Google Git
Sign in
cos / mirrors / cros / chromiumos / platform2 / refs/heads/factory-gru-9017.B^! / .
commit75943e128ecf30cc31e7680064517b43772a3d55[log] [tgz]
authorMichaelHou <michael_hou@asus.corp-partner.google.com>Fri Mar 15 12:40:02 2019 +0800
committerChromeOS Commit Bot <chromeos-commit-bot@chromium.org>Fri Mar 15 19:17:19 2019 +0000
tree6713a7ea5cd6a3c8a8f51529c9f11e6b238298f8
parent20360639619a50a9adbcc4a6704d38f9e408b2d8 [diff]
init: chromeos_start should ignore to check block_devmode if in recovery
mode.

When block_devmode is enabled, there is no way to boot into dev mode except
for debug build. This affects the RMA shim as well which should be run by
RMA center. Since recovery mode only allowed to boot signed images, to release
the check of block_devmode in signed rootfs would be safe.

BUG=chrome-os-partner:62890, b:35586038
TEST=1. set block_devmode to 1.
     2. check RMA shim can boot successfully in dev + recovery modes.
     3. check normal image will still be blocked in dev mode.

Change-Id: Ia0e5ceff1761d16c1ae78c6cd3e84b6a2ecef5f0
Reviewed-on: https://chromium-review.googlesource.com/442966
Commit-Ready: Marco Chen <marcochen@chromium.org>
Tested-by: Marco Chen <marcochen@chromium.org>
Reviewed-by: Hung-Te Lin <hungte@chromium.org>
Reviewed-by: Randall Spangler <rspangler@chromium.org>
(cherry picked from commit fdb7d2cacba177c63a19fd93467297501a4632a9)
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform2/+/1524782
Reviewed-by: Michael Hou <michael_hou@asus.corp-partner.google.com>
Reviewed-by: Philip Chen <philipchen@chromium.org>
Commit-Queue: Michael Hou <michael_hou@asus.corp-partner.google.com>
Tested-by: Michael Hou <michael_hou@asus.corp-partner.google.com>

diff --git a/init/chromeos_startup b/init/chromeos_startup
index 8c47673..ea5fa95 100755
--- a/init/chromeos_startup
+++ b/init/chromeos_startup

@@ -138,14 +138,18 @@
 # This file indicates a blocked developer mode transition attempt has occurred.
 BLOCKED_DEV_MODE_FILE="/mnt/stateful_partition/.blocked_dev_mode"
 
-# Check whether the device is allowed to boot in dev mode. If a debug
-# build is already installed on the system, ignore block_devmode. It
-# is pointless in this case, as the device is already in a state where
-# the local user has full control.
+# Check whether the device is allowed to boot in dev mode.
+# 1. If a debug build is already installed on the system, ignore block_devmode.
+#    It is pointless in this case, as the device is already in a state where the
+#    local user has full control.
+# 2. According to recovery mode only boot with signed images, the block_devmode
+#    could be ignored here -- otherwise factory shim will be blocked expecially
+#    that RMA center can't reset this device.
 #
 # The up-front CROS_DEBUG check avoids forking a crossystem process in verified
 # mode, thus keeping the check as lightweight as possible for normal boot.
-if [ $CROS_DEBUG -eq 1 ] && crossystem "devsw_boot?1" "debug_build?0"; then
+if [ $CROS_DEBUG -eq 1 ] && \
+   crossystem "devsw_boot?1" "debug_build?0" "recovery_reason?0"; then
   # Checks ordered by run time: First try reading VPD through sysfs.
   VPD_BLOCK_DEVMODE_FILE=/sys/firmware/vpd/rw/block_devmode
   if [ -f "${VPD_BLOCK_DEVMODE_FILE}" ] &&