Duplicate essential product sysprops for manufacturer, model, brand, name, and device
from system on vendor so that mixed builds (vendor.img + GSI system.img) have correct
product information in their CTS/VTS reports.
Test: make
Bug: 64458205
Merged-In: Ib63b37772be493b9e035d9b7e8c5e2cf66f2fa8c
Change-Id: Ib63b37772be493b9e035d9b7e8c5e2cf66f2fa8c
(cherry picked from commit aea0f92ff3)
When generating block based OTAs, we read files from the sparse image
directly with the help of block map file. However, the block map info
might not be accurate if the image is created with mke2fs. Because
mke2fs may skip allocating actual blocks if they contain all zeros.
ota_from_target_files.py consequently passes incomplete APK files to
imgdiff, which fails to generate patches.
This CL works around the issue by falling back from imgdiff to bsdiff on
failures. We should figure out a better way in b/68016761 to remove the
workaround, which would otherwise hide other issues in imgdiff.
Bug: 67824829
Bug: 68016761
Test: ota_from_target_files.py passes on previously failing TF zips.
Change-Id: Ib24c5b5f89812b97a0c87c6bf0dc147ae39bc92f
Test: `m dist` on Linux and macOS.
Test: Use an existing target_files.zip for bullhead. Remove IMAGES/*
and rebuild the images with 'add_img_to_target_files.py -a'. It
generates idential images as in the original TF.zip.
Change-Id: I803656bf2c924dce53f2271dcb967a94fff48440
We have added support in mkuserimg_mke2fs.sh that allows specifying
filesystem UUID and hash seed UUID. This CL generates and passes the
UUIDs based on the image name and build fingerprint. This way we can
rebuild and get identical images.
Note that this only applies to images generated with `m dist` and with
signing tools (sign_target_files_apks.py and
add_img_to_target_files.py). Images under $OUT (built with `make`) are
not affected.
Bug: 64994964
Test: lunch marlin-userdebug; run `m dist` twice (after deleting the
intermediate files under $OUT/obj/PACKAGING), and compare the
generated images.
Change-Id: I41cf4e5869582bb930af2f35a8e9c79bff43b2a2
(cherry picked from commit 3aa21e6bb9)
Bug: 23102347
Bug: 34954705
Test: provide a fingerprint >92 characters long and see that it
successfully works
Change-Id: Ida9ffd5266acb3b432b208780804a08e8f7391b4
Adding verified boot metadata with a "disable magic". The resulting
metadata at the end of each image (e.g., system.img, vendor.img) will
be the same as triggering an "adb disable-verity" on an USERDEBUG image.
This can help simplify the code on fs_mgr, which won't have to check if
current image is an ENG build or not.
Bug: 63056044
Test: boot sailfish eng/userdebug builds
Change-Id: I95d23ac7b76c04d6d4483c9c4dc1de16bf0d9c3a
Use -q to silence zip comments, which also silences the first line.
Bug: 67345114
Test: find vendor -name '*.apk' | xargs build/tools/dump-package-stats
Change-Id: Icb319c603de7c29644c58520213940179f67b7e4
We want the generated images being identical for the same source files.
Currently the generated ext4 image (either from make_ext4fs or mke2fs)
is reproducible, but the AVB footer added by avbtool contain changes
because of the random salt being used.
This CL changes the avbtool invocation to specify "--salt <hexstring>"
(already supported by avbtool) to use reproducible salt that's computed
based on fingerprints (or thumbprints if applicable).
Bug: 67023482
Test: Regenerate images from the same source as follows:
Use a target_files.zip from an AVB-enabled target.
$ zip -d target_files.zip IMAGES/\*
$ ./build/make/tools/releasetools/add_img_to_target_files.py \
-v target_files.zip
Repeat the above commands and compare the generated images.
Change-Id: Id9db17ae0132ca3a820b4be5a5ef06ca3fef71ed
(cherry picked from commit 8f05cca1d9)
libm is a default library for device builds, so default it for host
builds as well.
Also removes duplicate additions of -ldl, -lpthread, -lm and -lrt.
Test: m host
Change-Id: I6a07e12053090eb6997b79d4091c28ac9a9022de
vendor.img could be built from the source - in which case we have
unpacked files under VENDOR/ - or dropped in as a prebuilt binary blob.
We should consider either of them as target having a vendor partition.
Because we need to add its AVB hashtree info into vbmeta.img if target
is using AVB. Otherwise libfs_mgr would refuse to mount this
"AVB-enabled" vendor.img.
For targets not using AVB, this change is no-op.
Bug: 65462819
Test: Having vendor.img as prebuilt, `make dist`. Check that the
generated vbmeta.img contains the info from vendor.img.
Test: Build, flash and boot the above image.zip.
Change-Id: Iaeb30e2059cb33fb39f23e5ffd28f338d00ccbfc
Make the build log less verbose; also print the result for
AdjustPartitionSizeForVerity().
Bug: 65292710
Test: Run add_img_to_target_files with and without "-v" and check
the logs.
Change-Id: Icdc86197ce69db036658ea9e77cc4ebe1750463b
Some OWNERS files use secondary email addresses, so we only
check existence of _account_id and email attributes.
Test: run against existing OWNERS files
Change-Id: I6f0804a8a90b7a23783c3fe45686d4d973876ed1
When creating ext4 images with mke2fs, it may skip allocating some
blocks if they contain all zeros. As a result, there could be less
blocks listed in the block map than the actual file length.
For example, for a file with a length of 112200-byte (27+ blocks),
the listed blocks in block.map could be '43665-43688' (24 blocks).
Because some all-zero blocks are not taking actual space.
The generated ext4 images are perfectly valid - kernel will figure out
that data block is not allocated and writes all zeros into user buffer.
However, we can't fully reconstruct a file from its block list in our
Python script. Ideally this can be avoided by mounting or parsing an
ext4 image directly, which is yet to be supported in our script.
This CL skips checking for such files to avoid failing
validate_target_files.py.
Bug: 65213616
Test: validate_target_files.py passes on targets with mke2fs generated
images (e.g. marlin).
Change-Id: Id9cc59e345b9283844044ef94ceb5702f0ca0526
$ PYTHONPATH=$PYTHONPATH:system/update_engine/scripts \
./build/make/tools/releasetools/check_ota_package_signature.py \
build/target/product/security/testkey.x509.pem \
out/dist/aosp_marlin-ota-eng.zip
Package: out/dist/aosp_marlin-ota-eng.zip
Certificate: build/target/product/security/testkey.x509.pem
...
Whole package signature VERIFIED
Verifying A/B OTA payload signatures...
...
Payload signatures VERIFIED
Bug: 65261072
Test: Signed a package and its payload with the right keys; ran the
command above.
Test: Signed the payload with a different key; ran the command above and
observed the reported verification failure.
Change-Id: If626ecb327a9826cd0956eef94914c939068a7d1
Commit 21803d3574 only added compatibility
metadata for A/B OTA packages, because by that time we didn't use
'ro.treble.enabled' property to determine if a target was Treble-enabled.
This CL uses 'ro.treble.enabled' to guard the packing of compatibility
metadata for both of A/B and non-A/B OTA packages. It also switches to
checking the system/vendor fingerprints to determine if there's an
update to the partition (previously it was computing the SHA-1 of the
images, which may have unintentionally changed due to issues that give
non-repetitive builds).
Bug: 64339310
Test: Generate OTA packages (full and incremental) on Treble-enabled
targets (sailfish, as well as a non-A/B angler target with
Treble-enabled locally); check that the compatibility.zip entry
exists.
Test: Generate OTA packages on Treble-unenabled non-A/B target (angler);
check that the compatibility.zip entry doesn't exist.
Test: Generate OTA packages on Treble-unenabled A/B target; check that
the compatibility.zip entry doesn't exist.
Change-Id: I2a1fcf612439d849ba8ccea217a0faf5d5ba8e14
This entry only exists in non-A/B full OTA path. However, this file has
never been loaded by recovery - recovery was only reading the one from
the recovery image (which also has been removed by a recent change in
[1]).
[1]: commit e35926e1aff2e6b9b54656bd59c8178e295a1b7e in
platform/bootable/recovery.
Bug: 63538434
Test: `m dist` on angler. file_contexts.bin is gone from full OTA
package. Sideloading the generated full OTA on angler.
Change-Id: Iec2e2d36599fa1ed499516a3e74f06cd36ade494
Ryan Campbell