As we don't fix the grf window, we may not calculate the grf
expiration date and the required api level.
The verification of this will be covered by the tests at run time.
Bug: 176950752
Test: atest --host post_process_props_unittest
Change-Id: I1205f0d9a9da5bc508a49acbcbb7da581800bf45
Some OEMs, namely OnePlus don't use AOSP compliant build description.
Making sure that the last piece ends with -keys is more than enough.
Change-Id: Iefa3c408a3fdda0b63db257befb8ba2d36793293
RamdiskFormat class is introduced by commit : f3f842b676
But it seems _MakeRamdisk() related codes are also needed, then
both of the code style are same.
This patch takes below 2 changes:
1) adds new commom function _GetRamdiskFormat()
2) unfiy the code logic of _MakeRamdisk() and its related code logic.
Change-Id: Ibd4932a6050fbac15fcd741c70dd7854c12e887d
Signed-off-by: jiajia tang <tangjiajia@xiaomi.com>
GRF devices must define the API level of which the SoC is first
shipped by setting BOARD_SHIPPING_API_LEVEL. As this is a permanent
value, vendors may not change this value even if they implement new
features under the GRF policy.
BOARD_API_LEVEL can be optionally defined in this case to manually
set the api level of the vendor implementation.
The current api level will be set to `ro.board.api_level` property.
Bug: 176950752
Test: atest --host post_process_props_unittest
Change-Id: Ib126c1a622ded9848650f3f60c0f15005867272d
The current inode usage estimate applies a factor (1.04x) to account for
differences between the directory and file count and what mkfs.ext4
produces. Bump this to 1.06x to allow more leniency.
This increases bramble partition sizes by 32KB total.
Bug: 182365132
Test: manual test
Change-Id: I9ade82cb89422e31ae8c5df9fff31157e88278c5
SHELL environment variable cannot be relied on because the rbcrun
can be run as `env - rbcrun ...`
Fixes: 184278019
Test: build/soong/soong_ui.bash --make-mode USE_BAZEL=1 TARGET_PRODUCT=aosp_arm64 TARGET_BUILD_VARIANT=userdebug droid dist platform_tests
Change-Id: Id8fc7fd1ae8f2e674028ba5ffb3616f87eea6bc4
Added SPDX-license-identifier-Apache-2.0 to:
tools/rbcrun/Android.bp
Bug: 68860345
Bug: 151177513
Bug: 151953481
Test: m all
Exempt-From-Owner-Approval: janitorial work
Change-Id: I6a1c75458115b15d9d0d9f0dbc11e0acffc1fe7b
This change intends to fix if ramdisk is not "lz4" compression.
Legacy is "minigzip" compression.
If not lz4, the following error will happen when exec build_super_image.py:
Unable to get boot image build props: Failed to run command '['lz4', '-d', '/tmp/boot_omdZZ8.img/ramdisk', '/tmp/boot_omdZZ8.img/uncompressed_ramdisk']' (exit code 44):
Error 44 : Unrecognized header : file cannot be decoded
Change-Id: I71248387bbeecbf184e0c24e6346c235d728518e
Signed-off-by: jiajia tang <tangjiajia@xiaomi.com>
This reverts commit ccfea17fb7.
Reason for revert: Original bug was resolved by updating branch config
Change-Id: I2327092261a2147fa8f2be3d878db04228e65511
This change doesn't change the condition for building super_empty.img,
it just add a toggle PRODUCT_BUILD_SUPER_EMPTY_IMAGE that product
makefiles can use to skip building super_empty.img.
Products that don't use super_empty at all, for example GSI, can set
this option to ensure the super_empty.img is not built.
Bug: 183068624
Test: "m dist" on GSI and check the build artifacts under OUT and DIST
directories, and check the contents of *-img-*.zip
Change-Id: I54943952873d2d297fd9d18cbe14742bc12ae9c6
Commit I9967d06bde0e18a12b84b5b0b568db09765fe305 supports adding a
generic boot_signature into boot.img v4. This change allows replacing
the boot_signture signing key with a release key during the release
process.
The default GKI signing key can be specified in a BoardConfig.mk via:
BOARD_GKI_SIGNING_KEY_PATH := external/avb/test/data/testkey_rsa2048.pem
BOARD_GKI_SIGNING_ALGORITHM := SHA256_RSA2048
BOARD_GKI_SIGNING_SIGNATURE_ARGS := --prop foo:bar
The release signing key/algorithm can be specified by the following options
when invoking sign_target_files_apks:
--gki_signing_key=external/avb/test/data/testkey_rsa4096.pem
--gki_signing_algorithm=SHA256_RSA4096
Additional arguments for generating the GKI signature can be
specified as below:
--gki_signing_extra_args="--prop gki:prop1 --prop gki:prop2"
Bug: 177862434
Test: make dist
Test: sign_target_files_apks \
--gki_signing_key=external/avb/test/data/testkey_rsa4096.pem \
--gki_signing_algorithm=SHA256_RSA4096 \
--gki_signing_extra_args="--prop gki:prop1 --prop gki:prop2" \
./out/dist/*-target_files-eng.*.zip signed.zip
Test: Checks GKI boot_signature is expected after signing:
`unzip signed.zip IMAGES/boot.img`
`unpack_bootimg --boot_img IMAGES/boot.img --out unpack`
`avbtool info_image --image unpack/boot_signature`
Test: unit test: releasetools_test and releasetools_py3_test
Change-Id: I61dadbc242360e4cab3dc70295931b4a5b9422a9
The application rbcrun executes Starlark scripts that define Android product configurations.
See README.md for details.
Test: go test
Fixes: 180529448
Change-Id: I7d728b47d3f381b7052a0d7d51c9e698e5c2e316
verity_utils.py gets an entry point and becomes a host binary. This is
to support signing images from the "bootimg" module type. Previously
this was done by directly invoking "avbtool" from the soong module, but
that required people to know the partition_size priori. The partition
size may not be known before actually building the partition image
especially when the partition is not for a physical partition but for a
partition in a composite image.
verity_utils.py, when the partition_size is not given, is capable of
calculating the mininum required partition size based on the size of the
unsigned input image file.
Bug: 180676957
Test: m microdroid_boot-5.10
Change-Id: I7bef292fb141c90899b7bdc0748895f95f964829
The maximum size of all dynamic partition groups should not exceed
the super size - DAP metadata size. Today the configuration of
some devices don't take the metadata into acount. So turn the CheckLe
into CheckLt.
Also, display a warning if the reserved size for DAP metadata is less
than 1M.
Bug: 182431975
Test: mm -j32 check-all-partition-sizes
Change-Id: Ie278f224321083e457d68da000c2b22ec8a54085
Fail the signing if the AVB_FOOTER_ARGS_BY_PARTITION isn't in sync
with common.AVB_PARTITIONS.
Bug: 181787095
Test: run sign_target_files_apks on a S image
Change-Id: I6ccf5fb9f39b92c1da2554f5b3826d2cd87d84d7
If we miss these entries, the signing script won't correctly update
the avb prop to build the vbmeta. This cl adds the missing partitions
for R build.
In the followup, we need to make the map in sync with AVB_PARTITIONS in
common.py
Bug: 181787095
Test: run sign_target_files_apks
Change-Id: I39a308fb7028b45ce08f0ca3c6ad61a6c13e8082
In aosp/1581143 , we banned generation of SPL downgrade OTAs. However,
caller of OTA script can still force an SPL downgrade OTA by passing
--spl_downgrade flag. If this flag is specified, we propagate it to OTA
metadata so that GOTA server can properly honor this flag.
Test: th
Change-Id: Ic8cdc850d2210f4149ad9121fa4ed2e5a4f59bcc
Fix incorrect report "Failed to find the ZIP entry" error when
generate OTA package.
This happens when we have a file in ROOT which name contains 'system'
such as init.system_init.rc, and init.system_init.rc will be rename to
init.SYSTEM_init.rc incorrectly, so we failed to find the entry in ZIP.
Test: manual test
Change-Id: I97359e513aaca7521fe9c035f6a4264a2053b86d
Signed-off-by: wangshumin <wangshumin@xiaomi.com>
If ALLOW_RULES_IN_PRODUCT_CONFIG is set, pass it to kati via
.KATI_ALLOW_RULES, to issue warnings or errors about rules
during product configuration.
Test: CHECK_FOR_RULES=true ./build/make/tools/product_config/test.sh
Test: ALLOW_RULES_IN_PRODUCT_CONFIG=error m nothing
Test: ALLOW_RULES_IN_PRODUCT_CONFIG=warning m nothing
Test: m nothing
Change-Id: I35dd9ffe4ec71f97beaa8b8a2f10d80502088af2
This follows the same steps as OpenSplitPolicy() in
system/core/init/selinux.cpp on the device.
Bug: 178864050
Test: merge_target_files for R+S and S+S devices
Test: test_merge_target_files
Change-Id: Ia41a436bfda8e2cb65706122f0ff3805b99d16e1
Gather all BOARD_BOOTCONFIG parameters.
Create vendor-bootconfig.img with parameters seperated by newlines. Pass
that file to mkbootimg as --vendor_bootconfig to add it to the
vendor_boot.img.
Test: Add BOARD_BOOTCONFIG parameters in cuttlefish .mk file
Check vendor-bootconfig.img for expected output
Verify expected vendor_boot.img format with:
unpack_bootimg --boot_image vendor_boot.img
Test: Update Cuttlefish bootloader to handle the new vendor_boot.img and
check /proc/bootconfig for the expexted parameters.
Bug: 173815685
Change-Id: Iaa9b71b4bc64375777a5353396e83bb2beb25c47
Doesn't include tests. More of those will come later.
Test: build/make/tools/product_config/test.sh
Change-Id: Icd2b455ac5f7b4773ba332fc40e994dc6f024f1b
It's used more than I originally thought it would be and it's
unnecessarily nested.
Test: rm -rf out/config/ && m product-config-test product-config && java -jar out/host/linux-x86/testcases/product-config-test/product-config-test.jar && time ( product-config --ckati_bin /source/kati/ckati > ~/Desktop/out.txt )
Change-Id: Id5a075863151e37ec60e5d9dbeb817c2df245bc7
* changes:
Keep the first and last snapshot of variables.
Generate GenericConfig objects from MakeConfig objects.
Emit and parse the product config variables from kati/make
Add class to fork and exec kati, based on the commandline option given.
Add a CSV parser to parse the output from kati.
The pvmfw is included in an `m` build but not in the distribution files.
Apply the same treatment as the dtbo partition to copy the pvmfw
partition to dist/ since, similar to the dtbo image, the pvmfw image is
generally provided as a prebuilt image.
Test: make dist
Bug: 174457787
Change-Id: I6f42517ba42db92e90048d1236d7255ccbd73f73
Bug:180682930
Test: erofs image can be set to input timestamp and UUID
Change-Id: I71e455350db51096e18ab5a03123500d56ebe252
Signed-off-by: Huang Jianan <huangjianan@oppo.com>
Bundle APEXes may exist on other partitions than system, e.g. vendor,
system_ext. And leaving them unsigned may cause security problems.
Bug: 180675334
Test: run sign_target_files_apks
Change-Id: Ib912a026f4010d818161a89b11f818180208843f
This is needed for partial builds that do not have the apex directory in
their target files package.
Test: build target files for a partial vendor-only build.
Change-Id: I076bfbd1a81cccddcef795f5edeaf2b51538cdec
Applies heuristics to the sequence of Blocks to do so.
Test: rm -rf out/config/ && m product-config-test product-config && java -jar out/host/linux-x86/testcases/product-config-test/product-config-test.jar && time ( out/host/linux-x86/bin/product-config --ckati_bin /source/kati/ckati > ~/Desktop/out.txt )
Change-Id: Id6763781bc876e2b2e0be320a7259c1ed41c2334
(Yet another class that would be great for android to have in a host
tools library)
Test: m product-config-test && java -jar out/host/linux-x86/testcases/product-config-test/product-config-test.jar
Change-Id: I7d74b2265393e4f340729ca5ba82d1ec92a20f85
* changes:
Rearrange the methods on ErrorReporter to be more convenient.
Add glue to run product-config-test as a standalone commandline executable.
CommandException to cleanly exit product-config on error.
Rewrite build.prop of all partitions
Test: sign an target_file, check build prop of partitions
Bug: 179186447
Bug: 180025432
Change-Id: I01249532dc2df1b6d9ec8d0be58424a76814b53e
At the end of OTA generation, we will use some private key to sign the
OTA payload. Since signing happens after the payload is being generated,
if caller passes an incorrect key path, caller won't notice it until 1
hour later when delta_generator finishes. At which point caller has to
staart from scratch, pass in another key path, and wait for an hour.
Let's detect incorrect key path before calling delta_generator, so
caller will get an error message right at beginning.
Test: th
Change-Id: Iefb1e0a9ed86f82664be1675afb84c020ec28fe7
Previously we allow all spl downgrade OTA to generate. But applying such
OTA often causes device to hang and rollback, because keymaster refuses
to attach if it detects spl downgrade. When such error happens, it's
really hard to debug. So instead of debugging a mysterious boot failure,
let''s prevent such OTA from generating in the first place.
Test: th
Bug: 178584781
Change-Id: I8e271862d804e86b16aea70424b4d3e289d43cc9
This is needed due to output artifacts in the zip that confuse globbing,
such as [.
(Also changes this call to RunAndCheckOutput, which prints the stderror
by default instead of RunAndWait which does not. Removes RunAndWait
which is now unused)
Bug: 179799226
Test: Run merge_target_files to merge two partial builds
Change-Id: Ibf8a5b0c013c9cd8b1e61195d97583f247d97c6f
use py3 for AOSP build, while the script itself can be
executed under py2/py3 environment directly.
TEST: extract info from Pixel 4 kernel
Change-Id: I00db6dabb1ff93f0758017a666c476816caefae7
If an OTA contains compressed APEX inside it, then the device will need
to allocate space on /data partition for their decompression. In order
to calculate how much space the OTA process needs to allocate, the
process needs more information about the APEX contained inside the OTA.
In this CL, we are adding functionality to the OTA generation script
that allows us to gather information about the APEX stored inside the
target-file zip. However, we did not integrate the new functionality
with the ota_from_target_files.py scrip yet. That will be done on follow
up CL.
Bug: 172911822
Test: atest releasetools_py3_test
Change-Id: I2ac42018f628c2c21527b3e086be1f4e7e7247ad
There's also a bunch of boilerplate error handling and option parsing
stuff that I wish someone would put into a library that's available to
the android tree.
Test: atest product-config-test
Change-Id: Ieebcc7bd47a8644d1374fb02c146e9038859f4a2
Justin Yun