diff --git a/core/Makefile b/core/Makefile index 66706fc50..181990a2a 100644 --- a/core/Makefile +++ b/core/Makefile @@ -325,7 +325,7 @@ endif # non-default dev keys (usually private keys from a vendor directory). # Both of these tags will be removed and replaced with "release-keys" # when the target-files is signed in a post-build step. -ifeq ($(DEFAULT_SYSTEM_DEV_CERTIFICATE),build/target/product/security/testkey) +ifeq ($(DEFAULT_SYSTEM_DEV_CERTIFICATE),build/make/target/product/security/testkey) BUILD_KEYS := test-keys else BUILD_KEYS := dev-keys @@ -3586,7 +3586,7 @@ $(BUILT_OTATOOLS_PACKAGE): zip_root := $(call intermediates-dir-for,PACKAGING,ot OTATOOLS_DEPS := \ system/extras/ext4_utils/mke2fs.conf \ - $(sort $(shell find build/target/product/security -type f -name "*.x509.pem" -o -name "*.pk8" -o \ + $(sort $(shell find build/make/target/product/security -type f -name "*.x509.pem" -o -name "*.pk8" -o \ -name verity_key)) ifneq (,$(wildcard device)) diff --git a/core/config.mk b/core/config.mk index ed41d5712..3788721e1 100644 --- a/core/config.mk +++ b/core/config.mk @@ -105,7 +105,7 @@ ORIGINAL_MAKECMDGOALS := $(MAKECMDGOALS) UNAME := $(shell uname -sm) -SRC_TARGET_DIR := $(TOPDIR)build/target +SRC_TARGET_DIR := $(TOPDIR)build/make/target # Some specific paths to tools SRC_DROIDDOC_DIR := $(TOPDIR)build/make/tools/droiddoc @@ -762,7 +762,7 @@ endif ifdef PRODUCT_DEFAULT_DEV_CERTIFICATE DEFAULT_SYSTEM_DEV_CERTIFICATE := $(PRODUCT_DEFAULT_DEV_CERTIFICATE) else - DEFAULT_SYSTEM_DEV_CERTIFICATE := build/target/product/security/testkey + DEFAULT_SYSTEM_DEV_CERTIFICATE := build/make/target/product/security/testkey endif .KATI_READONLY := DEFAULT_SYSTEM_DEV_CERTIFICATE diff --git a/target/board/generic_arm64/BoardConfig.mk b/target/board/generic_arm64/BoardConfig.mk index 3f83edbd0..7d92b7dfa 100644 --- a/target/board/generic_arm64/BoardConfig.mk +++ b/target/board/generic_arm64/BoardConfig.mk @@ -67,7 +67,7 @@ BOARD_ROOT_EXTRA_SYMLINKS += /vendor/firmware_mnt:/firmware # TODO(b/36764215): remove this setting when the generic system image # no longer has QCOM-specific directories under /. -BOARD_SEPOLICY_DIRS += build/target/board/generic_arm64_ab/sepolicy +BOARD_SEPOLICY_DIRS += build/make/target/board/generic_arm64_ab/sepolicy # Wifi. BOARD_WLAN_DEVICE := emulator diff --git a/target/board/generic_arm64_ab/BoardConfig.mk b/target/board/generic_arm64_ab/BoardConfig.mk index 6e54d810b..28140ce3b 100644 --- a/target/board/generic_arm64_ab/BoardConfig.mk +++ b/target/board/generic_arm64_ab/BoardConfig.mk @@ -36,4 +36,4 @@ BOARD_ROOT_EXTRA_SYMLINKS += /vendor/firmware_mnt/verinfo:/firmware/verinfo # TODO(b/36764215): remove this setting when the generic system image # no longer has QCOM-specific directories under /. -BOARD_SEPOLICY_DIRS += build/target/board/generic_arm64_ab/sepolicy +BOARD_SEPOLICY_DIRS += build/make/target/board/generic_arm64_ab/sepolicy diff --git a/target/board/generic_arm_ab/BoardConfig.mk b/target/board/generic_arm_ab/BoardConfig.mk index 9100094f8..bcb4cc56a 100644 --- a/target/board/generic_arm_ab/BoardConfig.mk +++ b/target/board/generic_arm_ab/BoardConfig.mk @@ -33,4 +33,4 @@ BOARD_ROOT_EXTRA_SYMLINKS += /vendor/firmware_mnt/verinfo:/firmware/verinfo # TODO(b/36764215): remove this setting when the generic system image # no longer has QCOM-specific directories under /. -BOARD_SEPOLICY_DIRS += build/target/board/generic_arm64_ab/sepolicy +BOARD_SEPOLICY_DIRS += build/make/target/board/generic_arm64_ab/sepolicy diff --git a/target/board/gsi_arm64/BoardConfig.mk b/target/board/gsi_arm64/BoardConfig.mk index 90ddd0dd5..571d62311 100644 --- a/target/board/gsi_arm64/BoardConfig.mk +++ b/target/board/gsi_arm64/BoardConfig.mk @@ -34,4 +34,4 @@ BOARD_ROOT_EXTRA_SYMLINKS += /vendor/firmware_mnt:/firmware # TODO(b/36764215): remove this setting when the generic system image # no longer has QCOM-specific directories under /. -BOARD_SEPOLICY_DIRS += build/target/board/generic_arm64_ab/sepolicy +BOARD_SEPOLICY_DIRS += build/make/target/board/generic_arm64_ab/sepolicy diff --git a/target/product/go_defaults.mk b/target/product/go_defaults.mk index faa1852b4..cb9383f0f 100644 --- a/target/product/go_defaults.mk +++ b/target/product/go_defaults.mk @@ -15,5 +15,5 @@ # # Inherit common Android Go defaults. -$(call inherit-product, build/target/product/go_defaults_common.mk) +$(call inherit-product, build/make/target/product/go_defaults_common.mk) diff --git a/target/product/go_defaults_512.mk b/target/product/go_defaults_512.mk index 56ab29b4b..985912f59 100644 --- a/target/product/go_defaults_512.mk +++ b/target/product/go_defaults_512.mk @@ -15,7 +15,7 @@ # # Inherit common Android Go defaults. -$(call inherit-product, build/target/product/go_defaults_common.mk) +$(call inherit-product, build/make/target/product/go_defaults_common.mk) # 512MB specific properties. diff --git a/target/product/profile_boot_common.mk b/target/product/profile_boot_common.mk index 4147dfafd..fc199541f 100644 --- a/target/product/profile_boot_common.mk +++ b/target/product/profile_boot_common.mk @@ -19,7 +19,7 @@ # remove classes that are no longer in use. # Ideally we would just generate an empty boot.art but we don't have the build # support to separate the image from the compile code. -PRODUCT_DEX_PREOPT_BOOT_IMAGE_PROFILE_LOCATION := build/target/product/empty-profile +PRODUCT_DEX_PREOPT_BOOT_IMAGE_PROFILE_LOCATION := build/make/target/product/empty-profile PRODUCT_DEX_PREOPT_BOOT_FLAGS := --count-hotness-in-compiled-code DEX_PREOPT_DEFAULT := nostripping @@ -28,7 +28,7 @@ DONT_UNCOMPRESS_PRIV_APPS_DEXS := true # Use an empty preloaded-classes list. PRODUCT_COPY_FILES += \ - build/target/product/empty-preloaded-classes:system/etc/preloaded-classes + build/make/target/product/empty-preloaded-classes:system/etc/preloaded-classes # Boot image property overrides. PRODUCT_PROPERTY_OVERRIDES += \ diff --git a/target/product/security/README b/target/product/security/README index 6a6e62d6a..6e75e4de0 100644 --- a/target/product/security/README +++ b/target/product/security/README @@ -31,7 +31,7 @@ extracting public keys for embedding dumpkey.jar is a Java tool that takes an x.509 certificate in PEM format as input and prints a C structure to standard output: - $ java -jar out/host/linux-x86/framework/dumpkey.jar build/target/product/security/testkey.x509.pem + $ java -jar out/host/linux-x86/framework/dumpkey.jar build/make/target/product/security/testkey.x509.pem {64,0xc926ad21,{1795090719,2141396315,950055447,2581568430,4268923165,1920809988,546586521,3498997798,1776797858,3740060814,1805317999,1429410244,129622599,1422441418,1783893377,1222374759,2563319927,323993566,28517732,609753416,1826472888,215237850,4261642700,4049082591,3228462402,774857746,154822455,2497198897,2758199418,3019015328,2794777644,87251430,2534927978,120774784,571297800,3695899472,2479925187,3811625450,3401832990,2394869647,3267246207,950095497,555058928,414729973,1136544882,3044590084,465547824,4058146728,2731796054,1689838846,3890756939,1048029507,895090649,247140249,178744550,3547885223,3165179243,109881576,3944604415,1044303212,3772373029,2985150306,3737520932,3599964420},{3437017481,3784475129,2800224972,3086222688,251333580,2131931323,512774938,325948880,2657486437,2102694287,3820568226,792812816,1026422502,2053275343,2800889200,3113586810,165549746,4273519969,4065247892,1902789247,772932719,3941848426,3652744109,216871947,3164400649,1942378755,3996765851,1055777370,964047799,629391717,2232744317,3910558992,191868569,2758883837,3682816752,2997714732,2702529250,3570700455,3776873832,3924067546,3555689545,2758825434,1323144535,61311905,1997411085,376844204,213777604,4077323584,9135381,1625809335,2804742137,2952293945,1117190829,4237312782,1825108855,3013147971,1111251351,2568837572,1684324211,2520978805,367251975,810756730,2353784344,1175080310}} This is called by build/make/core/Makefile to incorporate the OTA signing keys diff --git a/target/product/verity.mk b/target/product/verity.mk index d9541597f..5f09283f0 100644 --- a/target/product/verity.mk +++ b/target/product/verity.mk @@ -23,7 +23,7 @@ PRODUCT_SUPPORTS_VERITY_FEC := true # The dev key is used to sign boot and recovery images, and the verity # metadata table. Actual product deliverables will be re-signed by hand. # We expect this file to exist with the suffixes ".x509.pem" and ".pk8". -PRODUCT_VERITY_SIGNING_KEY := build/target/product/security/verity +PRODUCT_VERITY_SIGNING_KEY := build/make/target/product/security/verity PRODUCT_PACKAGES += \ verity_key diff --git a/tools/releasetools/ota_from_target_files.py b/tools/releasetools/ota_from_target_files.py index 1b5fb5ea5..ad40bd4ac 100755 --- a/tools/releasetools/ota_from_target_files.py +++ b/tools/releasetools/ota_from_target_files.py @@ -38,7 +38,7 @@ Common options that apply to both of non-A/B and A/B OTAs -k (--package_key) Key to use to sign the package (default is the value of default_system_dev_certificate from the input target-files's - META/misc_info.txt, or "build/target/product/security/testkey" if that + META/misc_info.txt, or "build/make/target/product/security/testkey" if that value is not specified). For incremental OTAs, the default value is based on the source @@ -2232,7 +2232,7 @@ def main(argv): if OPTIONS.package_key is None: OPTIONS.package_key = OPTIONS.info_dict.get( "default_system_dev_certificate", - "build/target/product/security/testkey") + "build/make/target/product/security/testkey") # Get signing keys OPTIONS.key_passwords = common.GetKeyPasswords([OPTIONS.package_key]) diff --git a/tools/releasetools/sign_target_files_apks.py b/tools/releasetools/sign_target_files_apks.py index c482a4981..64e7ca8f9 100755 --- a/tools/releasetools/sign_target_files_apks.py +++ b/tools/releasetools/sign_target_files_apks.py @@ -56,7 +56,7 @@ Usage: sign_target_files_apks [flags] input_target_files output_target_files where $devkey is the directory part of the value of default_system_dev_certificate from the input target-files's - META/misc_info.txt. (Defaulting to "build/target/product/security" + META/misc_info.txt. (Defaulting to "build/make/target/product/security" if the value is not present in misc_info. -d and -k options are added to the set of mappings in the order @@ -802,7 +802,7 @@ def ReplaceOtaKeys(input_tf_zip, output_tf_zip, misc_info): print("for OTA package verification") else: devkey = misc_info.get("default_system_dev_certificate", - "build/target/product/security/testkey") + "build/make/target/product/security/testkey") mapped_devkey = OPTIONS.key_map.get(devkey, devkey) if mapped_devkey != devkey: misc_info["default_system_dev_certificate"] = mapped_devkey @@ -959,7 +959,7 @@ def BuildKeyMap(misc_info, key_mapping_options): for s, d in key_mapping_options: if s is None: # -d option devkey = misc_info.get("default_system_dev_certificate", - "build/target/product/security/testkey") + "build/make/target/product/security/testkey") devkeydir = os.path.dirname(devkey) OPTIONS.key_map.update({ diff --git a/tools/releasetools/test_common.py b/tools/releasetools/test_common.py index d4fa5f3a5..9e36c780b 100644 --- a/tools/releasetools/test_common.py +++ b/tools/releasetools/test_common.py @@ -451,14 +451,14 @@ class CommonApkUtilsTest(test_utils.ReleaseToolsTestCase): 'name="RecoveryLocalizer.apk" certificate="certs/devkey.x509.pem"' ' private_key="certs/devkey.pk8"\n' 'name="Settings.apk"' - ' certificate="build/target/product/security/platform.x509.pem"' - ' private_key="build/target/product/security/platform.pk8"\n' + ' certificate="build/make/target/product/security/platform.x509.pem"' + ' private_key="build/make/target/product/security/platform.pk8"\n' 'name="TV.apk" certificate="PRESIGNED" private_key=""\n' ) APKCERTS_CERTMAP1 = { 'RecoveryLocalizer.apk' : 'certs/devkey', - 'Settings.apk' : 'build/target/product/security/platform', + 'Settings.apk' : 'build/make/target/product/security/platform', 'TV.apk' : 'PRESIGNED', } diff --git a/tools/releasetools/test_sign_target_files_apks.py b/tools/releasetools/test_sign_target_files_apks.py index 6a4df1a17..d745200e5 100644 --- a/tools/releasetools/test_sign_target_files_apks.py +++ b/tools/releasetools/test_sign_target_files_apks.py @@ -34,8 +34,8 @@ class SignTargetFilesApksTest(test_utils.ReleaseToolsTestCase): """ # pylint: disable=line-too-long - APEX_KEYS_TXT = """name="apex.apexd_test.apex" public_key="system/apex/apexd/apexd_testdata/com.android.apex.test_package.avbpubkey" private_key="system/apex/apexd/apexd_testdata/com.android.apex.test_package.pem" container_certificate="build/target/product/security/testkey.x509.pem" container_private_key="build/target/product/security/testkey.pk8" -name="apex.apexd_test_different_app.apex" public_key="system/apex/apexd/apexd_testdata/com.android.apex.test_package_2.avbpubkey" private_key="system/apex/apexd/apexd_testdata/com.android.apex.test_package_2.pem" container_certificate="build/target/product/security/testkey.x509.pem" container_private_key="build/target/product/security/testkey.pk8" + APEX_KEYS_TXT = """name="apex.apexd_test.apex" public_key="system/apex/apexd/apexd_testdata/com.android.apex.test_package.avbpubkey" private_key="system/apex/apexd/apexd_testdata/com.android.apex.test_package.pem" container_certificate="build/make/target/product/security/testkey.x509.pem" container_private_key="build/make/target/product/security/testkey.pk8" +name="apex.apexd_test_different_app.apex" public_key="system/apex/apexd/apexd_testdata/com.android.apex.test_package_2.avbpubkey" private_key="system/apex/apexd/apexd_testdata/com.android.apex.test_package_2.pem" container_certificate="build/make/target/product/security/testkey.x509.pem" container_private_key="build/make/target/product/security/testkey.pk8" """ def setUp(self): @@ -395,10 +395,10 @@ name="apex.apexd_test_different_app.apex" public_key="system/apex/apexd/apexd_te self.assertEqual({ 'apex.apexd_test.apex': ( 'system/apex/apexd/apexd_testdata/com.android.apex.test_package.pem', - 'build/target/product/security/testkey'), + 'build/make/target/product/security/testkey'), 'apex.apexd_test_different_app.apex': ( 'system/apex/apexd/apexd_testdata/com.android.apex.test_package_2.pem', - 'build/target/product/security/testkey'), + 'build/make/target/product/security/testkey'), }, keys_info) def test_ReadApexKeysInfo_mismatchingContainerKeys(self): @@ -407,8 +407,8 @@ name="apex.apexd_test_different_app.apex" public_key="system/apex/apexd/apexd_te 'name="apex.apexd_test_different_app2.apex" ' 'public_key="system/apex/apexd/apexd_testdata/com.android.apex.test_package_2.avbpubkey" ' 'private_key="system/apex/apexd/apexd_testdata/com.android.apex.test_package_2.pem" ' - 'container_certificate="build/target/product/security/testkey.x509.pem" ' - 'container_private_key="build/target/product/security/testkey2.pk8"') + 'container_certificate="build/make/target/product/security/testkey.x509.pem" ' + 'container_private_key="build/make/target/product/security/testkey2.pk8"') target_files = common.MakeTempFile(suffix='.zip') with zipfile.ZipFile(target_files, 'w') as target_files_zip: target_files_zip.writestr('META/apexkeys.txt', apex_keys) @@ -421,8 +421,8 @@ name="apex.apexd_test_different_app.apex" public_key="system/apex/apexd/apexd_te apex_keys = self.APEX_KEYS_TXT + ( 'name="apex.apexd_test_different_app2.apex" ' 'public_key="system/apex/apexd/apexd_testdata/com.android.apex.test_package_2.avbpubkey" ' - 'container_certificate="build/target/product/security/testkey.x509.pem" ' - 'container_private_key="build/target/product/security/testkey.pk8"') + 'container_certificate="build/make/target/product/security/testkey.x509.pem" ' + 'container_private_key="build/make/target/product/security/testkey.pk8"') target_files = common.MakeTempFile(suffix='.zip') with zipfile.ZipFile(target_files, 'w') as target_files_zip: target_files_zip.writestr('META/apexkeys.txt', apex_keys) @@ -433,10 +433,10 @@ name="apex.apexd_test_different_app.apex" public_key="system/apex/apexd/apexd_te self.assertEqual({ 'apex.apexd_test.apex': ( 'system/apex/apexd/apexd_testdata/com.android.apex.test_package.pem', - 'build/target/product/security/testkey'), + 'build/make/target/product/security/testkey'), 'apex.apexd_test_different_app.apex': ( 'system/apex/apexd/apexd_testdata/com.android.apex.test_package_2.pem', - 'build/target/product/security/testkey'), + 'build/make/target/product/security/testkey'), }, keys_info) def test_ReadApexKeysInfo_missingPayloadPublicKey(self): @@ -444,8 +444,8 @@ name="apex.apexd_test_different_app.apex" public_key="system/apex/apexd/apexd_te apex_keys = self.APEX_KEYS_TXT + ( 'name="apex.apexd_test_different_app2.apex" ' 'private_key="system/apex/apexd/apexd_testdata/com.android.apex.test_package_2.pem" ' - 'container_certificate="build/target/product/security/testkey.x509.pem" ' - 'container_private_key="build/target/product/security/testkey.pk8"') + 'container_certificate="build/make/target/product/security/testkey.x509.pem" ' + 'container_private_key="build/make/target/product/security/testkey.pk8"') target_files = common.MakeTempFile(suffix='.zip') with zipfile.ZipFile(target_files, 'w') as target_files_zip: target_files_zip.writestr('META/apexkeys.txt', apex_keys) @@ -456,8 +456,8 @@ name="apex.apexd_test_different_app.apex" public_key="system/apex/apexd/apexd_te self.assertEqual({ 'apex.apexd_test.apex': ( 'system/apex/apexd/apexd_testdata/com.android.apex.test_package.pem', - 'build/target/product/security/testkey'), + 'build/make/target/product/security/testkey'), 'apex.apexd_test_different_app.apex': ( 'system/apex/apexd/apexd_testdata/com.android.apex.test_package_2.pem', - 'build/target/product/security/testkey'), + 'build/make/target/product/security/testkey'), }, keys_info)