Merge "Remove LOCAL_PROGUARD_ENABLED := nosystem"
diff --git a/core/autogen_test_config.mk b/core/autogen_test_config.mk
index 9f3a2a6..c359bac 100644
--- a/core/autogen_test_config.mk
+++ b/core/autogen_test_config.mk
@@ -40,10 +40,14 @@
my_android_manifest := $(LOCAL_PATH)/$(LOCAL_MANIFEST_FILE)
endif
ifneq (,$(wildcard $(my_android_manifest)))
-$(autogen_test_config_file) : $(my_android_manifest) $(EMPTY_TEST_CONFIG) $(INSTRUMENTATION_TEST_CONFIG_TEMPLATE)
+$(autogen_test_config_file): PRIVATE_AUTOGEN_TEST_CONFIG_SCRIPT := $(AUTOGEN_TEST_CONFIG_SCRIPT)
+$(autogen_test_config_file): PRIVATE_TEST_CONFIG_ANDROID_MANIFEST := $(my_android_manifest)
+$(autogen_test_config_file): PRIVATE_EMPTY_TEST_CONFIG := $(EMPTY_TEST_CONFIG)
+$(autogen_test_config_file): PRIVATE_TEMPLATE := $(INSTRUMENTATION_TEST_CONFIG_TEMPLATE)
+$(autogen_test_config_file) : $(my_android_manifest) $(EMPTY_TEST_CONFIG) $(INSTRUMENTATION_TEST_CONFIG_TEMPLATE) $(AUTOGEN_TEST_CONFIG_SCRIPT)
@echo "Auto generating test config $(notdir $@)"
@rm -f $@
- $(hide) $(AUTOGEN_TEST_CONFIG_SCRIPT) $@ $^
+ $(hide) $(PRIVATE_AUTOGEN_TEST_CONFIG_SCRIPT) $@ $(PRIVATE_TEST_CONFIG_ANDROID_MANIFEST) $(PRIVATE_EMPTY_TEST_CONFIG) $(PRIVATE_TEMPLATE)
my_auto_generate_config := true
endif # ifeq (,$(wildcard $(my_android_manifest)))
endif # ifneq (true,$(is_native))
diff --git a/core/jacoco.mk b/core/jacoco.mk
index f51790d..6406df4 100644
--- a/core/jacoco.mk
+++ b/core/jacoco.mk
@@ -84,8 +84,8 @@
mkdir -p $(PRIVATE_INSTRUMENTED_PATH)
java -jar $(JACOCO_CLI_JAR) \
instrument \
- -quiet \
- -dest '$(PRIVATE_INSTRUMENTED_PATH)' \
+ --quiet \
+ --dest '$(PRIVATE_INSTRUMENTED_PATH)' \
$(PRIVATE_UNZIPPED_PATH)
touch $(PRIVATE_INSTRUMENTED_TIMESTAMP_PATH)
diff --git a/tools/releasetools/add_img_to_target_files.py b/tools/releasetools/add_img_to_target_files.py
index 8b55a45..9601d88 100755
--- a/tools/releasetools/add_img_to_target_files.py
+++ b/tools/releasetools/add_img_to_target_files.py
@@ -307,8 +307,7 @@
if OPTIONS.info_dict.get("userdata_img_with_data") == "true":
user_dir = os.path.join(OPTIONS.input_tmp, "DATA")
else:
- user_dir = tempfile.mkdtemp()
- OPTIONS.tempfiles.append(user_dir)
+ user_dir = common.MakeTempDir()
fstab = OPTIONS.info_dict["fstab"]
if fstab:
@@ -363,9 +362,7 @@
cmd = [avbtool, "make_vbmeta_image", "--output", img.name]
common.AppendAVBSigningArgs(cmd, "vbmeta")
- public_key_dir = tempfile.mkdtemp(prefix="avbpubkey-")
- OPTIONS.tempfiles.append(public_key_dir)
-
+ public_key_dir = common.MakeTempDir(prefix="avbpubkey-")
for partition, path in partitions.items():
assert partition in common.AVB_PARTITIONS, 'Unknown partition: %s' % (
partition,)
@@ -453,8 +450,7 @@
timestamp = (datetime.datetime(2009, 1, 1) - epoch).total_seconds()
image_props["timestamp"] = int(timestamp)
- user_dir = tempfile.mkdtemp()
- OPTIONS.tempfiles.append(user_dir)
+ user_dir = common.MakeTempDir()
fstab = OPTIONS.info_dict["fstab"]
if fstab:
diff --git a/tools/releasetools/blockimgdiff.py b/tools/releasetools/blockimgdiff.py
index 8f06b95..69750b2 100644
--- a/tools/releasetools/blockimgdiff.py
+++ b/tools/releasetools/blockimgdiff.py
@@ -237,15 +237,23 @@
class HeapItem(object):
def __init__(self, item):
self.item = item
- # Negate the score since python's heap is a min-heap and we want
- # the maximum score.
+ # Negate the score since python's heap is a min-heap and we want the
+ # maximum score.
self.score = -item.score
+
def clear(self):
self.item = None
+
def __bool__(self):
- return self.item is None
+ return self.item is not None
+
+ # Python 2 uses __nonzero__, while Python 3 uses __bool__.
+ __nonzero__ = __bool__
+
+ # The rest operations are generated by functools.total_ordering decorator.
def __eq__(self, other):
return self.score == other.score
+
def __le__(self, other):
return self.score <= other.score
diff --git a/tools/releasetools/build_image.py b/tools/releasetools/build_image.py
index 2a92d86..11a0055 100755
--- a/tools/releasetools/build_image.py
+++ b/tools/releasetools/build_image.py
@@ -323,7 +323,7 @@
signer_args = OPTIONS.verity_signer_args
# make a tempdir
- tempdir_name = tempfile.mkdtemp(suffix="_verity_images")
+ tempdir_name = common.MakeTempDir(suffix="_verity_images")
# get partial image paths
verity_image_path = os.path.join(tempdir_name, "verity.img")
@@ -332,7 +332,6 @@
# build the verity tree and get the root hash and salt
if not BuildVerityTree(out_file, verity_image_path, prop_dict):
- shutil.rmtree(tempdir_name, ignore_errors=True)
return False
# build the metadata blocks
@@ -342,7 +341,6 @@
if not BuildVerityMetadata(image_size, verity_metadata_path, root_hash, salt,
block_dev, signer_path, signer_key, signer_args,
verity_disable):
- shutil.rmtree(tempdir_name, ignore_errors=True)
return False
# build the full verified image
@@ -358,21 +356,16 @@
verity_fec_path,
padding_size,
fec_supported):
- shutil.rmtree(tempdir_name, ignore_errors=True)
return False
- shutil.rmtree(tempdir_name, ignore_errors=True)
return True
def ConvertBlockMapToBaseFs(block_map_file):
- fd, base_fs_file = tempfile.mkstemp(prefix="script_gen_",
- suffix=".base_fs")
- os.close(fd)
+ base_fs_file = common.MakeTempFile(prefix="script_gen_", suffix=".base_fs")
convert_command = ["blk_alloc_to_base_fs", block_map_file, base_fs_file]
(_, exit_code) = RunCommand(convert_command)
if exit_code != 0:
- os.remove(base_fs_file)
return None
return base_fs_file
@@ -426,17 +419,15 @@
# /system and the ramdisk, and can be mounted at the root of the file system.
origin_in = in_dir
fs_config = prop_dict.get("fs_config")
- base_fs_file = None
if (prop_dict.get("system_root_image") == "true"
and prop_dict["mount_point"] == "system"):
- in_dir = tempfile.mkdtemp()
+ in_dir = common.MakeTempDir()
# Change the mount point to "/"
prop_dict["mount_point"] = "/"
if fs_config:
# We need to merge the fs_config files of system and ramdisk.
- fd, merged_fs_config = tempfile.mkstemp(prefix="root_fs_config",
- suffix=".txt")
- os.close(fd)
+ merged_fs_config = common.MakeTempFile(prefix="root_fs_config",
+ suffix=".txt")
with open(merged_fs_config, "w") as fw:
if "ramdisk_fs_config" in prop_dict:
with open(prop_dict["ramdisk_fs_config"]) as fr:
@@ -577,19 +568,10 @@
shutil.copytree(origin_in, staging_system, symlinks=True)
ext4fs_output = None
- try:
- if fs_type.startswith("ext4"):
- (ext4fs_output, exit_code) = RunCommand(build_command)
- else:
- (_, exit_code) = RunCommand(build_command)
- finally:
- if in_dir != origin_in:
- # Clean up temporary directories and files.
- shutil.rmtree(in_dir, ignore_errors=True)
- if fs_config:
- os.remove(fs_config)
- if base_fs_file is not None:
- os.remove(base_fs_file)
+ if fs_type.startswith("ext4"):
+ (ext4fs_output, exit_code) = RunCommand(build_command)
+ else:
+ (_, exit_code) = RunCommand(build_command)
if exit_code != 0:
print("Error: '%s' failed with exit code %d" % (build_command, exit_code))
return False
@@ -808,15 +790,18 @@
mount_point = "oem"
else:
print >> sys.stderr, "error: unknown image file name ", image_filename
- exit(1)
+ sys.exit(1)
image_properties = ImagePropFromGlobalDict(glob_dict, mount_point)
if not BuildImage(in_dir, image_properties, out_file, target_out):
print >> sys.stderr, "error: failed to build %s from %s" % (out_file,
in_dir)
- exit(1)
+ sys.exit(1)
if __name__ == '__main__':
- main(sys.argv[1:])
+ try:
+ main(sys.argv[1:])
+ finally:
+ common.Cleanup()
diff --git a/tools/releasetools/common.py b/tools/releasetools/common.py
index 12e757d..03e808f 100644
--- a/tools/releasetools/common.py
+++ b/tools/releasetools/common.py
@@ -574,18 +574,16 @@
def UnzipTemp(filename, pattern=None):
- """Unzip the given archive into a temporary directory and return the name.
+ """Unzips the given archive into a temporary directory and returns the name.
- If filename is of the form "foo.zip+bar.zip", unzip foo.zip into a
- temp dir, then unzip bar.zip into that_dir/BOOTABLE_IMAGES.
+ If filename is of the form "foo.zip+bar.zip", unzip foo.zip into a temp dir,
+ then unzip bar.zip into that_dir/BOOTABLE_IMAGES.
- Returns (tempdir, zipobj) where zipobj is a zipfile.ZipFile (of the
- main file), open for reading.
+ Returns:
+ (tempdir, zipobj): tempdir is the name of the temprary directory; zipobj is
+ a zipfile.ZipFile (of the main file), open for reading.
"""
- tmp = tempfile.mkdtemp(prefix="targetfiles-")
- OPTIONS.tempfiles.append(tmp)
-
def unzip_to_dir(filename, dirname):
cmd = ["unzip", "-o", "-q", filename, "-d", dirname]
if pattern is not None:
@@ -596,6 +594,7 @@
raise ExternalError("failed to unzip input target-files \"%s\"" %
(filename,))
+ tmp = MakeTempDir(prefix="targetfiles-")
m = re.match(r"^(.*[.]zip)\+(.*[.]zip)$", filename, re.IGNORECASE)
if m:
unzip_to_dir(m.group(1), tmp)
@@ -955,12 +954,24 @@
return fn
+def MakeTempDir(prefix='tmp', suffix=''):
+ """Makes a temporary dir that will be cleaned up with a call to Cleanup().
+
+ Returns:
+ The absolute pathname of the new directory.
+ """
+ dir_name = tempfile.mkdtemp(suffix=suffix, prefix=prefix)
+ OPTIONS.tempfiles.append(dir_name)
+ return dir_name
+
+
def Cleanup():
for i in OPTIONS.tempfiles:
if os.path.isdir(i):
- shutil.rmtree(i)
+ shutil.rmtree(i, ignore_errors=True)
else:
os.remove(i)
+ del OPTIONS.tempfiles[:]
class PasswordManager(object):
diff --git a/tools/releasetools/sign_target_files_apks.py b/tools/releasetools/sign_target_files_apks.py
index 7bfc04b..7a1126c 100755
--- a/tools/releasetools/sign_target_files_apks.py
+++ b/tools/releasetools/sign_target_files_apks.py
@@ -90,14 +90,9 @@
the existing ones in info dict.
"""
-import sys
-
-if sys.hexversion < 0x02070000:
- print >> sys.stderr, "Python 2.7 or newer is required."
- sys.exit(1)
+from __future__ import print_function
import base64
-import cStringIO
import copy
import errno
import gzip
@@ -106,12 +101,19 @@
import shutil
import stat
import subprocess
+import sys
import tempfile
import zipfile
import add_img_to_target_files
import common
+
+if sys.hexversion < 0x02070000:
+ print("Python 2.7 or newer is required.", file=sys.stderr)
+ sys.exit(1)
+
+
OPTIONS = common.OPTIONS
OPTIONS.extra_apks = {}
@@ -126,6 +128,7 @@
OPTIONS.avb_algorithms = {}
OPTIONS.avb_extra_args = {}
+
def GetApkCerts(certmap):
# apply the key remapping to the contents of the file
for apk, cert in certmap.iteritems():
@@ -149,17 +152,18 @@
compressed_apk_extension = ".apk" + compressed_extension
for info in input_tf_zip.infolist():
if (info.filename.endswith(".apk") or
- (compressed_apk_extension and info.filename.endswith(compressed_apk_extension))):
+ (compressed_apk_extension and
+ info.filename.endswith(compressed_apk_extension))):
name = os.path.basename(info.filename)
if compressed_apk_extension and name.endswith(compressed_apk_extension):
name = name[:-len(compressed_extension)]
if name not in apk_key_map:
unknown_apks.append(name)
if unknown_apks:
- print "ERROR: no key specified for:\n\n ",
- print "\n ".join(unknown_apks)
- print "\nUse '-e <apkname>=' to specify a key (which may be an"
- print "empty string to not sign this apk)."
+ print("ERROR: no key specified for:\n")
+ print(" " + "\n ".join(unknown_apks))
+ print("\nUse '-e <apkname>=' to specify a key (which may be an empty "
+ "string to not sign this apk).")
sys.exit(1)
@@ -171,7 +175,8 @@
if is_compressed:
uncompressed = tempfile.NamedTemporaryFile()
- with gzip.open(unsigned.name, "rb") as in_file, open(uncompressed.name, "wb") as out_file:
+ with gzip.open(unsigned.name, "rb") as in_file, \
+ open(uncompressed.name, "wb") as out_file:
shutil.copyfileobj(in_file, out_file)
# Finally, close the "unsigned" file (which is gzip compressed), and then
@@ -203,14 +208,15 @@
min_api_level = 1
common.SignFile(unsigned.name, signed.name, keyname, pw,
- min_api_level=min_api_level,
- codename_to_api_level_map=codename_to_api_level_map)
+ min_api_level=min_api_level,
+ codename_to_api_level_map=codename_to_api_level_map)
- data = None;
+ data = None
if is_compressed:
# Recompress the file after it has been signed.
compressed = tempfile.NamedTemporaryFile()
- with open(signed.name, "rb") as in_file, gzip.open(compressed.name, "wb") as out_file:
+ with open(signed.name, "rb") as in_file, \
+ gzip.open(compressed.name, "wb") as out_file:
shutil.copyfileobj(in_file, out_file)
data = compressed.read()
@@ -233,10 +239,11 @@
if compressed_extension:
compressed_apk_extension = ".apk" + compressed_extension
- maxsize = max([len(os.path.basename(i.filename))
- for i in input_tf_zip.infolist()
- if i.filename.endswith('.apk') or
- (compressed_apk_extension and i.filename.endswith(compressed_apk_extension))])
+ maxsize = max(
+ [len(os.path.basename(i.filename)) for i in input_tf_zip.infolist()
+ if (i.filename.endswith('.apk') or
+ (compressed_apk_extension and
+ i.filename.endswith(compressed_apk_extension)))])
system_root_image = misc_info.get("system_root_image") == "true"
for info in input_tf_zip.infolist():
@@ -248,21 +255,23 @@
# Sign APKs.
if (info.filename.endswith(".apk") or
- (compressed_apk_extension and info.filename.endswith(compressed_apk_extension))):
- is_compressed = compressed_extension and info.filename.endswith(compressed_apk_extension)
+ (compressed_apk_extension and
+ info.filename.endswith(compressed_apk_extension))):
+ is_compressed = (compressed_extension and
+ info.filename.endswith(compressed_apk_extension))
name = os.path.basename(info.filename)
if is_compressed:
name = name[:-len(compressed_extension)]
key = apk_key_map[name]
if key not in common.SPECIAL_CERT_STRINGS:
- print " signing: %-*s (%s)" % (maxsize, name, key)
+ print(" signing: %-*s (%s)" % (maxsize, name, key))
signed_data = SignApk(data, key, key_passwords[key], platform_api_level,
- codename_to_api_level_map, is_compressed)
+ codename_to_api_level_map, is_compressed)
common.ZipWriteStr(output_tf_zip, out_info, signed_data)
else:
# an APK we're not supposed to sign.
- print "NOT signing: %s" % (name,)
+ print("NOT signing: %s" % (name,))
common.ZipWriteStr(output_tf_zip, out_info, data)
# System properties.
@@ -274,7 +283,7 @@
"ROOT/default.prop", # legacy
"RECOVERY/RAMDISK/prop.default",
"RECOVERY/RAMDISK/default.prop"): # legacy
- print "rewriting %s:" % (info.filename,)
+ print("Rewriting %s:" % (info.filename,))
if stat.S_ISLNK(info.external_attr >> 16):
new_data = data
else:
@@ -282,7 +291,7 @@
common.ZipWriteStr(output_tf_zip, out_info, new_data)
elif info.filename.endswith("mac_permissions.xml"):
- print "rewriting %s with new keys." % (info.filename,)
+ print("Rewriting %s with new keys." % (info.filename,))
new_data = ReplaceCerts(data)
common.ZipWriteStr(output_tf_zip, out_info, new_data)
@@ -333,10 +342,7 @@
ReplaceVerityPrivateKey(misc_info, OPTIONS.replace_verity_private_key[1])
if OPTIONS.replace_verity_public_key:
- if system_root_image:
- dest = "ROOT/verity_key"
- else:
- dest = "BOOT/RAMDISK/verity_key"
+ dest = "ROOT/verity_key" if system_root_image else "BOOT/RAMDISK/verity_key"
# We are replacing the one in boot image only, since the one under
# recovery won't ever be needed.
ReplaceVerityPublicKey(
@@ -361,7 +367,7 @@
for old, new in OPTIONS.key_map.iteritems():
try:
if OPTIONS.verbose:
- print " Replacing %s.x509.pem with %s.x509.pem" % (old, new)
+ print(" Replacing %s.x509.pem with %s.x509.pem" % (old, new))
f = open(old + ".x509.pem")
old_cert16 = base64.b16encode(common.ParseCertificate(f.read())).lower()
f.close()
@@ -369,17 +375,17 @@
new_cert16 = base64.b16encode(common.ParseCertificate(f.read())).lower()
f.close()
# Only match entire certs.
- pattern = "\\b"+old_cert16+"\\b"
+ pattern = "\\b" + old_cert16 + "\\b"
(data, num) = re.subn(pattern, new_cert16, data, flags=re.IGNORECASE)
if OPTIONS.verbose:
- print " Replaced %d occurence(s) of %s.x509.pem with " \
- "%s.x509.pem" % (num, old, new)
+ print(" Replaced %d occurence(s) of %s.x509.pem with "
+ "%s.x509.pem" % (num, old, new))
except IOError as e:
if e.errno == errno.ENOENT and not OPTIONS.verbose:
continue
- print " Error accessing %s. %s. Skip replacing %s.x509.pem " \
- "with %s.x509.pem." % (e.filename, e.strerror, old, new)
+ print(" Error accessing %s. %s. Skip replacing %s.x509.pem with "
+ "%s.x509.pem." % (e.filename, e.strerror, old, new))
return data
@@ -445,8 +451,8 @@
value = " ".join(value)
line = key + "=" + value
if line != original_line:
- print " replace: ", original_line
- print " with: ", line
+ print(" replace: ", original_line)
+ print(" with: ", line)
output.append(line)
return "\n".join(output) + "\n"
@@ -462,7 +468,7 @@
extra_recovery_keys = [OPTIONS.key_map.get(k, k) + ".x509.pem"
for k in extra_recovery_keys.split()]
if extra_recovery_keys:
- print "extra recovery-only key(s): " + ", ".join(extra_recovery_keys)
+ print("extra recovery-only key(s): " + ", ".join(extra_recovery_keys))
else:
extra_recovery_keys = []
@@ -476,8 +482,8 @@
mapped_keys.append(OPTIONS.key_map.get(k, k) + ".x509.pem")
if mapped_keys:
- print "using:\n ", "\n ".join(mapped_keys)
- print "for OTA package verification"
+ print("using:\n ", "\n ".join(mapped_keys))
+ print("for OTA package verification")
else:
devkey = misc_info.get("default_system_dev_certificate",
"build/target/product/security/testkey")
@@ -511,7 +517,11 @@
# put into a zipfile system/etc/security/otacerts.zip.
# We DO NOT include the extra_recovery_keys (if any) here.
- temp_file = cStringIO.StringIO()
+ try:
+ from StringIO import StringIO
+ except ImportError:
+ from io import StringIO
+ temp_file = StringIO()
certs_zip = zipfile.ZipFile(temp_file, "w")
for k in mapped_keys:
common.ZipWrite(certs_zip, k)
@@ -527,7 +537,7 @@
print("\n WARNING: Found more than one OTA keys; Using the first one"
" as payload verification key.\n\n")
- print "Using %s for payload verification." % (mapped_keys[0],)
+ print("Using %s for payload verification." % (mapped_keys[0],))
cmd = common.Run(
["openssl", "x509", "-pubkey", "-noout", "-in", mapped_keys[0]],
stdout=subprocess.PIPE)
@@ -544,41 +554,62 @@
return new_recovery_keys
-def ReplaceVerityPublicKey(targetfile_zip, filename, key_path):
- print "Replacing verity public key with %s" % (key_path,)
- common.ZipWrite(targetfile_zip, key_path, arcname=filename)
+def ReplaceVerityPublicKey(output_zip, filename, key_path):
+ """Replaces the verity public key at the given path in the given zip.
+
+ Args:
+ output_zip: The output target_files zip.
+ filename: The archive name in the output zip.
+ key_path: The path to the public key.
+ """
+ print("Replacing verity public key with %s" % (key_path,))
+ common.ZipWrite(output_zip, key_path, arcname=filename)
def ReplaceVerityPrivateKey(misc_info, key_path):
- print "Replacing verity private key with %s" % (key_path,)
+ """Replaces the verity private key in misc_info dict.
+
+ Args:
+ misc_info: The info dict.
+ key_path: The path to the private key in PKCS#8 format.
+ """
+ print("Replacing verity private key with %s" % (key_path,))
misc_info["verity_key"] = key_path
-def ReplaceVerityKeyId(targetfile_input_zip, targetfile_output_zip, keypath):
- in_cmdline = targetfile_input_zip.read("BOOT/cmdline")
- # copy in_cmdline to output_zip if veritykeyid is not present in in_cmdline
- if "veritykeyid" not in in_cmdline:
- common.ZipWriteStr(targetfile_output_zip, "BOOT/cmdline", in_cmdline)
- return in_cmdline
- out_cmdline = []
- for param in in_cmdline.split():
- if "veritykeyid" in param:
- # extract keyid using openssl command
- p = common.Run(
- ["openssl", "x509", "-in", keypath, "-text"],
- stdout=subprocess.PIPE)
- keyid, stderr = p.communicate()
- keyid = re.search(
- r'keyid:([0-9a-fA-F:]*)', keyid).group(1).replace(':', '').lower()
- print "Replacing verity keyid with %s error=%s" % (keyid, stderr)
- out_cmdline.append("veritykeyid=id:%s" % (keyid,))
- else:
- out_cmdline.append(param)
+def ReplaceVerityKeyId(input_zip, output_zip, key_path):
+ """Replaces the veritykeyid parameter in BOOT/cmdline.
- out_cmdline = ' '.join(out_cmdline)
- out_cmdline = out_cmdline.strip()
- print "out_cmdline %s" % (out_cmdline)
- common.ZipWriteStr(targetfile_output_zip, "BOOT/cmdline", out_cmdline)
+ Args:
+ input_zip: The input target_files zip, which should be already open.
+ output_zip: The output target_files zip, which should be already open and
+ writable.
+ key_path: The path to the PEM encoded X.509 certificate.
+ """
+ in_cmdline = input_zip.read("BOOT/cmdline")
+ # Copy in_cmdline to output_zip if veritykeyid is not present.
+ if "veritykeyid" not in in_cmdline:
+ common.ZipWriteStr(output_zip, "BOOT/cmdline", in_cmdline)
+ return
+
+ out_buffer = []
+ for param in in_cmdline.split():
+ if "veritykeyid" not in param:
+ out_buffer.append(param)
+ continue
+
+ # Extract keyid using openssl command.
+ p = common.Run(["openssl", "x509", "-in", key_path, "-text"],
+ stdout=subprocess.PIPE)
+ keyid, stderr = p.communicate()
+ assert p.returncode == 0, "Failed to dump certificate: {}".format(stderr)
+ keyid = re.search(
+ r'keyid:([0-9a-fA-F:]*)', keyid).group(1).replace(':', '').lower()
+ print("Replacing verity keyid with {}".format(keyid))
+ out_buffer.append("veritykeyid=id:%s" % (keyid,))
+
+ out_cmdline = ' '.join(out_buffer).strip() + '\n'
+ common.ZipWriteStr(output_zip, "BOOT/cmdline", out_cmdline)
def ReplaceMiscInfoTxt(input_zip, output_zip, misc_info):
@@ -600,12 +631,12 @@
"""Replaces the AVB signing keys."""
AVB_FOOTER_ARGS_BY_PARTITION = {
- 'boot' : 'avb_boot_add_hash_footer_args',
- 'dtbo' : 'avb_dtbo_add_hash_footer_args',
- 'recovery' : 'avb_recovery_add_hash_footer_args',
- 'system' : 'avb_system_add_hashtree_footer_args',
- 'vendor' : 'avb_vendor_add_hashtree_footer_args',
- 'vbmeta' : 'avb_vbmeta_args',
+ 'boot' : 'avb_boot_add_hash_footer_args',
+ 'dtbo' : 'avb_dtbo_add_hash_footer_args',
+ 'recovery' : 'avb_recovery_add_hash_footer_args',
+ 'system' : 'avb_system_add_hashtree_footer_args',
+ 'vendor' : 'avb_vendor_add_hashtree_footer_args',
+ 'vbmeta' : 'avb_vbmeta_args',
}
def ReplaceAvbPartitionSigningKey(partition):
@@ -616,15 +647,15 @@
algorithm = OPTIONS.avb_algorithms.get(partition)
assert algorithm, 'Missing AVB signing algorithm for %s' % (partition,)
- print 'Replacing AVB signing key for %s with "%s" (%s)' % (
- partition, key, algorithm)
+ print('Replacing AVB signing key for %s with "%s" (%s)' % (
+ partition, key, algorithm))
misc_info['avb_' + partition + '_algorithm'] = algorithm
misc_info['avb_' + partition + '_key_path'] = key
extra_args = OPTIONS.avb_extra_args.get(partition)
if extra_args:
- print 'Setting extra AVB signing args for %s to "%s"' % (
- partition, extra_args)
+ print('Setting extra AVB signing args for %s to "%s"' % (
+ partition, extra_args))
args_key = AVB_FOOTER_ARGS_BY_PARTITION[partition]
misc_info[args_key] = (misc_info.get(args_key, '') + ' ' + extra_args)
@@ -767,29 +798,29 @@
argv, __doc__,
extra_opts="e:d:k:ot:",
extra_long_opts=[
- "extra_apks=",
- "default_key_mappings=",
- "key_mapping=",
- "replace_ota_keys",
- "tag_changes=",
- "replace_verity_public_key=",
- "replace_verity_private_key=",
- "replace_verity_keyid=",
- "avb_vbmeta_algorithm=",
- "avb_vbmeta_key=",
- "avb_vbmeta_extra_args=",
- "avb_boot_algorithm=",
- "avb_boot_key=",
- "avb_boot_extra_args=",
- "avb_dtbo_algorithm=",
- "avb_dtbo_key=",
- "avb_dtbo_extra_args=",
- "avb_system_algorithm=",
- "avb_system_key=",
- "avb_system_extra_args=",
- "avb_vendor_algorithm=",
- "avb_vendor_key=",
- "avb_vendor_extra_args=",
+ "extra_apks=",
+ "default_key_mappings=",
+ "key_mapping=",
+ "replace_ota_keys",
+ "tag_changes=",
+ "replace_verity_public_key=",
+ "replace_verity_private_key=",
+ "replace_verity_keyid=",
+ "avb_vbmeta_algorithm=",
+ "avb_vbmeta_key=",
+ "avb_vbmeta_extra_args=",
+ "avb_boot_algorithm=",
+ "avb_boot_key=",
+ "avb_boot_extra_args=",
+ "avb_dtbo_algorithm=",
+ "avb_dtbo_key=",
+ "avb_dtbo_extra_args=",
+ "avb_system_algorithm=",
+ "avb_system_key=",
+ "avb_system_extra_args=",
+ "avb_vendor_algorithm=",
+ "avb_vendor_key=",
+ "avb_vendor_extra_args=",
],
extra_option_handler=option_handler)
@@ -832,16 +863,14 @@
new_args.append(args[1])
add_img_to_target_files.main(new_args)
- print "done."
+ print("done.")
if __name__ == '__main__':
try:
main(sys.argv[1:])
- except common.ExternalError, e:
- print
- print " ERROR: %s" % (e,)
- print
+ except common.ExternalError as e:
+ print("\n ERROR: %s\n" % (e,))
sys.exit(1)
finally:
common.Cleanup()
diff --git a/tools/releasetools/test_blockimgdiff.py b/tools/releasetools/test_blockimgdiff.py
index e5a3694..7084e21 100644
--- a/tools/releasetools/test_blockimgdiff.py
+++ b/tools/releasetools/test_blockimgdiff.py
@@ -16,12 +16,43 @@
from __future__ import print_function
-import common
import unittest
-from blockimgdiff import BlockImageDiff, EmptyImage, Transfer
+import common
+from blockimgdiff import BlockImageDiff, EmptyImage, HeapItem, Transfer
from rangelib import RangeSet
+
+class HealpItemTest(unittest.TestCase):
+
+ class Item(object):
+ def __init__(self, score):
+ self.score = score
+
+ def test_init(self):
+ item1 = HeapItem(self.Item(15))
+ item2 = HeapItem(self.Item(20))
+ item3 = HeapItem(self.Item(15))
+ self.assertTrue(item1)
+ self.assertTrue(item2)
+ self.assertTrue(item3)
+
+ self.assertNotEqual(item1, item2)
+ self.assertEqual(item1, item3)
+ # HeapItem uses negated scores.
+ self.assertGreater(item1, item2)
+ self.assertLessEqual(item1, item3)
+ self.assertTrue(item1 <= item3)
+ self.assertFalse(item2 >= item1)
+
+ def test_clear(self):
+ item = HeapItem(self.Item(15))
+ self.assertTrue(item)
+
+ item.clear()
+ self.assertFalse(item)
+
+
class BlockImageDiffTest(unittest.TestCase):
def test_GenerateDigraphOrder(self):
diff --git a/tools/releasetools/test_common.py b/tools/releasetools/test_common.py
index bb93937..ed454ca 100644
--- a/tools/releasetools/test_common.py
+++ b/tools/releasetools/test_common.py
@@ -14,12 +14,10 @@
# limitations under the License.
#
import os
-import shutil
import tempfile
import time
import unittest
import zipfile
-
from hashlib import sha1
import common
@@ -29,6 +27,7 @@
MiB = 1024 * KiB
GiB = 1024 * MiB
+
def get_2gb_string():
size = int(2 * GiB + 1)
block_size = 4 * KiB
@@ -355,17 +354,18 @@
class InstallRecoveryScriptFormatTest(unittest.TestCase):
- """Check the format of install-recovery.sh
+ """Checks the format of install-recovery.sh.
- Its format should match between common.py and validate_target_files.py."""
+ Its format should match between common.py and validate_target_files.py.
+ """
def setUp(self):
- self._tempdir = tempfile.mkdtemp()
+ self._tempdir = common.MakeTempDir()
# Create a dummy dict that contains the fstab info for boot&recovery.
self._info = {"fstab" : {}}
- dummy_fstab = \
- ["/dev/soc.0/by-name/boot /boot emmc defaults defaults",
- "/dev/soc.0/by-name/recovery /recovery emmc defaults defaults"]
+ dummy_fstab = [
+ "/dev/soc.0/by-name/boot /boot emmc defaults defaults",
+ "/dev/soc.0/by-name/recovery /recovery emmc defaults defaults"]
self._info["fstab"] = common.LoadRecoveryFSTab("\n".join, 2, dummy_fstab)
# Construct the gzipped recovery.img and boot.img
self.recovery_data = bytearray([
@@ -414,4 +414,4 @@
self._info)
def tearDown(self):
- shutil.rmtree(self._tempdir)
+ common.Cleanup()
diff --git a/tools/releasetools/test_sign_target_files_apks.py b/tools/releasetools/test_sign_target_files_apks.py
index 90afdc7..726d6b9 100644
--- a/tools/releasetools/test_sign_target_files_apks.py
+++ b/tools/releasetools/test_sign_target_files_apks.py
@@ -16,13 +16,22 @@
from __future__ import print_function
+import tempfile
import unittest
+import zipfile
-from sign_target_files_apks import EditTags, RewriteProps
+import common
+from sign_target_files_apks import EditTags, ReplaceVerityKeyId, RewriteProps
class SignTargetFilesApksTest(unittest.TestCase):
+ def setUp(self):
+ self.tempdir = common.MakeTempDir()
+
+ def tearDown(self):
+ common.Cleanup()
+
def test_EditTags(self):
self.assertEqual(EditTags('dev-keys'), ('release-keys'))
self.assertEqual(EditTags('test-keys'), ('release-keys'))
@@ -59,9 +68,132 @@
)
# Assert the case for each individual line.
- for input, output in props:
- self.assertEqual(RewriteProps(input), output)
+ for prop, output in props:
+ self.assertEqual(RewriteProps(prop), output)
# Concatenate all the input lines.
self.assertEqual(RewriteProps('\n'.join([prop[0] for prop in props])),
''.join([prop[1] for prop in props]))
+
+ def test_ReplaceVerityKeyId(self):
+ BOOT_CMDLINE1 = (
+ "console=ttyHSL0,115200,n8 androidboot.console=ttyHSL0 "
+ "androidboot.hardware=marlin user_debug=31 ehci-hcd.park=3 "
+ "lpm_levels.sleep_disabled=1 cma=32M@0-0xffffffff loop.max_part=7 "
+ "buildvariant=userdebug "
+ "veritykeyid=id:7e4333f9bba00adfe0ede979e28ed1920492b40f\n")
+
+ BOOT_CMDLINE2 = (
+ "console=ttyHSL0,115200,n8 androidboot.console=ttyHSL0 "
+ "androidboot.hardware=marlin user_debug=31 ehci-hcd.park=3 "
+ "lpm_levels.sleep_disabled=1 cma=32M@0-0xffffffff loop.max_part=7 "
+ "buildvariant=userdebug "
+ "veritykeyid=id:485900563d272c46ae118605a47419ac09ca8c11\n")
+
+ # From build/target/product/security/verity.x509.pem.
+ VERITY_CERTIFICATE1 = """-----BEGIN CERTIFICATE-----
+MIID/TCCAuWgAwIBAgIJAJcPmDkJqolJMA0GCSqGSIb3DQEBBQUAMIGUMQswCQYD
+VQQGEwJVUzETMBEGA1UECAwKQ2FsaWZvcm5pYTEWMBQGA1UEBwwNTW91bnRhaW4g
+VmlldzEQMA4GA1UECgwHQW5kcm9pZDEQMA4GA1UECwwHQW5kcm9pZDEQMA4GA1UE
+AwwHQW5kcm9pZDEiMCAGCSqGSIb3DQEJARYTYW5kcm9pZEBhbmRyb2lkLmNvbTAe
+Fw0xNDExMDYxOTA3NDBaFw00MjAzMjQxOTA3NDBaMIGUMQswCQYDVQQGEwJVUzET
+MBEGA1UECAwKQ2FsaWZvcm5pYTEWMBQGA1UEBwwNTW91bnRhaW4gVmlldzEQMA4G
+A1UECgwHQW5kcm9pZDEQMA4GA1UECwwHQW5kcm9pZDEQMA4GA1UEAwwHQW5kcm9p
+ZDEiMCAGCSqGSIb3DQEJARYTYW5kcm9pZEBhbmRyb2lkLmNvbTCCASIwDQYJKoZI
+hvcNAQEBBQADggEPADCCAQoCggEBAOjreE0vTVSRenuzO9vnaWfk0eQzYab0gqpi
+6xAzi6dmD+ugoEKJmbPiuE5Dwf21isZ9uhUUu0dQM46dK4ocKxMRrcnmGxydFn6o
+fs3ODJMXOkv2gKXL/FdbEPdDbxzdu8z3yk+W67udM/fW7WbaQ3DO0knu+izKak/3
+T41c5uoXmQ81UNtAzRGzGchNVXMmWuTGOkg6U+0I2Td7K8yvUMWhAWPPpKLtVH9r
+AL5TzjYNR92izdKcz3AjRsI3CTjtpiVABGeX0TcjRSuZB7K9EK56HV+OFNS6I1NP
+jdD7FIShyGlqqZdUOkAUZYanbpgeT5N7QL6uuqcGpoTOkalu6kkCAwEAAaNQME4w
+HQYDVR0OBBYEFH5DM/m7oArf4O3peeKO0ZIEkrQPMB8GA1UdIwQYMBaAFH5DM/m7
+oArf4O3peeKO0ZIEkrQPMAwGA1UdEwQFMAMBAf8wDQYJKoZIhvcNAQEFBQADggEB
+AHO3NSvDE5jFvMehGGtS8BnFYdFKRIglDMc4niWSzhzOVYRH4WajxdtBWc5fx0ix
+NF/+hVKVhP6AIOQa+++sk+HIi7RvioPPbhjcsVlZe7cUEGrLSSveGouQyc+j0+m6
+JF84kszIl5GGNMTnx0XRPO+g8t6h5LWfnVydgZfpGRRg+WHewk1U2HlvTjIceb0N
+dcoJ8WKJAFWdcuE7VIm4w+vF/DYX/A2Oyzr2+QRhmYSv1cusgAeC1tvH4ap+J1Lg
+UnOu5Kh/FqPLLSwNVQp4Bu7b9QFfqK8Moj84bj88NqRGZgDyqzuTrFxn6FW7dmyA
+yttuAJAEAymk1mipd9+zp38=
+-----END CERTIFICATE-----
+"""
+
+ # From build/target/product/security/testkey.x509.pem.
+ VERITY_CERTIFICATE2 = """-----BEGIN CERTIFICATE-----
+MIIEqDCCA5CgAwIBAgIJAJNurL4H8gHfMA0GCSqGSIb3DQEBBQUAMIGUMQswCQYD
+VQQGEwJVUzETMBEGA1UECBMKQ2FsaWZvcm5pYTEWMBQGA1UEBxMNTW91bnRhaW4g
+VmlldzEQMA4GA1UEChMHQW5kcm9pZDEQMA4GA1UECxMHQW5kcm9pZDEQMA4GA1UE
+AxMHQW5kcm9pZDEiMCAGCSqGSIb3DQEJARYTYW5kcm9pZEBhbmRyb2lkLmNvbTAe
+Fw0wODAyMjkwMTMzNDZaFw0zNTA3MTcwMTMzNDZaMIGUMQswCQYDVQQGEwJVUzET
+MBEGA1UECBMKQ2FsaWZvcm5pYTEWMBQGA1UEBxMNTW91bnRhaW4gVmlldzEQMA4G
+A1UEChMHQW5kcm9pZDEQMA4GA1UECxMHQW5kcm9pZDEQMA4GA1UEAxMHQW5kcm9p
+ZDEiMCAGCSqGSIb3DQEJARYTYW5kcm9pZEBhbmRyb2lkLmNvbTCCASAwDQYJKoZI
+hvcNAQEBBQADggENADCCAQgCggEBANaTGQTexgskse3HYuDZ2CU+Ps1s6x3i/waM
+qOi8qM1r03hupwqnbOYOuw+ZNVn/2T53qUPn6D1LZLjk/qLT5lbx4meoG7+yMLV4
+wgRDvkxyGLhG9SEVhvA4oU6Jwr44f46+z4/Kw9oe4zDJ6pPQp8PcSvNQIg1QCAcy
+4ICXF+5qBTNZ5qaU7Cyz8oSgpGbIepTYOzEJOmc3Li9kEsBubULxWBjf/gOBzAzU
+RNps3cO4JFgZSAGzJWQTT7/emMkod0jb9WdqVA2BVMi7yge54kdVMxHEa5r3b97s
+zI5p58ii0I54JiCUP5lyfTwE/nKZHZnfm644oLIXf6MdW2r+6R8CAQOjgfwwgfkw
+HQYDVR0OBBYEFEhZAFY9JyxGrhGGBaR0GawJyowRMIHJBgNVHSMEgcEwgb6AFEhZ
+AFY9JyxGrhGGBaR0GawJyowRoYGapIGXMIGUMQswCQYDVQQGEwJVUzETMBEGA1UE
+CBMKQ2FsaWZvcm5pYTEWMBQGA1UEBxMNTW91bnRhaW4gVmlldzEQMA4GA1UEChMH
+QW5kcm9pZDEQMA4GA1UECxMHQW5kcm9pZDEQMA4GA1UEAxMHQW5kcm9pZDEiMCAG
+CSqGSIb3DQEJARYTYW5kcm9pZEBhbmRyb2lkLmNvbYIJAJNurL4H8gHfMAwGA1Ud
+EwQFMAMBAf8wDQYJKoZIhvcNAQEFBQADggEBAHqvlozrUMRBBVEY0NqrrwFbinZa
+J6cVosK0TyIUFf/azgMJWr+kLfcHCHJsIGnlw27drgQAvilFLAhLwn62oX6snb4Y
+LCBOsVMR9FXYJLZW2+TcIkCRLXWG/oiVHQGo/rWuWkJgU134NDEFJCJGjDbiLCpe
++ZTWHdcwauTJ9pUbo8EvHRkU3cYfGmLaLfgn9gP+pWA7LFQNvXwBnDa6sppCccEX
+31I828XzgXpJ4O+mDL1/dBd+ek8ZPUP0IgdyZm5MTYPhvVqGCHzzTy3sIeJFymwr
+sBbmg2OAUNLEMO6nwmocSdN2ClirfxqCzJOLSDE4QyS9BAH6EhY6UFcOaE0=
+-----END CERTIFICATE-----
+"""
+
+ input_file = tempfile.NamedTemporaryFile(
+ delete=False, suffix='.zip', dir=self.tempdir)
+ with zipfile.ZipFile(input_file.name, 'w') as input_zip:
+ input_zip.writestr('BOOT/cmdline', BOOT_CMDLINE1)
+
+ # Test with the first certificate.
+ cert_file = tempfile.NamedTemporaryFile(
+ delete=False, suffix='.x509.pem', dir=self.tempdir)
+ cert_file.write(VERITY_CERTIFICATE1)
+ cert_file.close()
+
+ output_file = tempfile.NamedTemporaryFile(
+ delete=False, suffix='.zip', dir=self.tempdir)
+ with zipfile.ZipFile(input_file.name, 'r') as input_zip, \
+ zipfile.ZipFile(output_file.name, 'w') as output_zip:
+ ReplaceVerityKeyId(input_zip, output_zip, cert_file.name)
+
+ with zipfile.ZipFile(output_file.name) as output_zip:
+ self.assertEqual(BOOT_CMDLINE1, output_zip.read('BOOT/cmdline'))
+
+ # Test with the second certificate.
+ with open(cert_file.name, 'w') as cert_file_fp:
+ cert_file_fp.write(VERITY_CERTIFICATE2)
+
+ with zipfile.ZipFile(input_file.name, 'r') as input_zip, \
+ zipfile.ZipFile(output_file.name, 'w') as output_zip:
+ ReplaceVerityKeyId(input_zip, output_zip, cert_file.name)
+
+ with zipfile.ZipFile(output_file.name) as output_zip:
+ self.assertEqual(BOOT_CMDLINE2, output_zip.read('BOOT/cmdline'))
+
+ def test_ReplaceVerityKeyId_no_veritykeyid(self):
+ BOOT_CMDLINE = (
+ "console=ttyHSL0,115200,n8 androidboot.hardware=bullhead boot_cpus=0-5 "
+ "lpm_levels.sleep_disabled=1 msm_poweroff.download_mode=0 "
+ "loop.max_part=7\n")
+
+ input_file = tempfile.NamedTemporaryFile(
+ delete=False, suffix='.zip', dir=self.tempdir)
+ with zipfile.ZipFile(input_file.name, 'w') as input_zip:
+ input_zip.writestr('BOOT/cmdline', BOOT_CMDLINE)
+
+ output_file = tempfile.NamedTemporaryFile(
+ delete=False, suffix='.zip', dir=self.tempdir)
+ with zipfile.ZipFile(input_file.name, 'r') as input_zip, \
+ zipfile.ZipFile(output_file.name, 'w') as output_zip:
+ ReplaceVerityKeyId(input_zip, output_zip, None)
+
+ with zipfile.ZipFile(output_file.name) as output_zip:
+ self.assertEqual(BOOT_CMDLINE, output_zip.read('BOOT/cmdline'))