Merge remote-tracking branch 'aosp/upstream-master'
* aosp/upstream-master:
lib: remove libfsverity_error_msg_errno()
Makefile: use -Wno-deprecated-declarations to avoid OpenSSL 3.0 warnings
scripts/run-tests.sh: test with OpenSSL 3.0
scripts/run-tests.sh: test with OpenSSL 1.0
Implement PKCS#11 opaque keys support through OpenSSL pkcs11 engine
Bug: 190084016
Test: m libfsverity
Test: m USE_HOST_MUSL=true libfsverity
Change-Id: I0fc0239104b2738292a2672c85e3dac15eb80024
diff --git a/Android.bp b/Android.bp
new file mode 100644
index 0000000..d7abc42
--- /dev/null
+++ b/Android.bp
@@ -0,0 +1,75 @@
+package {
+ default_applicable_licenses: ["external_fsverity-utils_license"],
+}
+
+// Added automatically by a large-scale-change that took the approach of
+// 'apply every license found to every target'. While this makes sure we respect
+// every license restriction, it may not be entirely correct.
+//
+// e.g. GPL in an MIT project might only apply to the contrib/ directory.
+//
+// Please consider splitting the single license below into multiple licenses,
+// taking care not to lose any license_kind information, and overriding the
+// default license using the 'licenses: [...]' property on targets as needed.
+//
+// For unused files, consider creating a 'fileGroup' with "//visibility:private"
+// to attach the license to, and including a comment whether the files may be
+// used in the current project.
+// See: http://go/android-license-faq
+license {
+ name: "external_fsverity-utils_license",
+ visibility: [":__subpackages__"],
+ license_kinds: [
+ "SPDX-license-identifier-GPL-2.0",
+ "SPDX-license-identifier-MIT",
+ ],
+ license_text: [
+ "LICENSE",
+ ],
+}
+
+cc_defaults {
+ name: "fsverity_default_flags",
+
+ cflags: [
+ "-Wall",
+ "-Wno-pointer-arith",
+ "-D_GNU_SOURCE",
+ "-D_FILE_OFFSET_BITS=64",
+ ],
+}
+
+cc_binary {
+ name: "fsverity",
+ defaults: [
+ "fsverity_default_flags",
+ ],
+ host_supported: true,
+ shared_libs: ["libfsverity"],
+ srcs: [
+ "programs/cmd_*.c",
+ "programs/fsverity.c",
+ "programs/utils.c",
+ ],
+}
+
+cc_library {
+ name: "libfsverity",
+ defaults: [
+ "fsverity_default_flags",
+ ],
+ host_supported: true,
+ shared_libs: ["libcrypto"],
+
+ export_include_dirs: ["include"],
+
+ apex_available: [
+ "//apex_available:platform",
+ "com.android.compos",
+ ],
+ recovery_available: true,
+
+ srcs: [
+ "lib/*.c",
+ ],
+}
diff --git a/METADATA b/METADATA
new file mode 100644
index 0000000..52ec89e
--- /dev/null
+++ b/METADATA
@@ -0,0 +1,16 @@
+name: "fsverity-utils"
+description: "This is fsverity-utils, a set of userspace utilities for fs-verity. fs-verity is a Linux kernel feature that does transparent on-demand integrity/authenticity verification of the contents of read-only files, using a hidden Merkle tree (hash tree) associated with the file. fsverity-utils currently contains just one program, `fsverity`. The `fsverity` program allows you to set up fs-verity protected files."
+third_party {
+ url {
+ type: GIT
+ value: "https://git.kernel.org/pub/scm/linux/kernel/git/ebiggers/fsverity-utils.git"
+ }
+ version: "4258209301d54512956d536149b0eef0c695cfe6"
+ # would be NOTICE save for common/fsverity_uapi.h
+ license_type: RESTRICTED
+ last_upgrade_date {
+ year: 2021
+ month: 12
+ day: 20
+ }
+}
diff --git a/MODULE_LICENSE_MIT b/MODULE_LICENSE_MIT
new file mode 100644
index 0000000..e69de29
--- /dev/null
+++ b/MODULE_LICENSE_MIT
diff --git a/OWNERS b/OWNERS
new file mode 100644
index 0000000..34a0faa
--- /dev/null
+++ b/OWNERS
@@ -0,0 +1,4 @@
+# Default code reviewers picked from top 3 or more developers.
+# Please update this list if you find better candidates.
+ebiggers@google.com
+victorhsieh@google.com
