diff options
author | Tom Hughes <tomhughes@chromium.org> | 2020-01-02 10:39:52 -0800 |
---|---|---|
committer | Commit Bot <commit-bot@chromium.org> | 2020-02-06 18:12:29 +0000 |
commit | 5a98268b9634e4996e4a69f624c09d896645a4a2 (patch) | |
tree | a6605863ca4982f50d1b9fde0d8bfb9797cabb4d /common/rwsig.c | |
parent | 127975b6c3efe77b6e92af6b153504c2607d5a07 (diff) | |
download | chrome-ec-5a98268b9634e4996e4a69f624c09d896645a4a2.tar.gz |
common/vboot: Add rwsig info command
The rwsig info command provides additional details on the verified boot
key used to sign the RW firmware. The information about the key can be
used by factory tests to validate that the factory is flashing firmware
that is signed by the expected key.
In addition, we refactor the "rwsig"-related commands into a generic
"rwsig" command that takes additional subcommands. This allows adding an
"rwsig dump" command that allows displaying individual fields, which is
useful in scripts and tests.
"rwsigstatus" becomes "rwsig status"
"rwsigaction" becomes "rwsig action"
The old commands are preserved for backward compatibility.
BRANCH=none
BUG=b:144958737
TEST=(kohaku) $ ectool --name=cros_fp rwsig info
TEST=(kohaku) $ ectool --name=cros_fp rwsig dump key_id
TEST=(kohaku) $ ectool --name=cros_fp reboot_ec; sleep 0.5;
ectool --name=cros_fp rwsig action abort; sleep 2;
ectool --name=cros_fp version | grep "Firmware copy"
=> Firmware copy: RO
TEST=On dragonclaw v0.2 console: rwsiginfo
Change-Id: Ib0ee4be33e6636ff702eeaef941cc3abed0594cb
Signed-off-by: Tom Hughes <tomhughes@chromium.org>
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/ec/+/1999607
Reviewed-by: Daisuke Nojiri <dnojiri@chromium.org>
Reviewed-by: Denis Brockus <dbrockus@chromium.org>
Diffstat (limited to 'common/rwsig.c')
-rw-r--r-- | common/rwsig.c | 3 |
1 files changed, 2 insertions, 1 deletions
diff --git a/common/rwsig.c b/common/rwsig.c index 8bccd2acb1..0d0a8e765c 100644 --- a/common/rwsig.c +++ b/common/rwsig.c @@ -21,6 +21,7 @@ #include "usb_pd.h" #include "util.h" #include "vb21_struct.h" +#include "vboot.h" #include "version.h" /* Console output macros */ @@ -142,7 +143,7 @@ int rwsig_check_signature(void) sig = (const uint8_t *)CONFIG_RW_SIG_ADDR; rwlen = CONFIG_RW_SIZE - CONFIG_RW_SIG_SIZE; #elif defined(CONFIG_RWSIG_TYPE_RWSIG) - vb21_key = (const struct vb21_packed_key *)CONFIG_RO_PUBKEY_ADDR; + vb21_key = vb21_get_packed_key(); vb21_sig = (const struct vb21_signature *)CONFIG_RW_SIG_ADDR; if (vb21_key->c.magic != VB21_MAGIC_PACKED_KEY || |