This change can land once the kernel support for dm device waiting and
the chromeos-installer changes land and their ebuilds are rev'd.
TEST=build_image --enable_rootfs_verification; booted to a verified image!
BUG=chromium-os:2963
Change-Id: Ia68f90a59ab1360da01d5f422c16178af16cbaeb
Review URL: http://codereview.chromium.org/3013028
This change adds
- --rootfs_hash_pad to specify the MBs reserved for the pad
- the implementation of the above flag
- check if total fs size + pad size exceeds the partition size
- hash appending in make_image_bootable()
Fixes:
- a style for ROOT_FS_HASH usage
- bad mount|grep
- bad bash subst for root devices in all boot paths
- fixed a typo in the update_bootloaders table creation
- disables verified usb for now
Adding the padding argument ensures that the generated hash tree for the root filesystem is appended to the image. Assuming the rootfs is _never_ mounted read-write
again, that hash tree will be valid and vboot will be able to proceed.
BUG=chromium-os:2693
TEST=manual build_image
Review URL: http://codereview.chromium.org/3043011
Change-Id: I67d9b0f91cacdefa309c0cc2dd7fed1d2eddd7a7
The use_vboot and vboot_ flags were confusing from a functionality perspective
since verified boot as a feature encompasses firmware and kernel functionality.
The firmware bits are always enabled, but use_vboot enabled the image-integrity
portion of vboot. It is not called
--enable_rootfs_verification
and all options for the kernel functionality is under --verity_* given that
verity/dm-verity is the current working name for the module and userspace tool.
TEST=ran x86-generic build_image & tegra2-dev-board build_image and checked the resulting boot.config files (with and without --enable_rootfs_verification).
BUG=chromium-os:2693
Review URL: http://codereview.chromium.org/2917008
This change unifies the creation of extlinux.conf,
syslinux cfgs, and grub efi files. It shouldn't change the
existing behavior but does add support for further arguments
and future use of syslinux (once it is properly rewritten by
an installer or other script).
TEST=in progress; manual run
BUG=chromium-os:327
Review URL: http://codereview.chromium.org/2829038
