vbmeta_system does not need to be rebuilt with vendor side
Signed-off-by: jiangxu5 <jiangxu5@xiaomi.com>
Change-Id: Ieb2076055aa3342a6071ec2ed5c976e22f59acd1
We are removing VB support from release tools. This change aims to
remove the args related to replace verity key.
Bug: 242672222
Test: atest under build/make
Change-Id: I446a0b16e482c43542a1c0e41b24e80eb9fbc8e6
Currently, if we want to override all apex/apk key, we must specify all apk/apex names exhaustively. This causes CLI arguments to be very long and sometimes exceeds OS's limit.
Test: run signing test locally on build 8862875 on git_master
Bug: 239991438
Change-Id: Idbd3b7eef9b2a27236f4ca7a27449fcdf0d2dd3f
The intention was to make extra_apex_payload_key take a comma separted
list of keys. Iterating over a string will only iterate over each
characters individually. Must split by "," to iterate over keys.
Test: Run signing test locally using tradefed.sh
Bug: 239991438
Change-Id: I51bfed53a43b1b0fc1e33e0dc3d418a727e6ff15
When running tests, we might need to add many
extra_payload_keys. Currently we have to add --extra_apex_payload_key
for each key pair we pass, resulting in extremely long argument list.
Test: th
Bug: 239991438
Change-Id: I3e5f9d76c7f45822fb986b603dc089407c35b76b
Uniform the split() function
str.split() will return a list split all spaces in str,
while str.split(' ') will return a list might contain ''
which might have potential issues.
Signed-off-by: jiajia tang <tangjiajia@xiaomi.com>
Change-Id: I0961659b140f800bdbe285f63bb4f02b8459ff8b
Signed-off-by: jiajia tang <tangjiajia@xiaomi.com>
add_img_to_target_files.py will re-make image and build a new
signed vbmeta.img with new images in target-file.
We need to add vendor_kernel_boot into AVB signing list and make it
support that image.
Test: make dist -j110 and check vbmeta.img
Bug: 214409109
Signed-off-by: Lucas Wei <lucaswei@google.com>
Change-Id: Id07433f3dc33f95e2edd49de890f1e098cb9ef31
The virt APEX payload public key needs to be embedded in pvmfw so that
is verifies the right set of images. As things are being resigned,
update that embedded key so that it matches the APEX.
Bug: 220018566
Test: sign_target_files_apks
Change-Id: I09be91275ec1d1aa6f921c54a96c5159571ddead
zip -d doesn't work when no entry names specified. So if the list of
entry is empty, just skip calling zip -d.
Bug: 218438888
Test: th
Change-Id: Ie4419b9d6fdc2780255c6f12f9f4d35e5c0a7b26
Equivalent to PRODUCT_EXTRA_RECOVERY_KEYS but for A/B OTA.
Bug: 211848136
Test: set PRODUCT_EXTRA_OTA_KEYS and check otacerts.zip
Change-Id: I81e27d12a22b405f6227b09c01ed684dfcede19e
Currently when running sign_target_files_apks on a no-system-image
target, it will raise the following error:
ValueError: max() arg is an empty sequence
This is because there is no APK files in the target_files.zip.
Fixing this by setting maxsize to zero in this case.
Bug: 213028932
Test: lunch gki_arm64-userdebug; make dist
Test: sign_target_files_apks \
--gki_signing_key=external/avb/test/data/testkey_rsa4096.pem \
--gki_signing_algorithm=SHA256_RSA4096 \
--gki_signing_extra_args="--prop gki:prop1 --prop gki:prop2" \
./out/dist/*-target_files-eng.*.zip signed.zip
Change-Id: I40daecbc2ff3f89d3e635d1a4a1c1dea31ba9a27
This new init_boot.img contains the ramdisk that used to reside in the
boot.img file.
Test: set BOARD_PREBUILT_INIT_BOOT_IMAGE to an external init_boot.img
- Check that "m" pulls in the init_boot.img to
out/target/product/vsoc_x86_64/
- Check that "m dist" adds the init_boot.img to
aosp_cf_x86_64_phone-img-eng.devinmoore.zip
Test: atest --host releasetools_test
Bug: 203698939
Change-Id: If7ef2cf093e5e525529c7c44333c0f40f6ba0764
Test: run sign_target_files_apks with --avb_recovery_key to specify a different key and check with avbtool the key was replaced
Bug: 210126985
Signed-off-by: Ben Fennema <fennema@google.com>
Change-Id: Ic2bb3f6855a49ec065a4c778c429ff076902b95c
When an APEX specifies its custom signing tool (custom_sign_tool:),
apexkeys.txt contains the info and sign_target_files_apks pass the value
to apex_util.
For now the Virt APEX has its own custom signing tool (sign_virt_apex),
which is added to OTATOOLS.
Bug: 193504286
Test: sign_target_files_apks invokes sign_virt_apex
Change-Id: Iba845723fe3e18f542963324b9c58cd00914c5ba
https://android-review.googlesource.com/q/topic:gsi_debug_policy
adds userdebug_plat_sepolicy.cil into the GSI system.img to
reduce the steps of repacking a debug ramdisk.
This CL checks that the file userdebug_plat_sepolicy.cil shouldn't
exist before signing, unless the caller explicitly specifies
--allow_gsi_debug_sepolicy to allow it.
Note: also fixes the indentation around the block.
Bug: 201482141
Test: sign_target_files_apks *-target_files-*.zip signed.zip
Change-Id: I56ed328a9ae70cf49dbd3c6efb5a4a8c54e1b7a7
1. Fix build break when rebuilding vendor images in
sign_target_files_apks, because of missing SYSTEM/build.prop:
File ".../add_img_to_target_files.py", line 999, in <module>
File ".../add_img_to_target_files.py", line 993, in main
File ".../add_img_to_target_files.py", line 854, in AddImagesToTargetFiles
File ".../add_img_to_target_files.py", line 229, in AddVendor
File ".../add_img_to_target_files.py", line 391, in CreateImage
File "add_img_to_target_files/common.py", line 394, in __init__
self._fingerprint = self.CalculateFingerprint()
File "add_img_to_target_files/common.py", line 537, in CalculateFingerprint
self.GetBuildProp("ro.build.version.release"),
File "add_img_to_target_files/common.py", line 457, in GetBuildProp
raise ExternalError("couldn't find %s in build.prop" % (prop,))
ExternalError: couldn't find ro.build.version.release in build.prop
2. Support more scenarios (non-AB, RADIO...)
Bug: 192422274
Change-Id: I792b0a2c2354ed9312730e322ce28df49b3c2f7f
