Firmware release procedures

From OLPC
Revision as of 06:12, 12 November 2006 by Dwmw2 (talk | contribs)
Jump to navigation Jump to search

Release procedure

Here is a draft of a BIOS release procedure.

Stage one: EC:

  • Quanta e-mails EC release and changelog to the OLPC BIOS contact, signed and encrypted with PGP
    • see notes below
  • Quanta and OLPC test this version of EC

Stage two: Buildrom:

  • Pull EC release from http://dev.laptop.org/pub/ec/, check hashes
  • Update buildrom changelog and tag for release
  • Update SPI flash version string in buildrom binary
  • Create buildrom SRPM
  • Build two flavors of binary RPM for the two RAM variants

Stage three: Testing:

  • announce build to BIOS team and Ray, release candidate testing begins
  • test on a 256M board
  • install the binary RPMs on Tinderbox machines
  • >12 hours of burn-in warm reboot testing on Tinderbox
  • cold boot tests
    • we need a cold boot solution; X10 doesn't seem to like the power at OLPC
  • After automated tests, send "Who has tested?" mail asking for problem reports
  • Release after twelve hours if no problem reports

Stage four: Release:

  • Release builds kept in a separate directory
  • Update the version number in LB from release candidate to final
  • Announce new build and hashes to devel-boards@ (requires moderation).

Using PGP for EC code

For first release only: This is already done

Download and install GPG4Win from http://www.gpg4win.org/download.html

Create a PGP key and get dwmw2 to sign it to verify that it is Quanta's.

For subsequent releases

Right-click on the EC binary and select the option to create a "detached signature", in plain text. It should create a separate file like 'ECv21.bin.asc', which looks something like this:

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.5 (MingW32)

iD8DBQBFTxvGmfQ2bFM/BesRAoKzAJ0RNczipB+pul5sEUR+wCYIQvt+/wCguqrV
5GRPVDpdH155fwsDwnu7B4M=
=URby
-----END PGP SIGNATURE-----

Send the EC binary as you normally would, and _also_ attach the separate signature file which is used to verify the binary. There is no need to send another copy of the key itself (0x533F05EB.asc), because we already have that.

Send the EC binary and signature (2 attachments) to software-team@laptop.org