ANDROID: build: avb_boot_img: Use hermetic tools

Currently, the avb_boot_img rule uses "openssl" from the host while building. This causes a build error on hosts that do not have openssl installed. Since openssl is included in the prebuilt hermetic tools, let's update the rule to use those instead. Change-Id: Iddd95a3a74690bfe5e94733e810eed8800e77c39 Signed-off-by: John Moon <quic_johmoo@quicinc.com>
2023-09-05 12:16:35 -07:00 · 2023-09-05 12:16:35 -07:00 · c8511316f2
commit c8511316f2
parent 3bc91ac7f1
1 changed files with 10 additions and 1 deletions
--- a/avb_boot_img.bzl
+++ b/avb_boot_img.bzl
@ -1,3 +1,5 @@
+load("//build/kernel/kleaf:hermetic_tools.bzl", "hermetic_toolchain")
+
 def sign_boot_img(ctx):
    inputs = []
    inputs += ctx.files.artifacts
@ -6,6 +8,8 @@ def sign_boot_img(ctx):

    outputs = ctx.actions.declare_file("{}/boot.img".format(ctx.label.name))

+    hermetic_tools = hermetic_toolchain.get(ctx)
+
    for artifact in ctx.files.artifacts:
        if artifact.basename == "boot.img":
            boot_img = artifact
@ -16,7 +20,8 @@ def sign_boot_img(ctx):

    proplist = " ".join(["--prop {}".format(x) for x in ctx.attr.props])

-    command = """
+    command = hermetic_tools.setup
+    command += """
    cp {boot_img} {boot_dir}/{boot_name}
    {tool} add_hash_footer --image {boot_dir}/{boot_name} --algorithm SHA256_RSA4096 \
            --key {key} --partition_size {boot_partition_size} --partition_name boot \
@ -36,6 +41,7 @@ def sign_boot_img(ctx):
        inputs = inputs,
        outputs = [outputs],
        command = command,
+        tools = hermetic_tools.deps,
        progress_message = "Signing boot image from artifacts",
    )

@ -72,4 +78,7 @@ avb_sign_boot_image = rule(
            doc = "List of key:value pairs",
        ),
    },
+    toolchains = [
+        hermetic_toolchain.type,
+    ],
 )