Bug: http://b/72642679
Store missing profile files and the modules that refer to them, passed
via SOONG_MODULES_MISSING_PGO_PROFILE_FILE variable, to
$DIST_DIR/pgo_profile_file_missing.txt as part of the 'dist' target.
Test: 'm dist' and verify creation of pgo_profile_file_missing.txt.
Change-Id: I4ac0a1f413cbb99b33ad1903aeebd3ebcf3b9f59
Some of the dependencies for target-files-package were
refactored but only partially. Since these are satisfied
by transitive dependencies, the problem wasn't noticed
earlier.
Bug: N/A
Test: target-files-package finds dependencies
Change-Id: Ibdd7587f87735148e55d3b9835478075b6547efc
- until PRODUCT_NOTICE_SPLIT is the default
- disallow PRODUCT_NOTICE_SPLIT_OVERRIDE because it
doesn't need to be differentiated.
Bug: 69865032
Test: manual
Change-Id: I4a29c298862fc9fab51755bf19f236f61fbd784d
PLATFORM_VNDK_VERSION means the VNDK version that current build
provides. This value will be set to PLATFORM_SDK_VERSION once the
version is release. Otherwise, it will be set to "current".
Bug: 69883025
Test: device boot
Change-Id: I3fde4943aa062d9d148a3d7fc2798948870a48c6
This is only used in file-based OTA, where we may reserve space on
/system partition. With the deprecation of file-based OTA since O, the
code has become obsolete.
Test: `m dist`
Change-Id: I2bd686b292f93b566fe28a2bcd74c564ffc75dac
This also updates mkf2fsuserimg.sh to call sload.f2fs.
Change-Id: I245f6b3dfcd966fbc6783329d781375879fcd065
Signed-off-by: Jaegeuk Kim <jaegeuk@google.com>
In some non-A/B setups, recovery.img is still being used. If AVB is
enabled, we currently don't add a hash footer to recovery.img nor do
we include the hash digest in vbmeta.img. This CL fixes that.
This was tested on a build with the following settings
TARGET_NO_RECOVERY := false
BOARD_USES_RECOVERY_AS_BOOT := false
BOARD_BUILD_SYSTEM_ROOT_IMAGE := false
BOARD_RECOVERYIMAGE_PARTITION_SIZE := 33554432
BOARD_AVB_RECOVERY_ADD_HASH_FOOTER_ARGS := --prop foo:bar
and then it was verified using 'avbtool info_image' that recovery.img
has a hash footer and a 'foo' property with the value 'bar'. This was
also checked successfully for vbmeta.img.
Test: See above.
Bug: None
Change-Id: I98124d5661ea768411416fa8d2a2ae6cc664fdc8
The test rather than the build system needs to check
the files according to the versions of the provided
device (and it does so now).
Fixes: 69864925
Test: clean revert, manual
(revert of cb5b8d2d47)
Change-Id: I1922190bfadca74d0652440fe61e29f22a846cf7
Bug: 65227202
Test: make dist, checks vbmeta.img is included in <product>-img.zip
Merged-In: I3e09f036441bcf7e98d8f76360df1e17466ae38e
Change-Id: I3e09f036441bcf7e98d8f76360df1e17466ae38e
(cherry picked from commit 6bbb11a620)
This change fixes the following warning message:
WARNING: out/target/product/$(TARGET_DEVICE)/boot.img approaching \
size limit (33554432 now; limit 33554432)
This is because AVB signing will increase boot.img to
BOARD_BOOTIMAGE_PARTITION_SIZE, in order to place the AVB metadata at
the end of the partition. We should check max image size first then use
avbtool to sign it.
The max allowed size will be (partition size - AVB_HASH_META_SIZE) when
AVB is enabled.
Note that some projects don't have BOARD_{BOOT,RECOVERY}IMAGE_PARTITION_SIZE,
we should skip assert-max-image-size for it.
Finally, this CL also fixes the build error for `make bootimage-nodeps`
when AVB is used.
Bug: 69115400
Test: build and checks there is no size limit warning message
Change-Id: I54f28c6f1c9fe9ed88c1d73e5cb72b3693593f9b
* Skip Android.bp, prebuilt, and HEADER_LIBRARIES targets.
* If neither -Wno-error nor -Werror is used, add default -Wall -Werror.
However, if the build target is in a project
under one of ANDROID_WARNING_ALLOWED_PROJECTS, add only -Wall.
* Dump name of modules using -Wno-error or added -Wall -Werror
into file $(PRODUCT_OUT)/wall_werror.txt.
Bug: 66996870
Test: normal build
Change-Id: Ief8cf776e8613ed073a64dd271534688845d5c2c
This change fixes the following warning message:
WARNING: out/target/product/$(TARGET_DEVICE)/boot.img approaching \
size limit (33554432 now; limit 33554432)
This is because AVB signing will increase boot.img to
BOARD_BOOTIMAGE_PARTITION_SIZE, in order to place the AVB metadata at
the end of the partition. We should check max image size first then use
avbtool to sign it.
The max allowed size will be (partition size - AVB_HASH_META_SIZE) when
AVB is enabled.
Bug: 69115400
Test: build and checks there is no size limit warning message
Change-Id: If9545e64a0d1714a2ec2440f9bd38293e7b1ba9a
The deleted lines contain a bug that only writes "recovery_as_boot="
into META/misc_info.txt when the value is empty. The issue has no real
impact though, because a) it's no-op for targets not using
BOARD_USES_RECOVERY_AS_BOOT (e.g. non-A/B targets); b) for targets with
BOARD_USES_RECOVERY_AS_BOOT := true, the value gets written correctly as
part of the call to 'generate-userimage-prop-dictionary'.
Test: `m dist` on aosp_bullhead-userdebug. The line is gone from
META/misc_info.txt.
Test: `m dist` on aosp_marlin-userdebug. 'recovery_as_boot=true' exists
in META/Misc_info.txt.
Change-Id: I9b4d70d457e141aa308ba2e62e2033602c8012de
We don't have great alternatives for some of these use cases, so for now
just silence them, writing them to $OUT/product_copy_files_ignored.txt
(and if `dist' is specified, $DIST_DIR/logs/product_copy_files_ignored.txt)
Test: lunch aosp_arm-userdebug; m nothing
Test: lunch aosp_arm-userdebug; m dist
Change-Id: If0228bc8d907346e3505ae136cb477ef37a5c867
With the update of brotli to version 1.0.1 the new binary tool is now
called "brotli". This patch updates the scripts to use the new name.
Bug: 34220646
Test: `make dist`; ota_from_target_files on non-A/B device.
Change-Id: Ie8da4333388d029d5960a723a55efd875d8ee820
checkvintf will be used to verify compatibility of OTA packages.
Bug: 68327258
Test: `m -j dist` and inspect archive for checkvintf
Change-Id: I1d4cfcff537a03adee28d1e6ba9403a2e1635fe0
PRODUCT_SYSTEM_DEFAULT_PROPERTIES will be used to define system default
properties which should be installed in system partition.
Bug: 64661857
Test: confirmed that ART default properties are stored in
/system/etc/prop.default when they were defined in
PRODUCT_SYSTEM_DEFAULT_PROPERTIES.
Change-Id: Ia08c25d0c5805381c6e3fe63dd1d171e8d195b90
For now, vendor build properties are added into /system/build.prop
when property split isn't enabled.
So we have the duplicate codes to add them to /system/build.prop and
/vendor/build.prop case by case.
But either /vendor/build.prop or /system/vendor/build.prop can exist
always.
So this CL will install $(TARGET_OUT_VENDOR)/build.prop always and
remove the duplication.
Bug: 68115808
Test: tested on aosp_x86-userdebug
Change-Id: Ic734418890629d011c733c2d8d14739275e64a78
Duplicate essential product sysprops for manufacturer, model, brand, name, and device
from system on vendor so that mixed builds (vendor.img + GSI system.img) have correct
product information in their CTS/VTS reports.
Test: make
Bug: 64458205
Merged-In: Ib63b37772be493b9e035d9b7e8c5e2cf66f2fa8c
Change-Id: Ib63b37772be493b9e035d9b7e8c5e2cf66f2fa8c
(cherry picked from commit aea0f92ff3)
Shipping API level is associated with the vendor image. When
a device ships in, say, O and is then run against the O-MR1
GSI image, the shipping API level is currently reported as
the shipping API level which the GSI was built with. This means
that various tests and control flows assume that the image
is the newest possible image. However, this is not the case.
Bug: 67965044
Test: boot on pixel
Merged-In: If18cc99e2599957d88860e0902a99ff3f67e5fd8
Change-Id: If18cc99e2599957d88860e0902a99ff3f67e5fd8
(cherry picked from commit 9411f9b4dc)
ro.vndk.version property is VNDK version in vendor partition.
It is set to the value of BOARD_VNDK_VERSION at build time.
Bug: 66072863
Test: build & run
Change-Id: Iecaede005474c4179a8135cf967e5b5b5ebcb881
We have removed the 92 character limit on ro.build.fingerprint, so
there is no longer a reason to truncate ${USER} when generating
fingerprints.
Bug: 34954705
Test: boot bullhead and observe non-truncated username
Change-Id: If79bf1d5372f709c9c1725f860bc61b99e830751
Duplicate essential product sysprops for manufacturer, model, brand, name, and device
from system on vendor so that mixed builds (vendor.img + GSI system.img) have correct
product information in their CTS/VTS reports.
Test: make
Bug: 64458205
Change-Id: Ib63b37772be493b9e035d9b7e8c5e2cf66f2fa8c
This time wrapped with a check for the docs directory for unbundled
branches.
Test: make checkbuild
Bug: None
Change-Id: If80f0a03850d6cad3eab6d759af02ff2a7870974
Adding verified boot metadata with a "disable magic". The resulting
metadata at the end of each image (e.g., system.img, vendor.img) will
be the same as triggering an "adb disable-verity" on an USERDEBUG image.
This can help simplify the code on fs_mgr, which won't have to check if
current image is an ENG build or not.
Bug: 63056044
Test: boot sailfish eng/userdebug builds
Change-Id: I95d23ac7b76c04d6d4483c9c4dc1de16bf0d9c3a
Those dependencies are jars/apks on which we want to
uncompress their dexs.
bug: 30972906
bug: 63920015
Test: sailfish build
Change-Id: Ic96ffe9dbe39abc1c28e7de134892d689207c9ca
When checking *.img size with the partition size, the build system
reserves additional bits for spare bits and spare bad blocks.
However, for emmc and ufs, the space bits and blocks are entirely
managed by the underlying controller and thus not visible from outside
of the controller. In fact the check routine was made for legacy MTD
storages where raw flash blocks are directly exposed.
This makes the size checking a little bit conservative in modern devices.
Builds were failed even though the *.img can actually fit into the
partition. To handle this problem, the additional size is no longer
reserved when checking *.img size with the partition size.
This change also removes following build flags that are meaningful
only for devices having MTD storages:
BOARD_NAND_PAGE_SIZE
BOARD_NAND_SPARE_SIZE
Further use of them breaks the build
Bug: 35790399
Bug: 66399382
Test: build
Merged-In: I954bf261441b53844e75d05788866f1692a2ad43
Change-Id: I954bf261441b53844e75d05788866f1692a2ad43
When checking *.img size with the partition size, the build system
reserves additional bits for spare bits and spare bad blocks.
However, for emmc and ufs, the space bits and blocks are entirely
managed by the underlying controller and thus not visible from outside
of the controller. In fact the check routine was made for legacy MTD
storages where raw flash blocks are directly exposed.
This makes the size checking a little bit conservative in modern devices.
Builds were failed even though the *.img can actually fit into the
partition. To handle this problem, the additional size is no longer
reserved when checking *.img size with the partition size.
This change also removes following build flags that are meaningful
only for devices having MTD storages:
BOARD_NAND_PAGE_SIZE
BOARD_NAND_SPARE_SIZE
Further use of them breaks the build
Bug: 35790399
Bug: 66399382
Test: build
Merged-In: I954bf261441b53844e75d05788866f1692a2ad43
Change-Id: I954bf261441b53844e75d05788866f1692a2ad43
Remove all support for running jack.
Bug: 65302138
Test: m -j checkbuild
Change-Id: I1ef87c88af3f2689f8b0dcf1a01c958b16159631
Merged-In: I1ef87c88af3f2689f8b0dcf1a01c958b16159631
(cherry picked from commit 5db5d31d73)
Remove all support for running jack.
Bug: 65302138
Test: m -j checkbuild
Change-Id: I1ef87c88af3f2689f8b0dcf1a01c958b16159631
Merged-In: I1ef87c88af3f2689f8b0dcf1a01c958b16159631
(cherry picked from commit 5db5d31d73)
When making recovery image, it removes init*.rc under recovery root,
then copies init.recovery.*.rc from normal root to recovery root.
However, init.recovery.*.rc shouldn't exist in normal root because it
is only needed for recovery mode.
This change removes init*.rc under recovery root as before but skips
removing init.recovery.*.rc. So in device/*/*.mk, we can just copy
init.recovery.*.rc to recovery root without coping it to normal root
directory.
Bug: 65570851
Test: normal/recovery boot sailfish, checks init.recovery.sailfish.rc
only exists in recovery root.
Change-Id: I069596fe2192d9dcbbdf2b77079b93ede3ed39ae
The scripts will be needed by OTA releasetools, for parsing A/B OTA
payload.
Bug: 65261072
Test: `m otatools-package` and check for system/update_engine/scripts.
Change-Id: I5cb54561a5fb0454a37879ca20afa95b82ffdefe
Under SANITIZE_LITE, the default app_process is not instrumented.
Embedding sanitized libraries into APKs will lead to crashing apps.
So move second-stage APKs to /data/asan.
The tradeoff is that for now we won't run these sanitized binaries.
Adding support for that is future work.
Also do not do a rebuild of the boot image. This would invalidate
the first-stage results. Note that this is technically dangerous,
as stack overflow guard sizes will not be adapted for ASAN runs.
However, this is a general incompatibility.
Also do not rebuild system_other. Apps are not rebuilt, so it will
create an empty image.
(cherry picked from commit 481660ef34)
Bug: 36458146
Test: m && m SANITIZE_TARGET=address SANITIZE_LITE=true
Merged-In: I3898bc53cad264529f126e6bf0af9c6ca1736877
Change-Id: I3898bc53cad264529f126e6bf0af9c6ca1736877
When BOARD_PROPERTY_OVERRIDES_SPLIT_ENABLED is enabled, the build system
may attempt to create a symlink in TARGET_ROOT_OUT before TARGET_ROOT_OUT
is created. Also make the symbolic link depend on
INSTALLED_DEFAULT_PROP_TARGET so that the symbolic link is properly created
when only bootimage is made.
Bug: 63645797
Test: on non-A/B device, make installclean && make bootimag and then verify
that the symbolic link exists at $(TARGET_ROOT_OUT)/default.prop
Change-Id: Ied7b32abd7a5fd5456c4cb5ff68a56debe6254b7
(cherry picked from 58c1b0426f)
This change will be submitted with other changes moving adbd from
root/sbin to system/bin. We need to copy it specifically to recovery root.
Previously it was copied by rsync $(TARGET_ROOT_OUT) $(TARGET_RECOVERY_OUT).
Bug: 63910933
Test: normal boot sailfish, checks adb works
Test: recovery boot sailfish, checks adb works
Test: normal boot bullhead, checks adb works
Test: recovery boot bullhead, checks adb works
Change-Id: Ib49605f97a190aec2648cb000d1159b6e15db673
Merged-In: Ib49605f97a190aec2648cb000d1159b6e15db673
(cherry picked from commit 3147e7cfab)
This change will be submitted with other changes moving adbd from
root/sbin to system/bin. We need to copy it specifically to recovery root.
Previously it was copied by rsync $(TARGET_ROOT_OUT) $(TARGET_RECOVERY_OUT).
Bug: 63910933
Test: normal boot sailfish, checks adb works
Test: recovery boot sailfish, checks adb works
Test: normal boot bullhead, checks adb works
Test: recovery boot bullhead, checks adb works
Change-Id: Ib49605f97a190aec2648cb000d1159b6e15db673
Right now we add the '_asan' suffix to the build flavor whenever
SANITIZE_TARGET is defined. This patch ensures the suffix is only
added when SANITIZE_TARGET=address.
Test: Checked flavor of SANITIZE_TARGET=address and integer_overflow
builds.
Bug: 30969751
Bug: 64561273
Change-Id: Ie20340f81b395e0b6b5f8086350bbc20f83d5fa4
We add a compressed="$extension" attribute to an APK's entry if it's
compressed.
Bug: 64531948
Test: make dist
Change-Id: Ic3f95ed77f0bb16dec825bae944c70ee2d130657
AVB should be disabled for Treble VTS. Otherwise, OEM devices cannot boot
the generic system.img provided by Google.
Bug: 64055917
Test: Compiles and boot a device with the vbmeta.img
Change-Id: I0eaae7beebc8b901d0b4766c2cdc34a27ad02b59
This reverts commit 9b99ddc8a5.
and add syste-qemu.img to the dependency list of sdk target
BUG: 64235252
Test: build sdk target successfully
(cherry picked from commit f0d50bbef0)
Change-Id: I813233c7c3f06eb1eca18aad5ea890a55814eb1b
This reverts commit 9b99ddc8a5.
and add syste-qemu.img to the dependency list of sdk target
Test: build sdk target successfully
Change-Id: Idb0bee56275f3bfe33ba7d29463e4b8e0699ec33
For raw system.img and vendor.img do not have
partition table and init refuses to mount them
in first stage mounting.
For emulator build:
create partitioned system-qemu.img for system.img;
create partitioned vendor-qemu.img for vendor.img
if applicable.
Change-Id: I64fdcdafc303cf2f74a1e96653e7afe259f0af98
build-image-kernel-modules is defined under recovery macro
when build without recovery,the driver kos are not packed
into the vendor image
Test: build with TARGET_NO_RECOVERY on and set ko to be build
in BOARD_VENDOR_KERNEL_MODULES to see if kos are packed into
vendor image
Change-Id: I162ccb2fe50c09ece07b6b07e416721985228006
The mac implementation of sed has different requirements for the -i
option. Instead of using that, just redirect the output to the final
location of modules.dep, since it's being copied in the very next
line anyway.
Bug: 38268091
Test: run build with kernel modules on macOS
Merged-In: I49e4a1a69f01139ef47711ab1223d3a8e5cda568
Change-Id: I49e4a1a69f01139ef47711ab1223d3a8e5cda568
Brotli has a better compression ratio than deflation. So for non-AB
full OTA, we can compress the new.dat with brotli first and store it
in the zip package.
This increase the OTA generation time by ~5 minutes for a full OTA
(measured based on 2.0G system.new.dat)
Bug: 34220646
Test: Generate a full OTA for bullhead
Change-Id: I9c0550af8eafcfa68711f74290c8e2d05a96648f
Replace java -> $(JAVA), etc. to prepare for moving java binaries
out of the path and using full paths to them.
Test: builds
Bug: 62956999
Change-Id: I5dfcd0d4e855ecde69cd127169e9545e59723d12
Adding option "--padding_size 4096" in BOARD_AVB_MAKE_VBMETA_IMAGE_ARGS
instead of INTERNAL_AVB_MAKE_VBMETA_IMAGE_ARGS. The former setting will
be propogated to `make dist` while the latter is only used for `make`.
Bug: 38454093
Test: `make dist` and check vbmeta.img is being padded.
Merged-In: I929288b218761a4637a2a2ef0679d3ff85c70731
Change-Id: I929288b218761a4637a2a2ef0679d3ff85c70731
(cherry picked from commit 9e95beab31)
Adding option "--padding_size 4096" in BOARD_AVB_MAKE_VBMETA_IMAGE_ARGS
instead of INTERNAL_AVB_MAKE_VBMETA_IMAGE_ARGS. The former setting will
be propogated to `make dist` while the latter is only used for `make`.
Bug: 38454093
Test: `make dist` and check vbmeta.img is being padded.
Change-Id: I929288b218761a4637a2a2ef0679d3ff85c70731
There's already a to-lower function. Add a to-upper function to make
it complete.
Bug:36012197
Test: `make` pass, flash images from $OUT and boot device with chain
partitions
Change-Id: I39fe8c277a3cf6b87fc3c411eeab2fa5fb40007b
Radio images are added to INSTALLED_RADIOIMAGE_TARGET, which by default
will be packed under RADIO/ in a target_files zip. This CL introduces
BOARD_PACK_RADIOIMAGES that allows additionally copying them into
IMAGES/, which will then be included into <product>-img.zip.
Bug: 62195105
Test: Define BOARD_PACK_RADIOIMAGES and `m dist`. Check the generated
target_files zip and <product>-img.zip.
Change-Id: I3deafd2dfecd1d4dbfdfc2d002fc40ef22fb60ea
This patch tries to fix the problem where the default properties need
to go with the system image especially on non-AB devices where
/default.prop is on the ramdisk image. A symlink is created at
/default.prop for backward compatibility.
Bug: 37815285
Test: Tested with ag/2416542. Booted pixel phones, checked the location
of prop.default, verified the symlink, checked a few properties
(via adb shell getprop) and manually tested a few apps (Camera,
Maps etc).
sign_target_files_apks.py was tested with:
sign_target_files_apks -o -e DynamiteLoader.apk= -e DynamiteModulesA.apk= \
-e DynamiteModulesB.apk= -e DynamiteModulesC.apk= -e DynamiteModulesD.apk= \
-e GoogleCertificates.apk= out/dist/*-target_files-*.zip signed-target_files.zip
Booted to recovery and ran 'adb sideload' successfully.
Change-Id: I1a9a2ba49c8252afc13ced3dea71253afbd3091e
Merged-In: I1a9a2ba49c8252afc13ced3dea71253afbd3091e
(cherry-picked from 4fbbe4578bb10d54292d9b243edf4999fddf1c93)
This patch tries to fix the problem where the default properties need
to go with the system image especially on non-AB devices where
/default.prop is on the ramdisk image. A symlink is created at
/default.prop for backward compatibility.
Bug: 37815285
Test: Tested with ag/2416542. Booted pixel phones, checked the location
of prop.default, verified the symlink, checked a few properties
(via adb shell getprop) and manually tested a few apps (Camera,
Maps etc).
sign_target_files_apks.py was tested with:
sign_target_files_apks -o -e DynamiteLoader.apk= -e DynamiteModulesA.apk= \
-e DynamiteModulesB.apk= -e DynamiteModulesC.apk= -e DynamiteModulesD.apk= \
-e GoogleCertificates.apk= out/dist/*-target_files-*.zip signed-target_files.zip
Booted to recovery and ran 'adb sideload' successfully.
Change-Id: I1a9a2ba49c8252afc13ced3dea71253afbd3091e
We cannot cache the result of ($shell ...) and we have to run these on
every build even if we don't have to re-read the makefiles. Replace it
with make functions $(substr $(substr ... )).
Bug: 38399657
Test: `make` pass, flash images from $OUT and boot device with chain partitions
Merged-In: I6d4ff8e487931ba25008a2a881401a8951d4049e
Change-Id: I6d4ff8e487931ba25008a2a881401a8951d4049e
(cherry picked from commit e615afd6d0)
Current build system will include AVB metadata from each partition and
store them into /vbmeta partiton when BOARD_AVB_ENABLE is set, which makes
each partition tightly-coupled.
Add the support for 'chain partition':
- The vbmeta of each partition is stored on the same partition itself.
- The public key used to verify each partition is stored in /vbmeta.
For example, the following build variables are required to enable chain
partition for system partition:
- BOARD_AVB_SYSTEM_KEY_PATH := path/to/system_private_key
- BOARD_AVB_SYSTEM_ALGORITHM := SHA512_RSA8192
- BOARD_AVB_SYSTEM_ROLLBACK_INDEX := 1
- BOARD_AVB_SYSTEM_ROLLBACK_INDEX_LOCATION := 2
The corresponding settings will be added into META/misc_info.txt for
build_image.py and/or add_img_to_target_files.py:
- avb_system_key_path=path/to/system_private_key
- avb_system_algorithm=SHA512_RSA8192
- avb_system_add_hashtree_footer_args=--rollback_index 1
- avb_system_rollback_index_location=2
To enable chain partition for other partitions, just replace SYSTEM with
BOOT, VENDOR and/or DTBO in the build variables.
Also switch from `avbtool make_vbmeta_image --setup_rootfs_from_kernel system.img ...`
to `avbtool add_hashtree_footer --image system.img --setup_as_rootfs_from_kernel...`
when BOARD_BUILD_SYSTEM_ROOT_IMAGE is true. This works for both chained
and no-chained:
- chained: `avbtool add_hashtree_footer --setup_as_rootfs_from_kernel` will
add dm-verity kernel cmdline descriptor to system.img
- no-chained: `avbtool make_vbmeta_image --include_descriptors_from_image
system.img` will include the kernel cmdline descriptor from system.img into
vbmeta.img
Bug: 38399657
Test: `make` pass, flash images from $OUT and boot device without chain partitions
Test: `make` pass, flash images from $OUT and boot device with chain partitions
Test: `make dist` pass, flash images from TF.zip and boot device without chain partitions
Test: `make dist` pass, flash images from TF.zip and boot device with chain partitions
Test: follow the same steps in
https://android-review.googlesource.com/#/c/407572/
Change-Id: I344f79290743d7d47b5e7441b3a21df812a69099
Merged-In: I344f79290743d7d47b5e7441b3a21df812a69099
(cherry picked from commit 3e599ead66)
make sync will build everything necessary to adb sync system
and vendor, without wasting time rebuilding system.img and
vendor.img.
Test: m -j sync
Change-Id: I91c0012eed6d58a338393cc375056a30e2a24b09
We cannot cache the result of ($shell ...) and we have to run these on
every build even if we don't have to re-read the makefiles. Replace it
with make functions $(substr $(substr ... )).
Bug: 38399657
Test: `make` pass, flash images from $OUT and boot device with chain partitions
Change-Id: I6d4ff8e487931ba25008a2a881401a8951d4049e
Current build system will include AVB metadata from each partition and
store them into /vbmeta partiton when BOARD_AVB_ENABLE is set, which makes
each partition tightly-coupled.
Add the support for 'chain partition':
- The vbmeta of each partition is stored on the same partition itself.
- The public key used to verify each partition is stored in /vbmeta.
For example, the following build variables are required to enable chain
partition for system partition:
- BOARD_AVB_SYSTEM_KEY_PATH := path/to/system_private_key
- BOARD_AVB_SYSTEM_ALGORITHM := SHA512_RSA8192
- BOARD_AVB_SYSTEM_ROLLBACK_INDEX := 1
- BOARD_AVB_SYSTEM_ROLLBACK_INDEX_LOCATION := 2
The corresponding settings will be added into META/misc_info.txt for
build_image.py and/or add_img_to_target_files.py:
- avb_system_key_path=path/to/system_private_key
- avb_system_algorithm=SHA512_RSA8192
- avb_system_add_hashtree_footer_args=--rollback_index 1
- avb_system_rollback_index_location=2
To enable chain partition for other partitions, just replace SYSTEM with
BOOT, VENDOR and/or DTBO in the build variables.
Also switch from `avbtool make_vbmeta_image --setup_rootfs_from_kernel system.img ...`
to `avbtool add_hashtree_footer --image system.img --setup_as_rootfs_from_kernel...`
when BOARD_BUILD_SYSTEM_ROOT_IMAGE is true. This works for both chained
and no-chained:
- chained: `avbtool add_hashtree_footer --setup_as_rootfs_from_kernel` will
add dm-verity kernel cmdline descriptor to system.img
- no-chained: `avbtool make_vbmeta_image --include_descriptors_from_image
system.img` will include the kernel cmdline descriptor from system.img into
vbmeta.img
Bug: 38399657
Test: `make` pass, flash images from $OUT and boot device without chain partitions
Test: `make` pass, flash images from $OUT and boot device with chain partitions
Test: `make dist` pass, flash images from TF.zip and boot device without chain partitions
Test: `make dist` pass, flash images from TF.zip and boot device with chain partitions
Test: follow the same steps in
https://android-review.googlesource.com/#/c/407572/
Change-Id: I344f79290743d7d47b5e7441b3a21df812a69099
Adding option "--padding_size 4096" when making vbmeta.img.
Bug: 38454093
Test: build vbmeta.img and check it's being padded.
Change-Id: Id3ba6bf9998755bae75ec8b272ceccf59f4b8666
This reverts commit fad00e4318.
init fails to read default.prop under recovery:
init: Couldn't load properties from /default.prop: Too many symbolic links encountered
Bug: 62525809
Change-Id: I133e9025693e3e01278ec73c8d08860fc89d314b
This patch tries to fix the problem where the default properties need
to go with the system image especially on non-AB devices where
/default.prop is on the ramdisk image. A symlink is created at
/default.prop for backward compatibility.
Bug: 37815285
Test: Tested with ag/2376383. Booted pixel phones, checked the location
of prop.default, verified the symlink, checked a few properties
(via adb shell getprop) and manually tested a few apps (Camera,
Maps etc).
sign_target_files_apks.py was tested with:
sign_target_files_apks -o -e DynamiteLoader.apk= -e DynamiteModulesA.apk= \
-e DynamiteModulesB.apk= -e DynamiteModulesC.apk= -e DynamiteModulesD.apk= \
-e GoogleCertificates.apk= out/dist/*-target_files-*.zip signed-target_files.zip
Change-Id: I1a9a2ba49c8252afc13ced3dea71253afbd3091e
board_avb_algorithm and board_avb_key_path are overlapping with
avb_signing_args. In core/Makefile, only avb_signing_args (i.e.
INTERNAL_AVB_SIGNING_ARGS) will be used in the AVB-signing command. It
covers the contents in board_avb_{algorithm,key_path}. We should do the
same thing in tools/releasetools to avoid potential inconsistency.
This CL cleans up the logic in tools/releasetools, by always using
avb_signing_args. This also allows easier signing key replacement (so we
can replace the key/algorithm/signer in 'avb_signing_args').
board_avb_system_add_hashtree_footer_args is unused in releasetools
script, and the same information has been covered by
system_avb_add_hashtree_footer_args. This CL removes this arg as well.
Test: `m dist`. Then a) check the removed three args no longer exist in
META/misc_info.txt; b) check that rebuilding images with
add_img_to_target_files.py uses the same parameters.
Change-Id: I7db890b5c942de5b6868d8d1ebf937586d4729c0
This is a step to enable signing a given target_files zip with release
keys.
When calling sign_target_files_apks.py, we will delete all the entries
under IMAGES/ in order to re-generate them (with the proper release
keys). In order to support that, we need to pack everything in need into
TF.zip.
Steps to test the CL.
a) Choose a target that has both AVB and DTBO enabled.
$ m dist
b) Check IMAGES/dtbo.img and PREBUILT_IMAGES/dtbo.img both exist in the
generated out/dist/TF.zip.
c) Remove the entries under IMAGES/ from the generated TF.zip.
$ zip -d TF.zip IMAGES/\*
d) Re-generate the images with TF.zip.
$ build/make/tools/releasetools/add_img_to_target_files.py TF.zip
e) Check that IMAGES/dtbo.img is re-generated, and it's identical to the
image in b). Note that by default the re-generated image will carry a
different footer, because of the random salt. This CL is verified by
specifying the same salt.
Bug: 38315721
Test: see above.
Change-Id: I0bdc4e1cd4800962dc3902ca550dad6a8ca56c78
Also pack the test keys for easier testing.
Bug: 38315721
Test: m otatools-package and avbtool is present in otatools.zip.
Change-Id: Ieb63bf3f4bc211ef1f48ab278cb01b70845d06da
Test: make with corresponding configurations in BoardConfig.mk
- dtbo.img is copied to the OUT directory
- avbtool info_image --image dtbo.img shows avb hashes
- avbtool info_image --image vbmeta.img shows dtbo partition info
Bug: 37730955
Change-Id: If3edaab860926c743f18fd031c911b076eb09fab
(cherry picked from commit 211c90158c)
`make custom_images` supports to build different kinds of *non-droid* images,
e.g., odm.img. Adding the support of signing them with either AVB HASH footer
or AVB HASHTREE footer. The user can use HASH for small images and
HASHTREE for large images.
Sample signing configurations:
* AVB HASH footer:
- CUSTOM_IMAGE_AVB_HASH_ENABLE := true
- CUSTOM_IMAGE_AVB_ADD_HASH_FOOTER_ARGS := --append_to_release_string my_odm_image
* AVB HASHTREE footer:
- CUSTOM_IMAGE_AVB_HASHTREE_ENABLE := true
- CUSTOM_IMAGE_AVB_ADD_HASHTREE_FOOTER_ARGS := --fec_num_roots 8
* Using custom signing key:
- CUSTOM_IMAGE_AVB_ALGORITHM := SHA256_RSA2048
- CUSTOM_IMAGE_AVB_KEY_PATH := external/avb/test/data/testkey_rsa2048.pem
Bug: 36701014
Test: `make custom_images` with AVB HASH footer
Test: `make custom_images` with AVB HASHTREE footer
Test: `make droid` to check system.img is still properly signed with AVB HASHTREE
Test: `make droid` to check vendor.img is still properly signed with AVB HASHTREE
Change-Id: I8dc420e12e37e9a631345c0cd883339db05d489f
images. This is useful for device with low disk
space with different build variants.
This is a manual cherry-pick from aosp/master.
Bug: 37469715
Test: regular image builds successfully, errors occur
when the headroom size is greater than available
partition space.
Merged-In: I526cdd0f84981bbd16e3afcfe1cd7fc43dce98ef
Change-Id: I840d212bb46612074c43b39e94546901f60e4b4c
