From 40145f38b3c78dceaf036f194bc924400de0eb78 Mon Sep 17 00:00:00 2001 From: Nolen Johnson Date: Sat, 21 Dec 2024 16:59:07 -0500 Subject: [PATCH] Revert "Drop legacy vboot support." This reverts commit 31f6e08fc90ff368927c55bc1142ea94b0ce8559. Reason: Sphynx still uses this. Change-Id: I01021415466cc1434994901205880c59fa9aa395 --- core/Makefile | 55 +++++++++++++++++++++++++++++++++--- core/config.mk | 2 ++ core/product.mk | 1 + target/product/vboot.mk | 25 ++++++++++++++++ tools/releasetools/common.py | 29 ++++++++++++++++++- 5 files changed, 107 insertions(+), 5 deletions(-) create mode 100644 target/product/vboot.mk diff --git a/core/Makefile b/core/Makefile index 50bb5ab329..20db3443c8 100644 --- a/core/Makefile +++ b/core/Makefile @@ -1462,7 +1462,30 @@ bootimage-nodeps: $(MKBOOTIMG) $(AVBTOOL) $(BOARD_AVB_BOOT_KEY_PATH) @echo "make $@: ignoring dependencies" $(foreach b,$(INSTALLED_BOOTIMAGE_TARGET),$(call build_boot_board_avb_enabled,$(b))) -else # BOARD_AVB_ENABLE != true +else ifeq (true,$(PRODUCT_SUPPORTS_VBOOT)) # BOARD_AVB_ENABLE != true + +# $1: boot image target +define build_boot_supports_vboot + $(MKBOOTIMG) --kernel $(call bootimage-to-kernel,$(1)) $(INTERNAL_BOOTIMAGE_ARGS) $(INTERNAL_MKBOOTIMG_VERSION_ARGS) $(BOARD_MKBOOTIMG_ARGS) --output $(1).unsigned + $(VBOOT_SIGNER) $(FUTILITY) $(1).unsigned $(PRODUCT_VBOOT_SIGNING_KEY).vbpubk $(PRODUCT_VBOOT_SIGNING_KEY).vbprivk $(PRODUCT_VBOOT_SIGNING_SUBKEY).vbprivk $(1).keyblock $(1) + $(call assert-max-image-size,$(1),$(call get-bootimage-partition-size,$(1),boot)) +endef + +$(INSTALLED_BOOTIMAGE_TARGET): $(MKBOOTIMG) $(INTERNAL_BOOTIMAGE_FILES) $(VBOOT_SIGNER) $(FUTILITY) $(BOOTIMAGE_EXTRA_DEPS) + $(call pretty,"Target boot image: $@") + $(call build_boot_supports_vboot,$@) + +$(call declare-container-license-metadata,$(INSTALLED_BOOTIMAGE_TARGET),SPDX-license-identifier-GPL-2.0-only SPDX-license-identifier-Apache-2.0,restricted notice,$(BUILD_SYSTEM)/LINUX_KERNEL_COPYING build/soong/licenses/LICENSE,"Boot Image",boot) +$(call declare-container-license-deps,$(INSTALLED_BOOTIMAGE_TARGET),$(INTERNAL_BOOTIMAGE_FILES),$(PRODUCT_OUT)/:/) + +UNMOUNTED_NOTICE_VENDOR_DEPS += $(INSTALLED_BOOTIMAGE_TARGET) + +.PHONY: bootimage-nodeps +bootimage-nodeps: $(MKBOOTIMG) $(VBOOT_SIGNER) $(FUTILITY) + @echo "make $@: ignoring dependencies" + $(foreach b,$(INSTALLED_BOOTIMAGE_TARGET),$(call build_boot_supports_vboot,$(b))) + +else # PRODUCT_SUPPORTS_VBOOT != true # $1: boot image target define build_boot_novboot @@ -2336,6 +2359,11 @@ $(if $(PRODUCT_SYSTEM_EXT_VERITY_PARTITION),$(hide) echo "system_ext_verity_bloc $(if $(PRODUCT_VENDOR_DLKM_VERITY_PARTITION),$(hide) echo "vendor_dlkm_verity_block_device=$(PRODUCT_VENDOR_DLKM_VERITY_PARTITION)" >> $(1)) $(if $(PRODUCT_ODM_DLKM_VERITY_PARTITION),$(hide) echo "odm_dlkm_verity_block_device=$(PRODUCT_ODM_DLKM_VERITY_PARTITION)" >> $(1)) $(if $(PRODUCT_SYSTEM_DLKM_VERITY_PARTITION),$(hide) echo "system_dlkm_verity_block_device=$(PRODUCT_SYSTEM_DLKM_VERITY_PARTITION)" >> $(1)) +$(if $(PRODUCT_SUPPORTS_VBOOT),$(hide) echo "vboot=$(PRODUCT_SUPPORTS_VBOOT)" >> $(1)) +$(if $(PRODUCT_SUPPORTS_VBOOT),$(hide) echo "vboot_key=$(PRODUCT_VBOOT_SIGNING_KEY)" >> $(1)) +$(if $(PRODUCT_SUPPORTS_VBOOT),$(hide) echo "vboot_subkey=$(PRODUCT_VBOOT_SIGNING_SUBKEY)" >> $(1)) +$(if $(PRODUCT_SUPPORTS_VBOOT),$(hide) echo "futility=$(notdir $(FUTILITY))" >> $(1)) +$(if $(PRODUCT_SUPPORTS_VBOOT),$(hide) echo "vboot_signer_cmd=$(VBOOT_SIGNER)" >> $(1)) $(if $(BOARD_AVB_ENABLE), \ $(hide) echo "avb_avbtool=$(notdir $(AVBTOOL))" >> $(1)$(newline) \ $(if $(filter $(2),system), \ @@ -2853,9 +2881,15 @@ $(recovery_ramdisk): $(recovery_uncompressed_ramdisk) $(COMPRESSION_COMMAND_DEPS # $(1): output file # $(2): optional kernel file define build-recoveryimage-target - $(MKBOOTIMG) $(if $(strip $(2)),--kernel $(strip $(2))) $(INTERNAL_RECOVERYIMAGE_ARGS) \ - $(INTERNAL_MKBOOTIMG_VERSION_ARGS) \ - $(BOARD_RECOVERY_MKBOOTIMG_ARGS) --output $(1) + $(if $(filter true,$(PRODUCT_SUPPORTS_VBOOT)), \ + $(MKBOOTIMG) $(if $(strip $(2)),--kernel $(strip $(2))) $(INTERNAL_RECOVERYIMAGE_ARGS) \ + $(INTERNAL_MKBOOTIMG_VERSION_ARGS) $(BOARD_RECOVERY_MKBOOTIMG_ARGS) \ + --output $(1).unsigned, \ + $(MKBOOTIMG) $(if $(strip $(2)),--kernel $(strip $(2))) $(INTERNAL_RECOVERYIMAGE_ARGS) \ + $(INTERNAL_MKBOOTIMG_VERSION_ARGS) \ + $(BOARD_RECOVERY_MKBOOTIMG_ARGS) --output $(1)) + $(if $(filter true,$(PRODUCT_SUPPORTS_VBOOT)), \ + $(VBOOT_SIGNER) $(FUTILITY) $(1).unsigned $(PRODUCT_VBOOT_SIGNING_KEY).vbpubk $(PRODUCT_VBOOT_SIGNING_KEY).vbprivk $(PRODUCT_VBOOT_SIGNING_SUBKEY).vbprivk $(1).keyblock $(1)) $(if $(filter true,$(BOARD_USES_RECOVERY_AS_BOOT)), \ $(call assert-max-image-size,$(1),$(call get-hash-image-max-size,$(call get-bootimage-partition-size,$(1),boot))), \ $(call assert-max-image-size,$(1),$(call get-hash-image-max-size,$(BOARD_RECOVERYIMAGE_PARTITION_SIZE)))) @@ -2866,6 +2900,9 @@ define build-recoveryimage-target endef recoveryimage-deps := $(MKBOOTIMG) $(recovery_ramdisk) $(recovery_kernel) +ifeq (true,$(PRODUCT_SUPPORTS_VBOOT)) + recoveryimage-deps += $(VBOOT_SIGNER) +endif ifeq (true,$(BOARD_AVB_ENABLE)) recoveryimage-deps += $(AVBTOOL) $(BOARD_AVB_BOOT_KEY_PATH) endif @@ -5767,6 +5804,12 @@ INTERNAL_OTATOOLS_MODULES += \ resize2fs \ soong_zip \ +ifeq (true,$(PRODUCT_SUPPORTS_VBOOT)) +INTERNAL_OTATOOLS_MODULES += \ + futility-host \ + vboot_signer +endif + INTERNAL_OTATOOLS_FILES := \ $(filter $(HOST_OUT)/%,$(call module-installed-files,$(INTERNAL_OTATOOLS_MODULES))) @@ -5802,6 +5845,10 @@ INTERNAL_OTATOOLS_PACKAGE_FILES += \ $(sort $(shell find external/avb/test/data -type f -name "testkey_*.pem" -o \ -name "atx_metadata.bin")) endif +ifeq (true,$(PRODUCT_SUPPORTS_VBOOT)) +INTERNAL_OTATOOLS_PACKAGE_FILES += \ + $(sort $(shell find external/vboot_reference/tests/devkeys -type f)) +endif INTERNAL_OTATOOLS_RELEASETOOLS := \ $(shell find build/make/tools/releasetools -name "*.pyc" -prune -o \ diff --git a/core/config.mk b/core/config.mk index a02a4b8daa..2c0d1ef722 100644 --- a/core/config.mk +++ b/core/config.mk @@ -736,6 +736,8 @@ APPEND2SIMG := $(HOST_OUT_EXECUTABLES)/append2simg VERITY_SIGNER := $(HOST_OUT_EXECUTABLES)/verity_signer BUILD_VERITY_METADATA := $(HOST_OUT_EXECUTABLES)/build_verity_metadata BUILD_VERITY_TREE := $(HOST_OUT_EXECUTABLES)/build_verity_tree +FUTILITY := $(HOST_OUT_EXECUTABLES)/futility-host +VBOOT_SIGNER := $(HOST_OUT_EXECUTABLES)/vboot_signer DEXDUMP := $(HOST_OUT_EXECUTABLES)/dexdump$(BUILD_EXECUTABLE_SUFFIX) PROFMAN := $(HOST_OUT_EXECUTABLES)/profman diff --git a/core/product.mk b/core/product.mk index e4435821ce..66e0d43de4 100644 --- a/core/product.mk +++ b/core/product.mk @@ -161,6 +161,7 @@ _product_list_vars += PRODUCT_BOOT_JARS_EXTRA # List of jars to be included in the ART boot image for testing. _product_list_vars += PRODUCT_TEST_ONLY_ART_BOOT_IMAGE_JARS +_product_single_value_vars += PRODUCT_SUPPORTS_VBOOT _product_list_vars += PRODUCT_SYSTEM_SERVER_APPS # List of system_server classpath jars on the platform. _product_list_vars += PRODUCT_SYSTEM_SERVER_JARS diff --git a/target/product/vboot.mk b/target/product/vboot.mk new file mode 100644 index 0000000000..48a4883b43 --- /dev/null +++ b/target/product/vboot.mk @@ -0,0 +1,25 @@ +# +# Copyright (C) 2015 The Android Open Source Project +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# + +# Provides dependencies necessary for verified boot + +PRODUCT_SUPPORTS_VBOOT := true + +# The dev key is used to sign boot and recovery images. +# We expect this file to exist with the suffixes ".vbprivk" and ".vbpupk". +# TODO: find a proper location for this +PRODUCT_VBOOT_SIGNING_KEY := external/vboot_reference/tests/devkeys/kernel_data_key +PRODUCT_VBOOT_SIGNING_SUBKEY := external/vboot_reference/tests/devkeys/kernel_subkey diff --git a/tools/releasetools/common.py b/tools/releasetools/common.py index cca82f42ff..2afa3b9af7 100644 --- a/tools/releasetools/common.py +++ b/tools/releasetools/common.py @@ -1820,7 +1820,12 @@ def _BuildBootableImage(image_name, sourcedir, fs_config_file, if has_ramdisk: cmd.extend(["--ramdisk", ramdisk_img.name]) - cmd.extend(["--output", img.name]) + img_unsigned = None + if info_dict.get("vboot"): + img_unsigned = tempfile.NamedTemporaryFile() + cmd.extend(["--output", img_unsigned.name]) + else: + cmd.extend(["--output", img.name]) if partition_name == "recovery": if info_dict.get("include_recovery_dtbo") == "true": @@ -1832,6 +1837,28 @@ def _BuildBootableImage(image_name, sourcedir, fs_config_file, RunAndCheckOutput(cmd) + # Sign the image if vboot is non-empty. + if info_dict.get("vboot"): + path = "/" + partition_name + img_keyblock = tempfile.NamedTemporaryFile() + # We have switched from the prebuilt futility binary to using the tool + # (futility-host) built from the source. Override the setting in the old + # TF.zip. + futility = info_dict["futility"] + if futility.startswith("prebuilts/"): + futility = "futility-host" + cmd = [info_dict["vboot_signer_cmd"], futility, + img_unsigned.name, info_dict["vboot_key"] + ".vbpubk", + info_dict["vboot_key"] + ".vbprivk", + info_dict["vboot_subkey"] + ".vbprivk", + img_keyblock.name, + img.name] + RunAndCheckOutput(cmd) + + # Clean up the temp files. + img_unsigned.close() + img_keyblock.close() + # AVB: if enabled, calculate and add hash to boot.img or recovery.img. if info_dict.get("avb_enable") == "true": avbtool = info_dict["avb_avbtool"]