A new flag tells that the resulting file size should be aligned as well.
For example, signapk -a 4096 --align-file-size ... generates the output
file of 4K-aligned sized.
Bug: 192991318
Test: check built APEX file size.
APEX files should be sized as 4K-aligned.
Change-Id: I1c287e7219b4551bbb3e5957bdb64d80adfd3c39
During signing, we write the entry directly to the output zip, intead
of a temp directory. Add the logic to write vbmeta_digest.txt to output
zipfile too. So the digest file will show up in the signed target files.
Bug: 189926233
Test: add_img_to_target_files -a <target-files.zip>
Change-Id: Ibf28a8f97512bda8c8c695e06190e1fb6573c53e
fs_config requires the information from the header files in
system/core and bionic/libc. To build the vendor side fs_config,
use the header files in the vendor snashot if the required version
exists.
Bug: 187222756
Test: check ninja depedency with and without snasphots.
Change-Id: Ibf96eab4d9a129745be1a19b2aa2e4c8f57cf6bf
1. system_ext or product may not be a standalone partition,
2. keep symbolic links in vendor image,
3. target-files package may not contain IMAGES folder.
Bug: 192422274
Change-Id: I77867408cc764abb975319a23c387ec63fcf87c3
This allows merged devices to boot using a precompiled_sepolicy built
from merged sources, rather than recompiling this sepolicy at boot
time every boot.
Bug: 178727214
Test: Merge an R+S build using --rebuild-sepolicy and --vendor-otatools.
Observe odm.img is rebuilt by the vendor otatools.zip
when merging.
Observe device boots using ODM's precompiled_sepolicy file.
Test: Same as above, for S+S.
Test: Merge an S+S build using --rebuild-sepolicy and *not*
--vendor-otatools.
Observe odm.img is rebuilt without using a separate otatools.zip.
Observe device boots using ODM's precompiled_sepolicy file.
Change-Id: I9595b8a3296d6deec21db8f0c9bc5b7ec4debd57
This prop is owned by OEM, OEM can set this if they want to disable
VABC.
Test: m dist, make sure generated OTA has VABC disabled
Bug: 185400304
Change-Id: Iceb2fb1f399d38a51722352a86ddf68af05fa24e
Today, the signing script simply ignores capex files, because it
looks for hardcoded '.apex' suffix. Add support to handle capex
as well.
Bug: 190574334
Test: Sign a target file locally
Change-Id: I3085ca7b0396a4fbf1b220f7de44d4eafb60c3d8
So updaters can streaming download the file, and query the apex info
inside the file.
Bug: 190244686
Test: generate an OTA package, check the streaming property
Change-Id: I17078d3f8d60ca53c6afe82f74b232e2fb242467
We have already logged the compressed apexes in the target-files.
Because we want to support the apex metrics during OTA update, also
include the uncompressed apexes in the META/apex_info.pb.
For incremental OTA packages, include the source apex version for
each apex package as well.
Bug: 190244686
Test: unit test
Change-Id: I5cf2647c56c4feb5517f9a81aa1e9abc52515bf1
When generating a partial OTA, filter care_map.pb to include only the
partial partitions, then generate OTA.
Test: Generate a partial OTA, make sure care map is included.
Change-Id: I0eaa12772eb1d06a57451e64f70689d3183f0115
This option is to reduce system partition size.
Bug: 171942852
Signed-off-by: Jaegeuk Kim <jaegeuk@google.com>
Change-Id: Idc849cfce33ac0badb2b9b7953bb821c46a24472
Devices using GKI architecture will use a prebuilt boot.img.
However, we should still sign this prebuilt boot.img with
device-specific AVB keys.
Steps to test the CL.
1. In a device BoardConfig.mk:
# Uses a prebuilt boot.img
TARGET_NO_KERNEL := true
BOARD_PREBUILT_BOOTIMAGE := device/google/redbull/boot.img
# Enable chained vbmeta for the boot image.
# The following can be absent, where the hash descriptor of the
# 'boot' partition will be stored then signed in vbmeta.img instead.
BOARD_AVB_BOOT_KEY_PATH := external/avb/test/data/testkey_rsa4096.pem
BOARD_AVB_BOOT_ALGORITHM := SHA256_RSA4096
BOARD_AVB_BOOT_ROLLBACK_INDEX := $(PLATFORM_SECURITY_PATCH_TIMESTAMP)
BOARD_AVB_BOOT_ROLLBACK_INDEX_LOCATION := 2
2. `make bootimage`, then `avbtool info_image --image $OUT/boot.img`,
checks the image is re-signed with a device-specific key
3. `make dist` to generate out/dist/TF.zip
4. `unzip out/dist/TF.zip IMAGES/boot.img`
5. `avbtool info_image --image out/dist/IMAGES/boot.img`,
checks the image is re-signed with a device-specific key
6. `sign_target_files_apks \
--avb_boot_key=external/avb/test/data/testkey_rsa8192.pem \
--avb_boot_algorithm=SHA256_RSA8192 \
--avb_boot_extra_args="--prop test:sign" \
./out/dist/*-target_files-eng.*.zip signed.zip`, resign the TF.zip
7. `unzip signed.zip IMAGES/boot.img`, then use `avbtool info_image` to
check the boot.img is re-signed with the --avb_boot_key in step 6.
Bug: 188485657
Test: above steps
Change-Id: I7ee8b3ffe6a86aaca34bbb7a8898a97b3f8bd801
Test: th
Test: Manual OTA test on bramble, pause/resume multiple times
Test: verity enabled, VABC enabled OTA
Test: verity enabled, VABC disabled OTA
Test: verity disabled, VABC enabled OTA
Test: verity disabled, VABC disabled OTA
Change-Id: Ia236984b158761f84f54ab7a6d3d49491c249546
For VAB launched device, factory OTA will write system_other
partition to the super image. So we want to check that
sum(dynamic partitions) + system_other + overhead <= super at
build time.
Since we don't know the overhead at build time, we might instead
check sum(all partitions) < super.
Bug: 185809374
Test: m check-all-partition-sizes, unittests
Change-Id: Ia7ba5999d23924a1927e9a9463856a4d0ea90c20
build_image adds additional parameters (uuid, hash_seed) if
prop_dict["ext_mkuserimg"] is set to "mkuserimg_mke2fs".
The comparison does not take paths into consideration, so passing a
full path to mkuserimg_mke2fs would cause the parameters to not
be included.
This is currently not an issue for aosp builds, but could cause problems
for customized build systems.
Bug: 187742822
Test: Manual, using vendor build system, also executed 'm droid'
Change-Id: I7a8973dd0c4d8a39aea5aafcfe1aa69750fb1449
If the build prop ro.build.id isn't set at build time, init will
set it at runtime. The logic is appending the vbmeta digest to
the ro.build.legacy.id.
Make the same change in ota scripts, so the correct build fingerprint
will be saved in the ota metadata.
Bug: 186786987
Test: generate an OTA, check the metadata
Change-Id: I278f59c41c1f98d4cbea749e5d9e4eaf7a6b9565
Commit I8bd8ad3acf324931b47d45fd30bc590206b1927e adds a default
value of "gki_signing_signature_args" in the misc_info.txt for
release signing to work. However, it's better to replace the default
value entirely (e.g., --prop foo:bar) as there is no need to include
them in the final release-signed image.
Bug: 178559811
Bug: 177862434
Test: atest releasetools_test
Test: atest releasetools_py3_test
Change-Id: I060b5a7076ff3e5d883abeb7d72f3db887c9fd69
