2021-02-04 02:36:27 +00:00
|
|
|
package {
|
|
|
|
default_applicable_licenses: ["Android-Apache-2.0"],
|
|
|
|
}
|
|
|
|
|
2021-02-17 06:51:56 +00:00
|
|
|
microdroid_shell_and_utilities = [
|
|
|
|
"reboot",
|
|
|
|
"sh",
|
2021-07-21 15:49:10 +00:00
|
|
|
"strace",
|
2021-02-17 06:51:56 +00:00
|
|
|
"toolbox",
|
|
|
|
"toybox",
|
|
|
|
]
|
|
|
|
|
2021-02-09 12:23:36 +00:00
|
|
|
microdroid_rootdirs = [
|
|
|
|
"dev",
|
|
|
|
"proc",
|
|
|
|
"sys",
|
|
|
|
|
|
|
|
"system",
|
|
|
|
"vendor",
|
|
|
|
"debug_ramdisk",
|
|
|
|
"mnt",
|
2021-04-23 05:47:44 +00:00
|
|
|
"data",
|
2021-02-09 12:23:36 +00:00
|
|
|
|
|
|
|
"apex",
|
|
|
|
"linkerconfig",
|
|
|
|
"second_stage_resources",
|
|
|
|
]
|
|
|
|
|
|
|
|
microdroid_symlinks = [
|
|
|
|
{
|
|
|
|
target: "/sys/kernel/debug",
|
|
|
|
name: "d",
|
|
|
|
},
|
2021-04-23 00:12:29 +00:00
|
|
|
{
|
|
|
|
target: "/system/etc",
|
|
|
|
name: "etc",
|
|
|
|
},
|
2021-08-04 03:36:47 +00:00
|
|
|
{
|
|
|
|
target: "/system/bin",
|
|
|
|
name: "bin",
|
|
|
|
},
|
2021-02-09 12:23:36 +00:00
|
|
|
]
|
|
|
|
|
2021-04-16 12:35:58 +00:00
|
|
|
android_system_image {
|
2021-01-25 10:12:47 +00:00
|
|
|
name: "microdroid",
|
|
|
|
use_avb: true,
|
2021-11-08 08:53:47 +00:00
|
|
|
avb_private_key: ":microdroid_sign_key",
|
2021-01-25 10:12:47 +00:00
|
|
|
avb_algorithm: "SHA256_RSA4096",
|
2021-03-15 14:25:46 +00:00
|
|
|
partition_name: "system",
|
2021-01-25 10:12:47 +00:00
|
|
|
deps: [
|
|
|
|
"init_second_stage",
|
2021-04-06 12:25:57 +00:00
|
|
|
"microdroid_build_prop",
|
2021-05-24 07:55:06 +00:00
|
|
|
"microdroid_init_rc",
|
2021-10-18 09:28:57 +00:00
|
|
|
"microdroid_ueventd_rc",
|
2021-05-24 07:55:06 +00:00
|
|
|
"microdroid_launcher",
|
2021-06-16 07:52:02 +00:00
|
|
|
|
2021-02-17 06:51:56 +00:00
|
|
|
"libbinder",
|
2021-05-15 02:33:48 +00:00
|
|
|
"libbinder_ndk",
|
2021-02-17 06:51:56 +00:00
|
|
|
"libstdc++",
|
|
|
|
"logcat",
|
|
|
|
"logd",
|
|
|
|
"secilc",
|
2021-04-19 18:57:19 +00:00
|
|
|
|
|
|
|
// "com.android.adbd" requires these,
|
|
|
|
"libadbd_auth",
|
|
|
|
"libadbd_fs",
|
|
|
|
|
2021-05-12 05:09:38 +00:00
|
|
|
// "com.android.art" requires
|
|
|
|
"heapprofd_client_api",
|
2021-06-11 17:41:11 +00:00
|
|
|
"libartpalette-system",
|
2021-05-12 05:09:38 +00:00
|
|
|
|
2021-02-17 06:51:56 +00:00
|
|
|
"apexd",
|
2022-03-14 13:29:44 +00:00
|
|
|
"atrace",
|
2021-02-17 06:51:56 +00:00
|
|
|
"debuggerd",
|
2022-01-21 03:54:57 +00:00
|
|
|
"diced.microdroid",
|
2021-02-17 06:51:56 +00:00
|
|
|
"linker",
|
2021-02-25 08:38:32 +00:00
|
|
|
"linkerconfig",
|
2022-01-21 03:54:57 +00:00
|
|
|
"servicemanager.microdroid",
|
2021-02-17 06:51:56 +00:00
|
|
|
"tombstoned",
|
2022-03-24 08:54:43 +00:00
|
|
|
"tombstone_transmit.microdroid",
|
2021-02-17 06:51:56 +00:00
|
|
|
"cgroups.json",
|
2022-04-13 18:48:38 +00:00
|
|
|
"task_profiles.json",
|
2021-04-14 20:16:23 +00:00
|
|
|
"public.libraries.android.txt",
|
2021-02-18 10:12:06 +00:00
|
|
|
|
2022-03-18 08:51:58 +00:00
|
|
|
"microdroid_compatibility_matrix",
|
|
|
|
"microdroid_event-log-tags",
|
2021-06-07 07:56:56 +00:00
|
|
|
"microdroid_file_contexts",
|
2022-03-18 08:51:58 +00:00
|
|
|
"microdroid_manifest",
|
|
|
|
"microdroid_plat_sepolicy_and_mapping.sha256",
|
2021-06-07 07:56:56 +00:00
|
|
|
"microdroid_property_contexts",
|
|
|
|
"microdroid_service_contexts",
|
2021-08-04 06:39:54 +00:00
|
|
|
|
2022-04-05 05:57:27 +00:00
|
|
|
// TODO(b/195425111) these should be added automatically
|
|
|
|
"libcrypto", // used by many (init_second_stage, microdroid_manager, toybox, etc)
|
|
|
|
"liblzma", // used by init_second_stage
|
2021-02-17 06:51:56 +00:00
|
|
|
] + microdroid_shell_and_utilities,
|
|
|
|
multilib: {
|
|
|
|
common: {
|
|
|
|
deps: [
|
2021-09-08 13:46:42 +00:00
|
|
|
// non-updatable & mandatory apexes
|
2021-02-17 06:51:56 +00:00
|
|
|
"com.android.runtime",
|
2021-09-08 13:46:42 +00:00
|
|
|
|
2021-06-07 07:56:56 +00:00
|
|
|
"microdroid_plat_sepolicy.cil",
|
|
|
|
"microdroid_plat_mapping_file",
|
2021-02-17 06:51:56 +00:00
|
|
|
],
|
|
|
|
},
|
2021-05-17 02:27:34 +00:00
|
|
|
lib64: {
|
|
|
|
deps: [
|
2021-06-16 07:52:02 +00:00
|
|
|
"apkdmverity",
|
2021-06-04 23:44:53 +00:00
|
|
|
"authfs",
|
2021-08-04 19:10:58 +00:00
|
|
|
"authfs_service",
|
2021-08-27 17:32:17 +00:00
|
|
|
"microdroid_manager",
|
2021-05-17 02:27:34 +00:00
|
|
|
"zipfuse",
|
|
|
|
],
|
|
|
|
},
|
2021-02-17 06:51:56 +00:00
|
|
|
},
|
2021-04-16 12:35:58 +00:00
|
|
|
linker_config_src: "linker.config.json",
|
2021-02-15 08:04:39 +00:00
|
|
|
base_dir: "system",
|
2021-02-09 12:23:36 +00:00
|
|
|
dirs: microdroid_rootdirs,
|
|
|
|
symlinks: microdroid_symlinks,
|
2021-06-07 07:56:56 +00:00
|
|
|
file_contexts: ":microdroid_file_contexts.gen",
|
2022-04-21 05:30:04 +00:00
|
|
|
// For deterministic output, use fake_timestamp, hard-coded uuid
|
|
|
|
fake_timestamp: "1611569676",
|
|
|
|
// python -c "import uuid; print(uuid.uuid5(uuid.NAMESPACE_URL, 'www.android.com/avf/microdroid/system'))"
|
|
|
|
uuid: "5fe079c6-f01a-52be-87d3-d415231a72ad",
|
2021-01-25 10:12:47 +00:00
|
|
|
}
|
2021-02-03 23:54:31 +00:00
|
|
|
|
2021-02-17 06:51:56 +00:00
|
|
|
prebuilt_etc {
|
|
|
|
name: "microdroid_init_rc",
|
|
|
|
filename: "init.rc",
|
|
|
|
src: "init.rc",
|
|
|
|
relative_install_path: "init/hw",
|
|
|
|
installable: false, // avoid collision with system partition's init.rc
|
|
|
|
}
|
|
|
|
|
2021-10-18 09:28:57 +00:00
|
|
|
prebuilt_etc {
|
|
|
|
name: "microdroid_ueventd_rc",
|
|
|
|
filename: "ueventd.rc",
|
|
|
|
src: "ueventd.rc",
|
|
|
|
installable: false, // avoid collision with system partition's ueventd.rc
|
|
|
|
}
|
|
|
|
|
2021-04-06 12:25:57 +00:00
|
|
|
prebuilt_root {
|
|
|
|
name: "microdroid_build_prop",
|
|
|
|
filename: "build.prop",
|
|
|
|
src: "build.prop",
|
2021-05-24 08:38:27 +00:00
|
|
|
arch: {
|
|
|
|
x86_64: {
|
|
|
|
src: ":microdroid_build_prop_gen_x86_64",
|
|
|
|
},
|
|
|
|
arm64: {
|
|
|
|
src: ":microdroid_build_prop_gen_arm64",
|
|
|
|
},
|
|
|
|
},
|
2021-04-06 12:25:57 +00:00
|
|
|
installable: false,
|
|
|
|
}
|
|
|
|
|
2021-05-24 08:38:27 +00:00
|
|
|
genrule {
|
|
|
|
name: "microdroid_build_prop_gen_x86_64",
|
2022-04-25 09:24:58 +00:00
|
|
|
srcs: [
|
|
|
|
"build.prop",
|
|
|
|
":buildinfo.prop",
|
|
|
|
],
|
2021-05-24 08:38:27 +00:00
|
|
|
out: ["build.prop.out"],
|
2022-04-25 09:24:58 +00:00
|
|
|
cmd: "(echo '# build properties from buildinfo.prop module' && " +
|
|
|
|
"grep ro\\.build\\.version\\.codename= $(location :buildinfo.prop) && " +
|
|
|
|
"grep ro\\.build\\.version\\.release= $(location :buildinfo.prop) && " +
|
|
|
|
"grep ro\\.build\\.version\\.sdk= $(location :buildinfo.prop) && " +
|
|
|
|
"grep ro\\.build\\.version\\.security_patch= $(location :buildinfo.prop) && " +
|
|
|
|
"cat $(location build.prop) && " +
|
|
|
|
"echo ro.product.cpu.abilist=x86_64) > $(out)",
|
2021-05-24 08:38:27 +00:00
|
|
|
}
|
|
|
|
|
|
|
|
genrule {
|
|
|
|
name: "microdroid_build_prop_gen_arm64",
|
2022-04-25 09:24:58 +00:00
|
|
|
srcs: [
|
|
|
|
"build.prop",
|
|
|
|
":buildinfo.prop",
|
|
|
|
],
|
2021-05-24 08:38:27 +00:00
|
|
|
out: ["build.prop.out"],
|
2022-04-25 09:24:58 +00:00
|
|
|
cmd: "(echo '# build properties from buildinfo.prop module' && " +
|
|
|
|
"grep ro\\.build\\.version\\.codename= $(location :buildinfo.prop) && " +
|
|
|
|
"grep ro\\.build\\.version\\.release= $(location :buildinfo.prop) && " +
|
|
|
|
"grep ro\\.build\\.version\\.sdk= $(location :buildinfo.prop) && " +
|
|
|
|
"grep ro\\.build\\.version\\.security_patch= $(location :buildinfo.prop) && " +
|
|
|
|
"cat $(location build.prop) && " +
|
|
|
|
"echo ro.product.cpu.abilist=arm64-v8a) > $(out)",
|
2021-05-24 08:38:27 +00:00
|
|
|
}
|
|
|
|
|
2021-03-03 14:56:18 +00:00
|
|
|
android_filesystem {
|
|
|
|
name: "microdroid_vendor",
|
2021-09-01 03:10:18 +00:00
|
|
|
partition_name: "vendor",
|
2021-03-03 14:56:18 +00:00
|
|
|
use_avb: true,
|
|
|
|
deps: [
|
2022-01-13 17:37:52 +00:00
|
|
|
"android.hardware.security.dice-service.microdroid",
|
2021-04-23 05:47:44 +00:00
|
|
|
"microdroid_fstab",
|
2021-03-11 08:51:22 +00:00
|
|
|
"microdroid_precompiled_sepolicy.plat_sepolicy_and_mapping.sha256",
|
2021-05-26 03:04:54 +00:00
|
|
|
"microdroid_vendor_manifest",
|
|
|
|
"microdroid_vendor_compatibility_matrix",
|
2021-03-03 14:56:18 +00:00
|
|
|
],
|
2021-03-25 06:43:07 +00:00
|
|
|
multilib: {
|
|
|
|
common: {
|
|
|
|
deps: [
|
|
|
|
"microdroid_vendor_sepolicy.cil",
|
|
|
|
"microdroid_plat_pub_versioned.cil",
|
2021-04-29 15:19:00 +00:00
|
|
|
"microdroid_plat_sepolicy_vers.txt",
|
2021-09-27 13:44:09 +00:00
|
|
|
"microdroid_precompiled_sepolicy",
|
2021-03-25 06:43:07 +00:00
|
|
|
],
|
|
|
|
},
|
|
|
|
},
|
2021-11-08 08:53:47 +00:00
|
|
|
avb_private_key: ":microdroid_sign_key",
|
2021-03-03 14:56:18 +00:00
|
|
|
avb_algorithm: "SHA256_RSA4096",
|
2021-06-07 07:56:56 +00:00
|
|
|
file_contexts: ":microdroid_vendor_file_contexts.gen",
|
2022-04-21 05:30:04 +00:00
|
|
|
// For deterministic output, use fake_timestamp, hard-coded uuid
|
|
|
|
fake_timestamp: "1611569676",
|
|
|
|
// python -c "import uuid; print(uuid.uuid5(uuid.NAMESPACE_URL, 'www.android.com/avf/microdroid/vendor'))"
|
|
|
|
uuid: "156d40d7-8d8e-5c99-8913-ec82de549a70",
|
2021-03-03 14:56:18 +00:00
|
|
|
}
|
|
|
|
|
2021-02-23 16:39:51 +00:00
|
|
|
logical_partition {
|
|
|
|
name: "microdroid_super",
|
|
|
|
sparse: true,
|
2021-03-31 07:31:27 +00:00
|
|
|
size: "auto",
|
2021-03-30 07:57:27 +00:00
|
|
|
default_group: [
|
2021-02-23 16:39:51 +00:00
|
|
|
{
|
2021-09-01 03:10:18 +00:00
|
|
|
name: "system_a",
|
2021-03-30 07:57:27 +00:00
|
|
|
filesystem: ":microdroid",
|
|
|
|
},
|
|
|
|
{
|
2021-09-01 03:10:18 +00:00
|
|
|
name: "vendor_a",
|
2021-03-30 07:57:27 +00:00
|
|
|
filesystem: ":microdroid_vendor",
|
2021-02-23 16:39:51 +00:00
|
|
|
},
|
|
|
|
],
|
|
|
|
}
|
|
|
|
|
2021-08-30 09:41:52 +00:00
|
|
|
microdroid_boot_cmdline = [
|
|
|
|
"panic=-1",
|
|
|
|
"bootconfig",
|
2022-02-18 13:58:36 +00:00
|
|
|
"ioremap_guard",
|
2021-08-30 09:41:52 +00:00
|
|
|
]
|
2021-04-13 04:13:55 +00:00
|
|
|
|
2021-02-03 23:54:31 +00:00
|
|
|
bootimg {
|
2022-06-13 07:44:45 +00:00
|
|
|
name: "microdroid_boot",
|
2021-03-09 11:32:15 +00:00
|
|
|
// We don't have kernel for arm and x86. But Soong demands one when it builds for
|
|
|
|
// arm or x86 target. Satisfy that by providing an empty file as the kernel.
|
|
|
|
kernel_prebuilt: "empty_kernel",
|
2021-02-18 14:15:41 +00:00
|
|
|
arch: {
|
|
|
|
arm64: {
|
2022-06-13 07:44:45 +00:00
|
|
|
kernel_prebuilt: ":kernel_prebuilts-5.15-arm64",
|
2021-07-05 04:05:48 +00:00
|
|
|
cmdline: microdroid_boot_cmdline,
|
2021-02-18 14:15:41 +00:00
|
|
|
},
|
|
|
|
x86_64: {
|
2022-06-13 07:44:45 +00:00
|
|
|
kernel_prebuilt: ":kernel_prebuilts-5.15-x86_64",
|
2021-10-19 08:12:52 +00:00
|
|
|
cmdline: microdroid_boot_cmdline + [
|
|
|
|
// console=none is to work around the x86 specific u-boot behavior which when
|
|
|
|
// console= option is not found in the kernel commandline console=ttyS0 is
|
|
|
|
// automatically added. By adding console=none, we can prevent u-boot from doing
|
|
|
|
// that. Note that console is set to hvc0 by bootconfig if the VM is configured as
|
|
|
|
// debuggable.
|
|
|
|
"console=none",
|
|
|
|
"acpi=noirq",
|
|
|
|
],
|
2021-08-30 09:41:52 +00:00
|
|
|
},
|
|
|
|
},
|
|
|
|
|
2021-02-18 14:15:41 +00:00
|
|
|
dtb_prebuilt: "dummy_dtb.img",
|
2021-03-05 09:51:35 +00:00
|
|
|
header_version: "4",
|
2021-02-18 14:15:41 +00:00
|
|
|
partition_name: "boot",
|
2021-03-15 14:25:46 +00:00
|
|
|
use_avb: true,
|
2021-11-08 08:53:47 +00:00
|
|
|
avb_private_key: ":microdroid_sign_key",
|
2021-02-18 14:15:41 +00:00
|
|
|
}
|
|
|
|
|
2022-01-10 18:51:12 +00:00
|
|
|
bootimg {
|
|
|
|
name: "microdroid_init_boot",
|
2022-06-13 07:44:45 +00:00
|
|
|
ramdisk_module: "microdroid_ramdisk",
|
2022-01-10 18:51:12 +00:00
|
|
|
kernel_prebuilt: "empty_kernel",
|
|
|
|
header_version: "4",
|
|
|
|
partition_name: "init_boot",
|
|
|
|
use_avb: true,
|
|
|
|
avb_private_key: ":microdroid_sign_key",
|
|
|
|
}
|
|
|
|
|
2021-02-18 14:15:41 +00:00
|
|
|
android_filesystem {
|
2022-06-13 07:44:45 +00:00
|
|
|
name: "microdroid_ramdisk",
|
2021-02-18 14:15:41 +00:00
|
|
|
deps: [
|
2021-06-11 03:59:59 +00:00
|
|
|
"init_first_stage",
|
2021-02-18 14:15:41 +00:00
|
|
|
],
|
|
|
|
dirs: [
|
|
|
|
"dev",
|
|
|
|
"proc",
|
|
|
|
"sys",
|
|
|
|
|
|
|
|
// TODO(jiyong): remove these
|
|
|
|
"mnt",
|
|
|
|
"debug_ramdisk",
|
|
|
|
"second_stage_resources",
|
|
|
|
],
|
|
|
|
type: "compressed_cpio",
|
|
|
|
}
|
|
|
|
|
|
|
|
bootimg {
|
2022-06-13 07:44:45 +00:00
|
|
|
name: "microdroid_vendor_boot",
|
|
|
|
ramdisk_module: "microdroid_vendor_ramdisk",
|
2021-02-03 23:54:31 +00:00
|
|
|
dtb_prebuilt: "dummy_dtb.img",
|
2021-03-05 09:51:35 +00:00
|
|
|
header_version: "4",
|
2021-02-03 23:54:31 +00:00
|
|
|
vendor_boot: true,
|
2021-07-05 04:05:48 +00:00
|
|
|
arch: {
|
|
|
|
arm64: {
|
|
|
|
bootconfig: ":microdroid_bootconfig_arm64_gen",
|
|
|
|
},
|
|
|
|
x86_64: {
|
|
|
|
bootconfig: ":microdroid_bootconfig_x86_64_gen",
|
|
|
|
},
|
|
|
|
},
|
2021-02-03 23:54:31 +00:00
|
|
|
partition_name: "vendor_boot",
|
2021-03-15 14:25:46 +00:00
|
|
|
use_avb: true,
|
2021-11-08 08:53:47 +00:00
|
|
|
avb_private_key: ":microdroid_sign_key",
|
2021-02-03 23:54:31 +00:00
|
|
|
}
|
|
|
|
|
2022-02-07 02:13:56 +00:00
|
|
|
prebuilt_kernel_modules {
|
|
|
|
name: "microdroid_kernel_modules",
|
2021-02-03 23:54:31 +00:00
|
|
|
arch: {
|
|
|
|
arm64: {
|
2022-06-13 07:44:45 +00:00
|
|
|
srcs: [":virt_device_prebuilts_kernel_modules_microdroid-5.15-arm64"],
|
2021-02-03 23:54:31 +00:00
|
|
|
},
|
|
|
|
x86_64: {
|
2022-06-13 07:44:45 +00:00
|
|
|
srcs: [":virt_device_prebuilts_kernel_modules_microdroid-5.15-x86_64"],
|
2021-02-03 23:54:31 +00:00
|
|
|
},
|
|
|
|
},
|
2022-06-13 07:44:45 +00:00
|
|
|
kernel_version: "5.15",
|
2022-02-07 02:13:56 +00:00
|
|
|
}
|
|
|
|
|
|
|
|
android_filesystem {
|
2022-06-13 07:44:45 +00:00
|
|
|
name: "microdroid_vendor_ramdisk",
|
2021-02-23 03:53:30 +00:00
|
|
|
deps: [
|
|
|
|
"microdroid_fstab",
|
2022-02-07 02:13:56 +00:00
|
|
|
"microdroid_kernel_modules",
|
2021-02-23 03:53:30 +00:00
|
|
|
],
|
|
|
|
base_dir: "first_stage_ramdisk",
|
2021-02-03 23:54:31 +00:00
|
|
|
type: "compressed_cpio",
|
2021-02-23 03:53:30 +00:00
|
|
|
symlinks: [
|
|
|
|
{
|
2021-05-11 07:51:03 +00:00
|
|
|
target: "etc/fstab.microdroid",
|
2021-02-23 03:53:30 +00:00
|
|
|
name: "first_stage_ramdisk/fstab.microdroid",
|
|
|
|
},
|
|
|
|
{
|
|
|
|
target: "first_stage_ramdisk/lib",
|
|
|
|
name: "lib",
|
|
|
|
},
|
|
|
|
],
|
|
|
|
}
|
|
|
|
|
2021-07-05 04:05:48 +00:00
|
|
|
genrule {
|
|
|
|
name: "microdroid_bootconfig_arm64_gen",
|
|
|
|
srcs: [
|
|
|
|
"bootconfig.common",
|
|
|
|
"bootconfig.arm64",
|
|
|
|
],
|
|
|
|
out: ["bootconfig"],
|
|
|
|
cmd: "cat $(in) > $(out)",
|
|
|
|
}
|
|
|
|
|
|
|
|
genrule {
|
|
|
|
name: "microdroid_bootconfig_x86_64_gen",
|
|
|
|
srcs: [
|
|
|
|
"bootconfig.common",
|
|
|
|
"bootconfig.x86_64",
|
|
|
|
],
|
|
|
|
out: ["bootconfig"],
|
|
|
|
cmd: "cat $(in) > $(out)",
|
|
|
|
}
|
|
|
|
|
2021-11-04 11:45:14 +00:00
|
|
|
vbmeta {
|
|
|
|
name: "microdroid_vbmeta_bootconfig",
|
|
|
|
partition_name: "vbmeta",
|
2021-11-08 08:53:47 +00:00
|
|
|
private_key: ":microdroid_sign_key",
|
2021-11-04 11:45:14 +00:00
|
|
|
chained_partitions: [
|
|
|
|
{
|
|
|
|
name: "bootconfig",
|
2021-11-08 08:53:47 +00:00
|
|
|
private_key: ":microdroid_sign_key",
|
2021-11-04 11:45:14 +00:00
|
|
|
},
|
2022-01-28 12:29:48 +00:00
|
|
|
{
|
|
|
|
name: "uboot_env",
|
|
|
|
private_key: ":microdroid_sign_key",
|
|
|
|
},
|
2021-11-04 11:45:14 +00:00
|
|
|
],
|
|
|
|
}
|
|
|
|
|
2022-06-13 13:22:41 +00:00
|
|
|
// See external/avb/avbtool.py
|
|
|
|
// MAX_VBMETA_SIZE=64KB, MAX_FOOTER_SIZE=4KB
|
|
|
|
avb_hash_footer_kb = "68"
|
2021-11-04 11:45:14 +00:00
|
|
|
|
2022-06-13 13:22:41 +00:00
|
|
|
prebuilt_etc {
|
Define debug levels
Previously, a VM can be configured as running in debug mode or not.
However, the debug mode was not defined clearly and debugging features
like logging and adb-shell were actually left enabled even when the
debug mode is off.
This CL re-defines the debuggability of a VM. A VM has a debug level
which can be either of these three:
1. None: In this level, VM is not debuggable at all. No log is exported
from the VM, and debugger can't be attached to any process in the VM.
adb-shell of course is not supported.
2. App-only: In this level, only the app payload is debuggable. Logs
from the app process is exported to the host and the process can be
attached to debugger. adb-shell is not supported.
3. Full: In this level, the VM is fully debuggable. All logs including
kernel logs are exported to the VM and developers can adb-shell into the
VM.
Note that this CL doesn't fully implement all the levels yet, but
implements the framework around supporting multiple debug levels.
Specifically, each debug level is associated with a bootconfig image.
Each image has config values each of which enables or disables a
debugging feature. For example, bootconfig images for the none and
app-only levels have "kernel.console = none" to not show kernel console
output.
The `vm` tool and the Java APIs are also amended accordingly. The debug
level can be set via `--debug <level>` flag and the `DebugLevel(...)`
method.
Future work:
* Implement each debug level
* Each level uses different vm-instance image. Debug level is stored in
the instance image and is compared against the given level when
microdroid boots.
* Sign bootconfig images with avb and let uboot verify them
(b/203031847)
Bug: 201362865
Test: atest MicrodroidHostTestCases
Test: adb shell /apex/com.android.virt/bin/vm run-app
/data/local/tmp/virt/MicrodroidDemoApp.apk
/data/local/tmp/virt/MicrodroidDemoApp.apk.idsig
/data/local/tmp/virt/instance.img assets/vm_config.json
shows ...
Created VM from
"/data/local/tmp/virt/MicrodroidDemoApp.apk"!"assets/vm_config.json"
with CID 13, state is NOT_STARTED.
Started VM, state now STARTING.
Hello Microdroid /mnt/apk/lib/arm64-v8a/MicrodroidTestNativeLib.so hello
microdroid
, which is without logs from the bootloader and the kernel
Change-Id: I897dcd88723f014524d2cd2b6ffaa6f9fb5696d6
2021-10-14 15:02:12 +00:00
|
|
|
name: "microdroid_bootconfig_normal",
|
2022-06-13 13:22:41 +00:00
|
|
|
src: ":microdroid_bootconfig_normal_gen",
|
Define debug levels
Previously, a VM can be configured as running in debug mode or not.
However, the debug mode was not defined clearly and debugging features
like logging and adb-shell were actually left enabled even when the
debug mode is off.
This CL re-defines the debuggability of a VM. A VM has a debug level
which can be either of these three:
1. None: In this level, VM is not debuggable at all. No log is exported
from the VM, and debugger can't be attached to any process in the VM.
adb-shell of course is not supported.
2. App-only: In this level, only the app payload is debuggable. Logs
from the app process is exported to the host and the process can be
attached to debugger. adb-shell is not supported.
3. Full: In this level, the VM is fully debuggable. All logs including
kernel logs are exported to the VM and developers can adb-shell into the
VM.
Note that this CL doesn't fully implement all the levels yet, but
implements the framework around supporting multiple debug levels.
Specifically, each debug level is associated with a bootconfig image.
Each image has config values each of which enables or disables a
debugging feature. For example, bootconfig images for the none and
app-only levels have "kernel.console = none" to not show kernel console
output.
The `vm` tool and the Java APIs are also amended accordingly. The debug
level can be set via `--debug <level>` flag and the `DebugLevel(...)`
method.
Future work:
* Implement each debug level
* Each level uses different vm-instance image. Debug level is stored in
the instance image and is compared against the given level when
microdroid boots.
* Sign bootconfig images with avb and let uboot verify them
(b/203031847)
Bug: 201362865
Test: atest MicrodroidHostTestCases
Test: adb shell /apex/com.android.virt/bin/vm run-app
/data/local/tmp/virt/MicrodroidDemoApp.apk
/data/local/tmp/virt/MicrodroidDemoApp.apk.idsig
/data/local/tmp/virt/instance.img assets/vm_config.json
shows ...
Created VM from
"/data/local/tmp/virt/MicrodroidDemoApp.apk"!"assets/vm_config.json"
with CID 13, state is NOT_STARTED.
Started VM, state now STARTING.
Hello Microdroid /mnt/apk/lib/arm64-v8a/MicrodroidTestNativeLib.so hello
microdroid
, which is without logs from the bootloader and the kernel
Change-Id: I897dcd88723f014524d2cd2b6ffaa6f9fb5696d6
2021-10-14 15:02:12 +00:00
|
|
|
filename: "microdroid_bootconfig.normal",
|
|
|
|
}
|
|
|
|
|
2022-06-13 13:22:41 +00:00
|
|
|
prebuilt_etc {
|
Define debug levels
Previously, a VM can be configured as running in debug mode or not.
However, the debug mode was not defined clearly and debugging features
like logging and adb-shell were actually left enabled even when the
debug mode is off.
This CL re-defines the debuggability of a VM. A VM has a debug level
which can be either of these three:
1. None: In this level, VM is not debuggable at all. No log is exported
from the VM, and debugger can't be attached to any process in the VM.
adb-shell of course is not supported.
2. App-only: In this level, only the app payload is debuggable. Logs
from the app process is exported to the host and the process can be
attached to debugger. adb-shell is not supported.
3. Full: In this level, the VM is fully debuggable. All logs including
kernel logs are exported to the VM and developers can adb-shell into the
VM.
Note that this CL doesn't fully implement all the levels yet, but
implements the framework around supporting multiple debug levels.
Specifically, each debug level is associated with a bootconfig image.
Each image has config values each of which enables or disables a
debugging feature. For example, bootconfig images for the none and
app-only levels have "kernel.console = none" to not show kernel console
output.
The `vm` tool and the Java APIs are also amended accordingly. The debug
level can be set via `--debug <level>` flag and the `DebugLevel(...)`
method.
Future work:
* Implement each debug level
* Each level uses different vm-instance image. Debug level is stored in
the instance image and is compared against the given level when
microdroid boots.
* Sign bootconfig images with avb and let uboot verify them
(b/203031847)
Bug: 201362865
Test: atest MicrodroidHostTestCases
Test: adb shell /apex/com.android.virt/bin/vm run-app
/data/local/tmp/virt/MicrodroidDemoApp.apk
/data/local/tmp/virt/MicrodroidDemoApp.apk.idsig
/data/local/tmp/virt/instance.img assets/vm_config.json
shows ...
Created VM from
"/data/local/tmp/virt/MicrodroidDemoApp.apk"!"assets/vm_config.json"
with CID 13, state is NOT_STARTED.
Started VM, state now STARTING.
Hello Microdroid /mnt/apk/lib/arm64-v8a/MicrodroidTestNativeLib.so hello
microdroid
, which is without logs from the bootloader and the kernel
Change-Id: I897dcd88723f014524d2cd2b6ffaa6f9fb5696d6
2021-10-14 15:02:12 +00:00
|
|
|
name: "microdroid_bootconfig_app_debuggable",
|
2022-06-13 13:22:41 +00:00
|
|
|
src: ":microdroid_bootconfig_app_debuggable_gen",
|
Define debug levels
Previously, a VM can be configured as running in debug mode or not.
However, the debug mode was not defined clearly and debugging features
like logging and adb-shell were actually left enabled even when the
debug mode is off.
This CL re-defines the debuggability of a VM. A VM has a debug level
which can be either of these three:
1. None: In this level, VM is not debuggable at all. No log is exported
from the VM, and debugger can't be attached to any process in the VM.
adb-shell of course is not supported.
2. App-only: In this level, only the app payload is debuggable. Logs
from the app process is exported to the host and the process can be
attached to debugger. adb-shell is not supported.
3. Full: In this level, the VM is fully debuggable. All logs including
kernel logs are exported to the VM and developers can adb-shell into the
VM.
Note that this CL doesn't fully implement all the levels yet, but
implements the framework around supporting multiple debug levels.
Specifically, each debug level is associated with a bootconfig image.
Each image has config values each of which enables or disables a
debugging feature. For example, bootconfig images for the none and
app-only levels have "kernel.console = none" to not show kernel console
output.
The `vm` tool and the Java APIs are also amended accordingly. The debug
level can be set via `--debug <level>` flag and the `DebugLevel(...)`
method.
Future work:
* Implement each debug level
* Each level uses different vm-instance image. Debug level is stored in
the instance image and is compared against the given level when
microdroid boots.
* Sign bootconfig images with avb and let uboot verify them
(b/203031847)
Bug: 201362865
Test: atest MicrodroidHostTestCases
Test: adb shell /apex/com.android.virt/bin/vm run-app
/data/local/tmp/virt/MicrodroidDemoApp.apk
/data/local/tmp/virt/MicrodroidDemoApp.apk.idsig
/data/local/tmp/virt/instance.img assets/vm_config.json
shows ...
Created VM from
"/data/local/tmp/virt/MicrodroidDemoApp.apk"!"assets/vm_config.json"
with CID 13, state is NOT_STARTED.
Started VM, state now STARTING.
Hello Microdroid /mnt/apk/lib/arm64-v8a/MicrodroidTestNativeLib.so hello
microdroid
, which is without logs from the bootloader and the kernel
Change-Id: I897dcd88723f014524d2cd2b6ffaa6f9fb5696d6
2021-10-14 15:02:12 +00:00
|
|
|
filename: "microdroid_bootconfig.app_debuggable",
|
|
|
|
}
|
|
|
|
|
2022-06-13 13:22:41 +00:00
|
|
|
prebuilt_etc {
|
Define debug levels
Previously, a VM can be configured as running in debug mode or not.
However, the debug mode was not defined clearly and debugging features
like logging and adb-shell were actually left enabled even when the
debug mode is off.
This CL re-defines the debuggability of a VM. A VM has a debug level
which can be either of these three:
1. None: In this level, VM is not debuggable at all. No log is exported
from the VM, and debugger can't be attached to any process in the VM.
adb-shell of course is not supported.
2. App-only: In this level, only the app payload is debuggable. Logs
from the app process is exported to the host and the process can be
attached to debugger. adb-shell is not supported.
3. Full: In this level, the VM is fully debuggable. All logs including
kernel logs are exported to the VM and developers can adb-shell into the
VM.
Note that this CL doesn't fully implement all the levels yet, but
implements the framework around supporting multiple debug levels.
Specifically, each debug level is associated with a bootconfig image.
Each image has config values each of which enables or disables a
debugging feature. For example, bootconfig images for the none and
app-only levels have "kernel.console = none" to not show kernel console
output.
The `vm` tool and the Java APIs are also amended accordingly. The debug
level can be set via `--debug <level>` flag and the `DebugLevel(...)`
method.
Future work:
* Implement each debug level
* Each level uses different vm-instance image. Debug level is stored in
the instance image and is compared against the given level when
microdroid boots.
* Sign bootconfig images with avb and let uboot verify them
(b/203031847)
Bug: 201362865
Test: atest MicrodroidHostTestCases
Test: adb shell /apex/com.android.virt/bin/vm run-app
/data/local/tmp/virt/MicrodroidDemoApp.apk
/data/local/tmp/virt/MicrodroidDemoApp.apk.idsig
/data/local/tmp/virt/instance.img assets/vm_config.json
shows ...
Created VM from
"/data/local/tmp/virt/MicrodroidDemoApp.apk"!"assets/vm_config.json"
with CID 13, state is NOT_STARTED.
Started VM, state now STARTING.
Hello Microdroid /mnt/apk/lib/arm64-v8a/MicrodroidTestNativeLib.so hello
microdroid
, which is without logs from the bootloader and the kernel
Change-Id: I897dcd88723f014524d2cd2b6ffaa6f9fb5696d6
2021-10-14 15:02:12 +00:00
|
|
|
name: "microdroid_bootconfig_full_debuggable",
|
2022-06-13 13:22:41 +00:00
|
|
|
src: ":microdroid_bootconfig_full_debuggable_gen",
|
Define debug levels
Previously, a VM can be configured as running in debug mode or not.
However, the debug mode was not defined clearly and debugging features
like logging and adb-shell were actually left enabled even when the
debug mode is off.
This CL re-defines the debuggability of a VM. A VM has a debug level
which can be either of these three:
1. None: In this level, VM is not debuggable at all. No log is exported
from the VM, and debugger can't be attached to any process in the VM.
adb-shell of course is not supported.
2. App-only: In this level, only the app payload is debuggable. Logs
from the app process is exported to the host and the process can be
attached to debugger. adb-shell is not supported.
3. Full: In this level, the VM is fully debuggable. All logs including
kernel logs are exported to the VM and developers can adb-shell into the
VM.
Note that this CL doesn't fully implement all the levels yet, but
implements the framework around supporting multiple debug levels.
Specifically, each debug level is associated with a bootconfig image.
Each image has config values each of which enables or disables a
debugging feature. For example, bootconfig images for the none and
app-only levels have "kernel.console = none" to not show kernel console
output.
The `vm` tool and the Java APIs are also amended accordingly. The debug
level can be set via `--debug <level>` flag and the `DebugLevel(...)`
method.
Future work:
* Implement each debug level
* Each level uses different vm-instance image. Debug level is stored in
the instance image and is compared against the given level when
microdroid boots.
* Sign bootconfig images with avb and let uboot verify them
(b/203031847)
Bug: 201362865
Test: atest MicrodroidHostTestCases
Test: adb shell /apex/com.android.virt/bin/vm run-app
/data/local/tmp/virt/MicrodroidDemoApp.apk
/data/local/tmp/virt/MicrodroidDemoApp.apk.idsig
/data/local/tmp/virt/instance.img assets/vm_config.json
shows ...
Created VM from
"/data/local/tmp/virt/MicrodroidDemoApp.apk"!"assets/vm_config.json"
with CID 13, state is NOT_STARTED.
Started VM, state now STARTING.
Hello Microdroid /mnt/apk/lib/arm64-v8a/MicrodroidTestNativeLib.so hello
microdroid
, which is without logs from the bootloader and the kernel
Change-Id: I897dcd88723f014524d2cd2b6ffaa6f9fb5696d6
2021-10-14 15:02:12 +00:00
|
|
|
filename: "microdroid_bootconfig.full_debuggable",
|
2022-06-13 13:22:41 +00:00
|
|
|
}
|
|
|
|
|
|
|
|
// python -c "import hashlib; print(hashlib.sha256(b'bootconfig').hexdigest())"
|
|
|
|
bootconfig_salt = "e158851fbebb402e1f18ea9372ea2f76b4dea23eceb5c4b92e5b27ade8537f5b"
|
|
|
|
|
|
|
|
// TODO(jiyong): make a new module type that does the avb signing
|
|
|
|
genrule {
|
|
|
|
name: "microdroid_bootconfig_normal_gen",
|
|
|
|
tools: ["avbtool"],
|
|
|
|
srcs: [
|
|
|
|
"bootconfig.normal",
|
|
|
|
":microdroid_sign_key",
|
|
|
|
],
|
|
|
|
out: ["microdroid_bootconfig.normal"],
|
|
|
|
cmd: "cp $(location bootconfig.normal) $(out) && " +
|
|
|
|
"$(location avbtool) add_hash_footer " +
|
|
|
|
"--algorithm SHA256_RSA4096 " +
|
|
|
|
"--salt " + bootconfig_salt + " " +
|
|
|
|
"--partition_name bootconfig " +
|
|
|
|
"--key $(location :microdroid_sign_key) " +
|
|
|
|
"--partition_size $$(( " + avb_hash_footer_kb + " * 1024 + ( $$(stat --format=%s $(out)) + 4096 - 1 ) / 4096 * 4096 )) " +
|
|
|
|
"--image $(out)",
|
|
|
|
}
|
|
|
|
|
|
|
|
genrule {
|
|
|
|
name: "microdroid_bootconfig_app_debuggable_gen",
|
|
|
|
tools: ["avbtool"],
|
|
|
|
srcs: [
|
|
|
|
"bootconfig.app_debuggable",
|
|
|
|
":microdroid_sign_key",
|
|
|
|
],
|
|
|
|
out: ["microdroid_bootconfig.app_debuggable"],
|
|
|
|
cmd: "cp $(location bootconfig.app_debuggable) $(out) && " +
|
|
|
|
"$(location avbtool) add_hash_footer " +
|
|
|
|
"--algorithm SHA256_RSA4096 " +
|
|
|
|
"--salt " + bootconfig_salt + " " +
|
|
|
|
"--partition_name bootconfig " +
|
|
|
|
"--key $(location :microdroid_sign_key) " +
|
|
|
|
"--partition_size $$(( " + avb_hash_footer_kb + " * 1024 + ( $$(stat --format=%s $(out)) + 4096 - 1 ) / 4096 * 4096 )) " +
|
|
|
|
"--image $(out)",
|
|
|
|
}
|
|
|
|
|
|
|
|
genrule {
|
|
|
|
name: "microdroid_bootconfig_full_debuggable_gen",
|
|
|
|
tools: ["avbtool"],
|
|
|
|
srcs: [
|
|
|
|
"bootconfig.full_debuggable",
|
|
|
|
":microdroid_sign_key",
|
|
|
|
],
|
|
|
|
out: ["microdroid_bootconfig.full_debuggable"],
|
|
|
|
cmd: "cp $(location bootconfig.full_debuggable) $(out) && " +
|
|
|
|
"$(location avbtool) add_hash_footer " +
|
|
|
|
"--algorithm SHA256_RSA4096 " +
|
|
|
|
"--salt " + bootconfig_salt + " " +
|
|
|
|
"--partition_name bootconfig " +
|
|
|
|
"--key $(location :microdroid_sign_key) " +
|
|
|
|
"--partition_size $$(( " + avb_hash_footer_kb + " * 1024 + ( $$(stat --format=%s $(out)) + 4096 - 1 ) / 4096 * 4096 )) " +
|
|
|
|
"--image $(out)",
|
2021-11-04 11:45:14 +00:00
|
|
|
}
|
|
|
|
|
2021-02-23 03:53:30 +00:00
|
|
|
prebuilt_etc {
|
|
|
|
name: "microdroid_fstab",
|
2021-05-11 07:51:03 +00:00
|
|
|
src: "fstab.microdroid",
|
|
|
|
filename: "fstab.microdroid",
|
2021-02-23 03:53:30 +00:00
|
|
|
installable: false,
|
2021-02-03 23:54:31 +00:00
|
|
|
}
|
2021-02-19 06:44:52 +00:00
|
|
|
|
2021-04-08 10:10:44 +00:00
|
|
|
prebuilt_etc {
|
|
|
|
name: "microdroid_bootloader",
|
2022-06-13 13:22:41 +00:00
|
|
|
src: ":microdroid_bootloader_gen",
|
2021-04-13 04:13:55 +00:00
|
|
|
arch: {
|
|
|
|
x86_64: {
|
|
|
|
// For unknown reason, the signed bootloader doesn't work on x86_64. Until the problem
|
|
|
|
// is fixed, let's use the unsigned bootloader for the architecture.
|
|
|
|
// TODO(b/185115783): remove this
|
2021-11-08 08:53:47 +00:00
|
|
|
src: ":microdroid_bootloader_pubkey_replaced",
|
2021-04-13 04:13:55 +00:00
|
|
|
},
|
|
|
|
},
|
2021-04-08 10:10:44 +00:00
|
|
|
filename: "microdroid_bootloader",
|
|
|
|
}
|
|
|
|
|
2022-04-21 05:30:04 +00:00
|
|
|
// python -c "import hashlib; print(hashlib.sha256(b'bootloader').hexdigest())"
|
|
|
|
bootloader_salt = "3b4a12881d11f33cff968a24d7c53723a8232cde9a8d91e29fdbd6a95ae6adf0"
|
|
|
|
|
2022-06-13 13:22:41 +00:00
|
|
|
genrule {
|
|
|
|
name: "microdroid_bootloader_gen",
|
|
|
|
tools: ["avbtool"],
|
|
|
|
srcs: [
|
|
|
|
":microdroid_bootloader_pubkey_replaced",
|
|
|
|
":microdroid_sign_key",
|
|
|
|
],
|
|
|
|
out: ["bootloader-signed"],
|
|
|
|
// 1. Copy the input to the output becaise avbtool modifies --image in
|
|
|
|
// place.
|
|
|
|
// 2. Check if the file is big enough. For arm and x86 we have fake
|
|
|
|
// bootloader file whose size is 1. It can't pass avbtool.
|
|
|
|
// 3. Add the hash footer. The partition size is set to (image size + 68KB)
|
|
|
|
// rounded up to 4KB boundary.
|
|
|
|
cmd: "cp $(location :microdroid_bootloader_pubkey_replaced) $(out) && " +
|
|
|
|
"if [ $$(stat --format=%s $(out)) -gt 4096 ]; then " +
|
|
|
|
"$(location avbtool) add_hash_footer " +
|
|
|
|
"--algorithm SHA256_RSA4096 " +
|
|
|
|
"--salt " + bootloader_salt + " " +
|
|
|
|
"--partition_name bootloader " +
|
|
|
|
"--key $(location :microdroid_sign_key) " +
|
|
|
|
"--partition_size $$(( " + avb_hash_footer_kb + " * 1024 + ( $$(stat --format=%s $(out)) + 4096 - 1 ) / 4096 * 4096 )) " +
|
|
|
|
"--image $(out)" +
|
|
|
|
"; fi",
|
2021-04-08 10:10:44 +00:00
|
|
|
}
|
|
|
|
|
2021-11-08 08:53:47 +00:00
|
|
|
// Replace avbpubkey of prebuilt bootloader with the avbpubkey of the signing key
|
|
|
|
genrule {
|
|
|
|
name: "microdroid_bootloader_pubkey_replaced",
|
|
|
|
tools: ["replace_bytes"],
|
|
|
|
srcs: [
|
2021-11-09 08:20:53 +00:00
|
|
|
":microdroid_crosvm_bootloader", // input (bootloader)
|
|
|
|
":microdroid_crosvm_bootloader.avbpubkey", // old bytes (old pubkey)
|
|
|
|
":microdroid_bootloader_avbpubkey_gen", // new bytes (new pubkey)
|
2021-11-08 08:53:47 +00:00
|
|
|
],
|
|
|
|
out: ["bootloader-pubkey-replaced"],
|
|
|
|
// 1. Copy the input to the output (replace_bytes modifies the file in-place)
|
|
|
|
// 2. Check if the file is big enough. For arm and x86 we have fake
|
|
|
|
// bootloader file whose size is 1. (replace_bytes fails if key not found)
|
|
|
|
// 3. Replace embedded pubkey with new one.
|
|
|
|
cmd: "cp $(location :microdroid_crosvm_bootloader) $(out) && " +
|
|
|
|
"if [ $$(stat --format=%s $(out)) -gt 4096 ]; then " +
|
|
|
|
"$(location replace_bytes) $(out) " +
|
2021-11-09 08:20:53 +00:00
|
|
|
"$(location :microdroid_crosvm_bootloader.avbpubkey) " +
|
2021-11-08 08:53:47 +00:00
|
|
|
"$(location :microdroid_bootloader_avbpubkey_gen)" +
|
|
|
|
"; fi",
|
|
|
|
}
|
|
|
|
|
|
|
|
// Apex keeps a copy of avbpubkey embedded in bootloader so that embedded avbpubkey can be replaced
|
|
|
|
// while re-signing bootloader.
|
2021-10-26 18:35:42 +00:00
|
|
|
prebuilt_etc {
|
|
|
|
name: "microdroid_bootloader.avbpubkey",
|
2021-11-08 08:53:47 +00:00
|
|
|
src: ":microdroid_bootloader_avbpubkey_gen",
|
2021-10-26 18:35:42 +00:00
|
|
|
}
|
|
|
|
|
2021-11-08 08:53:47 +00:00
|
|
|
// Generate avbpukey from the signing key
|
2021-10-26 18:35:42 +00:00
|
|
|
genrule {
|
2021-11-08 08:53:47 +00:00
|
|
|
name: "microdroid_bootloader_avbpubkey_gen",
|
2021-10-26 18:35:42 +00:00
|
|
|
tools: ["avbtool"],
|
2021-11-08 08:53:47 +00:00
|
|
|
srcs: [":microdroid_sign_key"],
|
|
|
|
out: ["bootloader.pubkey"],
|
|
|
|
cmd: "$(location avbtool) extract_public_key " +
|
|
|
|
"--key $(location :microdroid_sign_key) " +
|
|
|
|
"--output $(out)",
|
2021-10-26 18:35:42 +00:00
|
|
|
}
|
|
|
|
|
2022-06-13 13:22:41 +00:00
|
|
|
prebuilt_etc {
|
2021-02-19 06:44:52 +00:00
|
|
|
name: "microdroid_uboot_env",
|
|
|
|
src: ":microdroid_uboot_env_gen",
|
|
|
|
filename: "uboot_env.img",
|
|
|
|
}
|
|
|
|
|
2022-06-13 13:22:41 +00:00
|
|
|
// python -c "import hashlib; print(hashlib.sha256(b'uboot_env').hexdigest())"
|
|
|
|
uboot_env_salt = "cbf2d76827ece5ca8d176a40c94ac6355edcf6511b4b887364a8c0e05850df10"
|
|
|
|
|
2021-02-19 06:44:52 +00:00
|
|
|
genrule {
|
|
|
|
name: "microdroid_uboot_env_gen",
|
2022-06-13 13:22:41 +00:00
|
|
|
tools: [
|
|
|
|
"mkenvimage_slim",
|
|
|
|
"avbtool",
|
|
|
|
],
|
|
|
|
srcs: [
|
|
|
|
"uboot-env.txt",
|
|
|
|
":microdroid_sign_key",
|
|
|
|
],
|
2021-02-19 06:44:52 +00:00
|
|
|
out: ["output.img"],
|
2022-06-13 13:22:41 +00:00
|
|
|
cmd: "$(location mkenvimage_slim) -output_path $(out) -input_path $(location uboot-env.txt) && " +
|
|
|
|
"$(location avbtool) add_hash_footer " +
|
|
|
|
"--algorithm SHA256_RSA4096 " +
|
|
|
|
"--salt " + uboot_env_salt + " " +
|
|
|
|
"--partition_name uboot_env " +
|
|
|
|
"--key $(location :microdroid_sign_key) " +
|
|
|
|
"--partition_size $$(( " + avb_hash_footer_kb + " * 1024 + ( $$(stat --format=%s $(out)) + 4096 - 1 ) / 4096 * 4096 )) " +
|
|
|
|
"--image $(out)",
|
2021-02-19 06:44:52 +00:00
|
|
|
}
|
2021-03-11 08:51:22 +00:00
|
|
|
|
2021-11-08 08:53:47 +00:00
|
|
|
// Note that keys can be different for filesystem images even though we're using the same key
|
|
|
|
// for microdroid. However, the key signing VBmeta should match with the pubkey embedded in
|
|
|
|
// bootloader.
|
|
|
|
filegroup {
|
|
|
|
name: "microdroid_sign_key",
|
|
|
|
srcs: [":avb_testkey_rsa4096"],
|
|
|
|
}
|
|
|
|
|
2021-03-15 14:30:11 +00:00
|
|
|
vbmeta {
|
|
|
|
name: "microdroid_vbmeta",
|
|
|
|
partition_name: "vbmeta",
|
2021-11-08 08:53:47 +00:00
|
|
|
private_key: ":microdroid_sign_key",
|
2021-03-15 14:30:11 +00:00
|
|
|
partitions: [
|
|
|
|
"microdroid_vendor",
|
2022-06-13 07:44:45 +00:00
|
|
|
"microdroid_vendor_boot",
|
2021-03-15 14:30:11 +00:00
|
|
|
"microdroid",
|
2022-06-13 07:44:45 +00:00
|
|
|
"microdroid_boot",
|
2022-01-10 18:51:12 +00:00
|
|
|
"microdroid_init_boot",
|
2021-03-15 14:30:11 +00:00
|
|
|
],
|
|
|
|
}
|
2021-04-05 02:20:10 +00:00
|
|
|
|
|
|
|
prebuilt_etc {
|
2021-06-21 05:39:12 +00:00
|
|
|
name: "microdroid.json",
|
|
|
|
src: "microdroid.json",
|
2021-04-13 08:43:10 +00:00
|
|
|
}
|
2021-04-19 18:57:19 +00:00
|
|
|
|
2021-05-26 03:04:54 +00:00
|
|
|
prebuilt_etc {
|
|
|
|
name: "microdroid_vendor_manifest",
|
|
|
|
src: "microdroid_vendor_manifest.xml",
|
|
|
|
filename: "manifest.xml",
|
|
|
|
relative_install_path: "vintf",
|
|
|
|
installable: false,
|
|
|
|
}
|
|
|
|
|
|
|
|
prebuilt_etc {
|
|
|
|
name: "microdroid_vendor_compatibility_matrix",
|
|
|
|
src: "microdroid_vendor_compatibility_matrix.xml",
|
|
|
|
filename: "compatibility_matrix.xml",
|
|
|
|
relative_install_path: "vintf",
|
|
|
|
installable: false,
|
|
|
|
}
|
|
|
|
|
|
|
|
prebuilt_etc {
|
|
|
|
name: "microdroid_compatibility_matrix",
|
|
|
|
src: "microdroid_compatibility_matrix.xml",
|
|
|
|
filename: "compatibility_matrix.current.xml",
|
|
|
|
relative_install_path: "vintf",
|
|
|
|
installable: false,
|
|
|
|
}
|
|
|
|
|
|
|
|
prebuilt_etc {
|
|
|
|
name: "microdroid_manifest",
|
|
|
|
src: "microdroid_manifest.xml",
|
|
|
|
filename: "manifest.xml",
|
|
|
|
relative_install_path: "vintf",
|
|
|
|
installable: false,
|
|
|
|
}
|
2022-03-18 08:51:58 +00:00
|
|
|
|
|
|
|
prebuilt_etc {
|
|
|
|
name: "microdroid_event-log-tags",
|
|
|
|
src: "microdroid_event-log-tags",
|
|
|
|
filename: "event-log-tags",
|
|
|
|
installable: false,
|
2022-04-05 05:57:27 +00:00
|
|
|
}
|