summaryrefslogtreecommitdiff
path: root/scripts
diff options
context:
space:
mode:
authorYury Khmel <khmel@google.com>2020-12-03 19:09:00 +0000
committerMike Frysinger <vapier@chromium.org>2020-12-05 05:14:02 +0000
commit1009be350708b0782fa875c0f4b165dcd8f9ba0b (patch)
treea3c7b92e169aa8d599dc05b8b11ee2e0af3b485b /scripts
parent3b4b439b6450ceacd36d91036e4509b8b6f7880c (diff)
downloadvboot-1009be350708b0782fa875c0f4b165dcd8f9ba0b.tar.gz
signer: Verify many Android signer operations that content is unchanged.stabilize-13654.B
This adds extra verifications to many Android signer operation in order to narrow down the problem when empty folders are removed from the disk. BUG=chromium:1154734 TEST=Locally image signing passed. Emulated problem and it was detected. BRANCH=none Signed-off-by: Yury Khmel <khmel@google.com> Change-Id: If8bb9fced290117766bfa9ff76a25fc86ed263dc Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/vboot_reference/+/2572240 Reviewed-by: Mike Frysinger <vapier@chromium.org>
Diffstat (limited to 'scripts')
-rwxr-xr-xscripts/image_signing/sign_android_image.sh37
1 files changed, 29 insertions, 8 deletions
diff --git a/scripts/image_signing/sign_android_image.sh b/scripts/image_signing/sign_android_image.sh
index bd107899..cb45fe9e 100755
--- a/scripts/image_signing/sign_android_image.sh
+++ b/scripts/image_signing/sign_android_image.sh
@@ -37,6 +37,7 @@ set -e
sign_framework_apks() {
local system_mnt="$1"
local key_dir="$2"
+ local working_dir="$3"
local flavor_prop=""
local keyset=""
@@ -53,6 +54,9 @@ sign_framework_apks() {
info "Start signing framework apks"
+ image_content_integrity_check "${system_mnt}" "${working_dir}" \
+ "Prepare apks signing"
+
# Counters for validity check.
local counter_platform=0
local counter_media=0
@@ -116,6 +120,8 @@ build flavor '${flavor_prop}'."
--in "${temp_apk}" --out "${signed_apk}" \
${extra_flags}
fi
+ image_content_integrity_check "${system_mnt}" "${working_dir}" \
+ "sign apk ${signed_apk}"
# Copy the content instead of mv to avoid owner/mode changes.
sudo cp "${signed_apk}" "${apk}" && rm -f "${signed_apk}"
@@ -127,6 +133,8 @@ build flavor '${flavor_prop}'."
: $(( counter_${keyname} += 1 ))
: $(( counter_total += 1 ))
+ image_content_integrity_check "${system_mnt}" "${working_dir}" \
+ "update re-signed apk ${apk}"
done < <(find "${system_mnt}/system" -type f -name '*.apk' -print0)
info "Found ${counter_platform} platform APKs."
@@ -234,6 +242,18 @@ snapshot_file_properties() {
sudo find "${dir}" -exec stat -c '%n:%u:%g:%a' {} + | sort
}
+# Integrity check that image content is unchanged.
+image_content_integrity_check() {
+ local system_mnt=$1
+ local working_dir=$2
+ local reason=$3
+ snapshot_file_properties "${system_mnt}" > "${working_dir}/properties.new"
+ local d
+ if ! d=$(diff "${working_dir}"/properties.{orig,new}); then
+ die "Unexpected change of file property, diff due to ${reason}\n${d}"
+ fi
+}
+
main() {
local root_fs_dir=$1
local key_dir=$2
@@ -293,16 +313,17 @@ main() {
snapshot_file_properties "${system_mnt}" > "${working_dir}/properties.orig"
- sign_framework_apks "${system_mnt}" "${key_dir}"
+ sign_framework_apks "${system_mnt}" "${key_dir}" "${working_dir}"
+ image_content_integrity_check "${system_mnt}" "${working_dir}" \
+ "sign_framework_apks"
+
update_sepolicy "${system_mnt}" "${key_dir}"
- replace_ota_cert "${system_mnt}" "${key_dir}/releasekey.x509.pem"
+ image_content_integrity_check "${system_mnt}" "${working_dir}" \
+ "update_sepolicy"
- # Validity check.
- snapshot_file_properties "${system_mnt}" > "${working_dir}/properties.new"
- local d
- if ! d=$(diff "${working_dir}"/properties.{orig,new}); then
- die "Unexpected change of file property, diff\n${d}"
- fi
+ replace_ota_cert "${system_mnt}" "${key_dir}/releasekey.x509.pem"
+ image_content_integrity_check "${system_mnt}" "${working_dir}" \
+ "replace_ota_cert"
# Packages cache needs to be regenerated when the key and timestamp are
# changed for apks.