Merge "aconfig: generate full fakefeatureflagsimpl in prod mode" into main
diff --git a/core/config.mk b/core/config.mk
index 1343a4e..ac49cec 100644
--- a/core/config.mk
+++ b/core/config.mk
@@ -408,22 +408,6 @@
$(if $(findstring ro.config.low_ram=true,$(PRODUCT_ODM_PROPERTIES)),true,false)))))))))
endef
-# Get the board API level.
-board_api_level := $(PLATFORM_SDK_VERSION)
-ifdef BOARD_API_LEVEL
- board_api_level := $(BOARD_API_LEVEL)
-else ifdef BOARD_SHIPPING_API_LEVEL
- # Vendors with GRF must define BOARD_SHIPPING_API_LEVEL for the vendor API level.
- board_api_level := $(BOARD_SHIPPING_API_LEVEL)
-endif
-
-# Calculate the VSR vendor API level.
-vsr_vendor_api_level := $(board_api_level)
-
-ifdef PRODUCT_SHIPPING_API_LEVEL
- vsr_vendor_api_level := $(call math_min,$(PRODUCT_SHIPPING_API_LEVEL),$(board_api_level))
-endif
-
# Set TARGET_MAX_PAGE_SIZE_SUPPORTED.
# TARGET_MAX_PAGE_SIZE_SUPPORTED indicates the alignment of the ELF segments.
ifdef PRODUCT_MAX_PAGE_SIZE_SUPPORTED
@@ -435,7 +419,7 @@
# The default binary alignment for userspace is 4096.
TARGET_MAX_PAGE_SIZE_SUPPORTED := 4096
# When VSR vendor API level >= 34, binary alignment will be 65536.
- ifeq ($(call math_gt_or_eq,$(vsr_vendor_api_level),34),true)
+ ifeq ($(call math_gt_or_eq,$(VSR_VENDOR_API_LEVEL),34),true)
ifeq ($(TARGET_ARCH),arm64)
TARGET_MAX_PAGE_SIZE_SUPPORTED := 65536
endif
diff --git a/core/dex_preopt_odex_install.mk b/core/dex_preopt_odex_install.mk
index 288f81f..af6d921 100644
--- a/core/dex_preopt_odex_install.mk
+++ b/core/dex_preopt_odex_install.mk
@@ -468,8 +468,6 @@
rsync --checksum $(PRIVATE_STAGING) $@
my_dexpreopt_script := $(intermediates)/dexpreopt.sh
- my_dexpreopt_zip := $(intermediates)/dexpreopt.zip
- DEXPREOPT.$(LOCAL_MODULE).POST_INSTALLED_DEXPREOPT_ZIP := $(my_dexpreopt_zip)
.KATI_RESTAT: $(my_dexpreopt_script)
$(my_dexpreopt_script): PRIVATE_MODULE := $(LOCAL_MODULE)
$(my_dexpreopt_script): PRIVATE_GLOBAL_SOONG_CONFIG := $(DEX_PREOPT_SOONG_CONFIG_FOR_MAKE)
@@ -499,38 +497,67 @@
my_dexpreopt_deps += $(intermediates)/enforce_uses_libraries.status
endif
+ # We need to add all the installed files to ALL_MODULES.$(my_register_name).INSTALLED in order
+ # for the build system to properly track installed files. (for sbom, installclean, etc)
+ # We install all the files in a zip file generated at execution time, which means we have to guess
+ # what's going to be in that zip file before it's created. We then check at executation time that
+ # our guess is correct.
+ # _system_other corresponds to OdexOnSystemOtherByName() in soong.
+ # The other paths correspond to dexpreoptCommand()
+ _dexlocation := $(patsubst $(PRODUCT_OUT)/%,%,$(LOCAL_INSTALLED_MODULE))
+ _dexname := $(basename $(notdir $(_dexlocation)))
+ _system_other := $(strip $(if $(strip $(BOARD_USES_SYSTEM_OTHER_ODEX)), \
+ $(if $(strip $(SANITIZE_LITE)),, \
+ $(if $(filter $(_dexname),$(PRODUCT_DEXPREOPT_SPEED_APPS))$(filter $(_dexname),$(PRODUCT_SYSTEM_SERVER_APPS)),, \
+ $(if $(strip $(foreach myfilter,$(SYSTEM_OTHER_ODEX_FILTER),$(filter system/$(myfilter),$(_dexlocation)))), \
+ system_other/)))))
+ # _dexdir has a trailing /
+ _dexdir := $(_system_other)$(dir $(_dexlocation))
+ my_dexpreopt_zip_contents := $(sort \
+ $(foreach arch,$(my_dexpreopt_archs), \
+ $(_dexdir)oat/$(arch)/$(_dexname).odex \
+ $(_dexdir)oat/$(arch)/$(_dexname).vdex \
+ $(if $(filter false,$(LOCAL_DEX_PREOPT_APP_IMAGE)),, \
+ $(if $(my_process_profile)$(filter true,$(LOCAL_DEX_PREOPT_APP_IMAGE)), \
+ $(_dexdir)oat/$(arch)/$(_dexname).art))) \
+ $(if $(my_process_profile),$(_dexlocation).prof))
+ _dexlocation :=
+ _dexdir :=
+ _dexname :=
+ _system_other :=
+
+ my_dexpreopt_zip := $(intermediates)/dexpreopt.zip
+ DEXPREOPT.$(LOCAL_MODULE).POST_INSTALLED_DEXPREOPT_ZIP := $(my_dexpreopt_zip)
$(my_dexpreopt_zip): PRIVATE_MODULE := $(LOCAL_MODULE)
$(my_dexpreopt_zip): $(my_dexpreopt_deps)
$(my_dexpreopt_zip): | $(DEXPREOPT_GEN_DEPS)
$(my_dexpreopt_zip): .KATI_DEPFILE := $(my_dexpreopt_zip).d
$(my_dexpreopt_zip): PRIVATE_DEX := $(my_dex_jar)
$(my_dexpreopt_zip): PRIVATE_SCRIPT := $(my_dexpreopt_script)
+ $(my_dexpreopt_zip): PRIVATE_ZIP_CONTENTS := $(my_dexpreopt_zip_contents)
$(my_dexpreopt_zip): $(my_dexpreopt_script)
@echo "$(PRIVATE_MODULE) dexpreopt"
+ rm -f $@
+ echo -n > $@.contents
+ $(foreach f,$(PRIVATE_ZIP_CONTENTS),echo "$(f)" >> $@.contents$(newline))
bash $(PRIVATE_SCRIPT) $(PRIVATE_DEX) $@
+ if ! diff <(zipinfo -1 $@ | sort) $@.contents >&2; then \
+ echo "Contents of $@ did not match what make was expecting." >&2 && exit 1; \
+ fi
- ifdef LOCAL_POST_INSTALL_CMD
- # Add a shell command separator
- LOCAL_POST_INSTALL_CMD += &&
- endif
+ $(foreach installed_dex_file,$(my_dexpreopt_zip_contents),\
+ $(eval $(PRODUCT_OUT)/$(installed_dex_file): $(my_dexpreopt_zip) \
+$(newline) unzip -qoDD -d $(PRODUCT_OUT) $(my_dexpreopt_zip) $(installed_dex_file)))
- LOCAL_POST_INSTALL_CMD += \
- for i in $$(zipinfo -1 $(my_dexpreopt_zip)); \
- do mkdir -p $(PRODUCT_OUT)/$$(dirname $$i); \
- done && \
- ( unzip -qoDD -d $(PRODUCT_OUT) $(my_dexpreopt_zip) 2>&1 | grep -v "zipfile is empty"; exit $${PIPESTATUS[0]} ) || \
- ( code=$$?; if [ $$code -ne 0 -a $$code -ne 1 ]; then exit $$code; fi )
-
- $(LOCAL_INSTALLED_MODULE): PRIVATE_POST_INSTALL_CMD := $(LOCAL_POST_INSTALL_CMD)
- $(LOCAL_INSTALLED_MODULE): $(my_dexpreopt_zip)
-
- $(my_all_targets): $(my_dexpreopt_zip)
+ ALL_MODULES.$(my_register_name).INSTALLED += $(addprefix $(PRODUCT_OUT)/,$(my_dexpreopt_zip_contents))
my_dexpreopt_config :=
+ my_dexpreopt_config_for_postprocessing :=
+ my_dexpreopt_jar_copy :=
my_dexpreopt_product_packages :=
my_dexpreopt_script :=
my_dexpreopt_zip :=
- my_dexpreopt_config_for_postprocessing :=
+ my_dexpreopt_zip_contents :=
endif # LOCAL_DEX_PREOPT
endif # my_create_dexpreopt_config
diff --git a/core/product.mk b/core/product.mk
index b66f1e2..bf85c78 100644
--- a/core/product.mk
+++ b/core/product.mk
@@ -430,6 +430,9 @@
# specified we default to COW version 2 in update_engine for backwards compatibility
_product_single_value_vars += PRODUCT_VIRTUAL_AB_COW_VERSION
+# If set, determines whether the build system checks vendor seapp contexts violations.
+_product_single_value_vars += PRODUCT_CHECK_VENDOR_SEAPP_VIOLATIONS
+
_product_list_vars += PRODUCT_AFDO_PROFILES
.KATI_READONLY := _product_single_value_vars _product_list_vars
diff --git a/core/product_config.mk b/core/product_config.mk
index 3f9eb24..832d6ad 100644
--- a/core/product_config.mk
+++ b/core/product_config.mk
@@ -572,6 +572,32 @@
$(PRODUCT_ENFORCE_RRO_EXEMPTED_TARGETS))
endif
+# Get the board API level.
+board_api_level := $(PLATFORM_SDK_VERSION)
+ifdef BOARD_API_LEVEL
+ board_api_level := $(BOARD_API_LEVEL)
+else ifdef BOARD_SHIPPING_API_LEVEL
+ # Vendors with GRF must define BOARD_SHIPPING_API_LEVEL for the vendor API level.
+ board_api_level := $(BOARD_SHIPPING_API_LEVEL)
+endif
+
+# Calculate the VSR vendor API level.
+VSR_VENDOR_API_LEVEL := $(board_api_level)
+
+ifdef PRODUCT_SHIPPING_API_LEVEL
+ VSR_VENDOR_API_LEVEL := $(call math_min,$(PRODUCT_SHIPPING_API_LEVEL),$(board_api_level))
+endif
+.KATI_READONLY := VSR_VENDOR_API_LEVEL
+
+# Boolean variable determining if vendor seapp contexts is enforced
+CHECK_VENDOR_SEAPP_VIOLATIONS := false
+ifneq ($(call math_gt,$(VSR_VENDOR_API_LEVEL),34),)
+ CHECK_VENDOR_SEAPP_VIOLATIONS := true
+else ifneq ($(PRODUCT_CHECK_VENDOR_SEAPP_VIOLATIONS),)
+ CHECK_VENDOR_SEAPP_VIOLATIONS := $(PRODUCT_CHECK_VENDOR_SEAPP_VIOLATIONS)
+endif
+.KATI_READONLY := CHECK_VENDOR_SEAPP_VIOLATIONS
+
define product-overrides-config
$$(foreach rule,$$(PRODUCT_$(1)_OVERRIDES),\
$$(if $$(filter 2,$$(words $$(subst :,$$(space),$$(rule)))),,\
diff --git a/core/soong_config.mk b/core/soong_config.mk
index 26998ed..7d8092d 100644
--- a/core/soong_config.mk
+++ b/core/soong_config.mk
@@ -324,6 +324,8 @@
$(call add_json_bool, KeepVndk, $(filter true,$(KEEP_VNDK)))
+$(call add_json_bool, CheckVendorSeappViolations, $(filter true,$(CHECK_VENDOR_SEAPP_VIOLATIONS)))
+
$(call json_end)
$(file >$(SOONG_VARIABLES).tmp,$(json_contents))
diff --git a/tools/releasetools/Android.bp b/tools/releasetools/Android.bp
index c785c8e..bd347a1 100644
--- a/tools/releasetools/Android.bp
+++ b/tools/releasetools/Android.bp
@@ -165,6 +165,7 @@
"ota_utils_lib",
],
required: [
+ "apexd_host",
"brillo_update_payload",
"checkvintf",
"generate_gki_certificate",
@@ -643,6 +644,7 @@
},
},
required: [
+ "apexd_host",
"deapexer",
],
}