diff options
| -rw-r--r-- | apex/apex.go | 38 | ||||
| -rw-r--r-- | apex/apex_test.go | 42 | ||||
| -rw-r--r-- | apex/key.go | 24 |
3 files changed, 19 insertions, 85 deletions
diff --git a/apex/apex.go b/apex/apex.go index e07fae061..ce1ed46b4 100644 --- a/apex/apex.go +++ b/apex/apex.go @@ -396,9 +396,8 @@ type apexBundle struct { outputFiles map[apexPackaging]android.WritablePath installDir android.OutputPath - public_key_file android.Path - private_key_file android.Path - bundle_public_key bool + public_key_file android.Path + private_key_file android.Path container_certificate_file android.Path container_private_key_file android.Path @@ -746,10 +745,6 @@ func (a *apexBundle) GenerateAndroidBuildActions(ctx android.ModuleContext) { if key, ok := child.(*apexKey); ok { a.private_key_file = key.private_key_file a.public_key_file = key.public_key_file - // If the key is not installed, bundled it with the APEX. - // Note: this bundled key is valid only for non-production builds - // (eng/userdebug). - a.bundle_public_key = !key.installable() && ctx.Config().Debuggable() return false } else { ctx.PropertyErrorf("key", "%q is not an apex_key module", depName) @@ -968,11 +963,8 @@ func (a *apexBundle) buildUnflattenedApex(ctx android.ModuleContext, apexType ap optFlags := []string{} // Additional implicit inputs. - implicitInputs = append(implicitInputs, cannedFsConfig, fileContexts, a.private_key_file) - if a.bundle_public_key { - implicitInputs = append(implicitInputs, a.public_key_file) - optFlags = append(optFlags, "--pubkey "+a.public_key_file.String()) - } + implicitInputs = append(implicitInputs, cannedFsConfig, fileContexts, a.private_key_file, a.public_key_file) + optFlags = append(optFlags, "--pubkey "+a.public_key_file.String()) manifestPackageName, overridden := ctx.DeviceConfig().OverrideManifestPackageNameFor(ctx.ModuleName()) if overridden { @@ -1057,7 +1049,7 @@ func (a *apexBundle) buildUnflattenedApex(ctx android.ModuleContext, apexType ap func (a *apexBundle) buildFlattenedApex(ctx android.ModuleContext) { if a.installable() { - // For flattened APEX, do nothing but make sure that apex_manifest.json file is also copied along + // For flattened APEX, do nothing but make sure that apex_manifest.json and apex_pubkey are also copied along // with other ordinary files. manifest := android.PathForModuleSrc(ctx, proptools.StringDefault(a.properties.Manifest, "apex_manifest.json")) @@ -1070,6 +1062,15 @@ func (a *apexBundle) buildFlattenedApex(ctx android.ModuleContext) { }) a.filesInfo = append(a.filesInfo, apexFile{copiedManifest, ctx.ModuleName() + ".apex_manifest.json", ".", etc, nil, nil}) + // rename to apex_pubkey + copiedPubkey := android.PathForModuleOut(ctx, "apex_pubkey") + ctx.Build(pctx, android.BuildParams{ + Rule: android.Cp, + Input: a.public_key_file, + Output: copiedPubkey, + }) + a.filesInfo = append(a.filesInfo, apexFile{copiedPubkey, ctx.ModuleName() + ".apex_pubkey", ".", etc, nil, nil}) + if ctx.Config().FlattenApex() { for _, fi := range a.filesInfo { dir := filepath.Join("apex", ctx.ModuleName(), fi.installDir) @@ -1215,7 +1216,6 @@ func (a *apexBundle) androidMkForType(apexType apexPackaging) android.AndroidMkD fmt.Fprintln(w, "LOCAL_MODULE_PATH :=", filepath.Join("$(OUT_DIR)", a.installDir.RelPathString())) fmt.Fprintln(w, "LOCAL_MODULE_STEM :=", name+apexType.suffix()) fmt.Fprintln(w, "LOCAL_UNINSTALLABLE_MODULE :=", !a.installable()) - fmt.Fprintln(w, "LOCAL_REQUIRED_MODULES :=", String(a.properties.Key)) if a.installable() && a.mergedNoticeFile != nil { fmt.Fprintln(w, "LOCAL_NOTICE_FILE :=", a.mergedNoticeFile.String()) } @@ -1317,18 +1317,9 @@ type PrebuiltProperties struct { Src *string } } - - // the name of the apex_key module that contains the matching public key to be installed. - Key *string } func (p *Prebuilt) DepsMutator(ctx android.BottomUpMutatorContext) { - if String(p.properties.Key) == "" { - ctx.ModuleErrorf("key is missing") - return - } - ctx.AddDependency(ctx.Module(), keyTag, *p.properties.Key) - // This is called before prebuilt_select and prebuilt_postdeps mutators // The mutators requires that src to be set correctly for each arch so that // arch variants are disabled when src is not provided for the arch. @@ -1380,7 +1371,6 @@ func (p *Prebuilt) AndroidMk() android.AndroidMkData { func(w io.Writer, outputFile android.Path) { fmt.Fprintln(w, "LOCAL_MODULE_PATH :=", filepath.Join("$(OUT_DIR)", p.installDir.RelPathString())) fmt.Fprintln(w, "LOCAL_MODULE_STEM :=", p.BaseModuleName()+imageApexSuffix) - fmt.Fprintln(w, "LOCAL_REQUIRED_MODULES :=", String(p.properties.Key)) }, }, } diff --git a/apex/apex_test.go b/apex/apex_test.go index 1e8d5b44d..6d101d8a7 100644 --- a/apex/apex_test.go +++ b/apex/apex_test.go @@ -15,8 +15,6 @@ package apex import ( - "bufio" - "bytes" "io/ioutil" "os" "strings" @@ -299,6 +297,10 @@ func TestBasicApex(t *testing.T) { `) apexRule := ctx.ModuleForTests("myapex", "android_common_myapex").Rule("apexRule") + + optFlags := apexRule.Args["opt_flags"] + ensureContains(t, optFlags, "--pubkey vendor/foo/devkeys/testkey.avbpubkey") + copyCmds := apexRule.Args["copy_commands"] // Ensure that main rule creates an output @@ -1197,14 +1199,6 @@ func TestApexInProductPartition(t *testing.T) { if actual != expected { t.Errorf("wrong install path. expected %q. actual %q", expected, actual) } - - apex_key := ctx.ModuleForTests("myapex.key", "android_common").Module().(*apexKey) - expected = "target/product/test_device/product/etc/security/apex" - actual = apex_key.installDir.RelPathString() - if actual != expected { - t.Errorf("wrong install path. expected %q. actual %q", expected, actual) - } - } func TestApexKeyFromOtherModule(t *testing.T) { @@ -1252,14 +1246,6 @@ func TestPrebuilt(t *testing.T) { src: "myapex-arm.apex", }, }, - key: "myapex.key" - } - - apex_key { - name: "myapex.key", - public_key: "testkey.avbpubkey", - private_key: "testkey.pem", - product_specific: true, } `) @@ -1269,24 +1255,4 @@ func TestPrebuilt(t *testing.T) { if prebuilt.inputApex.String() != expectedInput { t.Errorf("inputApex invalid. expected: %q, actual: %q", expectedInput, prebuilt.inputApex.String()) } - - // Check if the key module is added as a required module. - buf := &bytes.Buffer{} - prebuilt.AndroidMk().Extra[0](buf, nil) - found := false - scanner := bufio.NewScanner(bytes.NewReader(buf.Bytes())) - expected := "myapex.key" - for scanner.Scan() { - line := scanner.Text() - tok := strings.Split(line, " := ") - if tok[0] == "LOCAL_REQUIRED_MODULES" { - found = true - if tok[1] != "myapex.key" { - t.Errorf("Unexpected LOCAL_REQUIRED_MODULES '%s', expected '%s'", tok[1], expected) - } - } - } - if !found { - t.Errorf("Couldn't find a LOCAL_REQUIRED_MODULES entry") - } } diff --git a/apex/key.go b/apex/key.go index fbd29bce7..a627e4bc6 100644 --- a/apex/key.go +++ b/apex/key.go @@ -16,8 +16,6 @@ package apex import ( "fmt" - "io" - "path/filepath" "strings" "android/soong/android" @@ -39,7 +37,6 @@ type apexKey struct { public_key_file android.Path private_key_file android.Path - installDir android.OutputPath keyName string } @@ -64,7 +61,7 @@ func apexKeyFactory() android.Module { } func (m *apexKey) installable() bool { - return m.properties.Installable == nil || proptools.Bool(m.properties.Installable) + return false } func (m *apexKey) GenerateAndroidBuildActions(ctx android.ModuleContext) { @@ -99,25 +96,6 @@ func (m *apexKey) GenerateAndroidBuildActions(ctx android.ModuleContext) { return } m.keyName = pubKeyName - - m.installDir = android.PathForModuleInstall(ctx, "etc/security/apex") - if m.installable() { - ctx.InstallFile(m.installDir, m.keyName, m.public_key_file) - } -} - -func (m *apexKey) AndroidMk() android.AndroidMkData { - return android.AndroidMkData{ - Class: "ETC", - OutputFile: android.OptionalPathForPath(m.public_key_file), - Extra: []android.AndroidMkExtraFunc{ - func(w io.Writer, outputFile android.Path) { - fmt.Fprintln(w, "LOCAL_MODULE_PATH :=", filepath.Join("$(OUT_DIR)", m.installDir.RelPathString())) - fmt.Fprintln(w, "LOCAL_INSTALLED_MODULE_STEM :=", m.keyName) - fmt.Fprintln(w, "LOCAL_UNINSTALLABLE_MODULE :=", !m.installable()) - }, - }, - } } //////////////////////////////////////////////////////////////////////// |