This will avoid having to tag jar file with a manifest
implementation version.
Test: make cts, check the zip
Bug: 111834256
Change-Id: Id809217cefb36b4779fdf41c02f5809ba22d03a1
Tradefed depends on Loganalysis so it should also be part
of cts. Luckily there was no overlap (cts never called a
part of TF that use loganalysis) so it never failed
with classNotFound before.
Test: build cts
Bug: 75979908
Change-Id: I2542ecd077149f7165aff120d67054943df20b54
<Two phase commits> Since internal master code has more places that use
BUILD_NUMBER (mostly in vendor/) than AOSP (conflict). We can't
deprecate BUILD_NUMBER directly. Therefore, we try to switch to
BUILD_NUMBER_FROM_FILE as much as possible at first. Then we will do
a one-off deprecation for BUILD_NUMBER in internal master next step.
Test: m -j
Bug: b/70351683
Change-Id: I14ffee7381933c9fde14c4bde8c0c14e45fe98bf
Adding verified boot metadata with a "disable magic". The resulting
metadata at the end of each image (e.g., system.img, vendor.img) will
be the same as triggering an "adb disable-verity" on an USERDEBUG image.
This can help simplify the code on fs_mgr, which won't have to check if
current image is an ENG build or not.
Bug: 63056044
Test: boot sailfish eng/userdebug builds
Change-Id: I95d23ac7b76c04d6d4483c9c4dc1de16bf0d9c3a
Current AVB signing for custom images is enabled by either of the
following build variables:
CUSTOM_IMAGE_AVB_HASH_ENABLE := true
CUSTOM_IMAGE_AVB_HASHTREE_ENABLE := true
A previous change to support chain partition replaced avb_signing_args
with avb_key_path and avb_algorithm. This change updates the
corresponding change for custom_images.
To sign a custom_image as a chain partition, it needs:
CUSTOM_IMAGE_AVB_KEY_PATH := external/avb/test/data/testkey_rsa2048.pem
CUSTOM_IMAGE_AVB_ALGORITHM := SHA256_RSA2048
CUSTOM_IMAGE_AVB_ROLLBACK_INDEX := 1
Note that it doesn't support include metadata of custom images into
vbmeta.img. Because custom_images is designed to build multiple files
(e.g., custom1.img, custom2.img, custom3.img, etc) and a device can only
use/mount one of them. The vbmeta.img needs to be generated per each
combination.
Bug:36701014
Test: sign custom image with AVB HASH descriptor (non-chain)
Test: sign custom image with AVB HASH descriptor as chain partition
Test: sign custom image with AVB HASHTREE descriptor (non-chain)
Test: sign custom image with AVB HASHTREE descriptor as chain partition
Change-Id: I492e2ce768e7caec22228b776b2c13a2d37a5b89
Bug: 63691195
Test: `make custom_images` with CUSTOM_IMAGE_SUPPORT_VERITY_FEC := true
Test: boot device with the custom image built above
Change-Id: I198fa1e0697cb00712bbfb6f1a717ec623703ede
This patch reuses the build-image-kernel-modules macro to build the
odm/lib/modules directory according to the BOARD_ODM_KERNEL_MODULES
which contains list of kernel module files.
Bug: 36012197
Test: android master build on pixel
Change-Id: I2c004132a89e7f230690b4d26c98c3d5b2769f11
To support extra files in package-modules.mk, allow the user to set
my_copy_pairs to a list of src:dest pairs that will be copied into the
zip file.
Test: build-aosp_arm.ninja is identical before/after
Test: codesearch says that these variables aren't otherwise used
Test: set my_copy_pairs, ensure that they exist in the zip.
Change-Id: Ia80cd136db8ad37a71010baf0552621b281c8bc3
- prebuilt tools copied directly to /tools subdir of zip
- currently only used by wts, noop for other suites
Bug: b/62102556
Change-Id: I796d7490f39f817af8f2ec5bea86593182bfcbe2
`make custom_images` supports to build different kinds of *non-droid* images,
e.g., odm.img. Adding the support of signing them with either AVB HASH footer
or AVB HASHTREE footer. The user can use HASH for small images and
HASHTREE for large images.
Sample signing configurations:
* AVB HASH footer:
- CUSTOM_IMAGE_AVB_HASH_ENABLE := true
- CUSTOM_IMAGE_AVB_ADD_HASH_FOOTER_ARGS := --append_to_release_string my_odm_image
* AVB HASHTREE footer:
- CUSTOM_IMAGE_AVB_HASHTREE_ENABLE := true
- CUSTOM_IMAGE_AVB_ADD_HASHTREE_FOOTER_ARGS := --fec_num_roots 8
* Using custom signing key:
- CUSTOM_IMAGE_AVB_ALGORITHM := SHA256_RSA2048
- CUSTOM_IMAGE_AVB_KEY_PATH := external/avb/test/data/testkey_rsa2048.pem
Bug: 36701014
Test: `make custom_images` with AVB HASH footer
Test: `make custom_images` with AVB HASHTREE footer
Test: `make droid` to check system.img is still properly signed with AVB HASHTREE
Test: `make droid` to check vendor.img is still properly signed with AVB HASHTREE
Change-Id: I8dc420e12e37e9a631345c0cd883339db05d489f
Set CUSTOM_IMAGE_AVB_ENABLE := true to enable avb, add_hashtree_footer
args can be added in CUSTOM_IMAGE_AVB_ADD_HASHTREE_FOOTER_ARGS.
Bug: 38319818
Test: m custom_images
Change-Id: Ia452dc5ce8b55bcbd3abba9e965b72e78fd8c104
All the new features are turned off for now, since multiple branches and
products need to be verified before they can be turned on. So everything
should behave the same as today, except for no partition-based
warnings.
Instead of the current link type checks that happen during the build,
run as many as possible immediately after loading all the Android.mk
files. If we're allowing missing dependencies ('mm',
ALLOW_MISSING_DEPENDENCIES, tapas, etc), we'll defer the link type
checks to during the build. If we're not allowing missing dependencies,
we'll produce a better error message to the user about the missing
dependencies.
See core/main.mk for a description of the storage format.
This also remove the partition-based type checking. It hasn't worked all
that well, particularly with ASAN builds. The new VNDK checks will
handle the most pressing cases.
Test: Verify all link_type files and dependencies are the same:
grep link_type: out/build-aosp_arm64.ninja | sed -E "s/ rule[0-9]+//" | sort
Change-Id: Id643658b9d9e84f99f5db0d526aad88c1f5d3417
Using ; to join commands in a rule causes failures to be ignored by
make. Use && instead, and add true at the end as the second operand
to the last && operator.
Also inline copy-test-in-batch, batching is no longer necessary as
kati will fall back to a shell script if the recipe is too long to
fit in a command line.
Test: builds
Change-Id: I4a2528bf2a15106cfabaae0336662c4a0464271d
This also makes the resulting zip files more repeatable -- the file list
is sorted and the entries have static timestamps.
On my machine, this saves ~30 seconds for android-cts.zip, it now takes
less than a second.
Test: m -j cts; compare output from without this change
Change-Id: Ia71e35878ff98ba9775115860530e87eee47739f
Include the calling makefile and package name instead of just a warning
pointing to package-modules.mk
Test: multiproduct_kati, grep logs
Change-Id: I4fa35540b9695b44eea6c23463e137ec37d1d2c9
When building test modules, dependencies added by the test modules get
build but don't get included in the packaged tests .zip file.
When packaging modules into a .zip file, this patch includes the modules
explicitly listed as a dependency in LOCAL_REQUIRED_MODULES for the
requested modules to package.
If these LOCAL_REQUIRED_MODULES dependencies are not used in the base
system image, they were build as part of the "tests" target but weree
not included in the package nor in the system image. This patch includes
those modules, making it easier to define dependencies of a test
module in the Android.mk file that defined said module, instead of
requiring to re-list all the dependent modules when packaging test
modules.
Bug: 27348226
Change-Id: Ic6f60cf2916b3fae0fa39f84aee8a4f440af9539
HOST_OUT_EXECUTABLES is already added to the PATH variable,
so it is not needed to add the path info for binaries in
misc_info.txt and <partition>_image_info.txt.
Earlier the mkuserimg item in the build_image dictionary is
hardcoded to "mkuserimg.sh", but now it is customized for
mkuserimg.sh and mkuserimg_mke2fs.sh, and maintained in
dictionary "ext_mkuserimg=$(MKEXTUSERIMG)" in misc_info.txt
and <partition>_image_info.txt, where it is used in the
build_image script while creating the images.
The problem here is the value for this key is set to build
path of the file mkuserimg file
$(HOST_OUT_EXECUTABLES)/mkuserimg.sh,
i.e. out/host/linux_x86/bin/mkuserimg.sh,
there by standalone signing the images using otatools is
not working as the executables are packed in bin folder.
Test: tools/releasetools/sign_target_files_apks
-p <extracted ota-tools.zip folder>
--extra_signapk_args=-f /etc/opt/cert_data.dat
-v
--replace_verity_private_key ~/build/target/product/security/verity
--replace_verity_public_key ~/build/target/product/security/verity.x509.pem
-k <key maping>
<input target files zip>
<output target files zip>
Change-Id: I57af1025ec38f3794f779c49faa0bf965afc6a5d
Enable client-side dynamic config code to access the suite-level dynamic
config files by placing them in the testcases directory. Also update
cts_v2.mk to define the location of its corresponding dynamic config file.
bug:23625592
Change-Id: Id11dea4b6acbe8ea7e5e9579e369a2be5873a224
ziptime fails on zip file larger than 2GB.
These zip files won't installed on device and we don't care that much
about their reprodudcibility across builds.
Change-Id: I47062928d075a59eda92dd5333e59502f490d1cb
