Index: utility/dev_debug_vboot |
diff --git a/utility/dev_debug_vboot b/utility/dev_debug_vboot |
index a171eb4c51de53102e3a157ba41dd623c2a2ad87..55cdd73ff94bdf70a10d1960e22365fe43c4734b 100755 |
--- a/utility/dev_debug_vboot |
+++ b/utility/dev_debug_vboot |
@@ -47,9 +47,9 @@ loghead() { |
echo "+" "$@" "| head" >> "$LOGFILE" |
"$@" | head >> "$LOGFILE" 2>&1 |
} |
+ |
logdie() { |
echo "+" "$@" >> "$LOGFILE" |
- "$@" >> "$LOGFILE" 2>&1 |
die "$@" |
} |
@@ -75,6 +75,19 @@ require_chromeos_bios() { |
log ls -la /root/.force_update_firmware |
} |
+# Search for files from the FMAP, in the order listed. Return the first one |
+# found or die if none are there. |
+find_name() { |
+ for fn in "$@"; do |
+ if [ -e "$fn" ]; then |
+ echo "$fn" |
+ return |
+ fi |
+ done |
+ echo "+ no files named $@" >> "$LOGFILE" |
+ exit 1 |
+} |
+ |
# Here we go... |
umask 022 |
trap cleanup EXIT |
@@ -129,18 +142,31 @@ ls *kern*.blob >/dev/null 2>&1 || logdie "no kernel images found" |
info "Extracting BIOS components..." |
log dump_fmap -x ${BIOS} || logdie "Unable to extract BIOS components" |
+# Find the FMAP regions we're interested in. Look first for the new names, then |
+# the old names. |
+area_gbb=$(find_name GBB GBB_Area) || \ |
+ logdie "no area_gbb" |
+area_vblock_a=$(find_name VBLOCK_A Firmware_A_Key) || \ |
+ logdie "no area_vblock_a" |
+area_vblock_b=$(find_name VBLOCK_B Firmware_B_Key) || \ |
+ logdie "no area_vblock_b" |
+area_fw_main_a=$(find_name FW_MAIN_A Firmware_A_Data) || \ |
+ logdie "no area_fw_main_a" |
+area_fw_main_b=$(find_name FW_MAIN_B Firmware_B_Data) || \ |
+ logdie "no area_fw_main_a" |
+ |
info "Pulling root and recovery keys from GBB..." |
log gbb_utility -g --rootkey rootkey.vbpubk --recoverykey recoverykey.vbpubk \ |
- GBB_Area || logdie "Unable to extract keys from GBB" |
+ "$area_gbb" || logdie "Unable to extract keys from GBB" |
log vbutil_key --unpack rootkey.vbpubk |
log vbutil_key --unpack recoverykey.vbpubk |
infon "Verify firmware A with root key... " |
-log vbutil_firmware --verify Firmware_A_Key --signpubkey rootkey.vbpubk \ |
- --fv Firmware_A_Data --kernelkey kernel_subkey_a.vbpubk ; result |
+log vbutil_firmware --verify "$area_vblock_a" --signpubkey rootkey.vbpubk \ |
+ --fv "$area_fw_main_a" --kernelkey kernel_subkey_a.vbpubk ; result |
infon "Verify firmware B with root key... " |
-log vbutil_firmware --verify Firmware_B_Key --signpubkey rootkey.vbpubk \ |
- --fv Firmware_B_Data --kernelkey kernel_subkey_b.vbpubk ; result |
+log vbutil_firmware --verify "$area_vblock_b" --signpubkey rootkey.vbpubk \ |
+ --fv "$area_fw_main_b" --kernelkey kernel_subkey_b.vbpubk ; result |
for key in kernel_subkey_a.vbpubk kernel_subkey_b.vbpubk; do |
infon "Test $key... " |