1package { 2 default_applicable_licenses: ["Android-Apache-2.0"], 3} 4 5rust_library_rlib { 6 name: "libpvmfw_avb_nostd", 7 crate_name: "pvmfw_avb", 8 defaults: ["avf_build_flags_rust"], 9 srcs: ["src/lib.rs"], 10 prefer_rlib: true, 11 rustlibs: [ 12 "libavb_rs_nostd", 13 "libtinyvec_nostd", 14 ], 15 whole_static_libs: [ 16 "libavb_baremetal", 17 ], 18 no_stdlibs: true, 19 stdlibs: [ 20 "libcore.rust_sysroot", 21 ], 22} 23 24rust_test { 25 name: "libpvmfw_avb.integration_test", 26 crate_name: "pvmfw_avb_test", 27 defaults: ["avf_build_flags_rust"], 28 srcs: ["tests/api_test.rs"], 29 test_suites: ["general-tests"], 30 data: [ 31 ":avb_testkey_rsa2048_pub_bin", 32 ":avb_testkey_rsa4096_pub_bin", 33 ":microdroid_kernel_signed", 34 ":microdroid_initrd_normal", 35 ":microdroid_initrd_debuggable", 36 ":trusty_security_vm_signed", 37 ":test_image_with_one_hashdesc", 38 ":test_image_with_non_initrd_hashdesc", 39 ":test_image_with_initrd_and_non_initrd_desc", 40 ":test_image_with_prop_desc", 41 ":test_image_with_service_vm_prop", 42 ":test_image_with_unknown_vm_type_prop", 43 ":test_image_with_multiple_props", 44 ":test_image_with_duplicated_capability", 45 ":test_image_with_rollback_index_5", 46 ":test_image_with_multiple_capabilities", 47 ":test_image_with_all_capabilities", 48 ":unsigned_test_image", 49 ], 50 prefer_rlib: true, 51 rustlibs: [ 52 "libanyhow", 53 "libavb_bindgen", 54 "libavb_rs_nostd", 55 "libhex", 56 "libpvmfw_avb_nostd", 57 "libopenssl", 58 ], 59 enabled: false, 60 arch: { 61 // Microdroid kernel is only available in these architectures. 62 arm64: { 63 enabled: true, 64 }, 65 x86_64: { 66 enabled: true, 67 }, 68 }, 69} 70 71// Generates a 16KB unsigned image for testing. 72genrule { 73 name: "unsigned_test_image", 74 tools: ["avbtool"], 75 out: ["unsigned_test.img"], 76 cmd: "$(location avbtool) generate_test_image --image_size 16384 --output $(out)", 77} 78 79avb_gen_vbmeta_image { 80 name: "test_non_initrd_hashdesc", 81 src: ":unsigned_test_image", 82 partition_name: "non_initrd11", 83 salt: "2222", 84} 85 86avb_add_hash_footer { 87 name: "test_image_with_non_initrd_hashdesc", 88 src: ":unsigned_test_image", 89 partition_name: "boot", 90 private_key: ":pvmfw_sign_key", 91 salt: "3322", 92 include_descriptors_from_images: [ 93 ":test_non_initrd_hashdesc", 94 ], 95} 96 97avb_add_hash_footer { 98 name: "test_image_with_initrd_and_non_initrd_desc", 99 src: ":unsigned_test_image", 100 partition_name: "boot", 101 private_key: ":pvmfw_sign_key", 102 salt: "3241", 103 include_descriptors_from_images: [ 104 ":microdroid_initrd_normal_hashdesc", 105 ":test_non_initrd_hashdesc", 106 ], 107 enabled: false, 108 arch: { 109 // microdroid_initrd_normal_hashdesc is only available in these architectures. 110 arm64: { 111 enabled: true, 112 }, 113 x86_64: { 114 enabled: true, 115 }, 116 }, 117} 118 119avb_add_hash_footer { 120 name: "test_image_with_prop_desc", 121 src: ":unsigned_test_image", 122 partition_name: "boot", 123 private_key: ":pvmfw_sign_key", 124 salt: "2134", 125 props: [ 126 { 127 name: "mock_prop", 128 value: "3333", 129 }, 130 ], 131} 132 133avb_add_hash_footer { 134 name: "test_image_with_service_vm_prop", 135 src: ":unsigned_test_image", 136 partition_name: "boot", 137 private_key: ":pvmfw_sign_key", 138 salt: "2131", 139 props: [ 140 { 141 name: "com.android.virt.cap", 142 value: "remote_attest", 143 }, 144 ], 145} 146 147avb_add_hash_footer { 148 name: "test_image_with_unknown_vm_type_prop", 149 src: ":unsigned_test_image", 150 partition_name: "boot", 151 private_key: ":pvmfw_sign_key", 152 salt: "2132", 153 props: [ 154 { 155 name: "com.android.virt.cap", 156 value: "foo", 157 }, 158 ], 159} 160 161avb_add_hash_footer { 162 name: "test_image_with_multiple_props", 163 src: ":unsigned_test_image", 164 partition_name: "boot", 165 private_key: ":pvmfw_sign_key", 166 salt: "2133", 167 props: [ 168 { 169 name: "com.android.virt.cap", 170 value: "remote_attest", 171 }, 172 { 173 name: "another_vm_type", 174 value: "foo_vm", 175 }, 176 ], 177} 178 179avb_add_hash_footer { 180 name: "test_image_with_duplicated_capability", 181 src: ":unsigned_test_image", 182 partition_name: "boot", 183 private_key: ":pvmfw_sign_key", 184 salt: "2134", 185 props: [ 186 { 187 name: "com.android.virt.cap", 188 value: "remote_attest|remote_attest|remote_attest", 189 }, 190 ], 191} 192 193avb_add_hash_footer { 194 name: "test_image_with_one_hashdesc", 195 src: ":unsigned_test_image", 196 partition_name: "boot", 197 private_key: ":pvmfw_sign_key", 198 salt: "1111", 199} 200 201avb_add_hash_footer { 202 name: "test_image_with_rollback_index_5", 203 src: ":unsigned_test_image", 204 partition_name: "boot", 205 private_key: ":pvmfw_sign_key", 206 salt: "1211", 207 rollback_index: 5, 208} 209 210avb_add_hash_footer { 211 name: "test_image_with_multiple_capabilities", 212 src: ":unsigned_test_image", 213 partition_name: "boot", 214 private_key: ":pvmfw_sign_key", 215 salt: "2134", 216 props: [ 217 { 218 name: "com.android.virt.cap", 219 value: "remote_attest|secretkeeper_protection", 220 }, 221 ], 222} 223 224avb_add_hash_footer { 225 name: "test_image_with_all_capabilities", 226 src: ":unsigned_test_image", 227 partition_name: "boot", 228 private_key: ":pvmfw_sign_key", 229 salt: "4231", 230 props: [ 231 { 232 name: "com.android.virt.cap", 233 value: "remote_attest|trusty_security_vm|secretkeeper_protection|supports_uefi_boot", 234 }, 235 ], 236} 237