Loading core/Makefile +5 −1 Original line number Diff line number Diff line Loading @@ -1444,15 +1444,19 @@ INTERNAL_PREBUILT_BOOTIMAGE := $(BOARD_PREBUILT_BOOTIMAGE) INSTALLED_BOOTIMAGE_TARGET := $(PRODUCT_OUT)/boot.img ifeq ($(BOARD_AVB_ENABLE),true) $(INSTALLED_BOOTIMAGE_TARGET): $(INTERNAL_PREBUILT_BOOTIMAGE) $(AVBTOOL) $(BOARD_AVB_BOOT_KEY_PATH) $(INSTALLED_BOOTIMAGE_TARGET): PRIVATE_WORKING_DIR := $(call intermediates-dir-for,PACKAGING,prebuilt_bootimg) $(INSTALLED_BOOTIMAGE_TARGET): $(INTERNAL_PREBUILT_BOOTIMAGE) $(AVBTOOL) $(BOARD_AVB_BOOT_KEY_PATH) $(UNPACK_BOOTIMG) cp $(INTERNAL_PREBUILT_BOOTIMAGE) $@ $(UNPACK_BOOTIMG) --boot_img $(INTERNAL_PREBUILT_BOOTIMAGE) --out $(PRIVATE_WORKING_DIR) chmod +w $@ $(AVBTOOL) add_hash_footer \ --image $@ \ --salt `sha256sum $(PRIVATE_WORKING_DIR)/kernel | cut -d " " -f 1` \ $(call get-partition-size-argument,$(BOARD_BOOTIMAGE_PARTITION_SIZE)) \ --partition_name boot $(INTERNAL_AVB_BOOT_SIGNING_ARGS) \ $(BOARD_AVB_BOOT_ADD_HASH_FOOTER_ARGS) $(call declare-container-license-metadata,$(INSTALLED_BOOTIMAGE_TARGET),SPDX-license-identifier-GPL-2.0-only SPDX-license-identifier-Apache-2.0,restricted notice,$(BUILD_SYSTEM)/LINUX_KERNEL_COPYING build/soong/licenses/LICENSE,"Boot Image",bool) $(call declare-container-license-deps,$(INSTALLED_BOOTIMAGE_TARGET),$(INTERNAL_PREBUILT_BOOTIMAGE),$(PRODUCT_OUT)/:/) Loading core/config.mk +1 −0 Original line number Diff line number Diff line Loading @@ -722,6 +722,7 @@ else BUILD_SUPER_IMAGE := $(BOARD_CUSTOM_BUILD_SUPER_IMAGE) endif IMG_FROM_TARGET_FILES := $(HOST_OUT_EXECUTABLES)/img_from_target_files$(HOST_EXECUTABLE_SUFFIX) UNPACK_BOOTIMG := $(HOST_OUT_EXECUTABLES)/unpack_bootimg MAKE_RECOVERY_PATCH := $(HOST_OUT_EXECUTABLES)/make_recovery_patch$(HOST_EXECUTABLE_SUFFIX) OTA_FROM_TARGET_FILES := $(HOST_OUT_EXECUTABLES)/ota_from_target_files$(HOST_EXECUTABLE_SUFFIX) OTA_FROM_RAW_IMG := $(HOST_OUT_EXECUTABLES)/ota_from_raw_img$(HOST_EXECUTABLE_SUFFIX) Loading tools/releasetools/common.py +9 −1 Original line number Diff line number Diff line Loading @@ -1947,7 +1947,15 @@ def _SignBootableImage(image_path, prebuilt_name, partition_name, cmd = [avbtool, "add_hash_footer", "--image", image_path, "--partition_size", str(part_size), "--partition_name", partition_name] AppendAVBSigningArgs(cmd, partition_name) # Use sha256 of the kernel as salt for reproducible builds with tempfile.TemporaryDirectory() as tmpdir: RunAndCheckOutput(["unpack_bootimg", "--boot_img", image_path, "--out", tmpdir]) for filename in ["kernel", "ramdisk", "vendor_ramdisk00"]: path = os.path.join(tmpdir, filename) if os.path.exists(path) and os.path.getsize(path): with open(path, "rb") as fp: salt = sha256(fp.read()).hexdigest() AppendAVBSigningArgs(cmd, partition_name, salt) args = info_dict.get("avb_" + partition_name + "_add_hash_footer_args") if args and args.strip(): split_args = ResolveAVBSigningPathArgs(shlex.split(args)) Loading Loading
core/Makefile +5 −1 Original line number Diff line number Diff line Loading @@ -1444,15 +1444,19 @@ INTERNAL_PREBUILT_BOOTIMAGE := $(BOARD_PREBUILT_BOOTIMAGE) INSTALLED_BOOTIMAGE_TARGET := $(PRODUCT_OUT)/boot.img ifeq ($(BOARD_AVB_ENABLE),true) $(INSTALLED_BOOTIMAGE_TARGET): $(INTERNAL_PREBUILT_BOOTIMAGE) $(AVBTOOL) $(BOARD_AVB_BOOT_KEY_PATH) $(INSTALLED_BOOTIMAGE_TARGET): PRIVATE_WORKING_DIR := $(call intermediates-dir-for,PACKAGING,prebuilt_bootimg) $(INSTALLED_BOOTIMAGE_TARGET): $(INTERNAL_PREBUILT_BOOTIMAGE) $(AVBTOOL) $(BOARD_AVB_BOOT_KEY_PATH) $(UNPACK_BOOTIMG) cp $(INTERNAL_PREBUILT_BOOTIMAGE) $@ $(UNPACK_BOOTIMG) --boot_img $(INTERNAL_PREBUILT_BOOTIMAGE) --out $(PRIVATE_WORKING_DIR) chmod +w $@ $(AVBTOOL) add_hash_footer \ --image $@ \ --salt `sha256sum $(PRIVATE_WORKING_DIR)/kernel | cut -d " " -f 1` \ $(call get-partition-size-argument,$(BOARD_BOOTIMAGE_PARTITION_SIZE)) \ --partition_name boot $(INTERNAL_AVB_BOOT_SIGNING_ARGS) \ $(BOARD_AVB_BOOT_ADD_HASH_FOOTER_ARGS) $(call declare-container-license-metadata,$(INSTALLED_BOOTIMAGE_TARGET),SPDX-license-identifier-GPL-2.0-only SPDX-license-identifier-Apache-2.0,restricted notice,$(BUILD_SYSTEM)/LINUX_KERNEL_COPYING build/soong/licenses/LICENSE,"Boot Image",bool) $(call declare-container-license-deps,$(INSTALLED_BOOTIMAGE_TARGET),$(INTERNAL_PREBUILT_BOOTIMAGE),$(PRODUCT_OUT)/:/) Loading
core/config.mk +1 −0 Original line number Diff line number Diff line Loading @@ -722,6 +722,7 @@ else BUILD_SUPER_IMAGE := $(BOARD_CUSTOM_BUILD_SUPER_IMAGE) endif IMG_FROM_TARGET_FILES := $(HOST_OUT_EXECUTABLES)/img_from_target_files$(HOST_EXECUTABLE_SUFFIX) UNPACK_BOOTIMG := $(HOST_OUT_EXECUTABLES)/unpack_bootimg MAKE_RECOVERY_PATCH := $(HOST_OUT_EXECUTABLES)/make_recovery_patch$(HOST_EXECUTABLE_SUFFIX) OTA_FROM_TARGET_FILES := $(HOST_OUT_EXECUTABLES)/ota_from_target_files$(HOST_EXECUTABLE_SUFFIX) OTA_FROM_RAW_IMG := $(HOST_OUT_EXECUTABLES)/ota_from_raw_img$(HOST_EXECUTABLE_SUFFIX) Loading
tools/releasetools/common.py +9 −1 Original line number Diff line number Diff line Loading @@ -1947,7 +1947,15 @@ def _SignBootableImage(image_path, prebuilt_name, partition_name, cmd = [avbtool, "add_hash_footer", "--image", image_path, "--partition_size", str(part_size), "--partition_name", partition_name] AppendAVBSigningArgs(cmd, partition_name) # Use sha256 of the kernel as salt for reproducible builds with tempfile.TemporaryDirectory() as tmpdir: RunAndCheckOutput(["unpack_bootimg", "--boot_img", image_path, "--out", tmpdir]) for filename in ["kernel", "ramdisk", "vendor_ramdisk00"]: path = os.path.join(tmpdir, filename) if os.path.exists(path) and os.path.getsize(path): with open(path, "rb") as fp: salt = sha256(fp.read()).hexdigest() AppendAVBSigningArgs(cmd, partition_name, salt) args = info_dict.get("avb_" + partition_name + "_add_hash_footer_args") if args and args.strip(): split_args = ResolveAVBSigningPathArgs(shlex.split(args)) Loading
