In the release signing process, it uses --signing_helper_with_files
for avbtool. This can be done by passing
--gki_signing_signature_args="--signing_helper_with_files=/path/to/helper.sh"
for mkbootimg.
However, this only works when there is a default value of
"gki_signing_signature_args" in the misc_info.txt, to be appended
with more extra args. Adding a default value "--prop foo:bar" to make
it work.
Note: also move the BOARD_GKI_* signing config to
BoardConfigGsiCommon.mk, so we don't have to duplicate the settings
for each architecture.
Bug: 178559811
Bug: 177862434
Test: `make bootimage`
`unpack_bootimg --boot_img $OUT/boot.img --out unpack`
`avbtool info_image --image ./unpack/boot_signature`
Change-Id: I8bd8ad3acf324931b47d45fd30bc590206b1927e
Delete 5.10-android12 because it is not frozen yet.
Bug: 185445182
Bug: 186647770
Bug: 187432172
Test: build aosp_cf_arm64_phone-eng
Change-Id: Ic28cd0078ba65f92f6867c6106c1d70f442b7040
At runtime it is now responsibility of derive_classpath to define value
of BOOTCLASSPATH. As we are modularizing BCP configs, the end goal is to
have a following ordering:
- ART APEX jars
- /system jars
- /system_ext jars
- /apex jars from non-updatable apexes
- /apex jars from updatable apexes
Note that /apex configs are sorted alphabetically, however they preserve
relative ordering of the jars exported from individual apexes. For
example, core-oj.jar would come before bouncycastle.jar if ART apex
defines their relative order as such.
To match end goal expectations of the APEX ordering, sort existing list
of PRODUCT_UPDATABLE_BOOT_JARS.
Bug: 180105615
Test: presubmit
Change-Id: I15512c0da79ad94b547325d563dac473c006f9fd
Merged-In: I15512c0da79ad94b547325d563dac473c006f9fd
The default algorithm is sha1, which shouldn't be used now.
Becaues sha256 is more robust against malicious attacks.
Bug: 187021780
Test: TreeHugger
Change-Id: Ia325f59d09687d6d501d9710cbdd3339d7566c60
For go/updatable-bootclasspath it would simplify the logic if all
system boot jars were in a single block, instead of having some apex
jars in between them.
core-icu4j.jar used to be part of ART_APEX_JARS before it moved to its
own apex. However, this change puts it after system jars in relative
ordering.
Bug: 180105615
Test: presubmit
Change-Id: Icadc1b67191172bb02d1a15bdfa3d2e6f69227aa
Debugfs build-time/run-time restrictions must be enabled on GSI builds
as well.
Test: Build, boot
Bug: 184381659
Change-Id: I940b0a2f6e22086dd479004a68bf6ad1cfe9eb13
This setting doesn't really make sense for unbundled builds but does
have the side-effect of turning on "full treble", which in turn is used
by some modules (libhidlbase) to conditionally use some particular -D
when compiling. The media.swcodec does not work without this define.
Bug: 185759877
Bug: 185789027
Test: compare media.swcodec apex build with module_arm64 and aosp_arm64
Change-Id: I1ebeb5f37816d8576a00ab7553cb4e9e1cab8cfa
This is a step on the way to make module_arm64 to produce the same
artifacts as aosp_arm64 when building unbundled modules.
Bug: 185765252
Bug: 185789027
Test: compare media.swcodec apex build with module_arm64 and aosp_arm64
Change-Id: I50d29c1d57849fd915dc771bb8e9f028fbe8efcd
This setting changes which libraries are included in the media.swcodec
apex, and is a step on the way of eliminating the differences when
building between module_arm64 and aosp_arm64.
Bug: 185769808
Bug: 185789027
Test: compare media.swcodec apex build with module_arm64 and aosp_arm64
Change-Id: Iafb0194827f984a7ba108f519016d24b2980e2e1
This reverts commit f8283a8bf6.
Test: device boots
Test: OTA from uncompressed apexes to compressed apexes works
Bug: 169780183
Bug: 184746992
Bug: 185082717
Change-Id: I62e379f44a1dcf8ebd2b3448dc1381cd99427b45
This certificate will be used to enforce a clean break between "old" CTS
UICCs and new ones. The new UICCs will have hardware support for new
calculations that the old ones aren't capable of.
Old certificate:
./testkey.x509.pem
SHA-1: 61:ED:37:7E:85:D3:86:A8:DF:EE:6B:86:4B:D8:5B:0B:FA:A5:AF:81
SHA-256: A4:0D:A8:0A:59:D1:70:CA:A9:50:CF:15:C1:8C:45:4D:47:A3:9B:26:98:9D:8B:64:0E:CD:74:5B:A7:1B:F5:DC
New certificate:
./cts_uicc_2021.x509.pem
SHA-1: 06:97:71:39:21:E8:65:D0:1C:45:C4:A8:8D:45:7A:9D:96:F4:39:27
SHA-256: CE:7B:2B:47:AE:2B:75:52:C8:F9:2C:C2:91:24:27:98:83:04:1F:B6:23:A5:F1:94:A8:2C:9B:F1:5D:49:2A:A0
We won't yet submit the change to switch the signature of
CtsCarrierApiTestCases, as that will introduce downstream presubmit and
postsubmit failures until the new hardware is available for device labs.
Bug: 178419755
Test: temporarily switch CtsCarrierApiTestCases to be signed with
cts-uicc-2021-testkey, ensure:
- Suite fails on a device with the old CTS SIM due to lack of carrier
privileges
- Suite passes with updated cuttlefish modem simulator ARF content
Change-Id: I7598426bd3e4db90a8f0d8d80ea03468fb30f876
Previously:
* If EMMA_INSTRUMENT_FRAMEWORK=true then jacocoagent was
added to the ART_APEX_JARS which itself is added to
PRODUCT_BOOT_JARS.
* If EMMA_INSTRUMENT=true then it was added directly to the
PRODUCT_BOOT_JARS.
* If both were true then it was added in both places ending up on the
bootclasspath twice.
Bug: 185369704
Test: m EMMA_INSTRUMENT=true EMMA_INSTRUMENT_FRAMEWORK=true droid
m droid
Change-Id: Id1d4d1c98455cb2859ed5e4071a0cf14fb40eec4
This change cleans up after the work to remove the android.test.base
classes from the bootclasspath. That work allowed the presence of
android.test.base in the bootclasspath to be configured at build time
to allow the changes to be tested without affecting the standard
Android builds and avoiding having to repeatedly reapply/revert the
changes that excluded android.test.base from the bootclasspath. That
change has been applied and stuck and no builds change the default by
setting REMOVE_ATB_FROM_BCP=false so we no longer need to support that
capability.
This change removes the build time switch to add
framework-atb-backward-compatibility to the bootclasspath and another
change in the same topic merges those classes into the
framework-minus-apex module. So, while a module has been removed from
the bootclasspath the classes available on it have not changed.
Bug: 184331423
Test: m nothing
Change-Id: I9dadaf8b0c2684bf1983b353bb2acf4f42655e1a
Everyone's on libFuzzer now.
(The "fuzz" referred to in base_system.mk was removed in Android 11, but
this reference was left lying around.)
Bug: http://b/184301511
Test: treehugger
Change-Id: I6fe0f2c37e014647802279a656d2c6c9625b7a44
This reverts commit 63c65c776d.
Reason for revert: Original bug was resolved by updating branch config
Change-Id: I1136570f9bd01d050beb55705cc90040dd396ecc
aosp_arm64 and gsi_arm64 build the boot.img binaries with prebuilt
kernels.Exporting the prebuilt-info.txt in dist folder makes to
easier to see which kernel build on AndroidCI.
Bug: 183504624
Test: lunch gsi_arm64-userdebug; make -j dist
Change-Id: I18f63af8588ced93e57b9d24e3b196d6f5694e72
They lack some libraries (e.g. RadioConfigLib), which makes it
impossible to translate their module names to library name, so the check
fails.
Bug: 183339664
Bug: 132357300
Bug: 183616134
Test: treehugger
Change-Id: I2f5f646f0fba054f9ef6a0e45afa2ecc70d5fcf0
Bug: 183068624
Test: "m dist" on GSI and check the build artifacts under OUT and DIST
directories, and check the contents of *-img-*.zip
Change-Id: I2474e5fd69534a5890eecd0c81e10a583e4423be
These images are never used by GSI. Building them is a waste of resource
and a potential source of confusion, for they are packaged into the
*-img-*.zip of GSI. Skip building them.
Bug: 183068624
Test: "m dist" on GSI and check the build artifacts under OUT and DIST
directories, and check the contents of *-img-*.zip
Change-Id: Ic14cfdd10ed26d975b369ce128e4b284378219ef
