This is needed in order to be able to run error prone (which is
a plugin replacement for javac) on a subset of the java code.
Bug: 31507496
Test: Build javac-check-core-tests and check the resulting JAR
Change-Id: I5a556920572fcdad7b39d67e3f00fe0e0f1f8f46
Currently it supports verifying packages signed with RSA algorithms
(v1-v4 as in bootable/recovery/verifier.cpp). No support for ECDSA (v5)
signed packages yet.
$ ./build/tools/releasetools/check_ota_package_signature.py \
bootable/recovery/tests/testdata/testkey_v1.x509.pem \
bootable/recovery/tests/testdata/otasigned_v1.zip
Package: bootable/recovery/tests/testdata/otasigned_v1.zip
Certificate: bootable/recovery/tests/testdata/testkey_v1.x509.pem
Comment length: 1738
Signed data length: 2269
Use SHA-256: False
Digest: 115e688ec3b77743070b743453e2fc6ce8754484
VERIFIED
Bug: 31523193
Test: Used the tool to verify existing packages (like above).
Change-Id: I71d3569e858c729cb64825c5c7688ededc397aa8
I'm working on removing the --ignore_dirty=$(OUT_DIR)/% argument from
Kati. If we're always writing to a file that we're also reading, then
with that flag removed, we'll always reparse all the makefiles.
So instead, use the method from the generated java file cleanup where we
read from a "previous" file, write to a "current" file, then use a
cmp || mv to overwrite the "previous" file if necessary. When the flag
is removed, this will cause Kati to need to run twice any time this
changes, but it's better than forever.
Bug: 30947985
Test: Switch between aosp_arm-eng and full-eng
Change-Id: Id2d1445809b60ce26700bb2aca765df3b5c2b360
We don't need to manually remove objects when switching SANITIZE_TARGET
-- that will be handled by Ninja noticing that the command lines are
different.
Bug: 30947985
Test: None
Change-Id: I83c15981cf6ea258bb7fa85490b0b1ede1058aa6
This was printing "error:", but not actually triggering an error.
Instead of trying to write a single line bash script to handle this,
move the actual check into python. This allows us to print all of the
errors for a single module before triggering the failure.
Also updates the warning format and the warn.py script to properly parse
these warning. Many of the java:sdk -> java:platform warnings are false
positives due to the lack of LOCAL_SDK_VERSION markings on prebuilts.
Individual tags can be marked as warnings now, which lets us check for
system libraries linking against vendor libraries (which won't work on
AOSP). I'm not sure this is a completely valid check, which one reason
that it's just a warning.
Test: m all_link_types (with some missing libs commented out)
Change-Id: I333e418c9a4511b7c7e826891ae481da08fbf6f9
We want to build things in CTS (things built against the NDK) with
integer overflow checks. Some projects in the tree also make explicit
calls to the overflow checked builtins, and those projects need to be
built with the NDK (external/dng_sdk is the specific example that
brought this up).
Test: make checkbuild tests
Bug: None
Change-Id: Iab27dd0d931f723140de242049fa72f3b1ce0fb8
Treehugger Robot