diff options
| author | Nicolas Boichat <drinkcat@google.com> | 2017-02-10 13:59:39 +0800 |
|---|---|---|
| committer | chrome-bot <chrome-bot@chromium.org> | 2017-02-17 04:09:37 -0800 |
| commit | 07eccbb414962c09d411e8afeb6cfca71aebf838 (patch) | |
| tree | cfd29416f3fe0ca397f5606ebbe19773ffa59e94 /Makefile.rules | |
| parent | cb6e3ec3a0db005e62c94e3d8b667d4ef4a2d8d9 (diff) | |
| download | chrome-ec-07eccbb414962c09d411e8afeb6cfca71aebf838.tar.gz | |
rwsig: Add support for rwsig image types
usbpd1 futility image type is deprecated and should not be used for
new designs. This adds proper support for rwsig image type.
Key and signatures are added at linker stage step (futility cannot
directly create such signed images). Thanks to VB21 header, rwsig.c
can now tell how many bytes of the RW image need to be
cryptographically verified, and ensure that the rest is blank (0xff).
BRANCH=none
BUG=chromium:690773
TEST=make BOARD=hammer; flash, RW image is verified correctly.
TEST=make runtests -j
TEST=For the rest of the tests:
Change config option to CONFIG_RWSIG_TYPE_RWSIG
TEST=make BOARD=hammer; flash, hammer still verifies correctly.
TEST=cp build/hammer/ec.RW.bin build/hammer/ec.RW.bin.orig;
futility sign --type rwsig --prikey build/hammer/key.vbprik2 \
build/hammer/ec.RW.bin
diff build/hammer/ec.RW.bin build/hammer/ec.RW.bin.orig
=> Same file
TEST=Add CONFIG_CMD_FLASH, flashwrite 0x1e000, reboot, EC does
not verify anymore.
TEST=dump_fmap build/hammer/ec.bin shows KEY_RO and SIG_RW at
correct locations.
Change-Id: I50ec828284c2d1eca67fa8cbddaf6f3b06606c82
Reviewed-on: https://chromium-review.googlesource.com/441546
Commit-Ready: Nicolas Boichat <drinkcat@chromium.org>
Tested-by: Nicolas Boichat <drinkcat@chromium.org>
Reviewed-by: Vincent Palatin <vpalatin@chromium.org>
Diffstat (limited to 'Makefile.rules')
| -rw-r--r-- | Makefile.rules | 23 |
1 files changed, 21 insertions, 2 deletions
diff --git a/Makefile.rules b/Makefile.rules index b9364d1b56..d8bfd68bc7 100644 --- a/Makefile.rules +++ b/Makefile.rules @@ -91,8 +91,18 @@ cmd_sharedlib_elf = $(CC) $(libsharedobjs_deps) \ -o $(out)/$(SHOBJLIB)/$(SHOBJLIB).elf \ -Wl,-Map,$(out)/$(SHOBJLIB)/$(SHOBJLIB).map -# commands for RSA signature -cmd_rsasign = futility sign --type usbpd1 --pem $(PEM) $(out)/$*.bin.tmp +# commands for RSA signature: rwsig does not need to sign the whole image +# (it signs the RW part separately). usbpd1 type needs to sign the final image. +ifeq ($(CONFIG_RWSIG_TYPE_RWSIG),) + cmd_rsasign = futility sign --type usbpd1 --pem $(PEM) $(out)/$*.bin.tmp +else + cmd_rsasign = +endif + +cmd_key_extract = futility create $(PEM) $(out)/$* $(silent) + +cmd_rsasign_rwsig = futility sign --type rwsig \ + --prikey $(out)/key.vbprik2 $< $@ # commands to build optional xref files cmd_deps_to_list = cat $(deps) | tr -d ':\\' | tr ' ' '\012' \ @@ -274,6 +284,9 @@ flat-$(CONFIG_FW_INCLUDE_RO) += $(out)/RO/$(PROJECT).RO.flat deps += $(out)/firmware_image.lds.d $(flat-y:%.flat=%.lds.d) +flat-$(CONFIG_RWSIG_TYPE_RWSIG) += $(out)/key.vbpubk2 +flat-$(CONFIG_RWSIG_TYPE_RWSIG) += $(out)/RW/$(PROJECT).RW.flat.sig + flat-$(CONFIG_SHAREDLIB) += $(libsharedobjs-y) $(out)/$(PROJECT).obj: common/firmware_image.S $(out)/firmware_image.lds \ @@ -305,6 +318,12 @@ endif $(out)/$(PROJECT).hex: $(out)/$(PROJECT).bin $(call quiet,bin_to_hex,OBJCOPY) +$(out)/%.vbprik2 $(out)/%.vbpubk2: $(PEM) + $(call quiet,key_extract,KEY ) + +$(out)/RW/%.flat.sig: $(out)/RW/%.flat $(out)/key.vbprik2 + $(call quiet,rsasign_rwsig,SIGN ) + $(out)/RW/%.elf: override BLD:=RW $(out)/RW/%.elf: private objs := $(rw-objs) $(out)/RW/%.elf: $(out)/RW/%.lds $(rw-objs) $(libsharedobjs_elf-y) |