Firmware release procedures: Difference between revisions
Jump to navigation
Jump to search
No edit summary |
No edit summary |
||
Line 55: | Line 55: | ||
Send the EC binary as you normally would, and _also_ attach the separate signature file which is used to verify the binary. |
Send the EC binary as you normally would, and _also_ attach the separate signature file which is used to verify the binary. |
||
There is no need to send another copy of the key itself (0x533F05EB.asc), because we already have that. |
|||
Send the EC binary and signature (2 attachments) to software-team@laptop.org |
Revision as of 06:12, 12 November 2006
Release procedure
Here is a draft of a BIOS release procedure.
Stage one: EC:
- Quanta e-mails EC release and changelog to the OLPC BIOS contact, signed and encrypted with PGP
- see notes below
- Quanta and OLPC test this version of EC
Stage two: Buildrom:
- Pull EC release from http://dev.laptop.org/pub/ec/, check hashes
- Update buildrom changelog and tag for release
- Update SPI flash version string in buildrom binary
- Create buildrom SRPM
- Build two flavors of binary RPM for the two RAM variants
Stage three: Testing:
- announce build to BIOS team and Ray, release candidate testing begins
- test on a 256M board
- install the binary RPMs on Tinderbox machines
- >12 hours of burn-in warm reboot testing on Tinderbox
- cold boot tests
- we need a cold boot solution; X10 doesn't seem to like the power at OLPC
- After automated tests, send "Who has tested?" mail asking for problem reports
- Release after twelve hours if no problem reports
Stage four: Release:
- Release builds kept in a separate directory
- Update the version number in LB from release candidate to final
- Announce new build and hashes to devel-boards@ (requires moderation).
Using PGP for EC code
For first release only: This is already done
Download and install GPG4Win from http://www.gpg4win.org/download.html
Create a PGP key and get dwmw2 to sign it to verify that it is Quanta's.
For subsequent releases
Right-click on the EC binary and select the option to create a "detached signature", in plain text. It should create a separate file like 'ECv21.bin.asc', which looks something like this:
-----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.5 (MingW32) iD8DBQBFTxvGmfQ2bFM/BesRAoKzAJ0RNczipB+pul5sEUR+wCYIQvt+/wCguqrV 5GRPVDpdH155fwsDwnu7B4M= =URby -----END PGP SIGNATURE-----
Send the EC binary as you normally would, and _also_ attach the separate signature file which is used to verify the binary. There is no need to send another copy of the key itself (0x533F05EB.asc), because we already have that.
Send the EC binary and signature (2 attachments) to software-team@laptop.org