The previous change in commit 22632cc82c
changed the behavior in loading file map. It now always puts a copy of
the input text in `extra` field. Update the tests accordingly.
Bug: 79951650
Test: Use a lunch'd target; `atest --host releasetools_test`
Change-Id: Iccf06c817c1305bf9946d7759c6f6f6af21fe85e
This change is part of a topic that moves the recovery resources from the
system partition to the vendor partition, if it exists, or the vendor directory
on the system partition otherwise. The recovery resources are moving from the
system image to the vendor partition so that a single system image may be used
with either an A/B or a non-A/B vendor image. The topic removes a delta in the
system image that prevented such reuse in the past.
The recovery resources that are moving are involved with updating the recovery
partition after an update. In a non-A/B configuration, the system boots from
the recovery partition, updates the other partitions (system, vendor, etc.)
Then, the next time the system boots normally, a script updates the recovery
partition (if necessary). This script, the executables it invokes, and the data
files that it uses were previously on the system partition. The resources that
are moving include the following.
* install-recovery.sh
* applypatch
* recovery-resource.dat (if present)
* recovery-from-boot.p (if present)
This change includes the platform build system and release tools changes to
move the recovery resources from system to vendor (or /system/vendor). The
release tools need to know where to generate the recovery patch, and they
discover this from misc_info.txt variable board_uses_vendorimage, which the
platform build system generates.
We remove applypatch from PRODUCT_PACKAGES, but it is added back as a required
module in target/product/base_vendor.mk.
Several release tools rely on the misc_info.txt board_uses_vendorimage variable
to know how to generate and detect the recovery patch.
This change partially removes the --rebuild_recovery flag from the
merge_target_files.py script. The flag will be fully removed in a follow-on
change.
Bug: 68319577
Test: Ensure that recovery partition is updated correctly.
Change-Id: Ia4045bd67ffb3d899efa8d20dab4c4299b87ee5f
The vendor_boot partition is generated by mkbootimg and contains all the
device-specific information that used to reside in the boot partition.
Bug: 137297791
Change-Id: I5b005097b73f59857c3a2f92d693b3e67ee8424e
* The following were high severity warnings but mistakenly
grouped into analyzer warnings in a recent change.
clang-analyzer-unix.Malloc
clang-analyzer-cplusplus.NewDeleteLeaks
clang-analyzer-cplusplus.NewDelete
* Add new Protoc and Kotlin warnings about unused imports and variables.
Bug: 141493530
Test: warn.py --url=http://cs/android --separator='?l=' build.log > warnings.html
Change-Id: Ied1f9ace97f29fba58a40dff2346a0391ab22f06
* Some comments are kept to reduce diff artifacts.
* Warning patterns will be separated by tools later,
to make it easier to share code with Chromium and
other build tools.
Bug: 141493530
Test: warn.py --url=http://cs/android --separator='?l=' build.log > warnings.html
Change-Id: I6b589478cf5ae73940b4712d9faabd0909546f02
* Add Kotlin, NDK, Protoc, Asm, and other new patterns.
* Put all clang-analyzer warnings to the ANALYZER severity group.
Some security and null pointer warnings still have HIGH severity.
* Comment out old C/C++ warnings that overlap with analyzer
warnings and do not appear in current build.log.
* Other old fixed warning patterns should be commented out later.
Bug: 141493530
Test: warn.py --url=http://cs/android --separator='?l=' build.log > warnings.html
Change-Id: Idc7b09e5e4eefa127d41e9f37da1f566ed1ede1f
* Combine the first two lines of rustc warning messages.
* Give some rustc warnings HIGH and MEDIUM severity.
Bug: 141311294
Test: warn.py --url=http://cs/android --separator='?l=' build.log > warnings.html
Change-Id: Ia3a206d68d9e92934296487b006a7b424044a822
Bug: 139957269
Test: Sign a target_files.zip. Extract a re-signed APEX and check the
hashtree size (being zero).
Test: Use sign_apex to sign an APEX file. Check the hashtree size (not
being zero).
Test: python -m unittest test_apex_utils
Test: python -m unittest test_sign_apex
Change-Id: I927b7681d66920d7732b700ec3a8f7a65b4cb351
Directory support for img_from_target_files was dropped in aosp/1095755.
Test: Create & boot a merged build.
Change-Id: Ib976ea60a24c2f172c597130d6bcce25199a93b3
This CL additionally removes boot/dtbo/modem/vbmeta_* images out of
secondary payload. We essentially only keep system_other.img and
bootloader images there.
For Pixel devices, this additionally saves ~80MiB (mostly because of
the removal of boot and radio images).
Bug: 140771390
Test: ota_from_target_files \
--include_secondary --skip_postinstall \
-i input-target_files-1.zip \
input-target_files-2.zip \
output-ota.zip
Test: python -m unittest test_ota_from_target_files
Change-Id: If47b27c52b3547a4cc86223a988c53960bc6af40
The commit in d14b895665
(https://android-review.googlesource.com/c/platform/build/+/728287)
changed partition layout, to always build the root dir into system.img,
even for devices not using system-as-root (i.e. the ones with separate
boot ramdisk).
With the new layout, there will be two root dirs for non-system-as-root
targets during the boot. If such a device uses Verified Boot 1.0,
/verity_key needs to be available in both roots, to establish the chain
of trust.
- bootloader uses the baked-in key to verify boot.img; it then loads
the ramdisk from the verified boot.img
- First stage init uses /verity_key (in ramdisk) to verify and mount
system.img at /system, then chroot's to it
- Second stage init uses /verity_key (in system.img) to verify and
mount other partitions
This CL adds rules to additionally install verity_key into ramdisk for
such targets.
Bug: 139770257
Test: Set up a target to use non-system-as-root
(BOARD_BUILD_SYSTEM_ROOT_IMAGE != true). `m dist`.
Test: Check that both ROOT/verity_key and BOOT/RAMDISK/verity_key exist
in the built target_files.zip.
Test: Run validate_target_files to validate the above target_files.zip.
$ validate_target_files \
--verity_key_mincrypt /path/to/verity_key \
target_files.zip
Test: Run sign_target_files_apks to sign the above target. Re-run
validate_target_files on the signed target_files.zip.
Test: python -m unittest test_validate_target_files
Change-Id: Ibe7e771c8c376429add85851ac86055564765d3c
The original script always tries to extract from index
0 even if header is found in positive indices. Fix that.
Also, continue to try other positions if previous run failed.
Test: builds
Bug: 139348603
Change-Id: Ia54fc709de9ae587fc64b59d94a1fa4ae669c14f
We used to carry the full OTA for vendor and product partitions when
generating the secondary payload. Since they are not actually used, we
can remove them to reduce the size of factory OTA packages. For example,
the size for a sargo package reduces from 454M to 283M after the change.
Bug: 140771390
Test: generate and apply a second payload on Pixel
Change-Id: I091dc07db8c345b182d9f5dd8d48f5c209245641
If the "--all-partitions" argument is empty, the system fs_config should
be generated with all partitions emitted.
Fixes: 8453f02c (fs_config: Fix cases without vendor/oem partition)
Change-Id: I058cfd1c8e665b40757998e773c35e26465bf58a
Signed-off-by: dianlujitao <dianlujitao@lineageos.org>
'required' only works on python_binary_host.
Test: modify checkvintf source code, build ota_from_target_files
Change-Id: Ieac68b39b1ccabae679a1679f184cb3aeaaeefb6
We have added the flag to disable on device fec computation in
brillo_update_payload. Exposed it in ota_from_target_files as well.
Bug: 139723500
Test: generate an incremental package with the new flag
Change-Id: I683e3ec7791963a3c7e141ecb4e5a3fb53fe2108
Test: Build the following targets and check the built image archive.
bonito-userdebug (contains flashable images);
cf_x86_phone-userdebug (contains super.img);
aosp_arm64-eng (contains VerifiedBootParams.textproto)
Test: m -j otatools-package; Check that zip2zip is included; Use
bin/img_from_target_files to generate image archive.
Change-Id: I9f28765bd702849f0df309faebd6aa3072920536
* changes:
merge_target_files: Checks VINTF metadata of resulting target files
Check VINTF compatibility at OTA generation time.
releasetools: add tests for check_target_files_vintf
Add a script to check VINTF compat of target files package.
Instead of relying on META/{system,vendor}_{manifest,matrix}.xml
and blindly copy compatibility.zip from target files package to
OTA package, do a static check on the input target files package
before generating the OTA package.
META/{system,vendor}_{manifest,matrix} does not contain ODM manifest
fragments, which is incorrect.
Also, the on-device check of compatibility.zip uses a old libvintf
binary on the device, which may not understand the incoming VINTF
metadata. This change removes the on-device check. Hence, it removes
the requirement of forwards compatibility of libvintf.
This behavior can be skipped with --skip-compatibility-check.
Test: build OTA package
Bug: 139300422
Bug: 131425279
Change-Id: I7fb93be9eb73f578fc05a182c6c9d1f073db2800
Instead of checking META/{system,vendor}_{manifest,matrix}.xml (which
is error-prone because ODM SKU-specific manifests are not checked),
this script read the target files package, remaps its directory
structure so that checkvintf understands it, and check VINTF
compatibility.
Also, put it in otatools.zip.
Test: run it on an extracted target files package
Bug: 131425279
Change-Id: I06036f9a8d7242d4bc11524028be40e780c508e8
Tao Bao