From a30e450ba08c0ecbd0c559618dc57e26d479e4cb Mon Sep 17 00:00:00 2001 From: Seungjae Yoo Date: Thu, 9 Nov 2023 14:55:44 +0900 Subject: [PATCH] Add security_patch avb property for android_filesystem If android_filesystem module is used with use_avb, defined security_patch for the rollback protection. Bug: 285855436 Test: m Test: avbtool info_image --image Change-Id: I32c6108bb1aca398ced5e46b615d937685e261a7 --- filesystem/filesystem.go | 7 +++++-- 1 file changed, 5 insertions(+), 2 deletions(-) diff --git a/filesystem/filesystem.go b/filesystem/filesystem.go index f2efd463f..3d491145b 100644 --- a/filesystem/filesystem.go +++ b/filesystem/filesystem.go @@ -350,13 +350,16 @@ func (f *filesystem) buildPropFile(ctx android.ModuleContext) (propFile android. addStr("avb_algorithm", algorithm) key := android.PathForModuleSrc(ctx, proptools.String(f.properties.Avb_private_key)) addPath("avb_key_path", key) + partitionName := proptools.StringDefault(f.properties.Partition_name, f.Name()) + addStr("partition_name", partitionName) avb_add_hashtree_footer_args := "--do_not_generate_fec" if hashAlgorithm := proptools.String(f.properties.Avb_hash_algorithm); hashAlgorithm != "" { avb_add_hashtree_footer_args += " --hash_algorithm " + hashAlgorithm } + securityPatchKey := "com.android.build." + partitionName + ".security_patch" + securityPatchValue := ctx.Config().PlatformSecurityPatch() + avb_add_hashtree_footer_args += " --prop " + securityPatchKey + ":" + securityPatchValue addStr("avb_add_hashtree_footer_args", avb_add_hashtree_footer_args) - partitionName := proptools.StringDefault(f.properties.Partition_name, f.Name()) - addStr("partition_name", partitionName) addStr("avb_salt", f.salt()) }