diff options
| author | Ying Wang <wangying@google.com> | 2015-03-20 17:43:02 -0700 |
|---|---|---|
| committer | Ying Wang <wangying@google.com> | 2015-03-23 10:04:56 -0700 |
| commit | 7d51a4029590b58e22071eed919d59a0ff205bef (patch) | |
| tree | 57a1d2479686086a90a8aed6008a4c3d9ef3c275 | |
| parent | 52f8c6c8f0ca934278e3b91f9a43e47b09350819 (diff) | |
| download | build-7d51a4029590b58e22071eed919d59a0ff205bef.zip build-7d51a4029590b58e22071eed919d59a0ff205bef.tar.gz build-7d51a4029590b58e22071eed919d59a0ff205bef.tar.bz2 | |
Add selinux and verity support to custom image generation.
New custom image configuration variables:
- CUSTOM_IMAGE_SELINUX, set to "true" if the image supports selinux.
- CUSTOM_IMAGE_SUPPORT_VERITY, set to "true" if the product supports verity.
- CUSTOM_IMAGE_VERITY_BLOCK_DEVICE
Also changed the staging directory name to the mount point, like we do
for other images built by the build system.
Bug: 19609718
Change-Id: I6bbf06b79eee63e4c77834f2e6f1d5a7f7e00a12
| -rw-r--r-- | core/tasks/build_custom_images.mk | 6 | ||||
| -rw-r--r-- | core/tasks/tools/build_custom_image.mk | 14 |
2 files changed, 18 insertions, 2 deletions
diff --git a/core/tasks/build_custom_images.mk b/core/tasks/build_custom_images.mk index 263b81a..8ebf89b 100644 --- a/core/tasks/build_custom_images.mk +++ b/core/tasks/build_custom_images.mk @@ -34,6 +34,9 @@ # module's LOCAL_PICKUP_FILES. # - CUSTOM_IMAGE_COPY_FILES, a list of "<src>:<dest>" to be copied to the # image. <dest> is relativ to the root of the image. +# - CUSTOM_IMAGE_SELINUX, set to "true" if the image supports selinux. +# - CUSTOM_IMAGE_SUPPORT_VERITY, set to "true" if the product supports verity. +# - CUSTOM_IMAGE_VERITY_BLOCK_DEVICE # # To build all those images, run "make custom_images". @@ -48,6 +51,9 @@ custom_image_parameter_variables := \ CUSTOM_IMAGE_DICT_FILE \ CUSTOM_IMAGE_MODULES \ CUSTOM_IMAGE_COPY_FILES \ + CUSTOM_IMAGE_SELINUX \ + CUSTOM_IMAGE_SUPPORT_VERITY \ + CUSTOM_IMAGE_VERITY_BLOCK_DEVICE \ # We don't expect product makefile to inherit/override PRODUCT_CUSTOM_IMAGE_MAKEFILES, # so we don't put it in the _product_var_list. diff --git a/core/tasks/tools/build_custom_image.mk b/core/tasks/tools/build_custom_image.mk index fa9cda2..e59ed42 100644 --- a/core/tasks/tools/build_custom_image.mk +++ b/core/tasks/tools/build_custom_image.mk @@ -26,7 +26,7 @@ my_custom_image_name := $(basename $(notdir $(my_custom_imag_makefile))) intermediates := $(call intermediates-dir-for,PACKAGING,$(my_custom_image_name)) my_built_custom_image := $(intermediates)/$(my_custom_image_name).img -my_staging_dir := $(intermediates)/$(my_custom_image_name) +my_staging_dir := $(intermediates)/$(CUSTOM_IMAGE_MOUNT_POINT) # Collect CUSTOM_IMAGE_MODULES's installd files and their PICKUP_FILES. my_built_modules := @@ -69,6 +69,10 @@ $(my_built_custom_image): PRIVATE_FILE_SYSTEM_TYPE := $(CUSTOM_IMAGE_FILE_SYSTEM $(my_built_custom_image): PRIVATE_STAGING_DIR := $(my_staging_dir) $(my_built_custom_image): PRIVATE_COPY_PAIRS := $(my_copy_pairs) $(my_built_custom_image): PRIVATE_PICKUP_FILES := $(my_pickup_files) +$(my_built_custom_image): PRIVATE_SELINUX := $(CUSTOM_IMAGE_SELINUX) +$(my_built_custom_image): PRIVATE_SUPPORT_VERITY := $(CUSTOM_IMAGE_SUPPORT_VERITY) +$(my_built_custom_image): PRIVATE_VERITY_KEY := $(PRODUCTS.$(INTERNAL_PRODUCT).PRODUCT_VERITY_SIGNING_KEY) +$(my_built_custom_image): PRIVATE_VERITY_BLOCK_DEVICE := $(CUSTOM_IMAGE_VERITY_BLOCK_DEVICE) $(my_built_custom_image): PRIVATE_DICT_FILE := $(CUSTOM_IMAGE_DICT_FILE) $(my_built_custom_image): $(INTERNAL_USERIMAGES_DEPS) $(my_built_modules) $(my_image_copy_files) \ $(CUSTOM_IMAGE_DICT_FILE) @@ -86,9 +90,15 @@ $(my_built_custom_image): $(INTERNAL_USERIMAGES_DEPS) $(my_built_modules) $(my_i $(hide) echo "mount_point=$(PRIVATE_MOUNT_POINT)" >> $(PRIVATE_INTERMEDIATES)/image_info.txt $(hide) echo "fs_type=$(PRIVATE_FILE_SYSTEM_TYPE)" >> $(PRIVATE_INTERMEDIATES)/image_info.txt $(hide) echo "partition_size=$(PRIVATE_PARTITION_SIZE)" >> $(PRIVATE_INTERMEDIATES)/image_info.txt + $(if $(PRIVATE_SELINUX),$(hide) echo "selinux_fc=$(SELINUX_FC)" >> $(PRIVATE_INTERMEDIATES)/image_info.txt) + $(if $(PRIVATE_SUPPORT_VERITY),\ + $(hide) echo "verity=$(PRIVATE_SUPPORT_VERITY)" >> $(PRIVATE_INTERMEDIATES)/image_info.txt;\ + echo "verity_key=$(PRIVATE_VERITY_KEY)" >> $(PRIVATE_INTERMEDIATES)/image_info.txt;\ + echo "verity_signer_cmd=$(VERITY_SIGNER)" >> $(PRIVATE_INTERMEDIATES)/image_info.txt;\ + echo "verity_block_device=$(PRIVATE_VERITY_BLOCK_DEVICE)" >> $(PRIVATE_INTERMEDIATES)/image_info.txt) $(if $(PRIVATE_DICT_FILE),\ $(hide) echo "# Properties from $(PRIVATE_DICT_FILE)" >> $(PRIVATE_INTERMEDIATES)/image_info.txt;\ - cat $(PRIVATE_DICT_FILE) >> $(PRIVATE_INTERMEDIATES)/image_info.txt) + cat $(PRIVATE_DICT_FILE) >> $(PRIVATE_INTERMEDIATES)/image_info.txt) # Generate the image. $(hide) PATH=$(foreach p,$(INTERNAL_USERIMAGES_BINARY_PATHS),$(p):)$$PATH \ ./build/tools/releasetools/build_image.py \ |