diff options
author | Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com> | 2020-03-02 23:27:28 +0000 |
---|---|---|
committer | Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com> | 2020-03-02 23:27:28 +0000 |
commit | 14b4bbc4a214eb8dad5fadf21f4d778b9edddbc2 (patch) | |
tree | 94341519d04946416013ab7c1d5b1ea2c064fe52 | |
parent | 098949fe60aa7518c93ab8fc7260c90ec42a741b (diff) | |
parent | b6145d320cff7356e427727651abd1c444a0e414 (diff) | |
download | build-14b4bbc4a214eb8dad5fadf21f4d778b9edddbc2.tar.gz |
Merge "Uses a per-partition fingerprint for building images and avb_salt." am: b6145d320c
Change-Id: I8ca783cb0252a7b4562952835351aeef141913f9
-rwxr-xr-x | tools/releasetools/add_img_to_target_files.py | 2 | ||||
-rwxr-xr-x | tools/releasetools/build_image.py | 7 | ||||
-rw-r--r-- | tools/releasetools/common.py | 99 | ||||
-rw-r--r-- | tools/releasetools/test_common.py | 68 |
4 files changed, 103 insertions, 73 deletions
diff --git a/tools/releasetools/add_img_to_target_files.py b/tools/releasetools/add_img_to_target_files.py index 8249915ac4..cc05c644a1 100755 --- a/tools/releasetools/add_img_to_target_files.py +++ b/tools/releasetools/add_img_to_target_files.py @@ -338,7 +338,7 @@ def CreateImage(input_dir, info_dict, what, output_file, block_list=None): # Use repeatable ext4 FS UUID and hash_seed UUID (based on partition name and # build fingerprint). build_info = common.BuildInfo(info_dict) - uuid_seed = what + "-" + build_info.fingerprint + uuid_seed = what + "-" + build_info.GetPartitionFingerprint(what) image_props["uuid"] = str(uuid.uuid5(uuid.NAMESPACE_URL, uuid_seed)) hash_seed = "hash_seed-" + uuid_seed image_props["hash_seed"] = str(uuid.uuid5(uuid.NAMESPACE_URL, hash_seed)) diff --git a/tools/releasetools/build_image.py b/tools/releasetools/build_image.py index ed9183e193..54bb857ac1 100755 --- a/tools/releasetools/build_image.py +++ b/tools/releasetools/build_image.py @@ -540,7 +540,6 @@ def ImagePropFromGlobalDict(glob_dict, mount_point): "verity_disable", "avb_enable", "avb_avbtool", - "avb_salt", "use_dynamic_partition_size", ) for p in common_props: @@ -553,6 +552,7 @@ def ImagePropFromGlobalDict(glob_dict, mount_point): "avb_add_hashtree_footer_args") copy_prop("avb_system_key_path", "avb_key_path") copy_prop("avb_system_algorithm", "avb_algorithm") + copy_prop("avb_system_salt", "avb_salt") copy_prop("fs_type", "fs_type") # Copy the generic system fs type first, override with specific one if # available. @@ -584,6 +584,7 @@ def ImagePropFromGlobalDict(glob_dict, mount_point): "avb_add_hashtree_footer_args") copy_prop("avb_system_other_key_path", "avb_key_path") copy_prop("avb_system_other_algorithm", "avb_algorithm") + copy_prop("avb_system_other_salt", "avb_salt") copy_prop("fs_type", "fs_type") copy_prop("system_fs_type", "fs_type") copy_prop("system_other_size", "partition_size") @@ -619,6 +620,7 @@ def ImagePropFromGlobalDict(glob_dict, mount_point): "avb_add_hashtree_footer_args") copy_prop("avb_vendor_key_path", "avb_key_path") copy_prop("avb_vendor_algorithm", "avb_algorithm") + copy_prop("avb_vendor_salt", "avb_salt") copy_prop("vendor_fs_type", "fs_type") copy_prop("vendor_size", "partition_size") if not copy_prop("vendor_journal_size", "journal_size"): @@ -641,6 +643,7 @@ def ImagePropFromGlobalDict(glob_dict, mount_point): "avb_add_hashtree_footer_args") copy_prop("avb_product_key_path", "avb_key_path") copy_prop("avb_product_algorithm", "avb_algorithm") + copy_prop("avb_product_salt", "avb_salt") copy_prop("product_fs_type", "fs_type") copy_prop("product_size", "partition_size") if not copy_prop("product_journal_size", "journal_size"): @@ -663,6 +666,7 @@ def ImagePropFromGlobalDict(glob_dict, mount_point): "avb_add_hashtree_footer_args") copy_prop("avb_system_ext_key_path", "avb_key_path") copy_prop("avb_system_ext_algorithm", "avb_algorithm") + copy_prop("avb_system_ext_salt", "avb_salt") copy_prop("system_ext_fs_type", "fs_type") copy_prop("system_ext_size", "partition_size") if not copy_prop("system_ext_journal_size", "journal_size"): @@ -687,6 +691,7 @@ def ImagePropFromGlobalDict(glob_dict, mount_point): "avb_add_hashtree_footer_args") copy_prop("avb_odm_key_path", "avb_key_path") copy_prop("avb_odm_algorithm", "avb_algorithm") + copy_prop("avb_odm_salt", "avb_salt") copy_prop("odm_fs_type", "fs_type") copy_prop("odm_size", "partition_size") if not copy_prop("odm_journal_size", "journal_size"): diff --git a/tools/releasetools/common.py b/tools/releasetools/common.py index 2e235ee9aa..3276b297e4 100644 --- a/tools/releasetools/common.py +++ b/tools/releasetools/common.py @@ -319,7 +319,7 @@ class BuildInfo(object): OEM-specific properties, some of them will be calculated from two info dicts. Users can query properties similarly as using a dict() (e.g. info['fstab']), - or to query build properties via GetBuildProp() or GetVendorBuildProp(). + or to query build properties via GetBuildProp() or GetPartitionBuildProp(). Attributes: info_dict: The build-time info dict. @@ -362,16 +362,31 @@ class BuildInfo(object): if self._oem_props: assert oem_dicts, "OEM source required for this build" + def check_fingerprint(fingerprint): + if (" " in fingerprint or any(ord(ch) > 127 for ch in fingerprint)): + raise ValueError( + 'Invalid build fingerprint: "{}". See the requirement in Android CDD ' + "3.2.2. Build Parameters.".format(fingerprint)) + + + self._partition_fingerprints = {} + for partition in PARTITIONS_WITH_CARE_MAP: + try: + fingerprint = self.CalculatePartitionFingerprint(partition) + check_fingerprint(fingerprint) + self._partition_fingerprints[partition] = fingerprint + except ExternalError: + continue + if "system" in self._partition_fingerprints: + # system_other is not included in PARTITIONS_WITH_CARE_MAP, but does + # need a fingerprint when creating the image. + self._partition_fingerprints[ + "system_other"] = self._partition_fingerprints["system"] + # These two should be computed only after setting self._oem_props. self._device = self.GetOemProperty("ro.product.device") self._fingerprint = self.CalculateFingerprint() - - # Sanity check the build fingerprint. - if (' ' in self._fingerprint or - any(ord(ch) > 127 for ch in self._fingerprint)): - raise ValueError( - 'Invalid build fingerprint: "{}". See the requirement in Android CDD ' - '3.2.2. Build Parameters.'.format(self._fingerprint)) + check_fingerprint(self._fingerprint) @property def is_ab(self): @@ -386,28 +401,6 @@ class BuildInfo(object): return self._fingerprint @property - def vendor_fingerprint(self): - return self._fingerprint_of("vendor") - - @property - def product_fingerprint(self): - return self._fingerprint_of("product") - - @property - def odm_fingerprint(self): - return self._fingerprint_of("odm") - - def _fingerprint_of(self, partition): - if partition + ".build.prop" not in self.info_dict: - return None - build_prop = self.info_dict[partition + ".build.prop"] - if "ro." + partition + ".build.fingerprint" in build_prop: - return build_prop["ro." + partition + ".build.fingerprint"] - if "ro." + partition + ".build.thumbprint" in build_prop: - return build_prop["ro." + partition + ".build.thumbprint"] - return None - - @property def oem_props(self): return self._oem_props @@ -423,8 +416,22 @@ class BuildInfo(object): def items(self): return self.info_dict.items() + def GetPartitionBuildProp(self, prop, partition): + """Returns the inquired build property for the provided partition.""" + # If provided a partition for this property, only look within that + # partition's build.prop. + if prop in BuildInfo._RO_PRODUCT_RESOLVE_PROPS: + prop = prop.replace("ro.product", "ro.product.{}".format(partition)) + else: + prop = prop.replace("ro.", "ro.{}.".format(partition)) + try: + return self.info_dict.get("{}.build.prop".format(partition), {})[prop] + except KeyError: + raise ExternalError("couldn't find %s in %s.build.prop" % + (prop, partition)) + def GetBuildProp(self, prop): - """Returns the inquired build property.""" + """Returns the inquired build property from the standard build.prop file.""" if prop in BuildInfo._RO_PRODUCT_RESOLVE_PROPS: return self._ResolveRoProductBuildProp(prop) @@ -462,19 +469,28 @@ class BuildInfo(object): raise ExternalError("couldn't resolve {}".format(prop)) - def GetVendorBuildProp(self, prop): - """Returns the inquired vendor build property.""" - try: - return self.info_dict.get("vendor.build.prop", {})[prop] - except KeyError: - raise ExternalError( - "couldn't find %s in vendor.build.prop" % (prop,)) - def GetOemProperty(self, key): if self.oem_props is not None and key in self.oem_props: return self.oem_dicts[0][key] return self.GetBuildProp(key) + def GetPartitionFingerprint(self, partition): + return self._partition_fingerprints.get(partition, None) + + def CalculatePartitionFingerprint(self, partition): + try: + return self.GetPartitionBuildProp("ro.build.fingerprint", partition) + except ExternalError: + return "{}/{}/{}:{}/{}/{}:{}/{}".format( + self.GetPartitionBuildProp("ro.product.brand", partition), + self.GetPartitionBuildProp("ro.product.name", partition), + self.GetPartitionBuildProp("ro.product.device", partition), + self.GetPartitionBuildProp("ro.build.version.release", partition), + self.GetPartitionBuildProp("ro.build.id", partition), + self.GetPartitionBuildProp("ro.build.version.incremental", partition), + self.GetPartitionBuildProp("ro.build.type", partition), + self.GetPartitionBuildProp("ro.build.tags", partition)) + def CalculateFingerprint(self): if self.oem_props is None: try: @@ -644,7 +660,10 @@ def LoadInfoDict(input_file, repacking=False): # hash / hashtree footers. if d.get("avb_enable") == "true": build_info = BuildInfo(d) - d["avb_salt"] = sha256(build_info.fingerprint).hexdigest() + for partition in PARTITIONS_WITH_CARE_MAP: + fingerprint = build_info.GetPartitionFingerprint(partition) + if fingerprint: + d["avb_{}_salt".format(partition)] = sha256(fingerprint).hexdigest() return d diff --git a/tools/releasetools/test_common.py b/tools/releasetools/test_common.py index 53b5b76bdd..da9216369e 100644 --- a/tools/releasetools/test_common.py +++ b/tools/releasetools/test_common.py @@ -53,8 +53,26 @@ class BuildInfoTest(test_utils.ReleaseToolsTestCase): 'ro.build.fingerprint' : 'build-fingerprint', 'ro.build.foo' : 'build-foo', }, + 'system.build.prop' : { + 'ro.product.system.brand' : 'product-brand', + 'ro.product.system.name' : 'product-name', + 'ro.product.system.device' : 'product-device', + 'ro.system.build.version.release' : 'version-release', + 'ro.system.build.id' : 'build-id', + 'ro.system.build.version.incremental' : 'version-incremental', + 'ro.system.build.type' : 'build-type', + 'ro.system.build.tags' : 'build-tags', + 'ro.system.build.foo' : 'build-foo', + }, 'vendor.build.prop' : { - 'ro.vendor.build.fingerprint' : 'vendor-build-fingerprint', + 'ro.product.vendor.brand' : 'vendor-product-brand', + 'ro.product.vendor.name' : 'vendor-product-name', + 'ro.product.vendor.device' : 'vendor-product-device', + 'ro.vendor.build.version.release' : 'vendor-version-release', + 'ro.vendor.build.id' : 'vendor-build-id', + 'ro.vendor.build.version.incremental' : 'vendor-version-incremental', + 'ro.vendor.build.type' : 'vendor-build-type', + 'ro.vendor.build.tags' : 'vendor-build-tags', }, 'property1' : 'value1', 'property2' : 4096, @@ -186,39 +204,27 @@ class BuildInfoTest(test_utils.ReleaseToolsTestCase): self.assertRaises(common.ExternalError, target_info.GetBuildProp, 'ro.build.nonexistent') - def test_GetVendorBuildProp(self): + def test_GetPartitionFingerprint(self): target_info = common.BuildInfo(self.TEST_INFO_DICT, None) - self.assertEqual('vendor-build-fingerprint', - target_info.GetVendorBuildProp( - 'ro.vendor.build.fingerprint')) - self.assertRaises(common.ExternalError, target_info.GetVendorBuildProp, - 'ro.build.nonexistent') - - def test_GetVendorBuildProp_with_oem_props(self): - target_info = common.BuildInfo(self.TEST_INFO_DICT_USES_OEM_PROPS, - self.TEST_OEM_DICTS) - self.assertEqual('vendor-build-fingerprint', - target_info.GetVendorBuildProp( - 'ro.vendor.build.fingerprint')) - self.assertRaises(common.ExternalError, target_info.GetVendorBuildProp, - 'ro.build.nonexistent') + self.assertEqual( + target_info.GetPartitionFingerprint('vendor'), + 'vendor-product-brand/vendor-product-name/vendor-product-device' + ':vendor-version-release/vendor-build-id/vendor-version-incremental' + ':vendor-build-type/vendor-build-tags') - def test_vendor_fingerprint(self): + def test_GetPartitionFingerprint_system_other_uses_system(self): target_info = common.BuildInfo(self.TEST_INFO_DICT, None) - self.assertEqual('vendor-build-fingerprint', - target_info.vendor_fingerprint) - - def test_vendor_fingerprint_blacklisted(self): - target_info_dict = copy.deepcopy(self.TEST_INFO_DICT_USES_OEM_PROPS) - del target_info_dict['vendor.build.prop']['ro.vendor.build.fingerprint'] - target_info = common.BuildInfo(target_info_dict, self.TEST_OEM_DICTS) - self.assertIsNone(target_info.vendor_fingerprint) - - def test_vendor_fingerprint_without_vendor_build_prop(self): - target_info_dict = copy.deepcopy(self.TEST_INFO_DICT_USES_OEM_PROPS) - del target_info_dict['vendor.build.prop'] - target_info = common.BuildInfo(target_info_dict, self.TEST_OEM_DICTS) - self.assertIsNone(target_info.vendor_fingerprint) + self.assertEqual( + target_info.GetPartitionFingerprint('system_other'), + target_info.GetPartitionFingerprint('system')) + + def test_GetPartitionFingerprint_uses_fingerprint_prop_if_available(self): + info_dict = copy.deepcopy(self.TEST_INFO_DICT) + info_dict['vendor.build.prop']['ro.vendor.build.fingerprint'] = 'vendor:fingerprint' + target_info = common.BuildInfo(info_dict, None) + self.assertEqual( + target_info.GetPartitionFingerprint('vendor'), + 'vendor:fingerprint') def test_WriteMountOemScript(self): target_info = common.BuildInfo(self.TEST_INFO_DICT_USES_OEM_PROPS, |