| // Copyright 2023, The Android Open Source Project |
| // |
| // Licensed under the Apache License, Version 2.0 (the "License"); |
| // you may not use this file except in compliance with the License. |
| // You may obtain a copy of the License at |
| // |
| // http://www.apache.org/licenses/LICENSE-2.0 |
| // |
| // Unless required by applicable law or agreed to in writing, software |
| // distributed under the License is distributed on an "AS IS" BASIS, |
| // WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. |
| // See the License for the specific language governing permissions and |
| // limitations under the License. |
| |
| // Rust bindgen wrappers to allow calling into libavb from Rust. |
| // |
| // The auto-generated wrappers are Rust unsafe and somewhat difficult to work |
| // with so are not exposed outside of this directory; instead we will provide |
| // a safe higher-level Rust API. |
| rust_defaults { |
| name: "libavb_bindgen.defaults", |
| wrapper_src: "bindgen/avb.h", |
| crate_name: "avb_bindgen", |
| edition: "2021", |
| visibility: [ |
| ":__subpackages__", |
| // TODO(b/290110273): add the Rust public API layer here and adjust |
| // Virtualization packages to depend on it instead of the raw bindgen. |
| "//packages/modules/Virtualization:__subpackages__", |
| ], |
| source_stem: "bindings", |
| bindgen_flags: [ |
| "--constified-enum-module AvbDescriptorTag", |
| "--bitfield-enum=AvbSlotVerifyFlags", |
| "--default-enum-style rust", |
| "--allowlist-type=AvbDescriptorTag", |
| "--allowlist-function=.*", |
| "--allowlist-var=AVB.*", |
| "--use-core", |
| "--raw-line=#![no_std]", |
| "--ctypes-prefix=core::ffi", |
| ], |
| cflags: ["-DBORINGSSL_NO_CXX"], |
| } |
| |
| rust_bindgen { |
| name: "libavb_bindgen", |
| defaults: ["libavb_bindgen.defaults"], |
| host_supported: true, |
| static_libs: [ |
| "libavb", |
| ], |
| shared_libs: [ |
| "libcrypto", |
| ], |
| apex_available: [ |
| "com.android.virt", |
| ], |
| } |
| |
| rust_bindgen { |
| name: "libavb_bindgen_nostd", |
| defaults: ["libavb_bindgen.defaults"], |
| static_libs: [ |
| "libavb_baremetal", |
| "libcrypto_baremetal", |
| ], |
| } |
| |
| rust_test { |
| name: "libavb_bindgen_test", |
| srcs: [":libavb_bindgen"], |
| crate_name: "avb_bindgen_test", |
| edition: "2021", |
| test_suites: ["general-tests"], |
| auto_gen_config: true, |
| clippy_lints: "none", |
| lints: "none", |
| } |
| |
| // Rust library wrapping libavb C implementation. |
| |
| // Common defaults for all variations. |
| rust_defaults { |
| name: "libavb_rs_common.defaults", |
| crate_name: "avb", |
| srcs: ["src/lib.rs"], |
| clippy_lints: "android", |
| lints: "android", |
| } |
| |
| // No std, no features. |
| rust_defaults { |
| name: "libavb_rs_nostd.defaults", |
| defaults: ["libavb_rs_common.defaults"], |
| // Only rlib can build without the required nostd hooks (eh_personality, |
| // panic_handler, etc) to defer them for the final binary to implement. |
| prefer_rlib: true, |
| no_stdlibs: true, |
| rustlibs: [ |
| "libavb_bindgen_nostd", |
| ], |
| whole_static_libs: [ |
| "libavb_baremetal", |
| ], |
| stdlibs: [ |
| "libcore.rust_sysroot", |
| ], |
| } |
| |
| // Std, no features. |
| rust_defaults { |
| name: "libavb_rs.defaults", |
| defaults: ["libavb_rs_common.defaults"], |
| host_supported: true, |
| rustlibs: [ |
| "libavb_bindgen", |
| ], |
| whole_static_libs: [ |
| "libavb", |
| ], |
| } |
| |
| // Adds UUID feature for nostd. |
| rust_defaults { |
| name: "libavb_rs_nostd.uuid.defaults", |
| features: [ |
| "uuid", |
| ], |
| rustlibs: [ |
| "libuuid_nostd", |
| ], |
| } |
| |
| // Adds UUID feature for std. |
| rust_defaults { |
| name: "libavb_rs.uuid.defaults", |
| features: [ |
| "uuid", |
| ], |
| rustlibs: [ |
| "libuuid", |
| ], |
| } |
| |
| // lib: no std, no features. |
| rust_library_rlib { |
| name: "libavb_rs_nostd", |
| defaults: ["libavb_rs_nostd.defaults"], |
| } |
| |
| // lib: no std, UUID feature. |
| rust_library_rlib { |
| name: "libavb_rs_nostd_uuid", |
| defaults: [ |
| "libavb_rs_nostd.defaults", |
| "libavb_rs_nostd.uuid.defaults", |
| ], |
| } |
| |
| // lib: std, no features. |
| rust_library { |
| name: "libavb_rs", |
| defaults: ["libavb_rs.defaults"], |
| } |
| |
| // Unit tests: std, no features. |
| rust_test { |
| name: "libavb_rs_unittest", |
| defaults: ["libavb_rs.defaults"], |
| test_suites: ["general-tests"], |
| } |
| |
| // lib: std, UUID feature. |
| rust_library { |
| name: "libavb_rs_uuid", |
| defaults: [ |
| "libavb_rs.defaults", |
| "libavb_rs.uuid.defaults", |
| ], |
| } |
| |
| // Unit tests: std, UUID feature. |
| rust_test { |
| name: "libavb_rs_uuid_unittest", |
| defaults: [ |
| "libavb_rs.defaults", |
| "libavb_rs.uuid.defaults", |
| ], |
| test_suites: ["general-tests"], |
| } |
| |
| // Integration test defaults. |
| rust_defaults { |
| name: "libavb_rs_test.defaults", |
| srcs: ["tests/tests.rs"], |
| data: [ |
| ":avb_testkey_rsa4096_pub_bin", |
| ":avbrs_test_image", |
| ":avbrs_test_image_with_vbmeta_footer", |
| ":avbrs_test_image_with_vbmeta_footer_for_boot", |
| ":avbrs_test_vbmeta", |
| ":avbrs_test_vbmeta_2_parts", |
| ":avbrs_test_vbmeta_persistent_digest", |
| ], |
| test_suites: ["general-tests"], |
| clippy_lints: "android", |
| lints: "android", |
| } |
| |
| // Integration test: no features. |
| rust_test { |
| name: "libavb_rs_test", |
| defaults: ["libavb_rs_test.defaults"], |
| rustlibs: ["libavb_rs"], |
| } |
| |
| // Integration test: UUID feature. |
| rust_test { |
| name: "libavb_rs_uuid_test", |
| defaults: [ |
| "libavb_rs.uuid.defaults", |
| "libavb_rs_test.defaults", |
| ], |
| rustlibs: ["libavb_rs_uuid"], |
| } |
| |
| // Test images for verification. |
| |
| // Unsigned 16KiB test image. |
| genrule { |
| name: "avbrs_test_image", |
| tools: ["avbtool"], |
| out: ["test_image.img"], |
| cmd: "$(location avbtool) generate_test_image --image_size 16384 --output $(out)", |
| } |
| |
| // Unsigned vbmeta blob containing the test image descriptor for partition name "test_part". |
| avb_gen_vbmeta_image { |
| name: "avbrs_test_image_descriptor", |
| src: ":avbrs_test_image", |
| partition_name: "test_part", |
| salt: "0000", |
| } |
| |
| // Unsigned vbmeta blob containing the test image descriptor for partition name "test_part_2". |
| avb_gen_vbmeta_image { |
| name: "avbrs_test_image_descriptor_2", |
| src: ":avbrs_test_image", |
| partition_name: "test_part_2", |
| salt: "0001", |
| } |
| |
| // Unsigned vbmeta blob containing a persistent digest descriptor for partition name |
| // "test_part_persistent_digest". |
| // |
| // Currently this is the only in-tree usage of persistent digests, but if anyone else needs it |
| // later on it may be worth folding support for this into the `avb_gen_vbmeta_image` rule. |
| genrule { |
| name: "avbrs_test_image_descriptor_persistent_digest", |
| tools: ["avbtool"], |
| srcs: [":avbrs_test_image"], |
| out: ["avbrs_test_image_descriptor_persistent_digest.img"], |
| cmd: "$(location avbtool) add_hash_footer --image $(location :avbrs_test_image) --partition_name test_part_persistent_digest --dynamic_partition_size --do_not_append_vbmeta_image --use_persistent_digest --output_vbmeta_image $(out)", |
| } |
| |
| // Standalone vbmeta image signing the test image descriptor. |
| genrule { |
| name: "avbrs_test_vbmeta", |
| tools: ["avbtool"], |
| srcs: [ |
| ":avbrs_test_image_descriptor", |
| ":avb_testkey_rsa4096", |
| ], |
| out: ["test_vbmeta.img"], |
| cmd: "$(location avbtool) make_vbmeta_image --key $(location :avb_testkey_rsa4096) --algorithm SHA512_RSA4096 --include_descriptors_from_image $(location :avbrs_test_image_descriptor) --output $(out)", |
| } |
| |
| // Standalone vbmeta image signing the test image descriptors for "test_part" and "test_part_2". |
| genrule { |
| name: "avbrs_test_vbmeta_2_parts", |
| tools: ["avbtool"], |
| srcs: [ |
| ":avbrs_test_image_descriptor", |
| ":avbrs_test_image_descriptor_2", |
| ":avb_testkey_rsa4096", |
| ], |
| out: ["test_vbmeta_2_parts.img"], |
| cmd: "$(location avbtool) make_vbmeta_image --key $(location :avb_testkey_rsa4096) --algorithm SHA512_RSA4096 --include_descriptors_from_image $(location :avbrs_test_image_descriptor) --include_descriptors_from_image $(location :avbrs_test_image_descriptor_2) --output $(out)", |
| } |
| |
| // Standalone vbmeta image signing the test image persistent digest descriptor. |
| genrule { |
| name: "avbrs_test_vbmeta_persistent_digest", |
| tools: ["avbtool"], |
| srcs: [ |
| ":avbrs_test_image_descriptor_persistent_digest", |
| ":avb_testkey_rsa4096", |
| ], |
| out: ["test_vbmeta_persistent_digest.img"], |
| cmd: "$(location avbtool) make_vbmeta_image --key $(location :avb_testkey_rsa4096) --algorithm SHA512_RSA4096 --include_descriptors_from_image $(location :avbrs_test_image_descriptor_persistent_digest) --output $(out)", |
| } |
| |
| // Combined test image + signed vbmeta footer for "test_part". |
| avb_add_hash_footer { |
| name: "avbrs_test_image_with_vbmeta_footer", |
| src: ":avbrs_test_image", |
| partition_name: "test_part", |
| private_key: ":avb_testkey_rsa4096", |
| salt: "A000", |
| } |
| |
| // Combined test image + signed vbmeta footer for "boot". |
| avb_add_hash_footer { |
| name: "avbrs_test_image_with_vbmeta_footer_for_boot", |
| src: ":avbrs_test_image", |
| partition_name: "boot", |
| private_key: ":avb_testkey_rsa4096", |
| salt: "A001", |
| } |