blob: b2daddd4b928700a2a06c29359dcc2abd4cf7837 [file] [log] [blame]
# Copyright 2021 The Fuchsia Authors. All rights reserved.
# Use of this source code is governed by a BSD-style license that can be
# found in the LICENSE file.
import("//build/assembly/assembled_system.gni")
import("//build/assembly/generated_assembly_inputs.gni")
import("//build/assembly/legacy_image_metadata_overrides.gni")
import("//build/assembly/update_package.gni")
import("//build/board.gni")
import("//build/images/args.gni")
import("//build/images/filesystem_limits.gni")
import("//build/images/vboot/vboot.gni")
import("//build/product.gni")
import("//build/python/python_action.gni")
import("//build/sdk/product_bundle.gni")
import("//build/security.gni")
import("//build/testing/host_test_data.gni")
import("//src/security/bin/scrutiny_x_smoke_test/scrutiny_x_smoke_test.gni")
import("//src/sys/core/build/core.gni")
import("//zircon/kernel/phys/qemu.gni")
declare_args() {
# Create the package and archive for the legacy assembly input bundle. This
# can be a time-consuming operation, which due to limits in GN and groups,
# ends up being a blocking step in the build, so only enable this if we know
# that we want the legacy AIB packaged and archived for a given product:
create_legacy_aib_archive = false
}
if (is_host) {
host_test_data("fuchsia_zbi_for_host_tests") {
sources = [ "$root_build_dir/fuchsia.zbi" ]
# This dep cannot be specified, because it creates a dependency cycle. It
# could be added if all tests using this were not in any package set (and
# were just in host_labels)
#deps = [ ":fuchsia($default_toolchain)" ]
}
}
# The assembly operation should only be defined in the default (fuchsia)
# toolchain.
if (is_fuchsia) {
assert(current_toolchain == default_toolchain,
"//build/images/* are only valid in the Fuchsia toolchain")
# This catches inadvertent dependencies on the "fucshia" assembly implementation
# in bringup-only configurations.
assert(
!use_bringup_assembly,
"The bringup product config cannot rely on the fuchsia assembly. Bringup has it's own in //build/images/bringup")
##################################################
# Shared parameters across assemblies in this file
##################################################
files = {
assembly_inputs = "$target_out_dir/fuchsia/assembly_inputs.json"
platform_aib_dir = get_label_info("//bundles/assembly", "target_out_dir")
# Outputs of assembly.
outdir = target_out_dir + "/fuchsia"
zbi = "${outdir}/fuchsia.zbi"
zbi_signed = "${outdir}/fuchsia.zbi.signed"
vbmeta = "${outdir}/fuchsia.vbmeta"
blobfs = "${outdir}/blob.blk"
fvm = "${outdir}/fvm.blk"
fvm_sparse = "${outdir}/fvm.sparse.blk"
fvm_fastboot = "${outdir}/fvm.fastboot.blk"
fxfs = "${outdir}/fxfs.blk"
fxfs_sparse = "${outdir}/fxfs.sparse.blk"
packages_json = "${outdir}/packages.json"
images_json = "${outdir}/images.json"
# Outputs of recovery.
recovery_name = get_label_info(recovery_label, "name")
recovery_outdir =
get_label_info(recovery_label, "target_out_dir") + "/" + recovery_name
recovery_zbi = "${recovery_outdir}/${recovery_name}.zbi"
recovery_zbi_signed = "${recovery_outdir}/${recovery_name}.zbi.signed"
recovery_vbmeta = "${recovery_outdir}/${recovery_name}.vbmeta"
recovery_blobfs = "${recovery_outdir}/blob.blk"
recovery_fvm = "${recovery_outdir}/fvm.blk"
recovery_fvm_sparse = "${recovery_outdir}/fvm.sparse.blk"
recovery_fvm_fastboot = "${recovery_outdir}/fvm.fastboot.blk"
recovery_fxfs = "${recovery_outdir}/fxfs.blk"
recovery_fxfs_sparse = "${recovery_outdir}/fxfs.sparse.blk"
recovery_images_json = "${recovery_outdir}/images.json"
esp_image_path = "${root_build_dir}/fuchsia.esp.blk"
qemu_kernel = qemu_boot_shim.path
}
# A scope of dependencies that serves to transition deps from the
# legacy_assembly_input_bundle.gni mechanism to the new platform
# assembly_input_bundle.gni.
#
# This is used to do a metadata walk on the list of dependencies we intend to
# delete from the legacy AIB after a successful transition, because the
# assembly_input_bundle.gni template does not use a metadata walk to gather
# transitive dependencies, and thus the set of declared targets in the
# assembly_input_bundle invocation will often contain more explicit targets
# than those being removed from the legacy_assembly_input_bundle invocation.
# This makes it otherwise difficult to validate that the list of resultant
# dependencies in the build does not change.
must_exist = {
base_packages = []
cache_packages = []
bootfs_labels = []
bootfs_package_labels = []
extra_base_deps = []
boot_args = []
cmdline = []
cmdline_deps = []
}
fuchsia_base = {
testonly = fuchsia_zbi_testonly
check_production_tag = check_production_eligibility
# In non-prod builds, allow use of the eng and userdebug platform bundles.
allow_eng_platform_bundle_use = !check_production_eligibility
allow_userdebug_platform_bundle_use = !check_production_eligibility
generate_fvm = !fxfs_blob
generate_fxfs = fxfs_blob
generate_fvm_fastboot = !fxfs_blob && assembly_generate_fvm_fastboot
generate_fvm_nand = !fxfs_blob && assembly_generate_fvm_nand
generate_vbmeta = use_vbmeta
# Use the GN arg for including shell commands.
include_shell_commands = include_shell_commands_package
board_config_label = board_configuration_label
cmdline_deps = [ "//build/input:bootfs" ]
base_packages = [
"//:developer_base_driver_packages",
"//:developer_base_packages",
"//:legacy_base_packages",
]
core_realm_definition = ":core_realm"
base_driver_packages = [
"//:developer_base_driver_packages",
"//:legacy_base_driver_packages",
]
cache_packages = [
"//:developer_cache_packages",
"//:legacy_cache_packages",
]
system_image_deps = [ "//build/input:system_image" ]
universe_packages = [ "//:developer_universe_packages" ]
bootfs_labels = [ "//build/input:bootfs" ]
bootfs_package_labels = product_bootfs_packages
if (generate_fvm) {
assembly_include_account_in_fvm = include_account_in_fvm
}
# zbi arguments
if (custom_signing_script != "") {
inputs = custom_signing_script_inputs
generate_signed_zbi = true
} else if (use_vboot) {
inputs = vboot_action.inputs
generate_signed_zbi = true
}
}
core_realm_definition("core_realm") {
deps = core_realm_shards + board_core_realm_shards
}
##################################################
# Fuchsia
##################################################
# The `:fuchsia` target assembles the main Fuchsia image, for all non-bringup
# product definitions.
#
# This group only provides GN metadata about the update package(s), none of
# packages that are included in the assembled image are present in GN metadata
# walks of this target.
#
# To get the list of packages in this assembly, use the
# `package_list_from_assembly()` GN template.
group("fuchsia") {
testonly = fuchsia_zbi_testonly
public_deps = [ ":scrutiny_x_smoke_test" ]
if (!use_bazel_images_only) {
public_deps += [
":assembly_inputs",
":fuchsia_assembly",
":product_bundle",
":update",
":validate_universe_config_data_entries_empty",
]
}
metadata = {
package_barrier = []
if (!use_bazel_images_only) {
# Only include the update package(s) manifest(s) in metadata collection.
# To get a file containing a list of the base & cache packages, use the
# `package_list_from_assembly()` GN template.
package_barrier = [ ":update" ]
}
assembly_inputs = [
{
path = rebase_path(files.assembly_inputs, root_build_dir)
},
]
}
}
assembled_system("fuchsia_assembly") {
forward_variables_from(fuchsia_base, "*")
if (fuchsia_product_assembly_config_label != false) {
product_assembly_config_label = fuchsia_product_assembly_config_label
}
output_dir = root_build_dir
image_name = "fuchsia"
# Bazel assembly should not depend on any targets from GN assembly other
# than the legacy AIB.
legacy_bundle_only = use_bazel_images_only
create_legacy_aib_package = create_legacy_aib_archive
create_legacy_aib_archive = create_legacy_aib_archive
image_metadata_overrides = legacy_fuchsia_image_metadata_overrides
must_exist_deps = must_exist
}
# Bazel assembly builds a product bundle, so we don't need to build product
# bundle and update packages in GN.
if (!use_bazel_images_only) {
_partitions_config = "//boards/partitions:default"
if (has_board) {
assert(partitions_config_label != false,
"Need to define partitions_config_label")
_partitions_config = partitions_config_label
}
_partitions_config_file =
get_label_info(_partitions_config, "target_out_dir") + "/" +
get_label_info(_partitions_config, "name") + ".json"
update_epoch = update_platform_epoch + update_product_epoch
update_package("update") {
testonly = fuchsia_zbi_testonly
deps = [
":fuchsia_assembly",
"//build/info:build_info_files",
_partitions_config,
recovery_label,
]
partitions = _partitions_config_file
system_a = files.images_json
system_r = files.recovery_images_json
board_name = board_name
version_file = build_info_files.version
epoch = "${update_epoch}"
}
product_bundle_label = "product_bundle"
product_bundle(product_bundle_label) {
testonly = fuchsia_zbi_testonly
name = main_product_bundle_name
deps = [
":fuchsia_assembly",
"//build/info:build_info_files",
_partitions_config,
recovery_label,
]
update = {
version_file = build_info_files.version
epoch = "${update_epoch}"
}
partitions = _partitions_config_file
system_a = files.images_json
system_r = files.recovery_images_json
# Add the virtual devices.
if (board_is_emu) {
virtual_devices = [
"$root_build_dir/virtual_device_recommended.json",
"$root_build_dir/virtual_device_min.json",
"$root_build_dir/virtual_device_large.json",
]
deps += [
"//build/images/flash:virtual_device_specification_large",
"//build/images/flash:virtual_device_specification_min",
"//build/images/flash:virtual_device_specification_recommended",
]
default_virtual_device = "virtual_device_recommended"
}
# Create lists of the files that are referenced by the assembly manifests.
_assembly_contents = [ files.qemu_kernel ]
if (fxfs_blob) {
_assembly_contents += [
files.fxfs,
files.fxfs_sparse,
]
} else {
_assembly_contents += [
files.blobfs,
files.fvm,
files.fvm_sparse,
]
}
_recovery_contents = [ files.qemu_kernel ]
if (files.recovery_name != "zedboot") {
if (fxfs_blob) {
_recovery_contents += [
files.recovery_fxfs,
files.recovery_fxfs_sparse,
]
} else {
_recovery_contents += [
files.blobfs,
files.fvm,
files.fvm_sparse,
]
}
}
if (!fxfs_blob &&
(assembly_generate_fvm_fastboot || assembly_generate_fvm_nand)) {
_assembly_contents += [ files.fvm_fastboot ]
if (files.recovery_name != "zedboot") {
_recovery_contents += [ files.recovery_fvm_fastboot ]
}
}
if (custom_signing_script != "" || use_vboot) {
_assembly_contents += [ files.zbi_signed ]
_recovery_contents += [ files.recovery_zbi_signed ]
} else {
_assembly_contents += [ files.zbi ]
_recovery_contents += [ files.recovery_zbi ]
}
if (use_vbmeta) {
_assembly_contents += [ files.vbmeta ]
_recovery_contents += [ files.recovery_vbmeta ]
}
# List the contents of each input so that the outputs can be calculated.
partitions_contents = partitions_config_contents
system_a_contents = _assembly_contents
system_r_contents = _recovery_contents
if (delivery_blob_type != false) {
delivery_blob_type = delivery_blob_type
}
}
generated_assembly_inputs("assembly_inputs") {
testonly = fuchsia_zbi_testonly
output_path = files.assembly_inputs
# Add the legacy AIB for the assemblies. The platform AIBs are added
# automatically from the build_api_module("assembly_input_archives")
sources = [ "${files.outdir}/legacy" ]
deps = [ ":fuchsia.legacy_input_bundle" ]
}
}
scrutiny_x_smoke_test("scrutiny_x_smoke_test") {
testonly = fuchsia_zbi_testonly
test_binary = "//src/security/bin/scrutiny_x_smoke_test"
if (use_bazel_images_only) {
product_bundle_target = bazel_product_bundle_target
product_bundle_path =
get_label_info(bazel_product_bundle_target, "target_out_dir") + "/" +
get_label_info(bazel_product_bundle_target, "name") +
"/product_bundle"
} else {
product_bundle_target = ":${product_bundle_label}"
product_bundle_path =
get_label_info(":${product_bundle_label}", "target_out_dir") + "/" +
product_bundle_label
}
}
generated_file("universe_config_data_entries") {
testonly = fuchsia_base.testonly
deps = fuchsia_base.universe_packages
data_keys = [ "config_package_entries" ]
walk_keys = [ "config_package_barrier" ]
output_conversion = "json"
outputs = [ "${target_out_dir}/universe_config_data_entries.json" ]
}
python_action("validate_universe_config_data_entries_empty") {
testonly = fuchsia_base.testonly
binary_label = "//build/assembly/scripts:validate_config_data_is_empty"
args = [
"--package-set",
"universe",
"--metadata-walk-results",
rebase_path("${target_out_dir}/universe_config_data_entries.json",
root_build_dir),
"--package-allowlist",
rebase_path("//build/assembly/universe_config_data.allowlist.json",
root_build_dir),
"--output",
rebase_path("${target_out_dir}/universe_config_data_entries_empty.txt",
root_build_dir),
]
inputs = [
"${target_out_dir}/universe_config_data_entries.json",
"//build/assembly/universe_config_data.allowlist.json",
]
deps = [ ":universe_config_data_entries" ]
outputs = [ "${target_out_dir}/universe_config_data_entries_empty.txt" ]
}
##################################################
# Netboot
##################################################
if (enable_netboot) {
assert(
fuchsia_product_assembly_config_label != false,
"fuchsia_product_assembly_config_label must be defined to use netboot")
# This rolls the primary ZBI together with a compressed RAMDISK image of
# fvm.blk into a fat ZBI that boots the full system without using any real
# storage. The system decompresses the fvm.blk image into memory and then
# sees that RAM disk just as if it were a real disk on the device.
assembled_system("netboot") {
image_name = "fuchsia"
namespace = "netboot"
forward_variables_from(fuchsia_base, "*")
product_assembly_config_label = fuchsia_product_assembly_config_label
ramdisk_in_zbi = true
board_config_label = board_configuration_label
image_metadata_overrides = {
zbi = {
name = "netboot"
archive = enable_netboot
bootserver_netboot = [ "--boot" ]
}
}
}
}
}