Defer edge creation.
Don't create edges until the count is known to avoid repeated allocate+
copy operatios.
Limit resolutions.
Allow only a single resolution condition set per target, and overwrite
intermediate results. Reduces memory and obviates allocations.
Propagate fewer conditions.
Instead of propagating notice conditions to parents in graph during
initial resolve, leave them on leaf node, and attach to ancestors in
the final walk. Reduces copies.
Parallelize resolutions.
Use goroutines, mutexes, and waitgroups to resolve branches of the
graph in parallel. Makes better use of available cores.
Don't accumulate resolutions inside non-containers.
During the final resolution walk, only attach actions to ancestors from
the root down until the 1st non-aggregate. Prevents an explosion of
copies in the lower levels of the graph.
Drop origin for scale.
Tracking the origin of every potential origin for every restricted
condition does not scale. By dropping origin, propagating from top
to bottom can prune many redundant paths avoiding an exponential
explosion.
Conditions as bitmask.
Use bit masks for license conditions and condition sets. Reduces maps
and allocations.
Bug: 68860345
Bug: 151177513
Bug: 151953481
Test: m all
Test: m systemlicense
Test: m listshare; out/soong/host/linux-x86/bin/listshare ...
Test: m checkshare; out/soong/host/linux-x86/bin/checkshare ...
Test: m dumpgraph; out/soong/host/linux-x86/dumpgraph ...
Test: m dumpresolutions; out/soong/host/linux-x86/dumpresolutions ...
where ... is the path to the .meta_lic file for the system image. In my
case if
$ export PRODUCT=$(realpath $ANDROID_PRODUCT_OUT --relative-to=$PWD)
... can be expressed as:
${PRODUCT}/gen/META/lic_intermediates/${PRODUCT}/system.img.meta_lic
Change-Id: Ia2ec1b818de6122c239fbd0824754f1d65daffd3
Using struct{}{} as the payload for set maps reduces memory use for
large sets.
Bug: 68860345
Bug: 151177513
Bug: 151953481
Test: m all
Test: m systemlicense
Test: m listshare; out/soong/host/linux-x86/bin/listshare ...
Test: m checkshare; out/soong/host/linux-x86/bin/checkshare ...
Test: m dumpgraph; out/soong/host/linux-x86/dumpgraph ...
Test: m dumpresolutions; out/soong/host/linux-x86/dumpresolutions ...
where ... is the path to the .meta_lic file for the system image. In my
case if
$ export PRODUCT=$(realpath $ANDROID_PRODUCT_OUT --relative-to=$PWD)
... can be expressed as:
${PRODUCT}/gen/META/lic_intermediates/${PRODUCT}/system.img.meta_lic
Change-Id: Ibc831ae80fc50f35e1000348fb28fc0167d0ebed
Use annotation slices looked up from map instead of read from disk to
reduce copies.
Bug: 68860345
Bug: 151177513
Bug: 151953481
Test: m all
Test: m systemlicense
Test: m listshare; out/soong/host/linux-x86/bin/listshare ...
Test: m checkshare; out/soong/host/linux-x86/bin/checkshare ...
Test: m dumpgraph; out/soong/host/linux-x86/dumpgraph ...
Test: m dumpresolutions; out/soong/host/linux-x86/dumpresolutions ...
where ... is the path to the .meta_lic file for the system image. In my
case if
$ export PRODUCT=$(realpath $ANDROID_PRODUCT_OUT --relative-to=$PWD)
... can be expressed as:
${PRODUCT}/gen/META/lic_intermediates/${PRODUCT}/system.img.meta_lic
Change-Id: Ibf6f7d319092e0d54ab451ffbbd35dcd7d0080e0
win_sdk is deprecated, if given on the command line
sdk will be build instead.
Bug: 212724080
Test: Presubmits
Change-Id: Ib3bd51923142b00100b49585ad88bc1292da2463
Right now if PRODUCT_EXPORT_BOOT_IMAGE_TO_DIST is given,
$ m dist bootimage
would copy boot*.img to the dist dir.
After this change, both
$ m dist # droidcore
$ m dist bootimage
would copy boot*.img to the dist dir, the difference is that the latter
builds & copies *only* the boot images.
Bug: 212486689
Test: m dist bootimage
Test: m dist => boot*.img are copied to dist dir
Change-Id: I1c714ce5d75eba93e32078b1ac291a181b05405a
New scheme is to certify kernel & ramdisk image separately, and
effectively decouple kernel & user space ramdisk image.
Under the new scheme, the --os_version and --os_patch_level boot header
field must be empty in order to maintain consistency.
Instead, these values must be in the vbmeta hash descriptor and
GKI certificate.
The new scheme also validates the image metadata, including the security
patch level.
The 'generic_kernel' certificate is associated with the 'boot' partition
and 'generic_ramdisk' certificate with 'init_boot' partition.
The 'generic_ramdisk' certificate may be packed into the 'boot' image if
product configuration doesn't have 'init_boot' image, this is only for
testing purposes and would be removed eventually.
Bug: 210367929
Bug: 211741246
Bug: 203698939
Test: unpack_bootimg --boot_img boot.img
Test: unpack_bootimg --boot_img init_boot.img
Test: avbtool info_image --image out/boot_signature
Change-Id: Iaf48a6e3d4b97fa6bfb5e1635a288b045baa248f
gsi_keys.mk has been removed on commit
I3714de75b94be43a1364b89b92d893b336aa014b. Removing it from
the OWNERS file and adds developer_gsi_keys.mk.
Bug: 176869478
Test: presubmit
Change-Id: I2eeee65a244c4987f217f004ec47a0b6dca9b564
This file will be used by OTA generator to compress generated patches.
We need the host copy of LZ4 to ensure that compressed bytes matches
what the device would get if the compression were to be done on device.
For more details see go/lz4diff
Bug: 206729162
Test: m dist
Change-Id: I9c4ab772b001bf47da75cb87b028a1f27e2321a8
sign_target_files_apks demands it.
Bug: 213823227
Test: run com.google.android.tradefed.ota.SigningToolTest#Testcase1_Signingtest
Change-Id: I1bba2b25a71449a57d284024e77fb76d1b79a0ee
Else the branch condition would always evaluate to true, making the
other branch useless and wrong!
Bug: 211741246
Test: m dist
Change-Id: I4791712632cbe0d5a9e20962c8425dd20bbe0bfd
Thin manifests (e.g. master-art) may not have the aapt2 sources and
instead relies on the prebuilt in prebuilts/sdk/tools/linux/bin. In
that case there's no aapt2 in the search path, so it needs to be
specified.
Test: Heavy presubmit build on mainline_modules_bundles on git_master
Test: vendor/google/modules/ArtGoogle/build-art-module.sh
with http://ag/16584845 on git_master-art, where only the prebuilt
aapt2 is present
Bug: 212462945
Change-Id: I41a22e8146f5a88534c2721345b4d9d64f76698c
For system/framework, it now also includes *.jar.prof (needed by
odrefresh), *.vdex and <arch>/*.{odex,art} (for future-proof).
system/etc/classpaths/*.pb are also added so that we can run
derive_classpath to collect from.
system/etc/updatable-bcp-packages.txt is removed because it's no longer
used by ART.
Bug: 206869687
Test: see new files in `unzip -p $OUT/system/etc/security/fsverity/ \
BuildManifest.apk assets/build_manifest.pb`
Change-Id: Id759f5caec8ba683af8629956b9268a4fbd74186
This variable can be set instead of TARGET_RECOVERY_FSTAB
in order to specify a generated fstab file.
Bug: 201700692
Test: Presubmits
Change-Id: If0fae81ec53915e9ed4bab2e8b1a9f8376894537
Otheriwse, the build complains about missing files when
PRODUCT_SYSTEM_FSVERITY_GENERATE_METADATA is enabled (aosp/1937717).
Bug: 206326351
Test: clobber, set PRODUCT_SYSTEM_FSVERITY_GENERATE_METADATA := true, build
Change-Id: I11d18914d63cab0b84ae711f2334747cb26ca234
Normally this has no effect, but when we generate metadata for small
files (<=4KB), merkle tree isn't generated. In such case, writing zero
will make the metadata format simpler and unconditional.
Test: manual
Change-Id: Ibe18175b580af3409c896a8bb97323792ad9c459
build_image.py has been handling fsverity metadata generation in the
packing step, but it can cause issues because the metadata files are
missing in the $OUT directory, and they only exist in result system.img.
This change moves the generation logic into Makefile, and makes the
metadata tracked by ninja graph.
Bug: 206326351
Test: PRODUCT_SYSTEM_FSVERITY_GENERATE_METADATA := true and build
Change-Id: I1f910d8ac6e2cc3c54f35916871733c632f18e44
releasetools preconditions requires build metadata defined in
SYSTEM/build.prop even when building a system.img-less product.
Copy the SYSTEM/build.prop into the build artifact archive whenever
possible to make add_img_to_target_files happy.
Bug: 212486689
Bug: 213028932
Test: Dist build a system.img-less product. Product properties are
read from SYSTEM/build.prop and no build error occurred.
Change-Id: I2ce7f8b8ae981eaf06e2d8d2485b55b4e975caa9
Previously a manifest file would be generated for static_java_library.mk
and package_internal.mk. For pacakge_internal.mk, this would cause
cryptic errors like b/188612215#2
With this CL, a manifest file would only be generated for java_library
with need_compile_res == true. The advantages are
1. No redundant generation for java_library with need_compile_res == false
(i.e. modules that do not require aapt2)
2. Force devs to provide manifest for android_app, and not silently
generating one for them
Bug: 188652897
Test: TH
Test: m nothing in tv-dev, car-dev
Change-Id: I69a23e373f1b4ac1569ae5b1d36067bfc0dadc05
If init_boot.img is present, the GKI boot-*.img should
not include the ramdisk because the ramdisk will be packed
into the init_boot.img instead.
The "has_ramdisk" flag incorrectly checks the condition of:
prebuilt_name != "boot.img" to see if it is a boot.img.
Because "has_ramdisk" was added before we packed multiple
GKI boot-*.img, e.g., boot-5.10.img, boot-5.10-lz4.img, etc.,
into the target files.
Fix this by checking the partition_name is "boot" or not.
Also moving the logic into a new function with comments for each
condition.
Bug: 203698939
Bug: 213028932
Test: sign_target_files_apks \
--gki_signing_key=external/avb/test/data/testkey_rsa4096.pem \
--gki_signing_algorithm=SHA256_RSA4096 \
./out/dist/*-target_files-eng.*.zip signed.zip, then
unpack_bootimg to checks the signed boot-*.img has no ramdisk
Change-Id: I5354669feb54d547dbe797e51b1b1baa187cb7cf
