Chromium Code Reviews
chromiumcodereview-hr@appspot.gserviceaccount.com (chromiumcodereview-hr) | Please choose your nickname with Settings | Help | Chromium Project | Gerrit Changes | Sign out
(153)

Issues Search
    My Issues | Starred     Open | Closed | All

Side by Side Diff: scripts/image_signing/sign_official_build.sh

Issue 4424003: Add 'usb' option back to sign_official_build.sh script (Closed) Base URL: ssh://git@gitrw.chromium.org:9222/vboot_reference.git@master
Patch Set: Created 10 years, 1 month ago
Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.
Jump to:
View unified diff | Download patch | Annotate | Revision Log
« no previous file with comments | « no previous file | no next file » | no next file with comments »
Toggle Intra-line Diffs ('i') | Expand Comments ('e') | Collapse Comments ('c') | Show Comments Hide Comments ('s')
OLDNEW
1 #!/bin/bash 1 #!/bin/bash
2 2
3 # Copyright (c) 2010 The Chromium OS Authors. All rights reserved. 3 # Copyright (c) 2010 The Chromium OS Authors. All rights reserved.
4 # Use of this source code is governed by a BSD-style license that can be 4 # Use of this source code is governed by a BSD-style license that can be
5 # found in the LICENSE file. 5 # found in the LICENSE file.
6 6
7 # Sign the final build image using the "official" keys. 7 # Sign the final build image using the "official" keys.
8 # 8 #
9 # Prerequisite tools needed in the system path: 9 # Prerequisite tools needed in the system path:
10 # 10 #
(...skipping 10 matching lines...) Expand all
21 . "$(dirname "$0")/common.sh" 21 . "$(dirname "$0")/common.sh"
22 22
23 # Print usage string 23 # Print usage string
24 usage() { 24 usage() {
25 cat <<EOF 25 cat <<EOF
26 Usage: $PROG <type> input_image /path/to/keys/dir [output_image] 26 Usage: $PROG <type> input_image /path/to/keys/dir [output_image]
27 where <type> is one of: 27 where <type> is one of:
28 ssd (sign an SSD image) 28 ssd (sign an SSD image)
29 recovery (sign a USB recovery image) 29 recovery (sign a USB recovery image)
30 install (sign a factory install image) 30 install (sign a factory install image)
31 usb (sign an image to boot directly from USB)
31 verify (verify an image including rootfs hashes) 32 verify (verify an image including rootfs hashes)
32 33
33 If you are signing an image, you must specify an [output_image]. 34 If you are signing an image, you must specify an [output_image].
34 EOF 35 EOF
35 } 36 }
36 37
37 if [ $# -ne 3 ] && [ $# -ne 4 ]; then 38 if [ $# -ne 3 ] && [ $# -ne 4 ]; then
38 usage 39 usage
39 exit 1 40 exit 1
40 fi 41 fi
(...skipping 268 matching lines...) Expand 10 before | Expand all | Expand 10 after
309 } 310 }
310 311
311 # Generate the SSD image 312 # Generate the SSD image
312 sign_for_ssd() { 313 sign_for_ssd() {
313 ${SCRIPT_DIR}/resign_image.sh ${INPUT_IMAGE} ${OUTPUT_IMAGE} \ 314 ${SCRIPT_DIR}/resign_image.sh ${INPUT_IMAGE} ${OUTPUT_IMAGE} \
314 ${KEY_DIR}/kernel_data_key.vbprivk \ 315 ${KEY_DIR}/kernel_data_key.vbprivk \
315 ${KEY_DIR}/kernel.keyblock 316 ${KEY_DIR}/kernel.keyblock
316 echo "Signed SSD image output to ${OUTPUT_IMAGE}" 317 echo "Signed SSD image output to ${OUTPUT_IMAGE}"
317 } 318 }
318 319
320 # Generate the USB image (direct boot)
321 sign_for_usb() {
322 ${SCRIPT_DIR}/resign_image.sh ${INPUT_IMAGE} ${OUTPUT_IMAGE} \
323 ${KEY_DIR}/recovery_kernel_data_key.vbprivk \
324 ${KEY_DIR}/recovery_kernel.keyblock
325 echo "Signed USB image output to ${OUTPUT_IMAGE}"
326 }
327
319 # Generate the USB (recovery + install) image 328 # Generate the USB (recovery + install) image
320 sign_for_recovery() { 329 sign_for_recovery() {
321 # Update the Kernel B hash in Kernel A command line 330 # Update the Kernel B hash in Kernel A command line
322 temp_kimageb=$(make_temp_file) 331 temp_kimageb=$(make_temp_file)
323 extract_image_partition ${INPUT_IMAGE} 4 ${temp_kimageb} 332 extract_image_partition ${INPUT_IMAGE} 4 ${temp_kimageb}
324 local kern_a_config=$(grab_kernel_config "${INPUT_IMAGE}" 2) 333 local kern_a_config=$(grab_kernel_config "${INPUT_IMAGE}" 2)
325 local kern_b_hash=$(sha1sum ${temp_kimageb} | cut -f1 -d' ') 334 local kern_b_hash=$(sha1sum ${temp_kimageb} | cut -f1 -d' ')
326 335
327 temp_configa=$(make_temp_file) 336 temp_configa=$(make_temp_file)
328 echo "$kern_a_config" | 337 echo "$kern_a_config" |
(...skipping 55 matching lines...) Expand 10 before | Expand all | Expand 10 after
384 fi 393 fi
385 394
386 395
387 if [ "${TYPE}" == "ssd" ]; then 396 if [ "${TYPE}" == "ssd" ]; then
388 resign_firmware_payload ${INPUT_IMAGE} 397 resign_firmware_payload ${INPUT_IMAGE}
389 update_rootfs_hash ${INPUT_IMAGE} \ 398 update_rootfs_hash ${INPUT_IMAGE} \
390 ${KEY_DIR}/kernel.keyblock \ 399 ${KEY_DIR}/kernel.keyblock \
391 ${KEY_DIR}/kernel_data_key.vbprivk \ 400 ${KEY_DIR}/kernel_data_key.vbprivk \
392 2 401 2
393 sign_for_ssd 402 sign_for_ssd
403 elif [ "${TYPE}" == "usb" ]; then
404 resign_firmware_payload ${INPUT_IMAGE}
405 update_rootfs_hash ${INPUT_IMAGE} \
406 ${KEY_DIR}/recovery_kernel.keyblock \
407 ${KEY_DIR}/recovery_kernel_data_key.vbprivk \
408 2
409 sign_for_usb
394 elif [ "${TYPE}" == "recovery" ]; then 410 elif [ "${TYPE}" == "recovery" ]; then
395 resign_firmware_payload ${INPUT_IMAGE} 411 resign_firmware_payload ${INPUT_IMAGE}
396 # Both kernel command lines must have the correct rootfs hash 412 # Both kernel command lines must have the correct rootfs hash
397 update_rootfs_hash ${INPUT_IMAGE} \ 413 update_rootfs_hash ${INPUT_IMAGE} \
398 ${KEY_DIR}/recovery_kernel.keyblock \ 414 ${KEY_DIR}/recovery_kernel.keyblock \
399 ${KEY_DIR}/recovery_kernel_data_key.vbprivk \ 415 ${KEY_DIR}/recovery_kernel_data_key.vbprivk \
400 4 416 4
401 update_rootfs_hash ${INPUT_IMAGE} \ 417 update_rootfs_hash ${INPUT_IMAGE} \
402 ${KEY_DIR}/recovery_kernel.keyblock \ 418 ${KEY_DIR}/recovery_kernel.keyblock \
403 ${KEY_DIR}/recovery_kernel_data_key.vbprivk \ 419 ${KEY_DIR}/recovery_kernel_data_key.vbprivk \
404 2 420 2
405 sign_for_recovery 421 sign_for_recovery
406 elif [ "${TYPE}" == "install" ]; then 422 elif [ "${TYPE}" == "install" ]; then
407 resign_firmware_payload ${INPUT_IMAGE} 423 resign_firmware_payload ${INPUT_IMAGE}
408 update_rootfs_hash ${INPUT_IMAGE} \ 424 update_rootfs_hash ${INPUT_IMAGE} \
409 ${KEY_DIR}/installer_kernel.keyblock \ 425 ${KEY_DIR}/installer_kernel.keyblock \
410 ${KEY_DIR}/recovery_kernel_data_key.vbprivk \ 426 ${KEY_DIR}/recovery_kernel_data_key.vbprivk \
411 2 427 2
412 sign_for_factory_install 428 sign_for_factory_install
413 else 429 else
414 echo "Invalid type ${TYPE}" 430 echo "Invalid type ${TYPE}"
415 exit 1 431 exit 1
416 fi 432 fi
OLDNEW
« no previous file with comments | « no previous file | no next file » | no next file with comments »

Powered by Google App Engine
This is Rietveld 408576698