Implement fsverity metadata generator

Using fsverity tool, fsverity metadata for specific artifacts in system
mage can be generated. Users can do that by setting a makefile variable
PRODUCT_SYSTEM_FSVERITY_GENERATE_METADATA to true.

If set to true, the following artifacts will be signed.

- system/framework/*.jar
- system/framework/oat/<arch>/*.{oat,vdex,art}
- system/etc/boot-image.prof
- system/etc/dirty-image-objects

One fsverity metadata container file per one input file will be
generated in system.img, with a suffix ".fsv_meta". e.g. a container
file for "system/framework/foo.jar" will be
"system/framework/foo.jar.fsv_meta".

Bug: 193113311
Test: build with PRODUCT_SYSTEM_FSVERITY_GENERATE_METADATA := true
Change-Id: Ib70d591a72d23286b5debcb05fbad799dfd79b94
diff --git a/tools/releasetools/Android.bp b/tools/releasetools/Android.bp
index 827aaac..4e628cf 100644
--- a/tools/releasetools/Android.bp
+++ b/tools/releasetools/Android.bp
@@ -50,6 +50,7 @@
     ],
     libs: [
         "releasetools_common",
+        "releasetools_fsverity_metadata_generator",
         "releasetools_verity_utils",
     ],
     required: [
@@ -260,6 +261,16 @@
 }
 
 python_library_host {
+    name: "releasetools_fsverity_metadata_generator",
+    srcs: [
+        "fsverity_metadata_generator.py",
+    ],
+    required: [
+        "fsverity",
+    ],
+}
+
+python_library_host {
     name: "releasetools_verity_utils",
     srcs: [
         "verity_utils.py",