mirrors/flatcar-scripts
1
0
Fork 0
mirror of https://github.com/flatcar/scripts.git synced 2025-09-22 22:21:10 +02:00
Code Issues Packages Projects Releases Wiki Activity

Updated verity error_behavior and max_ios defaults to match expected values

Browse Source 
BUG=chromium-os:34696
TEST=Run ensure_secure_kernelparams.sh on an image built with this change

Change-Id: I16a6f5127bdfae958f9cd0d9ce1b0c55a0f68c67
Reviewed-on: https://gerrit.chromium.org/gerrit/33888
Reviewed-by: Mike Frysinger <vapier@chromium.org>
Commit-Ready: Liam McLoughlin <lmcloughlin@chromium.org>
Tested-by: Liam McLoughlin <lmcloughlin@chromium.org>
This commit is contained in:
Liam McLoughlin 2012-09-24 10:37:34 +00:00 committed by Gerrit
parent 080202b5d1
commit e81a23207f
3 changed files with 7 additions and 7 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
bin/cros_make_image_bootable
View File

@ -99,9 +99,9 @@ DEFINE_string rootfs_hash "/tmp/rootfs.hash" \
"Path where the rootfs hash should be stored." "Path where the rootfs hash should be stored."
DEFINE_boolean enable_rootfs_verification ${FLAGS_FALSE} \ DEFINE_boolean enable_rootfs_verification ${FLAGS_FALSE} \
"Default all bootloaders to use kernel-based root fs integrity checking." "Default all bootloaders to use kernel-based root fs integrity checking."
DEFINE_integer verity_error_behavior 2 \ DEFINE_integer verity_error_behavior 3 \
"Kernel verified boot error behavior (0: I/O errors, 1: reboot, 2: nothing)" "Kernel verified boot error behavior (0: I/O errors, 1: reboot, 2: nothing)"
DEFINE_integer verity_max_ios 1024 \ DEFINE_integer verity_max_ios -1 \
"Number of outstanding I/O operations dm-verity caps at." "Number of outstanding I/O operations dm-verity caps at."
DEFINE_string verity_algorithm "sha1" \ DEFINE_string verity_algorithm "sha1" \
"Cryptographic hash algorithm used for kernel vboot." "Cryptographic hash algorithm used for kernel vboot."

4
build_kernel_image.sh
View File

@ -36,9 +36,9 @@ DEFINE_string rootfs_image "" \
"Optional path to the rootfs device or image.(Default: \"\")" "Optional path to the rootfs device or image.(Default: \"\")"
DEFINE_string rootfs_hash "" \ DEFINE_string rootfs_hash "" \
"Optional path to output the rootfs hash to. (Default: \"\")" "Optional path to output the rootfs hash to. (Default: \"\")"
DEFINE_integer verity_error_behavior 2 \ DEFINE_integer verity_error_behavior 3 \
"Verified boot error behavior [0: I/O errors, 1: reboot, 2: nothing] \ "Verified boot error behavior [0: I/O errors, 1: reboot, 2: nothing] \
(Default: 2)" (Default: 3)"
DEFINE_integer verity_max_ios -1 \ DEFINE_integer verity_max_ios -1 \
"Optional number of outstanding I/O operations. (Default: -1)" "Optional number of outstanding I/O operations. (Default: -1)"
DEFINE_string verity_hash_alg "sha1" \ DEFINE_string verity_hash_alg "sha1" \

6
build_library/create_legacy_bootloader_templates.sh
View File

@ -24,10 +24,10 @@ DEFINE_string boot_args "" \
"Additional boot arguments to pass to the commandline (Default: '')" "Additional boot arguments to pass to the commandline (Default: '')"
DEFINE_boolean enable_rootfs_verification ${FLAGS_FALSE} \ DEFINE_boolean enable_rootfs_verification ${FLAGS_FALSE} \
"Controls if verity is used for root filesystem checking (Default: false)" "Controls if verity is used for root filesystem checking (Default: false)"
DEFINE_integer verity_error_behavior 2 \ DEFINE_integer verity_error_behavior 3 \
"Verified boot error behavior [0: I/O errors, 1: reboot, 2: nothing] \ "Verified boot error behavior [0: I/O errors, 1: reboot, 2: nothing] \
(Default: 2)" (Default: 3)"
DEFINE_integer verity_max_ios 1024 \ DEFINE_integer verity_max_ios -1 \
"Optional number of outstanding I/O operations. (Default: 1024)" "Optional number of outstanding I/O operations. (Default: 1024)"
# Parse flags # Parse flags