Support BOARD_VENDOR_KERNEL_MODULES which accepts a list of the
kernel module binaries. Binaries listed there are copied to
$(TARGET_OUT_VENDOR)/lib/modules and 'depmod' is executed to generate
the dependencies. BOARD_RECOVERY_KERNEL_MODULES is similarly
implemented to provide a way to specify kernel modules to be copied
to the recovery image.
Bug: 33305644
Test: android master build on marlin and load dummy modules
Change-Id: I0a58a270dbb0d2d38fd089f4abff66e62e14fac1
These files are used by the update console to determine the product
associated with a given target_files.zip.
Bug: 35804180
Bug: 33211225
Test: `make dist` generates a target_files.zip with these files.
Change-Id: I6066da07d76749ae64c26d5f661c7a6d06f3fb3d
System props split should be controlled regardless of kernel config
because generic AOSP system image should not include any overrides
but it will be built without kernal.
Additionally we don't have any usecase only to split system build
properties, so we don't need to have two different flags for default
and build properties.
Test: building succeeded and tested with sailfish
Bug: 34116668
Change-Id: I24e909c533da509583a7e8be01f329f52d3820fc
Otherwise it may fail the targets that don't have
external/vboot_reference in the manifest.
Bug: 35467608
Test: lunch aosp_dragon-userdebug; m otatools-package
Test: lunch aosp_bullhead-userdebug; m otatools-package
Change-Id: I35700a4d7d0723992badcfb4a03be85d07a4b9a9
(cherry picked from commit d2aed4309a)
This reverts commit b9186f2b52.
The cause of the earlier breakage has been identified and fixed by
commit 4b577413ff.
Bug: 35467608
Test: lunch ryu-userdebug; m otatools-package
Change-Id: I0ca329a3844b7d5d74443f7495b363e0f1c1c391
(cherry picked from commit 9b524ef60d)
Commit d2aed4309a didn't get merged
correctly when flowing from AOSP into internal. It only added the new
lines but without deleting the old lines (due to an inconsistent revert
in internal branch).
Bug: 35467608
Test: lunch bullhead-userdebug; m otatools-package; verify the generated
otatools.zip doesn't include VBOOT_SIGNER stuff.
Change-Id: I49064bb7beb1215543037cf94712d03b0c2537b2
Statically link libwinpthread.a, so that we don't have to ship a
libwinpthread dll with all of our windows exectuables.
Bug: http://b/31665213
Test: wine adb.exe
Test: wine fastboot.exe
Change-Id: I96414e980d8894f8f6a58c1c7bbd9dc5e0f5169c
Otherwise it may fail the targets that don't have
external/vboot_reference in the manifest.
Bug: 35467608
Test: lunch aosp_dragon-userdebug; m otatools-package
Test: lunch aosp_bullhead-userdebug; m otatools-package
Change-Id: I35700a4d7d0723992badcfb4a03be85d07a4b9a9
This reverts commit b9186f2b52.
The cause of the earlier breakage has been identified and fixed by
commit 4b577413ff.
Bug: 35467608
Test: lunch ryu-userdebug; m otatools-package
Change-Id: I0ca329a3844b7d5d74443f7495b363e0f1c1c391
ifeq with quotes is technically correct make syntax, but rarely used.
Replace it with the simpler ifndef when comparing against empty, or
with parenthesis for consistency.
Test: builds
Change-Id: Idcbe0586c4626c67d560694596b0bd9f5f93484a
Also pack the tool, vboot_signer.sh script and the test keys into
otatools.zip. This allows signing ryu target without a source repo.
Bug: 35467608
Test: m otatools-package and check the newly included files.
Test: Use otatools.zip to sign a ryu target.
Change-Id: I70f7b359f21a579463d5c7251daac81a97e338cc
(cherry picked from commit e98fb7a8d3)
Also pack the tool, vboot_signer.sh script and the test keys into
otatools.zip. This allows signing ryu target without a source repo.
Bug: 35467608
Test: m otatools-package and check the newly included files.
Test: Use otatools.zip to sign a ryu target.
Change-Id: I70f7b359f21a579463d5c7251daac81a97e338cc
If ENABLE_TREBLE and early mount of vendor partition are enabled,
overrides in PRODUCT_DEFAULT_PROPERTY_OVERRIDES will be stored in
vendor/default.prop.
If ENABLE_TREBLE and vendor partition are enabled, overrides in
PRODUCT_PROPERTY_OVERRIDES will be stored in vendor/build.prop.
default.prop of recovery image will include all the contents of
vendor/default.prop and vendor/build.prop additionally.
ENABLE_EARLY_MOUNT is added to specify whether early mount is enabled
or not, but it should be removed later when early mount becomes
default for all ENABLE_TREBLE products.
Test: building succeeded, and verified on bullhead.
Bug: 34116668
Change-Id: Ic2eb8882ae71921a76c02b3d62d3289c45949295
delta_generator has a dependency on that.
Bug: 34731113
Bug: 34723547
Test: m otatools-package
Change-Id: I70752a8c283bf98cb6106d3999515d0fd01f43b2
(cherry picked from commit 04c8a03c85)
To prevent abuse of PRODUCT_*PROPERTY_OVERRIDES and
ADDITIONAL*PROPERTIES, the following rules should be applied.
- Mark PRODUCT_*PROPERTY_OVERRIDES readonly after reading product
specs.
- Disallow any changes on ADDITIONAL*PROPERTIES from product specs
and BoardConfig.mk.
- Mark ADDITIONAL*PROPERTIES readonly before reading Android.mk
files.
Test: building succeeded on marlin-userdebug.
Bug: 34116668
Change-Id: I93d8de086ec85ba787165a156bdcc7df04310be1
(cherry picked from commit 294286d95c)
To prevent abuse of PRODUCT_*PROPERTY_OVERRIDES and
ADDITIONAL*PROPERTIES, the following rules should be applied.
- Mark PRODUCT_*PROPERTY_OVERRIDES readonly after reading product
specs.
- Disallow any changes on ADDITIONAL*PROPERTIES from product specs
and BoardConfig.mk.
- Mark ADDITIONAL*PROPERTIES readonly before reading Android.mk
files.
Test: building succeeded on marlin-userdebug.
Bug: 34116668
Change-Id: I93d8de086ec85ba787165a156bdcc7df04310be1
This information can be used to tune ext4 stripe and stride in the
userdata partition for better performance
Test: Build & flash userdata, confirm correct stripe & stride values
Bug: 33243520
Merged-In: Ia97cdd2d0239c3484b895fce49299f692ef911d8
Change-Id: Ia97cdd2d0239c3484b895fce49299f692ef911d8
Signed-off-by: Connor O'Brien <connoro@google.com>
This information can be used to tune ext4 stripe and stride in the
userdata partition for better performance
Test: Build & flash userdata, confirm correct stripe & stride values
Bug: 33243520
Change-Id: Ia97cdd2d0239c3484b895fce49299f692ef911d8
Signed-off-by: Connor O'Brien <connoro@google.com>
e2fsdroid is needed to create ext4 images with mke2fs. Also pack both
sets of mke2fs and make_ext4fs tools into otatools.zip. Because we use
the latest otatools.zip to create OTAs, which needs to handle
target_files.zip using either of them.
Bug: 34126605
Test: `m otatools-package` and check it has e2fsdroid and make_ext4fs.
Test: Use otatools.zip to sign a TF.zip that defines
TARGET_USES_MKE2FS={true,false}.
Change-Id: I9967e4f078cbe912914c6c511681cba82356ae8e
Add support for specifying number of inodes when creating
system, vendor, oem partitions. These are all read-only
and have no use for extra inodes. Removing extra inodes
saves a lot of space.
Bug: 32246383
Bug: 33252070
Bug: 33428604
Change-Id: I13f1d4614b64a4abc752c42a1c65d3d151481c21
HOST_OUT_EXECUTABLES is already added to the PATH variable,
so it is not needed to add the path info for binaries in
misc_info.txt and <partition>_image_info.txt.
Earlier the mkuserimg item in the build_image dictionary is
hardcoded to "mkuserimg.sh", but now it is customized for
mkuserimg.sh and mkuserimg_mke2fs.sh, and maintained in
dictionary "ext_mkuserimg=$(MKEXTUSERIMG)" in misc_info.txt
and <partition>_image_info.txt, where it is used in the
build_image script while creating the images.
The problem here is the value for this key is set to build
path of the file mkuserimg file
$(HOST_OUT_EXECUTABLES)/mkuserimg.sh,
i.e. out/host/linux_x86/bin/mkuserimg.sh,
there by standalone signing the images using otatools is
not working as the executables are packed in bin folder.
Test: tools/releasetools/sign_target_files_apks
-p <extracted ota-tools.zip folder>
--extra_signapk_args=-f /etc/opt/cert_data.dat
-v
--replace_verity_private_key ~/build/target/product/security/verity
--replace_verity_public_key ~/build/target/product/security/verity.x509.pem
-k <key maping>
<input target files zip>
<output target files zip>
Change-Id: I57af1025ec38f3794f779c49faa0bf965afc6a5d
Added the missing shared library libpcre2.so for make_ext4fs
in the otatools.zip.
Standalone signing the images with otatools zip is not working
due to missing library for make_ext4fs.
Test: tools/releasetools/sign_target_files_apks
-p <extracted ota-tools.zip folder>
--extra_signapk_args=-f /etc/opt/cert_data.dat
-v
--replace_verity_private_key ~/build/target/product/security/verity
--replace_verity_public_key ~/build/target/product/security/verity.x509.pem
-k <key maping>
<input target files zip>
<output target files zip>
Change-Id: I4fc71a1c710f3075bb3bdb90d915538526004ee6
Add build targets for split sepolicy files so they'll appear in the root dir for
on-device compilation. nonplat_sepolicy will eventually be removed as it should
be provided by a different partition. Also replace sepolicy.recovery with the
appropriate split components.
Bug: 31363362
Test: Policy builds on-device and boots.
Change-Id: I017dabe6940c3cd20de6c00bb5253274d5a9269b
Add support for specifying number of inodes when creating
system, vendor, oem partitions. These are all read-only
and have no use for extra inodes. Removing extra inodes
saves a lot of space.
Bug: 32246383
Change-Id: I13f1d4614b64a4abc752c42a1c65d3d151481c21
(cherry picked from commit b59eca3586)
We are investigating replacing make_ext4fs with the upstream tool mke2fs.
To mitigate the trouble that may arise if the new tool behave differently
compared to the old one, there will be a transition period.
Devices that want to use the new way of creating ext4 images can set the
variable "TARGET_USES_MKE2FS" to true in their BoardConfig.mk
By default, the build system will choose the old tool 'make_ext4fs'.
Test: m otapackage with TARGET_USES_MKE2FS={,false,true}
Change-Id: I282bcb9efe335a86c53986283090ca947d65c7f8
Add support for specifying number of inodes when creating
system, vendor, oem partitions. These are all read-only
and have no use for extra inodes. Removing extra inodes
saves a lot of space.
Bug: 32246383
Change-Id: I13f1d4614b64a4abc752c42a1c65d3d151481c21
Adds installed-files.json in addition to installed-files.txt
Further sorts the file list to be ordered within the same size bucket.
Test: manual, cross-checked checksums with sha256sum utility
checked build outputs.
Bug: 19988819
Merged-in: Ifb632eb4df65ec48645c8f93e36bae44ccc52ba8
Change-Id: Ifb632eb4df65ec48645c8f93e36bae44ccc52ba8
Signed-off-by: Sasha Levitskiy <sanek@google.com>
Adds installed-files.json in addition to installed-files.txt
Further sorts the file list to be ordered within the same size bucket.
Test: manual, cross-checked checksums with sha256sum utility
checked build outputs.
Bug: 19988819
Merged-in: Ifb632eb4df65ec48645c8f93e36bae44ccc52ba8
Change-Id: Ifb632eb4df65ec48645c8f93e36bae44ccc52ba8
Signed-off-by: Sasha Levitskiy <sanek@google.com>
Adds installed-files.json in addition to installed-files.txt
Further sorts the file list to be ordered within the same size bucket.
Test: manual, cross-checked checksums with sha256sum utility
checked build outputs.
Bug: 19988819
Change-Id: Ifb632eb4df65ec48645c8f93e36bae44ccc52ba8
Signed-off-by: Sasha Levitskiy <sanek@google.com>
Often BOARD_USES_RECOVERY_AS_BOOT is used together with
BOARD_BUILD_SYSTEM_ROOT_IMAGE, but with this combination we're currently
not adding a hash footer to boot.img. Fix this.
Bug: 31119415
Test: Built with BOARD_USES_RECOVERY_AS_BOOT set to true and inspected images.
Merged-In: If033e5c93f5b71fd17405af7d970dc3f0540a1d2
Change-Id: I2f10bbffb0ba2467d53e3e62d5379c3ab7236063
Often BOARD_USES_RECOVERY_AS_BOOT is used together with
BOARD_BUILD_SYSTEM_ROOT_IMAGE, but with this combination we're
currently not adding a hash footer to boot.img. Fix this.
Bug: 31119415
Test: aosp_x86_64-eng 'm' and 'm dist' successful.
Change-Id: If033e5c93f5b71fd17405af7d970dc3f0540a1d2
Instead of using rot13 / rot26, use the Kati extension to mark these
variables as readonly.
Move $(strip) for a few variables to before they're marked readonly. Use
a different variable for modifications to BOARD_KERNEL_CMDLINE in
build/core/Makefile.
Test: build/tools/kati_all_products.mk on AOSP and internal master
Test: build-aosp_bullhead.ninja the same before / after
Change-Id: If98b24af763831a9c5c2de38037a69ab1bf9e023
Bug: 31182185
Bug: 31240674
Test: m dist in an unbundled branch
(cherry picked from commit b6c061e9ff)
Change-Id: I7ee1ba076cfa03f294f8231f6bdd8fa8df5557af
While the system.img images currently built with AVB support verify
correctly, mounting the filesystem content fails. This is because
'avbtool add_hashtree_footer' used to claim some of the unused /
DONT_CARE space for stashing the verity tables and this resulting in the
mapped device ending up being smaller causing the mount failure.
Fix this by leaving enough room for AVB hashtree and metadata before
building the image. This is achieved by moving the AVB hashtree support
into build_image.py and using a just added '--calc_max_image_size'
option to 'avbtool add_hashtree_footer' to figure out how much space to
leave out.
This depends on https://android-review.googlesource.com/#/c/281821/
Bug: 31264226
Test: Mounting dm-verity set up from system.img now works.
Merged-In: I4c5de1004c1059f8c582e76b3b8517d427aa1a87
Change-Id: I945a5f1f6782791736cd319f216cfa6b448fb04d
So that we can get to the contents of userdata from the build server
without extracting the image.
Bug: 27719200
Test: m userdatatarball dist
(cherry-picked from 69af2e4102)
Change-Id: I1438597bd29df80665571f7dc3b4957b9adde870
While the system.img images currently built with AVB support verify
correctly, mounting the filesystem content fails. This is because
'avbtool add_hashtree_footer' used to claim some of the unused /
DONT_CARE space for stashing the verity tables and this resulting in the
mapped device ending up being smaller causing the mount failure.
Fix this by leaving enough room for AVB hashtree and metadata before
building the image. This is achieved by moving the AVB hashtree support
into build_image.py and using a just added '--calc_max_image_size'
option to 'avbtool add_hashtree_footer' to figure out how much space to
leave out.
This depends on https://android-review.googlesource.com/#/c/281821/
Bug: 31264226
Test: aosp_x86_64-eng 'm' and 'm dist' successful.
Change-Id: I4c5de1004c1059f8c582e76b3b8517d427aa1a87
This updates the build system for the new Android Verified Boot
codebase. As this is based on Brillo Verified Boot, this change replaces
the existing BVB support.
Android Verified Boot is enabled by the BOARD_AVB_ENABLE variable
BOARD_AVB_ENABLE := true
This will make the build system create vbmeta.img which will contain a
hash descriptor for boot.img, a hashtree descriptor for system.img, a
kernel-cmdline descriptor for setting up dm-verity for system.img and
append a hash-tree to system.img.
Additionally, the descriptors are left in boot.img and system.img so a
third party can create their own vbmeta.img file linking - using the
option --chain_partition - to these images. If this is not needed
footers can be erased using the 'avbtool erase_footer' command. It's
also harmless to just leave them in the images.
By default, the algorithm SHA256_RSA4096 is used with a test key from
the AVB source directory. This can be overriden by the
BOARD_AVB_ALGORITHM and BOARD_AVB_KEY_PATH variables to use e.g. a
4096-bit RSA key and SHA-512:
BOARD_AVB_ALGORITHM := SHA512_RSA4096
BOARD_AVB_KEY_PATH := /path/to/rsa_key_4096bits.pem
To prevent rollback attacks, the rollback index should be increased on a
regular basis. The rollback index can be set with the
BOARD_AVB_ROLLBACK_INDEX variable:
BOARD_AVB_ROLLBACK_INDEX := 5
If this is not set, the rollback index defaults to 0.
The variable BOARD_AVB_MAKE_VBMETA_IMAGE_ARGS can be used to specify
additional options passed to 'avbtool make_vbmeta_image'. Typical
options to be used here include '--prop', '--prop_from_file', and
'--chain_partition'.
The variable BOARD_AVBTOOL_BOOT_ADD_HASH_FOOTER_ARGS can be used to
specify additional options passed to 'avbtool add_hash_footer' for
boot.img. Typical options to be used here include '--hash_algorithm' and
'--salt'.
The variable BOARD_AVBTOOL_SYSTEM_ADD_HASHTREE_FOOTER_ARGS can be used
to specify additional options passed to 'avbtool add_hashtree_footer'
for systems.img. Typical options to be used here include
'--hash_algorithm', '--salt', and '--block_size'.
BUG=31264226
TEST=Manually tested on edison-eng by inspecting {boot, system,
vbmeta}.img in out/ directory as well as their counterparts in
the IMAGES/ directory of edision-target_files-eng.zeuthen.zip
Merged-In: Ic9a61cfc65c148b12996e57f04da5432eef6b982
Change-Id: I97042655bca15e7eac899f12c5bada2f6184d307
This updates the build system for the new Android Verified Boot
codebase. As this is based on Brillo Verified Boot, this change replaces
the existing BVB support.
Android Verified Boot is enabled by the BOARD_AVB_ENABLE variable
BOARD_AVB_ENABLE := true
This will make the build system create vbmeta.img which will contain a
hash descriptor for boot.img, a hashtree descriptor for system.img, a
kernel-cmdline descriptor for setting up dm-verity for system.img and
append a hash-tree to system.img.
Additionally, the descriptors are left in boot.img and system.img so a
third party can create their own vbmeta.img file linking - using the
option --chain_partition - to these images. If this is not needed
footers can be erased using the 'avbtool erase_footer' command. It's
also harmless to just leave them in the images.
By default, the algorithm SHA256_RSA4096 is used with a test key from
the AVB source directory. This can be overriden by the
BOARD_AVB_ALGORITHM and BOARD_AVB_KEY_PATH variables to use e.g. a
4096-bit RSA key and SHA-512:
BOARD_AVB_ALGORITHM := SHA512_RSA4096
BOARD_AVB_KEY_PATH := /path/to/rsa_key_4096bits.pem
To prevent rollback attacks, the rollback index should be increased on a
regular basis. The rollback index can be set with the
BOARD_AVB_ROLLBACK_INDEX variable:
BOARD_AVB_ROLLBACK_INDEX := 5
If this is not set, the rollback index defaults to 0.
The variable BOARD_AVB_MAKE_VBMETA_IMAGE_ARGS can be used to specify
additional options passed to 'avbtool make_vbmeta_image'. Typical
options to be used here include '--prop', '--prop_from_file', and
'--chain_partition'.
The variable BOARD_AVBTOOL_BOOT_ADD_HASH_FOOTER_ARGS can be used to
specify additional options passed to 'avbtool add_hash_footer' for
boot.img. Typical options to be used here include '--hash_algorithm' and
'--salt'.
The variable BOARD_AVBTOOL_SYSTEM_ADD_HASHTREE_FOOTER_ARGS can be used
to specify additional options passed to 'avbtool add_hashtree_footer'
for systems.img. Typical options to be used here include
'--hash_algorithm', '--salt', and '--block_size'.
Bug: 31264226
Test: aosp_x86_64-eng 'm' and 'm dist' successful.
Change-Id: Ic9a61cfc65c148b12996e57f04da5432eef6b982
Standardize symlinking /system/vendor -> /vendor for aosp_* devices,
since some /vendor binaries still use /system/vendor/... paths.
Support using a prebuilt vendor image and including it into all the
normal packaging steps.
Bug: 31545062
Bug: 28987532
Change-Id: I27040e8a8d1df0777e16cd1e3c3a9f1b28695e96
Native coverage is enabled by setting NATIVE_COVERAGE to true
and specifying a list of paths in the COVERAGE_PATHS
environment variable. Files are exported to a zip file in the
target out directory.
Change-Id: I66a2ddd88e849bec1cc0cdae1b51fe18a007e2c3
The output will be in the `m dist` results as soong_to_convert.txt, or
can be built using:
$ m $OUT/soong_to_convert.txt
The output is a list of modules that are probably ready to convert to
Soong:
# Blocked on Module (potential problems)
283 libEGL (srcs_dotarm)
246 libicuuc (dotdot_incs dotdot_srcs)
221 libspeexresampler
215 libcamera_metadata
...
0 zram-perf (dotdot_incs)
The number at the beginning of the line shows how many native modules
depend on that module.
All of their dependencies have been satisfied, and any potential
problems that Make can detect are listed in parenthesis after the
module:
dotdot_srcs: LOCAL_SRC_FILES contains paths outside $(LOCAL_PATH)
dotdot_incs: LOCAL_C_INCLUDES contains paths include '..'
srcs_dotarm: LOCAL_SRC_FILES contains source files like <...>.c.arm
aidl: LOCAL_SRC_FILES contains .aidl sources
dbus: LOCAL_SRC_FILES contains .dbus-xml sources
objc: LOCAL_SRC_FILES contains Objective-C sources
proto: LOCAL_SRC_FILES contains .proto sources
rs: LOCAL_SRC_FILES contains renderscript sources
vts: LOCAL_SRC_FILES contains .vts sources
Not all problems can be discovered, but this is a starting point.
Change-Id: I45674fe93fd267d4d1fb0bc3bc9aa025e20c5ac6
So that we can get to the contents of userdata from the build server
without extracting the image.
Bug: 27719200
Test: m userdatatarball dist
Change-Id: I1438597bd29df80665571f7dc3b4957b9adde870
soong_zip parallelizes the compression when creating a zip file, which
makes these packaging steps far shorter.
zip2zip skips the decompression and recompression during the -img- file
creation.
For an aosp_arm64-eng aosp/master build:
target_files.zip: 92s to 60s
symbols.zip: 147s to 7s
img.zip: 64s to 0.5s
There's still room to parallelize the image compression during
target_files.zip (add_img_to_target_files step takes most of the time)
Change-Id: I7b6a91e4a7dbeda2e49ca936b10181cff2f973d7
The update-payload-key is required to verify the contents of the OTA in
recovery while sideloading an update.
Bug: 27178350
TEST=`make` builds a boot.img with the payload key in recovery.
(cherry picked from commit c6ebe9fcd7)
Change-Id: I0128d7f684d32201e227acce798b25f12982eaaa
The update-payload-key is required to verify the contents of the OTA in
recovery while sideloading an update.
Bug: 27178350
TEST=`make` builds a boot.img with the payload key in recovery.
Change-Id: I04616979023b84aa4a1feb6916db2b2725b25c54
Allow device config provide extra steps when preparing recovery
For example: have limited space in recovery partition and
need remove /sbin binaries that are not used in recovery mode
Bug: 30304868
Change-Id: I3890b635f4625e6e39d52ca326f92206641bbea7
Creates a build_system_stats.txt build artifact that contains statistics
on how many BUILD_* modules are defined in a build. Also writes out
information about the Soong module types sent from the Soong build.
Merged-In: Iaf0c7062f542dc6942b5349854f3d49267cac4a5
Change-Id: Iaf0c7062f542dc6942b5349854f3d49267cac4a5
libbrillo-http was actually never used but it was being liked into
delta_generator anyway.
Bug: None
TEST=`lddtree delta_generator` doesn't show librillo-http.
Change-Id: I69ac66c87847d925b5798cf261c79466a3ff432a
This reverts commit ef31fc6477.
It's now using unique_host_soname to use a different installed name,
but keeping the libevent module name.
Change-Id: I1cb6e8e670636089993054236b089da059629da1
There's no need to use a different name for target and host modules, and
in Soong, it's better to use the same for both.
Change-Id: Ib2d8d0cc8a1e0f7f95d7c2795a360f02d946fa1a
Verity is not enabled in eng builds. Pass the build variant so
that kernel does not try to enable verity in eng builds
BUG:29276559
Change-Id: I7f412196ac59aa63e91c21d825ad15bae9f51691
Extracts keyid inline using openssl commands.
The keyid is passed as one of the kernel command line parameters
for the dm-android-verity module to mount root fs(system)
with verity enabled.
(cherry-picked from 3af315aed5https://googleplex-android-review.git.corp.google.com/#/c/1061691/)
BUG: 28384658
Change-Id: I8efbe1b0e415ef1d396f9b51cfa4b3fa01b22484
For AB devices, support flashing two system partitions for factory use.
The normal system image on one partition, but without dex preopt. And a
system_other image that just contains the odex files. The dex files will
not be stripped out of the system image, in case the second system
partition is wiped.
Setting BOARD_USES_SYSTEM_OTHER_ODEX := true in the BoardConfig.mk
enables this behavior.
One can control which directories are placed in system_other by the
SYSTEM_OTHER_ODEX_FILTER configuration variable. Currently we default
to only copying only app and priv-app odexs.
Bug: 29278988
Change-Id: I7f4e87da919e7dc6a89fd8c668193cd4e98631bc
Verity is not enabled in eng builds. Pass the build variant so
that kernel does not try to enable verity in eng builds
BUG:29276559
Change-Id: I7f412196ac59aa63e91c21d825ad15bae9f51691
Standardize symlinking /system/vendor -> /vendor for aosp_* devices,
since some /vendor binaries still use /system/vendor/... paths.
Support using a prebuilt vendor image and including it into all the
normal packaging steps.
Bug: 28987532
Change-Id: I27040e8a8d1df0777e16cd1e3c3a9f1b28695e96
We recently moved Brillo verified boot from system/bvb to external/bvb
so update the path accordingly.
TEST=Build with 'BOARD_BVB_ENABLE := true' succeeds.
BUG=29099910
Change-Id: I66f3b90e23d6b2afc09f81af571ede7b573325e9
TARGET_RECOVERY_BRICK specifies the file that lists all the partitions
to be bricked under recovery. The file, if present, will be copied to
'$(TARGET_RECOVERY_ROOT_OUT)/etc/recovery.brick'.
Bug: 27253717
Change-Id: Id84195b5ee1031a83bf7a077be070a3728416580
(cherry picked from commit 3051f4f11a)
TARGET_RECOVERY_BRICK specifies the file that lists all the partitions
to be bricked under recovery. The file, if present, will be copied to
'$(TARGET_RECOVERY_ROOT_OUT)/etc/recovery.brick'.
Bug: 27253717
Change-Id: Id84195b5ee1031a83bf7a077be070a3728416580
Extracts keyid inline using openssl commands.
The keyid is passed as one of the kernel command line parameters
for the dm-android-verity module to mount root fs(system)
with verity enabled.
BUG: 28384658
Change-Id: I8efbe1b0e415ef1d396f9b51cfa4b3fa01b22484
rsync will complain due to broken cache symlink on devices
without cache partition when creating the recovery disk.
Recovery does not depend on /cache.
Bug: 28747374
Change-Id: Ie2dc6e84194fbc3bbb39fe59ef92a6e8936b71e2
am: eac63ed087
* commit 'eac63ed087e7e84a80ddc6c45d2f21bfae5617b0':
Correct some dependencies around zip packages
Change-Id: I783119bdce2044473c96c680cd035d131604dc94
am: a22d0a88ba
* commit 'a22d0a88ba74bba43a8683e542b5f46eb9afce22':
Include BRILLO_VENDOR_PARTITIONS in target zip generation
Change-Id: I44390a1512b24880183d40d35087409b9693435f
This change will enable the target zip to include partition defined in
BRILLO_VENDOR_PARTITIONS. This is necessary for OTA to support
partitions other than boot and system in ab_partitions.txt.
The target zip will include images in BRILLO_VENDOR_PARTITIONS if
defined, under VENDOR_IMAGES/ with path kept. Also any vendor partitions
defined in AB_OTA_PARTITIONS will be copied to IMAGES/ in the target zip.
BUG: 28623063
Change-Id: Ic479048dfb8ac506acf827865e784fcb0432a1d5
Add scripts which creates these packages to their dependencies.
$(SYMBOLS_ZIP) contains symbol info of the updater binary so
it should depend on it.
Bug: 27954979
Change-Id: If78746ec843dd57fe5fdda3ed504a12bb298ea1d
am: eb06b4d3b3
* commit 'eb06b4d3b3862759ca15e9c52802808debc0a295':
Include vendor partitions in target zip generation
Change-Id: I9646c90fbe5c57a1f8c6022b8aad03f4e19f56e7
This change will enable the target zip to include partition defined in
BRILLO_VENDOR_PARTITIONS. This is necessary for OTA to support
partitions other than boot and system in ab_partitions.txt.
BUG: 28623063
Change-Id: I6e0969c31c9ad2e8285c6f560825c160aa8c4d55
Pack the base_fs files ({system,vendor}.map) into target_files.zip,
which would be needed when rebuilding the images at signing.
Reset the base_fs paths to point to the files in META/.
Also add blk_alloc_to_base_fs into otatools.zip.
Bug: 27698960
Change-Id: If4eb274b3f3d839c4365624f46f0dc89bd2fa440
The following tools are essential to create squashfs and f2fs images
during signing (if applicable).
squashfs: mksquashfs and mksquashfsimage.sh
f2fs: make_f2fs and mkf2fsuserimg.sh
Bug: 28179154
Change-Id: Ia48bc6d9a40d2667bc6f2c973bd0c55eed7a06fc
(cherry picked from commit cffaf73f84)
The following tools are essential to create squashfs and f2fs images
during signing (if applicable).
squashfs: mksquashfs and mksquashfsimage.sh
f2fs: make_f2fs and mkf2fsuserimg.sh
Bug: 28179154
Change-Id: Ia48bc6d9a40d2667bc6f2c973bd0c55eed7a06fc
To generate partition tables in the Android build system, simply add
the path to a .bpt file to the BOARD_BPT_INPUT_FILES variable.
BOARD_BPT_INPUT_FILES += "hardware/bsp/vendor/soc/board/board-specific.bpt"
The variable BOARD_BPT_DISK_SIZE can be used to specify or override
the disk size, for example:
BOARD_BPT_DISK_SIZE := "10 GiB"
Additional arguments to 'bpttool make_table' can be specified in the
variable BOARD_BPT_MAKE_TABLE_ARGS.
If BOARD_BPT_INPUT_FILES is set, the build system generates two files
partition-table.img
partition-table.bpt
in ${ANDROID_PRODUCT_OUT} using 'bpttool make_table'. The former is
the binary partition tables generated using bptool's --output_gpt
option and the latter is a JSON file generated using the --output_json
option. These files will also be put in the IMAGES/ directory of
target-files.zip when running 'm dist'.
BUG=27831397
TEST=Manually tested.
Change-Id: Iedd15354afb2dd483dcb9bc001360b2a37fd6dc0
