From 138060bf6c8860afc18841c631b379f7c311846c Mon Sep 17 00:00:00 2001 From: The Android Automerger Date: Tue, 4 Oct 2011 14:02:12 -0700 Subject: [PATCH 1/6] IFL04B --- core/build_id.mk | 16 +++------------- 1 file changed, 3 insertions(+), 13 deletions(-) diff --git a/core/build_id.mk b/core/build_id.mk index e415e8db6..8a426f08a 100644 --- a/core/build_id.mk +++ b/core/build_id.mk @@ -1,3 +1,4 @@ + # # Copyright (C) 2008 The Android Open Source Project # @@ -13,20 +14,9 @@ # See the License for the specific language governing permissions and # limitations under the License. # - -# -# Defines branch-specific values. -# - # BUILD_ID is usually used to specify the branch name # (like "MAIN") or a branch name and a release candidate -# (like "TC1-RC5"). It must be a single word, and is +# (like "CRB01"). It must be a single word, and is # capitalized by convention. -# -BUILD_ID := ICS_FACTORYROM -# DISPLAY_BUILD_NUMBER should only be set for development branches, -# If set, the BUILD_NUMBER (cl) is appended to the BUILD_ID for -# a more descriptive BUILD_ID_DISPLAY, otherwise BUILD_ID_DISPLAY -# is the same as BUILD_ID -DISPLAY_BUILD_NUMBER := true +export BUILD_ID=IFL04B From fa2bf54a0450427bd26d1dcfb982fcbd550ac3a2 Mon Sep 17 00:00:00 2001 From: Ying Wang Date: Tue, 4 Oct 2011 10:50:08 -0700 Subject: [PATCH 2/6] Support for product-specific dev keys. Change-Id: Id577a72ee9f7cd70e8ca77efcbf10a37885c7d6f --- core/Makefile | 15 ++++++++------- core/config.mk | 7 +++++++ core/package.mk | 8 ++++---- core/prebuilt.mk | 4 ++-- core/product.mk | 7 ++++++- core/product_config.mk | 37 +++++++++++++++++++++++-------------- 6 files changed, 50 insertions(+), 28 deletions(-) diff --git a/core/Makefile b/core/Makefile index ebc8a853b..3186bdacd 100644 --- a/core/Makefile +++ b/core/Makefile @@ -71,9 +71,9 @@ BUILD_VERSION_TAGS := $(BUILD_VERSION_TAGS) ifeq ($(TARGET_BUILD_TYPE),debug) BUILD_VERSION_TAGS += debug endif -# Apps are always signed with test keys, and may be re-signed in a post-build -# step. If that happens, the "test-keys" tag will be removed by that step. -BUILD_VERSION_TAGS += test-keys +# Apps are always signed with dev keys, and may be re-signed in a post-build +# step. If that happens, the "dev-keys" tag will be removed by that step. +BUILD_VERSION_TAGS += dev-keys BUILD_VERSION_TAGS := $(subst $(space),$(comma),$(sort $(BUILD_VERSION_TAGS))) # A human-readable string that descibes this build in detail. @@ -258,11 +258,11 @@ endif # ----------------------------------------------------------------- -# The test key is used to sign this package, and as the key required +# The dev key is used to sign this package, and as the key required # for future OTA packages installed by this system. Actual product # deliverables will be re-signed by hand. We expect this file to # exist with the suffixes ".x509.pem" and ".pk8". -DEFAULT_KEY_CERT_PAIR := $(SRC_TARGET_DIR)/product/security/testkey +DEFAULT_KEY_CERT_PAIR := $(DEFAULT_SYSTEM_DEV_CERTIFICATE) # Rules that need to be present for the all targets, even @@ -649,9 +649,9 @@ ifdef BOARD_KERNEL_PAGESIZE endif # Keys authorized to sign OTA packages this build will accept. The -# build always uses test-keys for this; release packaging tools will +# build always uses dev-keys for this; release packaging tools will # substitute other keys for this one. -OTA_PUBLIC_KEYS := $(SRC_TARGET_DIR)/product/security/testkey.x509.pem +OTA_PUBLIC_KEYS := $(DEFAULT_SYSTEM_DEV_CERTIFICATE).x509.pem # Generate a file containing the keys that will be read by the # recovery binary. @@ -1097,6 +1097,7 @@ endif ifdef INTERNAL_USERIMAGES_SPARSE_EXT_FLAG $(hide) echo "extfs_sparse_flag=$(INTERNAL_USERIMAGES_SPARSE_EXT_FLAG)" >> $(zip_root)/META/misc_info.txt endif + $(hide) echo "default_system_dev_certificate=$(DEFAULT_SYSTEM_DEV_CERTIFICATE)" >> $(zip_root)/META/misc_info.txt ifdef PRODUCT_EXTRA_RECOVERY_KEYS $(hide) echo "extra_recovery_keys=$(PRODUCT_EXTRA_RECOVERY_KEYS)" >> $(zip_root)/META/misc_info.txt endif diff --git a/core/config.mk b/core/config.mk index c4f08fd05..41e60ea19 100644 --- a/core/config.mk +++ b/core/config.mk @@ -288,6 +288,13 @@ APICHECK_CLASSPATH := $(APICHECK_CLASSPATH):$(HOST_OUT_JAVA_LIBRARIES)/doclava$( APICHECK_CLASSPATH := $(APICHECK_CLASSPATH):$(HOST_OUT_JAVA_LIBRARIES)/jsilver$(COMMON_JAVA_PACKAGE_SUFFIX) APICHECK_COMMAND := $(APICHECK) -JXmx1024m -J"classpath $(APICHECK_CLASSPATH)" +# The default key if not set as LOCAL_CERTIFICATE +ifdef PRODUCT_DEFAULT_DEV_CERTIFICATE + DEFAULT_SYSTEM_DEV_CERTIFICATE := $(PRODUCT_DEFAULT_DEV_CERTIFICATE) +else + DEFAULT_SYSTEM_DEV_CERTIFICATE := build/target/product/security/testkey +endif + # ############################################################### # Set up final options. # ############################################################### diff --git a/core/package.mk b/core/package.mk index e79059a0d..7bc5be461 100644 --- a/core/package.mk +++ b/core/package.mk @@ -299,20 +299,20 @@ endif # Secure release builds will have their packages signed after the fact, # so it's ok for these private keys to be in the clear. ifeq ($(LOCAL_CERTIFICATE),) - LOCAL_CERTIFICATE := testkey + LOCAL_CERTIFICATE := $(DEFAULT_SYSTEM_DEV_CERTIFICATE) endif ifeq ($(LOCAL_CERTIFICATE),EXTERNAL) # The special value "EXTERNAL" means that we will sign it with the - # default testkey, apply predexopt, but then expect the final .apk + # default devkey, apply predexopt, but then expect the final .apk # (after dexopting) to be signed by an outside tool. - LOCAL_CERTIFICATE := testkey + LOCAL_CERTIFICATE := $(DEFAULT_SYSTEM_DEV_CERTIFICATE) PACKAGES.$(LOCAL_PACKAGE_NAME).EXTERNAL_KEY := 1 endif # If this is not an absolute certificate, assign it to a generic one. ifeq ($(dir $(strip $(LOCAL_CERTIFICATE))),./) - LOCAL_CERTIFICATE := $(SRC_TARGET_DIR)/product/security/$(LOCAL_CERTIFICATE) + LOCAL_CERTIFICATE := $(dir $(DEFAULT_SYSTEM_DEV_CERTIFICATE))$(LOCAL_CERTIFICATE) endif private_key := $(LOCAL_CERTIFICATE).pk8 certificate := $(LOCAL_CERTIFICATE).x509.pem diff --git a/core/prebuilt.mk b/core/prebuilt.mk index 935bce1f2..8c0334163 100644 --- a/core/prebuilt.mk +++ b/core/prebuilt.mk @@ -93,7 +93,7 @@ ifeq ($(LOCAL_CERTIFICATE),EXTERNAL) # # This can be used for packages where we don't have access to the # keys, but want the package to be predexopt'ed. - LOCAL_CERTIFICATE := testkey + LOCAL_CERTIFICATE := $(DEFAULT_SYSTEM_DEV_CERTIFICATE) PACKAGES.$(LOCAL_MODULE).EXTERNAL_KEY := 1 endif ifeq ($(LOCAL_CERTIFICATE),) @@ -114,7 +114,7 @@ else ifeq ($(LOCAL_CERTIFICATE),PRESIGNED) else # If this is not an absolute certificate, assign it to a generic one. ifeq ($(dir $(strip $(LOCAL_CERTIFICATE))),./) - LOCAL_CERTIFICATE := $(SRC_TARGET_DIR)/product/security/$(LOCAL_CERTIFICATE) + LOCAL_CERTIFICATE := $(dir $(DEFAULT_SYSTEM_DEV_CERTIFICATE))$(LOCAL_CERTIFICATE) endif PACKAGES.$(LOCAL_MODULE).PRIVATE_KEY := $(LOCAL_CERTIFICATE).pk8 diff --git a/core/product.mk b/core/product.mk index 2efc44643..72cb2f7a3 100644 --- a/core/product.mk +++ b/core/product.mk @@ -82,7 +82,9 @@ _product_var_list := \ PRODUCT_SDK_ADDON_COPY_FILES \ PRODUCT_SDK_ADDON_COPY_MODULES \ PRODUCT_SDK_ADDON_DOC_MODULE \ - PRODUCT_DEFAULT_WIFI_CHANNELS + PRODUCT_DEFAULT_WIFI_CHANNELS \ + PRODUCT_DEFAULT_DEV_CERTIFICATE \ + define dump-product $(info ==== $(1) ====)\ @@ -232,6 +234,9 @@ _product_stash_var_list += \ BOARD_INSTALLER_CMDLINE \ +_product_stash_var_list += \ + DEFAULT_SYSTEM_DEV_CERTIFICATE + # # Stash vaues of the variables in _product_stash_var_list. # $(1): Renamed prefix diff --git a/core/product_config.mk b/core/product_config.mk index 1567f6d83..e673d5ca7 100644 --- a/core/product_config.mk +++ b/core/product_config.mk @@ -112,8 +112,8 @@ ifdef product_goals # The build server wants to do make PRODUCT-dream-installclean # which really means TARGET_PRODUCT=dream make installclean. ifneq ($(filter-out $(INTERNAL_VALID_VARIANTS),$(TARGET_BUILD_VARIANT)),) - MAKECMDGOALS := $(MAKECMDGOALS) $(TARGET_BUILD_VARIANT) - TARGET_BUILD_VARIANT := eng + MAKECMDGOALS := $(MAKECMDGOALS) $(TARGET_BUILD_VARIANT) + TARGET_BUILD_VARIANT := eng default_goal_substitution := else default_goal_substitution := $(DEFAULT_GOAL) @@ -232,8 +232,8 @@ PRODUCT_AAPT_CONFIG := $(PRODUCT_LOCALES) $(PRODUCT_AAPT_CONFIG) # Default to medium-density assets. # (Can be overridden in the device config, e.g.: PRODUCT_AAPT_CONFIG += hdpi) PRODUCT_AAPT_CONFIG := $(strip \ - $(PRODUCT_AAPT_CONFIG) \ - $(if $(filter %dpi,$(PRODUCT_AAPT_CONFIG)),,mdpi)) + $(PRODUCT_AAPT_CONFIG) \ + $(if $(filter %dpi,$(PRODUCT_AAPT_CONFIG)),,mdpi)) # Everyone gets nodpi assets which are density-independent. PRODUCT_AAPT_CONFIG += nodpi @@ -241,7 +241,7 @@ PRODUCT_AAPT_CONFIG += nodpi # Convert spaces to commas. comma := , PRODUCT_AAPT_CONFIG := \ - $(subst $(space),$(comma),$(strip $(PRODUCT_AAPT_CONFIG))) + $(subst $(space),$(comma),$(strip $(PRODUCT_AAPT_CONFIG))) PRODUCT_BRAND := $(strip $(PRODUCTS.$(INTERNAL_PRODUCT).PRODUCT_BRAND)) @@ -251,7 +251,7 @@ ifndef PRODUCT_MODEL endif PRODUCT_MANUFACTURER := \ - $(strip $(PRODUCTS.$(INTERNAL_PRODUCT).PRODUCT_MANUFACTURER)) + $(strip $(PRODUCTS.$(INTERNAL_PRODUCT).PRODUCT_MANUFACTURER)) ifndef PRODUCT_MANUFACTURER PRODUCT_MANUFACTURER := unknown endif @@ -263,7 +263,16 @@ else endif PRODUCT_DEFAULT_WIFI_CHANNELS := \ - $(strip $(PRODUCTS.$(INTERNAL_PRODUCT).PRODUCT_DEFAULT_WIFI_CHANNELS)) + $(strip $(PRODUCTS.$(INTERNAL_PRODUCT).PRODUCT_DEFAULT_WIFI_CHANNELS)) + +PRODUCT_DEFAULT_DEV_CERTIFICATE := \ + $(strip $(PRODUCTS.$(INTERNAL_PRODUCT).PRODUCT_DEFAULT_DEV_CERTIFICATE)) +ifdef PRODUCT_DEFAULT_DEV_CERTIFICATE +ifneq (1,$(words $(PRODUCT_DEFAULT_DEV_CERTIFICATE))) + $(error PRODUCT_DEFAULT_DEV_CERTIFICATE='$(PRODUCT_DEFAULT_DEV_CERTIFICATE)', \ + only 1 certificate is allowed.) +endif +endif # A list of words like :. The file at # the source path should be copied to the destination path when building @@ -271,26 +280,26 @@ PRODUCT_DEFAULT_WIFI_CHANNELS := \ # it should look like, e.g., "system/etc/file.xml". The rules # for these copy steps are defined in config/Makefile. PRODUCT_COPY_FILES := \ - $(strip $(PRODUCTS.$(INTERNAL_PRODUCT).PRODUCT_COPY_FILES)) + $(strip $(PRODUCTS.$(INTERNAL_PRODUCT).PRODUCT_COPY_FILES)) # The HTML file containing the contributors to the project. PRODUCT_CONTRIBUTORS_FILE := \ - $(strip $(PRODUCTS.$(INTERNAL_PRODUCT).PRODUCT_CONTRIBUTORS_FILE)) + $(strip $(PRODUCTS.$(INTERNAL_PRODUCT).PRODUCT_CONTRIBUTORS_FILE)) # A list of property assignments, like "key = value", with zero or more # whitespace characters on either side of the '='. PRODUCT_PROPERTY_OVERRIDES := \ - $(strip $(PRODUCTS.$(INTERNAL_PRODUCT).PRODUCT_PROPERTY_OVERRIDES)) + $(strip $(PRODUCTS.$(INTERNAL_PRODUCT).PRODUCT_PROPERTY_OVERRIDES)) # A list of property assignments, like "key = value", with zero or more # whitespace characters on either side of the '='. # used for adding properties to default.prop PRODUCT_DEFAULT_PROPERTY_OVERRIDES := \ - $(strip $(PRODUCTS.$(INTERNAL_PRODUCT).PRODUCT_DEFAULT_PROPERTY_OVERRIDES)) + $(strip $(PRODUCTS.$(INTERNAL_PRODUCT).PRODUCT_DEFAULT_PROPERTY_OVERRIDES)) # Should we use the default resources or add any product specific overlays PRODUCT_PACKAGE_OVERLAYS := \ - $(strip $(PRODUCTS.$(INTERNAL_PRODUCT).PRODUCT_PACKAGE_OVERLAYS)) + $(strip $(PRODUCTS.$(INTERNAL_PRODUCT).PRODUCT_PACKAGE_OVERLAYS)) DEVICE_PACKAGE_OVERLAYS := \ $(strip $(PRODUCTS.$(INTERNAL_PRODUCT).DEVICE_PACKAGE_OVERLAYS)) @@ -299,8 +308,8 @@ PRODUCT_TAGS := $(strip $(PRODUCTS.$(INTERNAL_PRODUCT).PRODUCT_TAGS)) # Add the product-defined properties to the build properties. ADDITIONAL_BUILD_PROPERTIES := \ - $(ADDITIONAL_BUILD_PROPERTIES) \ - $(PRODUCT_PROPERTY_OVERRIDES) + $(ADDITIONAL_BUILD_PROPERTIES) \ + $(PRODUCT_PROPERTY_OVERRIDES) # The OTA key(s) specified by the product config, if any. The names # of these keys are stored in the target-files zip so that post-build From 7d9799445d47155efacefe27c684157645e2099e Mon Sep 17 00:00:00 2001 From: The Android Automerger Date: Tue, 4 Oct 2011 16:17:19 -0700 Subject: [PATCH 3/6] IFL04C --- core/build_id.mk | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/core/build_id.mk b/core/build_id.mk index 8a426f08a..3ed5bea6c 100644 --- a/core/build_id.mk +++ b/core/build_id.mk @@ -19,4 +19,4 @@ # (like "CRB01"). It must be a single word, and is # capitalized by convention. -export BUILD_ID=IFL04B +export BUILD_ID=IFL04C From 8b9a1b135edbf484d7590411e1254f8097cbc1d5 Mon Sep 17 00:00:00 2001 From: Doug Zongker Date: Thu, 22 Sep 2011 10:28:04 -0700 Subject: [PATCH 4/6] change OTA tools to handle variable dev keys The signing and OTA-building tools now understand the default_sys_dev_certificate value which may be present in the META/misc_info.txt file of the target-files packages. Change-Id: I64f09ec0b77a5184b6ddb74019255518776ee773 --- tools/releasetools/ota_from_target_files | 37 +++++++++----- tools/releasetools/sign_target_files_apks | 62 +++++++++++++++-------- 2 files changed, 65 insertions(+), 34 deletions(-) diff --git a/tools/releasetools/ota_from_target_files b/tools/releasetools/ota_from_target_files index 4264efa4b..0a27a1902 100755 --- a/tools/releasetools/ota_from_target_files +++ b/tools/releasetools/ota_from_target_files @@ -24,9 +24,14 @@ Usage: ota_from_target_files [flags] input_target_files output_ota_package -b (--board_config) Deprecated. - -k (--package_key) - Key to use to sign the package (default is - "build/target/product/security/testkey"). + -k (--package_key) Key to use to sign the package (default is + the value of default_system_dev_certificate from the input + target-files's META/misc_info.txt, or + "build/target/product/security/testkey" if that value is not + specified). + + For incremental OTAs, the default value is based on the source + target-file, not the target build. -i (--incremental_from) Generate an incremental OTA using the given target-files zip as @@ -72,7 +77,7 @@ import common import edify_generator OPTIONS = common.OPTIONS -OPTIONS.package_key = "build/target/product/security/testkey" +OPTIONS.package_key = None OPTIONS.incremental_source = None OPTIONS.require_verbatim = set() OPTIONS.prohibit_verbatim = set(("system/build.prop",)) @@ -794,30 +799,34 @@ def main(argv): OPTIONS.device_specific = os.path.normpath(OPTIONS.device_specific) print "using device-specific extensions in", OPTIONS.device_specific - if OPTIONS.package_key: - temp_zip_file = tempfile.NamedTemporaryFile() - output_zip = zipfile.ZipFile(temp_zip_file, "w", - compression=zipfile.ZIP_DEFLATED) - else: - output_zip = zipfile.ZipFile(args[1], "w", - compression=zipfile.ZIP_DEFLATED) + temp_zip_file = tempfile.NamedTemporaryFile() + output_zip = zipfile.ZipFile(temp_zip_file, "w", + compression=zipfile.ZIP_DEFLATED) if OPTIONS.incremental_source is None: WriteFullOTAPackage(input_zip, output_zip) + if OPTIONS.package_key is None: + OPTIONS.package_key = OPTIONS.info_dict.get( + "default_system_dev_certificate", + "build/target/product/security/testkey") else: print "unzipping source target-files..." OPTIONS.source_tmp, source_zip = common.UnzipTemp(OPTIONS.incremental_source) OPTIONS.target_info_dict = OPTIONS.info_dict OPTIONS.source_info_dict = common.LoadInfoDict(source_zip) + if OPTIONS.package_key is None: + OPTIONS.package_key = OPTIONS.source_info_dict.get( + "default_system_dev_certificate", + "build/target/product/security/testkey") if OPTIONS.verbose: print "--- source info ---" common.DumpInfoDict(OPTIONS.source_info_dict) WriteIncrementalOTAPackage(input_zip, source_zip, output_zip) output_zip.close() - if OPTIONS.package_key: - SignOutput(temp_zip_file.name, args[1]) - temp_zip_file.close() + + SignOutput(temp_zip_file.name, args[1]) + temp_zip_file.close() common.Cleanup() diff --git a/tools/releasetools/sign_target_files_apks b/tools/releasetools/sign_target_files_apks index 5353063fc..bc88ef876 100755 --- a/tools/releasetools/sign_target_files_apks +++ b/tools/releasetools/sign_target_files_apks @@ -36,10 +36,16 @@ Usage: sign_target_files_apks [flags] input_target_files output_target_files -d (--default_key_mappings) Set up the following key mappings: - build/target/product/security/testkey ==> $dir/releasekey - build/target/product/security/media ==> $dir/media - build/target/product/security/shared ==> $dir/shared - build/target/product/security/platform ==> $dir/platform + $devkey/devkey ==> $dir/releasekey + $devkey/testkey ==> $dir/releasekey + $devkey/media ==> $dir/media + $devkey/shared ==> $dir/shared + $devkey/platform ==> $dir/platform + + where $devkey is the directory part of the value of + default_system_dev_certificate from the input target-files's + META/misc_info.txt. (Defaulting to "build/target/product/security" + if the value is not present in misc_info. -d and -k options are added to the set of mappings in the order in which they appear on the command line. @@ -55,7 +61,7 @@ Usage: sign_target_files_apks [flags] input_target_files output_target_files the last component of the build fingerprint). Prefix each with '+' or '-' to indicate whether that tag should be added or removed. Changes are processed in the order they appear. - Default value is "-test-keys,+release-keys". + Default value is "-test-keys,-dev-keys,+release-keys". """ @@ -80,7 +86,7 @@ OPTIONS = common.OPTIONS OPTIONS.extra_apks = {} OPTIONS.key_map = {} OPTIONS.replace_ota_keys = False -OPTIONS.tag_changes = ("-test-keys", "+release-keys") +OPTIONS.tag_changes = ("-test-keys", "-dev-keys", "+release-keys") def GetApkCerts(tf_zip): certmap = common.ReadApkCerts(tf_zip) @@ -198,14 +204,12 @@ def RewriteProps(data): return "\n".join(output) + "\n" -def ReplaceOtaKeys(input_tf_zip, output_tf_zip): +def ReplaceOtaKeys(input_tf_zip, output_tf_zip, misc_info): try: keylist = input_tf_zip.read("META/otakeys.txt").split() except KeyError: raise ExternalError("can't read META/otakeys.txt from input") - misc_info = common.LoadInfoDict(input_tf_zip) - extra_recovery_keys = misc_info.get("extra_recovery_keys", None) if extra_recovery_keys: extra_recovery_keys = [OPTIONS.key_map.get(k, k) + ".x509.pem" @@ -227,10 +231,10 @@ def ReplaceOtaKeys(input_tf_zip, output_tf_zip): print "using:\n ", "\n ".join(mapped_keys) print "for OTA package verification" else: + devkey = misc_info.get("default_system_dev_certificate", + "build/target/product/security/testkey") mapped_keys.append( - OPTIONS.key_map.get("build/target/product/security/testkey", - "build/target/product/security/testkey") - + ".x509.pem") + OPTIONS.key_map.get(devkey, devkey) + ".x509.pem") print "META/otakeys.txt has no keys; using", mapped_keys[0] # recovery uses a version of the key that has been slightly @@ -259,8 +263,28 @@ def ReplaceOtaKeys(input_tf_zip, output_tf_zip): tempfile.getvalue()) +def BuildKeyMap(misc_info, key_mapping_options): + for s, d in key_mapping_options: + if s is None: # -d option + devkey = misc_info.get("default_system_dev_certificate", + "build/target/product/security/testkey") + devkeydir = os.path.dirname(devkey) + + OPTIONS.key_map.update({ + devkeydir + "/testkey": d + "/releasekey", + devkeydir + "/devkey": d + "/releasekey", + devkeydir + "/media": d + "/media", + devkeydir + "/shared": d + "/shared", + devkeydir + "/platform": d + "/platform", + }) + else: + OPTIONS.key_map[s] = d + + def main(argv): + key_mapping_options = [] + def option_handler(o, a): if o in ("-e", "--extra_apks"): names, key = a.split("=") @@ -268,15 +292,9 @@ def main(argv): for n in names: OPTIONS.extra_apks[n] = key elif o in ("-d", "--default_key_mappings"): - OPTIONS.key_map.update({ - "build/target/product/security/testkey": "%s/releasekey" % (a,), - "build/target/product/security/media": "%s/media" % (a,), - "build/target/product/security/shared": "%s/shared" % (a,), - "build/target/product/security/platform": "%s/platform" % (a,), - }) + key_mapping_options.append((None, a)) elif o in ("-k", "--key_mapping"): - s, d = a.split("=") - OPTIONS.key_map[s] = d + key_mapping_options.append(a.split("=", 1)) elif o in ("-o", "--replace_ota_keys"): OPTIONS.replace_ota_keys = True elif o in ("-t", "--tag_changes"): @@ -307,6 +325,10 @@ def main(argv): input_zip = zipfile.ZipFile(args[0], "r") output_zip = zipfile.ZipFile(args[1], "w") + misc_info = common.LoadInfoDict(input_zip) + + BuildKeyMap(misc_info, key_mapping_options) + apk_key_map = GetApkCerts(input_zip) CheckAllApksSigned(input_zip, apk_key_map) From 57b205b9d26a7f4407108677d4fac0f0e98ed41a Mon Sep 17 00:00:00 2001 From: The Android Automerger Date: Tue, 4 Oct 2011 16:30:32 -0700 Subject: [PATCH 5/6] IFL04D --- core/build_id.mk | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/core/build_id.mk b/core/build_id.mk index 3ed5bea6c..4dc49f075 100644 --- a/core/build_id.mk +++ b/core/build_id.mk @@ -19,4 +19,4 @@ # (like "CRB01"). It must be a single word, and is # capitalized by convention. -export BUILD_ID=IFL04C +export BUILD_ID=IFL04D From 38f89a40d2077445afe27dfc7a671b634fe7d9f9 Mon Sep 17 00:00:00 2001 From: The Android Automerger Date: Tue, 4 Oct 2011 21:35:24 -0700 Subject: [PATCH 6/6] IFL04E --- core/build_id.mk | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/core/build_id.mk b/core/build_id.mk index 4dc49f075..64804ccdd 100644 --- a/core/build_id.mk +++ b/core/build_id.mk @@ -19,4 +19,4 @@ # (like "CRB01"). It must be a single word, and is # capitalized by convention. -export BUILD_ID=IFL04D +export BUILD_ID=IFL04E