diff options
author | Bowgo Tsai | 2018-08-31 08:40:10 -0500 |
---|---|---|
committer | Bowgo Tsai | 2018-09-05 20:41:42 -0500 |
commit | 9d28638cfcac11b3955873674ba119d4d0c995b7 (patch) | |
tree | a8ecc73d7dd8473e67bcb663b1549b5efebc9c61 /target/board/BoardConfigEmuCommon.mk | |
parent | 99ed1b4fbd5124f344a95a05a1f69e9a93b9d0dd (diff) | |
download | platform-build-9d28638cfcac11b3955873674ba119d4d0c995b7.tar.gz platform-build-9d28638cfcac11b3955873674ba119d4d0c995b7.tar.xz platform-build-9d28638cfcac11b3955873674ba119d4d0c995b7.zip |
Enable AVB signing on GSI
In current GSI builds, AVB signing is not allowed.
We should allow signing GSI image, while building a vbmeta.img with
AVB_VBMETA_IMAGE_FLAGS_VERIFICATION_DISABLED (flag 2).
When need to disable AVB, use the vbmeta.img above together with the
GSI. When need enable AVB on GSI, include the GSI public key into the
device-specific vbmeta.img. Note that GSI is a chain partition so the
keys used to sign GSI and vbmeta.img are different.
Bug: 112293933
Test: build aosp_arm64-userdebug, checks flag 2 is set in vbmeta.img
and there is AVB HASHTREE in system.img
`avbtool info_image --image $OUT/system.img`
`avbtool info_image --image $OUT/vbmeta.img`
Change-Id: If1eff317621882994e7dcbf37cd35f5bfa16b69a
Diffstat (limited to 'target/board/BoardConfigEmuCommon.mk')
-rw-r--r-- | target/board/BoardConfigEmuCommon.mk | 5 |
1 files changed, 3 insertions, 2 deletions
diff --git a/target/board/BoardConfigEmuCommon.mk b/target/board/BoardConfigEmuCommon.mk index ca2176c73..a1d5cde0d 100644 --- a/target/board/BoardConfigEmuCommon.mk +++ b/target/board/BoardConfigEmuCommon.mk | |||
@@ -28,8 +28,9 @@ USE_OPENGL_RENDERER := true | |||
28 | TARGET_COPY_OUT_VENDOR := vendor | 28 | TARGET_COPY_OUT_VENDOR := vendor |
29 | 29 | ||
30 | # ~100 MB vendor image. Please adjust system image / vendor image sizes | 30 | # ~100 MB vendor image. Please adjust system image / vendor image sizes |
31 | # when finalizing them. | 31 | # when finalizing them. The partition size needs to be a multiple of image |
32 | BOARD_VENDORIMAGE_PARTITION_SIZE := 100000000 | 32 | # block size: 4096. |
33 | BOARD_VENDORIMAGE_PARTITION_SIZE := 100003840 | ||
33 | BOARD_VENDORIMAGE_FILE_SYSTEM_TYPE := ext4 | 34 | BOARD_VENDORIMAGE_FILE_SYSTEM_TYPE := ext4 |
34 | BOARD_FLASH_BLOCK_SIZE := 512 | 35 | BOARD_FLASH_BLOCK_SIZE := 512 |
35 | DEVICE_MATRIX_FILE := device/generic/goldfish/compatibility_matrix.xml | 36 | DEVICE_MATRIX_FILE := device/generic/goldfish/compatibility_matrix.xml |