Merge "Create $(findstring) starlark implementation"
diff --git a/core/android_soong_config_vars.mk b/core/android_soong_config_vars.mk
index cd42e1f..d24449b 100644
--- a/core/android_soong_config_vars.mk
+++ b/core/android_soong_config_vars.mk
@@ -88,7 +88,7 @@
# This sets the default for building ART APEXes from source rather than
# prebuilts (in packages/modules/ArtPrebuilt and prebuilt/module_sdk/art) in
# all other platform builds.
- SOONG_CONFIG_art_module_source_build ?= false
+ SOONG_CONFIG_art_module_source_build ?= true
endif
# Apex build mode variables
diff --git a/core/version_defaults.mk b/core/version_defaults.mk
index 1f1ec3f..8432513 100644
--- a/core/version_defaults.mk
+++ b/core/version_defaults.mk
@@ -85,7 +85,7 @@
# It must be of the form "YYYY-MM-DD" on production devices.
# It must match one of the Android Security Patch Level strings of the Public Security Bulletins.
# If there is no $PLATFORM_SECURITY_PATCH set, keep it empty.
- PLATFORM_SECURITY_PATCH := 2021-11-05
+ PLATFORM_SECURITY_PATCH := 2021-11-05
endif
.KATI_READONLY := PLATFORM_SECURITY_PATCH
diff --git a/target/product/gsi/current.txt b/target/product/gsi/current.txt
index 52754d4..e57b4e3 100644
--- a/target/product/gsi/current.txt
+++ b/target/product/gsi/current.txt
@@ -100,6 +100,7 @@
VNDK-core: android.hardware.vibrator-V2-ndk.so
VNDK-core: android.hardware.weaver-V1-ndk.so
VNDK-core: android.hardware.wifi.hostapd-V1-ndk.so
+VNDK-core: android.hardware.wifi.supplicant-V1-ndk.so
VNDK-core: android.hidl.token@1.0-utils.so
VNDK-core: android.hidl.token@1.0.so
VNDK-core: android.system.keystore2-V1-ndk.so
diff --git a/target/product/gsi_release.mk b/target/product/gsi_release.mk
index aaeefcb..b1266ee 100644
--- a/target/product/gsi_release.mk
+++ b/target/product/gsi_release.mk
@@ -34,7 +34,7 @@
# GSI should always support up-to-date platform features.
# Keep this value at the latest API level to ensure latest build system
# default configs are applied.
-PRODUCT_SHIPPING_API_LEVEL := 30
+PRODUCT_SHIPPING_API_LEVEL := 31
# Enable dynamic partitions to facilitate mixing onto Cuttlefish
PRODUCT_USE_DYNAMIC_PARTITIONS := true
diff --git a/tools/releasetools/Android.bp b/tools/releasetools/Android.bp
index a979a8e..bf7f9a0 100644
--- a/tools/releasetools/Android.bp
+++ b/tools/releasetools/Android.bp
@@ -553,6 +553,19 @@
],
}
+python_binary_host {
+ name: "fsverity_metadata_generator",
+ srcs: [
+ "fsverity_metadata_generator.py",
+ ],
+ libs: [
+ "fsverity_digests_proto_python",
+ ],
+ required: [
+ "fsverity",
+ ],
+}
+
//
// Tests.
//
diff --git a/tools/releasetools/fsverity_metadata_generator.py b/tools/releasetools/fsverity_metadata_generator.py
index 666efd5..a300d2e 100644
--- a/tools/releasetools/fsverity_metadata_generator.py
+++ b/tools/releasetools/fsverity_metadata_generator.py
@@ -55,6 +55,9 @@
self.set_hash_alg("sha256")
self.set_signature('none')
+ def set_key_format(self, key_format):
+ self._key_format = key_format
+
def set_key(self, key):
self._key = key
@@ -130,14 +133,17 @@
cmd.append(input_file)
cmd.append(sig_file)
- # convert DER private key to PEM
- pem_key = os.path.join(work_dir, 'key.pem')
- key_cmd = ['openssl', 'pkcs8']
- key_cmd.extend(['-inform', 'DER'])
- key_cmd.extend(['-in', self._key])
- key_cmd.extend(['-nocrypt'])
- key_cmd.extend(['-out', pem_key])
- subprocess.check_call(key_cmd)
+ # If key is DER, convert DER private key to PEM
+ if self._key_format == 'der':
+ pem_key = os.path.join(work_dir, 'key.pem')
+ key_cmd = ['openssl', 'pkcs8']
+ key_cmd.extend(['-inform', 'DER'])
+ key_cmd.extend(['-in', self._key])
+ key_cmd.extend(['-nocrypt'])
+ key_cmd.extend(['-out', pem_key])
+ subprocess.check_call(key_cmd)
+ else:
+ pem_key = self._key
cmd.extend(['--key', pem_key])
cmd.extend(['--cert', self._cert])
@@ -196,8 +202,13 @@
'input',
help='input file to be signed')
p.add_argument(
+ '--key-format',
+ choices=['pem', 'der'],
+ default='der',
+ help='format of the input key. Default is der')
+ p.add_argument(
'--key',
- help='PKCS#8 private key file in DER format')
+ help='PKCS#8 private key file')
p.add_argument(
'--cert',
help='x509 certificate file in PEM format')
@@ -227,5 +238,6 @@
raise ValueError("To generate signature, key and cert must be set")
generator.set_key(args.key)
generator.set_cert(args.cert)
+ generator.set_key_format(args.key_format)
generator.set_hash_alg(args.hash_alg)
generator.generate(args.input, args.output)