* Move git repository to salsa.debian.org.
* Make build logs verbose to include the full command line.
* Protect dh_override_auto_test with check of nocheck in DEB_BUILD_OPTIONS.
* Bump Standards-Version to 4.1.3.
* Update my name in Uploaders.
[dgit import unpatched vboot-utils 0~R63-10032.B-3]
--- /dev/null
--- /dev/null
++debian/manpages/cgpt.1
--- /dev/null
--- /dev/null
++vboot-utils (0~R63-10032.B-3) unstable; urgency=medium
++
++ * Move git repository to salsa.debian.org.
++ * Make build logs verbose to include the full command line.
++ * Protect dh_override_auto_test with check of nocheck in DEB_BUILD_OPTIONS.
++ * Bump Standards-Version to 4.1.3.
++ * Update my name in Uploaders.
++
++ -- Raphaël Hertzog <hertzog@debian.org> Tue, 06 Feb 2018 16:29:11 +0100
++
++vboot-utils (0~R63-10032.B-2) unstable; urgency=medium
++
++ * Add a patch to fix futility bdb on 32 bits architectures (Closes: #881997)
++
++ -- Sophie Brun <sophie@freexian.com> Mon, 20 Nov 2017 14:19:32 +0100
++
++vboot-utils (0~R63-10032.B-1) unstable; urgency=medium
++
++ * Fix debian/watch
++ * New upstream version 0~R63-10032.B
++ * Build against openssl 1.1 (Closes: #835801)
++ * Remove useless patch 0001-use-zu-as-appropriate-for-size_t (fixed
++ upstream)
++ * Update debian/copyright
++ * Remove useless patch 0009-drop-failing-test.patch
++ * Add a patch to fix failing tests-show-contents
++ * Bump Standards-version to 4.1.1: update Priority to optional, use https
++ * Fix perms for usr/share/vboot/bin/common_minimal.sh
++
++ -- Sophie Brun <sophie@freexian.com> Thu, 16 Nov 2017 09:21:28 +0100
++
++vboot-utils (0~R52-8350.B-2) unstable; urgency=medium
++
++ * Add missing build-depends: libssl1.0-dev. Keep using libssl 1.0 as
++ upstream didn't update code for libssl 1.1 and changes are involved
++ (Closes: #835801)
++ * Drop useless build-depends: libtspi-dev
++
++ -- Sophie Brun <sophie@freexian.com> Fri, 02 Sep 2016 15:09:03 +0200
++
++vboot-utils (0~R52-8350.B-1) unstable; urgency=medium
++
++ [ Sophie Brun ]
++ * Import new upstream release (Closes: #828592)
++ * Taking over with Antonio's permission (Closes: #798556)
++ * Update patches: 0001-use-zu-as-appropriate-for-size_t.patch,
++ 0002-reduce-uname-down.patch, 0003-do-not-do-static-linking.patch,
++ 0004-skip-test-workbuf.patch, 0005-remove-Werror.patch,
++ 0006-add-CPPFLAGS-LDFLAGS.patch
++ * Update the installation: futility program is now in vboot-kernel-utils
++ * Update the manual pages (Closes: #735296)
++ * Add patches to fix installation: 0007-fix-install-vboot_reference.patch,
++ 0010-change-install-directory-scripts.patch
++ * Add a patch to try to fix build on arm64
++ * Add a patch to drop a failing test
++ * Add debian/watch
++
++ [ Raphaël Hertzog ]
++ * Don't override dh_builddeb to force xz compression, it's the default
++ nowadays.
++ * Drop vboot_host.pc as we don't install the associated static library.
++ * Use https URL in Vcs-Browser.
++ * Drop build dependency on dpkg-dev as versioned dependency is satisfied in
++ oldstable (wheezy) and all newer releases.
++
++ -- Sophie Brun <sophie@freexian.com> Mon, 23 May 2016 10:55:20 +0200
++
++vboot-utils (0~20121212-3) unstable; urgency=low
++
++ * Added patch to make use that CPPFLAGS and LDFLAGS are used.
++
++ -- Marcin Juszkiewicz <marcin@juszkiewicz.com.pl> Tue, 04 Jun 2013 22:26:58 +0200
++
++vboot-utils (0~20121212-2) unstable; urgency=low
++
++ * bumped debhelper to v9 to get hardening support
++ * fixed lintian warnings
++ * updated manpages
++ * fixed copyright Files: entries
++ * updated Standards-Version to 3.9.4 (no changes)
++ * enlarged vboot-kernel-utils description a bit
++ * fixed Vcs links
++ * Merged few changes from Shawn Landden repo:
++ * Tests are now run after build.
++ * Added manpages for cgpt, crossystem vbutil_kernel.
++ * Added openssl, python, realpath to build dependencies - tests
++ requirements.
++
++ -- Marcin Juszkiewicz <marcin@juszkiewicz.com.pl> Tue, 12 Mar 2013 22:07:17 +0800
++
++vboot-utils (0~20121212-1) unstable; urgency=low
++
++ [ Antonio Terceiro ]
++ * Initial release.
++ * Added patches to:
++ - build utilities as shared binaries
++ - Fix build on armhf by removing -Werror from build flags
++
++ [ Marcin Juszkiewicz ]
++ * Added patch to build cgpt as shared binary.
++
++ -- Antonio Terceiro <terceiro@debian.org> Sun, 16 Dec 2012 11:03:40 -0300
--- /dev/null
--- /dev/null
++9
--- /dev/null
--- /dev/null
++Source: vboot-utils
++Section: admin
++Priority: optional
++Maintainer: Sophie Brun <sophie@freexian.com>
++Uploaders: Raphaël Hertzog <hertzog@debian.org>
++Build-Depends: debhelper (>= 9),
++ liblzma-dev,
++ libssl-dev,
++ libyaml-dev,
++ pkg-config,
++ uuid-dev,
++# tests/bitmaps/TestBmpBlock.py
++ python,
++# tests/external_rsa_signer.sh
++ openssl
++Standards-Version: 4.1.3
++Vcs-Git: https://salsa.debian.org/debian/vboot-utils.git
++Vcs-Browser: https://salsa.debian.org/debian/vboot-utils
++Homepage: https://chromium.googlesource.com/chromiumos/platform/vboot_reference
++
++Package: vboot-utils
++Architecture: amd64 arm64 armel armhf i386
++Multi-Arch: foreign
++Depends: vboot-kernel-utils, ${misc:Depends}, ${shlibs:Depends}
++Recommends: cgpt
++Pre-Depends: ${misc:Pre-Depends}
++Description: Chrome OS verified u-boot utilities
++ This package contains a set of tools to deal with Chromebook internals,
++ and the verified version of u-boot. Namely:
++ bmpblk_font bmpblk_utility chromeos-tpm-recovery crossystem dev_debug_vboot
++ dev_make_keypair dumpRSAPublicKey eficompress efidecompress enable_dev_usb_boot
++ load_kernel_test pad_digest_utility signature_digest_utility tpm-nvsize
++ tpm_init_temp_fix tpmc vbutil_what_key verify_data.
++ .
++ The programs previously included in this package: dump_fmap dump_kernel_config
++ futility gbb_utility vbutil_firmware vbutil_key vbutil_keyblock, are now
++ grouped in the futility program in the package vboot-kernel-utils.
++ .
++ Most users don't need this package, and should look for the cgpt and
++ vboot-kernel-utils packages instead.
++
++Package: cgpt
++Provides: crossystem
++Architecture: amd64 arm64 armel armhf i386
++Multi-Arch: foreign
++Depends: ${misc:Depends}, ${shlibs:Depends}
++Pre-Depends: ${misc:Pre-Depends}
++Description: GPT manipulation tool with support for Chromium OS extensions
++ Cgpt is a tool to manipulate GUID Partition Table from command line. It also
++ supports Chromium OS extensions enabling you to change priority for kernel
++ partitions.
++
++Package: vboot-kernel-utils
++Architecture: amd64 arm64 armel armhf i386
++Depends: ${misc:Depends}, ${shlibs:Depends}
++Pre-Depends: ${misc:Pre-Depends}
++Description: Chrome OS verified boot utils required to sign kernels
++ This package provides the futility program (including the vbutil_kernel
++ program required to sign custom kernels in order to get them booted by Chrome
++ OS devices (i.e. Chromebooks)).
--- /dev/null
--- /dev/null
++Format: https://www.debian.org/doc/packaging-manuals/copyright-format/1.0/
++Upstream-Name: vboot-reference
++Source: https://chromium.googlesource.com/chromiumos/platform/vboot_reference/
++
++Files: *
++Copyright: (c) 2010-2017 The Chromium OS Authors. All rights reserved.
++License: BSD-3-clause
++
++Files: firmware/lib/cgptlib/crc32.c
++Copyright: (C) 1986 Gary S. Brown.
++License: other
++ You may use this program, or code or tables extracted from it, as desired
++ without restriction.
++
++Files: firmware/2lib/2sha256.c firmware/2lib/2sha512.c
++Copyright: (C) 2005, 2007 Olivier Gay <olivier.gay@a3.epfl.ch>
++License: BSD-3-clause
++
++Files: scripts/image_signing/lib/shflags/shflags
++Copyright: Copyright 2008 Kate Ward. All Rights Reserved.
++License: LGPL-2.1
++ This library is free software; you can redistribute it and/or
++ modify it under the terms of the GNU Lesser General Public
++ License version 2.1 as published by the Free Software Foundation.
++ .
++ This library is distributed in the hope that it will be useful,
++ but WITHOUT ANY WARRANTY; without even the implied warranty of
++ MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
++ Lesser General Public License for more details.
++ .
++ You should have received a copy of the GNU Lesser General Public
++ License along with this library; if not, see <http://www.gnu.org/licenses/>
++ .
++ On Debian systems, the complete text of the GNU Lesser General
++ Public License version 2.1 can be found in
++ "/usr/share/common-licenses/LGPL-2.1".
++
++Files: utility/eficompress.c utility/efidecompress.c
++Copyright: (c) 2004 - 2006, Intel Corporation
++ 2010 The Chromium OS Authors
++License: BSD-3-clause
++
++Files: debian/*
++Copyright: 2012 Antonio Terceiro <terceiro@debian.org>
++ 2012 Marcin Juszkiewicz <marcin@juszkiewicz.com.pl>
++License: BSD-3-clause
++
++License: BSD-3-clause
++ All rights reserved.
++ .
++ Redistribution and use in source and binary forms, with or without
++ modification, are permitted provided that the following conditions are
++ met:
++ .
++ 1. Redistributions of source code must retain the above copyright
++ notice, this list of conditions and the following disclaimer.
++ 2. Redistributions in binary form must reproduce the above
++ copyright notice, this list of conditions and the following disclaimer
++ in the documentation and/or other materials provided with the
++ distribution.
++ 3. Neither the name of Google Inc. nor the names of its
++ contributors may be used to endorse or promote products derived from
++ this software without specific prior written permission.
++ .
++ THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
++ "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
++ LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR
++ A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT
++ OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
++ SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
++ LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
++ DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
++ THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
++ (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
++ OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
--- /dev/null
--- /dev/null
++README
--- /dev/null
--- /dev/null
++\" TROFF Macro Summary: http://www.fileformat.info/info/man-pages/macro.htm
++
++.TH CGPT "1" "January 2014" "cgpt " "System Administration Commands"
++
++.SH NAME
++cgpt \- Utility to manipulate GPT partitions with Chromium OS extensions
++
++.SH SYNOPSIS
++.B cgpt
++\fICOMMAND\fR
++[\fIOPTIONS\fR]
++\fIDRIVE\fR
++
++.SH DESCRIPTION
++Cgpt is a tool to manipulate a GUID Partition Table from the command line. Although several other utilities exist for the same basic purpose \- some with more features and a captive user interface \- cgpt is unique in that it also supports Chromium OS extensions. These extensions are not generally useful; they are specific to the u-boot firmware found on some Chromebooks. They may be used to change priority for kernel partitions and give other hints to u-boot Chromebook firmware. Use this utility only to manipulate a partition table for compatible Chromebooks.
++
++.SH COMMANDS
++Each action performed by this program \- with the notable exception of the \fI\-h\fR \fIOPTION\fR \- is initiated by a command which tells cgpt the type of operation to perform. All available commands are described below.
++
++.IP \fBcreate\fR
++Create or reset GPT headers and tables.
++
++.IP \fBadd\fR
++Add, edit, or remove a partition entry.
++
++.IP \fBshow\fR
++Show the partition table and entries.
++
++.IP \fBrepair\fR
++Repair damaged GPT headers and tables.
++
++.IP \fBboot\fR
++Edit the PMBR sector for legacy BIOSes.
++
++If no \fIBOOT OPTIONS\fR are specified, this command will just print the PMBR boot GUID.
++
++.IP \fBfind\fR
++Find a partition by its GUID.
++
++If no \fIDRIVE\fR is specified, this command will scan all physical drives for a match.
++
++.IP \fBprioritize\fR
++Reorder the priority of all ChromeOS kernel partitions.
++
++If no options are specified, this command will set the lowest active kernel to priority 1 while maintaining the original order.
++
++.IP \fBlegacy\fR
++Switch between GPT and Legacy GPT.
++
++.SH GENERAL\ OPTIONS
++The options described in this section apply to every \fICOMMAND\fR supported by this program.
++
++.IP \fB-h\fR
++For more detailed usage, use \fBcgpt\fR \fICOMMAND\fR \fI-h\fR
++
++.SH EXAMPLES
++The following examples demonstrate valid syntax only. It is up to you to interpret them based on the documentation in this manual.
++
++\fBcgpt\fR \fIshow\fR /dev/mmcblk0
++.br
++\fBcgpt\fR \fIcreate\fR /dev/mmcblk0
++.br
++\fBcgpt\fR \fIadd\fR \fI-i\fR 2 \fI-S\fR 1 \fI-T\fR 15 \fI-P\fR 15 /dev/mmcblk0
++.br
++\fBcgpt\fR \fIadd\fR \fI-i\fR 1 \fI-t\fR data \fI-l\fR "STATE" /dev/mmcblk0
++.br
++\fBcgpt\fR \fIadd\fR \fI-i\fR 2 \fI-t\fR kernel \fI-l\fR "KERN-A" /dev/mmcblk0
++.br
++\fBcgpt\fR \fIadd\fR \fI-i\fR 3 \fI-t\fR rootfs \fI-l\fR "ROOT-A" /dev/mmcblk0
++
++.SH AUTHOR
++This manual page was written by Karl Lenz <xorangekiller@gmail.com> for the Debian project (but may be used by others).
++
++.SH COPYRIGHT
++Cgpt is copyright 2010-2013, The Chromium OS Authors
++.br
++This manual page is copyright 2014, Karl Lenz
++
++Copying and distribution of this file, with or without modification, are permitted in any medium without royalty provided the copyright notice and this notice are preserved.
++
++Cgpt is provided "as is" with no warranty. The exact terms under which you may use and (re)distribute this program are detailed in the BSD 3-Clause License, which is distributed with this program in the LICENSE file. On Debian systems, the complete text of the BSD 3-Clause License can be found in /usr/share/common-licenses/BSD.
++
++.SH SEE\ ALSO
++.BR parted (8),
++.BR gdisk (8),
++.BR gptsync (8)
--- /dev/null
--- /dev/null
++.\" DO NOT MODIFY THIS FILE! It was generated by help2man 1.47.4.
++.TH CROSSYSTEM "1" "July 2016" "crossystem " "User Commands"
++.SH NAME
++crossystem \- Chrome OS firmware/system interface utility
++.SH DESCRIPTION
++.SS "Usage:"
++.IP
++crossystem [\-\-all]
++.IP
++Prints all parameters with descriptions and current values.
++If \fB\-\-all\fR is specified, prints even normally hidden fields.
++.IP
++crossystem [param1 [param2 [...]]]
++.IP
++Prints the current value(s) of the parameter(s).
++.IP
++crossystem [param1=value1] [param2=value2 [...]]]
++.IP
++Sets the parameter(s) to the specified value(s).
++.IP
++crossystem [param1?value1] [param2?value2 [...]]]
++.IP
++Checks if the parameter(s) all contain the specified value(s).
++.PP
++Stops at the first error.
++Valid parameters:
++.TP
++arch
++Platform architecture
++.TP
++backup_nvram_request
++Backup the nvram somewhere at the next boot. Cleared on success.
++.TP
++battery_cutoff_request
++Cut off battery and shutdown on next boot.
++.TP
++block_devmode
++Block all use of developer mode
++.TP
++clear_tpm_owner_request
++Clear TPM owner on next boot
++.TP
++clear_tpm_owner_done
++Clear TPM owner done
++.TP
++cros_debug
++OS should allow debug features
++.TP
++dbg_reset
++Debug reset mode request (writable)
++.TP
++debug_build
++OS image built for debug features
++.TP
++dev_boot_usb
++Enable developer mode boot from USB/SD (writable)
++.TP
++dev_boot_legacy
++Enable developer mode boot Legacy OSes (writable)
++.TP
++dev_boot_signed_only
++Enable developer mode boot only from official kernels (writable)
++.TP
++dev_default_boot
++default boot from legacy or usb (writable)
++.TP
++devsw_boot
++Developer switch position at boot
++.TP
++devsw_cur
++Developer switch current position
++.TP
++disable_dev_request
++Disable virtual dev\-mode on next boot
++.TP
++ecfw_act
++Active EC firmware
++.TP
++fmap_base
++Main firmware flashmap physical address
++.TP
++fwb_tries
++Try firmware B count (writable)
++.TP
++fw_vboot2
++1 if firmware was selected by vboot2 or 0 otherwise
++.TP
++fwid
++Active firmware ID
++.TP
++fwupdate_tries
++Times to try OS firmware update (writable, inside kern_nv)
++.TP
++fw_tried
++Firmware tried this boot (vboot2)
++.TP
++fw_try_count
++Number of times to try fw_try_next (writable)
++.TP
++fw_try_next
++Firmware to try next (vboot2,writable)
++.TP
++fw_result
++Firmware result this boot (vboot2,writable)
++.TP
++fw_prev_tried
++Firmware tried on previous boot (vboot2)
++.TP
++fw_prev_result
++Firmware result of previous boot (vboot2)
++.TP
++hwid
++Hardware ID
++.TP
++kern_nv
++Non\-volatile field for kernel use
++.TP
++kernkey_vfy
++Type of verification done on kernel key block
++.TP
++loc_idx
++Localization index for firmware screens (writable)
++.TP
++mainfw_act
++Active main firmware
++.TP
++mainfw_type
++Active main firmware type
++.TP
++nvram_cleared
++Have NV settings been lost? Write 0 to clear
++.TP
++oprom_needed
++Should we load the VGA Option ROM at boot?
++.TP
++recovery_reason
++Recovery mode reason for current boot
++.TP
++recovery_request
++Recovery mode request (writable)
++.TP
++recovery_subcode
++Recovery reason subcode (writable)
++.TP
++recoverysw_boot
++Recovery switch position at boot
++.TP
++recoverysw_cur
++Recovery switch current position
++.TP
++recoverysw_ec_boot
++Recovery switch position at EC boot
++.TP
++ro_fwid
++Read\-only firmware ID
++.TP
++sw_wpsw_boot
++Firmware write protect software setting enabled at boot (Baytrail only)
++.TP
++tpm_attack
++TPM was interrupted since this flag was cleared
++.TP
++tpm_fwver
++Firmware version stored in TPM
++.TP
++tpm_kernver
++Kernel version stored in TPM
++.TP
++tpm_rebooted
++TPM requesting repeated reboot (vboot2)
++.TP
++try_ro_sync
++try read only software sync
++.TP
++tried_fwb
++Tried firmware B before A this boot
++.TP
++vdat_flags
++Flags from VbSharedData
++.TP
++vdat_lfdebug
++LoadFirmware() debug data (not in print\-all)
++.TP
++vdat_lkdebug
++LoadKernel() debug data (not in print\-all)
++.TP
++vdat_timers
++Timer values from VbSharedData
++.TP
++wipeout_request
++Firmware requested factory reset (wipeout)
++.TP
++wpsw_boot
++Firmware write protect hardware switch position at boot
++.TP
++wpsw_cur
++Firmware write protect hardware switch current position
++.SH "SEE ALSO"
++The full documentation for
++.B crossystem
++is maintained as a Texinfo manual. If the
++.B info
++and
++.B crossystem
++programs are properly installed at your site, the command
++.IP
++.B info crossystem
++.PP
++should give you access to the complete manual.
--- /dev/null
--- /dev/null
++.TH FUTILITY "1" "May 2016" "futility " "User Commands"
++.SH NAME
++futility \- Unified firmware utility
++.SH SYNOPSIS
++.B futility
++[\fI\,options\/\fR] \fI\,COMMAND \/\fR[\fI\,args\/\fR...]
++.SH DESCRIPTION
++futility is the unified firmware utility, which will eventually replace
++most of the distinct verified boot tools formerly produced by the
++vboot_reference package.
++.PP
++When symlinked under the name of one of those previous tools, it should
++fully implement the original behavior. It can also be invoked directly
++as futility, followed by the original name as the first argument.
++.PP
++Global options:
++.TP
++\fB\-\-vb1\fR
++Use only vboot v1.0 binary formats
++.TP
++\fB\-\-vb21\fR
++Use only vboot v2.1 binary formats
++.TP
++\fB\-\-debug\fR
++Be noisy about what's going on
++.PP
++The following commands are built\-in:
++.TP
++create
++Create a keypair from an RSA .pem file
++.TP
++dump_fmap
++Display FMAP contents from a firmware image
++.TP
++dump_kernel_config
++Prints the kernel command line
++.TP
++gbb_utility
++Manipulate the Google Binary Block (GBB)
++.TP
++help
++Show a bit of help (you're looking at it)
++.TP
++load_fmap
++Replace the contents of specified FMAP areas
++.TP
++pcr
++Simulate a TPM PCR extension operation
++.TP
++show
++Display the content of various binary components
++.TP
++sign
++Sign / resign various binary components
++.TP
++vbutil_firmware
++Verified boot firmware utility
++.TP
++vbutil_kernel
++Creates, signs, and verifies the kernel partition
++.TP
++vbutil_key
++Wraps RSA keys with vboot headers
++.TP
++vbutil_keyblock
++Creates, signs, and verifies a keyblock
++.TP
++verify
++Verify the signatures of various binary components
++.TP
++version
++Show the futility source revision and build date
++.PP
++Use "futility help COMMAND" for more information.
++.PP
++Usage: futility [options] COMMAND [args...]
++.PP
++This is the unified firmware utility, which will eventually replace
++most of the distinct verified boot tools formerly produced by the
++vboot_reference package.
++.PP
++When symlinked under the name of one of those previous tools, it should
++fully implement the original behavior. It can also be invoked directly
++as futility, followed by the original name as the first argument.
++.PP
++Global options:
++.TP
++\fB\-\-vb1\fR
++Use only vboot v1.0 binary formats
++.TP
++\fB\-\-vb21\fR
++Use only vboot v2.1 binary formats
++.TP
++\fB\-\-debug\fR
++Be noisy about what's going on
++.PP
++The following commands are built\-in:
++.TP
++create
++Create a keypair from an RSA .pem file
++.TP
++dump_fmap
++Display FMAP contents from a firmware image
++.TP
++dump_kernel_config
++Prints the kernel command line
++.TP
++gbb_utility
++Manipulate the Google Binary Block (GBB)
++.TP
++help
++Show a bit of help (you're looking at it)
++.TP
++load_fmap
++Replace the contents of specified FMAP areas
++.TP
++pcr
++Simulate a TPM PCR extension operation
++.TP
++show
++Display the content of various binary components
++.TP
++sign
++Sign / resign various binary components
++.TP
++vbutil_firmware
++Verified boot firmware utility
++.TP
++vbutil_kernel
++Creates, signs, and verifies the kernel partition
++.TP
++vbutil_key
++Wraps RSA keys with vboot headers
++.TP
++vbutil_keyblock
++Creates, signs, and verifies a keyblock
++.TP
++verify
++Verify the signatures of various binary components
++.TP
++version
++Show the futility source revision and build date
++.PP
++Use "futility help COMMAND" for more information.
++.SH "SEE ALSO"
++The full documentation for
++.B futility
++is maintained as a Texinfo manual. If the
++.B info
++and
++.B futility
++programs are properly installed at your site, the command
++.IP
++.B info futility
++.PP
++should give you access to the complete manual.
--- /dev/null
--- /dev/null
++.\" DO NOT MODIFY THIS FILE! It was generated by help2man 1.47.4.
++.TH VBUTIL_KERNEL "1" "May 2016" "vbutil_kernel " "User Commands"
++.SH NAME
++vbutil_kernel \- Utility to sign custom kernels to boot with Chrome OS devices
++.SH SYNOPSIS
++.B futility
++\fI\,/usr/bin/vbutil_kernel --pack <file> \/\fR[\fI\,PARAMETERS\/\fR]
++.SH DESCRIPTION
++.IP
++Required parameters:
++.TP
++\fB\-\-keyblock\fR <file>
++Key block in .keyblock format
++.TP
++\fB\-\-signprivate\fR <file>
++Private key to sign kernel data,
++in .vbprivk format
++.TP
++\fB\-\-version\fR <number>
++Kernel version
++.TP
++\fB\-\-vmlinuz\fR <file>
++Linux kernel bzImage file
++.TP
++\fB\-\-bootloader\fR <file>
++Bootloader stub
++.TP
++\fB\-\-config\fR <file>
++Command line file
++.TP
++\fB\-\-arch\fR <arch>
++Cpu architecture (default x86)
++.IP
++Optional:
++.TP
++\fB\-\-kloadaddr\fR <address>
++Assign kernel body load address
++.TP
++\fB\-\-pad\fR <number>
++Verification padding size in bytes
++.TP
++\fB\-\-vblockonly\fR
++Emit just the verification blob
++.TP
++\fB\-\-flags\fR NUM
++Flags to be passed in the header
++.PP
++OR
++.PP
++Usage: futility \fI\,/usr/bin/vbutil_kernel\/\fP \fB\-\-repack\fR <file>
++[PARAMETERS]
++.IP
++Required parameters:
++.TP
++\fB\-\-signprivate\fR <file>
++Private key to sign kernel data,
++in .vbprivk format
++.TP
++\fB\-\-oldblob\fR <file>
++Previously packed kernel blob
++(including verification blob)
++.IP
++Optional:
++.TP
++\fB\-\-keyblock\fR <file>
++Key block in .keyblock format
++.TP
++\fB\-\-config\fR <file>
++New command line file
++.TP
++\fB\-\-version\fR <number>
++Kernel version
++.TP
++\fB\-\-kloadaddr\fR <address>
++Assign kernel body load address
++.TP
++\fB\-\-pad\fR <number>
++Verification blob size in bytes
++.TP
++\fB\-\-vblockonly\fR
++Emit just the verification blob
++.PP
++OR
++.PP
++Usage: futility \fI\,/usr/bin/vbutil_kernel\/\fP \fB\-\-verify\fR <file>
++[PARAMETERS]
++.IP
++Optional:
++.TP
++\fB\-\-signpubkey\fR <file>
++Public key to verify kernel keyblock,
++in .vbpubk format
++.TP
++\fB\-\-verbose\fR
++Print a more detailed report
++.TP
++\fB\-\-keyblock\fR <file>
++Outputs the verified key block,
++in .keyblock format
++.TP
++\fB\-\-pad\fR <number>
++Verification padding size in bytes
++.TP
++\fB\-\-minversion\fR <number>
++Minimum combined kernel key version
++.PP
++OR
++.PP
++Usage: futility \fI\,/usr/bin/vbutil_kernel\/\fP \fB\-\-get\-vmlinuz\fR
++<file> [PARAMETERS]
++.IP
++Required parameters:
++.TP
++\fB\-\-vmlinuz\-out\fR <file>
++vmlinuz image output file
++.PP
++Usage: futility \fI\,/usr/bin/vbutil_kernel\/\fP \fB\-\-pack\fR <file>
++[PARAMETERS]
++.IP
++Required parameters:
++.TP
++\fB\-\-keyblock\fR <file>
++Key block in .keyblock format
++.TP
++\fB\-\-signprivate\fR <file>
++Private key to sign kernel data,
++in .vbprivk format
++.TP
++\fB\-\-version\fR <number>
++Kernel version
++.TP
++\fB\-\-vmlinuz\fR <file>
++Linux kernel bzImage file
++.TP
++\fB\-\-bootloader\fR <file>
++Bootloader stub
++.TP
++\fB\-\-config\fR <file>
++Command line file
++.TP
++\fB\-\-arch\fR <arch>
++Cpu architecture (default x86)
++.IP
++Optional:
++.TP
++\fB\-\-kloadaddr\fR <address>
++Assign kernel body load address
++.TP
++\fB\-\-pad\fR <number>
++Verification padding size in bytes
++.TP
++\fB\-\-vblockonly\fR
++Emit just the verification blob
++.TP
++\fB\-\-flags\fR NUM
++Flags to be passed in the header
++.PP
++OR
++.PP
++Usage: futility \fI\,/usr/bin/vbutil_kernel\/\fP \fB\-\-repack\fR <file>
++[PARAMETERS]
++.IP
++Required parameters:
++.TP
++\fB\-\-signprivate\fR <file>
++Private key to sign kernel data,
++in .vbprivk format
++.TP
++\fB\-\-oldblob\fR <file>
++Previously packed kernel blob
++(including verification blob)
++.IP
++Optional:
++.TP
++\fB\-\-keyblock\fR <file>
++Key block in .keyblock format
++.TP
++\fB\-\-config\fR <file>
++New command line file
++.TP
++\fB\-\-version\fR <number>
++Kernel version
++.TP
++\fB\-\-kloadaddr\fR <address>
++Assign kernel body load address
++.TP
++\fB\-\-pad\fR <number>
++Verification blob size in bytes
++.TP
++\fB\-\-vblockonly\fR
++Emit just the verification blob
++.PP
++OR
++.PP
++Usage: futility \fI\,/usr/bin/vbutil_kernel\/\fP \fB\-\-verify\fR <file>
++[PARAMETERS]
++.IP
++Optional:
++.TP
++\fB\-\-signpubkey\fR <file>
++Public key to verify kernel keyblock,
++in .vbpubk format
++.TP
++\fB\-\-verbose\fR
++Print a more detailed report
++.TP
++\fB\-\-keyblock\fR <file>
++Outputs the verified key block,
++in .keyblock format
++.TP
++\fB\-\-pad\fR <number>
++Verification padding size in bytes
++.TP
++\fB\-\-minversion\fR <number>
++Minimum combined kernel key version
++.PP
++OR
++.PP
++Usage: futility \fI\,/usr/bin/vbutil_kernel\/\fP \fB\-\-get\-vmlinuz\fR
++<file> [PARAMETERS]
++.IP
++Required parameters:
++.TP
++\fB\-\-vmlinuz\-out\fR <file>
++vmlinuz image output file
++
--- /dev/null
--- /dev/null
++Description: Reduce `uname -m` down to what the build system
++ expects
++Author: Shawn Landden <shawnlandden@gmail.com>
++Last-Update: 2013-01-28
++---
++--- a/Makefile
+++++ b/Makefile
++@@ -93,6 +93,12 @@ endif
++
++ # Architecture detection
++ _machname := $(shell uname -m)
+++ifneq (,$(findstring arm,${_machname}))
+++ override _machname := arm
+++endif
+++ifneq (,$(findstring i686,${_machname}))
+++ override _machname := x86
+++endif
++ HOST_ARCH ?= ${_machname}
++
++ # ARCH and/or FIRMWARE_ARCH are defined by the Chromium OS ebuild.
--- /dev/null
--- /dev/null
++Description: Do not do static linking
++Author: Shawn Landden <shawnlandden@gmail.com>
++Last-Update: 2013-01-28
++---
++--- a/Makefile
+++++ b/Makefile
++@@ -1010,7 +1010,7 @@ ${UTILBDB}: ${UTILBDB_OBJS} ${BDBLIB_OBJ
++ # Link tests for external repos
++ ${BUILD}/host/linktest/extern: ${HOSTLIB}
++ ${BUILD}/host/linktest/extern: LIBS = ${HOSTLIB}
++-${BUILD}/host/linktest/extern: LDLIBS += -static
+++#${BUILD}/host/linktest/extern: LDLIBS += -static
++ TEST_OBJS += ${BUILD}/host/linktest/extern.o
++
++ .PHONY: hostlib
++@@ -1102,7 +1102,7 @@ ${UTIL_BINS} ${UTIL_BINS_STATIC}: ${UTIL
++ ${UTIL_BINS} ${UTIL_BINS_STATIC}: LIBS = ${UTILLIB}
++
++ # Utilities for auto-update toolkits must be statically linked.
++-${UTIL_BINS_STATIC}: LDFLAGS += -static
+++${UTIL_BINS_STATIC}: # Not in Debian
++
++
++ .PHONY: utils
++@@ -1136,7 +1136,7 @@ futil: ${FUTIL_STATIC_BIN} ${FUTIL_BIN}
++ ${FUTIL_STATIC_BIN}: LDLIBS += ${CRYPTO_STATIC_LIBS}
++ ${FUTIL_STATIC_BIN}: ${FUTIL_STATIC_OBJS} ${UTILLIB}
++ @${PRINTF} " LD $(subst ${BUILD}/,,$@)\n"
++- ${Q}${LD} -o $@ ${CFLAGS} ${LDFLAGS} -static $^ ${LDLIBS}
+++ ${Q}${LD} -o $@ ${CFLAGS} ${LDFLAGS} $^ ${LDLIBS}
++
++ ${FUTIL_BIN}: LDLIBS += ${CRYPTO_LIBS} ${FWLIB20}
++ ${FUTIL_BIN}: ${FUTIL_OBJS} ${UTILLIB} ${FWLIB20} ${UTILBDB}
--- /dev/null
--- /dev/null
++Description: skip the workbuf test if VB2_WORKBUF_ALIGN different from 16
++Author: Sophie Brun <sophie@freexian.com>
++Last-Update: 2015-12-03
++---
++This patch header follows DEP-3: http://dep.debian.net/deps/dep3/
++--- a/tests/vb2_common_tests.c
+++++ b/tests/vb2_common_tests.c
++@@ -70,6 +70,11 @@ static void test_workbuf(void)
++ /* NOTE: There are several magic numbers below which assume that
++ * VB2_WORKBUF_ALIGN == 16 */
++
+++ /* Skip the tests if VB2_WORKBUF_ALIGN != 16 */
+++ if (VB2_WORKBUF_ALIGN != 16) {
+++ return;
+++ }
+++
++ /* Init */
++ vb2_workbuf_init(&wb, p0, 64);
++ TEST_EQ(vb2_offset_of(p0, wb.buf), 0, "Workbuf init aligned");
--- /dev/null
--- /dev/null
++Description: remove -Werror
++ This breaks the build on armhf due to warning about format strings
++Author: Antonio Terceiro <terceiro@debian.org>
++Last-Update: 2016-03-21
++---
++This patch header follows DEP-3: http://dep.debian.net/deps/dep3/
++--- a/Makefile
+++++ b/Makefile
++@@ -137,7 +137,7 @@ DEBUG_FLAGS := $(if ${DEBUG},-g -O0,-Os)
++ WERROR := -Werror
++ COMMON_FLAGS := -nostdinc -pipe \
++ -ffreestanding -fno-builtin -fno-stack-protector \
++- ${WERROR} -Wall -Wstrict-prototypes ${DEBUG_FLAGS}
+++ -Wall -Wstrict-prototypes ${DEBUG_FLAGS}
++
++ # Note: FIRMWARE_ARCH is defined by the Chromium OS ebuild.
++ ifeq (${FIRMWARE_ARCH}, arm)
++@@ -160,7 +160,7 @@ CFLAGS ?= ${COMMON_FLAGS} \
++ else
++ # FIRMWARE_ARCH not defined; assuming local compile.
++ CC ?= gcc
++-CFLAGS += -DCHROMEOS_ENVIRONMENT -Wall ${WERROR} ${DEBUG_FLAGS}
+++CFLAGS += -DCHROMEOS_ENVIRONMENT -Wall ${DEBUG_FLAGS}
++ endif
++
++ ifneq (${CUSTOM_MUSIC},)
--- /dev/null
--- /dev/null
++Description: Add missing CPPFLAGS and LDFLAGS
++Author: Marcin Juszkiewicz <marcin@juszkiewicz.com.pl>
++Origin: Debian
++Last-Update: 2016-05-20
++---
++This patch header follows DEP-3: http://dep.debian.net/deps/dep3/
++--- a/Makefile
+++++ b/Makefile
++@@ -139,6 +139,7 @@ COMMON_FLAGS := -nostdinc -pipe \
++ -ffreestanding -fno-builtin -fno-stack-protector \
++ -Wall -Wstrict-prototypes ${DEBUG_FLAGS}
++
+++CFLAGS += $(CPPFLAGS)
++ # Note: FIRMWARE_ARCH is defined by the Chromium OS ebuild.
++ ifeq (${FIRMWARE_ARCH}, arm)
++ CC ?= armv7a-cros-linux-gnueabi-gcc
++@@ -1164,28 +1165,28 @@ ${BUILD}/%: ${BUILD}/%.o ${OBJS} ${LIBS}
++
++ ${BUILD}/%.o: %.c
++ @${PRINTF} " CC $(subst ${BUILD}/,,$@)\n"
++- ${Q}${CC} ${CFLAGS} ${INCLUDES} -c -o $@ $<
+++ ${Q}${CC} ${CFLAGS} ${LDFLAGS} ${INCLUDES} -c -o $@ $<
++
++ ${BUILD}/%.o: ${BUILD}/%.c
++ @${PRINTF} " CC $(subst ${BUILD}/,,$@)\n"
++- ${Q}${CC} ${CFLAGS} ${INCLUDES} -c -o $@ $<
+++ ${Q}${CC} ${CFLAGS} ${LDFLAGS} ${INCLUDES} -c -o $@ $<
++
++ # Rules to recompile a single source file for library and test
++ # TODO: is there a tidier way to do this?
++ ${BUILD}/%_for_lib.o: CFLAGS += -DFOR_LIBRARY
++ ${BUILD}/%_for_lib.o: %.c
++ @${PRINTF} " CC-for-lib $(subst ${BUILD}/,,$@)\n"
++- ${Q}${CC} ${CFLAGS} ${INCLUDES} -c -o $@ $<
+++ ${Q}${CC} ${CFLAGS} ${LDFLAGS} ${INCLUDES} -c -o $@ $<
++
++ ${BUILD}/%_for_test.o: CFLAGS += -DFOR_TEST
++ ${BUILD}/%_for_test.o: %.c
++ @${PRINTF} " CC-for-test $(subst ${BUILD}/,,$@)\n"
++- ${Q}${CC} ${CFLAGS} ${INCLUDES} -c -o $@ $<
+++ ${Q}${CC} ${CFLAGS} ${LDFLAGS} ${INCLUDES} -c -o $@ $<
++
++ # TODO: C++ files don't belong in vboot reference at all. Convert to C.
++ ${BUILD}/%.o: %.cc
++ @${PRINTF} " CXX $(subst ${BUILD}/,,$@)\n"
++- ${Q}${CXX} ${CFLAGS} ${INCLUDES} -c -o $@ $<
+++ ${Q}${CXX} ${CFLAGS} ${LDFLAGS} ${INCLUDES} -c -o $@ $<
++
++ # ----------------------------------------------------------------------------
++ # Here are the special tweaks to the generic rules.
--- /dev/null
--- /dev/null
++Description: Fix install path for vboot_reference
++ vboot_reference is installed by default in usr/default/ instead of
++ /etc/default/
++ .
++ /etc/default/vboot_reference is used by utility/dev_debug_vboot.
++Author: Sophie Brun <sophie@freexian.com>
++Last-Update: 2016-05-20
++---
++This patch header follows DEP-3: http://dep.debian.net/deps/dep3/
++--- a/Makefile
+++++ b/Makefile
++@@ -63,7 +63,7 @@ UL_DIR=${DESTDIR}/${LIBDIR}
++ ULP_DIR=${UL_DIR}/pkgconfig
++ UI_DIR=${DESTDIR}/include/vboot
++ US_DIR=${DESTDIR}/share/vboot
++-DF_DIR=${DESTDIR}/default
+++DF_DIR=${DESTDIR}/../etc/default
++ VB_DIR=${DESTDIR}/bin
++ else
++ # Target install puts things into different places
--- /dev/null
--- /dev/null
++Description: Try to fix building on arm64
++Author: Steev Klimaszewski
++Origin: https://bugs.kali.org/view.php?id=3172
++Last-Update: 2016-05-20
++---
++This patch header follows DEP-3: http://dep.debian.net/deps/dep3/
++--- a/Makefile
+++++ b/Makefile
++@@ -96,6 +96,9 @@ _machname := $(shell uname -m)
++ ifneq (,$(findstring arm,${_machname}))
++ override _machname := arm
++ endif
+++ifneq (,$(findstring aarch64,${_machname}))
+++ override _machname := arm
+++endif
++ ifneq (,$(findstring i686,${_machname}))
++ override _machname := x86
++ endif
--- /dev/null
--- /dev/null
++Description: Change install directory of scripts
++ Shell scripts are installed by default in /usr/bin. Move them to
++ /usr/share/vboot/bin
++Author: Sophie Brun <sophie@freexian.com>
++Last-Update: 2016-06-27
++---
++This patch header follows DEP-3: http://dep.debian.net/deps/dep3/
++--- a/Makefile
+++++ b/Makefile
++@@ -64,7 +64,7 @@ ULP_DIR=${UL_DIR}/pkgconfig
++ UI_DIR=${DESTDIR}/include/vboot
++ US_DIR=${DESTDIR}/share/vboot
++ DF_DIR=${DESTDIR}/../etc/default
++-VB_DIR=${DESTDIR}/bin
+++VB_DIR=${DESTDIR}/share/vboot/bin
++ else
++ # Target install puts things into different places
++ UB_DIR=${DESTDIR}/usr/bin
--- /dev/null
--- /dev/null
++Description: Fix tests/futility/test_show_contents.sh
++ Tests compare generated files containing the file path and upstream files
++ ("expected output") containing path like
++ "/mnt/host/source/src/platform/vboot_reference/tests/". They can't
++ match. Drop these lines mentioning paths in the generated files and in
++ the upstream provided files to avoid failures.
++Author: Sophie Brun <sophie@freexian.com>
++Last-Update: 2017-11-14
++---
++This patch header follows DEP-3: http://dep.debian.net/deps/dep3/
++--- a/tests/futility/expect_output/show.tests_devkeys_kernel.keyblock
+++++ b/tests/futility/expect_output/show.tests_devkeys_kernel.keyblock
++@@ -1,4 +1,3 @@
++-Key block: /mnt/host/source/src/platform/vboot_reference/tests/devkeys/kernel.keyblock
++ Signature: ignored
++ Size: 0x4b8
++ Flags: 7 !DEV DEV !REC
++--- a/tests/futility/expect_output/show.tests_devkeys_root_key.vbprivk
+++++ b/tests/futility/expect_output/show.tests_devkeys_root_key.vbprivk
++@@ -1,4 +1,3 @@
++-Private Key file: /mnt/host/source/src/platform/vboot_reference/tests/devkeys/root_key.vbprivk
++ Vboot API: 1.0
++ Algorithm: 11 RSA8192 SHA512
++ Key sha1sum: b11d74edd286c144e1135b49e7f0bc20cf041f10
++--- a/tests/futility/expect_output/show.tests_devkeys_root_key.vbpubk
+++++ b/tests/futility/expect_output/show.tests_devkeys_root_key.vbpubk
++@@ -1,4 +1,3 @@
++-Public Key file: /mnt/host/source/src/platform/vboot_reference/tests/devkeys/root_key.vbpubk
++ Vboot API: 1.0
++ Algorithm: 11 RSA8192 SHA512
++ Key Version: 1
++--- a/tests/futility/expect_output/show.tests_futility_data_bios_mario_mp.bin
+++++ b/tests/futility/expect_output/show.tests_futility_data_bios_mario_mp.bin
++@@ -1,4 +1,3 @@
++-BIOS: /mnt/host/source/src/platform/vboot_reference/tests/futility/data/bios_mario_mp.bin
++ GBB header: GBB Area
++ Version: 1.0
++ Flags: 0x00000000
++--- a/tests/futility/expect_output/show.tests_futility_data_bios_zgb_mp.bin
+++++ b/tests/futility/expect_output/show.tests_futility_data_bios_zgb_mp.bin
++@@ -1,4 +1,3 @@
++-BIOS: /mnt/host/source/src/platform/vboot_reference/tests/futility/data/bios_zgb_mp.bin
++ GBB header: GBB
++ Version: 1.0
++ Flags: 0x00000000
++--- a/tests/futility/expect_output/show.tests_futility_data_fw_gbb.bin
+++++ b/tests/futility/expect_output/show.tests_futility_data_fw_gbb.bin
++@@ -1,4 +1,3 @@
++-GBB header: /mnt/host/source/src/platform/vboot_reference/tests/futility/data/fw_gbb.bin
++ Version: 1.1
++ Flags: 0x00000039
++ Regions: offset size
++--- a/tests/futility/expect_output/show.tests_futility_data_fw_vblock.bin
+++++ b/tests/futility/expect_output/show.tests_futility_data_fw_vblock.bin
++@@ -1,4 +1,3 @@
++-Key block: /mnt/host/source/src/platform/vboot_reference/tests/futility/data/fw_vblock.bin
++ Signature: ignored
++ Size: 0x8b8
++ Flags: 7 !DEV DEV !REC
++--- a/tests/futility/expect_output/show.tests_futility_data_kern_preamble.bin
+++++ b/tests/futility/expect_output/show.tests_futility_data_kern_preamble.bin
++@@ -1,4 +1,3 @@
++-Kernel partition: /mnt/host/source/src/platform/vboot_reference/tests/futility/data/kern_preamble.bin
++ Key block:
++ Signature: ignored
++ Size: 0x5b8
++--- a/tests/futility/expect_output/show.tests_futility_data_sample.vbprik2
+++++ b/tests/futility/expect_output/show.tests_futility_data_sample.vbprik2
++@@ -1,4 +1,3 @@
++-Private key file: /mnt/host/source/src/platform/vboot_reference/tests/futility/data/sample.vbprik2
++ Vboot API: 2.1
++ Desc: "sample vb21 keypair"
++ Signature Algorithm: 5 RSA8192
++--- a/tests/futility/expect_output/show.tests_futility_data_sample.vbpubk2
+++++ b/tests/futility/expect_output/show.tests_futility_data_sample.vbpubk2
++@@ -1,4 +1,3 @@
++-Public Key file: /mnt/host/source/src/platform/vboot_reference/tests/futility/data/sample.vbpubk2
++ Vboot API: 2.1
++ Desc: "sample vb21 keypair"
++ Signature Algorithm: 5 RSA8192
++--- a/tests/futility/expect_output/show.tests_testkeys_key_rsa2048.pem
+++++ b/tests/futility/expect_output/show.tests_testkeys_key_rsa2048.pem
++@@ -1,3 +1,2 @@
++-Private Key file: /mnt/host/source/src/platform/vboot_reference/tests/testkeys/key_rsa2048.pem
++ Key length: 2048
++ Key sha1sum: bfb2fa9188a87bf766dd7c313ea6802553b646b6
++--- a/tests/futility/expect_output/show.tests_testkeys_key_rsa8192.pub.pem
+++++ b/tests/futility/expect_output/show.tests_testkeys_key_rsa8192.pub.pem
++@@ -1,3 +1,2 @@
++-Public Key file: /mnt/host/source/src/platform/vboot_reference/tests/testkeys/key_rsa8192.pub.pem
++ Key length: 8192
++ Key sha1sum: f1afa44a1aed0d0e9ff630579df920a725e9de5e
++--- a/tests/futility/test_show_contents.sh
+++++ b/tests/futility/test_show_contents.sh
++@@ -29,7 +29,7 @@ for file in $SHOW_FILES; do
++ outfile="show.${file//\//_}"
++ gotfile="${OUTDIR}/${outfile}"
++ wantfile="${SRCDIR}/tests/futility/expect_output/${outfile}"
++- ${FUTILITY} show "${SRCDIR}/${file}" | tee "${gotfile}"
+++ ${FUTILITY} show "${SRCDIR}/${file}" | grep -v "tests/" | tee "${gotfile}"
++
++ # Uncomment this to update the expected output
++ #cp ${gotfile} ${wantfile}
++@@ -48,7 +48,7 @@ for file in $VBUTIL_KEY_FILES; do
++ outfile="vbutil_key.${file//\//_}"
++ gotfile="${OUTDIR}/${outfile}"
++ wantfile="${SRCDIR}/tests/futility/expect_output/${outfile}"
++- ${FUTILITY} vbutil_key --unpack "${SRCDIR}/${file}" | tee "${gotfile}"
+++ ${FUTILITY} vbutil_key --unpack "${SRCDIR}/${file}" | grep -v "tests/" | tee "${gotfile}"
++
++ # Uncomment this to update the expected output
++ #cp ${gotfile} ${wantfile}
++@@ -64,7 +64,7 @@ gotfile="${OUTDIR}/${outfile}"
++ wantfile="${SRCDIR}/tests/futility/expect_output/${outfile}"
++ ${FUTILITY} vbutil_keyblock --unpack "${SRCDIR}/${file}" \
++ --signpubkey "${SRCDIR}/tests/devkeys/kernel_subkey.vbpubk" \
++- | tee "${gotfile}"
+++ | grep -v "tests/" | tee "${gotfile}"
++
++ # Uncomment this to update the expected output
++ #cp ${gotfile} ${wantfile}
++--- a/tests/futility/expect_output/vbutil_key.tests_devkeys_root_key.vbprivk
+++++ b/tests/futility/expect_output/vbutil_key.tests_devkeys_root_key.vbprivk
++@@ -1,2 +1 @@
++-Private Key file: /mnt/host/source/src/platform/vboot_reference/tests/devkeys/root_key.vbprivk
++ Algorithm: 11 RSA8192 SHA512
++--- a/tests/futility/expect_output/vbutil_keyblock.tests_devkeys_kernel.keyblock
+++++ b/tests/futility/expect_output/vbutil_keyblock.tests_devkeys_kernel.keyblock
++@@ -1,4 +1,3 @@
++-Key block file: /mnt/host/source/src/platform/vboot_reference/tests/devkeys/kernel.keyblock
++ Signature valid
++ Flags: 7 !DEV DEV !REC
++ Data key algorithm: 4 RSA2048 SHA256
++--- a/tests/futility/expect_output/vbutil_key.tests_devkeys_root_key.vbpubk
+++++ b/tests/futility/expect_output/vbutil_key.tests_devkeys_root_key.vbpubk
++@@ -1,4 +1,3 @@
++-Public Key file: /mnt/host/source/src/platform/vboot_reference/tests/devkeys/root_key.vbpubk
++ Algorithm: 11 RSA8192 SHA512
++ Key Version: 1
++ Key sha1sum: b11d74edd286c144e1135b49e7f0bc20cf041f10
--- /dev/null
--- /dev/null
++Description: Fix a spelling error
++Author: Sophie Brun <sophie@freexian.com>
++Last-Update: 2017-11-14
++---
++This patch header follows DEP-3: http://dep.debian.net/deps/dep3/
++--- a/futility/cmd_vbutil_kernel.c
+++++ b/futility/cmd_vbutil_kernel.c
++@@ -123,7 +123,7 @@ static const char usage[] =
++ " --signprivate <file> Private key to sign kernel data,\n"
++ " in .vbprivk format\n"
++ " --oldblob <file> Previously packed kernel blob\n"
++- " (including verfication blob)\n"
+++ " (including verification blob)\n"
++ "\n"
++ " Optional:\n"
++ " --keyblock <file> Key block in .keyblock format\n"
--- /dev/null
--- /dev/null
++Description: Fix format load_address for 32 bits architectures
++ The offset and load_address are 64bits integers
++ On 32bits we have to use strtoull (instead of strtoul) to parse number
++ into 64bits unsigned integers. Without this the parsed numbers are
++ truncated to 2^32-1.
++Author: Sophie Brun <sophie@freexian.com>
++Bug-Debian: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=881997
++Forwarded: https://bugs.chromium.org/p/chromium/issues/detail?id=786969
++Last-Update: 2017-11-20
++---
++This patch header follows DEP-3: http://dep.debian.net/deps/dep3/
++--- a/futility/cmd_bdb.c
+++++ b/futility/cmd_bdb.c
++@@ -637,7 +637,7 @@ static int do_bdb(int argc, char *argv[]
++ }
++ break;
++ case OPT_OFFSET:
++- offset = strtoul(optarg, &e, 0);
+++ offset = strtoull(optarg, &e, 0);
++ if (!*optarg || (e && *e)) {
++ fprintf(stderr, "Invalid --offset\n");
++ parse_error = 1;
++@@ -658,7 +658,7 @@ static int do_bdb(int argc, char *argv[]
++ }
++ break;
++ case OPT_LOAD_ADDRESS:
++- load_address = strtoul(optarg, &e, 0);
+++ load_address = strtoull(optarg, &e, 0);
++ if (!*optarg || (e && *e)) {
++ fprintf(stderr, "Invalid --load_address\n");
++ parse_error = 1;
--- /dev/null
--- /dev/null
++0002-reduce-uname-down.patch
++0003-do-not-do-static-linking.patch
++0004-skip-test-workbuf.patch
++0005-remove-Werror.patch
++0006-add-CPPFLAGS-LDFLAGS.patch
++0007-fix-install-vboot_reference.patch
++0008-fix-building-on-arm64.patch
++0010-change-install-directory-scripts.patch
++0011-fix-tests-show-contents.patch
++0012-fix-spelling-errors.patch
++0013-fix-format-load-address.patch
--- /dev/null
--- /dev/null
++#!/usr/bin/make -f
++
++export DEB_BUILD_MAINT_OPTIONS = hardening=+all
++
++override_dh_auto_build:
++ dh_auto_build -- V=1
++
++override_dh_auto_install:
++ $(MAKE) V=1 DESTDIR=$$(pwd)/debian/vboot-utils/usr install
++ mkdir -p $$(pwd)/debian/cgpt/usr/bin
++ mv -t $$(pwd)/debian/cgpt/usr/bin \
++ $$(pwd)/debian/vboot-utils/usr/bin/cgpt
++ mkdir -p $$(pwd)/debian/vboot-kernel-utils/usr/bin
++ mv -t $$(pwd)/debian/vboot-kernel-utils/usr/bin \
++ $$(pwd)/debian/vboot-utils/usr/bin/vbutil_kernel
++ mv -t $$(pwd)/debian/vboot-kernel-utils/usr/bin \
++ $$(pwd)/debian/vboot-utils/usr/bin/futility
++ mv -t $$(pwd)/debian/vboot-kernel-utils/usr/bin \
++ $$(pwd)/debian/vboot-utils/usr/bin/futility_s
++ # vboot_host.pc is useless without the static library (which
++ # we could install with "make install-dev" but we currently don't)
++ rm -f debian/vboot-utils/usr/lib/pkgconfig/vboot_host.pc
++ rmdir --ignore-fail-on-non-empty -p debian/vboot-utils/usr/lib/pkgconfig
++
++override_dh_auto_test:
++ifeq (,$(filter nocheck,$(DEB_BUILD_OPTIONS)))
++ make runtests V=1
++endif
++
++%:
++ dh $@ --parallel
++
++override_dh_fixperms:
++ dh_fixperms
++ chmod 755 debian/vboot-utils/usr/share/vboot/bin/common_minimal.sh
--- /dev/null
--- /dev/null
++3.0 (quilt)
--- /dev/null
--- /dev/null
++tests/devkeys /usr/share/vboot/
++tests/devkeys-acc /usr/share/vboot/
++tests/devkeys-pkc /usr/share/vboot/
--- /dev/null
--- /dev/null
++debian/manpages/futility.1
++debian/manpages/vbutil_kernel.1
--- /dev/null
--- /dev/null
++debian/manpages/crossystem.1
--- /dev/null
--- /dev/null
++version=3
++opts="downloadurlmangle=s|/\+/release-(.*)|/+archive/release-$1.tar.gz|g,uversionmangle=s|^|0~|,filenamemangle=s|.*/release-(.*)$|vboot-utils-$1.tar.gz|" \
++https://chromium.googlesource.com/chromiumos/platform/vboot_reference/+refs \
++ /chromiumos/platform/vboot_reference/\+/release-(.*)
projects / vboot-utils.git / commitdiff