Avoid signing debuggable boot-debug.img

The boot-debug.img should NOT be release signed and can only be used
if the device is unlocked. Adding a check to prevent the tool from
signing this debuggable boot.img.

See the following for more details about boot-debug.img:

  https://android-review.googlesource.com/c/platform/build/+/947857

Bug: 126493225
Test: put a file /force_debuggable into boot.img, checks the following
      command fails:
        ./build/tools/releasetools/sign_target_files_apks \
        out/dist/*-target_files-*.zip signed-target_files.zip
Change-Id: Ia5232949cb9582d2b4eaa171d9e9f3fe7317d418
Merged-In: Ia5232949cb9582d2b4eaa171d9e9f3fe7317d418
(cherry picked from commit 78369ebbc1)

tools/releasetools/sign_target_files_apks.py

@@ -602,6 +602,13 @@ def ProcessTargetFiles(input_tf_zip, output_tf_zip, misc_info,
         print("    Rewriting AVB public key of system_other in /product")
         common.ZipWrite(output_tf_zip, public_key, filename)
 
+    # Should NOT sign boot-debug.img.
+    elif filename in (
+        "BOOT/RAMDISK/force_debuggable",
+        "RECOVERY/RAMDISK/force_debuggable"
+        "RECOVERY/RAMDISK/first_stage_ramdisk/force_debuggable"):
+      raise common.ExternalError("debuggable boot.img cannot be signed")
+
     # A non-APK file; copy it verbatim.
     else:
       common.ZipWriteStr(output_tf_zip, out_info, data)