summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorVadim Bendebury <vbendeb@chromium.org>2017-01-13 11:30:31 -0800
committerchrome-bot <chrome-bot@chromium.org>2017-01-18 19:18:50 -0800
commit268b510f0b981b2bb9d861dce291172687c6a5e5 (patch)
treebc695e15d8c83ecdc4455d60d9d339f93d15a4d7
parent5909f4ee26a21de6a8683c81f24ac01daae5326a (diff)
downloadchrome-ec-268b510f0b981b2bb9d861dce291172687c6a5e5.tar.gz
g: add means of building node locked images
When debug enabled cr50 image is signed, the default manifest passed to the signer is util/signer/ec_RW-manifest-dev.json. Images signed with this manifest will not run on devices where the RO part is fused for production. It is possible to build node locked images for such devices, but the manifest must include the lines "DEV_ID0": <value>. "DEV_ID1": <value>, with the values matching the chip the image is built for. This patch allows to pass the values in the make command line or the environment, defined as follows: H1_DEVIDS='<num 1> <num 2>' When this value is defined, the default manifest is edited to add the required lines. One side effect of this patch is that the temp file where the edited manifest is placed to is not deleted. BRANCH=none BUG=none TEST=verified that images still can be built for both dev RW and prod RO (node locked) with both debug features enabled and disabled (CR50_DEV set and not set) Change-Id: I0e81fc9aa65aa4d239e60de6047e2470f6eeaf50 Signed-off-by: Vadim Bendebury <vbendeb@chromium.org> Reviewed-on: https://chromium-review.googlesource.com/428337 Reviewed-by: Randall Spangler <rspangler@chromium.org>
-rw-r--r--chip/g/build.mk41
1 files changed, 37 insertions, 4 deletions
diff --git a/chip/g/build.mk b/chip/g/build.mk
index 4a642ba59a..c6f2f47c96 100644
--- a/chip/g/build.mk
+++ b/chip/g/build.mk
@@ -120,10 +120,40 @@ CPPFLAGS += -DCR50_DEV=1
SIGNER = $(HOME)/bin/codesigner
CR50_RW_KEY = cr50_rom0-dev-blsign.pem.pub
RW_SIGNER_EXTRAS = -x util/signer/fuses.xml
-RW_SIGNER_EXTRAS += -j util/signer/ec_RW-manifest-dev.json
-$(out)/RW/ec.RW_B.flat: $(out)/RW/ec.RW.flat
-$(out)/RW/ec.RW.flat $(out)/RW/ec.RW_B.flat: SIGNER_EXTRAS = $(RW_SIGNER_EXTRAS)
-endif
+
+ifneq ($(CHIP_MK_INCLUDED_ONCE),)
+ifneq ($(H1_DEVIDS),)
+#
+# When building a node locked cr50 image for an H1 device with prod RO, the
+# manifest needs to be modifed to include the device ID of the chip the image
+# is built for.
+#
+# The device ID consists of two 32 bit numbers which can be retrieved by
+# running the 'sysinfo' command on the cr50 console. These two numbers
+# need to be spliced into the signer manifest after the '"fuses": {' line
+# for the signer to pick them up. Pass the numbers on the make command line
+# like this:
+#
+# H1_DEVIDS='<num 1> <num 2>' make ...
+#
+
+SIGNER_MANIFEST := $(shell mktemp /tmp/h1.signer.XXXXXX)
+DUMMY := $(shell /bin/cp util/signer/ec_RW-manifest-dev.json $(SIGNER_MANIFEST))
+REPLACEMENT := $(shell printf \
+ '\\n \\"DEV_ID0\\": %d,\\n \\"DEV_ID1\\": %d,' $${H1_DEVIDS})
+NODE_JSON := $(shell sed -i \
+ "s/\"fuses\": {/\"fuses\": {$(REPLACEMENT)/" $(SIGNER_MANIFEST))
+
+else # H1_DEVIDS ^^^^^ nonempty vvvvvv empty
+
+SIGNER_MANIFEST := util/signer/ec_RW-manifest-dev.json
+
+endif # H1_DEVIDS ^^^^^ empty
+
+RW_SIGNER_EXTRAS += -j $(SIGNER_MANIFEST)
+endif # CHIP_MK_INCLUDED_ONCE defined
+endif # CR50_DEV defined
+
# This file is included twice by the Makefile, once to determine the CHIP info
# # and then again after defining all the CONFIG_ and HAS_TASK variables. We use
@@ -133,6 +163,9 @@ ifeq ($(CHIP_MK_INCLUDED_ONCE),)
CHIP_MK_INCLUDED_ONCE=1
else
+$(out)/RW/ec.RW_B.flat: $(out)/RW/ec.RW.flat
+$(out)/RW/ec.RW.flat $(out)/RW/ec.RW_B.flat: SIGNER_EXTRAS = $(RW_SIGNER_EXTRAS)
+
ifeq ($(CONFIG_DCRYPTO),y)
$(out)/RW/ec.RW.elf $(out)/RW/ec.RW_B.elf: LDFLAGS_EXTRA += -L$(out)/cryptoc \
-lcryptoc