diff options
| author | Bill Richardson <wfrichar@chromium.org> | 2014-12-03 14:10:13 -0800 |
|---|---|---|
| committer | chrome-internal-fetch <chrome-internal-fetch@google.com> | 2014-12-04 05:08:21 +0000 |
| commit | b406c1064b3a37002b3d4d953a4932628408f25b (patch) | |
| tree | 4856ba249a1ef333b771431d82115aadce99b8fd /tests | |
| parent | 64ef69c48da1cdd227b169accb5f576247cd8a89 (diff) | |
| download | vboot-b406c1064b3a37002b3d4d953a4932628408f25b.tar.gz | |
futility: Don't copy the entire kernel partition just to sign a blob
When re-signing a kernel partition and writing the result into a
new file, make sure we only emit the vblock and kernel blob
instead of creating a new file that's the size of the entire
partition.
Also add a test for that.
BUG=chromium:418647
BRANCH=none
TEST=make runtests
Signed-off-by: Bill Richardson <wfrichar@chromium.org>
Change-Id: I2c42aec6816e7e7abbeed360089c9b51fdcfe786
Reviewed-on: https://chromium-review.googlesource.com/233039
Reviewed-by: Randall Spangler <rspangler@chromium.org>
Diffstat (limited to 'tests')
| -rwxr-xr-x | tests/futility/test_sign_kernel.sh | 23 |
1 files changed, 23 insertions, 0 deletions
diff --git a/tests/futility/test_sign_kernel.sh b/tests/futility/test_sign_kernel.sh index ebc50fc9..73da5ddb 100755 --- a/tests/futility/test_sign_kernel.sh +++ b/tests/futility/test_sign_kernel.sh @@ -271,6 +271,29 @@ try_arch () { # The rest of the partition should be unchanged. cmp -i ${blobsize} ${TMP}.part1.${arch} ${TMP}.part6.${arch}.new1 + # repack it the new way, from input to output + cp ${TMP}.part1.${arch} ${TMP}.part1.${arch}.in + ${FUTILITY} sign --debug \ + --signprivate ${DEVKEYS}/kernel_data_key.vbprivk \ + --keyblock ${DEVKEYS}/kernel.keyblock \ + --version 2 \ + --pad ${padding} \ + --config ${TMP}.config2.txt \ + --bootloader ${TMP}.bootloader2.bin \ + ${TMP}.part1.${arch}.in \ + ${TMP}.part6.${arch}.new2 + + ${FUTILITY} vbutil_kernel --verify ${TMP}.part6.${arch}.new2 \ + --pad ${padding} \ + --signpubkey ${DEVKEYS}/kernel_subkey.vbpubk > ${TMP}.verify6.new2 + + # The input file should not have changed (just being sure). + cmp ${TMP}.part1.${arch} ${TMP}.part1.${arch}.in + # The verification should be indentical + diff ${TMP}.verify6.old ${TMP}.verify6.new2 + # And creating a new output file should only emit a blob's worth + cmp ${TMP}.part6.${arch} ${TMP}.part6.${arch}.new2 + # Note: We specifically do not test repacking with a different --kloadaddr, # because the old way has a bug and does not update params->cmd_line_ptr to # point at the new on-disk location. Apparently (and not surprisingly), no |