tequilaOS/platform_build_soong
2
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity
platform_build_soong/apex/apex.go

580 lines
20 KiB
Go
Raw Normal View History

Add apex variants Now, APEX-aware modules (the ones implementing android.ApexModule interface) are created with multiple variants for each APEX that they are included. For example, if a module is included (either directly or indirectly - via static linking) to two APEXs, the module is built separately for the two APEXs (and of course separately for platform). This is a first step to limit the symbol visibility to the modules built for APEXs; platform private symbols and libs shouldn't be allowed for them. In addition, the build system now tracks transitive dependencies of the modules in APEXs. For example, if native_shared_lib_modules:["libFoo"] then libFoo and its dependencies are all automatically included to the APEX. Bug: 112672359 Test: m apex.test; the built apex has additional libs (such as liblog, libc++, ...) that are dependencies of the ones specified in Android.bp Change-Id: Id9e3fc486dd4e7e36f8b6799dfb041868c5198d5
2018-10-10 07:01:00 +02:00
// Copyright (C) 2018 The Android Open Source Project
//
// Licensed under the Apache License, Version 2.0 (the "License");
// you may not use this file except in compliance with the License.
// You may obtain a copy of the License at
//
// http://www.apache.org/licenses/LICENSE-2.0
//
// Unless required by applicable law or agreed to in writing, software
// distributed under the License is distributed on an "AS IS" BASIS,
// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
// See the License for the specific language governing permissions and
// limitations under the License.
package apex
import (
"fmt"
"io"
"path/filepath"
"runtime"
Make APEX build rules consistent Don't directly iterate over the copyManifest map to generate the copy commands. Iterating over a map in golang isn't guaranteed to give consistent order. This causes the apex build rules to be executed even when there is no source file change. Fix the issue by creating a sorted list of the key and then iterate over the list. Bug: 117453592 Test: m apex.test; m.apex.test nothing is built during the second build Change-Id: I329a91ec0b6a34cbe745bf9a9ceb0843b63c200c
2018-10-10 07:05:29 +02:00
"sort"
Add apex variants Now, APEX-aware modules (the ones implementing android.ApexModule interface) are created with multiple variants for each APEX that they are included. For example, if a module is included (either directly or indirectly - via static linking) to two APEXs, the module is built separately for the two APEXs (and of course separately for platform). This is a first step to limit the symbol visibility to the modules built for APEXs; platform private symbols and libs shouldn't be allowed for them. In addition, the build system now tracks transitive dependencies of the modules in APEXs. For example, if native_shared_lib_modules:["libFoo"] then libFoo and its dependencies are all automatically included to the APEX. Bug: 112672359 Test: m apex.test; the built apex has additional libs (such as liblog, libc++, ...) that are dependencies of the ones specified in Android.bp Change-Id: Id9e3fc486dd4e7e36f8b6799dfb041868c5198d5
2018-10-10 07:01:00 +02:00
"strings"
"android/soong/android"
"android/soong/cc"
"android/soong/java"
"github.com/google/blueprint"
"github.com/google/blueprint/proptools"
)
var (
pctx = android.NewPackageContext("android/apex")
// Create a canned fs config file where all files and directories are
// by default set to (uid/gid/mode) = (1000/1000/0644)
// TODO(b/113082813) make this configurable using config.fs syntax
generateFsConfig = pctx.StaticRule("generateFsConfig", blueprint.RuleParams{
Fix ext4 image's root directory permissions of APEX packages. The generateFsConfig rule used to not give execution permissions (0111) to the root (`/`) directory of the ext4 image stored in an APEX package. This change add these bits, turning the permissions from 0644 (drw-r--r--) to 0755 (drwxr-xr-x). Previously, not having the execution permissions on the ext4 image's root directory meant that the contents of the top-level directory of the mounted image could not be listed. Test: `adb shell ls /apex/<apex-package>` works Bug: 117580281 Bug: 112672359 Bug: 113373927 Change-Id: I96f859de6022e04c0b82ccdf1db683887643e588
2018-11-02 12:50:42 +01:00
Command: `echo '/ 1000 1000 0755' > ${out} && ` +
Add apex variants Now, APEX-aware modules (the ones implementing android.ApexModule interface) are created with multiple variants for each APEX that they are included. For example, if a module is included (either directly or indirectly - via static linking) to two APEXs, the module is built separately for the two APEXs (and of course separately for platform). This is a first step to limit the symbol visibility to the modules built for APEXs; platform private symbols and libs shouldn't be allowed for them. In addition, the build system now tracks transitive dependencies of the modules in APEXs. For example, if native_shared_lib_modules:["libFoo"] then libFoo and its dependencies are all automatically included to the APEX. Bug: 112672359 Test: m apex.test; the built apex has additional libs (such as liblog, libc++, ...) that are dependencies of the ones specified in Android.bp Change-Id: Id9e3fc486dd4e7e36f8b6799dfb041868c5198d5
2018-10-10 07:01:00 +02:00
`echo '/manifest.json 1000 1000 0644' >> ${out} && ` +
Directories and executables files in an APEX have x bit set Files under /bin and all directories in an APEX now have x (executable) bit set correctly. Bug: 117580281 Test: m apex.test, push it to /data/apex and reboot. adb shell ls -al /apex/com.android.example.apex@1 shows that the directories have x bit set Change-Id: I76e4188d86dc9cdf65e9f8e52be1981e25441a6e
2018-10-11 06:23:09 +02:00
`echo ${ro_paths} | tr ' ' '\n' | awk '{print "/"$$1 " 1000 1000 0644"}' >> ${out} && ` +
`echo ${exec_paths} | tr ' ' '\n' | awk '{print "/"$$1 " 1000 1000 0755"}' >> ${out}`,
Add apex variants Now, APEX-aware modules (the ones implementing android.ApexModule interface) are created with multiple variants for each APEX that they are included. For example, if a module is included (either directly or indirectly - via static linking) to two APEXs, the module is built separately for the two APEXs (and of course separately for platform). This is a first step to limit the symbol visibility to the modules built for APEXs; platform private symbols and libs shouldn't be allowed for them. In addition, the build system now tracks transitive dependencies of the modules in APEXs. For example, if native_shared_lib_modules:["libFoo"] then libFoo and its dependencies are all automatically included to the APEX. Bug: 112672359 Test: m apex.test; the built apex has additional libs (such as liblog, libc++, ...) that are dependencies of the ones specified in Android.bp Change-Id: Id9e3fc486dd4e7e36f8b6799dfb041868c5198d5
2018-10-10 07:01:00 +02:00
Description: "fs_config ${out}",
Directories and executables files in an APEX have x bit set Files under /bin and all directories in an APEX now have x (executable) bit set correctly. Bug: 117580281 Test: m apex.test, push it to /data/apex and reboot. adb shell ls -al /apex/com.android.example.apex@1 shows that the directories have x bit set Change-Id: I76e4188d86dc9cdf65e9f8e52be1981e25441a6e
2018-10-11 06:23:09 +02:00
}, "ro_paths", "exec_paths")
Add apex variants Now, APEX-aware modules (the ones implementing android.ApexModule interface) are created with multiple variants for each APEX that they are included. For example, if a module is included (either directly or indirectly - via static linking) to two APEXs, the module is built separately for the two APEXs (and of course separately for platform). This is a first step to limit the symbol visibility to the modules built for APEXs; platform private symbols and libs shouldn't be allowed for them. In addition, the build system now tracks transitive dependencies of the modules in APEXs. For example, if native_shared_lib_modules:["libFoo"] then libFoo and its dependencies are all automatically included to the APEX. Bug: 112672359 Test: m apex.test; the built apex has additional libs (such as liblog, libc++, ...) that are dependencies of the ones specified in Android.bp Change-Id: Id9e3fc486dd4e7e36f8b6799dfb041868c5198d5
2018-10-10 07:01:00 +02:00
// TODO(b/113233103): make sure that file_contexts is sane, i.e., validate
// against the binary policy using sefcontext_compiler -p <policy>.
// TODO(b/114327326): automate the generation of file_contexts
apexRule = pctx.StaticRule("apexRule", blueprint.RuleParams{
Command: `rm -rf ${image_dir} && mkdir -p ${image_dir} && ` +
`(${copy_commands}) && ` +
`APEXER_TOOL_PATH=${tool_path} ` +
`${apexer} --verbose --force --manifest ${manifest} ` +
`--file_contexts ${file_contexts} ` +
`--canned_fs_config ${canned_fs_config} ` +
`--key ${key} ${image_dir} ${out} `,
CommandDeps: []string{"${apexer}", "${avbtool}", "${e2fsdroid}", "${merge_zips}",
"${mke2fs}", "${resize2fs}", "${sefcontext_compile}",
"${soong_zip}", "${zipalign}", "${aapt2}"},
Description: "APEX ${image_dir} => ${out}",
}, "tool_path", "image_dir", "copy_commands", "manifest", "file_contexts", "canned_fs_config", "key")
)
var apexSuffix = ".apex"
type dependencyTag struct {
blueprint.BaseDependencyTag
name string
}
var (
APEXs are signed with apk signer The entire APEX (which is a zip file) is signed with the apk signer. Certificate can be specified via the 'certificate' property just like ordinary apps. Note: multiple additional certificates are not supported. Bug: 115721587 Test: m apex.test Test: jarsigner -verify -verbose -certs .../apex.test.apex shows the certificate info Change-Id: Ia4c898d3427779a3809fdc683b85d7661ca65137
2018-10-30 13:20:05 +01:00
sharedLibTag = dependencyTag{name: "sharedLib"}
executableTag = dependencyTag{name: "executable"}
javaLibTag = dependencyTag{name: "javaLib"}
prebuiltTag = dependencyTag{name: "prebuilt"}
keyTag = dependencyTag{name: "key"}
certificateTag = dependencyTag{name: "certificate"}
Add apex variants Now, APEX-aware modules (the ones implementing android.ApexModule interface) are created with multiple variants for each APEX that they are included. For example, if a module is included (either directly or indirectly - via static linking) to two APEXs, the module is built separately for the two APEXs (and of course separately for platform). This is a first step to limit the symbol visibility to the modules built for APEXs; platform private symbols and libs shouldn't be allowed for them. In addition, the build system now tracks transitive dependencies of the modules in APEXs. For example, if native_shared_lib_modules:["libFoo"] then libFoo and its dependencies are all automatically included to the APEX. Bug: 112672359 Test: m apex.test; the built apex has additional libs (such as liblog, libc++, ...) that are dependencies of the ones specified in Android.bp Change-Id: Id9e3fc486dd4e7e36f8b6799dfb041868c5198d5
2018-10-10 07:01:00 +02:00
)
func init() {
pctx.Import("android/soong/common")
APEXs are signed with apk signer The entire APEX (which is a zip file) is signed with the apk signer. Certificate can be specified via the 'certificate' property just like ordinary apps. Note: multiple additional certificates are not supported. Bug: 115721587 Test: m apex.test Test: jarsigner -verify -verbose -certs .../apex.test.apex shows the certificate info Change-Id: Ia4c898d3427779a3809fdc683b85d7661ca65137
2018-10-30 13:20:05 +01:00
pctx.Import("android/soong/java")
Add apex variants Now, APEX-aware modules (the ones implementing android.ApexModule interface) are created with multiple variants for each APEX that they are included. For example, if a module is included (either directly or indirectly - via static linking) to two APEXs, the module is built separately for the two APEXs (and of course separately for platform). This is a first step to limit the symbol visibility to the modules built for APEXs; platform private symbols and libs shouldn't be allowed for them. In addition, the build system now tracks transitive dependencies of the modules in APEXs. For example, if native_shared_lib_modules:["libFoo"] then libFoo and its dependencies are all automatically included to the APEX. Bug: 112672359 Test: m apex.test; the built apex has additional libs (such as liblog, libc++, ...) that are dependencies of the ones specified in Android.bp Change-Id: Id9e3fc486dd4e7e36f8b6799dfb041868c5198d5
2018-10-10 07:01:00 +02:00
pctx.HostBinToolVariable("apexer", "apexer")
Use SDK prebuilt 'aapt2' in 'apexer' in source trees without "frameworks/base". Test: system/apex/apexer/runtests.sh on a master source tree Test: system/apex/apexer/runtests.sh on a master-art source tree Bug: 113373927 Bug: 112458021 Change-Id: Ie23eab3f7e4961ebbe011b1fe25ce819f99767a2
2018-10-05 20:34:32 +02:00
// ART minimal builds (using the master-art manifest) do not have the "frameworks/base"
// projects, and hence cannot built 'aapt2'. Use the SDK prebuilt instead.
hostBinToolVariableWithPrebuilt := func(name, prebuiltDir, tool string) {
pctx.VariableFunc(name, func(ctx android.PackageVarContext) string {
if !android.ExistentPathForSource(ctx, "frameworks/base").Valid() {
return filepath.Join(prebuiltDir, runtime.GOOS, "bin", tool)
} else {
return pctx.HostBinToolPath(ctx, tool).String()
}
})
}
hostBinToolVariableWithPrebuilt("aapt2", "prebuilts/sdk/tools", "aapt2")
Add apex variants Now, APEX-aware modules (the ones implementing android.ApexModule interface) are created with multiple variants for each APEX that they are included. For example, if a module is included (either directly or indirectly - via static linking) to two APEXs, the module is built separately for the two APEXs (and of course separately for platform). This is a first step to limit the symbol visibility to the modules built for APEXs; platform private symbols and libs shouldn't be allowed for them. In addition, the build system now tracks transitive dependencies of the modules in APEXs. For example, if native_shared_lib_modules:["libFoo"] then libFoo and its dependencies are all automatically included to the APEX. Bug: 112672359 Test: m apex.test; the built apex has additional libs (such as liblog, libc++, ...) that are dependencies of the ones specified in Android.bp Change-Id: Id9e3fc486dd4e7e36f8b6799dfb041868c5198d5
2018-10-10 07:01:00 +02:00
pctx.HostBinToolVariable("avbtool", "avbtool")
pctx.HostBinToolVariable("e2fsdroid", "e2fsdroid")
pctx.HostBinToolVariable("merge_zips", "merge_zips")
pctx.HostBinToolVariable("mke2fs", "mke2fs")
pctx.HostBinToolVariable("resize2fs", "resize2fs")
pctx.HostBinToolVariable("sefcontext_compile", "sefcontext_compile")
pctx.HostBinToolVariable("soong_zip", "soong_zip")
pctx.HostBinToolVariable("zipalign", "zipalign")
android.RegisterModuleType("apex", apexBundleFactory)
android.PostDepsMutators(func(ctx android.RegisterMutatorsContext) {
ctx.TopDown("apex_deps", apexDepsMutator)
ctx.BottomUp("apex", apexMutator)
})
}
// maps a module name to set of apex bundle names that the module should be built for
func apexBundleNamesFor(config android.Config) map[string]map[string]bool {
return config.Once("apexBundleNames", func() interface{} {
return make(map[string]map[string]bool)
}).(map[string]map[string]bool)
}
// Mark the direct and transitive dependencies of apex bundles so that they
// can be built for the apex bundles.
func apexDepsMutator(mctx android.TopDownMutatorContext) {
if _, ok := mctx.Module().(*apexBundle); ok {
apexBundleName := mctx.Module().Name()
mctx.WalkDeps(func(child, parent android.Module) bool {
if am, ok := child.(android.ApexModule); ok && am.CanHaveApexVariants() {
arch-specific dependencies are correctly handled in apex The change fixes the problem that multiple APEXs having native component (shared lib or executable) can't be built with an error similar to this: error: bionic/linker/Android.bp:298:1: failed to find variation "com.android.art" for module "libclang_rt.builtins-aarch64-android" needed by "ld-android" This is happening because the dependency to the built-in library is arch-specific but apex.go ignores it. Specifically, let's assume that 32-bit variant of libFoo depends on libX while 64-bit variant of libFoo depends on libY. Also assume that libFoo is included in two APEXs: apex1 (which is 64-bit) and apex2 (which is 32-bit). Then apexDepsMutator records that libFoo shall be split into apex1 and apex2, while libX will be only split into apex1 and libY will be split into apex2. The problem is that, during apexMutator, both 32 and 64-bit varants of libFoo are split into apex1 and apex2. As a result, a dependency to apex2 variant of libX and a dependency to apex1 variant of libY are requested, which don't exist. Fixing this issue by using module's name AND target string as the key. So, only the 32-bit variant of libFoo is split into apex1 and 64-bit variant of libFoo is split into apex2. Test: have following module somewhere. `m` is successful. apex { name: "com.android.art", manifest: "manifest.json", file_contexts: "file_contexts", binaries: ["dex2oat"], key: "apex.test.key", target: { android: { // Prefer the 32-bit versions of these binaries. compile_multilib: "prefer32", }, }, } Change-Id: I562b7be8e7c0325bd8d728dbee2ddcae608c181a
2018-10-23 16:58:01 +02:00
moduleName := am.Name() + "-" + am.Target().String()
Add apex variants Now, APEX-aware modules (the ones implementing android.ApexModule interface) are created with multiple variants for each APEX that they are included. For example, if a module is included (either directly or indirectly - via static linking) to two APEXs, the module is built separately for the two APEXs (and of course separately for platform). This is a first step to limit the symbol visibility to the modules built for APEXs; platform private symbols and libs shouldn't be allowed for them. In addition, the build system now tracks transitive dependencies of the modules in APEXs. For example, if native_shared_lib_modules:["libFoo"] then libFoo and its dependencies are all automatically included to the APEX. Bug: 112672359 Test: m apex.test; the built apex has additional libs (such as liblog, libc++, ...) that are dependencies of the ones specified in Android.bp Change-Id: Id9e3fc486dd4e7e36f8b6799dfb041868c5198d5
2018-10-10 07:01:00 +02:00
bundleNames, ok := apexBundleNamesFor(mctx.Config())[moduleName]
if !ok {
bundleNames = make(map[string]bool)
apexBundleNamesFor(mctx.Config())[moduleName] = bundleNames
}
bundleNames[apexBundleName] = true
return true
} else {
return false
}
})
}
}
// Create apex variations if a module is included in APEX(s).
func apexMutator(mctx android.BottomUpMutatorContext) {
if am, ok := mctx.Module().(android.ApexModule); ok && am.CanHaveApexVariants() {
arch-specific dependencies are correctly handled in apex The change fixes the problem that multiple APEXs having native component (shared lib or executable) can't be built with an error similar to this: error: bionic/linker/Android.bp:298:1: failed to find variation "com.android.art" for module "libclang_rt.builtins-aarch64-android" needed by "ld-android" This is happening because the dependency to the built-in library is arch-specific but apex.go ignores it. Specifically, let's assume that 32-bit variant of libFoo depends on libX while 64-bit variant of libFoo depends on libY. Also assume that libFoo is included in two APEXs: apex1 (which is 64-bit) and apex2 (which is 32-bit). Then apexDepsMutator records that libFoo shall be split into apex1 and apex2, while libX will be only split into apex1 and libY will be split into apex2. The problem is that, during apexMutator, both 32 and 64-bit varants of libFoo are split into apex1 and apex2. As a result, a dependency to apex2 variant of libX and a dependency to apex1 variant of libY are requested, which don't exist. Fixing this issue by using module's name AND target string as the key. So, only the 32-bit variant of libFoo is split into apex1 and 64-bit variant of libFoo is split into apex2. Test: have following module somewhere. `m` is successful. apex { name: "com.android.art", manifest: "manifest.json", file_contexts: "file_contexts", binaries: ["dex2oat"], key: "apex.test.key", target: { android: { // Prefer the 32-bit versions of these binaries. compile_multilib: "prefer32", }, }, } Change-Id: I562b7be8e7c0325bd8d728dbee2ddcae608c181a
2018-10-23 16:58:01 +02:00
moduleName := am.Name() + "-" + am.Target().String()
Add apex variants Now, APEX-aware modules (the ones implementing android.ApexModule interface) are created with multiple variants for each APEX that they are included. For example, if a module is included (either directly or indirectly - via static linking) to two APEXs, the module is built separately for the two APEXs (and of course separately for platform). This is a first step to limit the symbol visibility to the modules built for APEXs; platform private symbols and libs shouldn't be allowed for them. In addition, the build system now tracks transitive dependencies of the modules in APEXs. For example, if native_shared_lib_modules:["libFoo"] then libFoo and its dependencies are all automatically included to the APEX. Bug: 112672359 Test: m apex.test; the built apex has additional libs (such as liblog, libc++, ...) that are dependencies of the ones specified in Android.bp Change-Id: Id9e3fc486dd4e7e36f8b6799dfb041868c5198d5
2018-10-10 07:01:00 +02:00
if bundleNames, ok := apexBundleNamesFor(mctx.Config())[moduleName]; ok {
variations := []string{"platform"}
for bn := range bundleNames {
variations = append(variations, bn)
}
modules := mctx.CreateVariations(variations...)
for i, m := range modules {
if i == 0 {
continue // platform
}
m.(android.ApexModule).BuildForApex(variations[i])
}
}
} else if _, ok := mctx.Module().(*apexBundle); ok {
// apex bundle itself is mutated so that it and its modules have same
// apex variant.
apexBundleName := mctx.ModuleName()
mctx.CreateVariations(apexBundleName)
}
}
type apexBundleProperties struct {
// Json manifest file describing meta info of this APEX bundle. Default:
// "manifest.json"
Manifest *string
Move file_contexts file for APEXes to under /system/sepolicy For centralized development of sepolices, file_contexts files for APEXes are all moved to under /system/seplicy. The meaning of the existing file_contexts has been changed; when it is set to <value>, then /system/sepolicy/apex/<value>_file_contexts is used. When unset, it defaults to the name of the module. The property is not removed in order to support creating multiple versions of the same apex (for testing purpose) built with same file_contexts file. Bug: 119034475 Test: m apex.test com.android.tzdata com.android.runtime Change-Id: I7d14a9e37baea9ab78d9e15e1164cce54d256f56
2018-11-09 22:37:15 +01:00
// Determines the file contexts file for setting security context to each file in this APEX bundle.
// Specifically, when this is set to <value>, /system/sepolicy/apex/<value>_file_contexts file is
// used.
// Default: <name_of_this_module>
Add apex variants Now, APEX-aware modules (the ones implementing android.ApexModule interface) are created with multiple variants for each APEX that they are included. For example, if a module is included (either directly or indirectly - via static linking) to two APEXs, the module is built separately for the two APEXs (and of course separately for platform). This is a first step to limit the symbol visibility to the modules built for APEXs; platform private symbols and libs shouldn't be allowed for them. In addition, the build system now tracks transitive dependencies of the modules in APEXs. For example, if native_shared_lib_modules:["libFoo"] then libFoo and its dependencies are all automatically included to the APEX. Bug: 112672359 Test: m apex.test; the built apex has additional libs (such as liblog, libc++, ...) that are dependencies of the ones specified in Android.bp Change-Id: Id9e3fc486dd4e7e36f8b6799dfb041868c5198d5
2018-10-10 07:01:00 +02:00
File_contexts *string
// List of native shared libs that are embedded inside this APEX bundle
Native_shared_libs []string
// List of native executables that are embedded inside this APEX bundle
Binaries []string
// List of java libraries that are embedded inside this APEX bundle
Java_libs []string
// List of prebuilt files that are embedded inside this APEX bundle
Prebuilts []string
APEX can be signed with different keys A new module type 'apex_key' is defined to specify public and private key pair for APEXs. An APEX can refer to the module via the property 'key'. When building the APEX, the private key from the key module is used to sign it. In addition, the public key from the key module is automatically installed to /system/etc/security/apex. Bug: 115721587 Test: m apex.test; m /apex/com.android.example.apex@1 exists Change-Id: I82666db095bd7a09f6c1b9cbea2db57ebc076cbf
2018-10-12 14:49:38 +02:00
// Name of the apex_key module that provides the private key to sign APEX
Key *string
binaries and native_shared_libraires are multilib-aware props The properties 'binaries' and 'native_shared_libraries' can be multilib-aware, i.e, can be under multilib.type where type can be either first, both, lib32, lib64, or prefer32. Native modules listed in multilib.first are installed only for the first ABI of the device. Similarily, multilib.both are for both of the ABIs, while multilib.lib32 and multilib.lib64 are 32 and 64-bit ABI only, respectively. multilib.prefer32 is for 32-bit only when 32-bit ABI is available. Another change is that the binaries property, when not within multilib, targets only the first ABI. Test: m apex.test on ... 1) aosp_arm64 without TARGET_PREFER_32_BIT_EXECUTABLES=true 2) aosp_arm64 with TARGET_PREFER_32_BIT_EXECUTABLES=true 3) aosp_arm in all cases, vold, surfaceflinger and drmserver are all intalled under ./bin directory of the APEX. And native libraries are installed under both ./lib and ./lib64 directories in the case of 1) and 2). Change-Id: Idd7f8526a61bceca89d43c0c69ccedb471b67d31
2018-10-24 14:09:55 +02:00
APEXs are signed with apk signer The entire APEX (which is a zip file) is signed with the apk signer. Certificate can be specified via the 'certificate' property just like ordinary apps. Note: multiple additional certificates are not supported. Bug: 115721587 Test: m apex.test Test: jarsigner -verify -verbose -certs .../apex.test.apex shows the certificate info Change-Id: Ia4c898d3427779a3809fdc683b85d7661ca65137
2018-10-30 13:20:05 +01:00
// The name of a certificate in the default certificate directory, blank to use the default product certificate,
// or an android_app_certificate module name in the form ":module".
Certificate *string
binaries and native_shared_libraires are multilib-aware props The properties 'binaries' and 'native_shared_libraries' can be multilib-aware, i.e, can be under multilib.type where type can be either first, both, lib32, lib64, or prefer32. Native modules listed in multilib.first are installed only for the first ABI of the device. Similarily, multilib.both are for both of the ABIs, while multilib.lib32 and multilib.lib64 are 32 and 64-bit ABI only, respectively. multilib.prefer32 is for 32-bit only when 32-bit ABI is available. Another change is that the binaries property, when not within multilib, targets only the first ABI. Test: m apex.test on ... 1) aosp_arm64 without TARGET_PREFER_32_BIT_EXECUTABLES=true 2) aosp_arm64 with TARGET_PREFER_32_BIT_EXECUTABLES=true 3) aosp_arm in all cases, vold, surfaceflinger and drmserver are all intalled under ./bin directory of the APEX. And native libraries are installed under both ./lib and ./lib64 directories in the case of 1) and 2). Change-Id: Idd7f8526a61bceca89d43c0c69ccedb471b67d31
2018-10-24 14:09:55 +02:00
Multilib struct {
First struct {
// List of native libraries whose compile_multilib is "first"
Native_shared_libs []string
// List of native executables whose compile_multilib is "first"
Binaries []string
}
Both struct {
// List of native libraries whose compile_multilib is "both"
Native_shared_libs []string
// List of native executables whose compile_multilib is "both"
Binaries []string
}
Prefer32 struct {
// List of native libraries whose compile_multilib is "prefer32"
Native_shared_libs []string
// List of native executables whose compile_multilib is "prefer32"
Binaries []string
}
Lib32 struct {
// List of native libraries whose compile_multilib is "32"
Native_shared_libs []string
// List of native executables whose compile_multilib is "32"
Binaries []string
}
Lib64 struct {
// List of native libraries whose compile_multilib is "64"
Native_shared_libs []string
// List of native executables whose compile_multilib is "64"
Binaries []string
}
}
Add apex variants Now, APEX-aware modules (the ones implementing android.ApexModule interface) are created with multiple variants for each APEX that they are included. For example, if a module is included (either directly or indirectly - via static linking) to two APEXs, the module is built separately for the two APEXs (and of course separately for platform). This is a first step to limit the symbol visibility to the modules built for APEXs; platform private symbols and libs shouldn't be allowed for them. In addition, the build system now tracks transitive dependencies of the modules in APEXs. For example, if native_shared_lib_modules:["libFoo"] then libFoo and its dependencies are all automatically included to the APEX. Bug: 112672359 Test: m apex.test; the built apex has additional libs (such as liblog, libc++, ...) that are dependencies of the ones specified in Android.bp Change-Id: Id9e3fc486dd4e7e36f8b6799dfb041868c5198d5
2018-10-10 07:01:00 +02:00
}
type apexBundle struct {
android.ModuleBase
android.DefaultableModuleBase
properties apexBundleProperties
outputFile android.WritablePath
installDir android.OutputPath
}
binaries and native_shared_libraires are multilib-aware props The properties 'binaries' and 'native_shared_libraries' can be multilib-aware, i.e, can be under multilib.type where type can be either first, both, lib32, lib64, or prefer32. Native modules listed in multilib.first are installed only for the first ABI of the device. Similarily, multilib.both are for both of the ABIs, while multilib.lib32 and multilib.lib64 are 32 and 64-bit ABI only, respectively. multilib.prefer32 is for 32-bit only when 32-bit ABI is available. Another change is that the binaries property, when not within multilib, targets only the first ABI. Test: m apex.test on ... 1) aosp_arm64 without TARGET_PREFER_32_BIT_EXECUTABLES=true 2) aosp_arm64 with TARGET_PREFER_32_BIT_EXECUTABLES=true 3) aosp_arm in all cases, vold, surfaceflinger and drmserver are all intalled under ./bin directory of the APEX. And native libraries are installed under both ./lib and ./lib64 directories in the case of 1) and 2). Change-Id: Idd7f8526a61bceca89d43c0c69ccedb471b67d31
2018-10-24 14:09:55 +02:00
func addDependenciesForNativeModules(ctx android.BottomUpMutatorContext,
native_shared_libs []string, binaries []string, arch string) {
// Use *FarVariation* to be able to depend on modules having
// conflicting variations with this module. This is required since
// arch variant of an APEX bundle is 'common' but it is 'arm' or 'arm64'
// for native shared libs.
ctx.AddFarVariationDependencies([]blueprint.Variation{
{Mutator: "arch", Variation: arch},
{Mutator: "image", Variation: "core"},
{Mutator: "link", Variation: "shared"},
}, sharedLibTag, native_shared_libs...)
ctx.AddFarVariationDependencies([]blueprint.Variation{
{Mutator: "arch", Variation: arch},
{Mutator: "image", Variation: "core"},
}, executableTag, binaries...)
}
Add apex variants Now, APEX-aware modules (the ones implementing android.ApexModule interface) are created with multiple variants for each APEX that they are included. For example, if a module is included (either directly or indirectly - via static linking) to two APEXs, the module is built separately for the two APEXs (and of course separately for platform). This is a first step to limit the symbol visibility to the modules built for APEXs; platform private symbols and libs shouldn't be allowed for them. In addition, the build system now tracks transitive dependencies of the modules in APEXs. For example, if native_shared_lib_modules:["libFoo"] then libFoo and its dependencies are all automatically included to the APEX. Bug: 112672359 Test: m apex.test; the built apex has additional libs (such as liblog, libc++, ...) that are dependencies of the ones specified in Android.bp Change-Id: Id9e3fc486dd4e7e36f8b6799dfb041868c5198d5
2018-10-10 07:01:00 +02:00
func (a *apexBundle) DepsMutator(ctx android.BottomUpMutatorContext) {
binaries and native_shared_libraires are multilib-aware props The properties 'binaries' and 'native_shared_libraries' can be multilib-aware, i.e, can be under multilib.type where type can be either first, both, lib32, lib64, or prefer32. Native modules listed in multilib.first are installed only for the first ABI of the device. Similarily, multilib.both are for both of the ABIs, while multilib.lib32 and multilib.lib64 are 32 and 64-bit ABI only, respectively. multilib.prefer32 is for 32-bit only when 32-bit ABI is available. Another change is that the binaries property, when not within multilib, targets only the first ABI. Test: m apex.test on ... 1) aosp_arm64 without TARGET_PREFER_32_BIT_EXECUTABLES=true 2) aosp_arm64 with TARGET_PREFER_32_BIT_EXECUTABLES=true 3) aosp_arm in all cases, vold, surfaceflinger and drmserver are all intalled under ./bin directory of the APEX. And native libraries are installed under both ./lib and ./lib64 directories in the case of 1) and 2). Change-Id: Idd7f8526a61bceca89d43c0c69ccedb471b67d31
2018-10-24 14:09:55 +02:00
targets := ctx.MultiTargets()
has32BitTarget := false
for _, target := range targets {
if target.Arch.ArchType.Multilib == "lib32" {
has32BitTarget = true
}
}
for i, target := range targets {
// When multilib.* is omitted for native_shared_libs, it implies
// multilib.both.
Add apex variants Now, APEX-aware modules (the ones implementing android.ApexModule interface) are created with multiple variants for each APEX that they are included. For example, if a module is included (either directly or indirectly - via static linking) to two APEXs, the module is built separately for the two APEXs (and of course separately for platform). This is a first step to limit the symbol visibility to the modules built for APEXs; platform private symbols and libs shouldn't be allowed for them. In addition, the build system now tracks transitive dependencies of the modules in APEXs. For example, if native_shared_lib_modules:["libFoo"] then libFoo and its dependencies are all automatically included to the APEX. Bug: 112672359 Test: m apex.test; the built apex has additional libs (such as liblog, libc++, ...) that are dependencies of the ones specified in Android.bp Change-Id: Id9e3fc486dd4e7e36f8b6799dfb041868c5198d5
2018-10-10 07:01:00 +02:00
ctx.AddFarVariationDependencies([]blueprint.Variation{
binaries and native_shared_libraires are multilib-aware props The properties 'binaries' and 'native_shared_libraries' can be multilib-aware, i.e, can be under multilib.type where type can be either first, both, lib32, lib64, or prefer32. Native modules listed in multilib.first are installed only for the first ABI of the device. Similarily, multilib.both are for both of the ABIs, while multilib.lib32 and multilib.lib64 are 32 and 64-bit ABI only, respectively. multilib.prefer32 is for 32-bit only when 32-bit ABI is available. Another change is that the binaries property, when not within multilib, targets only the first ABI. Test: m apex.test on ... 1) aosp_arm64 without TARGET_PREFER_32_BIT_EXECUTABLES=true 2) aosp_arm64 with TARGET_PREFER_32_BIT_EXECUTABLES=true 3) aosp_arm in all cases, vold, surfaceflinger and drmserver are all intalled under ./bin directory of the APEX. And native libraries are installed under both ./lib and ./lib64 directories in the case of 1) and 2). Change-Id: Idd7f8526a61bceca89d43c0c69ccedb471b67d31
2018-10-24 14:09:55 +02:00
{Mutator: "arch", Variation: target.String()},
Add apex variants Now, APEX-aware modules (the ones implementing android.ApexModule interface) are created with multiple variants for each APEX that they are included. For example, if a module is included (either directly or indirectly - via static linking) to two APEXs, the module is built separately for the two APEXs (and of course separately for platform). This is a first step to limit the symbol visibility to the modules built for APEXs; platform private symbols and libs shouldn't be allowed for them. In addition, the build system now tracks transitive dependencies of the modules in APEXs. For example, if native_shared_lib_modules:["libFoo"] then libFoo and its dependencies are all automatically included to the APEX. Bug: 112672359 Test: m apex.test; the built apex has additional libs (such as liblog, libc++, ...) that are dependencies of the ones specified in Android.bp Change-Id: Id9e3fc486dd4e7e36f8b6799dfb041868c5198d5
2018-10-10 07:01:00 +02:00
{Mutator: "image", Variation: "core"},
{Mutator: "link", Variation: "shared"},
}, sharedLibTag, a.properties.Native_shared_libs...)
binaries and native_shared_libraires are multilib-aware props The properties 'binaries' and 'native_shared_libraries' can be multilib-aware, i.e, can be under multilib.type where type can be either first, both, lib32, lib64, or prefer32. Native modules listed in multilib.first are installed only for the first ABI of the device. Similarily, multilib.both are for both of the ABIs, while multilib.lib32 and multilib.lib64 are 32 and 64-bit ABI only, respectively. multilib.prefer32 is for 32-bit only when 32-bit ABI is available. Another change is that the binaries property, when not within multilib, targets only the first ABI. Test: m apex.test on ... 1) aosp_arm64 without TARGET_PREFER_32_BIT_EXECUTABLES=true 2) aosp_arm64 with TARGET_PREFER_32_BIT_EXECUTABLES=true 3) aosp_arm in all cases, vold, surfaceflinger and drmserver are all intalled under ./bin directory of the APEX. And native libraries are installed under both ./lib and ./lib64 directories in the case of 1) and 2). Change-Id: Idd7f8526a61bceca89d43c0c69ccedb471b67d31
2018-10-24 14:09:55 +02:00
// Add native modules targetting both ABIs
addDependenciesForNativeModules(ctx,
a.properties.Multilib.Both.Native_shared_libs,
a.properties.Multilib.Both.Binaries, target.String())
if i == 0 {
// When multilib.* is omitted for binaries, it implies
// multilib.first.
ctx.AddFarVariationDependencies([]blueprint.Variation{
{Mutator: "arch", Variation: target.String()},
{Mutator: "image", Variation: "core"},
}, executableTag, a.properties.Binaries...)
// Add native modules targetting the first ABI
addDependenciesForNativeModules(ctx,
a.properties.Multilib.First.Native_shared_libs,
a.properties.Multilib.First.Binaries, target.String())
}
switch target.Arch.ArchType.Multilib {
case "lib32":
// Add native modules targetting 32-bit ABI
addDependenciesForNativeModules(ctx,
a.properties.Multilib.Lib32.Native_shared_libs,
a.properties.Multilib.Lib32.Binaries, target.String())
addDependenciesForNativeModules(ctx,
a.properties.Multilib.Prefer32.Native_shared_libs,
a.properties.Multilib.Prefer32.Binaries, target.String())
case "lib64":
// Add native modules targetting 64-bit ABI
addDependenciesForNativeModules(ctx,
a.properties.Multilib.Lib64.Native_shared_libs,
a.properties.Multilib.Lib64.Binaries, target.String())
if !has32BitTarget {
addDependenciesForNativeModules(ctx,
a.properties.Multilib.Prefer32.Native_shared_libs,
a.properties.Multilib.Prefer32.Binaries, target.String())
}
}
APEX can be signed with different keys A new module type 'apex_key' is defined to specify public and private key pair for APEXs. An APEX can refer to the module via the property 'key'. When building the APEX, the private key from the key module is used to sign it. In addition, the public key from the key module is automatically installed to /system/etc/security/apex. Bug: 115721587 Test: m apex.test; m /apex/com.android.example.apex@1 exists Change-Id: I82666db095bd7a09f6c1b9cbea2db57ebc076cbf
2018-10-12 14:49:38 +02:00
}
Add apex variants Now, APEX-aware modules (the ones implementing android.ApexModule interface) are created with multiple variants for each APEX that they are included. For example, if a module is included (either directly or indirectly - via static linking) to two APEXs, the module is built separately for the two APEXs (and of course separately for platform). This is a first step to limit the symbol visibility to the modules built for APEXs; platform private symbols and libs shouldn't be allowed for them. In addition, the build system now tracks transitive dependencies of the modules in APEXs. For example, if native_shared_lib_modules:["libFoo"] then libFoo and its dependencies are all automatically included to the APEX. Bug: 112672359 Test: m apex.test; the built apex has additional libs (such as liblog, libc++, ...) that are dependencies of the ones specified in Android.bp Change-Id: Id9e3fc486dd4e7e36f8b6799dfb041868c5198d5
2018-10-10 07:01:00 +02:00
APEX can be signed with different keys A new module type 'apex_key' is defined to specify public and private key pair for APEXs. An APEX can refer to the module via the property 'key'. When building the APEX, the private key from the key module is used to sign it. In addition, the public key from the key module is automatically installed to /system/etc/security/apex. Bug: 115721587 Test: m apex.test; m /apex/com.android.example.apex@1 exists Change-Id: I82666db095bd7a09f6c1b9cbea2db57ebc076cbf
2018-10-12 14:49:38 +02:00
ctx.AddFarVariationDependencies([]blueprint.Variation{
{Mutator: "arch", Variation: "android_common"},
}, javaLibTag, a.properties.Java_libs...)
Add apex variants Now, APEX-aware modules (the ones implementing android.ApexModule interface) are created with multiple variants for each APEX that they are included. For example, if a module is included (either directly or indirectly - via static linking) to two APEXs, the module is built separately for the two APEXs (and of course separately for platform). This is a first step to limit the symbol visibility to the modules built for APEXs; platform private symbols and libs shouldn't be allowed for them. In addition, the build system now tracks transitive dependencies of the modules in APEXs. For example, if native_shared_lib_modules:["libFoo"] then libFoo and its dependencies are all automatically included to the APEX. Bug: 112672359 Test: m apex.test; the built apex has additional libs (such as liblog, libc++, ...) that are dependencies of the ones specified in Android.bp Change-Id: Id9e3fc486dd4e7e36f8b6799dfb041868c5198d5
2018-10-10 07:01:00 +02:00
APEX can be signed with different keys A new module type 'apex_key' is defined to specify public and private key pair for APEXs. An APEX can refer to the module via the property 'key'. When building the APEX, the private key from the key module is used to sign it. In addition, the public key from the key module is automatically installed to /system/etc/security/apex. Bug: 115721587 Test: m apex.test; m /apex/com.android.example.apex@1 exists Change-Id: I82666db095bd7a09f6c1b9cbea2db57ebc076cbf
2018-10-12 14:49:38 +02:00
ctx.AddFarVariationDependencies([]blueprint.Variation{
{Mutator: "arch", Variation: "android_common"},
}, prebuiltTag, a.properties.Prebuilts...)
Add apex variants Now, APEX-aware modules (the ones implementing android.ApexModule interface) are created with multiple variants for each APEX that they are included. For example, if a module is included (either directly or indirectly - via static linking) to two APEXs, the module is built separately for the two APEXs (and of course separately for platform). This is a first step to limit the symbol visibility to the modules built for APEXs; platform private symbols and libs shouldn't be allowed for them. In addition, the build system now tracks transitive dependencies of the modules in APEXs. For example, if native_shared_lib_modules:["libFoo"] then libFoo and its dependencies are all automatically included to the APEX. Bug: 112672359 Test: m apex.test; the built apex has additional libs (such as liblog, libc++, ...) that are dependencies of the ones specified in Android.bp Change-Id: Id9e3fc486dd4e7e36f8b6799dfb041868c5198d5
2018-10-10 07:01:00 +02:00
APEX can be signed with different keys A new module type 'apex_key' is defined to specify public and private key pair for APEXs. An APEX can refer to the module via the property 'key'. When building the APEX, the private key from the key module is used to sign it. In addition, the public key from the key module is automatically installed to /system/etc/security/apex. Bug: 115721587 Test: m apex.test; m /apex/com.android.example.apex@1 exists Change-Id: I82666db095bd7a09f6c1b9cbea2db57ebc076cbf
2018-10-12 14:49:38 +02:00
if String(a.properties.Key) == "" {
ctx.ModuleErrorf("key is missing")
return
}
ctx.AddDependency(ctx.Module(), keyTag, String(a.properties.Key))
APEXs are signed with apk signer The entire APEX (which is a zip file) is signed with the apk signer. Certificate can be specified via the 'certificate' property just like ordinary apps. Note: multiple additional certificates are not supported. Bug: 115721587 Test: m apex.test Test: jarsigner -verify -verbose -certs .../apex.test.apex shows the certificate info Change-Id: Ia4c898d3427779a3809fdc683b85d7661ca65137
2018-10-30 13:20:05 +01:00
cert := android.SrcIsModule(String(a.properties.Certificate))
if cert != "" {
ctx.AddDependency(ctx.Module(), certificateTag, cert)
}
Add apex variants Now, APEX-aware modules (the ones implementing android.ApexModule interface) are created with multiple variants for each APEX that they are included. For example, if a module is included (either directly or indirectly - via static linking) to two APEXs, the module is built separately for the two APEXs (and of course separately for platform). This is a first step to limit the symbol visibility to the modules built for APEXs; platform private symbols and libs shouldn't be allowed for them. In addition, the build system now tracks transitive dependencies of the modules in APEXs. For example, if native_shared_lib_modules:["libFoo"] then libFoo and its dependencies are all automatically included to the APEX. Bug: 112672359 Test: m apex.test; the built apex has additional libs (such as liblog, libc++, ...) that are dependencies of the ones specified in Android.bp Change-Id: Id9e3fc486dd4e7e36f8b6799dfb041868c5198d5
2018-10-10 07:01:00 +02:00
}
func getCopyManifestForNativeLibrary(cc *cc.Module) (fileToCopy android.Path, dirInApex string) {
// Decide the APEX-local directory by the multilib of the library
// In the future, we may query this to the module.
switch cc.Arch().ArchType.Multilib {
case "lib32":
dirInApex = "lib"
case "lib64":
dirInApex = "lib64"
}
if !cc.Arch().Native {
dirInApex = filepath.Join(dirInApex, cc.Arch().ArchType.String())
}
fileToCopy = cc.OutputFile().Path()
return
}
func getCopyManifestForExecutable(cc *cc.Module) (fileToCopy android.Path, dirInApex string) {
dirInApex = "bin"
fileToCopy = cc.OutputFile().Path()
return
}
func getCopyManifestForJavaLibrary(java *java.Library) (fileToCopy android.Path, dirInApex string) {
dirInApex = "javalib"
fileToCopy = java.Srcs()[0]
return
}
func getCopyManifestForPrebuiltEtc(prebuilt *android.PrebuiltEtc) (fileToCopy android.Path, dirInApex string) {
dirInApex = filepath.Join("etc", prebuilt.SubDir())
fileToCopy = prebuilt.OutputFile()
return
}
func (a *apexBundle) GenerateAndroidBuildActions(ctx android.ModuleContext) {
// files to copy -> dir in apex
copyManifest := make(map[android.Path]string)
APEX can be signed with different keys A new module type 'apex_key' is defined to specify public and private key pair for APEXs. An APEX can refer to the module via the property 'key'. When building the APEX, the private key from the key module is used to sign it. In addition, the public key from the key module is automatically installed to /system/etc/security/apex. Bug: 115721587 Test: m apex.test; m /apex/com.android.example.apex@1 exists Change-Id: I82666db095bd7a09f6c1b9cbea2db57ebc076cbf
2018-10-12 14:49:38 +02:00
var keyFile android.Path
APEXs are signed with apk signer The entire APEX (which is a zip file) is signed with the apk signer. Certificate can be specified via the 'certificate' property just like ordinary apps. Note: multiple additional certificates are not supported. Bug: 115721587 Test: m apex.test Test: jarsigner -verify -verbose -certs .../apex.test.apex shows the certificate info Change-Id: Ia4c898d3427779a3809fdc683b85d7661ca65137
2018-10-30 13:20:05 +01:00
var certificate java.Certificate
APEX can be signed with different keys A new module type 'apex_key' is defined to specify public and private key pair for APEXs. An APEX can refer to the module via the property 'key'. When building the APEX, the private key from the key module is used to sign it. In addition, the public key from the key module is automatically installed to /system/etc/security/apex. Bug: 115721587 Test: m apex.test; m /apex/com.android.example.apex@1 exists Change-Id: I82666db095bd7a09f6c1b9cbea2db57ebc076cbf
2018-10-12 14:49:38 +02:00
Add apex variants Now, APEX-aware modules (the ones implementing android.ApexModule interface) are created with multiple variants for each APEX that they are included. For example, if a module is included (either directly or indirectly - via static linking) to two APEXs, the module is built separately for the two APEXs (and of course separately for platform). This is a first step to limit the symbol visibility to the modules built for APEXs; platform private symbols and libs shouldn't be allowed for them. In addition, the build system now tracks transitive dependencies of the modules in APEXs. For example, if native_shared_lib_modules:["libFoo"] then libFoo and its dependencies are all automatically included to the APEX. Bug: 112672359 Test: m apex.test; the built apex has additional libs (such as liblog, libc++, ...) that are dependencies of the ones specified in Android.bp Change-Id: Id9e3fc486dd4e7e36f8b6799dfb041868c5198d5
2018-10-10 07:01:00 +02:00
ctx.WalkDeps(func(child, parent android.Module) bool {
if _, ok := parent.(*apexBundle); ok {
// direct dependencies
depTag := ctx.OtherModuleDependencyTag(child)
APEX can be signed with different keys A new module type 'apex_key' is defined to specify public and private key pair for APEXs. An APEX can refer to the module via the property 'key'. When building the APEX, the private key from the key module is used to sign it. In addition, the public key from the key module is automatically installed to /system/etc/security/apex. Bug: 115721587 Test: m apex.test; m /apex/com.android.example.apex@1 exists Change-Id: I82666db095bd7a09f6c1b9cbea2db57ebc076cbf
2018-10-12 14:49:38 +02:00
depName := ctx.OtherModuleName(child)
Add apex variants Now, APEX-aware modules (the ones implementing android.ApexModule interface) are created with multiple variants for each APEX that they are included. For example, if a module is included (either directly or indirectly - via static linking) to two APEXs, the module is built separately for the two APEXs (and of course separately for platform). This is a first step to limit the symbol visibility to the modules built for APEXs; platform private symbols and libs shouldn't be allowed for them. In addition, the build system now tracks transitive dependencies of the modules in APEXs. For example, if native_shared_lib_modules:["libFoo"] then libFoo and its dependencies are all automatically included to the APEX. Bug: 112672359 Test: m apex.test; the built apex has additional libs (such as liblog, libc++, ...) that are dependencies of the ones specified in Android.bp Change-Id: Id9e3fc486dd4e7e36f8b6799dfb041868c5198d5
2018-10-10 07:01:00 +02:00
switch depTag {
case sharedLibTag:
if cc, ok := child.(*cc.Module); ok {
fileToCopy, dirInApex := getCopyManifestForNativeLibrary(cc)
copyManifest[fileToCopy] = dirInApex
return true
APEX can be signed with different keys A new module type 'apex_key' is defined to specify public and private key pair for APEXs. An APEX can refer to the module via the property 'key'. When building the APEX, the private key from the key module is used to sign it. In addition, the public key from the key module is automatically installed to /system/etc/security/apex. Bug: 115721587 Test: m apex.test; m /apex/com.android.example.apex@1 exists Change-Id: I82666db095bd7a09f6c1b9cbea2db57ebc076cbf
2018-10-12 14:49:38 +02:00
} else {
ctx.PropertyErrorf("native_shared_libs", "%q is not a cc_library or cc_library_shared module", depName)
Add apex variants Now, APEX-aware modules (the ones implementing android.ApexModule interface) are created with multiple variants for each APEX that they are included. For example, if a module is included (either directly or indirectly - via static linking) to two APEXs, the module is built separately for the two APEXs (and of course separately for platform). This is a first step to limit the symbol visibility to the modules built for APEXs; platform private symbols and libs shouldn't be allowed for them. In addition, the build system now tracks transitive dependencies of the modules in APEXs. For example, if native_shared_lib_modules:["libFoo"] then libFoo and its dependencies are all automatically included to the APEX. Bug: 112672359 Test: m apex.test; the built apex has additional libs (such as liblog, libc++, ...) that are dependencies of the ones specified in Android.bp Change-Id: Id9e3fc486dd4e7e36f8b6799dfb041868c5198d5
2018-10-10 07:01:00 +02:00
}
case executableTag:
if cc, ok := child.(*cc.Module); ok {
fileToCopy, dirInApex := getCopyManifestForExecutable(cc)
copyManifest[fileToCopy] = dirInApex
return true
APEX can be signed with different keys A new module type 'apex_key' is defined to specify public and private key pair for APEXs. An APEX can refer to the module via the property 'key'. When building the APEX, the private key from the key module is used to sign it. In addition, the public key from the key module is automatically installed to /system/etc/security/apex. Bug: 115721587 Test: m apex.test; m /apex/com.android.example.apex@1 exists Change-Id: I82666db095bd7a09f6c1b9cbea2db57ebc076cbf
2018-10-12 14:49:38 +02:00
} else {
ctx.PropertyErrorf("binaries", "%q is not a cc_binary module", depName)
Add apex variants Now, APEX-aware modules (the ones implementing android.ApexModule interface) are created with multiple variants for each APEX that they are included. For example, if a module is included (either directly or indirectly - via static linking) to two APEXs, the module is built separately for the two APEXs (and of course separately for platform). This is a first step to limit the symbol visibility to the modules built for APEXs; platform private symbols and libs shouldn't be allowed for them. In addition, the build system now tracks transitive dependencies of the modules in APEXs. For example, if native_shared_lib_modules:["libFoo"] then libFoo and its dependencies are all automatically included to the APEX. Bug: 112672359 Test: m apex.test; the built apex has additional libs (such as liblog, libc++, ...) that are dependencies of the ones specified in Android.bp Change-Id: Id9e3fc486dd4e7e36f8b6799dfb041868c5198d5
2018-10-10 07:01:00 +02:00
}
case javaLibTag:
if java, ok := child.(*java.Library); ok {
fileToCopy, dirInApex := getCopyManifestForJavaLibrary(java)
copyManifest[fileToCopy] = dirInApex
return true
APEX can be signed with different keys A new module type 'apex_key' is defined to specify public and private key pair for APEXs. An APEX can refer to the module via the property 'key'. When building the APEX, the private key from the key module is used to sign it. In addition, the public key from the key module is automatically installed to /system/etc/security/apex. Bug: 115721587 Test: m apex.test; m /apex/com.android.example.apex@1 exists Change-Id: I82666db095bd7a09f6c1b9cbea2db57ebc076cbf
2018-10-12 14:49:38 +02:00
} else {
ctx.PropertyErrorf("java_libs", "%q is not a java_library module", depName)
Add apex variants Now, APEX-aware modules (the ones implementing android.ApexModule interface) are created with multiple variants for each APEX that they are included. For example, if a module is included (either directly or indirectly - via static linking) to two APEXs, the module is built separately for the two APEXs (and of course separately for platform). This is a first step to limit the symbol visibility to the modules built for APEXs; platform private symbols and libs shouldn't be allowed for them. In addition, the build system now tracks transitive dependencies of the modules in APEXs. For example, if native_shared_lib_modules:["libFoo"] then libFoo and its dependencies are all automatically included to the APEX. Bug: 112672359 Test: m apex.test; the built apex has additional libs (such as liblog, libc++, ...) that are dependencies of the ones specified in Android.bp Change-Id: Id9e3fc486dd4e7e36f8b6799dfb041868c5198d5
2018-10-10 07:01:00 +02:00
}
case prebuiltTag:
if prebuilt, ok := child.(*android.PrebuiltEtc); ok {
fileToCopy, dirInApex := getCopyManifestForPrebuiltEtc(prebuilt)
copyManifest[fileToCopy] = dirInApex
return true
APEX can be signed with different keys A new module type 'apex_key' is defined to specify public and private key pair for APEXs. An APEX can refer to the module via the property 'key'. When building the APEX, the private key from the key module is used to sign it. In addition, the public key from the key module is automatically installed to /system/etc/security/apex. Bug: 115721587 Test: m apex.test; m /apex/com.android.example.apex@1 exists Change-Id: I82666db095bd7a09f6c1b9cbea2db57ebc076cbf
2018-10-12 14:49:38 +02:00
} else {
ctx.PropertyErrorf("prebuilts", "%q is not a prebuilt_etc module", depName)
}
case keyTag:
if key, ok := child.(*apexKey); ok {
keyFile = key.private_key_file
return false
} else {
ctx.PropertyErrorf("key", "%q is not an apex_key module", depName)
Add apex variants Now, APEX-aware modules (the ones implementing android.ApexModule interface) are created with multiple variants for each APEX that they are included. For example, if a module is included (either directly or indirectly - via static linking) to two APEXs, the module is built separately for the two APEXs (and of course separately for platform). This is a first step to limit the symbol visibility to the modules built for APEXs; platform private symbols and libs shouldn't be allowed for them. In addition, the build system now tracks transitive dependencies of the modules in APEXs. For example, if native_shared_lib_modules:["libFoo"] then libFoo and its dependencies are all automatically included to the APEX. Bug: 112672359 Test: m apex.test; the built apex has additional libs (such as liblog, libc++, ...) that are dependencies of the ones specified in Android.bp Change-Id: Id9e3fc486dd4e7e36f8b6799dfb041868c5198d5
2018-10-10 07:01:00 +02:00
}
APEXs are signed with apk signer The entire APEX (which is a zip file) is signed with the apk signer. Certificate can be specified via the 'certificate' property just like ordinary apps. Note: multiple additional certificates are not supported. Bug: 115721587 Test: m apex.test Test: jarsigner -verify -verbose -certs .../apex.test.apex shows the certificate info Change-Id: Ia4c898d3427779a3809fdc683b85d7661ca65137
2018-10-30 13:20:05 +01:00
case certificateTag:
if dep, ok := child.(*java.AndroidAppCertificate); ok {
certificate = dep.Certificate
return false
} else {
ctx.ModuleErrorf("certificate dependency %q must be an android_app_certificate module", depName)
}
Add apex variants Now, APEX-aware modules (the ones implementing android.ApexModule interface) are created with multiple variants for each APEX that they are included. For example, if a module is included (either directly or indirectly - via static linking) to two APEXs, the module is built separately for the two APEXs (and of course separately for platform). This is a first step to limit the symbol visibility to the modules built for APEXs; platform private symbols and libs shouldn't be allowed for them. In addition, the build system now tracks transitive dependencies of the modules in APEXs. For example, if native_shared_lib_modules:["libFoo"] then libFoo and its dependencies are all automatically included to the APEX. Bug: 112672359 Test: m apex.test; the built apex has additional libs (such as liblog, libc++, ...) that are dependencies of the ones specified in Android.bp Change-Id: Id9e3fc486dd4e7e36f8b6799dfb041868c5198d5
2018-10-10 07:01:00 +02:00
}
} else {
// indirect dependencies
if am, ok := child.(android.ApexModule); ok && am.CanHaveApexVariants() && am.IsInstallableToApex() {
if cc, ok := child.(*cc.Module); ok {
fileToCopy, dirInApex := getCopyManifestForNativeLibrary(cc)
copyManifest[fileToCopy] = dirInApex
return true
}
}
}
return false
})
Fail gracefully when apek_key is not found When the private key file can not be obtained, e.g., due to missing git project where the apex_key module is defined, fail gracefully with an error message instead of panicing. Bug: 119256776 Test: modify the key property in /systme/apex/Android.bp to apex.test.key2 and run `ALLOW_MISSING_DEPENDENCIES=true m apex.test` The build fails with error: system/apex/Android.bp:32:8: module "apex.test" variant "android_common_apex.test": key: private_key for "apex.test.key2" could not be found Change-Id: I2cd5fed0f046de1f0b380fbdac5f8b82816b0e24
2018-11-08 21:52:26 +01:00
if keyFile == nil {
ctx.PropertyErrorf("key", "private_key for %q could not be found", String(a.properties.Key))
return
}
APEXs are signed with apk signer The entire APEX (which is a zip file) is signed with the apk signer. Certificate can be specified via the 'certificate' property just like ordinary apps. Note: multiple additional certificates are not supported. Bug: 115721587 Test: m apex.test Test: jarsigner -verify -verbose -certs .../apex.test.apex shows the certificate info Change-Id: Ia4c898d3427779a3809fdc683b85d7661ca65137
2018-10-30 13:20:05 +01:00
cert := String(a.properties.Certificate)
if cert != "" && android.SrcIsModule(cert) == "" {
defaultDir := ctx.Config().DefaultAppCertificateDir(ctx)
certificate = java.Certificate{
defaultDir.Join(ctx, cert+".x509.pem"),
defaultDir.Join(ctx, cert+".pk8"),
}
} else if cert == "" {
pem, key := ctx.Config().DefaultAppCertificate(ctx)
certificate = java.Certificate{pem, key}
}
Add apex variants Now, APEX-aware modules (the ones implementing android.ApexModule interface) are created with multiple variants for each APEX that they are included. For example, if a module is included (either directly or indirectly - via static linking) to two APEXs, the module is built separately for the two APEXs (and of course separately for platform). This is a first step to limit the symbol visibility to the modules built for APEXs; platform private symbols and libs shouldn't be allowed for them. In addition, the build system now tracks transitive dependencies of the modules in APEXs. For example, if native_shared_lib_modules:["libFoo"] then libFoo and its dependencies are all automatically included to the APEX. Bug: 112672359 Test: m apex.test; the built apex has additional libs (such as liblog, libc++, ...) that are dependencies of the ones specified in Android.bp Change-Id: Id9e3fc486dd4e7e36f8b6799dfb041868c5198d5
2018-10-10 07:01:00 +02:00
// files and dirs that will be created in apex
Directories and executables files in an APEX have x bit set Files under /bin and all directories in an APEX now have x (executable) bit set correctly. Bug: 117580281 Test: m apex.test, push it to /data/apex and reboot. adb shell ls -al /apex/com.android.example.apex@1 shows that the directories have x bit set Change-Id: I76e4188d86dc9cdf65e9f8e52be1981e25441a6e
2018-10-11 06:23:09 +02:00
var readOnlyPaths []string
var executablePaths []string // this also includes dirs
Add apex variants Now, APEX-aware modules (the ones implementing android.ApexModule interface) are created with multiple variants for each APEX that they are included. For example, if a module is included (either directly or indirectly - via static linking) to two APEXs, the module is built separately for the two APEXs (and of course separately for platform). This is a first step to limit the symbol visibility to the modules built for APEXs; platform private symbols and libs shouldn't be allowed for them. In addition, the build system now tracks transitive dependencies of the modules in APEXs. For example, if native_shared_lib_modules:["libFoo"] then libFoo and its dependencies are all automatically included to the APEX. Bug: 112672359 Test: m apex.test; the built apex has additional libs (such as liblog, libc++, ...) that are dependencies of the ones specified in Android.bp Change-Id: Id9e3fc486dd4e7e36f8b6799dfb041868c5198d5
2018-10-10 07:01:00 +02:00
for fileToCopy, dirInApex := range copyManifest {
pathInApex := filepath.Join(dirInApex, fileToCopy.Base())
Directories and executables files in an APEX have x bit set Files under /bin and all directories in an APEX now have x (executable) bit set correctly. Bug: 117580281 Test: m apex.test, push it to /data/apex and reboot. adb shell ls -al /apex/com.android.example.apex@1 shows that the directories have x bit set Change-Id: I76e4188d86dc9cdf65e9f8e52be1981e25441a6e
2018-10-11 06:23:09 +02:00
if dirInApex == "bin" {
executablePaths = append(executablePaths, pathInApex)
} else {
readOnlyPaths = append(readOnlyPaths, pathInApex)
}
if !android.InList(dirInApex, executablePaths) {
executablePaths = append(executablePaths, dirInApex)
Add apex variants Now, APEX-aware modules (the ones implementing android.ApexModule interface) are created with multiple variants for each APEX that they are included. For example, if a module is included (either directly or indirectly - via static linking) to two APEXs, the module is built separately for the two APEXs (and of course separately for platform). This is a first step to limit the symbol visibility to the modules built for APEXs; platform private symbols and libs shouldn't be allowed for them. In addition, the build system now tracks transitive dependencies of the modules in APEXs. For example, if native_shared_lib_modules:["libFoo"] then libFoo and its dependencies are all automatically included to the APEX. Bug: 112672359 Test: m apex.test; the built apex has additional libs (such as liblog, libc++, ...) that are dependencies of the ones specified in Android.bp Change-Id: Id9e3fc486dd4e7e36f8b6799dfb041868c5198d5
2018-10-10 07:01:00 +02:00
}
}
Directories and executables files in an APEX have x bit set Files under /bin and all directories in an APEX now have x (executable) bit set correctly. Bug: 117580281 Test: m apex.test, push it to /data/apex and reboot. adb shell ls -al /apex/com.android.example.apex@1 shows that the directories have x bit set Change-Id: I76e4188d86dc9cdf65e9f8e52be1981e25441a6e
2018-10-11 06:23:09 +02:00
sort.Strings(readOnlyPaths)
sort.Strings(executablePaths)
Add apex variants Now, APEX-aware modules (the ones implementing android.ApexModule interface) are created with multiple variants for each APEX that they are included. For example, if a module is included (either directly or indirectly - via static linking) to two APEXs, the module is built separately for the two APEXs (and of course separately for platform). This is a first step to limit the symbol visibility to the modules built for APEXs; platform private symbols and libs shouldn't be allowed for them. In addition, the build system now tracks transitive dependencies of the modules in APEXs. For example, if native_shared_lib_modules:["libFoo"] then libFoo and its dependencies are all automatically included to the APEX. Bug: 112672359 Test: m apex.test; the built apex has additional libs (such as liblog, libc++, ...) that are dependencies of the ones specified in Android.bp Change-Id: Id9e3fc486dd4e7e36f8b6799dfb041868c5198d5
2018-10-10 07:01:00 +02:00
cannedFsConfig := android.PathForModuleOut(ctx, "canned_fs_config")
ctx.ModuleBuild(pctx, android.ModuleBuildParams{
Rule: generateFsConfig,
Output: cannedFsConfig,
Args: map[string]string{
Directories and executables files in an APEX have x bit set Files under /bin and all directories in an APEX now have x (executable) bit set correctly. Bug: 117580281 Test: m apex.test, push it to /data/apex and reboot. adb shell ls -al /apex/com.android.example.apex@1 shows that the directories have x bit set Change-Id: I76e4188d86dc9cdf65e9f8e52be1981e25441a6e
2018-10-11 06:23:09 +02:00
"ro_paths": strings.Join(readOnlyPaths, " "),
"exec_paths": strings.Join(executablePaths, " "),
Add apex variants Now, APEX-aware modules (the ones implementing android.ApexModule interface) are created with multiple variants for each APEX that they are included. For example, if a module is included (either directly or indirectly - via static linking) to two APEXs, the module is built separately for the two APEXs (and of course separately for platform). This is a first step to limit the symbol visibility to the modules built for APEXs; platform private symbols and libs shouldn't be allowed for them. In addition, the build system now tracks transitive dependencies of the modules in APEXs. For example, if native_shared_lib_modules:["libFoo"] then libFoo and its dependencies are all automatically included to the APEX. Bug: 112672359 Test: m apex.test; the built apex has additional libs (such as liblog, libc++, ...) that are dependencies of the ones specified in Android.bp Change-Id: Id9e3fc486dd4e7e36f8b6799dfb041868c5198d5
2018-10-10 07:01:00 +02:00
},
})
manifest := android.PathForModuleSrc(ctx, proptools.StringDefault(a.properties.Manifest, "manifest.json"))
Move file_contexts file for APEXes to under /system/sepolicy For centralized development of sepolices, file_contexts files for APEXes are all moved to under /system/seplicy. The meaning of the existing file_contexts has been changed; when it is set to <value>, then /system/sepolicy/apex/<value>_file_contexts is used. When unset, it defaults to the name of the module. The property is not removed in order to support creating multiple versions of the same apex (for testing purpose) built with same file_contexts file. Bug: 119034475 Test: m apex.test com.android.tzdata com.android.runtime Change-Id: I7d14a9e37baea9ab78d9e15e1164cce54d256f56
2018-11-09 22:37:15 +01:00
fcName := proptools.StringDefault(a.properties.File_contexts, a.ModuleBase.Name())
fileContextsPath := "system/sepolicy/apex/" + fcName + "_file_contexts"
fileContextsOptionalPath := android.ExistentPathForSource(ctx, fileContextsPath)
if !fileContextsOptionalPath.Valid() {
ctx.ModuleErrorf("Cannot find file_contexts file: %q", fileContextsPath)
return
}
fileContexts := fileContextsOptionalPath.Path()
Add apex variants Now, APEX-aware modules (the ones implementing android.ApexModule interface) are created with multiple variants for each APEX that they are included. For example, if a module is included (either directly or indirectly - via static linking) to two APEXs, the module is built separately for the two APEXs (and of course separately for platform). This is a first step to limit the symbol visibility to the modules built for APEXs; platform private symbols and libs shouldn't be allowed for them. In addition, the build system now tracks transitive dependencies of the modules in APEXs. For example, if native_shared_lib_modules:["libFoo"] then libFoo and its dependencies are all automatically included to the APEX. Bug: 112672359 Test: m apex.test; the built apex has additional libs (such as liblog, libc++, ...) that are dependencies of the ones specified in Android.bp Change-Id: Id9e3fc486dd4e7e36f8b6799dfb041868c5198d5
2018-10-10 07:01:00 +02:00
APEXs are signed with apk signer The entire APEX (which is a zip file) is signed with the apk signer. Certificate can be specified via the 'certificate' property just like ordinary apps. Note: multiple additional certificates are not supported. Bug: 115721587 Test: m apex.test Test: jarsigner -verify -verbose -certs .../apex.test.apex shows the certificate info Change-Id: Ia4c898d3427779a3809fdc683b85d7661ca65137
2018-10-30 13:20:05 +01:00
unsignedOutputFile := android.PathForModuleOut(ctx, a.ModuleBase.Name()+apexSuffix+".unsigned")
Add apex variants Now, APEX-aware modules (the ones implementing android.ApexModule interface) are created with multiple variants for each APEX that they are included. For example, if a module is included (either directly or indirectly - via static linking) to two APEXs, the module is built separately for the two APEXs (and of course separately for platform). This is a first step to limit the symbol visibility to the modules built for APEXs; platform private symbols and libs shouldn't be allowed for them. In addition, the build system now tracks transitive dependencies of the modules in APEXs. For example, if native_shared_lib_modules:["libFoo"] then libFoo and its dependencies are all automatically included to the APEX. Bug: 112672359 Test: m apex.test; the built apex has additional libs (such as liblog, libc++, ...) that are dependencies of the ones specified in Android.bp Change-Id: Id9e3fc486dd4e7e36f8b6799dfb041868c5198d5
2018-10-10 07:01:00 +02:00
Make APEX build rules consistent Don't directly iterate over the copyManifest map to generate the copy commands. Iterating over a map in golang isn't guaranteed to give consistent order. This causes the apex build rules to be executed even when there is no source file change. Fix the issue by creating a sorted list of the key and then iterate over the list. Bug: 117453592 Test: m apex.test; m.apex.test nothing is built during the second build Change-Id: I329a91ec0b6a34cbe745bf9a9ceb0843b63c200c
2018-10-10 07:05:29 +02:00
filesToCopy := []android.Path{}
Add apex variants Now, APEX-aware modules (the ones implementing android.ApexModule interface) are created with multiple variants for each APEX that they are included. For example, if a module is included (either directly or indirectly - via static linking) to two APEXs, the module is built separately for the two APEXs (and of course separately for platform). This is a first step to limit the symbol visibility to the modules built for APEXs; platform private symbols and libs shouldn't be allowed for them. In addition, the build system now tracks transitive dependencies of the modules in APEXs. For example, if native_shared_lib_modules:["libFoo"] then libFoo and its dependencies are all automatically included to the APEX. Bug: 112672359 Test: m apex.test; the built apex has additional libs (such as liblog, libc++, ...) that are dependencies of the ones specified in Android.bp Change-Id: Id9e3fc486dd4e7e36f8b6799dfb041868c5198d5
2018-10-10 07:01:00 +02:00
for file := range copyManifest {
Make APEX build rules consistent Don't directly iterate over the copyManifest map to generate the copy commands. Iterating over a map in golang isn't guaranteed to give consistent order. This causes the apex build rules to be executed even when there is no source file change. Fix the issue by creating a sorted list of the key and then iterate over the list. Bug: 117453592 Test: m apex.test; m.apex.test nothing is built during the second build Change-Id: I329a91ec0b6a34cbe745bf9a9ceb0843b63c200c
2018-10-10 07:05:29 +02:00
filesToCopy = append(filesToCopy, file)
Add apex variants Now, APEX-aware modules (the ones implementing android.ApexModule interface) are created with multiple variants for each APEX that they are included. For example, if a module is included (either directly or indirectly - via static linking) to two APEXs, the module is built separately for the two APEXs (and of course separately for platform). This is a first step to limit the symbol visibility to the modules built for APEXs; platform private symbols and libs shouldn't be allowed for them. In addition, the build system now tracks transitive dependencies of the modules in APEXs. For example, if native_shared_lib_modules:["libFoo"] then libFoo and its dependencies are all automatically included to the APEX. Bug: 112672359 Test: m apex.test; the built apex has additional libs (such as liblog, libc++, ...) that are dependencies of the ones specified in Android.bp Change-Id: Id9e3fc486dd4e7e36f8b6799dfb041868c5198d5
2018-10-10 07:01:00 +02:00
}
Make APEX build rules consistent Don't directly iterate over the copyManifest map to generate the copy commands. Iterating over a map in golang isn't guaranteed to give consistent order. This causes the apex build rules to be executed even when there is no source file change. Fix the issue by creating a sorted list of the key and then iterate over the list. Bug: 117453592 Test: m apex.test; m.apex.test nothing is built during the second build Change-Id: I329a91ec0b6a34cbe745bf9a9ceb0843b63c200c
2018-10-10 07:05:29 +02:00
sort.Slice(filesToCopy, func(i, j int) bool {
return filesToCopy[i].String() < filesToCopy[j].String()
})
Add apex variants Now, APEX-aware modules (the ones implementing android.ApexModule interface) are created with multiple variants for each APEX that they are included. For example, if a module is included (either directly or indirectly - via static linking) to two APEXs, the module is built separately for the two APEXs (and of course separately for platform). This is a first step to limit the symbol visibility to the modules built for APEXs; platform private symbols and libs shouldn't be allowed for them. In addition, the build system now tracks transitive dependencies of the modules in APEXs. For example, if native_shared_lib_modules:["libFoo"] then libFoo and its dependencies are all automatically included to the APEX. Bug: 112672359 Test: m apex.test; the built apex has additional libs (such as liblog, libc++, ...) that are dependencies of the ones specified in Android.bp Change-Id: Id9e3fc486dd4e7e36f8b6799dfb041868c5198d5
2018-10-10 07:01:00 +02:00
copyCommands := []string{}
Make APEX build rules consistent Don't directly iterate over the copyManifest map to generate the copy commands. Iterating over a map in golang isn't guaranteed to give consistent order. This causes the apex build rules to be executed even when there is no source file change. Fix the issue by creating a sorted list of the key and then iterate over the list. Bug: 117453592 Test: m apex.test; m.apex.test nothing is built during the second build Change-Id: I329a91ec0b6a34cbe745bf9a9ceb0843b63c200c
2018-10-10 07:05:29 +02:00
for _, src := range filesToCopy {
dest := filepath.Join(copyManifest[src], src.Base())
Add apex variants Now, APEX-aware modules (the ones implementing android.ApexModule interface) are created with multiple variants for each APEX that they are included. For example, if a module is included (either directly or indirectly - via static linking) to two APEXs, the module is built separately for the two APEXs (and of course separately for platform). This is a first step to limit the symbol visibility to the modules built for APEXs; platform private symbols and libs shouldn't be allowed for them. In addition, the build system now tracks transitive dependencies of the modules in APEXs. For example, if native_shared_lib_modules:["libFoo"] then libFoo and its dependencies are all automatically included to the APEX. Bug: 112672359 Test: m apex.test; the built apex has additional libs (such as liblog, libc++, ...) that are dependencies of the ones specified in Android.bp Change-Id: Id9e3fc486dd4e7e36f8b6799dfb041868c5198d5
2018-10-10 07:01:00 +02:00
dest_path := filepath.Join(android.PathForModuleOut(ctx, "image").String(), dest)
copyCommands = append(copyCommands, "mkdir -p "+filepath.Dir(dest_path))
copyCommands = append(copyCommands, "cp "+src.String()+" "+dest_path)
}
Make APEX build rules consistent Don't directly iterate over the copyManifest map to generate the copy commands. Iterating over a map in golang isn't guaranteed to give consistent order. This causes the apex build rules to be executed even when there is no source file change. Fix the issue by creating a sorted list of the key and then iterate over the list. Bug: 117453592 Test: m apex.test; m.apex.test nothing is built during the second build Change-Id: I329a91ec0b6a34cbe745bf9a9ceb0843b63c200c
2018-10-10 07:05:29 +02:00
implicitInputs := append(android.Paths(nil), filesToCopy...)
APEX can be signed with different keys A new module type 'apex_key' is defined to specify public and private key pair for APEXs. An APEX can refer to the module via the property 'key'. When building the APEX, the private key from the key module is used to sign it. In addition, the public key from the key module is automatically installed to /system/etc/security/apex. Bug: 115721587 Test: m apex.test; m /apex/com.android.example.apex@1 exists Change-Id: I82666db095bd7a09f6c1b9cbea2db57ebc076cbf
2018-10-12 14:49:38 +02:00
implicitInputs = append(implicitInputs, cannedFsConfig, manifest, fileContexts, keyFile)
Add apex variants Now, APEX-aware modules (the ones implementing android.ApexModule interface) are created with multiple variants for each APEX that they are included. For example, if a module is included (either directly or indirectly - via static linking) to two APEXs, the module is built separately for the two APEXs (and of course separately for platform). This is a first step to limit the symbol visibility to the modules built for APEXs; platform private symbols and libs shouldn't be allowed for them. In addition, the build system now tracks transitive dependencies of the modules in APEXs. For example, if native_shared_lib_modules:["libFoo"] then libFoo and its dependencies are all automatically included to the APEX. Bug: 112672359 Test: m apex.test; the built apex has additional libs (such as liblog, libc++, ...) that are dependencies of the ones specified in Android.bp Change-Id: Id9e3fc486dd4e7e36f8b6799dfb041868c5198d5
2018-10-10 07:01:00 +02:00
outHostBinDir := android.PathForOutput(ctx, "host", ctx.Config().PrebuiltOS(), "bin").String()
prebuiltSdkToolsBinDir := filepath.Join("prebuilts", "sdk", "tools", runtime.GOOS, "bin")
ctx.ModuleBuild(pctx, android.ModuleBuildParams{
Rule: apexRule,
Implicits: implicitInputs,
APEXs are signed with apk signer The entire APEX (which is a zip file) is signed with the apk signer. Certificate can be specified via the 'certificate' property just like ordinary apps. Note: multiple additional certificates are not supported. Bug: 115721587 Test: m apex.test Test: jarsigner -verify -verbose -certs .../apex.test.apex shows the certificate info Change-Id: Ia4c898d3427779a3809fdc683b85d7661ca65137
2018-10-30 13:20:05 +01:00
Output: unsignedOutputFile,
Add apex variants Now, APEX-aware modules (the ones implementing android.ApexModule interface) are created with multiple variants for each APEX that they are included. For example, if a module is included (either directly or indirectly - via static linking) to two APEXs, the module is built separately for the two APEXs (and of course separately for platform). This is a first step to limit the symbol visibility to the modules built for APEXs; platform private symbols and libs shouldn't be allowed for them. In addition, the build system now tracks transitive dependencies of the modules in APEXs. For example, if native_shared_lib_modules:["libFoo"] then libFoo and its dependencies are all automatically included to the APEX. Bug: 112672359 Test: m apex.test; the built apex has additional libs (such as liblog, libc++, ...) that are dependencies of the ones specified in Android.bp Change-Id: Id9e3fc486dd4e7e36f8b6799dfb041868c5198d5
2018-10-10 07:01:00 +02:00
Args: map[string]string{
"tool_path": outHostBinDir + ":" + prebuiltSdkToolsBinDir,
"image_dir": android.PathForModuleOut(ctx, "image").String(),
"copy_commands": strings.Join(copyCommands, " && "),
"manifest": manifest.String(),
"file_contexts": fileContexts.String(),
"canned_fs_config": cannedFsConfig.String(),
APEX can be signed with different keys A new module type 'apex_key' is defined to specify public and private key pair for APEXs. An APEX can refer to the module via the property 'key'. When building the APEX, the private key from the key module is used to sign it. In addition, the public key from the key module is automatically installed to /system/etc/security/apex. Bug: 115721587 Test: m apex.test; m /apex/com.android.example.apex@1 exists Change-Id: I82666db095bd7a09f6c1b9cbea2db57ebc076cbf
2018-10-12 14:49:38 +02:00
"key": keyFile.String(),
Add apex variants Now, APEX-aware modules (the ones implementing android.ApexModule interface) are created with multiple variants for each APEX that they are included. For example, if a module is included (either directly or indirectly - via static linking) to two APEXs, the module is built separately for the two APEXs (and of course separately for platform). This is a first step to limit the symbol visibility to the modules built for APEXs; platform private symbols and libs shouldn't be allowed for them. In addition, the build system now tracks transitive dependencies of the modules in APEXs. For example, if native_shared_lib_modules:["libFoo"] then libFoo and its dependencies are all automatically included to the APEX. Bug: 112672359 Test: m apex.test; the built apex has additional libs (such as liblog, libc++, ...) that are dependencies of the ones specified in Android.bp Change-Id: Id9e3fc486dd4e7e36f8b6799dfb041868c5198d5
2018-10-10 07:01:00 +02:00
},
})
APEXs are signed with apk signer The entire APEX (which is a zip file) is signed with the apk signer. Certificate can be specified via the 'certificate' property just like ordinary apps. Note: multiple additional certificates are not supported. Bug: 115721587 Test: m apex.test Test: jarsigner -verify -verbose -certs .../apex.test.apex shows the certificate info Change-Id: Ia4c898d3427779a3809fdc683b85d7661ca65137
2018-10-30 13:20:05 +01:00
a.outputFile = android.PathForModuleOut(ctx, a.ModuleBase.Name()+apexSuffix)
ctx.Build(pctx, android.BuildParams{
Rule: java.Signapk,
Description: "signapk",
Output: a.outputFile,
Input: unsignedOutputFile,
Args: map[string]string{
"certificates": strings.Join([]string{certificate.Pem.String(), certificate.Key.String()}, " "),
},
})
Add apex variants Now, APEX-aware modules (the ones implementing android.ApexModule interface) are created with multiple variants for each APEX that they are included. For example, if a module is included (either directly or indirectly - via static linking) to two APEXs, the module is built separately for the two APEXs (and of course separately for platform). This is a first step to limit the symbol visibility to the modules built for APEXs; platform private symbols and libs shouldn't be allowed for them. In addition, the build system now tracks transitive dependencies of the modules in APEXs. For example, if native_shared_lib_modules:["libFoo"] then libFoo and its dependencies are all automatically included to the APEX. Bug: 112672359 Test: m apex.test; the built apex has additional libs (such as liblog, libc++, ...) that are dependencies of the ones specified in Android.bp Change-Id: Id9e3fc486dd4e7e36f8b6799dfb041868c5198d5
2018-10-10 07:01:00 +02:00
a.installDir = android.PathForModuleInstall(ctx, "apex")
}
func (a *apexBundle) AndroidMk() android.AndroidMkData {
return android.AndroidMkData{
Custom: func(w io.Writer, name, prefix, moduleDir string, data android.AndroidMkData) {
fmt.Fprintln(w, "\ninclude $(CLEAR_VARS)")
fmt.Fprintln(w, "LOCAL_PATH :=", moduleDir)
fmt.Fprintln(w, "LOCAL_MODULE :=", name)
fmt.Fprintln(w, "LOCAL_MODULE_CLASS := ETC") // do we need a new class?
fmt.Fprintln(w, "LOCAL_PREBUILT_MODULE_FILE :=", a.outputFile.String())
fmt.Fprintln(w, "LOCAL_MODULE_PATH :=", filepath.Join("$(OUT_DIR)", a.installDir.RelPathString()))
fmt.Fprintln(w, "LOCAL_INSTALLED_MODULE_STEM :=", name+apexSuffix)
APEX can be signed with different keys A new module type 'apex_key' is defined to specify public and private key pair for APEXs. An APEX can refer to the module via the property 'key'. When building the APEX, the private key from the key module is used to sign it. In addition, the public key from the key module is automatically installed to /system/etc/security/apex. Bug: 115721587 Test: m apex.test; m /apex/com.android.example.apex@1 exists Change-Id: I82666db095bd7a09f6c1b9cbea2db57ebc076cbf
2018-10-12 14:49:38 +02:00
fmt.Fprintln(w, "LOCAL_REQUIRED_MODULES :=", String(a.properties.Key))
Add apex variants Now, APEX-aware modules (the ones implementing android.ApexModule interface) are created with multiple variants for each APEX that they are included. For example, if a module is included (either directly or indirectly - via static linking) to two APEXs, the module is built separately for the two APEXs (and of course separately for platform). This is a first step to limit the symbol visibility to the modules built for APEXs; platform private symbols and libs shouldn't be allowed for them. In addition, the build system now tracks transitive dependencies of the modules in APEXs. For example, if native_shared_lib_modules:["libFoo"] then libFoo and its dependencies are all automatically included to the APEX. Bug: 112672359 Test: m apex.test; the built apex has additional libs (such as liblog, libc++, ...) that are dependencies of the ones specified in Android.bp Change-Id: Id9e3fc486dd4e7e36f8b6799dfb041868c5198d5
2018-10-10 07:01:00 +02:00
fmt.Fprintln(w, "include $(BUILD_PREBUILT)")
}}
}
func apexBundleFactory() android.Module {
module := &apexBundle{}
module.AddProperties(&module.properties)
binaries and native_shared_libraires are multilib-aware props The properties 'binaries' and 'native_shared_libraries' can be multilib-aware, i.e, can be under multilib.type where type can be either first, both, lib32, lib64, or prefer32. Native modules listed in multilib.first are installed only for the first ABI of the device. Similarily, multilib.both are for both of the ABIs, while multilib.lib32 and multilib.lib64 are 32 and 64-bit ABI only, respectively. multilib.prefer32 is for 32-bit only when 32-bit ABI is available. Another change is that the binaries property, when not within multilib, targets only the first ABI. Test: m apex.test on ... 1) aosp_arm64 without TARGET_PREFER_32_BIT_EXECUTABLES=true 2) aosp_arm64 with TARGET_PREFER_32_BIT_EXECUTABLES=true 3) aosp_arm in all cases, vold, surfaceflinger and drmserver are all intalled under ./bin directory of the APEX. And native libraries are installed under both ./lib and ./lib64 directories in the case of 1) and 2). Change-Id: Idd7f8526a61bceca89d43c0c69ccedb471b67d31
2018-10-24 14:09:55 +02:00
module.Prefer32(func(ctx android.BaseModuleContext, base *android.ModuleBase,
class android.OsClass) bool {
return class == android.Device && ctx.Config().DevicePrefer32BitExecutables()
})
Add apex variants Now, APEX-aware modules (the ones implementing android.ApexModule interface) are created with multiple variants for each APEX that they are included. For example, if a module is included (either directly or indirectly - via static linking) to two APEXs, the module is built separately for the two APEXs (and of course separately for platform). This is a first step to limit the symbol visibility to the modules built for APEXs; platform private symbols and libs shouldn't be allowed for them. In addition, the build system now tracks transitive dependencies of the modules in APEXs. For example, if native_shared_lib_modules:["libFoo"] then libFoo and its dependencies are all automatically included to the APEX. Bug: 112672359 Test: m apex.test; the built apex has additional libs (such as liblog, libc++, ...) that are dependencies of the ones specified in Android.bp Change-Id: Id9e3fc486dd4e7e36f8b6799dfb041868c5198d5
2018-10-10 07:01:00 +02:00
android.InitAndroidMultiTargetsArchModule(module, android.DeviceSupported, android.MultilibCommon)
android.InitDefaultableModule(module)
return module
}
Reference in a new issue Copy permalink