OLD | NEW |
1 #!/bin/sh | 1 #!/bin/sh |
2 # | 2 # |
3 # Copyright (c) 2011 The Chromium OS Authors. All rights reserved. | 3 # Copyright (c) 2011 The Chromium OS Authors. All rights reserved. |
4 # Use of this source code is governed by a BSD-style license that can be | 4 # Use of this source code is governed by a BSD-style license that can be |
5 # found in the LICENSE file. | 5 # found in the LICENSE file. |
6 # | 6 # |
7 # This script can change key (usually developer keys) and kernel config | 7 # This script can change key (usually developer keys) and kernel config |
8 # of a kernels on SSD. | 8 # of a kernels on SSD. |
9 | 9 |
10 SCRIPT_BASE="$(dirname "$0")" | 10 SCRIPT_BASE="$(dirname "$0")" |
(...skipping 141 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
152 elif ! is_rootfs_verification_enabled "$kernel_config"; then | 152 elif ! is_rootfs_verification_enabled "$kernel_config"; then |
153 echo "INFO: $name: rootfs verification was not enabled." | 153 echo "INFO: $name: rootfs verification was not enabled." |
154 else | 154 else |
155 debug_msg "Changing boot parameter to remove rootfs verification" | 155 debug_msg "Changing boot parameter to remove rootfs verification" |
156 kernel_config="$(remove_rootfs_verification "$kernel_config")" | 156 kernel_config="$(remove_rootfs_verification "$kernel_config")" |
157 debug_msg "New kernel config: $kernel_config" | 157 debug_msg "New kernel config: $kernel_config" |
158 echo "$name: Disabled rootfs verification." | 158 echo "$name: Disabled rootfs verification." |
159 fi | 159 fi |
160 | 160 |
161 local new_kernel_config_file="$(make_temp_file)" | 161 local new_kernel_config_file="$(make_temp_file)" |
162 echo "$kernel_config" >"$new_kernel_config_file" | 162 echo -n "$kernel_config" >"$new_kernel_config_file" |
163 | 163 |
164 debug_msg "Re-signing $name from $old_blob to $new_blob" | 164 debug_msg "Re-signing $name from $old_blob to $new_blob" |
165 debug_msg "Using key: $KERNEL_DATAKEY" | 165 debug_msg "Using key: $KERNEL_DATAKEY" |
166 vbutil_kernel \ | 166 vbutil_kernel \ |
167 --repack "$new_blob" \ | 167 --repack "$new_blob" \ |
168 --keyblock "$KERNEL_KEYBLOCK" \ | 168 --keyblock "$KERNEL_KEYBLOCK" \ |
169 --config "$new_kernel_config_file" \ | 169 --config "$new_kernel_config_file" \ |
170 --signprivate "$KERNEL_DATAKEY" \ | 170 --signprivate "$KERNEL_DATAKEY" \ |
171 --oldblob "$old_blob" >"$EXEC_LOG" 2>&1 || | 171 --oldblob "$old_blob" >"$EXEC_LOG" 2>&1 || |
172 err_die "Failed to resign $name. Message: $(cat "$EXEC_LOG")" | 172 err_die "Failed to resign $name. Message: $(cat "$EXEC_LOG")" |
(...skipping 100 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
273 if [ $num_signed -gt 0 -a $num_signed -le $num_given ]; then | 273 if [ $num_signed -gt 0 -a $num_signed -le $num_given ]; then |
274 # signed something at least | 274 # signed something at least |
275 echo "Successfully re-signed $num_signed of $num_given kernel(s)" \ | 275 echo "Successfully re-signed $num_signed of $num_given kernel(s)" \ |
276 " on device $FLAGS_image". | 276 " on device $FLAGS_image". |
277 else | 277 else |
278 err_die "Failed re-signing kernels." | 278 err_die "Failed re-signing kernels." |
279 fi | 279 fi |
280 } | 280 } |
281 | 281 |
282 main | 282 main |
OLD | NEW |