-
-
Save carletes/4674386 to your computer and use it in GitHub Desktop.
#!/bin/bash | |
set -x | |
# | |
# Grab verified boot utilities from ChromeOS. | |
# | |
mkdir -p /usr/share/vboot | |
mount -o ro /dev/sda3 /mnt | |
cp /mnt/usr/bin/vbutil_* /usr/bin | |
cp /mnt/usr/bin/dump_kernel_config /usr/bin | |
rsync -avz /mnt/usr/share/vboot/ /usr/share/vboot/ | |
umount /mnt | |
# | |
# On the Acer C7, ChromeOS is 32-bit, so the verified boot binaries need a | |
# few 32-bit shared libraries to run under ChrUbuntu, which is 64-bit. | |
# | |
apt-get install libc6:i386 libssl1.0.0:i386 | |
# | |
# Fetch ChromeOS kernel sources from the Git repo. | |
# | |
apt-get install git-core | |
cd /usr/src | |
git clone https://git.chromium.org/git/chromiumos/third_party/kernel.git | |
cd kernel | |
git checkout origin/chromeos-3.4 | |
# | |
# Configure the kernel | |
# | |
# First we patch ``base.config`` to set ``CONFIG_SECURITY_CHROMIUMOS`` | |
# to ``n`` ... | |
cp ./chromeos/config/base.config ./chromeos/config/base.config.orig | |
sed -e \ | |
's/CONFIG_SECURITY_CHROMIUMOS=y/CONFIG_SECURITY_CHROMIUMOS=n/' \ | |
./chromeos/config/base.config.orig > ./chromeos/config/base.config | |
./chromeos/scripts/prepareconfig chromeos-intel-pineview | |
# | |
# ... and then we proceed as per Olaf's instructions | |
# | |
yes "" | make oldconfig | |
# | |
# Build the Ubuntu kernel packages | |
# | |
apt-get install kernel-package | |
make-kpkg kernel_image kernel_headers | |
# | |
# Backup current kernel and kernel modules | |
# | |
tstamp=$(date +%Y-%m-%d-%H%M) | |
dd if=/dev/sda6 of=/kernel-backup-$tstamp | |
cp -Rp /lib/modules/3.4.0 /lib/modules/3.4.0-backup-$tstamp | |
# | |
# Install kernel image and modules from the Ubuntu kernel packages we | |
# just created. | |
# | |
dpkg -i /usr/src/linux-*.deb | |
# | |
# Extract old kernel config | |
# | |
vbutil_kernel --verify /dev/sda6 --verbose | tail -1 > /config-$tstamp-orig.txt | |
# | |
# Add ``disablevmx=off`` to the command line, so that VMX is enabled (for VirtualBox & Co) | |
# | |
sed -e 's/$/ disablevmx=off/' \ | |
/config-$tstamp-orig.txt > /config-$tstamp.txt | |
# | |
# Wrap the new kernel with the verified block and with the new config. | |
# | |
vbutil_kernel --pack /newkernel \ | |
--keyblock /usr/share/vboot/devkeys/kernel.keyblock \ | |
--version 1 \ | |
--signprivate /usr/share/vboot/devkeys/kernel_data_key.vbprivk \ | |
--config=/config-$tstamp.txt \ | |
--vmlinuz /boot/vmlinuz-3.4.0 \ | |
--arch x86_64 | |
# | |
# Make sure the new kernel verifies OK. | |
# | |
vbutil_kernel --verify /newkernel | |
# | |
# Copy the new kernel to the KERN-C partition. | |
# | |
dd if=/newkernel of=/dev/sda6 |
There is an error towards the very end.
vbutil_kernel --pack /newkernel
--keyblock /usr/share/vboot/devkeys/kernel.keyblock
--version 1
--signprivate /usr/share/vboot/devkeys/kernel_data_key.vbprivk
--config=/config-$tstamp.txt
--vmlinuz /boot/vmlinuz-3.8.0
--arch x86_64
--vmlinuz /boot/vmlinuz-3.8.0 \ should be --vmlinuz /boot/vmlinuz-3.8.11 \
Why clone the who repo?
git clone --depth 1 -b chromeos-3.4 https://git.chromium.org/git/chromiumos/third_party/kernel.git
vbutil_kernel
of the Chromebook version I am using (3.10.18) requires a --bootloader
option, however official documentation is not clear about what to give to this parameter. Any tip?
echo blah > dummy.txt
vbutil_kernel --pack kernelpart.bin
--keyblock /usr/share/vboot/devkeys/kernel.keyblock
--signprivate /usr/share/vboot/devkeys/kernel_data_key.vbprivk
--version 1
--vmlinuz ${MY_BINARY}
--bootloader dummy.txt
--config dummy.txt
--arch arm
KPART=$(pwd)/kernelpart.bin
When I run this script I get these errors. Any suggestions?