A recent codebase change included the test RMA reset server public key
in the Cr50 image by default.
Prod images must not include the test key, and luckily recent
modifications of the cr50-codesigner utility allow to swap the keys
before signing. This patch adds the command line option for swapping
the keys and a check to ensure that the signed image includes the
prod key and does not include the test key.
Note that cr50-codesigner would fail to sign if the swap was requested
but the test RMA key was not found in the input .efl file. Thus both
conditions are verified: that the original image includes the test key
and that the signed image includes the prod key.
BRANCH=none
BUG=b:73296144
TEST=prod signed an image, verified that it can be RMA reset using the
prod RMA reset server.
Change-Id: Ic084d0c5e1de9f027db05c63f82542c2b7cbd916
Signed-off-by: Vadim Bendebury <vbendeb@chromium.org>
Reviewed-on: https://chromium-review.googlesource.com/1000756
Reviewed-by: Randall Spangler <rspangler@chromium.org>
When building EC targets in the setups where the Cr50 codesigner
utility is not present let's just bypass the signing step.
Also removing bitrotten source code of the old codesigner.
BRANCH=none
BUG=chromium:830302
TEST='make buildall' succeeds even if cr50-codesigner is not available.
Change-Id: Ic6c4988455bcee6c45504e1fe781f6e03636d57a
Signed-off-by: Vadim Bendebury <vbendeb@chromium.org>
Reviewed-on: https://chromium-review.googlesource.com/1005401
Reviewed-by: Allen Webb <allenwebb@google.com>
Reviewed-by: Vincent Palatin <vpalatin@chromium.org>
- make sure DBG images could not be signed for prod
When debug image marker was changed from "DEV" to "DBG", the
script checking for this was not updated.
Fix that and also use 'strings' generated output to not require
grep to delineate input binary blobs into strings.
- do not invoke cr50-codesigner as sudo, it is not necessary with
the correct udev rules in place.
BRANCH=none
BUG=b:73296144
TEST=Tried signing for prod a DBG image, the attempt failed. Then
built a non DBG image, signed it successfully.
Change-Id: I7cec2d9eb344b40f7726d7e432689b0c0416dc47
Signed-off-by: Vadim Bendebury <vbendeb@chromium.org>
Reviewed-on: https://chromium-review.googlesource.com/1000755
Reviewed-by: Randall Spangler <rspangler@chromium.org>
Reviewed-by: Mary Ruthven <mruthven@chromium.org>
Source code for Cr50 codesigner has been added to the chroot and the
executable is installed as /usr/bin/cr50-codesigner when cros sdk is
created/updated.
Let's use the 'official' version instead of outdated local one.
BRANCH=cr50,cr50-mp
BUG=b:73296144
TEST=verified that properly signed Cr50 images can be built.
Change-Id: Ibc68340a26011c7d5ac028bbee73cd0f2c39c291
Signed-off-by: Vadim Bendebury <vbendeb@chromium.org>
Reviewed-on: https://chromium-review.googlesource.com/996512
Reviewed-by: Mary Ruthven <mruthven@chromium.org>
A new ebuild allows to install codesigner as /usr/bin/cr50-codesigner,
let's make use of it instead of manually copied instance of the
signer.
BRANCH=none
BUG=b:74100307
TEST=verified that error message is generated if cr50-codesigner is
not installed, and that signing succeeds once cr50-codesigner is
installed.
Change-Id: I468803443e7b052a8ecb074ee80f63f588888985
Signed-off-by: Vadim Bendebury <vbendeb@chromium.org>
Reviewed-on: https://chromium-review.googlesource.com/982495
Reviewed-by: Mary Ruthven <mruthven@chromium.org>
In most cases when Cr50 signer script is invoked, the input elf files
are stored in the same directory and named ec.RW.elf and ec.RW_B.elf,
the way they produced by the EC makefile.
Let's allow create_released_image.sh to accept a directory name
instead of two elf file names.
BRANCH=none
BUG=none
TEST=verified that the script properly handles both old and new
command line options (allows to pass individual elf files and a
directory name).
Change-Id: I40bb8983fd97e6cd82e235308622ba2f20119ce5
Signed-off-by: Vadim Bendebury <vbendeb@google.com>
Reviewed-on: https://chromium-review.googlesource.com/963618
Commit-Ready: Vadim Bendebury <vbendeb@chromium.org>
Tested-by: Vadim Bendebury <vbendeb@chromium.org>
Reviewed-by: Mary Ruthven <mruthven@chromium.org>
Reviewed-by: caveh jalali <caveh@chromium.org>
This will make sure that Cr50 images built from dev branch can take
over images built from either MP or pre-MP branches.
BRANCH=none
BUG=none
TEST=verified that it is possible to overwrite pre-MP Cr50 version of
0.2.2.
Change-Id: I929cb2be857ea90c544f83160d6820c73e23c69d
Signed-off-by: Vadim Bendebury <vbendeb@chromium.org>
Reviewed-on: https://chromium-review.googlesource.com/938946
Reviewed-by: Mary Ruthven <mruthven@chromium.org>
This will prevent earlier released images from running on the device
unless Info1 is erased.
BRANCH=cr50, cr50-mp
BUG=b:70891959
TEST=verified that two bits in the rollback mask have been erased now:
> sysinfo
Reset flags: 0x00000800 (hard)
[...]
Rollback: 2/2/128
Change-Id: Ic345c79010fbe0e075e14e652ea1eba263226ab1
Signed-off-by: Vadim Bendebury <vbendeb@chromium.org>
Reviewed-on: https://chromium-review.googlesource.com/916737
Reviewed-by: Mary Ruthven <mruthven@chromium.org>
It is beneficial to have the 'major' version number component advanced
with every major Cr50 code release: this will allow to use the 'minor'
version number component when it is necessary to release a bug fix or
a small addition to the current release.
BRANCH=cr50
BUG=none
TEST=verified proper version number reported by 'version' command
Change-Id: Ie87a2b676b59b46be243fa6367571a1d0877f13d
Signed-off-by: Vadim Bendebury <vbendeb@chromium.org>
Reviewed-on: https://chromium-review.googlesource.com/820270
Reviewed-by: Mary Ruthven <mruthven@chromium.org>
Requiring installation of the gsctool locally in the EC tree could
collide with debug versions or executables built for wrong
architectures.
Let's use the version installed in chroot and give user instructions
how to install it if it is not there.
BRANCH=cr50
BUG=none
TEST=verified that create_released_image.sh still works with the
chroot version of the tool
Change-Id: Ib155e166297d28c1660f7f33bb000b3bb8fe7a15
Signed-off-by: Vadim Bendebury <vbendeb@chromium.org>
Reviewed-on: https://chromium-review.googlesource.com/709739
Reviewed-by: Mary Ruthven <mruthven@chromium.org>
The usb_updater utility has long been not just an updater, and has
long been using other interfaces in addition to USB. gsctool is a much
more suitable name.
CQ-DEPEND=CL:709776
BRANCH=cr50
BUG=b:67007500
TEST=verified that make -C ./extra/usb_updater generates
./extra/usb_updater/gsctool:
$ ./extra/usb_updater/gsctool --help
Usage: gsctool [options] <binary image>
This updates the Cr50 RW firmware over USB.
The required argument is the full RO+RW image.
Options:
[...]
$
Change-Id: I3ab70c28acf3664ddefaa923a87ba1fd5c3c437b
Signed-off-by: Vadim Bendebury <vbendeb@chromium.org>
Reviewed-on: https://chromium-review.googlesource.com/709738
Reviewed-by: Mary Ruthven <mruthven@chromium.org>
The self signed images generated when running 'make BOARD=cr50' use
constant default values for the epoch, major and minor image header
fields. For the purposes of continuous testing we need the generated
images have sensible values in those header fields.
Since adding a full blown C++ based parser to the signer image is too
much trouble, let's just have a very basic Python based parser, which
pays attention only to the required fields from the current manifest.
BRANCH=cr50
BUG=none
TEST=built the new image and checked its version:
$ make BOARD=cr50
...
$ ./extra/usb_updater/usb_updater -b build/cr50/ec.bin
read 524288(0x80000) bytes from build/cr50/ec.bin
RO_A:0.0.23 RW_A:0.0.23[00000000:00000000:00000000] RO_B:-1.-1.-1 ...
Change-Id: I822475ed0a3c481b08e9268f9c13663b0b132d4a
Signed-off-by: Vadim Bendebury <vbendeb@chromium.org>
Reviewed-on: https://chromium-review.googlesource.com/651132
Reviewed-by: Marius Schilder <mschilder@chromium.org>
Reviewed-by: Mary Ruthven <mruthven@chromium.org>
The chromeos-cr50 ebuild does not install dev images any more, and
chromeos-cr50-scripts do not try updating dev versions of H1 any more.
Let's stop releasing dev Cr50 images.
BRANCH=Cr50
BUG=none
TEST=tried creating a release image in the release branch, got a
tarball of the desired contents:
$ tar tf cr50.r0.0.10.w0.0.22_ZZAF_ffffffff_00007f80.tbz2
cr50.r0.0.10.w0.0.22_ZZAF_ffffffff_00007f80/
cr50.r0.0.10.w0.0.22_ZZAF_ffffffff_00007f80/cr50.bin.prod
Change-Id: Ib2acaf5f31f7067a98c35c0ec83e730736398a7d
Signed-off-by: Vadim Bendebury <vbendeb@chromium.org>
Reviewed-on: https://chromium-review.googlesource.com/624193
Reviewed-by: Mary Ruthven <mruthven@chromium.org>
New released images need higher version number.
BRANCH=none
BUG=none
TEST=built and ran an image, verified version number to be right.
Change-Id: I0b5b690d84b2f281752ad01b154efdebeba2e136
Signed-off-by: Vadim Bendebury <vbendeb@chromium.org>
Reviewed-on: https://chromium-review.googlesource.com/621296
Reviewed-by: Mary Ruthven <mruthven@chromium.org>
The board ID fields are displayed by the Cr50 console command 'bid' as
follows: <board id>:<board id mask>:<board id flags>.
Make sure the user passes them in the same order when invoking the signer
to sign a board locked image.
BRANCH=none
BUG=none
TEST=verified proper order of the fields when generating and using a
prod signed image.
Change-Id: Ia4569c5e9e663b26edaa591bae881c719c4f199c
Signed-off-by: Vadim Bendebury <vbendeb@chromium.org>
Reviewed-on: https://chromium-review.googlesource.com/604218
Reviewed-by: Mary Ruthven <mruthven@chromium.org>
Recent signer improvements allow to include hex values into the
manifest, this also makes it easier to process values with bid D31
set, let's use strings instead of ints.
BRANCH=none
BUG=none
TEST=verified signing of a prod release
Change-Id: Ia05198991bfdd8dfd831545a9edf70f1e06f24f4
Signed-off-by: Vadim Bendebury <vbendeb@chromium.org>
Reviewed-on: https://chromium-review.googlesource.com/604217
Reviewed-by: Mary Ruthven <mruthven@chromium.org>
When an image with non-default board ID fields is released, the
generated tarball name should include the Board ID values to allow to
tell between images of the same version locked for different boards.
BRANCH=none
BUG=none
TEST=ran create_released_image.sh with and without specifying Board ID
fields, observed properly named file generated in both cases
Change-Id: I5f60a0e547d93c78caee34a9c307fc93f824b2ae
Signed-off-by: Vadim Bendebury <vbendeb@chromium.org>
Reviewed-on: https://chromium-review.googlesource.com/597121
Reviewed-by: Caveh Jalali <caveh@google.com>
Reviewed-by: Nick Sanders <nsanders@chromium.org>
The new signer (version: 1.2 00840c1b6) allows hex values in the
manifest, which means there is no need to explicitly convert the
values before adding them to the manifest.
A nice side effect of this is the fact that there is no need to care
about the sign of the values any more, the signer does the right
thing.
BRANCH=none
BUG=none
TEST=built an image using the following invocation:
$ make BOARD=cr50 H1_DEVIDS='0x12009015 0x90e95664' -j
and successfully ran it on a device. Note that the old signer was
chocking on hex values exceeding 0x7fffffff, the new one handles
them properly.
Change-Id: I08c0339f922d287c82d56fb51570bfbf7107531e
Signed-off-by: Vadim Bendebury <vbendeb@chromium.org>
Reviewed-on: https://chromium-review.googlesource.com/598728
Reviewed-by: Nick Sanders <nsanders@chromium.org>
The script assumes that usb_updater is present in the PPATH, but it is
not guaranteed to be available.
Use the version from the ec tree or stop if it is not available.
BRANCH=none
BUG=none
TEST=verified that the script uses proper instance of usb_updater
Change-Id: I3b861953e8d5d509b99131685e86aaf7a0693d23
Signed-off-by: Vadim Bendebury <vbendeb@chromium.org>
Reviewed-on: https://chromium-review.googlesource.com/597120
Reviewed-by: Caveh Jalali <caveh@google.com>
Reviewed-by: Mary Ruthven <mruthven@chromium.org>
Instead of invoking $(basename $0) multiple times, cache it in a
variable.
BRANCH=none
BUG=none
TEST=verified that the script still reports proper name when printing
error messages.
Change-Id: Iabdf40592cb4cecc975a48d93169f46614ce84c6
Signed-off-by: Vadim Bendebury <vbendeb@chromium.org>
Reviewed-on: https://chromium-review.googlesource.com/597119
Reviewed-by: Caveh Jalali <caveh@google.com>
Reviewed-by: Mary Ruthven <mruthven@chromium.org>
This version will be bettter sutied for chip manufacturing environment
(no contention with the test rig GPIO settings and formal confirmation
of successful certificate installation).
BRANCH=cr50
BUG=b:63686091
TEST=none
Change-Id: I6d394493b824c9d79bca4785d3d44b33f322b899
Signed-off-by: Vadim Bendebury <vbendeb@chromium.org>
Reviewed-on: https://chromium-review.googlesource.com/583990
Reviewed-by: Mary Ruthven <mruthven@chromium.org>
There needs to be a way to set a board ID fields in the Cr50 RW
header. This patch adds this capability to the board signer and
release image creator scripts.
create_released_image.sh is being modified to include chrome OS
command line option parsing bash library, and a new command line
parameter is defined, --cr50_board_id. Its value is a string of three
colon separated fields, <board id>:<board id mask>:<board id flags>,
where
<board id> is a 4 character ASCII string, the RLZ board code
<board id mask> and <board id flags> are two hex values, without
preceding 0x.
This value is passed to the bs script through environment variable
CR50_BOARD_ID (to be in sync with the bs script taking already
optional parameters like H1_DEVIDS from the environment).
The bs script is slightly refactored, code modifying the manifest to
splice in the device ID nodes is put into a function, and code adding
the board ID nodes to the manifest is also included in the new
function.
The three fields of the CR50_BOARD_ID string are converted to integers
and added to three nodes in the manifest (board_id, board_id_mask, and
board_id_flags respectively).
BRANCH=none
BUG=b:62294740
TEST=created a released image image using
create_released_image.sh --cr50_board_id RXXX:ffffff00:ff00 \
<rest of parameters>
using the modified usb_updater (under a different patch) verified
that the header fields have been created as expected.
Change-Id: I8374024de347f341ac16b72c2fa4a774e8385466
Signed-off-by: Vadim Bendebury <vbendeb@chromium.org>
Reviewed-on: https://chromium-review.googlesource.com/562918
Reviewed-by: Randall Spangler <rspangler@chromium.org>
This clean up is based on the review of a branch cherry-pick patch
(https://chromium-review.googlesource.com/c/556184).
Most of the comments apart from the suggestion of creating main() and
'workforce'() have been addressed.
BRANCH=cr50
BUG=b:62294740
TEST=verified that images created by running
H1_DEVIDS='xxx xxx' ./util/signer/bs elves elf.1 elf.2
H1_DEVIDS='xxx xxx' ./util/signer/bs
are still bootable on a Cr50.
Change-Id: I370526be060e11b8c640d35b1409a631233b0672
Signed-off-by: Vadim Bendebury <vbendeb@chromium.org>
Reviewed-on: https://chromium-review.googlesource.com/557997
Reviewed-by: Randall Spangler <rspangler@chromium.org>
The recent change of the code signer is not backwards compatible, a
new command line parameter must be added.
BRANCH=cr50
BUG=none
TEST=verified that
H1_DEVIDS='xxxx yyyyy' ./util/signer/bs
succeeds again.
Change-Id: I9a8e03c20aa4b7b689b1f5e4a1f786cf5857483f
Signed-off-by: Vadim Bendebury <vbendeb@chromium.org>
Reviewed-on: https://chromium-review.googlesource.com/527317
Reviewed-by: Mary Ruthven <mruthven@chromium.org>
The upcoming "real" signer update will introduce a version which is
not backwards compatible with the existing one wrt the command line
flags: the command line flag '-b' will have to be present.
To keep the default "dummy" signer in sync let's make it accept and
ignore the '-b' command line flag.
BRANCH=none
BUG=none
TEST=verified that the updated signer and the dummy signer both work.
Change-Id: Ia8ab6d7ae01d249046f267608b5971a7a7c95e29
Signed-off-by: Vadim Bendebury <vbendeb@google.com>
Reviewed-on: https://chromium-review.googlesource.com/517678
Commit-Ready: Vadim Bendebury <vbendeb@chromium.org>
Tested-by: Vadim Bendebury <vbendeb@chromium.org>
Reviewed-by: Marius Schilder <mschilder@chromium.org>
Reviewed-by: Mary Ruthven <mruthven@chromium.org>
The node locked ROs expect the RW image to be self signed with a 2048
bit key.
The only case where loader-testkey-A.pem file is used is is building
vanilla images which can't even run any more (they used to be good
for old dev RO). Let's replace the 3072 bit key with a 2048 bit key
generated by running
'openssl genrsa -3 2048 > util/signer/loader-testkey-A.pem'
BRANCH=none
BUG=none
TEST=verified that RW signed with this key can be run by a node locked
RO.
Change-Id: I74d189d03acb663fde7db48815e54748163c6399
Signed-off-by: Vadim Bendebury <vbendeb@chromium.org>
Reviewed-on: https://chromium-review.googlesource.com/489434
Tested-by: Nicolas Boichat <drinkcat@chromium.org>
Reviewed-by: Marius Schilder <mschilder@chromium.org>
We are still building two images - for prod and dev fused H1 chips.
This requires different pairs of RO images and calls for using
different keys when signing RW images.
Each produced image is of 512K bytes in size, the ROs are paced at
offsets 0 and 0x40000, the RWs at offsets 0x4000 and 0x4000.
The signed ROs come from their respective source, their processing is
limited to converting into binary format and verifying that their key
signatures match image designation (prod vs dev).
The RWs binaries are derived from RW elf files which are the result of
running 'make BOARD=cr50'. The elves are converted into binary format
and signed, the bs script is used for that.
The bs script is modified to accept the destination file name from the
shell variable, to detect signing failures (resulting in zero sized
binaries), and to fix error reporting.
The new script create_released_image.sh expects exactly six command
line parameters:
<prod RO A>.hex <prod RO B>.hex <dev RO A>.hex <dev RO B>.hex \
<RW.elf> <RW_B.elf>
and generates two cr50 binary images.
The generated images are placed in the directory named cr50.r<ro
vers>.w<rw vers> (the versions are retrieved from the binaries using
usb_updater), and then placed in the tarball with the same base name.
This naming convention is imposed by the ebuild pulling in the tarball
from the binary component server (BCS).
On the successful completion the script prints out commands which can
be used to upload the new tarball to the BCS.
BRANCH=none
BUG=b:35587234
TEST=ran the script to generate the r0.0.10.w0.0.18 release, verified
that all components of both imagea are properly signed (are
bootable and the key signature matches the prod/dev convention).
Change-Id: I87be1d44a721c979bdeeabf986d717e3a382db45
Signed-off-by: Vadim Bendebury <vbendeb@chromium.org>
Reviewed-on: https://chromium-review.googlesource.com/439907
Reviewed-by: Bill Richardson <wfrichar@chromium.org>
Reviewed-by: Caveh Jalali <caveh@google.com>
With the rest of support in place, this patch adds code which would
corrupt the headers received during firmware updates.
The VENDOR_CC_TURN_UPDATE_ON vendor command will be required to enable
the new images.
Care should be taken that other commands operating on the inactive
image header do not do anything with it before it was enabled, some
code is being added for that.
The minor RW version is being bumped up to 19 to clearly indicate that
the device is expecting the vendor command to enable the new image
(this is used by usb_updater when downloading the image without the -p
or -u command line options).
BRANCH=cr50
BUG=b:35580805
TEST=verified that the new image can be installed and started by the
new usb_updater.
- the inactive header after uploading with the -p option (the
image_size field's offset is 0x32c):
> md 0x84320 4
00084320: 00000000 00000000 80033800 00084000
rebooting the device does not start the new image.
- the inactive header after uploading without the -p option:
> md 0x84320 4
00084320: 00000000 00000000 00033800 00084000
the device running a DBG image reports the following in the end of
the image update:
[64.176780 FW update: done]
turn_update_on: rebooting in 100 ms
Change-Id: I4d763eb89c8b1a43a13697033201066779826e85
Signed-off-by: Vadim Bendebury <vbendeb@chromium.org>
Reviewed-on: https://chromium-review.googlesource.com/457678
Reviewed-by: Aaron Durbin <adurbin@chromium.org>
Erase the first location in the manifest info map to ensure that the
flash info state is updates and then the RO prevents booting earlier
images (where the map is unaltered).
BRANCH=cr50
BUG=none
TEST=verified that once both RW_A and RW_B are programmed with the new
image and the H1 is restarted, the first info map location is erased.
Change-Id: Id48d8a2009f7cf9842b7a33f036dc98457dbeafc
Signed-off-by: Vadim Bendebury <vbendeb@chromium.org>
Reviewed-on: https://chromium-review.googlesource.com/455580
Reviewed-by: Mary Ruthven <mruthven@chromium.org>
Reviewed-by: Marius Schilder <mschilder@chromium.org>
When sighing prod images it is important to be able to reproduce them
bit for bit. Setting the manifest timestamp filed to a non-zero value
makes sure that this value is used in the header as opposed to the
current time.
Setting the value to 1 guarantees that any dev image with the same
epoch/major/minor field values will be preferred, as it would have a
later timestamp.
BRANCH=none
BUG=none
TEST=verified that two images built with this manifest are exactly the
same (they used to differ before this change).
verified that the header timestamp field is indeed set to 1:
$ od -Ax -t x1 -vd d2/cr50.bin.prod | grep -A1 004350
$ 004350 ff ff ff ff ff ff ff ff ff ff ff ff 00 00 00 00
$ 004360 00 00 00 00 11 00 00 00 01 00 00 00 00 00 00 00
location 0x435c is the epoch_ field offset, 32 bit
epoch/major/minor is set to 0/0/17 and 64 bit timestamp is set to
1.
Signed-off-by: Vadim Bendebury <vbendeb@chromium.org>
Change-Id: I6ea0e664fa3eab7917ca472d715824feec49eb51
Reviewed-on: https://chromium-review.googlesource.com/452956
Commit-Ready: Vadim Bendebury <vbendeb@chromium.org>
Tested-by: Vadim Bendebury <vbendeb@chromium.org>
Reviewed-by: Marius Schilder <mschilder@chromium.org>
Reviewed-by: Vadim Bendebury <vbendeb@chromium.org>
The json parser used by the signer is perfectly capable of parsing
multiline contents.
Let's reformat signer manifests to make it easier to see the entire
file in one terminal window.
BRANCH=none
BUG=b:35774863
TEST=none
Change-Id: I41d69ad11f07521f68a7a50227dc843872613127
Signed-off-by: Vadim Bendebury <vbendeb@chromium.org>
Reviewed-on: https://chromium-review.googlesource.com/447841
Reviewed-by: Marius Schilder <mschilder@chromium.org>
In preparation to a new release let's bump up minor versions of both
prod and dev images to 12.
BRANCH=none
BUG=none
TEST=built images and verified version number
Change-Id: I55979374f5e3e21fedde128410c4861e4c2ad9c4
Reviewed-on: https://chromium-review.googlesource.com/417883
Commit-Ready: Vadim Bendebury <vbendeb@chromium.org>
Tested-by: Vadim Bendebury <vbendeb@chromium.org>
Reviewed-by: Andrey Pronin <apronin@chromium.org>
This is a 'semi official' utility script which re-signs previously
generated CR50 RW images.
By default the script uses ec.RW.elf and ec.RW_B.elf in build/cr50/RW
as inputs and util/signer/ec_RW-manifest-dev.json as the manifest, and
places the newly signed images into build/cr50/ec.bin.
The only outside dependency of this script is the signing utility itself,
which is expected to be available as $HOME/bin/codesighner.
The following command line options are accepted:
b1 - generate signature for the b1 version of the H1 chip
elves <elf1> <elf2> - sign the supplied elf files instead of the
default ones. Handy if the builder generated files need to be
signed
help - print this message
hex - generate hex output instead of binary
prod - sign with prod key (no debug image will be signed)
When invoked with 'hex' as a command line parameter, the script just
re-signs the supplied elf files and places them in 0.signed.hex and
1.signed.hex in the current directory.
This script also allows to sign dev images for running on prod RO. To
do that invoke this script as follows:
H1_DEVIDS='<dev id0> <dev id1>" ${progname} [other options, if any]
where <dev id0> <dev id1> are values reported by sysinfo command in the
DEV_ID: line when ran on the CR50 for which the image is built.
BRANCH=none
BUG=chrome-os-partner:57956
TEST=manual
tried signing dev and prod images, including sighing a dev image to
run on a prod device. All cases succeeded.
Change-Id: I879c4a08503a19a0c440b141aa1fd6b29cc70bf7
Signed-off-by: Vadim Bendebury <vbendeb@chromium.org>
Reviewed-on: https://chromium-review.googlesource.com/417221
Reviewed-by: Bill Richardson <wfrichar@chromium.org>
The manifest used for signing in dev mode was originally used for
kevin evt 1, but now it is a common dev mode manifest. Rename the fie
appropriately and modify the makefile using it.
BRANCH=none
BUG=chrome-os-partner:57956
TEST=verified that it is still possible to build cr50 with CR50_DEV=1
Change-Id: If744406a83a7045cd34c76c941fdef209bef51ac
Signed-off-by: Vadim Bendebury <vbendeb@chromium.org>
Reviewed-on: https://chromium-review.googlesource.com/417220
Reviewed-by: Bill Richardson <wfrichar@chromium.org>
The latest released images are 0.0.11, let's update the manifests such
that images built in dev environment can override released images.
BRANCH=none
BUG=none
TEST=verified that new images are built with RW version 0.0.11
Change-Id: I4db82abd3eb725849b656259f675b32a8314942c
Reviewed-on: https://chromium-review.googlesource.com/415601
Commit-Ready: Vadim Bendebury <vbendeb@chromium.org>
Tested-by: Vadim Bendebury <vbendeb@chromium.org>
Reviewed-by: Bill Richardson <wfrichar@chromium.org>
