From 2b6dfd6689e54b537423a223a693ebe9cdd53f84 Mon Sep 17 00:00:00 2001
From: Tao Bao <tbao@google.com>
Date: Wed, 27 Sep 2017 17:17:43 -0700
Subject: [PATCH] Use computed salt for AVB-signed images.

We want the generated images being identical for the same source files.
Currently the generated ext4 image (either from make_ext4fs or mke2fs)
is reproducible, but the AVB footer added by avbtool contain changes
because of the random salt being used.

This CL changes the avbtool invocation to specify "--salt <hexstring>"
(already supported by avbtool) to use reproducible salt that's computed
based on fingerprints (or thumbprints if applicable).

Bug: 67023482
Test: Regenerate images from the same source as follows:
  Use a target_files.zip from an AVB-enabled target.
    $ zip -d target_files.zip IMAGES/\*
    $ ./build/make/tools/releasetools/add_img_to_target_files.py \
          -v target_files.zip
  Repeat the above commands and compare the generated images.
Change-Id: Id9db17ae0132ca3a820b4be5a5ef06ca3fef71ed
(cherry picked from commit 8f05cca1d9989ecb2e5a5d12f1410b6eca8c75b6)
---
 tools/releasetools/add_img_to_target_files.py | 12 ++++++++++++
 tools/releasetools/build_image.py             | 13 +++++++++----
 tools/releasetools/common.py                  |  4 ++++
 3 files changed, 25 insertions(+), 4 deletions(-)

diff --git a/tools/releasetools/add_img_to_target_files.py b/tools/releasetools/add_img_to_target_files.py
index 52d3918926..91213ba59d 100755
--- a/tools/releasetools/add_img_to_target_files.py
+++ b/tools/releasetools/add_img_to_target_files.py
@@ -53,6 +53,7 @@ if sys.hexversion < 0x02070000:
 
 import datetime
 import errno
+import hashlib
 import os
 import shlex
 import shutil
@@ -532,6 +533,17 @@ def AddImagesToTargetFiles(filename):
 
   has_recovery = (OPTIONS.info_dict.get("no_recovery") != "true")
 
+  if OPTIONS.info_dict.get("avb_enable") == "true":
+    fp = None
+    if "build.prop" in OPTIONS.info_dict:
+      build_prop = OPTIONS.info_dict["build.prop"]
+      if "ro.build.fingerprint" in build_prop:
+        fp = build_prop["ro.build.fingerprint"]
+      elif "ro.build.thumbprint" in build_prop:
+        fp = build_prop["ro.build.thumbprint"]
+    if fp:
+      OPTIONS.info_dict["avb_salt"] = hashlib.sha256(fp).hexdigest()
+
   def banner(s):
     print("\n\n++++ " + s + " ++++\n\n")
 
diff --git a/tools/releasetools/build_image.py b/tools/releasetools/build_image.py
index d2c9f59700..94626d7936 100755
--- a/tools/releasetools/build_image.py
+++ b/tools/releasetools/build_image.py
@@ -126,7 +126,7 @@ def AVBCalcMaxImageSize(avbtool, footer_type, partition_size, additional_args):
     return int(output)
 
 def AVBAddFooter(image_path, avbtool, footer_type, partition_size,
-                 partition_name, key_path, algorithm,
+                 partition_name, key_path, algorithm, salt,
                  additional_args):
   """Adds dm-verity hashtree and AVB metadata to an image.
 
@@ -138,6 +138,7 @@ def AVBAddFooter(image_path, avbtool, footer_type, partition_size,
     partition_name: The name of the partition - will be embedded in metadata.
     key_path: Path to key to use or None.
     algorithm: Name of algorithm to use or None.
+    salt: The salt to use (a hexadecimal string) or None.
     additional_args: Additional arguments to pass to 'avbtool
       add_hashtree_image'.
   Returns:
@@ -150,6 +151,8 @@ def AVBAddFooter(image_path, avbtool, footer_type, partition_size,
 
   if key_path and algorithm:
     cmd.extend(["--key", key_path, "--algorithm", algorithm])
+  if salt:
+    cmd.extend(["--salt", salt])
 
   cmd.extend(shlex.split(additional_args))
 
@@ -592,10 +595,11 @@ def BuildImage(in_dir, prop_dict, out_file, target_out=None):
     # key_path and algorithm are only available when chain partition is used.
     key_path = prop_dict.get("avb_key_path")
     algorithm = prop_dict.get("avb_algorithm")
+    salt = prop_dict.get("avb_salt")
     # avb_add_hash_footer_args or avb_add_hashtree_footer_args
     additional_args = prop_dict["avb_add_" + avb_footer_type + "_footer_args"]
     if not AVBAddFooter(out_file, avbtool, avb_footer_type, original_partition_size,
-                        partition_name, key_path, algorithm, additional_args):
+                        partition_name, key_path, algorithm, salt, additional_args):
       return False
 
   if run_fsck and prop_dict.get("skip_fsck") != "true":
@@ -641,8 +645,9 @@ def ImagePropFromGlobalDict(glob_dict, mount_point):
       "verity_signer_cmd",
       "verity_fec",
       "avb_enable",
-      "avb_avbtool"
-      )
+      "avb_avbtool",
+      "avb_salt",
+  )
   for p in common_props:
     copy_prop(p, p)
 
diff --git a/tools/releasetools/common.py b/tools/releasetools/common.py
index 789fefeceb..97261255cf 100644
--- a/tools/releasetools/common.py
+++ b/tools/releasetools/common.py
@@ -353,6 +353,10 @@ def AppendAVBSigningArgs(cmd, partition):
   algorithm = OPTIONS.info_dict.get("avb_" + partition + "_algorithm")
   if key_path and algorithm:
     cmd.extend(["--key", key_path, "--algorithm", algorithm])
+  avb_salt = OPTIONS.info_dict.get("avb_salt")
+  # make_vbmeta_image doesn't like "--salt" (and it's not needed).
+  if avb_salt and partition != "vbmeta":
+    cmd.extend(["--salt", avb_salt])
 
 
 def _BuildBootableImage(sourcedir, fs_config_file, info_dict=None,