By design doc: go/aidegen-doc-generate-R
In order to generate R.java of app modules, AIDEGen needs to build
the module. It might cause system.img oversized so we turn to build
the target srcjar file if it exists in module-info.json.
Build module-info.json without this change:
Build time: 1m47.227s
File size: 14,186,429 Bytes
Build module-info.json with this change:
Build time: 1m46.796s
File size: 14,614,470 Bytes
Bug: 132407603
Test: 1. m out/target/product/generic_x86_64/module-info.json
2. by grep "target/common/obj/APPS/Settings_intermediates/aapt2.srcjar"
in module-info.json.
Change-Id: I09c812aede0324bc38acbead0a863a85ae15b33e
As a PRODUCT variable, PRODUCT_EXTRA_VNDK_VERSIONS is not allowed to
be assigned from the build command. Instead, we can use
OVERRIDE_PRODUCT_EXTRA_VNDK_VERSIONS in the build command to
override PRODUCT_EXTRA_VNDK_VERSIONS.
Bug: 132412510
Test: OVERRIDE_PRODUCT_EXTRA_VNDK_VERSIONS=28 m vndk_snapshot_package
Change-Id: I91579961ab393f40ddce8bfe9304829b5b669441
Color the node nodes by their location to:
- /build/make/target/product/* => light yellow
- /vendor/* => light red
Test: m product-graph
Change-Id: I911764352e7dc4e2ead2b3770300f48d23dc20b8
os_version is important for keymaster version binding, where it
refuses to perform operations with a key that is bound to an old
system version. This ensures that an attacker who discovers a
weakness in an old version of system or TEE software cannot roll a
device back to the vulnerable version and use keys created with the
newer version.
Previously, os_version for system.img is added into boot.img header
for bootloader to read the value then pass to TEE before booting the
HLOS. However, with project Treble to modularize each partition, all
images are now in the trajectory to be built independently (still
on-going). Also, in the Generic System Image (GSI) compliance test,
the os_version in OEM's boot.img cannot reflect the actual version of
GSI.
This CL adds per-partition os_versions into AVB metadata, which is
readable by bootloader via libavb without file system dependency. It's
still unclear for how os_version in non-system partition should be used.
We just add them for completeness here.
See more details in:
https://source.android.com/security/keystore/version-binding
Bug: 132233601
Test: build and avbtool info_image $OUT/vbmeta.img
- Prop: com.android.build.boot.os_version -> '10'
- Prop: com.android.build.system.os_version -> '10'
- Prop: com.android.build.system.security_patch -> '2019-06-05'
- Prop: com.android.build.vendor.os_version -> '10'
- Prop: com.android.build.vendor.security_patch -> '2019-06-05'
- Prop: com.android.build.product.os_version -> '10'
- Prop: com.android.build.product.security_patch -> '2019-06-05'
Change-Id: I21a77420f2e8a3456f7a8cae5158eb8fc41319e7
They should only be in the Runtime APEX, c.f. discussion on
http://r.android.com/957159.
Test: build/soong/build_test.bash through Forrest
Bug: 124293228
Change-Id: I33e97a56e67c3f4734d14f38e0f1597b697a2604
Should be in product_config.mk, before the variables are readonly'd, or
the default will fail to work.
Bug: 131576555
Test: set PRODUCT_SHIPPING_API_LEVEL := 29 in mainline_arm64.mk && lunch
Change-Id: I25faee7ec0a3fff17e1d08b834d868834effda36
This is the first commit to generate VNDK snapshot with Soong: .so
files, some txt files, and notice files are captured with Soong. As
ld.config.txt is currently in Android.mk and will be deprecated soon,
configs files (and zipping all of artifacts) are still handled with
Makefile.
Bug: 131564934
Test: 1) DIST_DIR=out/dist development/vndk/snapshot/build.sh
Test: 2) try installing vndk snapshot with:
development/vndk/snapshot/update.py
Change-Id: Ia904e8a1b44824d6c9556ada93bf1616620a1363
This CL moves SignApex() from sign_target_files_apks into apex_utils,
and adds sign_apex that allows signing a standalone APEX file directly.
Test: Run the following command and check the output file.
$ build/make/tools/releasetools/sign_apex.py \
-v \
--container_key \
build/make/target/product/security/testkey.x509.pem \
--payload_key external/avb/test/data/testkey_rsa4096.pem \
--payload_extra_args \
"--signing_helper_with_files ./signing-helper.sh" \
foo.apex \
signed-foo.apex
Test: Run sign_target_files_apks.py on crosshatch target_files.zip.
Change-Id: I4b2422fd5cb1c60a3aa94511475e2a0e5b1666ca
Values should be comma-separated, and things won't go down well
if there are multiple words in this variable.
Bug: 123783710
Test: Put this in product_config.mk and ran multiproduct_kati:
ifneq (1,$(words $(PRODUCT_CHARACTERISTICS)))
$(error oops)
endif
Change-Id: I5627f416093d68d8d19916a914739686b74d392f
This has been a warning for a long time. Make it an error instead.
Once this has been verified to not cause any problems, it can
likely be changed to instead default to setting
TARGET_SUPPORTS_64_BIT_APPS := true.
Test: build_test
Change-Id: I0d03fed2085009c64880a594d5a3aadf72187e60
Commit 7df64c3e starts to call common.LoadInfoDict() when generating
image archive, which reads additional files under BOOT/, RECOVERY/ and
ROOT/. Unzip everything from the target_files.zip.
Bug: 132456827
Test: Run img_from_target_files.py on previously failing
target_files.zip.
Change-Id: I22ee57c4f765bee9494478bf115b1581877401f4
Move the dexpreopt.config passed to Soong to out/soong/dexpreopt.config
and let it write a new copy in a rule and pass the path back to make
as DEX_PREOPT_CONFIG_FOR_MAKE.
Bug: 132379813
Test: m checkbuild
Change-Id: Iac29beac3af8864d36d1563ce42bed11b685548d
Xin Li