Chromium Code Reviews
chromiumcodereview-hr@appspot.gserviceaccount.com (chromiumcodereview-hr) | Please choose your nickname with Settings | Help | Chromium Project | Gerrit Changes | Sign out
(311)

Issues Search
    My Issues | Starred     Open | Closed | All

Side by Side Diff: scripts/image_signing/make_dev_ssd.sh

Issue 6799007: vboot_reference: allow using recovery_key in make_dev_ssd. (Closed) Base URL: ssh://gitrw.chromium.org:9222/vboot_reference.git@master
Patch Set: Created 9 years, 8 months ago
Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.
Jump to:
View unified diff | Download patch | Annotate | Revision Log
« no previous file with comments | « no previous file | no next file » | no next file with comments »
Toggle Intra-line Diffs ('i') | Expand Comments ('e') | Collapse Comments ('c') | Show Comments Hide Comments ('s')
OLDNEW
1 #!/bin/sh 1 #!/bin/sh
2 # 2 #
3 # Copyright (c) 2011 The Chromium OS Authors. All rights reserved. 3 # Copyright (c) 2011 The Chromium OS Authors. All rights reserved.
4 # Use of this source code is governed by a BSD-style license that can be 4 # Use of this source code is governed by a BSD-style license that can be
5 # found in the LICENSE file. 5 # found in the LICENSE file.
6 # 6 #
7 # This script can change key (usually developer keys) and kernel config 7 # This script can change key (usually developer keys) and kernel config
8 # of a kernels on SSD. 8 # of a kernels on SSD.
9 9
10 SCRIPT_BASE="$(dirname "$0")" 10 SCRIPT_BASE="$(dirname "$0")"
(...skipping 12 matching lines...) Expand all
23 DEFINE_boolean remove_rootfs_verification \ 23 DEFINE_boolean remove_rootfs_verification \
24 $FLAGS_FALSE "Modify kernel boot config to disable rootfs verification" "" 24 $FLAGS_FALSE "Modify kernel boot config to disable rootfs verification" ""
25 DEFINE_string backup_dir \ 25 DEFINE_string backup_dir \
26 "$DEFAULT_BACKUP_FOLDER" "Path of directory to store kernel backups" "" 26 "$DEFAULT_BACKUP_FOLDER" "Path of directory to store kernel backups" ""
27 DEFINE_string save_config "" \ 27 DEFINE_string save_config "" \
28 "Base filename to store kernel configs to, instead of resigning." "" 28 "Base filename to store kernel configs to, instead of resigning." ""
29 DEFINE_string set_config "" \ 29 DEFINE_string set_config "" \
30 "Base filename to load kernel configs from" "" 30 "Base filename to load kernel configs from" ""
31 DEFINE_string partitions "$DEFAULT_PARTITIONS" \ 31 DEFINE_string partitions "$DEFAULT_PARTITIONS" \
32 "List of partitions to examine" "" 32 "List of partitions to examine" ""
33 DEFINE_boolean recovery_key "$FLAGS_FALSE" \
34 "Use recovery key to sign image (to boot from USB" ""
33 35
34 # Parse command line 36 # Parse command line
35 FLAGS "$@" || exit 1 37 FLAGS "$@" || exit 1
36 eval set -- "$FLAGS_ARGV" 38 eval set -- "$FLAGS_ARGV"
37 39
38 # Globals 40 # Globals
39 # ---------------------------------------------------------------------------- 41 # ----------------------------------------------------------------------------
40 set -e 42 set -e
41 43
42 # a log file to keep the output results of executed command 44 # a log file to keep the output results of executed command
(...skipping 205 matching lines...) Expand 10 before | Expand all | Expand 10 after
248 250
249 return $resigned_kernels 251 return $resigned_kernels
250 } 252 }
251 253
252 # Main 254 # Main
253 # ---------------------------------------------------------------------------- 255 # ----------------------------------------------------------------------------
254 main() { 256 main() {
255 local num_signed=0 257 local num_signed=0
256 local num_given=$(echo "$FLAGS_partitions" | wc -w) 258 local num_given=$(echo "$FLAGS_partitions" | wc -w)
257 # Check parameters 259 # Check parameters
258 KERNEL_KEYBLOCK="$FLAGS_keys/kernel.keyblock" 260 if [ "$FLAGS_recovery_key" = "$FLAGS_TRUE" ]; then
259 KERNEL_DATAKEY="$FLAGS_keys/kernel_data_key.vbprivk" 261 KERNEL_KEYBLOCK="$FLAGS_keys/recovery_kernel.keyblock"
260 KERNEL_PUBKEY="$FLAGS_keys/kernel_subkey.vbpubk" 262 KERNEL_DATAKEY="$FLAGS_keys/recovery_kernel_data_key.vbprivk"
263 KERNEL_PUBKEY="$FLAGS_keys/recovery_key.vbpubk"
264 else
265 KERNEL_KEYBLOCK="$FLAGS_keys/kernel.keyblock"
266 KERNEL_DATAKEY="$FLAGS_keys/kernel_data_key.vbprivk"
267 KERNEL_PUBKEY="$FLAGS_keys/kernel_subkey.vbpubk"
268 fi
261 269
262 debug_msg "Prerequisite check" 270 debug_msg "Prerequisite check"
263 ensure_files_exist \ 271 ensure_files_exist \
264 "$KERNEL_KEYBLOCK" \ 272 "$KERNEL_KEYBLOCK" \
265 "$KERNEL_DATAKEY" \ 273 "$KERNEL_DATAKEY" \
266 "$KERNEL_PUBKEY" \ 274 "$KERNEL_PUBKEY" \
267 "$FLAGS_image" || 275 "$FLAGS_image" ||
268 exit 1 276 exit 1
269 277
270 resign_ssd_kernel "$FLAGS_image" || num_signed=$? 278 resign_ssd_kernel "$FLAGS_image" || num_signed=$?
271 279
272 debug_msg "Complete." 280 debug_msg "Complete."
273 if [ $num_signed -gt 0 -a $num_signed -le $num_given ]; then 281 if [ $num_signed -gt 0 -a $num_signed -le $num_given ]; then
274 # signed something at least 282 # signed something at least
275 echo "Successfully re-signed $num_signed of $num_given kernel(s)" \ 283 echo "Successfully re-signed $num_signed of $num_given kernel(s)" \
276 " on device $FLAGS_image". 284 " on device $FLAGS_image".
277 else 285 else
278 err_die "Failed re-signing kernels." 286 err_die "Failed re-signing kernels."
279 fi 287 fi
280 } 288 }
281 289
282 main 290 main
OLDNEW
« no previous file with comments | « no previous file | no next file » | no next file with comments »

Powered by Google App Engine
This is Rietveld 408576698