The debug ramdisk can only be used if the device is unlocked.
When it's used, init will load adb_debug.prop and the userdebug
sepolicy from the debug ramdisk, to allow adb root on a user build.
Bug: 126493225
Test: 'make' and checks the file is installed
Change-Id: Id6962414197fc8f47f7c07818e8fb16107dc17a3
In previous implementation, userdebug sepoilcy and property files are
loaded from the system.img. This CL changes this to:
- first-stage init copies userdebug files from ramdisk to /debug_ramisk/*
- second-stage init loads files from /debug_ramdisk/*.
Note: same as before, the above can only be triggered, if the device
is UNLOCKED
With this, we don't have to put userdebug related files into the USER
system.img.
Bug: 126493225
Test: boot device with a ramdisk with /force_debuggable, checks related
files are loaded
Change-Id: I63f5f846e82ba78427062bf7615c26173878d8f3
/sbin was traditionally used for static binaries on the ramdisk for
Android, but now everything is a shared binary, so this directory is
empty and we do not want to encourage creation of new libraries in
this directory.
Bug: 73660730
Test: build
Change-Id: I0d0aa052e1eaf529d18921c45169473df0ee51ff
This CL adds three GSI keys, to allow booting a GSI with AVB
to enable dm-verity.
https://android.googlesource.com/platform/external/avb/
The keys for R and S GSI is to allow a device boots a new
version of GSI in a Treble-compatible manner.
For more information about GSI, please visit:
https://source.android.com/setup/build/gsi
Bug: 112293933
Test: m q-gsi.avbpubkey r-gsi.avbpubkey s-gsi.avbpubkey
Change-Id: I4439e44fbd5da3240d7f6c7987f66445ec4590c5
This gives us two benefits:
- Better compatibility to keyctl(1), which doesn't have "dadd"
- Pave the way to specify key's security labels, since keyctl(1)
doesn't support, and we want to avoid adding incompatible option.
Test: See keys loaded in /proc/keys
Bug: 128607724
Change-Id: Ia45f6e9dea80d037c0820cf1fd2bc9d7c8bb6302
Observe some best practices in the APEX symlink
shell commands. No functional changes intended except with error
handling.
Bug: 128687472
Bug: 124106384
Bug: 122985829
Bug: 128249030
Test: make installclean / make droid / inspect one symlink
Change-Id: I099fed5ac8f25cc3911ce0e7ea2b9f74c2172193
The existing location of logic for creating symlinks to files that have
moved into APEX does not get executed for -user builds, only
-userdebug and -eng. The new location is equally arbitrary but appears
to be invoked for -user, -userdebug and -eng targets.
Tested with:
make cleaninstall && lunch taimen-[user|userdebug|eng] && make droid
Inspected:
ls -l out/target/product/taimen/system/usr/icu
Bug: 128249030
Bug: 122985829
Bug: 124106384
Test: see above
Merged-In: I92a52d0b5ef97e8cb4f780691f8594e40f2fa6b3
Change-Id: I92a52d0b5ef97e8cb4f780691f8594e40f2fa6b3
(cherry picked from commit 0ed52b789d)
They are installed to /system/etc, not /. Hence, move
out of rootdir/ and move into the code that parse these
files (i.e. libprocessgroup).
Also, Android.mk->bp.
Test: builds
Change-Id: I1763c26f81ae51ee159552e39d252fd643c35b94
In recovery mode a separate set of cgroups should be mounted. Add a
cgroups.recovery.json file to describe cgroups mounted during recovery.
Change cgroups descriptor parset to allow cgroups and cgroups2 sections
to be omitted.
Bug: 124270406
Test: "adb reboot sideload; adb devices" shows 'sideload' as expected
Change-Id: Ic32bd2b4612ec8390064f87d4655d1bd1183d741
Signed-off-by: Suren Baghdasaryan <surenb@google.com>
This is a precaution in case there are dependencies on the binaries in the
old location. b/124106384 tracks eliminating them (if any).
Test: Flash and check symlinks are there with adb shell ls -l system/bin
Test: adb shell system/bin/<binary>
Bug: 113373927
Bug: 124106384
Change-Id: Ib4102fe55117611f68184102e68a10ea47de0065
Add cgroups.json and task_profiles.json file to be places under /etc/ on
the device to describe cgroups to be mounted and task profiles that
processes can request. This adds additional layer of abstraction between
what a process wants to achieve and how system implements that request.
Bug: 111307099
test: builds, boots
Change-Id: If92f011230ef5d24750e184bad776f30ba226f86
Merged-In: If92f011230ef5d24750e184bad776f30ba226f86
Signed-off-by: Suren Baghdasaryan <surenb@google.com>
Move APEX symlink creation to alternative module, one that
is targeted at /system not /. Also added comments to reflect
the tenuous connection between the module chosen and the
symlink creation.
Tested with:
rm -rf out/target/product/taimen/system \
&& make droid \
&& ls -l out/target/product/taimen/system/usr
Test: See above
Bug: 122985829
Bug: 123333111
Change-Id: I841dd42827ac2e082505ebf039f40fd394514e54
The ICU .dat file was moved into the runtime APEX file
in commit b6d855f081c232309961f31c7c7c8a76abf79c3c.
There are some apps that know the old location and its
absence causes them to fail.
This change adds a symlink from the old directory to
the new directory. The ICU .dat file changes its name
with every ICU major release so this is simpler than
linking the file itself.
Bug: 119293618
Bug: 120853401
Bug: 122985829
Test: make droid / inspect output
Test: Confirm broken app works on an internal master build
Change-Id: I452dcb5e52975011c9ebd3db2caa621bbefedaf3
Regardless of VNDK version, use template ld.config.txt instead of
using prebuilt ld.config.txt.
Bug: 74658756
Bug: 123209911
Test: PRODUCT_EXTRA_VNDK_VERSIONS=27 m -j vndk_snapshot_package
Change-Id: I0eb527b71e56c555079c524542508a093bf53111
It's replaced with entries in PRODUCT_PACKAGES_DEBUG in
build/make/target/product/base_system.mk
Test: treehugger
Change-Id: I4dc69c34ddc2c494fc74bc4afee6efa240c9b0d3
A symlink for TARGET_ROOT_OUT as a post install command of a package
that is also installed to TARGET_ROOT_OUT. We hijack init.rc which
satisfies this requirement for this symlink.
Bug: 120402274
Bug: 120460755
Bug: 120509320
Bug: 120554662
Test: symlink is created
Test: make bootimage && ls -la $OUT/root/init
Change-Id: I6f1ac06ef152c36d7d7db4618d49a008338da39b
Since the build system move to kati/ninja, build command is an
implicit dependency of a target. This makes the bcp_dep / bcp_md5
thing obsolete.
Test: make
Change-Id: I4ce9ebdabfc72b188e49f12888054d63b3cda64d
APEX filesystem images will now be mounted in /apex.
Also, make sure /data/apex is created with the right ACL.
Bug: 112455435
Test: flash and wipe, /apex is mounted as tmpfs, /data/apex is created
Change-Id: Ie27775e9f40a27b510272f212762624a04e94f1d
This reverts commit bd2b0c78a1.
Reason for revert:
Solved the build error on mac_sdk build by using python2
Bug: 112738739
Bug: 111417344
Test: make ld.config.txt
Change-Id: Ic5a3ed2e6b091813c0310f859b7d20935514a7c6
This reverts commit 15bac6bdaf.
Reason for revert:
This caused build errors in mac_sdk build.
Seems that our mac builders do not have python3.
env: python3: No such file or directory
Bug: 112738739
Bug: 111417344
Test: presubmit
Change-Id: I9796f2e9a54a66fc7a4e1c780c8c272b98ed437f
The ld.config.txt file is a template to be used for current build as
well as for the VNDK snapshots for old vendor partitions.
To work with the old Android vendor partitions, the ld.config.txt
template must be backward compatible.
This script checks if the current ld.config.txt template modifies or
deletes the vendor directores in every section. If the change is
detected, it will report a build error.
Bug: 112738739
Bug: 111417344
Test: make ld.config.txt
Change-Id: I1211696d6a00a37d531d40c894f1d7e64b210ae5
Attempting to reduce the number of different spellings we have for
"product services" partition in the codebase.
Bug: 112431447
Test: m
Change-Id: I1a87d7e040a8b1f91f973ac7d90d6360b5b54f71
Merged-In: I1a87d7e040a8b1f91f973ac7d90d6360b5b54f71
Bug: 112780007
Test: Build with other changes in the topic (aosp_taimen-userdebug).
Test: Boot into recovery. Verify basic functionalities (`adb shell` and
`adb sideload`, factory reset).
Change-Id: I8686bbc68c9c8a1570289ecd21bcfcb551d1700c
This allows the target, ld.config.$VER.txt, to be defined for all
$VERs for which a VNDK snapshot exists under /prebuilts/vndk/v$VER.
With this fix,
1) supported_vndk_snaphsot_versions do not need to
be manually updated everytime a new VNDK snapshot is added and,
2) ld.config.$VER.txt will not be ill-defined in a tree that does
not have the required dependency files under /prebuilts/vndk/v$VER.
Test: m -j ld.config.28.txt
Bug: 74658756
Merged-In: Idb056c21412d4cb7c7a7cb3c247b1d82a4a759ff
Change-Id: Idb056c21412d4cb7c7a7cb3c247b1d82a4a759ff
(cherry picked from commit baeaaf9429)
Until now, the ld.config.$VER.txt for $VER older than
PLATFORM_VNDK_VERSION was installed from a prebuilt stored under
/prebuilts/vndk/v$VER. At runtime, the VNDK version needed by the
vendor partition (ro.vndk.version) determines which
ld.config.$VER.txt is loaded and this configuration is used for
both system and vendor processes. In a system-only-upgrade
scenario, where the system partition is a newer Android version
than the vendor partition, this is a problem because the prebuilt
linker config file will not reflect the most recent
system partition related changes made in the newer Android
version.
To fix this problem, this change builds ld.config.$VER.txt for
older VNDK versions from the source tree by getting the lists of
VNDK libraries from the /prebuilts/vndk/v{VER} directory.
Test: m -j ld.config.txt ld.config.28.txt ld.config.vndk_lite.txt
Bug: 74658756
Merged-In: I1fa2469fc0bce2f2aab507104cd9717b6112d738
Change-Id: I1fa2469fc0bce2f2aab507104cd9717b6112d738
(cherry picked from commit c30e0709bb)
This is the name used by envsetup.sh.
Test: `m init.environ.rc` and see directory
$OUT/root/product-services and see symlink $OUT/system/product-services
Change-Id: Ie615b6d76e2c60e6472900c33d9a87cfe99c4064
This CL is largely and adaptation of
Ie996def20e25dc1afe0c74af2096af844934b2dc
Bug: 80741439
Test: Successfully built product-services.img with one module in it, and
flashed on device. Also successfully built image with
/system/product-services and no dedicated /product-services partition.
Change-Id: I1046dfe19bf874da929c9131b76a1f85422fbb80
Merged-In: I1046dfe19bf874da929c9131b76a1f85422fbb80
This CL is largely and adaptation of
Ie996def20e25dc1afe0c74af2096af844934b2dc
Bug: 80741439
Test: Successfully built product-services.img with one module in it, and
flashed on device. Also successfully built image with
/system/product-services and no dedicated /product-services partition.
Change-Id: I1046dfe19bf874da929c9131b76a1f85422fbb80
Path of product partitoin can be set as /product or /system/product
whether generate extra product partition or not.
Substitute %PRODUCT% to relevant path to know linker which path should
search and permit.
Bug: 110286945
Test: m -j # Check /system/etc/ld.config.$(PLATFORM_VNDK_VERSION).txt
Change-Id: I6ca177d0c9c5af00ad821879fece40848331fc8d
adbd has been built as a static executable since the same binary was
copied to the recovery partition where shared library is not supported.
However, since we now support shared library in the recovery partition,
adbd is built as a dynamic executable.
In addition, the dependency from adbd to libdebuggerd_handler is removed
as debuggerd is handled by the dynamic linker.
A few more modules in /system/core are marked as recovery_available:
true as they are transitive dependencies of the dynamic linker.
This change also includes ld.config.recovery.txt which is the linker
config file for the recovery mode. It is installed to /etc/ld.config.txt
and contains linker namespace config for the dynamic binaries under
/sbin.
Bug: 63673171
Test: `adb reboot recovery; adb devices` shows the device ID
Test: Select 'mount /system' in the recovery mode, then `adb shell`.
$ lsof -p `pidof adbd` shows that libm.so, libc.so, etc. are loaded from
the /lib directory.
Change-Id: I363d5a787863f1677ee40afb5d5841321ddaae77
Treble system-as-root GSI needs to work on devices with and without /odm
partition. This change creates the following symlinks for devices without
/odm partition:
/odm/app ->/vendor/odm/app
/odm/bin ->/vendor/odm/bin
/odm/etc ->/vendor/odm/etc
/odm/firmware ->/vendor/odm/firmware
/odm/framework ->/vendor/odm/framework
/odm/lib -> /vendor/odm/lib
/odm/lib64 -> /vendor/odm/lib64
/odm/overlay -> /vendor/odm/overlay
/odm/priv-app -> /vendor/odm/priv-app
For devices with odm partition, /odm will be used as the mount point and
those symlinks will be hidden after mount.
Bug: 70678783
Test: boot a A/B device without /odm partition, checks those symlinks exist
Test: boot a A/B device with /odm partition, checks those symlinks don't exist
Change-Id: I4d960b52e2754f461188f3ab562c751f502046ea
(cherry picked from commit 00749affc4)
Treble system-as-root GSI needs to work on devices with and without /odm
partition. This change creates the following symlinks for devices without
/odm partition:
/odm/app ->/vendor/odm/app
/odm/bin ->/vendor/odm/bin
/odm/etc ->/vendor/odm/etc
/odm/firmware ->/vendor/odm/firmware
/odm/framework ->/vendor/odm/framework
/odm/lib -> /vendor/odm/lib
/odm/lib64 -> /vendor/odm/lib64
/odm/overlay -> /vendor/odm/overlay
/odm/priv-app -> /vendor/odm/priv-app
For devices with odm partition, /odm will be used as the mount point and
those symlinks will be hidden after mount.
Bug: 70678783
Test: boot a A/B device without /odm partition, checks those symlinks exist
Test: boot a A/B device with /odm partition, checks those symlinks don't exist
Change-Id: I4d960b52e2754f461188f3ab562c751f502046ea
For non-VNDK-enforced devices, libz cannot be installed in vndk-sp
to avoid CTS test failure.
Move libz to llndk from vndk-sp for generating the namespace
configuration from ld.config.vndk_lite.txt.
Bug: 73296261
Test: run android.jni.cts test on marlin/sailfish
Change-Id: I1b8b43cd87dc8dfdd2667001ae1e50d9eaedf93d
For strict VNDK runtime restriction, use ld.config.txt as a source
file. For treblized devices without BOARD_VNDK_VERSION, use
ld.config.vndk_lite.txt file.
Test: Build and boot on Pixel 2017 and 2018 devices.
Change-Id: Ie5b77facd4c11bc73219ecf13ad1298ac5d60d8e
Rename ld.config.txt.in to ld.config.vndk.txt and
ld.config.txt to ld.config.vndk_light.txt.
For FULL_TREBLE devices without BOARD_VNDK_VERSION, update the VNDK
library list in ld.config.vndk_light.txt with the actual VNDK list.
Bug: 69526027
Test: Build marlin/sailfish and check boot
Change-Id: Idbb0cc97d11037c1493d4739e84961297ce51dbd
Merged-In: Idbb0cc97d11037c1493d4739e84961297ce51dbd
