sm8450-common: Build disabled VBMeta image

Partitions that use vbmeta_system can be found by looking at
avb flag in fstab from boot ramdisk.

--flags 2 makes the verification function of avb always return a
positive result.

--set_hashtree_disabled_flag builds the vbmeta images with the
HASHTREE_DISABLED bit set and as a result they don't need to manually
disable dm-verity via e.g. 'adb disable-verity'.

The rest of the configuration is taken from
https://source.android.com/devices/tech/ota/dynamic_partitions/implement#avb-configuration-changes

Change-Id: I381feef8f6fefc8449ca50d85d704b67bcc8a77e

BoardConfigCommon.mk

@@ -78,3 +78,13 @@ TARGET_COPY_OUT_VENDOR_DLKM := vendor_dlkm
 # Platform
 BOARD_USES_QCOM_HARDWARE := true
 TARGET_BOARD_PLATFORM := taro
+
+# Verified Boot
+BOARD_AVB_ENABLE := true
+BOARD_AVB_MAKE_VBMETA_IMAGE_ARGS += --set_hashtree_disabled_flag
+BOARD_AVB_MAKE_VBMETA_IMAGE_ARGS += --flags 2
+BOARD_AVB_VBMETA_SYSTEM := system product
+BOARD_AVB_VBMETA_SYSTEM_KEY_PATH := external/avb/test/data/testkey_rsa2048.pem
+BOARD_AVB_VBMETA_SYSTEM_ALGORITHM := SHA256_RSA2048
+BOARD_AVB_VBMETA_SYSTEM_ROLLBACK_INDEX := $(PLATFORM_SECURITY_PATCH_TIMESTAMP)
+BOARD_AVB_VBMETA_SYSTEM_ROLLBACK_INDEX_LOCATION := 1