Firmware release procedures

From OLPC
Jump to navigation Jump to search
  english | 한국어 HowTo [ID# 86932]  +/-  


Release procedure

Here is a draft of a BIOS release procedure.

Stage one: EC:

  • Quanta e-mails EC release and changelog to the OLPC BIOS contact, signed and encrypted with PGP
    • see notes below
  • Quanta and OLPC test this version of EC

Stage two: Buildrom:

  • Pull EC release from http://dev.laptop.org/pub/ec/, check hashes
  • Update buildrom changelog and tag for release
  • Update SPI flash version string in buildrom binary
  • Create buildrom SRPM
  • Build two flavors of binary RPM for the two RAM variants

Stage three: Testing:

  • announce build to BIOS team and Ray, release candidate testing begins
  • test on a 256M board
  • install the binary RPMs on Tinderbox machines
  • >12 hours of burn-in warm reboot testing on Tinderbox
  • cold boot tests
    • we need a cold boot solution; X10 doesn't seem to like the power at OLPC
  • After automated tests, send "Who has tested?" mail asking for problem reports
  • Release after twelve hours if no problem reports

Stage four: Release:

  • Sign the firmware
  • Release builds kept in a separate directory
  • Update the version number from release candidate to final
  • Repackage signed copy for the build, and submit to joyride and active stable branches.

Using PGP for EC code

For first release only: This is already done

Download and install GPG4Win from http://www.gpg4win.org/download.html

Create a PGP key and get dwmw2 to sign it to verify that it is Quanta's.

For subsequent releases

Right-click on the EC binary and select the option to create a "detached signature", in plain text. It should create a separate file like 'ECv21.bin.asc', which looks something like this:

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.5 (MingW32)

iD8DBQBFTxvGmfQ2bFM/BesRAoKzAJ0RNczipB pul5sEUR wCYIQvt /wCguqrV
5GRPVDpdH155fwsDwnu7B4M=
=URby
-----END PGP SIGNATURE-----

Send the EC binary as you normally would, and _also_ attach the separate signature file which is used to verify the binary. There is no need to send another copy of the key itself (0x533F05EB.asc), because we already have that.

Send the EC binary and signature (2 attachments) to software-team@laptop.org