diff options
| author | Jiyong Park <jiyong@google.com> | 2021-01-18 21:11:03 +0900 |
|---|---|---|
| committer | Jiyong Park <jiyong@google.com> | 2021-01-20 08:39:54 +0900 |
| commit | 71baa7690a126e68921bd11bdb702bfbc0c6018e (patch) | |
| tree | 350bd71d04d195008ccbfa578f5fab5b43e95ac7 /filesystem/filesystem.go | |
| parent | 72678310860dddf5d74e08d94a13d5f0aa745933 (diff) | |
Sign android_filesystem with avbtool
Use_avb and other avb_* properties allows us to sign an
android_filesystem module with avbtool.
Bug: 172415113
Test: m
Change-Id: Ifa1ed8ded1b10170aaca9b34e6a14f0179dbab5d
Diffstat (limited to 'filesystem/filesystem.go')
| -rw-r--r-- | filesystem/filesystem.go | 27 |
1 files changed, 27 insertions, 0 deletions
diff --git a/filesystem/filesystem.go b/filesystem/filesystem.go index 1f72dce3f..5ef4a90b3 100644 --- a/filesystem/filesystem.go +++ b/filesystem/filesystem.go @@ -20,6 +20,7 @@ import ( "android/soong/android" "github.com/google/blueprint" + "github.com/google/blueprint/proptools" ) func init() { @@ -30,10 +31,24 @@ type filesystem struct { android.ModuleBase android.PackagingBase + properties filesystemProperties + output android.OutputPath installDir android.InstallPath } +type filesystemProperties struct { + // When set to true, sign the image with avbtool. Default is false. + Use_avb *bool + + // Path to the private key that avbtool will use to sign this filesystem image. + // TODO(jiyong): allow apex_key to be specified here + Avb_private_key *string `android:"path"` + + // Hash and signing algorithm for avbtool. Default is SHA256_RSA4096. + Avb_algorithm *string +} + // android_filesystem packages a set of modules and their transitive dependencies into a filesystem // image. The filesystem images are expected to be mounted in the target device, which means the // modules in the filesystem image are built for the target device (i.e. Android, not Linux host). @@ -41,6 +56,7 @@ type filesystem struct { // partitions like system.img. For example, cc_library modules are placed under ./lib[64] directory. func filesystemFactory() android.Module { module := &filesystem{} + module.AddProperties(&module.properties) android.InitPackageModule(module) android.InitAndroidMultiTargetsArchModule(module, android.DeviceSupported, android.MultilibCommon) return module @@ -114,6 +130,17 @@ func (f *filesystem) buildPropFile(ctx android.ModuleContext) (propFile android. deps = append(deps, ctx.Config().HostToolPath(ctx, t)) } + if proptools.Bool(f.properties.Use_avb) { + addStr("avb_hashtree_enable", "true") + addPath("avb_avbtool", ctx.Config().HostToolPath(ctx, "avbtool")) + algorithm := proptools.StringDefault(f.properties.Avb_algorithm, "SHA256_RSA4096") + addStr("avb_algorithm", algorithm) + key := android.PathForModuleSrc(ctx, proptools.String(f.properties.Avb_private_key)) + addPath("avb_key_path", key) + addStr("avb_add_hashtree_footer_args", "--do_not_generate_fec") + addStr("partition_name", f.Name()) + } + propFile = android.PathForModuleOut(ctx, "prop").OutputPath builder := android.NewRuleBuilder(pctx, ctx) builder.Command().Text("rm").Flag("-rf").Output(propFile) |