Investigate Android 15 DP1

[chenxiaolong]

Android 15 DP1 has been released for Pixels! I think avbroot is likely already compatible, but I will verify today and post my findings here.

[chenxiaolong]

1. Everything now uses AVB 2.0 version 1.3.0.

   avbroot already supports this since #210 (avbroot 3.0.0).

2. The fstab specifies avb_keys=no_such_key for the system_dlkm and vendor_dlkm entries.

   diff '--color=auto' -Nru stock/vendor_boot/ramdisk.img.0_extracted/cpio_tree/first_stage_ramdisk/system/etc/fstab.zuma 15/stock/vendor_boot/ramdisk.img.0_extracted/cpio_tree/first_stage_ramdisk/system/etc/fstab.zuma
   --- stock/vendor_boot/ramdisk.img.0_extracted/cpio_tree/first_stage_ramdisk/system/etc/fstab.zuma    2024-02-16 16:54:00.056172198 -0500
   +++ 15/stock/vendor_boot/ramdisk.img.0_extracted/cpio_tree/first_stage_ramdisk/system/etc/fstab.zuma 2024-02-16 16:53:52.432162811 -0500
   @@ -7,11 +7,11 @@
   system                                                   /system                     ext4    noatime,ro                       wait,slotselect,avb=vbmeta_system,logical,first_stage_mount,readahead_size_kb=128
   # During compliance testing, the previous line would fail (because GSI is ext4), and the next line would be used to mount GSI.
   system                                                   /system                     ext4    noatime,ro                       wait,slotselect,avb=vbmeta_system,logical,first_stage_mount,readahead_size_kb=128
   -system_dlkm                                              /system_dlkm                ext4    noatime,ro                       wait,slotselect,avb=vbmeta_system,logical,first_stage_mount,readahead_size_kb=128
   +system_dlkm                                              /system_dlkm                ext4    noatime,ro                       wait,slotselect,avb=vbmeta_system,avb_keys=no_such_key,logical,first_stage_mount,readahead_size_kb=128
   system_ext                                               /system_ext                 ext4    noatime,ro                       wait,slotselect,avb=vbmeta_system,logical,first_stage_mount,readahead_size_kb=128
   product                                                  /product                    ext4    noatime,ro                       wait,slotselect,avb=vbmeta_system,logical,first_stage_mount,readahead_size_kb=128
   vendor                                                   /vendor                     ext4    noatime,ro                       wait,slotselect,avb=vbmeta_vendor,logical,first_stage_mount,readahead_size_kb=128
   -vendor_dlkm                                              /vendor_dlkm                ext4    noatime,ro                       wait,slotselect,avb=vbmeta,logical,first_stage_mount
   +vendor_dlkm                                              /vendor_dlkm                ext4    noatime,ro                       wait,slotselect,avb=vbmeta,avb_keys=no_such_key,logical,first_stage_mount
   /dev/block/platform/13200000.ufs/by-name/boot            /boot                       emmc    defaults                 slotselect,avb=boot,first_stage_mount
   /dev/block/platform/13200000.ufs/by-name/init_boot       /init_boot                  emmc    defaults                 slotselect,avb=init_boot,first_stage_mount
   /dev/block/platform/13200000.ufs/by-name/efs             /mnt/vendor/efs             f2fs    noatime,sync             wait,check,formattable

   I haven't investigated what this does, but it shouldn't affect avbroot anyway since we don't modify those partitions.

3. /system/etc/security/cacerts_google no longer exists.

   AOSP commit: https://android.googlesource.com/platform/system/update_engine/+/03c7be5f6096f19784af13d275f4f13f88fd4dd0%5E%21/

   This will affect Custota users who use self-signed CA certificates. Custota's module installation script will need Android 15-specific logic.

[chenxiaolong]

Turns out these changes are already present in Android 14 QPR2 release from yesterday.