This change makes run_test_scripts.sh dump stderr to the terminal
so that the failed test can be debugged. This is necessary to
analyze a failing test on build servers.
BUG=none
BRANCH=none
TEST=sudo FEATURES=test emerge vboot_reference && FEATURES=test
USE=minimal emerge-samus vboot_reference && make runtests
Change-Id: Id9ae0fb174cfe382ec30a1175f54c0891543c46e
Signed-off-by: Daisuke Nojiri <dnojiri@chromium.org>
Reviewed-on: https://chromium-review.googlesource.com/403428
Reviewed-by: Randall Spangler <rspangler@chromium.org>
The firmware for the USB Type-C power adapters uses raw binary
blobs for the public keys and signatures instead of
readily-identifiable structs. We've been able to sign these
firmware images for some time, but verifying the result generally
required testing them on hardware.
This CL adds some futilty support for recognizing and verifying
those images too. It just tries various sig and hash algorithms,
until it finds a combination for which the image is
self-consistent (where the pubkey blob verifies the signature
blob).
BUG=none
BRANCH=none
TEST=make runtests
This change also adds additional tests for usbpd1 images. We
ensure that we correctly recognize and verify an MP-signed
firmware, plus test signing and verifying usbpd1 images using
multiple signature and hash algorithms.
Change-Id: I4fbe8b37a694992f635d5469ae1c2449b1610dfd
Signed-off-by: Bill Richardson <wfrichar@chromium.org>
Reviewed-on: https://chromium-review.googlesource.com/302415
Reviewed-by: Randall Spangler <rspangler@chromium.org>
The USB Type-C chargers released with Samus ("Pixel (2015)") have
upgradable firmware. Those firmware images are currently signed
by some custom scripts. This adds support for those images to
futility, so that those custom scripts can be replaced.
Note that due to space considerations, the usbpd firmware images
don't have room for handy things like an FMAP or headers for the
signatures. Accordingly, all the normally variable factors (image
size, signature algorithms, etc.) are hard coded and the image
itself just looks like a bunch of random numbers. Because of
this:
1. There's no way to recognize this type of file, and nothing to
display about it.
2. You have to give the "--type usbpd1" arg to the sign command.
3. I'm designating this file type "v1" because I hope that the
firmware for any future adapters will be more readily
identifiable.
BUG=chromium:231574
BRANCH=none
TEST=make runtests
This adds a new test that signs usbpd1 firmware images using
futility, and compares the result to the same files signed by the
custom scripts, ensuring that they are bitwise identical.
Signed-off-by: Bill Richardson <wfrichar@chromium.org>
Change-Id: Idbe061db5b3c8e474ada47b40bcbe04bbecdba3a
Reviewed-on: https://chromium-review.googlesource.com/262899
Reviewed-by: Randall Spangler <rspangler@chromium.org>
This allows the user to manually specify the type of an input
file, since not all file types can be reliably identified.
This also adds a test to ensure that futility doesn't coredump if
you give it the wrong type (although I'm sure it's not exhaustive).
BUG=chromium:231574
BRANCH=none
TEST=make runtests
Signed-off-by: Bill Richardson <wfrichar@chromium.org>
Change-Id: I9d909305d9989fe7299e744c585de380109cf8cd
Reviewed-on: https://chromium-review.googlesource.com/262895
Reviewed-by: Randall Spangler <rspangler@chromium.org>
This command reads a single .pem file and emits the public and
private keys generated from it. It can produce both the old-style
vboot 1.0 keys (.vbpubk and .vbprivk), or the new vboot 2.1
format keys (.vbpubk2 and .vbprik2). The default is the new
format, but you can give futility the --vb1 arg to force the old
format.
A test is included.
BUG=chromium:231547
BRANCH=ToT
TEST=make runtests
Change-Id: I4713dc5bf34151052870f88ba52ddccf9d4dab50
Signed-off-by: Bill Richardson <wfrichar@chromium.org>
Reviewed-on: https://chromium-review.googlesource.com/246766
Reviewed-by: Randall Spangler <rspangler@chromium.org>
This adds a --strict mode to the show command, which requires
that all signatures be valid in order to exit cleanly. It also
creates a "verify" command, which is really just an alias for
"show --strict".
BUG=none
BRANCH=ToT
TEST=make runtests
Signed-off-by: Bill Richardson <wfrichar@chromium.org>
Change-Id: I1fed7db7fe7128191bcab0c615706ef4fe2709f5
Reviewed-on: https://chromium-review.googlesource.com/219732
Reviewed-by: Randall Spangler <rspangler@chromium.org>
BUG=none
BRANCH=ToT
TEST=make runtests
This also modifies the tests to compare the futility sign command
results against the vbutil_kernel results.
Signed-off-by: Bill Richardson <wfrichar@chromium.org>
Change-Id: Ibc659f134cc83982e3f0c0bcc108cc0eddbe228e
Reviewed-on: https://chromium-review.googlesource.com/219730
Reviewed-by: Randall Spangler <rspangler@chromium.org>
This adds new file types to prepare for signing kernel partitions
and raw firmware blobs (FW_MAIN_A/B).
BUG=none
BRANCH=ToT
TEST=make runtests
No new functionality yet.
Change-Id: Ic6b6b94bb99f00ab54609dfe1b753b53868abaca
Signed-off-by: Bill Richardson <wfrichar@chromium.org>
Reviewed-on: https://chromium-review.googlesource.com/219648
Reviewed-by: Randall Spangler <rspangler@chromium.org>
The original vbutil_kernel command used file read and write to
make changes. Futility prefers to use memory-mapped files. This
rewrites cmd_vbutil_kernel.c to use that scheme.
BUG=none
BRANCH=ToT
TEST=make runtests
The original cmd_vbutil_kernel.c is renamed, and a test written
to ensure that the refactored version produces identical results.
Signed-off-by: Bill Richardson <wfrichar@chromium.org>
Change-Id: Ic6c3e12429a5dcb271f8136a9edac70807d66120
Reviewed-on: https://chromium-review.googlesource.com/219647
Reviewed-by: Randall Spangler <rspangler@chromium.org>
This adds a "load_fmap" command, which is pretty much the
opposite of the "dump_fmap -x" command. It allows you to
replace the content of any FMAP areas with new stuff, without
mucking around with dd. There's a test for it, too.
BUG=chromium:224734
BRANCH=ToT
TEST=make runtests
Signed-off-by: Bill Richardson <wfrichar@chromium.org>
Change-Id: I5a9ab249c9e63a9bb1a9b26feeb3ed757cd294f1
Reviewed-on: https://chromium-review.googlesource.com/216228
Reviewed-by: Randall Spangler <rspangler@chromium.org>
The "sign" command can perform the same operation as the old
resign_firmwarefd.sh script, only about 20 times faster. The
test for that will use the new command instead.
BUG=chromium:224734
BRANCH=ToT
TEST=make runtests
Change-Id: Ie7f7a0ab6fc00d7e06cb263733bf6e7246fdb023
Signed-off-by: Bill Richardson <wfrichar@chromium.org>
Reviewed-on: https://chromium-review.googlesource.com/216227
Reviewed-by: Randall Spangler <rspangler@chromium.org>
This resigns official MP-signed BIOS images, because that's the best way to
ensure we remain compatible forever. The resign_firmwarefd.sh script is
invoked make_dev_firmware.sh, which is used for development and bringup.
BUG=chromium:224734
BRANCH=ToT
TEST=make runtests
No new functionality, only a new test.
Change-Id: I4bf9cdd8321d126e1c1a45fc198ef46b0eeb5c36
Signed-off-by: Bill Richardson <wfrichar@chromium.org>
Reviewed-on: https://chromium-review.googlesource.com/216226
Reviewed-by: Randall Spangler <rspangler@chromium.org>
This change adds these formerly external utilities into the futility binary:
dev_sign_file
dump_kernel_config
gbb_utility
vbutil_firmware
vbutil_kernel
These target binaries will remain independent of futility, since they are
not directly related to verified boot:
cgpt
crossystem
tpm_init_temp_fix
tpmc
Also, dumpRSAPublicKey is removed from the target, since it is only used on
the build host to create new keypairs.
This change also add several additional tests.
BUG=chromium:224734
BRANCH=ToT
CQ-DEPEND=CL:210391,CL:210568,CL:210587
TEST=manual
make runtests
make clean
Also build and test:
- normal image
- test image
- recovery image
- firmware shellball
Note that this CL depends on simultaneous changes to the chromeos-initramfs
ebuild.
Change-Id: If791b5e9b5aac218ceafa9f45fc1785f16b91a64
Signed-off-by: Bill Richardson <wfrichar@chromium.org>
Reviewed-on: https://chromium-review.googlesource.com/210403
This cleans up the Makfile and test scripts a bit, and adds a new test for
the builtin commands.
BUG=chromium:224734
BRANCH=ToT
TEST=make runtests
Change-Id: Ibf5aa867d4dcabc0e46daac6633036b035c99ac8
Signed-off-by: Bill Richardson <wfrichar@chromium.org>
Reviewed-on: https://chromium-review.googlesource.com/207718
This stops creating dump_fmap as a standalone utility and builds it into
futility. Since it was already invoked as a symlink, no user-visible changes
should be observed.
BUG=chromium:224734
BRANCH=none
TEST=manual, trybots
sudo FEATURES=test emerge vboot_reference
FEATURES=test emerge-$BOARD vboot_reference
Change-Id: I68d1bea0c1867043b2633e15509b95c2717009a7
Signed-off-by: Bill Richardson <wfrichar@chromium.org>
Reviewed-on: https://gerrit.chromium.org/gerrit/47672
Reviewed-by: Randall Spangler <rspangler@chromium.org>
This tweaks the Makefile and adds a couple of placeholder tests to prepare
for testing the builtin futility operations. There aren't any useful builtin
functions yet, but this lets us start adding them along with the tests.
BUG=chromium:224734
BRANCH=none
TEST=none
This doesn't actually do anything yet.
Change-Id: Iff0ca514f7d26346f072bd80a3bcd04621284843
Signed-off-by: Bill Richardson <wfrichar@chromium.org>
Reviewed-on: https://gerrit.chromium.org/gerrit/47432
Reviewed-by: Randall Spangler <rspangler@chromium.org>
