Add hashes of initrd to the kernel footer pvmfw will then read the hashes and use them to validate the initrd loaded. Bug: 260821553 Test: m microdroid_kernel_signed and inspect the output using `avbtool info_image --image <output>` Result was: Prop: trusted_ramdisk -> '62e4f9c1bdcd844de0e88a6281c0ff3c43e6d8bb2deb79b3d1fecd97800b453c,e79bb3926a53729d9bc16ccf58b82567b4c7e9aeaf72ace321601e913a987443,cc7182c87ebe8d0a76250dde66fc01c57489430c8c21f64404a1a537fa5b9e9b' Change-Id: I1a9ca51b374a991882adadddb761763977b957a8

commit: e2bd27e09a1e8cb7da06ea5a16429182c2e069c4 [log] [tgz]
author: Jiyong Park <jiyong@google.com> Mon Dec 05 17:14:08 2022 +0900
committer: Jiyong Park <jiyong@google.com> Mon Dec 05 17:14:08 2022 +0900
tree: 0ee25744a286f7ef0d8c8a9aa69d35a7c83cf57f
parent: 5895ac077f8e78cc6895f83adce6de5ff4ef4020 [diff] [blame]
diff --git a/microdroid/Android.bp b/microdroid/Android.bp
index af6031a..79378fe 100644
--- a/microdroid/Android.bp
+++ b/microdroid/Android.bp

@@ -567,6 +567,12 @@
             enabled: true,
         },
     },
+    props: [
+        {
+            name: "trusted_ramdisk",
+            file: ":microdroid_initrd_hashes",
+        },
+    ],
 }
 
 prebuilt_etc {
commit	e2bd27e09a1e8cb7da06ea5a16429182c2e069c4	[log] [tgz]
author	Jiyong Park <jiyong@google.com>	Mon Dec 05 17:14:08 2022 +0900
committer	Jiyong Park <jiyong@google.com>	Mon Dec 05 17:14:08 2022 +0900
tree	0ee25744a286f7ef0d8c8a9aa69d35a7c83cf57f
parent	5895ac077f8e78cc6895f83adce6de5ff4ef4020 [diff] [blame]