From 5339184e323b455c86419e37d0491c67a1dbf114 Mon Sep 17 00:00:00 2001 From: Inseob Kim Date: Fri, 29 Mar 2024 17:44:07 +0900 Subject: Add support to generate fsverity metadata By setting fsverity.inputs, android_filesystem can now generate .fsv_meta and BuildManifest.apk. It has been done by Makefile because Makefile is the only one knowing all installed files. But now android_filesystem is aware of all artifacts, so we can move fsverity metadata generation into Soong. Bug: 330282551 Test: m aosp_cf_system_x86_64 and see output Change-Id: Iae4dd83eaede960c263bfba537211df4ff4b36bd --- filesystem/filesystem.go | 21 +++++++++++++++------ 1 file changed, 15 insertions(+), 6 deletions(-) (limited to 'filesystem/filesystem.go') diff --git a/filesystem/filesystem.go b/filesystem/filesystem.go index efc889ccb..5ec7efe38 100644 --- a/filesystem/filesystem.go +++ b/filesystem/filesystem.go @@ -57,7 +57,7 @@ type filesystem struct { output android.OutputPath installDir android.InstallPath - // For testing. Keeps the result of CopyDepsToZip() + // For testing. Keeps the result of CopySpecsToDir() entries []string } @@ -120,6 +120,8 @@ type filesystemProperties struct { // modules would be installed to the same location as a make module, they will overwrite // the make version. Include_make_built_files string + + Fsverity fsverityProperties } // android_filesystem packages a set of modules and their transitive dependencies into a filesystem @@ -176,6 +178,10 @@ func (f *filesystem) installFileName() string { return f.BaseModuleName() + ".img" } +func (f *filesystem) partitionName() string { + return proptools.StringDefault(f.properties.Partition_name, f.Name()) +} + var pctx = android.NewPackageContext("android/soong/filesystem") func (f *filesystem) GenerateAndroidBuildActions(ctx android.ModuleContext) { @@ -255,10 +261,12 @@ func (f *filesystem) buildImageUsingBuildImage(ctx android.ModuleContext) androi builder := android.NewRuleBuilder(pctx, ctx) // Wipe the root dir to get rid of leftover files from prior builds builder.Command().Textf("rm -rf %s && mkdir -p %s", rootDir, rootDir) - f.entries = f.CopySpecsToDir(ctx, builder, f.gatherFilteredPackagingSpecs(ctx), rebasedDir) + specs := f.gatherFilteredPackagingSpecs(ctx) + f.entries = f.CopySpecsToDir(ctx, builder, specs, rebasedDir) f.buildNonDepsFiles(ctx, builder, rootDir) f.addMakeBuiltFiles(ctx, builder, rootDir) + f.buildFsverityMetadataFiles(ctx, builder, specs, rootDir, rebasedDir) // run host_init_verifier // Ideally we should have a concept of pluggable linters that verify the generated image. @@ -338,13 +346,12 @@ func (f *filesystem) buildPropFile(ctx android.ModuleContext) (propFile android. addStr("avb_algorithm", algorithm) key := android.PathForModuleSrc(ctx, proptools.String(f.properties.Avb_private_key)) addPath("avb_key_path", key) - partitionName := proptools.StringDefault(f.properties.Partition_name, f.Name()) - addStr("partition_name", partitionName) + addStr("partition_name", f.partitionName()) avb_add_hashtree_footer_args := "--do_not_generate_fec" if hashAlgorithm := proptools.String(f.properties.Avb_hash_algorithm); hashAlgorithm != "" { avb_add_hashtree_footer_args += " --hash_algorithm " + hashAlgorithm } - securityPatchKey := "com.android.build." + partitionName + ".security_patch" + securityPatchKey := "com.android.build." + f.partitionName() + ".security_patch" securityPatchValue := ctx.Config().PlatformSecurityPatch() avb_add_hashtree_footer_args += " --prop " + securityPatchKey + ":" + securityPatchValue addStr("avb_add_hashtree_footer_args", avb_add_hashtree_footer_args) @@ -388,9 +395,11 @@ func (f *filesystem) buildCpioImage(ctx android.ModuleContext, compressed bool) builder := android.NewRuleBuilder(pctx, ctx) // Wipe the root dir to get rid of leftover files from prior builds builder.Command().Textf("rm -rf %s && mkdir -p %s", rootDir, rootDir) - f.entries = f.CopySpecsToDir(ctx, builder, f.gatherFilteredPackagingSpecs(ctx), rebasedDir) + specs := f.gatherFilteredPackagingSpecs(ctx) + f.entries = f.CopySpecsToDir(ctx, builder, specs, rebasedDir) f.buildNonDepsFiles(ctx, builder, rootDir) + f.buildFsverityMetadataFiles(ctx, builder, specs, rootDir, rebasedDir) output := android.PathForModuleOut(ctx, f.installFileName()).OutputPath cmd := builder.Command(). -- cgit v1.2.3-59-g8ed1b