From 1493e938e45535f86b7132a83123c6319eacb217 Mon Sep 17 00:00:00 2001
From: Edward Hyunkoo Jee <edjee@google.com>
Date: Wed, 4 Apr 2018 01:33:10 -0700
Subject: image_signing: sign UEFI binaries

BUG=b:62189155
TEST=See CL:*601769
BRANCH=none

Change-Id: Id9569616bae0d5f44c1c96e18522ace244a5aae8
Reviewed-on: https://chromium-review.googlesource.com/995175
Commit-Ready: Edward Jee <edjee@google.com>
Tested-by: Edward Jee <edjee@google.com>
Reviewed-by: Jason Clinton <jclinton@chromium.org>
---
 scripts/image_signing/common_minimal.sh | 27 +++++++++++++++++++++++++++
 1 file changed, 27 insertions(+)

(limited to 'scripts/image_signing/common_minimal.sh')

diff --git a/scripts/image_signing/common_minimal.sh b/scripts/image_signing/common_minimal.sh
index 43dfd109..d7ecc10e 100644
--- a/scripts/image_signing/common_minimal.sh
+++ b/scripts/image_signing/common_minimal.sh
@@ -252,6 +252,33 @@ mount_image_partition() {
   fi
 }
 
+# Mount the image's ESP (EFI System Partition) on a newly created temporary
+# directory.
+# Prints out the newly created temporary directory path if succeeded, prints
+# out nothing if ESP doesn't exist, print out "MOUNT_FAILED" if mount failed.
+# Args: IMAGE ESP_PARTNUM
+mount_image_esp() {
+  local image="$1"
+  local ESP_PARTNUM=12
+
+  local esp_offset=$(( $(partoffset "${image}" "${ESP_PARTNUM}") ))
+  # Check if the image has an ESP partition.
+  if [[ "${esp_offset}" == "0" ]]; then
+    return
+  fi
+
+  local esp_dir="$(make_temp_dir)"
+  # We use the 'unsafe' variant because the EFI system partition is vfat type
+  # and can be mounted in RW mode.
+  if ! $(_mount_image_partition_retry "${image}" "${ESP_PARTNUM}" \
+                                      "${esp_dir}" > /dev/null); then
+    echo "MOUNT_FAILED"
+    return
+  fi
+
+  echo "${esp_dir}"
+}
+
 # Extract a partition to a file
 # Args: IMAGE PARTNUM OUTPUTFILE
 extract_image_partition() {
-- 
cgit v1.2.1