From 7aea85e147819425c59205f89fbe7a5f9e083ad7 Mon Sep 17 00:00:00 2001 From: Alexander Martinz Date: Thu, 2 Nov 2023 12:21:26 +0100 Subject: [PATCH] axolotl: enable AVB Change-Id: Ic7c6fd9da7cbc6095f95333dcb2879ee3d8cab2f Signed-off-by: Alexander Martinz --- BoardConfig.mk | 28 ++++++++++++++++++---------- 1 file changed, 18 insertions(+), 10 deletions(-) diff --git a/BoardConfig.mk b/BoardConfig.mk index 6972630..e658104 100644 --- a/BoardConfig.mk +++ b/BoardConfig.mk @@ -103,24 +103,32 @@ AB_OTA_PARTITIONS += \ vbmeta_vendor \ # AVB +BOARD_AVB_ENABLE := true + +ifndef KEYS_DIR + $(warning Enabling flag 3 for disabled VBMeta) + BOARD_AVB_MAKE_VBMETA_IMAGE_ARGS += --flags 3 +endif + +BOARD_AVB_ALGORITHM := SHA256_RSA4096 +ifneq (,$(wildcard $(KEYS_DIR)/avb_murena_rsa4096.pem)) + BOARD_AVB_KEY_PATH := $(KEYS_DIR)/avb_murena_rsa4096.pem +else + BOARD_AVB_KEY_PATH := external/avb/test/data/testkey_rsa4096.pem +endif + BOARD_AVB_VBMETA_SYSTEM := system system_ext -BOARD_AVB_VBMETA_SYSTEM_KEY_PATH := external/avb/test/data/testkey_rsa4096.pem -BOARD_AVB_VBMETA_SYSTEM_ALGORITHM := SHA256_RSA4096 +BOARD_AVB_VBMETA_SYSTEM_KEY_PATH := $(BOARD_AVB_KEY_PATH) +BOARD_AVB_VBMETA_SYSTEM_ALGORITHM := $(BOARD_AVB_ALGORITHM) BOARD_AVB_VBMETA_SYSTEM_ROLLBACK_INDEX := $(PLATFORM_SECURITY_PATCH_TIMESTAMP) BOARD_AVB_VBMETA_SYSTEM_ROLLBACK_INDEX_LOCATION := 1 BOARD_AVB_VBMETA_VENDOR := odm vendor -BOARD_AVB_VBMETA_VENDOR_KEY_PATH := external/avb/test/data/testkey_rsa4096.pem -BOARD_AVB_VBMETA_VENDOR_ALGORITHM := SHA256_RSA4096 +BOARD_AVB_VBMETA_VENDOR_KEY_PATH := $(BOARD_AVB_KEY_PATH) +BOARD_AVB_VBMETA_VENDOR_ALGORITHM := $(BOARD_AVB_ALGORITHM) BOARD_AVB_VBMETA_VENDOR_ROLLBACK_INDEX := $(PLATFORM_SECURITY_PATCH_TIMESTAMP) BOARD_AVB_VBMETA_VENDOR_ROLLBACK_INDEX_LOCATION := 2 -# Enable AVB 2.0 -BOARD_AVB_ENABLE := true - -# Build the image with verity pre-disabled - https://android.googlesource.com/platform/external/avb/+/58305521295e51cb52a74d8d8bbaed738cf0767a -BOARD_AVB_MAKE_VBMETA_IMAGE_ARGS += --flags 3 - ##### # ANT+ -- GitLab