Donate to e Foundation | Murena handsets with /e/OS | Own a part of Murena! Learn more

Commit 8c7f8205 authored by Bowgo Tsai's avatar Bowgo Tsai
Browse files

Adding BOOT_OS_VERSION for the AVB prop in a boot.img 

Devices using a prebuilt boot.img, e.g., a GKI, will re-sign
the boot.img to append AVB footers. Currently the value of
"com.android.build.boot.os_version" in the AVB footer is set
to the Android platform version. However, the GKI image might
be from another release branch, e.g., using a Android12-5.10
GKI in a Android 13 codebase.

Adding BOOT_OS_VERSION to allow specify the value separately.

Bug: 211364958
Test: make, then `avbtool info_image --image $OUT/boot.img`.
Change-Id: I335cc7b6c5a455d566f364df6a7dae79facc7a87
parent c25bd3c8

core/Makefile

+9 −2
Original line number Diff line number Diff line
@@ -3843,8 +3843,7 @@ BOARD_AVB_SYSTEM_EXT_ADD_HASHTREE_FOOTER_ARGS += \ 
    --prop com.android.build.system_ext.security_patch:$(PLATFORM_SECURITY_PATCH)



BOARD_AVB_BOOT_ADD_HASH_FOOTER_ARGS += \

    --prop com.android.build.boot.fingerprint:$(BUILD_FINGERPRINT_FROM_FILE) \

    --prop com.android.build.boot.os_version:$(PLATFORM_VERSION_LAST_STABLE)

    --prop com.android.build.boot.fingerprint:$(BUILD_FINGERPRINT_FROM_FILE)



BOARD_AVB_INIT_BOOT_ADD_HASH_FOOTER_ARGS += \

    --prop com.android.build.init_boot.fingerprint:$(BUILD_FINGERPRINT_FROM_FILE) \
@@ -3885,6 +3884,14 @@ BOARD_AVB_PVMFW_ADD_HASH_FOOTER_ARGS += \ 
# The following vendor- and odm-specific images needs explicit SPL set per board.

# TODO(b/210875415) Is this security_patch property used? Should it be removed from

# boot.img when there is no platform ramdisk included in it?

ifdef BOOT_OS_VERSION

BOARD_AVB_BOOT_ADD_HASH_FOOTER_ARGS += \

    --prop com.android.build.boot.os_version:$(BOOT_OS_VERSION)

else

BOARD_AVB_BOOT_ADD_HASH_FOOTER_ARGS += \

    --prop com.android.build.boot.os_version:$(PLATFORM_VERSION_LAST_STABLE)

endif



ifdef BOOT_SECURITY_PATCH

BOARD_AVB_BOOT_ADD_HASH_FOOTER_ARGS += \

    --prop com.android.build.boot.security_patch:$(BOOT_SECURITY_PATCH)