We recently moved Brillo verified boot from system/bvb to external/bvb
so update the path accordingly.
TEST=Build with 'BOARD_BVB_ENABLE := true' succeeds.
BUG=29099910
Change-Id: I66f3b90e23d6b2afc09f81af571ede7b573325e9
26f00cda4b introduced a bug where an
APK entry's extra field is padded for alignment purposes when no
padding is necessary because the entry is aligned without any padding
bytes.
Bug: 27461702
Change-Id: Icb164dbaa26d9686412e2920318a9f40c5ce9751
This patch uses subprocess.communicate instead of subprocess.wait to
prevent deadlock if any of the child processes outputs too much data,
and redirects the subprocess output to stdout when running in verbose
mode.
With this patch `ota_from_target_files -v` prints the delta_generator
output in stdout, and no output if '-v' is not passed.
Bug: None
TEST=ota_from_target_files -v ...
Change-Id: Id66e4f3360a6f91d61a3ce96d53afbccdaa19da5
The goldfish_setup shell script needs the ability to execute
the shell script interpreter. Allow it.
Addresses the following denial:
avc: denied { getattr } for pid=1220 comm="init.goldfish.s"
path="/system/bin/sh" dev="vda" ino=442 scontext=u:r:goldfish_setup:s0
tcontext=u:object_r:shell_exec:s0 tclass=file permissive=0
(cherrypicked from commit 501c88c029)
Bug: 28941573
Change-Id: I22d26e90f107c8d801229354a5e0513c37e6c31d
This adds the ApkVerifier class which verifies APKs using APK
Signature Scheme v2 only. In a follow-up commit this class will be
extended to verify APKs using JAR signature scheme when necessary.
The APK verifier is designed to not just verify an APK, but also
report errors, warnings, and information about signers in a structured
way, to enable tools to surface this information to users in various
ways.
Bug: 27461702
Change-Id: I10c6ba436021d86b6dbf6d3cf44494652adacb66
LOCAL_LDLIBS was the only correct way to use NDK libraries, but few used
it correctly. It also often got confused with LOCAL_LDFLAGS, so move the
flags to the correct variable.
For binaries that weren't using the NDK (empty LOCAL_SDK_VERSION), it
was never valid to use LOCAL_LDLIBS, as dependencies would not be
properly set up, and could lead to random build failures. So convert any
-l linker flags to using LOCAL_SHARED_LIBRARIES automatically.
For binaries built using the NDK (LOCAL_SDK_VERSION set), they were
required to use LOCAL_LDLIBS for prebuilt NDK libraries, otherwise they
would get headers and dependencies to the platform versions. Any
non-prebuilt LOCAL_LDLIBS would miss dependencies. So move the NDK
prebuilt libraries to LDLIBS from SHARED_LIBRARIES, and move everything
else to SHARED_LIBRARIES.
So now, for device modules, LOCAL_SHARED_LIBRARIES should always be
used, and we'll do the right thing. LOCAL_LDLIBS should only be used for
host libraries from the system.
Change-Id: Ide34c7afdcfb6507a378d45a42471729e489a9e0
This modifies JAR signing code to produce DSA signatures which are
accepted by all Android platforms rather than only API Level 9 and
higher.
The issue is that by default Bouncy Castle uses OID 1.2.840.10040.4.3
(dsaWithSha1) in PKCS #7 CMS SignerInfo whereas Android accepts that
only since API Level 9. However, OID 1.2.840.10040.4.1 (dsa) is
accepted by all Android platforms.
Bug: 27461702
Change-Id: I24256a255bcdc2108bdb447557af7568a2c096e3
In preparation for including them in prebuilts/build-tools.
acp: We use a prebuilt in prebuilts/sdk, but it's not part of the sdk.
ijar: We use the host libstdc++ to workaround the lack of libc++ on
some unbundled branches.
ziptime: We disable this on unbundled builds, due to the lack of libc++.
Change-Id: Ib9766b1dbddd151c38ff27c529865200ab37fce1
This adds getByteBuffer and copyTo methods to the DataSource
abstraction. These methods enable the client to avoid unnecessary
copying of the data source's data.
Bug: 27461702
Change-Id: If4e9f902ea75c1ca5c7be0e20c0e7218faf9c504
new read only product property ro.product.first_api_level.
PRODUCT_SHIPPING_API_LEVEL declares which API level a device first
shipped with. We use this variable to set a read-only property that
can be used in CTS/GTS tests.
Change-Id: If54202075d3b92ed380655cde8b3fc50c5ba73b3
TARGET_RECOVERY_BRICK specifies the file that lists all the partitions
to be bricked under recovery. The file, if present, will be copied to
'$(TARGET_RECOVERY_ROOT_OUT)/etc/recovery.brick'.
Bug: 27253717
Change-Id: Id84195b5ee1031a83bf7a077be070a3728416580
(cherry picked from commit 3051f4f11a)
Soong modules can define logtags files that need to be combined into
/system/etc/event-log-tags, so add a new LOCAL_LOGTAGS_FILES variable
that can be used to specify *.logtags file outside of LOCAL_SRC_FILES.
Bug: 28989759
Change-Id: I53c5d396dfb7c6006806758f351eb5cdde90fe74
But only for static and shared libraries -- we disable building other
types of modules for arm, so don't support the prebuilts for them
either.
This is needed so that we can build these libraries under Soong, and
expose them to Make using BUILD_PREBUILT.
Bug: 27526885
Change-Id: I4f6ec922aed37591b6257b7022b81fb65d05b0fe
The Android.mk finder should stop traversing when it finds an Android.bp
file, and any Android.soong.mk file at the same path should be included.
Update filter-soong-makefiles to accept a mixed list of Android.bp files
and Android.mk files, convert Android.bp files to Android.soong.mk files
if they exist, and ignore Android.mk files that have an Android.bp file.
Update first-makefiles-under to use the new --dir syntax for
findleaves.py and search for both Android.bp and Android.mk files.
Update all-makefiles-under and all-named-subdir-makefiles to search for
both Android.bp and Android.mk files.
Change-Id: Iddc51bf84593d5de3add02f2b2c065da08962af4
findleaves.py needs to be able to search multiple directories for
multiple filenames (Android.bp and Android.mk). Add support for a new
--dir= option to specify one or more directories to search, and then
treat any remaining options as filenames. If no directories are
specified, fall back to treating only the last option as a filename and
the rest as directories.
Change-Id: Ie879facd49192c6b4fafae070ad00eb21b1faa32
This switches signapk's APK signing from its own signing logic to that
offered by apksigner-core library. OTA update package signing logic
remains inside signapk codebase.
Bug: 27461702
Change-Id: Ibf8435c555fe3f2b621d5189e7ae44f79082c810
Alex Klyubin