xref: /aosp_15_r20/external/avb/Android.bp (revision d289c2ba6de359471b23d594623b906876bc48a0) 
1//
2// Copyright (C) 2017-2020 The Android Open Source Project
3//
4// Licensed under the Apache License, Version 2.0 (the "License");
5// you may not use this file except in compliance with the License.
6// You may obtain a copy of the License at
7//
8//      http://www.apache.org/licenses/LICENSE-2.0
9//
10// Unless required by applicable law or agreed to in writing, software
11// distributed under the License is distributed on an "AS IS" BASIS,
12// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
13// See the License for the specific language governing permissions and
14// limitations under the License.
15//
16
17package {
18    default_applicable_licenses: ["external_avb_license"],
19}
20
21// Added automatically by a large-scale-change that took the approach of
22// 'apply every license found to every target'. While this makes sure we respect
23// every license restriction, it may not be entirely correct.
24//
25// e.g. GPL in an MIT project might only apply to the contrib/ directory.
26//
27// Please consider splitting the single license below into multiple licenses,
28// taking care not to lose any license_kind information, and overriding the
29// default license using the 'licenses: [...]' property on targets as needed.
30//
31// For unused files, consider creating a 'fileGroup' with "//visibility:private"
32// to attach the license to, and including a comment whether the files may be
33// used in the current project.
34// See: http://go/android-license-faq
35license {
36    name: "external_avb_license",
37    visibility: [":__subpackages__"],
38    license_kinds: [
39        "SPDX-license-identifier-Apache-2.0",
40        "SPDX-license-identifier-BSD",
41        "SPDX-license-identifier-MIT",
42    ],
43    license_text: [
44        "LICENSE",
45    ],
46}
47
48subdirs = [
49    "test",
50    "tools",
51]
52
53cc_defaults {
54    name: "avb_defaults",
55    cflags: [
56        "-D_FILE_OFFSET_BITS=64",
57        "-D_POSIX_C_SOURCE=199309L",
58        "-Wa,--noexecstack",
59        "-Werror",
60        "-Wall",
61        "-Wextra",
62        "-Wformat=2",
63        "-Wmissing-prototypes",
64        "-Wno-psabi",
65        "-Wno-unused-parameter",
66        "-Wno-format",
67        "-ffunction-sections",
68        "-fstack-protector-strong",
69        "-g",
70        "-DAVB_ENABLE_DEBUG",
71        "-DAVB_COMPILATION",
72    ],
73    cppflags: [
74        "-Wnon-virtual-dtor",
75        "-fno-strict-aliasing",
76    ],
77    ldflags: [
78        "-Wl,--gc-sections",
79        "-rdynamic",
80    ],
81    target: {
82        darwin: {
83            enabled: false,
84        },
85    },
86}
87
88cc_defaults {
89    name: "avb_sources",
90    srcs: [
91        "libavb/avb_chain_partition_descriptor.c",
92        "libavb/avb_cmdline.c",
93        "libavb/avb_crc32.c",
94        "libavb/avb_crypto.c",
95        "libavb/avb_descriptor.c",
96        "libavb/avb_footer.c",
97        "libavb/avb_hash_descriptor.c",
98        "libavb/avb_hashtree_descriptor.c",
99        "libavb/avb_kernel_cmdline_descriptor.c",
100        "libavb/avb_property_descriptor.c",
101        "libavb/avb_rsa.c",
102        "libavb/avb_slot_verify.c",
103        "libavb/avb_util.c",
104        "libavb/avb_vbmeta_image.c",
105        "libavb/avb_version.c",
106    ],
107}
108
109cc_defaults {
110    name: "avb_crypto_ops_impl_boringssl",
111    srcs: [
112        "libavb/boringssl/sha.c",
113    ],
114    local_include_dirs: [
115        "libavb/boringssl",
116    ],
117}
118
119cc_defaults {
120    name: "avb_crypto_ops_impl_sha",
121    srcs: [
122        "libavb/sha/sha256_impl.c",
123        "libavb/sha/sha512_impl.c",
124    ],
125    local_include_dirs: [
126        "libavb/sha",
127    ],
128}
129
130python_library_host {
131    name: "libavbtool",
132    srcs: ["avbtool.py"],
133}
134
135python_binary_host {
136    name: "avbtool",
137    srcs: ["avbtool.py"],
138    main: "avbtool.py",
139    required: ["fec"],
140    version: {
141        py3: {
142            embedded_launcher: true,
143        },
144    },
145    compile_multilib: "first",
146}
147
148// Default common to both standard and baremetal versions of libavb.
149cc_defaults {
150    name: "libavb_base_defaults",
151    defaults: [
152        "avb_defaults",
153        "avb_sources",
154        "avb_crypto_ops_impl_boringssl",
155    ],
156    header_libs: [
157        "avb_headers",
158    ],
159    export_header_lib_headers: ["avb_headers"],
160}
161
162// Defaults for standard libavb; depends on only libc and libcrypto.
163//
164// The standard targets enable more logging and uses the standard versions of
165// the dependencies; see the baremetal variant for a slimmer alternative.
166cc_defaults {
167    name: "libavb_standard_defaults",
168    defaults: ["libavb_base_defaults"],
169    host_supported: true,
170    ramdisk_available: true,
171    vendor_ramdisk_available: true,
172    recovery_available: true,
173    shared_libs: [
174        "libcrypto",
175    ],
176    target: {
177        linux: {
178            srcs: ["libavb/avb_sysdeps_posix.c"],
179        },
180        darwin: {
181            enabled: true,
182            srcs: ["libavb/avb_sysdeps_posix.c"],
183        },
184        host_linux: {
185            cflags: ["-fno-stack-protector"],
186        },
187    },
188    apex_available: [
189        "//apex_available:platform",
190        "com.android.virt",
191    ],
192}
193
194// libavb
195cc_library_static {
196    name: "libavb",
197    defaults: ["libavb_standard_defaults"],
198}
199
200// libavb + cert
201//
202// The cert extensions provides some additional support for minimal
203// certificate-based signing.
204cc_library_static {
205    name: "libavb_cert",
206    defaults: [
207        "avb_cert_sources",
208        "libavb_standard_defaults",
209    ],
210}
211
212// Defaults for a variant of libavb that can run in baremetal environments.
213//
214// The debug feature isn't enabled, removing verbose logging and assertions.
215// Also uses the baremetal variant of the dependencies.
216//
217// This does still require a handful of Posix APIs as used by the sysdeps
218// implementation.
219cc_defaults {
220    name: "libavb_baremetal_defaults",
221    defaults: [
222        "cc_baremetal_defaults",
223        "libavb_base_defaults",
224    ],
225    cflags: ["-UAVB_ENABLE_DEBUG"],
226    static_libs: [
227        "libcrypto_baremetal",
228    ],
229    srcs: ["libavb/avb_sysdeps_posix.c"],
230}
231
232// Baremetal libavb
233cc_library_static {
234    name: "libavb_baremetal",
235    defaults: ["libavb_baremetal_defaults"],
236}
237
238// Baremetal libavb + cert
239cc_library_static {
240    name: "libavb_cert_baremetal",
241    defaults: [
242        "avb_cert_sources",
243        "libavb_baremetal_defaults",
244    ],
245}
246
247// Build libavb_user for the target - in addition to libavb, it
248// includes libavb_ab, libavb_user and also depends on libbase and
249// libfs_mgr.
250cc_library_static {
251    name: "libavb_user",
252    defaults: [
253        "avb_defaults",
254        "avb_sources",
255        "avb_crypto_ops_impl_boringssl",
256    ],
257    recovery_available: true,
258    header_libs: [
259        "avb_headers",
260    ],
261    export_header_lib_headers: ["avb_headers"],
262    shared_libs: [
263        "libbase",
264        "libcrypto",
265    ],
266    static_libs: ["libfs_mgr"],
267    cflags: [
268        "-DAVB_AB_I_UNDERSTAND_LIBAVB_AB_IS_DEPRECATED",
269    ],
270    srcs: [
271        "libavb/avb_sysdeps_posix.c",
272        "libavb_ab/avb_ab_flow.c",
273        "libavb_user/avb_ops_user.cpp",
274        "libavb_user/avb_user_verity.c",
275        "libavb_user/avb_user_verification.c",
276    ],
277}
278
279cc_binary {
280    name: "avbctl",
281    defaults: ["avb_defaults"],
282    static_libs: [
283        "libavb_user",
284        "libfs_mgr",
285    ],
286    shared_libs: [
287        "libbase",
288        "libcrypto",
289    ],
290    srcs: ["tools/avbctl/avbctl.cc"],
291}
292
293cc_library_host_static {
294    name: "libavb_ab_host",
295    defaults: ["avb_defaults"],
296    header_libs: [
297        "avb_headers",
298    ],
299    export_header_lib_headers: ["avb_headers"],
300    cflags: [
301        "-fno-stack-protector",
302        "-DAVB_AB_I_UNDERSTAND_LIBAVB_AB_IS_DEPRECATED",
303    ],
304    srcs: ["libavb_ab/avb_ab_flow.c"],
305}
306
307cc_defaults {
308    name: "avb_cert_sources",
309    srcs: ["libavb_cert/avb_cert_validate.c"],
310}
311
312cc_library_host_static {
313    name: "libavb_host_sysdeps",
314    defaults: ["avb_defaults"],
315    header_libs: [
316        "avb_headers",
317    ],
318    export_header_lib_headers: ["avb_headers"],
319    srcs: ["libavb/avb_sysdeps_posix.c"],
320}
321
322cc_defaults {
323    name: "avb_cert_example_sources",
324    srcs: ["examples/cert/avb_cert_slot_verify.c"],
325}
326
327cc_defaults {
328    name: "libavb_host_unittest_core",
329    defaults: [
330        "avb_defaults",
331        "avb_sources",
332        "avb_cert_sources",
333        "avb_cert_example_sources",
334    ],
335    required: [
336        "simg2img",
337        "img2simg",
338        "avbtool",
339    ],
340    test_options: {
341        unit_test: true,
342    },
343    compile_multilib: "first",
344    data: [
345        "avbtool.py",
346        "test/avbtool_signing_helper_test.py",
347        "test/avbtool_signing_helper_with_files_test.py",
348        "test/data/*",
349    ],
350    test_config: "test/libavb_host_unittest.xml",
351    static_libs: [
352        "libavb_ab_host",
353        "libgmock_host",
354        "libgtest_host",
355    ],
356    shared_libs: [
357        "libbase",
358        "libchrome",
359        "libcrypto",
360    ],
361    cflags: [
362        "-Wno-missing-prototypes",
363        "-DAVB_AB_I_UNDERSTAND_LIBAVB_AB_IS_DEPRECATED",
364    ],
365    srcs: [
366        "test/avb_ab_flow_unittest.cc",
367        "test/avb_cert_validate_unittest.cc",
368        "test/avb_cert_slot_verify_unittest.cc",
369        "test/avb_crypto_ops_unittest.cc",
370        "test/avb_slot_verify_unittest.cc",
371        "test/avb_unittest_util.cc",
372        "test/avb_util_unittest.cc",
373        "test/avb_vbmeta_image_unittest.cc",
374        "test/avbtool_unittest.cc",
375        "test/fake_avb_ops.cc",
376        "test/avb_sysdeps_posix_testing.cc",
377    ],
378}
379
380cc_test_host {
381    name: "libavb_host_unittest",
382    defaults: [
383        "avb_crypto_ops_impl_boringssl",
384        "libavb_host_unittest_core",
385    ],
386    data: [
387        ":img2simg",
388        ":simg2img",
389        ":fec",
390    ],
391}
392
393cc_test_host {
394    name: "libavb_host_unittest_sha",
395    defaults: [
396        "avb_crypto_ops_impl_sha",
397        "libavb_host_unittest_core",
398    ],
399    data: [
400        ":img2simg",
401        ":simg2img",
402        ":fec",
403    ],
404}
405
406cc_library_host_static {
407    name: "libavb_host_user_code_test",
408    defaults: ["avb_defaults"],
409    cflags: [
410        "-DAVB_AB_I_UNDERSTAND_LIBAVB_AB_IS_DEPRECATED",
411    ],
412    srcs: ["test/user_code_test.cc"],
413}
414
415cc_library {
416    name: "bootctrl.avb",
417    defaults: ["avb_defaults"],
418    relative_install_path: "hw",
419    static_libs: [
420        "libavb_user",
421        "libfs_mgr",
422    ],
423    shared_libs: [
424        "libbase",
425        "libcrypto",
426        "libcutils",
427    ],
428    cflags: [
429        "-DAVB_AB_I_UNDERSTAND_LIBAVB_AB_IS_DEPRECATED",
430    ],
431    srcs: ["boot_control/boot_control_avb.c"],
432}
433
434cc_library_headers {
435    name: "avb_headers",
436    host_supported: true,
437    ramdisk_available: true,
438    vendor_ramdisk_available: true,
439    recovery_available: true,
440    export_include_dirs: ["."],
441    target: {
442        windows: {
443            enabled: true,
444        },
445    },
446    apex_available: [
447        "//apex_available:platform",
448        "com.android.virt",
449    ],
450}
451