Merge "AVB and selinux support in partitions" into main

android/variable.go

@@ -514,6 +514,12 @@ type PartitionVariables struct {
 		ProductBaseFsPath           string `json:",omitempty"`
 		ProductHeadroom             string `json:",omitempty"`
 		ProductVerityPartition      string `json:",omitempty"`
+
+		BoardAvbAddHashtreeFooterArgs string `json:",omitempty"`
+		BoardAvbKeyPath               string `json:",omitempty"`
+		BoardAvbAlgorithm             string `json:",omitempty"`
+		BoardAvbRollbackIndex         string `json:",omitempty"`
+		BoardAvbRollbackIndexLocation string `json:",omitempty"`
 	}
 	TargetUserimagesUseExt2 bool `json:",omitempty"`
 	TargetUserimagesUseExt3 bool `json:",omitempty"`
@@ -536,6 +542,8 @@ type PartitionVariables struct {
 	BoardBuildGkiBootImageWithoutRamdisk bool   `json:",omitempty"`
 	ProductUseDynamicPartitionSize       bool   `json:",omitempty"`
 	CopyImagesForTargetFilesZip          bool   `json:",omitempty"`
+
+	BoardAvbEnable bool `json:",omitempty"`
 }
 
 func boolPtr(v bool) *bool {

bp2build/bp2build_product_config.go

@@ -337,6 +337,8 @@ func platformMappingSingleProduct(
 		result.WriteString(fmt.Sprintf("    --//build/bazel/product_config:manifest_package_name_overrides=%s\n", strings.Join(productVariables.ManifestPackageNameOverrides, ",")))
 		result.WriteString(fmt.Sprintf("    --//build/bazel/product_config:native_coverage=%t\n", proptools.Bool(productVariables.Native_coverage)))
 		result.WriteString(fmt.Sprintf("    --//build/bazel/product_config:platform_sdk_final=%t\n", proptools.Bool(productVariables.Platform_sdk_final)))
+		result.WriteString(fmt.Sprintf("    --//build/bazel/product_config:platform_security_patch=%s\n", proptools.String(productVariables.Platform_security_patch)))
+		result.WriteString(fmt.Sprintf("    --//build/bazel/product_config:platform_version_last_stable=%s\n", proptools.String(productVariables.Platform_version_last_stable)))
 		result.WriteString(fmt.Sprintf("    --//build/bazel/product_config:platform_version_name=%s\n", proptools.String(productVariables.Platform_version_name)))
 		result.WriteString(fmt.Sprintf("    --//build/bazel/product_config:product_brand=%s\n", productVariables.ProductBrand))
 		result.WriteString(fmt.Sprintf("    --//build/bazel/product_config:product_manufacturer=%s\n", productVariables.ProductManufacturer))
@@ -478,6 +480,7 @@ func starlarkMapToProductVariables(in map[string]starlark.Value) (android.Produc
 
 func createTargets(productLabelsToVariables map[bazelLabel]*android.ProductVariables, res map[string]BazelTargets) {
 	createGeneratedAndroidCertificateDirectories(productLabelsToVariables, res)
+	createAvbKeyFilegroups(productLabelsToVariables, res)
 	for label, variables := range productLabelsToVariables {
 		createSystemPartition(label, &variables.PartitionVarsForBazelMigrationOnlyDoNotUse, res)
 	}
@@ -512,10 +515,39 @@ func createGeneratedAndroidCertificateDirectories(productLabelsToVariables map[b
 	}
 }
 
+func createAvbKeyFilegroups(productLabelsToVariables map[bazelLabel]*android.ProductVariables, targets map[string]BazelTargets) {
+	var allAvbKeys []string
+	for _, productVariables := range productLabelsToVariables {
+		for _, partitionVariables := range productVariables.PartitionVarsForBazelMigrationOnlyDoNotUse.PartitionQualifiedVariables {
+			if partitionVariables.BoardAvbKeyPath != "" {
+				if !android.InList(partitionVariables.BoardAvbKeyPath, allAvbKeys) {
+					allAvbKeys = append(allAvbKeys, partitionVariables.BoardAvbKeyPath)
+				}
+			}
+		}
+	}
+	for _, key := range allAvbKeys {
+		dir := filepath.Dir(key)
+		name := filepath.Base(key)
+		content := fmt.Sprintf(`filegroup(
+    name = "%s_filegroup",
+    srcs = ["%s"],
+    visibility = ["//visibility:public"],
+)`, name, name)
+		targets[dir] = append(targets[dir], BazelTarget{
+			name:        name + "_filegroup",
+			packageName: dir,
+			content:     content,
+			ruleClass:   "filegroup",
+		})
+	}
+}
+
 func createSystemPartition(platformLabel bazelLabel, variables *android.PartitionVariables, targets map[string]BazelTargets) {
 	if !variables.PartitionQualifiedVariables["system"].BuildingImage {
 		return
 	}
+	qualifiedVariables := variables.PartitionQualifiedVariables["system"]
 
 	imageProps := generateImagePropDictionary(variables, "system")
 	imageProps["skip_fsck"] = "true"
@@ -528,6 +560,19 @@ func createSystemPartition(platformLabel bazelLabel, variables *android.Partitio
 		properties.WriteRune('\n')
 	}
 
+	var extraProperties strings.Builder
+	if variables.BoardAvbEnable {
+		extraProperties.WriteString("    avb_enable = True,\n")
+		extraProperties.WriteString(fmt.Sprintf("    avb_add_hashtree_footer_args = %q,\n", qualifiedVariables.BoardAvbAddHashtreeFooterArgs))
+		keypath := qualifiedVariables.BoardAvbKeyPath
+		if keypath != "" {
+			extraProperties.WriteString(fmt.Sprintf("    avb_key = \"//%s:%s\",\n", filepath.Dir(keypath), filepath.Base(keypath)+"_filegroup"))
+			extraProperties.WriteString(fmt.Sprintf("    avb_algorithm = %q,\n", qualifiedVariables.BoardAvbAlgorithm))
+			extraProperties.WriteString(fmt.Sprintf("    avb_rollback_index = %s,\n", qualifiedVariables.BoardAvbRollbackIndex))
+			extraProperties.WriteString(fmt.Sprintf("    avb_rollback_index_location = %s,\n", qualifiedVariables.BoardAvbRollbackIndexLocation))
+		}
+	}
+
 	targets[platformLabel.pkg] = append(targets[platformLabel.pkg], BazelTarget{
 		name:        "system_image",
 		packageName: platformLabel.pkg,
@@ -536,11 +581,13 @@ func createSystemPartition(platformLabel bazelLabel, variables *android.Partitio
     base_staging_dir = "//build/bazel/bazel_sandwich:system_staging_dir",
     base_staging_dir_file_list = "//build/bazel/bazel_sandwich:system_staging_dir_file_list",
     root_dir = "//build/bazel/bazel_sandwich:root_staging_dir",
+    selinux_file_contexts = "//build/bazel/bazel_sandwich:selinux_file_contexts",
     image_properties = """
 %s
 """,
+%s
     type = "system",
-)`, properties.String()),
+)`, properties.String(), extraProperties.String()),
 		ruleClass: "partition",
 		loads: []BazelLoad{{
 			file: "//build/bazel/rules/partitions:partition.bzl",