Add security_patch avb property for android_filesystem
If android_filesystem module is used with use_avb, defined
security_patch for the rollback protection.
Bug: 285855436
Test: m
Test: avbtool info_image --image <IMAGE>
Change-Id: I32c6108bb1aca398ced5e46b615d937685e261a7
diff --git a/filesystem/filesystem.go b/filesystem/filesystem.go
index f2efd46..3d49114 100644
--- a/filesystem/filesystem.go
+++ b/filesystem/filesystem.go
@@ -350,13 +350,16 @@
addStr("avb_algorithm", algorithm)
key := android.PathForModuleSrc(ctx, proptools.String(f.properties.Avb_private_key))
addPath("avb_key_path", key)
+ partitionName := proptools.StringDefault(f.properties.Partition_name, f.Name())
+ addStr("partition_name", partitionName)
avb_add_hashtree_footer_args := "--do_not_generate_fec"
if hashAlgorithm := proptools.String(f.properties.Avb_hash_algorithm); hashAlgorithm != "" {
avb_add_hashtree_footer_args += " --hash_algorithm " + hashAlgorithm
}
+ securityPatchKey := "com.android.build." + partitionName + ".security_patch"
+ securityPatchValue := ctx.Config().PlatformSecurityPatch()
+ avb_add_hashtree_footer_args += " --prop " + securityPatchKey + ":" + securityPatchValue
addStr("avb_add_hashtree_footer_args", avb_add_hashtree_footer_args)
- partitionName := proptools.StringDefault(f.properties.Partition_name, f.Name())
- addStr("partition_name", partitionName)
addStr("avb_salt", f.salt())
}