p96705831
/
platform_build
forked from openkylin/platform_build
1
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity

releasetools: Allow verifying chained vbmeta partitions. 

Chained vbmeta partitions (vbmeta_system, vbmeta_vendor) were added to
support dynamic partitions. validate_target_files.py misses the logic in
handling such partitions.

Bug: 132882632
Test: Run validate_target_files.py on a target_files.zip that uses
      chained vbmeta_system partition.
Change-Id: Id06c575d13d5e9cc1b621f485ceb75d3e354c39f
Merged-In: Id06c575d13d5e9cc1b621f485ceb75d3e354c39f
(cherry picked from commit 814b14b3f7)
This commit is contained in:
Tao Bao 2019-06-03 23:07:58 -07:00
parent 206ef1f4fb
commit 08c190fc89
2 changed files with 9 additions and 3 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

3
tools/releasetools/common.py
View File

@ -99,6 +99,9 @@ SPECIAL_CERT_STRINGS = ("PRESIGNED", "EXTERNAL")
AVB_PARTITIONS = ('boot', 'dtbo', 'odm', 'product', 'product_services', AVB_PARTITIONS = ('boot', 'dtbo', 'odm', 'product', 'product_services',
'recovery', 'system', 'vendor') 'recovery', 'system', 'vendor')
# Chained VBMeta partitions.
AVB_VBMETA_PARTITIONS = ('vbmeta_system', 'vbmeta_vendor')
# Partitions that should have their care_map added to META/care_map.pb # Partitions that should have their care_map added to META/care_map.pb
PARTITIONS_WITH_CARE_MAP = ('system', 'vendor', 'product', 'product_services', PARTITIONS_WITH_CARE_MAP = ('system', 'vendor', 'product', 'product_services',
'odm') 'odm')

9
tools/releasetools/validate_target_files.py
View File

@ -327,11 +327,14 @@ def ValidateVerifiedBootImages(input_tmp, info_dict, options):
cmd = ['avbtool', 'verify_image', '--image', image, '--key', key] cmd = ['avbtool', 'verify_image', '--image', image, '--key', key]
# Append the args for chained partitions if any. # Append the args for chained partitions if any.
for partition in common.AVB_PARTITIONS: for partition in common.AVB_PARTITIONS + common.AVB_VBMETA_PARTITIONS:
key_name = 'avb_' + partition + '_key_path' key_name = 'avb_' + partition + '_key_path'
if info_dict.get(key_name) is not None: if info_dict.get(key_name) is not None:
# Use the key file from command line if specified; otherwise fall back
# to the one in info dict.
key_file = options.get(key_name, info_dict[key_name])
chained_partition_arg = common.GetAvbChainedPartitionArg( chained_partition_arg = common.GetAvbChainedPartitionArg(
partition, info_dict, options[key_name]) partition, info_dict, key_file)
cmd.extend(["--expected_chain_partition", chained_partition_arg]) cmd.extend(["--expected_chain_partition", chained_partition_arg])
proc = common.Run(cmd) proc = common.Run(cmd)
@ -357,7 +360,7 @@ def main():
help='the verity public key to verify the bootable images (Verified ' help='the verity public key to verify the bootable images (Verified '
'Boot 1.0), or the vbmeta image (Verified Boot 2.0, aka AVB), where ' 'Boot 1.0), or the vbmeta image (Verified Boot 2.0, aka AVB), where '
'applicable') 'applicable')
for partition in common.AVB_PARTITIONS: for partition in common.AVB_PARTITIONS + common.AVB_VBMETA_PARTITIONS:
parser.add_argument( parser.add_argument(
'--avb_' + partition + '_key_path', '--avb_' + partition + '_key_path',
help='the public or private key in PEM format to verify AVB chained ' help='the public or private key in PEM format to verify AVB chained '