Merge "Add PRODUCT_BOOT_JARS_EXTRA interface"
diff --git a/core/Makefile b/core/Makefile
index 52cf1c2..e47d423 100644
--- a/core/Makefile
+++ b/core/Makefile
@@ -1032,7 +1032,12 @@
INSTALLED_2NDBOOTLOADER_TARGET :=
endif # TARGET_NO_BOOTLOADER
ifneq ($(strip $(TARGET_NO_KERNEL)),true)
- INSTALLED_KERNEL_TARGET := $(PRODUCT_OUT)/kernel
+ ifneq ($(strip $(BOARD_KERNEL_BINARIES)),)
+ INSTALLED_KERNEL_TARGET := $(foreach k,$(BOARD_KERNEL_BINARIES), \
+ $(PRODUCT_OUT)/$(k))
+ else
+ INSTALLED_KERNEL_TARGET := $(PRODUCT_OUT)/kernel
+ endif
else
INSTALLED_KERNEL_TARGET :=
endif
@@ -1104,7 +1109,12 @@
# This is defined here since we may be building recovery as boot
# below and only want to define this once
-BUILT_BOOTIMAGE_TARGET := $(PRODUCT_OUT)/boot.img
+ifneq ($(strip $(BOARD_KERNEL_BINARIES)),)
+ BUILT_BOOTIMAGE_TARGET := $(foreach k,$(subst kernel,boot,$(BOARD_KERNEL_BINARIES)), $(PRODUCT_OUT)/$(k).img)
+else
+ BUILT_BOOTIMAGE_TARGET := $(PRODUCT_OUT)/boot.img
+endif
+
ifneq ($(strip $(TARGET_NO_KERNEL)),true)
INTERNAL_BOOTIMAGE_ARGS := \
@@ -2113,7 +2123,7 @@
else # INSTALLED_VENDOR_BOOTIMAGE_TARGET not defined
INTERNAL_RECOVERYIMAGE_ARGS := \
$(addprefix --second ,$(INSTALLED_2NDBOOTLOADER_TARGET)) \
- --kernel $(recovery_kernel) --ramdisk $(recovery_ramdisk)
+ --ramdisk $(recovery_ramdisk)
# Assumes this has already been stripped
ifdef INTERNAL_KERNEL_CMDLINE
INTERNAL_RECOVERYIMAGE_ARGS += --cmdline "$(INTERNAL_KERNEL_CMDLINE)"
@@ -2139,38 +2149,53 @@
endif
endif # INSTALLED_VENDOR_BOOTIMAGE_TARGET not defined
+$(recovery_ramdisk): $(MKBOOTFS) $(MINIGZIP) \
+ $(INTERNAL_ROOT_FILES) \
+ $(INSTALLED_RAMDISK_TARGET) \
+ $(INTERNAL_RECOVERYIMAGE_FILES) \
+ $(recovery_sepolicy) \
+ $(INSTALLED_2NDBOOTLOADER_TARGET) \
+ $(INSTALLED_RECOVERY_BUILD_PROP_TARGET) \
+ $(recovery_resource_deps) \
+ $(recovery_fstab)
+ # Making recovery image
+ mkdir -p $(TARGET_RECOVERY_OUT)
+ mkdir -p $(TARGET_RECOVERY_ROOT_OUT)/sdcard $(TARGET_RECOVERY_ROOT_OUT)/tmp
+ # Copying baseline ramdisk...
+ # Use rsync because "cp -Rf" fails to overwrite broken symlinks on Mac.
+ rsync -a --exclude=sdcard $(IGNORE_RECOVERY_SEPOLICY) $(IGNORE_CACHE_LINK) $(TARGET_ROOT_OUT) $(TARGET_RECOVERY_OUT)
+ # Modifying ramdisk contents...
+ $(if $(filter true,$(BOARD_BUILD_SYSTEM_ROOT_IMAGE)),, \
+ ln -sf /system/bin/init $(TARGET_RECOVERY_ROOT_OUT)/init)
+ # Removes $(TARGET_RECOVERY_ROOT_OUT)/init*.rc EXCEPT init.recovery*.rc.
+ find $(TARGET_RECOVERY_ROOT_OUT) -maxdepth 1 -name 'init*.rc' -type f -not -name "init.recovery.*.rc" | xargs rm -f
+ cp $(TARGET_ROOT_OUT)/init.recovery.*.rc $(TARGET_RECOVERY_ROOT_OUT)/ 2> /dev/null || true # Ignore error when the src file doesn't exist.
+ mkdir -p $(TARGET_RECOVERY_ROOT_OUT)/res
+ rm -rf $(TARGET_RECOVERY_ROOT_OUT)/res/*
+ cp -rf $(recovery_resources_common)/* $(TARGET_RECOVERY_ROOT_OUT)/res
+ $(foreach recovery_text_file,$(generated_recovery_text_files), \
+ cp -rf $(recovery_text_file) $(TARGET_RECOVERY_ROOT_OUT)/res/images/ &&) true
+ cp -f $(recovery_font) $(TARGET_RECOVERY_ROOT_OUT)/res/images/font.png
+ $(foreach item,$(TARGET_PRIVATE_RES_DIRS), \
+ cp -rf $(item) $(TARGET_RECOVERY_ROOT_OUT)/$(newline))
+ $(foreach item,$(recovery_fstab), \
+ cp -f $(item) $(TARGET_RECOVERY_ROOT_OUT)/system/etc/recovery.fstab)
+ $(if $(strip $(recovery_wipe)), \
+ cp -f $(recovery_wipe) $(TARGET_RECOVERY_ROOT_OUT)/system/etc/recovery.wipe)
+ ln -sf prop.default $(TARGET_RECOVERY_ROOT_OUT)/default.prop
+ $(BOARD_RECOVERY_IMAGE_PREPARE)
+ $(MKBOOTFS) -d $(TARGET_OUT) $(TARGET_RECOVERY_ROOT_OUT) | $(MINIGZIP) > $(recovery_ramdisk)
+
# $(1): output file
+# $(2): kernel file
define build-recoveryimage-target
- # Making recovery image
- $(hide) mkdir -p $(TARGET_RECOVERY_OUT)
- $(hide) mkdir -p $(TARGET_RECOVERY_ROOT_OUT)/sdcard $(TARGET_RECOVERY_ROOT_OUT)/tmp
- # Copying baseline ramdisk...
- # Use rsync because "cp -Rf" fails to overwrite broken symlinks on Mac.
- $(hide) rsync -a --exclude=sdcard $(IGNORE_RECOVERY_SEPOLICY) $(IGNORE_CACHE_LINK) $(TARGET_ROOT_OUT) $(TARGET_RECOVERY_OUT)
- # Modifying ramdisk contents...
- $(if $(filter true,$(BOARD_BUILD_SYSTEM_ROOT_IMAGE)),, \
- $(hide) ln -sf /system/bin/init $(TARGET_RECOVERY_ROOT_OUT)/init)
- # Removes $(TARGET_RECOVERY_ROOT_OUT)/init*.rc EXCEPT init.recovery*.rc.
- $(hide) find $(TARGET_RECOVERY_ROOT_OUT) -maxdepth 1 -name 'init*.rc' -type f -not -name "init.recovery.*.rc" | xargs rm -f
- $(hide) cp $(TARGET_ROOT_OUT)/init.recovery.*.rc $(TARGET_RECOVERY_ROOT_OUT)/ 2> /dev/null || true # Ignore error when the src file doesn't exist.
- $(hide) mkdir -p $(TARGET_RECOVERY_ROOT_OUT)/res
- $(hide) rm -rf $(TARGET_RECOVERY_ROOT_OUT)/res/*
- $(hide) cp -rf $(recovery_resources_common)/* $(TARGET_RECOVERY_ROOT_OUT)/res
- $(hide) $(foreach recovery_text_file,$(generated_recovery_text_files), \
- cp -rf $(recovery_text_file) $(TARGET_RECOVERY_ROOT_OUT)/res/images/ &&) true
- $(hide) cp -f $(recovery_font) $(TARGET_RECOVERY_ROOT_OUT)/res/images/font.png
- $(hide) $(foreach item,$(TARGET_PRIVATE_RES_DIRS), \
- cp -rf $(item) $(TARGET_RECOVERY_ROOT_OUT)/$(newline))
- $(hide) $(foreach item,$(recovery_fstab), \
- cp -f $(item) $(TARGET_RECOVERY_ROOT_OUT)/system/etc/recovery.fstab)
- $(if $(strip $(recovery_wipe)), \
- $(hide) cp -f $(recovery_wipe) $(TARGET_RECOVERY_ROOT_OUT)/system/etc/recovery.wipe)
- $(hide) ln -sf prop.default $(TARGET_RECOVERY_ROOT_OUT)/default.prop
- $(BOARD_RECOVERY_IMAGE_PREPARE)
- $(hide) $(MKBOOTFS) -d $(TARGET_OUT) $(TARGET_RECOVERY_ROOT_OUT) | $(MINIGZIP) > $(recovery_ramdisk)
$(if $(filter true,$(PRODUCT_SUPPORTS_VBOOT)), \
- $(hide) $(MKBOOTIMG) $(INTERNAL_RECOVERYIMAGE_ARGS) $(INTERNAL_MKBOOTIMG_VERSION_ARGS) $(BOARD_MKBOOTIMG_ARGS) --output $(1).unsigned, \
- $(hide) $(MKBOOTIMG) $(INTERNAL_RECOVERYIMAGE_ARGS) $(INTERNAL_MKBOOTIMG_VERSION_ARGS) $(BOARD_MKBOOTIMG_ARGS) --output $(1))
+ $(MKBOOTIMG) --kernel $(2) $(MKBOOTIMG_KERNEL_ARG) $(INTERNAL_RECOVERYIMAGE_ARGS) \
+ $(INTERNAL_MKBOOTIMG_VERSION_ARGS) $(BOARD_MKBOOTIMG_ARGS) \
+ --output $(1).unsigned, \
+ $(MKBOOTIMG) --kernel $(2) $(MKBOOTIMG_KERNEL_ARG) $(INTERNAL_RECOVERYIMAGE_ARGS) \
+ $(INTERNAL_MKBOOTIMG_VERSION_ARGS) $(BOARD_MKBOOTIMG_ARGS) \
+ --output $(1))
$(if $(filter true,$(PRODUCT_SUPPORTS_BOOT_SIGNER)),\
$(if $(filter true,$(BOARD_USES_RECOVERY_AS_BOOT)),\
$(BOOT_SIGNER) /boot $(1) $(PRODUCT_VERITY_SIGNING_KEY).pk8 $(PRODUCT_VERITY_SIGNING_KEY).x509.pem $(1),\
@@ -2180,12 +2205,12 @@
$(if $(filter true,$(PRODUCT_SUPPORTS_VBOOT)), \
$(VBOOT_SIGNER) $(FUTILITY) $(1).unsigned $(PRODUCT_VBOOT_SIGNING_KEY).vbpubk $(PRODUCT_VBOOT_SIGNING_KEY).vbprivk $(PRODUCT_VBOOT_SIGNING_SUBKEY).vbprivk $(1).keyblock $(1))
$(if $(filter true,$(BOARD_USES_RECOVERY_AS_BOOT)), \
- $(hide) $(call assert-max-image-size,$(1),$(call get-hash-image-max-size,$(BOARD_BOOTIMAGE_PARTITION_SIZE))), \
- $(hide) $(call assert-max-image-size,$(1),$(call get-hash-image-max-size,$(BOARD_RECOVERYIMAGE_PARTITION_SIZE))))
+ $(call assert-max-image-size,$(1),$(call get-hash-image-max-size,$(BOARD_BOOTIMAGE_PARTITION_SIZE))), \
+ $(call assert-max-image-size,$(1),$(call get-hash-image-max-size,$(BOARD_RECOVERYIMAGE_PARTITION_SIZE))))
$(if $(filter true,$(BOARD_AVB_ENABLE)), \
$(if $(filter true,$(BOARD_USES_RECOVERY_AS_BOOT)), \
- $(hide) $(AVBTOOL) add_hash_footer --image $(1) --partition_size $(BOARD_BOOTIMAGE_PARTITION_SIZE) --partition_name boot $(INTERNAL_AVB_BOOT_SIGNING_ARGS) $(BOARD_AVB_BOOT_ADD_HASH_FOOTER_ARGS),\
- $(hide) $(AVBTOOL) add_hash_footer --image $(1) --partition_size $(BOARD_RECOVERYIMAGE_PARTITION_SIZE) --partition_name recovery $(INTERNAL_AVB_RECOVERY_SIGNING_ARGS) $(BOARD_AVB_RECOVERY_ADD_HASH_FOOTER_ARGS)))
+ $(AVBTOOL) add_hash_footer --image $(1) --partition_size $(BOARD_BOOTIMAGE_PARTITION_SIZE) --partition_name boot $(INTERNAL_AVB_BOOT_SIGNING_ARGS) $(BOARD_AVB_BOOT_ADD_HASH_FOOTER_ARGS),\
+ $(AVBTOOL) add_hash_footer --image $(1) --partition_size $(BOARD_RECOVERYIMAGE_PARTITION_SIZE) --partition_name recovery $(INTERNAL_AVB_RECOVERY_SIGNING_ARGS) $(BOARD_AVB_RECOVERY_ADD_HASH_FOOTER_ARGS)))
endef
ifeq ($(BOARD_USES_RECOVERY_AS_BOOT),true)
@@ -2212,18 +2237,10 @@
$(INSTALLED_BOOTIMAGE_TARGET): $(INSTALLED_DTBIMAGE_TARGET)
endif
-$(INSTALLED_BOOTIMAGE_TARGET): $(MKBOOTFS) $(MKBOOTIMG) $(MINIGZIP) \
- $(INTERNAL_ROOT_FILES) \
- $(INSTALLED_RAMDISK_TARGET) \
- $(INTERNAL_RECOVERYIMAGE_FILES) \
- $(recovery_sepolicy) $(recovery_kernel) \
- $(INSTALLED_2NDBOOTLOADER_TARGET) \
- $(INSTALLED_RECOVERY_BUILD_PROP_TARGET) \
- $(recovery_resource_deps) \
- $(recovery_fstab)
+$(INSTALLED_BOOTIMAGE_TARGET): $(MKBOOTIMG) $(recovery_ramdisk) \
+ $(recovery_kernel)
$(call pretty,"Target boot image from recovery: $@")
- $(call build-recoveryimage-target, $@)
-$(INSTALLED_BOOTIMAGE_TARGET): .KATI_IMPLICIT_OUTPUTS += $(recovery_ramdisk)
+ $(call build-recoveryimage-target, $@, $(PRODUCT_OUT)/$(subst .img,,$(subst boot,kernel,$(notdir $@))))
endif # BOARD_USES_RECOVERY_AS_BOOT
ifdef BOARD_INCLUDE_RECOVERY_DTBO
@@ -2240,17 +2257,9 @@
$(INSTALLED_RECOVERYIMAGE_TARGET): $(INSTALLED_DTBIMAGE_TARGET)
endif
-$(INSTALLED_RECOVERYIMAGE_TARGET): $(MKBOOTFS) $(MKBOOTIMG) $(MINIGZIP) \
- $(INTERNAL_ROOT_FILES) \
- $(INSTALLED_RAMDISK_TARGET) \
- $(INSTALLED_BOOTIMAGE_TARGET) \
- $(INTERNAL_RECOVERYIMAGE_FILES) \
- $(recovery_sepolicy) $(recovery_kernel) \
- $(INSTALLED_2NDBOOTLOADER_TARGET) \
- $(INSTALLED_RECOVERY_BUILD_PROP_TARGET) \
- $(recovery_resource_deps) \
- $(recovery_fstab)
- $(call build-recoveryimage-target, $@)
+$(INSTALLED_RECOVERYIMAGE_TARGET): $(MKBOOTIMG) $(recovery_ramdisk) \
+ $(recovery_kernel)
+ $(call build-recoveryimage-target, $@, $(recovery_kernel))
ifdef RECOVERY_RESOURCE_ZIP
$(RECOVERY_RESOURCE_ZIP): $(INSTALLED_RECOVERYIMAGE_TARGET) | $(ZIPTIME)
@@ -2361,8 +2370,12 @@
# Note: it's intentional to skip signing for boot-debug.img, because it
# can only be used if the device is unlocked with verification error.
ifneq ($(strip $(TARGET_NO_KERNEL)),true)
-
-INSTALLED_DEBUG_BOOTIMAGE_TARGET := $(PRODUCT_OUT)/boot-debug.img
+ifneq ($(strip $(BOARD_KERNEL_BINARIES)),)
+ INSTALLED_DEBUG_BOOTIMAGE_TARGET := $(foreach k,$(subst kernel,boot-debug,$(BOARD_KERNEL_BINARIES)), \
+ $(PRODUCT_OUT)/$(k).img)
+else
+ INSTALLED_DEBUG_BOOTIMAGE_TARGET := $(PRODUCT_OUT)/boot-debug.img
+endif
# Replace ramdisk.img in $(MKBOOTIMG) ARGS with ramdisk-debug.img to build boot-debug.img
ifeq ($(BOARD_USES_RECOVERY_AS_BOOT),true)
@@ -2392,17 +2405,22 @@
$(call assert-max-image-size,$(1),$(BOARD_BOOTIMAGE_PARTITION_SIZE))
endef
+# $(1): output file
+define build-debug-bootimage-target
+ $(MKBOOTIMG) --kernel $(PRODUCT_OUT)/$(subst .img,,$(subst boot-debug,kernel,$(notdir $(1)))) \
+ $(INTERNAL_DEBUG_BOOTIMAGE_ARGS) $(INTERNAL_MKBOOTIMG_VERSION_ARGS) $(BOARD_MKBOOTIMG_ARGS) --output $1
+ $(if $(BOARD_AVB_BOOT_KEY_PATH),$(call test-key-sign-bootimage,$1))
+endef
+
# Depends on original boot.img and ramdisk-debug.img, to build the new boot-debug.img
$(INSTALLED_DEBUG_BOOTIMAGE_TARGET): $(MKBOOTIMG) $(INSTALLED_BOOTIMAGE_TARGET) $(INSTALLED_DEBUG_RAMDISK_TARGET)
$(call pretty,"Target boot debug image: $@")
- $(MKBOOTIMG) $(INTERNAL_DEBUG_BOOTIMAGE_ARGS) $(INTERNAL_MKBOOTIMG_VERSION_ARGS) $(BOARD_MKBOOTIMG_ARGS) --output $@
- $(if $(BOARD_AVB_BOOT_KEY_PATH),$(call test-key-sign-bootimage,$@))
+ $(call build-debug-bootimage-target, $@)
.PHONY: bootimage_debug-nodeps
bootimage_debug-nodeps: $(MKBOOTIMG)
echo "make $@: ignoring dependencies"
- $(MKBOOTIMG) $(INTERNAL_DEBUG_BOOTIMAGE_ARGS) $(INTERNAL_MKBOOTIMG_VERSION_ARGS) $(BOARD_MKBOOTIMG_ARGS) --output $(INSTALLED_DEBUG_BOOTIMAGE_TARGET)
- $(if $(BOARD_AVB_BOOT_KEY_PATH),$(call test-key-sign-bootimage,$(INSTALLED_DEBUG_BOOTIMAGE_TARGET)))
+ $(foreach b,$(INSTALLED_DEBUG_BOOTIMAGE_TARGET),$(call build-debug-bootimage-target,$b))
endif # TARGET_NO_KERNEL
@@ -4466,7 +4484,7 @@
$(hide) $(call package_files-copy-root, \
$(TARGET_RECOVERY_ROOT_OUT),$(zip_root)/$(PRIVATE_RECOVERY_OUT)/RAMDISK)
ifdef INSTALLED_KERNEL_TARGET
- cp $(INSTALLED_KERNEL_TARGET) $(zip_root)/$(PRIVATE_RECOVERY_OUT)/kernel
+ cp $(INSTALLED_KERNEL_TARGET) $(zip_root)/$(PRIVATE_RECOVERY_OUT)/
endif
ifdef INSTALLED_VENDOR_BOOTIMAGE_TARGET
echo "$(GENERIC_KERNEL_CMDLINE)" > $(zip_root)/$(PRIVATE_RECOVERY_OUT)/cmdline
diff --git a/core/envsetup.mk b/core/envsetup.mk
index e38329d..ac3d5cf 100644
--- a/core/envsetup.mk
+++ b/core/envsetup.mk
@@ -259,8 +259,6 @@
# Jars present in the ART apex. These should match exactly the list of
# Java libraries in the ART apex build rule.
ART_APEX_JARS := core-oj core-libart core-icu4j okhttp bouncycastle apache-xml
-TARGET_CORE_JARS := $(ART_APEX_JARS) conscrypt
-HOST_CORE_JARS := $(addsuffix -hostdex,$(TARGET_CORE_JARS))
#################################################################
# Read the product specs so we can get TARGET_DEVICE and other
diff --git a/target/product/base_system.mk b/target/product/base_system.mk
index 9748ef3..d9eb7c3 100644
--- a/target/product/base_system.mk
+++ b/target/product/base_system.mk
@@ -312,8 +312,8 @@
tz_version_host \
tz_version_host_tzdata_apex \
-ifeq ($(TARGET_CORE_JARS),)
-$(error TARGET_CORE_JARS is empty; cannot initialize PRODUCT_BOOT_JARS variable)
+ifeq ($(ART_APEX_JARS),)
+$(error ART_APEX_JARS is empty; cannot initialize PRODUCT_BOOT_JARS variable)
endif
# The order matters for runtime class lookup performance.
diff --git a/target/product/base_system_ext.mk b/target/product/base_system_ext.mk
index 6847bfa..b67549a 100644
--- a/target/product/base_system_ext.mk
+++ b/target/product/base_system_ext.mk
@@ -17,4 +17,5 @@
# Base modules and settings for the system_ext partition.
PRODUCT_PACKAGES += \
group_system_ext \
+ system_ext_manifest.xml \
passwd_system_ext \
diff --git a/target/product/runtime_libart.mk b/target/product/runtime_libart.mk
index b8cb2ff..5184016 100644
--- a/target/product/runtime_libart.mk
+++ b/target/product/runtime_libart.mk
@@ -16,10 +16,6 @@
# Provides a functioning ART environment without Android frameworks
-ifeq ($(TARGET_CORE_JARS),)
-$(error TARGET_CORE_JARS is empty; cannot update PRODUCT_PACKAGES variable)
-endif
-
# Additional mixins to the boot classpath.
PRODUCT_PACKAGES += \
android.test.base \
@@ -33,8 +29,7 @@
# ART APEX module.
# Note that this package includes the minimal boot classpath JARs (listed in
-# TARGET_CORE_JARS), which should no longer be added directly to
-# PRODUCT_PACKAGES.
+# ART_APEX_JARS), which should no longer be added directly to PRODUCT_PACKAGES.
PRODUCT_PACKAGES += com.android.art
PRODUCT_HOST_PACKAGES += com.android.art
diff --git a/tools/releasetools/apex_utils.py b/tools/releasetools/apex_utils.py
index 4fac6f3..9e27d29 100644
--- a/tools/releasetools/apex_utils.py
+++ b/tools/releasetools/apex_utils.py
@@ -27,6 +27,8 @@
OPTIONS = common.OPTIONS
+APEX_PAYLOAD_IMAGE = 'apex_payload.img'
+
class ApexInfoError(Exception):
"""An Exception raised during Apex Information command."""
@@ -50,15 +52,11 @@
self.key_passwords = key_passwords
self.codename_to_api_level_map = codename_to_api_level_map
- def ProcessApexFile(self, apk_keys, payload_key, payload_public_key,
- signing_args=None):
+ def ProcessApexFile(self, apk_keys, payload_key):
"""Scans and signs the apk files and repack the apex
Args:
apk_keys: A dict that holds the signing keys for apk files.
- payload_key: The path to the apex payload signing key.
- payload_public_key: The path to the public key corresponding to the
- payload signing key.
Returns:
The repacked apex file containing the signed apk files.
@@ -89,8 +87,7 @@
logger.info('No apk file has been signed in %s', self.apex_path)
return self.apex_path
- return self.RepackApexPayload(payload_dir, payload_key, payload_public_key,
- signing_args)
+ return self.RepackApexPayload(payload_dir, payload_key)
def ExtractApexPayloadAndSignApks(self, apk_entries, apk_keys):
"""Extracts the payload image and signs the containing apk files."""
@@ -118,27 +115,15 @@
has_signed_apk = True
return payload_dir, has_signed_apk
- def RepackApexPayload(self, payload_dir, payload_key, payload_public_key,
- signing_args=None):
+ def RepackApexPayload(self, payload_dir, payload_key):
"""Rebuilds the apex file with the updated payload directory."""
apex_dir = common.MakeTempDir()
# Extract the apex file and reuse its meta files as repack parameters.
common.UnzipToDir(self.apex_path, apex_dir)
-
- android_jar_path = common.OPTIONS.android_jar_path
- if not android_jar_path:
- android_jar_path = os.path.join(os.environ.get('ANDROID_BUILD_TOP', ''),
- 'prebuilts', 'sdk', 'current', 'public',
- 'android.jar')
- logger.warning('android_jar_path not found in options, falling back to'
- ' use %s', android_jar_path)
-
arguments_dict = {
'manifest': os.path.join(apex_dir, 'apex_manifest.pb'),
'build_info': os.path.join(apex_dir, 'apex_build_info.pb'),
- 'android_jar_path': android_jar_path,
'key': payload_key,
- 'pubkey': payload_public_key,
}
for filename in arguments_dict.values():
assert os.path.exists(filename), 'file {} not found'.format(filename)
@@ -151,29 +136,30 @@
elif os.path.isdir(path):
shutil.rmtree(path)
- repacked_apex = common.MakeTempFile(suffix='.apex')
- repack_cmd = ['apexer', '--force', '--include_build_info',
- '--do_not_check_keyname', '--apexer_tool_path',
- os.getenv('PATH')]
+ # TODO(xunchang) the signing process can be improved by using
+ # '--unsigned_payload_only'. But we need to parse the vbmeta earlier for
+ # the signing arguments, e.g. algorithm, salt, etc.
+ payload_img = os.path.join(apex_dir, APEX_PAYLOAD_IMAGE)
+ generate_image_cmd = ['apexer', '--force', '--payload_only',
+ '--do_not_check_keyname', '--apexer_tool_path',
+ os.getenv('PATH')]
for key, val in arguments_dict.items():
- repack_cmd.extend(['--' + key, val])
- # Add quote to the signing_args as we will pass
- # --signing_args "--signing_helper_with_files=%path" to apexer
- if signing_args:
- repack_cmd.extend(['--signing_args', '"{}"'.format(signing_args)])
+ generate_image_cmd.extend(['--' + key, val])
# optional arguments for apex repacking
manifest_json = os.path.join(apex_dir, 'apex_manifest.json')
if os.path.exists(manifest_json):
- repack_cmd.extend(['--manifest_json', manifest_json])
- assets_dir = os.path.join(apex_dir, 'assets')
- if os.path.isdir(assets_dir):
- repack_cmd.extend(['--assets_dir', assets_dir])
- repack_cmd.extend([payload_dir, repacked_apex])
+ generate_image_cmd.extend(['--manifest_json', manifest_json])
+ generate_image_cmd.extend([payload_dir, payload_img])
if OPTIONS.verbose:
- repack_cmd.append('-v')
- common.RunAndCheckOutput(repack_cmd)
+ generate_image_cmd.append('-v')
+ common.RunAndCheckOutput(generate_image_cmd)
- return repacked_apex
+ # Add the payload image back to the apex file.
+ common.ZipDelete(self.apex_path, APEX_PAYLOAD_IMAGE)
+ with zipfile.ZipFile(self.apex_path, 'a') as output_apex:
+ common.ZipWrite(output_apex, payload_img, APEX_PAYLOAD_IMAGE,
+ compress_type=zipfile.ZIP_STORED)
+ return self.apex_path
def SignApexPayload(avbtool, payload_file, payload_key_path, payload_key_name,
@@ -311,16 +297,13 @@
with open(apex_file, 'wb') as apex_fp:
apex_fp.write(apex_data)
- APEX_PAYLOAD_IMAGE = 'apex_payload.img'
APEX_PUBKEY = 'apex_pubkey'
# 1. Extract the apex payload image and sign the containing apk files. Repack
# the apex file after signing.
- payload_public_key = common.ExtractAvbPublicKey(avbtool, payload_key)
apk_signer = ApexApkSigner(apex_file, container_pw,
codename_to_api_level_map)
- apex_file = apk_signer.ProcessApexFile(apk_keys, payload_key,
- payload_public_key, signing_args)
+ apex_file = apk_signer.ProcessApexFile(apk_keys, payload_key)
# 2a. Extract and sign the APEX_PAYLOAD_IMAGE entry with the given
# payload_key.
@@ -341,7 +324,7 @@
signing_args)
# 2b. Update the embedded payload public key.
-
+ payload_public_key = common.ExtractAvbPublicKey(avbtool, payload_key)
common.ZipDelete(apex_file, APEX_PAYLOAD_IMAGE)
if APEX_PUBKEY in zip_items:
common.ZipDelete(apex_file, APEX_PUBKEY)
diff --git a/tools/releasetools/test_apex_utils.py b/tools/releasetools/test_apex_utils.py
index 07284ad..e19bc90 100644
--- a/tools/releasetools/test_apex_utils.py
+++ b/tools/releasetools/test_apex_utils.py
@@ -14,8 +14,10 @@
# limitations under the License.
#
+import re
import os
import os.path
+import shutil
import zipfile
import apex_utils
@@ -32,6 +34,7 @@
self.testdata_dir = test_utils.get_testdata_dir()
# The default payload signing key.
self.payload_key = os.path.join(self.testdata_dir, 'testkey.key')
+ self.apex_with_apk = os.path.join(self.testdata_dir, 'has_apk.apex')
common.OPTIONS.search_path = test_utils.get_search_path()
@@ -134,35 +137,43 @@
def test_ApexApkSigner_noApkPresent(self):
apex_path = os.path.join(self.testdata_dir, 'foo.apex')
signer = apex_utils.ApexApkSigner(apex_path, None, None)
- processed_apex = signer.ProcessApexFile({}, self.payload_key,
- None)
+ processed_apex = signer.ProcessApexFile({}, self.payload_key)
self.assertEqual(apex_path, processed_apex)
@test_utils.SkipIfExternalToolsUnavailable()
def test_ApexApkSigner_apkKeyNotPresent(self):
- apex_path = os.path.join(self.testdata_dir, 'has_apk.apex')
+ apex_path = common.MakeTempFile(suffix='.apex')
+ shutil.copy(self.apex_with_apk, apex_path)
signer = apex_utils.ApexApkSigner(apex_path, None, None)
- self.assertRaises(apex_utils.ApexSigningError, signer.ProcessApexFile, {},
- self.payload_key, None)
+ self.assertRaises(apex_utils.ApexSigningError, signer.ProcessApexFile,
+ {}, self.payload_key)
@test_utils.SkipIfExternalToolsUnavailable()
def test_ApexApkSigner_signApk(self):
- apex_path = os.path.join(self.testdata_dir, 'has_apk.apex')
+ apex_path = common.MakeTempFile(suffix='.apex')
+ shutil.copy(self.apex_with_apk, apex_path)
signer = apex_utils.ApexApkSigner(apex_path, None, None)
apk_keys = {'wifi-service-resources.apk': os.path.join(
self.testdata_dir, 'testkey')}
self.payload_key = os.path.join(self.testdata_dir, 'testkey_RSA4096.key')
- payload_pubkey = common.ExtractAvbPublicKey('avbtool',
- self.payload_key)
- signer.ProcessApexFile(apk_keys, self.payload_key, payload_pubkey)
+ apex_file = signer.ProcessApexFile(apk_keys, self.payload_key)
+ package_name_extract_cmd = ['aapt', 'dump', 'badging', apex_file]
+ output = common.RunAndCheckOutput(package_name_extract_cmd)
+ for line in output.splitlines():
+ # Sample output from aapt: "package: name='com.google.android.wifi'
+ # versionCode='1' versionName='' platformBuildVersionName='R'
+ # compileSdkVersion='29' compileSdkVersionCodename='R'"
+ match = re.search(r"^package:.* name='([\w|\.]+)'", line, re.IGNORECASE)
+ if match:
+ package_name = match.group(1)
+ self.assertEquals('com.google.android.wifi', package_name)
@test_utils.SkipIfExternalToolsUnavailable()
def test_ApexApkSigner_noAssetDir(self):
- apex_path = os.path.join(self.testdata_dir, 'has_apk.apex')
no_asset = common.MakeTempFile(suffix='.apex')
with zipfile.ZipFile(no_asset, 'w') as output_zip:
- with zipfile.ZipFile(apex_path, 'r') as input_zip:
+ with zipfile.ZipFile(self.apex_with_apk, 'r') as input_zip:
name_list = input_zip.namelist()
for name in name_list:
if not name.startswith('assets'):
@@ -173,23 +184,4 @@
self.testdata_dir, 'testkey')}
self.payload_key = os.path.join(self.testdata_dir, 'testkey_RSA4096.key')
- payload_pubkey = common.ExtractAvbPublicKey('avbtool',
- self.payload_key)
- signer.ProcessApexFile(apk_keys, self.payload_key, payload_pubkey)
-
- @test_utils.SkipIfExternalToolsUnavailable()
- def test_ApexApkSigner_withSignerHelper(self):
- apex_path = os.path.join(self.testdata_dir, 'has_apk.apex')
- signer = apex_utils.ApexApkSigner(apex_path, None, None)
- apk_keys = {'wifi-service-resources.apk': os.path.join(
- self.testdata_dir, 'testkey')}
-
- self.payload_key = os.path.join(self.testdata_dir, 'testkey_RSA4096.key')
- payload_pubkey = common.ExtractAvbPublicKey('avbtool', self.payload_key)
-
- signing_helper = os.path.join(self.testdata_dir, 'signing_helper.sh')
- os.chmod(signing_helper, 0o700)
- payload_signer_args = '--signing_helper_with_files={}'.format(
- signing_helper)
- signer.ProcessApexFile(apk_keys, self.payload_key, payload_pubkey,
- payload_signer_args)
+ signer.ProcessApexFile(apk_keys, self.payload_key)