Evolution-X-Tensor/device_google_zuma
2
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions
device_google_zuma/conf/ext4/Android.bp
Kelvin Zhang 5a679bbf76 Allow devices to pick ext4 as default fs at build time 
Products using 16KB kernel may wish to boot into 16KB mode
directly. To do this, these targets would need to use ext4
as their default fs type for /data and /metadata . Add
a build time flag which would install ext4 fstabs.

Test: th
Bug: 339337171
Change-Id: I53de1599bbff583b45ca2bf6d3e3efb83957913e
2024-05-14 15:42:14 -07:00

102 lines
3.3 KiB
Text
Raw Blame History

/*
* Copyright (C) 2021 The Android Open Source Project
*
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
* You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS,
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
* See the License for the specific language governing permissions and
* limitations under the License.
*/
// By default this device uses hardware-wrapped keys for storage encryption,
// which is intended to offer increased security over the traditional method
// (software keys). However, hardware-wrapped keys aren't compatible with
// FIPS-140 certification of the encryption hardware, and hence we have to
// disable the use of them in FIPS mode. This requires having two fstab files:
// one for the default mode, and one for FIPS mode selectable via
// androidboot.fstab_suffix on the kernel command line. These fstabs should be
// identical with the exception of the encryption settings, so to keep them in
// sync the rules below generate them from a template file.
soong_namespace {
imports: [
"device/google/zuma",
],
}
package {
// See: http://go/android-license-faq
// A large-scale-change added 'default_applicable_licenses' to import
// all of the 'license_kinds' from "device_google_zuma_license"
// to get the below license kinds:
// SPDX-license-identifier-Apache-2.0
default_applicable_licenses: ["device_google_zuma_license"],
}
genrule {
name: "gen_fstab.zuma-hw-encrypt",
srcs: [
":fstab.zuma.common",
"fstab.zuma.ext4",
],
out: ["fstab.zuma"],
cmd: "sed -e s/@fileencryption@/fileencryption=:aes-256-hctr2:inlinecrypt_optimized+wrappedkey_v0/" +
" -e s/@inlinecrypt@/inlinecrypt/ " +
" -e s/@metadata_encryption@/metadata_encryption=:wrappedkey_v0/ $(in) > $(out)",
}
genrule {
name: "gen_fstab.zuma-sw-encrypt",
srcs: [
":fstab.zuma.common",
"fstab.zuma.ext4",
],
out: ["fstab.zuma"],
cmd: "sed -e s/@fileencryption@/fileencryption=aes-256-xts:aes-256-hctr2/" +
" -e s/@inlinecrypt@// " +
" -e s/@metadata_encryption@/metadata_encryption=/ $(in) > $(out)",
}
genrule {
name: "gen_fstab.zuma-no-encrypt",
srcs: [
":fstab.zuma.common",
"fstab.zuma.ext4",
],
out: ["fstab.zuma"],
cmd: "sed -e s/@fileencryption@//" +
" -e s/@inlinecrypt@// " +
" -e s/@metadata_encryption@// $(in) > $(out)",
}
genrule {
name: "gen_fstab.zuma-fips",
srcs: [
":fstab.zuma.common",
"fstab.zuma.ext4",
],
out: ["fstab.zuma-fips"],
cmd: "sed -e s/@fileencryption@/fileencryption=aes-256-xts/" +
" -e s/@inlinecrypt@/inlinecrypt/ " +
" -e s/@metadata_encryption@/metadata_encryption=aes-256-xts/ $(in) > $(out)",
}
prebuilt_etc {
name: "fstab.zuma",
src: ":gen_fstab.zuma-hw-encrypt",
vendor: true,
vendor_ramdisk_available: true,
}
prebuilt_etc {
name: "fstab.zuma-fips",
src: ":gen_fstab.zuma-fips",
vendor: true,
vendor_ramdisk_available: true,
}
Reference in a new issue View git blame Copy permalink