Products can define PRODUCT_VIRTUAL_AB_COMPRESSION_METHOD
to specify the compression algorithm they prefer, or "none"
for no compression at all.
Test: th
Change-Id: I4fa27bd2c87b8f46c51023168d079e9b47ce2924
Avoid the name as it is currently confusing given that we're not
actually building the image.
Bug: 216975821
Test: -
Change-Id: Ifac7047e72f590d6acb3997efa20f5f348e39491
The post-build signing step expects to find a version code in every
APK, add the version code and version name.
Bug: 216584708
Test: manual
Change-Id: Ic43730df50ef32611d5b4159b46c8bbf9906e009
Add support to copy built system_dlkm to IMAGES;
or prebuilt image to PREBUILD_IMAGES for release
tools to pick up for the dist zip.
Bug: 200082547
Test: Manual builds:
1. Set BOARD_USES_SYSTEM_DLKM_PARTITION
2. Set BOARD_PREBUILT_SYSTEM_DLKM_IMAGE to external image
- Check "m" builds the system_dlkm.img in both cases;
and drops image at out/target/product/vsoc_x86_64/
- Check that "m dist" can find the image in
$(zip_root)/IMAGES and $(zip_root)/PREBUILT_IMAGES
Test: launch_cvd && atest vts_system_dlkm_partition_test
Signed-off-by: Ramji Jiyani <ramjiyani@google.com>
Change-Id: I77dfcc51746fd97cb205aa9c139a08f5cdf3d9ea
$(MKFSEROFS) -> $(MKEROFS) in target dependency
for INSTALLED_SYSTEM_DLKM_IMAGE_TARGET in case
when AVB is not enabled.
Bug: 200082547
Test: TH
Test: atest vts_system_dlkm_partition_test
Fixes: 1065523a5e ("Add support to build system_dlkm.img")
Signed-off-by: Ramji Jiyani <ramjiyani@google.com>
Change-Id: I03a4463b1fa01b95e706d623aa8a3888e37488d6
There are 2 choices to build system_dlkm.img for
the system_dlkm partition for Android T launch
devices and must choose one.
1. Use kernel prebuilt system_dlkm.img
- BOARD_PREBUILT_SYSTEM_DLKM_IMAGE to point image
2. Build from kernel prebuilt system_dlkm_staging
- PRODUCT_BUILD_SYSTEM_DLKM_IMAGE
Both requires: BOARD_SYSTEM_DLKM_PARTITION_SIZE and
must be 64MB or higher in size (enforced via vts).
Bug: 200082547
Test: TH
Test: atest vts_system_dlkm_partition_test
Signed-off-by: Ramji Jiyani <ramjiyani@google.com>
Change-Id: I83435123bd8aa3d04ab8a8b650a95fbab0bc49f2
win_sdk is deprecated, if given on the command line
sdk will be build instead.
Bug: 212724080
Test: Presubmits
Change-Id: Ib3bd51923142b00100b49585ad88bc1292da2463
New scheme is to certify kernel & ramdisk image separately, and
effectively decouple kernel & user space ramdisk image.
Under the new scheme, the --os_version and --os_patch_level boot header
field must be empty in order to maintain consistency.
Instead, these values must be in the vbmeta hash descriptor and
GKI certificate.
The new scheme also validates the image metadata, including the security
patch level.
The 'generic_kernel' certificate is associated with the 'boot' partition
and 'generic_ramdisk' certificate with 'init_boot' partition.
The 'generic_ramdisk' certificate may be packed into the 'boot' image if
product configuration doesn't have 'init_boot' image, this is only for
testing purposes and would be removed eventually.
Bug: 210367929
Bug: 211741246
Bug: 203698939
Test: unpack_bootimg --boot_img boot.img
Test: unpack_bootimg --boot_img init_boot.img
Test: avbtool info_image --image out/boot_signature
Change-Id: Iaf48a6e3d4b97fa6bfb5e1635a288b045baa248f
This file will be used by OTA generator to compress generated patches.
We need the host copy of LZ4 to ensure that compressed bytes matches
what the device would get if the compression were to be done on device.
For more details see go/lz4diff
Bug: 206729162
Test: m dist
Change-Id: I9c4ab772b001bf47da75cb87b028a1f27e2321a8
sign_target_files_apks demands it.
Bug: 213823227
Test: run com.google.android.tradefed.ota.SigningToolTest#Testcase1_Signingtest
Change-Id: I1bba2b25a71449a57d284024e77fb76d1b79a0ee
Else the branch condition would always evaluate to true, making the
other branch useless and wrong!
Bug: 211741246
Test: m dist
Change-Id: I4791712632cbe0d5a9e20962c8425dd20bbe0bfd
For system/framework, it now also includes *.jar.prof (needed by
odrefresh), *.vdex and <arch>/*.{odex,art} (for future-proof).
system/etc/classpaths/*.pb are also added so that we can run
derive_classpath to collect from.
system/etc/updatable-bcp-packages.txt is removed because it's no longer
used by ART.
Bug: 206869687
Test: see new files in `unzip -p $OUT/system/etc/security/fsverity/ \
BuildManifest.apk assets/build_manifest.pb`
Change-Id: Id759f5caec8ba683af8629956b9268a4fbd74186
This variable can be set instead of TARGET_RECOVERY_FSTAB
in order to specify a generated fstab file.
Bug: 201700692
Test: Presubmits
Change-Id: If0fae81ec53915e9ed4bab2e8b1a9f8376894537
Otheriwse, the build complains about missing files when
PRODUCT_SYSTEM_FSVERITY_GENERATE_METADATA is enabled (aosp/1937717).
Bug: 206326351
Test: clobber, set PRODUCT_SYSTEM_FSVERITY_GENERATE_METADATA := true, build
Change-Id: I11d18914d63cab0b84ae711f2334747cb26ca234
build_image.py has been handling fsverity metadata generation in the
packing step, but it can cause issues because the metadata files are
missing in the $OUT directory, and they only exist in result system.img.
This change moves the generation logic into Makefile, and makes the
metadata tracked by ninja graph.
Bug: 206326351
Test: PRODUCT_SYSTEM_FSVERITY_GENERATE_METADATA := true and build
Change-Id: I1f910d8ac6e2cc3c54f35916871733c632f18e44
releasetools preconditions requires build metadata defined in
SYSTEM/build.prop even when building a system.img-less product.
Copy the SYSTEM/build.prop into the build artifact archive whenever
possible to make add_img_to_target_files happy.
Bug: 212486689
Bug: 213028932
Test: Dist build a system.img-less product. Product properties are
read from SYSTEM/build.prop and no build error occurred.
Change-Id: I2ce7f8b8ae981eaf06e2d8d2485b55b4e975caa9
Equivalent to PRODUCT_EXTRA_RECOVERY_KEYS but for A/B OTA.
Bug: 211848136
Test: set PRODUCT_EXTRA_OTA_KEYS and check otacerts.zip
Change-Id: I81e27d12a22b405f6227b09c01ed684dfcede19e
These options are for certifying official GKI release, so they should
never be added to build command of recovery.img and boot-debug.img.
Also define gki_signing_signature_args in misc_info.txt iff.
BOARD_GKI_SIGNING_KEY_PATH is defined, so there's one less conditional.
We need to define it even if BOARD_GKI_SIGNING_SIGNATURE_ARGS is empty,
so that sign_target_files_apks.py can modify the option during image
signing.
Bug: 210367929
Test: Presubmit
Change-Id: I9546fcda796586d97af244955e15c1b8dc9f6d92
Some targets, e.g., the newly added `gki_arm64`:
https://r.android.com/1935340, have no system.img.
To avoid the build error when making the vbmeta.img on a no-system-image
target, only sets system.img's AVB settings when it exists,.
Bug: 212486689
Test: `lunch gki_arm64-userdebug; make` with BOARD_AVB_ENABLE := true
Change-Id: I5e3c531e74116e421506a86ffce83848e7a9d6ea
Macro images-for-partitions() returns $(INSTALLED_INIT_BOOTIMAGE_TARGET)
for the 'init_boot' partition, which is empty. It should return
$(INSTALLED_INIT_BOOT_IMAGE_TARGET) instead.
Bug: 203698939
Test: `make` without chaining 'init_boot' partition
Change-Id: I387813283dfad7e1b2f762a5fa4065775977caf7
If a build target does not contain system image, it doesn't
output anything to root folder. The patch fix the build error for
the case the root folder is empty.
Bug: 212486689
Test: make bootimage dist
Test: Build pass
Change-Id: I4f1376eb7e615f48171ed9c3057c5a78074abaa6
This ramdisk used to be in boot.img, and is now placed into this new
init_boot.img instead.
This new image is used for a new init parition to seperate Android
platform artifacts from the kernel artifacts in boot.img.
Test: boot Cuttlefish
Bug: 203698939
Change-Id: Iaaf82486259979ab728730ce72a4e847ae005c18
OTA will need to know the compression parameter used to construct EROFS
images. Currently, mkfs.erofs uses lz4hc,9 if the user didn't specify
one. But mkfs's default behavior is subject to change in future
versions. Therefore, explicitly specify the compression parameters so
OTA tooling can properly encode/decode erofs images.
Test: th
Change-Id: Ibbf67502827ee79437b766349be289048e685759
external/zucchini/version_info.h contains version info for zucchini
diffing algorithm. OTA tools will use these version info to check for
compatibility and determine if zucchini can be used safely. Owners of
zucchini agreed to keep the format of version_info.h stable so it's
parser friendly.
Bug: 194237829
Test: m dist
Change-Id: If8e37533933b346d3f03adab9263679910ab328c
fsverity digest manifest stores a map from files to fsverity digests.
The manifest is installed as a serialized protobuf file, to a signed apk
system/etc/security/fsverity/BuildManifest.apk.
Bug: 193113311
Test: build with PRODUCT_SYSTEM_FSVERITY_GENERATE_METADATA := true
Change-Id: I55fc10400206b8ce0d5f198faea08fe3930b362c
