StrixOS/build
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Make room for AVB hashtree and metadata.

Browse Source 
While the system.img images currently built with AVB support verify
correctly, mounting the filesystem content fails. This is because
'avbtool add_hashtree_footer' used to claim some of the unused /
DONT_CARE space for stashing the verity tables and this resulting in the
mapped device ending up being smaller causing the mount failure.

Fix this by leaving enough room for AVB hashtree and metadata before
building the image. This is achieved by moving the AVB hashtree support
into build_image.py and using a just added '--calc_max_image_size'
option to 'avbtool add_hashtree_footer' to figure out how much space to
leave out.

This depends on https://android-review.googlesource.com/#/c/281821/

Bug: 31264226
Test: Mounting dm-verity set up from system.img now works.

Merged-In: I4c5de1004c1059f8c582e76b3b8517d427aa1a87

Change-Id: I945a5f1f6782791736cd319f216cfa6b448fb04d
This commit is contained in:
David Zeuthen
2016-09-30 17:29:22 -04:00
parent 0a5b59e78b
commit 4014a9daa7
3 changed files with 83 additions and 26 deletions
Download Patch File Download Diff File Expand all files Collapse all files

17
tools/releasetools/add_img_to_target_files.py
View File

@@ -96,23 +96,6 @@ def AddSystem(output_zip, prefix="IMAGES/", recovery_img=None, boot_img=None):
imgname = BuildSystem(OPTIONS.input_tmp, OPTIONS.info_dict,
block_list=block_list)
# AVB: if enabled, calculate and add dm-verity integrity hashes and
# metadata to system.img.
if OPTIONS.info_dict.get("board_avb_enable", None) == "true":
avbtool = os.getenv('AVBTOOL') or "avbtool"
part_size = OPTIONS.info_dict.get("system_size", None)
cmd = [avbtool, "add_hashtree_footer", "--image", imgname,
"--partition_size", str(part_size), "--partition_name", "system"]
common.AppendAVBSigningArgs(cmd)
args = OPTIONS.info_dict.get("board_avb_system_add_hashtree_footer_args",
None)
if args and args.strip():
cmd.extend(shlex.split(args))
p = common.Run(cmd, stdout=subprocess.PIPE)
p.communicate()
assert p.returncode == 0, "avbtool add_hashtree_footer of %s failed" % (
os.path.basename(OPTIONS.input_tmp))
common.ZipWrite(output_zip, imgname, prefix + "system.img")
common.ZipWrite(output_zip, block_list, prefix + "system.map")
return imgname