image_signing: Fix loem.ini pattern for unibuilds

The grep pattern was too lenient and allowed for matches with the same shared root key id. E.g. NASHER also matched NASHER360 This changes the pattern to match exactly to the end of the line. BUG=b:65284008 TEST=grep -E "[0-9]+ = NASHER$" ~/tmp/loem.ini with actual loem.ini that will exist on the signers BRANCH=None Change-Id: I80a870cd512825d30c7a39e4ac6f3cffc9ea808d Reviewed-on: https://chromium-review.googlesource.com/647800 Commit-Ready: C Shapiro <shapiroc@google.com> Tested-by: C Shapiro <shapiroc@google.com> Reviewed-by: Aaron Durbin <adurbin@chromium.org> Reviewed-by: YH Lin <yueherngl@chromium.org>
2025-12-07 16:35:44 +00:00 · 2017-09-01 09:20:19 -06:00
parent 96a0ead803
commit 3f3a496a23
1 changed files with 1 additions and 1 deletions
--- a/scripts/image_signing/sign_official_build.sh
+++ b/scripts/image_signing/sign_official_build.sh
@@ -585,7 +585,7 @@ resign_firmware_payload() {
        # This is what updater4.sh currently uses to make the decision.
        if [[ -e "${KEY_DIR}/loem.ini" ]]; then
          # loem.ini has the format KEY_ID_VALUE = KEY_INDEX
-          local match="$(grep -E "[0-9]+ = ${key_id}" "${KEY_DIR}/loem.ini")"
+          local match="$(grep -E "[0-9]+ = ${key_id}$" "${KEY_DIR}/loem.ini")"
          local key_index="$(echo "${match}" | cut -d ' ' -f 1)"
          info "Detected key index from loem.ini as ${key_index} for ${key_id}"
          if [[ -z "${key_index}" ]]; then