Some apps are signed with default sdk_sandbox key.
It results in failure of GtsPackageSignatureTest
Bug: 318798881
Test: run gts -m GtsPackageSignatureTest
Change-Id: I676f48eb2844866f4e61af60d78026a87303d15a
This variable is always false or empty now, so clean up remaining
references to the variable.
Bug: 241346584
Test: Presubmit
Change-Id: I5dd3d356729d0bd2639633580bbb85f8b03582cf
We no longer build GKIs from the platform tree.
These build commands were neither used nor maintained anymore, so clean
them up to reduce maintenance effort.
Bug: 229701033
Fix: 229701033
Test: presubmit
Change-Id: Ie882fccd864920289e48366e99a4ebd67e784d0d
Check BOARD_AVB_$(call to-upper,$(partition))_KEY_PATH to decide whether custom_image should sign AVB or not. If key path isn't set, the custom image will be excluded from AVB and copied to /IMAGES in target-files directly. This allows vendor to use custom_images flow packing unsigned image.
And to every non-avb custom partition, one image whose name is partition name must be added in its BOARD_<CUSTOM_PARTITION>_IMAGE_LIST.
BOARD_CUSTOMIMAGES_PARTITION_LIST := tvconfig
BOARD_TVCONFIG_IMAGE_LIST := \
device/xxxx/yyyy/tvconfig.img \
device/xxxx/yyyy/tvconfig_custom1.img
Test:
1) Build image, target-files, OTA package by m and m dist
2) Sign images by sign_target_files_apk.py
Fix: 285227850
Change-Id: I7477dafe023e4b168f0f08fb7aedd9e511a60e1b
default.prop can be linked to prop.default. To rewrite the fingerprints,
the original prop.default should be overwritten.
Bug: 264853953
Test: sign_target_files_apks, check artifacts
Change-Id: I8d22b8391dbfe13e74880ffad0619ef7fc4e20e0
Under some build configuration, there could be build prop stored under
path VENDOR_BOOT/RAMDISK_FRAGMENTS/recovery/RAMDISK/default.prop .
When signing, we must overwrite all build props, or device would display
incorrect build fingerprint.
Bug: 264853953
Change-Id: Id3b176b4ce4efa348ecfb3c9848f72273c5ccca8
In the old days, we hacked values of ZIP64LIMIT to get around size
limitations of non-zip64 supported zip files. Now that we switched to
python3 + zip64, there's no point in keeping those hacks.
Test: th
Bug: 255683436
Change-Id: I913db33dad5503736c68a7a1f1321aa952019f60
vbmeta_system does not need to be rebuilt with vendor side
Signed-off-by: jiangxu5 <jiangxu5@xiaomi.com>
Change-Id: Ieb2076055aa3342a6071ec2ed5c976e22f59acd1
We are removing VB support from release tools. This change aims to
remove the args related to replace verity key.
Bug: 242672222
Test: atest under build/make
Change-Id: I446a0b16e482c43542a1c0e41b24e80eb9fbc8e6
Currently, if we want to override all apex/apk key, we must specify all apk/apex names exhaustively. This causes CLI arguments to be very long and sometimes exceeds OS's limit.
Test: run signing test locally on build 8862875 on git_master
Bug: 239991438
Change-Id: Idbd3b7eef9b2a27236f4ca7a27449fcdf0d2dd3f
The intention was to make extra_apex_payload_key take a comma separted
list of keys. Iterating over a string will only iterate over each
characters individually. Must split by "," to iterate over keys.
Test: Run signing test locally using tradefed.sh
Bug: 239991438
Change-Id: I51bfed53a43b1b0fc1e33e0dc3d418a727e6ff15
When running tests, we might need to add many
extra_payload_keys. Currently we have to add --extra_apex_payload_key
for each key pair we pass, resulting in extremely long argument list.
Test: th
Bug: 239991438
Change-Id: I3e5f9d76c7f45822fb986b603dc089407c35b76b
Uniform the split() function
str.split() will return a list split all spaces in str,
while str.split(' ') will return a list might contain ''
which might have potential issues.
Signed-off-by: jiajia tang <tangjiajia@xiaomi.com>
Change-Id: I0961659b140f800bdbe285f63bb4f02b8459ff8b
Signed-off-by: jiajia tang <tangjiajia@xiaomi.com>
add_img_to_target_files.py will re-make image and build a new
signed vbmeta.img with new images in target-file.
We need to add vendor_kernel_boot into AVB signing list and make it
support that image.
Test: make dist -j110 and check vbmeta.img
Bug: 214409109
Signed-off-by: Lucas Wei <lucaswei@google.com>
Change-Id: Id07433f3dc33f95e2edd49de890f1e098cb9ef31
The virt APEX payload public key needs to be embedded in pvmfw so that
is verifies the right set of images. As things are being resigned,
update that embedded key so that it matches the APEX.
Bug: 220018566
Test: sign_target_files_apks
Change-Id: I09be91275ec1d1aa6f921c54a96c5159571ddead
zip -d doesn't work when no entry names specified. So if the list of
entry is empty, just skip calling zip -d.
Bug: 218438888
Test: th
Change-Id: Ie4419b9d6fdc2780255c6f12f9f4d35e5c0a7b26
