| Index: init
|
| diff --git a/init b/init
|
| index b812fc15557037a30a4cdd2a2c2223082b35918c..52cd73b17528842b66637d47fec4b3a8f5a882c4 100644
|
| --- a/init
|
| +++ b/init
|
| @@ -9,7 +9,6 @@
|
|
|
| # USB card partition and mount point.
|
| USB_DEVS="sdb3 sdc3 mmcblk1p3"
|
| -USB_SHIM_DEVS="sdb1 sdc1 mmcblk1p1"
|
| USB_MNT=/usb
|
| REAL_USB_DEV=
|
| DM_NAME=
|
| @@ -25,10 +24,6 @@ LOG_FILE="/log/recovery.log"
|
| TPM_B_LOCKED=
|
| TPM_PP_LOCKED=
|
|
|
| -# Developer script to run
|
| -SHIM_SCRIPT="$STATEFUL_MNT/userdir/runme"
|
| -SHIM_VBLOCK="$STATEFUL_MNT/userdir/runme.vblock"
|
| -
|
| KERN_B_VBLOCK="$STATEFUL_MNT/vmlinuz_hd.vblock"
|
| REAL_KERN_B_HASH=
|
|
|
| @@ -175,32 +170,6 @@ find_developer_root() {
|
| return 0
|
| }
|
|
|
| -# If this kernel image has been placed on a drive with only a
|
| -# stateful partition, root detection will rightly fail. However,
|
| -# we can still run a developer supplied script so we will pretend
|
| -# stateful is the root (USB_DEV).
|
| -find_shim_root() {
|
| - # Lock the TPM prior to using an untrusted root.
|
| - lock_tpm || return 1
|
| - plog "\nSearching for an alternate recovery image . . ."
|
| - dlog -n "Waiting for $USB_SHIM_DEVS to appear"
|
| - for try in $(seq 20); do
|
| - plog " ."
|
| - for dev in $USB_SHIM_DEVS; do
|
| - if [ -b "/dev/${dev}" ]; then
|
| - USB_DEV="/dev/${dev}"
|
| - REAL_USB_DEV="$USB_DEV"
|
| - dlog "Found $USB_DEV"
|
| - set_unofficial_root || on_error
|
| - mount_usb || return 1
|
| - return 0
|
| - fi
|
| - done
|
| - sleep 1
|
| - done
|
| - return 1
|
| -}
|
| -
|
| # If we have a verified recovery root, ensure all blocks are valid before
|
| # handing it off to the installer.
|
| validate_recovery_root() {
|
| @@ -429,50 +398,6 @@ check_key_or_wait() {
|
| return 0
|
| }
|
|
|
| -# Never returns on success.
|
| -attempt_shim_script() {
|
| - # TODO(wad) Add static root of trust validation then remove the next line.
|
| - # http://crosbug/8390
|
| - is_developer_mode || return 1
|
| -
|
| - # Now we will either install a colocated Chromium OS image by
|
| - # checking the keys on KERN-B against any on disk (KERN-[ABC])
|
| - # or by checking a signed script on stateful.
|
| - dlog "Checking for a shim script . . ."
|
| - [ -x "$SHIM_SCRIPT" ] || return 1
|
| - [ -f "$SHIM_VBLOCK" ] || return 1
|
| - log "Shim script and signing file found!"
|
| -
|
| - plog "Verifying the signature on the script . . ."
|
| - # Extract pubkey and check signature
|
| - if ! dev_sign_file --verify "$SHIM_SCRIPT" \
|
| - --vblock "$SHIM_VBLOCK" \
|
| - --keyblock /tmp/shim.keyblock; then
|
| - log " failed."
|
| - fi
|
| - log " done."
|
| -
|
| - # If we're not in developer mode, this will be terminal on failure.
|
| - check_key_or_wait /tmp/shim.keyblock
|
| -
|
| - # Run the user supplied script. It is done in the current environment
|
| - # to avoid needing anything other than the script/program on the partition.
|
| - log "Executing shim script . . ."
|
| -
|
| - dlog "calling $SHIM_SCRIPT with exec"
|
| - # Fix up the input/output
|
| - stop_log_file
|
| - set +x
|
| - exec &> "$TTY_PATH"1
|
| - exec < "$TTY_PATH"1
|
| - # Call the script!
|
| - exec "$SHIM_SCRIPT"
|
| -
|
| - # Never reached.
|
| - save_log_file
|
| - return 0
|
| -}
|
| -
|
| get_kern_b_device() {
|
| # TODO(wad) By changing boot priority, could we end up
|
| # checking the recovery image or the recovery image could not
|
| @@ -616,16 +541,7 @@ recover_system() {
|
| dlog "Beginning system recovery from $source"
|
|
|
| recovery_wait
|
| -
|
| - if is_unofficial_root; then
|
| - dlog "Attempting to use shim . . ."
|
| - # Mounting read only so a journal is not needed.
|
| - # If it fails, we can still proceed on a normal recovery path.
|
| - mount -n -o ro -t ext2 "$STATE_DEV" "$STATEFUL_MNT"
|
| - attempt_shim_script # never returns on success.
|
| - umount "$STATEFUL_MNT"
|
| - fi
|
| -
|
| +
|
| # If we're not running a developer script then we're either
|
| # installing a developer image or an official one. If we're
|
| # in normal recovery mode, then we require that the KERN-B
|
| @@ -746,7 +662,7 @@ main() {
|
| log ""
|
| fi
|
|
|
| - if find_official_root || find_developer_root || find_shim_root; then
|
| + if find_official_root || find_developer_root; then
|
| log " found."
|
| else
|
| log " not found."
|
| @@ -783,7 +699,7 @@ main() {
|
| # Chrome OS recovery kernel.
|
| if ! validate_recovery_root; then
|
| is_developer_mode || on_error
|
| - find_developer_root || find_shim_root || on_error
|
| + find_developer_root || on_error
|
| log " found."
|
| # This logic is duplicated to avoid double validating factory media. It
|
| # will only be hit if a verified root can be mounted but is actually not
|
|
|
Chromium Code Reviews
Issue 6658025:
Remove dev shim support from initramfs. (Closed)
Base URL: ssh://git@gitrw.chromium.org:9222/initramfs.git@master