scripts/image_signing/common.sh - Issue 5878005: Check in tofactory script.

Side by Side Diff: scripts/image_signing/common.sh

Issue 5878005: Check in tofactory script. (Closed) Base URL: ssh://git@gitrw.chromium.org:9222/vboot_reference.git@master

Patch Set: Remove trailing whitespace Created 10 years ago

Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.

Jump to:

View unified diff | Download patch | Annotate | Revision Log

OLD	NEW
1 #!/bin/bash	1 #!/bin/bash

2	2

3 # Copyright (c) 2010 The Chromium OS Authors. All rights reserved.	3 # Copyright (c) 2010 The Chromium OS Authors. All rights reserved.

4 # Use of this source code is governed by a BSD-style license that can be	4 # Use of this source code is governed by a BSD-style license that can be

5 # found in the LICENSE file.	5 # found in the LICENSE file.

6	6

	7 # Globals

	8 # ----------------------------------------------------------------------------

	9

7 # Determine script directory	10 # Determine script directory

8 SCRIPT_DIR=$(dirname $0)	11 SCRIPT_DIR=$(dirname $0)

9 PROG=$(basename $0)	12 PROG=$(basename $0)

10 GPT=cgpt	13 GPT=cgpt

11	14

12 # The tag when the rootfs is changed.	15 # The tag when the rootfs is changed.

13 TAG_NEEDS_TO_BE_SIGNED="/root/.need_to_be_signed"	16 TAG_NEEDS_TO_BE_SIGNED="/root/.need_to_be_signed"

14	17

	18 # List of Temporary files and mount points.

	19 TEMP_FILE_LIST=$(mktemp)

	20 TEMP_DIR_LIST=$(mktemp)

	21

	22 # Functions

	23 # ----------------------------------------------------------------------------

	24

15 # Finds and loads the 'shflags' library, or return as failed.	25 # Finds and loads the 'shflags' library, or return as failed.

16 load_shflags() {	26 load_shflags() {

17 # Load shflags	27 # Load shflags

18 if [ -f /usr/lib/shflags ]; then	28 if [ -f /usr/lib/shflags ]; then

19 . /usr/lib/shflags	29 . /usr/lib/shflags

20 elif [ -f "${SCRIPT_DIR}/shflags" ]; then	30 elif [ -f "${SCRIPT_DIR}/shflags" ]; then

21 . "${SCRIPT_DIR}/shflags"	31 . "${SCRIPT_DIR}/shflags"

22 elif [ -f "${SCRIPT_DIR}/lib/shflags/shflags" ]; then	32 elif [ -f "${SCRIPT_DIR}/lib/shflags/shflags" ]; then

23 . "${SCRIPT_DIR}/lib/shflags/shflags"	33 . "${SCRIPT_DIR}/lib/shflags/shflags"

24 else	34 else

25 echo "ERROR: Cannot find the required shflags library."	35 echo "ERROR: Cannot find the required shflags library."

26 return 1	36 return 1

27 fi	37 fi

	38

	39 # Add debug option for debug output below

	40 DEFINE_boolean debug $FLAGS_FALSE "Provide debug messages" "d"

28 }	41 }

29	42

30 # List of Temporary files and mount points.	43 # Functions for debug output

31 TEMP_FILE_LIST=$(mktemp)	44 # ----------------------------------------------------------------------------

32 TEMP_DIR_LIST=$(mktemp)	45

	46 # Reports error message and exit(1)

	47 # Args: error message

	48 err_die() {

	49 echo "ERROR: $*" 1>&2

	50 exit 1

	51 }

	52

	53 # Returns true if we're running in debug mode

	54 is_debug_mode() {

	55 [ "$FLAGS_debug" = $FLAGS_TRUE ]
	gauravsh 2010/12/17 01:24:37 This and the debug_msg below were intentionally no This and the debug_msg below were intentionally not moved to common.sh earlier since they are shflags specific. My suggestion would be to either move it back or make is_debug_mode dependent on another global defined in common.sh that must be set to value of FLAGS_debug in any script that uses shflags is (as in make_dev_ssd or the script you just added). Randall Spangler 2010/12/21 22:52:35 I've added a default value for the check so that i Show quoted text On 2010/12/17 01:24:37, gauravsh wrote: > This and the debug_msg below were intentionally not moved to common.sh earlier > since they are shflags specific. > > My suggestion would be to either move it back or make is_debug_mode dependent on > another global defined in common.sh that must be set to value of FLAGS_debug in > any script that uses shflags is (as in make_dev_ssd or the script you just > added). I've added a default value for the check so that it will default to false if neither FLAGS_debug nor FLAGS_TRUE are defined. This way it'll work if the caller doesn't call load_shflags(). If the caller doesn't use shflags but wants to use debug_msg, all the caller needs to do is define FLAGS_TRUE and FLAGS_debug.
	56 }

	57

	58 # Prints messages (in parameters) in debug mode

	59 # Args: debug message

	60 debug_msg() {

	61 if is_debug_mode; then

	62 echo "DEBUG: $*" 1>&2

	63 fi

	64 }

	65

	66 # Functions for temporary files and directories

	67 # ----------------------------------------------------------------------------

	68

	69 # Create a new temporary file and return its name.

	70 # File is automatically cleaned when cleanup_temps_and_mounts() is called.

	71 make_temp_file() {

	72 local tempfile=$(mktemp)

	73 echo "$tempfile" >> $TEMP_FILE_LIST

	74 echo $tempfile

	75 }

	76

	77 # Create a new temporary directory and return its name.

	78 # Directory is automatically deleted and any filesystem mounted on it unmounted

	79 # when cleanup_temps_and_mounts() is called.

	80 make_temp_dir() {

	81 local tempdir=$(mktemp -d)

	82 echo "$tempdir" >> $TEMP_DIR_LIST

	83 echo $tempdir

	84 }

	85

	86 cleanup_temps_and_mounts() {

	87 for i in "$(cat $TEMP_FILE_LIST)"; do
	Bill Richardson 2010/12/17 01:10:53 No quotes here. "${cat file}" will return the cont No quotes here. "${cat file}" will return the contents of the file as a single long string. gauravsh 2010/12/17 01:24:37 Please, if you make this change as Bill suggested, Show quoted text On 2010/12/17 01:10:53, Bill Richardson wrote: > No quotes here. "${cat file}" will return the contents of the file as a single > long string. Please, if you make this change as Bill suggested, make sure you test that this does not break sign_official_build.sh and other scripts. Bash quoting is somewhat confusing - and I may have added the extra quotes because something wasn't working as expected. Randall Spangler 2010/12/21 22:52:35 I did some experimentation; the quotes will indeed Show quoted text On 2010/12/17 01:24:37, gauravsh wrote: > On 2010/12/17 01:10:53, Bill Richardson wrote: > > No quotes here. "${cat file}" will return the contents of the file as a single > > long string. > > Please, if you make this change as Bill suggested, make sure you test that this > does not break sign_official_build.sh and other scripts. Bash quoting is > somewhat confusing - and I may have added the extra quotes because something > wasn't working as expected. I did some experimentation; the quotes will indeed mess things up. rrs@a5:~/b/tmp$ for i in $(echo 1 2 3); do echo $i; done 1 2 3 rrs@a5:~/b/tmp$ for i in "$(echo 1 2 3)"; do echo $i; done 1 2 3 gauravsh 2010/12/22 23:04:02 ahh, ok. good to know. thanks! :) Show quoted text On 2010/12/21 22:52:35, Randall Spangler wrote: > On 2010/12/17 01:24:37, gauravsh wrote: > > On 2010/12/17 01:10:53, Bill Richardson wrote: > > > No quotes here. "${cat file}" will return the contents of the file as a > single > > > long string. > > > > Please, if you make this change as Bill suggested, make sure you test that > this > > does not break sign_official_build.sh and other scripts. Bash quoting is > > somewhat confusing - and I may have added the extra quotes because something > > wasn't working as expected. > > I did some experimentation; the quotes will indeed mess things up. > > > rrs@a5:~/b/tmp$ for i in $(echo 1 2 3); do echo $i; done > 1 > 2 > 3 > rrs@a5:~/b/tmp$ for i in "$(echo 1 2 3)"; do echo $i; done > 1 2 3 ahh, ok. good to know. thanks! :)
	88 rm -f $i
	Randall Spangler 2010/12/21 22:52:35 Note that since $i is used UNquoted here, and you Note that since $i is used UNquoted here, and you can specify multiple files to rm, this undoes the damage from the previous extra quotes...
	89 done

	90 set +e # umount may fail for unmounted directories

	91 for i in "$(cat $TEMP_DIR_LIST)"; do
	Bill Richardson 2010/12/17 01:10:53 No quotes here, either. No quotes here, either.
	92 if [ -n "$i" ]; then

	93 if has_needs_to_be_resigned_tag "$i"; then
	Randall Spangler 2010/12/21 22:52:35 If there's more than one temp dir, this check will If there's more than one temp dir, this check will return false, so the warning won't show up.
	94 echo "Warning: image may be modified. Please resign image."

	95 fi

	96 sudo umount -d $i 2>/dev/null
	Randall Spangler 2010/12/21 22:52:35 This still works just like line 88, because umount This still works just like line 88, because umount can also take multiple mount points on one command line.
	97 rm -rf $i

	98 fi

	99 done

	100 set -e

	101 rm -rf $TEMP_DIR_LIST $TEMP_FILE_LIST

	102 }

	103

	104 trap "cleanup_temps_and_mounts" EXIT

	105

	106 # Functions for partition management

	107 # ----------------------------------------------------------------------------

33	108

34 # Read GPT table to find the starting location of a specific partition.	109 # Read GPT table to find the starting location of a specific partition.

35 # Args: DEVICE PARTNUM	110 # Args: DEVICE PARTNUM

36 # Returns: offset (in sectors) of partition PARTNUM	111 # Returns: offset (in sectors) of partition PARTNUM

37 partoffset() {	112 partoffset() {

38 sudo $GPT show -b -i $2 $1	113 sudo $GPT show -b -i $2 $1

39 }	114 }

40	115

41 # Read GPT table to find the size of a specific partition.	116 # Read GPT table to find the size of a specific partition.

42 # Args: DEVICE PARTNUM	117 # Args: DEVICE PARTNUM

(...skipping 66 matching lines...) Expand 10 before \| Expand all \| Expand 10 after Loading...
109 # Args: IMAGE PARTNUM INPUTFILE	184 # Args: IMAGE PARTNUM INPUTFILE

110 replace_image_partition() {	185 replace_image_partition() {

111 local image=$1	186 local image=$1

112 local partnum=$2	187 local partnum=$2

113 local input_file=$3	188 local input_file=$3

114 local offset=$(partoffset "$image" "$partnum")	189 local offset=$(partoffset "$image" "$partnum")

115 local size=$(partsize "$image" "$partnum")	190 local size=$(partsize "$image" "$partnum")

116 dd if=$input_file of=$image bs=512 seek=$offset count=$size conv=notrunc	191 dd if=$input_file of=$image bs=512 seek=$offset count=$size conv=notrunc

117 }	192 }

118	193

119 # Create a new temporary file and return its name.

120 # File is automatically cleaned when cleanup_temps_and_mounts() is called.

121 make_temp_file() {

122 local tempfile=$(mktemp)

123 echo "$tempfile" >> $TEMP_FILE_LIST

124 echo $tempfile

125 }

126

127 # Create a new temporary directory and return its name.

128 # Directory is automatically deleted and any filesystem mounted on it unmounted

129 # when cleanup_temps_and_mounts() is called.

130 make_temp_dir() {

131 local tempdir=$(mktemp -d)

132 echo "$tempdir" >> $TEMP_DIR_LIST

133 echo $tempdir

134 }

135

136 cleanup_temps_and_mounts() {

137 for i in "$(cat $TEMP_FILE_LIST)"; do

138 rm -f $i

139 done

140 set +e # umount may fail for unmounted directories

141 for i in "$(cat $TEMP_DIR_LIST)"; do

142 if [ -n "$i" ]; then

143 if has_needs_to_be_resigned_tag "$i"; then

144 echo "Warning: image may be modified. Please resign image."

145 fi

146 sudo umount -d $i 2>/dev/null

147 rm -rf $i

148 fi

149 done

150 set -e

151 rm -rf $TEMP_DIR_LIST $TEMP_FILE_LIST

152 }

153

154 # Returns true if all files in parameters exist.

155 ensure_files_exist() {

156 local filename return_value=0

157 for filename in "$@"; do

158 if [ ! -f "$filename" -a ! -b "$filename" ]; then

159 echo "ERROR: Cannot find required file: $filename"

160 return_value=1

161 fi

162 done

163

164 return $return_value

165 }

166

167 # For details, see crosutils.git/common.sh	194 # For details, see crosutils.git/common.sh

168 enable_rw_mount() {	195 enable_rw_mount() {

169 local rootfs="$1"	196 local rootfs="$1"

170 local offset="${2-0}"	197 local offset="${2-0}"

171	198

172 # Make sure we're checking an ext2 image	199 # Make sure we're checking an ext2 image

173 if ! is_ext2 "$rootfs" $offset; then	200 if ! is_ext2 "$rootfs" $offset; then

174 echo "enable_rw_mount called on non-ext2 filesystem: $rootfs $offset" 1>&2	201 echo "enable_rw_mount called on non-ext2 filesystem: $rootfs $offset" 1>&2

175 return 1	202 return 1

176 fi	203 fi

(...skipping 54 matching lines...) Expand 10 before \| Expand all \| Expand 10 after Loading...
231 local ro_compat_offset=$((0x464 + 3)) # Set 'highest' byte	258 local ro_compat_offset=$((0x464 + 3)) # Set 'highest' byte

232 local ro_value=$(sudo dd if="$rootfs" skip=$((offset + ro_compat_offset)) \	259 local ro_value=$(sudo dd if="$rootfs" skip=$((offset + ro_compat_offset)) \

233 count=1 bs=1 2>/dev/null)	260 count=1 bs=1 2>/dev/null)

234 local expected_ro_value=$(printf '\377')	261 local expected_ro_value=$(printf '\377')

235 if [ "$ro_value" = "$expected_ro_value" ]; then	262 if [ "$ro_value" = "$expected_ro_value" ]; then

236 return 0	263 return 0

237 fi	264 fi

238 return 1	265 return 1

239 }	266 }

240	267

	268 # Misc functions

	269 # ----------------------------------------------------------------------------

	270

	271 # Returns true if all files in parameters exist.

	272 # Args: List of files

	273 ensure_files_exist() {

	274 local filename return_value=0

	275 for filename in "$@"; do

	276 if [ ! -f "$filename" -a ! -b "$filename" ]; then

	277 echo "ERROR: Cannot find required file: $filename"

	278 return_value=1

	279 fi

	280 done

	281

	282 return $return_value

	283 }

	284

241 # Check if the 'chronos' user already has a password	285 # Check if the 'chronos' user already has a password

242 # ARGS: rootfs	286 # Args: rootfs

243 no_chronos_password() {	287 no_chronos_password() {

244 local rootfs=$1	288 local rootfs=$1

245 sudo grep -q '^chronos:\*:' "$rootfs/etc/shadow"	289 sudo grep -q '^chronos:\*:' "$rootfs/etc/shadow"

246 }	290 }

247	291

248 trap "cleanup_temps_and_mounts" EXIT

249	292

OLD	NEW

« no previous file with comments | « no previous file | scripts/image_signing/make_dev_firmware.sh » ('j') | scripts/image_signing/tofactory.sh » ('J')