manager_use_flags.txt for USE flags. Instead,
look for non-comment lines in /etc/chrome_dev.conf.
BUG=chromium:377301
TEST=manual: ran against images both with and without
extra config directives
BRANCH=none
CQ-DEPEND=I86d01f4a551433527bb434dc62c30fb44082f774
CQ-DEPEND=Ic030207840b6be79b51486d1706573241a01c08d
Change-Id: Iefeefd936dc7706ed74340edb6521621885bbe25
Reviewed-on: https://chromium-review.googlesource.com/203463
Reviewed-by: Mike Frysinger <vapier@chromium.org>
Commit-Queue: Daniel Erat <derat@chromium.org>
Tested-by: Daniel Erat <derat@chromium.org>
make_dev_firmware.sh calls resign_firmwarefd.sh, which extracts rootkey from
input image for checking VBLOCK firmware body size. As a result, we should
resign firmware before changing rootkey / GBB.
BUG=chromium:365738
TEST=Install Nyan/Peppy PreMP-signed firmware, run make_dev_firmware.sh, and
then boot in normal mode.
BRANCH=none
Change-Id: I45dbcacb40b7b77bbf89f1ba244bf7fb25f9ae27
Signed-off-by: Hung-Te Lin <hungte@chromium.org>
Reviewed-on: https://chromium-review.googlesource.com/196521
Reviewed-by: Bill Richardson <wfrichar@chromium.org>
Early proto devices (for testers and developers) may have hardware write
protection enabled and software disabled. They can still flash SPI ROM in that
case, and no need to disable hardware WP switch.
BRANCH=none
BUG=chromium:341242
TEST=./set_gbb_flags.sh 0x39 # see WP messages.
Change-Id: Id320410795a162a009b80360c2225c7510337591
Reviewed-on: https://chromium-review.googlesource.com/186336
Tested-by: Hung-Te Lin <hungte@chromium.org>
Reviewed-by: Shawn Nematbakhsh <shawnn@chromium.org>
Commit-Queue: Hung-Te Lin <hungte@chromium.org>
Reviewed-by: Randall Spangler <rspangler@chromium.org>
