Merge "releasetools: Support verity signer args." (02d2d68a) · Commits · e / os / android_build

tools/releasetools/add_img_to_target_files.py

+1 −8

Original line number	Diff line number	Diff line
		@@ -41,9 +41,6 @@ Usage: add_img_to_target_files [flag] target_files
		--is_signing
		Skip building & adding the images for "userdata" and "cache" if we
		are signing the target files.

		--verity_signer_path
		Specify the signer path to build verity metadata.
		"""

		import sys
		@@ -71,7 +68,6 @@ OPTIONS.rebuild_recovery = False
		OPTIONS.replace_verity_public_key = False
		OPTIONS.replace_verity_private_key = False
		OPTIONS.is_signing = False
		OPTIONS.verity_signer_path = None

		def AddSystem(output_zip, prefix="IMAGES/", recovery_img=None, boot_img=None):
		"""Turn the contents of SYSTEM into a system image and store it in
		@@ -452,8 +448,6 @@ def main(argv):
		OPTIONS.replace_verity_public_key = (True, a)
		elif o == "--is_signing":
		OPTIONS.is_signing = True
		elif o == "--verity_signer_path":
		OPTIONS.verity_signer_path = a
		else:
		return False
		return True
		@@ -463,8 +457,7 @@ def main(argv):
		extra_long_opts=["add_missing", "rebuild_recovery",
		"replace_verity_public_key=",
		"replace_verity_private_key=",
		"is_signing",
		"verity_signer_path="],
		"is_signing"],
		extra_option_handler=option_handler)

tools/releasetools/build_image.py

+9 −6

Original line number	Diff line number	Diff line
		@@ -69,7 +69,7 @@ def GetVerityTreeSize(partition_size):
		return True, int(output)

		def GetVerityMetadataSize(partition_size):
		cmd = "system/extras/verity/build_verity_metadata.py -s %d"
		cmd = "system/extras/verity/build_verity_metadata.py size %d"
		cmd %= partition_size

		status, output = commands.getstatusoutput(cmd)
		@@ -214,11 +214,14 @@ def BuildVerityTree(sparse_image_path, verity_image_path, prop_dict):
		return True

		def BuildVerityMetadata(image_size, verity_metadata_path, root_hash, salt,
		block_device, signer_path, key):
		block_device, signer_path, key, signer_args):
		cmd_template = (
		"system/extras/verity/build_verity_metadata.py %s %s %s %s %s %s %s")
		"system/extras/verity/build_verity_metadata.py build " +
		"%s %s %s %s %s %s %s")
		cmd = cmd_template % (image_size, verity_metadata_path, root_hash, salt,
		block_device, signer_path, key)
		if signer_args:
		cmd += " --signer_args=\"%s\"" % (' '.join(signer_args),)
		print cmd
		status, output = commands.getstatusoutput(cmd)
		if status:
		@@ -305,10 +308,10 @@ def MakeVerityEnabledImage(out_file, fec_supported, prop_dict):
		block_dev = prop_dict["verity_block_device"]
		signer_key = prop_dict["verity_key"] + ".pk8"
		if OPTIONS.verity_signer_path is not None:
		signer_path = OPTIONS.verity_signer_path + ' '
		signer_path += ' '.join(OPTIONS.verity_signer_args)
		signer_path = OPTIONS.verity_signer_path
		else:
		signer_path = prop_dict["verity_signer_cmd"]
		signer_args = OPTIONS.verity_signer_args

		# make a tempdir
		tempdir_name = tempfile.mkdtemp(suffix="_verity_images")
		@@ -327,7 +330,7 @@ def MakeVerityEnabledImage(out_file, fec_supported, prop_dict):
		root_hash = prop_dict["verity_root_hash"]
		salt = prop_dict["verity_salt"]
		if not BuildVerityMetadata(image_size, verity_metadata_path, root_hash, salt,
		block_dev, signer_path, signer_key):
		block_dev, signer_path, signer_key, signer_args):
		shutil.rmtree(tempdir_name, ignore_errors=True)
		return False