Merge "Revert^2 "Add a check for apex/allowed_deps.txt to droidcore.""
diff --git a/core/tasks/find-shareduid-violation.mk b/core/tasks/find-shareduid-violation.mk
index 972b1ec..d6885eb 100644
--- a/core/tasks/find-shareduid-violation.mk
+++ b/core/tasks/find-shareduid-violation.mk
@@ -16,8 +16,6 @@
shareduid_violation_modules_filename := $(PRODUCT_OUT)/shareduid_violation_modules.json
-find_shareduid_script := $(BUILD_SYSTEM)/tasks/find-shareduid-violation.py
-
$(shareduid_violation_modules_filename): $(INSTALLED_SYSTEMIMAGE_TARGET) \
$(INSTALLED_RAMDISK_TARGET) \
$(INSTALLED_BOOTIMAGE_TARGET) \
@@ -26,9 +24,9 @@
$(INSTALLED_PRODUCTIMAGE_TARGET) \
$(INSTALLED_SYSTEM_EXTIMAGE_TARGET)
-$(shareduid_violation_modules_filename): $(find_shareduid_script)
+$(shareduid_violation_modules_filename): $(HOST_OUT_EXECUTABLES)/find_shareduid_violation
$(shareduid_violation_modules_filename): $(AAPT2)
- $(find_shareduid_script) \
+ $(HOST_OUT_EXECUTABLES)/find_shareduid_violation \
--product_out $(PRODUCT_OUT) \
--aapt $(AAPT2) \
--copy_out_system $(TARGET_COPY_OUT_SYSTEM) \
diff --git a/core/tasks/find-shareduid-violation.py b/core/tasks/find-shareduid-violation.py
deleted file mode 100755
index 8dba5a1..0000000
--- a/core/tasks/find-shareduid-violation.py
+++ /dev/null
@@ -1,99 +0,0 @@
-#!/usr/bin/env python3
-#
-# Copyright (C) 2019 The Android Open Source Project
-#
-# Licensed under the Apache License, Version 2.0 (the "License");
-# you may not use this file except in compliance with the License.
-# You may obtain a copy of the License at
-#
-# http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS,
-# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# See the License for the specific language governing permissions and
-# limitations under the License.
-#
-import argparse
-import json
-import os
-import subprocess
-import sys
-
-from collections import defaultdict
-from glob import glob
-
-def parse_args():
- """Parse commandline arguments."""
- parser = argparse.ArgumentParser(description='Find sharedUserId violators')
- parser.add_argument('--product_out', help='PRODUCT_OUT directory',
- default=os.environ.get("PRODUCT_OUT"))
- parser.add_argument('--aapt', help='Path to aapt or aapt2',
- default="aapt2")
- parser.add_argument('--copy_out_system', help='TARGET_COPY_OUT_SYSTEM',
- default="system")
- parser.add_argument('--copy_out_vendor', help='TARGET_COPY_OUT_VENDOR',
- default="vendor")
- parser.add_argument('--copy_out_product', help='TARGET_COPY_OUT_PRODUCT',
- default="product")
- parser.add_argument('--copy_out_system_ext', help='TARGET_COPY_OUT_SYSTEM_EXT',
- default="system_ext")
- return parser.parse_args()
-
-def execute(cmd):
- p = subprocess.Popen(cmd, shell=True, stdout=subprocess.PIPE, stderr=subprocess.PIPE)
- out, err = map(lambda b: b.decode('utf-8'), p.communicate())
- return p.returncode == 0, out, err
-
-def make_aapt_cmds(file):
- return [aapt + ' dump ' + file + ' --file AndroidManifest.xml',
- aapt + ' dump xmltree ' + file + ' --file AndroidManifest.xml']
-
-def extract_shared_uid(file):
- for cmd in make_aapt_cmds(file):
- success, manifest, error_msg = execute(cmd)
- if success:
- break
- else:
- print(error_msg, file=sys.stderr)
- sys.exit()
-
- for l in manifest.split('\n'):
- if "sharedUserId" in l:
- return l.split('"')[-2]
- return None
-
-
-args = parse_args()
-
-product_out = args.product_out
-aapt = args.aapt
-
-partitions = (
- ("system", args.copy_out_system),
- ("vendor", args.copy_out_vendor),
- ("product", args.copy_out_product),
- ("system_ext", args.copy_out_system_ext),
-)
-
-shareduid_app_dict = defaultdict(list)
-
-for part, location in partitions:
- for f in glob(os.path.join(product_out, location, "*", "*", "*.apk")):
- apk_file = os.path.basename(f)
- shared_uid = extract_shared_uid(f)
-
- if shared_uid is None:
- continue
- shareduid_app_dict[shared_uid].append((part, apk_file))
-
-
-output = defaultdict(lambda: defaultdict(list))
-
-for uid, app_infos in shareduid_app_dict.items():
- partitions = {p for p, _ in app_infos}
- if len(partitions) > 1:
- for part in partitions:
- output[uid][part].extend([a for p, a in app_infos if p == part])
-
-print(json.dumps(output, indent=2, sort_keys=True))
diff --git a/core/version_defaults.mk b/core/version_defaults.mk
index 41696e8..7362275 100644
--- a/core/version_defaults.mk
+++ b/core/version_defaults.mk
@@ -240,7 +240,7 @@
# It must be of the form "YYYY-MM-DD" on production devices.
# It must match one of the Android Security Patch Level strings of the Public Security Bulletins.
# If there is no $PLATFORM_SECURITY_PATCH set, keep it empty.
- PLATFORM_SECURITY_PATCH := 2020-10-05
+ PLATFORM_SECURITY_PATCH := 2020-11-05
endif
.KATI_READONLY := PLATFORM_SECURITY_PATCH
diff --git a/envsetup.sh b/envsetup.sh
index e4afdb9..a2d5d1d 100644
--- a/envsetup.sh
+++ b/envsetup.sh
@@ -307,6 +307,9 @@
unset ANDROID_HOST_OUT
export ANDROID_HOST_OUT=$(get_abs_build_var HOST_OUT)
+ unset ANDROID_SOONG_HOST_OUT
+ export ANDROID_SOONG_HOST_OUT=$(get_abs_build_var SOONG_HOST_OUT)
+
unset ANDROID_HOST_OUT_TESTCASES
export ANDROID_HOST_OUT_TESTCASES=$(get_abs_build_var HOST_OUT_TESTCASES)
diff --git a/target/board/generic_arm64/BoardConfig.mk b/target/board/generic_arm64/BoardConfig.mk
index 42660e5..3d3eb2e 100644
--- a/target/board/generic_arm64/BoardConfig.mk
+++ b/target/board/generic_arm64/BoardConfig.mk
@@ -54,9 +54,6 @@
include build/make/target/board/BoardConfigGsiCommon.mk
-TARGET_NO_KERNEL := false
-BOARD_USES_RECOVERY_AS_BOOT := true
-
BOARD_KERNEL-4.19-GZ_BOOTIMAGE_PARTITION_SIZE := 47185920
BOARD_KERNEL-5.4_BOOTIMAGE_PARTITION_SIZE := 67108864
BOARD_KERNEL-5.4-ALLSYMS_BOOTIMAGE_PARTITION_SIZE := 67108864
@@ -79,8 +76,19 @@
ifneq (,$(filter userdebug eng,$(TARGET_BUILD_VARIANT)))
BOARD_KERNEL_BINARIES += kernel-5.4-allsyms kernel-5.4-gz-allsyms kernel-5.4-lz4-allsyms
endif
+
+# Boot image
+BOARD_USES_RECOVERY_AS_BOOT :=
+TARGET_NO_KERNEL := false
+BOARD_USES_GENERIC_KERNEL_IMAGE := true
BOARD_KERNEL_MODULE_INTERFACE_VERSIONS := 5.4-android12-0
+# No vendor_boot
+BOARD_MOVE_RECOVERY_RESOURCES_TO_VENDOR_BOOT :=
+
+# No recovery
+BOARD_EXCLUDE_KERNEL_FROM_RECOVERY_IMAGE :=
+
# Some vendors still haven't cleaned up all device specific directories under
# root!
diff --git a/target/board/generic_arm64/device.mk b/target/board/generic_arm64/device.mk
index 866d7c7..7c19279 100644
--- a/target/board/generic_arm64/device.mk
+++ b/target/board/generic_arm64/device.mk
@@ -31,3 +31,4 @@
endif
PRODUCT_BUILD_VENDOR_BOOT_IMAGE := false
+PRODUCT_BUILD_RECOVERY_IMAGE := false
diff --git a/target/product/base_system.mk b/target/product/base_system.mk
index 1a28cf0..8b7a9aa 100644
--- a/target/product/base_system.mk
+++ b/target/product/base_system.mk
@@ -117,6 +117,7 @@
ip-up-vpn \
javax.obex \
keystore \
+ keystore2 \
credstore \
ld.mc \
libaaudio \
@@ -381,6 +382,8 @@
logpersist.start \
logtagd.rc \
procrank \
+ profcollectd \
+ profcollectctl \
remount \
showmap \
sqlite3 \
diff --git a/tools/releasetools/Android.bp b/tools/releasetools/Android.bp
index ca6c2b2..11fb584 100644
--- a/tools/releasetools/Android.bp
+++ b/tools/releasetools/Android.bp
@@ -369,6 +369,32 @@
],
}
+python_defaults {
+ name: "releasetools_find_shareduid_violation_defaults",
+ srcs: [
+ "find_shareduid_violation.py",
+ ],
+ libs: [
+ "releasetools_common",
+ ],
+}
+
+python_binary_host {
+ name: "find_shareduid_violation",
+ defaults: [
+ "releasetools_binary_defaults",
+ "releasetools_find_shareduid_violation_defaults",
+ ],
+}
+
+python_library_host {
+ name: "releasetools_find_shareduid_violation",
+ defaults: [
+ "releasetools_find_shareduid_violation_defaults",
+ "releasetools_library_defaults",
+ ],
+}
+
python_binary_host {
name: "make_recovery_patch",
defaults: ["releasetools_binary_defaults"],
@@ -403,6 +429,7 @@
"releasetools_build_super_image",
"releasetools_check_target_files_vintf",
"releasetools_common",
+ "releasetools_find_shareduid_violation",
"releasetools_img_from_target_files",
"releasetools_ota_from_target_files",
],
@@ -505,6 +532,7 @@
"releasetools_build_super_image",
"releasetools_check_target_files_vintf",
"releasetools_common",
+ "releasetools_find_shareduid_violation",
"releasetools_img_from_target_files",
"releasetools_ota_from_target_files",
"releasetools_verity_utils",
diff --git a/tools/releasetools/find_shareduid_violation.py b/tools/releasetools/find_shareduid_violation.py
new file mode 100755
index 0000000..35acde3
--- /dev/null
+++ b/tools/releasetools/find_shareduid_violation.py
@@ -0,0 +1,175 @@
+#!/usr/bin/env python
+#
+# Copyright (C) 2019 The Android Open Source Project
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+#
+"""Find APK sharedUserId violators.
+
+Usage: find_shareduid_violation [args]
+
+ --product_out
+ PRODUCT_OUT directory
+
+ --aapt
+ Path to aapt or aapt2
+
+ --copy_out_system
+ TARGET_COPY_OUT_SYSTEM
+
+ --copy_out_vendor_
+ TARGET_COPY_OUT_VENDOR
+
+ --copy_out_product
+ TARGET_COPY_OUT_PRODUCT
+
+ --copy_out_system_ext
+ TARGET_COPY_OUT_SYSTEM_EXT
+"""
+
+import json
+import logging
+import os
+import re
+import subprocess
+import sys
+
+from collections import defaultdict
+from glob import glob
+
+import common
+
+logger = logging.getLogger(__name__)
+
+OPTIONS = common.OPTIONS
+OPTIONS.product_out = os.environ.get("PRODUCT_OUT")
+OPTIONS.aapt = "aapt2"
+OPTIONS.copy_out_system = "system"
+OPTIONS.copy_out_vendor = "vendor"
+OPTIONS.copy_out_product = "product"
+OPTIONS.copy_out_system_ext = "system_ext"
+
+
+def execute(cmd):
+ p = subprocess.Popen(
+ cmd, shell=True, stdout=subprocess.PIPE, stderr=subprocess.PIPE)
+ out, err = map(lambda b: b.decode("utf-8"), p.communicate())
+ return p.returncode == 0, out, err
+
+
+def make_aapt_cmds(aapt, apk):
+ return [
+ aapt + " dump " + apk + " --file AndroidManifest.xml",
+ aapt + " dump xmltree " + apk + " --file AndroidManifest.xml"
+ ]
+
+
+def extract_shared_uid(aapt, apk):
+ for cmd in make_aapt_cmds(aapt, apk):
+ success, manifest, error_msg = execute(cmd)
+ if success:
+ break
+ else:
+ logger.error(error_msg)
+ sys.exit()
+
+ pattern = re.compile(r"sharedUserId.*=\"([^\"]*)")
+
+ for line in manifest.split("\n"):
+ match = pattern.search(line)
+ if match:
+ return match.group(1)
+ return None
+
+
+def FindShareduidViolation(product_out, partition_map, aapt="aapt2"):
+ """Find sharedUserId violators in the given partitions.
+
+ Args:
+ product_out: The base directory containing the partition directories.
+ partition_map: A map of partition name -> directory name.
+ aapt: The name of the aapt binary. Defaults to aapt2.
+
+ Returns:
+ A string containing a JSON object describing the shared UIDs.
+ """
+ shareduid_app_dict = defaultdict(lambda: defaultdict(list))
+
+ for part, location in partition_map.items():
+ for f in glob(os.path.join(product_out, location, "*", "*", "*.apk")):
+ apk_file = os.path.basename(f)
+ shared_uid = extract_shared_uid(aapt, f)
+
+ if shared_uid is None:
+ continue
+ shareduid_app_dict[shared_uid][part].append(apk_file)
+
+ # Only output sharedUserId values that appear in >1 partition.
+ output = {}
+ for uid, partitions in shareduid_app_dict.items():
+ if len(partitions) > 1:
+ output[uid] = shareduid_app_dict[uid]
+
+ return json.dumps(output, indent=2, sort_keys=True)
+
+
+def main():
+ common.InitLogging()
+
+ def option_handler(o, a):
+ if o == "--product_out":
+ OPTIONS.product_out = a
+ elif o == "--aapt":
+ OPTIONS.aapt = a
+ elif o == "--copy_out_system":
+ OPTIONS.copy_out_system = a
+ elif o == "--copy_out_vendor":
+ OPTIONS.copy_out_vendor = a
+ elif o == "--copy_out_product":
+ OPTIONS.copy_out_product = a
+ elif o == "--copy_out_system_ext":
+ OPTIONS.copy_out_system_ext = a
+ else:
+ return False
+ return True
+
+ args = common.ParseOptions(
+ sys.argv[1:],
+ __doc__,
+ extra_long_opts=[
+ "product_out=",
+ "aapt=",
+ "copy_out_system=",
+ "copy_out_vendor=",
+ "copy_out_product=",
+ "copy_out_system_ext=",
+ ],
+ extra_option_handler=option_handler)
+
+ if args:
+ common.Usage(__doc__)
+ sys.exit(1)
+
+ partition_map = {
+ "system": OPTIONS.copy_out_system,
+ "vendor": OPTIONS.copy_out_vendor,
+ "product": OPTIONS.copy_out_product,
+ "system_ext": OPTIONS.copy_out_system_ext,
+ }
+
+ print(
+ FindShareduidViolation(OPTIONS.product_out, partition_map, OPTIONS.aapt))
+
+
+if __name__ == "__main__":
+ main()
diff --git a/tools/releasetools/merge_target_files.py b/tools/releasetools/merge_target_files.py
index 2da5cc0..0d135d6 100755
--- a/tools/releasetools/merge_target_files.py
+++ b/tools/releasetools/merge_target_files.py
@@ -98,6 +98,7 @@
import check_target_files_vintf
import common
import img_from_target_files
+import find_shareduid_violation
import ota_from_target_files
logger = logging.getLogger(__name__)
@@ -943,6 +944,21 @@
if not check_target_files_vintf.CheckVintf(output_target_files_temp_dir):
raise RuntimeError('Incompatible VINTF metadata')
+ shareduid_violation_modules = os.path.join(
+ output_target_files_temp_dir, 'META', 'shareduid_violation_modules.json')
+ with open(shareduid_violation_modules, 'w') as f:
+ partition_map = {
+ 'system': 'SYSTEM',
+ 'vendor': 'VENDOR',
+ 'product': 'PRODUCT',
+ 'system_ext': 'SYSTEM_EXT',
+ }
+ violation = find_shareduid_violation.FindShareduidViolation(
+ output_target_files_temp_dir, partition_map)
+ f.write(violation)
+ # TODO(b/171431774): Add a check to common.py to check if the
+ # shared UIDs cross the input build partition boundary.
+
generate_images(output_target_files_temp_dir, rebuild_recovery)
generate_super_empty_image(output_target_files_temp_dir, output_super_empty)
diff --git a/tools/releasetools/ota_from_target_files.py b/tools/releasetools/ota_from_target_files.py
index 7910c42..9a57c8a 100755
--- a/tools/releasetools/ota_from_target_files.py
+++ b/tools/releasetools/ota_from_target_files.py
@@ -972,6 +972,12 @@
"META/ab_partitions.txt is required for ab_update."
target_info = common.BuildInfo(OPTIONS.target_info_dict, OPTIONS.oem_dicts)
source_info = common.BuildInfo(OPTIONS.source_info_dict, OPTIONS.oem_dicts)
+ vendor_prop = source_info.info_dict.get("vendor.build.prop")
+ if vendor_prop and \
+ vendor_prop.GetProp("ro.virtual_ab.compression.enabled") == "true":
+ # TODO(zhangkelvin) Remove this once FEC on VABC is supported
+ logger.info("Virtual AB Compression enabled, disabling FEC")
+ OPTIONS.disable_fec_computation = True
else:
assert "ab_partitions" in OPTIONS.info_dict, \
"META/ab_partitions.txt is required for ab_update."
@@ -998,7 +1004,7 @@
# Target_file may have been modified, reparse ab_partitions
with zipfile.ZipFile(target_file, allowZip64=True) as zfp:
target_info.info_dict['ab_partitions'] = zfp.read(
- AB_PARTITIONS).encode().strip().split("\n")
+ AB_PARTITIONS).decode().strip().split("\n")
# Metadata to comply with Android OTA package format.
metadata = GetPackageMetadata(target_info, source_info)