BUTTERFLY-FACTORY: Added handling of regex for dm params.
To handle a more diverse set of configurations, added
processing of regular expressions for the dm params.
BUG=chrome-os-partner:16370
TEST=none
BRANCH=Butterfly
Change-Id: I43723448c09b0b68e53d05a176dba07cd3bfb200
Original-Change-Id: I4d9e610586cc9f63d55397e60462600ed9b9651f
Reviewed-on: https://gerrit.chromium.org/gerrit/38202
Reviewed-by: Mike Frysinger <vapier@chromium.org>
Commit-Ready: Paul Taysom <taysom@chromium.org>
Tested-by: Paul Taysom <taysom@chromium.org>
Reviewed-on: https://gerrit.chromium.org/gerrit/38694
Tested-by: Shawn Nematbakhsh <shawnn@google.com>
diff --git a/scripts/image_signing/ensure_secure_kernelparams.sh b/scripts/image_signing/ensure_secure_kernelparams.sh
index e0e49b9..e09e6dd 100755
--- a/scripts/image_signing/ensure_secure_kernelparams.sh
+++ b/scripts/image_signing/ensure_secure_kernelparams.sh
@@ -67,6 +67,10 @@
local image="$1"
+ # A byte that should not appear in the command line to use as a sed
+ # marker when doing regular expression replacements.
+ local M=$'\001'
+
# Default config location: same name/directory as this script,
# with a .config file extension, ie ensure_secure_kernelparams.config.
local configfile="$(dirname "$0")/${0/%.sh/.config}"
@@ -94,6 +98,7 @@
eval "optional_kparams=(\${optional_kparams_$board[@]})"
eval "optional_kparams_regex=(\${optional_kparams_regex_$board[@]})"
eval "required_dmparams=(\"\${required_dmparams_$board[@]}\")"
+ eval "required_dmparams_regex=(\"\${required_dmparams_regex_$board[@]}\")"
output+="required_kparams=(\n"
output+="$(printf "\t'%s'\n" "${required_kparams[@]}")\n)\n"
output+="optional_kparams=(\n"
@@ -102,6 +107,8 @@
output+="$(printf "\t'%s'\n" "${optional_kparams_regex[@]}")\n)\n"
output+="required_dmparams=(\n"
output+="$(printf "\t'%s'\n" "${required_dmparams[@]}")\n)\n"
+ output+="required_dmparams_regex=(\n"
+ output+="$(printf "\t'%s'\n" "${required_dmparams_regex[@]}")\n)\n"
# Divide the dm params from the rest and process seperately.
local kparams=$(dump_kernel_config "$kernelblob")
@@ -115,25 +122,29 @@
mangled_dmparams=$(dmparams_mangle "${dmparams}")
output+="\nmangled_dmparams='${mangled_dmparams}'\n"
# Special-case handling of the dm= param:
+ testfail=1
for expected_dmparams in "${required_dmparams[@]}"; do
# Filter out all dynamic parameters.
- testfail=1
if [ "$mangled_dmparams" = "$expected_dmparams" ]; then
testfail=0
break
fi
done
+ for expected_dmparams in "${required_dmparams_regex[@]}"; do
+ if [[ -z $(echo "${mangled_dmparams}" | \
+ sed "s${M}^${expected_dmparams}\$${M}${M}") ]]; then
+ testfail=0
+ break
+ fi
+ done
+
if [ $testfail -eq 1 ]; then
echo "Kernel dm= parameter does not match any expected values!"
echo "Actual: $dmparams"
echo "Expected: ${required_dmparams[@]}"
fi
- # A byte that should not appear in the command line to use as a sed
- # marker when doing regular expression replacements.
- M=$'\001'
-
# Ensure all other required params are present.
for param in "${required_kparams[@]}"; do
if [[ "$kparams_nodm" != *$param* ]]; then