diff options
author | Hung-Te Lin <hungte@chromium.org> | 2019-03-05 08:24:47 +0800 |
---|---|---|
committer | Hung-Te Lin <hungte@chromium.org> | 2020-07-17 02:03:11 +0000 |
commit | d10af7eb8a128283d022846c54b10ab27e68fe5a (patch) | |
tree | f72a23c2895c19363a3fe6dc00a6285477ae2883 | |
parent | 60535bf4dc26d863bd21c6c80604a5be504be735 (diff) | |
download | vboot-d10af7eb8a128283d022846c54b10ab27e68fe5a.tar.gz |
futility: updater: Use model name as default whitelabel signature
In Unibuild, the white label models may use (per model) PreMP key for
devices without VPD 'whitelabel_tag' - this helps dogfooders and lab
machines to run and update properly.
BUG=b:126800200
TEST=make futil; tests/futility/run_test_scripts.sh $(pwd)/build/futility
BRANCH=none
Change-Id: I7249e3fb1a2b7ab8ed281d2aa317aee6cde8f8db
Signed-off-by: Hung-Te Lin <hungte@chromium.org>
Reviewed-on: https://chromium-review.googlesource.com/1501614
Commit-Ready: ChromeOS CL Exonerator Bot <chromiumos-cl-exonerator@appspot.gserviceaccount.com>
(cherry picked from commit 9c064133217de36332d184e92d20f467967e4e76)
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/vboot_reference/+/1978122
Reviewed-by: Paul Ma <magf@bitland.corp-partner.google.com>
Reviewed-by: Marco Chen <marcochen@chromium.org>
Commit-Queue: Marco Chen <marcochen@chromium.org>
Tested-by: Marco Chen <marcochen@chromium.org>
(cherry picked from commit ded374215783ba3cd12b0d4001e49b27b409ceaa)
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/vboot_reference/+/2301631
-rw-r--r-- | futility/updater_archive.c | 81 | ||||
-rwxr-xr-x | tests/futility/test_update.sh | 13 |
2 files changed, 64 insertions, 30 deletions
diff --git a/futility/updater_archive.c b/futility/updater_archive.c index 4760654b..a209e242 100644 --- a/futility/updater_archive.c +++ b/futility/updater_archive.c @@ -711,6 +711,47 @@ const struct model_config *manifest_find_model(const struct manifest *manifest, } /* + * Determines the signature ID to use for white label. + * Returns the signature ID for looking up rootkey and vblock files. + * Caller must free the returned string. + */ +static char *resolve_signature_id(struct model_config *model, const char *image) +{ + int is_unibuild = model->signature_id ? 1 : 0; + char *wl_tag = vpd_get_value(image, VPD_WHITELABEL_TAG); + char *sig_id = NULL; + + /* Unified build: $model.$wl_tag, or $model (b/126800200). */ + if (is_unibuild) { + if (!wl_tag) { + WARN("No VPD '%s' set for white label - use model name " + "'%s' as default.", VPD_WHITELABEL_TAG, + model->name); + return strdup(model->name); + } + + ASPRINTF(&sig_id, "%s-%s", model->name, wl_tag); + free(wl_tag); + return sig_id; + } + + /* Non-Unibuild: Upper($wl_tag), or Upper(${cid%%-*}). */ + if (!wl_tag) { + char *cid = vpd_get_value(image, VPD_CUSTOMIZATION_ID); + if (cid) { + /* customization_id in format LOEM[-VARIANT]. */ + char *dash = strchr(cid, '-'); + if (dash) + *dash = '\0'; + wl_tag = cid; + } + } + if (wl_tag) + str_convert(wl_tag, toupper); + return wl_tag; +} + +/* * Applies white label information to an existing model configuration. * Collects signature ID information from either parameter signature_id or * image file (via VPD) and updates model.patches for key files. @@ -726,39 +767,19 @@ int model_apply_white_label( int r = 0; if (!signature_id) { - int remove_dash = 0, prefix_model = model->signature_id ? 1 : 0; - char *wl_tag = vpd_get_value(image, VPD_WHITELABEL_TAG); - - if (!wl_tag) { - if (model->signature_id) - return -1; - wl_tag = vpd_get_value(image, VPD_CUSTOMIZATION_ID); - /* customization_id in format LOEM[-VARIANT]. */ - remove_dash = 1; - - } - if (!wl_tag) - return 1; - - if (remove_dash) { - char *dash = strchr(wl_tag, '-'); - if (dash) - *dash = '\0'; - } - if (!prefix_model) - str_convert(wl_tag, toupper); - - sig_id = wl_tag; - if (prefix_model) - ASPRINTF(&sig_id, "%s-%s", model->name, wl_tag); - else - wl_tag = NULL; - free(wl_tag); + sig_id = resolve_signature_id(model, image); signature_id = sig_id; } - DEBUG("Find white label patches by signature ID: '%s'.", signature_id); - find_patches_for_model(model, archive, signature_id); + if (signature_id) { + DEBUG("Find white label patches by signature ID: '%s'.", + signature_id); + find_patches_for_model(model, archive, signature_id); + } else { + signature_id = ""; + WARN("No VPD '%s' set for white label - use default keys.", + VPD_WHITELABEL_TAG); + } if (!model->patches.rootkey) { ERROR("No keys found for signature_id: '%s'", signature_id); r = 1; diff --git a/tests/futility/test_update.sh b/tests/futility/test_update.sh index dd09251f..67d8ef38 100755 --- a/tests/futility/test_update.sh +++ b/tests/futility/test_update.sh @@ -402,6 +402,19 @@ WL_TAG="wl" PATH="${A}/bin:${PATH}" \ "${FROM_IMAGE}.al" "${LINK_BIOS}" \ -a "${A}" --wp=0 --sys_props 0,0x10001,1,3 --model=whitetip +# WL-Unibuild without default keys +test_update "Full update (--a, model=WL, no VPD, no default keys)" \ + "${FROM_IMAGE}.al" "!Need VPD set for white" \ + -a "${A}" --wp=0 --sys_props 0,0x10001,1,3 --model=whitetip + +# WL-Unibuild with default keys as model name +cp -f "${TMP}.to/rootkey" "${A}/keyset/rootkey.whitetip" +cp -f "${TMP}.to/VBLOCK_A" "${A}/keyset/vblock_A.whitetip" +cp -f "${TMP}.to/VBLOCK_B" "${A}/keyset/vblock_B.whitetip" +test_update "Full update (-a, model=WL, no VPD, default keys)" \ + "${FROM_IMAGE}.al" "${LINK_BIOS}" \ + -a "${A}" --wp=0 --sys_props 0,0x10001,1,3 --model=whitetip + # Test special programmer if type flashrom >/dev/null 2>&1; then echo "TEST: Full update (dummy programmer)" |