certify_bootimg: support --extra_footer_args am: f754a7c3b8 am: a86f4ddbf6 am: 12bcad6963 am: ee599a6116

Original change: https://android-review.googlesource.com/c/platform/system/tools/mkbootimg/+/2104149

Change-Id: I4c0bce34a5e2b8c2a6db9feb04c9698ee5248de9
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
diff --git a/gki/certify_bootimg.py b/gki/certify_bootimg.py
index fc22fde..2c3d80e 100755
--- a/gki/certify_bootimg.py
+++ b/gki/certify_bootimg.py
@@ -132,7 +132,7 @@
     return 0
 
 
-def add_avb_footer(image, partition_size):
+def add_avb_footer(image, partition_size, extra_footer_args):
     """Appends a AVB hash footer to the image."""
 
     avbtool_cmd = ['avbtool', 'add_hash_footer', '--image', image,
@@ -143,6 +143,7 @@
     else:
         avbtool_cmd.extend(['--dynamic_partition_size'])
 
+    avbtool_cmd.extend(extra_footer_args)
     subprocess.check_call(avbtool_cmd)
 
 
@@ -160,12 +161,24 @@
     return d
 
 
-def load_gki_info_file(gki_info_file, extra_args):
-    """Loads extra args from |gki_info_file| into |extra_args|."""
+def load_gki_info_file(gki_info_file, extra_args, extra_footer_args):
+    """Loads extra arguments from the gki info file.
+
+    Args:
+        gki_info_file: path to a gki-info.txt.
+        extra_args: the extra arguments forwarded to avbtool when creating
+          the gki certificate.
+        extra_footer_args: the extra arguments forwarded to avbtool when
+          creating the avb footer.
+
+    """
     info_dict = load_dict_from_file(gki_info_file)
     if 'certify_bootimg_extra_args' in info_dict:
         extra_args.extend(
             shlex.split(info_dict['certify_bootimg_extra_args']))
+    if 'certify_bootimg_extra_footer_args' in info_dict:
+        extra_footer_args.extend(
+            shlex.split(info_dict['certify_bootimg_extra_footer_args']))
 
 
 def get_archive_name_and_format_for_shutil(path):
@@ -206,6 +219,8 @@
     # Optional args.
     parser.add_argument('--extra_args', default=[], action='append',
                         help='extra arguments to be forwarded to avbtool')
+    parser.add_argument('--extra_footer_args', default=[], action='append',
+                        help='extra arguments for adding the avb footer')
 
     args = parser.parse_args()
 
@@ -218,13 +233,21 @@
         extra_args.extend(shlex.split(a))
     args.extra_args = extra_args
 
+    extra_footer_args = []
+    for a in args.extra_footer_args:
+        extra_footer_args.extend(shlex.split(a))
+    args.extra_footer_args = extra_footer_args
+
     if args.gki_info:
-        load_gki_info_file(args.gki_info, args.extra_args)
+        load_gki_info_file(args.gki_info,
+                           args.extra_args,
+                           args.extra_footer_args)
 
     return args
 
 
-def certify_bootimg(boot_img, output_img, algorithm, key, extra_args):
+def certify_bootimg(boot_img, output_img, algorithm, key, extra_args,
+                    extra_footer_args):
     """Certify a GKI boot image by generating and appending a boot_signature."""
     with tempfile.TemporaryDirectory() as temp_dir:
         boot_tmp = os.path.join(temp_dir, 'boot.tmp')
@@ -234,26 +257,27 @@
         add_certificate(boot_tmp, algorithm, key, extra_args)
 
         avb_partition_size = get_avb_image_size(boot_img)
-        add_avb_footer(boot_tmp, avb_partition_size)
+        add_avb_footer(boot_tmp, avb_partition_size, extra_footer_args)
 
         # We're done, copy the temp image to the final output.
         shutil.copy2(boot_tmp, output_img)
 
 
 def certify_bootimg_archive(boot_img_archive, output_archive,
-                            algorithm, key, extra_args):
+                            algorithm, key, extra_args, extra_footer_args):
     """Similar to certify_bootimg(), but for an archive of boot images."""
     with tempfile.TemporaryDirectory() as unpack_dir:
         shutil.unpack_archive(boot_img_archive, unpack_dir)
 
         gki_info_file = os.path.join(unpack_dir, 'gki-info.txt')
         if os.path.exists(gki_info_file):
-            load_gki_info_file(gki_info_file, extra_args)
+            load_gki_info_file(gki_info_file, extra_args, extra_footer_args)
 
         for boot_img in glob.glob(os.path.join(unpack_dir, 'boot-*.img')):
             print(f'Certifying {os.path.basename(boot_img)} ...')
             certify_bootimg(boot_img=boot_img, output_img=boot_img,
-                            algorithm=algorithm, key=key, extra_args=extra_args)
+                            algorithm=algorithm, key=key, extra_args=extra_args,
+                            extra_footer_args=extra_footer_args)
 
         print(f'Making certified archive: {output_archive}')
         archive_file_name, archive_format = (
@@ -275,10 +299,11 @@
 
     if args.boot_img_archive:
         certify_bootimg_archive(args.boot_img_archive, args.output,
-                                args.algorithm, args.key, args.extra_args)
+                                args.algorithm, args.key, args.extra_args,
+                                args.extra_footer_args)
     else:
         certify_bootimg(args.boot_img, args.output, args.algorithm,
-                        args.key, args.extra_args)
+                        args.key, args.extra_args, args.extra_footer_args)
 
 
 if __name__ == '__main__':
diff --git a/gki/certify_bootimg_test.py b/gki/certify_bootimg_test.py
index c0de50a..779c46f 100644
--- a/gki/certify_bootimg_test.py
+++ b/gki/certify_bootimg_test.py
@@ -219,6 +219,197 @@
         # C0103: invalid-name for maxDiff.
         self.maxDiff = None  # pylint: disable=C0103
 
+        # For AVB footers, we don't sign it so the Authentication block
+        # is zero bytes and the Algorithm is NONE. The footer will be
+        # replaced by device-specific settings when being incorporated into
+        # a device codebase. The footer here is just to pass some GKI
+        # pre-release test.
+        self._EXPECTED_AVB_FOOTER_BOOT_CERTIFIED = (    # pylint: disable=C0103
+            'Footer version:           1.0\n'
+            'Image size:               131072 bytes\n'
+            'Original image size:      24576 bytes\n'
+            'VBMeta offset:            24576\n'
+            'VBMeta size:              576 bytes\n'
+            '--\n'
+            'Minimum libavb version:   1.0\n'
+            'Header Block:             256 bytes\n'
+            'Authentication Block:     0 bytes\n'
+            'Auxiliary Block:          320 bytes\n'
+            'Algorithm:                NONE\n'
+            'Rollback Index:           0\n'
+            'Flags:                    0\n'
+            'Rollback Index Location:  0\n'
+            "Release String:           'avbtool 1.2.0'\n"
+            'Descriptors:\n'
+            '    Hash descriptor:\n'
+            '      Image Size:            24576 bytes\n'
+            '      Hash Algorithm:        sha256\n'
+            '      Partition Name:        boot\n'
+            '      Salt:                  a11ba11b\n'
+            '      Digest:                '
+            'c9b4ad78fae6f72f7eff939dee6078ed'
+            '8a75132e53f6c11ba1ec0f4b57f9eab0\n'
+            '      Flags:                 0\n'
+            "    Prop: avb -> 'nice'\n"
+            "    Prop: avb_space -> 'nice to meet you'\n"
+        )
+
+        self._EXPECTED_AVB_FOOTER_BOOT_CERTIFIED_2 = (  # pylint: disable=C0103
+            'Footer version:           1.0\n'
+            'Image size:               131072 bytes\n'
+            'Original image size:      24576 bytes\n'
+            'VBMeta offset:            24576\n'
+            'VBMeta size:              576 bytes\n'
+            '--\n'
+            'Minimum libavb version:   1.0\n'
+            'Header Block:             256 bytes\n'
+            'Authentication Block:     0 bytes\n'
+            'Auxiliary Block:          320 bytes\n'
+            'Algorithm:                NONE\n'
+            'Rollback Index:           0\n'
+            'Flags:                    0\n'
+            'Rollback Index Location:  0\n'
+            "Release String:           'avbtool 1.2.0'\n"
+            'Descriptors:\n'
+            '    Hash descriptor:\n'
+            '      Image Size:            24576 bytes\n'
+            '      Hash Algorithm:        sha256\n'
+            '      Partition Name:        boot\n'
+            '      Salt:                  a11ba11b\n'
+            '      Digest:                '
+            'ae2538e78b2a30b1112cede30d858a5f'
+            '6f8dc2a1b109dd4a7bb28124b77d2ab0\n'
+            '      Flags:                 0\n'
+            "    Prop: avb -> 'nice'\n"
+            "    Prop: avb_space -> 'nice to meet you'\n"
+        )
+
+        self._EXPECTED_AVB_FOOTER_WITH_GKI_INFO = (     # pylint: disable=C0103
+            'Footer version:           1.0\n'
+            'Image size:               131072 bytes\n'
+            'Original image size:      24576 bytes\n'
+            'VBMeta offset:            24576\n'
+            'VBMeta size:              704 bytes\n'
+            '--\n'
+            'Minimum libavb version:   1.0\n'
+            'Header Block:             256 bytes\n'
+            'Authentication Block:     0 bytes\n'
+            'Auxiliary Block:          448 bytes\n'
+            'Algorithm:                NONE\n'
+            'Rollback Index:           0\n'
+            'Flags:                    0\n'
+            'Rollback Index Location:  0\n'
+            "Release String:           'avbtool 1.2.0'\n"
+            'Descriptors:\n'
+            '    Hash descriptor:\n'
+            '      Image Size:            24576 bytes\n'
+            '      Hash Algorithm:        sha256\n'
+            '      Partition Name:        boot\n'
+            '      Salt:                  a11ba11b\n'
+            '      Digest:                '
+            '363d4f246a4a5e1bba8ba8b86f5eb0cf'
+            '9817e4e51663ba26edccf71c3861090a\n'
+            '      Flags:                 0\n'
+            "    Prop: avb -> 'nice'\n"
+            "    Prop: avb_space -> 'nice to meet you'\n"
+            "    Prop: com.android.build.boot.os_version -> '13'\n"
+            "    Prop: com.android.build.boot.security_patch -> '2022-05-05'\n"
+        )
+
+        self._EXPECTED_AVB_FOOTER_BOOT_1_0 = (          # pylint: disable=C0103
+            'Footer version:           1.0\n'
+            'Image size:               131072 bytes\n'
+            'Original image size:      28672 bytes\n'
+            'VBMeta offset:            28672\n'
+            'VBMeta size:              704 bytes\n'
+            '--\n'
+            'Minimum libavb version:   1.0\n'
+            'Header Block:             256 bytes\n'
+            'Authentication Block:     0 bytes\n'
+            'Auxiliary Block:          448 bytes\n'
+            'Algorithm:                NONE\n'
+            'Rollback Index:           0\n'
+            'Flags:                    0\n'
+            'Rollback Index Location:  0\n'
+            "Release String:           'avbtool 1.2.0'\n"
+            'Descriptors:\n'
+            '    Hash descriptor:\n'
+            '      Image Size:            28672 bytes\n'
+            '      Hash Algorithm:        sha256\n'
+            '      Partition Name:        boot\n'
+            '      Salt:                  a11ba11b\n'
+            '      Digest:                '
+            '634e60e08f5b83842c70fa0efa05de87'
+            '643cd75357f06eff9acc3d1f93e26795\n'
+            '      Flags:                 0\n'
+            "    Prop: avb -> 'nice'\n"
+            "    Prop: avb_space -> 'nice to meet you'\n"
+            "    Prop: com.android.build.boot.os_version -> '13'\n"
+            "    Prop: com.android.build.boot.security_patch -> '2022-05-05'\n"
+        )
+
+        self._EXPECTED_AVB_FOOTER_BOOT_2_0 = (          # pylint: disable=C0103
+            'Footer version:           1.0\n'
+            'Image size:               262144 bytes\n'
+            'Original image size:      36864 bytes\n'
+            'VBMeta offset:            36864\n'
+            'VBMeta size:              704 bytes\n'
+            '--\n'
+            'Minimum libavb version:   1.0\n'
+            'Header Block:             256 bytes\n'
+            'Authentication Block:     0 bytes\n'
+            'Auxiliary Block:          448 bytes\n'
+            'Algorithm:                NONE\n'
+            'Rollback Index:           0\n'
+            'Flags:                    0\n'
+            'Rollback Index Location:  0\n'
+            "Release String:           'avbtool 1.2.0'\n"
+            'Descriptors:\n'
+            '    Hash descriptor:\n'
+            '      Image Size:            36864 bytes\n'
+            '      Hash Algorithm:        sha256\n'
+            '      Partition Name:        boot\n'
+            '      Salt:                  a11ba11b\n'
+            '      Digest:                '
+            'f9bb362d8d0e6559f9f8f42eeaf4da9f'
+            '0fca6093de74ac406f76719fd0b20102\n'
+            '      Flags:                 0\n'
+            "    Prop: avb -> 'nice'\n"
+            "    Prop: avb_space -> 'nice to meet you'\n"
+            "    Prop: com.android.build.boot.os_version -> '13'\n"
+            "    Prop: com.android.build.boot.security_patch -> '2022-05-05'\n"
+        )
+
+        self._EXPECTED_AVB_FOOTER_BOOT_3_0 = (          # pylint: disable=C0103
+            'Footer version:           1.0\n'
+            'Image size:               131072 bytes\n'
+            'Original image size:      28672 bytes\n'
+            'VBMeta offset:            28672\n'
+            'VBMeta size:              576 bytes\n'
+            '--\n'
+            'Minimum libavb version:   1.0\n'
+            'Header Block:             256 bytes\n'
+            'Authentication Block:     0 bytes\n'
+            'Auxiliary Block:          320 bytes\n'
+            'Algorithm:                NONE\n'
+            'Rollback Index:           0\n'
+            'Flags:                    0\n'
+            'Rollback Index Location:  0\n'
+            "Release String:           'avbtool 1.2.0'\n"
+            'Descriptors:\n'
+            '    Hash descriptor:\n'
+            '      Image Size:            28672 bytes\n'
+            '      Hash Algorithm:        sha256\n'
+            '      Partition Name:        boot\n'
+            '      Salt:                  a11ba11b\n'
+            '      Digest:                '
+            'fb0326a78b3794c79fad414d10f8d69a'
+            '86a0da49e5320bd5b4fc09272cb2cad9\n'
+            '      Flags:                 0\n'
+            "    Prop: avb -> 'nice'\n"
+            "    Prop: avb_space -> 'nice to meet you'\n"
+        )
+
         self._EXPECTED_BOOT_SIGNATURE_RSA2048 = (       # pylint: disable=C0103
             'Minimum libavb version:   1.0\n'
             'Header Block:             256 bytes\n'
@@ -647,6 +838,8 @@
                 '--key', './testdata/testkey_rsa2048.pem',
                 '--extra_args', '--prop gki:nice '
                 '--prop space:"nice to meet you"',
+                '--extra_footer_args', '--salt a11ba11b --prop avb:nice '
+                '--prop avb_space:"nice to meet you"',
                 '--output', boot_certified_img,
             ]
             subprocess.run(certify_bootimg_cmds, check=True, cwd=self._exec_dir)
@@ -655,7 +848,13 @@
             self.assertTrue(has_avb_footer(boot_certified_img))
             self.assertEqual(os.path.getsize(boot_img),
                              os.path.getsize(boot_certified_img))
+            # Checks the content in the AVB footer.
+            self._test_boot_signatures(
+                temp_out_dir,
+                {'boot-certified.img':
+                    self._EXPECTED_AVB_FOOTER_BOOT_CERTIFIED})
 
+            # Checks the content in the GKI certificate.
             extract_boot_signatures(boot_certified_img, temp_out_dir)
             self._test_boot_signatures(
                 temp_out_dir,
@@ -672,6 +871,8 @@
                 '--key', './testdata/testkey_rsa4096.pem',
                 '--extra_args', '--prop gki:nice '
                 '--prop space:"nice to meet you"',
+                '--extra_footer_args', '--salt a11ba11b --prop avb:nice '
+                '--prop avb_space:"nice to meet you"',
                 '--output', boot_certified2_img,
             ]
             subprocess.run(certify_bootimg_cmds, check=True, cwd=self._exec_dir)
@@ -680,7 +881,13 @@
             self.assertTrue(has_avb_footer(boot_certified2_img))
             self.assertEqual(os.path.getsize(boot_certified_img),
                              os.path.getsize(boot_certified2_img))
+            # Checks the content in the AVB footer.
+            self._test_boot_signatures(
+                temp_out_dir,
+                {'boot-certified2.img':
+                    self._EXPECTED_AVB_FOOTER_BOOT_CERTIFIED_2})
 
+            # Checks the content in the GKI certificate.
             extract_boot_signatures(boot_certified2_img, temp_out_dir)
             self._test_boot_signatures(
                 temp_out_dir,
@@ -700,7 +907,11 @@
                         '-android13-0-00544-ged21d463f856 '
                         '--prop BRANCH:android13-5.10-2022-05 '
                         '--prop BUILD_NUMBER:ab8295296 '
-                        '--prop GKI_INFO:"added here"\n')
+                        '--prop GKI_INFO:"added here"\n'
+                        'certify_bootimg_extra_footer_args='
+                        '--prop com.android.build.boot.os_version:13 '
+                        '--prop com.android.build.boot.security_patch:'
+                        '2022-05-05\n')
             gki_info_path = os.path.join(temp_out_dir, 'gki-info.txt')
             with open(gki_info_path, 'w', encoding='utf-8') as f:
                 f.write(gki_info)
@@ -715,6 +926,8 @@
                 '--key', './testdata/testkey_rsa4096.pem',
                 '--extra_args', '--prop gki:nice '
                 '--prop space:"nice to meet you"',
+                '--extra_footer_args', '--salt a11ba11b --prop avb:nice '
+                '--prop avb_space:"nice to meet you"',
                 '--gki_info', gki_info_path,
                 '--output', boot_certified_img,
             ]
@@ -725,6 +938,12 @@
             self.assertEqual(os.path.getsize(boot_img),
                              os.path.getsize(boot_certified_img))
 
+            # Checks the content in the AVB footer.
+            self._test_boot_signatures(
+                temp_out_dir,
+                {'boot-certified.img': self._EXPECTED_AVB_FOOTER_WITH_GKI_INFO})
+
+            # Checks the content in the GKI certificate.
             extract_boot_signatures(boot_certified_img, temp_out_dir)
             self._test_boot_signatures(
                 temp_out_dir,
@@ -771,7 +990,11 @@
                         '-android13-0-00544-ged21d463f856 '
                         '--prop BRANCH:android13-5.10-2022-05 '
                         '--prop BUILD_NUMBER:ab8295296 '
-                        '--prop SPACE:"nice to meet you"\n')
+                        '--prop SPACE:"nice to meet you"\n'
+                        'certify_bootimg_extra_footer_args='
+                        '--prop com.android.build.boot.os_version:13 '
+                        '--prop com.android.build.boot.security_patch:'
+                        '2022-05-05\n')
             boot_img_archive_path = generate_test_boot_image_archive(
                 boot_img_archive_name,
                 'gztar',
@@ -790,6 +1013,8 @@
                 '--key', './testdata/testkey_rsa4096.pem',
                 '--extra_args', '--prop gki:nice '
                 '--prop space:"nice to meet you"',
+                '--extra_footer_args', '--salt a11ba11b --prop avb:nice '
+                '--prop avb_space:"nice to meet you"',
                 '--output', boot_certified_img_archive,
             ]
             subprocess.run(certify_bootimg_cmds, check=True, cwd=self._exec_dir)
@@ -806,6 +1031,13 @@
             self.assertTrue(has_avb_footer(boot_2_img))
             self.assertEqual(os.path.getsize(boot_2_img), 256 * 1024)
 
+            # Checks the content in the AVB footer.
+            self._test_boot_signatures(
+                temp_out_dir,
+                {'boot-1.0.img': self._EXPECTED_AVB_FOOTER_BOOT_1_0,
+                 'boot-2.0.img': self._EXPECTED_AVB_FOOTER_BOOT_2_0})
+
+            # Checks the content in the GKI certificate.
             self._test_boot_signatures(
                 temp_out_dir,
                 {'boot-1.0/boot_signature1':
@@ -840,6 +1072,8 @@
                 '--key', './testdata/testkey_rsa4096.pem',
                 '--extra_args', '--prop gki:nice '
                 '--prop space:"nice to meet you"',
+                '--extra_footer_args', '--salt a11ba11b --prop avb:nice '
+                '--prop avb_space:"nice to meet you"',
                 '--output', boot_certified_img_archive,
             ]
             subprocess.run(certify_bootimg_cmds, check=True, cwd=self._exec_dir)
@@ -863,6 +1097,8 @@
                 '--key', './testdata/testkey_rsa4096.pem',
                 '--extra_args', '--prop gki:nice '
                 '--prop space:"nice to meet you"',
+                '--extra_footer_args', '--salt a11ba11b --prop avb:nice '
+                '--prop avb_space:"nice to meet you"',
                 '--output', boot_certified_img_archive2,
             ]
             subprocess.run(certify_bootimg_cmds, check=True, cwd=self._exec_dir)
@@ -875,6 +1111,12 @@
             self.assertTrue(has_avb_footer(boot_3_img))
             self.assertEqual(os.path.getsize(boot_3_img), 128 * 1024)
 
+            # Checks the content in the AVB footer.
+            self._test_boot_signatures(
+                temp_out_dir,
+                {'boot-3.0.img': self._EXPECTED_AVB_FOOTER_BOOT_3_0})
+
+            # Checks the content in the GKI certificate.
             self._test_boot_signatures(
                 temp_out_dir,
                 {'boot-3.0/boot_signature1':