rust/Android.bp - third_party/android/platform/external/avb - Git at Google

 // Copyright 2023, The Android Open Source Project
 //
 // Licensed under the Apache License, Version 2.0 (the "License");
 // you may not use this file except in compliance with the License.
 // You may obtain a copy of the License at
 //
 //     http://www.apache.org/licenses/LICENSE-2.0
 //
 // Unless required by applicable law or agreed to in writing, software
 // distributed under the License is distributed on an "AS IS" BASIS,
 // WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
 // See the License for the specific language governing permissions and
 // limitations under the License.

 // Rust bindgen wrappers to allow calling into libavb from Rust.
 //
 // The auto-generated wrappers are Rust unsafe and somewhat difficult to work
 // with so are not exposed outside of this directory; instead we will provide
 // a safe higher-level Rust API.
 rust_defaults {
     name: "libavb_bindgen.defaults",
     wrapper_src: "bindgen/avb.h",
     crate_name: "avb_bindgen",
     edition: "2021",
     visibility: [
         ":__subpackages__",
         // TODO(b/290110273): add the Rust public API layer here and adjust
         // Virtualization packages to depend on it instead of the raw bindgen.
         "//packages/modules/Virtualization:__subpackages__",
     ],
     source_stem: "bindings",
     bindgen_flags: [
         "--constified-enum-module AvbDescriptorTag",
         "--bitfield-enum=AvbSlotVerifyFlags",
         "--default-enum-style rust",
         "--allowlist-type=AvbDescriptorTag",
         "--allowlist-function=.*",
         "--allowlist-var=AVB.*",
         "--use-core",
         "--raw-line=#![no_std]",
         "--ctypes-prefix=core::ffi",
     ],
     cflags: ["-DBORINGSSL_NO_CXX"],
 }

 rust_bindgen {
     name: "libavb_bindgen",
     defaults: ["libavb_bindgen.defaults"],
     host_supported: true,
     static_libs: [
         "libavb",
     ],
     shared_libs: [
         "libcrypto",
     ],
     apex_available: [
         "com.android.virt",
     ],
 }

 rust_bindgen {
     name: "libavb_bindgen_nostd",
     defaults: ["libavb_bindgen.defaults"],
     static_libs: [
         "libavb_baremetal",
         "libcrypto_baremetal",
     ],
 }

 rust_test {
     name: "libavb_bindgen_test",
     srcs: [":libavb_bindgen"],
     crate_name: "avb_bindgen_test",
     edition: "2021",
     test_suites: ["general-tests"],
     auto_gen_config: true,
     clippy_lints: "none",
     lints: "none",
 }

 // Rust library wrapping libavb C implementation.

 // Common defaults for all variations.
 rust_defaults {
     name: "libavb_rs_common.defaults",
     crate_name: "avb",
     srcs: ["src/lib.rs"],
     clippy_lints: "android",
     lints: "android",
 }

 // No std, no features.
 rust_defaults {
     name: "libavb_rs_nostd.defaults",
     defaults: ["libavb_rs_common.defaults"],
     // Only rlib can build without the required nostd hooks (eh_personality,
     // panic_handler, etc) to defer them for the final binary to implement.
     prefer_rlib: true,
     no_stdlibs: true,
     rustlibs: [
         "libavb_bindgen_nostd",
     ],
     whole_static_libs: [
         "libavb_baremetal",
     ],
     stdlibs: [
         "libcore.rust_sysroot",
     ],
 }

 // Std, no features.
 rust_defaults {
     name: "libavb_rs.defaults",
     defaults: ["libavb_rs_common.defaults"],
     host_supported: true,
     rustlibs: [
         "libavb_bindgen",
     ],
     whole_static_libs: [
         "libavb",
     ],
 }

 // Adds UUID feature for nostd.
 rust_defaults {
     name: "libavb_rs_nostd.uuid.defaults",
     features: [
         "uuid",
     ],
     rustlibs: [
         "libuuid_nostd",
     ],
 }

 // Adds UUID feature for std.
 rust_defaults {
     name: "libavb_rs.uuid.defaults",
     features: [
         "uuid",
     ],
     rustlibs: [
         "libuuid",
     ],
 }

 // lib: no std, no features.
 rust_library_rlib {
     name: "libavb_rs_nostd",
     defaults: ["libavb_rs_nostd.defaults"],
 }

 // lib: no std, UUID feature.
 rust_library_rlib {
     name: "libavb_rs_nostd_uuid",
     defaults: [
         "libavb_rs_nostd.defaults",
         "libavb_rs_nostd.uuid.defaults",
     ],
 }

 // lib: std, no features.
 rust_library {
     name: "libavb_rs",
     defaults: ["libavb_rs.defaults"],
 }

 // Unit tests: std, no features.
 rust_test {
     name: "libavb_rs_unittest",
     defaults: ["libavb_rs.defaults"],
     test_suites: ["general-tests"],
 }

 // lib: std, UUID feature.
 rust_library {
     name: "libavb_rs_uuid",
     defaults: [
         "libavb_rs.defaults",
         "libavb_rs.uuid.defaults",
     ],
 }

 // Unit tests: std, UUID feature.
 rust_test {
     name: "libavb_rs_uuid_unittest",
     defaults: [
         "libavb_rs.defaults",
         "libavb_rs.uuid.defaults",
     ],
     test_suites: ["general-tests"],
 }

 // Integration test defaults.
 rust_defaults {
     name: "libavb_rs_test.defaults",
     srcs: ["tests/tests.rs"],
     data: [
         ":avb_testkey_rsa4096_pub_bin",
         ":avbrs_test_image",
         ":avbrs_test_image_with_vbmeta_footer",
         ":avbrs_test_image_with_vbmeta_footer_for_boot",
         ":avbrs_test_vbmeta",
         ":avbrs_test_vbmeta_2_parts",
         ":avbrs_test_vbmeta_persistent_digest",
     ],
     test_suites: ["general-tests"],
     clippy_lints: "android",
     lints: "android",
 }

 // Integration test: no features.
 rust_test {
     name: "libavb_rs_test",
     defaults: ["libavb_rs_test.defaults"],
     rustlibs: ["libavb_rs"],
 }

 // Integration test: UUID feature.
 rust_test {
     name: "libavb_rs_uuid_test",
     defaults: [
         "libavb_rs.uuid.defaults",
         "libavb_rs_test.defaults",
     ],
     rustlibs: ["libavb_rs_uuid"],
 }

 // Test images for verification.

 // Unsigned 16KiB test image.
 genrule {
     name: "avbrs_test_image",
     tools: ["avbtool"],
     out: ["test_image.img"],
     cmd: "$(location avbtool) generate_test_image --image_size 16384 --output $(out)",
 }

 // Unsigned vbmeta blob containing the test image descriptor for partition name "test_part".
 avb_gen_vbmeta_image {
     name: "avbrs_test_image_descriptor",
     src: ":avbrs_test_image",
     partition_name: "test_part",
     salt: "0000",
 }

 // Unsigned vbmeta blob containing the test image descriptor for partition name "test_part_2".
 avb_gen_vbmeta_image {
     name: "avbrs_test_image_descriptor_2",
     src: ":avbrs_test_image",
     partition_name: "test_part_2",
     salt: "0001",
 }

 // Unsigned vbmeta blob containing a persistent digest descriptor for partition name
 // "test_part_persistent_digest".
 //
 // Currently this is the only in-tree usage of persistent digests, but if anyone else needs it
 // later on it may be worth folding support for this into the `avb_gen_vbmeta_image` rule.
 genrule {
     name: "avbrs_test_image_descriptor_persistent_digest",
     tools: ["avbtool"],
     srcs: [":avbrs_test_image"],
     out: ["avbrs_test_image_descriptor_persistent_digest.img"],
     cmd: "$(location avbtool) add_hash_footer --image $(location :avbrs_test_image) --partition_name test_part_persistent_digest --dynamic_partition_size --do_not_append_vbmeta_image --use_persistent_digest --output_vbmeta_image $(out)",
 }

 // Standalone vbmeta image signing the test image descriptor.
 genrule {
     name: "avbrs_test_vbmeta",
     tools: ["avbtool"],
     srcs: [
         ":avbrs_test_image_descriptor",
         ":avb_testkey_rsa4096",
     ],
     out: ["test_vbmeta.img"],
     cmd: "$(location avbtool) make_vbmeta_image --key $(location :avb_testkey_rsa4096) --algorithm SHA512_RSA4096 --include_descriptors_from_image $(location :avbrs_test_image_descriptor) --output $(out)",
 }

 // Standalone vbmeta image signing the test image descriptors for "test_part" and "test_part_2".
 genrule {
     name: "avbrs_test_vbmeta_2_parts",
     tools: ["avbtool"],
     srcs: [
         ":avbrs_test_image_descriptor",
         ":avbrs_test_image_descriptor_2",
         ":avb_testkey_rsa4096",
     ],
     out: ["test_vbmeta_2_parts.img"],
     cmd: "$(location avbtool) make_vbmeta_image --key $(location :avb_testkey_rsa4096) --algorithm SHA512_RSA4096 --include_descriptors_from_image $(location :avbrs_test_image_descriptor) --include_descriptors_from_image $(location :avbrs_test_image_descriptor_2) --output $(out)",
 }

 // Standalone vbmeta image signing the test image persistent digest descriptor.
 genrule {
     name: "avbrs_test_vbmeta_persistent_digest",
     tools: ["avbtool"],
     srcs: [
         ":avbrs_test_image_descriptor_persistent_digest",
         ":avb_testkey_rsa4096",
     ],
     out: ["test_vbmeta_persistent_digest.img"],
     cmd: "$(location avbtool) make_vbmeta_image --key $(location :avb_testkey_rsa4096) --algorithm SHA512_RSA4096 --include_descriptors_from_image $(location :avbrs_test_image_descriptor_persistent_digest) --output $(out)",
 }

 // Combined test image + signed vbmeta footer for "test_part".
 avb_add_hash_footer {
     name: "avbrs_test_image_with_vbmeta_footer",
     src: ":avbrs_test_image",
     partition_name: "test_part",
     private_key: ":avb_testkey_rsa4096",
     salt: "A000",
 }

 // Combined test image + signed vbmeta footer for "boot".
 avb_add_hash_footer {
     name: "avbrs_test_image_with_vbmeta_footer_for_boot",
     src: ":avbrs_test_image",
     partition_name: "boot",
     private_key: ":avb_testkey_rsa4096",
     salt: "A001",
 }
	// Copyright 2023, The Android Open Source Project
	//
	// Licensed under the Apache License, Version 2.0 (the "License");
	// you may not use this file except in compliance with the License.
	// You may obtain a copy of the License at
	//
	// http://www.apache.org/licenses/LICENSE-2.0
	//
	// Unless required by applicable law or agreed to in writing, software
	// distributed under the License is distributed on an "AS IS" BASIS,
	// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
	// See the License for the specific language governing permissions and
	// limitations under the License.

	// Rust bindgen wrappers to allow calling into libavb from Rust.
	//
	// The auto-generated wrappers are Rust unsafe and somewhat difficult to work
	// with so are not exposed outside of this directory; instead we will provide
	// a safe higher-level Rust API.
	rust_defaults {
	name: "libavb_bindgen.defaults",
	wrapper_src: "bindgen/avb.h",
	crate_name: "avb_bindgen",
	edition: "2021",
	visibility: [
	":__subpackages__",
	// TODO(b/290110273): add the Rust public API layer here and adjust
	// Virtualization packages to depend on it instead of the raw bindgen.
	"//packages/modules/Virtualization:__subpackages__",
	],
	source_stem: "bindings",
	bindgen_flags: [
	"--constified-enum-module AvbDescriptorTag",
	"--bitfield-enum=AvbSlotVerifyFlags",
	"--default-enum-style rust",
	"--allowlist-type=AvbDescriptorTag",
	"--allowlist-function=.*",
	"--allowlist-var=AVB.*",
	"--use-core",
	"--raw-line=#![no_std]",
	"--ctypes-prefix=core::ffi",
	],
	cflags: ["-DBORINGSSL_NO_CXX"],
	}

	rust_bindgen {
	name: "libavb_bindgen",
	defaults: ["libavb_bindgen.defaults"],
	host_supported: true,
	static_libs: [
	"libavb",
	],
	shared_libs: [
	"libcrypto",
	],
	apex_available: [
	"com.android.virt",
	],
	}

	rust_bindgen {
	name: "libavb_bindgen_nostd",
	defaults: ["libavb_bindgen.defaults"],
	static_libs: [
	"libavb_baremetal",
	"libcrypto_baremetal",
	],
	}

	rust_test {
	name: "libavb_bindgen_test",
	srcs: [":libavb_bindgen"],
	crate_name: "avb_bindgen_test",
	edition: "2021",
	test_suites: ["general-tests"],
	auto_gen_config: true,
	clippy_lints: "none",
	lints: "none",
	}

	// Rust library wrapping libavb C implementation.

	// Common defaults for all variations.
	rust_defaults {
	name: "libavb_rs_common.defaults",
	crate_name: "avb",
	srcs: ["src/lib.rs"],
	clippy_lints: "android",
	lints: "android",
	}

	// No std, no features.
	rust_defaults {
	name: "libavb_rs_nostd.defaults",
	defaults: ["libavb_rs_common.defaults"],
	// Only rlib can build without the required nostd hooks (eh_personality,
	// panic_handler, etc) to defer them for the final binary to implement.
	prefer_rlib: true,
	no_stdlibs: true,
	rustlibs: [
	"libavb_bindgen_nostd",
	],
	whole_static_libs: [
	"libavb_baremetal",
	],
	stdlibs: [
	"libcore.rust_sysroot",
	],
	}

	// Std, no features.
	rust_defaults {
	name: "libavb_rs.defaults",
	defaults: ["libavb_rs_common.defaults"],
	host_supported: true,
	rustlibs: [
	"libavb_bindgen",
	],
	whole_static_libs: [
	"libavb",
	],
	}

	// Adds UUID feature for nostd.
	rust_defaults {
	name: "libavb_rs_nostd.uuid.defaults",
	features: [
	"uuid",
	],
	rustlibs: [
	"libuuid_nostd",
	],
	}

	// Adds UUID feature for std.
	rust_defaults {
	name: "libavb_rs.uuid.defaults",
	features: [
	"uuid",
	],
	rustlibs: [
	"libuuid",
	],
	}

	// lib: no std, no features.
	rust_library_rlib {
	name: "libavb_rs_nostd",
	defaults: ["libavb_rs_nostd.defaults"],
	}

	// lib: no std, UUID feature.
	rust_library_rlib {
	name: "libavb_rs_nostd_uuid",
	defaults: [
	"libavb_rs_nostd.defaults",
	"libavb_rs_nostd.uuid.defaults",
	],
	}

	// lib: std, no features.
	rust_library {
	name: "libavb_rs",
	defaults: ["libavb_rs.defaults"],
	}

	// Unit tests: std, no features.
	rust_test {
	name: "libavb_rs_unittest",
	defaults: ["libavb_rs.defaults"],
	test_suites: ["general-tests"],
	}

	// lib: std, UUID feature.
	rust_library {
	name: "libavb_rs_uuid",
	defaults: [
	"libavb_rs.defaults",
	"libavb_rs.uuid.defaults",
	],
	}

	// Unit tests: std, UUID feature.
	rust_test {
	name: "libavb_rs_uuid_unittest",
	defaults: [
	"libavb_rs.defaults",
	"libavb_rs.uuid.defaults",
	],
	test_suites: ["general-tests"],
	}

	// Integration test defaults.
	rust_defaults {
	name: "libavb_rs_test.defaults",
	srcs: ["tests/tests.rs"],
	data: [
	":avb_testkey_rsa4096_pub_bin",
	":avbrs_test_image",
	":avbrs_test_image_with_vbmeta_footer",
	":avbrs_test_image_with_vbmeta_footer_for_boot",
	":avbrs_test_vbmeta",
	":avbrs_test_vbmeta_2_parts",
	":avbrs_test_vbmeta_persistent_digest",
	],
	test_suites: ["general-tests"],
	clippy_lints: "android",
	lints: "android",
	}

	// Integration test: no features.
	rust_test {
	name: "libavb_rs_test",
	defaults: ["libavb_rs_test.defaults"],
	rustlibs: ["libavb_rs"],
	}

	// Integration test: UUID feature.
	rust_test {
	name: "libavb_rs_uuid_test",
	defaults: [
	"libavb_rs.uuid.defaults",
	"libavb_rs_test.defaults",
	],
	rustlibs: ["libavb_rs_uuid"],
	}

	// Test images for verification.

	// Unsigned 16KiB test image.
	genrule {
	name: "avbrs_test_image",
	tools: ["avbtool"],
	out: ["test_image.img"],
	cmd: "$(location avbtool) generate_test_image --image_size 16384 --output $(out)",
	}

	// Unsigned vbmeta blob containing the test image descriptor for partition name "test_part".
	avb_gen_vbmeta_image {
	name: "avbrs_test_image_descriptor",
	src: ":avbrs_test_image",
	partition_name: "test_part",
	salt: "0000",
	}

	// Unsigned vbmeta blob containing the test image descriptor for partition name "test_part_2".
	avb_gen_vbmeta_image {
	name: "avbrs_test_image_descriptor_2",
	src: ":avbrs_test_image",
	partition_name: "test_part_2",
	salt: "0001",
	}

	// Unsigned vbmeta blob containing a persistent digest descriptor for partition name
	// "test_part_persistent_digest".
	//
	// Currently this is the only in-tree usage of persistent digests, but if anyone else needs it
	// later on it may be worth folding support for this into the `avb_gen_vbmeta_image` rule.
	genrule {
	name: "avbrs_test_image_descriptor_persistent_digest",
	tools: ["avbtool"],
	srcs: [":avbrs_test_image"],
	out: ["avbrs_test_image_descriptor_persistent_digest.img"],
	cmd: "$(location avbtool) add_hash_footer --image $(location :avbrs_test_image) --partition_name test_part_persistent_digest --dynamic_partition_size --do_not_append_vbmeta_image --use_persistent_digest --output_vbmeta_image $(out)",
	}

	// Standalone vbmeta image signing the test image descriptor.
	genrule {
	name: "avbrs_test_vbmeta",
	tools: ["avbtool"],
	srcs: [
	":avbrs_test_image_descriptor",
	":avb_testkey_rsa4096",
	],
	out: ["test_vbmeta.img"],
	cmd: "$(location avbtool) make_vbmeta_image --key $(location :avb_testkey_rsa4096) --algorithm SHA512_RSA4096 --include_descriptors_from_image $(location :avbrs_test_image_descriptor) --output $(out)",
	}

	// Standalone vbmeta image signing the test image descriptors for "test_part" and "test_part_2".
	genrule {
	name: "avbrs_test_vbmeta_2_parts",
	tools: ["avbtool"],
	srcs: [
	":avbrs_test_image_descriptor",
	":avbrs_test_image_descriptor_2",
	":avb_testkey_rsa4096",
	],
	out: ["test_vbmeta_2_parts.img"],
	cmd: "$(location avbtool) make_vbmeta_image --key $(location :avb_testkey_rsa4096) --algorithm SHA512_RSA4096 --include_descriptors_from_image $(location :avbrs_test_image_descriptor) --include_descriptors_from_image $(location :avbrs_test_image_descriptor_2) --output $(out)",
	}

	// Standalone vbmeta image signing the test image persistent digest descriptor.
	genrule {
	name: "avbrs_test_vbmeta_persistent_digest",
	tools: ["avbtool"],
	srcs: [
	":avbrs_test_image_descriptor_persistent_digest",
	":avb_testkey_rsa4096",
	],
	out: ["test_vbmeta_persistent_digest.img"],
	cmd: "$(location avbtool) make_vbmeta_image --key $(location :avb_testkey_rsa4096) --algorithm SHA512_RSA4096 --include_descriptors_from_image $(location :avbrs_test_image_descriptor_persistent_digest) --output $(out)",
	}

	// Combined test image + signed vbmeta footer for "test_part".
	avb_add_hash_footer {
	name: "avbrs_test_image_with_vbmeta_footer",
	src: ":avbrs_test_image",
	partition_name: "test_part",
	private_key: ":avb_testkey_rsa4096",
	salt: "A000",
	}

	// Combined test image + signed vbmeta footer for "boot".
	avb_add_hash_footer {
	name: "avbrs_test_image_with_vbmeta_footer_for_boot",
	src: ":avbrs_test_image",
	partition_name: "boot",
	private_key: ":avb_testkey_rsa4096",
	salt: "A001",
	}