ubuntu-phone team mailing list archive

Thread
Date

Re: Skipping GPG verification in recovery

To: Jani Monoses <jani.monoses@xxxxxxxxxxxxx>
From: Stéphane Graber <stgraber@xxxxxxxxxx>
Date: Tue, 13 May 2014 12:05:40 +0200
Cc: ubuntu-phone <ubuntu-phone@xxxxxxxxxxxxxxxxxxx>
In-reply-to: <CAP8=uG7KiLJGz_fbDGew31FQutOpQNdGFExYN_rUWccbvcD0SA@mail.gmail.com>
User-agent: Mutt/1.5.21 (2010-09-15)

On Tue, May 13, 2014 at 01:02:29PM +0300, Jani Monoses wrote:
> Hello,
> 
> during bringup and development it is helpful to skip image signature
> verification and not worry about setting up GPG keychains. A common way to
> do it is to just add a return 0 to the verify_signature() function to the
> local copy of system-image-upgrader.
> 
> What do you think of this patch to allow this to be toggled by developers
> without having to change the script itself?
> 
> I am writing here and not just sending the change to gerrit as there may be
> people not subscribed to gerrit who may want to share their opinion and
> experiences.
> 
> This should have no effect on OTA upgrades from Ubuntu itself, as /etc/ is
> not writable from there so it cannot be set either accidentally or
> intentionally by users.
> 
> diff --git bootable/recovery/Android.mk bootable/recovery/Android.mk
> index 6c0090f..fa5605b 100644
> --- bootable/recovery/Android.mk
> +++ bootable/recovery/Android.mk
> @@ -113,6 +113,10 @@ $(RECOVERY_SYMLINKS): $(LOCAL_INSTALLED_MODULE)
>   @mkdir -p $(dir $@)
>   @rm -rf $@
>   $(hide) ln -sf $(RECOVERY_BINARY) $@
> +ifeq ($(TARGET_RECOVERY_SKIP_GPG_VERIFICATION), true)
> + @touch $(TARGET_RECOVERY_ROOT_OUT)/etc/system-image/skip-gpg-verification
> +endif
> +
> 
>  ALL_DEFAULT_INSTALLED_MODULES += $(RECOVERY_SYMLINKS)
> 
> diff --git bootable/recovery/system-image-upgrader
> bootable/recovery/system-image-upgrader
> index be02fb3..f473a36
> --- bootable/recovery/system-image-upgrader
> +++ bootable/recovery/system-image-upgrader
> @@ -14,6 +14,11 @@ echo "Starting image upgrader: $(date)"
> 
>  # Functions
>  verify_signature() {
> +    if [ -e /etc/system-image/skip-gpg-verification ];then
> +         return 0
> +    fi
>      # $1 => validation keyring name
>      # $2 => path to validate
> 
> The state could be toggled at build time by having this line in
> BoardConfig.mk
> 
> TARGET_RECOVERY_SKIP_GPG_VERIFICATION := true
> 
> or per-deployment by adb shell
> touch /etc/system-image/skip-gpg-verification and running
> system-image-upgrader when doing an update from recovery using
> ubuntu-device-flash or a custom script.
> 
> thanks
> Jani

That should be fine.

-- 
Stéphane Graber
Ubuntu developer
http://www.ubuntu.com

Attachment: signature.asc
Description: Digital signature

References

Skipping GPG verification in recovery
From: Jani Monoses, 2014-05-13