If the BoardConfig defined BOARD_VENDOR_RAMDISK_MODULES_LOAD and
BOARD_VENDOR_RAMDISK_RECOVERY_KERNEL_MODULES_LOAD, generate both a
modules.load and modules.load.recovery respectively on the vendor
ramdisk. BOARD_VENDOR_RAMDISK_MODULES must be the set, or super set,
of all the modules represented in both of *_LOAD BOARD variables.
Signed-off-by: Mark Salyzyn <salyzyn@google.com>
Bug: 151950334
Test: build, confirm, fastboot flashall, boot with split.
Merged-In: Ib2925aec6ea7a2a01a554c808d6697d8c85f9fc0
Change-Id: Ib2925aec6ea7a2a01a554c808d6697d8c85f9fc0
The size of the ramdisk has greatly increased, which can be a source of
boot time regressions. Strip the modules of debug symbols for the vendor
ramdisk and vendor partitions; vendor stripping can be skipped via BOARD
config.
Bug: 156395749
Signed-off-by: J. Avila <elavila@google.com>
Change-Id: I248d4e2097992f00975b344b5da41aa5d8016812
avb_extra_custom_image_extra_args can be set to
'oem=--signing_helper_with_files=/tmp/avbsigner.sh' on signing server.
The second '=' shouldn't be splitted in this case.
BUG: 154171021
Test: Manually sign target zip files which has custom images.
sign_target_files_apks -d certs --avb_extra_custom_image_key \
oem=oem_rsa4096.pem --avb_extra_custom_image_algorithm \
oem=SHA256_RSA4096 --avb_extra_custom_image_extra_args \
oem="--signing_helper_with_files=/tmp/avbsigner.sh" \
xxxx-target_files.zip signed.zip
Change-Id: I815d574f791734d4c6a25a9f8d827b5b4f93d7cc
Merged-In: I815d574f791734d4c6a25a9f8d827b5b4f93d7cc
GSI do not build product partition, and contains the product
contents under /system/product/. Original logic do not generate
the product build props on this case.
The patch fixes the logic for product build props generation to
align the other partitions.
Bug: 157191627
Test: build aosp_arm64-userdebug
Test: check /system/product/build.prop in out folder
Change-Id: I350bbf8c024f747c86c6c54065d690f6b46f30c6
Merged-In: Ia88c8efecb18db9c27baa466e492bfd898b581d3
The custom images are any images owned by OEMs and SoCs, oem images
mounted on /oem is an example. The oem images can be used to customize
devices for different carriers, like wallpaper, ringtones, and
carrier-specific apks. OEMs can generate multiple oem images, like
oem.img, oem-carrier1.img and oem-carrier2.img and flash different oem
images for different carriers. The oem images are only one case, OEMs
and SoCs can add more custom images and mount them to custom partitions.
This change enables custom images to be vbmeta.img chained partitions.
The following configuration in BoardConfig.mk is an exmaple. It has two
custom partitions: oem and test. They will be signed by different keys.
And they will be chained by vbmeta.img. The custom images here are
prebuilts, which can be built by `make custom_images` separately.
BOARD_AVB_<CUSTOM_PARTITION>_IMAGE_LIST should include all custom images
to apply AVB signing. And to every custom partition, one image whose
name is partition name must be added in its
BOARD_AVB_<CUSTOM_PARTITION>_IMAGE_LIST.
BOARD_CUSTOMIMAGES_PARTITION_LIST := oem test
BOARD_AVB_OEM_KEY_PATH := external/avb/test/data/testkey_rsa4096.pem
BOARD_AVB_OEM_ALGORITHM := SHA256_RSA4096
BOARD_AVB_OEM_ADD_HASHTREE_FOOTER_ARGS :=
BOARD_AVB_OEM_ROLLBACK_INDEX_LOCATION := 1
BOARD_AVB_OEM_PARTITION_SIZE := 5242880
BOARD_AVB_OEM_IMAGE_LIST := \
device/xxxx/yyyy/oem/oem.img \
device/xxxx/yyyy/oem/oem1.img
BOARD_AVB_TEST_KEY_PATH := external/avb/test/data/testkey_rsa2048.pem
BOARD_AVB_TEST_ALGORITHM := SHA256_RSA2048
BOARD_AVB_TEST_ADD_HASHTREE_FOOTER_ARGS :=
BOARD_AVB_TEST_ROLLBACK_INDEX_LOCATION := 2
BOARD_AVB_TEST_PARTITION_SIZE := 10485760
BOARD_AVB_TEST_IMAGE_LIST := \
device/xxxx/yyyy/test/test.img \
device/xxxx/yyyy/test/test1.img
To resign the custom images in the target zip file, the
avb_extra_custom_image_key, avb_extra_custom_image_algorithms and
avb_extra_custom_image_extra_args options are added to the
sign_target_files_apks tool too. The following test cases list some
examples about how to use them.
BUG: 154171021
Test: 1) "atest --host releasetools_test releasetools_py3_test -c"
2) Build images by 'make dist', sign and validate target files.
a) Test on dist w/ chained vbmeta_system and ome custom images
sign_target_files_apks -d certs \
--avb_extra_custom_image_key oem=oem_rsa4096.pem \
--avb_extra_custom_image_algorithm oem=SHA256_RSA4096 \
xxx-target_xxx.zip signed.zip
validate_target_files.py signed.zip
Flash image and boot up.
Verify the oem images and vbmeta images in OUT and target zips by
avbtool.
b) Test on dist w/ chained vbmeta_system and oem and test custom images
sign_target_files_apks -d certs \
--avb_extra_custom_image_key oem=oem_rsa4096.pem \
--avb_extra_custom_image_algorithm oem=SHA256_RSA4096 \
--avb_extra_custom_image_extra_args oem=--do_not_generate_fec \
--avb_extra_custom_image_key test=test_rsa4096.pem \
--avb_extra_custom_image_algorithm test=SHA256_RSA4096 \
xxx-target_xxx.zip signed.zip
validate_target_files.py signed.zip
Verify the oem, test images and vbmeta images in OUT and target zips
by avbtool.
c) Test on dist w/o chained partition.
sign_target_files_apks -d certs xxx-target_xxx.zip signed.zip
validate_target_files.py signed.zip
Flash image and boot up.
Verify the vbmeta images in OUT and target zips by avbtool.
Change-Id: Ifccfee5e8909697eef6ccda0cc352fa16a9f6db6
Merged-In: Ifccfee5e8909697eef6ccda0cc352fa16a9f6db6
When sign_apex.py re-signs an apex, the hash algorithm is extracted and
it is used when re-packaging the file.
Bug: 155771970
Test: releasetools_py3_test doesn't regress
(some tests were failed, but they failed even without this change:
test_ApexApkSigner_apkKeyNotPresent (test_apex_utils.ApexUtilsTest) ... ERROR
test_ApexApkSigner_noApkPresent (test_apex_utils.ApexUtilsTest) ... ERROR
test_ApexApkSigner_noAssetDir (test_apex_utils.ApexUtilsTest) ... ERROR
test_ApexApkSigner_signApk (test_apex_utils.ApexUtilsTest) ... ERROR)
Merged-In: I996a33e0208d3dd3a04a31b8dafb27ef995297f2
Change-Id: I996a33e0208d3dd3a04a31b8dafb27ef995297f2
(cherry picked from commit a1887f326c)
This sets external_storage.sdcardfs.enabled=0 from emulated_storage.mk,
which will disable sdcardfs on devices that are using casefolding and
quotas as sdcardfs replacements. This allows the device to use these if
sdcardfs is present in the kernel.
Bug: 155222498
Test: mount|grep "type sdcardfs" should find nothing after boot complete
if external_storage.sdcardfs.enabled=0
Change-Id: Id0446a7cac5ac768afc3b3e046359fc4e945e554
am skip reason: Change-Id Ib9ccae38430340de38e4758b4f55df2c65ea60d5 with SHA-1 b3a503df7f is in history
Change-Id: I857709a0805622d6c16a44b393ab1f38cacaddee
The different boot images in aosp_arm64 have different partition size
requirements. Add support for defining a partition size associated with
each boot image variant.
This support is limited to aosp_arm64 currently, which is built with
recovery-as-boot.
A previous version of this change did not update the boot-debug image
AVB logic with the required macro for multiple boot partition size
support. This is now required because the aosp-arm64 boot.img is
configured as a chained AVB partition.
Bug: 156036850
Bug: 155049180
Change-Id: I66b57de91042bfd56ba54a3659843d8cf7873955
Merged-In: I66b57de91042bfd56ba54a3659843d8cf7873955
We recently modify the logic in install-recovery.sh to support
non-A/B updates on VAB launched devices. And the position of the
$(getprop ro.boot.slot_suffix) is misplaced for the recovery image.
For example:
"if ! applypatch --check EMMC$(getprop ro.boot.slot_suffix):/dev/block/recovery:SHA1"
should be:
"if ! applypatch --check EMMC:/dev/block/recovery$(getprop ro.boot.slot_suffix):SHA1"
Bug: 156979431
Test: rerun add_image_to_target_file, then validate_target_files
Change-Id: Id2d45e281151a46d66b37ea8fdb7b5cb4ae72e81
Now that NetworkStack was bumped to API 30, use NetworkStack instead of
NetworkStackNext on the system image.
This change should not be merged in branches that are used for building
S system images for internal testing. Note that the merged-in change
is not related to this change; it is just used to prevent this change
from merging into the aosp/master merge path.
Bug: 143586229
Test: m
Merged-In: Ibc74edb88904f953a1e5e6ceef44c461f381c9cf
Change-Id: I484e148fab80a01d2b20ebf48604d9e923fe7cd3
When `OVERRIDE_TARGET_FLATTEN_APEX` is defined (e.g. set in the
environment), `TARGET_FLATTEN_APEX` is forcibly assigned its value.
This is useful to enable/disable APEX flattening from the command
line (thus ignoring the product's default configuration), for testing
purposes.
Note: Previously it was possible to set `TARGET_FLATTEN_APEX` directly
and have the same effect, but recent changes in the build
configuration now prevent that option.
Test: Check that:
export OVERRIDE_TARGET_FLATTEN_APEX=true \
&& . ./build/envsetup.sh \
&& lunch aosp_walleye-userdebug \
&& export OVERRIDE_TARGET_FLATTEN_APEX=true \
&& build/soong/soong_ui.bash --dumpvar-mode TARGET_FLATTEN_APEX
returns:
true
Bug: 121117762
Merged-In: Ib9ccae38430340de38e4758b4f55df2c65ea60d5
Change-Id: Ib9ccae38430340de38e4758b4f55df2c65ea60d5
(cherry picked from commit b3a503df7f)
The secondary payload is used by factory OTA to speed up the first
boot of the device. The payload should only contain bootloaders
images and the precompiled apps in system_other. Remove vendor_boot
to reduce the secondary payload size.
Bug: 156782745
Test: build a package with secondary payload
Change-Id: I3a9f6dda00a5aac038438065e2bc6483d71b5e95
(cherry picked from commit c385064d94)
Link type checking is already done within Soong, and
SOONG_SDK_VARIANT_MODULES is not complete yet while parsing Soong
modules, skip JNI link type checking for Soong apps.
Bug: 156225490
Test: m checkbuild
Change-Id: I2f6824b180ccdd62c26497bdca527540ca22f0d7
Merged-In: I2f6824b180ccdd62c26497bdca527540ca22f0d7
(cherry picked from commit 1c8d81e5d9)
Some devices refer to libwifi-hal-emu via
BOARD_WLAN_DEVICE := emulator
we need to import the device/generic/goldfish
namespace to link the libwifi-hal-emu symbol.
Bug: 154151802
Test: presubmit
Signed-off-by: Roman Kiryanov <rkir@google.com>
Change-Id: I68b0f9bd22e50c2a86e0dbe62abc17991581703e
BOARD_EXT4_SHARE_DUP_BLOCKS can reduce the image size. Move it to
BoardConfigMainlineCommon.mk to apply on all mainline based
targets.
Bug: 155589918
Test: build aosp_arm-userdebug
Test: build gsi_gms_arm64-userdebug
Test: build sdk_gphone_arm64-userdebug
Change-Id: I8c4c7c9b2982daf6bf02991b4e62a43b296d003e
Enables signing for them so we can verify that the boot partition
contains a valid generic boot image during the compliance test.
This change also adds the chained partition descriptor of
boot partition into vbmeta.img, which contains the corresponding
public key used to verify the boot partition.
Bug: 151094943
Test: lunch aosp_arm64-user, `make` and use `avbtool info_image`
to check that GKI images are properly signed.
Test: `make dist` and checks that GKI images in the image zip file
are properly signed.
Change-Id: I2fd69964f9dc62526a813875fa9193913aa4935b
Merged-In: I2fd69964f9dc62526a813875fa9193913aa4935b
(cherry picked from commit 0f95ac7e8c)
Whenever a device is retrieved from fstab, wrap it with
add_slot_suffix() if it has slotselect option.
Test: change fstab (changes boot image, which is a static partition),
change system partition (a dynamic partition),
generate incremental OTA with --force_non_ab and apply it on
cuttlefish
Bug: 153581609
Change-Id: Id3f8e4425b65176baf1b0ff1ee07ab3d820a3a7f
Force generate a non-A/B update package when requested.
Bug: 154344887
Test: ota_from_target_files.py --force_non_ab ...
Test: apply it as well
Change-Id: I5e81eb161722e07ef50081b6a16685cbc9963ae2
When building from source this gets installed as a requirement
from Conscrypt, but needs to be present when Conscrypt is
shipped as a pre-built too.
I think the correct solution here is actually to make libcrypto
rather than Conscrypt require boringssl_self_test but Soong
considers that a circular dependency.
Bug: 155520949
Test: m installclean && m
Change-Id: I77b2921d1d7b6be493cd581c46adbadd1f186fb0
Merged-In: I77b2921d1d7b6be493cd581c46adbadd1f186fb0
(cherry picked from commit f5a05c4a4b)
For older target_files.zip, since "recovery_mkbootimg_args" may not be
set fallback to the earlier config -"mkbootimg_args" for recovery image.
This will make releasetools backward compatible, and usable for
older/already generated target-files package.
Bug: 155708400
Change-Id: If40359130b8e6da48cb8c345d8cb079f457fe36f
Merged-In: If40359130b8e6da48cb8c345d8cb079f457fe36f
