Keep the property for now to keep the ability to toggle on/off the
library we want. If we want to remove this functionality,
we need to cleanup all references to persist.sys.dalvik.vm.lib.2.
Test: build and boot with debug apex
Bug: 214049018
Change-Id: I66c7eb510f5a8b7974391ceafd309fba59a524a1
There are some products whose board configurations
use soong_config_get to read the values of soong config
variables that were set in the product configuration.
These variables were being lost, as dump-variables-rbc
was skipping the soong config variables because mk2rbc
couldn't handle converting the raw SOONG_CONFIG_* variables.
To fix that issue, dump-variables-rbc now dumps them as
calls to soong_config_set instead.
Bug: 201700692
Test: m RBC_BOARD_CONFIG=1 nothing on certain products
Change-Id: I91ca8418635a94cf80362cad1729f48854f6bc98
win_sdk is deprecated, if given on the command line
sdk will be build instead.
Bug: 212724080
Test: Presubmits
Change-Id: Ib3bd51923142b00100b49585ad88bc1292da2463
Right now if PRODUCT_EXPORT_BOOT_IMAGE_TO_DIST is given,
$ m dist bootimage
would copy boot*.img to the dist dir.
After this change, both
$ m dist # droidcore
$ m dist bootimage
would copy boot*.img to the dist dir, the difference is that the latter
builds & copies *only* the boot images.
Bug: 212486689
Test: m dist bootimage
Test: m dist => boot*.img are copied to dist dir
Change-Id: I1c714ce5d75eba93e32078b1ac291a181b05405a
New scheme is to certify kernel & ramdisk image separately, and
effectively decouple kernel & user space ramdisk image.
Under the new scheme, the --os_version and --os_patch_level boot header
field must be empty in order to maintain consistency.
Instead, these values must be in the vbmeta hash descriptor and
GKI certificate.
The new scheme also validates the image metadata, including the security
patch level.
The 'generic_kernel' certificate is associated with the 'boot' partition
and 'generic_ramdisk' certificate with 'init_boot' partition.
The 'generic_ramdisk' certificate may be packed into the 'boot' image if
product configuration doesn't have 'init_boot' image, this is only for
testing purposes and would be removed eventually.
Bug: 210367929
Bug: 211741246
Bug: 203698939
Test: unpack_bootimg --boot_img boot.img
Test: unpack_bootimg --boot_img init_boot.img
Test: avbtool info_image --image out/boot_signature
Change-Id: Iaf48a6e3d4b97fa6bfb5e1635a288b045baa248f
This file will be used by OTA generator to compress generated patches.
We need the host copy of LZ4 to ensure that compressed bytes matches
what the device would get if the compression were to be done on device.
For more details see go/lz4diff
Bug: 206729162
Test: m dist
Change-Id: I9c4ab772b001bf47da75cb87b028a1f27e2321a8
sign_target_files_apks demands it.
Bug: 213823227
Test: run com.google.android.tradefed.ota.SigningToolTest#Testcase1_Signingtest
Change-Id: I1bba2b25a71449a57d284024e77fb76d1b79a0ee
Else the branch condition would always evaluate to true, making the
other branch useless and wrong!
Bug: 211741246
Test: m dist
Change-Id: I4791712632cbe0d5a9e20962c8425dd20bbe0bfd
For system/framework, it now also includes *.jar.prof (needed by
odrefresh), *.vdex and <arch>/*.{odex,art} (for future-proof).
system/etc/classpaths/*.pb are also added so that we can run
derive_classpath to collect from.
system/etc/updatable-bcp-packages.txt is removed because it's no longer
used by ART.
Bug: 206869687
Test: see new files in `unzip -p $OUT/system/etc/security/fsverity/ \
BuildManifest.apk assets/build_manifest.pb`
Change-Id: Id759f5caec8ba683af8629956b9268a4fbd74186
This variable can be set instead of TARGET_RECOVERY_FSTAB
in order to specify a generated fstab file.
Bug: 201700692
Test: Presubmits
Change-Id: If0fae81ec53915e9ed4bab2e8b1a9f8376894537
Otheriwse, the build complains about missing files when
PRODUCT_SYSTEM_FSVERITY_GENERATE_METADATA is enabled (aosp/1937717).
Bug: 206326351
Test: clobber, set PRODUCT_SYSTEM_FSVERITY_GENERATE_METADATA := true, build
Change-Id: I11d18914d63cab0b84ae711f2334747cb26ca234
build_image.py has been handling fsverity metadata generation in the
packing step, but it can cause issues because the metadata files are
missing in the $OUT directory, and they only exist in result system.img.
This change moves the generation logic into Makefile, and makes the
metadata tracked by ninja graph.
Bug: 206326351
Test: PRODUCT_SYSTEM_FSVERITY_GENERATE_METADATA := true and build
Change-Id: I1f910d8ac6e2cc3c54f35916871733c632f18e44
releasetools preconditions requires build metadata defined in
SYSTEM/build.prop even when building a system.img-less product.
Copy the SYSTEM/build.prop into the build artifact archive whenever
possible to make add_img_to_target_files happy.
Bug: 212486689
Bug: 213028932
Test: Dist build a system.img-less product. Product properties are
read from SYSTEM/build.prop and no build error occurred.
Change-Id: I2ce7f8b8ae981eaf06e2d8d2485b55b4e975caa9
Previously a manifest file would be generated for static_java_library.mk
and package_internal.mk. For pacakge_internal.mk, this would cause
cryptic errors like b/188612215#2
With this CL, a manifest file would only be generated for java_library
with need_compile_res == true. The advantages are
1. No redundant generation for java_library with need_compile_res == false
(i.e. modules that do not require aapt2)
2. Force devs to provide manifest for android_app, and not silently
generating one for them
Bug: 188652897
Test: TH
Test: m nothing in tv-dev, car-dev
Change-Id: I69a23e373f1b4ac1569ae5b1d36067bfc0dadc05
I56ed328a9ae70cf49dbd3c6efb5a4a8c54e1b7a7 added a validation check to
otatools to check the target_files archive for the existence of
userdebug_plat_sepolicy.cil. That check superseded the original
PRODUCT_INSTALL_DEBUG_POLICY_TO_SYSTEM_EXT product_config.mk check and
is more robust because it can handle not only phone GSI but also car/tv
GSI (downstream of phone GSI).
Modify the check to show a scary wall of text if non-compliance-GSI
products tried to set PRODUCT_INSTALL_DEBUG_POLICY_TO_SYSTEM_EXT,
instead of erroring out immediately.
Also add gsi_car_arm64 & gsi_car_x86_64 to the list of eligible GSI
product names.
After this change, any product can set
PRODUCT_INSTALL_DEBUG_POLICY_TO_SYSTEM_EXT for development purposes, but
only GSI products that specifies `--allow_gsi_debug_sepolicy` during
image signing can release sign a product built with
PRODUCT_INSTALL_DEBUG_POLICY_TO_SYSTEM_EXT.
Bug: 188067818
Test: Presubmit
Test: lunch gsi_arm64-userdebug && m nothing # => no warning
Change-Id: I34ef49af29c7064bea8924b0070793f1e78256bf
Equivalent to PRODUCT_EXTRA_RECOVERY_KEYS but for A/B OTA.
Bug: 211848136
Test: set PRODUCT_EXTRA_OTA_KEYS and check otacerts.zip
Change-Id: I81e27d12a22b405f6227b09c01ed684dfcede19e
These options are for certifying official GKI release, so they should
never be added to build command of recovery.img and boot-debug.img.
Also define gki_signing_signature_args in misc_info.txt iff.
BOARD_GKI_SIGNING_KEY_PATH is defined, so there's one less conditional.
We need to define it even if BOARD_GKI_SIGNING_SIGNATURE_ARGS is empty,
so that sign_target_files_apks.py can modify the option during image
signing.
Bug: 210367929
Test: Presubmit
Change-Id: I9546fcda796586d97af244955e15c1b8dc9f6d92
Add the list of targets that are handled as data inputs and
required by tests at runtime.
Bug: 205726862
Test: m out/target/product/vsoc_x86_64/module-info.json
Change-Id: Id1468ebaf8f72cf37787f3cc514a29724c115db5
Some targets, e.g., the newly added `gki_arm64`:
https://r.android.com/1935340, have no system.img.
To avoid the build error when making the vbmeta.img on a no-system-image
target, only sets system.img's AVB settings when it exists,.
Bug: 212486689
Test: `lunch gki_arm64-userdebug; make` with BOARD_AVB_ENABLE := true
Change-Id: I5e3c531e74116e421506a86ffce83848e7a9d6ea
