We did not want this to appear for dogfood devices before
because it was noisy, most of popular apps fixed this
problem and it should be much less noisy.
Bug: http://b/62455348
Test: make
Change-Id: Icd28e9ef87f2d1edf456d178741c67ef42670ae1
We cannot cache the result of ($shell ...) and we have to run these on
every build even if we don't have to re-read the makefiles. Replace it
with make functions $(substr $(substr ... )).
Bug: 38399657
Test: `make` pass, flash images from $OUT and boot device with chain partitions
Merged-In: I6d4ff8e487931ba25008a2a881401a8951d4049e
Change-Id: I6d4ff8e487931ba25008a2a881401a8951d4049e
(cherry picked from commit e615afd6d0)
Current build system will include AVB metadata from each partition and
store them into /vbmeta partiton when BOARD_AVB_ENABLE is set, which makes
each partition tightly-coupled.
Add the support for 'chain partition':
- The vbmeta of each partition is stored on the same partition itself.
- The public key used to verify each partition is stored in /vbmeta.
For example, the following build variables are required to enable chain
partition for system partition:
- BOARD_AVB_SYSTEM_KEY_PATH := path/to/system_private_key
- BOARD_AVB_SYSTEM_ALGORITHM := SHA512_RSA8192
- BOARD_AVB_SYSTEM_ROLLBACK_INDEX := 1
- BOARD_AVB_SYSTEM_ROLLBACK_INDEX_LOCATION := 2
The corresponding settings will be added into META/misc_info.txt for
build_image.py and/or add_img_to_target_files.py:
- avb_system_key_path=path/to/system_private_key
- avb_system_algorithm=SHA512_RSA8192
- avb_system_add_hashtree_footer_args=--rollback_index 1
- avb_system_rollback_index_location=2
To enable chain partition for other partitions, just replace SYSTEM with
BOOT, VENDOR and/or DTBO in the build variables.
Also switch from `avbtool make_vbmeta_image --setup_rootfs_from_kernel system.img ...`
to `avbtool add_hashtree_footer --image system.img --setup_as_rootfs_from_kernel...`
when BOARD_BUILD_SYSTEM_ROOT_IMAGE is true. This works for both chained
and no-chained:
- chained: `avbtool add_hashtree_footer --setup_as_rootfs_from_kernel` will
add dm-verity kernel cmdline descriptor to system.img
- no-chained: `avbtool make_vbmeta_image --include_descriptors_from_image
system.img` will include the kernel cmdline descriptor from system.img into
vbmeta.img
Bug: 38399657
Test: `make` pass, flash images from $OUT and boot device without chain partitions
Test: `make` pass, flash images from $OUT and boot device with chain partitions
Test: `make dist` pass, flash images from TF.zip and boot device without chain partitions
Test: `make dist` pass, flash images from TF.zip and boot device with chain partitions
Test: follow the same steps in
https://android-review.googlesource.com/#/c/407572/
Change-Id: I344f79290743d7d47b5e7441b3a21df812a69099
Merged-In: I344f79290743d7d47b5e7441b3a21df812a69099
(cherry picked from commit 3e599ead66)
This reverts commit 88c9dddd0f.
Bug: 37815285
Bug: 62525809
Test: Tested with ag/2400523 and ag/2400524. Booted pixel phones,
checked the location of prop.default, verified the symlink,
checked a few properties via adb shell and manually tested
a few apps (Camera, Maps etc).
sign_target_files_apks.py was tested with:
sign_target_files_apks -o -e DynamiteLoader.apk= -e DynamiteModulesA.apk= \
-e DynamiteModulesB.apk= -e DynamiteModulesC.apk= -e DynamiteModulesD.apk= \
-e GoogleCertificates.apk= out/dist/*-target_files-*.zip signed-target_files.zip
Booted to recovery and ran 'adb sideload' successfully.
Change-Id: I2ddf287f42360d1a7c7a22f08e7b9e203e7e603a
This reverts commit fad00e4318.
init fails to read default.prop under recovery:
init: Couldn't load properties from /default.prop: Too many symbolic links encountered
Bug: 62525809
Change-Id: I133e9025693e3e01278ec73c8d08860fc89d314b
This patch tries to fix the problem where the default properties need
to go with the system image especially on non-AB devices where
/default.prop is on the ramdisk image. A symlink is created at
/default.prop for backward compatibility.
Bug: 37815285
Test: Tested with ag/2376383. Booted pixel phones, checked the location
of prop.default, verified the symlink, checked a few properties
(via adb shell getprop) and manually tested a few apps (Camera,
Maps etc).
sign_target_files_apks.py was tested with:
sign_target_files_apks -o -e DynamiteLoader.apk= -e DynamiteModulesA.apk= \
-e DynamiteModulesB.apk= -e DynamiteModulesC.apk= -e DynamiteModulesD.apk= \
-e GoogleCertificates.apk= out/dist/*-target_files-*.zip signed-target_files.zip
Change-Id: I1a9a2ba49c8252afc13ced3dea71253afbd3091e
Bug: 33381544
Test: m clean; mma -j with a prebuilt aar using aapt2
Change-Id: Ie41def84aa35f3774abd6d713fb4a75d63a88876
Merged-In: Ie41def84aa35f3774abd6d713fb4a75d63a88876
(cherry picked from commit c401a62d81)
This path needs to be set if we're going to build aar prebuilts with
aapt2.
Bug: 33381544
Test: Attempt to build an aar prebuilt with LOCAL_USE_AAPT2 := true, it
doesn't fail writing to /
Change-Id: I28c85736986221607a1d7a295ff1522b993a2049
Merged-In: I28c85736986221607a1d7a295ff1522b993a2049
(cherry picked from commit 48845257dc)
Keyed on MATRIX_LEVEL_OVERRIDE, FULL_TREBLE, SHIPPING_API_LEVEL,
and SDK_VERSION.
Bug: 62136051
Test: m system_compatibility_matrix.xml -j; \
grep -e"gatekeeper" -B1 $OUT/system/compatibility_matrix.xml; \
grep -e"oemlock" -B1 $OUT/system/compatibility_matrix.xml
bullhead: gatekeeper is optional, no oemlock (legacy.xml)
marlin without COMP_LEVEL_OVERRIDE: gatekeeper is not optional,
no oemlock (26.xml)
marlin with COMP_LEVEL_OVERRIDE: gatekeeper is not optional,
oemlock exists (current.xml)
new devices with COMP_LEVEL_OVERRIDE: same as above.
Change-Id: Icf7269df91950a8c3585a7e5f0022e6737954b77
board_avb_algorithm and board_avb_key_path are overlapping with
avb_signing_args. In core/Makefile, only avb_signing_args (i.e.
INTERNAL_AVB_SIGNING_ARGS) will be used in the AVB-signing command. It
covers the contents in board_avb_{algorithm,key_path}. We should do the
same thing in tools/releasetools to avoid potential inconsistency.
This CL cleans up the logic in tools/releasetools, by always using
avb_signing_args. This also allows easier signing key replacement (so we
can replace the key/algorithm/signer in 'avb_signing_args').
board_avb_system_add_hashtree_footer_args is unused in releasetools
script, and the same information has been covered by
system_avb_add_hashtree_footer_args. This CL removes this arg as well.
Test: `m dist`. Then a) check the removed three args no longer exist in
META/misc_info.txt; b) check that rebuilding images with
add_img_to_target_files.py uses the same parameters.
Change-Id: I7db890b5c942de5b6868d8d1ebf937586d4729c0
Dimitry Ivanov