This prop is owned by OEM, OEM can set this if they want to disable
VABC.
Test: m dist, make sure generated OTA has VABC disabled
Bug: 185400304
Change-Id: Iceb2fb1f399d38a51722352a86ddf68af05fa24e
Today, the signing script simply ignores capex files, because it
looks for hardcoded '.apex' suffix. Add support to handle capex
as well.
Bug: 190574334
Test: Sign a target file locally
Change-Id: I3085ca7b0396a4fbf1b220f7de44d4eafb60c3d8
So updaters can streaming download the file, and query the apex info
inside the file.
Bug: 190244686
Test: generate an OTA package, check the streaming property
Change-Id: I17078d3f8d60ca53c6afe82f74b232e2fb242467
We have already logged the compressed apexes in the target-files.
Because we want to support the apex metrics during OTA update, also
include the uncompressed apexes in the META/apex_info.pb.
For incremental OTA packages, include the source apex version for
each apex package as well.
Bug: 190244686
Test: unit test
Change-Id: I5cf2647c56c4feb5517f9a81aa1e9abc52515bf1
When generating a partial OTA, filter care_map.pb to include only the
partial partitions, then generate OTA.
Test: Generate a partial OTA, make sure care map is included.
Change-Id: I0eaa12772eb1d06a57451e64f70689d3183f0115
This option is to reduce system partition size.
Bug: 171942852
Signed-off-by: Jaegeuk Kim <jaegeuk@google.com>
Change-Id: Idc849cfce33ac0badb2b9b7953bb821c46a24472
Devices using GKI architecture will use a prebuilt boot.img.
However, we should still sign this prebuilt boot.img with
device-specific AVB keys.
Steps to test the CL.
1. In a device BoardConfig.mk:
# Uses a prebuilt boot.img
TARGET_NO_KERNEL := true
BOARD_PREBUILT_BOOTIMAGE := device/google/redbull/boot.img
# Enable chained vbmeta for the boot image.
# The following can be absent, where the hash descriptor of the
# 'boot' partition will be stored then signed in vbmeta.img instead.
BOARD_AVB_BOOT_KEY_PATH := external/avb/test/data/testkey_rsa4096.pem
BOARD_AVB_BOOT_ALGORITHM := SHA256_RSA4096
BOARD_AVB_BOOT_ROLLBACK_INDEX := $(PLATFORM_SECURITY_PATCH_TIMESTAMP)
BOARD_AVB_BOOT_ROLLBACK_INDEX_LOCATION := 2
2. `make bootimage`, then `avbtool info_image --image $OUT/boot.img`,
checks the image is re-signed with a device-specific key
3. `make dist` to generate out/dist/TF.zip
4. `unzip out/dist/TF.zip IMAGES/boot.img`
5. `avbtool info_image --image out/dist/IMAGES/boot.img`,
checks the image is re-signed with a device-specific key
6. `sign_target_files_apks \
--avb_boot_key=external/avb/test/data/testkey_rsa8192.pem \
--avb_boot_algorithm=SHA256_RSA8192 \
--avb_boot_extra_args="--prop test:sign" \
./out/dist/*-target_files-eng.*.zip signed.zip`, resign the TF.zip
7. `unzip signed.zip IMAGES/boot.img`, then use `avbtool info_image` to
check the boot.img is re-signed with the --avb_boot_key in step 6.
Bug: 188485657
Test: above steps
Change-Id: I7ee8b3ffe6a86aaca34bbb7a8898a97b3f8bd801
Test: th
Test: Manual OTA test on bramble, pause/resume multiple times
Test: verity enabled, VABC enabled OTA
Test: verity enabled, VABC disabled OTA
Test: verity disabled, VABC enabled OTA
Test: verity disabled, VABC disabled OTA
Change-Id: Ia236984b158761f84f54ab7a6d3d49491c249546
For VAB launched device, factory OTA will write system_other
partition to the super image. So we want to check that
sum(dynamic partitions) + system_other + overhead <= super at
build time.
Since we don't know the overhead at build time, we might instead
check sum(all partitions) < super.
Bug: 185809374
Test: m check-all-partition-sizes, unittests
Change-Id: Ia7ba5999d23924a1927e9a9463856a4d0ea90c20
build_image adds additional parameters (uuid, hash_seed) if
prop_dict["ext_mkuserimg"] is set to "mkuserimg_mke2fs".
The comparison does not take paths into consideration, so passing a
full path to mkuserimg_mke2fs would cause the parameters to not
be included.
This is currently not an issue for aosp builds, but could cause problems
for customized build systems.
Bug: 187742822
Test: Manual, using vendor build system, also executed 'm droid'
Change-Id: I7a8973dd0c4d8a39aea5aafcfe1aa69750fb1449
If the build prop ro.build.id isn't set at build time, init will
set it at runtime. The logic is appending the vbmeta digest to
the ro.build.legacy.id.
Make the same change in ota scripts, so the correct build fingerprint
will be saved in the ota metadata.
Bug: 186786987
Test: generate an OTA, check the metadata
Change-Id: I278f59c41c1f98d4cbea749e5d9e4eaf7a6b9565
Commit I8bd8ad3acf324931b47d45fd30bc590206b1927e adds a default
value of "gki_signing_signature_args" in the misc_info.txt for
release signing to work. However, it's better to replace the default
value entirely (e.g., --prop foo:bar) as there is no need to include
them in the final release-signed image.
Bug: 178559811
Bug: 177862434
Test: atest releasetools_test
Test: atest releasetools_py3_test
Change-Id: I060b5a7076ff3e5d883abeb7d72f3db887c9fd69
Background in http://go/compatible-build-fingerprint. If we want
to append unique vbmeta digest to build id, we cannot setup the
prop value at build time. Instead, set the old value as
ro.build.legacy.id; and let init set ro.build.id at runtime.
Bug: 186786987
Test: build a target file with the flag on
Change-Id: Ie139725bb7e5c65bd3f28f43b9975ba48ee10354
Calculate the vbmeta digest if the device builds vbmeta image. The
digest will used later to determine the build fingerprint in new
format.
One sample usage is the ota package generation, where we put the
build fingerprint in the ota metadata. But we don't have the runtime
vbmeta digest provided the bootloader.
Bug: 186786987
Test: unit tests
Change-Id: If572e2b973e295a6c95a9e23a65bb20b3afbf1b0
Downgrade VABC OTA causes users to wait in recovery for merge to
complete, disable by default.
Test: th
Test: generate downgrade OTA, make sure VABC disabled
Test: generate upgrade OTA with --wipe_user_data, make sure VABC
disabled
Test: generate upgrade OTA, make sure VABC is used
Test: generate downgrade OTA with --vabc_downgrade, make sure VABC is
enabled
Bug: 187215486
Change-Id: Ib7e6165252d47f1ecaac4fc2329b580274c8d70e
* add .pylintrc to use 2 space indentation
* rename single-letter local variables
Test: ./warn.py build.log > warnings.html
Change-Id: I2ca56a6cb130a9d6c73328c5592ad7cde8a974ab
If source supports VABC, delta_generator/update_engine will attempt to
use VABC. This dangerous, as the target build won't have snapuserd to
serve I/O request when device boots. Therefore, disable VABC if source
build doesn't supports it.
Test: downgrade from VABC enabled build to a build w/o VABC
Change-Id: Ie8353e00f65354c2242ee5255b6652c6b62483a4
If dynamic partitioning is enabled and the partition size is not set,
we will get a KeyError before image_size or partition_size is calculated
when we try to catch exception in BuildImageMkfs.
Bug: 186704243
Test: build_image.py can correctly throw exception
Change-Id: I3d8c143ad5603d07fe94afb8bb911ead244f0bf7
Signed-off-by: Huang Jianan <huangjianan@oppo.com>
* Add missing function doc strings.
Suppress this warning on trivial functions in *_warn_patterns.py.
* Remove unused g-importing-memeber, g-complex-comprehension.
* Suppress pylint warning on unrecognized g-* options.
* Suppress too-few-public-methods warnings on simple classes.
* Suppress too-many-arguments and missing-function-docstring in
html_writer.py, which will be refactored later.
* Fix bad naming, long lines and line breaks, and bad quotes.
Test: compare output for build.log
Change-Id: Icdb34f014a10ec1e642c2cfe8003fc3ae245b507
