AVB and selinux support in partitions
Bug: 297269187
Test: m bazel_sandwich (updated partition_inspector to show selinux contexts, but still haven't figured out how to show avb information)
Change-Id: I6911c2fc75495f9722887925d8609c9a171901c6
diff --git a/android/variable.go b/android/variable.go
index 6af0f18..785004b 100644
--- a/android/variable.go
+++ b/android/variable.go
@@ -512,6 +512,12 @@
ProductBaseFsPath string `json:",omitempty"`
ProductHeadroom string `json:",omitempty"`
ProductVerityPartition string `json:",omitempty"`
+
+ BoardAvbAddHashtreeFooterArgs string `json:",omitempty"`
+ BoardAvbKeyPath string `json:",omitempty"`
+ BoardAvbAlgorithm string `json:",omitempty"`
+ BoardAvbRollbackIndex string `json:",omitempty"`
+ BoardAvbRollbackIndexLocation string `json:",omitempty"`
}
TargetUserimagesUseExt2 bool `json:",omitempty"`
TargetUserimagesUseExt3 bool `json:",omitempty"`
@@ -534,6 +540,8 @@
BoardBuildGkiBootImageWithoutRamdisk bool `json:",omitempty"`
ProductUseDynamicPartitionSize bool `json:",omitempty"`
CopyImagesForTargetFilesZip bool `json:",omitempty"`
+
+ BoardAvbEnable bool `json:",omitempty"`
}
func boolPtr(v bool) *bool {
diff --git a/bp2build/bp2build_product_config.go b/bp2build/bp2build_product_config.go
index 2f9e9cc..2bcf933 100644
--- a/bp2build/bp2build_product_config.go
+++ b/bp2build/bp2build_product_config.go
@@ -326,6 +326,8 @@
result.WriteString(fmt.Sprintf(" --//build/bazel/product_config:manifest_package_name_overrides=%s\n", strings.Join(productVariables.ManifestPackageNameOverrides, ",")))
result.WriteString(fmt.Sprintf(" --//build/bazel/product_config:native_coverage=%t\n", proptools.Bool(productVariables.Native_coverage)))
result.WriteString(fmt.Sprintf(" --//build/bazel/product_config:platform_sdk_final=%t\n", proptools.Bool(productVariables.Platform_sdk_final)))
+ result.WriteString(fmt.Sprintf(" --//build/bazel/product_config:platform_security_patch=%s\n", proptools.String(productVariables.Platform_security_patch)))
+ result.WriteString(fmt.Sprintf(" --//build/bazel/product_config:platform_version_last_stable=%s\n", proptools.String(productVariables.Platform_version_last_stable)))
result.WriteString(fmt.Sprintf(" --//build/bazel/product_config:platform_version_name=%s\n", proptools.String(productVariables.Platform_version_name)))
result.WriteString(fmt.Sprintf(" --//build/bazel/product_config:product_brand=%s\n", productVariables.ProductBrand))
result.WriteString(fmt.Sprintf(" --//build/bazel/product_config:product_manufacturer=%s\n", productVariables.ProductManufacturer))
@@ -467,6 +469,7 @@
func createTargets(productLabelsToVariables map[bazelLabel]*android.ProductVariables, res map[string]BazelTargets) {
createGeneratedAndroidCertificateDirectories(productLabelsToVariables, res)
+ createAvbKeyFilegroups(productLabelsToVariables, res)
for label, variables := range productLabelsToVariables {
createSystemPartition(label, &variables.PartitionVarsForBazelMigrationOnlyDoNotUse, res)
}
@@ -501,10 +504,39 @@
}
}
+func createAvbKeyFilegroups(productLabelsToVariables map[bazelLabel]*android.ProductVariables, targets map[string]BazelTargets) {
+ var allAvbKeys []string
+ for _, productVariables := range productLabelsToVariables {
+ for _, partitionVariables := range productVariables.PartitionVarsForBazelMigrationOnlyDoNotUse.PartitionQualifiedVariables {
+ if partitionVariables.BoardAvbKeyPath != "" {
+ if !android.InList(partitionVariables.BoardAvbKeyPath, allAvbKeys) {
+ allAvbKeys = append(allAvbKeys, partitionVariables.BoardAvbKeyPath)
+ }
+ }
+ }
+ }
+ for _, key := range allAvbKeys {
+ dir := filepath.Dir(key)
+ name := filepath.Base(key)
+ content := fmt.Sprintf(`filegroup(
+ name = "%s_filegroup",
+ srcs = ["%s"],
+ visibility = ["//visibility:public"],
+)`, name, name)
+ targets[dir] = append(targets[dir], BazelTarget{
+ name: name + "_filegroup",
+ packageName: dir,
+ content: content,
+ ruleClass: "filegroup",
+ })
+ }
+}
+
func createSystemPartition(platformLabel bazelLabel, variables *android.PartitionVariables, targets map[string]BazelTargets) {
if !variables.PartitionQualifiedVariables["system"].BuildingImage {
return
}
+ qualifiedVariables := variables.PartitionQualifiedVariables["system"]
imageProps := generateImagePropDictionary(variables, "system")
imageProps["skip_fsck"] = "true"
@@ -517,6 +549,19 @@
properties.WriteRune('\n')
}
+ var extraProperties strings.Builder
+ if variables.BoardAvbEnable {
+ extraProperties.WriteString(" avb_enable = True,\n")
+ extraProperties.WriteString(fmt.Sprintf(" avb_add_hashtree_footer_args = %q,\n", qualifiedVariables.BoardAvbAddHashtreeFooterArgs))
+ keypath := qualifiedVariables.BoardAvbKeyPath
+ if keypath != "" {
+ extraProperties.WriteString(fmt.Sprintf(" avb_key = \"//%s:%s\",\n", filepath.Dir(keypath), filepath.Base(keypath)+"_filegroup"))
+ extraProperties.WriteString(fmt.Sprintf(" avb_algorithm = %q,\n", qualifiedVariables.BoardAvbAlgorithm))
+ extraProperties.WriteString(fmt.Sprintf(" avb_rollback_index = %s,\n", qualifiedVariables.BoardAvbRollbackIndex))
+ extraProperties.WriteString(fmt.Sprintf(" avb_rollback_index_location = %s,\n", qualifiedVariables.BoardAvbRollbackIndexLocation))
+ }
+ }
+
targets[platformLabel.pkg] = append(targets[platformLabel.pkg], BazelTarget{
name: "system_image",
packageName: platformLabel.pkg,
@@ -525,11 +570,13 @@
base_staging_dir = "//build/bazel/bazel_sandwich:system_staging_dir",
base_staging_dir_file_list = "//build/bazel/bazel_sandwich:system_staging_dir_file_list",
root_dir = "//build/bazel/bazel_sandwich:root_staging_dir",
+ selinux_file_contexts = "//build/bazel/bazel_sandwich:selinux_file_contexts",
image_properties = """
%s
""",
+%s
type = "system",
-)`, properties.String()),
+)`, properties.String(), extraProperties.String()),
ruleClass: "partition",
loads: []BazelLoad{{
file: "//build/bazel/rules/partitions:partition.bzl",