generate-tar - OpenGrok cross reference for /openbmc/openpower-pnor-code-mgmt/generate-tar

2 set -eo pipefail
11 usage: generate-tar [OPTION] <PNOR FILE>...
14 -i, --image <squashfs|static>
16 -f, --file <file>      Specify destination file. Defaults to
20     * "generate-tar -i squashfs my.pnor" would generate
22     * "generate-tar -i static my.pnor" would generate
24 -s, --sign <path>      Sign the image. The optional path argument specifies
25 the private key file. Defaults to the bash variable
27 open-source private key in this script.
28 -m, --machine <name>   Optionally specify the target machine name of this
30 -h, --help             Display this help text and exit.
33 private_key=$'-----BEGIN PRIVATE KEY-----
84 -----END PRIVATE KEY-----
88 # https://github.com/open-power/hostboot/blob/master/src/usr/pnor/common/ffs_hb.H
89 # https://github.com/open-power/hostboot/blob/master/src/usr/pnor/ffs.h
93 PRIVATE_KEY_PATH=${PRIVATE_KEY_PATH:-}
97 declare -a partitions=()
101 while [[ $# -gt 0 ]]; do
102   key="$1"
103   case $key in
104     -i|--image)
108     -f|--file)
112     -s|--sign)
114       if [[ -n "${2}"  && "${2}" != -* ]]; then
121     -m|--machine)
125     -h|--help)
136 if [ ! -f "${pnorfile}" ]; then
153 if [[ -z $outfile ]]; then
170 scratch_dir=$(mktemp -d)
172 # The files in the temp directory may contain read-only files, so add
173 # --interactive=never to skip the prompt.
174 trap '{ rm -r --interactive=never ${scratch_dir}; }' EXIT
177   if [[ -z "${private_key_path}" ]]; then
180     echo "Image is NOT secure!! Signing with the open private key!"
182     if [[ ! -f "${private_key_path}" ]]; then
183       echo "Couldn't find private key ${private_key_path}."
192   openssl pkey -in "${private_key_path}" -pubout -out "${public_key_path}"
200 pflash --partition=part --read="${pnor_dir}"/part -F "${pnorfile}"
201 pflash --partition=VERSION --read="${pnor_dir}"/VERSION -F "${pnorfile}"
202 version_size=$(wc -c "${pnor_dir}"/VERSION | cut -d' ' -f 1)
203 magic_number=$(xxd -p -l 4 "${pnor_dir}"/VERSION)
206 # https://github.com/open-power/skiboot/blob/master/libstb/container.h#L47
210   tail --bytes=+4097 "${pnor_dir}"/VERSION_FULL > "${pnor_dir}"/VERSION
213   version=$(head -n 1 "${pnor_dir}"/VERSION)
215   # shellcheck disable=SC2005,SC2046 # Need the echo to remove new lines, same
217   extended_version=$(echo $(tail -n +2 "${pnor_dir}"/VERSION)|tr ' ' ',')
219   while read -r line; do
223         read -r -a fields <<< "$line"
227         vercheck=$(xxd -p -l  0x1 -seek ${offset} "${pnor_dir}"/part)
228         # shellcheck disable=SC2155 # Need the export in the same line to avoid
230         export flags=$(pflash --detail=$((10#$id)) -F "${pnorfile}" | grep "\[" |
248   done < <(pflash --info -F "${pnorfile}" | grep -v "BACKUP")
253   pflash --partition="${partition}" \
254     --read="${pnor_dir}"/"${partition}" \
255     -F "${pnorfile}"
268   chmod 440 -- *
269   # shellcheck disable=SC2048,SC2086 # Do not quote partitions since it lists
272   mksquashfs ${tocfile} ${partitions[*]} "${scratch_dir}"/pnor.xz.squashfs -all-root
282 echo -e "purpose=xyz.openbmc_project.Software.Version.VersionPurpose.Host\nversion=$version\n\
285 if [[ -n "${machine_name}" ]]; then
286     echo -e "MachineName=${machine_name}" >> $manifest_location
293   echo HashType="RSA-SHA256" >> $manifest_location
296     openssl dgst -sha256 -sign "${private_key_path}" -out "${file}.sig" "$file"
304   # shellcheck disable=SC2086 # Do not quote the files variables since they list
306   tar -cvf "$outfile" $files_to_sign $additional_files
309   # shellcheck disable=SC2086 # Do not quote the files variables since they list
311   tar -czvf "$outfile" $files_to_sign $additional_files