1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
|
#!/bin/bash
# Copyright 2010 The ChromiumOS Authors
# Use of this source code is governed by a BSD-style license that can be
# found in the LICENSE file.
# Script that just takes in a kernel partition and outputs a new vblock
# signed with the specific keys. For use on signing servers.
# futility must be in the system path.
SCRIPT_DIR=$(dirname $0)
# Abort on error
set -e
# Check arguments
if [ $# -lt 4 ] || [ $# -gt 5 ]; then
echo "usage: $0 src_kpart dst_vblock kernel_datakey kernel_keyblock [version]"
exit 1
fi
# Make sure the tools we need are available.
type -P futility &>/dev/null || \
( echo "futility tool not found."; exit 1; )
SRC_KPART=$1
DST_VBLOCK=$2
KERNEL_DATAKEY=$3
KERNEL_KEYBLOCK=$4
VERSION=$5
if [ -z $VERSION ]; then
VERSION=1
fi
echo "Using kernel version: $VERSION"
futility vbutil_kernel --repack "${DST_VBLOCK}" \
--vblockonly \
--keyblock "${KERNEL_KEYBLOCK}" \
--signprivate "${KERNEL_DATAKEY}" \
--version "${VERSION}" \
--oldblob "${SRC_KPART}"
echo "New kernel vblock was output to ${DST_VBLOCK}"
|
