Modify the abort() function in the OTA update generation script to
report an error code. The recoveryimage will parse the code and write it
into last_install for further data analysis.
Bug: 28934032
Change-Id: I2d62f81fd352c3102fb84f054972ac0ecb965a21
commit f54216f292 packed the base_fs files
into target_files.zip and added assertion to ensure the existence of the
files. We don't want to fail the OTA generation for the target_files.zip
without the base_fs files. Change the assertion into warnings instead.
Bug: 28547368
Change-Id: I6fd758a0a4fdfff02d1640fa46cf43d971627e26
Pack the base_fs files ({system,vendor}.map) into target_files.zip,
which would be needed when rebuilding the images at signing.
Reset the base_fs paths to point to the files in META/.
Also add blk_alloc_to_base_fs into otatools.zip.
Bug: 27698960
Change-Id: If4eb274b3f3d839c4365624f46f0dc89bd2fa440
am: 05ce0a9
* commit '05ce0a94a5a6eec3113b62a39f97401e6a3fb3a0':
Skip verifying the partition with no changed blocks.
Change-Id: I8a3a9f8fe7bcf25fd719940d883a22a7adcfdef9
For incremental BBOTAs, commit [1] changed to verify only the touched
blocks to reduce the update time. This CL fixes the bug when there's no
changed block between the two builds.
[1]: commit d522bdc9ed
Bug: 27813356
Bug: 28195498
Change-Id: Ia752d3cf034c544517458ed15df509d4596e21fa
(cherry picked from commit f9efe284a4)
For incremental BBOTAs, commit [1] changed to verify only the touched
blocks to reduce the update time. This CL fixes the bug when there's no
changed block between the two builds.
[1]: commit d522bdc9ed
Bug: 27813356
Bug: 28195498
Change-Id: Ia752d3cf034c544517458ed15df509d4596e21fa
am: 21528c5
* commit '21528c5e053e28cd52d603eded53ffaf36d22637':
releasetools: Only verify the blocks to be touched.
Change-Id: I053c7da789c44916456109c5153f6628fe38c849
For incremental BBOTAs, we used to verify the integrity of all the
blocks in the source partition. In order to reduce the time cost under
recovery, this CL changes to only verify the blocks that will be touched
in the given OTA package (BBOTA >= 3 only). This is a trade-off between
performance and reliability.
Bug: 27813356
Change-Id: I3975ae6f461f0f7e58d24f1df7df46a449d2988b
(cherry picked from commit d522bdc9ed)
For incremental BBOTAs, we used to verify the integrity of all the
blocks in the source partition. In order to reduce the time cost under
recovery, this CL changes to only verify the blocks that will be touched
in the given OTA package (BBOTA >= 3 only). This is a trade-off between
performance and reliability.
Bug: 27813356
Change-Id: I3975ae6f461f0f7e58d24f1df7df46a449d2988b
post-install verification calls range_sha1() and checks if the given
partition has expected contents. It takes roughly 20 seconds on
angler with 2.8G system image. Remove it to speed up OTA update. Also
abort the update if block_image_update() fails, as we were relying on
post-install verification to capture block_image_update() failures.
cherry-picked from commit b2deb22033
Bug: 27729678
Change-Id: I8123cd8929295ec26df247acf6bb51df813771d9
post-install verification calls range_sha1() and checks if the given
partition has expected contents. It takes roughly 20 seconds on
angler with 2.8G system image. Remove it to speed up OTA update. Also
abort the update if block_image_update() fails, as we were relying on
post-install verification to capture block_image_update() failures.
Bug: 27729678
Change-Id: I8123cd8929295ec26df247acf6bb51df813771d9
The following variables are introduced
BOARD_BVB_ENABLE: can be set to true to build boot.img and system.img
files compatible with Brillo Verfied Boot.
BOARD_BVB_ROLLBACK_INDEX: can be set to an integer to use for the
rollback index.
BOARD_BVB_KEY_PATH, BOARD_BVB_ALGORITHM: If set, the former must be a
path to the private key used to sign the boot image and the latter must
be the algorithm to use. If unset, a test-key stored in the tree will
be used.
BOARD_BVB_MAKE_BOOT_IMAGE_ARGS: Extra options to pass to 'bvbtool
make_boot_image'.
BOARD_BVB_SIGN_BOOT_IMAGE_ARGS: Extra options to pass to 'bvbtool
sign_boot_image'.
BOARD_BVB_ADD_IMAGE_HASHES_ARGS: Extra options to pass to 'bvbtool
add_image_hashes'.
BOARD_CUSTOM_BVBTOOL: Can be set to specify what bvbtool program to
use.
The existing BOARD_KERNEL_CMDLINE variable is also used, as are existing
kernel and initrd-related variables. Therefore, simply adding
BOARD_BVB_ENABLE := true
to an existing Makefile should do the trick.
Bug: 26185038
TEST=Added 'BOARD_BVB_ENABLE := true' to hardware/bsp/intel/soc/edison/soc.mk
and built an image and then ran bvbtool's info_boot_image and
info_image_hashes commands on the resulting boot.img and system.img
files and verified that the information was correct. Also ran 'm dist'
and verified that the boot.img and system.img files in the resulting
target_files.zip file had similar information.
Change-Id: I08045ed8b0cbddc7c3acdd3a6f2c4bb75cb44bbc
This changes the build system to provide the signapk tool with the
minSdkVersion of the APK being signed. signapk in turn will then use
SHA-256 instead of SHA-1 if minSdkVersion is 18 (JB MR2) or higher
(see c2c49ed0c1).
To avoid increasing incremental OTA update package sizes for already
released platforms, release build scripts disable the above logic when
signing target files ZIPs for pre-N platforms.
Bug: 25643280
(cherry picked from commit 2cfd1d108c)
Change-Id: I38450d07ddc05c705de40313f843beada8db7d98
This changes the build system to provide the signapk tool with the
minSdkVersion of the APK being signed. signapk in turn will then use
SHA-256 instead of SHA-1 if minSdkVersion is 18 (JB MR2) or higher
(see c2c49ed0c1).
To avoid increasing incremental OTA update package sizes for already
released platforms, release build scripts disable the above logic when
signing target files ZIPs for pre-N platforms.
Bug: 25643280
Change-Id: I3f2faaf49c6fa392ffbf1ee9f30de476f9f73231
Add "ota-required-cache" into the metadata file in an OTA package,
which shows the minimum free space on /cache to apply the update.
Add "ota-type" into the metadata file, which shows the OTA type for
this package (i.e. one of FILE, BLOCK and AB).
Also add the cache free space check into updater-script when generating
block-based incremental OTAs (we only had such lines for file-based
incrementals before).
Bug: 26731903
Change-Id: Id6ff0fc4cdfb1443636b0b3800b0f8bddb5bb1d0
(cherry picked from commit d8d14bec0d)
Add "ota-required-cache" into the metadata file in an OTA package,
which shows the minimum free space on /cache to apply the update.
Add "ota-type" into the metadata file, which shows the OTA type for
this package (i.e. one of FILE, BLOCK and AB).
Also add the cache free space check into updater-script when generating
block-based incremental OTAs (we only had such lines for file-based
incrementals before).
Bug: 26731903
Change-Id: Id6ff0fc4cdfb1443636b0b3800b0f8bddb5bb1d0
This changes the build system to provide the signapk tool with the
minSdkVersion of the APK being signed. signapk in turn will then use
SHA-256 instead of SHA-1 if minSdkVersion is 18 (JB MR2) or higher
(see c2c49ed0c1).
To avoid increasing incremental OTA update package sizes for already
released platforms, release build scripts disable the above logic when
signing target files ZIPs for pre-N platforms.
Bug: 25643280
(cherry picked from commit de5bc04717)
Change-Id: I4b100750e47788ab6ed897a0a5abfd33542e8676
This changes the build system to provide the signapk tool with the
minSdkVersion of the APK being signed. signapk in turn will then use
SHA-256 instead of SHA-1 if minSdkVersion is 18 (JB MR2) or higher
(see c2c49ed0c1).
To avoid increasing incremental OTA update package sizes for already
released platforms, release build scripts disable the above logic when
signing target files ZIPs for pre-N platforms.
Bug: 25643280
Change-Id: I058393e0971d0d6559dbd69ea902754c6c7cab14
(cherry picked from commit de5bc04717)
This reverts commit de5bc04717 because it's breaking some builds. Turns out some APKs have multiple sdkVersion attributes returned by aapt.
Change-Id: I013d6ef5eac473dd3900e0b9edf4c32cdc838bab
This changes the build system to provide the signapk tool with the
minSdkVersion of the APK being signed. signapk in turn will then use
SHA-256 instead of SHA-1 if minSdkVersion is 18 (JB MR2) or higher
(see c2c49ed0c1).
To avoid increasing incremental OTA update package sizes for already
released platforms, release build scripts disable the above logic when
signing target files ZIPs for pre-N platforms.
Bug: 25643280
Change-Id: I048393e0971d0d6559dbd69ea902754c6c7cab14
With BOARD_USES_RECOVERY_AS_BOOT = true, we skip building the
non-ramdisk boot.img but building the recovery image as boot.img. It
contains recovery's ramdisk (e.g. with /sbin/recovery). It depends on
the bootloader parameter (skip_initramfs) to determine the actual mode
to boot into.
Change-Id: Id6e2d0a2b94383944ca8f35bba688c6401745622
(cherry picked from commit d80bef2b9e)
Add a function check_first_block to read block0 and output a message
on screen if the device has been remounted. The function is called
for version >= 4 only; it executes after a failing block verification
and before recovery attempts.
Bug: 21124327
Change-Id: I49dc0b861c702698896a2495ca094215705d4650
(cherry picked from commit 9dac797013)
This makes the signapk tool use Conscrypt (where possible) instead of
the platform-default JCA providers and the Bouncy Castle JCA provider.
This speeds up (by 10-30%) APK and OTA update signing because
Conscrypt's crypto primitives are backed by BoringSSL.
Previously, the signapk tool consisted only of the signapk.jar.
Because Conscrypt is backed by native code, signapk now consists of
signapk.jar and crypto_openjdk_jni shared library. This requires that
users of the tool be updated to provide a suitable -Djava.library.path
argument to the Java runtime. This change updates all known users of
the tool inside the Android source tree to do so.
Bug: 26097626
Change-Id: I8411b37d7f771ed99269751a3007dff103083552
The packaging script is broken when we set TARGET_NO_RECOVERY and
SYSTEM_ROOT_IMAGE both. With TARGET_NO_RECOVERY set, we don't have
RECOVERY/RAMDISK/etc/recovery.fstab. It thus fails the assertion in
common.LoadRecoveryFSTab() that "/" must exist in fstab when enabling
SYSTEM_ROOT_IMAGE.
Change-Id: Id509d724f18be7cf7389dd786924ead894ac0cc1
We can generate a special OTA package that verifies all the partitions
(boot, recovery, system, vendor and etc) on a device. It also calls
device-specific script to verify bootloader and radio images. This
ensures a flashed device contains all the desired images faithfully.
Usage:
ota_from_target_files.py --gen_verify target_files.zip output.zip
Bug: 24679956
Change-Id: Ib3091d98c4b17a6fad305b3edf16d09efbda5c38
When building incremental packages, the info_dict from the source build
should be the one in use. We have done that for most of the partitions
(system and etc.), and should pass that to vendor's script as well.
Bug: 24898607
Change-Id: Ie2973d41b905637862616286663baf80df83bd88
Changes in [1] break the backward compatibility of the OTA scripts. Fix
the issue by extracting the file basename from the info dict in
META/misc_info.txt.
[1] commit d3a803e668
Bug: 23620049
Change-Id: I40a5625bbe0beb295f34b2328906a4a4283fe59b
