Starting with Android R launched devices, debugfs cannot be mounted in
production builds. In order to avoid accidental debugfs dependencies
from creeping in during development with userdebug/eng builds, this
patch introduces a build flag that can be set by vendors to enforce
additional debugfs restrictions for userdebug/eng builds. The same flag
will be used to enable sepolicy neverallow statements to prevent new
permissions added for debugfs access.
Bug: 184381659
Test: make with/without PRODUCT_SET_DEBUGFS_RESTRICTIONS
Change-Id: I9aff974da7ddce9bf1a7ec54153b161527b12062
This adds the requisite Make logic to handle Rust vendor modules.
Bug: 184042776
Test: Example cc_library vendor module can depend on rust_ffi_shared.
Test: Example rust_library vendor-only module compiles.
Change-Id: Ib5ef6b403ca7e19a2aac9b77ff08b051425ea019
Same as rust tests with additional parameter.
Test: atest <module with rust_benchmark defined>
Bug: 155309706
Change-Id: Ia734c17bcb0776bbc628ad1e7257a1b38cdb2e4e
Similar to commit Ic887ea93d4c5181eca0f82c3cdf3ce3b72f4c185
for boot-debug.img, we should also only build boot-test-harness.img
if boot.img exists.
Bug: 184365242
Test: tree hugger
Change-Id: Ie0d9e460905d488e418cf4ee1bd44e6e7c58470d
GRF devices must define the API level of which the SoC is first
shipped by setting BOARD_SHIPPING_API_LEVEL. As this is a permanent
value, vendors may not change this value even if they implement new
features under the GRF policy.
BOARD_API_LEVEL can be optionally defined in this case to manually
set the api level of the vendor implementation.
The current api level will be set to `ro.board.api_level` property.
Bug: 176950752
Test: atest --host post_process_props_unittest
Change-Id: Ib126c1a622ded9848650f3f60c0f15005867272d
Usage:
```
BOARD_(VENDOR|VENDOR_RAMDISK)_KERNEL_MODULES_OPTIONS_FILE(_ver) := \
$(wildcard <path of modules.options in source tree>)
```
Then the modules.options would be installed as
(vendor_dlkm|vendor_ramdisk)/lib/modules/(ver/)modules.options.
Also fix bug where the kernel version subdir is missing when generating
modules.blocklists file.
Bug: 182417593
Bug: 184238876
Test: Create a options file with incorrect syntax, verify build fails
Test: Verify the new macro indeed installs the options file
Change-Id: I7ba56e9dd8d73055bc276446c385a8d79080c2a6
Add more checks around BOARD_BOOT_HEADER_VERSION in board_config.mk.
Refactor generation logic of vendor_boot ramdisk fragments.
Consolidate initialization and validation check to its own section.
Adjust some variable names and initialization sequence so the follow-up
change can land more cleanly.
Rename variable name "dir" so that it don't collide with the Makefile
function "$(dir ...)".
Bug: 183395459
Test: Presubmit; Change should be no-op with respect to build artifacts.
Test: Modify BoardConfig of CF and m dist. Verify the vendor_boot.img
with unpack_bootimg.
Change-Id: I8785c40dd9f87f3797a56ada93e65939d27d0e9b
If a build has PRODUCT_OTA_ENFORCE_VINTF_KERNEL_REQUIREMENTS
set (which is set for P+ builds) but no kernel is built,
the original code emits a warning, but it won't be able
to build target files package because it depends on
kernel_configs.txt and kernel_version.txt without any rules.
Properly clear BUILT_KERNEL_CONFIGS_FILE and BUILT_KERNEL_VERSION_FILE
so that it won't be depended on in this case.
Bug: 184128489
Test: TH + forrest
Change-Id: I4b8fbd117f114555cf606e3c3b48eb564dbe786b
Everyone's on libFuzzer now.
(The "fuzz" referred to in base_system.mk was removed in Android 11, but
this reference was left lying around.)
Bug: http://b/184301511
Test: treehugger
Change-Id: I6fe0f2c37e014647802279a656d2c6c9625b7a44
