Merge "Removing --flag 2 when building GSI vbmeta.img" into qt-dev
diff --git a/CleanSpec.mk b/CleanSpec.mk
index 8c2002d..516254c 100644
--- a/CleanSpec.mk
+++ b/CleanSpec.mk
@@ -629,6 +629,8 @@
# Clean up adb_debug.propr
$(call add-clean-step, rm -rf $(PRODUCT_OUT)/system/etc/adb_debug.prop)
+
+$(call add-clean-step, rm -rf $(PRODUCT_OUT)/system/lib*/libjavacrypto.so)
# ************************************************
# NEWER CLEAN STEPS MUST BE AT THE END OF THE LIST
# ************************************************
diff --git a/core/Makefile b/core/Makefile
index e29d000..3dc9134 100644
--- a/core/Makefile
+++ b/core/Makefile
@@ -505,7 +505,9 @@
$(hide) echo "#" >> $@; \
echo "# BOOTIMAGE_BUILD_PROPERTIES" >> $@; \
echo "#" >> $@;
- $(hide) $(call generate-common-build-props,bootimage,$@)
+ $(hide) echo ro.bootimage.build.date=`$(DATE_FROM_FILE)`>>$@
+ $(hide) echo ro.bootimage.build.date.utc=`$(DATE_FROM_FILE) +%s`>>$@
+ $(hide) echo ro.bootimage.build.fingerprint="$(BUILD_FINGERPRINT_FROM_FILE)">>$@
$(hide) echo "#" >> $@; \
echo "# ADDITIONAL VENDOR BUILD PROPERTIES" >> $@; \
echo "#" >> $@;
@@ -2123,25 +2125,6 @@
FULL_SYSTEMIMAGE_DEPS += $(INTERNAL_ROOT_FILES) $(INSTALLED_FILES_FILE_ROOT)
# -----------------------------------------------------------------
-# Final System VINTF manifest including fragments. This is not assembled
-# on the device because it depends on everything in a given device
-# image which defines a vintf_fragment.
-
-BUILT_ASSEMBLED_SYSTEM_MANIFEST := $(PRODUCT_OUT)/verified_assembled_system_manifest.xml
-$(BUILT_ASSEMBLED_SYSTEM_MANIFEST): $(HOST_OUT_EXECUTABLES)/assemble_vintf
-$(BUILT_ASSEMBLED_SYSTEM_MANIFEST): $(BUILT_VENDOR_MATRIX)
-$(BUILT_ASSEMBLED_SYSTEM_MANIFEST): $(BUILT_SYSTEM_MANIFEST)
-$(BUILT_ASSEMBLED_SYSTEM_MANIFEST): $(FULL_SYSTEMIMAGE_DEPS)
- @echo "Verifying system VINTF manifest."
- PRODUCT_ENFORCE_VINTF_MANIFEST=$(PRODUCT_ENFORCE_VINTF_MANIFEST) \
- $(HOST_OUT_EXECUTABLES)/assemble_vintf \
- -c $(BUILT_VENDOR_MATRIX) \
- -i $(BUILT_SYSTEM_MANIFEST) \
- $$([ -d $(TARGET_OUT)/etc/vintf/manifest ] && \
- find $(TARGET_OUT)/etc/vintf/manifest -type f -name "*.xml" | \
- sed "s/^/-i /" | tr '\n' ' ') -o $@
-
-# -----------------------------------------------------------------
ifdef BUILDING_SYSTEM_IMAGE
# installed file list
@@ -2250,6 +2233,7 @@
APEX_MODULE_LIBS= \
libadbconnection.so \
libandroidicu.so \
+ libandroidio.so \
libdt_fd_forward.so \
libdt_socket.so \
libjavacore.so \
@@ -2262,6 +2246,10 @@
libopenjdkjvmti.so \
libpac.so \
+# Conscrypt APEX_MODULE_LIBS
+APEX_MODULE_LIBS += \
+ libjavacrypto.so \
+
# An option to disable the check below, for local use since some build targets
# still may create these libraries in /system (b/129006418).
DISABLE_APEX_LIBS_ABSENCE_CHECK ?=
@@ -2321,7 +2309,6 @@
exit 1 )
endef
-$(BUILT_SYSTEMIMAGE): $(BUILT_ASSEMBLED_SYSTEM_MANIFEST)
$(BUILT_SYSTEMIMAGE): $(FULL_SYSTEMIMAGE_DEPS) $(INSTALLED_FILES_FILE) $(BUILD_IMAGE_SRCS)
$(call build-systemimage-target,$@)
@@ -2955,6 +2942,31 @@
endif
# -----------------------------------------------------------------
+# Final Framework VINTF manifest including fragments. This is not assembled
+# on the device because it depends on everything in a given device
+# image which defines a vintf_fragment.
+
+BUILT_ASSEMBLED_FRAMEWORK_MANIFEST := $(PRODUCT_OUT)/verified_assembled_framework_manifest.xml
+$(BUILT_ASSEMBLED_FRAMEWORK_MANIFEST): $(HOST_OUT_EXECUTABLES)/assemble_vintf \
+ $(BUILT_VENDOR_MATRIX) \
+ $(BUILT_SYSTEM_MANIFEST) \
+ $(FULL_SYSTEMIMAGE_DEPS) \
+ $(BUILT_PRODUCT_MANIFEST) \
+ $(BUILT_PRODUCTIMAGE_TARGET)
+ @echo "Verifying framework VINTF manifest."
+ PRODUCT_ENFORCE_VINTF_MANIFEST=$(PRODUCT_ENFORCE_VINTF_MANIFEST) \
+ $(HOST_OUT_EXECUTABLES)/assemble_vintf \
+ -o $@ \
+ -c $(BUILT_VENDOR_MATRIX) \
+ -i $(BUILT_SYSTEM_MANIFEST) \
+ $(addprefix -i ,\
+ $(filter $(TARGET_OUT)/etc/vintf/manifest/%.xml,$(FULL_SYSTEMIMAGE_DEPS)) \
+ $(BUILT_PRODUCT_MANIFEST) \
+ $(filter $(TARGET_OUT_PRODUCT)/etc/vintf/manifest/%.xml,$(INTERNAL_PRODUCTIMAGE_FILES)))
+
+droidcore: $(BUILT_ASSEMBLED_FRAMEWORK_MANIFEST)
+
+# -----------------------------------------------------------------
# product_services partition image
ifdef BUILDING_PRODUCT_SERVICES_IMAGE
INTERNAL_PRODUCT_SERVICESIMAGE_FILES := \
@@ -3796,6 +3808,8 @@
echo "super_$(group)_partition_list=$(BOARD_$(call to-upper,$(group))_PARTITION_LIST)" >> $(1);))
$(if $(filter true,$(TARGET_USERIMAGES_SPARSE_EXT_DISABLED)), \
echo "build_non_sparse_super_partition=true" >> $(1))
+ $(if $(filter true,$(BOARD_SUPER_IMAGE_IN_UPDATE_PACKAGE)), \
+ echo "super_image_in_update_package=true" >> $(1))
endef
# Depending on the various images guarantees that the underlying
@@ -3836,7 +3850,7 @@
$(HOST_OUT_EXECUTABLES)/bsdiff \
$(HOST_OUT_EXECUTABLES)/care_map_generator \
$(BUILD_IMAGE_SRCS) \
- $(BUILT_ASSEMBLED_SYSTEM_MANIFEST) \
+ $(BUILT_ASSEMBLED_FRAMEWORK_MANIFEST) \
$(BUILT_ASSEMBLED_VENDOR_MANIFEST) \
$(BUILT_SYSTEM_MATRIX) \
$(BUILT_VENDOR_MATRIX) \
@@ -4180,7 +4194,7 @@
endif
@# Metadata for compatibility verification.
$(hide) cp $(BUILT_SYSTEM_MATRIX) $(zip_root)/META/system_matrix.xml
- $(hide) cp $(BUILT_ASSEMBLED_SYSTEM_MANIFEST) $(zip_root)/META/system_manifest.xml
+ $(hide) cp $(BUILT_ASSEMBLED_FRAMEWORK_MANIFEST) $(zip_root)/META/system_manifest.xml
ifdef BUILT_ASSEMBLED_VENDOR_MANIFEST
$(hide) cp $(BUILT_ASSEMBLED_VENDOR_MANIFEST) $(zip_root)/META/vendor_manifest.xml
endif
@@ -4299,25 +4313,6 @@
endif # build_ota_package
# -----------------------------------------------------------------
-# The update package
-
-name := $(TARGET_PRODUCT)
-ifeq ($(TARGET_BUILD_TYPE),debug)
- name := $(name)_debug
-endif
-name := $(name)-img-$(FILE_NAME_TAG)
-
-INTERNAL_UPDATE_PACKAGE_TARGET := $(PRODUCT_OUT)/$(name).zip
-
-$(INTERNAL_UPDATE_PACKAGE_TARGET): $(BUILT_TARGET_FILES_PACKAGE) $(ZIP2ZIP)
- @echo "Package: $@"
- $(hide) $(ZIP2ZIP) -i $(BUILT_TARGET_FILES_PACKAGE) -o $@ \
- OTA/android-info.txt:android-info.txt "IMAGES/*.img:."
-
-.PHONY: updatepackage
-updatepackage: $(INTERNAL_UPDATE_PACKAGE_TARGET)
-
-# -----------------------------------------------------------------
# A zip of the appcompat directory containing logs
APPCOMPAT_ZIP := $(PRODUCT_OUT)/appcompat.zip
# For apps_only build we'll establish the dependency later in build/make/core/main.mk.
@@ -4338,7 +4333,6 @@
$(hide) find $(PRODUCT_OUT)/appcompat | sort >$(PRIVATE_LIST_FILE)
$(hide) $(SOONG_ZIP) -d -o $@ -C $(PRODUCT_OUT)/appcompat -l $(PRIVATE_LIST_FILE)
-
# -----------------------------------------------------------------
# A zip of the symbols directory. Keep the full paths to make it
# more obvious where these files came from.
@@ -4463,7 +4457,7 @@
endif # TARGET_BUILD_APPS
# -----------------------------------------------------------------
-# super partition image
+# super partition image (dist)
ifeq (true,$(PRODUCT_BUILD_SUPER_PARTITION))
@@ -4478,31 +4472,86 @@
endef
ifneq (true,$(PRODUCT_RETROFIT_DYNAMIC_PARTITIONS))
-INSTALLED_SUPERIMAGE_TARGET := $(call intermediates-dir-for,PACKAGING,super.img)/super.img
-$(INSTALLED_SUPERIMAGE_TARGET): extracted_input_target_files := $(patsubst %.zip,%,$(BUILT_TARGET_FILES_PACKAGE))
-$(INSTALLED_SUPERIMAGE_TARGET): $(LPMAKE) $(BUILT_TARGET_FILES_PACKAGE) $(BUILD_SUPER_IMAGE)
- $(call pretty,"Target super fs image: $@")
+
+# For real devices and for dist builds, build super image from target files to an intermediate directory.
+INTERNAL_SUPERIMAGE_DIST_TARGET := $(call intermediates-dir-for,PACKAGING,super.img)/super.img
+$(INTERNAL_SUPERIMAGE_DIST_TARGET): extracted_input_target_files := $(patsubst %.zip,%,$(BUILT_TARGET_FILES_PACKAGE))
+$(INTERNAL_SUPERIMAGE_DIST_TARGET): $(LPMAKE) $(BUILT_TARGET_FILES_PACKAGE) $(BUILD_SUPER_IMAGE)
+ $(call pretty,"Target super fs image from target files: $@")
PATH=$(dir $(LPMAKE)):$$PATH \
$(BUILD_SUPER_IMAGE) -v $(extracted_input_target_files) $@
-# supernod uses images in the $(PRODUCT_OUT) directory instead of images from target files package.
-.PHONY: superimage-nodeps supernod
-superimage-nodeps supernod: intermediates := $(call intermediates-dir-for,PACKAGING,superimage-nodeps)
-superimage-nodeps supernod: | $(LPMAKE) $(BUILD_SUPER_IMAGE) \
- $(foreach p, $(BOARD_SUPER_PARTITION_PARTITION_LIST), $(INSTALLED_$(call to-upper,$(p))IMAGE_TARGET))
- $(call pretty,"make $(INSTALLED_SUPERIMAGE_TARGET): ignoring dependencies")
- mkdir -p $(intermediates)
- rm -rf $(intermediates)/misc_info.txt
- $(call dump-super-image-info,$(intermediates)/misc_info.txt)
- $(foreach p,$(BOARD_SUPER_PARTITION_PARTITION_LIST), \
- echo "$(p)_image=$(INSTALLED_$(call to-upper,$(p))IMAGE_TARGET)" >> $(intermediates)/misc_info.txt;)
- mkdir -p $(dir $(INSTALLED_SUPERIMAGE_TARGET))
- PATH=$(dir $(LPMAKE)):$$PATH \
- $(BUILD_SUPER_IMAGE) -v $(intermediates)/misc_info.txt $(INSTALLED_SUPERIMAGE_TARGET)
+# Skip packing it in dist package because it is in update package.
+ifneq (true,$(BOARD_SUPER_IMAGE_IN_UPDATE_PACKAGE))
+$(call dist-for-goals,dist_files,$(INTERNAL_SUPERIMAGE_DIST_TARGET))
+endif
+
+.PHONY: superimage_dist
+superimage_dist: $(INTERNAL_SUPERIMAGE_DIST_TARGET)
endif # PRODUCT_RETROFIT_DYNAMIC_PARTITIONS != "true"
+endif # BOARD_SUPER_PARTITION_SIZE != ""
+endif # PRODUCT_BUILD_SUPER_PARTITION == "true"
-$(call dist-for-goals,dist_files,$(INSTALLED_SUPERIMAGE_TARGET))
+# -----------------------------------------------------------------
+# super partition image for development
+
+ifeq (true,$(PRODUCT_BUILD_SUPER_PARTITION))
+ifneq ($(BOARD_SUPER_PARTITION_SIZE),)
+ifneq (true,$(PRODUCT_RETROFIT_DYNAMIC_PARTITIONS))
+
+# Build super.img by using $(INSTALLED_*IMAGE_TARGET) to $(1)
+# $(1): built image path
+# $(2): misc_info.txt path; its contents should match expectation of build_super_image.py
+define build-superimage-target
+ mkdir -p $(dir $(2))
+ rm -rf $(2)
+ $(call dump-super-image-info,$(2))
+ $(foreach p,$(BOARD_SUPER_PARTITION_PARTITION_LIST), \
+ echo "$(p)_image=$(INSTALLED_$(call to-upper,$(p))IMAGE_TARGET)" >> $(2);)
+ mkdir -p $(dir $(1))
+ PATH=$(dir $(LPMAKE)):$$PATH \
+ $(BUILD_SUPER_IMAGE) -v $(2) $(1)
+endef
+
+INSTALLED_SUPERIMAGE_TARGET := $(PRODUCT_OUT)/super.img
+INSTALLED_SUPERIMAGE_DEPENDENCIES := $(LPMAKE) $(BUILD_SUPER_IMAGE) \
+ $(foreach p, $(BOARD_SUPER_PARTITION_PARTITION_LIST), $(INSTALLED_$(call to-upper,$(p))IMAGE_TARGET))
+
+# If BOARD_BUILD_SUPER_IMAGE_BY_DEFAULT is set, super.img is built from images in the
+# $(PRODUCT_OUT) directory, and is built to $(PRODUCT_OUT)/super.img. Also, it will
+# be built for non-dist builds. This is useful for devices that uses super.img directly, e.g.
+# virtual devices.
+ifeq (true,$(BOARD_BUILD_SUPER_IMAGE_BY_DEFAULT))
+$(INSTALLED_SUPERIMAGE_TARGET): $(INSTALLED_SUPERIMAGE_DEPENDENCIES)
+ $(call pretty,"Target super fs image for debug: $@")
+ $(call build-superimage-target,$(INSTALLED_SUPERIMAGE_TARGET),\
+ $(call intermediates-dir-for,PACKAGING,superimage_debug)/misc_info.txt)
+
+droidcore: $(INSTALLED_SUPERIMAGE_TARGET)
+
+# For devices that uses super image directly, the superimage target points to the file in $(PRODUCT_OUT).
+.PHONY: superimage
+superimage: $(INSTALLED_SUPERIMAGE_TARGET)
+endif # BOARD_BUILD_SUPER_IMAGE_BY_DEFAULT
+
+# Build $(PRODUCT_OUT)/super.img without dependencies.
+.PHONY: superimage-nodeps supernod
+superimage-nodeps supernod: intermediates :=
+superimage-nodeps supernod: | $(INSTALLED_SUPERIMAGE_DEPENDENCIES)
+ $(call pretty,"make $(INSTALLED_SUPERIMAGE_TARGET): ignoring dependencies")
+ $(call build-superimage-target,$(INSTALLED_SUPERIMAGE_TARGET),\
+ $(call intermediates-dir-for,PACKAGING,superimage-nodeps)/misc_info.txt)
+
+endif # PRODUCT_RETROFIT_DYNAMIC_PARTITIONS != "true"
+endif # BOARD_SUPER_PARTITION_SIZE != ""
+endif # PRODUCT_BUILD_SUPER_PARTITION == "true"
+
+# -----------------------------------------------------------------
+# super empty image
+
+ifeq (true,$(PRODUCT_BUILD_SUPER_PARTITION))
+ifneq ($(BOARD_SUPER_PARTITION_SIZE),)
INSTALLED_SUPERIMAGE_EMPTY_TARGET := $(PRODUCT_OUT)/super_empty.img
$(INSTALLED_SUPERIMAGE_EMPTY_TARGET): intermediates := $(call intermediates-dir-for,PACKAGING,super_empty)
@@ -4519,6 +4568,50 @@
endif # BOARD_SUPER_PARTITION_SIZE != ""
endif # PRODUCT_BUILD_SUPER_PARTITION == "true"
+
+# -----------------------------------------------------------------
+# The update package
+
+name := $(TARGET_PRODUCT)
+ifeq ($(TARGET_BUILD_TYPE),debug)
+ name := $(name)_debug
+endif
+name := $(name)-img-$(FILE_NAME_TAG)
+
+INTERNAL_UPDATE_PACKAGE_TARGET := $(PRODUCT_OUT)/$(name).zip
+
+$(INTERNAL_UPDATE_PACKAGE_TARGET): $(BUILT_TARGET_FILES_PACKAGE) $(ZIP2ZIP)
+
+ifeq (true,$(BOARD_SUPER_IMAGE_IN_UPDATE_PACKAGE))
+$(INTERNAL_UPDATE_PACKAGE_TARGET): $(INTERNAL_SUPERIMAGE_DIST_TARGET)
+ @echo "Package: $@"
+ # Filter out super_empty and images in BOARD_SUPER_PARTITION_PARTITION_LIST.
+ # Filter out system_other for launch DAP devices because it is in super image.
+ # Include OTA/super_*.img for retrofit devices and super.img for non-retrofit
+ # devices.
+ $(hide) $(ZIP2ZIP) -i $(BUILT_TARGET_FILES_PACKAGE) -o $@ \
+ -x IMAGES/super_empty.img \
+ $(foreach partition,$(BOARD_SUPER_PARTITION_PARTITION_LIST), \
+ -x IMAGES/$(partition).img) \
+ $(if $(filter system, $(BOARD_SUPER_PARTITION_PARTITION_LIST)), \
+ $(if $(filter true, $(PRODUCT_RETROFIT_DYNAMIC_PARTITIONS)),, \
+ -x IMAGES/system_other.img)) \
+ $(if $(filter true,$(PRODUCT_RETROFIT_DYNAMIC_PARTITIONS)), \
+ $(foreach device,$(BOARD_SUPER_PARTITION_BLOCK_DEVICES), \
+ OTA/super_$(device).img:super_$(device).img)) \
+ OTA/android-info.txt:android-info.txt "IMAGES/*.img:."
+ $(if $(INTERNAL_SUPERIMAGE_DIST_TARGET), zip -q -j -u $@ $(INTERNAL_SUPERIMAGE_DIST_TARGET))
+else
+$(INTERNAL_UPDATE_PACKAGE_TARGET):
+ @echo "Package: $@"
+ $(hide) $(ZIP2ZIP) -i $(BUILT_TARGET_FILES_PACKAGE) -o $@ \
+ OTA/android-info.txt:android-info.txt "IMAGES/*.img:."
+endif # BOARD_SUPER_IMAGE_IN_UPDATE_PACKAGE
+
+.PHONY: updatepackage
+updatepackage: $(INTERNAL_UPDATE_PACKAGE_TARGET)
+
+
# -----------------------------------------------------------------
# dalvik something
.PHONY: dalvikfiles
diff --git a/core/dex_preopt_config.mk b/core/dex_preopt_config.mk
index a494991..b5834b0 100644
--- a/core/dex_preopt_config.mk
+++ b/core/dex_preopt_config.mk
@@ -111,6 +111,7 @@
$(call add_json_bool, GenerateDmFiles, $(PRODUCT_DEX_PREOPT_GENERATE_DM_FILES))
$(call add_json_bool, NeverAllowStripping, $(PRODUCT_DEX_PREOPT_NEVER_ALLOW_STRIPPING))
$(call add_json_bool, NoDebugInfo, $(filter false,$(WITH_DEXPREOPT_DEBUG_INFO)))
+ $(call add_json_bool, DontResolveStartupStrings, $(filter false,$(PRODUCT_DEX_PREOPT_RESOLVE_STARTUP_STRINGS)))
$(call add_json_bool, AlwaysSystemServerDebugInfo, $(filter true,$(PRODUCT_SYSTEM_SERVER_DEBUG_INFO)))
$(call add_json_bool, NeverSystemServerDebugInfo, $(filter false,$(PRODUCT_SYSTEM_SERVER_DEBUG_INFO)))
$(call add_json_bool, AlwaysOtherDebugInfo, $(filter true,$(PRODUCT_OTHER_JAVA_DEBUG_INFO)))
diff --git a/core/main.mk b/core/main.mk
index af26705..7e1bdd5 100644
--- a/core/main.mk
+++ b/core/main.mk
@@ -1469,9 +1469,6 @@
.PHONY: systemotherimage
systemotherimage: $(INSTALLED_SYSTEMOTHERIMAGE_TARGET)
-.PHONY: superimage
-superimage: $(INSTALLED_SUPERIMAGE_TARGET)
-
.PHONY: superimage_empty
superimage_empty: $(INSTALLED_SUPERIMAGE_EMPTY_TARGET)
diff --git a/core/notice_files.mk b/core/notice_files.mk
index e687ab2..c314734 100644
--- a/core/notice_files.mk
+++ b/core/notice_files.mk
@@ -38,6 +38,8 @@
endif
endif
+installed_notice_file :=
+
ifdef notice_file
ifdef my_register_name
@@ -71,12 +73,17 @@
endif
module_installed_filename := \
$(patsubst $(PRODUCT_OUT)/%,%,$($(my_prefix)OUT_JAVA_LIBRARIES))/$(module_leaf)
+ else ifeq ($(LOCAL_MODULE_CLASS),ETC)
+ # ETC modules may be uninstallable, yet still have a NOTICE file. e.g. apex components
+ module_installed_filename :=
else
$(error Cannot determine where to install NOTICE file for $(LOCAL_MODULE))
endif # JAVA_LIBRARIES
endif # STATIC_LIBRARIES
endif
+ifdef module_installed_filename
+
# In case it's actually a host file
module_installed_filename := $(patsubst $(HOST_OUT)/%,%,$(module_installed_filename))
module_installed_filename := $(patsubst $(HOST_CROSS_OUT)/%,%,$(module_installed_filename))
@@ -110,10 +117,8 @@
endif # JAVA_LIBRARIES
endif # TARGET_BUILD_APPS
-else
-# NOTICE file does not exist
-installed_notice_file :=
-endif
+endif # module_installed_filename
+endif # notice_file
# Create a predictable, phony target to build this notice file.
# Define it even if the notice file doesn't exist so that other
diff --git a/core/product.mk b/core/product.mk
index 3ba606f..4b5c805 100644
--- a/core/product.mk
+++ b/core/product.mk
@@ -240,6 +240,7 @@
_product_var_list += PRODUCT_DEX_PREOPT_PROFILE_DIR
_product_var_list += PRODUCT_DEX_PREOPT_GENERATE_DM_FILES
_product_var_list += PRODUCT_DEX_PREOPT_NEVER_ALLOW_STRIPPING
+_product_var_list += PRODUCT_DEX_PREOPT_RESOLVE_STARTUP_STRINGS
# Boot image options.
_product_var_list += \
diff --git a/target/board/gsi_system.prop b/target/board/gsi_system.prop
index d768c83..780aadc 100644
--- a/target/board/gsi_system.prop
+++ b/target/board/gsi_system.prop
@@ -4,6 +4,9 @@
# GSI always disables adb authentication
ro.adb.secure=0
+# GSI disables non-AOSP nnapi extensions on product partition
+ro.nnapi.extensions.deny_on_product=true
+
# TODO(b/120679683): disable RescueParty before all problem apps solved
persist.sys.disable_rescue=true
diff --git a/target/board/gsi_system_user.prop b/target/board/gsi_system_user.prop
index becb783..217bd01 100644
--- a/target/board/gsi_system_user.prop
+++ b/target/board/gsi_system_user.prop
@@ -1,6 +1,9 @@
# GSI always generate dex pre-opt in system image
ro.cp_system_other_odex=0
+# GSI disables non-AOSP nnapi extensions on product partition
+ro.nnapi.extensions.deny_on_product=true
+
# TODO(b/120679683): disable RescueParty before all problem apps solved
persist.sys.disable_rescue=true
diff --git a/target/product/base_product.mk b/target/product/base_product.mk
index 1ed9e83..82557bf 100644
--- a/target/product/base_product.mk
+++ b/target/product/base_product.mk
@@ -19,3 +19,4 @@
healthd \
ModuleMetadata \
product_compatibility_matrix.xml \
+ product_manifest.xml \
diff --git a/target/product/base_system.mk b/target/product/base_system.mk
index b214ca5..de4df5c 100644
--- a/target/product/base_system.mk
+++ b/target/product/base_system.mk
@@ -272,7 +272,7 @@
# VINTF data for system image
PRODUCT_PACKAGES += \
- framework_manifest.xml \
+ system_manifest.xml \
system_compatibility_matrix.xml \
# Host tools to install
diff --git a/target/product/mainline_system.mk b/target/product/mainline_system.mk
index fc5c554..66207df 100644
--- a/target/product/mainline_system.mk
+++ b/target/product/mainline_system.mk
@@ -19,9 +19,7 @@
$(call inherit-product, $(SRC_TARGET_DIR)/product/telephony_system.mk)
$(call inherit-product, $(SRC_TARGET_DIR)/product/languages_default.mk)
# Enable updating of APEXes
-# TODO(b/130652892, b/129035564): uncomment following line when Pixel 2019 kernel
-# is updated to support APEX.
-#$(call inherit-product, $(SRC_TARGET_DIR)/product/updatable_apex.mk)
+$(call inherit-product, $(SRC_TARGET_DIR)/product/updatable_apex.mk)
# Add adb keys to debuggable AOSP builds (if they exist)
$(call inherit-product-if-exists, vendor/google/security/adb/vendor_key.mk)
diff --git a/tools/releasetools/img_from_target_files.py b/tools/releasetools/img_from_target_files.py
index 0156b72..d44931a 100755
--- a/tools/releasetools/img_from_target_files.py
+++ b/tools/releasetools/img_from_target_files.py
@@ -35,6 +35,7 @@
import zipfile
import common
+from build_super_image import BuildSuperImage
if sys.hexversion < 0x02070000:
print("Python 2.7 or newer is required.", file=sys.stderr)
@@ -45,13 +46,102 @@
OPTIONS = common.OPTIONS
-def CopyInfo(output_zip):
+def LoadOptions(input_file):
+ """
+ Load information from input_file to OPTIONS.
+
+ Args:
+ input_file: A Zipfile instance of input zip file, or path to the directory
+ of extracted zip.
+ """
+ info = OPTIONS.info_dict = common.LoadInfoDict(input_file)
+
+ OPTIONS.put_super = info.get("super_image_in_update_package") == "true"
+ OPTIONS.dynamic_partition_list = info.get("dynamic_partition_list",
+ "").strip().split()
+ OPTIONS.super_device_list = info.get("super_block_devices",
+ "").strip().split()
+ OPTIONS.retrofit_dap = info.get("dynamic_partition_retrofit") == "true"
+ OPTIONS.build_super = info.get("build_super_partition") == "true"
+ OPTIONS.sparse_userimages = bool(info.get("extfs_sparse_flag"))
+
+
+def CopyInfo(input_tmp, output_zip):
"""Copy the android-info.txt file from the input to the output."""
common.ZipWrite(
- output_zip, os.path.join(OPTIONS.input_tmp, "OTA", "android-info.txt"),
+ output_zip, os.path.join(input_tmp, "OTA", "android-info.txt"),
"android-info.txt")
+def CopyUserImages(input_tmp, output_zip):
+ """
+ Copy user images from the unzipped input and write to output_zip.
+
+ Args:
+ input_tmp: path to the unzipped input.
+ output_zip: a ZipFile instance to write images to.
+ """
+ dynamic_images = [p + ".img" for p in OPTIONS.dynamic_partition_list]
+
+ # Filter out system_other for launch DAP devices because it is in super image.
+ if not OPTIONS.retrofit_dap and "system" in OPTIONS.dynamic_partition_list:
+ dynamic_images.append("system_other.img")
+
+ images_path = os.path.join(input_tmp, "IMAGES")
+ # A target-files zip must contain the images since Lollipop.
+ assert os.path.exists(images_path)
+ for image in sorted(os.listdir(images_path)):
+ if OPTIONS.bootable_only and image not in ("boot.img", "recovery.img"):
+ continue
+ if not image.endswith(".img"):
+ continue
+ if image == "recovery-two-step.img":
+ continue
+ if OPTIONS.put_super:
+ if image == "super_empty.img":
+ continue
+ if image in dynamic_images:
+ continue
+ logger.info("writing %s to archive...", os.path.join("IMAGES", image))
+ common.ZipWrite(output_zip, os.path.join(images_path, image), image)
+
+
+def WriteSuperImages(input_tmp, output_zip):
+ """
+ Write super images from the unzipped input and write to output_zip. This is
+ only done if super_image_in_update_package is set to "true".
+
+ - For retrofit dynamic partition devices, copy split super images from target
+ files package.
+ - For devices launched with dynamic partitions, build super image from target
+ files package.
+
+ Args:
+ input_tmp: path to the unzipped input.
+ output_zip: a ZipFile instance to write images to.
+ """
+ if not OPTIONS.build_super or not OPTIONS.put_super:
+ return
+
+ if OPTIONS.retrofit_dap:
+ # retrofit devices already have split super images under OTA/
+ images_path = os.path.join(input_tmp, "OTA")
+ for device in OPTIONS.super_device_list:
+ image = "super_%s.img" % device
+ image_path = os.path.join(images_path, image)
+ assert os.path.exists(image_path)
+ logger.info("writing %s to archive...", os.path.join("OTA", image))
+ common.ZipWrite(output_zip, image_path, image)
+ else:
+ # super image for non-retrofit devices aren't in target files package,
+ # so build it.
+ super_file = common.MakeTempFile("super_", ".img")
+ logger.info("building super image %s...", super_file)
+ BuildSuperImage(input_tmp, super_file)
+ logger.info("writing super.img to archive...")
+ common.ZipWrite(output_zip, super_file, "super.img")
+
+
def main(argv):
# This allows modifying the value from inner function.
bootable_only_array = [False]
@@ -68,7 +158,7 @@
extra_long_opts=["bootable_zip"],
extra_option_handler=option_handler)
- bootable_only = bootable_only_array[0]
+ OPTIONS.bootable_only = bootable_only_array[0]
if len(args) != 2:
common.Usage(__doc__)
@@ -76,23 +166,16 @@
common.InitLogging()
- OPTIONS.input_tmp = common.UnzipTemp(args[0], ["IMAGES/*", "OTA/*"])
- output_zip = zipfile.ZipFile(args[1], "w", compression=zipfile.ZIP_DEFLATED)
- CopyInfo(output_zip)
+ OPTIONS.input_tmp = common.UnzipTemp(args[0],
+ ["IMAGES/*", "OTA/*", "META/*"])
+ LoadOptions(OPTIONS.input_tmp)
+ output_zip = zipfile.ZipFile(args[1], "w", compression=zipfile.ZIP_DEFLATED,
+ allowZip64=not OPTIONS.sparse_userimages)
try:
- images_path = os.path.join(OPTIONS.input_tmp, "IMAGES")
- # A target-files zip must contain the images since Lollipop.
- assert os.path.exists(images_path)
- for image in sorted(os.listdir(images_path)):
- if bootable_only and image not in ("boot.img", "recovery.img"):
- continue
- if not image.endswith(".img"):
- continue
- if image == "recovery-two-step.img":
- continue
- common.ZipWrite(output_zip, os.path.join(images_path, image), image)
-
+ CopyInfo(OPTIONS.input_tmp, output_zip)
+ CopyUserImages(OPTIONS.input_tmp, output_zip)
+ WriteSuperImages(OPTIONS.input_tmp, output_zip)
finally:
logger.info("cleaning up...")
common.ZipClose(output_zip)
diff --git a/tools/releasetools/ota_from_target_files.py b/tools/releasetools/ota_from_target_files.py
index 07135e4..8b55f03 100755
--- a/tools/releasetools/ota_from_target_files.py
+++ b/tools/releasetools/ota_from_target_files.py
@@ -318,13 +318,24 @@
@property
def vendor_fingerprint(self):
- if "vendor.build.prop" not in self.info_dict:
+ return self._fingerprint_of("vendor")
+
+ @property
+ def product_fingerprint(self):
+ return self._fingerprint_of("product")
+
+ @property
+ def odm_fingerprint(self):
+ return self._fingerprint_of("odm")
+
+ def _fingerprint_of(self, partition):
+ if partition + ".build.prop" not in self.info_dict:
return None
- vendor_build_prop = self.info_dict["vendor.build.prop"]
- if "ro.vendor.build.fingerprint" in vendor_build_prop:
- return vendor_build_prop["ro.vendor.build.fingerprint"]
- if "ro.vendor.build.thumbprint" in vendor_build_prop:
- return vendor_build_prop["ro.vendor.build.thumbprint"]
+ build_prop = self.info_dict[partition + ".build.prop"]
+ if "ro." + partition + ".build.fingerprint" in build_prop:
+ return build_prop["ro." + partition + ".build.fingerprint"]
+ if "ro." + partition + ".build.thumbprint" in build_prop:
+ return build_prop["ro." + partition + ".build.thumbprint"]
return None
@property
@@ -692,14 +703,26 @@
"SYSTEM/etc/recovery.img" in namelist)
-def HasVendorPartition(target_files_zip):
+def HasPartition(target_files_zip, partition):
try:
- target_files_zip.getinfo("VENDOR/")
+ target_files_zip.getinfo(partition.upper() + "/")
return True
except KeyError:
return False
+def HasVendorPartition(target_files_zip):
+ return HasPartition(target_files_zip, "vendor")
+
+
+def HasProductPartition(target_files_zip):
+ return HasPartition(target_files_zip, "product")
+
+
+def HasOdmPartition(target_files_zip):
+ return HasPartition(target_files_zip, "odm")
+
+
def HasTrebleEnabled(target_files_zip, target_info):
return (HasVendorPartition(target_files_zip) and
target_info.GetBuildProp("ro.treble.enabled") == "true")
@@ -745,23 +768,24 @@
generating an incremental OTA; None otherwise.
"""
- def AddCompatibilityArchive(system_updated, vendor_updated):
- """Adds compatibility info based on system/vendor update status.
+ def AddCompatibilityArchive(framework_updated, device_updated):
+ """Adds compatibility info based on update status of both sides of Treble
+ boundary.
Args:
- system_updated: If True, the system image will be updated and therefore
- its metadata should be included.
- vendor_updated: If True, the vendor image will be updated and therefore
- its metadata should be included.
+ framework_updated: If True, the system / product image will be updated
+ and therefore their metadata should be included.
+ device_updated: If True, the vendor / odm image will be updated and
+ therefore their metadata should be included.
"""
# Determine what metadata we need. Files are names relative to META/.
compatibility_files = []
- vendor_metadata = ("vendor_manifest.xml", "vendor_matrix.xml")
- system_metadata = ("system_manifest.xml", "system_matrix.xml")
- if vendor_updated:
- compatibility_files += vendor_metadata
- if system_updated:
- compatibility_files += system_metadata
+ device_metadata = ("vendor_manifest.xml", "vendor_matrix.xml")
+ framework_metadata = ("system_manifest.xml", "system_matrix.xml")
+ if device_updated:
+ compatibility_files += device_metadata
+ if framework_updated:
+ compatibility_files += framework_metadata
# Create new archive.
compatibility_archive = tempfile.NamedTemporaryFile()
@@ -785,6 +809,11 @@
arcname="compatibility.zip",
compress_type=zipfile.ZIP_STORED)
+ def FingerprintChanged(source_fp, target_fp):
+ if source_fp is None or target_fp is None:
+ return True
+ return source_fp != target_fp
+
# Will only proceed if the target has enabled the Treble support (as well as
# having a /vendor partition).
if not HasTrebleEnabled(target_zip, target_info):
@@ -795,7 +824,7 @@
if OPTIONS.skip_compatibility_check:
return
- # Full OTA carries the info for system/vendor both.
+ # Full OTA carries the info for system/vendor/product/odm
if source_info is None:
AddCompatibilityArchive(True, True)
return
@@ -804,16 +833,19 @@
target_fp = target_info.fingerprint
system_updated = source_fp != target_fp
- source_fp_vendor = source_info.vendor_fingerprint
- target_fp_vendor = target_info.vendor_fingerprint
- # vendor build fingerprints could be possibly blacklisted at build time. For
- # such a case, we consider the vendor images being changed.
- if source_fp_vendor is None or target_fp_vendor is None:
- vendor_updated = True
- else:
- vendor_updated = source_fp_vendor != target_fp_vendor
+ # other build fingerprints could be possibly blacklisted at build time. For
+ # such a case, we consider those images being changed.
+ vendor_updated = FingerprintChanged(source_info.vendor_fingerprint,
+ target_info.vendor_fingerprint)
+ product_updated = HasProductPartition(target_zip) and \
+ FingerprintChanged(source_info.product_fingerprint,
+ target_info.product_fingerprint)
+ odm_updated = HasOdmPartition(target_zip) and \
+ FingerprintChanged(source_info.odm_fingerprint,
+ target_info.odm_fingerprint)
- AddCompatibilityArchive(system_updated, vendor_updated)
+ AddCompatibilityArchive(system_updated or product_updated,
+ vendor_updated or odm_updated)
def WriteFullOTAPackage(input_zip, output_file):
diff --git a/tools/releasetools/sign_target_files_apks.py b/tools/releasetools/sign_target_files_apks.py
index f05a27d..c2acd8e 100755
--- a/tools/releasetools/sign_target_files_apks.py
+++ b/tools/releasetools/sign_target_files_apks.py
@@ -1074,13 +1074,16 @@
# full names only.
container_cert = matches.group("CONTAINER_CERT")
container_private_key = matches.group("CONTAINER_PRIVATE_KEY")
- if not CompareKeys(
+ if container_cert == 'PRESIGNED' and container_private_key == 'PRESIGNED':
+ container_key = 'PRESIGNED'
+ elif CompareKeys(
container_cert, OPTIONS.public_key_suffix,
container_private_key, OPTIONS.private_key_suffix):
+ container_key = container_cert[:-len(OPTIONS.public_key_suffix)]
+ else:
raise ValueError("Failed to parse container keys: \n{}".format(line))
- keys[name] = (payload_private_key,
- container_cert[:-len(OPTIONS.public_key_suffix)])
+ keys[name] = (payload_private_key, container_key)
return keys
diff --git a/tools/releasetools/test_sign_target_files_apks.py b/tools/releasetools/test_sign_target_files_apks.py
index 6a4df1a..a4d51cf 100644
--- a/tools/releasetools/test_sign_target_files_apks.py
+++ b/tools/releasetools/test_sign_target_files_apks.py
@@ -461,3 +461,26 @@
'system/apex/apexd/apexd_testdata/com.android.apex.test_package_2.pem',
'build/target/product/security/testkey'),
}, keys_info)
+
+ def test_ReadApexKeysInfo_presignedKeys(self):
+ apex_keys = self.APEX_KEYS_TXT + (
+ 'name="apex.apexd_test_different_app2.apex" '
+ 'private_key="PRESIGNED" '
+ 'public_key="PRESIGNED" '
+ 'container_certificate="PRESIGNED" '
+ 'container_private_key="PRESIGNED"')
+ target_files = common.MakeTempFile(suffix='.zip')
+ with zipfile.ZipFile(target_files, 'w') as target_files_zip:
+ target_files_zip.writestr('META/apexkeys.txt', apex_keys)
+
+ with zipfile.ZipFile(target_files) as target_files_zip:
+ keys_info = ReadApexKeysInfo(target_files_zip)
+
+ self.assertEqual({
+ 'apex.apexd_test.apex': (
+ 'system/apex/apexd/apexd_testdata/com.android.apex.test_package.pem',
+ 'build/make/target/product/security/testkey'),
+ 'apex.apexd_test_different_app.apex': (
+ 'system/apex/apexd/apexd_testdata/com.android.apex.test_package_2.pem',
+ 'build/make/target/product/security/testkey'),
+ }, keys_info)