Modify the abort() function in the OTA update generation script to
report an error code. The recoveryimage will parse the code and write it
into last_install for further data analysis.
Bug: 28934032
Change-Id: I2d62f81fd352c3102fb84f054972ac0ecb965a21
commit f54216f292 packed the base_fs files
into target_files.zip and added assertion to ensure the existence of the
files. We don't want to fail the OTA generation for the target_files.zip
without the base_fs files. Change the assertion into warnings instead.
Bug: 28547368
Change-Id: I6fd758a0a4fdfff02d1640fa46cf43d971627e26
Pack the base_fs files ({system,vendor}.map) into target_files.zip,
which would be needed when rebuilding the images at signing.
Reset the base_fs paths to point to the files in META/.
Also add blk_alloc_to_base_fs into otatools.zip.
Bug: 27698960
Change-Id: If4eb274b3f3d839c4365624f46f0dc89bd2fa440
For incremental BBOTAs, commit [1] changed to verify only the touched
blocks to reduce the update time. This CL fixes the bug when there's no
changed block between the two builds.
[1]: commit d522bdc9ed
Bug: 27813356
Bug: 28195498
Change-Id: Ia752d3cf034c544517458ed15df509d4596e21fa
For incremental BBOTAs, we used to verify the integrity of all the
blocks in the source partition. In order to reduce the time cost under
recovery, this CL changes to only verify the blocks that will be touched
in the given OTA package (BBOTA >= 3 only). This is a trade-off between
performance and reliability.
Bug: 27813356
Change-Id: I3975ae6f461f0f7e58d24f1df7df46a449d2988b
post-install verification calls range_sha1() and checks if the given
partition has expected contents. It takes roughly 20 seconds on
angler with 2.8G system image. Remove it to speed up OTA update. Also
abort the update if block_image_update() fails, as we were relying on
post-install verification to capture block_image_update() failures.
Bug: 27729678
Change-Id: I8123cd8929295ec26df247acf6bb51df813771d9
This changes the build system to provide the signapk tool with the
minSdkVersion of the APK being signed. signapk in turn will then use
SHA-256 instead of SHA-1 if minSdkVersion is 18 (JB MR2) or higher
(see c2c49ed0c1).
To avoid increasing incremental OTA update package sizes for already
released platforms, release build scripts disable the above logic when
signing target files ZIPs for pre-N platforms.
Bug: 25643280
(cherry picked from commit 2cfd1d108c)
Change-Id: I38450d07ddc05c705de40313f843beada8db7d98
Add "ota-required-cache" into the metadata file in an OTA package,
which shows the minimum free space on /cache to apply the update.
Add "ota-type" into the metadata file, which shows the OTA type for
this package (i.e. one of FILE, BLOCK and AB).
Also add the cache free space check into updater-script when generating
block-based incremental OTAs (we only had such lines for file-based
incrementals before).
Bug: 26731903
Change-Id: Id6ff0fc4cdfb1443636b0b3800b0f8bddb5bb1d0
(cherry picked from commit d8d14bec0d)
This changes the build system to provide the signapk tool with the
minSdkVersion of the APK being signed. signapk in turn will then use
SHA-256 instead of SHA-1 if minSdkVersion is 18 (JB MR2) or higher
(see c2c49ed0c1).
To avoid increasing incremental OTA update package sizes for already
released platforms, release build scripts disable the above logic when
signing target files ZIPs for pre-N platforms.
Bug: 25643280
(cherry picked from commit de5bc04717)
Change-Id: I4b100750e47788ab6ed897a0a5abfd33542e8676
This changes the build system to provide the signapk tool with the
minSdkVersion of the APK being signed. signapk in turn will then use
SHA-256 instead of SHA-1 if minSdkVersion is 18 (JB MR2) or higher
(see c2c49ed0c1).
To avoid increasing incremental OTA update package sizes for already
released platforms, release build scripts disable the above logic when
signing target files ZIPs for pre-N platforms.
Bug: 25643280
Change-Id: I058393e0971d0d6559dbd69ea902754c6c7cab14
(cherry picked from commit de5bc04717)
This reverts commit de5bc04717 because it's breaking some builds. Turns out some APKs have multiple sdkVersion attributes returned by aapt.
Change-Id: I013d6ef5eac473dd3900e0b9edf4c32cdc838bab
This changes the build system to provide the signapk tool with the
minSdkVersion of the APK being signed. signapk in turn will then use
SHA-256 instead of SHA-1 if minSdkVersion is 18 (JB MR2) or higher
(see c2c49ed0c1).
To avoid increasing incremental OTA update package sizes for already
released platforms, release build scripts disable the above logic when
signing target files ZIPs for pre-N platforms.
Bug: 25643280
Change-Id: I048393e0971d0d6559dbd69ea902754c6c7cab14
With BOARD_USES_RECOVERY_AS_BOOT = true, we skip building the
non-ramdisk boot.img but building the recovery image as boot.img. It
contains recovery's ramdisk (e.g. with /sbin/recovery). It depends on
the bootloader parameter (skip_initramfs) to determine the actual mode
to boot into.
Change-Id: Id6e2d0a2b94383944ca8f35bba688c6401745622
(cherry picked from commit d80bef2b9e)
Add a function check_first_block to read block0 and output a message
on screen if the device has been remounted. The function is called
for version >= 4 only; it executes after a failing block verification
and before recovery attempts.
Bug: 21124327
Change-Id: I49dc0b861c702698896a2495ca094215705d4650
(cherry picked from commit 9dac797013)
This makes the signapk tool use Conscrypt (where possible) instead of
the platform-default JCA providers and the Bouncy Castle JCA provider.
This speeds up (by 10-30%) APK and OTA update signing because
Conscrypt's crypto primitives are backed by BoringSSL.
Previously, the signapk tool consisted only of the signapk.jar.
Because Conscrypt is backed by native code, signapk now consists of
signapk.jar and crypto_openjdk_jni shared library. This requires that
users of the tool be updated to provide a suitable -Djava.library.path
argument to the Java runtime. This change updates all known users of
the tool inside the Android source tree to do so.
Bug: 26097626
Change-Id: I8411b37d7f771ed99269751a3007dff103083552
The packaging script is broken when we set TARGET_NO_RECOVERY and
SYSTEM_ROOT_IMAGE both. With TARGET_NO_RECOVERY set, we don't have
RECOVERY/RAMDISK/etc/recovery.fstab. It thus fails the assertion in
common.LoadRecoveryFSTab() that "/" must exist in fstab when enabling
SYSTEM_ROOT_IMAGE.
Change-Id: Id509d724f18be7cf7389dd786924ead894ac0cc1
We can generate a special OTA package that verifies all the partitions
(boot, recovery, system, vendor and etc) on a device. It also calls
device-specific script to verify bootloader and radio images. This
ensures a flashed device contains all the desired images faithfully.
Usage:
ota_from_target_files.py --gen_verify target_files.zip output.zip
Bug: 24679956
Change-Id: Ib3091d98c4b17a6fad305b3edf16d09efbda5c38
When building incremental packages, the info_dict from the source build
should be the one in use. We have done that for most of the partitions
(system and etc.), and should pass that to vendor's script as well.
Bug: 24898607
Change-Id: Ie2973d41b905637862616286663baf80df83bd88
Changes in [1] break the backward compatibility of the OTA scripts. Fix
the issue by extracting the file basename from the info dict in
META/misc_info.txt.
[1] commit d3a803e668
Bug: 23620049
Change-Id: I40a5625bbe0beb295f34b2328906a4a4283fe59b
With the change in vboot_signer (CL:744257), an additional parameter
is required to vboot_signer script. This change adds the required
parameter to releasetools as well.
BUG=23076037
Change-Id: Ice5329578b3a9bc459e278a9d404a1981b35ca88
Signed-off-by: Furquan Shaikh <furquan@google.com>
For some old builds, we may not define cache partition size. Change the
exception into a warning to make the script backward compatible.
Change-Id: Ie94c7fbb1a9f3a7db3f16e8d845e493a534aac5b
For system images that contain the root directory, we need to find the
root directory at ROOT/ instead of BOOT/RAMDISK/.
Change-Id: Ica345c8b1b03475f8ac6c44fd576045fcf17c882
Change all uses of the file_contexts file to use the
file_contexts.bin file instead.
Depends on
I75a781100082c23536f70ce3603f7de42408b5ba
I43806d564b83d57f05f5c36c8eba7b1ff4831b04
Id560d093440a2aba99cef28c20133b35feebf950
I15660f4b3e4c5cb8ae0ec1498c74d6fcbb9a0400
Change-Id: Iaf8c4b2e420f610425a07f48db7af32bda3f5b3a
Signed-off-by: Stephen Smalley <sds@tycho.nsa.gov>
When the root directory is included in system, the assumption that
system is mounted at /system breaks down. Redirect /system to /
in that case.
Change-Id: I8031b32d7cb9ca699c1cc22939e28afce9d1c847
