diff options
author | Gaurav Shah <gauravsh@chromium.org> | 2011-12-14 18:43:44 -0800 |
---|---|---|
committer | Gaurav Shah <gauravsh@chromium.org> | 2011-12-15 11:35:50 -0800 |
commit | e5d31dce377ad34e2a165e6e5d98f819b20c212d (patch) | |
tree | d006e328157a1dc76bd52cb8780e0c1a25a1ead2 | |
parent | ce6649250583a8f3a7aeac78ee3a00679cf6223d (diff) | |
download | vboot-e5d31dce377ad34e2a165e6e5d98f819b20c212d.tar.gz |
signer: run kernel security test of kernel partition 4 instead of partition 2
The test is run on a recovery image by the signer. We care more about the
parameters on the kernel partition 4 (the SSD install kernel) than 2.
It'd be nice to have security test on the recovery kernel too and I have
marked that as a TODO for now.
BUG=chromium-os:24077
TEST=tested on a R17 and R18 mario, alex and zgb image.
Change-Id: Ia27ceaefb24dff64115f08b1cc6bbb75d1900071
Reviewed-on: https://gerrit.chromium.org/gerrit/12970
Reviewed-by: Jim Hebert <jimhebert@chromium.org>
Tested-by: Gaurav Shah <gauravsh@chromium.org>
-rwxr-xr-x | scripts/image_signing/ensure_secure_kernelparams.sh | 6 |
1 files changed, 5 insertions, 1 deletions
diff --git a/scripts/image_signing/ensure_secure_kernelparams.sh b/scripts/image_signing/ensure_secure_kernelparams.sh index 0fa116ee..52a3ce99 100755 --- a/scripts/image_signing/ensure_secure_kernelparams.sh +++ b/scripts/image_signing/ensure_secure_kernelparams.sh @@ -76,7 +76,11 @@ main() { . "$configfile" local kernelblob=$(make_temp_file) - extract_image_partition "$image" 2 "$kernelblob" + # TODO(jimhebert): Perform the kernel security tests on both the kernel + # partitions. Here, we just run it on kernel partition 4 + # which is the install kernel on the recovery image. + # crosbug.com/24274 + extract_image_partition "$image" 4 "$kernelblob" local rootfs=$(make_temp_dir) mount_image_partition_ro "$image" 3 "$rootfs" |