• Home
  • Line#
  • Scopes#
  • Navigate#
  • Raw
  • Download
1//
2// Copyright (C) 2017-2020 The Android Open Source Project
3//
4// Licensed under the Apache License, Version 2.0 (the "License");
5// you may not use this file except in compliance with the License.
6// You may obtain a copy of the License at
7//
8//      http://www.apache.org/licenses/LICENSE-2.0
9//
10// Unless required by applicable law or agreed to in writing, software
11// distributed under the License is distributed on an "AS IS" BASIS,
12// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
13// See the License for the specific language governing permissions and
14// limitations under the License.
15//
16
17package {
18    default_applicable_licenses: ["external_avb_license"],
19}
20
21// Added automatically by a large-scale-change that took the approach of
22// 'apply every license found to every target'. While this makes sure we respect
23// every license restriction, it may not be entirely correct.
24//
25// e.g. GPL in an MIT project might only apply to the contrib/ directory.
26//
27// Please consider splitting the single license below into multiple licenses,
28// taking care not to lose any license_kind information, and overriding the
29// default license using the 'licenses: [...]' property on targets as needed.
30//
31// For unused files, consider creating a 'fileGroup' with "//visibility:private"
32// to attach the license to, and including a comment whether the files may be
33// used in the current project.
34// See: http://go/android-license-faq
35license {
36    name: "external_avb_license",
37    visibility: [":__subpackages__"],
38    license_kinds: [
39        "SPDX-license-identifier-Apache-2.0",
40        "SPDX-license-identifier-BSD",
41        "SPDX-license-identifier-MIT",
42    ],
43    license_text: [
44        "LICENSE",
45    ],
46}
47
48subdirs = [
49    "test",
50    "tools",
51]
52
53cc_defaults {
54    name: "avb_defaults",
55    cflags: [
56        "-D_FILE_OFFSET_BITS=64",
57        "-D_POSIX_C_SOURCE=199309L",
58        "-Wa,--noexecstack",
59        "-Werror",
60        "-Wall",
61        "-Wextra",
62        "-Wformat=2",
63        "-Wmissing-prototypes",
64        "-Wno-psabi",
65        "-Wno-unused-parameter",
66        "-Wno-format",
67        "-ffunction-sections",
68        "-fstack-protector-strong",
69        "-g",
70        "-DAVB_ENABLE_DEBUG",
71        "-DAVB_COMPILATION",
72    ],
73    cppflags: [
74        "-Wnon-virtual-dtor",
75        "-fno-strict-aliasing",
76    ],
77    ldflags: [
78        "-Wl,--gc-sections",
79        "-rdynamic",
80    ],
81    target: {
82        darwin: {
83            enabled: false,
84        },
85    },
86}
87
88cc_defaults {
89    name: "avb_sources",
90    srcs: [
91        "libavb/avb_chain_partition_descriptor.c",
92        "libavb/avb_cmdline.c",
93        "libavb/avb_crc32.c",
94        "libavb/avb_crypto.c",
95        "libavb/avb_descriptor.c",
96        "libavb/avb_footer.c",
97        "libavb/avb_hash_descriptor.c",
98        "libavb/avb_hashtree_descriptor.c",
99        "libavb/avb_kernel_cmdline_descriptor.c",
100        "libavb/avb_property_descriptor.c",
101        "libavb/avb_rsa.c",
102        "libavb/avb_slot_verify.c",
103        "libavb/avb_util.c",
104        "libavb/avb_vbmeta_image.c",
105        "libavb/avb_version.c",
106    ],
107}
108
109cc_defaults {
110    name: "avb_crypto_ops_impl_boringssl",
111    srcs: [
112        "libavb/boringssl/sha.c",
113    ],
114    local_include_dirs: [
115        "libavb/boringssl",
116    ],
117}
118
119cc_defaults {
120    name: "avb_crypto_ops_impl_sha",
121    srcs: [
122        "libavb/sha/sha256_impl.c",
123        "libavb/sha/sha512_impl.c",
124    ],
125    local_include_dirs: [
126        "libavb/sha",
127    ],
128}
129
130python_library_host {
131    name: "libavbtool",
132    srcs: ["avbtool.py"],
133}
134
135python_binary_host {
136    name: "avbtool",
137    srcs: ["avbtool.py"],
138    main: "avbtool.py",
139    required: ["fec"],
140    version: {
141        py3: {
142            embedded_launcher: true,
143        },
144    },
145    compile_multilib: "first",
146}
147
148// Default common to both standard and baremetal versions of libavb.
149cc_defaults {
150    name: "libavb_base_defaults",
151    defaults: [
152        "avb_defaults",
153        "avb_sources",
154        "avb_crypto_ops_impl_boringssl",
155    ],
156    header_libs: [
157        "avb_headers",
158    ],
159    export_header_lib_headers: ["avb_headers"],
160}
161
162// Defaults for standard libavb; depends on only libc and libcrypto.
163//
164// The standard targets enable more logging and uses the standard versions of
165// the dependencies; see the baremetal variant for a slimmer alternative.
166cc_defaults {
167    name: "libavb_standard_defaults",
168    defaults: ["libavb_base_defaults"],
169    host_supported: true,
170    ramdisk_available: true,
171    vendor_ramdisk_available: true,
172    recovery_available: true,
173    shared_libs: [
174        "libcrypto",
175    ],
176    target: {
177        linux: {
178            srcs: ["libavb/avb_sysdeps_posix.c"],
179        },
180        darwin: {
181            enabled: true,
182            srcs: ["libavb/avb_sysdeps_posix.c"],
183        },
184        host_linux: {
185            cflags: ["-fno-stack-protector"],
186        },
187    },
188    apex_available: [
189        "//apex_available:platform",
190        "com.android.virt",
191    ],
192}
193
194// libavb
195cc_library_static {
196    name: "libavb",
197    defaults: ["libavb_standard_defaults"],
198}
199
200// libavb + cert
201//
202// The cert extensions provides some additional support for minimal
203// certificate-based signing.
204cc_library_static {
205    name: "libavb_cert",
206    defaults: [
207        "avb_cert_sources",
208        "libavb_standard_defaults",
209    ],
210}
211
212// Defaults for a variant of libavb that can run in baremetal environments.
213//
214// The debug feature isn't enabled, removing verbose logging and assertions.
215// Also uses the baremetal variant of the dependencies.
216//
217// This does still require a handful of Posix APIs as used by the sysdeps
218// implementation.
219cc_defaults {
220    name: "libavb_baremetal_defaults",
221    defaults: ["libavb_base_defaults"],
222    cflags: ["-UAVB_ENABLE_DEBUG"],
223    static_libs: [
224        "libcrypto_baremetal",
225    ],
226    srcs: ["libavb/avb_sysdeps_posix.c"],
227}
228
229// Baremetal libavb
230cc_library_static {
231    name: "libavb_baremetal",
232    defaults: ["libavb_baremetal_defaults"],
233}
234
235// Baremetal libavb + cert
236cc_library_static {
237    name: "libavb_cert_baremetal",
238    defaults: [
239        "avb_cert_sources",
240        "libavb_baremetal_defaults",
241    ],
242}
243
244// Build libavb_user for the target - in addition to libavb, it
245// includes libavb_ab, libavb_user and also depends on libbase and
246// libfs_mgr.
247cc_library_static {
248    name: "libavb_user",
249    defaults: [
250        "avb_defaults",
251        "avb_sources",
252        "avb_crypto_ops_impl_boringssl",
253    ],
254    recovery_available: true,
255    header_libs: [
256        "avb_headers",
257    ],
258    export_header_lib_headers: ["avb_headers"],
259    shared_libs: [
260        "libbase",
261        "libcrypto",
262    ],
263    static_libs: ["libfs_mgr"],
264    cflags: [
265        "-DAVB_AB_I_UNDERSTAND_LIBAVB_AB_IS_DEPRECATED",
266    ],
267    srcs: [
268        "libavb/avb_sysdeps_posix.c",
269        "libavb_ab/avb_ab_flow.c",
270        "libavb_user/avb_ops_user.cpp",
271        "libavb_user/avb_user_verity.c",
272        "libavb_user/avb_user_verification.c",
273    ],
274}
275
276cc_binary {
277    name: "avbctl",
278    defaults: ["avb_defaults"],
279    static_libs: [
280        "libavb_user",
281        "libfs_mgr",
282    ],
283    shared_libs: [
284        "libbase",
285        "libcrypto",
286    ],
287    srcs: ["tools/avbctl/avbctl.cc"],
288}
289
290cc_library_host_static {
291    name: "libavb_ab_host",
292    defaults: ["avb_defaults"],
293    header_libs: [
294        "avb_headers",
295    ],
296    export_header_lib_headers: ["avb_headers"],
297    cflags: [
298        "-fno-stack-protector",
299        "-DAVB_AB_I_UNDERSTAND_LIBAVB_AB_IS_DEPRECATED",
300    ],
301    srcs: ["libavb_ab/avb_ab_flow.c"],
302}
303
304cc_defaults {
305    name: "avb_cert_sources",
306    srcs: ["libavb_cert/avb_cert_validate.c"],
307}
308
309cc_library_host_static {
310    name: "libavb_host_sysdeps",
311    defaults: ["avb_defaults"],
312    header_libs: [
313        "avb_headers",
314    ],
315    export_header_lib_headers: ["avb_headers"],
316    srcs: ["libavb/avb_sysdeps_posix.c"],
317}
318
319cc_defaults {
320    name: "avb_cert_example_sources",
321    srcs: ["examples/cert/avb_cert_slot_verify.c"],
322}
323
324cc_defaults {
325    name: "libavb_host_unittest_core",
326    defaults: [
327        "avb_defaults",
328        "avb_sources",
329        "avb_cert_sources",
330        "avb_cert_example_sources",
331    ],
332    required: [
333        "simg2img",
334        "img2simg",
335        "avbtool",
336    ],
337    test_options: {
338        unit_test: true,
339    },
340    compile_multilib: "first",
341    data: [
342        "avbtool.py",
343        "test/avbtool_signing_helper_test.py",
344        "test/avbtool_signing_helper_with_files_test.py",
345        "test/data/*",
346    ],
347    test_config: "test/libavb_host_unittest.xml",
348    test_suites: ["general-tests"],
349    static_libs: [
350        "libavb_ab_host",
351        "libgmock_host",
352        "libgtest_host",
353    ],
354    shared_libs: [
355        "libbase",
356        "libchrome",
357        "libcrypto",
358    ],
359    cflags: [
360        "-Wno-missing-prototypes",
361        "-DAVB_AB_I_UNDERSTAND_LIBAVB_AB_IS_DEPRECATED",
362    ],
363    srcs: [
364        "test/avb_ab_flow_unittest.cc",
365        "test/avb_cert_validate_unittest.cc",
366        "test/avb_cert_slot_verify_unittest.cc",
367        "test/avb_crypto_ops_unittest.cc",
368        "test/avb_slot_verify_unittest.cc",
369        "test/avb_unittest_util.cc",
370        "test/avb_util_unittest.cc",
371        "test/avb_vbmeta_image_unittest.cc",
372        "test/avbtool_unittest.cc",
373        "test/fake_avb_ops.cc",
374        "test/avb_sysdeps_posix_testing.cc",
375    ],
376}
377
378cc_test_host {
379    name: "libavb_host_unittest",
380    defaults: [
381        "avb_crypto_ops_impl_boringssl",
382        "libavb_host_unittest_core",
383    ],
384    data: [
385        ":img2simg",
386        ":simg2img",
387        ":fec",
388    ],
389}
390
391cc_test_host {
392    name: "libavb_host_unittest_sha",
393    defaults: [
394        "avb_crypto_ops_impl_sha",
395        "libavb_host_unittest_core",
396    ],
397    data: [
398        ":img2simg",
399        ":simg2img",
400        ":fec",
401    ],
402}
403
404cc_library_host_static {
405    name: "libavb_host_user_code_test",
406    defaults: ["avb_defaults"],
407    cflags: [
408        "-DAVB_AB_I_UNDERSTAND_LIBAVB_AB_IS_DEPRECATED",
409    ],
410    srcs: ["test/user_code_test.cc"],
411}
412
413cc_library {
414    name: "bootctrl.avb",
415    defaults: ["avb_defaults"],
416    relative_install_path: "hw",
417    static_libs: [
418        "libavb_user",
419        "libfs_mgr",
420    ],
421    shared_libs: [
422        "libbase",
423        "libcrypto",
424        "libcutils",
425    ],
426    cflags: [
427        "-DAVB_AB_I_UNDERSTAND_LIBAVB_AB_IS_DEPRECATED",
428    ],
429    srcs: ["boot_control/boot_control_avb.c"],
430}
431
432cc_library_headers {
433    name: "avb_headers",
434    host_supported: true,
435    ramdisk_available: true,
436    vendor_ramdisk_available: true,
437    recovery_available: true,
438    export_include_dirs: ["."],
439    target: {
440        windows: {
441            enabled: true,
442        },
443    },
444    apex_available: [
445        "//apex_available:platform",
446        "com.android.virt",
447    ],
448}
449