1 #!/bin/bash 2 3 # Copyright (c) 2010 The Chromium OS Authors. All rights reserved. 4 # Use of this source code is governed by a BSD-style license that can be 5 # found in the LICENSE file. 6 7 # Script that just takes in a kernel partition and outputs a new vblock 8 # signed with the specific keys. For use on signing servers. 9 10 # vbutil_kernel must be in the system path. 11 12 SCRIPT_DIR=$(dirname $0) 13 14 # Abort on error 15 set -e 16 17 # Check arguments 18 if [ $# -lt 4 ] || [ $# -gt 5 ]; then 19 echo "usage: $0 src_kpart dst_vblock kernel_datakey kernel_keyblock [version]" 20 exit 1 21 fi 22 23 # Make sure the tools we need are available. 24 type -P vbutil_kernel &>/dev/null || \ 25 ( echo "vbutil_kernel tool not found."; exit 1; ) 26 27 SRC_KPART=$1 28 DST_VBLOCK=$2 29 KERNEL_DATAKEY=$3 30 KERNEL_KEYBLOCK=$4 31 VERSION=$5 32 33 if [ -z $VERSION ]; then 34 VERSION=1 35 fi 36 echo "Using kernel version: $VERSION" 37 38 vbutil_kernel --repack "${DST_VBLOCK}" \ 39 --vblockonly \ 40 --keyblock "${KERNEL_KEYBLOCK}" \ 41 --signprivate "${KERNEL_DATAKEY}" \ 42 --version "${VERSION}" \ 43 --oldblob "${SRC_KPART}" 44 45 echo "New kernel vblock was output to ${DST_VBLOCK}" 46 47
