tequilaOS/platform_build
2
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity

Merge "Make room for AVB hashtree and metadata."

Browse source
This commit is contained in:
David Zeuthen 2016-10-04 22:32:26 +00:00 committed by Gerrit Code Review
commit 70209ad9f0
3 changed files with 83 additions and 26 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

11
core/Makefile
View file

@ -873,6 +873,10 @@ $(if $(PRODUCTS.$(INTERNAL_PRODUCT).PRODUCT_SUPPORTS_VBOOT),$(hide) echo "vboot_
$(if $(PRODUCTS.$(INTERNAL_PRODUCT).PRODUCT_SUPPORTS_VBOOT),$(hide) echo "vboot_subkey=$(PRODUCTS.$(INTERNAL_PRODUCT).PRODUCT_VBOOT_SIGNING_SUBKEY)" >> $(1))
$(if $(PRODUCTS.$(INTERNAL_PRODUCT).PRODUCT_SUPPORTS_VBOOT),$(hide) echo "futility=$(FUTILITY)" >> $(1))
$(if $(PRODUCTS.$(INTERNAL_PRODUCT).PRODUCT_SUPPORTS_VBOOT),$(hide) echo "vboot_signer_cmd=$(VBOOT_SIGNER)" >> $(1))
$(if $(BOARD_AVB_ENABLE),$(hide) echo "avb_signing_args=$(INTERNAL_AVB_SIGNING_ARGS)" >> $(1))
$(if $(BOARD_AVB_ENABLE),$(hide) echo "avb_avbtool=$(AVBTOOL)" >> $(1))
$(if $(BOARD_AVB_ENABLE),$(hide) echo "system_avb_enable=$(BOARD_AVB_ENABLE)" >> $(1))
$(if $(BOARD_AVB_ENABLE),$(hide) echo "system_avb_add_hashtree_footer_args=$(BOARD_AVB_SYSTEM_ADD_HASHTREE_FOOTER_ARGS)" >> $(1))
$(if $(filter true,$(BOARD_USES_RECOVERY_AS_BOOT)),\
$(hide) echo "recovery_as_boot=true" >> $(1))
$(if $(filter true,$(BOARD_BUILD_SYSTEM_ROOT_IMAGE)),\
@ -1180,13 +1184,6 @@ define build-systemimage-target
fi; \
mkdir -p $(DIST_DIR); cp $(INSTALLED_FILES_FILE) $(DIST_DIR)/installed-files-rescued.txt; \
exit 1 )
$(if $(BOARD_AVB_ENABLE), \
$(hide) $(AVBTOOL) add_hashtree_footer \
--image $(1) \
--partition_size $(BOARD_SYSTEMIMAGE_PARTITION_SIZE) \
--partition_name system \
$(INTERNAL_AVB_SIGNING_ARGS) \
$(BOARD_AVB_SYSTEM_ADD_HASHTREE_FOOTER_ARGS))
endef
$(BUILT_SYSTEMIMAGE): $(FULL_SYSTEMIMAGE_DEPS) $(INSTALLED_FILES_FILE) $(BUILD_IMAGE_SRCS)

17
tools/releasetools/add_img_to_target_files.py
View file

@ -96,23 +96,6 @@ def AddSystem(output_zip, prefix="IMAGES/", recovery_img=None, boot_img=None):
imgname = BuildSystem(OPTIONS.input_tmp, OPTIONS.info_dict,
block_list=block_list)
# AVB: if enabled, calculate and add dm-verity integrity hashes and
# metadata to system.img.
if OPTIONS.info_dict.get("board_avb_enable", None) == "true":
avbtool = os.getenv('AVBTOOL') or "avbtool"
part_size = OPTIONS.info_dict.get("system_size", None)
cmd = [avbtool, "add_hashtree_footer", "--image", imgname,
"--partition_size", str(part_size), "--partition_name", "system"]
common.AppendAVBSigningArgs(cmd)
args = OPTIONS.info_dict.get("board_avb_system_add_hashtree_footer_args",
None)
if args and args.strip():
cmd.extend(shlex.split(args))
p = common.Run(cmd, stdout=subprocess.PIPE)
p.communicate()
assert p.returncode == 0, "avbtool add_hashtree_footer of %s failed" % (
os.path.basename(OPTIONS.input_tmp))
common.ZipWrite(output_zip, imgname, prefix + "system.img")
common.ZipWrite(output_zip, block_list, prefix + "system.map")
return imgname

81
tools/releasetools/build_image.py
View file

@ -27,6 +27,7 @@ import subprocess
import sys
import commands
import common
import shlex
import shutil
import sparse_img
import tempfile
@ -102,6 +103,51 @@ def ZeroPadSimg(image_file, pad_size):
simg = sparse_img.SparseImage(image_file, mode="r+b", build_map=False)
simg.AppendFillChunk(0, blocks)
def AVBCalcMaxImageSize(avbtool, partition_size, additional_args):
"""Calculates max image size for a given partition size.
Args:
avbtool: String with path to avbtool.
partition_size: The size of the partition in question.
additional_args: Additional arguments to pass to 'avbtool
add_hashtree_image'.
Returns:
The maximum image size or 0 if an error occurred.
"""
cmdline = "%s add_hashtree_footer " % avbtool
cmdline += "--partition_size %d " % partition_size
cmdline += "--calc_max_image_size "
cmdline += additional_args
(output, exit_code) = RunCommand(shlex.split(cmdline))
if exit_code != 0:
return 0
else:
return int(output)
def AVBAddHashtree(image_path, avbtool, partition_size, partition_name,
signing_args, additional_args):
"""Adds dm-verity hashtree and AVB metadata to an image.
Args:
image_path: Path to image to modify.
avbtool: String with path to avbtool.
partition_size: The size of the partition in question.
partition_name: The name of the partition - will be embedded in metadata.
signing_args: Arguments for signing the image.
additional_args: Additional arguments to pass to 'avbtool
add_hashtree_image'.
Returns:
True if the operation succeeded.
"""
cmdline = "%s add_hashtree_footer " % avbtool
cmdline += "--partition_size %d " % partition_size
cmdline += "--partition_name %s " % partition_name
cmdline += "--image %s " % image_path
cmdline += signing_args + " "
cmdline += additional_args
(_, exit_code) = RunCommand(shlex.split(cmdline))
return exit_code == 0
def AdjustPartitionSizeForVerity(partition_size, fec_supported):
"""Modifies the provided partition size to account for the verity metadata.
@ -375,6 +421,18 @@ def BuildImage(in_dir, prop_dict, out_file, target_out=None):
prop_dict["original_partition_size"] = str(partition_size)
prop_dict["verity_size"] = str(verity_size)
# Adjust partition size for AVB.
if prop_dict.get("avb_enable") == "true":
avbtool = prop_dict.get("avb_avbtool")
partition_size = int(prop_dict.get("partition_size"))
additional_args = prop_dict["avb_add_hashtree_footer_args"]
max_image_size = AVBCalcMaxImageSize(avbtool, partition_size,
additional_args)
if max_image_size == 0:
return False
prop_dict["partition_size"] = str(max_image_size)
prop_dict["original_partition_size"] = str(partition_size)
if fs_type.startswith("ext"):
build_command = ["mkuserimg.sh"]
if "extfs_sparse_flag" in prop_dict:
@ -497,6 +555,17 @@ def BuildImage(in_dir, prop_dict, out_file, target_out=None):
if not MakeVerityEnabledImage(out_file, verity_fec_supported, prop_dict):
return False
# Add AVB hashtree and metadata.
if "avb_enable" in prop_dict:
avbtool = prop_dict.get("avb_avbtool")
original_partition_size = int(prop_dict.get("original_partition_size"))
partition_name = prop_dict["partition_name"]
signing_args = prop_dict["avb_signing_args"]
additional_args = prop_dict["avb_add_hashtree_footer_args"]
if not AVBAddHashtree(out_file, avbtool, original_partition_size,
partition_name, signing_args, additional_args):
return False
if run_fsck and prop_dict.get("skip_fsck") != "true":
success, unsparse_image = UnsparseImage(out_file, replace=False)
if not success:
@ -537,7 +606,9 @@ def ImagePropFromGlobalDict(glob_dict, mount_point):
"verity",
"verity_key",
"verity_signer_cmd",
"verity_fec"
"verity_fec",
"avb_signing_args",
"avb_avbtool"
)
for p in common_props:
copy_prop(p, p)
@ -559,6 +630,9 @@ def ImagePropFromGlobalDict(glob_dict, mount_point):
copy_prop("system_squashfs_compressor_opt", "squashfs_compressor_opt")
copy_prop("system_squashfs_disable_4k_align", "squashfs_disable_4k_align")
copy_prop("system_base_fs_file", "base_fs_file")
copy_prop("system_avb_enable", "avb_enable")
copy_prop("system_avb_add_hashtree_footer_args",
"avb_add_hashtree_footer_args")
elif mount_point == "data":
# Copy the generic fs type first, override with specific one if available.
copy_prop("fs_type", "fs_type")
@ -577,12 +651,15 @@ def ImagePropFromGlobalDict(glob_dict, mount_point):
copy_prop("vendor_squashfs_compressor_opt", "squashfs_compressor_opt")
copy_prop("vendor_squashfs_disable_4k_align", "squashfs_disable_4k_align")
copy_prop("vendor_base_fs_file", "base_fs_file")
copy_prop("vendor_avb_enable", "avb_enable")
copy_prop("vendor_avb_add_hashtree_footer_args",
"avb_add_hashtree_footer_args")
elif mount_point == "oem":
copy_prop("fs_type", "fs_type")
copy_prop("oem_size", "partition_size")
copy_prop("oem_journal_size", "journal_size")
copy_prop("has_ext4_reserved_blocks", "has_ext4_reserved_blocks")
d["partition_name"] = mount_point
return d