If a module is uninstallable, the shared library dependencies are not
set up and thus the ELF file check may fail incorrectly. In this case,
there is no need to check ELF files anyway.
Test: Build walleye with no-vendor-variant VNDK enabled and does not
see erroneous failure anymore.
Change-Id: Icd115fc82daedf11795800de5cbe87c87073586a
This setting moves the PRODUCT_PROPERTY_OVERRIDES to
the vendor partition.
Bug: 80410283
Test: tail system/build.prop | grep ro.carrier=
(empty)
Change-Id: I30d564fbd2dd3b56763ccff77979b223857f1c2f
Previously it was following a wrong order by doing `zipalign` after
calling SignApk, which effectively compromised the signature. This CL
corrects the logic, and follows the same flow as in build system:
- Pack APEX file;
- `zipalign -f 4096`;
- Call SignApk to sign the container with `-a 4096` flag.
Bug: 129148142
Test: Run sign_target_files_apks.py on taimen target_files.zip. Boot the
image after signing.
Change-Id: I91bd3dce4f45c1891c5e122212a699f4808618fa
(cherry picked from commit 0e06cb0a8b)
For PRESIGNED APEXes, we should keep carrying the matching public keys
at /system/etc/security/apex.
Bug: 129148142
Test: Run sign_target_files_apks.py on a target_files.zip with presigned
APEXes. Check the output zip.
Change-Id: I2e941fd9b10e99d2db9df1e5308cbbe8c760177b
(cherry picked from commit bf3fb024cd)
This config was in a weird state where it sets the OUT
directory for these partitions but not the file system
type. Within the build system, both of these variables
are used interchangeably to check whether these partitions
are expected to be present.
A typical mainline device is expected to /vendor and
/product, so just add these.
Bug: 120974093
Test: make
Change-Id: I803d7afdcadc37e4384ae80f08bc1c8db535d2f4
Configure this product not to build any of the other partitions.
Note that the only partition that currently has artifacts produced
is system_other, and this change doesn't appear to prevent odex/vdex
files from being created there anyway. However, it does allow
configuring the target device (mainline_arm64) to have more partitions
in a followup change.
Bug: 111533333
Test: make
Change-Id: Ib115cb03bc99b9b61e0d6f1b622784e7ad5fcea0
This change changes auto-generated RROs from DEVICE_PACKAGE_OVERLAYS
to be generated in the vendor partition, as opposed to /product where
they were generated in the past.
Note that PRODUCT_PACKAGE_OVERLAYS continue generating RRO packages
to /product, which means that a single app can be overlayed from
different partitions. These RROs have been given module and package
names based on their location.
Bug: 127758779
Test: verify noop on presubmit targets
Change-Id: I5cee70e28e3969e67b2d83eaf25d9c6e3a11102d
The adb_debug.prop will be loaded by init when the file
/force_debuggable is present in the first-stage ramdisk, and the device
is unlocked. This file has the highest priority to override other system
properties, thus can override ro.debuggable to 1 to allow adb root.
Bug: 126493225
Test: boot a device with /force_debuggable in ramdisk, checks
adb_debug.prop is loaded
Change-Id: I75d661bb04178f584d8b6f5eba26ae35ccb01239
This is a stop-gap measure for a proper fix enforcing library "ownership" in
Soong: b/128708192
Test: m systemimage (with and without libs that exist in /system/lib)
Test: Check that this fails:
m systemimage
m out/target/product/taimen/system/lib/libjdwp.so
m systemimage-nodeps
Bug: 124293228
Change-Id: Iac0d0cec7d9e216028a0caccfbb76838514d4a7b
The file $(TARGET_OUT_ETC)/update_engine/update-payload-key.pub.pem
is installed conditionally based on this variable, and was found
to differ between mainline_system and the intended device targets.
Also move the variable from gsi_common.mk as GSI inherits the mainline
boardconfig. The variable is not a PRODUCT flag (and not inherited as
such), so fits better in the BoardConfig I think.
Bug: 80410283
Test: presubmit
Change-Id: Ida6fa923fd01b062ff3b93e7737e1e6edf7e4fa1
Due to the runtime APEX, the symbols directory now contains a symlink;
./apex/com.android.runtime -> com.android.runtime.debug (or .release).
Previously, this symlink itself was included in the symbols.zip file.
And this is causing problem to the online stack tool which does not
follow the symlink in the zip file. Instead of fixing the problem in the
stack tool side, this change let the packaging routine to follow the
symlink and copy the files behind the symlink as if they were under a
directory that isn't a symlink. (i.e.
./apex/com.android.runtime/bin/dex2oat is added)
Bug: 120846816
Test: m dist with marlin (flattened) and blueline (non-flattened)
examine symbols.zip file and check that unstripped shared libraries are
found under /apex/com.android.runtime directory
Change-Id: I1d1c787a2e8ab7209410dfa2cff749a7042e21b0
/product/etc/security/avb/system_other.avbpubkey is only needed
when BOARD_AVB_ENABLE is true. This fixes the build error of
Marlin/Sailfish.
Bug: 123611926
Bug: 129029207
Test: make
Change-Id: I73f948d84f91cd6fbe49a2de7bf12e46eebe6ede
This reverts commit 5516d37f41.
The previous issue in unzipping non-matching files has been addressed
with commit a49054ca2f2959f50f3188914ec0faebc90ebcbe. This CL rolls
forward to allow dumping container certifcates for APEXes.
Bug: 128848294
Test: Run check_target_files_signatures.py on target_files.zips w/ and
w/o APEX files.
Change-Id: I662aab3d96fc40ac8e5e206e32b73ac763220b70
common.UnzipTemp() calls `unzip` to do the unzipping, which will
complain if there's non-existent names in the given list. Prior to this
CL, callers had to do the work to remove non-existent entries. This CL
filters out the given patterns in common.UnzipTemp()/common.UnzipToDir()
to make callers' works easier.
Bug: 128848294
Test: `m dist` with aosp_taimen-userdebug (which calls
ota_from_target_files.py on a target_files.zip that doesn't
contain RADIO/*).
Test: `python -m unittest test_common.CommonZipTest`
Change-Id: I5e741c27ea8d0b8126c398a7e1b56a8deb4a3d7f
When TARGET_VNDK_USE_CORE_VARIANT is set to true, the vendor variant of
VNDK libraries are by default not installed. Instead, the core variant
will be used by vendor binaries at runtime.
To ensure the core variant of VNDK libraries are installed, we also add
a flag LOCAL_VNDK_DEPEND_ON_CORE_VARIANT to indicate that the vendor
variant module depends on the core variant module. This flag should be
set by Soong for all VNDK libraries without the vendor variant
installed. When the flag is set, the vendor variant binary is also
compared against the core variant binary to ensure they are
functionally identical.
As we are merging the two variants for some libraries, we need a new
link type to denote a module is usable as both native:vndk and
native:platform. We add native:platform_vndk for this.
Bug: 119423884
Test: With the corresponding Soong change, build with
TARGET_VNDK_USE_CORE_VARIANT set to true.
Test: Add a dummy VNDK library and a dummy vendor binary that depends
on it. Build with no-vendor-variant VNDK and check the core
variant is installed.
Test: Add conditional compilation based on __ANDROID_VNDK__ in the
dummy VNDK library and check build fails.
Change-Id: I40000f2728e8193212113c1ee950e9d697f2d40d
This is similar to module-built-files, except that it only returns
files built for the target, not the host.
Bug: 119423884
Test: Build with the no-vendor-variant VNDK change that uses this
function.
Change-Id: I2a3d99003b05999eae01c0b90bb62b5263d65592
It used to be depended on by something on /product, but this
is no longer the case.
Bug: 119619080
Test: build downstream users of mainline_system
Change-Id: Iabe1dbb45499b25295f741a62336cb86e4565d60
Skips the step that invokes dot from the build, and instead
prints suitable commands to convert to image formats.
Bug: 114729998
Test: m product-graph
Change-Id: I172e1a792c32c2685d2f439f414dc66267ed6b83
Currently system_other AVB public key is placed in system.img.
However, this makes it's harder to have a *generic* system.img
across different product configs. Moving the key to /product
partition to allow more product-specific AVB keys.
Device board config can add /product/etc/fstab.postinstall,
to mount system_other with this key in /product. It can specify
different mount options, file systems, verity settings, etc., in
this product-specific fstab as well.
Bug: 123611926
Test: `make productimage` checks the following is generated.
$OUT/product/etc/security/avb/system_other.avbpubkey
Also checks it's included in $OUT/installed-files-product.{json, txt}
Test: run the following command and checks that
PRODUCT/etc/security/avb/system_other.avbpubkey is updated:
./build/tools/releasetools/sign_target_files_apks \
--avb_system_other_algorithm SHA256_RSA2048 \
--avb_system_other_key external/avb/test/data/testkey_rsa2048.pem \
out/dist/*-target_files-*.zip signed-target_files.zip
Change-Id: I6804f29941bec54375d80bd68a5aedb5c23b842e
This commit updates how `check_elf_file.py` parses the symbol name
because the `llvm-readobj` (from clang-r353983) does not print "@" if
the symbol is not versioned.
See also. https://reviews.llvm.org/D56319
Bug: 128959554
Test: CHECK_ELF_FILES=true make check-elf-files
Change-Id: I0dee5e505225e57750a2c86cf0d25a151c218eb1
