[openfirmware] [commit] r3780 - in cpu/x86/pc/olpc: . via

repository service svn at openfirmware.info
Thu Jul 16 01:07:22 CEST 2015 

Author: quozl
Date: Thu Jul 16 01:07:22 2015
New Revision: 3780
URL: http://tracker.coreboot.org/trac/openfirmware/changeset/3780

Log:
OLPC - keyjector, rename bootfw2.zip to fw.zip since bootfw2.zip now has another meaning (XO-1.75 variant of bootfw.zip), and remove the duplicate file

Deleted:
   cpu/x86/pc/olpc/via/keyject.fth
Modified:
   cpu/x86/pc/olpc/HOWTO-keyjector
   cpu/x86/pc/olpc/keyject.fth

Modified: cpu/x86/pc/olpc/HOWTO-keyjector
==============================================================================
--- cpu/x86/pc/olpc/HOWTO-keyjector	Wed Jul 15 04:08:40 2015	(r3779)
+++ cpu/x86/pc/olpc/HOWTO-keyjector	Thu Jul 16 01:07:22 2015	(r3780)
@@ -19,34 +19,44 @@
 
 The steps are:
 
-* Unpack the tar file containing the new keys into, for example, /home/wmb/Uruguay
+* Unpack the tar file containing the new keys into, for example,
+  /home/wmb/Uruguay
 
-* Note the list of key names, e.g. d0 a1 o1 s1 t1 w1
+* Note the list of key names, e.g. d1 a1 o1 s1 t1 w1
 
 $ cd /home/firmware/q2e34/openfirmware/cpu/x86/pc/olpc/build
 
 * Edit ../keyjector.bth :
 
-** Change the "macro: FW_MINOR " line to the keyjector's intermediate version number, e.g. 34x
+** Change the "macro: FW_MINOR " line to the keyjector's intermediate
+   version number, e.g. 34x
 ** Changing lines like below to the right file and key names.
-     " /space/bios-crypto/build/k2.public"         " s1"              $add-dropin
+   " /home/wmb/Uruguay/s1.public" " s1" $add-dropin
 
 * Edit ../keyjector.fth :
 
-** In wrong-sku?, set the list of SKUs.  This guards against "hijacking" of other country's laptops.
-** In keyject-expired?, set an appropriate expiration date for the keyjector.
+** In wrong-sku?, set the list of SKUs.  This guards against
+   "hijacking" of other country's laptops.
+** In keyject-expired?, set an appropriate expiration date for the
+   keyjector.
 ** In new-key-list$, set the key list.
 
 $ ./build keyject
 
-It should build really quickly, because it is using nearly all the same modules as the base build.
+It should build really quickly, because it is using nearly all the
+same modules as the base build.
 
 * Verify the version number in the new file:
 
 ** $ xxd q2e34x.rom | tail -4
 
-* If you have to make a new "real" release so the keyjector has a successor, do so now.
+* If you have to make a new "real" release so the keyjector has a
+  successor, do so now.
 
 * Sign the keyjector, naming the .zip file "bootfw.zip".
 
-* Sign the successor firmware, name the .zip file "bootfw2.zip"
+* Sign the successor firmware, name the .zip file "fw.zip"
+
+* Place both in a boot directory on media for testing.
+
+* Boot with laptop locked or using X game button to force security on.

Modified: cpu/x86/pc/olpc/keyject.fth
==============================================================================
--- cpu/x86/pc/olpc/keyject.fth	Wed Jul 15 04:08:40 2015	(r3779)
+++ cpu/x86/pc/olpc/keyject.fth	Thu Jul 16 01:07:22 2015	(r3780)
@@ -140,12 +140,12 @@
 
 false value new-firmware?
 : got-firmware?  ( dev$ -- flag )
-   2dup ." Looking for new bootfw2.zip on " type cr     ( dev$ )
+   2dup ." Looking for new fw.zip on " type cr     ( dev$ )
    dn-buf place                                         ( )
    " \boot" pn-buf place                                ( )
    filesystem-present?  0=  if  false exit  then        ( )
    null$ cn-buf place                                   ( )
-   " bootfw2" bundle-present?  0=  if  false exit  then ( )
+   " fw" bundle-present?  0=  if  false exit  then ( )
    ."   Found" cr                                       ( )
    secure?  if                                          ( )
       load-crypto  if                                   ( )
@@ -242,12 +242,12 @@
 ?keyject
 
 [ifdef] HowItWorks
-OLPC signs bootfw.zip containing OFW image A and bootfw2.zip containing OFW image B.
+OLPC signs bootfw.zip containing OFW image A and fw.zip containing OFW image B.
 * A is an OFW with additional keyjector functionality
 * B is an ordinary OFW
 Version number B > version number A.
 
-bootfw.zip and bootfw2.zip are presented to a deployment machine in the usual manner,
+bootfw.zip and fw.zip are presented to a deployment machine in the usual manner,
 either on a USB key or as part of a signed OS image.
 
 On a deployment machine with firmware X (version X < version A):
@@ -263,7 +263,7 @@
 so it
   ! Injects the new keys
 then it
-  ! Reads bootfw2.zip, checks its signature, and reflashes with firmware B (version > A)
+  ! Reads fw.zip, checks its signature, and reflashes with firmware B (version > A)
   ! Reboots
 
 2) Firmware B starts, performs the normal fw update attempt step,

More information about the openfirmware mailing list