Commit Graph

117 Commits

Author SHA1 Message Date
Ying Wang f5770d78da resolved conflicts for merge of 240e136e to master
Change-Id: Ic6e2cbe593914ddb613454581964c5d3d443b9d5
2014-06-19 10:32:35 -07:00
Doug Zongker c8b4e849f1 full support for OTA of vendor partitions
Make vendor partition a first-class member of the OTA system (for
target_files that contain a VENDOR/ subdirectory).

Build vendor images in a way that is compatible with block-based OTA.
Support updating the vendor partition in both full and incremental,
block and file OTAs.  In most cases this is handled by refactoring the
existing code to handle the system partition to handle either, and
then calling it twice.

Currently we don't support incremental OTAs from a target-files
without a VENDOR subdirectory to one with one, or vice versa.  To add
or remove a vendor partition a full OTA will need to be done.

Bug: 15544685
Change-Id: I9cb9a1267060bd9683a9bea19b43a26b5a43800d
2014-06-16 15:39:54 -07:00
Doug Zongker 1113e38195 test block patch more realistically
Read and write the same file when testing block patches, which can
turn up errors that don't show up otherwise.  (And will appear on the
device.)

Change-Id: Ic9b8d93ec980d13163b135f619af589f41433d7f
2014-06-13 10:38:32 -07:00
Martin Blumenstingl 374e114d16 Document the worker_threads option.
Change-Id: I44775493bedc0c7224c2c4ef06330bdb1430a1b6
2014-06-11 23:03:44 +02:00
Doug Zongker 4b9596fe00 configure progress bar during block OTA script generation
Emit script commands to produce a more accurate progress bar (for full
block OTAs) and a working progress bar (for incremental block OTAs) --
ones that are driven by the progress callback from the thing actually
writing the system image.

Change-Id: Ifca10be68cfdaab7135d23515bd0ae5be2f98a16
2014-06-09 14:15:45 -07:00
Doug Zongker 91a99c28e0 fix ota script to generate non-block commands correctly
If you had a target_files without a recovery patch and specified
--block (which should have no effect without a patch), it would have
omitted some necessary commands from the OTA script.

Change-Id: I96e79cd561ebf09cfe53792d1cc558cc71479869
2014-05-09 13:16:50 -07:00
Michael Runge c6e3afd26d Support block OTA + OEM partition
Change-Id: I9e662098569a43b05279908e6833e9552a7abe3a
2014-05-05 12:22:12 -07:00
Michael Runge 6e836116f7 Add support for verifying OEM properties.
A separate OEM file must be specified to provide the expected
values for these properties.  The list of properties comes from
the "oem_fingerprint_properties" list in misc_info.txt

Bug: b/13367676

Change-Id: I1a3eaf108492132cf6f595a5d1c9f7e0c3cb3142
2014-05-01 17:37:57 -07:00
Ying Wang c73e461537 Fix variable name.
Change-Id: Ie7439f71cf7fd2eeacd45a5d6625e610dad8bfbe
(cherry picked from commit 1a1dfcb5fcb6eda11d8dbf5df02f0083853dd5c1)
2014-04-15 22:31:54 +00:00
Doug Zongker 2a99239920 Merge "test block system image patch at build time" 2014-03-06 16:39:20 +00:00
Doug Zongker 922206ec2a move data wipe to end of OTA package
Now that OTA packages can be downloaded to /data, if they include a
data wipe we should do that last.

Change-Id: I75102fb2ff85d0f0110d55dfca06ec5f38104850
2014-03-04 13:16:24 -08:00
Doug Zongker 32b527d6cb test block system image patch at build time
After building a patch for the system image (for incremental block
OTAs), apply it to a local copy of the file and test that it succeeds.
This is an imperfect test as it's using the local client's
syspatch_host, which may differ from the syspatch library actually
used in the target build, but it's somewhat better than nothing.

Change-Id: Ic0001b0145881e2ebd4b5b36ce9b5bcebd76deb4
2014-03-04 10:03:02 -08:00
Doug Zongker 5fad2039bb handle don't care regions in the system image
The system partitions has regions that we shouldn't write and can't
depend on the contents of.  Adds a new script to generate a map of
these regions (using the sparse image as input), and include the map
in the package zip so it can be used when writing or patching the
system partition.

Also fixes a bug where the wrong SELinux file contexts are used when
generating incrementals.

Change-Id: Iaca5b967a3b7d1df843c7c21becc19b3f1633dad
2014-03-03 10:57:23 -08:00
Doug Zongker 25568486e5 add option to specify updater binary, for development
Change-Id: I5f239afff70c87fb16ddc4b8abefa7bbcda6040d
2014-03-03 10:21:27 -08:00
Doug Zongker 26e6619c37 add --block flag to ota_from_target_files
Add the --block flag to this script to control whether block-based OTA
packages are generated (defaults to off).  Make the full OTA package
produced by "make otapackage" continue to produce a block-based OTA.

Also fix a problem where block incremental OTAs didn't ever succeed,
and the --no_signing option never worked.

Change-Id: I610d0b4abed4b8b65fbe8ce0abaeec6cf52e14a1
2014-02-20 13:30:44 -08:00
Geremy Condra d75d7128ce Merge "Add support for block incremental OTAs" 2014-02-20 21:10:39 +00:00
Geremy Condra 36bd365625 Add support for block incremental OTAs
Change-Id: Ie72015e34ed8d7595a5c74c8df41cba73275afab
2014-02-20 12:54:17 -08:00
Doug Zongker cf6d5a9074 bump releasetools python requirement to 2.7
These scripts already use some post-2.4 features, so let's make it
official: Python 2.7 is needed to run them.

Change-Id: I256e9ed99b0b62abe4e22a7b1f811acb7419e88e
2014-02-18 10:57:07 -08:00
Doug Zongker 01ce19c95f make full OTAs block based
Instead of writing individual files and fixing up their metadata, make
full OTAs contain a system image and simply write it to the block
device.

This is only done for target-files that already contain the recovery
flashing information, older target-files still get a file-based full
OTA.

Bug: 12893978
Change-Id: If7586083c8f275e24fec49d260af5b5aff4a0a88
2014-02-04 14:04:42 -08:00
Doug Zongker c9253822ea add recovery update code to system images
Currently, the "img" zip files generated by the build system lack the
script and data needed to rewrite the recovery partition, while the
"ota" zip files do (when installed).

In order to move towards block-based OTAs, we want the result of
flashing an image and the result of installing the corresponding OTA
package to be identical.

Generate the recovery-from-boot patch and install script as part of
the process of building the target-files.  This requires breaking the
code to generate that out of ota_from_target_files into its own tool
that we can run from the Makefile.  (ota_from_target_files can still
do this, so it continues to work with older target-files.)

Bug: 12893978
Change-Id: I80e62268840780b81216e548be89b47baf81b4ac
2014-02-04 13:50:35 -08:00
Ying Wang eb18125f2f am 0064dceb: am a8d15474: am 04cff708: resolved conflicts for merge of 7382ec7d to klp-dev-plus-aosp
* commit '0064dceb198788e237bbc10931c54b9a35275976':
  ota_from_target_files: Add an option to not sign OTA packages
2014-01-28 00:13:04 +00:00
Ying Wang 04cff70804 resolved conflicts for merge of 7382ec7d to klp-dev-plus-aosp
Change-Id: Ic414d3ec8b52b1045125e1b76deae8a4a59a5e52
2014-01-27 15:56:45 -08:00
Doug Zongker eb0a78afc0 prefer releasetools.py from target_files zip
If the target_files zip for the target build contains a
META/releasetools.py (which it has since Nov 2013), prefer that over
using a releasetools.py from the local client.

Explicitly specifying the device-specific extensions path via
command-line options takes priority over both of the above mechanisms.

Change-Id: Ia068b0e2e06ede7da89ebe4315cdec592eb8995e
2014-01-27 10:03:23 -08:00
Takeshi Kanemoto e153b34643 ota_from_target_files: Add an option to not sign OTA packages
Sometimes it is useful to be able to tell ota_from_target_files
to not sign the output zip file. For instance, the private
release key may not be available when ota_from_target_files
is executed; similarly the release tools may not be available
or executable where the private key is stored.

This change adds an option, '--no_signing', to simply output the
unsigned OTA zip file, instead of spuriously signing it with the
test key even though the zip file would need to be re-signed later
with a different key.

Change-Id: I1f3c4dc8ffa35ce85478f848b147aff3d40fe283
2014-01-27 15:01:04 +09:00
Michael Runge 4038aa8fff Enabled incrementals to patch + rename moved files
Change-Id: I551fc5291847e3ace15361c203d86f566c26da97
2013-12-16 11:29:51 -08:00
Doug Zongker 9b23f2cd78 add option to generate two-step recovery files
When run with the -2 option, ota_from_target_files will generate a
package (full or incremental) that does some extra reboots in order to
install the new recovery first, so that the rest of the installation
is done with the new recovery.  This can be useful if (say) the
package installation needs some features from the newer kernel.

For incremental packages, the verification phase is still done with
the old recovery.

This is only supported on devices where the misc partition is EMMC
(not MTD).

Two-step packages are slower to install and possibly confusing to
users (they will see their device reboot four times instead of twice),
so only use this option if necessary.

Change-Id: I3267d905e5e8eb1a1eb61bf48255b8b24ffc4ad1
2013-11-27 11:27:55 -08:00
Michael Runge 90c60d3b92 Revert "Enable incremental builder to find files that moved, and try to process them via patch + rename, instead of delete + add."
This reverts commit 37335b4238.

Change-Id: I61cc125d3b08eaa300a7774b6607dbb43f0e7148
2013-11-22 00:52:51 +00:00
Michael Runge 37335b4238 Enable incremental builder to find files that moved, and
try to process them via patch + rename, instead of
delete + add.

b/11437930

Change-Id: Ie70632a2fa0a13d4bb259f61c620bb01812494e5
2013-11-07 11:36:03 -08:00
Nick Kralevich 0eb17d9447 Update OTA to understand SELinux labels and capabilities
Update the OTA generation script to understand SELinux file
labels and file capabilities.

Make fs_config aware of SELinux labels and file capabilities, and
optionally output those elements whenever we output the
UID / GID / file perms. The information is emitted as a key=value pair
to allow for future extensibility.

Pass the SELinux file label and capabilities to the newly created
set_metadata() and set_metadata_recursive() calls. When the OTA
script fixes up filesystem permissions, it will also fix up the SELinux
labels and file capabilities.

If no SELinux label and capabilities are available for the file, use
the old set_perm and set_perm_recursive calls.

Bug: 8985290
Bug: 10183961
Bug: 10186213
Change-Id: I4fcfb2c234dbfb965cee9e62f060092a4274d22d
2013-09-10 12:30:43 -07:00
Michael Runge fb9bb205fc Revert "Update OTA to understand SELinux filesystem labels"
This reverts commit fbbd79530a.

All incremental auto OTAs broken b/9964074

Change-Id: I500d2ac194804abd20a0e01d9862fd42e8f5d2de
2013-07-22 20:42:44 +00:00
Nick Kralevich fbbd79530a Update OTA to understand SELinux filesystem labels
Make fs_config aware of SELinux contexts, and output the context
whenever we output the UID / GID / file perms.

Pass the selinux context to the set_perm2() and set_perm2_recursive()
calls. When the OTA script fixes up filesystem permissions, it will
also fix up the SELinux context on the files.

Bug: 8985290
Change-Id: I6419b64c06309a93ac6b2f2cf9fc7f8815adeaf3
2013-07-18 15:04:22 -07:00
Doug Zongker 0d92f1f13a improve OTA failure messages
Replace OTA script constructs of the form:

   assert(foo);

with

   foo || abort("sensible message");

so that the log and the on-screen display is somewhat more accessible
to non-experts.  (assert() displays the source code of the false
expression 'foo'.)

Change-Id: Ic99448e4466561d305b167cd4d5c1f0f2dbadcce
2013-06-03 12:07:12 -07:00
Kenny Root e2e9f613b5 Fix signing process for SELinux file_contexts
When not building locally and just using a target-files.zip from some
other build, it still tries to access the file_contexts from the out/
directory. This change instead looks at the unzipped target-files.zip
hierarchy to grab that information.

Bug: 9191141
Change-Id: I6ea12e82d6c6376fcada412314c5eefc97ff4853
2013-05-29 14:38:48 -07:00
Doug Zongker b32161a2a5 change recovery partition construction to use resource .dat
When /system/etc/recovery-resource.dat is available, use it to
construct the recovery-from-boot patch.

Change-Id: I1575f7d284711323186ca6823842eb2a866fd890
2012-08-21 10:33:44 -07:00
Doug Zongker 1eb74dd9a0 load SYSTEM/build.prop into the info_dict
Change-Id: Ic747106ba11773ffc9c2eebc163cfd22b1d7a4d5
2012-08-16 16:19:00 -07:00
Doug Zongker d513160b76 add extra args to mkbootimg
Arrange to take $(BOARD_MKBOOTIMG_ARGS) and pass it to all invocations
of mkbootimg from within make, and to store it in the target_files so
it can be used by future invocations of img_from_target_files and
ota_from_target_files.

Bug: 6918260
Change-Id: I7130ac52e96bd51d4d8b80ca036635e1626f01f1
2012-08-02 15:03:41 -07:00
Kenny Root f32dc71e49 resolved conflicts for merge of a86fcc29 to master
Change-Id: I3868c19bfd309b5b43b5642152a120931fe37315
2012-04-09 14:59:04 -07:00
Stephen Smalley 56882bf9b4 Support the setting of file security contexts in OTA and update packages.
Pass the file_contexts configuration to the releasetools scripts
so that the security contexts of files can be properly set for OTA
and update packages.

Requires Ica5fb73d6f2ffb981b74d1896538988dbc4d9b24

Change-Id: I5a63fd61a7e74d386d0803946d06bcf2fa8a857e
2012-04-06 15:35:41 -04:00
Doug Zongker 1807e700a5 don't generate retouch commands in OTA scripts
Doing ASLR at OTA time is now obsolete; we can stop emitting this code
in OTA scripts.

Change-Id: I2bcf8ef0697ea5590120f89dcd302f273daf531e
2012-02-28 12:21:08 -08:00
Doug Zongker e5ff5907be add device-specific hooks at start of OTA phases
Change-Id: I47534e6d40e7918ee8cb9e87d76d9030b9273708
2012-01-17 10:55:37 -08:00
Doug Zongker bd2dadc21a check entire recovery partition on startup
Checksum the entire recovery partition at boot time to see if we need
to rewrite it, rather than just the first 2kb.

Bug: 5668350
Change-Id: I777754f92e8da630ae3c09bb0d4c41884ff62f39
2011-12-02 13:55:57 -08:00
Doug Zongker 0276d18873 check entire recovery partition on startup
Checksum the entire recovery partition at boot time to see if we need
to rewrite it, rather than just the first 2kb.

Bug: 5668350
Change-Id: I777754f92e8da630ae3c09bb0d4c41884ff62f39
2011-12-02 10:46:59 -08:00
Doug Zongker 91b4f8a850 fix syntax error in OTA script
Change-Id: I3a9535acb47fc3960020a390dec8d0294a404c2e
2011-09-23 12:48:33 -07:00
Doug Zongker afb32eaca0 change OTA tools to handle variable dev keys
The signing and OTA-building tools now understand the
default_sys_dev_certificate value which may be present in the
META/misc_info.txt file of the target-files packages.

Change-Id: I64f09ec0b77a5184b6ddb74019255518776ee773
2011-09-22 10:28:04 -07:00
Doug Zongker e92f15a858 patch the /system/build.prop file last
Works around a problem observed on a retail device: incremental update
from build 1 to build 2 partially completed, leaving a mix of files
from the two builds.  (Why it booted into the regular system instead
of recovery to restart update installation is still a mystery.)
build.prop was one of the files updated, so the device reported itself
as having build 2.  The device hobbled along for months in this state,
until build 3 was released and the 2-to-3 incremental package
repeatedly failed (because some of the files it was trying to patch
were build 1).

This change makes updating build.prop the very last thing does by an
incremental update script, so if installation is aborted and the
regular system starts (and works at all), it will continue reporting
itself as build 1 and be sent the 1-to-2 OTA package again.

Change-Id: I1edc1dcef2bd2495b6fd96517c2f4c574b994f27
2011-08-26 13:46:40 -07:00
Ying Wang 6d38bdfc7b resolved conflicts for merge of a74a4811 to honeycomb-plus-aosp
Change-Id: I8400ac2bead6aa1a9902d44bf65906084ad353ad
2011-08-11 16:55:00 -07:00
david cad0bb9f62 sha module is deprecated
This patch removes the deprecated warnings from the python
scripts.

Change-Id: I052a0aab3fb28dd1d78de1307edafda6b6c35e5f
2011-08-10 17:48:04 -07:00
Ying Wang 7e6d4e45d9 Close inherited PIPE before doing work
Gmake in Darwin has file descriptor leak.
In a full build, ota_from_target_files will inherits
more than 2000 open PIPEs from gmake and fails in a call to select.select().
This change fixes the build by closing the PIPEs before doing real work.

Change-Id: Ie7035d7add0b1da3afb6bf9c2009d40f8c7d29b3
2011-02-10 11:36:43 -08:00
Doug Zongker 55d932840f support use of prebuilt bootable images
img_from_target_files now, with the -z flag, will produce an output
zip with only the bootable partitions (boot and recovery).

img_ and ota_from_target_files can take, instead of a simple
"target_files.zip", a name of the form
"target_files.zip+bootable_images.zip", where the second zip contains
bootable images that should be used instead of building them from the
target_files.zip.  (This should be the zip produced by the above -z
flag, perhaps with the images messed with in some way, such as by an
unnamed OEM's extra signature wrapper for their "secure boot"
process.)

Bug: 3391371
Change-Id: Iaf96dfc8f30e806ae342dcf3241566e76ae372d4
2011-01-25 17:07:09 -08:00
Ying Wang f9bbfb5772 Close inherited PIPE before doing work
Gmake in Darwin has file descriptor leak.
In a full build, ota_from_target_files will inherits
more than 2000 open PIPEs from gmake and fails in a call to select.select().
This change fixes the build by closing the PIPEs before doing real work.

Change-Id: Ife021382198642a97bbbf0b623e4f24f3d86b2b2
2010-12-13 16:25:36 -08:00