scottk/OpenCellular
1
0
Fork 0
mirror of https://github.com/Telecominfraproject/OpenCellular.git synced 2025-11-24 02:05:01 +00:00
Code Issues Packages Projects Releases Wiki Activity

sign_official_build: Support old images without kernel in partition 4.

Browse Source 
Old images don't put kernel on partition 4 and rely on vblock for installation.
The signer script has to support both old and new images, by testing if kernel
partition has valid data.

BRANCH=signer
BUG=chromium:449450
TEST=(get old image without kernel blob on partition 4)
     sign_official_build.sh usb image.bin ../../tests/devkeys signed.bin \
     ../../tests/devkeys/key.versions

Change-Id: I92542ffb162660d86c30d9598fe1ca59ff69afe4
Signed-off-by: Hung-Te Lin <hungte@chromium.org>
Reviewed-on: https://chromium-review.googlesource.com/243874
Reviewed-by: Mike Frysinger <vapier@chromium.org>
This commit is contained in:
Hung-Te Lin
2015-01-28 18:47:03 +08:00
committed by ChromeOS Commit Bot
parent 4083725867
commit b6ebb1ab1c
1 changed files with 25 additions and 6 deletions
Download Patch File Download Diff File Expand all files Collapse all files

29
scripts/image_signing/sign_official_build.sh
View File

@@ -302,9 +302,17 @@ update_rootfs_hash() {
local kernelpart=
local keyblock=
local priv_key=
local new_kernel_config=
for kernelpart in 2 4; do
local new_kernel_config="$(grab_kernel_config "${image}" "${kernelpart}" |
if ! new_kernel_config="$(
grab_kernel_config "${image}" "${kernelpart}" 2>/dev/null)" &&
[[ "${kernelpart}" == 4 ]]; then
# Legacy images don't have partition 4.
echo "Skipping empty kernel partition 4 (legacy images)."
continue
fi
new_kernel_config="$(echo "${new_kernel_config}" |
sed -e 's#\(.*dm="\)\([^"]*\)\(".*\)'"#\1${dm_args}\3#g")"
echo "New config for kernel partition ${kernelpart} is:"
echo "${new_kernel_config}" | tee "${temp_config}"
@@ -329,15 +337,26 @@ update_rootfs_hash() {
# Update the SSD install-able vblock file on stateful partition.
# ARGS: Image
# This is deprecated because all new images should have a SSD boot-able kernel in
# partition 4.
# TODO(hungte) crbug.com/403031: Remove this when no one is still using it.
# This is deprecated because all new images should have a SSD boot-able kernel
# in partition 4. However, the signer needs to be able to sign new & old images
# (crbug.com/449450#c13) so we will probably never remove this.
update_stateful_partition_vblock() {
local image="$1"
local kernb_image="$(make_temp_file)"
local temp_out_vb="$(make_temp_file)"
extract_image_partition "${image}" 4 "${kernb_image}"
vbutil_kernel --verify "${kernb_image}" --keyblock "${temp_out_vb}"
if [[ "$(dump_kernel_config "${kernb_image}" 2>/dev/null)" == "" ]]; then
echo "Building vmlinuz_hd.vblock from legacy image partition 2."
extract_image_partition "${image}" 2 "${kernb_image}"
fi
# vblock should always use kernel keyblock.
vbutil_kernel --repack "${temp_out_vb}" \
--keyblock "${KEY_DIR}/kernel.keyblock" \
--signprivate "${KEY_DIR}/kernel_data_key.vbprivk" \
--oldblob "${kernb_image}" \
--vblockonly
# Copy the installer vblock to the stateful partition.
local stateful_dir=$(make_temp_dir)