Merge "Pass FRAMEWORK_VBMETA_VERSION to assemble_vintf" into oc-dr1-dev
diff --git a/core/Makefile b/core/Makefile
index af15f51..bcd1abd 100644
--- a/core/Makefile
+++ b/core/Makefile
@@ -623,25 +623,25 @@
else ifeq (true,$(BOARD_AVB_ENABLE)) # TARGET_BOOTIMAGE_USE_EXT2 != true
-$(INSTALLED_BOOTIMAGE_TARGET): $(MKBOOTIMG) $(AVBTOOL) $(INTERNAL_BOOTIMAGE_FILES)
+$(INSTALLED_BOOTIMAGE_TARGET): $(MKBOOTIMG) $(AVBTOOL) $(INTERNAL_BOOTIMAGE_FILES) $(BOARD_AVB_BOOT_KEY_PATH)
$(call pretty,"Target boot image: $@")
$(hide) $(MKBOOTIMG) $(INTERNAL_BOOTIMAGE_ARGS) $(INTERNAL_MKBOOTIMG_VERSION_ARGS) $(BOARD_MKBOOTIMG_ARGS) --output $@
$(hide) $(call assert-max-image-size,$@,$(BOARD_BOOTIMAGE_PARTITION_SIZE))
$(hide) $(AVBTOOL) add_hash_footer \
--image $@ \
--partition_size $(BOARD_BOOTIMAGE_PARTITION_SIZE) \
- --partition_name boot $(INTERNAL_AVB_SIGNING_ARGS) \
+ --partition_name boot $(INTERNAL_AVB_BOOT_SIGNING_ARGS) \
$(BOARD_AVB_BOOT_ADD_HASH_FOOTER_ARGS)
.PHONY: bootimage-nodeps
-bootimage-nodeps: $(MKBOOTIMG) $(AVBTOOL)
+bootimage-nodeps: $(MKBOOTIMG) $(AVBTOOL) $(BOARD_AVB_BOOT_KEY_PATH)
@echo "make $@: ignoring dependencies"
$(hide) $(MKBOOTIMG) $(INTERNAL_BOOTIMAGE_ARGS) $(INTERNAL_MKBOOTIMG_VERSION_ARGS) $(BOARD_MKBOOTIMG_ARGS) --output $(INSTALLED_BOOTIMAGE_TARGET)
$(hide) $(call assert-max-image-size,$(INSTALLED_BOOTIMAGE_TARGET),$(BOARD_BOOTIMAGE_PARTITION_SIZE))
$(hide) $(AVBTOOL) add_hash_footer \
--image $@ \
--partition_size $(BOARD_BOOTIMAGE_PARTITION_SIZE) \
- --partition_name boot $(INTERNAL_AVB_SIGNING_ARGS) \
+ --partition_name boot $(INTERNAL_AVB_BOOT_SIGNING_ARGS) \
$(BOARD_AVB_BOOT_ADD_HASH_FOOTER_ARGS)
else ifeq (true,$(PRODUCTS.$(INTERNAL_PRODUCT).PRODUCT_SUPPORTS_BOOT_SIGNER)) # BOARD_AVB_ENABLE != true
@@ -996,12 +996,21 @@
$(if $(PRODUCTS.$(INTERNAL_PRODUCT).PRODUCT_SUPPORTS_VBOOT),$(hide) echo "vboot_subkey=$(PRODUCTS.$(INTERNAL_PRODUCT).PRODUCT_VBOOT_SIGNING_SUBKEY)" >> $(1))
$(if $(PRODUCTS.$(INTERNAL_PRODUCT).PRODUCT_SUPPORTS_VBOOT),$(hide) echo "futility=$(notdir $(FUTILITY))" >> $(1))
$(if $(PRODUCTS.$(INTERNAL_PRODUCT).PRODUCT_SUPPORTS_VBOOT),$(hide) echo "vboot_signer_cmd=$(VBOOT_SIGNER)" >> $(1))
-$(if $(BOARD_AVB_ENABLE),$(hide) echo "avb_signing_args=$(INTERNAL_AVB_SIGNING_ARGS)" >> $(1))
$(if $(BOARD_AVB_ENABLE),$(hide) echo "avb_avbtool=$(notdir $(AVBTOOL))" >> $(1))
-$(if $(BOARD_AVB_ENABLE),$(hide) echo "system_avb_hashtree_enable=$(BOARD_AVB_ENABLE)" >> $(1))
-$(if $(BOARD_AVB_ENABLE),$(hide) echo "system_avb_add_hashtree_footer_args=$(BOARD_AVB_SYSTEM_ADD_HASHTREE_FOOTER_ARGS)" >> $(1))
-$(if $(BOARD_AVB_ENABLE),$(hide) echo "vendor_avb_hashtree_enable=$(BOARD_AVB_ENABLE)" >> $(1))
-$(if $(BOARD_AVB_ENABLE),$(hide) echo "vendor_avb_add_hashtree_footer_args=$(BOARD_AVB_VENDOR_ADD_HASHTREE_FOOTER_ARGS)" >> $(1))
+$(if $(BOARD_AVB_ENABLE),$(hide) echo "avb_system_hashtree_enable=$(BOARD_AVB_ENABLE)" >> $(1))
+$(if $(BOARD_AVB_ENABLE),$(hide) echo "avb_system_add_hashtree_footer_args=$(BOARD_AVB_SYSTEM_ADD_HASHTREE_FOOTER_ARGS)" >> $(1))
+$(if $(BOARD_AVB_ENABLE),\
+ $(if $(BOARD_AVB_SYSTEM_KEY_PATH),\
+ $(hide) echo "avb_system_key_path=$(BOARD_AVB_SYSTEM_KEY_PATH)" >> $(1)
+ $(hide) echo "avb_system_algorithm=$(BOARD_AVB_SYSTEM_ALGORITHM)" >> $(1)
+ $(hide) echo "avb_system_rollback_index_location=$(BOARD_AVB_SYSTEM_ROLLBACK_INDEX_LOCATION)" >> $(1)))
+$(if $(BOARD_AVB_ENABLE),$(hide) echo "avb_vendor_hashtree_enable=$(BOARD_AVB_ENABLE)" >> $(1))
+$(if $(BOARD_AVB_ENABLE),$(hide) echo "avb_vendor_add_hashtree_footer_args=$(BOARD_AVB_VENDOR_ADD_HASHTREE_FOOTER_ARGS)" >> $(1))
+$(if $(BOARD_AVB_ENABLE),\
+ $(if $(BOARD_AVB_VENDOR_KEY_PATH),\
+ $(hide) echo "avb_vendor_key_path=$(BOARD_AVB_VENDOR_KEY_PATH)" >> $(1)
+ $(hide) echo "avb_vendor_algorithm=$(BOARD_AVB_VENDOR_ALGORITHM)" >> $(1)
+ $(hide) echo "avb_vendor_rollback_index_location=$(BOARD_AVB_VENDOR_ROLLBACK_INDEX_LOCATION)" >> $(1)))
$(if $(filter true,$(BOARD_USES_RECOVERY_AS_BOOT)),\
$(hide) echo "recovery_as_boot=true" >> $(1))
$(if $(filter true,$(BOARD_BUILD_SYSTEM_ROOT_IMAGE)),\
@@ -1022,7 +1031,8 @@
recovery_initrc := $(call include-path-for, recovery)/etc/init.rc
recovery_sepolicy := \
$(TARGET_RECOVERY_ROOT_OUT)/sepolicy \
- $(TARGET_RECOVERY_ROOT_OUT)/file_contexts.bin \
+ $(TARGET_RECOVERY_ROOT_OUT)/plat_file_contexts \
+ $(TARGET_RECOVERY_ROOT_OUT)/nonplat_file_contexts \
$(TARGET_RECOVERY_ROOT_OUT)/plat_property_contexts \
$(TARGET_RECOVERY_ROOT_OUT)/nonplat_property_contexts
# Passed into rsync from non-recovery root to recovery root, to avoid overwriting recovery-specific
@@ -1213,7 +1223,7 @@
$(hide) $(AVBTOOL) add_hash_footer \
--image $(1) \
--partition_size $(BOARD_BOOTIMAGE_PARTITION_SIZE) \
- --partition_name boot $(INTERNAL_AVB_SIGNING_ARGS) \
+ --partition_name boot $(INTERNAL_AVB_BOOT_SIGNING_ARGS) \
$(BOARD_AVB_BOOT_ADD_HASH_FOOTER_ARGS))
$(if $(filter true,$(BOARD_USES_RECOVERY_AS_BOOT)), \
$(hide) $(call assert-max-image-size,$(1),$(BOARD_BOOTIMAGE_PARTITION_SIZE)), \
@@ -1229,7 +1239,7 @@
$(INSTALLED_BOOTIMAGE_TARGET) : $(VBOOT_SIGNER)
endif
ifeq (true,$(BOARD_AVB_ENABLE))
-$(INSTALLED_BOOTIMAGE_TARGET) : $(AVBTOOL)
+$(INSTALLED_BOOTIMAGE_TARGET) : $(AVBTOOL) $(BOARD_AVB_BOOT_KEY_PATH)
endif
$(INSTALLED_BOOTIMAGE_TARGET): $(MKBOOTFS) $(MKBOOTIMG) $(MINIGZIP) \
$(INSTALLED_RAMDISK_TARGET) \
@@ -1816,12 +1826,12 @@
INSTALLED_DTBOIMAGE_TARGET := $(PRODUCT_OUT)/dtbo.img
ifeq ($(BOARD_AVB_ENABLE),true)
-$(INSTALLED_DTBOIMAGE_TARGET): $(BOARD_PREBUILT_DTBOIMAGE) $(AVBTOOL)
+$(INSTALLED_DTBOIMAGE_TARGET): $(BOARD_PREBUILT_DTBOIMAGE) $(AVBTOOL) $(BOARD_AVB_DTBO_KEY_PATH)
cp $(BOARD_PREBUILT_DTBOIMAGE) $@
$(AVBTOOL) add_hash_footer \
--image $@ \
--partition_size $(BOARD_DTBOIMG_PARTITION_SIZE) \
- --partition_name dtbo $(INTERNAL_AVB_SIGNING_ARGS) \
+ --partition_name dtbo $(INTERNAL_AVB_DTBO_SIGNING_ARGS) \
$(BOARD_AVB_DTBO_ADD_HASH_FOOTER_ARGS)
else
$(INSTALLED_DTBOIMAGE_TARGET): $(BOARD_PREBUILT_DTBOIMAGE)
@@ -1830,42 +1840,109 @@
endif
+# Convert to lower case without requiring a shell, which isn't cacheable.
+to-lower = $(subst A,a,$(subst B,b,$(subst C,c,$(subst D,d,$(subst E,e,$(subst F,f,$(subst G,g,\
+$(subst H,h,$(subst I,i,$(subst J,j,$(subst K,k,$(subst L,l,$(subst M,m,$(subst N,n,$(subst O,o,\
+$(subst P,p,$(subst Q,q,$(subst R,r,$(subst S,s,$(subst T,t,$(subst U,u,$(subst V,v,$(subst W,w,\
+$(subst X,x,$(subst Y,y,$(subst Z,z,$1))))))))))))))))))))))))))
+
# -----------------------------------------------------------------
# vbmeta image
ifeq ($(BOARD_AVB_ENABLE),true)
BUILT_VBMETAIMAGE_TARGET := $(PRODUCT_OUT)/vbmeta.img
+AVB_CHAIN_KEY_DIR := $(TARGET_OUT_INTERMEDIATES)/avb_chain_keys
-INTERNAL_AVB_MAKE_VBMETA_IMAGE_ARGS := \
- --include_descriptors_from_image $(INSTALLED_BOOTIMAGE_TARGET) \
- --include_descriptors_from_image $(INSTALLED_SYSTEMIMAGE) \
+ifdef BOARD_AVB_KEY_PATH
+$(if $(BOARD_AVB_ALGORITHM),,$(error BOARD_AVB_ALGORITHM is not defined))
+else
+# If key path isn't specified, use the 4096-bit test key.
+BOARD_AVB_ALGORITHM := SHA256_RSA4096
+BOARD_AVB_KEY_PATH := external/avb/test/data/testkey_rsa4096.pem
+endif
+
+INTERNAL_AVB_SIGNING_ARGS := \
+ --algorithm $(BOARD_AVB_ALGORITHM) --key $(BOARD_AVB_KEY_PATH)
+
+BOOT_FOOTER_ARGS := BOARD_AVB_BOOT_ADD_HASH_FOOTER_ARGS
+DTBO_FOOTER_ARGS := BOARD_AVB_DTBO_ADD_HASH_FOOTER_ARGS
+SYSTEM_FOOTER_ARGS := BOARD_AVB_SYSTEM_ADD_HASHTREE_FOOTER_ARGS
+VENDOR_FOOTER_ARGS := BOARD_AVB_VENDOR_ADD_HASHTREE_FOOTER_ARGS
+
+# Check and set required build variables for a chain partition.
+# $(1): the partition to enable AVB chain, e.g., BOOT or SYSTEM.
+define check-and-set-avb-chain-args
+$(eval PART := $(1))
+$(eval part=$(call to-lower,$(PART)))
+
+$(eval _key_path := BOARD_AVB_$(PART)_KEY_PATH)
+$(eval _signing_algorithm := BOARD_AVB_$(PART)_ALGORITHM)
+$(eval _rollback_index := BOARD_AVB_$(PART)_ROLLBACK_INDEX)
+$(eval _rollback_index_location := BOARD_AVB_$(PART)_ROLLBACK_INDEX_LOCATION)
+$(if $($(_key_path)),,$(error $(_key_path) is not defined))
+$(if $($(_signing_algorithm)),,$(error $(_signing_algorithm) is not defined))
+$(if $($(_rollback_index)),,$(error $(_rollback_index) is not defined))
+$(if $($(_rollback_index_location)),,$(error $(_rollback_index_location) is not defined))
+
+# Set INTERNAL_AVB_(PART)_SIGNING_ARGS
+$(eval _signing_args := INTERNAL_AVB_$(PART)_SIGNING_ARGS)
+$(eval $(_signing_args) := \
+ --algorithm $($(_signing_algorithm)) --key $($(_key_path)))
+
+$(eval INTERNAL_AVB_MAKE_VBMETA_IMAGE_ARGS += \
+ --chain_partition $(part):$($(_rollback_index_location)):$(AVB_CHAIN_KEY_DIR)/$(part).avbpubkey)
+
+# Set rollback_index via footer args
+$(eval _footer_args := $(PART)_FOOTER_ARGS)
+$(eval $($(_footer_args)) += --rollback_index $($(_rollback_index)))
+endef
+
+ifdef BOARD_AVB_BOOT_KEY_PATH
+$(eval $(call check-and-set-avb-chain-args,BOOT))
+else
+INTERNAL_AVB_MAKE_VBMETA_IMAGE_ARGS += \
+ --include_descriptors_from_image $(INSTALLED_BOOTIMAGE_TARGET)
+endif
+
+ifdef BOARD_AVB_SYSTEM_KEY_PATH
+$(eval $(call check-and-set-avb-chain-args,SYSTEM))
+else
+INTERNAL_AVB_MAKE_VBMETA_IMAGE_ARGS += \
+ --include_descriptors_from_image $(INSTALLED_SYSTEMIMAGE)
+endif
ifdef INSTALLED_VENDORIMAGE_TARGET
+ifdef BOARD_AVB_VENDOR_KEY_PATH
+$(eval $(call check-and-set-avb-chain-args,VENDOR))
+else
INTERNAL_AVB_MAKE_VBMETA_IMAGE_ARGS += \
--include_descriptors_from_image $(INSTALLED_VENDORIMAGE_TARGET)
endif
+endif
ifdef INSTALLED_DTBOIMAGE_TARGET
+ifdef BOARD_AVB_DTBO_KEY_PATH
+$(eval $(call check-and-set-avb-chain-args,DTBO))
+else
INTERNAL_AVB_MAKE_VBMETA_IMAGE_ARGS += \
--include_descriptors_from_image $(INSTALLED_DTBOIMAGE_TARGET)
endif
+endif
+INTERNAL_AVB_MAKE_VBMETA_IMAGE_ARGS += --padding_size 4096
+
+# Add kernel cmdline descriptor for kernel to mount system.img as root with
+# dm-verity. This works when system.img is either chained or not-chained:
+# - chained: The --setup_as_rootfs_from_kernel option will add dm-verity kernel
+# cmdline descriptor to system.img
+# - not-chained: The --include_descriptors_from_image option for make_vbmeta_image
+# will include the kernel cmdline descriptor from system.img into vbmeta.img
ifeq ($(BOARD_BUILD_SYSTEM_ROOT_IMAGE),true)
-INTERNAL_AVB_MAKE_VBMETA_IMAGE_ARGS += --setup_rootfs_from_kernel $(BUILT_SYSTEMIMAGE)
+BOARD_AVB_SYSTEM_ADD_HASHTREE_FOOTER_ARGS += --setup_as_rootfs_from_kernel
endif
ifdef BOARD_AVB_ROLLBACK_INDEX
-INTERNAL_AVB_MAKE_VBMETA_IMAGE_ARGS += --rollback_index $(BOARD_AVB_ROLLBACK_INDEX)
-endif
-
-ifndef BOARD_AVB_KEY_PATH
-# If key path isn't specified, use the 4096-bit test key.
-INTERNAL_AVB_SIGNING_ARGS := \
- --algorithm SHA256_RSA4096 \
- --key external/avb/test/data/testkey_rsa4096.pem
-else
-INTERNAL_AVB_SIGNING_ARGS := \
- --algorithm $(BOARD_AVB_ALGORITHM) --key $(BOARD_AVB_KEY_PATH)
+BOARD_AVB_MAKE_VBMETA_IMAGE_ARGS += --rollback_index $(BOARD_AVB_ROLLBACK_INDEX)
endif
ifndef BOARD_BOOTIMAGE_PARTITION_SIZE
@@ -1876,17 +1953,36 @@
$(error BOARD_SYSTEMIMAGE_PARTITION_SIZE must be set for BOARD_AVB_ENABLE)
endif
+# $(1): the directory to extract public keys to
+define extract-avb-chain-public-keys
+ $(if $(BOARD_AVB_BOOT_KEY_PATH),\
+ $(hide) $(AVBTOOL) extract_public_key --key $(BOARD_AVB_BOOT_KEY_PATH) \
+ --output $(1)/boot.avbpubkey)
+ $(if $(BOARD_AVB_SYSTEM_KEY_PATH),\
+ $(hide) $(AVBTOOL) extract_public_key --key $(BOARD_AVB_SYSTEM_KEY_PATH) \
+ --output $(1)/system.avbpubkey)
+ $(if $(BOARD_AVB_VENDOR_KEY_PATH),\
+ $(hide) $(AVBTOOL) extract_public_key --key $(BOARD_AVB_VENDOR_KEY_PATH) \
+ --output $(1)/vendor.avbpubkey)
+ $(if $(BOARD_AVB_DTBO_KEY_PATH),\
+ $(hide) $(AVBTOOL) extract_public_key --key $(BOARD_AVB_DTBO_KEY_PATH) \
+ --output $(1)/dtbo.avbpubkey)
+endef
+
define build-vbmetaimage-target
$(call pretty,"Target vbmeta image: $(INSTALLED_VBMETAIMAGE_TARGET)")
+ $(hide) mkdir -p $(AVB_CHAIN_KEY_DIR)
+ $(call extract-avb-chain-public-keys, $(AVB_CHAIN_KEY_DIR))
$(hide) $(AVBTOOL) make_vbmeta_image \
$(INTERNAL_AVB_MAKE_VBMETA_IMAGE_ARGS) \
$(INTERNAL_AVB_SIGNING_ARGS) \
$(BOARD_AVB_MAKE_VBMETA_IMAGE_ARGS) \
--output $@
+ $(hide) rm -rf $(AVB_CHAIN_KEY_DIR)
endef
INSTALLED_VBMETAIMAGE_TARGET := $(BUILT_VBMETAIMAGE_TARGET)
-$(INSTALLED_VBMETAIMAGE_TARGET): $(AVBTOOL) $(INSTALLED_BOOTIMAGE_TARGET) $(INSTALLED_SYSTEMIMAGE) $(INSTALLED_VENDORIMAGE_TARGET) $(INSTALLED_DTBOIMAGE_TARGET)
+$(INSTALLED_VBMETAIMAGE_TARGET): $(AVBTOOL) $(INSTALLED_BOOTIMAGE_TARGET) $(INSTALLED_SYSTEMIMAGE) $(INSTALLED_VENDORIMAGE_TARGET) $(INSTALLED_DTBOIMAGE_TARGET) $(BOARD_AVB_KEY_PATH)
$(build-vbmetaimage-target)
.PHONY: vbmetaimage-nodeps
@@ -2300,11 +2396,17 @@
$(hide) echo "full_recovery_image=true" >> $(zip_root)/META/misc_info.txt
endif
ifeq ($(BOARD_AVB_ENABLE),true)
- $(hide) echo "board_avb_enable=true" >> $(zip_root)/META/misc_info.txt
- $(hide) echo "board_avb_rollback_index=$(BOARD_AVB_ROLLBACK_INDEX)" >> $(zip_root)/META/misc_info.txt
- $(hide) echo "board_avb_boot_add_hash_footer_args=$(BOARD_AVB_BOOT_ADD_HASH_FOOTER_ARGS)" >> $(zip_root)/META/misc_info.txt
- $(hide) echo "board_avb_make_vbmeta_image_args=$(BOARD_AVB_MAKE_VBMETA_IMAGE_ARGS)" >> $(zip_root)/META/misc_info.txt
-endif
+ $(hide) echo "avb_enable=true" >> $(zip_root)/META/misc_info.txt
+ $(hide) echo "avb_vbmeta_key_path=$(BOARD_AVB_KEY_PATH)" >> $(zip_root)/META/misc_info.txt
+ $(hide) echo "avb_vbmeta_algorithm=$(BOARD_AVB_ALGORITHM)" >> $(zip_root)/META/misc_info.txt
+ $(hide) echo "avb_vbmeta_args=$(BOARD_AVB_MAKE_VBMETA_IMAGE_ARGS)" >> $(zip_root)/META/misc_info.txt
+ $(hide) echo "avb_boot_add_hash_footer_args=$(BOARD_AVB_BOOT_ADD_HASH_FOOTER_ARGS)" >> $(zip_root)/META/misc_info.txt
+ifdef BOARD_AVB_BOOT_KEY_PATH
+ $(hide) echo "avb_boot_key_path=$(BOARD_AVB_BOOT_KEY_PATH)" >> $(zip_root)/META/misc_info.txt
+ $(hide) echo "avb_boot_algorithm=$(BOARD_AVB_BOOT_ALGORITHM)" >> $(zip_root)/META/misc_info.txt
+ $(hide) echo "avb_boot_rollback_index_location=$(BOARD_AVB_BOOT_ROLLBACK_INDEX_LOCATION)" >> $(zip_root)/META/misc_info.txt
+endif # BOARD_AVB_BOOT_KEY_PATH
+endif # BOARD_AVB_ENABLE
ifdef BOARD_BPT_INPUT_FILES
$(hide) echo "board_bpt_enable=true" >> $(zip_root)/META/misc_info.txt
$(hide) echo "board_bpt_make_table_args=$(BOARD_BPT_MAKE_TABLE_ARGS)" >> $(zip_root)/META/misc_info.txt
@@ -2362,10 +2464,15 @@
$(hide) echo "has_dtbo=true" >> $(zip_root)/META/misc_info.txt
ifeq ($(BOARD_AVB_ENABLE),true)
$(hide) echo "dtbo_size=$(BOARD_DTBOIMG_PARTITION_SIZE)" >> $(zip_root)/META/misc_info.txt
- $(hide) echo "board_avb_dtbo_add_hash_footer_args=$(BOARD_AVB_DTBO_ADD_HASH_FOOTER_ARGS)" \
+ $(hide) echo "avb_dtbo_add_hash_footer_args=$(BOARD_AVB_DTBO_ADD_HASH_FOOTER_ARGS)" >> $(zip_root)/META/misc_info.txt
+ifdef BOARD_AVB_DTBO_KEY_PATH
+ $(hide) echo "avb_dtbo_key_path=$(BOARD_AVB_DTBO_KEY_PATH)" >> $(zip_root)/META/misc_info.txt
+ $(hide) echo "avb_dtbo_algorithm=$(BOARD_AVB_DTBO_ALGORITHM)" >> $(zip_root)/META/misc_info.txt
+ $(hide) echo "avb_dtbo_rollback_index_location=$(BOARD_AVB_DTBO_ROLLBACK_INDEX_LOCATION)" \
>> $(zip_root)/META/misc_info.txt
-endif
-endif
+endif # BOARD_AVB_DTBO_KEY_PATH
+endif # BOARD_AVB_ENABLE
+endif # BOARD_PREBUILT_DTBOIMAGE
@# Run fs_config on all the system, vendor, boot ramdisk,
@# and recovery ramdisk files in the zip, and save the output
$(hide) $(call fs_config,$(zip_root)/SYSTEM,system/) > $(zip_root)/META/filesystem_config.txt
diff --git a/core/build_id.mk b/core/build_id.mk
index 0e8e2cf..00272aa 100644
--- a/core/build_id.mk
+++ b/core/build_id.mk
@@ -18,4 +18,4 @@
# (like "CRB01"). It must be a single word, and is
# capitalized by convention.
-export BUILD_ID=MASTER
+export BUILD_ID=OC-DR1
diff --git a/core/dex_preopt.mk b/core/dex_preopt.mk
index f940c72..0606c83 100644
--- a/core/dex_preopt.mk
+++ b/core/dex_preopt.mk
@@ -24,7 +24,7 @@
SYSTEM_OTHER_ODEX_FILTER ?= app/% priv-app/%
# Method returning whether the install path $(1) should be for system_other.
-install-on-system-other = $(filter-out $(PRODUCT_SYSTEM_SERVER_APPS),$(basename $(notdir $(filter $(foreach f,$(SYSTEM_OTHER_ODEX_FILTER),$(TARGET_OUT)/$(f)),$(1)))))
+install-on-system-other = $(filter-out $(PRODUCT_DEXPREOPT_SPEED_APPS) $(PRODUCT_SYSTEM_SERVER_APPS),$(basename $(notdir $(filter $(foreach f,$(SYSTEM_OTHER_ODEX_FILTER),$(TARGET_OUT)/$(f)),$(1)))))
# The default values for pre-opting: always preopt PIC.
# Conditional to building on linux, as dex2oat currently does not work on darwin.
diff --git a/core/dex_preopt_odex_install.mk b/core/dex_preopt_odex_install.mk
index 601204a..2b401f0 100644
--- a/core/dex_preopt_odex_install.mk
+++ b/core/dex_preopt_odex_install.mk
@@ -175,8 +175,8 @@
endif
endif
-ifneq (,$(filter $(PRODUCT_SYSTEM_SERVER_JARS) $(PRODUCT_SYSTEM_SERVER_APPS),$(LOCAL_MODULE)))
- # Jars of system server, and apps loaded into system server should be
+ifneq (,$(filter $(PRODUCT_SYSTEM_SERVER_JARS) $(PRODUCT_DEXPREOPT_SPEED_APPS) $(PRODUCT_SYSTEM_SERVER_APPS),$(LOCAL_MODULE)))
+ # Jars of system server, apps loaded into system server, and apps the product wants to be
# compiled with the 'speed' compiler filter.
LOCAL_DEX_PREOPT_FLAGS += --compiler-filter=speed
else
diff --git a/core/local_vndk.mk b/core/local_vndk.mk
index 5ac5f26..640aac7 100644
--- a/core/local_vndk.mk
+++ b/core/local_vndk.mk
@@ -3,7 +3,7 @@
#If LOCAL_SDK_VERSION is set, thats a more restrictive set, so they dont need LOCAL_USE_VNDK
ifndef LOCAL_IS_HOST_MODULE
ifndef LOCAL_SDK_VERSION
- ifneq (,$(filter true,$(LOCAL_VENDOR_MODULE) $(LOCAL_ODM_MODULE) $(LOCAL_OEM_MODULE)))
+ ifneq (,$(filter true,$(LOCAL_VENDOR_MODULE) $(LOCAL_ODM_MODULE) $(LOCAL_OEM_MODULE) $(LOCAL_PROPRIETARY_MODULE)))
LOCAL_USE_VNDK:=true
else
ifneq (,$(filter $(TARGET_OUT_VENDOR)%,$(LOCAL_MODULE_PATH) $(LOCAL_MODULE_PATH_32) $(LOCAL_MODULE_PATH_64)))
diff --git a/core/main.mk b/core/main.mk
index b50e0e7..8461e62 100644
--- a/core/main.mk
+++ b/core/main.mk
@@ -187,11 +187,16 @@
#
# -----------------------------------------------------------------
-# Enable dynamic linker developer warnings for all builds except
-# final release.
+# Enable dynamic linker developer warnings for userdebug, eng
+# and non-REL builds
+ifneq ($(TARGET_BUILD_VARIANT),user)
+ ADDITIONAL_BUILD_PROPERTIES += ro.bionic.ld.warning=1
+else
+# Enable it for user builds as long as they are not final.
ifneq ($(PLATFORM_VERSION_CODENAME),REL)
ADDITIONAL_BUILD_PROPERTIES += ro.bionic.ld.warning=1
endif
+endif
ADDITIONAL_BUILD_PROPERTIES += ro.treble.enabled=${PRODUCT_FULL_TREBLE}
diff --git a/core/product.mk b/core/product.mk
index b5fc5c8..fd22532 100644
--- a/core/product.mk
+++ b/core/product.mk
@@ -114,6 +114,7 @@
PRODUCT_SYSTEM_PROPERTY_BLACKLIST \
PRODUCT_SYSTEM_SERVER_APPS \
PRODUCT_SYSTEM_SERVER_JARS \
+ PRODUCT_DEXPREOPT_SPEED_APPS \
PRODUCT_VBOOT_SIGNING_KEY \
PRODUCT_VBOOT_SIGNING_SUBKEY \
PRODUCT_VERITY_SIGNING_KEY \
diff --git a/core/product_config.mk b/core/product_config.mk
index 89acac1..8b908da 100644
--- a/core/product_config.mk
+++ b/core/product_config.mk
@@ -258,6 +258,7 @@
PRODUCT_BOOT_JARS := $(strip $(PRODUCTS.$(INTERNAL_PRODUCT).PRODUCT_BOOT_JARS))
PRODUCT_SYSTEM_SERVER_JARS := $(strip $(PRODUCTS.$(INTERNAL_PRODUCT).PRODUCT_SYSTEM_SERVER_JARS))
PRODUCT_SYSTEM_SERVER_APPS := $(strip $(PRODUCTS.$(INTERNAL_PRODUCT).PRODUCT_SYSTEM_SERVER_APPS))
+PRODUCT_DEXPREOPT_SPEED_APPS := $(strip $(PRODUCTS.$(INTERNAL_PRODUCT).PRODUCT_DEXPREOPT_SPEED_APPS))
# Find the device that this product maps to.
TARGET_DEVICE := $(PRODUCTS.$(INTERNAL_PRODUCT).PRODUCT_DEVICE)
diff --git a/target/product/aosp_arm64_a.mk b/target/product/aosp_arm64_a.mk
index 0b0ba61..535b3a4 100644
--- a/target/product/aosp_arm64_a.mk
+++ b/target/product/aosp_arm64_a.mk
@@ -16,90 +16,10 @@
# PRODUCT_PROPERTY_OVERRIDES cannot be used here because sysprops will be at
# /vendor/[build|default].prop when build split is on. In order to have sysprops
-# on the generic system image, place them in build/make/target/board/generic_arm_nonab/
+# on the generic system image, place them in build/make/target/board/generic_arm64_a/
# system.prop.
-PRODUCT_COPY_FILES := \
- device/generic/goldfish/data/etc/apns-conf.xml:system/etc/apns-conf.xml
-
-#split selinux policy
-PRODUCT_FULL_TREBLE_OVERRIDE := true
-
-# Some of HAL interface libraries are automatically added by the dependencies from
-# the framework. However, we list them all here to make it explicit and prevent
-# possible mistake.
-PRODUCT_PACKAGES := \
- android.dvr.composer@1.0 \
- android.hardware.audio@2.0 \
- android.hardware.audio.common@2.0 \
- android.hardware.audio.common@2.0-util \
- android.hardware.audio.effect@2.0 \
- android.hardware.biometrics.fingerprint@2.1 \
- android.hardware.bluetooth@1.0 \
- android.hardware.boot@1.0 \
- android.hardware.broadcastradio@1.0 \
- android.hardware.broadcastradio@1.1 \
- android.hardware.camera.common@1.0 \
- android.hardware.camera.device@1.0 \
- android.hardware.camera.device@3.2 \
- android.hardware.camera.provider@2.4 \
- android.hardware.configstore@1.0 \
- android.hardware.contexthub@1.0 \
- android.hardware.drm@1.0 \
- android.hardware.gatekeeper@1.0 \
- android.hardware.gnss@1.0 \
- android.hardware.graphics.allocator@2.0 \
- android.hardware.graphics.common@1.0 \
- android.hardware.graphics.composer@2.1 \
- android.hardware.graphics.mapper@2.0 \
- android.hardware.ir@1.0 \
- android.hardware.keymaster@3.0 \
- android.hardware.light@2.0 \
- android.hardware.media@1.0 \
- android.hardware.media.omx@1.0 \
- android.hardware.media.omx@1.0-utils \
- android.hardware.memtrack@1.0 \
- android.hardware.nfc@1.0 \
- android.hardware.oemlock@1.0 \
- android.hardware.power@1.0 \
- android.hardware.radio@1.0 \
- android.hardware.radio.deprecated@1.0 \
- android.hardware.sensors@1.0 \
- android.hardware.soundtrigger@2.0 \
- android.hardware.thermal@1.0 \
- android.hardware.tv.cec@1.0 \
- android.hardware.tv.input@1.0 \
- android.hardware.usb@1.0 \
- android.hardware.vibrator@1.0 \
- android.hardware.vr@1.0 \
- android.hardware.weaver@1.0 \
- android.hardware.wifi@1.0 \
- android.hardware.wifi.supplicant@1.0 \
- android.hidl.allocator@1.0 \
- android.hidl.base@1.0 \
- android.hidl.manager@1.0 \
- android.hidl.memory@1.0 \
-
-PRODUCT_PACKAGES += \
- libdynamic_sensor_ext \
- libaudioroute \
- libxml2 \
- libtinyalsa \
- libtinycompress \
- cplay \
- libion \
-
-# WiFi
-# Note: Wifi HAL (android.hardware.wifi@1.0-service, wpa_supplicant,
-# and wpa_supplicant.conf) is not here. They are at vendor.img
-PRODUCT_PACKAGES += \
- libwpa_client \
- hostapd \
- hostapd_cli \
- wificond \
- wifilogd \
-
-PRODUCT_SYSTEM_VERITY_PARTITION := /dev/block/bootdevice/by-name/system
+include build/make/target/product/treble_common.mk
$(call inherit-product, $(SRC_TARGET_DIR)/product/core_64_bit.mk)
$(call inherit-product, $(SRC_TARGET_DIR)/product/aosp_base_telephony.mk)
diff --git a/target/product/aosp_arm64_ab.mk b/target/product/aosp_arm64_ab.mk
index aa69126..fe3afb7 100644
--- a/target/product/aosp_arm64_ab.mk
+++ b/target/product/aosp_arm64_ab.mk
@@ -16,89 +16,10 @@
# PRODUCT_PROPERTY_OVERRIDES cannot be used here because sysprops will be at
# /vendor/[build|default].prop when build split is on. In order to have sysprops
-# on the generic system image, place them in build/make/target/board/generic_arm64_ab/
+# on the generic system image, place them in build/make/target/board/generic_arm64_a/
# system.prop.
-PRODUCT_COPY_FILES := \
- device/generic/goldfish/data/etc/apns-conf.xml:system/etc/apns-conf.xml
-
-#split selinux policy
-PRODUCT_FULL_TREBLE_OVERRIDE := true
-
-# Some of HAL interface libraries are automatically added by the dependencies from
-# the framework. However, we list them all here to make it explicit and prevent
-# possible mistake.
-PRODUCT_PACKAGES := \
- android.frameworks.vr.composer@1.0 \
- android.hardware.audio@2.0 \
- android.hardware.audio.common@2.0 \
- android.hardware.audio.common@2.0-util \
- android.hardware.audio.effect@2.0 \
- android.hardware.biometrics.fingerprint@2.1 \
- android.hardware.bluetooth@1.0 \
- android.hardware.boot@1.0 \
- android.hardware.broadcastradio@1.0 \
- android.hardware.broadcastradio@1.1 \
- android.hardware.camera.common@1.0 \
- android.hardware.camera.device@1.0 \
- android.hardware.camera.device@3.2 \
- android.hardware.camera.provider@2.4 \
- android.hardware.configstore@1.1 \
- android.hardware.contexthub@1.0 \
- android.hardware.drm@1.0 \
- android.hardware.gatekeeper@1.0 \
- android.hardware.gnss@1.0 \
- android.hardware.graphics.allocator@2.0 \
- android.hardware.graphics.common@1.0 \
- android.hardware.graphics.composer@2.1 \
- android.hardware.graphics.mapper@2.0 \
- android.hardware.ir@1.0 \
- android.hardware.keymaster@3.0 \
- android.hardware.light@2.0 \
- android.hardware.media@1.0 \
- android.hardware.media.omx@1.0 \
- android.hardware.media.omx@1.0-utils \
- android.hardware.memtrack@1.0 \
- android.hardware.nfc@1.0 \
- android.hardware.power@1.0 \
- android.hardware.radio@1.0 \
- android.hardware.radio.deprecated@1.0 \
- android.hardware.sensors@1.0 \
- android.hardware.soundtrigger@2.0 \
- android.hardware.thermal@1.0 \
- android.hardware.tv.cec@1.0 \
- android.hardware.tv.input@1.0 \
- android.hardware.usb@1.0 \
- android.hardware.vibrator@1.0 \
- android.hardware.vr@1.0 \
- android.hardware.wifi@1.0 \
- android.hardware.wifi.supplicant@1.0 \
- android.hidl.allocator@1.0 \
- android.hidl.memory@1.0 \
-
-PRODUCT_PACKAGES += \
- libdynamic_sensor_ext \
- libaudioroute \
- libxml2 \
- libtinyalsa \
- libtinycompress \
- cplay \
- libion \
-
-# WiFi
-# Note: Wifi HAL (android.hardware.wifi@1.0-service, wpa_supplicant,
-# and wpa_supplicant.conf) is not here. They are at vendor.img
-PRODUCT_PACKAGES += \
- libwpa_client \
- hostapd \
- hostapd_cli \
- wificond \
- wifilogd \
-
-# TODO(jiyong) move ims to vendor partition
-#PRODUCT_PACKAGES += ims
-
-PRODUCT_SYSTEM_VERITY_PARTITION := /dev/block/bootdevice/by-name/system
+include build/make/target/product/treble_common.mk
AB_OTA_UPDATER := true
AB_OTA_PARTITIONS := system
diff --git a/target/product/aosp_arm_a.mk b/target/product/aosp_arm_a.mk
index 83db402..c3188e0 100644
--- a/target/product/aosp_arm_a.mk
+++ b/target/product/aosp_arm_a.mk
@@ -19,88 +19,7 @@
# on the generic system image, place them in build/make/target/board/generic_arm_a/
# system.prop.
-PRODUCT_COPY_FILES := \
- device/generic/goldfish/data/etc/apns-conf.xml:system/etc/apns-conf.xml
-
-#split selinux policy
-PRODUCT_FULL_TREBLE_OVERRIDE := true
-
-# Some of HAL interface libraries are automatically added by the dependencies from
-# the framework. However, we list them all here to make it explicit and prevent
-# possible mistake.
-PRODUCT_PACKAGES := \
- android.dvr.composer@1.0 \
- android.hardware.audio@2.0 \
- android.hardware.audio.common@2.0 \
- android.hardware.audio.common@2.0-util \
- android.hardware.audio.effect@2.0 \
- android.hardware.biometrics.fingerprint@2.1 \
- android.hardware.bluetooth@1.0 \
- android.hardware.boot@1.0 \
- android.hardware.broadcastradio@1.0 \
- android.hardware.broadcastradio@1.1 \
- android.hardware.camera.common@1.0 \
- android.hardware.camera.device@1.0 \
- android.hardware.camera.device@3.2 \
- android.hardware.camera.provider@2.4 \
- android.hardware.configstore@1.0 \
- android.hardware.contexthub@1.0 \
- android.hardware.drm@1.0 \
- android.hardware.gatekeeper@1.0 \
- android.hardware.gnss@1.0 \
- android.hardware.graphics.allocator@2.0 \
- android.hardware.graphics.common@1.0 \
- android.hardware.graphics.composer@2.1 \
- android.hardware.graphics.mapper@2.0 \
- android.hardware.ir@1.0 \
- android.hardware.keymaster@3.0 \
- android.hardware.light@2.0 \
- android.hardware.media@1.0 \
- android.hardware.media.omx@1.0 \
- android.hardware.media.omx@1.0-utils \
- android.hardware.memtrack@1.0 \
- android.hardware.nfc@1.0 \
- android.hardware.oemlock@1.0 \
- android.hardware.power@1.0 \
- android.hardware.radio@1.0 \
- android.hardware.radio.deprecated@1.0 \
- android.hardware.sensors@1.0 \
- android.hardware.soundtrigger@2.0 \
- android.hardware.thermal@1.0 \
- android.hardware.tv.cec@1.0 \
- android.hardware.tv.input@1.0 \
- android.hardware.usb@1.0 \
- android.hardware.usb@1.1 \
- android.hardware.vibrator@1.0 \
- android.hardware.vr@1.0 \
- android.hardware.weaver@1.0 \
- android.hardware.wifi@1.0 \
- android.hardware.wifi.supplicant@1.0 \
- android.hidl.allocator@1.0 \
- android.hidl.base@1.0 \
- android.hidl.manager@1.0 \
- android.hidl.memory@1.0 \
-
-PRODUCT_PACKAGES += \
- libdynamic_sensor_ext \
- libaudioroute \
- libxml2 \
- libtinyalsa \
- libtinycompress \
- cplay \
- libion \
-
-# WiFi
-# Note: Wifi HAL (android.hardware.wifi@1.0-service, wpa_supplicant,
-# and wpa_supplicant.conf) is not here. They are at vendor.img
-PRODUCT_PACKAGES += \
- libwpa_client \
- hostapd \
- hostapd_cli \
- wificond \
- wifilogd \
-
-PRODUCT_SYSTEM_VERITY_PARTITION := /dev/block/bootdevice/by-name/system
+include build/make/target/product/treble_common.mk
$(call inherit-product, $(SRC_TARGET_DIR)/product/aosp_base_telephony.mk)
$(call inherit-product, $(SRC_TARGET_DIR)/product/verity.mk)
diff --git a/target/product/core.mk b/target/product/core.mk
index a6470ac..a2b0f1c 100644
--- a/target/product/core.mk
+++ b/target/product/core.mk
@@ -68,4 +68,7 @@
KeyChain \
Telecom \
+# The set of packages we want to force 'speed' compilation on.
+PRODUCT_DEXPREOPT_SPEED_APPS += \
+
$(call inherit-product, $(SRC_TARGET_DIR)/product/core_base.mk)
diff --git a/target/product/core_tiny.mk b/target/product/core_tiny.mk
index 7bf16f5..e9920f2 100644
--- a/target/product/core_tiny.mk
+++ b/target/product/core_tiny.mk
@@ -116,6 +116,9 @@
SettingsProvider \
WallpaperBackup \
+# The set of packages we want to force 'speed' compilation on.
+PRODUCT_DEXPREOPT_SPEED_APPS := \
+
PRODUCT_DEFAULT_PROPERTY_OVERRIDES += \
ro.zygote=zygote32
PRODUCT_COPY_FILES += \
diff --git a/target/product/generic_no_telephony.mk b/target/product/generic_no_telephony.mk
index 190a889..c83dace 100644
--- a/target/product/generic_no_telephony.mk
+++ b/target/product/generic_no_telephony.mk
@@ -29,6 +29,7 @@
Provision \
SystemUI \
SysuiDarkThemeOverlay \
+ SysuiLightWallpaperThemeOverlay \
EasterEgg \
WallpaperCropper
diff --git a/target/product/sdk_base.mk b/target/product/sdk_base.mk
index 0b14203..25056c2 100644
--- a/target/product/sdk_base.mk
+++ b/target/product/sdk_base.mk
@@ -47,6 +47,7 @@
sqlite3 \
SystemUI \
SysuiDarkThemeOverlay \
+ SysuiLightWallpaperThemeOverlay \
EasterEgg \
WallpaperPicker \
WidgetPreview
diff --git a/target/product/treble_common.mk b/target/product/treble_common.mk
new file mode 100644
index 0000000..d5366d9
--- /dev/null
+++ b/target/product/treble_common.mk
@@ -0,0 +1,213 @@
+#
+# Copyright (C) 2017 The Android Open-Source Project
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+#
+
+# Split selinux policy
+PRODUCT_FULL_TREBLE_OVERRIDE := true
+
+# HAL interfaces:
+# Some of HAL interface libraries are automatically added by the dependencies
+# from the framework. However, we list them all here to make it explicit and
+# prevent possible mistake.
+PRODUCT_PACKAGES := \
+ android.frameworks.displayservice@1.0 \
+ android.frameworks.schedulerservice@1.0 \
+ android.frameworks.sensorservice@1.0 \
+ android.frameworks.vr.composer@1.0 \
+ android.hardware.audio@2.0 \
+ android.hardware.audio.common@2.0 \
+ android.hardware.audio.common@2.0-util \
+ android.hardware.audio.effect@2.0 \
+ android.hardware.automotive.evs@1.0 \
+ android.hardware.automotive.vehicle@2.0 \
+ android.hardware.automotive.vehicle@2.0-manager-lib-shared \
+ android.hardware.automotive.vehicle@2.1 \
+ android.hardware.biometrics.fingerprint@2.1 \
+ android.hardware.bluetooth@1.0 \
+ android.hardware.boot@1.0 \
+ android.hardware.broadcastradio@1.0 \
+ android.hardware.broadcastradio@1.1 \
+ android.hardware.camera.common@1.0 \
+ android.hardware.camera.device@1.0 \
+ android.hardware.camera.device@3.2 \
+ android.hardware.camera.metadata@3.2 \
+ android.hardware.camera.provider@2.4 \
+ android.hardware.configstore-utils \
+ android.hardware.configstore@1.0 \
+ android.hardware.configstore@1.1 \
+ android.hardware.contexthub@1.0 \
+ android.hardware.drm@1.0 \
+ android.hardware.dumpstate@1.0 \
+ android.hardware.gatekeeper@1.0 \
+ android.hardware.gnss@1.0 \
+ android.hardware.graphics.allocator@2.0 \
+ android.hardware.graphics.bufferqueue@1.0 \
+ android.hardware.graphics.common@1.0 \
+ android.hardware.graphics.composer@2.1 \
+ android.hardware.graphics.mapper@2.0 \
+ android.hardware.health@1.0 \
+ android.hardware.ir@1.0 \
+ android.hardware.keymaster@3.0 \
+ android.hardware.light@2.0 \
+ android.hardware.media@1.0 \
+ android.hardware.media.omx@1.0-utils \
+ android.hardware.media.omx@1.0 \
+ android.hardware.memtrack@1.0 \
+ android.hardware.nfc@1.0 \
+ android.hardware.oemlock@1.0 \
+ android.hardware.power@1.0 \
+ android.hardware.radio@1.0 \
+ android.hardware.radio.deprecated@1.0 \
+ android.hardware.sensors@1.0 \
+ android.hardware.soundtrigger@2.0 \
+ android.hardware.thermal@1.0 \
+ android.hardware.tv.cec@1.0 \
+ android.hardware.tv.input@1.0 \
+ android.hardware.usb@1.0 \
+ android.hardware.usb@1.1 \
+ android.hardware.vibrator@1.0 \
+ android.hardware.vr@1.0 \
+ android.hardware.weaver@1.0 \
+ android.hardware.wifi@1.0 \
+ android.hardware.wifi.supplicant@1.0 \
+ android.hidl.allocator@1.0 \
+ android.hidl.manager@1.0 \
+ android.hidl.memory@1.0 \
+ android.hidl.token@1.0 \
+ android.system.wifi.keystore@1.0 \
+
+# VNDK:
+# Some VNDK shared objects are automatically included indirectly.
+# We list them all here to make it explicit and prevent possible mistakes.
+# An example of one such mistake was libcurl, which is included in A/B
+# devices because of update_engine, but not in non-A/B devices.
+PRODUCT_PACKAGES += \
+ libaudioroute \
+ libaudioutils \
+ libbinder \
+ libcamera_metadata \
+ libcap \
+ libcrypto \
+ libcrypto_utils \
+ libcups \
+ libcurl \
+ libdiskconfig \
+ libdumpstateutil \
+ libevent \
+ libexif \
+ libexpat \
+ libfmq \
+ libgatekeeper \
+ libgui \
+ libhardware_legacy \
+ libhidlmemory \
+ libicui18n \
+ libicuuc \
+ libjpeg \
+ libkeymaster1 \
+ libkeymaster_messages \
+ libldacBT_abr \
+ libldacBT_enc \
+ liblz4 \
+ liblzma \
+ libmdnssd \
+ libmemtrack \
+ libmemunreachable \
+ libmetricslogger \
+ libminijail \
+ libnetutils \
+ libnl \
+ libopus \
+ libpagemap \
+ libpcap \
+ libpcre2 \
+ libpcrecpp \
+ libpdfium \
+ libpiex \
+ libpower \
+ libprocessgroup \
+ libprocinfo \
+ libprotobuf-cpp-full \
+ libprotobuf-cpp-lite \
+ libradio_metadata \
+ libsoftkeymasterdevice \
+ libsonic \
+ libsonivox \
+ libspeexresampler \
+ libsqlite \
+ libssl \
+ libsuspend \
+ libsysutils \
+ libtinyalsa \
+ libtinyxml2 \
+ libui \
+ libusbhost \
+ libvixl-arm \
+ libvixl-arm64 \
+ libvorbisidec \
+ libwebrtc_audio_preprocessing \
+ libxml2 \
+ libyuv \
+ libziparchive \
+
+# VNDK-SP:
+PRODUCT_PACKAGES += \
+ vndk-sp \
+
+# LL-NDK:
+PRODUCT_PACKAGES += \
+ libandroid_net \
+ libc \
+ libdl \
+ liblog \
+ libm \
+ libstdc++ \
+ libvndksupport \
+ libz \
+
+# SP-NDK:
+PRODUCT_PACKAGES += \
+ libEGL \
+ libGLESv1_CM \
+ libGLESv2 \
+ libGLESv3 \
+ libnativewindow \
+ libsync \
+ libvulkan \
+
+PRODUCT_SYSTEM_VERITY_PARTITION := /dev/block/bootdevice/by-name/system
+
+# Wifi:
+# Wifi HAL (android.hardware.wifi@1.0-service, wpa_supplicant,
+# and wpa_supplicant.conf) is not here. They are in vendor.img
+PRODUCT_PACKAGES += \
+ wificond \
+
+# Audio:
+USE_XML_AUDIO_POLICY_CONF := 1
+# The following policy XML files are used as fallback for
+# vendors/devices not using XML to configure audio policy.
+PRODUCT_COPY_FILES += \
+ frameworks/av/services/audiopolicy/config/audio_policy_configuration_generic.xml:system/etc/audio_policy_configuration.xml \
+ frameworks/av/services/audiopolicy/config/primary_audio_policy_configuration.xml:system/etc/primary_audio_policy_configuration.xml \
+ frameworks/av/services/audiopolicy/config/r_submix_audio_policy_configuration.xml:system/etc/r_submix_audio_policy_configuration.xml \
+ frameworks/av/services/audiopolicy/config/audio_policy_volumes.xml:system/etc/audio_policy_volumes.xml \
+ frameworks/av/services/audiopolicy/config/default_volume_tables.xml:system/etc/default_volume_tables.xml \
+
+# Bluetooth:
+# audio.a2dp.default is a system module. Generic system image includes
+# audio.a2dp.default to support A2DP if board has the capability.
+PRODUCT_PACKAGES += \
+ audio.a2dp.default
diff --git a/tools/releasetools/add_img_to_target_files.py b/tools/releasetools/add_img_to_target_files.py
index 1d8090a..aab082b 100755
--- a/tools/releasetools/add_img_to_target_files.py
+++ b/tools/releasetools/add_img_to_target_files.py
@@ -192,14 +192,14 @@
shutil.copy(dtbo_prebuilt_path, img.name)
# AVB-sign the image as needed.
- if OPTIONS.info_dict.get("board_avb_enable") == "true":
+ if OPTIONS.info_dict.get("avb_enable") == "true":
avbtool = os.getenv('AVBTOOL') or OPTIONS.info_dict["avb_avbtool"]
part_size = OPTIONS.info_dict["dtbo_size"]
# The AVB hash footer will be replaced if already present.
cmd = [avbtool, "add_hash_footer", "--image", img.name,
"--partition_size", str(part_size), "--partition_name", "dtbo"]
- cmd.extend(shlex.split(OPTIONS.info_dict["avb_signing_args"]))
- args = OPTIONS.info_dict.get("board_avb_dtbo_add_hash_footer_args")
+ common.AppendAVBSigningArgs(cmd, "dtbo")
+ args = OPTIONS.info_dict.get("avb_dtbo_add_hash_footer_args")
if args and args.strip():
cmd.extend(shlex.split(args))
p = common.Run(cmd, stdout=subprocess.PIPE)
@@ -271,7 +271,7 @@
# by the avb tool.
is_verity_partition = "verity_block_device" in image_props
verity_supported = (image_props.get("verity") == "true" or
- image_props.get("board_avb_enable") == "true")
+ image_props.get("avb_enable") == "true")
is_avb_enable = image_props.get("avb_hashtree_enable") == "true"
if verity_supported and (is_verity_partition or is_avb_enable):
adjusted_blocks_value = image_props.get("partition_size")
@@ -334,25 +334,51 @@
img.Write()
+def AppendVBMetaArgsForPartition(cmd, partition, img_path, public_key_dir):
+ if not img_path:
+ return
+
+ # Check if chain partition is used.
+ key_path = OPTIONS.info_dict.get("avb_" + partition + "_key_path")
+ if key_path:
+ # extract public key in AVB format to be included in vbmeta.img
+ avbtool = os.getenv('AVBTOOL') or OPTIONS.info_dict["avb_avbtool"]
+ public_key_path = os.path.join(public_key_dir, "%s.avbpubkey" % partition)
+ p = common.Run([avbtool, "extract_public_key", "--key", key_path,
+ "--output", public_key_path],
+ stdout=subprocess.PIPE, stderr=subprocess.PIPE)
+ p.communicate()
+ assert p.returncode == 0, \
+ "avbtool extract_public_key fail for partition: %r" % partition
+
+ rollback_index_location = OPTIONS.info_dict[
+ "avb_" + partition + "_rollback_index_location"]
+ cmd.extend(["--chain_partition", "%s:%s:%s" % (
+ partition, rollback_index_location, public_key_path)])
+ else:
+ cmd.extend(["--include_descriptors_from_image", img_path])
+
+
def AddVBMeta(output_zip, boot_img_path, system_img_path, vendor_img_path,
dtbo_img_path, prefix="IMAGES/"):
"""Create a VBMeta image and store it in output_zip."""
img = OutputFile(output_zip, OPTIONS.input_tmp, prefix, "vbmeta.img")
avbtool = os.getenv('AVBTOOL') or OPTIONS.info_dict["avb_avbtool"]
- cmd = [avbtool, "make_vbmeta_image",
- "--output", img.name,
- "--include_descriptors_from_image", boot_img_path,
- "--include_descriptors_from_image", system_img_path]
- if vendor_img_path is not None:
- cmd.extend(["--include_descriptors_from_image", vendor_img_path])
- if dtbo_img_path is not None:
- cmd.extend(["--include_descriptors_from_image", dtbo_img_path])
- if OPTIONS.info_dict.get("system_root_image") == "true":
- cmd.extend(["--setup_rootfs_from_kernel", system_img_path])
- cmd.extend(shlex.split(OPTIONS.info_dict["avb_signing_args"]))
- args = OPTIONS.info_dict.get("board_avb_make_vbmeta_image_args")
+ cmd = [avbtool, "make_vbmeta_image", "--output", img.name]
+ common.AppendAVBSigningArgs(cmd, "vbmeta")
+
+ public_key_dir = tempfile.mkdtemp(prefix="avbpubkey-")
+ OPTIONS.tempfiles.append(public_key_dir)
+
+ AppendVBMetaArgsForPartition(cmd, "boot", boot_img_path, public_key_dir)
+ AppendVBMetaArgsForPartition(cmd, "system", system_img_path, public_key_dir)
+ AppendVBMetaArgsForPartition(cmd, "vendor", vendor_img_path, public_key_dir)
+ AppendVBMetaArgsForPartition(cmd, "dtbo", dtbo_img_path, public_key_dir)
+
+ args = OPTIONS.info_dict.get("avb_vbmeta_args")
if args and args.strip():
cmd.extend(shlex.split(args))
+
p = common.Run(cmd, stdout=subprocess.PIPE, stderr=subprocess.PIPE)
p.communicate()
assert p.returncode == 0, "avbtool make_vbmeta_image failed"
@@ -553,7 +579,7 @@
banner("dtbo")
dtbo_img_path = AddDtbo(output_zip)
- if OPTIONS.info_dict.get("board_avb_enable") == "true":
+ if OPTIONS.info_dict.get("avb_enable") == "true":
banner("vbmeta")
boot_contents = boot_image.WriteToTemp()
AddVBMeta(output_zip, boot_contents.name, system_img_path,
diff --git a/tools/releasetools/build_image.py b/tools/releasetools/build_image.py
index de75a6b..6de9763 100755
--- a/tools/releasetools/build_image.py
+++ b/tools/releasetools/build_image.py
@@ -109,18 +109,19 @@
Returns:
The maximum image size or 0 if an error occurred.
"""
- cmdline = "%s add_%s_footer " % (avbtool, footer_type)
- cmdline += "--partition_size %d " % partition_size
- cmdline += "--calc_max_image_size "
- cmdline += additional_args
- (output, exit_code) = RunCommand(shlex.split(cmdline))
+ cmd =[avbtool, "add_%s_footer" % footer_type,
+ "--partition_size", partition_size, "--calc_max_image_size"]
+ cmd.extend(shlex.split(additional_args))
+
+ (output, exit_code) = RunCommand(cmd)
if exit_code != 0:
return 0
else:
return int(output)
def AVBAddFooter(image_path, avbtool, footer_type, partition_size,
- partition_name, signing_args, additional_args):
+ partition_name, key_path, algorithm,
+ additional_args):
"""Adds dm-verity hashtree and AVB metadata to an image.
Args:
@@ -129,19 +130,24 @@
footer_type: 'hash' or 'hashtree' for generating footer.
partition_size: The size of the partition in question.
partition_name: The name of the partition - will be embedded in metadata.
- signing_args: Arguments for signing the image.
+ key_path: Path to key to use or None.
+ algorithm: Name of algorithm to use or None.
additional_args: Additional arguments to pass to 'avbtool
add_hashtree_image'.
Returns:
True if the operation succeeded.
"""
- cmdline = "%s add_%s_footer " % (avbtool, footer_type)
- cmdline += "--partition_size %d " % partition_size
- cmdline += "--partition_name %s " % partition_name
- cmdline += "--image %s " % image_path
- cmdline += signing_args + " "
- cmdline += additional_args
- (_, exit_code) = RunCommand(shlex.split(cmdline))
+ cmd =[avbtool, "add_%s_footer" % footer_type,
+ "--partition_size", partition_size,
+ "--partition_name", partition_name,
+ "--image", image_path]
+
+ if key_path and algorithm:
+ cmd.extend(["--key", key_path, "--algorithm", algorithm])
+
+ cmd.extend(shlex.split(additional_args))
+
+ (_, exit_code) = RunCommand(cmd)
return exit_code == 0
def AdjustPartitionSizeForVerity(partition_size, fec_supported):
@@ -420,8 +426,8 @@
avb_footer_type = 'hashtree'
if avb_footer_type:
- avbtool = prop_dict.get("avb_avbtool")
- partition_size = int(prop_dict.get("partition_size"))
+ avbtool = prop_dict["avb_avbtool"]
+ partition_size = prop_dict["partition_size"]
# avb_add_hash_footer_args or avb_add_hashtree_footer_args.
additional_args = prop_dict["avb_add_" + avb_footer_type + "_footer_args"]
max_image_size = AVBCalcMaxImageSize(avbtool, avb_footer_type, partition_size,
@@ -429,7 +435,7 @@
if max_image_size == 0:
return False
prop_dict["partition_size"] = str(max_image_size)
- prop_dict["original_partition_size"] = str(partition_size)
+ prop_dict["original_partition_size"] = partition_size
if fs_type.startswith("ext"):
build_command = [prop_dict["ext_mkuserimg"]]
@@ -572,14 +578,16 @@
# Add AVB HASH or HASHTREE footer (metadata).
if avb_footer_type:
- avbtool = prop_dict.get("avb_avbtool")
- original_partition_size = int(prop_dict.get("original_partition_size"))
+ avbtool = prop_dict["avb_avbtool"]
+ original_partition_size = prop_dict["original_partition_size"]
partition_name = prop_dict["partition_name"]
- signing_args = prop_dict["avb_signing_args"]
+ # key_path and algorithm are only available when chain partition is used.
+ key_path = prop_dict.get("avb_key_path")
+ algorithm = prop_dict.get("avb_algorithm")
# avb_add_hash_footer_args or avb_add_hashtree_footer_args
additional_args = prop_dict["avb_add_" + avb_footer_type + "_footer_args"]
if not AVBAddFooter(out_file, avbtool, avb_footer_type, original_partition_size,
- partition_name, signing_args, additional_args):
+ partition_name, key_path, algorithm, additional_args):
return False
if run_fsck and prop_dict.get("skip_fsck") != "true":
@@ -624,8 +632,7 @@
"verity_key",
"verity_signer_cmd",
"verity_fec",
- "board_avb_enable",
- "avb_signing_args",
+ "avb_enable",
"avb_avbtool"
)
for p in common_props:
@@ -633,6 +640,11 @@
d["mount_point"] = mount_point
if mount_point == "system":
+ copy_prop("avb_system_hashtree_enable", "avb_hashtree_enable")
+ copy_prop("avb_system_add_hashtree_footer_args",
+ "avb_add_hashtree_footer_args")
+ copy_prop("avb_system_key_path", "avb_key_path")
+ copy_prop("avb_system_algorithm", "avb_algorithm")
copy_prop("fs_type", "fs_type")
# Copy the generic system fs type first, override with specific one if
# available.
@@ -650,13 +662,15 @@
copy_prop("system_squashfs_block_size", "squashfs_block_size")
copy_prop("system_squashfs_disable_4k_align", "squashfs_disable_4k_align")
copy_prop("system_base_fs_file", "base_fs_file")
- copy_prop("system_avb_hashtree_enable", "avb_hashtree_enable")
- copy_prop("system_avb_add_hashtree_footer_args",
- "avb_add_hashtree_footer_args")
copy_prop("system_extfs_inode_count", "extfs_inode_count")
elif mount_point == "system_other":
# We inherit the selinux policies of /system since we contain some of its files.
d["mount_point"] = "system"
+ copy_prop("avb_system_hashtree_enable", "avb_hashtree_enable")
+ copy_prop("avb_system_add_hashtree_footer_args",
+ "avb_add_hashtree_footer_args")
+ copy_prop("avb_system_key_path", "avb_key_path")
+ copy_prop("avb_system_algorithm", "avb_algorithm")
copy_prop("fs_type", "fs_type")
copy_prop("system_fs_type", "fs_type")
copy_prop("system_size", "partition_size")
@@ -667,9 +681,6 @@
copy_prop("system_squashfs_compressor_opt", "squashfs_compressor_opt")
copy_prop("system_squashfs_block_size", "squashfs_block_size")
copy_prop("system_base_fs_file", "base_fs_file")
- copy_prop("system_avb_hashtree_enable", "avb_hashtree_enable")
- copy_prop("system_avb_add_hashtree_footer_args",
- "avb_add_hashtree_footer_args")
copy_prop("system_extfs_inode_count", "extfs_inode_count")
elif mount_point == "data":
# Copy the generic fs type first, override with specific one if available.
@@ -682,6 +693,11 @@
copy_prop("cache_fs_type", "fs_type")
copy_prop("cache_size", "partition_size")
elif mount_point == "vendor":
+ copy_prop("avb_vendor_hashtree_enable", "avb_hashtree_enable")
+ copy_prop("avb_vendor_add_hashtree_footer_args",
+ "avb_add_hashtree_footer_args")
+ copy_prop("avb_vendor_key_path", "avb_key_path")
+ copy_prop("avb_vendor_algorithm", "avb_algorithm")
copy_prop("vendor_fs_type", "fs_type")
copy_prop("vendor_size", "partition_size")
copy_prop("vendor_journal_size", "journal_size")
@@ -692,9 +708,6 @@
copy_prop("vendor_squashfs_block_size", "squashfs_block_size")
copy_prop("vendor_squashfs_disable_4k_align", "squashfs_disable_4k_align")
copy_prop("vendor_base_fs_file", "base_fs_file")
- copy_prop("vendor_avb_hashtree_enable", "avb_hashtree_enable")
- copy_prop("vendor_avb_add_hashtree_footer_args",
- "avb_add_hashtree_footer_args")
copy_prop("vendor_extfs_inode_count", "extfs_inode_count")
elif mount_point == "oem":
copy_prop("fs_type", "fs_type")
diff --git a/tools/releasetools/common.py b/tools/releasetools/common.py
index 652fadf..2ad628b 100644
--- a/tools/releasetools/common.py
+++ b/tools/releasetools/common.py
@@ -345,6 +345,15 @@
print("%-25s = (%s) %s" % (k, type(v).__name__, v))
+def AppendAVBSigningArgs(cmd, partition):
+ """Append signing arguments for avbtool."""
+ # e.g., "--key path/to/signing_key --algorithm SHA256_RSA4096"
+ key_path = OPTIONS.info_dict.get("avb_" + partition + "_key_path")
+ algorithm = OPTIONS.info_dict.get("avb_" + partition + "_algorithm")
+ if key_path and algorithm:
+ cmd.extend(["--key", key_path, "--algorithm", algorithm])
+
+
def _BuildBootableImage(sourcedir, fs_config_file, info_dict=None,
has_ramdisk=False, two_step_image=False):
"""Build a bootable image from the specified sourcedir.
@@ -480,13 +489,13 @@
img_keyblock.close()
# AVB: if enabled, calculate and add hash to boot.img.
- if info_dict.get("board_avb_enable", None) == "true":
+ if info_dict.get("avb_enable") == "true":
avbtool = os.getenv('AVBTOOL') or info_dict["avb_avbtool"]
part_size = info_dict["boot_size"]
cmd = [avbtool, "add_hash_footer", "--image", img.name,
"--partition_size", str(part_size), "--partition_name", "boot"]
- cmd.extend(shlex.split(info_dict["avb_signing_args"]))
- args = info_dict.get("board_avb_boot_add_hash_footer_args")
+ AppendAVBSigningArgs(cmd, "boot")
+ args = info_dict.get("avb_boot_add_hash_footer_args")
if args and args.strip():
cmd.extend(shlex.split(args))
p = Run(cmd, stdout=subprocess.PIPE)
diff --git a/tools/releasetools/ota_from_target_files.py b/tools/releasetools/ota_from_target_files.py
index 1c8fe65..1b0f68b 100755
--- a/tools/releasetools/ota_from_target_files.py
+++ b/tools/releasetools/ota_from_target_files.py
@@ -1168,7 +1168,7 @@
# into A/B OTA package.
target_zip = zipfile.ZipFile(target_file, "r")
if (OPTIONS.info_dict.get("verity") == "true" or
- OPTIONS.info_dict.get("board_avb_enable") == "true"):
+ OPTIONS.info_dict.get("avb_enable") == "true"):
care_map_path = "META/care_map.txt"
namelist = target_zip.namelist()
if care_map_path in namelist: