diff options
| author | 2024-12-12 00:15:26 +0000 | |
|---|---|---|
| committer | 2024-12-12 10:17:14 -0800 | |
| commit | c47ccaeabdbe6e8215fe83f5c7dc22a0de409ff3 (patch) | |
| tree | 823a91b120cc5f026b8b65da1532b0fc8063c919 | |
| parent | a7ba154af5a3c8af420e0a57a0ed3242e9a66375 (diff) | |
Remove avb_salt from filesystem and boot_img
avb_salt was added to filesystem and boot_img to create reproducible
builds https://r.android.com/2069528. This is no longer necessary, since
build_image.py and verity_utils.py has been updated since then to
prevent non-hermiticity from unspecified avb_salt.
https://r.android.com/2613794. It uses the build_fingerprint as the salt
instead of the filesystem entries.
In preparation for creating bit-identical make and soong partition
images, make the avb_salt consistent between make and soong partition
iamges.
Bug: 376539388
Test: lunch aosp_panther-trunk_staging-userdebug
Test: m
out/soong/.intermediates/packages/modules/Virtualization/guest/pvmfw/pvmfw_img/android_arm64_armv8-2a_cortex-a55/pvmfw.img
(a bootimage module) followed by rm repeatedly
Test: sha remains consistent
Change-Id: Ie1afa4599ef1de4c8f1cd708a52cb60b37c19373
| -rw-r--r-- | filesystem/bootimg.go | 10 | ||||
| -rw-r--r-- | filesystem/filesystem.go | 6 |
2 files changed, 0 insertions, 16 deletions
diff --git a/filesystem/bootimg.go b/filesystem/bootimg.go index 0ffec2654..36b1a1870 100644 --- a/filesystem/bootimg.go +++ b/filesystem/bootimg.go @@ -391,15 +391,6 @@ func (b *bootimg) signImage(ctx android.ModuleContext, unsignedImage android.Pat return output } -// Calculates avb_salt from some input for deterministic output. -func (b *bootimg) salt() string { - var input []string - input = append(input, b.properties.Cmdline...) - input = append(input, proptools.StringDefault(b.properties.Partition_name, b.Name())) - input = append(input, proptools.String(b.properties.Header_version)) - return sha1sum(input) -} - func (b *bootimg) buildPropFile(ctx android.ModuleContext) (android.Path, android.Paths) { var sb strings.Builder var deps android.Paths @@ -420,7 +411,6 @@ func (b *bootimg) buildPropFile(ctx android.ModuleContext) (android.Path, androi addStr("avb_add_hash_footer_args", "") // TODO(jiyong): add --rollback_index partitionName := proptools.StringDefault(b.properties.Partition_name, b.Name()) addStr("partition_name", partitionName) - addStr("avb_salt", b.salt()) propFile := android.PathForModuleOut(ctx, "prop") android.WriteFileRule(ctx, propFile, sb.String()) diff --git a/filesystem/filesystem.go b/filesystem/filesystem.go index b30c0f77d..eea54a92f 100644 --- a/filesystem/filesystem.go +++ b/filesystem/filesystem.go @@ -622,11 +622,6 @@ func (f *filesystem) buildFileContexts(ctx android.ModuleContext) android.Path { return fcBin } -// Calculates avb_salt from entry list (sorted) for deterministic output. -func (f *filesystem) salt() string { - return sha1sum(f.entries) -} - func (f *filesystem) buildPropFile(ctx android.ModuleContext) (android.Path, android.Paths) { var deps android.Paths var propFileString strings.Builder @@ -692,7 +687,6 @@ func (f *filesystem) buildPropFile(ctx android.ModuleContext) (android.Path, and avb_add_hashtree_footer_args += fmt.Sprintf(" --prop com.android.build.%s.fingerprint:{CONTENTS_OF:%s}", f.partitionName(), ctx.Config().BuildFingerprintFile(ctx)) avb_add_hashtree_footer_args += fmt.Sprintf(" --prop com.android.build.%s.security_patch:%s", f.partitionName(), ctx.Config().PlatformSecurityPatch()) addStr("avb_add_hashtree_footer_args", avb_add_hashtree_footer_args) - addStr("avb_salt", f.salt()) } if f.properties.File_contexts != nil && f.properties.Precompiled_file_contexts != nil { |