Fixes for avb flags in soong-generated partitions
The logic for what variables control what aspect of AVB is pretty
complicated, this brings make and soong closer together.
Bug: 381120092
Test: m out/soong/.intermediates/build/soong/fsgen/aosp_cf_x86_64_phone_generated_system_image/android_common/prop, diff with make's prop file
Change-Id: I6ada90262f4578d120c35b7f8d38c06c2b1d9c27
diff --git a/filesystem/filesystem.go b/filesystem/filesystem.go
index fbc8089..b6b4cb7 100644
--- a/filesystem/filesystem.go
+++ b/filesystem/filesystem.go
@@ -53,6 +53,12 @@
})
}
+// Remember to add referenced files to implicits!
+var textFileProcessorRule = pctx.AndroidStaticRule("text_file_processing", blueprint.RuleParams{
+ Command: "build/soong/scripts/text_file_processor.py $in $out",
+ CommandDeps: []string{"build/soong/scripts/text_file_processor.py"},
+})
+
type filesystem struct {
android.ModuleBase
android.PackagingBase
@@ -107,6 +113,9 @@
// avbtool. Default used by avbtool is sha1.
Avb_hash_algorithm *string
+ // Whether or not to use forward-error-correction codes when signing with AVB. Defaults to true.
+ Use_fec *bool
+
// The index used to prevent rollback of the image. Only used if use_avb is true.
Rollback_index *int64
@@ -563,11 +572,21 @@
FlagWithArg("--out_system=", rootDir.String()+"/system")
propFile, toolDeps := f.buildPropFile(ctx)
+
+ // Most of the time, if build_image were to call a host tool, it accepts the path to the
+ // host tool in a field in the prop file. However, it doesn't have that option for fec, which
+ // it expects to just be on the PATH. Add fec to the PATH.
+ fec := ctx.Config().HostToolPath(ctx, "fec")
+ pathToolDirs := []string{filepath.Dir(fec.String())}
+
output := android.PathForModuleOut(ctx, f.installFileName())
- builder.Command().BuiltTool("build_image").
+ builder.Command().
+ Textf("PATH=%s:$PATH", strings.Join(pathToolDirs, ":")).
+ BuiltTool("build_image").
Text(rootDir.String()). // input directory
Input(propFile).
Implicits(toolDeps).
+ Implicit(fec).
Output(output).
Text(rootDir.String()) // directory where to find fs_config_files|dirs
@@ -634,10 +653,15 @@
addPath("avb_avbtool", ctx.Config().HostToolPath(ctx, "avbtool"))
algorithm := proptools.StringDefault(f.properties.Avb_algorithm, "SHA256_RSA4096")
addStr("avb_algorithm", algorithm)
- key := android.PathForModuleSrc(ctx, proptools.String(f.properties.Avb_private_key))
- addPath("avb_key_path", key)
+ if f.properties.Avb_private_key != nil {
+ key := android.PathForModuleSrc(ctx, *f.properties.Avb_private_key)
+ addPath("avb_key_path", key)
+ }
addStr("partition_name", f.partitionName())
- avb_add_hashtree_footer_args := "--do_not_generate_fec"
+ avb_add_hashtree_footer_args := ""
+ if !proptools.BoolDefault(f.properties.Use_fec, true) {
+ avb_add_hashtree_footer_args += " --do_not_generate_fec"
+ }
if hashAlgorithm := proptools.String(f.properties.Avb_hash_algorithm); hashAlgorithm != "" {
avb_add_hashtree_footer_args += " --hash_algorithm " + hashAlgorithm
}
@@ -648,9 +672,9 @@
}
avb_add_hashtree_footer_args += " --rollback_index " + strconv.Itoa(rollbackIndex)
}
- securityPatchKey := "com.android.build." + f.partitionName() + ".security_patch"
- securityPatchValue := ctx.Config().PlatformSecurityPatch()
- avb_add_hashtree_footer_args += " --prop " + securityPatchKey + ":" + securityPatchValue
+ avb_add_hashtree_footer_args += fmt.Sprintf(" --prop com.android.build.%s.os_version:%s", f.partitionName(), ctx.Config().PlatformVersionLastStable())
+ avb_add_hashtree_footer_args += fmt.Sprintf(" --prop com.android.build.%s.fingerprint:{CONTENTS_OF:%s}", f.partitionName(), ctx.Config().BuildFingerprintFile(ctx))
+ avb_add_hashtree_footer_args += fmt.Sprintf(" --prop com.android.build.%s.security_patch:%s", f.partitionName(), ctx.Config().PlatformSecurityPatch())
addStr("avb_add_hashtree_footer_args", avb_add_hashtree_footer_args)
addStr("avb_salt", f.salt())
}
@@ -694,8 +718,15 @@
}
f.checkFsTypePropertyError(ctx, fst, fsTypeStr(fst))
+ propFilePreProcessing := android.PathForModuleOut(ctx, "prop_pre_processing")
+ android.WriteFileRuleVerbatim(ctx, propFilePreProcessing, propFileString.String())
propFile := android.PathForModuleOut(ctx, "prop")
- android.WriteFileRuleVerbatim(ctx, propFile, propFileString.String())
+ ctx.Build(pctx, android.BuildParams{
+ Rule: textFileProcessorRule,
+ Input: propFilePreProcessing,
+ Output: propFile,
+ Implicit: ctx.Config().BuildFingerprintFile(ctx),
+ })
return propFile, deps
}