Allow /etc/defaults/vboot_reference to customise some utilities

The dev_debug_vboot program can sometimes interfere with
automated firmware testing because it takes too long to read the
BIOS flash. Limiting the sections of flash that are read may
help, but in some cases skipping this program entirely may be
better.

This CL does three things:

1. dev_debug_vboot will read only some sections of the BIOS
   flash, falling back to reading the whole thing only if it
   fails at that.

2. dev_debug_vboot will source /etc/default/vboot_reference if it
   exists. Putting DEV_DEBUG_FORCE=1 in that file will prevent
   dev_debug_vboot from reading the flash at all unless it's
   invoked with --force option.

3. The Makefile will create the /etc/default/vboot_reference file
   in the install directory, setting DEV_DEBUG_FORCE to the value
   in effect at build time. This will let a future CL change the
   default behavior for each target.

BUG=chromium:438854
BRANCH=none
TEST=manual

Built and tested on Samus. /etc/default/vboot_reference was
present, containing "DEV_DEBUG_FORCE=". The dev_debug_vboot
script ran normally.

Manually changing /etc/default/vboot_reference to contain
"DEV_DEBUG_FORCE=1" and rebooting caused dev_debug_vboot to stop
before reading the BIOS flash.

I also manually forced various flashrom invocations to fail to
test each part of the new flow.

Change-Id: Ib319dd16b9026162d01f435f15570ec8ba99c512
Signed-off-by: Bill Richardson <wfrichar@chromium.org>
Reviewed-on: https://chromium-review.googlesource.com/233228
Reviewed-by: David Hendricks <dhendrix@chromium.org>
Reviewed-by: Stefan Reinauer <reinauer@chromium.org>
diff --git a/Makefile b/Makefile
index 61c639f..3ee3abf 100644
--- a/Makefile
+++ b/Makefile
@@ -45,16 +45,22 @@
 INSTALL = install
 DESTDIR = /usr/local
 
+# Default values
+DEV_DEBUG_FORCE=
+
 # Where exactly do the pieces go?
 #  UB_DIR = utility binary directory
+#  DF_DIR = utility defaults directory
 #  VB_DIR = vboot binary directory for dev-mode-only scripts
 ifeq (${MINIMAL},)
 # Host install just puts everything where it's told
 UB_DIR=${DESTDIR}/bin
+DF_DIR=${DESTDIR}/default
 VB_DIR=${DESTDIR}/bin
 else
 # Target install puts things into different places
 UB_DIR=${DESTDIR}/usr/bin
+DF_DIR=${DESTDIR}/etc/default
 VB_DIR=${DESTDIR}/usr/share/vboot/bin
 endif
 
@@ -473,6 +479,8 @@
 CGPT_OBJS = ${CGPT_SRCS:%.c=${BUILD}/%.o}
 ALL_OBJS += ${CGPT_OBJS}
 
+# Utility defaults
+UTIL_DEFAULTS = ${BUILD}/default/vboot_reference
 
 # Scripts to install directly (not compiled)
 UTIL_SCRIPTS = \
@@ -505,7 +513,6 @@
 	utility/pad_digest_utility \
 	utility/signature_digest_utility \
 	utility/verify_data
-
 endif
 
 UTIL_BINS_STATIC := $(addprefix ${BUILD}/,${UTIL_NAMES_STATIC})
@@ -939,10 +946,12 @@
 	${Q}chmod a+rx $(patsubst %,${BUILD}/%,${UTIL_SCRIPTS})
 
 .PHONY: utils_install
-utils_install: ${UTIL_BINS} ${UTIL_SCRIPTS}
+utils_install: ${UTIL_BINS} ${UTIL_SCRIPTS} ${UTIL_DEFAULTS}
 	@$(PRINTF) "    INSTALL       UTILS\n"
 	${Q}mkdir -p ${UB_DIR}
 	${Q}${INSTALL} -t ${UB_DIR} ${UTIL_BINS} ${UTIL_SCRIPTS}
+	${Q}mkdir -p ${DF_DIR}
+	${Q}${INSTALL} -t ${DF_DIR} -m 'u=rw,go=r,a-s' ${UTIL_DEFAULTS}
 
 # And some signing stuff for the target
 .PHONY: signing_install
@@ -1057,6 +1066,16 @@
 # ----------------------------------------------------------------------------
 # Here are the special tweaks to the generic rules.
 
+# Always create the defaults file, since it depends on input variables
+.PHONY: ${UTIL_DEFAULTS}
+${UTIL_DEFAULTS}:
+	@$(PRINTF) "    CREATE        $(subst ${BUILD}/,,$@)\n"
+	${Q}rm -f $@
+	${Q}mkdir -p $(dir $@)
+	${Q}echo '# Generated file. Do not edit.' > $@.tmp
+	${Q}echo "DEV_DEBUG_FORCE=${DEV_DEBUG_FORCE}" >> $@.tmp
+	${Q}mv -f $@.tmp $@
+
 # Some utilities need external crypto functions
 CRYPTO_LIBS := $(shell ${PKG_CONFIG} --libs libcrypto)
 
diff --git a/utility/dev_debug_vboot b/utility/dev_debug_vboot
index 6e2724f..890bfe1 100755
--- a/utility/dev_debug_vboot
+++ b/utility/dev_debug_vboot
@@ -18,6 +18,7 @@
 
 OPT_CLEANUP=
 OPT_BIOS=
+OPT_FORCE=
 OPT_IMAGE=
 OPT_KERNEL=
 OPT_VERBOSE=
@@ -170,14 +171,19 @@
   true
 }
 
-
 ##############################################################################
 # Here we go...
 
 umask 022
 
+# defaults
+DEV_DEBUG_FORCE=
+
+# override them?
+[ -f /etc/default/vboot_reference ] && . /etc/default/vboot_reference
+
 # Pre-parse args to replace actual args with a sanitized version.
-TEMP=$(getopt -o hvb:i:k:c --long help,bios:,image:,kernel:,cleanup \
+TEMP=$(getopt -o hvb:i:k:cf --long help,bios:,image:,kernel:,cleanup,force \
        -n $0 -- "$@")
 eval set -- "$TEMP"
 
@@ -203,6 +209,10 @@
       OPT_CLEANUP=yes
       shift
       ;;
+    -f|--force)
+      OPT_FORCE=yes
+      shift
+      ;;
     -v)
       OPT_VERBOSE=yes
       shift
@@ -221,6 +231,7 @@
       ;;
   esac
 done
+
 if [ -z "${1:-}" ]; then
   TMPDIR=$(mktemp -d /tmp/debug_vboot_XXXXXXXXX)
 else
@@ -234,14 +245,21 @@
 cd ${TMPDIR} || exit 1
 echo "Running $0 $*" > "$LOGFILE"
 log date
+debug "DEV_DEBUG_FORCE=($DEV_DEBUG_FORCE)"
 debug "OPT_CLEANUP=($OPT_CLEANUP)"
 debug "OPT_BIOS=($OPT_BIOS)"
+debug "OPT_FORCE=($OPT_FORCE)"
 debug "OPT_IMAGE=($OPT_IMAGE)"
 debug "OPT_KERNEL=($OPT_KERNEL)"
 debug "FLAG_SAVE_LOG_FILE=($FLAG_SAVE_LOG_FILE)"
 echo "Saving verbose log as $LOGFILE"
 trap cleanup EXIT
 
+if [ -n "${DEV_DEBUG_FORCE}" ] && [ -z "${OPT_FORCE}" ]; then
+  info "Not gonna do anything without the --force option."
+  exit 0
+fi
+
 
 # Make sure we have the programs we need
 need="futility"
@@ -272,20 +290,23 @@
   log futility dump_fmap -x "${OPT_BIOS}"
   fix_old_names
 else
-  # Read it from the flash
-  if log flashrom -p host -r bios.rom ; then
-    # If we can read the whole BIOS at once, great.
-    log futility dump_fmap -x bios.rom
-    fix_old_names
-  else
-    # Otherwise pull just the components we want (implying new-style names)
-    info "  ...individually..."
-    log flashrom -p host -r /dev/null \
-      -i"GBB":GBB \
-      -i"VBLOCK_A":VBLOCK_A \
-      -i"VBLOCK_B":VBLOCK_B \
-      -i"FW_MAIN_A":FW_MAIN_A \
-      -i"FW_MAIN_B":FW_MAIN_B
+  # First try pulling just the components we want (using new-style names)
+  if log flashrom -p host -r /dev/null \
+    -i"GBB":GBB \
+    -i"FMAP":FMAP \
+    -i"VBLOCK_A":VBLOCK_A \
+    -i"VBLOCK_B":VBLOCK_B \
+    -i"FW_MAIN_A":FW_MAIN_A \
+    -i"FW_MAIN_B":FW_MAIN_B ; then
+      log futility dump_fmap FMAP
+    else
+      info "Couldn't read individual components. Read the whole thing..."
+      if log flashrom -p host -r bios.rom ; then
+        log futility dump_fmap -x bios.rom
+        fix_old_names
+      else
+        logdie "Can't read BIOS at all. Giving up."
+      fi
   fi
 fi