If a key is specified, the avbtool always use the input key to verify
all the chained images. And this will cause failures when the vbmeta &
system use different keys (e.g. RSA 4096 vs RSA2048). Because the public
key to vbmeta will always fail to verify the system image. Remove the
'--key' parameter in the verification command, so the avbtool will use
the embedded public in the image.
Test: validate target-file from sdk_gphone_x86_64
Bug: 148916990
Change-Id: I9d31be0f8c32af605af94fa73d07818f40f51ec4
The add_soong_config_namespace adds a namespace and
initializes it to be empty. The add_soong_config_var
function adds a pre-existing variable as a Soong
config variable, and the add_soong_config_var_value
function defines a make variable and also adds it as
a soong config variable.
Bug: 144532889
Test: $(OUT)/soong/soong.variables contains variables.
Change-Id: I5cc6a670a089ecd5163f19f7a2fba33f5860c952
Bug: b/148798195
Test: The same change is live in master-build-rbe-testing branch where
its not causing any behavior change, and also it works for
RemoteExecution where RBE_CXX_EXEC_STRATEGY variable is set.
With TARGET_VNDK_USE_CORE_VARIANT := true, some VNDK libraries are not
installed and instead system variants are used at runtime.
When building system only, VNDK_USING_CORE_VARIANT_LIBRARIES are not
installed under /system because there is no dependency to trigger
installing. (By definition, /vendor modules depends on vndk libs)
Bug: 148803529
Test: lunch aosp_cf_x86_go_phone-userdebug
m systemimage # should install vndk libraries of core variant
Change-Id: Ied4347969955491b13dc674f2e8453d76592d1d7
We should add quote when passing the signing arguments to apexer. So
the final argument whould look like
apexer ... --signing_args "--signing_helper_with_files=%path"
And the argument parser in avbtool will eventually parse the
"--signing_helper_with_files" correctly.
Bug: 148627666
Test: unittest pass, run a smoke sign_target_files_apk with signing arguments
Change-Id: Ie203d26a508cb98ca94e6c364a2640b681ad79f2
In the build signing environment, we don't necessary have access to the
physical private key. And we work around it by passing an extra
signing_helper to the avbtool instead of a private key. Since we need
to perform signing to add the hashtree footer when rebuilding the apex
image. We should propogate the signing_helper to apexer and eventually
to avbtool.
Bug: 148627666
Test: unit tests pass. Smoke test by pass a public key to apexer and
hardcode the private key in signing helper script.
Change-Id: I56d57485493a5ba2cbe4c49e493ee9604f68088b
Test: Checked that userspace_reboot.mk is included in device makefiles
Test: build
Bug: 135984674
Change-Id: If910e2a6baf8acaafc8bafdf8193ba7237f66f1a
Merged-In: If910e2a6baf8acaafc8bafdf8193ba7237f66f1a
(cherry picked from commit 0f38beca94)
We should only provide the --assets_dir option when the assets directory
is available in the original apex.
Bug: 148452817
Test: unit tests pass
Change-Id: I44308b80a43ff3f441223f0ecc248991d1d83f31
This was missed when we moved from a single target for checking all
VNDK libraries to using timestamp files for checking individual VNDK
libraries.
Test: Build success.
Change-Id: I3be19f6755b24fff2446449a9dbc84db9a20ea41
Since it's under soong/out/host, we need to explicitly copy it into the
otatools.zip
Bug: 146508800
Test: build and check otatools.zip
Change-Id: I83e201601cf03b6eb01ead912a78f22f750aa4be
Missing LOCAL_CERTIFICATE produces an apkcerts.txt file that
has no key for the APK, which confuses the signing tools.
Enforce that it is set.
Bug: 147765187
Test: m apkcerts-list
Change-Id: I1299505d193deba5956954e5d9b6e4c727456b9c
The invocation of verify-vndk-libs-identical is missing a ',' between
the second and third parameters, in commit
4873e65c8d.
Change-Id: I88d230db4e6fed5939b1fe9d636d440a00773a41
