diff options
author | Daniel Drake <dsd@laptop.org> | 2012-09-10 20:22:55 (GMT) |
---|---|---|
committer | Daniel Drake <dsd@laptop.org> | 2012-09-17 17:22:38 (GMT) |
commit | 9f20418922d04bc6fe30b2aa1fb5daaabddf4101 (patch) | |
tree | 8d05adffc5f285b7514091e29e4c9fd34c966ea2 /modules/signing/preimage.40.sign-os.sh | |
parent | c5cb6551027da10d04f39ed1c04e166cc4878652 (diff) |
Always ship kernel/initramfs in zip files
We now ship the kernel/initramfs in zip files only.
This reduces duplication for when images get signed, and it allows
us to ship a simplified olpc.fth.
This implements the plan here:
http://lists.laptop.org/pipermail/devel/2012-March/034439.html
This didn't work on first attempt because we hit a firmware bug
on XO-1.75 (#12107). Now that we have a fix, and a workaround for
old firmware versions, give this change another spin.
Diffstat (limited to 'modules/signing/preimage.40.sign-os.sh')
-rw-r--r-- | modules/signing/preimage.40.sign-os.sh | 36 |
1 files changed, 15 insertions, 21 deletions
diff --git a/modules/signing/preimage.40.sign-os.sh b/modules/signing/preimage.40.sign-os.sh index 19ddc3b..6756eb6 100644 --- a/modules/signing/preimage.40.sign-os.sh +++ b/modules/signing/preimage.40.sign-os.sh @@ -8,29 +8,23 @@ okey=$(read_config signing okey) bios_crypto=$(read_config signing bios_crypto_path) [ -n "$bios_crypto" -a -d "$bios_crypto" ] || exit 0 -if [ -e "$fsmount/boot/vmlinuz" ]; then - echo "Signing kernel..." - pushd $bios_crypto/build - ./sign-os.sh $okey $fsmount/boot/vmlinuz $fsmount/boot/runos.zip - popd - [ -e $fsmount/boot/actos.zip ] || ln -s runos.zip $fsmount/boot/actos.zip -fi +sign_os() { + local path="$fsmount"/boot/$1.zip + [ -f "$path" ] || return -if [ -e "$fsmount/boot/initrd.img" ]; then - echo "Signing initramfs..." pushd $bios_crypto/build - ./sign-os.sh $okey $fsmount/boot/initrd.img $fsmount/boot/runrd.zip - popd -fi + unzip "$path" + mv data.img tmp.img -if [ -e "$fsmount/boot/actrd.img" ]; then - echo "Signing activation initramfs..." - pushd $bios_crypto/build - $bios_crypto/build/sign-os.sh $okey $fsmount/boot/actrd.img $fsmount/boot/actrd.zip - popd -fi + rm -f $path + ./sign-os.sh $okey tmp.img $path -# If no separate activation initramfs was provided, assume that the regular -# initramfs also handles activation. -[ -e $fsmount/boot/actrd.zip ] || ln -s runrd.zip $fsmount/boot/actrd.zip + rm -f tmp.img + popd +} +echo "Signing initramfs/kernel..." +sign_os runos +sign_os actos +sign_os runrd +sign_os actrd |