Currently the output of build_image signs the kernel partition with the recovery keys on the final image. This script allows us to replace the kernel vblock and resign the kernel with the right set of keys (for example, using the normal boot path kernel keys, or the keys for factory install, etc.)
BUG=4623
TEST=Tested by running the script on one of the latest builbot images (801) and resigning with test kernel keys. The resulting image was dd-ed off to an SSD and was succesfully able to boot on one of our dev systems with our custom firmware with both dev mode and recovery mode turned off.
To test (can do outside chroot):
1) Download the latest image from the buildbot (I used build 801)
2) Run script with the following arguments and paths adjusted below
resign_image
--from /path/to/chromiumos_image.bin \
--datakey /path/to/vboot_reference/tests/devkeys/kernel_data_key.vbprivk \
--keyblock /path/to/vboot_reference/tests/devkeys/kernel.keyblock \
--vsubkey /path/to/vboot_reference/tests/devkeys/kernel_subkey.vbpubk \
--vbutil_dir /path/to/vbutil/binaries
--to image.out
This re-signs the image with the normal test keys (instead of recovery as done by build_image)
3) Copy the image to an SSD drive
dd if=image.out of=/dev/ssd [replace with the correct device]
4) Boot with the latest custom firmware in normal mode (recovery and dev mode turned off).
5) Profit!
Review URL: http://codereview.chromium.org/2938004
* This fixes the issue, where cros-workon packages have a package.mask set
to prevent upstream ebuilds from rolling in. In general, it brings out the
cavalry for unmasking the live package in every possible way.
Review URL: http://codereview.chromium.org/2934007
Adds the --install_syslinux to the update_bootloaders call for x86.
BUG=chromium-os:2693
TEST=build_image with both tegra2 and x86-generic in progress. Doesn't affect actual booting until we change the active gpt boot partition.
Review URL: http://codereview.chromium.org/2911003
This change removes svn repos which have had their ebuild modified
to use the subversion eclass. This repos have already been removed
from the DEPS file.
Change-Id: I290d0bc6e401511abb7d637d83fe2d6961851aa9
Review URL: http://codereview.chromium.org/2899013
The use_vboot and vboot_ flags were confusing from a functionality perspective
since verified boot as a feature encompasses firmware and kernel functionality.
The firmware bits are always enabled, but use_vboot enabled the image-integrity
portion of vboot. It is not called
--enable_rootfs_verification
and all options for the kernel functionality is under --verity_* given that
verity/dm-verity is the current working name for the module and userspace tool.
TEST=ran x86-generic build_image & tegra2-dev-board build_image and checked the resulting boot.config files (with and without --enable_rootfs_verification).
BUG=chromium-os:2693
Review URL: http://codereview.chromium.org/2917008
parallel_emerge prints a message every 30 seconds now so that buildbot doesn't
kill us early. Per discussion with cmasone, reverting the revert.
This reverts commit debaa3d8cf.
This reverts commit f0fb864e8d.
This change needs to be reverted because it suppresses logging output
from the build process. Thus, when something goes wrong...the
sherriff is left completely helpless in terms of debugging the issue.
TBR: davidjames@chromium.org
Also update eretry to not pass in $EMERGE_JOBS anymore, in coordination with my previous change, which passed it in directly instead of depending on eretry to do so: http://codereview.chromium.org/2944004/show
TEST=Ran build_image --jobs 2 and build_packages --jobs 2
BUG=none
Review URL: http://codereview.chromium.org/2914004
- Add support for --jobs flag.
- Add support for --depclean with no arguments.
- Cleanup comments.
- Print out error details the first time a package fails.
TEST=Ran full build_packages --fast
BUG=none
Review URL: http://codereview.chromium.org/2853031
The mask is set only if it's not set already. Also, it picks up the default
install mask from common.sh.
BUG=none
TEST=gmerged chromeos-chrome with PKG_INSTALL_MASK set/unset.
Review URL: http://codereview.chromium.org/2907005
This is useful to understand why packages may be different between say, x86 and arm.
Use cros_extract_deps to extract the dependency graph for each, then:
cros_deps_diff -o path/to/output x86-generic.deps arm-generic.deps
Review URL: http://codereview.chromium.org/2870042
Right now, the created arm.mbr is the size of the ESP
partition. It should be truncated though to just the mbr size.
In addition, dm= doesnt do anything on arm yet so replacing use with a todo and adding a check if it isn't there.
TEST=manually ran
BUG=none
TBR=fes
This should fix the bad parsing and the failed archiving.
EMphasis on should. I'll keep monitoring.
TEST=in progress
BUG=none
Review URL: http://codereview.chromium.org/2812044
This change adds make_image_bootable which combines the
prior changes to make ARM, x86-legacy, x86-efi, and x86-fw
share kernel commandlines (where possible) and not rely on
keeping data stored on the rootfs to do so.
It does not enable a cut over to syslinux yet, though.
TEST=manually built image and tested boot and install (in progress)
BUG=chromium-os:327
Review URL: http://codereview.chromium.org/2834038
Adds two helpers that are not used yet. They will be
used in the next CL to unify the bootloaders in use
in build_image.
TEST=used in the next CL but otherwise not called.
BUG=chromium-os:327
Review URL: http://codereview.chromium.org/2829039
This change unifies the creation of extlinux.conf,
syslinux cfgs, and grub efi files. It shouldn't change the
existing behavior but does add support for further arguments
and future use of syslinux (once it is properly rewritten by
an installer or other script).
TEST=in progress; manual run
BUG=chromium-os:327
Review URL: http://codereview.chromium.org/2829038
Adds rootfs image hashing to the build. If it is hashed
even if the default boot device is not dm-0, the baseline
rootfs integrity information will be included (though
device setup will fail in the logs during boot).
TEST=manually ran without enabling vboot support.
BUG=chromium-os:327
Review URL: http://codereview.chromium.org/2808043
Missing check during mkdir causes failure with -e empty.
The tree broke prior to this commit, but this will break the dev
build so bypassing hooks. sorry.
TEST=reran build_image
BUG=none
TBR=adlr
Adds support for mounting the esp image.
In the future, all legacy boot loaders will live on
the ESP partition (#12) to avoid modifying the rootfs
partition with bootloader changes in the configuration or
preamble. This is needed.
TEST=manually reran mount_gpt_image.sh users.
BUG=chromium-os:327
Review URL: http://codereview.chromium.org/2811042
- Unmerge appropriate packages during upgrades and downgrades.
- Calculate time spent in dependency generation to the tenth of a second.
- Only track dependencies of packages that are actually being installed.
- Ignore PDEPEND, as it has no impact on dependency ordering.
- Only break dependency chains that go against Portage's install order.
- Rename Failed -> Retrying.
- Print emerge command lines as they are run.
TEST=Emerged hard-host-depends and ran build_packages with parallel_emerge
BUG=none
Review URL: http://codereview.chromium.org/2886010
power_LoadTest will use this symlink to load a test extension at login.
BUG=None
TEST=power_LoadTest
Signed-off-by: Benson Leung <bleung@chromium.org>
Review URL: http://codereview.chromium.org/2877007
Include checked in parallel emerge,
with an optional (default false) argument
in build_image to turn it on.
Review URL: http://codereview.chromium.org/2827037
The current autotest ebuild cros_workon change takes more time than I expected, so I had to roll back this change to enforce autotest prebuild on buildbot.
As of now, the prebuild autotest tarball has no binaries produced within it.
Review URL: http://codereview.chromium.org/2881007
