Kati only supports a single use of --no_ignore_dirty, so we were
ignoring the SOONG_ANDROID_MK file, and only detecting changes to
SOONG_MAKEVARS_MK. Fix this by using a pattern that should apply to both
of those makefiles.
Change-Id: I46390f9887f95f1db0efe4e93339667f35ebc67c
Instead of specifying character encoding by name, the faster, cleaner,
and safer way is to use StandardCharsets.UTF_8.
Bug: 27461702
Change-Id: I897284d3ceeb44a21cc74de09a9b25f6aec8c205
For acp, we've been using an old prebuilt in prebuilts/sdk, but it's not
part of the SDK. Instead, we'll use a prebuilt in the build-tools
repository.
For ijar, we've been using the host libstdc++ to workaround the lack of
libc++ on some unbundled branches. Instead, use a prebuilt that can use
libc++.
For ziptime, we've been disabling it on unbundled branches, due to the
lack of libc++. Instead, use a prebuilt version of ziptime that can use
the prebuilt libc++.
Change-Id: If80f845ea06f76e3fe6765964e77c864eaf303d0
This switches PKCS#7 SignedData generation code from Bouncy Castle to
OpenJDK's proprietary internal API. This is to avoid depending on a
huge library that's not really needed. In the longer term, it's best
to add our own implementation of PKCS#7 SignedData building, parsing,
and verification. This will give the code more power to mimic what the
Android platform does.
Bug: 27461702
Change-Id: I29f1ceea1293e35424fde69c0f2969d551345100
This replaces the less general DataSink which outputs into a
ByteArrayOutputStream with a more general DataSink which outputs into
an OutputStream.
Bug: 27461702
Change-Id: I9467f38c41f586b71f35edb3602fd6e57153184f
We recently moved Brillo verified boot from system/bvb to external/bvb
so update the path accordingly.
TEST=Build with 'BOARD_BVB_ENABLE := true' succeeds.
BUG=29099910
Change-Id: I66f3b90e23d6b2afc09f81af571ede7b573325e9
26f00cda4b introduced a bug where an
APK entry's extra field is padded for alignment purposes when no
padding is necessary because the entry is aligned without any padding
bytes.
Bug: 27461702
Change-Id: Icb164dbaa26d9686412e2920318a9f40c5ce9751
This patch uses subprocess.communicate instead of subprocess.wait to
prevent deadlock if any of the child processes outputs too much data,
and redirects the subprocess output to stdout when running in verbose
mode.
With this patch `ota_from_target_files -v` prints the delta_generator
output in stdout, and no output if '-v' is not passed.
Bug: None
TEST=ota_from_target_files -v ...
Change-Id: Id66e4f3360a6f91d61a3ce96d53afbccdaa19da5
The goldfish_setup shell script needs the ability to execute
the shell script interpreter. Allow it.
Addresses the following denial:
avc: denied { getattr } for pid=1220 comm="init.goldfish.s"
path="/system/bin/sh" dev="vda" ino=442 scontext=u:r:goldfish_setup:s0
tcontext=u:object_r:shell_exec:s0 tclass=file permissive=0
(cherrypicked from commit 501c88c029)
Bug: 28941573
Change-Id: I22d26e90f107c8d801229354a5e0513c37e6c31d
This adds the ApkVerifier class which verifies APKs using APK
Signature Scheme v2 only. In a follow-up commit this class will be
extended to verify APKs using JAR signature scheme when necessary.
The APK verifier is designed to not just verify an APK, but also
report errors, warnings, and information about signers in a structured
way, to enable tools to surface this information to users in various
ways.
Bug: 27461702
Change-Id: I10c6ba436021d86b6dbf6d3cf44494652adacb66
LOCAL_LDLIBS was the only correct way to use NDK libraries, but few used
it correctly. It also often got confused with LOCAL_LDFLAGS, so move the
flags to the correct variable.
For binaries that weren't using the NDK (empty LOCAL_SDK_VERSION), it
was never valid to use LOCAL_LDLIBS, as dependencies would not be
properly set up, and could lead to random build failures. So convert any
-l linker flags to using LOCAL_SHARED_LIBRARIES automatically.
For binaries built using the NDK (LOCAL_SDK_VERSION set), they were
required to use LOCAL_LDLIBS for prebuilt NDK libraries, otherwise they
would get headers and dependencies to the platform versions. Any
non-prebuilt LOCAL_LDLIBS would miss dependencies. So move the NDK
prebuilt libraries to LDLIBS from SHARED_LIBRARIES, and move everything
else to SHARED_LIBRARIES.
So now, for device modules, LOCAL_SHARED_LIBRARIES should always be
used, and we'll do the right thing. LOCAL_LDLIBS should only be used for
host libraries from the system.
Change-Id: Ide34c7afdcfb6507a378d45a42471729e489a9e0
This modifies JAR signing code to produce DSA signatures which are
accepted by all Android platforms rather than only API Level 9 and
higher.
The issue is that by default Bouncy Castle uses OID 1.2.840.10040.4.3
(dsaWithSha1) in PKCS #7 CMS SignerInfo whereas Android accepts that
only since API Level 9. However, OID 1.2.840.10040.4.1 (dsa) is
accepted by all Android platforms.
Bug: 27461702
Change-Id: I24256a255bcdc2108bdb447557af7568a2c096e3
In preparation for including them in prebuilts/build-tools.
acp: We use a prebuilt in prebuilts/sdk, but it's not part of the sdk.
ijar: We use the host libstdc++ to workaround the lack of libc++ on
some unbundled branches.
ziptime: We disable this on unbundled builds, due to the lack of libc++.
Change-Id: Ib9766b1dbddd151c38ff27c529865200ab37fce1
This adds getByteBuffer and copyTo methods to the DataSource
abstraction. These methods enable the client to avoid unnecessary
copying of the data source's data.
Bug: 27461702
Change-Id: If4e9f902ea75c1ca5c7be0e20c0e7218faf9c504
new read only product property ro.product.first_api_level.
PRODUCT_SHIPPING_API_LEVEL declares which API level a device first
shipped with. We use this variable to set a read-only property that
can be used in CTS/GTS tests.
Change-Id: If54202075d3b92ed380655cde8b3fc50c5ba73b3
Treehugger Robot