[Skiboot] [PATCH v2] libstb/(create|print)-container: Sync with sb-signing-utils

Stewart Smith stewart at linux.vnet.ibm.com
Wed Dec 20 10:48:46 AEDT 2017 

Stewart Smith <stewart at linux.vnet.ibm.com> writes:
> The sb-signing-utils project has improved upon the skeleton
> create-container tool that existed in skiboot, including
> being able to (quite easily) create *signed* images.
>
> This commit brings in that code (and makes it build in the
> skiboot build environment) and updates our skiboot.*.stb
> generating code to use the development keys.
>
> We also update print-container as well, syncing it with the
> upstream project.
>
> Derived from github.com:open-power/sb-signing-utils.git
> at v0.3-5-gcb111c03ad7f
> (and yes, changes here will be submitted upstream)
>
> Cc: Dave Heller <hellerda at linux.vnet.ibm.com>
> Signed-off-by: Stewart Smith <stewart at linux.vnet.ibm.com>
> ---
>  Makefile.main                     |   4 +-
>  libstb/Makefile.inc               |   8 +-
>  libstb/container-utils.c          | 137 ++++++++
>  libstb/container-utils.h          |  41 +++
>  libstb/create-container.c         | 541 +++++++++++++++++++++--------
>  libstb/keys/README.md             | 147 ++++++++
>  libstb/keys/hw_key_a.key          |  25 ++
>  libstb/keys/hw_key_b.key          |  26 ++
>  libstb/keys/hw_key_c.key          |  26 ++
>  libstb/keys/sw_key_a.key          |  16 +
>  libstb/print-container.c          | 706 ++++++++++++++++++++++++++++++++++++++
>  libstb/sign-with-local-keys.sh    |  16 +-
>  libstb/test/Makefile.check        |  12 +-
>  libstb/test/print-stb-container.c | 208 -----------
>  libstb/test/t.container.out       |  50 ++-
>  15 files changed, 1575 insertions(+), 388 deletions(-)
>  create mode 100644 libstb/container-utils.c
>  create mode 100644 libstb/container-utils.h
>  create mode 100644 libstb/keys/README.md
>  create mode 100644 libstb/keys/hw_key_a.key
>  create mode 100644 libstb/keys/hw_key_b.key
>  create mode 100644 libstb/keys/hw_key_c.key
>  create mode 100644 libstb/keys/sw_key_a.key
>  create mode 100644 libstb/print-container.c
>  delete mode 100644 libstb/test/print-stb-container.c

Merged to skiboot as of 6e05c6f21b34f9c4f6597ace36dfca9624c7923c.

Dave and I are still having a conversation on what coding style we want
for the upstream utils, but I'm okay to have to resync again later, and
would rather be able to produce properly signed things *now* and be
closer to the now-upstream code than wait for myself to get back to
answering that email.

-- 
Stewart Smith
OPAL Architect, IBM.

More information about the Skiboot mailing list