diff options
45 files changed, 673 insertions, 156 deletions
diff --git a/CleanSpec.mk b/CleanSpec.mk index 673856c469..97dc31f71e 100644 --- a/CleanSpec.mk +++ b/CleanSpec.mk @@ -713,6 +713,15 @@ $(call add-clean-step, rm -rf $(PRODUCT_OUT)/system/apex/com.android.apex.cts.sh $(call add-clean-step, find $(SOONG_OUT_DIR)/.intermediates -type d -name "android_*_recovery*" -print0 | xargs -0 rm -rf) $(call add-clean-step, find $(SOONG_OUT_DIR)/.intermediates -type d -name "android_*_vendor*" -print0 | xargs -0 rm -rf) +# Clean up VTS-Core and VTS10 related artifacts. +$(call add-clean-step, rm -rf $(HOST_OUT)/vts-core/*) +$(call add-clean-step, rm -rf $(HOST_OUT)/framework/vts-core-tradefed.jar) +$(call add-clean-step, rm -rf $(HOST_OUT)/vts10/*) +$(call add-clean-step, rm -rf $(HOST_OUT)/framework/vts10-tradefed.jar) +# Clean up VTS again as VTS-Core will be renamed to VTS +$(call add-clean-step, rm -rf $(HOST_OUT)/vts/*) +$(call add-clean-step, rm -rf $(HOST_OUT)/framework/vts-tradefed.jar) + # ************************************************ # NEWER CLEAN STEPS MUST BE AT THE END OF THE LIST # ************************************************ diff --git a/core/Makefile b/core/Makefile index 52cf1c2426..c25a8a7ecc 100644 --- a/core/Makefile +++ b/core/Makefile @@ -418,7 +418,7 @@ endif $(intermediate_system_build_prop): $(BUILDINFO_SH) $(BUILDINFO_COMMON_SH) $(INTERNAL_BUILD_ID_MAKEFILE) $(BUILD_SYSTEM)/version_defaults.mk $(system_prop_file) $(INSTALLED_ANDROID_INFO_TXT_TARGET) $(API_FINGERPRINT) $(POST_PROCESS_PROPS) @echo Target buildinfo: $@ @mkdir -p $(dir $@) - $(hide) echo > $@ + $(hide) rm -f $@ && touch $@ ifneq ($(PRODUCT_OEM_PROPERTIES),) $(hide) echo "#" >> $@; \ echo "# PRODUCT_OEM_PROPERTIES" >> $@; \ @@ -517,7 +517,7 @@ endif # property_overrides_split_enabled $(INSTALLED_VENDOR_BUILD_PROP_TARGET): $(BUILDINFO_COMMON_SH) $(POST_PROCESS_PROPS) $(intermediate_system_build_prop) $(vendor_prop_files) @echo Target vendor buildinfo: $@ @mkdir -p $(dir $@) - $(hide) echo > $@ + $(hide) rm -f $@ && touch $@ ifeq ($(PRODUCT_USE_DYNAMIC_PARTITIONS),true) $(hide) echo ro.boot.dynamic_partitions=true >> $@ endif @@ -584,7 +584,7 @@ FINAL_PRODUCT_PROPERTIES := $(call uniq-pairs-by-first-component, \ $(INSTALLED_PRODUCT_BUILD_PROP_TARGET): $(BUILDINFO_COMMON_SH) $(POST_PROCESS_PROPS) $(product_prop_files) @echo Target product buildinfo: $@ @mkdir -p $(dir $@) - $(hide) echo > $@ + $(hide) rm -f $@ && touch $@ ifdef BOARD_USES_PRODUCTIMAGE $(hide) $(call generate-common-build-props,product,$@) endif # BOARD_USES_PRODUCTIMAGE @@ -625,7 +625,7 @@ FINAL_ODM_BUILD_PROPERTIES := $(call uniq-pairs-by-first-component, \ $(INSTALLED_ODM_BUILD_PROP_TARGET): $(BUILDINFO_COMMON_SH) $(POST_PROCESS_PROPS) $(odm_prop_files) @echo Target odm buildinfo: $@ @mkdir -p $(dir $@) - $(hide) echo > $@ + $(hide) rm -f $@ && touch $@ $(hide) echo ro.odm.product.cpu.abilist="$(TARGET_CPU_ABI_LIST)">>$@ $(hide) echo ro.odm.product.cpu.abilist32="$(TARGET_CPU_ABI_LIST_32_BIT)">>$@ $(hide) echo ro.odm.product.cpu.abilist64="$(TARGET_CPU_ABI_LIST_64_BIT)">>$@ @@ -666,7 +666,7 @@ FINAL_SYSTEM_EXT_PROPERTIES := $(call uniq-pairs-by-first-component, \ $(INSTALLED_SYSTEM_EXT_BUILD_PROP_TARGET): $(BUILDINFO_COMMON_SH) $(POST_PROCESS_PROPS) $(system_ext_prop_files) @echo Target system_ext buildinfo: $@ @mkdir -p $(dir $@) - $(hide) echo > $@ + $(hide) rm -f $@ && touch $@ $(hide) $(call generate-common-build-props,system_ext,$@) $(hide) $(foreach file,$(system_ext_prop_files), \ if [ -f "$(file)" ]; then \ @@ -861,10 +861,17 @@ endif # ----------------------------------------------------------------- # Cert-to-package mapping. Used by the post-build signing tools. # Use a macro to add newline to each echo command +# $1 package name +# $2 certificate +# $3 private key +# $4 compressed +# $5 partition tag +# $6 output file define _apkcerts_write_line -$(hide) echo -n 'name="$(1).apk" certificate="$2" private_key="$3"' >> $5 -$(if $(4), $(hide) echo -n ' compressed="$4"' >> $5) -$(hide) echo '' >> $5 +$(hide) echo -n 'name="$(1).apk" certificate="$2" private_key="$3"' >> $6 +$(if $(4), $(hide) echo -n ' compressed="$4"' >> $6) +$(if $(5), $(hide) echo -n ' partition="$5"' >> $6) +$(hide) echo '' >> $6 endef @@ -884,8 +891,8 @@ $(APKCERTS_FILE): @rm -f $@ $(foreach p,$(sort $(PACKAGES)),\ $(if $(PACKAGES.$(p).EXTERNAL_KEY),\ - $(call _apkcerts_write_line,$(p),"EXTERNAL","",$(PACKAGES.$(p).COMPRESSED),$@),\ - $(call _apkcerts_write_line,$(p),$(PACKAGES.$(p).CERTIFICATE),$(PACKAGES.$(p).PRIVATE_KEY),$(PACKAGES.$(p).COMPRESSED),$@))) + $(call _apkcerts_write_line,$(p),"EXTERNAL","",$(PACKAGES.$(p).COMPRESSED),$(PACKAGES.$(p).PARTITION),$@),\ + $(call _apkcerts_write_line,$(p),$(PACKAGES.$(p).CERTIFICATE),$(PACKAGES.$(p).PRIVATE_KEY),$(PACKAGES.$(p).COMPRESSED),$(PACKAGES.$(p).PARTITION),$@))) # In case value of PACKAGES is empty. $(hide) touch $@ @@ -1032,7 +1039,12 @@ else INSTALLED_2NDBOOTLOADER_TARGET := endif # TARGET_NO_BOOTLOADER ifneq ($(strip $(TARGET_NO_KERNEL)),true) - INSTALLED_KERNEL_TARGET := $(PRODUCT_OUT)/kernel + ifneq ($(strip $(BOARD_KERNEL_BINARIES)),) + INSTALLED_KERNEL_TARGET := $(foreach k,$(BOARD_KERNEL_BINARIES), \ + $(PRODUCT_OUT)/$(k)) + else + INSTALLED_KERNEL_TARGET := $(PRODUCT_OUT)/kernel + endif else INSTALLED_KERNEL_TARGET := endif @@ -1104,7 +1116,12 @@ endif # BUILDING_RAMDISK_IMAGE # This is defined here since we may be building recovery as boot # below and only want to define this once -BUILT_BOOTIMAGE_TARGET := $(PRODUCT_OUT)/boot.img +ifneq ($(strip $(BOARD_KERNEL_BINARIES)),) + BUILT_BOOTIMAGE_TARGET := $(foreach k,$(subst kernel,boot,$(BOARD_KERNEL_BINARIES)), $(PRODUCT_OUT)/$(k).img) +else + BUILT_BOOTIMAGE_TARGET := $(PRODUCT_OUT)/boot.img +endif + ifneq ($(strip $(TARGET_NO_KERNEL)),true) INTERNAL_BOOTIMAGE_ARGS := \ @@ -2113,7 +2130,7 @@ endif else # INSTALLED_VENDOR_BOOTIMAGE_TARGET not defined INTERNAL_RECOVERYIMAGE_ARGS := \ $(addprefix --second ,$(INSTALLED_2NDBOOTLOADER_TARGET)) \ - --kernel $(recovery_kernel) --ramdisk $(recovery_ramdisk) + --ramdisk $(recovery_ramdisk) # Assumes this has already been stripped ifdef INTERNAL_KERNEL_CMDLINE INTERNAL_RECOVERYIMAGE_ARGS += --cmdline "$(INTERNAL_KERNEL_CMDLINE)" @@ -2139,38 +2156,53 @@ ifdef BOARD_INCLUDE_DTB_IN_BOOTIMG endif endif # INSTALLED_VENDOR_BOOTIMAGE_TARGET not defined +$(recovery_ramdisk): $(MKBOOTFS) $(MINIGZIP) \ + $(INTERNAL_ROOT_FILES) \ + $(INSTALLED_RAMDISK_TARGET) \ + $(INTERNAL_RECOVERYIMAGE_FILES) \ + $(recovery_sepolicy) \ + $(INSTALLED_2NDBOOTLOADER_TARGET) \ + $(INSTALLED_RECOVERY_BUILD_PROP_TARGET) \ + $(recovery_resource_deps) \ + $(recovery_fstab) + # Making recovery image + mkdir -p $(TARGET_RECOVERY_OUT) + mkdir -p $(TARGET_RECOVERY_ROOT_OUT)/sdcard $(TARGET_RECOVERY_ROOT_OUT)/tmp + # Copying baseline ramdisk... + # Use rsync because "cp -Rf" fails to overwrite broken symlinks on Mac. + rsync -a --exclude=sdcard $(IGNORE_RECOVERY_SEPOLICY) $(IGNORE_CACHE_LINK) $(TARGET_ROOT_OUT) $(TARGET_RECOVERY_OUT) + # Modifying ramdisk contents... + $(if $(filter true,$(BOARD_BUILD_SYSTEM_ROOT_IMAGE)),, \ + ln -sf /system/bin/init $(TARGET_RECOVERY_ROOT_OUT)/init) + # Removes $(TARGET_RECOVERY_ROOT_OUT)/init*.rc EXCEPT init.recovery*.rc. + find $(TARGET_RECOVERY_ROOT_OUT) -maxdepth 1 -name 'init*.rc' -type f -not -name "init.recovery.*.rc" | xargs rm -f + cp $(TARGET_ROOT_OUT)/init.recovery.*.rc $(TARGET_RECOVERY_ROOT_OUT)/ 2> /dev/null || true # Ignore error when the src file doesn't exist. + mkdir -p $(TARGET_RECOVERY_ROOT_OUT)/res + rm -rf $(TARGET_RECOVERY_ROOT_OUT)/res/* + cp -rf $(recovery_resources_common)/* $(TARGET_RECOVERY_ROOT_OUT)/res + $(foreach recovery_text_file,$(generated_recovery_text_files), \ + cp -rf $(recovery_text_file) $(TARGET_RECOVERY_ROOT_OUT)/res/images/ &&) true + cp -f $(recovery_font) $(TARGET_RECOVERY_ROOT_OUT)/res/images/font.png + $(foreach item,$(TARGET_PRIVATE_RES_DIRS), \ + cp -rf $(item) $(TARGET_RECOVERY_ROOT_OUT)/$(newline)) + $(foreach item,$(recovery_fstab), \ + cp -f $(item) $(TARGET_RECOVERY_ROOT_OUT)/system/etc/recovery.fstab) + $(if $(strip $(recovery_wipe)), \ + cp -f $(recovery_wipe) $(TARGET_RECOVERY_ROOT_OUT)/system/etc/recovery.wipe) + ln -sf prop.default $(TARGET_RECOVERY_ROOT_OUT)/default.prop + $(BOARD_RECOVERY_IMAGE_PREPARE) + $(MKBOOTFS) -d $(TARGET_OUT) $(TARGET_RECOVERY_ROOT_OUT) | $(MINIGZIP) > $(recovery_ramdisk) + # $(1): output file +# $(2): kernel file define build-recoveryimage-target - # Making recovery image - $(hide) mkdir -p $(TARGET_RECOVERY_OUT) - $(hide) mkdir -p $(TARGET_RECOVERY_ROOT_OUT)/sdcard $(TARGET_RECOVERY_ROOT_OUT)/tmp - # Copying baseline ramdisk... - # Use rsync because "cp -Rf" fails to overwrite broken symlinks on Mac. - $(hide) rsync -a --exclude=sdcard $(IGNORE_RECOVERY_SEPOLICY) $(IGNORE_CACHE_LINK) $(TARGET_ROOT_OUT) $(TARGET_RECOVERY_OUT) - # Modifying ramdisk contents... - $(if $(filter true,$(BOARD_BUILD_SYSTEM_ROOT_IMAGE)),, \ - $(hide) ln -sf /system/bin/init $(TARGET_RECOVERY_ROOT_OUT)/init) - # Removes $(TARGET_RECOVERY_ROOT_OUT)/init*.rc EXCEPT init.recovery*.rc. - $(hide) find $(TARGET_RECOVERY_ROOT_OUT) -maxdepth 1 -name 'init*.rc' -type f -not -name "init.recovery.*.rc" | xargs rm -f - $(hide) cp $(TARGET_ROOT_OUT)/init.recovery.*.rc $(TARGET_RECOVERY_ROOT_OUT)/ 2> /dev/null || true # Ignore error when the src file doesn't exist. - $(hide) mkdir -p $(TARGET_RECOVERY_ROOT_OUT)/res - $(hide) rm -rf $(TARGET_RECOVERY_ROOT_OUT)/res/* - $(hide) cp -rf $(recovery_resources_common)/* $(TARGET_RECOVERY_ROOT_OUT)/res - $(hide) $(foreach recovery_text_file,$(generated_recovery_text_files), \ - cp -rf $(recovery_text_file) $(TARGET_RECOVERY_ROOT_OUT)/res/images/ &&) true - $(hide) cp -f $(recovery_font) $(TARGET_RECOVERY_ROOT_OUT)/res/images/font.png - $(hide) $(foreach item,$(TARGET_PRIVATE_RES_DIRS), \ - cp -rf $(item) $(TARGET_RECOVERY_ROOT_OUT)/$(newline)) - $(hide) $(foreach item,$(recovery_fstab), \ - cp -f $(item) $(TARGET_RECOVERY_ROOT_OUT)/system/etc/recovery.fstab) - $(if $(strip $(recovery_wipe)), \ - $(hide) cp -f $(recovery_wipe) $(TARGET_RECOVERY_ROOT_OUT)/system/etc/recovery.wipe) - $(hide) ln -sf prop.default $(TARGET_RECOVERY_ROOT_OUT)/default.prop - $(BOARD_RECOVERY_IMAGE_PREPARE) - $(hide) $(MKBOOTFS) -d $(TARGET_OUT) $(TARGET_RECOVERY_ROOT_OUT) | $(MINIGZIP) > $(recovery_ramdisk) $(if $(filter true,$(PRODUCT_SUPPORTS_VBOOT)), \ - $(hide) $(MKBOOTIMG) $(INTERNAL_RECOVERYIMAGE_ARGS) $(INTERNAL_MKBOOTIMG_VERSION_ARGS) $(BOARD_MKBOOTIMG_ARGS) --output $(1).unsigned, \ - $(hide) $(MKBOOTIMG) $(INTERNAL_RECOVERYIMAGE_ARGS) $(INTERNAL_MKBOOTIMG_VERSION_ARGS) $(BOARD_MKBOOTIMG_ARGS) --output $(1)) + $(MKBOOTIMG) --kernel $(2) $(MKBOOTIMG_KERNEL_ARG) $(INTERNAL_RECOVERYIMAGE_ARGS) \ + $(INTERNAL_MKBOOTIMG_VERSION_ARGS) $(BOARD_MKBOOTIMG_ARGS) \ + --output $(1).unsigned, \ + $(MKBOOTIMG) --kernel $(2) $(MKBOOTIMG_KERNEL_ARG) $(INTERNAL_RECOVERYIMAGE_ARGS) \ + $(INTERNAL_MKBOOTIMG_VERSION_ARGS) $(BOARD_MKBOOTIMG_ARGS) \ + --output $(1)) $(if $(filter true,$(PRODUCT_SUPPORTS_BOOT_SIGNER)),\ $(if $(filter true,$(BOARD_USES_RECOVERY_AS_BOOT)),\ $(BOOT_SIGNER) /boot $(1) $(PRODUCT_VERITY_SIGNING_KEY).pk8 $(PRODUCT_VERITY_SIGNING_KEY).x509.pem $(1),\ @@ -2180,12 +2212,12 @@ define build-recoveryimage-target $(if $(filter true,$(PRODUCT_SUPPORTS_VBOOT)), \ $(VBOOT_SIGNER) $(FUTILITY) $(1).unsigned $(PRODUCT_VBOOT_SIGNING_KEY).vbpubk $(PRODUCT_VBOOT_SIGNING_KEY).vbprivk $(PRODUCT_VBOOT_SIGNING_SUBKEY).vbprivk $(1).keyblock $(1)) $(if $(filter true,$(BOARD_USES_RECOVERY_AS_BOOT)), \ - $(hide) $(call assert-max-image-size,$(1),$(call get-hash-image-max-size,$(BOARD_BOOTIMAGE_PARTITION_SIZE))), \ - $(hide) $(call assert-max-image-size,$(1),$(call get-hash-image-max-size,$(BOARD_RECOVERYIMAGE_PARTITION_SIZE)))) + $(call assert-max-image-size,$(1),$(call get-hash-image-max-size,$(BOARD_BOOTIMAGE_PARTITION_SIZE))), \ + $(call assert-max-image-size,$(1),$(call get-hash-image-max-size,$(BOARD_RECOVERYIMAGE_PARTITION_SIZE)))) $(if $(filter true,$(BOARD_AVB_ENABLE)), \ $(if $(filter true,$(BOARD_USES_RECOVERY_AS_BOOT)), \ - $(hide) $(AVBTOOL) add_hash_footer --image $(1) --partition_size $(BOARD_BOOTIMAGE_PARTITION_SIZE) --partition_name boot $(INTERNAL_AVB_BOOT_SIGNING_ARGS) $(BOARD_AVB_BOOT_ADD_HASH_FOOTER_ARGS),\ - $(hide) $(AVBTOOL) add_hash_footer --image $(1) --partition_size $(BOARD_RECOVERYIMAGE_PARTITION_SIZE) --partition_name recovery $(INTERNAL_AVB_RECOVERY_SIGNING_ARGS) $(BOARD_AVB_RECOVERY_ADD_HASH_FOOTER_ARGS))) + $(AVBTOOL) add_hash_footer --image $(1) --partition_size $(BOARD_BOOTIMAGE_PARTITION_SIZE) --partition_name boot $(INTERNAL_AVB_BOOT_SIGNING_ARGS) $(BOARD_AVB_BOOT_ADD_HASH_FOOTER_ARGS),\ + $(AVBTOOL) add_hash_footer --image $(1) --partition_size $(BOARD_RECOVERYIMAGE_PARTITION_SIZE) --partition_name recovery $(INTERNAL_AVB_RECOVERY_SIGNING_ARGS) $(BOARD_AVB_RECOVERY_ADD_HASH_FOOTER_ARGS))) endef ifeq ($(BOARD_USES_RECOVERY_AS_BOOT),true) @@ -2212,18 +2244,10 @@ ifdef BOARD_INCLUDE_DTB_IN_BOOTIMG $(INSTALLED_BOOTIMAGE_TARGET): $(INSTALLED_DTBIMAGE_TARGET) endif -$(INSTALLED_BOOTIMAGE_TARGET): $(MKBOOTFS) $(MKBOOTIMG) $(MINIGZIP) \ - $(INTERNAL_ROOT_FILES) \ - $(INSTALLED_RAMDISK_TARGET) \ - $(INTERNAL_RECOVERYIMAGE_FILES) \ - $(recovery_sepolicy) $(recovery_kernel) \ - $(INSTALLED_2NDBOOTLOADER_TARGET) \ - $(INSTALLED_RECOVERY_BUILD_PROP_TARGET) \ - $(recovery_resource_deps) \ - $(recovery_fstab) +$(INSTALLED_BOOTIMAGE_TARGET): $(MKBOOTIMG) $(recovery_ramdisk) \ + $(recovery_kernel) $(call pretty,"Target boot image from recovery: $@") - $(call build-recoveryimage-target, $@) -$(INSTALLED_BOOTIMAGE_TARGET): .KATI_IMPLICIT_OUTPUTS += $(recovery_ramdisk) + $(call build-recoveryimage-target, $@, $(PRODUCT_OUT)/$(subst .img,,$(subst boot,kernel,$(notdir $@)))) endif # BOARD_USES_RECOVERY_AS_BOOT ifdef BOARD_INCLUDE_RECOVERY_DTBO @@ -2240,17 +2264,9 @@ ifdef BOARD_INCLUDE_DTB_IN_BOOTIMG $(INSTALLED_RECOVERYIMAGE_TARGET): $(INSTALLED_DTBIMAGE_TARGET) endif -$(INSTALLED_RECOVERYIMAGE_TARGET): $(MKBOOTFS) $(MKBOOTIMG) $(MINIGZIP) \ - $(INTERNAL_ROOT_FILES) \ - $(INSTALLED_RAMDISK_TARGET) \ - $(INSTALLED_BOOTIMAGE_TARGET) \ - $(INTERNAL_RECOVERYIMAGE_FILES) \ - $(recovery_sepolicy) $(recovery_kernel) \ - $(INSTALLED_2NDBOOTLOADER_TARGET) \ - $(INSTALLED_RECOVERY_BUILD_PROP_TARGET) \ - $(recovery_resource_deps) \ - $(recovery_fstab) - $(call build-recoveryimage-target, $@) +$(INSTALLED_RECOVERYIMAGE_TARGET): $(MKBOOTIMG) $(recovery_ramdisk) \ + $(recovery_kernel) + $(call build-recoveryimage-target, $@, $(recovery_kernel)) ifdef RECOVERY_RESOURCE_ZIP $(RECOVERY_RESOURCE_ZIP): $(INSTALLED_RECOVERYIMAGE_TARGET) | $(ZIPTIME) @@ -2361,8 +2377,12 @@ endif # BUILDING_RAMDISK_IMAGE # Note: it's intentional to skip signing for boot-debug.img, because it # can only be used if the device is unlocked with verification error. ifneq ($(strip $(TARGET_NO_KERNEL)),true) - -INSTALLED_DEBUG_BOOTIMAGE_TARGET := $(PRODUCT_OUT)/boot-debug.img +ifneq ($(strip $(BOARD_KERNEL_BINARIES)),) + INSTALLED_DEBUG_BOOTIMAGE_TARGET := $(foreach k,$(subst kernel,boot-debug,$(BOARD_KERNEL_BINARIES)), \ + $(PRODUCT_OUT)/$(k).img) +else + INSTALLED_DEBUG_BOOTIMAGE_TARGET := $(PRODUCT_OUT)/boot-debug.img +endif # Replace ramdisk.img in $(MKBOOTIMG) ARGS with ramdisk-debug.img to build boot-debug.img ifeq ($(BOARD_USES_RECOVERY_AS_BOOT),true) @@ -2392,17 +2412,22 @@ $(AVBTOOL) add_hash_footer \ $(call assert-max-image-size,$(1),$(BOARD_BOOTIMAGE_PARTITION_SIZE)) endef +# $(1): output file +define build-debug-bootimage-target + $(MKBOOTIMG) --kernel $(PRODUCT_OUT)/$(subst .img,,$(subst boot-debug,kernel,$(notdir $(1)))) \ + $(INTERNAL_DEBUG_BOOTIMAGE_ARGS) $(INTERNAL_MKBOOTIMG_VERSION_ARGS) $(BOARD_MKBOOTIMG_ARGS) --output $1 + $(if $(BOARD_AVB_BOOT_KEY_PATH),$(call test-key-sign-bootimage,$1)) +endef + # Depends on original boot.img and ramdisk-debug.img, to build the new boot-debug.img $(INSTALLED_DEBUG_BOOTIMAGE_TARGET): $(MKBOOTIMG) $(INSTALLED_BOOTIMAGE_TARGET) $(INSTALLED_DEBUG_RAMDISK_TARGET) $(call pretty,"Target boot debug image: $@") - $(MKBOOTIMG) $(INTERNAL_DEBUG_BOOTIMAGE_ARGS) $(INTERNAL_MKBOOTIMG_VERSION_ARGS) $(BOARD_MKBOOTIMG_ARGS) --output $@ - $(if $(BOARD_AVB_BOOT_KEY_PATH),$(call test-key-sign-bootimage,$@)) + $(call build-debug-bootimage-target, $@) .PHONY: bootimage_debug-nodeps bootimage_debug-nodeps: $(MKBOOTIMG) echo "make $@: ignoring dependencies" - $(MKBOOTIMG) $(INTERNAL_DEBUG_BOOTIMAGE_ARGS) $(INTERNAL_MKBOOTIMG_VERSION_ARGS) $(BOARD_MKBOOTIMG_ARGS) --output $(INSTALLED_DEBUG_BOOTIMAGE_TARGET) - $(if $(BOARD_AVB_BOOT_KEY_PATH),$(call test-key-sign-bootimage,$(INSTALLED_DEBUG_BOOTIMAGE_TARGET))) + $(foreach b,$(INSTALLED_DEBUG_BOOTIMAGE_TARGET),$(call build-debug-bootimage-target,$b)) endif # TARGET_NO_KERNEL @@ -2532,7 +2557,12 @@ endif # BUILDING_RAMDISK_IMAGE # can only be used if the device is unlocked with verification error. ifneq ($(strip $(TARGET_NO_KERNEL)),true) -INSTALLED_TEST_HARNESS_BOOTIMAGE_TARGET := $(PRODUCT_OUT)/boot-test-harness.img +ifneq ($(strip $(BOARD_KERNEL_BINARIES)),) + INSTALLED_TEST_HARNESS_BOOTIMAGE_TARGET := $(foreach k,$(subst kernel,boot-test-harness,$(BOARD_KERNEL_BINARIES)), \ + $(PRODUCT_OUT)/$(k).img) +else + INSTALLED_TEST_HARNESS_BOOTIMAGE_TARGET := $(PRODUCT_OUT)/boot-test-harness.img +endif # Replace ramdisk-debug.img in $(MKBOOTIMG) ARGS with ramdisk-test-harness.img to build boot-test-harness.img INTERNAL_TEST_HARNESS_BOOTIMAGE_ARGS := $(subst $(INSTALLED_DEBUG_RAMDISK_TARGET),$(INSTALLED_TEST_HARNESS_RAMDISK_TARGET),$(INTERNAL_DEBUG_BOOTIMAGE_ARGS)) @@ -2545,17 +2575,22 @@ ifneq ($(BOARD_AVB_BOOT_KEY_PATH),) $(INSTALLED_TEST_HARNESS_BOOTIMAGE_TARGET): $(AVBTOOL) $(BOARD_AVB_BOOT_TEST_KEY_PATH) endif +# $(1): output file +define build-boot-test-harness-target + $(MKBOOTIMG) --kernel $(PRODUCT_OUT)/$(subst .img,,$(subst boot-test-harness,kernel,$(notdir $(1)))) \ + $(INTERNAL_TEST_HARNESS_BOOTIMAGE_ARGS) $(INTERNAL_MKBOOTIMG_VERSION_ARGS) $(BOARD_MKBOOTIMG_ARGS) --output $@ + $(if $(BOARD_AVB_BOOT_KEY_PATH),$(call test-key-sign-bootimage,$@)) +endef + # Build the new boot-test-harness.img, based on boot-debug.img and ramdisk-test-harness.img. $(INSTALLED_TEST_HARNESS_BOOTIMAGE_TARGET): $(MKBOOTIMG) $(INSTALLED_DEBUG_BOOTIMAGE_TARGET) $(INSTALLED_TEST_HARNESS_RAMDISK_TARGET) $(call pretty,"Target boot test harness image: $@") - $(MKBOOTIMG) $(INTERNAL_TEST_HARNESS_BOOTIMAGE_ARGS) $(INTERNAL_MKBOOTIMG_VERSION_ARGS) $(BOARD_MKBOOTIMG_ARGS) --output $@ - $(if $(BOARD_AVB_BOOT_KEY_PATH),$(call test-key-sign-bootimage,$@)) + $(call build-boot-test-harness-target,$@) .PHONY: bootimage_test_harness-nodeps bootimage_test_harness-nodeps: $(MKBOOTIMG) echo "make $@: ignoring dependencies" - $(MKBOOTIMG) $(INTERNAL_TEST_HARNESS_BOOTIMAGE_ARGS) $(INTERNAL_MKBOOTIMG_VERSION_ARGS) $(BOARD_MKBOOTIMG_ARGS) --output $(INSTALLED_TEST_HARNESS_BOOTIMAGE_TARGET) - $(if $(BOARD_AVB_BOOT_KEY_PATH),$(call test-key-sign-bootimage,$(INSTALLED_TEST_HARNESS_BOOTIMAGE_TARGET))) + $(foreach b,$(INSTALLED_TEST_HARNESS_BOOTIMAGE_TARGET),$(call build-boot-test-harness-target,$b)) endif # TARGET_NO_KERNEL endif # BOARD_BUILD_SYSTEM_ROOT_IMAGE is not true @@ -3973,6 +4008,7 @@ ifeq ($(build_otatools_package),true) INTERNAL_OTATOOLS_MODULES := \ aapt2 \ add_img_to_target_files \ + aftltool \ append2simg \ avbtool \ blk_alloc_to_base_fs \ @@ -4466,7 +4502,7 @@ ifneq (,$(INSTALLED_RECOVERYIMAGE_TARGET)$(filter true,$(BOARD_USES_RECOVERY_AS_ $(hide) $(call package_files-copy-root, \ $(TARGET_RECOVERY_ROOT_OUT),$(zip_root)/$(PRIVATE_RECOVERY_OUT)/RAMDISK) ifdef INSTALLED_KERNEL_TARGET - cp $(INSTALLED_KERNEL_TARGET) $(zip_root)/$(PRIVATE_RECOVERY_OUT)/kernel + cp $(INSTALLED_KERNEL_TARGET) $(zip_root)/$(PRIVATE_RECOVERY_OUT)/ endif ifdef INSTALLED_VENDOR_BOOTIMAGE_TARGET echo "$(GENERIC_KERNEL_CMDLINE)" > $(zip_root)/$(PRIVATE_RECOVERY_OUT)/cmdline @@ -4887,6 +4923,19 @@ $(COVERAGE_ZIP): $(SOONG_ZIP) $(hide) find $(TARGET_OUT_COVERAGE) | sort >$(PRIVATE_LIST_FILE) $(hide) $(SOONG_ZIP) -d -o $@ -C $(TARGET_OUT_COVERAGE) -l $(PRIVATE_LIST_FILE) +#------------------------------------------------------------------ +# Export the LLVM profile data tool and dependencies for Clang coverage processing +# +ifeq (true,$(CLANG_COVERAGE)) + LLVM_PROFDATA := $(LLVM_PREBUILTS_BASE)/linux-x86/$(LLVM_PREBUILTS_VERSION)/bin/llvm-profdata + LIBCXX := $(LLVM_PREBUILTS_BASE)/linux-x86/$(LLVM_PREBUILTS_VERSION)/lib64/libc++.so.1 + PROFDATA_ZIP := $(PRODUCT_OUT)/llvm-profdata.zip + $(PROFDATA_ZIP): $(SOONG_ZIP) + $(hide) $(SOONG_ZIP) -d -o $@ -C $(LLVM_PREBUILTS_BASE)/linux-x86/$(LLVM_PREBUILTS_VERSION) -f $(LLVM_PROFDATA) -f $(LIBCXX) + + $(call dist-for-goals,droidcore,$(PROFDATA_ZIP)) +endif + # ----------------------------------------------------------------- # A zip of the Android Apps. Not keeping full path so that we don't # include product names when distributing @@ -5137,6 +5186,20 @@ $(INSTALLED_QEMU_VENDORIMAGE): $(INSTALLED_VENDORIMAGE_TARGET) $(MK_QEMU_IMAGE_S vendorimage: $(INSTALLED_QEMU_VENDORIMAGE) droidcore: $(INSTALLED_QEMU_VENDORIMAGE) endif + +ifdef INSTALLED_RAMDISK_TARGET +ifdef INSTALLED_VENDOR_BOOTIMAGE_TARGET +ifdef INTERNAL_VENDOR_RAMDISK_TARGET +INSTALLED_QEMU_RAMDISKIMAGE := $(PRODUCT_OUT)/ramdisk-qemu.img +$(INSTALLED_QEMU_RAMDISKIMAGE): $(INTERNAL_VENDOR_RAMDISK_TARGET) $(INSTALLED_RAMDISK_TARGET) + @echo Create ramdisk-qemu.img + (cat $(INSTALLED_RAMDISK_TARGET) $(INTERNAL_VENDOR_RAMDISK_TARGET) > $(INSTALLED_QEMU_RAMDISKIMAGE)) + +droidcore: $(INSTALLED_QEMU_RAMDISKIMAGE) +endif +endif +endif + ifdef INSTALLED_PRODUCTIMAGE_TARGET INSTALLED_QEMU_PRODUCTIMAGE := $(PRODUCT_OUT)/product-qemu.img $(INSTALLED_QEMU_PRODUCTIMAGE): $(INSTALLED_PRODUCTIMAGE_TARGET) $(MK_QEMU_IMAGE_SH) $(SGDISK_HOST) $(SIMG2IMG) @@ -5274,6 +5337,7 @@ deps := \ $(APPCOMPAT_ZIP) \ $(INSTALLED_SYSTEMIMAGE_TARGET) \ $(INSTALLED_QEMU_SYSTEMIMAGE) \ + $(INSTALLED_QEMU_RAMDISKIMAGE) \ $(INSTALLED_QEMU_VENDORIMAGE) \ $(QEMU_VERIFIED_BOOT_PARAMS) \ $(INSTALLED_USERDATAIMAGE_TARGET) \ diff --git a/core/app_prebuilt_internal.mk b/core/app_prebuilt_internal.mk index ce554c9ad0..05d900160d 100644 --- a/core/app_prebuilt_internal.mk +++ b/core/app_prebuilt_internal.mk @@ -167,6 +167,9 @@ endif include $(BUILD_SYSTEM)/app_certificate_validate.mk +# Set a actual_partition_tag (calculated in base_rules.mk) for the package. +PACKAGES.$(LOCAL_MODULE).PARTITION := $(actual_partition_tag) + # Disable dex-preopt of prebuilts to save space, if requested. ifndef LOCAL_DEX_PREOPT ifeq ($(DONT_DEXPREOPT_PREBUILTS),true) diff --git a/core/base_rules.mk b/core/base_rules.mk index f70911edc9..f78e5099a2 100644 --- a/core/base_rules.mk +++ b/core/base_rules.mk @@ -208,23 +208,39 @@ my_module_path := $(patsubst %/,%,$(my_module_path)) my_module_relative_path := $(strip $(LOCAL_MODULE_RELATIVE_PATH)) ifdef LOCAL_IS_HOST_MODULE partition_tag := + actual_partition_tag := else ifeq (true,$(strip $(LOCAL_VENDOR_MODULE))) partition_tag := _VENDOR + # A vendor module could be on the vendor partition at "vendor" or the system + # partition at "system/vendor". + actual_partition_tag := $(if $(filter true,$(BOARD_USES_VENDORIMAGE)),vendor,system) else ifeq (true,$(strip $(LOCAL_OEM_MODULE))) partition_tag := _OEM + actual_partition_tag := oem else ifeq (true,$(strip $(LOCAL_ODM_MODULE))) partition_tag := _ODM + # An ODM module could be on the odm partition at "odm", the vendor partition + # at "vendor/odm", or the system partition at "system/vendor/odm". + actual_partition_tag := $(if $(filter true,$(BOARD_USES_ODMIMAGE)),odm,$(if $(filter true,$(BOARD_USES_VENDORIMAGE)),vendor,system)) else ifeq (true,$(strip $(LOCAL_PRODUCT_MODULE))) partition_tag := _PRODUCT + # A product module could be on the product partition at "product" or the + # system partition at "system/product". + actual_partition_tag := $(if $(filter true,$(BOARD_USES_PRODUCTIMAGE)),product,system) else ifeq (true,$(strip $(LOCAL_SYSTEM_EXT_MODULE))) partition_tag := _SYSTEM_EXT + # A system_ext-specific module could be on the system_ext partition at + # "system_ext" or the system partition at "system/system_ext". + actual_partition_tag := $(if $(filter true,$(BOARD_USES_SYSTEM_EXTIMAGE)),system_ext,system) else ifeq (NATIVE_TESTS,$(LOCAL_MODULE_CLASS)) partition_tag := _DATA + actual_partition_tag := data else # The definition of should-install-to-system will be different depending # on which goal (e.g., sdk or just droid) is being built. partition_tag := $(if $(call should-install-to-system,$(my_module_tags)),,_DATA) + actual_partition_tag := $(if $(partition_tag),data,system) endif endif # For test modules that lack a suite tag, set null-suite as the default. diff --git a/core/main.mk b/core/main.mk index 277ef7d6d9..5fb3810abc 100644 --- a/core/main.mk +++ b/core/main.mk @@ -310,7 +310,7 @@ ifneq ($(filter ro.setupwizard.mode=ENABLED, $(call collapse-pairs, $(ADDITIONAL endif ifndef is_sdk_build # To speedup startup of non-preopted builds, don't verify or compile the boot image. - ADDITIONAL_BUILD_PROPERTIES += dalvik.vm.image-dex2oat-filter=verify-at-runtime + ADDITIONAL_BUILD_PROPERTIES += dalvik.vm.image-dex2oat-filter=extract endif endif diff --git a/core/ninja_config.mk b/core/ninja_config.mk index c2d2a5bda1..3f2e5de8e8 100644 --- a/core/ninja_config.mk +++ b/core/ninja_config.mk @@ -46,7 +46,7 @@ PARSE_TIME_MAKE_GOALS := \ user \ userdataimage \ userdebug \ - vts \ + vts10 \ win_sdk \ winsdk-tools diff --git a/core/package_internal.mk b/core/package_internal.mk index e680df7b3f..c6c2cf55ce 100644 --- a/core/package_internal.mk +++ b/core/package_internal.mk @@ -471,6 +471,9 @@ PACKAGES.$(LOCAL_PACKAGE_NAME).CERTIFICATE := $(certificate) $(LOCAL_BUILT_MODULE): $(additional_certificates) $(LOCAL_BUILT_MODULE): PRIVATE_ADDITIONAL_CERTIFICATES := $(additional_certificates) +# Set a actual_partition_tag (calculated in base_rules.mk) for the package. +PACKAGES.$(LOCAL_PACKAGE_NAME).PARTITION := $(actual_partition_tag) + # Verify LOCAL_USES_LIBRARIES/LOCAL_OPTIONAL_USES_LIBRARIES # If LOCAL_ENFORCE_USES_LIBRARIES is not set, default to true if either of LOCAL_USES_LIBRARIES or # LOCAL_OPTIONAL_USES_LIBRARIES are specified. diff --git a/core/product.mk b/core/product.mk index 364f0d8275..b497abb5b3 100644 --- a/core/product.mk +++ b/core/product.mk @@ -216,6 +216,12 @@ _product_list_vars += PRODUCT_VENDOR_KERNEL_HEADERS # A list of module names of BOOTCLASSPATH (jar files) _product_list_vars += PRODUCT_BOOT_JARS + +# A list of extra BOOTCLASSPATH jars (to be appended after common jars). +# Products that include device-specific makefiles before AOSP makefiles should use this +# instead of PRODUCT_BOOT_JARS, so that device-specific jars go after common jars. +_product_list_vars += PRODUCT_BOOT_JARS_EXTRA + _product_list_vars += PRODUCT_SUPPORTS_BOOT_SIGNER _product_list_vars += PRODUCT_SUPPORTS_VBOOT _product_list_vars += PRODUCT_SUPPORTS_VERITY diff --git a/core/product_config.mk b/core/product_config.mk index c4361d0bba..aabd472704 100644 --- a/core/product_config.mk +++ b/core/product_config.mk @@ -228,6 +228,9 @@ PRODUCT_AAPT_CONFIG := $(PRODUCT_LOCALES) $(PRODUCT_AAPT_CONFIG) PRODUCT_AAPT_CONFIG_SP := $(PRODUCT_AAPT_CONFIG) PRODUCT_AAPT_CONFIG := $(subst $(space),$(comma),$(PRODUCT_AAPT_CONFIG)) +# Extra boot jars must be appended at the end after common boot jars. +PRODUCT_BOOT_JARS += $(PRODUCT_BOOT_JARS_EXTRA) + ifndef PRODUCT_SYSTEM_NAME PRODUCT_SYSTEM_NAME := $(PRODUCT_NAME) endif diff --git a/core/rbe.mk b/core/rbe.mk index 7886e1ae4b..019ac04efd 100644 --- a/core/rbe.mk +++ b/core/rbe.mk @@ -46,8 +46,12 @@ ifneq ($(filter-out false,$(USE_RBE)),) d8_exec_strategy := "local" endif + platform := "container-image=docker://gcr.io/androidbuild-re-dockerimage/android-build-remoteexec-image@sha256:582efb38f0c229ea39952fff9e132ccbe183e14869b39888010dacf56b360d62" + cxx_platform := $(platform)",Pool=default" + java_r8_d8_platform := $(platform)",Pool=java16" + RBE_WRAPPER := $(rbe_dir)/rewrapper - RBE_CXX := --labels=type=compile,lang=cpp,compiler=clang --env_var_whitelist=PWD --exec_strategy=$(cxx_rbe_exec_strategy) + RBE_CXX := --labels=type=compile,lang=cpp,compiler=clang --env_var_whitelist=PWD --exec_strategy=$(cxx_rbe_exec_strategy) --platform="$(cxx_platform)" # Append rewrapper to existing *_WRAPPER variables so it's possible to # use both ccache and rewrapper. @@ -55,16 +59,17 @@ ifneq ($(filter-out false,$(USE_RBE)),) CXX_WRAPPER := $(strip $(CXX_WRAPPER) $(RBE_WRAPPER) $(RBE_CXX)) ifdef RBE_JAVAC - JAVAC_WRAPPER := $(strip $(JAVAC_WRAPPER) $(RBE_WRAPPER) --labels=type=compile,lang=java,compiler=javac,shallow=true --exec_strategy=$(javac_exec_strategy)) + JAVAC_WRAPPER := $(strip $(JAVAC_WRAPPER) $(RBE_WRAPPER) --labels=type=compile,lang=java,compiler=javac --exec_strategy=$(javac_exec_strategy) --platform="$(java_r8_d8_platform)") endif ifdef RBE_R8 - R8_WRAPPER := $(strip $(RBE_WRAPPER) --labels=type=compile,compiler=r8,shallow=true --exec_strategy=$(r8_exec_strategy)) + R8_WRAPPER := $(strip $(RBE_WRAPPER) --labels=type=compile,compiler=r8 --exec_strategy=$(r8_exec_strategy) --platform="$(java_r8_d8_platform)" --inputs=out/soong/host/linux-x86/framework/r8-compat-proguard.jar,build/make/core/proguard_basic_keeps.flags --toolchain_inputs=prebuilts/jdk/jdk11/linux-x86/bin/java) endif ifdef RBE_D8 - D8_WRAPPER := $(strip $(RBE_WRAPPER) --labels=type=compile,compiler=d8,shallow=true --exec_strategy=$(d8_exec_strategy)) + D8_WRAPPER := $(strip $(RBE_WRAPPER) --labels=type=compile,compiler=d8 --exec_strategy=$(d8_exec_strategy) --platform="$(java_r8_d8_platform)" --inputs=out/soong/host/linux-x86/framework/d8.jar --toolchain_inputs=prebuilts/jdk/jdk11/linux-x86/bin/java) endif rbe_dir := endif + diff --git a/core/soong_app_prebuilt.mk b/core/soong_app_prebuilt.mk index 0a5ba9df82..6dc396c9ef 100644 --- a/core/soong_app_prebuilt.mk +++ b/core/soong_app_prebuilt.mk @@ -157,6 +157,9 @@ endif include $(BUILD_SYSTEM)/app_certificate_validate.mk PACKAGES.$(LOCAL_MODULE).OVERRIDES := $(strip $(LOCAL_OVERRIDES_PACKAGES)) +# Set a actual_partition_tag (calculated in base_rules.mk) for the package. +PACKAGES.$(LOCAL_MODULE).PARTITION := $(actual_partition_tag) + ifdef LOCAL_SOONG_BUNDLE ALL_MODULES.$(LOCAL_MODULE).BUNDLE := $(LOCAL_SOONG_BUNDLE) endif @@ -202,4 +205,11 @@ ifdef LOCAL_SOONG_PRODUCT_RRO_DIRS ) endif +ifdef LOCAL_PREBUILT_COVERAGE_ARCHIVE + my_coverage_dir := $(TARGET_OUT_COVERAGE)/$(patsubst $(PRODUCT_OUT)/%,%,$(my_module_path)) + my_coverage_copy_pairs := $(foreach f,$(LOCAL_PREBUILT_COVERAGE_ARCHIVE),$(f):$(my_coverage_dir)/$(notdir $(f))) + my_coverage_files := $(call copy-many-files,$(my_coverage_copy_pairs)) + $(LOCAL_INSTALLED_MODULE): $(my_coverage_files) +endif + SOONG_ALREADY_CONV := $(SOONG_ALREADY_CONV) $(LOCAL_MODULE) diff --git a/core/soong_config.mk b/core/soong_config.mk index 631846a23c..c91639c015 100644 --- a/core/soong_config.mk +++ b/core/soong_config.mk @@ -117,6 +117,8 @@ $(call add_json_bool, ClangCoverage, $(filter true,$(CLANG_C $(call add_json_list, CoveragePaths, $(COVERAGE_PATHS)) $(call add_json_list, CoverageExcludePaths, $(COVERAGE_EXCLUDE_PATHS)) +$(call add_json_bool, SamplingPGO, $(filter true,$(SAMPLING_PGO))) + $(call add_json_bool, ArtUseReadBarrier, $(call invert_bool,$(filter false,$(PRODUCT_ART_USE_READ_BARRIER)))) $(call add_json_bool, Binder32bit, $(BINDER32BIT)) $(call add_json_str, BtConfigIncludeDir, $(BOARD_BLUETOOTH_BDROID_BUILDCFG_INCLUDE_DIR)) diff --git a/core/tasks/device-tests.mk b/core/tasks/device-tests.mk index f071c7c7d1..73fad7c69b 100644 --- a/core/tasks/device-tests.mk +++ b/core/tasks/device-tests.mk @@ -21,30 +21,38 @@ device-tests-list-zip := $(PRODUCT_OUT)/device-tests_list.zip # Create an artifact to include all test config files in device-tests. device-tests-configs-zip := $(PRODUCT_OUT)/device-tests_configs.zip my_host_shared_lib_for_device_tests := $(call copy-many-files,$(COMPATIBILITY.device-tests.HOST_SHARED_LIBRARY.FILES)) -$(device-tests-zip) : .KATI_IMPLICIT_OUTPUTS := $(device-tests-list-zip) $(device-tests-configs-zip) +device_tests_host_shared_libs_zip := $(PRODUCT_OUT)/device-tests_host-shared-libs.zip + +$(device-tests-zip) : .KATI_IMPLICIT_OUTPUTS := $(device-tests-list-zip) $(device-tests-configs-zip) $(device_tests_host_shared_libs_zip) $(device-tests-zip) : PRIVATE_device_tests_list := $(PRODUCT_OUT)/device-tests_list $(device-tests-zip) : PRIVATE_HOST_SHARED_LIBS := $(my_host_shared_lib_for_device_tests) +$(device-tests-zip) : PRIVATE_device_host_shared_libs_zip := $(device_tests_host_shared_libs_zip) $(device-tests-zip) : $(COMPATIBILITY.device-tests.FILES) $(my_host_shared_lib_for_device_tests) $(SOONG_ZIP) + rm -f $@-shared-libs.list echo $(sort $(COMPATIBILITY.device-tests.FILES)) | tr " " "\n" > $@.list grep $(HOST_OUT_TESTCASES) $@.list > $@-host.list || true grep -e .*\\.config$$ $@-host.list > $@-host-test-configs.list || true $(hide) for shared_lib in $(PRIVATE_HOST_SHARED_LIBS); do \ echo $$shared_lib >> $@-host.list; \ + echo $$shared_lib >> $@-shared-libs.list; \ done + grep $(HOST_OUT_TESTCASES) $@-shared-libs.list > $@-host-shared-libs.list || true grep $(TARGET_OUT_TESTCASES) $@.list > $@-target.list || true grep -e .*\\.config$$ $@-target.list > $@-target-test-configs.list || true $(hide) $(SOONG_ZIP) -d -o $@ -P host -C $(HOST_OUT) -l $@-host.list -P target -C $(PRODUCT_OUT) -l $@-target.list $(hide) $(SOONG_ZIP) -d -o $(device-tests-configs-zip) \ -P host -C $(HOST_OUT) -l $@-host-test-configs.list \ -P target -C $(PRODUCT_OUT) -l $@-target-test-configs.list + $(SOONG_ZIP) -d -o $(PRIVATE_device_host_shared_libs_zip) \ + -P host -C $(HOST_OUT) -l $@-host-shared-libs.list rm -f $(PRIVATE_device_tests_list) $(hide) grep -e .*\\.config$$ $@-host.list | sed s%$(HOST_OUT)%host%g > $(PRIVATE_device_tests_list) $(hide) grep -e .*\\.config$$ $@-target.list | sed s%$(PRODUCT_OUT)%target%g >> $(PRIVATE_device_tests_list) $(hide) $(SOONG_ZIP) -d -o $(device-tests-list-zip) -C $(dir $@) -f $(PRIVATE_device_tests_list) rm -f $@.list $@-host.list $@-target.list $@-host-test-configs.list $@-target-test-configs.list \ - $(PRIVATE_device_tests_list) + $@-shared-libs.list $@-host-shared-libs.list $(PRIVATE_device_tests_list) device-tests: $(device-tests-zip) -$(call dist-for-goals, device-tests, $(device-tests-zip) $(device-tests-list-zip) $(device-tests-configs-zip)) +$(call dist-for-goals, device-tests, $(device-tests-zip) $(device-tests-list-zip) $(device-tests-configs-zip) $(device_tests_host_shared_libs_zip)) tests: device-tests diff --git a/core/tasks/general-tests.mk b/core/tasks/general-tests.mk index 53ebddc213..cb84a5ca74 100644 --- a/core/tasks/general-tests.mk +++ b/core/tasks/general-tests.mk @@ -14,12 +14,12 @@ .PHONY: general-tests -# TODO(b/149249068): Remove vts-tradefed.jar after all VTS tests are converted +# TODO(b/149249068): Remove vts10-tradefed.jar after all VTS tests are converted general_tests_tools := \ $(HOST_OUT_JAVA_LIBRARIES)/cts-tradefed.jar \ $(HOST_OUT_JAVA_LIBRARIES)/compatibility-host-util.jar \ - $(HOST_OUT_JAVA_LIBRARIES)/vts-core-tradefed.jar \ - $(HOST_OUT_JAVA_LIBRARIES)/vts-tradefed.jar + $(HOST_OUT_JAVA_LIBRARIES)/vts-tradefed.jar \ + $(HOST_OUT_JAVA_LIBRARIES)/vts10-tradefed.jar intermediates_dir := $(call intermediates-dir-for,PACKAGING,general-tests) general_tests_zip := $(PRODUCT_OUT)/general-tests.zip diff --git a/core/tasks/sdk-addon.mk b/core/tasks/sdk-addon.mk index 7f777a549f..5097f1266f 100644 --- a/core/tasks/sdk-addon.mk +++ b/core/tasks/sdk-addon.mk @@ -66,7 +66,7 @@ endif files_to_copy += \ $(addon_dir_img):$(INSTALLED_QEMU_SYSTEMIMAGE):images/$(TARGET_CPU_ABI)/system.img \ $(addon_dir_img):$(INSTALLED_QEMU_VENDORIMAGE):images/$(TARGET_CPU_ABI)/vendor.img \ - $(addon_dir_img):$(BUILT_RAMDISK_TARGET):images/$(TARGET_CPU_ABI)/ramdisk.img \ + $(addon_dir_img):$(INSTALLED_QEMU_RAMDISKIMAGE):images/$(TARGET_CPU_ABI)/ramdisk.img \ $(addon_dir_img):$(PRODUCT_OUT)/system/build.prop:images/$(TARGET_CPU_ABI)/build.prop \ $(addon_dir_img):device/generic/goldfish/data/etc/userdata.img:images/$(TARGET_CPU_ABI)/userdata.img \ $(addon_dir_img):$(target_notice_file_txt):images/$(TARGET_CPU_ABI)/NOTICE.txt \ diff --git a/core/tasks/tools/package-modules.mk b/core/tasks/tools/package-modules.mk index 55a08f51ec..6cafa4a2a3 100644 --- a/core/tasks/tools/package-modules.mk +++ b/core/tasks/tools/package-modules.mk @@ -16,7 +16,16 @@ # my_makefile := $(lastword $(filter-out $(lastword $(MAKEFILE_LIST)),$(MAKEFILE_LIST))) -my_staging_dir := $(call intermediates-dir-for,PACKAGING,$(my_package_name)) + +include $(CLEAR_VARS) +LOCAL_MODULE := $(my_package_name) +LOCAL_MODULE_CLASS := PACKAGING +LOCAL_MODULE_STEM := $(my_package_name).zip +LOCAL_UNINSTALLABLE_MODULE := true +include $(BUILD_SYSTEM)/base_rules.mk +my_staging_dir := $(intermediates) +my_package_zip := $(LOCAL_BUILT_MODULE) + my_built_modules := $(foreach p,$(my_copy_pairs),$(call word-colon,1,$(p))) my_copy_pairs := $(foreach p,$(my_copy_pairs),$(call word-colon,1,$(p)):$(my_staging_dir)/$(call word-colon,2,$(p))) my_pickup_files := @@ -80,7 +89,6 @@ ifneq ($(my_missing_error),) $(error done) endif -my_package_zip := $(my_staging_dir)/$(my_package_name).zip $(my_package_zip): PRIVATE_COPY_PAIRS := $(my_copy_pairs) $(my_package_zip): PRIVATE_PICKUP_FILES := $(my_pickup_files) $(my_package_zip) : $(my_built_modules) diff --git a/core/tasks/vts-core-tests.mk b/core/tasks/vts-core-tests.mk index f67d7224c8..33da020148 100644 --- a/core/tasks/vts-core-tests.mk +++ b/core/tasks/vts-core-tests.mk @@ -12,8 +12,8 @@ # See the License for the specific language governing permissions and # limitations under the License. -test_suite_name := vts-core -test_suite_tradefed := vts-core-tradefed +test_suite_name := vts +test_suite_tradefed := vts-tradefed test_suite_readme := test/vts/tools/vts-core-tradefed/README # TODO(b/149249068): Clean up after all VTS tests are converted. @@ -23,9 +23,14 @@ vts_test_artifact_paths := include $(BUILD_SYSTEM)/tasks/tools/compatibility.mk -.PHONY: vts-core +.PHONY: vts $(compatibility_zip): $(vts_test_artifact_paths) -vts-core: $(compatibility_zip) -$(call dist-for-goals, vts-core, $(compatibility_zip)) +vts: $(compatibility_zip) +$(call dist-for-goals, vts, $(compatibility_zip)) + +# TODO(b/149249068): Remove vts-core phony target after it's removed from all +# builders. +.PHONY: vts-core +vts-core: vts -tests: vts-core +tests: vts diff --git a/target/board/BoardConfigEmuCommon.mk b/target/board/BoardConfigEmuCommon.mk index d11f9d2ff1..a2e5518d37 100644 --- a/target/board/BoardConfigEmuCommon.mk +++ b/target/board/BoardConfigEmuCommon.mk @@ -74,6 +74,13 @@ else BOARD_VENDORIMAGE_PARTITION_SIZE := 146800640 endif +#vendor boot +TARGET_NO_VENDOR_BOOT := false +BOARD_INCLUDE_DTB_IN_BOOTIMG := false +BOARD_BOOT_HEADER_VERSION := 3 +BOARD_MKBOOTIMG_ARGS += --header_version $(BOARD_BOOT_HEADER_VERSION) +BOARD_VENDOR_BOOTIMAGE_PARTITION_SIZE := 0x06000000 + # Enable chain partition for system. BOARD_AVB_SYSTEM_KEY_PATH := external/avb/test/data/testkey_rsa2048.pem BOARD_AVB_SYSTEM_ALGORITHM := SHA256_RSA2048 diff --git a/target/board/generic_arm64/BoardConfig.mk b/target/board/generic_arm64/BoardConfig.mk index 8f30e6d4e2..8e28b5fc01 100644 --- a/target/board/generic_arm64/BoardConfig.mk +++ b/target/board/generic_arm64/BoardConfig.mk @@ -23,7 +23,7 @@ TARGET_2ND_ARCH := arm TARGET_2ND_CPU_ABI := armeabi-v7a TARGET_2ND_CPU_ABI2 := armeabi -ifneq ($(TARGET_BUILD_APPS)$(filter cts sdk vts,$(MAKECMDGOALS)),) +ifneq ($(TARGET_BUILD_APPS)$(filter cts sdk vts10,$(MAKECMDGOALS)),) # DO NOT USE # DO NOT USE # @@ -56,7 +56,7 @@ include build/make/target/board/BoardConfigGsiCommon.mk include build/make/target/board/BoardConfigEmuCommon.mk TARGET_NO_KERNEL := false -TARGET_NO_VENDOR_BOOT := true +TARGET_NO_VENDOR_BOOT := false BOARD_USES_RECOVERY_AS_BOOT := true BOARD_BOOTIMAGE_PARTITION_SIZE := 0x02000000 diff --git a/target/product/aosp_arm64.mk b/target/product/aosp_arm64.mk index 491397f2d4..3f986d3961 100644 --- a/target/product/aosp_arm64.mk +++ b/target/product/aosp_arm64.mk @@ -51,8 +51,9 @@ $(call inherit-product, $(SRC_TARGET_DIR)/product/telephony_system_ext.mk) $(call inherit-product, $(SRC_TARGET_DIR)/product/aosp_product.mk) # -# All components inherited here go to vendor image +# All components inherited here go to vendor or vendor_boot image # +$(call inherit-product-if-exists, device/generic/goldfish/arm64-vendor.mk) $(call inherit-product, $(SRC_TARGET_DIR)/product/emulator_vendor.mk) $(call inherit-product, $(SRC_TARGET_DIR)/board/generic_arm64/device.mk) diff --git a/target/product/base_system.mk b/target/product/base_system.mk index d9eb7c3985..434cbfcfd6 100644 --- a/target/product/base_system.mk +++ b/target/product/base_system.mk @@ -64,7 +64,6 @@ PRODUCT_PACKAGES += \ com.android.tzdata \ ContactsProvider \ content \ - crash_dump \ debuggerd\ device_config \ dmctl \ diff --git a/target/product/full.mk b/target/product/full.mk index b356f9d424..adb54ab662 100644 --- a/target/product/full.mk +++ b/target/product/full.mk @@ -19,6 +19,7 @@ # build quite specifically for the emulator, and might not be # entirely appropriate to inherit from for on-device configurations. +$(call inherit-product-if-exists, device/generic/goldfish/arm32-vendor.mk) $(call inherit-product, $(SRC_TARGET_DIR)/product/emulator.mk) $(call inherit-product, $(SRC_TARGET_DIR)/product/aosp_base_telephony.mk) $(call inherit-product, $(SRC_TARGET_DIR)/board/generic/device.mk) diff --git a/target/product/sdk_phone_arm64.mk b/target/product/sdk_phone_arm64.mk index 9024890d2c..ad726333a7 100644 --- a/target/product/sdk_phone_arm64.mk +++ b/target/product/sdk_phone_arm64.mk @@ -16,7 +16,6 @@ QEMU_USE_SYSTEM_EXT_PARTITIONS := true $(call inherit-product, $(SRC_TARGET_DIR)/product/aosp_arm64.mk) -$(call inherit-product-if-exists, device/generic/goldfish/arm64-vendor.mk) # Define the host tools and libs that are parts of the SDK. $(call inherit-product, sdk/build/product_sdk.mk) diff --git a/target/product/userspace_reboot.mk b/target/product/userspace_reboot.mk index 76ec83dd93..3f881af7e6 100644 --- a/target/product/userspace_reboot.mk +++ b/target/product/userspace_reboot.mk @@ -16,6 +16,4 @@ # Inherit this when the target supports userspace reboot -PRODUCT_PROPERTY_OVERRIDES := ro.init.userspace_reboot.is_supported=true - -# TODO(b/135984674): configure userspace reboot related properties +PRODUCT_PROPERTY_OVERRIDES := init.userspace_reboot.is_supported=true diff --git a/tools/fs_config/fs_config.c b/tools/fs_config/fs_config.c index 2952875f64..2a75add096 100644 --- a/tools/fs_config/fs_config.c +++ b/tools/fs_config/fs_config.c @@ -26,6 +26,7 @@ #include <selinux/label.h> #include "private/android_filesystem_config.h" +#include "private/fs_config.h" // This program takes a list of files and directories (indicated by a // trailing slash) on the stdin, and prints to stdout each input diff --git a/tools/fs_get_stats/fs_get_stats.c b/tools/fs_get_stats/fs_get_stats.c index 159e2aa912..64ef0e2312 100644 --- a/tools/fs_get_stats/fs_get_stats.c +++ b/tools/fs_get_stats/fs_get_stats.c @@ -4,6 +4,7 @@ #include <unistd.h> #include <private/android_filesystem_config.h> +#include <private/fs_config.h> #define DO_DEBUG 1 diff --git a/tools/releasetools/Android.bp b/tools/releasetools/Android.bp index 90a6485d63..d6f2116693 100644 --- a/tools/releasetools/Android.bp +++ b/tools/releasetools/Android.bp @@ -188,6 +188,7 @@ python_library_host { "imgdiff", "minigzip", "mkbootfs", + "signapk", ], } @@ -237,6 +238,16 @@ python_defaults { embedded_launcher: false, }, }, + // TODO (b/140144201) Build imgdiff from releasetools_common + required: [ + "aapt2", + "boot_signer", + "brotli", + "bsdiff", + "imgdiff", + "minigzip", + "mkbootfs", + ], } python_binary_host { diff --git a/tools/releasetools/apex_utils.py b/tools/releasetools/apex_utils.py index 9e27d29b7f..ae9b793263 100644 --- a/tools/releasetools/apex_utils.py +++ b/tools/releasetools/apex_utils.py @@ -52,7 +52,7 @@ class ApexApkSigner(object): self.key_passwords = key_passwords self.codename_to_api_level_map = codename_to_api_level_map - def ProcessApexFile(self, apk_keys, payload_key): + def ProcessApexFile(self, apk_keys, payload_key, signing_args=None): """Scans and signs the apk files and repack the apex Args: @@ -87,7 +87,7 @@ class ApexApkSigner(object): logger.info('No apk file has been signed in %s', self.apex_path) return self.apex_path - return self.RepackApexPayload(payload_dir, payload_key) + return self.RepackApexPayload(payload_dir, payload_key, signing_args) def ExtractApexPayloadAndSignApks(self, apk_entries, apk_keys): """Extracts the payload image and signs the containing apk files.""" @@ -115,7 +115,7 @@ class ApexApkSigner(object): has_signed_apk = True return payload_dir, has_signed_apk - def RepackApexPayload(self, payload_dir, payload_key): + def RepackApexPayload(self, payload_dir, payload_key, signing_args=None): """Rebuilds the apex file with the updated payload directory.""" apex_dir = common.MakeTempDir() # Extract the apex file and reuse its meta files as repack parameters. @@ -145,6 +145,12 @@ class ApexApkSigner(object): os.getenv('PATH')] for key, val in arguments_dict.items(): generate_image_cmd.extend(['--' + key, val]) + + # Add quote to the signing_args as we will pass + # --signing_args "--signing_helper_with_files=%path" to apexer + if signing_args: + generate_image_cmd.extend(['--signing_args', '"{}"'.format(signing_args)]) + # optional arguments for apex repacking manifest_json = os.path.join(apex_dir, 'apex_manifest.json') if os.path.exists(manifest_json): @@ -303,7 +309,7 @@ def SignApex(avbtool, apex_data, payload_key, container_key, container_pw, # the apex file after signing. apk_signer = ApexApkSigner(apex_file, container_pw, codename_to_api_level_map) - apex_file = apk_signer.ProcessApexFile(apk_keys, payload_key) + apex_file = apk_signer.ProcessApexFile(apk_keys, payload_key, signing_args) # 2a. Extract and sign the APEX_PAYLOAD_IMAGE entry with the given # payload_key. diff --git a/tools/releasetools/common.py b/tools/releasetools/common.py index 3276b297e4..dcf470a81f 100644 --- a/tools/releasetools/common.py +++ b/tools/releasetools/common.py @@ -77,6 +77,7 @@ class Options(object): self.boot_signer_args = [] self.verity_signer_path = None self.verity_signer_args = [] + self.aftl_tool_path = None self.aftl_server = None self.aftl_key_path = None self.aftl_manufacturer_key_path = None @@ -931,6 +932,39 @@ def GetAvbChainedPartitionArg(partition, info_dict, key=None): return "{}:{}:{}".format(partition, rollback_index_location, pubkey_path) +def AddAftlInclusionProof(output_image): + """Appends the aftl inclusion proof to the vbmeta image.""" + + # Ensure the other AFTL parameters are set as well. + assert OPTIONS.aftl_tool_path is not None, 'No aftl tool provided.' + assert OPTIONS.aftl_key_path is not None, 'No AFTL key provided.' + assert OPTIONS.aftl_manufacturer_key_path is not None, \ + 'No AFTL manufacturer key provided.' + + vbmeta_image = MakeTempFile() + os.rename(output_image, vbmeta_image) + build_info = BuildInfo(OPTIONS.info_dict) + version_incremental = build_info.GetBuildProp("ro.build.version.incremental") + aftltool = OPTIONS.aftl_tool_path + aftl_cmd = [aftltool, "make_icp_from_vbmeta", + "--vbmeta_image_path", vbmeta_image, + "--output", output_image, + "--version_incremental", version_incremental, + "--transparency_log_servers", OPTIONS.aftl_server, + "--transparency_log_pub_keys", OPTIONS.aftl_key_path, + "--manufacturer_key", OPTIONS.aftl_manufacturer_key_path, + "--algorithm", "SHA256_RSA4096", + "--padding", "4096"] + if OPTIONS.aftl_signer_helper: + aftl_cmd.extend(shlex.split(OPTIONS.aftl_signer_helper)) + RunAndCheckOutput(aftl_cmd) + + verify_cmd = ['aftltool', 'verify_image_icp', '--vbmeta_image_path', + output_image, '--transparency_log_pub_keys', + OPTIONS.aftl_key_path] + RunAndCheckOutput(verify_cmd) + + def BuildVBMeta(image_path, partitions, name, needed_partitions): """Creates a VBMeta image. @@ -973,28 +1007,26 @@ def BuildVBMeta(image_path, partitions, name, needed_partitions): # zip only). For such cases, we additionally scan other locations (e.g. # IMAGES/, RADIO/, etc) before bailing out. if arg == '--include_descriptors_from_image': - image_path = split_args[index + 1] - if os.path.exists(image_path): + chained_image = split_args[index + 1] + if os.path.exists(chained_image): continue found = False for dir_name in ['IMAGES', 'RADIO', 'PREBUILT_IMAGES']: alt_path = os.path.join( - OPTIONS.input_tmp, dir_name, os.path.basename(image_path)) + OPTIONS.input_tmp, dir_name, os.path.basename(chained_image)) if os.path.exists(alt_path): split_args[index + 1] = alt_path found = True break - assert found, 'Failed to find {}'.format(image_path) + assert found, 'Failed to find {}'.format(chained_image) cmd.extend(split_args) RunAndCheckOutput(cmd) + # Generate the AFTL inclusion proof. if OPTIONS.aftl_server is not None: - # Ensure the other AFTL parameters are set as well. - assert OPTIONS.aftl_key_path is not None, 'No AFTL key provided.' - assert OPTIONS.aftl_manufacturer_key_path is not None, 'No AFTL manufacturer key provided.' - assert OPTIONS.aftl_signer_helper is not None, 'No AFTL signer helper provided.' - # AFTL inclusion proof generation code will go here. + AddAftlInclusionProof(image_path) + def _MakeRamdisk(sourcedir, fs_config_file=None): ramdisk_img = tempfile.NamedTemporaryFile() @@ -1754,7 +1786,8 @@ def ReadApkCerts(tf_zip): continue m = re.match( r'^name="(?P<NAME>.*)"\s+certificate="(?P<CERT>.*)"\s+' - r'private_key="(?P<PRIVKEY>.*?)"(\s+compressed="(?P<COMPRESSED>.*)")?$', + r'private_key="(?P<PRIVKEY>.*?)"(\s+compressed="(?P<COMPRESSED>.*?)")?' + r'(\s+partition="(?P<PARTITION>.*?)")?$', line) if not m: continue @@ -1846,9 +1879,9 @@ def ParseOptions(argv, "java_path=", "java_args=", "android_jar_path=", "public_key_suffix=", "private_key_suffix=", "boot_signer_path=", "boot_signer_args=", "verity_signer_path=", "verity_signer_args=", "device_specific=", - "extra=", "logfile=", "aftl_server=", "aftl_key_path=", - "aftl_manufacturer_key_path=", "aftl_signer_helper="] + - list(extra_long_opts)) + "extra=", "logfile=", "aftl_tool_path=", "aftl_server=", + "aftl_key_path=", "aftl_manufacturer_key_path=", + "aftl_signer_helper="] + list(extra_long_opts)) except getopt.GetoptError as err: Usage(docstring) print("**", str(err), "**") @@ -1886,6 +1919,8 @@ def ParseOptions(argv, OPTIONS.verity_signer_path = a elif o in ("--verity_signer_args",): OPTIONS.verity_signer_args = shlex.split(a) + elif o in ("--aftl_tool_path",): + OPTIONS.aftl_tool_path = a elif o in ("--aftl_server",): OPTIONS.aftl_server = a elif o in ("--aftl_key_path",): diff --git a/tools/releasetools/merge_target_files.py b/tools/releasetools/merge_target_files.py index eb68bc30e6..d9d3854056 100755 --- a/tools/releasetools/merge_target_files.py +++ b/tools/releasetools/merge_target_files.py @@ -79,6 +79,7 @@ from __future__ import print_function import fnmatch import logging import os +import re import shutil import subprocess import sys @@ -94,6 +95,8 @@ import ota_from_target_files logger = logging.getLogger(__name__) OPTIONS = common.OPTIONS +# Always turn on verbose logging. +OPTIONS.verbose = True OPTIONS.framework_target_files = None OPTIONS.framework_item_list = None OPTIONS.framework_misc_info_keys = None @@ -109,6 +112,28 @@ OPTIONS.output_super_empty = None OPTIONS.rebuild_recovery = False OPTIONS.keep_tmp = False +# In an item list (framework or vendor), we may see entries that select whole +# partitions. Such an entry might look like this 'SYSTEM/*' (e.g., for the +# system partition). The following regex matches this and extracts the +# partition name. + +PARTITION_ITEM_PATTERN = re.compile(r'^([A-Z_]+)/\*$') + +# In apexkeys.txt or apkcerts.txt, we will find partition tags on each entry in +# the file. We use these partition tags to filter the entries in those files +# from the two different target files packages to produce a merged apexkeys.txt +# or apkcerts.txt file. A partition tag (e.g., for the product partition) looks +# like this: 'partition="product"'. We use the group syntax grab the value of +# the tag. We use non-greedy matching in case there are other fields on the +# same line. + +PARTITION_TAG_PATTERN = re.compile(r'partition="(.*?)"') + +# The sorting algorithm for apexkeys.txt and apkcerts.txt does not include the +# ".apex" or ".apk" suffix, so we use the following pattern to extract a key. + +MODULE_KEY_PATTERN = re.compile(r'name="(.+)\.(apex|apk)"') + # DEFAULT_FRAMEWORK_ITEM_LIST is a list of items to extract from the partial # framework target files package as is, meaning these items will land in the # output target files package exactly as they appear in the input partial @@ -484,9 +509,40 @@ def process_dynamic_partitions_info_txt(framework_target_files_dir, path=output_dynamic_partitions_info_txt) +def item_list_to_partition_set(item_list): + """Converts a target files item list to a partition set. + + The item list contains items that might look like 'SYSTEM/*' or 'VENDOR/*' or + 'OTA/android-info.txt'. Items that end in '/*' are assumed to match entire + directories where 'SYSTEM' or 'VENDOR' is a directory name that identifies the + contents of a partition of the same name. Other items in the list, such as the + 'OTA' example contain metadata. This function iterates such a list, returning + a set that contains the partition entries. + + Args: + item_list: A list of items in a target files package. + Returns: + A set of partitions extracted from the list of items. + """ + + partition_set = set() + + for item in item_list: + match = PARTITION_ITEM_PATTERN.search(item.strip()) + partition_tag = match.group(1).lower() if match else None + + if partition_tag: + partition_set.add(partition_tag) + + return partition_set + + def process_apex_keys_apk_certs_common(framework_target_files_dir, vendor_target_files_dir, - output_target_files_dir, file_name): + output_target_files_dir, + framework_partition_set, + vendor_partition_set, file_name): + """Performs special processing for META/apexkeys.txt or META/apkcerts.txt. This function merges the contents of the META/apexkeys.txt or @@ -502,6 +558,10 @@ def process_apex_keys_apk_certs_common(framework_target_files_dir, items extracted from the vendor target files package. output_target_files_dir: The name of a directory that will be used to create the output target files package after all the special cases are processed. + framework_partition_set: Partitions that are considered framework + partitions. Used to filter apexkeys.txt and apkcerts.txt. + vendor_partition_set: Partitions that are considered vendor partitions. Used + to filter apexkeys.txt and apkcerts.txt. file_name: The name of the file to merge. One of apkcerts.txt or apexkeys.txt. """ @@ -512,21 +572,44 @@ def process_apex_keys_apk_certs_common(framework_target_files_dir, with open(file_path) as f: for line in f: if line.strip(): - temp[line.split()[0]] = line.strip() + name = line.split()[0] + match = MODULE_KEY_PATTERN.search(name) + temp[match.group(1)] = line.strip() return temp framework_dict = read_helper(framework_target_files_dir) vendor_dict = read_helper(vendor_target_files_dir) + merged_dict = {} - for key in framework_dict: - if key in vendor_dict and vendor_dict[key] != framework_dict[key]: - raise ValueError('Conflicting entries found in %s:\n %s and\n %s' % - (file_name, framework_dict[key], vendor_dict[key])) - vendor_dict[key] = framework_dict[key] + def filter_into_merged_dict(item_dict, partition_set): + for key, value in item_dict.items(): + match = PARTITION_TAG_PATTERN.search(value) + + if match is None: + raise ValueError('Entry missing partition tag: %s' % value) + + partition_tag = match.group(1) + + if partition_tag in partition_set: + if key in merged_dict: + raise ValueError('Duplicate key %s' % key) + + merged_dict[key] = value + + filter_into_merged_dict(framework_dict, framework_partition_set) + filter_into_merged_dict(vendor_dict, vendor_partition_set) output_file = os.path.join(output_target_files_dir, 'META', file_name) - write_sorted_data(data=vendor_dict.values(), path=output_file) + # The following code is similar to write_sorted_data, but different enough + # that we couldn't use that function. We need the output to be sorted by the + # basename of the apex/apk (without the ".apex" or ".apk" suffix). This + # allows the sort to be consistent with the framework/vendor input data and + # eases comparison of input data with merged data. + with open(output_file, 'w') as output: + for key in sorted(merged_dict.keys()): + out_str = merged_dict[key] + '\n' + output.write(out_str) def copy_file_contexts(framework_target_files_dir, vendor_target_files_dir, @@ -559,7 +642,9 @@ def copy_file_contexts(framework_target_files_dir, vendor_target_files_dir, def process_special_cases(framework_target_files_temp_dir, vendor_target_files_temp_dir, output_target_files_temp_dir, - framework_misc_info_keys): + framework_misc_info_keys, + framework_partition_set, + vendor_partition_set): """Performs special-case processing for certain target files items. Certain files in the output target files package require special-case @@ -576,6 +661,10 @@ def process_special_cases(framework_target_files_temp_dir, framework_misc_info_keys: A list of keys to obtain from the framework instance of META/misc_info.txt. The remaining keys from the vendor instance. + framework_partition_set: Partitions that are considered framework + partitions. Used to filter apexkeys.txt and apkcerts.txt. + vendor_partition_set: Partitions that are considered vendor partitions. Used + to filter apexkeys.txt and apkcerts.txt. """ if 'ab_update' in framework_misc_info_keys: @@ -604,12 +693,16 @@ def process_special_cases(framework_target_files_temp_dir, framework_target_files_dir=framework_target_files_temp_dir, vendor_target_files_dir=vendor_target_files_temp_dir, output_target_files_dir=output_target_files_temp_dir, + framework_partition_set=framework_partition_set, + vendor_partition_set=vendor_partition_set, file_name='apkcerts.txt') process_apex_keys_apk_certs_common( framework_target_files_dir=framework_target_files_temp_dir, vendor_target_files_dir=vendor_target_files_temp_dir, output_target_files_dir=output_target_files_temp_dir, + framework_partition_set=framework_partition_set, + vendor_partition_set=vendor_partition_set, file_name='apexkeys.txt') @@ -716,7 +809,9 @@ def create_merged_package(temp_dir, framework_target_files, framework_item_list, framework_target_files_temp_dir=framework_target_files_temp_dir, vendor_target_files_temp_dir=vendor_target_files_temp_dir, output_target_files_temp_dir=output_target_files_temp_dir, - framework_misc_info_keys=framework_misc_info_keys) + framework_misc_info_keys=framework_misc_info_keys, + framework_partition_set=item_list_to_partition_set(framework_item_list), + vendor_partition_set=item_list_to_partition_set(vendor_item_list)) return output_target_files_temp_dir @@ -1016,9 +1111,6 @@ def main(): common.Usage(__doc__) sys.exit(1) - # Always turn on verbose logging. - OPTIONS.verbose = True - if OPTIONS.framework_item_list: framework_item_list = common.LoadListFromFile(OPTIONS.framework_item_list) else: diff --git a/tools/releasetools/ota_from_target_files.py b/tools/releasetools/ota_from_target_files.py index 2126d11825..92a46a20cd 100755 --- a/tools/releasetools/ota_from_target_files.py +++ b/tools/releasetools/ota_from_target_files.py @@ -318,7 +318,7 @@ class PayloadSigner(object): common.RunAndCheckOutput(cmd) with open(out_signature_size_file) as f: signature_size = f.read().rstrip() - logger.info("% outputs the maximum signature size: %", cmd[0], + logger.info("%s outputs the maximum signature size: %s", cmd[0], signature_size) return int(signature_size) diff --git a/tools/releasetools/sign_target_files_apks.py b/tools/releasetools/sign_target_files_apks.py index 5b7c2ac676..52cd9a850f 100755 --- a/tools/releasetools/sign_target_files_apks.py +++ b/tools/releasetools/sign_target_files_apks.py @@ -1082,7 +1082,8 @@ def ReadApexKeysInfo(tf_zip): r'public_key="(?P<PAYLOAD_PUBLIC_KEY>.*)"\s+' r'private_key="(?P<PAYLOAD_PRIVATE_KEY>.*)"\s+' r'container_certificate="(?P<CONTAINER_CERT>.*)"\s+' - r'container_private_key="(?P<CONTAINER_PRIVATE_KEY>.*)"$', + r'container_private_key="(?P<CONTAINER_PRIVATE_KEY>.*?)"' + r'(\s+partition="(?P<PARTITION>.*?)")?$', line) if not matches: continue diff --git a/tools/releasetools/test_common.py b/tools/releasetools/test_common.py index da9216369e..7058da7444 100644 --- a/tools/releasetools/test_common.py +++ b/tools/releasetools/test_common.py @@ -710,6 +710,25 @@ class CommonApkUtilsTest(test_utils.ReleaseToolsTestCase): 'Compressed4.apk' : 'certs/compressed4', } + # Test parsing with no optional fields, both optional fields, and only the + # partition optional field. + APKCERTS_TXT4 = ( + 'name="RecoveryLocalizer.apk" certificate="certs/devkey.x509.pem"' + ' private_key="certs/devkey.pk8"\n' + 'name="Settings.apk"' + ' certificate="build/make/target/product/security/platform.x509.pem"' + ' private_key="build/make/target/product/security/platform.pk8"' + ' compressed="gz" partition="system"\n' + 'name="TV.apk" certificate="PRESIGNED" private_key=""' + ' partition="product"\n' + ) + + APKCERTS_CERTMAP4 = { + 'RecoveryLocalizer.apk' : 'certs/devkey', + 'Settings.apk' : 'build/make/target/product/security/platform', + 'TV.apk' : 'PRESIGNED', + } + def setUp(self): self.testdata_dir = test_utils.get_testdata_dir() @@ -786,6 +805,14 @@ class CommonApkUtilsTest(test_utils.ReleaseToolsTestCase): with zipfile.ZipFile(target_files, 'r') as input_zip: self.assertRaises(ValueError, common.ReadApkCerts, input_zip) + def test_ReadApkCerts_WithWithoutOptionalFields(self): + target_files = self._write_apkcerts_txt(self.APKCERTS_TXT4) + with zipfile.ZipFile(target_files, 'r') as input_zip: + certmap, ext = common.ReadApkCerts(input_zip) + + self.assertDictEqual(self.APKCERTS_CERTMAP4, certmap) + self.assertIsNone(ext) + def test_ExtractPublicKey(self): cert = os.path.join(self.testdata_dir, 'testkey.x509.pem') pubkey = os.path.join(self.testdata_dir, 'testkey.pubkey.pem') @@ -1404,6 +1431,47 @@ class CommonUtilsTest(test_utils.ReleaseToolsTestCase): self.assertEqual('3', chained_partition_args[1]) self.assertTrue(os.path.exists(chained_partition_args[2])) + @test_utils.SkipIfExternalToolsUnavailable() + def test_BuildVBMeta_appendAftl(self): + testdata_dir = test_utils.get_testdata_dir() + common.OPTIONS.info_dict = { + 'ab_update': 'true', + 'avb_avbtool': 'avbtool', + 'build.prop': { + 'ro.build.version.incremental': '6285659', + 'ro.product.device': 'coral', + 'ro.build.fingerprint': 'google/coral/coral:R/RP1A.200311.002/' + '6285659:userdebug/dev-keys' + } + } + common.OPTIONS.aftl_tool_path = "aftltool" + common.OPTIONS.aftl_server = "log.endpoints.aftl-dev.cloud.goog:9000" + common.OPTIONS.aftl_key_path = os.path.join(testdata_dir, + 'test_transparency_key.pub') + common.OPTIONS.aftl_manufacturer_key_path = os.path.join( + testdata_dir, 'test_aftl_rsa4096.pem') + + input_dir = common.MakeTempDir() + system_image = common.MakeTempFile() + build_image_cmd = ['mkuserimg_mke2fs', input_dir, system_image, 'ext4', + '/system', str(4096 * 100), '-j', '0', '-s'] + common.RunAndCheckOutput(build_image_cmd) + + add_footer_cmd = ['avbtool', 'add_hashtree_footer', + '--partition_size', str(4096 * 150), + '--partition_name', 'system', + '--image', system_image] + common.RunAndCheckOutput(add_footer_cmd) + + vbmeta_image = common.MakeTempFile() + common.BuildVBMeta(vbmeta_image, {'system': system_image}, 'vbmeta', + ['system']) + + verify_cmd = ['aftltool', 'verify_image_icp', '--vbmeta_image_path', + vbmeta_image, '--transparency_log_pub_keys', + common.OPTIONS.aftl_key_path] + common.RunAndCheckOutput(verify_cmd) + class InstallRecoveryScriptFormatTest(test_utils.ReleaseToolsTestCase): """Checks the format of install-recovery.sh. diff --git a/tools/releasetools/test_merge_target_files.py b/tools/releasetools/test_merge_target_files.py index 1abe83c7c3..ff8593b693 100644 --- a/tools/releasetools/test_merge_target_files.py +++ b/tools/releasetools/test_merge_target_files.py @@ -22,6 +22,7 @@ from merge_target_files import (validate_config_lists, DEFAULT_FRAMEWORK_ITEM_LIST, DEFAULT_VENDOR_ITEM_LIST, DEFAULT_FRAMEWORK_MISC_INFO_KEYS, copy_items, + item_list_to_partition_set, process_apex_keys_apk_certs_common) @@ -142,6 +143,8 @@ class MergeTargetFilesTest(test_utils.ReleaseToolsTestCase): os.path.join(vendor_dir, 'META', 'apexkeys.txt')) process_apex_keys_apk_certs_common(framework_dir, vendor_dir, output_dir, + set(['product', 'system', 'system_ext']), + set(['odm', 'vendor']), 'apexkeys.txt') merged_entries = [] @@ -175,4 +178,54 @@ class MergeTargetFilesTest(test_utils.ReleaseToolsTestCase): os.path.join(conflict_dir, 'META', 'apexkeys.txt')) self.assertRaises(ValueError, process_apex_keys_apk_certs_common, - framework_dir, conflict_dir, output_dir, 'apexkeys.txt') + framework_dir, conflict_dir, output_dir, + set(['product', 'system', 'system_ext']), + set(['odm', 'vendor']), + 'apexkeys.txt') + + def test_process_apex_keys_apk_certs_HandlesApkCertsSyntax(self): + output_dir = common.MakeTempDir() + os.makedirs(os.path.join(output_dir, 'META')) + + framework_dir = common.MakeTempDir() + os.makedirs(os.path.join(framework_dir, 'META')) + os.symlink( + os.path.join(self.testdata_dir, 'apkcerts_framework.txt'), + os.path.join(framework_dir, 'META', 'apkcerts.txt')) + + vendor_dir = common.MakeTempDir() + os.makedirs(os.path.join(vendor_dir, 'META')) + os.symlink( + os.path.join(self.testdata_dir, 'apkcerts_vendor.txt'), + os.path.join(vendor_dir, 'META', 'apkcerts.txt')) + + process_apex_keys_apk_certs_common(framework_dir, vendor_dir, output_dir, + set(['product', 'system', 'system_ext']), + set(['odm', 'vendor']), + 'apkcerts.txt') + + merged_entries = [] + merged_path = os.path.join(self.testdata_dir, 'apkcerts_merge.txt') + + with open(merged_path) as f: + merged_entries = f.read().split('\n') + + output_entries = [] + output_path = os.path.join(output_dir, 'META', 'apkcerts.txt') + + with open(output_path) as f: + output_entries = f.read().split('\n') + + return self.assertEqual(merged_entries, output_entries) + + def test_item_list_to_partition_set(self): + item_list = [ + 'META/apexkeys.txt', + 'META/apkcerts.txt', + 'META/filesystem_config.txt', + 'PRODUCT/*', + 'SYSTEM/*', + 'SYSTEM_EXT/*', + ] + partition_set = item_list_to_partition_set(item_list) + self.assertEqual(set(['product', 'system', 'system_ext']), partition_set) diff --git a/tools/releasetools/test_sign_target_files_apks.py b/tools/releasetools/test_sign_target_files_apks.py index 2b84413cfa..308172f356 100644 --- a/tools/releasetools/test_sign_target_files_apks.py +++ b/tools/releasetools/test_sign_target_files_apks.py @@ -35,8 +35,12 @@ class SignTargetFilesApksTest(test_utils.ReleaseToolsTestCase): <signer signature="{}"><seinfo value="media"/></signer> </policy>""" + # Note that we test one apex with the partition tag, and another without to + # make sure that new OTA tools can process an older target files package that + # does not include the partition tag. + # pylint: disable=line-too-long - APEX_KEYS_TXT = """name="apex.apexd_test.apex" public_key="system/apex/apexd/apexd_testdata/com.android.apex.test_package.avbpubkey" private_key="system/apex/apexd/apexd_testdata/com.android.apex.test_package.pem" container_certificate="build/make/target/product/security/testkey.x509.pem" container_private_key="build/make/target/product/security/testkey.pk8" + APEX_KEYS_TXT = """name="apex.apexd_test.apex" public_key="system/apex/apexd/apexd_testdata/com.android.apex.test_package.avbpubkey" private_key="system/apex/apexd/apexd_testdata/com.android.apex.test_package.pem" container_certificate="build/make/target/product/security/testkey.x509.pem" container_private_key="build/make/target/product/security/testkey.pk8" partition="system" name="apex.apexd_test_different_app.apex" public_key="system/apex/apexd/apexd_testdata/com.android.apex.test_package_2.avbpubkey" private_key="system/apex/apexd/apexd_testdata/com.android.apex.test_package_2.pem" container_certificate="build/make/target/product/security/testkey.x509.pem" container_private_key="build/make/target/product/security/testkey.pk8" """ @@ -484,7 +488,8 @@ name="apex.apexd_test_different_app.apex" public_key="system/apex/apexd/apexd_te 'public_key="system/apex/apexd/apexd_testdata/com.android.apex.test_package_2.avbpubkey" ' 'private_key="system/apex/apexd/apexd_testdata/com.android.apex.test_package_2.pem" ' 'container_certificate="build/make/target/product/security/testkey.x509.pem" ' - 'container_private_key="build/make/target/product/security/testkey2.pk8"') + 'container_private_key="build/make/target/product/security/testkey2.pk8" ' + 'partition="system"') target_files = common.MakeTempFile(suffix='.zip') with zipfile.ZipFile(target_files, 'w') as target_files_zip: target_files_zip.writestr('META/apexkeys.txt', apex_keys) diff --git a/tools/releasetools/testdata/apexkeys_framework.txt b/tools/releasetools/testdata/apexkeys_framework.txt index 2346668708..b9caf9e271 100644 --- a/tools/releasetools/testdata/apexkeys_framework.txt +++ b/tools/releasetools/testdata/apexkeys_framework.txt @@ -1,2 +1,7 @@ -name="com.android.runtime.debug.apex" public_key="art/build/apex/com.android.runtime.avbpubkey" private_key="art/build/apex/com.android.runtime.pem" container_certificate="art/build/apex/com.android.runtime.debug.x509.pem" container_private_key="art/build/apex/com.android.runtime.debug.pk8" -name="com.android.conscrypt.apex" public_key="external/conscrypt/apex/com.android.conscrypt.avbpubkey" private_key="external/conscrypt/apex/com.android.conscrypt.pem" container_certificate="external/conscrypt/apex/com.android.conscrypt.x509.pem" container_private_key="external/conscrypt/apex/com.android.conscrypt.pk8" +name="com.android.conscrypt.apex" public_key="external/conscrypt/apex/com.android.conscrypt.avbpubkey" private_key="external/conscrypt/apex/com.android.conscrypt.pem" container_certificate="external/conscrypt/apex/com.android.conscrypt.x509.pem" container_private_key="external/conscrypt/apex/com.android.conscrypt.pk8" partition="system" +name="com.android.dummy_product.apex" public_key="selected" private_key="selected" container_certificate="selected" container_private_key="selected" partition="product" +name="com.android.runtime.apex" public_key="bionic/apex/com.android.runtime.avbpubkey" private_key="bionic/apex/com.android.runtime.pem" container_certificate="bionic/apex/com.android.runtime.x509.pem" container_private_key="bionic/apex/com.android.runtime.pk8" partition="system" +name="com.android.vndk.current.on_vendor.apex" public_key="not_selected" private_key="not_selected" container_certificate="not_selected" container_private_key="not_selected" partition="vendor" +name="com.android.vndk.v27.apex" public_key="packages/modules/vndk/apex/com.android.vndk.v27.pubkey" private_key="packages/modules/vndk/apex/com.android.vndk.v27.pem" container_certificate="packages/modules/vndk/apex/com.android.vndk.v27.x509.pem" container_private_key="packages/modules/vndk/apex/com.android.vndk.v27.pk8" partition="system_ext" +name="com.android.vndk.v28.apex" public_key="packages/modules/vndk/apex/com.android.vndk.v28.pubkey" private_key="packages/modules/vndk/apex/com.android.vndk.v28.pem" container_certificate="packages/modules/vndk/apex/com.android.vndk.v28.x509.pem" container_private_key="packages/modules/vndk/apex/com.android.vndk.v28.pk8" partition="system_ext" +name="com.android.vndk.v29.apex" public_key="packages/modules/vndk/apex/com.android.vndk.v29.pubkey" private_key="packages/modules/vndk/apex/com.android.vndk.v29.pem" container_certificate="packages/modules/vndk/apex/com.android.vndk.v29.x509.pem" container_private_key="packages/modules/vndk/apex/com.android.vndk.v29.pk8" partition="system_ext" diff --git a/tools/releasetools/testdata/apexkeys_framework_conflict.txt b/tools/releasetools/testdata/apexkeys_framework_conflict.txt index caa21c2fab..9a055f4bc3 100644 --- a/tools/releasetools/testdata/apexkeys_framework_conflict.txt +++ b/tools/releasetools/testdata/apexkeys_framework_conflict.txt @@ -1 +1 @@ -name="com.android.runtime.debug.apex" public_key="art/build/apex/com.android.runtime.avbpubkey" private_key="art/build/apex/com.android.runtime.pem" container_certificate="art/build/apex/com.android.runtime.release.x509.pem" container_private_key="art/build/apex/com.android.runtime.debug.pk8" +name="com.android.conscrypt.apex" public_key="external/conscrypt/apex/com.android.conscrypt.avbpubkey" private_key="external/conscrypt/apex/com.android.conscrypt.pem" container_certificate="external/conscrypt/apex/com.android.conscrypt.x509.pem" container_private_key="external/conscrypt/apex/com.android.conscrypt.pk8" partition="vendor" diff --git a/tools/releasetools/testdata/apexkeys_merge.txt b/tools/releasetools/testdata/apexkeys_merge.txt index 48e789f43d..a9355d770d 100644 --- a/tools/releasetools/testdata/apexkeys_merge.txt +++ b/tools/releasetools/testdata/apexkeys_merge.txt @@ -1,4 +1,7 @@ -name="com.android.conscrypt.apex" public_key="external/conscrypt/apex/com.android.conscrypt.avbpubkey" private_key="external/conscrypt/apex/com.android.conscrypt.pem" container_certificate="external/conscrypt/apex/com.android.conscrypt.x509.pem" container_private_key="external/conscrypt/apex/com.android.conscrypt.pk8" -name="com.android.runtime.debug.apex" public_key="art/build/apex/com.android.runtime.avbpubkey" private_key="art/build/apex/com.android.runtime.pem" container_certificate="art/build/apex/com.android.runtime.debug.x509.pem" container_private_key="art/build/apex/com.android.runtime.debug.pk8" -name="com.android.runtime.release.apex" public_key="art/build/apex/com.android.runtime.avbpubkey" private_key="art/build/apex/com.android.runtime.pem" container_certificate="art/build/apex/com.android.runtime.release.x509.pem" container_private_key="art/build/apex/com.android.runtime.release.pk8" -name="com.android.support.apexer.apex" public_key="system/apex/apexer/etc/com.android.support.apexer.avbpubkey" private_key="system/apex/apexer/etc/com.android.support.apexer.pem" container_certificate="build/target/product/security/testkey.x509.pem" container_private_key="build/target/product/security/testkey.pk8" +name="com.android.conscrypt.apex" public_key="external/conscrypt/apex/com.android.conscrypt.avbpubkey" private_key="external/conscrypt/apex/com.android.conscrypt.pem" container_certificate="external/conscrypt/apex/com.android.conscrypt.x509.pem" container_private_key="external/conscrypt/apex/com.android.conscrypt.pk8" partition="system" +name="com.android.dummy_product.apex" public_key="selected" private_key="selected" container_certificate="selected" container_private_key="selected" partition="product" +name="com.android.runtime.apex" public_key="bionic/apex/com.android.runtime.avbpubkey" private_key="bionic/apex/com.android.runtime.pem" container_certificate="bionic/apex/com.android.runtime.x509.pem" container_private_key="bionic/apex/com.android.runtime.pk8" partition="system" +name="com.android.vndk.current.on_vendor.apex" public_key="packages/modules/vndk/apex/com.android.vndk.current.pubkey" private_key="packages/modules/vndk/apex/com.android.vndk.current.pem" container_certificate="packages/modules/vndk/apex/com.android.vndk.current.x509.pem" container_private_key="packages/modules/vndk/apex/com.android.vndk.current.pk8" partition="vendor" +name="com.android.vndk.v27.apex" public_key="packages/modules/vndk/apex/com.android.vndk.v27.pubkey" private_key="packages/modules/vndk/apex/com.android.vndk.v27.pem" container_certificate="packages/modules/vndk/apex/com.android.vndk.v27.x509.pem" container_private_key="packages/modules/vndk/apex/com.android.vndk.v27.pk8" partition="system_ext" +name="com.android.vndk.v28.apex" public_key="packages/modules/vndk/apex/com.android.vndk.v28.pubkey" private_key="packages/modules/vndk/apex/com.android.vndk.v28.pem" container_certificate="packages/modules/vndk/apex/com.android.vndk.v28.x509.pem" container_private_key="packages/modules/vndk/apex/com.android.vndk.v28.pk8" partition="system_ext" +name="com.android.vndk.v29.apex" public_key="packages/modules/vndk/apex/com.android.vndk.v29.pubkey" private_key="packages/modules/vndk/apex/com.android.vndk.v29.pem" container_certificate="packages/modules/vndk/apex/com.android.vndk.v29.x509.pem" container_private_key="packages/modules/vndk/apex/com.android.vndk.v29.pk8" partition="system_ext" diff --git a/tools/releasetools/testdata/apexkeys_vendor.txt b/tools/releasetools/testdata/apexkeys_vendor.txt index b751227aca..7dd3964bca 100644 --- a/tools/releasetools/testdata/apexkeys_vendor.txt +++ b/tools/releasetools/testdata/apexkeys_vendor.txt @@ -1,3 +1,7 @@ -name="com.android.runtime.release.apex" public_key="art/build/apex/com.android.runtime.avbpubkey" private_key="art/build/apex/com.android.runtime.pem" container_certificate="art/build/apex/com.android.runtime.release.x509.pem" container_private_key="art/build/apex/com.android.runtime.release.pk8" -name="com.android.support.apexer.apex" public_key="system/apex/apexer/etc/com.android.support.apexer.avbpubkey" private_key="system/apex/apexer/etc/com.android.support.apexer.pem" container_certificate="build/target/product/security/testkey.x509.pem" container_private_key="build/target/product/security/testkey.pk8" -name="com.android.runtime.debug.apex" public_key="art/build/apex/com.android.runtime.avbpubkey" private_key="art/build/apex/com.android.runtime.pem" container_certificate="art/build/apex/com.android.runtime.debug.x509.pem" container_private_key="art/build/apex/com.android.runtime.debug.pk8" +name="com.android.conscrypt.apex" public_key="not_selected" private_key="not_selected" container_certificate="not_selected" container_private_key="not_selected" partition="system" +name="com.android.dummy_product.apex" public_key="not_selected" private_key="not_selected" container_certificate="not_selected" container_private_key="not_selected" partition="product" +name="com.android.runtime.apex" public_key="not_selected" private_key="not_selected" container_certificate="not_selected" container_private_key="not_selected" partition="system" +name="com.android.vndk.current.on_vendor.apex" public_key="packages/modules/vndk/apex/com.android.vndk.current.pubkey" private_key="packages/modules/vndk/apex/com.android.vndk.current.pem" container_certificate="packages/modules/vndk/apex/com.android.vndk.current.x509.pem" container_private_key="packages/modules/vndk/apex/com.android.vndk.current.pk8" partition="vendor" +name="com.android.vndk.v27.apex" public_key="not_selected" private_key="not_selected" container_certificate="not_selected" container_private_key="not_selected" partition="system_ext" +name="com.android.vndk.v28.apex" public_key="not_selected" private_key="not_selected" container_certificate="not_selected" container_private_key="not_selected" partition="system_ext" +name="com.android.vndk.v29.apex" public_key="not_selected" private_key="not_selected" container_certificate="not_selected" container_private_key="not_selected" partition="system_ext" diff --git a/tools/releasetools/testdata/apkcerts_framework.txt b/tools/releasetools/testdata/apkcerts_framework.txt new file mode 100644 index 0000000000..a75f55c495 --- /dev/null +++ b/tools/releasetools/testdata/apkcerts_framework.txt @@ -0,0 +1,6 @@ +name="TestSystem1.apk" certificate="build/make/target/product/security/testkey.x509.pem" private_key="build/make/target/product/security/testkey.pk8" partition="system" +name="TestSystem2.apk" certificate="build/make/target/product/security/testkey.x509.pem" private_key="build/make/target/product/security/testkey.pk8" partition="system" +name="TestVendor.apk" certificate="not_selected" private_key="not_selected" partition="vendor" +name="TestOdm.apk" certificate="not_selected" private_key="not_selected" partition="odm" +name="TestProduct.apk" certificate="build/make/target/product/security/testkey.x509.pem" private_key="build/make/target/product/security/testkey.pk8" partition="product" +name="TestSystemExt.apk" certificate="build/make/target/product/security/testkey.x509.pem" private_key="build/make/target/product/security/testkey.pk8" partition="system_ext" diff --git a/tools/releasetools/testdata/apkcerts_merge.txt b/tools/releasetools/testdata/apkcerts_merge.txt new file mode 100644 index 0000000000..0425e96b41 --- /dev/null +++ b/tools/releasetools/testdata/apkcerts_merge.txt @@ -0,0 +1,6 @@ +name="TestOdm.apk" certificate="build/make/target/product/security/testkey.x509.pem" private_key="build/make/target/product/security/testkey.pk8" partition="odm" +name="TestProduct.apk" certificate="build/make/target/product/security/testkey.x509.pem" private_key="build/make/target/product/security/testkey.pk8" partition="product" +name="TestSystem1.apk" certificate="build/make/target/product/security/testkey.x509.pem" private_key="build/make/target/product/security/testkey.pk8" partition="system" +name="TestSystem2.apk" certificate="build/make/target/product/security/testkey.x509.pem" private_key="build/make/target/product/security/testkey.pk8" partition="system" +name="TestSystemExt.apk" certificate="build/make/target/product/security/testkey.x509.pem" private_key="build/make/target/product/security/testkey.pk8" partition="system_ext" +name="TestVendor.apk" certificate="build/make/target/product/security/testkey.x509.pem" private_key="build/make/target/product/security/testkey.pk8" partition="vendor" diff --git a/tools/releasetools/testdata/apkcerts_vendor.txt b/tools/releasetools/testdata/apkcerts_vendor.txt new file mode 100644 index 0000000000..13d5255e54 --- /dev/null +++ b/tools/releasetools/testdata/apkcerts_vendor.txt @@ -0,0 +1,6 @@ +name="TestSystem1.apk" certificate="not_selected" private_key="not_selected" partition="system" +name="TestSystem2.apk" certificate="not_selected" private_key="not_selected" partition="system" +name="TestVendor.apk" certificate="build/make/target/product/security/testkey.x509.pem" private_key="build/make/target/product/security/testkey.pk8" partition="vendor" +name="TestOdm.apk" certificate="build/make/target/product/security/testkey.x509.pem" private_key="build/make/target/product/security/testkey.pk8" partition="odm" +name="TestProduct.apk" certificate="not_selected" private_key="not_selected" partition="product" +name="TestSystemExt.apk" certificate="not_selected" private_key="not_selected" partition="system_ext" diff --git a/tools/releasetools/testdata/test_aftl_rsa4096.pem b/tools/releasetools/testdata/test_aftl_rsa4096.pem new file mode 100644 index 0000000000..89f1ef3e59 --- /dev/null +++ b/tools/releasetools/testdata/test_aftl_rsa4096.pem @@ -0,0 +1,52 @@ +-----BEGIN PRIVATE KEY----- +MIIJQgIBADANBgkqhkiG9w0BAQEFAASCCSwwggkoAgEAAoICAQDDlhUPUgtWL6LB +Wybp6wsEJeioV1aRLPGSA2/xIpTiJUK46cb/MD5eBTWjKENoIgX23eL/ePy2I68e ++WvcZ5ITGOTRQqNVZIdc5qvr03wkV0BsJQMHSMAHacePpB/4xM5MzN/6Ku1wA8Dw +uK+v/Cw4hqq8H/gP0oPVQ1bwcIePzRPX4YkkyXusoyzTIm5DJ9reVtyFucKqANCN +aFmGxcaEc2nADtARQWJpO95joFsMvr68+JBxpCt8aWbxuSz/rLJ9Y8Z46V/++XG+ +E4QEob/WVY5pUD/RyogLrfhIf+zO7R3wJklXElSFacIX9+RzR9dgkQVbqxLfBKIP +XWLCsF4I4EnvqUtaVjIMl8UpZpoq8pDLRqZ71Os5xZYq06x9E02M6DnvFbZEdaOX +MCz2mmNX3g5FahvJayBhCuNhyTkd79MFR71Wp48TvWxKz3S7q0T0cWHNhtPkHSCa +KwD93AQnqtLKYDGkHIZBzJPcs+QxbzdHyGzhXZb+qh5KmQvNA9HRBQY1RkMmzIbI +8pzYTwpOkbCEhVoCWcRaaF1Pgl+zcpgJOMbBBUabx/dConFIhMDW/I5fHgKgwGqm +tWUibrMPdnfS6W5MXi8jC0eDuZl0VwmdE+4dLujiOofUYnb7D+GXojf3PrSLcTw1 +PmG0f7l5xDKN9a0N+IXqvD2oAANTsQIDAQABAoICAQCW5HXw8OogHvYg2HMIKrbA +B4McRO1baWIhtRcq4PQeGIMGaA2HmS+0l65O5uRCNWWGlJ7pW+0TlCop6mHFk/4F +T8JQk2mxmrI4ARqIAQwYeVwRUuioOP81eO1mK0gjQ6qpY7I0reOq9KpozQN18UYo +gfS82Kkng9EDukUbkKV1UtFJTw3gXLVWdjlB1qFcnCXmPPs7DBpbz+8V+XiAWpsS +WnwumP77IQeMiozDLdaw2YQMBHRjyDVocWTjfmpyAkleJZjcdagC7W1MKIBElomL +EUyigTALaYZWBGy1ekQ3TIY5XUBdtZ2RpAsDNNOCAN3v+VI565zOhCOHWRO1gh24 +vyhBFR0HYqBRoLbLAqo8bM5iLPz1EWGyaTnfxt38J8Va0TD7KihcBnphiA+dkhEF +oc0yIp/8S2o3CfkNok7Ju8Amb7M4JJuKhuP8wxn86fAHpjjd3Y4SlZp0NrTrd7T2 +msLIneb1OUZZxFxyJG1XQGEZplLPalnGadIF4p3q/3nd1rVb491qCNl/A5QwhI9r +ZV62O90M9fu3+cAynBLbMT09IZecNwP1gXmunlY6YH+ymM+3NFqC8q2tnzomiz8/ +Fee0ftZ2C/jK62fET0Y8LPWGkVQGHtvZH0FPg4suA0GMmYAe0tQl93A+jFltfKKZ +RgCDrYs6Wv76E9gnWVnEdQKCAQEA8L76LjZUTKOg83Bra+hP+cXnwGsgwOwJfGBp +OM++5HzlpYjtbD38esBZVJtwb/8xJGdsHtP2n7ZgbSDuAnRj5S50QHIApvRkz1Y+ +1hL8tAdgVP2JkYjpyG3bPk4QVKyXkKvBcp2BCidXs75+HzfOxqkazumaYOYo2guh +azHdka2xSqxcZqo4yyORc/oue25RU4skmuNDOlP0+OTxU/uXnl7QZmlaOfT5TqO4 +s7uER4BXt/87j44mnOBdXmtqrsL49+R9bzVskx76aeuaBbwf7jnpR058E71OZwSd +F1P3fx6hl0yLOZF/5Jnq+14rEna6jH50XtzlhB6deSZFTOw2gwKCAQEAz/qXRzwH +I0YWISgkUG2zBJseHmfHqV4CDzb5+tTJ3B2I8cXE0m2sQJXi2s7oMhWSc1cQOHCX +txpgWaD59uBz2lcwnGRNp27TRXv8Wo+X0+O+lGWU2cO+j8AB2Vtb7F7rCySp0+Uu +z+dBfoQ2zhKEQlkX0YldVILGzCL3QBHVvPC4iDlwkMRbcejDoh9NsBtHL8lG+MAw +ZXbwJjhaJkhTXJFpJpejq70naS8VVlLt8Os80iuBXe5JK/ecAHtsNcJlXO02sMNZ +Fbcy8WosGyvRKQ/tHtTjAlxZ7Ey8usWE8BvWBdUgiIBkIcjLtE2GrA8eOGNb3v1I +HRt8NsV8yaLWuwKCAQAR7SaT6le8nTKO7gARuOq7npDzMwbtVqYeLM+o+08rlGFF +QjzronH6cfg05J4quMXgABN8+CuVGO91MM6IQEJv/lWJtvN1ex1GkxV6u0812JbD +vV1RCPDfi86XhRiSNYfTrfZponDJYMSXDcg2auFqyYzFe3+TV5ATLGqIoN3uyxA4 +jz0SJ/qypaNfD3IGnuBPaD0Bi4ql/TpwjhuqNUHE+SprdczSI/usb2SBfaUL7fKa +MNcuiVc2tz48maMIAFypmMn+TewXyGa9HF4Lr0ZxZr6IIL/8eEwuP5my8v2q6Yz+ +xyRW1Q7A5vUoYoqyhUS+0Wu45JnyjJUNQFxIrg4hAoIBAF1uBIGSvN4iwRQ6FT4w +WahrCre8BVzXh3NQTjJZXylL91YtcwLZE/Wbn+KN6o99U2IPLZE9O1qdNcVt5Hz8 +Te87FfJbuOrLhYuEbFQ+h4U/nUDK9XhyT+wB5JLBUOU5qrtByC0Rmtr411o/iONA +PDwWC/YskEnDygywdIRKvsr3FN7VdvUB0Na2KxRsnZjMWElmUUS0Ccm7CZ0R2aWy +/gfqpuMYYgVnnwnIhfxWmt+MvbDorGAHCMYAoQsyZuUrpB9/zP7RcvanavI6sP+v +ynF43xvnpOdNl3Po8SuyScsXpijOmqPXkaP/sUsZPLOUww2vzPi6raetzjpIs4td +ZLsCggEAe42Zj3FEbruJZeDgmd9lSc0j8UF90mNw8KH44IbuA6R9fGv3WkrNHEVd +XZOwjWqAxhOj6pFoJk8n6h5d8iS/yXFZ0AfBMc21XMecu9mnfx9E9LFAIWmv7Wut +vy3h2BqY+crglpg5RAw+3J97HAGMYCvp+hH2il+9zzjpmCtTD21LRMkw34szY7RR +CDy9G5FTmKVlxw5eegvyj164olQRLurEdUIfSr5UnBjrWftJHy9JW8KWCeFDSmm9 +xCl3nGDyQuZmOTngxPtrOYAhb5LoKR9BeGcy6jlom7V4nYYqm3t1IDBgMqjYGT9c +vqQgxO2OFsQOJQ/4PRYEKd1neTlZrw== +-----END PRIVATE KEY----- diff --git a/tools/releasetools/testdata/test_transparency_key.pub b/tools/releasetools/testdata/test_transparency_key.pub new file mode 100644 index 0000000000..8bfd81619d --- /dev/null +++ b/tools/releasetools/testdata/test_transparency_key.pub @@ -0,0 +1,15 @@ +-----BEGIN PUBLIC KEY----- +MIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEA4ilqCNsenNA013iCdwgD +YPxZ853nbHG9lMBp9boXiwRcqT/8bUKHIL7YX5z7s+QoRYVY3rkMKppRabclXzyx +H59YnPMaU4uv7NqwWzjgaZo7E+vo7IF+KBjV3cJulId5Av0yIYUCsrwd7MpGtWdC +Q3S+7Vd4zwzCKEhcvliNIhnNlp1U3wNkPCxOyCAsMEn6k8O5ar12ke5TvxDv15db +rPDeHh8G2OYWoCkWL+lSN35L2kOJqKqVbLKWrrOd96RCYrrtbPCi580OADJRcUlG +lgcjwmNwmypBWvQMZ6ITj0P0ksHnl1zZz1DE2rXe1goLI1doghb5KxLaezlR8c2C +E3w/uo9KJgNmNgUVzzqZZ6FE0moyIDNOpP7KtZAL0DvEZj6jqLbB0ccPQElrg52m +Dv2/A3nYSr0mYBKeskT4+Bg7PGgoC8p7WyLSxMyzJEDYdtrj9OFx6eZaA23oqTQx +k3Qq5H8RfNBeeSUEeKF7pKH/7gyqZ2bNzBFMA2EBZgBozwRfaeN/HCv3qbaCnwvu +6caacmAsK+RxiYxSL1QsJqyhCWWGxVyenmxdc1KG/u5ypi7OIioztyzR3t2tAzD3 +Nb+2t8lgHBRxbV24yiPlnvPmB1ZYEctXnlRR9Evpl1o9xA9NnybPHKr9rozN39CZ +V/USB8K6ao1y5xPZxa8CZksCAwEAAQ== +-----END PUBLIC KEY----- + diff --git a/tools/zipalign/ZipFile.cpp b/tools/zipalign/ZipFile.cpp index 63fb962767..88505b7508 100644 --- a/tools/zipalign/ZipFile.cpp +++ b/tools/zipalign/ZipFile.cpp @@ -1221,7 +1221,7 @@ class FileReader : public zip_archive::Reader { FileReader(FILE* fp) : Reader(), fp_(fp), current_offset_(0) { } - bool ReadAtOffset(uint8_t* buf, size_t len, uint32_t offset) const { + bool ReadAtOffset(uint8_t* buf, size_t len, off64_t offset) const { // Data is usually requested sequentially, so this helps avoid pointless // fseeks every time we perform a read. There's an impedence mismatch // here because the original API was designed around pread and pwrite. @@ -1244,7 +1244,7 @@ class FileReader : public zip_archive::Reader { private: FILE* fp_; - mutable uint32_t current_offset_; + mutable off64_t current_offset_; }; // free the memory when you're done |