build_image - Issue 6538014: Add transitional flag for enabling arm kernel signing

Keyboard Shortcuts

	File
u :	up to issue
j / k :	jump to file after / before current file
J / K :	jump to next file with a comment after / before current file
	Side-by-side diff
i :	toggle intra-line diffs
e :	expand all comments
c :	collapse all comments
s :	toggle showing all comments
n / p :	next / previous diff chunk or comment
N / P :	next / previous comment
<Up> / <Down> :	next / previous line

	Issue
u :	up to list of issues
j / k :	jump to patch after / before current patch
o / <Enter> :	open current patch in side-by-side view
i :	open current patch in unified diff view

	Issue List
j / k :	jump to issue after / before current issue
o / <Enter> :	open current issue

Unified Diff: build_image

Issue 6538014: Add transitional flag for enabling arm kernel signing (Closed) Base URL: ssh://git@gitrw.chromium.org:9222/crosutils.git@master

Patch Set: Code review Created 9 years, 10 months ago

Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.

Jump to:

View side-by-side diff with in-line comments

Download patch

Index: build_image

diff --git a/build_image b/build_image

index c6fdac0e2b12296813f76c38f5b2f41b2571eb75..306de59b3a52c8f831aaaffa9726d1a5c59c0397 100755

--- a/build_image

+++ b/build_image

@@ -92,6 +92,10 @@ DEFINE_string boot_args "noinitrd" \

DEFINE_string usb_disk /dev/sdb3 \

"Path syslinux should use to do a usb boot. Default: /dev/sdb3"

+# TODO(clchiou): Remove this flag after arm verified boot is stable

+DEFINE_boolean crosbug12352_arm_kernel_signing ${FLAGS_FALSE} \

+ "Sign kernel partition for ARM images (temporary hack)."

DEFINE_boolean enable_rootfs_verification ${FLAGS_TRUE} \

"Default all bootloaders to use kernel-based root fs integrity checking."

DEFINE_integer verity_error_behavior 3 \

@@ -282,6 +286,11 @@ case "${TC_ARCH}" in

exit 1

esac

+if [[ ${FLAGS_crosbug12352_arm_kernel_signing} -eq ${FLAGS_TRUE} ]]; then

+ crosbug12352_flag="--crosbug12352_arm_kernel_signing"

+else

+ crosbug12352_flag="--nocrosbug12352_arm_kernel_signing"

+fi

if [[ ${FLAGS_enable_rootfs_verification} -eq ${FLAGS_TRUE} ]]; then

enable_rootfs_verification_flag="--enable_rootfs_verification"

@@ -405,6 +414,7 @@ create_boot_desc() {

--keys_dir="${DEVKEYSDIR}"

--usb_disk="${FLAGS_usb_disk}"

--nocleanup_dirs

+ ${crosbug12352_flag}

${enable_rootfs_verification_flag}

EOF

}

@@ -794,10 +804,14 @@ fi

# Place flags before positional args

${SCRIPTS_DIR}/bin/cros_make_image_bootable "${OUTPUT_DIR}" \

"${PRISTINE_IMAGE_NAME}" \

- ${USE_DEV_KEYS}

-# FIXME: only signing things for x86 right now.

-if [[ "${ARCH}" = "x86" ]]; then

+ ${USE_DEV_KEYS} \

+ ${crosbug12352_flag}

+# FIXME Test x86 image, and test arm image if enabled;

+# should unconditionally test an image after crosbug12352 is fixed

+if [[ "${ARCH}" = "x86" ]] ||

+ [[ "${ARCH}" = "arm" &&

+ "${FLAGS_crosbug12352_arm_kernel_signing}" -eq "${FLAGS_TRUE}" ]]; then

BOOT_FLAG=

if [ "${FLAGS_dev_install}" -eq "${FLAGS_TRUE}" ] ||

[ "${FLAGS_factory_install}" -eq "${FLAGS_TRUE}" ]; then

@@ -819,7 +833,8 @@ if [ "${FLAGS_withdev}" -eq "${FLAGS_TRUE}" ] ; then

update_dev_packages ${DEVELOPER_IMAGE_NAME}

${SCRIPTS_DIR}/bin/cros_make_image_bootable "${OUTPUT_DIR}" \

- "${DEVELOPER_IMAGE_NAME}"

+ "${DEVELOPER_IMAGE_NAME}" \

+ ${crosbug12352_flag}

# Clean up temporary files.

« no previous file with comments | « bin/cros_make_image_bootable ('k') | build_kernel_image.sh » ('j') | no next file with comments »