Directory support for img_from_target_files was dropped in aosp/1095755.
Test: Create & boot a merged build.
Change-Id: Ib976ea60a24c2f172c597130d6bcce25199a93b3
This CL additionally removes boot/dtbo/modem/vbmeta_* images out of
secondary payload. We essentially only keep system_other.img and
bootloader images there.
For Pixel devices, this additionally saves ~80MiB (mostly because of
the removal of boot and radio images).
Bug: 140771390
Test: ota_from_target_files \
--include_secondary --skip_postinstall \
-i input-target_files-1.zip \
input-target_files-2.zip \
output-ota.zip
Test: python -m unittest test_ota_from_target_files
Change-Id: If47b27c52b3547a4cc86223a988c53960bc6af40
The commit in d14b895665
(https://android-review.googlesource.com/c/platform/build/+/728287)
changed partition layout, to always build the root dir into system.img,
even for devices not using system-as-root (i.e. the ones with separate
boot ramdisk).
With the new layout, there will be two root dirs for non-system-as-root
targets during the boot. If such a device uses Verified Boot 1.0,
/verity_key needs to be available in both roots, to establish the chain
of trust.
- bootloader uses the baked-in key to verify boot.img; it then loads
the ramdisk from the verified boot.img
- First stage init uses /verity_key (in ramdisk) to verify and mount
system.img at /system, then chroot's to it
- Second stage init uses /verity_key (in system.img) to verify and
mount other partitions
This CL adds rules to additionally install verity_key into ramdisk for
such targets.
Bug: 139770257
Test: Set up a target to use non-system-as-root
(BOARD_BUILD_SYSTEM_ROOT_IMAGE != true). `m dist`.
Test: Check that both ROOT/verity_key and BOOT/RAMDISK/verity_key exist
in the built target_files.zip.
Test: Run validate_target_files to validate the above target_files.zip.
$ validate_target_files \
--verity_key_mincrypt /path/to/verity_key \
target_files.zip
Test: Run sign_target_files_apks to sign the above target. Re-run
validate_target_files on the signed target_files.zip.
Test: python -m unittest test_validate_target_files
Change-Id: Ibe7e771c8c376429add85851ac86055564765d3c
The original script always tries to extract from index
0 even if header is found in positive indices. Fix that.
Also, continue to try other positions if previous run failed.
Test: builds
Bug: 139348603
Change-Id: Ia54fc709de9ae587fc64b59d94a1fa4ae669c14f
We used to carry the full OTA for vendor and product partitions when
generating the secondary payload. Since they are not actually used, we
can remove them to reduce the size of factory OTA packages. For example,
the size for a sargo package reduces from 454M to 283M after the change.
Bug: 140771390
Test: generate and apply a second payload on Pixel
Change-Id: I091dc07db8c345b182d9f5dd8d48f5c209245641
If the "--all-partitions" argument is empty, the system fs_config should
be generated with all partitions emitted.
Fixes: 8453f02c (fs_config: Fix cases without vendor/oem partition)
Change-Id: I058cfd1c8e665b40757998e773c35e26465bf58a
Signed-off-by: dianlujitao <dianlujitao@lineageos.org>
'required' only works on python_binary_host.
Test: modify checkvintf source code, build ota_from_target_files
Change-Id: Ieac68b39b1ccabae679a1679f184cb3aeaaeefb6
We have added the flag to disable on device fec computation in
brillo_update_payload. Exposed it in ota_from_target_files as well.
Bug: 139723500
Test: generate an incremental package with the new flag
Change-Id: I683e3ec7791963a3c7e141ecb4e5a3fb53fe2108
Test: Build the following targets and check the built image archive.
bonito-userdebug (contains flashable images);
cf_x86_phone-userdebug (contains super.img);
aosp_arm64-eng (contains VerifiedBootParams.textproto)
Test: m -j otatools-package; Check that zip2zip is included; Use
bin/img_from_target_files to generate image archive.
Change-Id: I9f28765bd702849f0df309faebd6aa3072920536
* changes:
merge_target_files: Checks VINTF metadata of resulting target files
Check VINTF compatibility at OTA generation time.
releasetools: add tests for check_target_files_vintf
Add a script to check VINTF compat of target files package.
Instead of relying on META/{system,vendor}_{manifest,matrix}.xml
and blindly copy compatibility.zip from target files package to
OTA package, do a static check on the input target files package
before generating the OTA package.
META/{system,vendor}_{manifest,matrix} does not contain ODM manifest
fragments, which is incorrect.
Also, the on-device check of compatibility.zip uses a old libvintf
binary on the device, which may not understand the incoming VINTF
metadata. This change removes the on-device check. Hence, it removes
the requirement of forwards compatibility of libvintf.
This behavior can be skipped with --skip-compatibility-check.
Test: build OTA package
Bug: 139300422
Bug: 131425279
Change-Id: I7fb93be9eb73f578fc05a182c6c9d1f073db2800
Instead of checking META/{system,vendor}_{manifest,matrix}.xml (which
is error-prone because ODM SKU-specific manifests are not checked),
this script read the target files package, remaps its directory
structure so that checkvintf understands it, and check VINTF
compatibility.
Also, put it in otatools.zip.
Test: run it on an extracted target files package
Bug: 131425279
Change-Id: I06036f9a8d7242d4bc11524028be40e780c508e8
avb_*_key_path are usually relative file paths. If these files cannot be
located from the current directory, try prepending OPTIONS.search_path.
Bug: 139836256
Test: python -m unittest test_common
Test: python -m unittest test_add_img_to_target_files
Change-Id: I020b257f458a1f5762691d0499feaf4027e37126
The avb_pubkey may not be present, if the apex was initially
unsigned or generated from a bundle. In this case, running
sign_apex to generate a signed apex binary would result in an error.
This fix checks for presense of avbpubkey before attempting the
deletion
BUG: 139994107
Change-Id: I3cb2e88a11ad8797e38ba5fb98c96a4ec4135fc8
Currently only the system and vendor partitions are updated in the
generic block based OTA generation script. Since the product partition
is quite large and consist most of APK files, it would be beneficial to
update it similar to system. Handle the odm and system_ext partitions in
the same way as well.
Bug: 132683080
Test: Run unit tests, generate full and incremental OTA with product partitions.
Change-Id: I13478cf9bd32137c6729b8c9cb102080147093f2
This is needed when including prebuilt images that do not need to be
regenerated. Otherwise the script will exit upon detecting an existing
IMAGES/ directory.
Test: test_merge_target_files
Bug: 139111475
Change-Id: I55d82bd7dc4fa5f27bc01e481362e79fecc200ff
This CL adds the building rules for the following tools:
- add_img_to_target_files
- check_ota_package_signature
- check_target_files_signatures
- img_from_target_files
- merge_target_files
- ota_package_parser
- sign_apex
- sign_target_files_apks
- validate_target_files
Bug: 63866463
Test: mmma -j build/make/tools/releasetools
Test: Run each tool above to ensure there's no missing dependency (in
the exercised code path).
Change-Id: Ide5b9775939ed02c822109cbcf4224000d5472df
