-
Notifications
You must be signed in to change notification settings - Fork 0
/
avb_boot_img.bzl
84 lines (74 loc) · 2.36 KB
/
avb_boot_img.bzl
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
load("//build/kernel/kleaf:hermetic_tools.bzl", "hermetic_toolchain")
def sign_boot_img(ctx):
inputs = []
inputs += ctx.files.artifacts
inputs += ctx.files.avbtool
inputs += ctx.files.key
outputs = ctx.actions.declare_file("{}/boot.img".format(ctx.label.name))
hermetic_tools = hermetic_toolchain.get(ctx)
for artifact in ctx.files.artifacts:
if artifact.basename == "boot.img":
boot_img = artifact
break
if not boot_img:
fail("artifacts must include file named \"boot.img\"")
proplist = " ".join(["--prop {}".format(x) for x in ctx.attr.props])
command = hermetic_tools.setup
command += """
cp {boot_img} {boot_dir}/{boot_name}
{tool} add_hash_footer --image {boot_dir}/{boot_name} --algorithm SHA256_RSA4096 \
--key {key} --partition_size {boot_partition_size} --partition_name boot \
{proplist}
""".format(
boot_img = boot_img.path,
tool = ctx.file.avbtool.path,
key = ctx.file.key.path,
boot_dir = outputs.dirname,
boot_name = outputs.basename,
boot_partition_size = ctx.attr.boot_partition_size,
proplist = proplist,
)
ctx.actions.run_shell(
mnemonic = "SignBootImg",
inputs = inputs,
outputs = [outputs],
command = command,
tools = hermetic_tools.deps,
progress_message = "Signing boot image from artifacts",
)
return [
DefaultInfo(
files = depset([outputs]),
),
]
avb_sign_boot_image = rule(
implementation = sign_boot_img,
doc = "Sign the boot image present in artifacts",
attrs = {
"artifacts": attr.label(
mandatory = True,
allow_files = True,
),
"avbtool": attr.label(
mandatory = True,
allow_single_file = True,
),
"key": attr.label(
mandatory = True,
allow_single_file = True,
),
"boot_partition_size": attr.int(
mandatory = False,
default = 0x6000000, # bytes, = 98304 kb
doc = "Final size of boot.img desired",
),
"props": attr.string_list(
mandatory = True,
allow_empty = False,
doc = "List of key:value pairs",
),
},
toolchains = [
hermetic_toolchain.type,
],
)