When /boot partition is AVB chained, boot patch level will be
included into the AVB metadata appended to boot.img. We should
also do the same for boot-debug.img to pass keymaster v4 VTS
tests, whichs checks per-partition security patch levels are
indicated in AVB properties.
Bug: 136980825
Test: avbtool info_image --image $OUT/boot-debug.img, checks
com.android.build.boot.security_patch is there
Change-Id: I2ea1ebfa6abbbbc95639817c208a90642fc3d068
The intended check was to ensure system image won't be built as a
chained partition when using dynamic partitions. Because such an image
can't be verified by bootloader.
As it evolves, GSI system image has been built against the intended
check. Because GSI system image will be verified by first stage init in
userspace.
Bug: 80195851
Test: TreeHugger
Change-Id: I45b079799e5d7443e82d73d43e2b63c613f33165
Logic to create a seperate ODM NOTICE file for modules located at
TARGET_OUT_ODM.
Bug: 137542307
Test: Built an image with both a seperate ODM image and one where it is
built into vendor.img and ensured that a NOTICE.xml.gz was located at
/odm/etc and contained any license generated by ODM modules.
Change-Id: I9e6f46b1b94c5b6584c2a5810713fcf49f637d02
Tools/files added in this CL are necessary for mixing GSI with vendor
images from other product and for the GSI to run on the emulator.
Bug: 136786169
Test: $ lunch aosp_x86-userdebug
$ m -j updatepackage otatools-package emu_extra_imgs
$ cd $TMP_DIR
$ unzip $OUT/emu-extra-linux-system-images-eng.ycchen.zip
$ cd x86
$ unzip -n $OUT/aosp_x86-img-eng.ycchen.zip
$ unzip $OUT/otatools bin/mk_combined_img bin/sgdisk
$ unzip $OUT/otatools lib64/libc++.so lib64/libext2_uuid-host.so
$ cut -d/ -f5 system-qemu-config.txt > composit.txt
$ SGDISK=bin/sgdisk bin/mk_combined_img -i composit.txt -o system.img
$ cd ..
# Download sdk-repo-linux-emulator-*.zip from AB
$ unzip -l sdk-repo-linux-emulator-*.zip
$ ANDROID_PRODUCT_OUT=x86 ANDROID_BUILD_TOP=x86 emulator/emulator
Change-Id: Ibf88652eb4fb3244553062bbfb8bceac9a5cda47
The modules.softdep file is used to communicate soft dependencies
between modules and is supported by libmodprobe.
Bug: 130585369
Change-Id: I790ea872fde7fb0cb58e07277a32aa4688adcac6
To accommodate a future vendor ramdisk, recognize
BOARD_VENDOR_RAMDISK_KERNEL_MODULES and
BOARD_VENDOR_RAMDISK_KERNEL_MODULES_LOAD as a way to specify kernel
modules to be stored on the vendor ramdisk, and the optional override list of
kernel modules to be loaded by first stage init.
For now this will affect the modules loaded on the generic ramdisk,
but will provide a way for vendors to add support now and hopefully not
have to modify it later when the vendor ramdisk is created.
BOARD_RAMDISK_KERNEL_MODULES is renamed to
BOARD_GENERIC_RAMDISK_KERNEL_MODULES, which is not expected to be
modified by vendors.
Bug: 137297791
Change-Id: I05944e004ab5235172da3a15b8d1c6f4c4c021ce
When we build the system image separately from the vendor image, we need the
/vendor/odm link (if any) to be created in the vendor build, not the system
build. This change moves the create-vendor-odm-symlink function outside the
BUILDING_SYSTEM_IMAGE gaurd, and inside the BUILDING_VENDOR_IMAGE gaurd.
Bug: 136516335
Test: Build vendor image, verify that /vendor/odm -> /odm
Change-Id: I6edf5d6d1fa0b2f632f67113f69a49b43f719941
This CL changes the condition for building super_empty.img from
PRODUCT_BUILD_SUPER_PARTITION to PRODUCT_USE_DYNAMIC_PARTITIONS, as a
follow-up to the change in [1].
With the CL in [1], it skips building super.img and super_empty.img both
when turning off PRODUCT_BUILD_SUPER_PARTITION. However, the latter
should be mandatory whenever dynamic partitions is enabled. Because
fastboot relies on this file to properly flash dynamic partitions. Plus,
the cost for building super_empty.img is much lower than the one for
super.img.
As part of the change, it'll write group info into target_files when
building with PRODUCT_BUILD_SUPER_PARTITION == false. It's the work for
target_files merging script to determine the values to be picked up. The
current logic in merge_target_files.py always uses the one from vendor
target_files. This CL adds a testcase to ensure the behavior.
[1] https://android-review.googlesource.com/c/platform/build/+/928756
Bug: 135752763
Test: `m dist` with a target that sets PRODUCT_BUILD_SUPER_PARTITION to
false. Check the built artifacts contain super_empty.img. Verify
that the build can be flashed properly.
Change-Id: I277f087eab45663a6c3b33333d16e9e576c1c25c
Build support exists to copy a set of kernel modules to the recovery,
vendor, and odm images. Extend similar support for copying kernel
modules to the ramdisk via BOARD_RAMDISK_KERNEL_MODULES. If
BOARD_USES_RECOVERY_AS_BOOT, then BOARD_RAMDISK_KERNEL_MODULES is
added to the set of modules to be copied to recovery.
Libmodprobe now supports reading a list of kernel modules to be loaded.
Enable the creation of modules.load and modules.load.recovery files.
These files contain the contents of
BOARD_[RAMDISK|VENDOR|ODM|RECOVERY]_KERNEL_MODULES_LOAD, or if those
variables are not set, the contents of
BOARD_[RAMDISK|VENDOR|ODM|RECOVERY]_KERNEL_MODULES (indicating all
modules should be loaded by default). This allows for
optional customization of the set of modules to be loaded by
libmodprobe and the order they are loaded in.
Bug: 130585369
Change-Id: I9340787d31d71aebc8552344675d9696c189a8a1
Therefore, we can access the tool in tradefed test. And partners can also
run simulation without a git repo.
Bug: 131911365
Test: build otatools-package
Change-Id: Ibfeeab360517e129f47f18372bfa236b437bce9b
- `--block` has been a no-op since Oreo [1] -- ota_from_target_files
will always build block-based OTAs or A/B OTAs.
- MKBOOTIMG is no longer needed when calling ota_from_target_files, at
least for the callsite in Makefile. Because target_files.zip has been
including boot/recovery images since Lollipop [2].
This CL also switches to long options to improve readability.
[1] commit 457cbf6a8a
[2] commit 3c84f56948
Test: TreeHugger
Change-Id: I801bd0525d2529156bbf783698661d90ba24017a
lpunpack is needed to repackage super.img for mixed-image virtual devices.
For Cuttlefish, it's included in host package. We need to include it in
otatools.zip so Goldfish or other devices can use it to mix their super images.
Necessary SOs are the same as lpmake and have been included in otatools.zip.
Bug: 134461288
Test: $ lunch aosp_x86-userdebug
$ m otatools-package
$ unzip -l $OUT/ota* | grep lpunpack
467824 2008-01-01 00:00 bin/lpunpack
Change-Id: Ie2092f18afb88721b29b1738847a0b781dbcd431
The dependency on MAKE_EXT4FS (mke2fs) has been covered by the rule for
MKEXTUSERIMG (mkuserimg_mke2fs):
https://android.googlesource.com/platform/system/extras/+/refs/heads/master/ext4_utils/Android.bp
The dependency on mksquashfs and img2simg comes from mksquashfsimage.sh,
which has been moved into mksquashfsimage's building rule.
This CL also fixes the ordering of INTERNAL_USERIMAGES_BINARY_PATHS,
which should come after adding all the binaries to
INTERNAL_USERIMAGES_DEPS.
Test: TreeHugger
Change-Id: I8b30bf87860d9711e88eecca4b76db72f5cd8241
`PATH=$(foreach p,$(INTERNAL_USERIMAGES_BINARY_PATHS),$(p):)$$PATH` will
produce a space separated string due to `foreach`, if
$(INTERNAL_USERIMAGES_BINARY_PATHS) has more than one string. We didn't
hit the issue in the past because $(INTERNAL_USERIMAGES_BINARY_PATHS)
had contained only one path in practice.
Test: TreeHugger
Change-Id: I74ef4356668af63d871a81f6bfd4c9324aa1d956
BOARD_PREBUILT_BOOTIMAGE is set.
Based on current Makefile INSTALLED_BOOTIMAGE_TARGET always kept as
empty if TARGET_NO_KERNEL is true, so build fails with empty out path.
This change is to set up INSTALLED_BOOTIMAGE_TARGET with
$(PRODUCT_OUT)/boot.img in case of TARGET_NO_KERNEL is true and
BOARD_PREBUILT_BOOTIMAGE is defined.
Bug: 135648566
Test: m -j passed
Change-Id: I9658f215c2e2cc5d87040d5085521ef44722c4ef
BOARD_SUPER_PARTITION_ERROR_LIMIT can be set by OEMs to cause a
build failure when the sum of sizes of logical partitions exceeds the same.
It is set to BOARD_SUPER_PARTITION_SIZE by default.
Bug: 133329143
Test: mmm -j32
Change-Id: Ief85c9ab3e3b9d071cd22b70e13b5c64bb784b9c
* changes:
Fix dependency on BOARD_AVB_SYSTEM_KEY_PATH
Fix some java library dependencies
Depend on NDK libraries
Call clean-path in more places
Add missing dependecy on SOONG_ZIP
Add dependencies on the toolchain (clang, etc)
These were found when trying to run remotely on RBE with only the
sources depended upon available for each rule.
Bug: 130111713
Test: treehugger
Change-Id: Id763f8fc7dfbe60445f98604db3422147165f537
BOARD_SUPER_PARTITION_WARN_LIMIT can be set by OEMs to print
a warning when the sum of sizes of logical partitions exceed the same.
It is set to 95% of BOARD_SUPER_PARTITION_SIZE by default.
Bug: 133329143
Test: mmm -j32
Change-Id: I7d3bedd970a92be60991898e436f63d914359301
We sometimes see build failures when building platform.zip happens
at the same time as building vendor.img if the vendor.img rule
runs rm -rf $OUT/vendor/lib/modules at the same time that platform.zip
is zipping $OUT/vendor/. Move the kernel modules into normal
installation rules so that they are in place by the time either
the vendor.img or platform.zip rules run.
This will also cause the kernel modules to show up in
installed-files*.txt.
Test: m vendorimage && ls $OUT/vendor/lib/modules
Change-Id: I178b1d54bfcdb5cf5c29885ace9183ac28fc8826
Include misc_info.txt (of CF's super.img) in *-img-*.zip.
This is needed if we want to rebuild super.img by replacing
some partitions in it.
Other tools, lpunpack and lpmake, are included in CF's
host package in another CL.
Bug: 134461288
Test: $ lunch aosp_cf_x86-userdebug
$ m dist
$ unzip -l $OUT/*-img-*.zip | grep misc_info
619 2019-05-27 17:42 misc_info.txt
Change-Id: Idf6146c2a7f9f32c9c4e5ddd2f6b9e65fc6bf55b
When using Verified Boot 2.0, releasetools specifies a salt value based
on build fingerprint, so that to give idempotent images.
However, the change that removed static `ro.build.fingerprint` [1] broke
the behavior, as common.LoadInfoDict still relies on fingerprints.
Without a fixed salt, the first call to make_recovery_patch.py and the
second one (which writes IMAGES/{boot,recovery}.img) will see different
images, which leads to install-recovery.sh failure.
Note that currently there's a dependency that requires getting bootable
images through two separate calls. make_recovery_patch.py has to happen
first to get (placeholder) files in the system image. We then generate
canned fs_config files, and finally use add_img_to_target_files.py to
write the images.
This CL adds a quick workaround to force rebuilding the
recovery-from-boot patch while calling add_img_to_target_files.py.
[1] https://android-review.googlesource.com/c/platform/build/+/892933
Bug: 134123803
Bug: 134525174
Test: TreeHugger
Test: Build a non-A/B target that uses AVB. Run validate_target_files.py
on the generated target_files.zip.
Change-Id: I5859e30be63bfd54398cf41fd2d907f15285f560
$(BUILD_NATIVE_TEST) will install a test binary into /testcases
regardless of is proprietary or not.
For now, since NOTICE.xml for a system partition depends on all modules in
/testcases, "m systemimage" may trigger "installing a proprietary test".
Modules in /testcase are not actually installed, so we can ignore them
when we make a notice file.
Bug: 133454731
Test: (internal) m systemimage, and see /vendor/lib if there are
unexpected files installed.
Change-Id: I54ee51a761049b8a5ce9e3369b30b7ade6344146
Treehugger Robot