releasetools: Fix the support for getting reproducible images.

We used to support getting idempotent images when given the same inputs, by specifying UUID and AVB salt to the image builders. The support was broken by Q changes that moved away from build-time fingerprints [1]. This CL addresses the issue by updating the logic in computing UUID and AVB salt to be based on BuildInfo.fingerprint, as opposed to the deprecated static build fingerprint. [1] https://android-review.googlesource.com/c/platform/build/+/892933 Bug: 134525174 Test: TreeHugger Test: lunch a target; `atest --host releasetools_test releasetools_py3_test` Test: `m dist`; `unzip out/dist/target_files.zip IMAGES/\*`; `zip -d out/dist/target_files.zip IMAGES/\*` Test: `add_img_to_target_files -a out/dist/target_files.zip`. Verify that the rebuilt images are identical to the ones deleted. Change-Id: I8844fc7f044e9abfcd96a00e8958fa0583c70eaf
2019-10-07 20:48:48 -07:00 · 2019-10-07 20:48:48 -07:00 · 3ed35d3d25
parent 1c320f8573
commit 3ed35d3d25
2 changed files with 9 additions and 22 deletions
--- a/tools/releasetools/add_img_to_target_files.py
+++ b/tools/releasetools/add_img_to_target_files.py
@ -337,13 +337,8 @@ def CreateImage(input_dir, info_dict, what, output_file, block_list=None):

  # Use repeatable ext4 FS UUID and hash_seed UUID (based on partition name and
  # build fingerprint).
-  uuid_seed = what + "-"
-  if "build.prop" in info_dict:
-    build_prop = info_dict["build.prop"]
-    if "ro.build.fingerprint" in build_prop:
-      uuid_seed += build_prop["ro.build.fingerprint"]
-    elif "ro.build.thumbprint" in build_prop:
-      uuid_seed += build_prop["ro.build.thumbprint"]
+  build_info = common.BuildInfo(info_dict)
+  uuid_seed = what + "-" + build_info.fingerprint
  image_props["uuid"] = str(uuid.uuid5(uuid.NAMESPACE_URL, uuid_seed))
  hash_seed = "hash_seed-" + uuid_seed
  image_props["hash_seed"] = str(uuid.uuid5(uuid.NAMESPACE_URL, hash_seed))
@ -728,7 +723,7 @@ def AddImagesToTargetFiles(filename):

  # A map between partition names and their paths, which could be used when
  # generating AVB vbmeta image.
-  partitions = dict()
+  partitions = {}

  def banner(s):
    logger.info("\n\n++++ %s  ++++\n\n", s)
--- a/tools/releasetools/common.py
+++ b/tools/releasetools/common.py
@ -319,7 +319,7 @@ class BuildInfo(object):
  _RO_PRODUCT_PROPS_DEFAULT_SOURCE_ORDER = ["product", "odm", "vendor",
                                            "system_ext", "system"]

-  def __init__(self, info_dict, oem_dicts):
+  def __init__(self, info_dict, oem_dicts=None):
    """Initializes a BuildInfo instance with the given dicts.

    Note that it only wraps up the given dicts, without making copies.
@ -628,18 +628,11 @@ def LoadInfoDict(input_file, repacking=False):
          read_helper, "{}/etc/build.prop".format(partition.upper()))
  d["build.prop"] = d["system.build.prop"]

-  # Set up the salt (based on fingerprint or thumbprint) that will be used when
-  # adding AVB footer.
+  # Set up the salt (based on fingerprint) that will be used when adding AVB
+  # hash / hashtree footers.
  if d.get("avb_enable") == "true":
-    fp = None
-    if "build.prop" in d:
-      build_prop = d["build.prop"]
-      if "ro.build.fingerprint" in build_prop:
-        fp = build_prop["ro.build.fingerprint"]
-      elif "ro.build.thumbprint" in build_prop:
-        fp = build_prop["ro.build.thumbprint"]
-    if fp:
-      d["avb_salt"] = sha256(fp).hexdigest()
+    build_info = BuildInfo(d)
+    d["avb_salt"] = sha256(build_info.fingerprint).hexdigest()

  return d

@ -883,8 +876,7 @@ def GetAvbPartitionArg(partition, image, info_dict=None):
  if key_path:
    chained_partition_arg = GetAvbChainedPartitionArg(partition, info_dict)
    return ["--chain_partition", chained_partition_arg]
-  else:
-    return ["--include_descriptors_from_image", image]
+  return ["--include_descriptors_from_image", image]


 def GetAvbChainedPartitionArg(partition, info_dict, key=None):