Need to build a recovery image

[Igor]

I've tried to build the recovery image from locally built image, following the commands from here:

https://www.chromium.org/chromium-os/developer-guide

The chapter "Creating a recovery image that has been modified for test".

And it seems to work, the image is built and I cros it on flash, but when inserting the flash in the device that is asking for recovery image I get the message that the flash doesn't contain a Chrome OS image.

When using the recovery image from goldeneye it works though. I tried this on a glimmer device.

Would appreciate some help.

[Vincent Palatin]

The recovery image is not signed with the same key as your device (ie your local one is dev-signed, the goldeneye one is MP-signed).

One option is to boot your-signed-with-another-key recovery image with 'crossystem dev_boot_usb=1' then using ctrl+U,

this other option is to flash a dev-signed firmware on your Glimmer device.

-- 

Vincent

[Igor]

Thanks Vincent,

I've tried what I understood from the second option

Build the dev image:

./build_image --board=${BOARD} --noenable_rootfs_verification dev

./image_to_vm.sh --from=../build/images/glimmer/R57-9054.0.2016_12_07_1335-a1 --board=glimmer

Write the image on flash:

cros flash usb:// /mnt/host/source/src/build/images/glimmer/R57-9054.0.2016_12_07_1335-a1/chromiumos_image.bin

Build the recovery image

./mod_image_for_recovery.sh --board=${BOARD} --nominimize_image --image /mnt/host/source/src/build/images/glimmer/R57-9054.0.2016_12_07_1335-a1/chromiumos_image.bin --to /mnt/host/source/src/build/images/glimmer/R57-9054.0.2016_12_07_1335-a1/recovery_image.bin

Boot the device (that is enabled to usb_boot) from flash and chromeos-install the image.

Reboot the device and powerwash it.

Device is asking for recovery flash.

Write the recovery image on flash:

cros flash usb:// /mnt/host/source/src/build/images/glimmer/R57-9054.0.2016_12_07_1335-a1/recovery_image.bin

Put the flash, and get the same result - not a Chrome OS image.

Still no clue how I could make it work:-/

[Vincent Palatin]

Nowhere in this process, you are re-flashing the firmware. So you still have the MP-signed one (hence the result).

 

Still no clue how I could make it work:-/

To be clear, this was my *second* option because it's annoying to do ... and has a few traps.

So to re-flash your firmware, you need to remove the physical Write-Protection screw.

Then run "chromeos-firmware --mode=factory" from your dev build, you flash the dev-signed version of the usual firmware.

[then realize that some rollback protection mechanisms are triggered and you wish you didn't embark in such a journey]

[Mike Frysinger]

to reiterate what Vincent said, that screen that says "not a cros image" is purely checking the keys used to sign. if they don't match the keys used in the device, then it fails. there is no other format checking going on (more or less).

-mike

--
--
Chromium OS Developers mailing list: chromiu...@chromium.org
View archives, change email options, or unsubscribe:
http://groups.google.com/a/chromium.org/group/chromium-os-dev?hl=en

[Daniel Erat]

Would it be possible (maybe just on future hardware) to be clearer about the actual cause of not being able to boot the OS?

I'm usually confused on the rare occasion when I receive new hardware and can't boot my own images with Ctrl-U... until I remember that I need to run "chromeos-firmwareupdate --mode todev". If we displayed a message describing the problem (and how to fix it, if we don't expect that to change, or the URL of a page with instructions otherwise), it'd improve the experience for clueless-about-firmware developers like me.

I'll file a feature request if this seems like a reasonable idea.

[Igor]

Thanks everyone. The first option from Vincent worked. I agree with Dan, and probably it also makes sense to update the developer guide page to cover this case.

[Mike Frysinger]

i think there's room for massaging slightly, but we have to keep in mind that we are not the target market :)

does the "tab" key show details at this screen ?  i know the initial scary warning screen you can hit tab and it includes technical details.

-mike

[Bill Richardson]

Any BIOS screen should respond to TAB.

Art for Art's Sake

Engineering for Money

[Mattias Nissler]

IMHO, anyone who makes non-trivial changes to the recovery image should test on a dev-keyed device. There are subtle differences between a true recovery boot and USB-booting a recovery image.

As a bonus, dev-keyed devices also streamline other development use cases (booting a dev test image in verified mode, skipping now transition details to name two items I found particularly useful). One drawback is that official images only work in dev mode, but that hasn't restricted me in practice. 

Igor, if you decide to rekey your device and hit any walls, feel free to point me and I'll try to help. 

[Mike Frysinger]

what differences? all the business logic is in the recovery kernel, and it doesn't care what mode it's booted in.

-mike

[Mattias Nissler]

One difference I'm aware of is that we boot with TPM physical presence available during recovery, but not during USB boot. This results in differences e.g. here: https://chromium.googlesource.com/chromiumos/platform/initramfs/+/master/recovery/recovery_init.sh#338 (interestingly, there's a comment that suggests we might want to fail if physical presence isn't available). Anyhow, the implication is that the TPM reset behavior you get via recovery mode is different from USB boot.

--

Mattias Nissler | Software Engineer | mnis...@google.com

Google Germany GmbH

ABC-Str. 19

20345 Hamburg

Geschäftsführer: Matthew Scott Sucherman, Paul Terence Manicle

Registergericht und -nummer: Hamburg, HRB 86891

[Vadim Bendebury]

Just for the record, let's not mix up recovery mode boot and USB boot. While recovery mode boot always happens from a USB device, dev mode boot can also happen from either USB device of from permanent storage.

TPM remains unlocked only in recovery mode.

--vb

[Igor]

 

To be clear, this was my *second* option because it's annoying to do ... and has a few traps.

So to re-flash your firmware, you need to remove the physical Write-Protection screw.

Then run "chromeos-firmware --mode=factory" from your dev build, you flash the dev-signed version of the usual firmware.

[then realize that some rollback protection mechanisms are triggered and you wish you didn't embark in such a journey]

Now I've tried to make the second option, to check that I get the same behavior.

I took a chromebook with WP disabled and deployed a dev image on it.

Now looking to run  "chromeos-firmware --mode=factory", there's no such command there.

I tried looking at such a command in device console, and also on my machine where I build the image. The closest related

thing I've found is cros_write_firmware on my machine.

What do I miss here?

[Vincent Palatin]

I meant '/usr/sbin/chromeos-firmwareupdate --mode=factory'

My previous command has a typo ...