diff options
| author | 2024-12-12 19:25:07 +0000 | |
|---|---|---|
| committer | 2024-12-12 22:22:15 +0000 | |
| commit | e5c393cdae4b688f26bdad001593896ca2e72f8a (patch) | |
| tree | 7e5a3f7ab4fc039d78d1da1dbf0a431e251d0d3a /filesystem/filesystem.go | |
| parent | c47ccaeabdbe6e8215fe83f5c7dc22a0de409ff3 (diff) | |
Make Security_patch an `android_filesystem` property
Make-built partitions use partition specific security_patches for
build_image, but Soong-built partitions currently use the platform
security patch for all partitions (including vendor,odm,...). This CL
introduces a `Security_patch` property to set this value explicity. The
name and description have been copied from `bootimg`.
This CL also updates `fsgen` to set this property on the autogenerated
partitions. The logic has been copied from `build/make/core/Makefile`.
It is currently missing `boot` and `init_boot` (I have not tested
bit-identical for those partitions yet).
Bug: 383357338
Test: lunch aosp_cf_x86_64_phone-trunk_staging-userdebug
Setup
- export COPY_IMAGES_FOR_TARGET_FILES_ZIP=true
- export BUILD_DATETIME=10
- commented out installed_*_notice_xml_gz in build/make/core/Makefile
Test: verified that the following .img files are bit identical in top of
CL stack
odm,system_dlkm,vendor_dlkm,odm_dlkm
Change-Id: I9ae9bf957ffd479c57f12a49864589d285d93a71
Diffstat (limited to 'filesystem/filesystem.go')
| -rw-r--r-- | filesystem/filesystem.go | 7 |
1 files changed, 6 insertions, 1 deletions
diff --git a/filesystem/filesystem.go b/filesystem/filesystem.go index eea54a92f..4b4dc4054 100644 --- a/filesystem/filesystem.go +++ b/filesystem/filesystem.go @@ -121,6 +121,9 @@ type FilesystemProperties struct { // avbtool. Default used by avbtool is sha1. Avb_hash_algorithm *string + // The security patch passed to as the com.android.build.<type>.security_patch avb property. + Security_patch *string + // Whether or not to use forward-error-correction codes when signing with AVB. Defaults to true. Use_fec *bool @@ -685,7 +688,9 @@ func (f *filesystem) buildPropFile(ctx android.ModuleContext) (android.Path, and } avb_add_hashtree_footer_args += fmt.Sprintf(" --prop com.android.build.%s.os_version:%s", f.partitionName(), ctx.Config().PlatformVersionLastStable()) avb_add_hashtree_footer_args += fmt.Sprintf(" --prop com.android.build.%s.fingerprint:{CONTENTS_OF:%s}", f.partitionName(), ctx.Config().BuildFingerprintFile(ctx)) - avb_add_hashtree_footer_args += fmt.Sprintf(" --prop com.android.build.%s.security_patch:%s", f.partitionName(), ctx.Config().PlatformSecurityPatch()) + if f.properties.Security_patch != nil && proptools.String(f.properties.Security_patch) != "" { + avb_add_hashtree_footer_args += fmt.Sprintf(" --prop com.android.build.%s.security_patch:%s", f.partitionName(), proptools.String(f.properties.Security_patch)) + } addStr("avb_add_hashtree_footer_args", avb_add_hashtree_footer_args) } |