• Home
  • Line#
  • Scopes#
  • Navigate#
  • Raw
  • Download
1//
2// Copyright (C) 2017-2020 The Android Open Source Project
3//
4// Licensed under the Apache License, Version 2.0 (the "License");
5// you may not use this file except in compliance with the License.
6// You may obtain a copy of the License at
7//
8//      http://www.apache.org/licenses/LICENSE-2.0
9//
10// Unless required by applicable law or agreed to in writing, software
11// distributed under the License is distributed on an "AS IS" BASIS,
12// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
13// See the License for the specific language governing permissions and
14// limitations under the License.
15//
16
17package {
18    default_applicable_licenses: ["external_avb_license"],
19}
20
21// Added automatically by a large-scale-change that took the approach of
22// 'apply every license found to every target'. While this makes sure we respect
23// every license restriction, it may not be entirely correct.
24//
25// e.g. GPL in an MIT project might only apply to the contrib/ directory.
26//
27// Please consider splitting the single license below into multiple licenses,
28// taking care not to lose any license_kind information, and overriding the
29// default license using the 'licenses: [...]' property on targets as needed.
30//
31// For unused files, consider creating a 'fileGroup' with "//visibility:private"
32// to attach the license to, and including a comment whether the files may be
33// used in the current project.
34// See: http://go/android-license-faq
35license {
36    name: "external_avb_license",
37    visibility: [":__subpackages__"],
38    license_kinds: [
39        "SPDX-license-identifier-Apache-2.0",
40        "SPDX-license-identifier-BSD",
41        "SPDX-license-identifier-MIT",
42    ],
43    license_text: [
44        "LICENSE",
45    ],
46}
47
48subdirs = [
49    "test",
50    "tools",
51]
52
53cc_defaults {
54    name: "avb_defaults",
55    cflags: [
56        "-D_FILE_OFFSET_BITS=64",
57        "-D_POSIX_C_SOURCE=199309L",
58        "-Wa,--noexecstack",
59        "-Werror",
60        "-Wall",
61        "-Wextra",
62        "-Wformat=2",
63        "-Wmissing-prototypes",
64        "-Wno-psabi",
65        "-Wno-unused-parameter",
66        "-Wno-format",
67        "-ffunction-sections",
68        "-fstack-protector-strong",
69        "-g",
70        "-DAVB_ENABLE_DEBUG",
71        "-DAVB_COMPILATION",
72    ],
73    cppflags: [
74        "-Wnon-virtual-dtor",
75        "-fno-strict-aliasing",
76    ],
77    ldflags: [
78        "-Wl,--gc-sections",
79        "-rdynamic",
80    ],
81    target: {
82        darwin: {
83            enabled: false,
84        },
85    },
86}
87
88cc_defaults {
89    name: "avb_sources",
90    srcs: [
91        "libavb/avb_chain_partition_descriptor.c",
92        "libavb/avb_cmdline.c",
93        "libavb/avb_crc32.c",
94        "libavb/avb_crypto.c",
95        "libavb/avb_descriptor.c",
96        "libavb/avb_footer.c",
97        "libavb/avb_hash_descriptor.c",
98        "libavb/avb_hashtree_descriptor.c",
99        "libavb/avb_kernel_cmdline_descriptor.c",
100        "libavb/avb_property_descriptor.c",
101        "libavb/avb_rsa.c",
102        "libavb/avb_slot_verify.c",
103        "libavb/avb_util.c",
104        "libavb/avb_vbmeta_image.c",
105        "libavb/avb_version.c",
106    ],
107}
108
109cc_defaults {
110    name: "avb_crypto_ops_impl_boringssl",
111    srcs: [
112        "libavb/boringssl/sha.c",
113    ],
114    local_include_dirs: [
115        "libavb/boringssl",
116    ],
117}
118
119cc_defaults {
120    name: "avb_crypto_ops_impl_sha",
121    srcs: [
122        "libavb/sha/sha256_impl.c",
123        "libavb/sha/sha512_impl.c",
124    ],
125    local_include_dirs: [
126        "libavb/sha",
127    ],
128}
129
130python_library_host {
131    name: "libavbtool",
132    srcs: ["avbtool.py"],
133}
134
135python_binary_host {
136    name: "avbtool",
137    srcs: ["avbtool.py"],
138    main: "avbtool.py",
139    required: ["fec"],
140    version: {
141        py3: {
142            embedded_launcher: true,
143        },
144    },
145    compile_multilib: "first",
146}
147
148// Default common to both standard and baremetal versions of libavb.
149cc_defaults {
150    name: "libavb_base_defaults",
151    defaults: [
152        "avb_defaults",
153        "avb_sources",
154        "avb_crypto_ops_impl_boringssl",
155    ],
156    header_libs: [
157        "avb_headers",
158    ],
159    export_header_lib_headers: ["avb_headers"],
160}
161
162// Defaults for standard libavb; depends on only libc and libcrypto.
163//
164// The standard targets enable more logging and uses the standard versions of
165// the dependencies; see the baremetal variant for a slimmer alternative.
166cc_defaults {
167    name: "libavb_standard_defaults",
168    defaults: ["libavb_base_defaults"],
169    host_supported: true,
170    ramdisk_available: true,
171    vendor_ramdisk_available: true,
172    recovery_available: true,
173    shared_libs: [
174        "libcrypto",
175    ],
176    target: {
177        linux: {
178            srcs: ["libavb/avb_sysdeps_posix.c"],
179        },
180        darwin: {
181            enabled: true,
182            srcs: ["libavb/avb_sysdeps_posix.c"],
183        },
184        host_linux: {
185            cflags: ["-fno-stack-protector"],
186        },
187    },
188    apex_available: [
189        "//apex_available:platform",
190        "com.android.virt",
191    ],
192}
193
194// libavb
195cc_library_static {
196    name: "libavb",
197    defaults: ["libavb_standard_defaults"],
198}
199
200// libavb + cert
201//
202// The cert extensions provides some additional support for minimal
203// certificate-based signing.
204cc_library_static {
205    name: "libavb_cert",
206    defaults: [
207        "avb_cert_sources",
208        "libavb_standard_defaults",
209    ],
210}
211
212// Defaults for a variant of libavb that can run in baremetal environments.
213//
214// The debug feature isn't enabled, removing verbose logging and assertions.
215// Also uses the baremetal variant of the dependencies.
216//
217// This does still require a handful of Posix APIs as used by the sysdeps
218// implementation.
219cc_defaults {
220    name: "libavb_baremetal_defaults",
221    defaults: [
222        "cc_baremetal_defaults",
223        "libavb_base_defaults",
224    ],
225    cflags: ["-UAVB_ENABLE_DEBUG"],
226    static_libs: [
227        "libcrypto_baremetal",
228    ],
229    srcs: ["libavb/avb_sysdeps_posix.c"],
230
231    // b/336916369: This library gets linked into a rust rlib.  Disable LTO
232    // until cross-language lto is supported.
233    lto: {
234        never: true,
235    },
236}
237
238// Baremetal libavb
239cc_library_static {
240    name: "libavb_baremetal",
241    defaults: ["libavb_baremetal_defaults"],
242}
243
244// Baremetal libavb + cert
245cc_library_static {
246    name: "libavb_cert_baremetal",
247    defaults: [
248        "avb_cert_sources",
249        "libavb_baremetal_defaults",
250    ],
251}
252
253// Build libavb_user for the target - in addition to libavb, it
254// includes libavb_ab, libavb_user and also depends on libbase and
255// libfs_mgr.
256cc_library_static {
257    name: "libavb_user",
258    defaults: [
259        "avb_defaults",
260        "avb_sources",
261        "avb_crypto_ops_impl_boringssl",
262    ],
263    recovery_available: true,
264    header_libs: [
265        "avb_headers",
266    ],
267    export_header_lib_headers: ["avb_headers"],
268    shared_libs: [
269        "libbase",
270        "libcrypto",
271    ],
272    static_libs: ["libfs_mgr"],
273    cflags: [
274        "-DAVB_AB_I_UNDERSTAND_LIBAVB_AB_IS_DEPRECATED",
275    ],
276    srcs: [
277        "libavb/avb_sysdeps_posix.c",
278        "libavb_ab/avb_ab_flow.c",
279        "libavb_user/avb_ops_user.cpp",
280        "libavb_user/avb_user_verity.c",
281        "libavb_user/avb_user_verification.c",
282    ],
283}
284
285cc_binary {
286    name: "avbctl",
287    defaults: ["avb_defaults"],
288    static_libs: [
289        "libavb_user",
290        "libfs_mgr",
291    ],
292    shared_libs: [
293        "libbase",
294        "libcrypto",
295    ],
296    srcs: ["tools/avbctl/avbctl.cc"],
297}
298
299cc_library_host_static {
300    name: "libavb_ab_host",
301    defaults: ["avb_defaults"],
302    header_libs: [
303        "avb_headers",
304    ],
305    export_header_lib_headers: ["avb_headers"],
306    cflags: [
307        "-fno-stack-protector",
308        "-DAVB_AB_I_UNDERSTAND_LIBAVB_AB_IS_DEPRECATED",
309    ],
310    srcs: ["libavb_ab/avb_ab_flow.c"],
311}
312
313cc_defaults {
314    name: "avb_cert_sources",
315    srcs: ["libavb_cert/avb_cert_validate.c"],
316}
317
318cc_library_host_static {
319    name: "libavb_host_sysdeps",
320    defaults: ["avb_defaults"],
321    header_libs: [
322        "avb_headers",
323    ],
324    export_header_lib_headers: ["avb_headers"],
325    srcs: ["libavb/avb_sysdeps_posix.c"],
326}
327
328cc_defaults {
329    name: "avb_cert_example_sources",
330    srcs: ["examples/cert/avb_cert_slot_verify.c"],
331}
332
333cc_defaults {
334    name: "libavb_host_unittest_core",
335    defaults: [
336        "avb_defaults",
337        "avb_sources",
338        "avb_cert_sources",
339        "avb_cert_example_sources",
340    ],
341    required: [
342        "simg2img",
343        "img2simg",
344        "avbtool",
345    ],
346    test_options: {
347        unit_test: true,
348    },
349    compile_multilib: "first",
350    data: [
351        "avbtool.py",
352        "test/avbtool_signing_helper_test.py",
353        "test/avbtool_signing_helper_with_files_test.py",
354        "test/data/*",
355    ],
356    test_config: "test/libavb_host_unittest.xml",
357    static_libs: [
358        "libavb_ab_host",
359        "libgmock_host",
360        "libgtest_host",
361    ],
362    shared_libs: [
363        "libbase",
364        "libchrome",
365        "libcrypto",
366    ],
367    cflags: [
368        "-Wno-missing-prototypes",
369        "-DAVB_AB_I_UNDERSTAND_LIBAVB_AB_IS_DEPRECATED",
370    ],
371    srcs: [
372        "test/avb_ab_flow_unittest.cc",
373        "test/avb_cert_validate_unittest.cc",
374        "test/avb_cert_slot_verify_unittest.cc",
375        "test/avb_crypto_ops_unittest.cc",
376        "test/avb_slot_verify_unittest.cc",
377        "test/avb_unittest_util.cc",
378        "test/avb_util_unittest.cc",
379        "test/avb_vbmeta_image_unittest.cc",
380        "test/avbtool_unittest.cc",
381        "test/fake_avb_ops.cc",
382        "test/avb_sysdeps_posix_testing.cc",
383    ],
384}
385
386cc_test_host {
387    name: "libavb_host_unittest",
388    defaults: [
389        "avb_crypto_ops_impl_boringssl",
390        "libavb_host_unittest_core",
391    ],
392    data: [
393        ":img2simg",
394        ":simg2img",
395        ":fec",
396    ],
397}
398
399cc_test_host {
400    name: "libavb_host_unittest_sha",
401    defaults: [
402        "avb_crypto_ops_impl_sha",
403        "libavb_host_unittest_core",
404    ],
405    data: [
406        ":img2simg",
407        ":simg2img",
408        ":fec",
409    ],
410}
411
412cc_library_host_static {
413    name: "libavb_host_user_code_test",
414    defaults: ["avb_defaults"],
415    cflags: [
416        "-DAVB_AB_I_UNDERSTAND_LIBAVB_AB_IS_DEPRECATED",
417    ],
418    srcs: ["test/user_code_test.cc"],
419}
420
421cc_library {
422    name: "bootctrl.avb",
423    defaults: ["avb_defaults"],
424    relative_install_path: "hw",
425    static_libs: [
426        "libavb_user",
427        "libfs_mgr",
428    ],
429    shared_libs: [
430        "libbase",
431        "libcrypto",
432        "libcutils",
433    ],
434    cflags: [
435        "-DAVB_AB_I_UNDERSTAND_LIBAVB_AB_IS_DEPRECATED",
436    ],
437    srcs: ["boot_control/boot_control_avb.c"],
438}
439
440cc_library_headers {
441    name: "avb_headers",
442    host_supported: true,
443    ramdisk_available: true,
444    vendor_ramdisk_available: true,
445    recovery_available: true,
446    export_include_dirs: ["."],
447    target: {
448        windows: {
449            enabled: true,
450        },
451    },
452    apex_available: [
453        "//apex_available:platform",
454        "com.android.virt",
455    ],
456}
457