Previously the key mapping in releasetool/sign_target_files_apks.py
is missing the aforementioned keys that introduced in Android 13, so
it's writing corrupted signatures in plat_mac_permissions.xml.
Test: make target-files-package otatools
sign_target_files_apks -o -d <CERT_ROOT> ...
Change-Id: If42907cffbd500281876f8f822cbb645583d06ed
Signed-off-by: RITEFANG <1721985272@qq.com>
This is a squash of the following commits:
Author: Chris Soyars <ctso@ctso.me>
Date: Thu Dec 23 00:44:33 2010 +0100
Add otapackage support for backuptool
Change-Id: I512554c579d444067cd3ccbb0e6946a5eb6bc964a
Modular backuptool.sh. Executes backup and restore methods defined in arbitrary /system/addon.d/*.sh scripts.
* Copy backuptool.functions alongside backuptool.sh.
* Delete both from /system/bin as they are not useful there.
Patch Series
============
http://review.cyanogenmod.com/#change,13265
CyanogenMod/android_build
* edify generator
http://review.cyanogenmod.com/#change,13266
CyanogenMod/android_system_core
* permissions on /system/addon.d
http://review.cyanogenmod.com/#change,13267
CyanogenMod/android_vendor_cm
* 50-cm.sh reference backup script
* modular backuptool.sh
* support backuptool.functions used by /system/addon.d/*.sh scripts
Change-Id: I26b4907d28f49c69627699d2accd2f0fa2d1b112
update ota_from_target_files to handle mounting/unmounting for backupscript
backupscript should not be mounting/unmounting itself as it makes other
scripts have unexpected results (such as modelid_cfg, which expects /system
to be mounted)
instead have the ota script handle the mounting/unmounting
Change-Id: I94511f4147c624d975cb3ecbeaa8b0e98f63437c
build: Don't run backuptool on GMS builds
Change-Id: I5dde27f9d16b88049171db9805221d92e67f3e5d
Author: Tom Marshall <tdm@cyngn.com>
Date: Wed Apr 9 16:14:07 2014 -0700
build: edify: use set_metadata for backuptool
Also use saner permissions on backuptool.sh
Change-Id: I50742b51867aa358f5924b8dc208833092a35bd9
Author: Ricardo Cerqueira <ricardo@cyngn.com>
Date: Wed Nov 5 18:16:43 2014 +0000
ota: Include copies of the recovery scripts even if shipping in block mode
Author: Ricardo Cerqueira <ricardo@cyngn.com>
Date: Wed Nov 5 19:58:59 2014 +0000
ota: Fix recovery-script cleanups in block mode
Change-Id: Iadb480f8062cfb7a0e6c9024e32ac0d71a7481d7
Author: Arian <arian.kulmer@web.de>
Date: Wed Jun 17 12:35:16 2020 +0200
build: Disable backuptool on user instead of GMS builds
* Backuptool is not exclusively used for GApps but
also used by other things (i.e. Magisk), hence
it shouldn't be disabled on all GMS builds.
Change-Id: Ia95c6fed21d7bed5e2e0610aa94264edc1d02c80
Author: Davide Garberi <dade.garberi@gmail.com>
Date: Tue Sep 24 18:45:17 2019 +0200
releasetools: Move system mount handling to backuptool
* This allows the ROM to be flashed on any recovery, whether it mounts
system to /system, /system_root or /mnt/system like Q recovery
* Remove any type of system mount with static paths from updater-script
to figure out the path dinamically through backuptool
Change-Id: I7b33726305cb6f3eec146d26135f0081002a25dc
Author: Jesse Chan <jc@lineageos.org>
Date: Fri Jun 12 21:53:18 2020 +0800
releasetools: support dynamic partitions for backuptool
Change-Id: I4a04e52f64e307a9852d786aabf17975a020b4b8
Signed-off-by: Jesse Chan <jc@lineageos.org>
Author: Jesse Chan <jc@lineageos.org>
Date: Tue Jul 7 23:50:10 2020 +0800
backuptool: do not unmap dynamic partition after finished
Keep partitions mapped so users can install addons.
Change-Id: Ic70621986bf136775e686dc8cc690ce076485907
Signed-off-by: Jesse Chan <jc@lineageos.org>
Author: Alessandro Astone <ales.astone@gmail.com>
Date: Mon Apr 12 18:40:10 2021 +0200
backuptool: Map extra dynamic partitions for Addon.d V3
Change-Id: Ia8fa1963c722c5aa2987b947e4e919e19909a9a8
Change-Id: I2401d334d8e16d18d3770b339ec2c787dd8e477c
* Anything in OUT/install gets packaged up into the zip and extracted
to /tmp/install immediately after FullOTA_InstallBegin.
* Use /tmp/install in edify scripts and remove code related to using
and manipulating /system for install tools.
* Modified to support signing steps being split from build steps.
Package install files into target-files INSTALL path
Read from target-files for OTA package creation
From Change-Id: I64f919c2a757b5474f6cc5f82bd6c33c2a8b558a
* This also fully reverts commit 6a324ba and partially reverts
commit f388104 as the functions are still needed here.
From Change-Ids: I4911244ec9945d197d2b56d0d11eab6d2f7b6d3e
I4943e2e89ee5c810a63746c570dc5e31e95b8c53
Squashed with the following:
Author: LuK1337 <priv.luk@gmail.com>
Date: Wed Feb 19 02:14:59 2020 +0100
releasetools: Use 0oXXX instead of 0XXX for octal
* Fixes py3 syntax error.
Change-Id: Ia9ca6e392f43694ddf4c952b07bf159e8dead36e
Author: LuK1337 <priv.luk@gmail.com>
Date: Fri Nov 13 15:27:24 2020 +0100
Add $(PRODUCT_OUT)/install to INTERNAL_RECOVERYIMAGE_FILES
* Fixes $(PRODUCT_OUT)/install not being included on targets
not providing their own /vendor || /system/vendor.
Change-Id: I15b8305bb7efacfcf3018708bf7ff8b8500744fb
Change-Id: I315a3238e36c8d15e26f935e272f7e27dd59c320
This happens when the fingerprint property is blacklisted for the
purposes of unified device builds.
Change-Id: I9f8a5041248c3f73fce7a16da73cb8f68c06c8e2
Add support for optional device tree image (dt.img)
to boot and recovery images. Some devices use kernel device
tree and this adds the device tree image as a section within
the boot/recovery images.
Change-Id: I91431ef2f4b86485895678916e39a8572be878eb
Build: add DT image variable to Makefile
DT image variable is currently present in
generate_extra_images.mk.This file is moved to
build/tasks to support persist image generation
during parallel make. As build/tasks is called
at the end of Makefile, DT image variable is not
available for other images generation like boot and
recovery. Adding this variable in Makefile ensures
the variable is defined before usage
Change-Id: I21f675d8ce648dc1cf1f4f3aede33278300e08c9
CRs-fixed: 548299
Fix case where boot/recovery.img were being built with wrong params.
The boot and recovery images now get built using the same params during ota package
generation as during a normal build.
Change-Id: I93d46e11a4245288f0e87c87a2e4bf45ac5aff69
Fix the extra dt.img compilation issue.
Add support for optional device tree image (dt.img)
for device that doesnt have TARGET_BOOTIMAGE_USE_EXT2
Change-Id: I6e07b3ca6d049a8ebdad7ea304b4f39e7c846151
releasetools: Store and use the dt image file through target files
Target files packages may be used for signing images separate from the
build process. Store the device tree image file in the target files
package so it can be used during the signing process.
Change-Id: Ie8507121fa9c4ba57ecffeab05bd859ae5f5b788
key passphrases may live in some sort of secure storage, support running
an arbitrary command to retrieve them.
Change-Id: I49862cf60f1b73a2356e0c492e1038beef28a95f
(cherry picked from commit 9caf8603575aecf51761feaeac6db619be76cfd3)
* Before this commit, the generated `dynamic_partitions_op_list` in
FullOTA packages always tries to remove all partitions and recreate
them upon flashing. This makes it impossible to have a system-only
"FullOTA" because vendor partition(s) are always removed.
* This commit detects if a build is vendor-less and disables every
dynamic partition operation except `resize`, in order to keep the
original content around after the flash. The change should not affect
non-dynamic-partition or builds with vendor image included.
Change-Id: I0cded7f3b2958f35103d73d19b7fb5f292f6c17f
Signed-off-by: Jesse Chan <jc@lineageos.org>
This allows us to skip custom inode count calculation by setting
BOARD_*IMAGE_EXTFS_INODE_COUNT to -1, this will end up letting
mke2fs calculate appropriate inode count on its own.
While build_image only allocates exact number of needed inodes
plus 4% spare with .2% margin, mke2fs will allocate as many
inodes as it thinks is appropriate given the filesystem size.
Change-Id: If03d5edae8378be3b305346176067b01163f6f3d
There may be multiple entries in fstab for a mount point. Use the first
value found so the entries are prioritized in order.
Change-Id: Ibd2631413d3e00507d3a0ec84fb91755f1c7993c
Ticket: OPO-326
* If a bootloader assert is not satisfied, print the
versions that are supported by the package as well as the version
on the device.
Change-Id: I958d49281c51bd4e60d596a727bb94cfc4a21909
Squashed with the following commits:
Author: Scott Mertz <scott@cyngn.com>
Date: Thu Feb 26 10:51:44 2015 -0800
Enable ADB by default when ro.adb.secure is not 1
* Property ro.build.type is not part of the default.prop we can't
use this to decide how to apply adb by default within this function
Change-Id: Ib3eb24c655353966d64c7148d7530244b628ce94
Author: LibXZR <i@xzr.moe>
Date: Sat Apr 30 16:29:35 2022 +0800
tools: Let adb secure check depend on "==0" rather than "!=1"
We are using PRODUCT_SYSTEM_DEFAULT_PROPERTIES to set
`ro.adb.secure` property. But unfortunately this flag only
affect system partition, which means in other partitions
e.g. vendor and system_ext `ro.adb.secure` stays empty.
Thus `persist.sys.usb.config=adb` is unconditionally set
in partitions other than system, which lead to adb enabled
by default even on user build.
Change-Id: I1f8b463b3ec645309369f36014bed556e75ed210
Signed-off-by: LibXZR <i@xzr.moe>
Change-Id: I33ae5c6f2787017a62e679aa0c28d4b909d45935
The file was missed when moving recovery resources, but the assertion
path was changed, as a result non-Treble devices failed to build.
Fixes: Ia4045bd67ffb3d899efa8d20dab4c4299b87ee5f
Change-Id: Ib7822a9bd5b1a2ab7e762e9fb35dbb22291a3a76
Set in board file with TARGET_OTA_ASSERT_DEVICE.
(cherry-picked from commit 0f452f21fc9323b9d1fe746161761cf40aaa5030)
Change-Id: I3d06bdc0e3e26bde0c0e646accd050364f9713b9
ota_from_target_files: Remove device dependent arguments
These device-specific arguments are defined at build time and are
necessary to generate the zip correctly. Don't use command line
arguments to specify them, but write all the needed information
in misc_info.txt when the target-files zip is generated.
ota_from_target_files will then read misc_info.txt and set
everything automatically.
Change-Id: Ibdbca575b76eb07b53fccfcea52a351c7e333f91
Signed-off-by: André Pinela <sheffzor@gmail.com>
This cl ensures at most 1 instance of edit monitor running from the
same binary by killing any existing instance before starting.
Specifically, When an edit monitor process starts, it will write a pidfile containing its pid and if such pidfile already exists (which means there's another instance there), it will read the pid contained in that pidfile and kill the corresponding process first.
Test: atst daemon_manager_test
bug: 365617369
Change-Id: I76954344df649aa79a6ef07ce55a62985decdb53
Bug: 330949782
Test: m sbom, no diffs in generated SBOM before/after the change
Test: build/soong/tests/sbom_test.sh
Test: CIs
Change-Id: I3cf944f744a1a5d359fd925621d1597b9681da9b
This reverts commit 769d8eed37.
Reason for revert: Caused crashed in places where old version files were present.
Change-Id: I7d529773226cd834979400aa018c47bbf6891b72
Creates a class that will manager and monitor the actual edit watchdog
that run as a subprocess. As a first step, the class supports:
1) A start method that creates a pidfile and starts a subprocess with given target/args.
2) A stop method that terminates the created subprocess and removes the pidfile.
Detailed design in go/android-local-edit-monitor.
Test: atest daemon_manager_test
bug: 365617369
Change-Id: Ic6d7be67d284ade8033416235b9b0fb1e90e1b1a
Revert submission 3273112-soong-notice-xml
Reason for revert: Droidmonitor created revert due to b/368348129.
Reverted changes: /q/submissionid:3273112-soong-notice-xml
Change-Id: I55e1e93aa6d4b311c6ee461d4216a104909af842