summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorHung-Te Lin <hungte@chromium.org>2016-12-14 11:34:33 +0800
committerchrome-bot <chrome-bot@chromium.org>2016-12-14 06:03:12 -0800
commit1a0679c1a4386de578566955ee7504a75e0c5885 (patch)
tree52a7d2e3acf231b02550fb5bc63c0650df878caf
parent8bb1c3b852030dbecc58e6ec6c790ede621bc6e9 (diff)
downloadvboot-1a0679c1a4386de578566955ee7504a75e0c5885.tar.gz
scripts: Change anti-rollback check from error to warning for make_dev_firmware.
Currently make_dev_firmware will abort if the stored TPM version is higher and ask user to reset TPM; however that is not very feasible because: (1) If the device is still MP-signed, external users can't boot dev-signed factory shim or recovery or test images. (2) Even if the user is able to reset TPM, the stored TPM version will be increased again when user boots into the image for running make_dev_firmware. As a result, the right flow is to allow user (with warning and instructions) resign firmware with dev-keys, boot into recovery mode due to anti-rollback check, and then boot any dev-signed image to reset TPM. BRANCH=none BUG=None TEST=./make_dev_firmware.sh # see warning message. Change-Id: Ifd4cd9912ab505427c985154b3f469e1485789b2 Reviewed-on: https://chromium-review.googlesource.com/419898 Commit-Ready: Hung-Te Lin <hungte@chromium.org> Tested-by: Hung-Te Lin <hungte@chromium.org> Reviewed-by: Mattias Nissler <mnissler@chromium.org> Reviewed-by: Bill Richardson <wfrichar@chromium.org>
-rwxr-xr-xscripts/image_signing/make_dev_firmware.sh15
1 files changed, 11 insertions, 4 deletions
diff --git a/scripts/image_signing/make_dev_firmware.sh b/scripts/image_signing/make_dev_firmware.sh
index c2ce4128..45bf07ae 100755
--- a/scripts/image_signing/make_dev_firmware.sh
+++ b/scripts/image_signing/make_dev_firmware.sh
@@ -222,11 +222,18 @@ main() {
# TODO(hungte) Change key block by data_key_version.
if [ "$data_key_version" -gt "$new_data_key_version" ]; then
- err_die "Sorry, firmware data key version <$new_data_key_version> in" \
- "your new keys [$FLAGS_keys] is smaller than original firmware" \
- "<$data_key_version> and won't boot due to TPM anti-rollback" \
- "detection. You have to first reset TPM."
+ echo "$(tput bold)$(tput setaf 1)
+ Warning: firmware data key version <$new_data_key_version> in your new keys
+ [$FLAGS_keys] is smaller than original firmware <$data_key_version> and
+ will boot into only recovery mode due to TPM anti-rollback detection.
+
+ After reboot with dev recovery key, you will need to reset TPM by booting a
+ test or dev image in recovery mode (NOT Ctrl-U), switch to VT2 and run
+ command <chromoes-tpm-recovery>; or use a factory install shim image
+ (build_image factory_install).
+ $(tput sgr 0)" >&2
fi
+
echo "Signing with Data Key Version: $data_key_version, " \
"Firmware Version: $firmware_version"