Chromium Code Reviews
chromiumcodereview-hr@appspot.gserviceaccount.com (chromiumcodereview-hr) | Please choose your nickname with Settings | Help | Chromium Project | Gerrit Changes | Sign out
(178)

Issues Search
    My Issues | Starred     Open | Closed | All

Side by Side Diff: bin/cros_make_image_bootable

Issue 6538014: Add transitional flag for enabling arm kernel signing (Closed) Base URL: ssh://git@gitrw.chromium.org:9222/crosutils.git@master
Patch Set: Code review Created 9 years, 10 months ago
Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.
Jump to:
View unified diff | Download patch | Annotate | Revision Log
« no previous file with comments | « no previous file | build_image » ('j') | build_image » ('J')
Toggle Intra-line Diffs ('i') | Expand Comments ('e') | Collapse Comments ('c') | Show Comments Hide Comments ('s')
OLDNEW
1 #!/bin/bash 1 #!/bin/bash
2 # 2 #
3 # Copyright (c) 2010 The Chromium OS Authors. All rights reserved. 3 # Copyright (c) 2010 The Chromium OS Authors. All rights reserved.
4 # Use of this source code is governed by a BSD-style license that can be 4 # Use of this source code is governed by a BSD-style license that can be
5 # found in the LICENSE file. 5 # found in the LICENSE file.
6 # 6 #
7 # Script which ensures that a given image has an up-to-date 7 # Script which ensures that a given image has an up-to-date
8 # kernel partition, rootfs integrity hashes, and legacy bootloader configs. 8 # kernel partition, rootfs integrity hashes, and legacy bootloader configs.
9 9
10 # --- BEGIN COMMON.SH BOILERPLATE --- 10 # --- BEGIN COMMON.SH BOILERPLATE ---
(...skipping 99 matching lines...) Expand 10 before | Expand all | Expand 10 after
110 DEFINE_string rootfs_mountpoint "/tmp/rootfs" \ 110 DEFINE_string rootfs_mountpoint "/tmp/rootfs" \
111 "Path where the rootfs can be safely mounted" 111 "Path where the rootfs can be safely mounted"
112 DEFINE_string statefulfs_mountpoint "/tmp/statefulfs" \ 112 DEFINE_string statefulfs_mountpoint "/tmp/statefulfs" \
113 "Path where the statefulfs can be safely mounted" 113 "Path where the statefulfs can be safely mounted"
114 DEFINE_string espfs_mountpoint "/tmp/espfs" \ 114 DEFINE_string espfs_mountpoint "/tmp/espfs" \
115 "Path where the espfs can be safely mounted" 115 "Path where the espfs can be safely mounted"
116 116
117 DEFINE_boolean use_dev_keys ${FLAGS_FALSE} \ 117 DEFINE_boolean use_dev_keys ${FLAGS_FALSE} \
118 "Use developer keys for signing. (Default: false)" 118 "Use developer keys for signing. (Default: false)"
119 119
120 # TODO(clchiou): Remove this flag after arm verified boot is stable
121 DEFINE_boolean crosbug12352_arm_kernel_signing ${FLAGS_FALSE} \
122 "Sign kernel partition for ARM images (temporary hack)."
123
120 # TODO(sosa): Remove once known images no longer use this in their config. 124 # TODO(sosa): Remove once known images no longer use this in their config.
121 DEFINE_string arm_extra_bootargs "" "DEPRECATED FLAG. Do not use." 125 DEFINE_string arm_extra_bootargs "" "DEPRECATED FLAG. Do not use."
122 126
123 # Parse the boot.desc and any overrides 127 # Parse the boot.desc and any overrides
124 eval set -- "${BOOT_DESC} ${FLAG_OVERRIDES}" 128 eval set -- "${BOOT_DESC} ${FLAG_OVERRIDES}"
125 FLAGS "${@}" || exit 1 129 FLAGS "${@}" || exit 1
126 130
127 # Only now can we die on error. shflags functions leak non-zero error codes, 131 # Only now can we die on error. shflags functions leak non-zero error codes,
128 # so will die prematurely if 'set -e' is specified before now. 132 # so will die prematurely if 'set -e' is specified before now.
129 set -e -u 133 set -e -u
130 134
135 if [[ ${FLAGS_crosbug12352_arm_kernel_signing} -eq ${FLAGS_TRUE} ]]; then
136 crosbug12352_flag="--crosbug12352_arm_kernel_signing"
137 else
138 crosbug12352_flag="--nocrosbug12352_arm_kernel_signing"
139 fi
140
131 # $1 - Directory where developer rootfs is mounted. 141 # $1 - Directory where developer rootfs is mounted.
132 # $2 - Directory where developer stateful_partition is mounted. 142 # $2 - Directory where developer stateful_partition is mounted.
133 # $3 - Directory where the ESP partition is mounted. 143 # $3 - Directory where the ESP partition is mounted.
134 mount_gpt_cleanup() { 144 mount_gpt_cleanup() {
135 local rootfs="${1-$FLAGS_rootfs_mountpoint}" 145 local rootfs="${1-$FLAGS_rootfs_mountpoint}"
136 local statefs="${2-$FLAGS_statefulfs_mountpoint}" 146 local statefs="${2-$FLAGS_statefulfs_mountpoint}"
137 local espfs="${3-$FLAGS_espfs_mountpoint}" 147 local espfs="${3-$FLAGS_espfs_mountpoint}"
138 "${SCRIPTS_DIR}/mount_gpt_image.sh" \ 148 "${SCRIPTS_DIR}/mount_gpt_image.sh" \
139 -u -r "${rootfs}" -s "${statefs}" -e "${espfs}" 149 -u -r "${rootfs}" -s "${statefs}" -e "${espfs}"
140 } 150 }
(...skipping 45 matching lines...) Expand 10 before | Expand all | Expand 10 after
186 --boot_args="${FLAGS_boot_args}" \ 196 --boot_args="${FLAGS_boot_args}" \
187 --keep_work \ 197 --keep_work \
188 --rootfs_image=${root_dev} \ 198 --rootfs_image=${root_dev} \
189 --rootfs_hash=${FLAGS_rootfs_hash} \ 199 --rootfs_hash=${FLAGS_rootfs_hash} \
190 --verity_hash_alg=${FLAGS_verity_algorithm} \ 200 --verity_hash_alg=${FLAGS_verity_algorithm} \
191 --verity_tree_depth=${FLAGS_verity_depth} \ 201 --verity_tree_depth=${FLAGS_verity_depth} \
192 --verity_max_ios=${FLAGS_verity_max_ios} \ 202 --verity_max_ios=${FLAGS_verity_max_ios} \
193 --verity_error_behavior=${FLAGS_verity_error_behavior} \ 203 --verity_error_behavior=${FLAGS_verity_error_behavior} \
194 --root=${cros_root} \ 204 --root=${cros_root} \
195 --keys_dir="${FLAGS_keys_dir}" \ 205 --keys_dir="${FLAGS_keys_dir}" \
206 ${crosbug12352_flag} \
196 ${use_dev_keys} 207 ${use_dev_keys}
197 208
198 local rootfs_hash_size=$(stat -c '%s' ${FLAGS_rootfs_hash}) 209 local rootfs_hash_size=$(stat -c '%s' ${FLAGS_rootfs_hash})
199 info "Appending rootfs.hash (${rootfs_hash_size} bytes) to the root fs" 210 info "Appending rootfs.hash (${rootfs_hash_size} bytes) to the root fs"
200 if [[ ${rootfs_hash_size} -gt $((FLAGS_rootfs_hash_pad * 1024 * 1024)) ]] 211 if [[ ${rootfs_hash_size} -gt $((FLAGS_rootfs_hash_pad * 1024 * 1024)) ]]
201 then 212 then
202 die "--rootfs_hash_pad reserves less than the needed ${rootfs_hash_size}" 213 die "--rootfs_hash_pad reserves less than the needed ${rootfs_hash_size}"
203 fi 214 fi
204 # Unfortunately, mount_gpt_image uses mount and not losetup to create the 215 # Unfortunately, mount_gpt_image uses mount and not losetup to create the
205 # loop devices. This means that they are not the correct size. We have to 216 # loop devices. This means that they are not the correct size. We have to
(...skipping 92 matching lines...) Expand 10 before | Expand all | Expand 10 after
298 mkdir -p ${FLAGS_espfs_mountpoint} 309 mkdir -p ${FLAGS_espfs_mountpoint}
299 310
300 make_image_bootable "${IMAGE}" 311 make_image_bootable "${IMAGE}"
301 verify_image_rootfs "${IMAGE}" 312 verify_image_rootfs "${IMAGE}"
302 313
303 if [ ${FLAGS_cleanup_dirs} -eq ${FLAGS_TRUE} ]; then 314 if [ ${FLAGS_cleanup_dirs} -eq ${FLAGS_TRUE} ]; then
304 rmdir ${FLAGS_rootfs_mountpoint} 315 rmdir ${FLAGS_rootfs_mountpoint}
305 rmdir ${FLAGS_statefulfs_mountpoint} 316 rmdir ${FLAGS_statefulfs_mountpoint}
306 rmdir ${FLAGS_espfs_mountpoint} 317 rmdir ${FLAGS_espfs_mountpoint}
307 fi 318 fi
OLDNEW
« no previous file with comments | « no previous file | build_image » ('j') | build_image » ('J')

Powered by Google App Engine
This is Rietveld 408576698