StrixOS/build
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

AI 144130: Don't build OTA package keys into the recovery binary; read

Browse Source 
them from an external file in the recovery image.  Use the
  test-keys for all builds.

Automated import of CL 144130
This commit is contained in:
Doug Zongker
2009-04-01 15:48:46 -07:00
committed by The Android Open Source Project
parent a401b054a4
commit 17c83cf22c
2 changed files with 32 additions and 51 deletions
Download Patch File Download Diff File Expand all files Collapse all files

52
core/Makefile
View File

@@ -62,9 +62,6 @@ endif
# Apps are always signed with test keys, and may be re-signed in a post-build # Apps are always signed with test keys, and may be re-signed in a post-build
# step. If that happens, the "test-keys" tag will be removed by that step. # step. If that happens, the "test-keys" tag will be removed by that step.
BUILD_VERSION_TAGS += test-keys BUILD_VERSION_TAGS += test-keys
ifndef INCLUDE_TEST_OTA_KEYS
BUILD_VERSION_TAGS += ota-rel-keys
endif
BUILD_VERSION_TAGS := $(subst $(space),$(comma),$(sort $(BUILD_VERSION_TAGS))) BUILD_VERSION_TAGS := $(subst $(space),$(comma),$(sort $(BUILD_VERSION_TAGS)))
# A human-readable string that descibes this build in detail. # A human-readable string that descibes this build in detail.
@@ -639,13 +636,31 @@ ifdef BOARD_KERNEL_CMDLINE
INTERNAL_RECOVERYIMAGE_ARGS += --cmdline "$(BOARD_KERNEL_CMDLINE)" INTERNAL_RECOVERYIMAGE_ARGS += --cmdline "$(BOARD_KERNEL_CMDLINE)"
endif endif
# Keys authorized to sign OTA packages this build will accept. The
# build always uses test-keys for this; release packaging tools will
# substitute other keys for this one.
OTA_PUBLIC_KEYS := $(SRC_TARGET_DIR)/product/security/testkey.x509.pem
# Generate a file containing the keys that will be read by the
# recovery binary.
RECOVERY_INSTALL_OTA_KEYS := \
$(call intermediates-dir-for,PACKAGING,ota_keys)/keys
DUMPKEY_JAR := $(HOST_OUT_JAVA_LIBRARIES)/dumpkey.jar
$(RECOVERY_INSTALL_OTA_KEYS): PRIVATE_OTA_PUBLIC_KEYS := $(OTA_PUBLIC_KEYS)
$(RECOVERY_INSTALL_OTA_KEYS): $(OTA_PUBLIC_KEYS) $(DUMPKEY_JAR)
@echo "DumpPublicKey: $@ <= $(PRIVATE_OTA_PUBLIC_KEYS)"
@rm -rf $@
@mkdir -p $(dir $@)
java -jar $(DUMPKEY_JAR) $(PRIVATE_OTA_PUBLIC_KEYS) > $@
$(INSTALLED_RECOVERYIMAGE_TARGET): $(MKBOOTFS) $(MKBOOTIMG) \ $(INSTALLED_RECOVERYIMAGE_TARGET): $(MKBOOTFS) $(MKBOOTIMG) \
$(INSTALLED_RAMDISK_TARGET) \ $(INSTALLED_RAMDISK_TARGET) \
$(INSTALLED_BOOTIMAGE_TARGET) \ $(INSTALLED_BOOTIMAGE_TARGET) \
$(recovery_binary) \ $(recovery_binary) \
$(recovery_initrc) $(recovery_kernel) \ $(recovery_initrc) $(recovery_kernel) \
$(INSTALLED_2NDBOOTLOADER_TARGET) \ $(INSTALLED_2NDBOOTLOADER_TARGET) \
$(recovery_build_prop) $(recovery_resource_deps) $(recovery_build_prop) $(recovery_resource_deps) \
$(RECOVERY_INSTALL_OTA_KEYS)
@echo ----- Making recovery image ------ @echo ----- Making recovery image ------
rm -rf $(TARGET_RECOVERY_OUT) rm -rf $(TARGET_RECOVERY_OUT)
mkdir -p $(TARGET_RECOVERY_OUT) mkdir -p $(TARGET_RECOVERY_OUT)
@@ -660,6 +675,7 @@ $(INSTALLED_RECOVERYIMAGE_TARGET): $(MKBOOTFS) $(MKBOOTIMG) \
cp -rf $(recovery_resources_common) $(TARGET_RECOVERY_ROOT_OUT)/ cp -rf $(recovery_resources_common) $(TARGET_RECOVERY_ROOT_OUT)/
$(foreach item,$(recovery_resources_private), \ $(foreach item,$(recovery_resources_private), \
cp -rf $(item) $(TARGET_RECOVERY_ROOT_OUT)/) cp -rf $(item) $(TARGET_RECOVERY_ROOT_OUT)/)
cp $(RECOVERY_INSTALL_OTA_KEYS) $(TARGET_RECOVERY_ROOT_OUT)/res/keys
cat $(INSTALLED_DEFAULT_PROP_TARGET) $(recovery_build_prop) \ cat $(INSTALLED_DEFAULT_PROP_TARGET) $(recovery_build_prop) \
> $(TARGET_RECOVERY_ROOT_OUT)/default.prop > $(TARGET_RECOVERY_ROOT_OUT)/default.prop
$(MKBOOTFS) $(TARGET_RECOVERY_ROOT_OUT) | gzip > $(recovery_ramdisk) $(MKBOOTFS) $(TARGET_RECOVERY_ROOT_OUT) | gzip > $(recovery_ramdisk)
@@ -759,16 +775,6 @@ endif
.PHONY: otapackage .PHONY: otapackage
otapackage: $(INTERNAL_OTA_PACKAGE_TARGET) otapackage: $(INTERNAL_OTA_PACKAGE_TARGET)
# Keys authorized to sign OTA packages this build will accept.
ifeq ($(INCLUDE_TEST_OTA_KEYS),true)
OTA_PUBLIC_KEYS := \
$(sort $(SRC_TARGET_DIR)/product/security/testkey.x509.pem $(OTA_PUBLIC_KEYS))
endif
ifeq ($(OTA_PUBLIC_KEYS),)
$(error No OTA_PUBLIC_KEYS defined)
endif
# Build a keystore with the authorized keys in it. # Build a keystore with the authorized keys in it.
# java/android/android/server/checkin/UpdateVerifier.java uses this. # java/android/android/server/checkin/UpdateVerifier.java uses this.
ALL_DEFAULT_INSTALLED_MODULES += $(TARGET_OUT_ETC)/security/otacerts.zip ALL_DEFAULT_INSTALLED_MODULES += $(TARGET_OUT_ETC)/security/otacerts.zip
@@ -784,21 +790,6 @@ $(TARGET_OUT_ETC)/security/otacerts.zip: $(OTA_PUBLIC_KEYS)
# -import -file $$f -alias $(notdir $$f) || exit 1; \ # -import -file $$f -alias $(notdir $$f) || exit 1; \
# done # done
ifdef RECOVERY_INSTALL_OTA_KEYS_INC
# Generate a C-includable file containing the keys.
# RECOVERY_INSTALL_OTA_KEYS_INC is defined by recovery/Android.mk.
# *** THIS IS A TOTAL HACK; EXECUTABLES MUST NOT CHANGE BETWEEN DIFFERENT
# PRODUCTS/BUILD TYPES. ***
# TODO: make recovery read the keys from an external file.
DUMPKEY_JAR := $(HOST_OUT_JAVA_LIBRARIES)/dumpkey.jar
$(RECOVERY_INSTALL_OTA_KEYS_INC): PRIVATE_OTA_PUBLIC_KEYS := $(OTA_PUBLIC_KEYS)
$(RECOVERY_INSTALL_OTA_KEYS_INC): $(OTA_PUBLIC_KEYS) $(DUMPKEY_JAR)
@echo "DumpPublicKey: $@ <= $(PRIVATE_OTA_PUBLIC_KEYS)"
@rm -rf $@
@mkdir -p $(dir $@)
$(hide) java -jar $(DUMPKEY_JAR) $(PRIVATE_OTA_PUBLIC_KEYS) > $@
endif
# ----------------------------------------------------------------- # -----------------------------------------------------------------
# A zip of the directories that map to the target filesystem. # A zip of the directories that map to the target filesystem.
# This zip can be used to create an OTA package or filesystem image # This zip can be used to create an OTA package or filesystem image
@@ -827,7 +818,7 @@ define package_files-copy-root
endef endef
built_ota_tools := \ built_ota_tools := \
$(call intermediates-dir-for,EXECUTABLES,applypatch)/applypatch \ $(call intermediates-dir-for,EXECUTABLES,applypatch)/applypatch \
$(call intermediates-dir-for,EXECUTABLES,check_prereq)/check_prereq $(call intermediates-dir-for,EXECUTABLES,check_prereq)/check_prereq
$(BUILT_TARGET_FILES_PACKAGE): PRIVATE_OTA_TOOLS := $(built_ota_tools) $(BUILT_TARGET_FILES_PACKAGE): PRIVATE_OTA_TOOLS := $(built_ota_tools)
@@ -897,6 +888,7 @@ endif
@# build them. @# build them.
$(hide) mkdir -p $(zip_root)/META $(hide) mkdir -p $(zip_root)/META
$(hide) $(ACP) $(APKCERTS_FILE) $(zip_root)/META/apkcerts.txt $(hide) $(ACP) $(APKCERTS_FILE) $(zip_root)/META/apkcerts.txt
$(hide) echo "$(PRODUCT_OTA_PUBLIC_KEYS)" > $(zip_root)/META/otakeys.txt
@# Zip everything up, preserving symlinks @# Zip everything up, preserving symlinks
$(hide) (cd $(zip_root) && zip -qry ../$(notdir $@) .) $(hide) (cd $(zip_root) && zip -qry ../$(notdir $@) .)

31
core/product_config.mk
View File

@@ -81,11 +81,11 @@ ifdef product_goals
TARGET_BUILD_VARIANT := $(word 2,$(product_goals)) TARGET_BUILD_VARIANT := $(word 2,$(product_goals))
# The build server wants to do make PRODUCT-dream-installclean # The build server wants to do make PRODUCT-dream-installclean
# which really means TARGET_PRODUCT=dream make installclean. # which really means TARGET_PRODUCT=dream make installclean.
ifneq ($(filter-out $(INTERNAL_VALID_VARIANTS),$(TARGET_BUILD_VARIANT)),) ifneq ($(filter-out $(INTERNAL_VALID_VARIANTS),$(TARGET_BUILD_VARIANT)),)
MAKECMDGOALS := $(MAKECMDGOALS) $(TARGET_BUILD_VARIANT) MAKECMDGOALS := $(MAKECMDGOALS) $(TARGET_BUILD_VARIANT)
TARGET_BUILD_VARIANT := eng TARGET_BUILD_VARIANT := eng
default_goal_substitution := default_goal_substitution :=
else else
default_goal_substitution := $(DEFAULT_GOAL) default_goal_substitution := $(DEFAULT_GOAL)
endif endif
@@ -106,7 +106,7 @@ ifdef product_goals
# #
# Note that modifying this will not affect the goals that make will # Note that modifying this will not affect the goals that make will
# attempt to build, but it's important because we inspect this value # attempt to build, but it's important because we inspect this value
# in certain situations (like for "make sdk"). # in certain situations (like for "make sdk").
# #
MAKECMDGOALS := $(patsubst $(goal_name),$(default_goal_substitution),$(MAKECMDGOALS)) MAKECMDGOALS := $(patsubst $(goal_name),$(default_goal_substitution),$(MAKECMDGOALS))
@@ -176,7 +176,7 @@ PRODUCT_BRAND := $(strip $(PRODUCTS.$(INTERNAL_PRODUCT).PRODUCT_BRAND))
PRODUCT_MODEL := $(strip $(PRODUCTS.$(INTERNAL_PRODUCT).PRODUCT_MODEL)) PRODUCT_MODEL := $(strip $(PRODUCTS.$(INTERNAL_PRODUCT).PRODUCT_MODEL))
ifndef PRODUCT_MODEL ifndef PRODUCT_MODEL
PRODUCT_MODEL := $(strip $(PRODUCTS.$(INTERNAL_PRODUCT).PRODUCT_NAME)) PRODUCT_MODEL := $(strip $(PRODUCTS.$(INTERNAL_PRODUCT).PRODUCT_NAME))
endif endif
PRODUCT_MANUFACTURER := \ PRODUCT_MANUFACTURER := \
@@ -219,23 +219,12 @@ ADDITIONAL_BUILD_PROPERTIES := \
$(ADDITIONAL_BUILD_PROPERTIES) \ $(ADDITIONAL_BUILD_PROPERTIES) \
$(PRODUCT_PROPERTY_OVERRIDES) $(PRODUCT_PROPERTY_OVERRIDES)
# Get the list of OTA public keys for the product. # The OTA key(s) specified by the product config, if any. The names
OTA_PUBLIC_KEYS := \ # of these keys are stored in the target-files zip so that post-build
$(sort \ # signing tools can substitute them for the test key embedded by
$(OTA_PUBLIC_KEYS) \ # default.
$(PRODUCTS.$(INTERNAL_PRODUCT).PRODUCT_OTA_PUBLIC_KEYS) \ PRODUCT_OTA_PUBLIC_KEYS := $(sort \
) $(PRODUCTS.$(INTERNAL_PRODUCT).PRODUCT_OTA_PUBLIC_KEYS))
# HACK: Not all products define OTA keys yet, and the -user build
# will fail if no keys are defined.
# TODO: Let a product opt out of needing OTA keys, and stop defaulting to
# the test key as soon as possible.
ifeq (,$(strip $(OTA_PUBLIC_KEYS)))
ifeq (,$(CALLED_FROM_SETUP))
$(warning WARNING: adding test OTA key)
endif
OTA_PUBLIC_KEYS := $(SRC_TARGET_DIR)/product/security/testkey.x509.pem
endif
# --------------------------------------------------------------- # ---------------------------------------------------------------
# Force the simulator to be the simulator, and make BUILD_TYPE # Force the simulator to be the simulator, and make BUILD_TYPE