To rebuild odex files of Java libraries and apps,
we store the jars/apks without stripping the classes.dex inside the
platform.zip. We also save the build variables that may affect how we
rebuild an odex in pdk_dexpreopt_config.mk in the platform.zip.
We store the files and configuration only for libraries/apps that get
installed to the system.img (or vendor.img).
In PDK fusion build, we auto-generate prebuilt module definitions for
the javalib.jar and package.dex.apk carried in the platform.zip, using
configuration stored in pdk_dexpreopt_config.mk.
With the prebult modules, we override the implicit rule that directly
copies the odex from the platform.zip.
To rebuild odex of javalib.jar, we added support for prebuilt shared Java
library to prebiult_internal.mk. An installable prebuilt Java library is
treated as shared Java library, i.e. with classes.dex in the jar instead
of a set of .class files.
For apks in the platform.zip, we install the stripped version from
platform files inside platform.zip, instead of the package.dex.apk,
using a new variable LOCAL_REPLACE_PREBUILT_APK_INSTALLED. We can't
strip package.dex.apk because we can't re-sign the stripped apk at this
point.
We generate prebuilt module only if it's not already defined in the
source tree.
Bug: 27543283
Change-Id: I9e146f8b713d6f57c397fd28d88c9ab700757ca1
(cherry-pick from commit 3a61eeb6cb)
The following variables are introduced
BOARD_BVB_ENABLE: can be set to true to build boot.img and system.img
files compatible with Brillo Verfied Boot.
BOARD_BVB_ROLLBACK_INDEX: can be set to an integer to use for the
rollback index.
BOARD_BVB_KEY_PATH, BOARD_BVB_ALGORITHM: If set, the former must be a
path to the private key used to sign the boot image and the latter must
be the algorithm to use. If unset, a test-key stored in the tree will
be used.
BOARD_BVB_MAKE_BOOT_IMAGE_ARGS: Extra options to pass to 'bvbtool
make_boot_image'.
BOARD_BVB_SIGN_BOOT_IMAGE_ARGS: Extra options to pass to 'bvbtool
sign_boot_image'.
BOARD_BVB_ADD_IMAGE_HASHES_ARGS: Extra options to pass to 'bvbtool
add_image_hashes'.
BOARD_CUSTOM_BVBTOOL: Can be set to specify what bvbtool program to
use.
The existing BOARD_KERNEL_CMDLINE variable is also used, as are existing
kernel and initrd-related variables. Therefore, simply adding
BOARD_BVB_ENABLE := true
to an existing Makefile should do the trick.
Bug: 26185038
TEST=Added 'BOARD_BVB_ENABLE := true' to hardware/bsp/intel/soc/edison/soc.mk
and built an image and then ran bvbtool's info_boot_image and
info_image_hashes commands on the resulting boot.img and system.img
files and verified that the information was correct. Also ran 'm dist'
and verified that the boot.img and system.img files in the resulting
target_files.zip file had similar information.
Change-Id: I08045ed8b0cbddc7c3acdd3a6f2c4bb75cb44bbc
am: a65b01fc09
* commit 'a65b01fc09b47c83e59dc4757c76eafba1e15cbc':
Remove LOCAL_ACP_UNAVAILABLE
Remove unused dependencies on $(ACP)
Replace some uses of acp with cp
When more than one makefile tries to copy a header to the same
destination, the warning is not clear, and hard to track down and assign
blame:
build/core/copy_headers.mk:15: warning: ignoring old commands for target `out/target/product/bullhead/obj/include/qcom/display/copybit.h'
With this change, the same behavior is kept, but the warning message is
more descriptive, and contains the offending Android.mk files:
build/core/Makefile:54: Duplicate header copy: out/target/product/bullhead/obj/include/qcom/display/copybit.h
build/core/Makefile:54: Defined in: hardware/qcom/display/msm8994/libcopybit/Android.mk hardware/qcom/display/msm8994/libcopybit/Android.mk
In this case, a $(CLEAR_VARS) is missing, so the same Android.mk file is
copying the same headers twice.
Bug: 27302058
Change-Id: Icf8f580ae71a78741db21c1d8f3213424459e637
With the change in [1], delta_generator now needs
libprotobuf-cpp-lite.so instead of libprotobuf-cpp-lite-rtti.so to
generate A/B payloads.
[1] commit ab5bd668f6be600a8cceb8772e426c0aa902a5e1
Bug: 27145830
Change-Id: Ib9a93bf0fbe7fa44fc5fb94668d17fa1a2e07b05
(cherry picked from commit fdd2693b65)
To help early verification of a target_files.zip being uploaded to our
servers, we place the META/ directory first in the .zip file, so checks
against the product_id.txt and product_version.txt don't need to wait
for the whole file to upload.
Note that META/*filesystem_config.txt files are generated and added to
the .zip file at a later point, so they are not included at the
beginning.
Bug: 26806325
TEST=`make dist` and `unzip -l out/dist/edison-target_files-eng.$USER.zip` shows most META/ files first.
Change-Id: I1955645412688f5c7823063ed56606b251daccfd
For non-Brillo devices using AB update, add the payload signing public
key to the system image
(system/etc/update_engine/update-payload-key.pub.pem).
We first need to sign the payload with some private key, and pack it
into an Android OTA package. Then the whole zip package will be signed
again with the device key. This is to comply with the two existing OTA
flows (Android and CrOS).
We use the same device key to do the two signings, but update_engine
expects the key in RSA public key format. This CL extracts the public
key from x509 certificate and adds it to the system image.
Bug: 25715402
Change-Id: I6f6c1148534250ddb6d9e554175c7a35bceda99e
brillo_update_payload and shflags are the scripts to generate A/B OTA
package (payload). Include them into otatools.zip.
brillo_update_payload was already included in previous CL. Move it to
the folder for executables.
Bug: 25715402
Change-Id: Idf9c05767c24c55d058cc30e696f06d4eb5fd53b
The CL in [1] changed to create a symlink to /storage/self/primary for
/sdcard. It breaks the mount of /sdcard under recovery.
[1] commit 595003a3d06a13862052ef2f4f578371dae5ad65
Bug: 26509280
Change-Id: I98d02d54d707c2c8826c5ee119cf1a3ffa0c4bc9
delta_generator computes the OTA package (aka payload) for A/B update.
Also add its dependent libraries into otatools.zip.
Bug: 25715402
Change-Id: Iddf4b9ac188cc4c8bf3f89ce3641d68451632ba1
With BOARD_USES_RECOVERY_AS_BOOT = true, we skip building the
non-ramdisk boot.img but building the recovery image as boot.img. It
contains recovery's ramdisk (e.g. with /sbin/recovery). It depends on
the bootloader parameter (skip_initramfs) to determine the actual mode
to boot into.
Change-Id: Id6e2d0a2b94383944ca8f35bba688c6401745622
(cherry picked from commit d80bef2b9e)
This makes the signapk tool use Conscrypt (where possible) instead of
the platform-default JCA providers and the Bouncy Castle JCA provider.
This speeds up (by 10-30%) APK and OTA update signing because
Conscrypt's crypto primitives are backed by BoringSSL.
Previously, the signapk tool consisted only of the signapk.jar.
Because Conscrypt is backed by native code, signapk now consists of
signapk.jar and crypto_openjdk_jni shared library. This requires that
users of the tool be updated to provide a suitable -Djava.library.path
argument to the Java runtime. This change updates all known users of
the tool inside the Android source tree to do so.
Bug: 26097626
Change-Id: I8411b37d7f771ed99269751a3007dff103083552
libext2_uuid_host was renamed to libext2_uuid-host to match the
"-host" suffix used in most libraries.
Bug: 24619596
TEST=make dist
Change-Id: Ic5faccb4d5fdbbf3d3bba6f4a35cf99d4961bb54
the value of USER is dependent from the compilation environment,so
when compiling one same device project, the BUILD_FINGERPRINT may
exceed 91 characters because ${USER} is long, but with short ${USER}
the compilation can pass.
Signed-off-by: wei qiao <qiaowei224@gmail.com>
Change-Id: Ia0f7dfa9cf7d605f1f2603f70dd0e6877482eb8a
Set ro.build.ab_update if AB_OTA_UPDATER is true. Device will depend on
this property to call the proper update API.
Change-Id: I5916ef5b30ea3351d323382f7ce83a17df2b0a70
For system images that contain the root directory, "adb shell" in
recovery stops working if the image is mounted at "/system", because
sh now locates at /system/system/bin/sh. We fix the issue by mounting
the image on /system_root and create a symlink to /system_root/system
for /system.
Bug: 22855115
Change-Id: Ia6b257b75aeb67687c3909063d1725a23a5ccd60
If system image contains the root directory
(BOARD_BUILD_SYSTEM_ROOT_IMAGE == "true"), we package the root directory
into ROOT/ instead of BOOT/RAMDISK/ in the target_files zip.
Change-Id: I817776ca97194991308b2131d0e34ab136283464
If BOARD_USES_FULL_RECOVERY_IMAGE == true, a full copy of recovery
image will be carried as /system/etc/recovery.img instead of a patch
at /system/recovery_from_boot.p.
Bug: 22641135
Change-Id: Ie271d3e2d55d7b003f667ac5b44203d69b23c63b
(cherry picked from commit 8beab69bd5)
Now that symlinks are created at build time, the rsync while
making recovery runs into issues around the etc symlink
Change-Id: Ie781507b22e4661629840075b274eaab2f712de6
