Document a kernel command line security requirement.
If we add a kernel command line parameter (commonly done in
modify_kernel_command_line() of a board specific build_kernel.sh script),
the commit queue accepts the change, but the canary build cab break when
the signer test detects an unfamiliar (and possibly insecure) parameter.
BUG=none
TEST=none, inline comment only
Change-Id: I7ea25b73a791a24af7739d7cc5860cd168c964a4
Reviewed-on: https://chromium-review.googlesource.com/286893
Tested-by: Bryan Freed <bfreed@google.com>
Reviewed-by: Mike Frysinger <vapier@chromium.org>
Commit-Queue: Bryan Freed <bfreed@google.com>
diff --git a/build_kernel_image.sh b/build_kernel_image.sh
index ff43262..5b52039 100755
--- a/build_kernel_image.sh
+++ b/build_kernel_image.sh
@@ -100,6 +100,13 @@
# Munge the kernel command line.
# Intended to be overridden by boards that wish to add to the command line.
# $1 - Configuration file containing boot args.
+#
+# All kernel command line changes must update the security base lines in
+# the signer. It rejects any settings it does not recognize and breaks the
+# build. So any modify_kernel_command_line() function change here or in a
+# board specific build_kernel_image.sh needs to be reflected in
+# ensure_secure_kernelparams.config.
+# See https://chrome-internal-review.googlesource.com/#/c/216896 as an example.
modify_kernel_command_line() {
:
}