Currently, the keyblock was being generated using
data_key.vbprivk. However, we need to use kernel_subkey.vbprivk for
kernel keyblock generation. This did not create any issues until now
because dev-mode just throws a message saying that keyblock is
invalid. But, normal-mode does not boot if keyblock is
invalid. Add extra parameter for passing in kernel subkey to
vboot_signer script.
TEST="make bootimage-nodeps" generates correctly signed
boot.img. Verified that the image boots fine in normal mode.
Change-Id: I0fc2183b466e34ddf1d98c9532072548504fcec4
Signed-off-by: Furquan Shaikh <furquan@google.com>
If system image contains the root directory
(BOARD_BUILD_SYSTEM_ROOT_IMAGE == "true"), we package the root directory
into ROOT/ instead of BOOT/RAMDISK/ in the target_files zip.
Change-Id: I817776ca97194991308b2131d0e34ab136283464
Change all uses of the file_contexts file to use the
file_contexts.bin file instead.
Depends on
I75a781100082c23536f70ce3603f7de42408b5ba
I43806d564b83d57f05f5c36c8eba7b1ff4831b04
Id560d093440a2aba99cef28c20133b35feebf950
I15660f4b3e4c5cb8ae0ec1498c74d6fcbb9a0400
Change-Id: Iaf8c4b2e420f610425a07f48db7af32bda3f5b3a
Signed-off-by: Stephen Smalley <sds@tycho.nsa.gov>
Now that symlinks are created at build time, the rsync while
making recovery runs into issues around the etc symlink
Change-Id: Ie781507b22e4661629840075b274eaab2f712de6
For system images that contain the root directory, "adb shell" in
recovery stops working if the image is mounted at "/system", because
sh now locates at /system/system/bin/sh. We fix the issue by mounting
the image on /system_root and create a symlink to /system_root/system
for /system.
Bug: 22855115
Change-Id: Ia6b257b75aeb67687c3909063d1725a23a5ccd60
If BOARD_USES_FULL_RECOVERY_IMAGE == true, a full copy of recovery
image will be carried as /system/etc/recovery.img instead of a patch
at /system/recovery_from_boot.p.
Bug: 22641135
Change-Id: Ie271d3e2d55d7b003f667ac5b44203d69b23c63b
(cherry picked from commit 8beab69bd5)
Using $(BUILD_NUMBER) inside a rule causes odd behavior, as the rule
is different every time make is run, but since make doesn't depend
on the command line it only ends up being built with the new value
if some other dependency has changed.
To allow ninja, which does depend on the command line, to provide the
same behavior, store the build number in out/build_number.txt, and
use a shell expansion to cat the file in rules that use it. This will
cause the rule command to stay identical between builds, while still
getting the new build number if the rule is rerun for a dependency.
Also use the same trick for BUILD_FINGERPRINT, and the date in
droiddoc rules.
Change-Id: I6c5e6b6b3ef4c613563d7f5604df0e401575ba5f
angler and bullhead have smaller cache partiton (~100MB) and hit issue
with incremental OTA (such as MDA09B to MDA12) that requires more stash
space with BBOTA v3. Temporarily use v2 as a workaround, until we come
up with a real fix. Note that BBOTA v2 still uses some stash space, but
should be much smaller than v3.
Bug: 22430577
Change-Id: Ic4c05f3609732e7d5140703062da9fe11df5c6d3
file_contexts (specified by SELINUX_FC) is needed both when building
and (re)packaging. We used to use the copy in out/ when building, and
looked for the copy in BOOT/RAMDISK/ when packaging from target_files
zip. With system_root_image enabled, the file_contexts needed for
building and packaging might be different from the one on device. So
we explicitly pack the file as META/file_contexts in target_files zip.
Also refactor out the overriding of selinux_fc property into
common.LoadInfoDict().
Change-Id: I94f9ea6671b3792c12c1c21573840743d63da39a
(cherry picked from commit aa7318c384)
fs_config function from libcutils, in order to properly set the xattr FS
used to define device specific uid, gid, permissions and capabilities,
now needs TARGET_OUT make variable to be passed explicitly to all tools
using it:
fs_config
fs_get_stats used by mktarball.sh
make_ext4fs used by mkuserimg.sh
mksquashfs used by mksquashfsimage.sh
Bug: 21989305
Bug: 22048934
Change-Id: I6caf9cf870882fce2ead93027767092c29b75ded
Signed-off-by: Thierry Strudel <tstrudel@google.com>
Due to the change in https://lwn.net/Articles/546473/, kernel reserves a
few extra blocks (lesser of 2% and 4096 blocks) on ext4 FS which leads to
OTA update failures. Adjust the size computation if the device has
BOARD_HAS_EXT4_RESERVED_BLOCKS := true.
It amends the last attemp in [1]. Now it computes the used blocks from the
make_ext4fs output, instead of altering its argument.
[1]: commit efbb5d2e69.
Bug: 21522719
Bug: 22023465
Bug: 22174684
Change-Id: Iaae6507f6de68a5892f2e3035d330039287b4492
(cherry picked from commit c7a6f1e4f8)
Due to the change in https://lwn.net/Articles/546473/, kernel reserves a
few extra blocks (lesser of 2% and 4096 blocks) on ext4 FS which leads to
OTA update failures. Adjust the size computation if the device has
BOARD_HAS_EXT4_RESERVED_BLOCKS := true.
It amends the last attemp in [1]. Now it computes the used blocks from the
make_ext4fs output, instead of altering its argument.
[1]: commit efbb5d2e69.
Bug: 21522719
Bug: 22023465
Bug: 22174684
Change-Id: I9783a51abe6581ff5c75db81e78ac606d0f32c4c
We should not change the parameter to mkfs_ext4. Bug filed at
b/22174684. Will come up with a new CL.
This reverts commit efbb5d2e69.
Change-Id: I15f7a9a07a65a936ba186d2ce672ec4832ed3e17
Due to the change in https://lwn.net/Articles/546473/, kernel reserves a
few extra blocks (lesser of 2% and 4096 blocks) on ext4 FS which leads to
OTA update failures. Adjust the size computation if the device has
BOARD_HAS_EXT4_RESERVED_BLOCKS := true.
Bug: 21522719
Bug: 22023465
Change-Id: I49f16adbf2dedc5279fbb8622bf99ef71dcc494f
Set the initial (version 1!) value for the preview SDK version
readable by apps. If we're on a release version, force it to be 0.
Change-Id: Ib3e6cad1f59cea8e4a781827d4a35dd3620b90f1
shamu has a 560dpi density, which is between xxhdpi and xxxhdpi. It
deserves the large font (18x32), otherwise it falls back to use the
small one and makes it mostly unreadable under recovery mode. Amend
the list to include 560dpi and 400dpi that are higher than xhdpi.
Ideally we should map string formats back to numbers for easy
comparison (and to handle any high but odd density values).
Change-Id: Ie08d9ce5e1c8850ff30a79bcbfd1b89e971b7e07
With this, you can easily add more executables, jars or shared libraries
to the package. Also now it automatically takes care of
32-bit-v.s.-64-bit library issue.
Change-Id: I5afe00fadc978d0da229b192eca1a4b1c149764e
Allow dm-verity to be enabled without boot and recovery images being
signed. This makes it possible to enable only dm-verity to detect
corruption without confusing bootloaders that do not understand signed
images.
Bug: 19985143
Change-Id: Ie52c6ff595faa7a5c1f1bc1b37f6899c4d0c7001
Add vboot properties to the dictionary file, which will be packed into
the target_files zip. Add support in packaging and OTA scripts to
sign the generated bootable images (boot.img and recovery.img) when
vboot is enabled.
Change-Id: I08758ced03d173219415bca762bbdb66c464a9f5
(cherry picked from commit 5d5a3bd9e8d8b14b71d1b2105417a2958d13d3d2)
Added support to build system.img that combines contents of /system and
the ramdisk, and can be mounted at the root of the file system.
To enable this feature, define BoardConfig.mk variable:
BOARD_BUILD_SYSTEM_ROOT_IMAGE := true
Ideally we would just change TARGET_OUT (the path of the staging system
directory) to under TARGET_ROOT_OUT. But at this point many places in
the build system assume TARGET_OUT is independent of TARGET_ROOT_OUT and
we can't make it easily configurable.
Instead this implementation takes the least intrusive approach:
We don't change TARGET_OUT or TARGET_ROOT_OUT. We just assemble a
temporary staging directory that contains contents of both TARGET_OUT
and TARGET_ROOT_OUT, in build_image.BuildImage() of
tools/releasetools/build_image.py.
When build_image.py is directly called from the makefile, we pass in the
parameters from the global dictionary; when build_image.BuildImage() is
called from add_img_to_target_files.py, we need to override values to
point to files extracted from the target_files zip file.
We need to combine the fs_config files of both /system and ramdisk,
when fs_config is enabled.
Also this change refactored build_image.BuildImage() by moving the extra
parameters to the image property dictionary.
(cherry-picked from commit 0eabd4f2c5)
Bug:19868522
Change-Id: Iafc467a0e3427b0d6ad3b575abcc98ddcc9ea0f1
The change follows the patten found in "Package OTA" and other places
to allow for overriding the mkbootimg command.
Now pass MKBOOTIMG variable to get make_recovery_patch and add_image_to_target
to use the tool set in BOARD_CUSTOM_MKBOOTIMG for boot/recovery image
generation.
Change-Id: I78533c25e87c2750eb24ac1bf39e4b7ca321a441
Added support to build system.img that combines contents of /system and
the ramdisk, and can be mounted at the root of the file system.
To enable this feature, define BoardConfig.mk variable:
BOARD_BUILD_SYSTEM_ROOT_IMAGE := true
Ideally we would just change TARGET_OUT (the path of the staging system
directory) to under TARGET_ROOT_OUT. But at this point many places in
the build system assume TARGET_OUT is independent of TARGET_ROOT_OUT and
we can't make it easily configurable.
Instead this implementation takes the least intrusive approach:
We don't change TARGET_OUT or TARGET_ROOT_OUT. We just assemble a
temporary staging directory that contains contents of both TARGET_OUT
and TARGET_ROOT_OUT, in build_image.BuildImage() of
tools/releasetools/build_image.py.
When build_image.py is directly called from the makefile, we pass in the
parameters from the global dictionary; when build_image.BuildImage() is
called from add_img_to_target_files.py, we need to override values to
point to files extracted from the target_files zip file.
We need to combine the fs_config files of both /system and ramdisk,
when fs_config is enabled.
Also this change refactored build_image.BuildImage() by moving the extra
parameters to the image property dictionary.
Bug:19868522
Change-Id: Iafc467a0e3427b0d6ad3b575abcc98ddcc9ea0f1
Some releasetools python sripts rely on $PATH to search for the
executables. With this change, you don't need to run lunch even after you
change the build system variable OUT_DIR.
Bug: 19320328
Change-Id: Ia44b11084fb1bdcceb60b1d33cb7e460c9b705a8
(cherry picked from commit 9d252e1009)
Add a target to zip up all the otatools and releasetools, for easy
copying to the OTA builder machine.
Change-Id: If14b4afefcc1a20ea19dfca3f3b9f9fae73189a6
(cherry picked from commit f22b0f43ef)
"cp -Rf" fails on Mac OS when some broken symlinks exist in the dest
dir.
Also switch to better shell error handling when copying
init.recovery.*.rc.
Change-Id: Idd05f7604736b234619f62be12dd108fac91fed1
"cp -Rf" fails on Mac OS when some broken symlinks exist in the dest
dir.
Also switch to better shell error handling when copying
init.recovery.*.rc.
Change-Id: Idd05f7604736b234619f62be12dd108fac91fed1
Previously the recovery binary was configured to be installed to the
system.img and then got copied to recovery.img in the recovery.img's
build rule.
With this change, a module, such as the recovery binary, can configure
itself to be installed directly to the recovery.img, just like how other
modules get installed to system.img.
Bug: 19667686
Change-Id: I46b0b4a95cf078a68999db9c0f6635d6a3f5cd86
Add source and target block hashes as parameters to transfer list
commands that copy or patch data to a partition. This allows the
updater to verify the status of each command in the transfer list
and makes resuming block based OTAs possible. Due to the changes,
update the transfer list version to 3.
Needs matching changes from
I1e752464134aeb2d396946348e6041acabe13942
Bug: 18262110
Change-Id: Ia5c56379f570047f10f0aa7373a1025439495c98
(cherry picked from commit cac671a9d1)
Previously the recovery binary was configured to be installed to the
system.img and then got copied to recovery.img in the recovery.img's
build rule.
With this change, a module, such as the recovery binary, can configure
itself to be installed directly to the recovery.img, just like how other
modules get installed to system.img.
Bug: 19667686
Change-Id: I46b0b4a95cf078a68999db9c0f6635d6a3f5cd86
Previously if user has a directory with name dummy in the root of the
source tree, "zip -qd package.apk dummy" fails with:
"zip error: Nothing to do!".
This change mitigates the error.
Change-Id: I642e3bf0378e5b9911a068ecb72f795b3e92f1fe
We don't use EXT2 for bootimage anymore.
This will allow getting rid of external/genext2fs
Bug: 19282953
Change-Id: Ie56528c7877036d2501a09888a4420637f9cd647
Some releasetools python sripts rely on $PATH to search for the
executables. With this change, you don't need to run lunch even after you
change the build system variable OUT_DIR.
Bug: 19320328
Change-Id: Ia44b11084fb1bdcceb60b1d33cb7e460c9b705a8
