From 1fa1c6db4f4d862f20b4789be4bc98e7f9be7c06 Mon Sep 17 00:00:00 2001 From: Cole Faust Date: Wed, 6 Nov 2024 18:07:26 -0800 Subject: Build vbmeta partitions with soong AVB is Android Verified Boot: https://source.android.com/docs/security/features/verifiedboot It works by signing all the partitions, but then also including an extra metadata paritition called vbmeta that depends on all the other signed partitions. This creates a requirement that you update all those partitions and the vbmeta partition together, so in order to relax that requirement products can set up "chained" vbmeta partitions, where a chained partition like vbmeta_system might contain the avb metadata for just a few products. In cuttlefish vbmeta_system contains metadata about product, system, and system_ext. Using chained partitions, that group of partitions can be updated independently from the other signed partitions. Bug: 377563298 Test: m nothing (the diff test currently fails, but this is a start) Change-Id: I397af3a418bd23bcbf8f620c436afcacf69974fd --- filesystem/android_device.go | 6 +++++- 1 file changed, 5 insertions(+), 1 deletion(-) (limited to 'filesystem/android_device.go') diff --git a/filesystem/android_device.go b/filesystem/android_device.go index 9071272c1..2645dc498 100644 --- a/filesystem/android_device.go +++ b/filesystem/android_device.go @@ -34,6 +34,8 @@ type PartitionNameProperties struct { Vendor_partition_name *string // Name of the Odm partition filesystem module Odm_partition_name *string + // The vbmeta partition and its "chained" partitions + Vbmeta_partitions []string } type androidDevice struct { @@ -46,7 +48,6 @@ func AndroidDeviceFactory() android.Module { module := &androidDevice{} module.AddProperties(&module.partitionProps) android.InitAndroidMultiTargetsArchModule(module, android.DeviceSupported, android.MultilibCommon) - return module } @@ -69,6 +70,9 @@ func (a *androidDevice) DepsMutator(ctx android.BottomUpMutatorContext) { addDependencyIfDefined(a.partitionProps.Product_partition_name) addDependencyIfDefined(a.partitionProps.Vendor_partition_name) addDependencyIfDefined(a.partitionProps.Odm_partition_name) + for _, vbmetaPartition := range a.partitionProps.Vbmeta_partitions { + ctx.AddDependency(ctx.Module(), filesystemDepTag, vbmetaPartition) + } } func (a *androidDevice) GenerateAndroidBuildActions(ctx android.ModuleContext) { -- cgit v1.2.3-59-g8ed1b