1#!/bin/bash 2 3# Copyright (c) 2010 The Chromium OS Authors. All rights reserved. 4# Use of this source code is governed by a BSD-style license that can be 5# found in the LICENSE file. 6 7# Script that just takes in a kernel partition and outputs a new vblock 8# signed with the specific keys. For use on signing servers. 9 10# vbutil_kernel must be in the system path. 11 12SCRIPT_DIR=$(dirname $0) 13 14# Abort on error 15set -e 16 17# Check arguments 18if [ $# -lt 4 ] || [ $# -gt 5 ]; then 19 echo "usage: $0 src_kpart dst_vblock kernel_datakey kernel_keyblock [version]" 20 exit 1 21fi 22 23# Make sure the tools we need are available. 24type -P vbutil_kernel &>/dev/null || \ 25 ( echo "vbutil_kernel tool not found."; exit 1; ) 26 27SRC_KPART=$1 28DST_VBLOCK=$2 29KERNEL_DATAKEY=$3 30KERNEL_KEYBLOCK=$4 31VERSION=$5 32 33if [ -z $VERSION ]; then 34 VERSION=1 35fi 36echo "Using kernel version: $VERSION" 37 38vbutil_kernel --repack "${DST_VBLOCK}" \ 39 --vblockonly \ 40 --keyblock "${KERNEL_KEYBLOCK}" \ 41 --signprivate "${KERNEL_DATAKEY}" \ 42 --version "${VERSION}" \ 43 --oldblob "${SRC_KPART}" 44 45echo "New kernel vblock was output to ${DST_VBLOCK}" 46 47