blob: ff8085eab7ba1c0f355dd04395fa8d6762b24800 [file] [log] [blame]
# Copyright 2018 The Fuchsia Authors. All rights reserved.
# Use of this source code is governed by a BSD-style license that can be
# found in the LICENSE file.
declare_args() {
# If non-empty, the given script will be invoked to produce a signed ZBI
# image. The given script must accept -z for the input zbi path, and -o for
# the output signed zbi path. The path must be in GN-label syntax (i.e.
# starts with //).
custom_signing_script = ""
# If true, then the paving script will pave vbmeta images to the target device.
# It is assumed that the vbmeta image will be created by the custom_signing_script.
use_vbmeta = false
# Template for producing signed ZBI images given a custom signing script.
# The signing script is required to accept two parameters:
# -z the path to the ZBI image to be signed
# -o the path to the image file to be output
# -v the path to the vbmeta file to be output (scripts not using AVB may ignore this)
# -B the path to the zircon build directory
# TODO(BLD-323): add flags for producing depfiles
# TODO(raggi): add support for custom flags (e.g. to switch keys)
# Paramters
# output_name (optional, default: target_name)
# output_extension (optional, default: signed)
# [string] These together determine the name of the output file.
# If `output_name` is omitted, then the name of the target is
# used. If `output_extension` is "" then `output_name` is the
# file name; otherwise, `${output_name}.${output_extension}`;
# the output file is always under `root_out_dir`.
# zbi (required)
# [list-of-strings] path to a ZBI image to be signed. Must only
# contain a single entry.
# deps (usually required)
# visibility (optional)
# testonly (optional)
# Same as for any GN `action` target. `deps` must list labels that
# produce all the `inputs`, `cmdline_inputs`, and `ramdisk_inputs`
# that are generated by the build (none are required for inputs that
# are part of the source tree).
template("custom_signed_zbi") {
if (defined(invoker.output_name)) {
output_file = invoker.output_name
} else {
output_file = target_name
vbmeta_file = output_file + ".vbmeta"
if (defined(invoker.output_extension)) {
if (invoker.output_extension != "") {
output_file += ".${invoker.output_extension}"
} else {
output_file += ".signed"
assert([ zbi[0] ] == zbi, "zbi parameter must contain a single entry")
output_file = "$root_out_dir/$output_file"
vbmeta_file = "$root_out_dir/$vbmeta_file"
action(target_name) {
script = custom_signing_script
inputs = zbi
outputs = [
if (use_vbmeta) {
outputs += [ vbmeta_file ]
args = [
rebase_path(inputs[0], root_build_dir),
rebase_path(outputs[0], root_build_dir),
rebase_path(vbmeta_file, root_build_dir),
rebase_path(zircon_root_build_dir, root_build_dir),