certify_bootimg: support gki-info.txt am: 67def5e80a am: a4bc64e48e am: 4cb8e5e915
Original change: https://android-review.googlesource.com/c/platform/system/tools/mkbootimg/+/2033163
Change-Id: Iace8882dddaf2604e3bfa030ee2b638e0c38a15e
diff --git a/gki/certify_bootimg.py b/gki/certify_bootimg.py
index 5b642c5..57b124a 100755
--- a/gki/certify_bootimg.py
+++ b/gki/certify_bootimg.py
@@ -151,6 +151,20 @@
subprocess.check_call(avbtool_cmd)
+def load_dict_from_file(path):
+ """Loads key=value pairs from |path| and returns a dict."""
+ d = {}
+ with open(path, 'r', encoding='utf-8') as f:
+ for line in f:
+ line = line.strip()
+ if not line or line.startswith('#'):
+ continue
+ if '=' in line:
+ name, value = line.split('=', 1)
+ d[name] = value
+ return d
+
+
def parse_cmdline():
"""Parse command-line options."""
parser = ArgumentParser(add_help=True)
@@ -203,10 +217,15 @@
"""Similar to certify_bootimg(), but for a zip archive of boot images."""
with tempfile.TemporaryDirectory() as unzip_dir:
shutil.unpack_archive(boot_img_zip, unzip_dir)
+
+ info_dict = load_dict_from_file(os.path.join(unzip_dir, 'gki-info.txt'))
+ extra_args.extend(info_dict['certify_bootimg_extra_args'].split())
+
for boot_img in glob.glob(os.path.join(unzip_dir, 'boot-*.img')):
print(f'Certifying {os.path.basename(boot_img)} ...')
certify_bootimg(boot_img=boot_img, output_img=boot_img,
algorithm=algorithm, key=key, extra_args=extra_args)
+
print(f'Making certified archive: {output_zip}')
archive_base_name = os.path.splitext(output_zip)[0]
shutil.make_archive(archive_base_name, 'zip', unzip_dir)
diff --git a/gki/certify_bootimg_test.py b/gki/certify_bootimg_test.py
index c84b58b..4c1ef1e 100644
--- a/gki/certify_bootimg_test.py
+++ b/gki/certify_bootimg_test.py
@@ -71,6 +71,9 @@
def generate_test_boot_image_archive(output_zip, boot_img_info):
"""Generates a zip archive of test boot images.
+ It also adds a file gki-info.txt, which contains additional settings for
+ for `certify_bootimg --extra_args`.
+
Args:
output_zip: the output zip archive, e.g., /path/to/boot-img.zip.
boot_img_info: a list of (boot_image_name, kernel_size,
@@ -86,6 +89,14 @@
seed=name,
avb_partition_size=partition_size)
+ gki_info = os.path.join(temp_out_dir, 'gki-info.txt')
+ with open(gki_info, 'w', encoding='utf-8') as f:
+ f.write('certify_bootimg_extra_args='
+ '--prop KERNEL_RELEASE:5.10.42'
+ '-android13-0-00544-ged21d463f856 '
+ '--prop BRANCH:android13-5.10-2022-05 '
+ '--prop BUILD_NUMBER:ab8295296\n')
+
archive_base_name = os.path.splitext(output_zip)[0]
shutil.make_archive(archive_base_name, 'zip', temp_out_dir)
@@ -309,7 +320,7 @@
'Minimum libavb version: 1.0\n'
'Header Block: 256 bytes\n'
'Authentication Block: 576 bytes\n'
- 'Auxiliary Block: 1344 bytes\n'
+ 'Auxiliary Block: 1536 bytes\n'
'Public key (sha1): '
'2597c218aae470a130f61162feaae70afd97f011\n'
'Algorithm: SHA256_RSA4096\n' # RSA4096
@@ -329,13 +340,17 @@
' Flags: 0\n'
" Prop: foo -> 'bar'\n"
" Prop: gki -> 'nice'\n"
+ " Prop: KERNEL_RELEASE -> '5.10.42-android13-0-00544-"
+ "ged21d463f856'\n"
+ " Prop: BRANCH -> 'android13-5.10-2022-05'\n"
+ " Prop: BUILD_NUMBER -> 'ab8295296'\n"
)
self._EXPECTED_BOOT_1_0_SIGNATURE2_RSA4096 = ( # pylint: disable=C0103
'Minimum libavb version: 1.0\n'
'Header Block: 256 bytes\n'
'Authentication Block: 576 bytes\n'
- 'Auxiliary Block: 1344 bytes\n'
+ 'Auxiliary Block: 1536 bytes\n'
'Public key (sha1): '
'2597c218aae470a130f61162feaae70afd97f011\n'
'Algorithm: SHA256_RSA4096\n' # RSA4096
@@ -355,13 +370,17 @@
' Flags: 0\n'
" Prop: foo -> 'bar'\n"
" Prop: gki -> 'nice'\n"
+ " Prop: KERNEL_RELEASE -> '5.10.42-android13-0-00544-"
+ "ged21d463f856'\n"
+ " Prop: BRANCH -> 'android13-5.10-2022-05'\n"
+ " Prop: BUILD_NUMBER -> 'ab8295296'\n"
)
self._EXPECTED_BOOT_2_0_SIGNATURE1_RSA4096 = ( # pylint: disable=C0103
'Minimum libavb version: 1.0\n'
'Header Block: 256 bytes\n'
'Authentication Block: 576 bytes\n'
- 'Auxiliary Block: 1344 bytes\n'
+ 'Auxiliary Block: 1536 bytes\n'
'Public key (sha1): '
'2597c218aae470a130f61162feaae70afd97f011\n'
'Algorithm: SHA256_RSA4096\n' # RSA4096
@@ -381,13 +400,17 @@
' Flags: 0\n'
" Prop: foo -> 'bar'\n"
" Prop: gki -> 'nice'\n"
+ " Prop: KERNEL_RELEASE -> '5.10.42-android13-0-00544-"
+ "ged21d463f856'\n"
+ " Prop: BRANCH -> 'android13-5.10-2022-05'\n"
+ " Prop: BUILD_NUMBER -> 'ab8295296'\n"
)
self._EXPECTED_BOOT_2_0_SIGNATURE2_RSA4096 = ( # pylint: disable=C0103
'Minimum libavb version: 1.0\n'
'Header Block: 256 bytes\n'
'Authentication Block: 576 bytes\n'
- 'Auxiliary Block: 1344 bytes\n'
+ 'Auxiliary Block: 1536 bytes\n'
'Public key (sha1): '
'2597c218aae470a130f61162feaae70afd97f011\n'
'Algorithm: SHA256_RSA4096\n' # RSA4096
@@ -407,6 +430,10 @@
' Flags: 0\n'
" Prop: foo -> 'bar'\n"
" Prop: gki -> 'nice'\n"
+ " Prop: KERNEL_RELEASE -> '5.10.42-android13-0-00544-"
+ "ged21d463f856'\n"
+ " Prop: BRANCH -> 'android13-5.10-2022-05'\n"
+ " Prop: BUILD_NUMBER -> 'ab8295296'\n"
)
def _test_boot_signatures(self, signatures_dir, expected_signatures_info):