From e5c393cdae4b688f26bdad001593896ca2e72f8a Mon Sep 17 00:00:00 2001 From: Spandan Das Date: Thu, 12 Dec 2024 19:25:07 +0000 Subject: Make Security_patch an `android_filesystem` property Make-built partitions use partition specific security_patches for build_image, but Soong-built partitions currently use the platform security patch for all partitions (including vendor,odm,...). This CL introduces a `Security_patch` property to set this value explicity. The name and description have been copied from `bootimg`. This CL also updates `fsgen` to set this property on the autogenerated partitions. The logic has been copied from `build/make/core/Makefile`. It is currently missing `boot` and `init_boot` (I have not tested bit-identical for those partitions yet). Bug: 383357338 Test: lunch aosp_cf_x86_64_phone-trunk_staging-userdebug Setup - export COPY_IMAGES_FOR_TARGET_FILES_ZIP=true - export BUILD_DATETIME=10 - commented out installed_*_notice_xml_gz in build/make/core/Makefile Test: verified that the following .img files are bit identical in top of CL stack odm,system_dlkm,vendor_dlkm,odm_dlkm Change-Id: I9ae9bf957ffd479c57f12a49864589d285d93a71 --- filesystem/filesystem.go | 7 ++++++- 1 file changed, 6 insertions(+), 1 deletion(-) (limited to 'filesystem/filesystem.go') diff --git a/filesystem/filesystem.go b/filesystem/filesystem.go index eea54a92f..4b4dc4054 100644 --- a/filesystem/filesystem.go +++ b/filesystem/filesystem.go @@ -121,6 +121,9 @@ type FilesystemProperties struct { // avbtool. Default used by avbtool is sha1. Avb_hash_algorithm *string + // The security patch passed to as the com.android.build..security_patch avb property. + Security_patch *string + // Whether or not to use forward-error-correction codes when signing with AVB. Defaults to true. Use_fec *bool @@ -685,7 +688,9 @@ func (f *filesystem) buildPropFile(ctx android.ModuleContext) (android.Path, and } avb_add_hashtree_footer_args += fmt.Sprintf(" --prop com.android.build.%s.os_version:%s", f.partitionName(), ctx.Config().PlatformVersionLastStable()) avb_add_hashtree_footer_args += fmt.Sprintf(" --prop com.android.build.%s.fingerprint:{CONTENTS_OF:%s}", f.partitionName(), ctx.Config().BuildFingerprintFile(ctx)) - avb_add_hashtree_footer_args += fmt.Sprintf(" --prop com.android.build.%s.security_patch:%s", f.partitionName(), ctx.Config().PlatformSecurityPatch()) + if f.properties.Security_patch != nil && proptools.String(f.properties.Security_patch) != "" { + avb_add_hashtree_footer_args += fmt.Sprintf(" --prop com.android.build.%s.security_patch:%s", f.partitionName(), proptools.String(f.properties.Security_patch)) + } addStr("avb_add_hashtree_footer_args", avb_add_hashtree_footer_args) } -- cgit v1.2.3-59-g8ed1b