diff options
| author | Chirantan Ekbote <chirantan@chromium.org> | 2015-03-18 14:45:45 -0700 |
|---|---|---|
| committer | ChromeOS Commit Bot <chromeos-commit-bot@chromium.org> | 2015-03-19 23:48:46 +0000 |
| commit | eee1b3d227b92c916640f4f79a3f090b620d0be8 (patch) | |
| tree | 8222d6ebecc387db5b13cfbf5a75dfaf318292c9 | |
| parent | d75eb7f77a3a7449e2577523a8a648ff0f3ccad2 (diff) | |
| download | vboot-eee1b3d227b92c916640f4f79a3f090b620d0be8.tar.gz | |
Add sanity check for dev_boot_signed_only
Removing rootfs verification or resigning kernels can lead to an
unusable system if the dev_boot_signed_only flag is set. Add a sanity
check to print out an error when this happens.
BRANCH=none
BUG=none
TEST=manual
Run /usr/share/vboot/bin/make_dev_ssd.sh with the dev_boot_signed_only
flag set to 1 and observe that an error message is printed.
Change-Id: If116538152ee3122e3b742918bf1676982754fdd
Reviewed-on: https://chromium-review.googlesource.com/260970
Trybot-Ready: Chirantan Ekbote <chirantan@chromium.org>
Tested-by: Chirantan Ekbote <chirantan@chromium.org>
Reviewed-by: Randall Spangler <rspangler@chromium.org>
Reviewed-by: Hung-Te Lin <hungte@chromium.org>
Commit-Queue: Chirantan Ekbote <chirantan@chromium.org>
| -rwxr-xr-x | scripts/image_signing/make_dev_ssd.sh | 29 |
1 files changed, 28 insertions, 1 deletions
diff --git a/scripts/image_signing/make_dev_ssd.sh b/scripts/image_signing/make_dev_ssd.sh index bfd4e4a6..df8ad469 100755 --- a/scripts/image_signing/make_dev_ssd.sh +++ b/scripts/image_signing/make_dev_ssd.sh @@ -293,6 +293,32 @@ resign_ssd_kernel() { return $resigned_kernels } +sanity_check_crossystem_flags() { + debug_msg "crossystem sanity check" + if [ -n "${FLAGS_save_config}" ]; then + debug_msg "not resigning kernel." + return + fi + + if [ "$(crossystem dev_boot_signed_only)" = "0" ]; then + debug_msg "dev_boot_signed_only not set - safe." + return + fi + + echo " + ERROR: YOUR FIRMWARE WILL ONLY BOOT SIGNED IMAGES. + + Modifying the kernel or root filesystem will result in an unusable system. If + you really want to make this change, allow the firmware to boot self-signed + images by running: + + sudo crossystem dev_boot_signed_only=0 + + before re-executing this command. + " + return $FLAGS_FALSE +} + sanity_check_live_partitions() { debug_msg "Partition sanity check" if [ "$FLAGS_partitions" = "$ROOTDEV_KERNEL" ]; then @@ -418,7 +444,8 @@ main() { done echo "" elif ! sanity_check_live_firmware || - ! sanity_check_live_partitions; then + ! sanity_check_live_partitions || + ! sanity_check_crossystem_flags; then err_die "IMAGE $FLAGS_image IS NOT MODIFIED." fi fi |