Commit graph

23336 commits

Author SHA1 Message Date
Paul Scovanner
fff4e1f5a4 Update Security String to 2020-08-05 am: d4b7f4de4b
Original change: https://googleplex-android-review.googlesource.com/c/platform/build/+/11826025

Change-Id: I79b57da2c0387b33868dd36d3881d1d9ee3801b7
2020-06-10 21:01:31 +00:00
Paul Scovanner
d4b7f4de4b Update Security String to 2020-08-05
Bug: 158587413
Change-Id: I5f0b271fb5302e8c72024b49fb1a2ae5120821e0
2020-06-10 18:35:18 +00:00
Paul Scovanner
a26a678246 Update Security String to 2020-08-01 am: a4d5641a34
Original change: https://googleplex-android-review.googlesource.com/c/platform/build/+/11812416

Change-Id: Ic81f52a8bea6a2cba37f62ae00f42a8a130cf1b4
2020-06-10 16:56:15 +00:00
Paul Scovanner
a4d5641a34 Update Security String to 2020-08-01
Bug: 158587413
Change-Id: I21b16ed52ef9c7c26a671692c66b06855b147b16
2020-06-09 19:41:58 +00:00
Steve Muckle
d03ec51f38 fix spurious / on toplevel kernel module installations
When kernel modules are being put directly into lib/modules/ (as opposed
to lib/modules/<subdir>/), the empty part of the destination path causes
a target containing a redundant /. If the target is also added elsewhere
in the build without the redundant /, then rule merging will miss it,
and a build error will occur.

Bug: 158158635
Change-Id: I797addce760f4886166efa283302a53783581625
Merged-In: I797addce760f4886166efa283302a53783581625
2020-06-05 18:56:41 -07:00
Julien Desprez
7859593560 Add tradefed-test-framework to the suites exported jar
New jar that needs to be packaged for suites.

Test: make cts
Bug: 149758913
Bug: 156482663
Merged-In: If29508f3dd30939be603ed03f2536c960ca40d92
Change-Id: If50a1e76ffdb4651bf004b26eb111e113569c6c4
2020-06-05 23:08:17 +00:00
Sasha Smundak
8ae0c83259 Implement android_app_set module. am: eefa8e954e
Original change: https://googleplex-android-review.googlesource.com/c/platform/build/+/11718673

Change-Id: I661aed2c61ac4123c0e9a3d02c9da72ef3fac754
2020-06-05 17:38:07 +00:00
Pierre Couillaud
bb726614db Strip debug symbols from modules (fixup)
allow to also skip the stripping of the modules present in vendor
ramdisk when the BOARD configuration is set to skip the strip step.

there is also a shortcoming of this functionality: it currently assumes
the modules to strip are all created equal against the same arch in
particular, however this does not work for kernel modules which are
for mixed mode platforms, as example {kernel,android} == {aarch64,armv7}
because it will select the "android" mode strip which is unaware of the
kernel mode architecture.

Bug: 156395749
Bug: 155193290
Change-Id: I35ef51845224e94e3e253acdeb6bb14b990a401b
Signed-off-by: Pierre Couillaud <pierre@broadcom.com>
2020-06-03 23:44:37 +00:00
Steve Muckle
f6ce461f1f refactor kernel module build, add version support
Refactor the build support for kernel modules. This refactoring is
leveraged to add support for directories of kernel modules in each
partition. To add a directory of kernel modules, define
BOARD_KERNEL_MODULE_DIRS to include the directory name, for example:

BOARD_KERNEL_MODULE_DIRS := 5.4

The build will then check all the usual kernel module related macros
with an extension of _5.4, for example you can define

BOARD_VENDOR_KERNEL_MODULES_5.4 := <modules to copy>
BOARD_VENDOR_KERNEL_MODULES_ARCHIVE_5.4 = <path to archive file>
BOARD_VENDOR_KERNEL_MODULES_LOAD_5.4 := <modules for load list>

Bug: 157645635
Change-Id: I1687d0ec85c1dcf21350350623b4689aba3f6717
Merged-In: I1687d0ec85c1dcf21350350623b4689aba3f6717
2020-06-03 11:18:10 -07:00
Steve Muckle
7576d5e131 move BOARD_RECOVERY_KERNEL_MODULES_LOAD default
Moving this makes each of the partition's kernel module Makefile
generation more similar, enabling a forthcoming cleanup/refactoring.

If recovery-is-boot and there are kernel modules defined in
BOARD_GENERIC_RAMDISK_KERNEL_MODULES, those kernel modules will
now be included in the default assignment to
BOARD_RECOVERY_KERNEL_MODULES_LOAD. If this is not desired then
BOARD_RECOVERY_KERNEL_MODULES_LOAD may simply be set to
BOARD_RECOVERY_KERNEL_MODULES (or a custom list of recovery kernel
modules to load).

Bug: 157645635
Change-Id: Ia1392b7d20d07cee75420edd95dcee1dc825516e
Merged-In: Ia1392b7d20d07cee75420edd95dcee1dc825516e
2020-06-03 11:17:32 -07:00
Steve Muckle
2319129a88 move module list creation outside conditionals
Currently the two special-case calls to create just a module load list
(as opposed to copying a set of modules and creating a module load list)
are inside checks that the related board macro for the module set is not
empty.

While it would be incorrect to create a non-empty module load list with
an empty set of modules, this error would quickly surface at runtime.
More importantly, moving these out will permit refactoring this code to
clean it up.

Bug: 157645635
Change-Id: I199788d49072d4c59737b3ef2c75546852cf3e36
Merged-In: I199788d49072d4c59737b3ef2c75546852cf3e36
2020-06-03 11:16:31 -07:00
Steve Muckle
708435b557 fix reference to BOARD_ODM_MODULES_LOAD
This check is meant to initialize BOARD_ODM_KERNEL_MODULES_LOAD to
BOARD_ODM_KERNEL_MODULES if BOARD_ODM_KERNEL_MODULES_LOAD is empty.

Bug: 157645635
Change-Id: I9c8ac0e64bb002e926d15b446a63801d7cfa9911
Merged-In: I9c8ac0e64bb002e926d15b446a63801d7cfa9911
2020-06-03 11:15:52 -07:00
Sasha Smundak
eefa8e954e Implement android_app_set module.
Bug: 152319766
Test: manual and builtin
Change-Id: I66edc5b423898a11dbba1c3d9796c7bd4d6b4428
Merged-In: I66edc5b423898a11dbba1c3d9796c7bd4d6b4428
2020-06-03 09:50:48 -07:00
J. Avila
5ea1cf103f Merge "Add build support for LZ4 ramdisks" into rvc-dev 2020-05-31 15:55:08 +00:00
J. Avila
9600ace371 Add build support for LZ4 ramdisks
Ramdisks are currently compressed using gzip, which is generally
smaller, but slower to decompress than lz4. Provide an option for an
lz4 scheme to reduce the time taken to unpack initramfs during boot.

Bug: 156129966
Signed-off-by: J. Avila <elavila@google.com>
Merged-In: Iac9538e6ee6ec51e6b487de2101f53bb5d9c54c8
Change-Id: Iac9538e6ee6ec51e6b487de2101f53bb5d9c54c8
2020-05-29 22:46:31 +00:00
Baligh Uddin
1325034c81 Add apksigner to otatools.zip
BUG: 157735036
Test: Local build.
Change-Id: I3778021f94236b0ac09a33149f2872fb5f740be2
Merged-In: I95c7001ad520d6b4a415d21ffdef55152b0e82b2
2020-05-29 21:49:39 +00:00
TreeHugger Robot
20daf73fd9 Merge "Update auto-gen test config template with PARAMETERIZED_STRINGS placeholder" into rvc-dev 2020-05-28 06:12:35 +00:00
Mark Salyzyn
d702af1ef1 depmod: pair in a modules.load.recovery on BOARD_VENDOR_RAMDISK_RECOVERY_KERNEL_MODULES_LOAD
If the BoardConfig defined BOARD_VENDOR_RAMDISK_MODULES_LOAD and
BOARD_VENDOR_RAMDISK_RECOVERY_KERNEL_MODULES_LOAD, generate both a
modules.load and modules.load.recovery respectively on the vendor
ramdisk.  BOARD_VENDOR_RAMDISK_MODULES must be the set, or super set,
of all the modules represented in both of *_LOAD BOARD variables.

Signed-off-by: Mark Salyzyn <salyzyn@google.com>
Bug: 151950334
Test: build, confirm, fastboot flashall, boot with split.
Merged-In: Ib2925aec6ea7a2a01a554c808d6697d8c85f9fc0
Change-Id: Ib2925aec6ea7a2a01a554c808d6697d8c85f9fc0
2020-05-27 13:26:00 +00:00
TreeHugger Robot
0e5c584ba8 Merge "Generate product build props always" into rvc-dev 2020-05-27 04:46:06 +00:00
J. Avila
43872f0eb7 Strip debug symbols from modules
The size of the ramdisk has greatly increased, which can be a source of
boot time regressions. Strip the modules of debug symbols for the vendor
ramdisk and vendor partitions; vendor stripping can be skipped via BOARD
config.

Bug: 156395749
Signed-off-by: J. Avila <elavila@google.com>
Change-Id: I248d4e2097992f00975b344b5da41aa5d8016812
2020-05-26 14:38:43 +00:00
SzuWei Lin
509cd70f42 Generate product build props always
GSI do not build product partition, and contains the product
contents under /system/product/. Original logic do not generate
the product build props on this case.

The patch fixes the logic for product build props generation to
align the other partitions.

Bug: 157191627
Test: build aosp_arm64-userdebug
Test: check /system/product/build.prop in out folder
Change-Id: I350bbf8c024f747c86c6c54065d690f6b46f30c6
Merged-In: Ia88c8efecb18db9c27baa466e492bfd898b581d3
2020-05-25 05:46:53 +00:00
Hongguang Chen
d9edddd64d Add options to sign the prebuilt custom images.
The custom images are any images owned by OEMs and SoCs, oem images
mounted on /oem is an example. The oem images can be used to customize
devices for different carriers, like wallpaper, ringtones, and
carrier-specific apks. OEMs can generate multiple oem images, like
oem.img, oem-carrier1.img and oem-carrier2.img and flash different oem
images for different carriers. The oem images are only one case, OEMs
and SoCs can add more custom images and mount them to custom partitions.

This change enables custom images to be vbmeta.img chained partitions.
The following configuration in BoardConfig.mk is an exmaple. It has two
custom partitions: oem and test. They will be signed by different keys.
And they will be chained by vbmeta.img. The custom images here are
prebuilts, which can be built by `make custom_images` separately.
BOARD_AVB_<CUSTOM_PARTITION>_IMAGE_LIST should include all custom images
to apply AVB signing. And to every custom partition, one image whose
name is partition name must be added in its
BOARD_AVB_<CUSTOM_PARTITION>_IMAGE_LIST.

BOARD_CUSTOMIMAGES_PARTITION_LIST := oem test

BOARD_AVB_OEM_KEY_PATH := external/avb/test/data/testkey_rsa4096.pem
BOARD_AVB_OEM_ALGORITHM := SHA256_RSA4096
BOARD_AVB_OEM_ADD_HASHTREE_FOOTER_ARGS :=
BOARD_AVB_OEM_ROLLBACK_INDEX_LOCATION := 1
BOARD_AVB_OEM_PARTITION_SIZE := 5242880
BOARD_AVB_OEM_IMAGE_LIST := \
    device/xxxx/yyyy/oem/oem.img \
    device/xxxx/yyyy/oem/oem1.img

BOARD_AVB_TEST_KEY_PATH := external/avb/test/data/testkey_rsa2048.pem
BOARD_AVB_TEST_ALGORITHM := SHA256_RSA2048
BOARD_AVB_TEST_ADD_HASHTREE_FOOTER_ARGS :=
BOARD_AVB_TEST_ROLLBACK_INDEX_LOCATION := 2
BOARD_AVB_TEST_PARTITION_SIZE := 10485760
BOARD_AVB_TEST_IMAGE_LIST := \
    device/xxxx/yyyy/test/test.img \
    device/xxxx/yyyy/test/test1.img

To resign the custom images in the target zip file, the
avb_extra_custom_image_key, avb_extra_custom_image_algorithms and
avb_extra_custom_image_extra_args options are added to the
sign_target_files_apks tool too. The following test cases list some
examples about how to use them.

BUG: 154171021
Test: 1) "atest --host releasetools_test releasetools_py3_test -c"
  2) Build images by 'make dist', sign and validate target files.
   a) Test on dist w/ chained vbmeta_system and ome custom images
   sign_target_files_apks -d certs \
     --avb_extra_custom_image_key oem=oem_rsa4096.pem \
     --avb_extra_custom_image_algorithm oem=SHA256_RSA4096 \
     xxx-target_xxx.zip signed.zip
   validate_target_files.py signed.zip
   Flash image and boot up.
   Verify the oem images and vbmeta images in OUT and target zips by
   avbtool.

   b) Test on dist w/ chained vbmeta_system and oem and test custom images
   sign_target_files_apks -d certs \
     --avb_extra_custom_image_key oem=oem_rsa4096.pem \
     --avb_extra_custom_image_algorithm oem=SHA256_RSA4096 \
     --avb_extra_custom_image_extra_args oem=--do_not_generate_fec \
     --avb_extra_custom_image_key test=test_rsa4096.pem \
     --avb_extra_custom_image_algorithm test=SHA256_RSA4096 \
     xxx-target_xxx.zip signed.zip
   validate_target_files.py signed.zip
   Verify the oem, test images and vbmeta images in OUT and target zips
   by avbtool.

   c) Test on dist w/o chained partition.
   sign_target_files_apks -d certs xxx-target_xxx.zip signed.zip
   validate_target_files.py signed.zip
   Flash image and boot up.
   Verify the vbmeta images in OUT and target zips by avbtool.

Change-Id: Ifccfee5e8909697eef6ccda0cc352fa16a9f6db6
Merged-In: Ifccfee5e8909697eef6ccda0cc352fa16a9f6db6
2020-05-21 22:22:19 +00:00
TreeHugger Robot
d078cc9f78 Merge "Update Security String to 2020-07-05" into qt-qpr1-dev am: e549d10438
Change-Id: If51535409877a076bbc636753cc0e357fea2520e
2020-05-20 22:05:03 +00:00
TreeHugger Robot
e549d10438 Merge "Update Security String to 2020-07-05" into qt-qpr1-dev 2020-05-20 21:47:09 +00:00
TreeHugger Robot
df865a9a17 Merge "Do not fail if unzip found no files to extract" into rvc-dev 2020-05-20 17:15:16 +00:00
Sasha Smundak
5761b525de Do not fail if unzip found no files to extract
Fixes: 157081961
Test: manual
Change-Id: Ib84c9fa1ceb45542ebcee14e048ecf2c1783c0c0
2020-05-20 04:56:05 +00:00
TreeHugger Robot
27e8474d57 Merge "support different boot partition sizes in aosp_arm64" into rvc-dev 2020-05-20 03:26:56 +00:00
Dan Shi
e47836b0c6 Merge "Revert "Add vts related artifacts to vts-core package"" into rvc-dev 2020-05-19 22:25:44 +00:00
Steve Muckle
53226684b9 support different boot partition sizes in aosp_arm64
The different boot images in aosp_arm64 have different partition size
requirements. Add support for defining a partition size associated with
each boot image variant.

This support is limited to aosp_arm64 currently, which is built with
recovery-as-boot.

A previous version of this change did not update the boot-debug image
AVB logic with the required macro for multiple boot partition size
support. This is now required because the aosp-arm64 boot.img is
configured as a chained AVB partition.

Bug: 156036850
Bug: 155049180
Change-Id: I66b57de91042bfd56ba54a3659843d8cf7873955
Merged-In: I66b57de91042bfd56ba54a3659843d8cf7873955
2020-05-19 14:37:40 -07:00
Dan Shi
a1082fb046 Revert "Add vts related artifacts to vts-core package"
This reverts commit 5e06288e7c.

Bug: 149249068
Test: build

Change-Id: I8245f1b7a4a74e133c0b7958e0f2908e4e8efd05
Merged-In: I8245f1b7a4a74e133c0b7958e0f2908e4e8efd05
2020-05-19 13:24:59 -07:00
Roland Levillain
1dbb0c3d1e Introduce build variable OVERRIDE_TARGET_FLATTEN_APEX.
When `OVERRIDE_TARGET_FLATTEN_APEX` is defined (e.g. set in the
environment), `TARGET_FLATTEN_APEX` is forcibly assigned its value.

This is useful to enable/disable APEX flattening from the command
line (thus ignoring the product's default configuration), for testing
purposes.

Note: Previously it was possible to set `TARGET_FLATTEN_APEX` directly
and have the same effect, but recent changes in the build
configuration now prevent that option.

Test: Check that:
        export OVERRIDE_TARGET_FLATTEN_APEX=true \
          && . ./build/envsetup.sh \
          && lunch aosp_walleye-userdebug \
          && export OVERRIDE_TARGET_FLATTEN_APEX=true \
          && build/soong/soong_ui.bash --dumpvar-mode TARGET_FLATTEN_APEX
      returns:
        true
Bug: 121117762

Merged-In: Ib9ccae38430340de38e4758b4f55df2c65ea60d5
Change-Id: Ib9ccae38430340de38e4758b4f55df2c65ea60d5
(cherry picked from commit b3a503df7f)
2020-05-19 02:06:45 +00:00
TreeHugger Robot
2fc5a393e0 Merge "Enables signing for generic boot images" into rvc-dev 2020-05-18 05:32:35 +00:00
easoncylee
88936626cf Update auto-gen test config template with PARAMETERIZED_STRINGS
placeholder

Bug: 134509111
Test: add "test_mainline_modules: [some.apk]" to TetheringTests,
and build the modules, confirm the parameterized option is added
in the test config.

Change-Id: I0f4f837412075520153d21c9ca12cf5c3f555de7
Merged-In: I0f4f837412075520153d21c9ca12cf5c3f555de7
2020-05-18 09:58:18 +08:00
Paul Scovanner
902a6e18e0 Update Security String to 2020-07-05
Bug: 156652977
Change-Id: Ifee743bae79d21c096a95d608552fbb4260aff6c
2020-05-17 21:15:17 +00:00
TreeHugger Robot
b1e99dd0a1 Merge "Don't check link type of Soong app JNI libraries" into rvc-dev 2020-05-16 01:15:56 +00:00
Paul Scovanner
69d4b8de13 Update Security String to 2020-07-01 am: 4a475b4740
Change-Id: I6df8e4cb400ec1c08c5ac6e2b36bd55c2b8fb15a
2020-05-15 22:36:48 +00:00
Sasha Smundak
60d03bd7db Implement android_app_set module.
Bug: 152319766
Test: manual and builtin
Change-Id: I66edc5b423898a11dbba1c3d9796c7bd4d6b4428
Merged-In: I66edc5b423898a11dbba1c3d9796c7bd4d6b4428
2020-05-15 10:47:05 -07:00
Colin Cross
41c3ad1f8b Don't check link type of Soong app JNI libraries
Link type checking is already done within Soong, and
SOONG_SDK_VARIANT_MODULES is not complete yet while parsing Soong
modules, skip JNI link type checking for Soong apps.

Bug: 156225490
Test: m checkbuild
Change-Id: I2f6824b180ccdd62c26497bdca527540ca22f0d7
Merged-In: I2f6824b180ccdd62c26497bdca527540ca22f0d7
(cherry picked from commit 1c8d81e5d9)
2020-05-15 10:09:57 -07:00
Paul Scovanner
4a475b4740 Update Security String to 2020-07-01
Bug: 156652977
Change-Id: I81539bf9bd96bdc2e0bca54b506d8a6061f0bfba
2020-05-14 19:56:33 +00:00
Bowgo Tsai
d55fbd365a Enables signing for generic boot images
Enables signing for them so we can verify that the boot partition
contains a valid generic boot image during the compliance test.

This change also adds the chained partition descriptor of
boot partition into vbmeta.img, which contains the corresponding
public key used to verify the boot partition.

Bug: 151094943
Test: lunch aosp_arm64-user, `make` and use `avbtool info_image`
      to check that GKI images are properly signed.
Test: `make dist` and checks that GKI images in the image zip file
      are properly signed.
Change-Id: I2fd69964f9dc62526a813875fa9193913aa4935b
Merged-In: I2fd69964f9dc62526a813875fa9193913aa4935b
(cherry picked from commit 0f95ac7e8c)
2020-05-14 13:01:37 +08:00
TreeHugger Robot
4d8e9cc847 Merge changes from topic "nonab_on_vab_r" into rvc-dev
* changes:
  Use add_slot_suffix function in edify script
  Support forcefully generating non-AB packages.
2020-05-13 17:26:44 +00:00
Yifan Hong
7169f754cc Support forcefully generating non-AB packages.
Force generate a non-A/B update package when requested.

Bug: 154344887
Test: ota_from_target_files.py --force_non_ab ...
Test: apply it as well

Change-Id: I5e81eb161722e07ef50081b6a16685cbc9963ae2
2020-05-07 12:48:17 -07:00
Jaewoong Jung
d4297e0b64 Merge "Install .idsig files to test suite dirs." into rvc-dev 2020-05-07 15:20:05 +00:00
TreeHugger Robot
8f33cc8f65 Merge "rename libvixl to libvixl.com.android.art.debug" into rvc-dev 2020-05-07 02:09:30 +00:00
Jaewoong Jung
f25327b4bd Install .idsig files to test suite dirs.
Bug: 153675112
Test: m cts && ls out/host/linux-x86/cts/android-cts/testcases/
Change-Id: I2f24f4567ed3fab1f6ad4d66cc0f798332543b8d
2020-05-06 12:46:30 -07:00
Jiyong Park
7d40b59c4d Reland "mark platform un-availability""
This reverts commit 6e1fa4452b.

Reason for revert: relanding a reverted changed

Bug: 153073816
Test: m

Exempt-From-Owner-Approval: cherry-pick from AOSP

Merged-In: I3735866776cf6eb0320c9fb8c6be8ac0c48baa1c
(cherry picked from commit 403c255b6f)
Change-Id: I3735866776cf6eb0320c9fb8c6be8ac0c48baa1c
2020-05-06 21:42:25 +09:00
Jiyong Park
127eae76bc rename libvixl to libvixl.com.android.art.debug
With I1889653812a980f6a2e3b6b25e7647f7c5919606, libvixl is not available
to the platform as it is included in the ART APEX. To use the APEX
variant of the library, we use the <name>:<apex_name> notation.

Bug: 150999716
Test: m
Change-Id: I2206f1c28fc0019c0fd726059aa732145f2998ed
2020-05-05 18:49:46 +09:00
Svet Ganov
c3b0b52e58 Updating platform SDK version for R
* Update SDK level and make REL
  * Update GSI lib list

Test: build + boot

bug:150281259

Change-Id: Ib286bb7499e4857842633003b8ef98b8d0fb3e77
Merged-In: Ib286bb7499e4857842633003b8ef98b8d0fb3e77
2020-05-03 09:40:27 -07:00
Jiyong Park
db64e3d528 Incorrect file names in apkcerts.txt for Make modules
This change fixes a regression that was caused by I56bc55e2231eb946617a9d6f97d55c9b61f3bff7
that file names for Make modules are ".apk" in apkcerts.txt.

This was because PACKAGES.$(LOCAL_MODULE).STEM was only set for the
modules from Soong. It is now set for Make modules too.

Bug: 155440232
Test: OVERRIDE_TARGET_FLATTEN_APEX=true m apkcerts-list
and check the generated apkcerts txt file to see that it doesn't have an
entry where file name is ".apk"

Change-Id: I6f14bbb5678255bef2c1f2397f59ede6c2b5df18
2020-05-03 10:57:01 +09:00
Colin Cross
a4ce9b369e Merge changes from topic "sdk_version_variant" into rvc-dev
* changes:
  Don't install test suite files from uninstallable modules
  Use sdk variant of Soong modules when LOCAL_SDK_VERSION is set
2020-05-02 01:41:17 +00:00