Added the missing shared library libpcre2.so for make_ext4fs
in the otatools.zip.
Standalone signing the images with otatools zip is not working
due to missing library for make_ext4fs.
Test: tools/releasetools/sign_target_files_apks
-p <extracted ota-tools.zip folder>
--extra_signapk_args=-f /etc/opt/cert_data.dat
-v
--replace_verity_private_key ~/build/target/product/security/verity
--replace_verity_public_key ~/build/target/product/security/verity.x509.pem
-k <key maping>
<input target files zip>
<output target files zip>
Change-Id: I4fc71a1c710f3075bb3bdb90d915538526004ee6
This reverts commit fad4b4b715.
Incorporating the following fixes:
1.
fsconfig: fix fs_config_* build for discovered headers
When android_file system_config.h is picked up from the device
directory, neither TARGET_FS_CONFIG_GEN or TARGET_ANDROID_FILESYSTEM_CONFIG_H
are specified. Thus, the build is not generating the required fs_config_files
and fs_config_dirs.
Test: Ensure that make fs_config_files works, and produces the same output as before
Build the system image and mount it as a loop back and dump the file system
capabilities with getcap. Verify that output to the supplied
android_file system_config.h
From the loopback of the system.img mount, from CWD system/bin:
$ getcap *
cnss-daemon = cap_net_bind_service+ep
hostapd = cap_net_admin,cap_net_raw+ep
imsdatadaemon = cap_net_bind_service+ep
ims_rtp_daemon = cap_net_bind_service+ep
logd = cap_setgid,cap_audit_control,cap_syslog+ep
mm-qcamera-daemon = cap_sys_nice+ep
pm-service = cap_net_bind_service+ep
run-as = cap_setgid,cap_setuid+ep
surfaceflinger = cap_sys_nice+ep
webview_zygote32 = cap_setgid,cap_setuid,cap_setpcap+ep
webview_zygote64 = cap_setgid,cap_setuid,cap_setpcap+ep
Compared to the android_filesystem_config.h:
{ 00700, AID_CAMERA, AID_SHELL, (1ULL << CAP_SYS_NICE), "system/bin/mm-qcamera-daemon" },
{ 00755, AID_SYSTEM, AID_SYSTEM, (1ULL << CAP_NET_BIND_SERVICE), "system/bin/pm-service" },
{ 00755, AID_SYSTEM, AID_SYSTEM, (1ULL << CAP_NET_BIND_SERVICE), "system/bin/imsdatadaemon" },
{ 00755, AID_SYSTEM, AID_RADIO, (1ULL << CAP_NET_BIND_SERVICE), "system/bin/ims_rtp_daemon" },
{ 00755, AID_SYSTEM, AID_SYSTEM, (1ULL << CAP_NET_BIND_SERVICE), "system/bin/cnss-daemon"},
2.
fsconfig: fix error message for duplicate AID
Fixes:
raise ValueError('Duplicate aid value "%u" for %s' % value,
TypeError: %u format: a number is required, not str
and
raise ValueError('Duplicate aid value "%s" for %s' % value,
TypeError: not enough arguments for format string
3.
fsconfig: add test for duplicate ranges
Add a test for duplicate range detection.
4.
fsconfig: skip AID_APP, AID_USER and all ranges
Do not output AID_APP, AID_USER and ranges. A range
is defined as ending with AID_ and ending in _START or
_END.
5.
fsconfig: test for skip AID_APP, AID_USER and all ranges
Test against AIDs that caused the bionic tests to fail.
Change-Id: I95569a9ccc83bd3231f8a6f395532cc2de316bd2
Signed-off-by: William Roberts <william.c.roberts@intel.com>
Add build targets for split sepolicy files so they'll appear in the root dir for
on-device compilation. nonplat_sepolicy will eventually be removed as it should
be provided by a different partition. Also replace sepolicy.recovery with the
appropriate split components.
Bug: 31363362
Test: Policy builds on-device and boots.
Change-Id: I017dabe6940c3cd20de6c00bb5253274d5a9269b
We compute the max stashed_blocks in ReviseStashSize(), prior to calling
WriteTransfers(), to avoid running out of space due to stashing.
There is a bug when computing the to-be-freed stashed blocks, where we
wrongly free the space _before_ executing the transfer command. This leads
to a script failure where the max stash size violates the max allowed
size in WriteTransfers().
Note that this bug doesn't affect already generated packages. It's only
an underestimate in ReviseStashSize(). The check in WriteTransfers() has
been correct to ensure the max stash size.
Bug: 33687949
Test: Successfully generated incremental OTA which failed previously.
Change-Id: I4f4f043c6f521fce81ca5286e6156f22d99bf7f7
This makes the apk avaiable on all devices and can be overridden on a
per-product basis using LOCAL_OVERRIDES_PACKAGES.
BUG: 33224286
Test: Verified with lunch aosp_bullhead-userdebug; make
Change-Id: Ib345193caa4431b6405294bd8759d93349335814
The only user of get-package-min-sdk-version-int was signapk. signapk
no longer needs to be provided with the APK's minSdkVersion though.
(cherry picked from commit e185da21ca)
Test: make clean && make
Change-Id: I6867a004aec0f3752cbbc99cc30e02ca5404b3c4
signapk now auto-detects the APK's minSdkVersion, removing the need to
run aapt dump badging during APK signing.
Test: make clean && make
Change-Id: Ifc74292a9900443d053e437b50b540c8d0b33dbd
AIDL doesn't generate into the intermediate src directory, we pass exact
aidl->java files to the compiler. So there is no need to clean the
intermediate src directory when the aidl file list changes for a module.
Test: None, just code inspection
Change-Id: I01feff7cc399ac5b88b83333a1ac86928d0a81e6
LLVM_RELEASE_VERSION is unused from envsetup.sh and during product
config loading. LLVM_PREBUILTS_VERSION is still used in envsetup.sh, so
needs to stay.
Delay reading core/clang/config.mk until after Soong's variables are
read so that we don't need a copy of LLVM_PREBUILTS_BASE.
Test: Compare build-aosp_flounder.ninja
Change-Id: I85b5836a2230838c8f3766fb19c6108fc5c9ca50
Prior to this change, when signing APKs, the build system invoked
'aapt dump badging' on each APK, to detect the value to pass into
signapk as --min-sdk-version. Now that signapk uses the apksig
library, it can auto-detect that value on its own, thus avoiding the
need to invoke 'aapt dump badging' and thus speeding up the build
process.
The semantics of signapk's --min-sdk-version flag is changed by this
commit from having the default value of 0 to having the default value
of "auto-detect from APK".
P.S. The get-package-min-sdk-version-int is not removed from
core/definitions.mk in this commnit, because this function is used in
another project's .mk file and thus that .mk file needs to be modified
first.
Test: rm -Rf out/ && make
Change-Id: I0972fcf0abbde9cbf6794e6c05c743c77c8a78f9
We used to dump "Source: <fingerprint>" in update logs. The "Source: "
prefix was unintentionally dropped out.
Test: Check the generated incremental BBOTA script.
Change-Id: I4de62333aa38e3fb09a76df0e769b62af48e0313
