From 6b2e155ee6eb3eaed089e8604e5cfa588e81473e Mon Sep 17 00:00:00 2001 From: Tianjie Xu Date: Thu, 1 Jun 2017 11:32:32 -0700 Subject: [PATCH] Generate care_map.txt when AVB is enabled When AVB is enabled, generate care_map.txt and add it to the target files. Also copy it into the OTA package where it will later be used by the update_verifier. Bug: 62208947 Test: \ 1. Run add_img_to_target_files on the TF of a new pixel device, and care_map.txt generates successfully. 2. Make dist in oc-dr1-release and find care_map.txt in the OTA package. 3. update_verifier succeeds in reading all the blocks on the care_map, and fails to read out-of-bound blocks. Change-Id: I2881711e6f87789cb7de150dbeca18b756fed68a --- tools/releasetools/add_img_to_target_files.py | 19 +++++++++++++------ tools/releasetools/build_image.py | 1 + tools/releasetools/ota_from_target_files.py | 3 ++- 3 files changed, 16 insertions(+), 7 deletions(-) diff --git a/tools/releasetools/add_img_to_target_files.py b/tools/releasetools/add_img_to_target_files.py index 550a5fb7e..86354e71e 100755 --- a/tools/releasetools/add_img_to_target_files.py +++ b/tools/releasetools/add_img_to_target_files.py @@ -236,9 +236,14 @@ def CreateImage(input_dir, info_dict, what, output_file, block_list=None): if block_list: block_list.Write() + # Set the 'adjusted_partition_size' that excludes the verity blocks of the + # given image. When avb is enabled, this size is the max image size returned + # by the avb tool. is_verity_partition = "verity_block_device" in image_props - verity_supported = image_props.get("verity") == "true" - if is_verity_partition and verity_supported: + verity_supported = (image_props.get("verity") == "true" or + image_props.get("board_avb_enable") == "true") + is_avb_enable = image_props.get("avb_hashtree_enable") == "true" + if verity_supported and (is_verity_partition or is_avb_enable): adjusted_blocks_value = image_props.get("partition_size") if adjusted_blocks_value: adjusted_blocks_key = what + "_adjusted_partition_size" @@ -530,12 +535,14 @@ def AddImagesToTargetFiles(filename): # partitions (if present), then write this file to target_files package. care_map_list = [] for line in lines: - if line.strip() == "system" and OPTIONS.info_dict.get( - "system_verity_block_device", None) is not None: + if line.strip() == "system" and ( + "system_verity_block_device" in OPTIONS.info_dict or + OPTIONS.info_dict.get("system_avb_hashtree_enable") == "true"): assert os.path.exists(system_img_path) care_map_list += GetCareMap("system", system_img_path) - if line.strip() == "vendor" and OPTIONS.info_dict.get( - "vendor_verity_block_device", None) is not None: + if line.strip() == "vendor" and ( + "vendor_verity_block_device" in OPTIONS.info_dict or + OPTIONS.info_dict.get("vendor_avb_hashtree_enable") == "true"): assert os.path.exists(vendor_img_path) care_map_list += GetCareMap("vendor", vendor_img_path) diff --git a/tools/releasetools/build_image.py b/tools/releasetools/build_image.py index 3094dcaae..82a21f31b 100755 --- a/tools/releasetools/build_image.py +++ b/tools/releasetools/build_image.py @@ -614,6 +614,7 @@ def ImagePropFromGlobalDict(glob_dict, mount_point): "verity_key", "verity_signer_cmd", "verity_fec", + "board_avb_enable", "avb_signing_args", "avb_avbtool" ) diff --git a/tools/releasetools/ota_from_target_files.py b/tools/releasetools/ota_from_target_files.py index 20904001d..1c8fe65cc 100755 --- a/tools/releasetools/ota_from_target_files.py +++ b/tools/releasetools/ota_from_target_files.py @@ -1167,7 +1167,8 @@ def WriteABOTAPackageWithBrilloScript(target_file, output_file, # If dm-verity is supported for the device, copy contents of care_map # into A/B OTA package. target_zip = zipfile.ZipFile(target_file, "r") - if OPTIONS.info_dict.get("verity") == "true": + if (OPTIONS.info_dict.get("verity") == "true" or + OPTIONS.info_dict.get("board_avb_enable") == "true"): care_map_path = "META/care_map.txt" namelist = target_zip.namelist() if care_map_path in namelist: