Merge "Remove support for stripping dex."
diff --git a/CleanSpec.mk b/CleanSpec.mk
index 4e06d80..8219afc 100644
--- a/CleanSpec.mk
+++ b/CleanSpec.mk
@@ -678,6 +678,9 @@
$(call add-clean-step, rm -rf $(PRODUCT_OUT)/system/apex)
+# Migrate preopt files to system_other for some devices
+$(call add-clean-step, rm -rf $(PRODUCT_OUT)/*/*app/*/oat)
+
# ************************************************
# NEWER CLEAN STEPS MUST BE AT THE END OF THE LIST
# ************************************************
diff --git a/core/Makefile b/core/Makefile
index 5c214d9..6bb94cb 100644
--- a/core/Makefile
+++ b/core/Makefile
@@ -3303,26 +3303,41 @@
# Appends os version and security patch level as a AVB property descriptor
BOARD_AVB_SYSTEM_ADD_HASHTREE_FOOTER_ARGS += \
+ --prop com.android.build.system.fingerprint:$(BUILD_FINGERPRINT_FROM_FILE) \
--prop com.android.build.system.os_version:$(PLATFORM_VERSION) \
--prop com.android.build.system.security_patch:$(PLATFORM_SECURITY_PATCH)
BOARD_AVB_PRODUCT_ADD_HASHTREE_FOOTER_ARGS += \
+ --prop com.android.build.product.fingerprint:$(BUILD_FINGERPRINT_FROM_FILE) \
--prop com.android.build.product.os_version:$(PLATFORM_VERSION) \
--prop com.android.build.product.security_patch:$(PLATFORM_SECURITY_PATCH)
BOARD_AVB_SYSTEM_EXT_ADD_HASHTREE_FOOTER_ARGS += \
+ --prop com.android.build.system_ext.fingerprint:$(BUILD_FINGERPRINT_FROM_FILE) \
--prop com.android.build.system_ext.os_version:$(PLATFORM_VERSION) \
--prop com.android.build.system_ext.security_patch:$(PLATFORM_SECURITY_PATCH)
BOARD_AVB_BOOT_ADD_HASH_FOOTER_ARGS += \
+ --prop com.android.build.boot.fingerprint:$(BUILD_FINGERPRINT_FROM_FILE) \
--prop com.android.build.boot.os_version:$(PLATFORM_VERSION)
+BOARD_AVB_VENDOR_BOOT_ADD_HASH_FOOTER_ARGS += \
+ --prop com.android.build.vendor_boot.fingerprint:$(BUILD_FINGERPRINT_FROM_FILE) \
+
+BOARD_AVB_RECOVERY_ADD_HASH_FOOTER_ARGS += \
+ --prop com.android.build.recovery.fingerprint:$(BUILD_FINGERPRINT_FROM_FILE)
+
BOARD_AVB_VENDOR_ADD_HASHTREE_FOOTER_ARGS += \
+ --prop com.android.build.vendor.fingerprint:$(BUILD_FINGERPRINT_FROM_FILE) \
--prop com.android.build.vendor.os_version:$(PLATFORM_VERSION)
BOARD_AVB_ODM_ADD_HASHTREE_FOOTER_ARGS += \
+ --prop com.android.build.odm.fingerprint:$(BUILD_FINGERPRINT_FROM_FILE) \
--prop com.android.build.odm.os_version:$(PLATFORM_VERSION)
+BOARD_AVB_DTBO_ADD_HASH_FOOTER_ARGS += \
+ --prop com.android.build.dtbo.fingerprint:$(BUILD_FINGERPRINT_FROM_FILE)
+
# The following vendor- and odm-specific images needs explicit SPL set per board.
ifdef BOOT_SECURITY_PATCH
BOARD_AVB_BOOT_ADD_HASH_FOOTER_ARGS += \
@@ -4226,10 +4241,6 @@
$(HOST_OUT_EXECUTABLES)/fs_config \
$(ADD_IMG_TO_TARGET_FILES) \
$(MAKE_RECOVERY_PATCH) \
- $(BUILT_ASSEMBLED_FRAMEWORK_MANIFEST) \
- $(BUILT_ASSEMBLED_VENDOR_MANIFEST) \
- $(BUILT_SYSTEM_MATRIX) \
- $(BUILT_VENDOR_MATRIX) \
$(BUILT_KERNEL_CONFIGS_FILE) \
$(BUILT_KERNEL_VERSION_FILE) \
| $(ACP)
@@ -4492,16 +4503,6 @@
$(hide) $(call fs_config,$(zip_root)/SYSTEM_OTHER,system/) > $(zip_root)/META/system_other_filesystem_config.txt
endif
@# Metadata for compatibility verification.
- $(hide) cp $(BUILT_SYSTEM_MATRIX) $(zip_root)/META/system_matrix.xml
-ifdef BUILT_ASSEMBLED_FRAMEWORK_MANIFEST
- $(hide) cp $(BUILT_ASSEMBLED_FRAMEWORK_MANIFEST) $(zip_root)/META/system_manifest.xml
-endif
-ifdef BUILT_ASSEMBLED_VENDOR_MANIFEST
- $(hide) cp $(BUILT_ASSEMBLED_VENDOR_MANIFEST) $(zip_root)/META/vendor_manifest.xml
-endif
-ifdef BUILT_VENDOR_MATRIX
- $(hide) cp $(BUILT_VENDOR_MATRIX) $(zip_root)/META/vendor_matrix.xml
-endif
ifdef BUILT_KERNEL_CONFIGS_FILE
$(hide) cp $(BUILT_KERNEL_CONFIGS_FILE) $(zip_root)/META/kernel_configs.txt
endif
@@ -5065,6 +5066,7 @@
$(target_notice_file_txt) \
$(tools_notice_file_txt) \
$(OUT_DOCS)/offline-sdk-timestamp \
+ $(SDK_METADATA_FILES) \
$(SYMBOLS_ZIP) \
$(COVERAGE_ZIP) \
$(APPCOMPAT_ZIP) \
diff --git a/core/binary.mk b/core/binary.mk
index d9763f9..51259b2 100644
--- a/core/binary.mk
+++ b/core/binary.mk
@@ -120,8 +120,6 @@
$(error $(LOCAL_PATH): LOCAL_SDK_VERSION cannot be used in host module)
endif
- my_cflags += -D__ANDROID_NDK__
-
# Make sure we've built the NDK.
my_additional_dependencies += $(SOONG_OUT_DIR)/ndk_base.timestamp
diff --git a/core/board_config.mk b/core/board_config.mk
index 9ecca58..4c128f1 100644
--- a/core/board_config.mk
+++ b/core/board_config.mk
@@ -87,6 +87,7 @@
_build_broken_var_list := \
BUILD_BROKEN_DUP_RULES \
BUILD_BROKEN_PREBUILT_ELF_FILES \
+ BUILD_BROKEN_TREBLE_SYSPROP_NEVERALLOW \
BUILD_BROKEN_USES_NETWORK \
_build_broken_var_list += \
diff --git a/core/clear_vars.mk b/core/clear_vars.mk
index e130257..4818c01 100644
--- a/core/clear_vars.mk
+++ b/core/clear_vars.mk
@@ -73,6 +73,7 @@
LOCAL_DROIDDOC_DOC_ZIP :=
LOCAL_DROIDDOC_JDIFF_DOC_ZIP :=
LOCAL_DROIDDOC_HTML_DIR:=
+LOCAL_DROIDDOC_METADATA_ZIP:=
LOCAL_DROIDDOC_OPTIONS:=
LOCAL_DROIDDOC_SOURCE_PATH:=
LOCAL_DROIDDOC_STUB_OUT_DIR:=
diff --git a/core/config.mk b/core/config.mk
index 49b9329..241ac8d 100644
--- a/core/config.mk
+++ b/core/config.mk
@@ -630,9 +630,11 @@
USE_OPENJDK9 := true
ifeq ($(EXPERIMENTAL_JAVA_LANGUAGE_LEVEL_9),)
-TARGET_OPENJDK9 :=
+TARGET_OPENJDK9 := true
else ifeq ($(EXPERIMENTAL_JAVA_LANGUAGE_LEVEL_9),true)
TARGET_OPENJDK9 := true
+else ifeq ($(EXPERIMENTAL_JAVA_LANGUAGE_LEVEL_9),false)
+TARGET_OPENJDK9 :=
endif
# Path to tools.jar
diff --git a/core/definitions.mk b/core/definitions.mk
index 7450d4f..a8bf4d5 100644
--- a/core/definitions.mk
+++ b/core/definitions.mk
@@ -2279,7 +2279,7 @@
# Align STORED entries of a package on 4-byte boundaries to make them easier to mmap.
#
define align-package
-$(hide) if ! $(ZIPALIGN) -c $(ZIPALIGN_PAGE_ALIGN_FLAGS) 4 $@ >/dev/null ; then \
+$(hide) if ! $(ZIPALIGN) -c -p 4 $@ >/dev/null ; then \
mv $@ $@.unaligned; \
$(ZIPALIGN) \
-f \
diff --git a/core/dex_preopt_config.mk b/core/dex_preopt_config.mk
index d03be86..3875815 100644
--- a/core/dex_preopt_config.mk
+++ b/core/dex_preopt_config.mk
@@ -4,7 +4,8 @@
DEX_PREOPT_DEFAULT ?= true
# The default filter for which files go into the system_other image (if it is
-# being used). To bundle everything one should set this to '%'
+# being used). Note that each pattern p here matches both '/<p>' and /system/<p>'.
+# To bundle everything one should set this to '%'.
SYSTEM_OTHER_ODEX_FILTER ?= \
app/% \
priv-app/% \
diff --git a/core/main.mk b/core/main.mk
index e9d4390..29c5a4c 100644
--- a/core/main.mk
+++ b/core/main.mk
@@ -220,6 +220,9 @@
ADDITIONAL_BUILD_PROPERTIES += persist.debug.dalvik.vm.core_platform_api_policy=just-warn
endif
+# Define ro.sanitize.<name> properties for all global sanitizers.
+ADDITIONAL_BUILD_PROPERTIES += $(foreach s,$(SANITIZE_TARGET),ro.sanitize.$(s)=true)
+
# Sets the default value of ro.postinstall.fstab.prefix to /system.
# Device board config should override the value to /product when needed by:
#
@@ -1138,6 +1141,7 @@
libdt_socket.so \
libicui18n.so \
libicuuc.so \
+ libicu_jni.so \
libjavacore.so \
libjdwp.so \
libm.so \
diff --git a/core/soong_droiddoc_prebuilt.mk b/core/soong_droiddoc_prebuilt.mk
index bf1f10b..c0467df 100644
--- a/core/soong_droiddoc_prebuilt.mk
+++ b/core/soong_droiddoc_prebuilt.mk
@@ -38,3 +38,7 @@
.PHONY: $(LOCAL_MODULE) $(LOCAL_MODULE)-jdiff
$(LOCAL_MODULE) $(LOCAL_MODULE)-jdiff : $(OUT_DOCS)/$(LOCAL_MODULE)-jdiff-docs.zip
endif
+
+ifdef LOCAL_DROIDDOC_METADATA_ZIP
+$(eval $(call copy-one-file,$(LOCAL_DROIDDOC_METADATA_ZIP),$(TARGET_OUT_COMMON_INTERMEDIATES)/PACKAGING/$(LOCAL_MODULE)-metadata.zip))
+endif
diff --git a/core/android_vts_host_config.mk b/core/suite_host_config.mk
similarity index 89%
rename from core/android_vts_host_config.mk
rename to core/suite_host_config.mk
index 38ba19d..d575c5b 100644
--- a/core/android_vts_host_config.mk
+++ b/core/suite_host_config.mk
@@ -16,11 +16,9 @@
LOCAL_MODULE_CLASS := FAKE
LOCAL_IS_HOST_MODULE := true
-LOCAL_COMPATIBILITY_SUITE := vts
include $(BUILD_SYSTEM)/base_rules.mk
$(LOCAL_BUILT_MODULE):
- @echo "VTS host-driven test target: $(PRIVATE_MODULE)"
+ @echo "$(LOCAL_COMPATIBILITY_SUITE) host-driven test target: $(PRIVATE_MODULE)"
$(hide) touch $@
-
diff --git a/target/product/base_system.mk b/target/product/base_system.mk
index f49218a..7cc3270 100644
--- a/target/product/base_system.mk
+++ b/target/product/base_system.mk
@@ -364,6 +364,7 @@
logpersist.start \
logtagd.rc \
procrank \
+ remount \
showmap \
sqlite3 \
ss \
diff --git a/target/product/gsi/current.txt b/target/product/gsi/current.txt
index 3e44349..8fed53c 100644
--- a/target/product/gsi/current.txt
+++ b/target/product/gsi/current.txt
@@ -137,6 +137,7 @@
VNDK-core: android.hardware.neuralnetworks@1.0.so
VNDK-core: android.hardware.neuralnetworks@1.1.so
VNDK-core: android.hardware.neuralnetworks@1.2.so
+VNDK-core: android.hardware.neuralnetworks@1.3.so
VNDK-core: android.hardware.nfc@1.0.so
VNDK-core: android.hardware.nfc@1.1.so
VNDK-core: android.hardware.nfc@1.2.so
diff --git a/target/product/mainline_system.mk b/target/product/mainline_system.mk
index b8f2838..cd6a0f7 100644
--- a/target/product/mainline_system.mk
+++ b/target/product/mainline_system.mk
@@ -64,8 +64,8 @@
# For ringtones that rely on forward lock encryption
PRODUCT_PACKAGES += libfwdlockengine
-# System libraries commonly depended on by things on the product partition.
-# This list will be pruned periodically.
+# System libraries commonly depended on by things on the system_ext or product partitions.
+# These lists will be pruned periodically.
PRODUCT_PACKAGES += \
android.hardware.biometrics.fingerprint@2.1 \
android.hardware.radio@1.0 \
@@ -78,6 +78,7 @@
android.hardware.secure_element@1.0 \
android.hardware.wifi@1.0 \
libaudio-resampler \
+ libaudiohal \
libdrm \
liblogwrap \
liblz4 \
@@ -85,6 +86,13 @@
libnl \
libprotobuf-cpp-full \
+# These libraries are empty and have been combined into libhidlbase, but are still depended
+# on by things off /system.
+# TODO(b/135686713): remove these
+PRODUCT_PACKAGES += \
+ libhidltransport \
+ libhwbinder \
+
# Camera service uses 'libdepthphoto' for adding dynamic depth
# metadata inside depth jpegs.
PRODUCT_PACKAGES += \
diff --git a/target/product/security/Android.mk b/target/product/security/Android.mk
index 3631cfd..d6a8b53 100644
--- a/target/product/security/Android.mk
+++ b/target/product/security/Android.mk
@@ -80,30 +80,3 @@
$(extra_recovery_keys)
$(SOONG_ZIP) -o $@ -j \
$(foreach key_file, $(PRIVATE_CERT) $(PRIVATE_EXTRA_RECOVERY_KEYS), -f $(key_file))
-
-
-#######################################
-# update_engine_payload_key, used by update_engine. We use the same key as otacerts but in RSA
-# public key format.
-include $(CLEAR_VARS)
-
-LOCAL_MODULE := update_engine_payload_key
-LOCAL_MODULE_CLASS := ETC
-LOCAL_MODULE_STEM := update-payload-key.pub.pem
-LOCAL_MODULE_PATH := $(TARGET_OUT_ETC)/update_engine
-include $(BUILD_SYSTEM)/base_rules.mk
-$(LOCAL_BUILT_MODULE): $(DEFAULT_SYSTEM_DEV_CERTIFICATE).x509.pem
- openssl x509 -pubkey -noout -in $< > $@
-
-
-#######################################
-# update_engine_payload_key for recovery image, used by update_engine.
-include $(CLEAR_VARS)
-
-LOCAL_MODULE := update_engine_payload_key.recovery
-LOCAL_MODULE_CLASS := ETC
-LOCAL_MODULE_STEM := update-payload-key.pub.pem
-LOCAL_MODULE_PATH := $(TARGET_RECOVERY_ROOT_OUT)/system/etc/update_engine
-include $(BUILD_SYSTEM)/base_rules.mk
-$(LOCAL_BUILT_MODULE): $(DEFAULT_SYSTEM_DEV_CERTIFICATE).x509.pem
- openssl x509 -pubkey -noout -in $< > $@
diff --git a/tools/releasetools/common.py b/tools/releasetools/common.py
index b7a7f37..031db1d 100644
--- a/tools/releasetools/common.py
+++ b/tools/releasetools/common.py
@@ -47,22 +47,23 @@
class Options(object):
+
def __init__(self):
- base_out_path = os.getenv('OUT_DIR_COMMON_BASE')
- if base_out_path is None:
- base_search_path = "out"
- else:
- base_search_path = os.path.join(base_out_path,
- os.path.basename(os.getcwd()))
+ # Set up search path, in order to find framework/ and lib64/. At the time of
+ # running this function, user-supplied search path (`--path`) hasn't been
+ # available. So the value set here is the default, which might be overridden
+ # by commandline flag later.
+ exec_path = sys.argv[0]
+ if exec_path.endswith('.py'):
+ script_name = os.path.basename(exec_path)
+ # logger hasn't been initialized yet at this point. Use print to output
+ # warnings.
+ print(
+ 'Warning: releasetools script should be invoked as hermetic Python '
+ 'executable -- build and run `{}` directly.'.format(script_name[:-3]),
+ file=sys.stderr)
+ self.search_path = os.path.realpath(os.path.join(exec_path, '..'))
- # Python >= 3.3 returns 'linux', whereas Python 2.7 gives 'linux2'.
- platform_search_path = {
- "linux": os.path.join(base_search_path, "host/linux-x86"),
- "linux2": os.path.join(base_search_path, "host/linux-x86"),
- "darwin": os.path.join(base_search_path, "host/darwin-x86"),
- }
-
- self.search_path = platform_search_path.get(sys.platform)
self.signapk_path = "framework/signapk.jar" # Relative to search_path
self.signapk_shared_library_path = "lib64" # Relative to search_path
self.extra_signapk_args = []
@@ -881,7 +882,7 @@
# boot chain, to be verified with AVB_SLOT_VERIFY_FLAGS_NO_VBMETA_PARTITION.
# See details at
# https://android.googlesource.com/platform/external/avb/+/master/README.md#booting-into-recovery.
- if OPTIONS.info_dict.get("ab_update") != "true" and partition == "recovery":
+ if info_dict.get("ab_update") != "true" and partition == "recovery":
return []
# Otherwise chain the partition into vbmeta.
diff --git a/tools/releasetools/ota_from_target_files.py b/tools/releasetools/ota_from_target_files.py
index 1e7bb3a..dfcfb49 100755
--- a/tools/releasetools/ota_from_target_files.py
+++ b/tools/releasetools/ota_from_target_files.py
@@ -171,8 +171,16 @@
--payload_signer_args <args>
Specify the arguments needed for payload signer.
+ --payload_signer_maximum_signature_size <signature_size>
+ The maximum signature size (in bytes) that would be generated by the given
+ payload signer. Only meaningful when custom payload signer is specified
+ via '--payload_signer'.
+ If the signer uses a RSA key, this should be the number of bytes to
+ represent the modulus. If it uses an EC key, this is the size of a
+ DER-encoded ECDSA signature.
+
--payload_signer_key_size <key_size>
- Specify the key size in bytes of the payload signer.
+ Deprecated. Use the '--payload_signer_maximum_signature_size' instead.
--skip_postinstall
Skip the postinstall hooks when generating an A/B OTA package (default:
@@ -231,7 +239,7 @@
OPTIONS.log_diff = None
OPTIONS.payload_signer = None
OPTIONS.payload_signer_args = []
-OPTIONS.payload_signer_key_size = None
+OPTIONS.payload_signer_maximum_signature_size = None
OPTIONS.extracted_input = None
OPTIONS.key_passwords = []
OPTIONS.skip_postinstall = False
@@ -288,35 +296,31 @@
self.signer = "openssl"
self.signer_args = ["pkeyutl", "-sign", "-inkey", signing_key,
"-pkeyopt", "digest:sha256"]
- self.key_size = self._GetKeySizeInBytes(signing_key)
+ self.maximum_signature_size = self._GetMaximumSignatureSizeInBytes(
+ signing_key)
else:
self.signer = OPTIONS.payload_signer
self.signer_args = OPTIONS.payload_signer_args
- if OPTIONS.payload_signer_key_size:
- self.key_size = int(OPTIONS.payload_signer_key_size)
- assert self.key_size == 256 or self.key_size == 512, \
- "Unsupported key size {}".format(OPTIONS.payload_signer_key_size)
+ if OPTIONS.payload_signer_maximum_signature_size:
+ self.maximum_signature_size = int(
+ OPTIONS.payload_signer_maximum_signature_size)
else:
- self.key_size = 256
+ # The legacy config uses RSA2048 keys.
+ logger.warning("The maximum signature size for payload signer is not"
+ " set, default to 256 bytes.")
+ self.maximum_signature_size = 256
@staticmethod
- def _GetKeySizeInBytes(signing_key):
- modulus_file = common.MakeTempFile(prefix="modulus-")
- cmd = ["openssl", "rsa", "-inform", "PEM", "-in", signing_key, "-modulus",
- "-noout", "-out", modulus_file]
- common.RunAndCheckOutput(cmd, verbose=False)
-
- with open(modulus_file) as f:
- modulus_string = f.read()
- # The modulus string has the format "Modulus=$data", where $data is the
- # concatenation of hex dump of the modulus.
- MODULUS_PREFIX = "Modulus="
- assert modulus_string.startswith(MODULUS_PREFIX)
- modulus_string = modulus_string[len(MODULUS_PREFIX):]
- key_size = len(modulus_string) // 2
- assert key_size == 256 or key_size == 512, \
- "Unsupported key size {}".format(key_size)
- return key_size
+ def _GetMaximumSignatureSizeInBytes(signing_key):
+ out_signature_size_file = common.MakeTempFile("signature_size")
+ cmd = ["delta_generator", "--out_maximum_signature_size_file={}".format(
+ out_signature_size_file), "--private_key={}".format(signing_key)]
+ common.RunAndCheckOutput(cmd)
+ with open(out_signature_size_file) as f:
+ signature_size = f.read().rstrip()
+ logger.info("% outputs the maximum signature size: %", cmd[0],
+ signature_size)
+ return int(signature_size)
def Sign(self, in_file):
"""Signs the given input file. Returns the output filename."""
@@ -396,7 +400,7 @@
metadata_sig_file = common.MakeTempFile(prefix="sig-", suffix=".bin")
cmd = ["brillo_update_payload", "hash",
"--unsigned_payload", self.payload_file,
- "--signature_size", str(payload_signer.key_size),
+ "--signature_size", str(payload_signer.maximum_signature_size),
"--metadata_hash_file", metadata_sig_file,
"--payload_hash_file", payload_sig_file]
self._Run(cmd)
@@ -411,7 +415,7 @@
cmd = ["brillo_update_payload", "sign",
"--unsigned_payload", self.payload_file,
"--payload", signed_payload_file,
- "--signature_size", str(payload_signer.key_size),
+ "--signature_size", str(payload_signer.maximum_signature_size),
"--metadata_signature_file", signed_metadata_sig_file,
"--payload_signature_file", signed_payload_sig_file]
self._Run(cmd)
@@ -2005,8 +2009,13 @@
OPTIONS.payload_signer = a
elif o == "--payload_signer_args":
OPTIONS.payload_signer_args = shlex.split(a)
+ elif o == "--payload_signer_maximum_signature_size":
+ OPTIONS.payload_signer_maximum_signature_size = a
elif o == "--payload_signer_key_size":
- OPTIONS.payload_signer_key_size = a
+ # TODO(Xunchang) remove this option after cleaning up the callers.
+ logger.warning("The option '--payload_signer_key_size' is deprecated."
+ " Use '--payload_signer_maximum_signature_size' instead.")
+ OPTIONS.payload_signer_maximum_signature_size = a
elif o == "--extracted_input_target_files":
OPTIONS.extracted_input = a
elif o == "--skip_postinstall":
@@ -2047,6 +2056,7 @@
"log_diff=",
"payload_signer=",
"payload_signer_args=",
+ "payload_signer_maximum_signature_size=",
"payload_signer_key_size=",
"extracted_input_target_files=",
"skip_postinstall",
diff --git a/tools/releasetools/sign_target_files_apks.py b/tools/releasetools/sign_target_files_apks.py
index 710147b..0f4f1da 100755
--- a/tools/releasetools/sign_target_files_apks.py
+++ b/tools/releasetools/sign_target_files_apks.py
@@ -153,6 +153,20 @@
OPTIONS.avb_extra_args = {}
+AVB_FOOTER_ARGS_BY_PARTITION = {
+ 'boot' : 'avb_boot_add_hash_footer_args',
+ 'dtbo' : 'avb_dtbo_add_hash_footer_args',
+ 'recovery' : 'avb_recovery_add_hash_footer_args',
+ 'system' : 'avb_system_add_hashtree_footer_args',
+ 'system_other' : 'avb_system_other_add_hashtree_footer_args',
+ 'vendor' : 'avb_vendor_add_hashtree_footer_args',
+ 'vendor_boot' : 'avb_vendor_boot_add_hash_footer_args',
+ 'vbmeta' : 'avb_vbmeta_args',
+ 'vbmeta_system' : 'avb_vbmeta_system_args',
+ 'vbmeta_vendor' : 'avb_vbmeta_vendor_args',
+}
+
+
def GetApkCerts(certmap):
# apply the key remapping to the contents of the file
for apk, cert in certmap.items():
@@ -543,14 +557,13 @@
OPTIONS.rebuild_recovery = True
# Don't copy OTA certs if we're replacing them.
+ # Replacement of update-payload-key.pub.pem was removed in b/116660991.
elif (
OPTIONS.replace_ota_keys and
filename in (
"BOOT/RAMDISK/system/etc/security/otacerts.zip",
- "BOOT/RAMDISK/system/etc/update_engine/update-payload-key.pub.pem",
"RECOVERY/RAMDISK/system/etc/security/otacerts.zip",
- "SYSTEM/etc/security/otacerts.zip",
- "SYSTEM/etc/update_engine/update-payload-key.pub.pem")):
+ "SYSTEM/etc/security/otacerts.zip")):
pass
# Skip META/misc_info.txt since we will write back the new values later.
@@ -622,6 +635,10 @@
# Replace the AVB signing keys, if any.
ReplaceAvbSigningKeys(misc_info)
+ # Rewrite the props in AVB signing args.
+ if misc_info.get('avb_enable') == 'true':
+ RewriteAvbProps(misc_info)
+
# Write back misc_info with the latest values.
ReplaceMiscInfoTxt(input_tf_zip, output_tf_zip, misc_info)
@@ -814,24 +831,6 @@
# We DO NOT include the extra_recovery_keys (if any) here.
WriteOtacerts(output_tf_zip, "SYSTEM/etc/security/otacerts.zip", mapped_keys)
- # For A/B devices, update the payload verification key.
- if misc_info.get("ab_update") == "true":
- # Unlike otacerts.zip that may contain multiple keys, we can only specify
- # ONE payload verification key.
- if len(mapped_keys) > 1:
- print("\n WARNING: Found more than one OTA keys; Using the first one"
- " as payload verification key.\n\n")
-
- print("Using %s for payload verification." % (mapped_keys[0],))
- pubkey = common.ExtractPublicKey(mapped_keys[0])
- common.ZipWriteStr(
- output_tf_zip,
- "SYSTEM/etc/update_engine/update-payload-key.pub.pem",
- pubkey)
- common.ZipWriteStr(
- output_tf_zip,
- "BOOT/RAMDISK/system/etc/update_engine/update-payload-key.pub.pem",
- pubkey)
def ReplaceVerityPublicKey(output_zip, filename, key_path):
@@ -910,18 +909,6 @@
def ReplaceAvbSigningKeys(misc_info):
"""Replaces the AVB signing keys."""
- AVB_FOOTER_ARGS_BY_PARTITION = {
- 'boot' : 'avb_boot_add_hash_footer_args',
- 'dtbo' : 'avb_dtbo_add_hash_footer_args',
- 'recovery' : 'avb_recovery_add_hash_footer_args',
- 'system' : 'avb_system_add_hashtree_footer_args',
- 'system_other' : 'avb_system_other_add_hashtree_footer_args',
- 'vendor' : 'avb_vendor_add_hashtree_footer_args',
- 'vbmeta' : 'avb_vbmeta_args',
- 'vbmeta_system' : 'avb_vbmeta_system_args',
- 'vbmeta_vendor' : 'avb_vbmeta_vendor_args',
- }
-
def ReplaceAvbPartitionSigningKey(partition):
key = OPTIONS.avb_keys.get(partition)
if not key:
@@ -946,6 +933,32 @@
ReplaceAvbPartitionSigningKey(partition)
+def RewriteAvbProps(misc_info):
+ """Rewrites the props in AVB signing args."""
+ for partition, args_key in AVB_FOOTER_ARGS_BY_PARTITION.items():
+ args = misc_info.get(args_key)
+ if not args:
+ continue
+
+ tokens = []
+ changed = False
+ for token in args.split(' '):
+ fingerprint_key = 'com.android.build.{}.fingerprint'.format(partition)
+ if not token.startswith(fingerprint_key):
+ tokens.append(token)
+ continue
+ prefix, tag = token.rsplit('/', 1)
+ tokens.append('{}/{}'.format(prefix, EditTags(tag)))
+ changed = True
+
+ if changed:
+ result = ' '.join(tokens)
+ print('Rewriting AVB prop for {}:\n'.format(partition))
+ print(' replace: {}'.format(args))
+ print(' with: {}'.format(result))
+ misc_info[args_key] = result
+
+
def BuildKeyMap(misc_info, key_mapping_options):
for s, d in key_mapping_options:
if s is None: # -d option
diff --git a/tools/releasetools/test_common.py b/tools/releasetools/test_common.py
index 59b05e9..8a52419 100644
--- a/tools/releasetools/test_common.py
+++ b/tools/releasetools/test_common.py
@@ -1373,6 +1373,39 @@
self.assertEqual('5', chained_partition_args[1])
self.assertTrue(os.path.exists(chained_partition_args[2]))
+ @test_utils.SkipIfExternalToolsUnavailable()
+ def test_AppendVBMetaArgsForPartition_recoveryAsChainedPartition_nonAb(self):
+ testdata_dir = test_utils.get_testdata_dir()
+ pubkey = os.path.join(testdata_dir, 'testkey.pubkey.pem')
+ info_dict = {
+ 'avb_avbtool': 'avbtool',
+ 'avb_recovery_key_path': pubkey,
+ 'avb_recovery_rollback_index_location': 3,
+ }
+ cmd = common.GetAvbPartitionArg(
+ 'recovery', '/path/to/recovery.img', info_dict)
+ self.assertFalse(cmd)
+
+ @test_utils.SkipIfExternalToolsUnavailable()
+ def test_AppendVBMetaArgsForPartition_recoveryAsChainedPartition_ab(self):
+ testdata_dir = test_utils.get_testdata_dir()
+ pubkey = os.path.join(testdata_dir, 'testkey.pubkey.pem')
+ info_dict = {
+ 'ab_update': 'true',
+ 'avb_avbtool': 'avbtool',
+ 'avb_recovery_key_path': pubkey,
+ 'avb_recovery_rollback_index_location': 3,
+ }
+ cmd = common.GetAvbPartitionArg(
+ 'recovery', '/path/to/recovery.img', info_dict)
+ self.assertEqual(2, len(cmd))
+ self.assertEqual('--chain_partition', cmd[0])
+ chained_partition_args = cmd[1].split(':')
+ self.assertEqual(3, len(chained_partition_args))
+ self.assertEqual('recovery', chained_partition_args[0])
+ self.assertEqual('3', chained_partition_args[1])
+ self.assertTrue(os.path.exists(chained_partition_args[2]))
+
class InstallRecoveryScriptFormatTest(test_utils.ReleaseToolsTestCase):
"""Checks the format of install-recovery.sh.
diff --git a/tools/releasetools/test_ota_from_target_files.py b/tools/releasetools/test_ota_from_target_files.py
index c3021a1..38faf64 100644
--- a/tools/releasetools/test_ota_from_target_files.py
+++ b/tools/releasetools/test_ota_from_target_files.py
@@ -885,10 +885,28 @@
payload_offset, metadata_total = (
property_files._GetPayloadMetadataOffsetAndSize(input_zip))
- # Read in the metadata signature directly.
+ # The signature proto has the following format (details in
+ # /platform/system/update_engine/update_metadata.proto):
+ # message Signature {
+ # optional uint32 version = 1;
+ # optional bytes data = 2;
+ # optional fixed32 unpadded_signature_size = 3;
+ # }
+ #
+ # According to the protobuf encoding, the tail of the signature message will
+ # be [signature string(256 bytes) + encoding of the fixed32 number 256]. And
+ # 256 is encoded as 'x1d\x00\x01\x00\x00':
+ # [3 (field number) << 3 | 5 (type) + byte reverse of 0x100 (256)].
+ # Details in (https://developers.google.com/protocol-buffers/docs/encoding)
+ signature_tail_length = self.SIGNATURE_SIZE + 5
+ self.assertGreater(metadata_total, signature_tail_length)
with open(output_file, 'rb') as verify_fp:
- verify_fp.seek(payload_offset + metadata_total - self.SIGNATURE_SIZE)
- metadata_signature = verify_fp.read(self.SIGNATURE_SIZE)
+ verify_fp.seek(payload_offset + metadata_total - signature_tail_length)
+ metadata_signature_proto_tail = verify_fp.read(signature_tail_length)
+
+ self.assertEqual(b'\x1d\x00\x01\x00\x00',
+ metadata_signature_proto_tail[-5:])
+ metadata_signature = metadata_signature_proto_tail[:-5]
# Now we extract the metadata hash via brillo_update_payload script, which
# will serve as the oracle result.
@@ -1050,11 +1068,13 @@
with open(file1, 'rb') as fp1, open(file2, 'rb') as fp2:
self.assertEqual(fp1.read(), fp2.read())
+ @test_utils.SkipIfExternalToolsUnavailable()
def test_init(self):
payload_signer = PayloadSigner()
self.assertEqual('openssl', payload_signer.signer)
- self.assertEqual(256, payload_signer.key_size)
+ self.assertEqual(256, payload_signer.maximum_signature_size)
+ @test_utils.SkipIfExternalToolsUnavailable()
def test_init_withPassword(self):
common.OPTIONS.package_key = os.path.join(
self.testdata_dir, 'testkey_with_passwd')
@@ -1067,18 +1087,27 @@
def test_init_withExternalSigner(self):
common.OPTIONS.payload_signer = 'abc'
common.OPTIONS.payload_signer_args = ['arg1', 'arg2']
- common.OPTIONS.payload_signer_key_size = '512'
+ common.OPTIONS.payload_signer_maximum_signature_size = '512'
payload_signer = PayloadSigner()
self.assertEqual('abc', payload_signer.signer)
self.assertEqual(['arg1', 'arg2'], payload_signer.signer_args)
- self.assertEqual(512, payload_signer.key_size)
+ self.assertEqual(512, payload_signer.maximum_signature_size)
- def test_GetKeySizeInBytes_512Bytes(self):
+ @test_utils.SkipIfExternalToolsUnavailable()
+ def test_GetMaximumSignatureSizeInBytes_512Bytes(self):
signing_key = os.path.join(self.testdata_dir, 'testkey_RSA4096.key')
# pylint: disable=protected-access
- key_size = PayloadSigner._GetKeySizeInBytes(signing_key)
- self.assertEqual(512, key_size)
+ signature_size = PayloadSigner._GetMaximumSignatureSizeInBytes(signing_key)
+ self.assertEqual(512, signature_size)
+ @test_utils.SkipIfExternalToolsUnavailable()
+ def test_GetMaximumSignatureSizeInBytes_ECKey(self):
+ signing_key = os.path.join(self.testdata_dir, 'testkey_EC.key')
+ # pylint: disable=protected-access
+ signature_size = PayloadSigner._GetMaximumSignatureSizeInBytes(signing_key)
+ self.assertEqual(72, signature_size)
+
+ @test_utils.SkipIfExternalToolsUnavailable()
def test_Sign(self):
payload_signer = PayloadSigner()
input_file = os.path.join(self.testdata_dir, self.SIGFILE)
diff --git a/tools/releasetools/test_sign_target_files_apks.py b/tools/releasetools/test_sign_target_files_apks.py
index e0a635a..2b84413 100644
--- a/tools/releasetools/test_sign_target_files_apks.py
+++ b/tools/releasetools/test_sign_target_files_apks.py
@@ -23,7 +23,8 @@
import test_utils
from sign_target_files_apks import (
CheckApkAndApexKeysAvailable, EditTags, GetApkFileInfo, ReadApexKeysInfo,
- ReplaceCerts, ReplaceVerityKeyId, RewriteProps, WriteOtacerts)
+ ReplaceCerts, ReplaceVerityKeyId, RewriteAvbProps, RewriteProps,
+ WriteOtacerts)
class SignTargetFilesApksTest(test_utils.ReleaseToolsTestCase):
@@ -52,6 +53,40 @@
# Tags are sorted.
self.assertEqual(EditTags('xyz,abc,dev-keys,xyz'), ('abc,release-keys,xyz'))
+ def test_RewriteAvbProps(self):
+ misc_info = {
+ 'avb_boot_add_hash_footer_args':
+ ('--prop com.android.build.boot.os_version:R '
+ '--prop com.android.build.boot.security_patch:2019-09-05'),
+ 'avb_system_add_hashtree_footer_args':
+ ('--prop com.android.build.system.os_version:R '
+ '--prop com.android.build.system.security_patch:2019-09-05 '
+ '--prop com.android.build.system.fingerprint:'
+ 'Android/aosp_taimen/taimen:R/QT/foo:userdebug/test-keys'),
+ 'avb_vendor_add_hashtree_footer_args':
+ ('--prop com.android.build.vendor.os_version:R '
+ '--prop com.android.build.vendor.security_patch:2019-09-05 '
+ '--prop com.android.build.vendor.fingerprint:'
+ 'Android/aosp_taimen/taimen:R/QT/foo:userdebug/dev-keys'),
+ }
+ expected_dict = {
+ 'avb_boot_add_hash_footer_args':
+ ('--prop com.android.build.boot.os_version:R '
+ '--prop com.android.build.boot.security_patch:2019-09-05'),
+ 'avb_system_add_hashtree_footer_args':
+ ('--prop com.android.build.system.os_version:R '
+ '--prop com.android.build.system.security_patch:2019-09-05 '
+ '--prop com.android.build.system.fingerprint:'
+ 'Android/aosp_taimen/taimen:R/QT/foo:userdebug/release-keys'),
+ 'avb_vendor_add_hashtree_footer_args':
+ ('--prop com.android.build.vendor.os_version:R '
+ '--prop com.android.build.vendor.security_patch:2019-09-05 '
+ '--prop com.android.build.vendor.fingerprint:'
+ 'Android/aosp_taimen/taimen:R/QT/foo:userdebug/release-keys'),
+ }
+ RewriteAvbProps(misc_info)
+ self.assertDictEqual(expected_dict, misc_info)
+
def test_RewriteProps(self):
props = (
('', ''),
diff --git a/tools/releasetools/testdata/testkey_EC.key b/tools/releasetools/testdata/testkey_EC.key
new file mode 100644
index 0000000..9e65a68
--- /dev/null
+++ b/tools/releasetools/testdata/testkey_EC.key
@@ -0,0 +1,5 @@
+-----BEGIN PRIVATE KEY-----
+MIGHAgEAMBMGByqGSM49AgEGCCqGSM49AwEHBG0wawIBAQQgGaguGj8Yb1KkqKHd
+ISblUsjtOCbzAuVpX81i02sm8FWhRANCAARBnuotwKOsuvjH6iwTDhOAi7Q5pLWz
+xDkZjg2pcfbfi9FFTvLYETas7B2W6fx9PUezUmHTFTDV2JZuMYYFdZOw
+-----END PRIVATE KEY-----
diff --git a/tools/warn.py b/tools/warn.py
index 5994124..6218f93 100755
--- a/tools/warn.py
+++ b/tools/warn.py
@@ -2264,7 +2264,7 @@
i['compiled_patterns'].append(re.compile(pat))
-def find_android_root(path):
+def find_warn_py_and_android_root(path):
"""Set and return android_root path if it is found."""
global android_root
parts = path.split('/')
@@ -2273,8 +2273,36 @@
# Android root directory should contain this script.
if os.path.exists(root_path + '/build/make/tools/warn.py'):
android_root = root_path
- return root_path
- return ''
+ return True
+ return False
+
+
+def find_android_root():
+ """Guess android_root from common prefix of file paths."""
+ # Use the longest common prefix of the absolute file paths
+ # of the first 10000 warning messages as the android_root.
+ global android_root
+ warning_lines = set()
+ warning_pattern = re.compile('^/[^ ]*/[^ ]*: warning: .*')
+ count = 0
+ infile = io.open(args.buildlog, mode='r', encoding='utf-8')
+ for line in infile:
+ if warning_pattern.match(line):
+ warning_lines.add(line)
+ count += 1
+ if count > 9999:
+ break
+ # Try to find warn.py and use its location to find
+ # the source tree root.
+ if count < 100:
+ path = os.path.normpath(re.sub(':.*$', '', line))
+ if find_warn_py_and_android_root(path):
+ return
+ # Do not use common prefix of a small number of paths.
+ if count > 10:
+ root_path = os.path.commonprefix(warning_lines)
+ if len(root_path) > 2 and root_path[len(root_path) - 1] == '/':
+ android_root = root_path[:-1]
def remove_android_root_prefix(path):
@@ -2289,13 +2317,10 @@
"""Normalize file path relative to android_root."""
# If path is not an absolute path, just normalize it.
path = os.path.normpath(path)
- if path[0] != '/':
- return path
# Remove known prefix of root path and normalize the suffix.
- if android_root or find_android_root(path):
+ if path[0] == '/' and android_root:
return remove_android_root_prefix(path)
- else:
- return path
+ return path
def normalize_warning_line(line):
@@ -2670,6 +2695,7 @@
def main():
+ find_android_root()
# We must use 'utf-8' codec to parse some non-ASCII code in warnings.
warning_lines = parse_input_file(
io.open(args.buildlog, mode='r', encoding='utf-8'))