This reverts commit f482470b72.
The original change is the suspected root cause of chromium:606738.
TEST=signing_unittests.py in cros-signing passes (with updated
vboot_stable_hash).
BUG=chromium:606738
BRANCH=None
Change-Id: I21ea027bbda123ee26c6deb4437b07d2fc6e8575
Reviewed-on: https://chromium-review.googlesource.com/340895
Commit-Ready: Amey Deshpande <ameyd@google.com>
Tested-by: Amey Deshpande <ameyd@google.com>
Reviewed-by: Amey Deshpande <ameyd@google.com>
Often the partitions we extract have extra space in them, but the dd
utility will still write out the excess zeros. That can mean we write
out hundreds of megs of data which could otherwise be skipped. We thus
waste a good amount of I/O and storage.
For now, only use this flag when extracting a partition to a new file
as this should be safe (there's no pre-existing data to clobber/merge).
Now that the signers have been upgraded to Trusty, we can land this.
BUG=chromium:530730
TEST=`./signing_unittests.py` passes
BRANCH=None
Change-Id: I275973ebfc028c15a8d1ef33dd9b3dcf6ca726a2
Reviewed-on: https://chromium-review.googlesource.com/306420
Commit-Ready: Mike Frysinger <vapier@chromium.org>
Tested-by: Mike Frysinger <vapier@chromium.org>
Reviewed-by: Amey Deshpande <ameyd@google.com>
This reverts commit 82dec09bd5.
This flag doesn't exist on Ubuntu Precise which is what the signers
are running atm. Until we get them upgraded to Trusty, back this
change out.
BUG=chromium:530730
TEST=`./signing_unittests.py` passes
BRANCH=None
Change-Id: I9ba508c1531dbb169fd020d06ab102f6576b7342
Reviewed-on: https://chromium-review.googlesource.com/306310
Commit-Ready: Mike Frysinger <vapier@chromium.org>
Tested-by: Mike Frysinger <vapier@chromium.org>
Reviewed-by: Amey Deshpande <ameyd@google.com>
Specifically, this patch updates 'root_hexdigest' in legacy bootloader
templates in EFI system partition to match the signed rootfs.
BRANCH=None
BUG=chromium:512940
TEST=Ran sign_official_build.sh locally and booted the image on kvm
(using BIOS).
TEST=Ran signing_unittests.py by locally changing vboot_stable_hash to
include this patch.
$ ./sign_official_build.sh base chromiumos_base_image.bin \
../../tests/devkeys chromiumos_base_image_signed.bin
Change-Id: Ied021c4464b113a64508f5081605069bdcecbc1f
Reviewed-on: https://chromium-review.googlesource.com/301742
Commit-Ready: Amey Deshpande <ameyd@google.com>
Tested-by: Amey Deshpande <ameyd@google.com>
Reviewed-by: Mike Frysinger <vapier@chromium.org>
Often the partitions we extract have extra space in them, but the dd
utility will still write out the excess zeros. That can mean we write
out hundreds of megs of data which could otherwise be skipped. We thus
waste a good amount of I/O and storage.
For now, only use this flag when extracting a partition to a new file
as this should be safe (there's no pre-existing data to clobber/merge).
BUG=chromium:530730
TEST=`./signing_unittests.py` passes
BRANCH=None
Change-Id: Ic32665cf7c38fc0a5efc3f8b227fa8ff408ca9e3
Reviewed-on: https://chromium-review.googlesource.com/299450
Commit-Ready: Mike Frysinger <vapier@chromium.org>
Tested-by: Mike Frysinger <vapier@chromium.org>
Reviewed-by: David Riley <davidriley@chromium.org>
There's no need to give execute permissions to files that aren't supposed to
executed.
BUG=none
BRANCH=none
TEST=manual
make runtests
Change-Id: I2480b97b39124e98c2f639d56be54cadfdc17f9b
Signed-off-by: Bill Richardson <wfrichar@chromium.org>
Reviewed-on: https://gerrit.chromium.org/gerrit/42648
Reviewed-by: Randall Spangler <rspangler@chromium.org>
The retry logic has brought down the number of flakes significantly (from
multiple errors a day to ~one every other day). But let's up the retry
count, and have it sleep longer after each failure, so hopefully we can
bring down the flake count even further.
BUG=chrome-os-partner:8156
TEST=`./signing_poller.py -s` signs local images fine
Change-Id: I98bc947836514d8b931568f87f7f9a373f771b79
Reviewed-on: https://gerrit.chromium.org/gerrit/21468
Reviewed-by: Gaurav Shah <gauravsh@chromium.org>
Tested-by: Mike Frysinger <vapier@chromium.org>
Commit-Ready: Mike Frysinger <vapier@chromium.org>
The kernels we are running the signers on flake out from time to time
when mounting the loop back images. Have the mount code detect this
edge case and automatically retry when the flake hits.
BUG=chrome-os-partner:8156
TEST=`./signing_poller.py -s` signs local images fine
Change-Id: Iaa08445904aa26f0aa7240504f6c7a96e6ef3bbb
Reviewed-on: https://gerrit.chromium.org/gerrit/21055
Reviewed-by: Gaurav Shah <gauravsh@chromium.org>
Commit-Ready: Mike Frysinger <vapier@chromium.org>
Tested-by: Mike Frysinger <vapier@chromium.org>
Investigations in crosbug.com/26483 revealed a bug in loop device handling
if 'umount -d' was called on loop devices mounted using 'mount -o loop'.
This CL changes all invocations of umount to remove the -d option since they
are always in the context of a loop device creating using -o loop.
BUG=chrome-os-partner:8156
TEST=none
Change-Id: I96f30664c3f9148d3b57d430002512d8e94b66bc
Reviewed-on: https://gerrit.chromium.org/gerrit/19858
Reviewed-by: David James <davidjames@chromium.org>
Commit-Ready: Gaurav Shah <gauravsh@chromium.org>
Tested-by: Gaurav Shah <gauravsh@chromium.org>
BUG=chromium-os:17138
TEST=tested changes on vm8-m2, was able to successfully run au-generate.py
and it used the cgpt binary from au-generate.zip
Change-Id: Ia57f1be4b0d669cad430e51977cce6e26d704320
Reviewed-on: http://gerrit.chromium.org/gerrit/7796
Reviewed-by: Gaurav Shah <gauravsh@chromium.org>
Reviewed-by: Eric Blake <eblake@chromium.org>
Tested-by: Eric Blake <eblake@chromium.org>
This avoids the need to read the vblock off the stateful partition to
re-construct the right SSD install kernel. The recovery installer can
also perform its verification checks (e.g. rollback to old version)
by directly reading kernel partition B instead of re-constructing it by
mounting the stateful partition.
We still copy the SSD vblock on the stateful for tools that still use
them (by overwriting the SSD kernel vblock). That operation is basically a
no-op now. This unnecessary step will be removed from the tools as part of
separate CLs.
BUG=chromium-os:8378, chrome-os-partner:3309
TEST=signed a new recovery image, made sure it installs
Change-Id: Ic4308fba1355f67a3b2821ae7e8d438bf658b0d1
Reviewed-on: http://gerrit.chromium.org/gerrit/1648
Tested-by: Gaurav Shah <gauravsh@chromium.org>
Reviewed-by: Will Drewry <wad@chromium.org>
Change-Id: I044331dc3558a4f7428b75fe43ef739498d65803
BUG=chromium-os:10836
TEST=scripts that use common.sh seem to work, would appreciate help in testing Chrome OS client scripts!
Review URL: http://codereview.chromium.org/6294002
