1// Copyright (C) 2021 The Android Open Source Project
2//
3// Licensed under the Apache License, Version 2.0 (the "License");
4// you may not use this file except in compliance with the License.
5// You may obtain a copy of the License at
6//
7//     http://www.apache.org/licenses/LICENSE-2.0
8//
9// Unless required by applicable law or agreed to in writing, software
10// distributed under the License is distributed on an "AS IS" BASIS,
11// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
12// See the License for the specific language governing permissions and
13// limitations under the License.
14
15package filesystem
16
17import (
18	"fmt"
19	"strconv"
20	"strings"
21
22	"github.com/google/blueprint"
23	"github.com/google/blueprint/proptools"
24
25	"android/soong/android"
26)
27
28func init() {
29	android.RegisterModuleType("bootimg", bootimgFactory)
30}
31
32type bootimg struct {
33	android.ModuleBase
34
35	properties bootimgProperties
36
37	output     android.OutputPath
38	installDir android.InstallPath
39}
40
41type bootimgProperties struct {
42	// Set the name of the output. Defaults to <module_name>.img.
43	Stem *string
44
45	// Path to the linux kernel prebuilt file
46	Kernel_prebuilt *string `android:"arch_variant,path"`
47
48	// Filesystem module that is used as ramdisk
49	Ramdisk_module *string
50
51	// Path to the device tree blob (DTB) prebuilt file to add to this boot image
52	Dtb_prebuilt *string `android:"arch_variant,path"`
53
54	// Header version number. Must be set to one of the version numbers that are currently
55	// supported. Refer to
56	// https://source.android.com/devices/bootloader/boot-image-header
57	Header_version *string
58
59	// Determines if this image is for the vendor_boot partition. Default is false. Refer to
60	// https://source.android.com/devices/bootloader/partitions/vendor-boot-partitions
61	Vendor_boot *bool
62
63	// Optional kernel commandline arguments
64	Cmdline []string `android:"arch_variant"`
65
66	// File that contains bootconfig parameters. This can be set only when `vendor_boot` is true
67	// and `header_version` is greater than or equal to 4.
68	Bootconfig *string `android:"arch_variant,path"`
69
70	// When set to true, sign the image with avbtool. Default is false.
71	Use_avb *bool
72
73	// Name of the partition stored in vbmeta desc. Defaults to the name of this module.
74	Partition_name *string
75
76	// Path to the private key that avbtool will use to sign this filesystem image.
77	// TODO(jiyong): allow apex_key to be specified here
78	Avb_private_key *string `android:"path"`
79
80	// Hash and signing algorithm for avbtool. Default is SHA256_RSA4096.
81	Avb_algorithm *string
82}
83
84// bootimg is the image for the boot partition. It consists of header, kernel, ramdisk, and dtb.
85func bootimgFactory() android.Module {
86	module := &bootimg{}
87	module.AddProperties(&module.properties)
88	android.InitAndroidArchModule(module, android.DeviceSupported, android.MultilibFirst)
89	return module
90}
91
92type bootimgDep struct {
93	blueprint.BaseDependencyTag
94	kind string
95}
96
97var bootimgRamdiskDep = bootimgDep{kind: "ramdisk"}
98
99func (b *bootimg) DepsMutator(ctx android.BottomUpMutatorContext) {
100	ramdisk := proptools.String(b.properties.Ramdisk_module)
101	if ramdisk != "" {
102		ctx.AddDependency(ctx.Module(), bootimgRamdiskDep, ramdisk)
103	}
104}
105
106func (b *bootimg) installFileName() string {
107	return proptools.StringDefault(b.properties.Stem, b.BaseModuleName()+".img")
108}
109
110func (b *bootimg) partitionName() string {
111	return proptools.StringDefault(b.properties.Partition_name, b.BaseModuleName())
112}
113
114func (b *bootimg) GenerateAndroidBuildActions(ctx android.ModuleContext) {
115	vendor := proptools.Bool(b.properties.Vendor_boot)
116	unsignedOutput := b.buildBootImage(ctx, vendor)
117
118	if proptools.Bool(b.properties.Use_avb) {
119		b.output = b.signImage(ctx, unsignedOutput)
120	} else {
121		b.output = unsignedOutput
122	}
123
124	b.installDir = android.PathForModuleInstall(ctx, "etc")
125	ctx.InstallFile(b.installDir, b.installFileName(), b.output)
126
127	ctx.SetOutputFiles([]android.Path{b.output}, "")
128}
129
130func (b *bootimg) buildBootImage(ctx android.ModuleContext, vendor bool) android.OutputPath {
131	output := android.PathForModuleOut(ctx, "unsigned", b.installFileName()).OutputPath
132
133	builder := android.NewRuleBuilder(pctx, ctx)
134	cmd := builder.Command().BuiltTool("mkbootimg")
135
136	kernel := proptools.String(b.properties.Kernel_prebuilt)
137	if vendor && kernel != "" {
138		ctx.PropertyErrorf("kernel_prebuilt", "vendor_boot partition can't have kernel")
139		return output
140	}
141	if !vendor && kernel == "" {
142		ctx.PropertyErrorf("kernel_prebuilt", "boot partition must have kernel")
143		return output
144	}
145	if kernel != "" {
146		cmd.FlagWithInput("--kernel ", android.PathForModuleSrc(ctx, kernel))
147	}
148
149	dtbName := proptools.String(b.properties.Dtb_prebuilt)
150	if dtbName != "" {
151		dtb := android.PathForModuleSrc(ctx, dtbName)
152		cmd.FlagWithInput("--dtb ", dtb)
153	}
154
155	cmdline := strings.Join(b.properties.Cmdline, " ")
156	if cmdline != "" {
157		flag := "--cmdline "
158		if vendor {
159			flag = "--vendor_cmdline "
160		}
161		cmd.FlagWithArg(flag, proptools.ShellEscapeIncludingSpaces(cmdline))
162	}
163
164	headerVersion := proptools.String(b.properties.Header_version)
165	if headerVersion == "" {
166		ctx.PropertyErrorf("header_version", "must be set")
167		return output
168	}
169	verNum, err := strconv.Atoi(headerVersion)
170	if err != nil {
171		ctx.PropertyErrorf("header_version", "%q is not a number", headerVersion)
172		return output
173	}
174	if verNum < 3 {
175		ctx.PropertyErrorf("header_version", "must be 3 or higher for vendor_boot")
176		return output
177	}
178	cmd.FlagWithArg("--header_version ", headerVersion)
179
180	ramdiskName := proptools.String(b.properties.Ramdisk_module)
181	if ramdiskName != "" {
182		ramdisk := ctx.GetDirectDepWithTag(ramdiskName, bootimgRamdiskDep)
183		if filesystem, ok := ramdisk.(*filesystem); ok {
184			flag := "--ramdisk "
185			if vendor {
186				flag = "--vendor_ramdisk "
187			}
188			cmd.FlagWithInput(flag, filesystem.OutputPath())
189		} else {
190			ctx.PropertyErrorf("ramdisk", "%q is not android_filesystem module", ramdisk.Name())
191			return output
192		}
193	}
194
195	bootconfig := proptools.String(b.properties.Bootconfig)
196	if bootconfig != "" {
197		if !vendor {
198			ctx.PropertyErrorf("bootconfig", "requires vendor_boot: true")
199			return output
200		}
201		if verNum < 4 {
202			ctx.PropertyErrorf("bootconfig", "requires header_version: 4 or later")
203			return output
204		}
205		cmd.FlagWithInput("--vendor_bootconfig ", android.PathForModuleSrc(ctx, bootconfig))
206	}
207
208	flag := "--output "
209	if vendor {
210		flag = "--vendor_boot "
211	}
212	cmd.FlagWithOutput(flag, output)
213
214	builder.Build("build_bootimg", fmt.Sprintf("Creating %s", b.BaseModuleName()))
215	return output
216}
217
218func (b *bootimg) signImage(ctx android.ModuleContext, unsignedImage android.OutputPath) android.OutputPath {
219	propFile, toolDeps := b.buildPropFile(ctx)
220
221	output := android.PathForModuleOut(ctx, b.installFileName()).OutputPath
222	builder := android.NewRuleBuilder(pctx, ctx)
223	builder.Command().Text("cp").Input(unsignedImage).Output(output)
224	builder.Command().BuiltTool("verity_utils").
225		Input(propFile).
226		Implicits(toolDeps).
227		Output(output)
228
229	builder.Build("sign_bootimg", fmt.Sprintf("Signing %s", b.BaseModuleName()))
230	return output
231}
232
233// Calculates avb_salt from some input for deterministic output.
234func (b *bootimg) salt() string {
235	var input []string
236	input = append(input, b.properties.Cmdline...)
237	input = append(input, proptools.StringDefault(b.properties.Partition_name, b.Name()))
238	input = append(input, proptools.String(b.properties.Header_version))
239	return sha1sum(input)
240}
241
242func (b *bootimg) buildPropFile(ctx android.ModuleContext) (propFile android.OutputPath, toolDeps android.Paths) {
243	var sb strings.Builder
244	var deps android.Paths
245	addStr := func(name string, value string) {
246		fmt.Fprintf(&sb, "%s=%s\n", name, value)
247	}
248	addPath := func(name string, path android.Path) {
249		addStr(name, path.String())
250		deps = append(deps, path)
251	}
252
253	addStr("avb_hash_enable", "true")
254	addPath("avb_avbtool", ctx.Config().HostToolPath(ctx, "avbtool"))
255	algorithm := proptools.StringDefault(b.properties.Avb_algorithm, "SHA256_RSA4096")
256	addStr("avb_algorithm", algorithm)
257	key := android.PathForModuleSrc(ctx, proptools.String(b.properties.Avb_private_key))
258	addPath("avb_key_path", key)
259	addStr("avb_add_hash_footer_args", "") // TODO(jiyong): add --rollback_index
260	partitionName := proptools.StringDefault(b.properties.Partition_name, b.Name())
261	addStr("partition_name", partitionName)
262	addStr("avb_salt", b.salt())
263
264	propFile = android.PathForModuleOut(ctx, "prop").OutputPath
265	android.WriteFileRule(ctx, propFile, sb.String())
266	return propFile, deps
267}
268
269var _ android.AndroidMkEntriesProvider = (*bootimg)(nil)
270
271// Implements android.AndroidMkEntriesProvider
272func (b *bootimg) AndroidMkEntries() []android.AndroidMkEntries {
273	return []android.AndroidMkEntries{android.AndroidMkEntries{
274		Class:      "ETC",
275		OutputFile: android.OptionalPathForPath(b.output),
276		ExtraEntries: []android.AndroidMkExtraEntriesFunc{
277			func(ctx android.AndroidMkExtraEntriesContext, entries *android.AndroidMkEntries) {
278				entries.SetString("LOCAL_MODULE_PATH", b.installDir.String())
279				entries.SetString("LOCAL_INSTALLED_MODULE_STEM", b.installFileName())
280			},
281		},
282	}}
283}
284
285var _ Filesystem = (*bootimg)(nil)
286
287func (b *bootimg) OutputPath() android.Path {
288	return b.output
289}
290
291func (b *bootimg) SignedOutputPath() android.Path {
292	if proptools.Bool(b.properties.Use_avb) {
293		return b.OutputPath()
294	}
295	return nil
296}
297