When building incremental packages, the info_dict from the source build
should be the one in use. We have done that for most of the partitions
(system and etc.), and should pass that to vendor's script as well.
Bug: 24898607
Change-Id: Ie2973d41b905637862616286663baf80df83bd88
Changes in [1] break the backward compatibility of the OTA scripts. Fix
the issue by extracting the file basename from the info dict in
META/misc_info.txt.
[1] commit d3a803e668
Bug: 23620049
Change-Id: I40a5625bbe0beb295f34b2328906a4a4283fe59b
For some old builds, we may not define cache partition size. Change the
exception into a warning to make the script backward compatible.
Change-Id: Ie94c7fbb1a9f3a7db3f16e8d845e493a534aac5b
For system images that contain the root directory, we need to find the
root directory at ROOT/ instead of BOOT/RAMDISK/.
Change-Id: Ica345c8b1b03475f8ac6c44fd576045fcf17c882
Change all uses of the file_contexts file to use the
file_contexts.bin file instead.
Depends on
I75a781100082c23536f70ce3603f7de42408b5ba
I43806d564b83d57f05f5c36c8eba7b1ff4831b04
Id560d093440a2aba99cef28c20133b35feebf950
I15660f4b3e4c5cb8ae0ec1498c74d6fcbb9a0400
Change-Id: Iaf8c4b2e420f610425a07f48db7af32bda3f5b3a
Signed-off-by: Stephen Smalley <sds@tycho.nsa.gov>
When the root directory is included in system, the assumption that
system is mounted at /system breaks down. Redirect /system to /
in that case.
Change-Id: I8031b32d7cb9ca699c1cc22939e28afce9d1c847
If BOARD_USES_FULL_RECOVERY_IMAGE == true, a full copy of recovery
image will be carried as /system/etc/recovery.img instead of a patch
at /system/recovery_from_boot.p.
Bug: 22641135
Change-Id: Ie271d3e2d55d7b003f667ac5b44203d69b23c63b
(cherry picked from commit 8beab69bd5)
A few properties are stored as links to the files in the out/
directory, which are no longer available when (re)packing from
target_files zip. Redirect those properties to the actual files in
the unzipped directory when repacking.
Change-Id: I18e930cbea224ab9c6db8d4e721b1c266a671db6
file_contexts (specified by SELINUX_FC) is needed both when building
and (re)packaging. We used to use the copy in out/ when building, and
looked for the copy in BOOT/RAMDISK/ when packaging from target_files
zip. With system_root_image enabled, the file_contexts needed for
building and packaging might be different from the one on device. So
we explicitly pack the file as META/file_contexts in target_files zip.
Also refactor out the overriding of selinux_fc property into
common.LoadInfoDict().
Change-Id: I94f9ea6671b3792c12c1c21573840743d63da39a
(cherry picked from commit aa7318c384)
dm-verity may touch some blocks that are not in the care_map due to
block device read-ahead. It will fail if such blocks contain
non-zeroes. As a workaround, we mark them as extended blocks and
zero out explicitly to avoid dm-verity failures.
Bug: 20881595
Change-Id: Id097138bfd065c84eac088b3ad49758010b2927b
(cherry picked from commit 2fd2c9bfd6)
dm-verity may touch some blocks that are not in the care_map due to
block device read-ahead. It will fail if such blocks contain
non-zeroes. As a workaround, we mark them as extended blocks and
zero out explicitly to avoid dm-verity failures.
Bug: 20881595
Change-Id: I54e24e70ad822c0d6d7af43301f74d24505f4461
Clockwork builds may rename init.rc to init.core.rc. Change the OTA
script to scan all init.*.rc files to determine the proper location for
install-recovery.sh.
Bug: 22128990
Change-Id: Icad3497d1663e074b938919b40fc239c84fbeb2b
(cherry picked from commit 610754e5ad)
If there is a SELinux context label in the recovery.fstab, we should
honor that when mounting the partition.
Bug: 19764039
Change-Id: Ic80a3377a5a94c9d10dd464eb1257b157a947510
(cherry picked from commit 548eb76c8f)
If there is a SELinux context label in the recovery.fstab, we should
honor that when mounting the partition.
Bug: 19764039
Change-Id: I4df71a092b418cd340a18b2e3b0936de33d8e3f5
Similar to the assertations in file-based OTA, we perform verification
for block-based OTAs (BBOTAs) after updating a partition, for both of
the incremental and full OTAs. It increases the update time (~20s on
Nexus 6), but will capture unnoticed errors right away.
Bug: 21500869
Change-Id: I0f8b27734caaa0f41f9c1b904d55af2112784a68
(cherry picked from commit 68658c0f4f)
Similar to the assertations in file-based OTA, we perform verification
for block-based OTAs (BBOTAs) after updating a partition, for both of
the incremental and full OTAs. It increases the update time (~20s on
Nexus 6), but will capture unnoticed errors right away.
Bug: 21500869
Change-Id: I89ac8fe623b855721b7affd07cf9426a23433ab0
When passing a ZipInfo instance to common.ZipWriteStr(), the
external_attr attribute should not be overwritten unless specified.
We didn't have the issue previously because we were calling
ZipFile.writestr() directly until [1] merged.
[1] commit 2ed665a033.
Bug: http://b/21309935
Change-Id: I8c0190362c60d7d78965ecfe5e484f8398ddc5f2
(cherry picked from commit 9773465409)
When passing a ZipInfo instance to common.ZipWriteStr(), the
external_attr attribute should not be overwritten unless specified.
We didn't have the issue previously because we were calling
ZipFile.writestr() directly until [1] merged.
[1] commit 2ed665a033.
Bug: http://b/21309935
Change-Id: I374ccd40c174ff9259844f38bdbf187dfe82552d
In ext4 filesystems, some blocks might be changed even being mounted
R/O, such as the superblock (block 0). We need to exclude such blocks
from integrity verification. Plus such blocks should always be
written to the target by copying instead of patching.
Bug: http://b/20939131
Change-Id: I657025b7b1ad50d4365e7b18dc39308facfe864e
(cherry picked from commit ff7778166b)
In ext4 filesystems, some blocks might be changed even being mounted
R/O, such as the superblock (block 0). We need to exclude such blocks
from integrity verification. Plus such blocks should always be
written to the target by copying instead of patching.
Bug: http://b/20939131
Change-Id: I991169ec307dfb231b2fe8908a0668595ecb2060
In order to work around the zip 2GiB limit, we need to wrap the related
functions in zipfile. Calls to those functions should always be replaced
with calls to the wrappers instead.
Bug: 18015246
Change-Id: I499574cee51ec4804bc10cbefe0b17940afed918
(cherry picked from commit 2ed665a033)
In order to work around the zip 2GiB limit, we need to wrap the related
functions in zipfile. Calls to those functions should always be replaced
with calls to the wrappers instead.
Bug: 18015246
Change-Id: Ice494371ca6654e88ded2ae0eb680f51082effcb
It's not necessary to call block_image_verify for the most common
case where we attempt an update for the first time and the target
partition has expected contents. It is sufficient to confirm that
the target partition is intact.
Computing a hash is much faster than simulating the update, which
means this change should make the update speed for v3 much closer
to v2 for the common case. If the update was interrupted, this is
going to make resuming somewhat slower, of course. Hopefully this
should be rather rare.
Bug: 20309033
Change-Id: I04792f3681bf2cd5d9a4e1c41eb883c7f26c6f58
Allow dm-verity to be enabled without boot and recovery images being
signed. This makes it possible to enable only dm-verity to detect
corruption without confusing bootloaders that do not understand signed
images.
Bug: 19985143
Change-Id: Ie52c6ff595faa7a5c1f1bc1b37f6899c4d0c7001
Add vboot properties to the dictionary file, which will be packed into
the target_files zip. Add support in packaging and OTA scripts to
sign the generated bootable images (boot.img and recovery.img) when
vboot is enabled.
Change-Id: I08758ced03d173219415bca762bbdb66c464a9f5
(cherry picked from commit 5d5a3bd9e8d8b14b71d1b2105417a2958d13d3d2)
