Commit Graph

7223 Commits

Author SHA1 Message Date
Treehugger Robot 243f9ea65f Merge "sign_target_files_apks: Relax ro.build.description requirements" 2021-04-24 05:13:01 +00:00
Treehugger Robot 87cfdce392 Merge "Revert "Enable support for verity writes for VABC targets"" 2021-04-24 03:36:26 +00:00
Kelvin Zhang c777570825 Revert "Enable support for verity writes for VABC targets"
This reverts commit 6bb647fb85.

Reason for revert: b/186213024

Change-Id: I35054cf263c9118933fb885d5740546af3d4deec
2021-04-23 22:44:01 +00:00
jiajia tang 92b6078314 Simplify codes for BuildSuperImage func
Use common function LoadDictionaryFromFile(), instead
of LoadDictionaryFromLines(). Makes these codes conciser.

Change-Id: Ibb6f19744246b3415bcd639bc59dbb2aede725d9
Signed-off-by: jiajia tang <tangjiajia@xiaomi.com>
2021-04-23 19:58:40 +08:00
Treehugger Robot 8d437e4168 Merge "Enable support for verity writes for VABC targets" 2021-04-22 18:09:11 +00:00
Kelvin Zhang 6bb647fb85 Enable support for verity writes for VABC targets
We already added support on device to write verity. Flipping a flag in
ota generation tools to enable verity.

Test: th && running OTA repeatedly on bramble
Change-Id: Id1639f644eb8c23f97e171264702a7872f41411a
2021-04-21 15:19:23 -04:00
jiajia tang 92be6ee9d7 More accurate error if input_file is not exists
This patch is intended to make build log is more
accurate if input_file is not exists, then check if
it is a zipfile.

Change-Id: I30da0141ea44fc3ce0947f868a86a15a054a4346
Signed-off-by: jiajia tang <tangjiajia@xiaomi.com>
2021-04-21 16:41:58 +08:00
Daniel Norman e9af70ad68 Performs basic APEX validation in the merged target files package.
Uses apex_utils.GetApexInfoFromTargetFiles to find and parse APEX files
in the target files partition dirs. Raises an error on failure to parse
or duplicate package names.

Bug: 177225446
Test: releasetools_test
Test: Create a merged build that provides the VNDK APEX on both vendor
      and system. Observe failure.
Change-Id: I1356e263b7b32d6063129e079f3ba7ab4ff132a7
2021-04-19 22:31:01 +00:00
Treehugger Robot b2233cf162 Merge "Fix bug: repeated restricted effective conditions." 2021-04-15 21:51:20 +00:00
Bob Badour 1f69c4404a Fix bug: repeated restricted effective conditions.
Test: m all
Change-Id: I0fc8f66dd72e3d3983b9d2b5fa7416c09a776ccc
2021-04-15 10:59:40 -07:00
Kelvin Zhang 6c17ed3185 Re-raise exceptions instead of sys.exit
Test: th
Change-Id: I3ac343b51eeeaa948712be81b640122f9981137d
2021-04-14 14:59:12 -04:00
Bob Badour f7e9c43464 Merge "Fix bug: include all dirs not just the last one." 2021-04-14 00:16:12 +00:00
Daniel Norman 4b7ee39a70 Merge changes Ic269fa99,I045be7cb
* changes:
  Generate care_map.pb when merging target files packages.
  Moves care map generation logic to common.py, so it can be reused.
2021-04-13 23:54:08 +00:00
Mateusz Zięba 5371607b50 Fix bug: include all dirs not just the last one.
Test: m all

Change-Id: I5724f792ee36c2f66786761e5d55b4f6c456753c
2021-04-13 13:14:13 -07:00
Daniel Norman db8cacc976 Generate care_map.pb when merging target files packages.
Test: build a merged target using Forrest,
      Observe META/care_map.pb
Bug: 182296208
Change-Id: Ic269fa99ec8ed2bd474a2f69b1be1f545c567112
2021-04-13 11:43:02 -07:00
Kelvin Zhang 2732413fa2 Moves care map generation logic to common.py, so it can be reused.
Test: th
Bug: 182296208
Change-Id: I045be7cb208412431d6ab1c26e31d38d2285738b
2021-04-13 11:42:26 -07:00
Justin Yun 48aa78ed3c Remove grf_required_api_level
As we don't fix the grf window, we may not calculate the grf
expiration date and the required api level.
The verification of this will be covered by the tests at run time.

Bug: 176950752
Test: atest --host post_process_props_unittest
Change-Id: I1205f0d9a9da5bc508a49acbcbb7da581800bf45
2021-04-13 17:58:59 +09:00
Stefen Wakefield 4260fc1575 sign_target_files_apks: Relax ro.build.description requirements
Some OEMs, namely OnePlus don't use AOSP compliant build description.
Making sure that the last piece ends with -keys is more than enough.

Change-Id: Iefa3c408a3fdda0b63db257befb8ba2d36793293
2021-04-12 17:33:29 +00:00
jiajia tang 836f76bc3a Unify the style of _MakeRamdisk for ramdisk format
RamdiskFormat class is introduced by commit : f3f842b676
But it seems _MakeRamdisk() related codes are also needed, then
both of the code style are same.

This patch takes below 2 changes:
1) adds new commom function _GetRamdiskFormat()
2) unfiy the code logic of _MakeRamdisk() and its related code logic.

Change-Id: Ibd4932a6050fbac15fcd741c70dd7854c12e887d
Signed-off-by: jiajia tang <tangjiajia@xiaomi.com>
2021-04-08 09:55:15 +00:00
Treehugger Robot 222b4ab071 Merge "Use BOARD_API_LEVEL to define ro.board.api_level" 2021-04-08 00:15:06 +00:00
David Anderson 5ebe28c1d4 Merge "Relax inode usage estimate." 2021-04-07 02:15:39 +00:00
Treehugger Robot 2fea84f592 Merge "zipalign: clarify the help for -p slightly." 2021-04-06 19:15:43 +00:00
Justin Yun 07ceaa71c1 Use BOARD_API_LEVEL to define ro.board.api_level
GRF devices must define the API level of which the SoC is first
shipped by setting BOARD_SHIPPING_API_LEVEL. As this is a permanent
value, vendors may not change this value even if they implement new
features under the GRF policy.

BOARD_API_LEVEL can be optionally defined in this case to manually
set the api level of the vendor implementation.
The current api level will be set to `ro.board.api_level` property.

Bug: 176950752
Test: atest --host post_process_props_unittest
Change-Id: Ib126c1a622ded9848650f3f60c0f15005867272d
2021-04-06 16:33:07 +09:00
Elliott Hughes f4800de454 zipalign: clarify the help for -p slightly.
Bug: http://b/141281419
Test: treehugger
Change-Id: If331ad0450433bfb8e585e3df3727dd09ef14c66
2021-04-05 16:02:16 -07:00
Daniel Norman 25444470db Merge "Revert "Generate care map after merging target_files"" 2021-04-05 22:43:07 +00:00
David Anderson 203057cb9b Relax inode usage estimate.
The current inode usage estimate applies a factor (1.04x) to account for
differences between the directory and file count and what mkfs.ext4
produces. Bump this to 1.06x to allow more leniency.

This increases bramble partition sizes by 32KB total.

Bug: 182365132
Test: manual test
Change-Id: I9ade82cb89422e31ae8c5df9fff31157e88278c5
2021-04-05 13:45:02 -07:00
Daniel Norman 2d7989a635 Revert "Generate care map after merging target_files"
This reverts commit c184fa1887.

Reason for revert: b/184541365

Change-Id: Icbcbb6deb92863f4a468b9fa54f18d824a6f0939
2021-04-05 17:40:47 +00:00
Treehugger Robot f92961248b Merge "Generate care map after merging target_files" 2021-04-05 04:43:27 +00:00
Treehugger Robot d2170430fe Merge "Don't disable verity if VABC is disabled" 2021-04-02 22:52:45 +00:00
Sasha Smundak 57bb5081d7 Always use /bin/sh to run the command.
SHELL environment variable cannot be relied on because the rbcrun
can be run as `env - rbcrun ...`

Fixes: 184278019
Test: build/soong/soong_ui.bash --make-mode USE_BAZEL=1 TARGET_PRODUCT=aosp_arm64 TARGET_BUILD_VARIANT=userdebug droid dist platform_tests
Change-Id: Id8fc7fd1ae8f2e674028ba5ffb3616f87eea6bc4
2021-04-01 16:44:47 -07:00
Kelvin Zhang c184fa1887 Generate care map after merging target_files
Test: th
Bug: 182296208
Change-Id: I12c0732961ec1c4d18f5cc4d136c98babba23d82
2021-04-01 17:04:12 -04:00
Kelvin Zhang 50dc1b88b7 Don't disable verity if VABC is disabled
Test: th
Change-Id: Icef5315047aa783219e1dcb6678adaa084626e52
2021-04-01 17:04:12 -04:00
Tianjie Xu 98c8507215 Merge "Fix error if ramdisk is minigzip compression" 2021-04-01 20:15:35 +00:00
Bob Badour bfa8d0cacc [LSC] Add LOCAL_LICENSE_KINDS to build/make
Added SPDX-license-identifier-Apache-2.0 to:
  tools/rbcrun/Android.bp

Bug: 68860345
Bug: 151177513
Bug: 151953481

Test: m all

Exempt-From-Owner-Approval: janitorial work
Change-Id: I6a1c75458115b15d9d0d9f0dbc11e0acffc1fe7b
2021-03-31 19:57:06 -07:00
jiajia tang f3f842b676 Fix error if ramdisk is minigzip compression
This change intends to fix if ramdisk is not "lz4" compression.
Legacy is "minigzip" compression.

If not lz4, the following error will happen when exec build_super_image.py:
  Unable to get boot image build props: Failed to run command '['lz4', '-d', '/tmp/boot_omdZZ8.img/ramdisk', '/tmp/boot_omdZZ8.img/uncompressed_ramdisk']' (exit code 44):
  Error 44 : Unrecognized header : file cannot be decoded

Change-Id: I71248387bbeecbf184e0c24e6346c235d728518e
Signed-off-by: jiajia tang <tangjiajia@xiaomi.com>
2021-04-01 10:41:00 +08:00
Alexander Smundak fe5799af6b Merge changes from topic "product_config_star"
* changes:
  Product configuration in Starlark support files.
  Roboleaf product configuration runner
2021-03-31 18:28:50 +00:00
Yo Chiang e86bab474b Revert^2 "Add option to allow product makefiles to skip building s..."
This reverts commit ccfea17fb7.

Reason for revert: Original bug was resolved by updating branch config

Change-Id: I2327092261a2147fa8f2be3d878db04228e65511
2021-03-25 10:12:28 +00:00
Tianjie Xu ccfea17fb7 Revert "Add option to allow product makefiles to skip building s..."
Revert submission 1644988-nextgen-release-img-zip-cleanup

Reason for revert: b/183654818
Reverted Changes:
I2474e5fd6:Nextgen release: Don't build super_empty.img
I549439528:Add option to allow product makefiles to skip buil...

Change-Id: I711d1c288eed17686b048144d8d41c0fdd5cd8e1
2021-03-25 05:00:12 +00:00
Yi-Yo Chiang ba959a5ff1 Add option to allow product makefiles to skip building super_empty.img
This change doesn't change the condition for building super_empty.img,
it just add a toggle PRODUCT_BUILD_SUPER_EMPTY_IMAGE that product
makefiles can use to skip building super_empty.img.
Products that don't use super_empty at all, for example GSI, can set
this option to ensure the super_empty.img is not built.

Bug: 183068624
Test: "m dist" on GSI and check the build artifacts under OUT and DIST
  directories, and check the contents of *-img-*.zip
Change-Id: I54943952873d2d297fd9d18cbe14742bc12ae9c6
2021-03-24 05:35:10 +00:00
Treehugger Robot 30f09a1a2e Merge "Support GKI boot.img v4 signing" 2021-03-23 00:24:33 +00:00
Bowgo Tsai 27c39b0af2 Support GKI boot.img v4 signing
Commit I9967d06bde0e18a12b84b5b0b568db09765fe305 supports adding a
generic boot_signature into boot.img v4. This change allows replacing
the boot_signture signing key with a release key during the release
process.

The default GKI signing key can be specified in a BoardConfig.mk via:

  BOARD_GKI_SIGNING_KEY_PATH := external/avb/test/data/testkey_rsa2048.pem
  BOARD_GKI_SIGNING_ALGORITHM := SHA256_RSA2048
  BOARD_GKI_SIGNING_SIGNATURE_ARGS := --prop foo:bar

The release signing key/algorithm can be specified by the following options
when invoking sign_target_files_apks:

  --gki_signing_key=external/avb/test/data/testkey_rsa4096.pem
  --gki_signing_algorithm=SHA256_RSA4096

Additional arguments for generating the GKI signature can be
specified as below:

  --gki_signing_extra_args="--prop gki:prop1 --prop gki:prop2"

Bug: 177862434
Test: make dist
Test: sign_target_files_apks \
        --gki_signing_key=external/avb/test/data/testkey_rsa4096.pem \
        --gki_signing_algorithm=SHA256_RSA4096 \
        --gki_signing_extra_args="--prop gki:prop1 --prop gki:prop2" \
        ./out/dist/*-target_files-eng.*.zip signed.zip
Test: Checks GKI boot_signature is expected after signing:
      `unzip signed.zip IMAGES/boot.img`
      `unpack_bootimg --boot_img IMAGES/boot.img --out unpack`
      `avbtool info_image --image unpack/boot_signature`
Test: unit test: releasetools_test and releasetools_py3_test

Change-Id: I61dadbc242360e4cab3dc70295931b4a5b9422a9
2021-03-19 17:11:04 +08:00
Tianjie Xu c63bf0ad7a Merge "Check that sum of DAP groups is smaller than super" 2021-03-18 17:33:29 +00:00
Sasha Smundak 24159db21e Roboleaf product configuration runner
The application rbcrun executes Starlark scripts that define Android product configurations.
See README.md for details.

Test: go test
Fixes: 180529448
Change-Id: I7d728b47d3f381b7052a0d7d51c9e698e5c2e316
2021-03-18 10:03:59 -07:00
Jiyong Park b92b8f48fc verity_utils.py is a standalone binary
verity_utils.py gets an entry point and becomes a host binary. This is
to support signing images from the "bootimg" module type. Previously
this was done by directly invoking "avbtool" from the soong module, but
that required people to know the partition_size priori. The partition
size may not be known before actually building the partition image
especially when the partition is not for a physical partition but for a
partition in a composite image.

verity_utils.py, when the partition_size is not given, is capable of
calculating the mininum required partition size based on the size of the
unsigned input image file.

Bug: 180676957
Test: m microdroid_boot-5.10
Change-Id: I7bef292fb141c90899b7bdc0748895f95f964829
2021-03-17 16:28:16 +09:00
Tianjie 8ba4270e24 Check that sum of DAP groups is smaller than super
The maximum size of all dynamic partition groups should not exceed
the super size - DAP metadata size. Today the configuration of
some devices don't take the metadata into acount. So turn the CheckLe
into CheckLt.

Also, display a warning if the reserved size for DAP metadata is less
than 1M.

Bug: 182431975
Test: mm -j32 check-all-partition-sizes
Change-Id: Ie278f224321083e457d68da000c2b22ec8a54085
2021-03-16 22:13:13 -07:00
Treehugger Robot b7ade64e3f Merge "Trigger data wipe on spl-downgrade as well" 2021-03-12 18:50:38 +00:00
David Anderson 45b4230726 Add --disable_vabc to ota_from_target_files help text.
Bug: N/A
Test: N/A
Change-Id: Ib8f9cd5dae746b0f2dac15d4de378116f4b93178
2021-03-11 13:01:31 -08:00
Kelvin Zhang 06400177a3 Trigger data wipe on spl-downgrade as well
Test: make an spl-downgrade pkg
Change-Id: I3220719a1b3fe6b2f07bfb9fd526ec6e94ca16ba
2021-03-10 11:06:10 -05:00
Tianjie bf0b8a8610 Add a check for missing entries in AVB_FOOTER_ARGS_BY_PARTITION
Fail the signing if the AVB_FOOTER_ARGS_BY_PARTITION isn't in sync
with common.AVB_PARTITIONS.

Bug: 181787095
Test: run sign_target_files_apks on a S image

Change-Id: I6ccf5fb9f39b92c1da2554f5b3826d2cd87d84d7
2021-03-03 17:31:48 -08:00
Tianjie 697c6eecf6 Add missing R partitions in AVB_FOOTER_ARGS
If we miss these entries, the signing script won't correctly update
the avb prop to build the vbmeta. This cl adds the missing partitions
for R build.

In the followup, we need to make the map in sync with AVB_PARTITIONS in
common.py

Bug: 181787095
Test: run sign_target_files_apks
Change-Id: I39a308fb7028b45ce08f0ca3c6ad61a6c13e8082
2021-03-03 15:28:58 -08:00