Update Security string to 2016-12-05 am: 873455ef7c am: f058324a71 am: ed54753f7a -s ours am: 0b34d13069 am: 919213d346 am: 199fa7c6cc am: b5beda11a4 am: c07ff401f2 am: fee7a82fe3
am: a457c10023
Change-Id: I58dd15d5eeb9e71aff2d9918878439d2e74c835e
diff --git a/core/base_rules.mk b/core/base_rules.mk
index 6722af4..6fc2935 100644
--- a/core/base_rules.mk
+++ b/core/base_rules.mk
@@ -210,7 +210,10 @@
# Apk and its attachments reside in its own subdir.
ifeq ($(LOCAL_MODULE_CLASS),APPS)
# framework-res.apk doesn't like the additional layer.
- ifneq ($(LOCAL_NO_STANDARD_LIBRARIES),true)
+ ifeq ($(LOCAL_NO_STANDARD_LIBRARIES),true)
+ # Neither do Runtime Resource Overlay apks, which contain just the overlaid resources.
+ else ifeq ($(LOCAL_IS_RUNTIME_RESOURCE_OVERLAY),true)
+ else
my_module_path := $(my_module_path)/$(LOCAL_MODULE)
endif
endif
diff --git a/core/build_rro_package.mk b/core/build_rro_package.mk
new file mode 100644
index 0000000..24cd9a3
--- /dev/null
+++ b/core/build_rro_package.mk
@@ -0,0 +1,22 @@
+#########################################################################
+## Standard rules for installing runtime resouce overlay APKs.
+##
+## Set LOCAL_RRO_SKU to the SKU name if the package should apply only to
+## a particular SKU as set by ro.boot.vendor.overlay.sku system property.
+##
+#########################################################################
+
+LOCAL_IS_RUNTIME_RESOURCE_OVERLAY := true
+
+ifneq ($(LOCAL_SRC_FILES),)
+ $(error runtime resource overlay package should not contain sources)
+endif
+
+ifeq (S(LOCAL_RRO_SKU),)
+ LOCAL_MODULE_PATH := $(TARGET_OUT_VENDOR)/overlay
+else
+ LOCAL_MODULE_PATH := $(TARGET_OUT_VENDOR)/overlay/$(LOCAL_RRO_SKU)
+endif
+
+include $(BUILD_SYSTEM)/package.mk
+
diff --git a/core/clang/HOST_x86_common.mk b/core/clang/HOST_x86_common.mk
index 9e71750..690c0f6 100644
--- a/core/clang/HOST_x86_common.mk
+++ b/core/clang/HOST_x86_common.mk
@@ -13,7 +13,8 @@
ifeq ($(HOST_OS),linux)
CLANG_CONFIG_x86_LINUX_HOST_EXTRA_ASFLAGS := \
--gcc-toolchain=$($(clang_2nd_arch_prefix)HOST_TOOLCHAIN_FOR_CLANG) \
- --sysroot $($(clang_2nd_arch_prefix)HOST_TOOLCHAIN_FOR_CLANG)/sysroot
+ --sysroot $($(clang_2nd_arch_prefix)HOST_TOOLCHAIN_FOR_CLANG)/sysroot \
+ -B$($(clang_2nd_arch_prefix)HOST_TOOLCHAIN_FOR_CLANG)/x86_64-linux/bin
CLANG_CONFIG_x86_LINUX_HOST_EXTRA_CFLAGS := \
--gcc-toolchain=$($(clang_2nd_arch_prefix)HOST_TOOLCHAIN_FOR_CLANG)
diff --git a/core/clear_vars.mk b/core/clear_vars.mk
index 5886610..fdaa624 100644
--- a/core/clear_vars.mk
+++ b/core/clear_vars.mk
@@ -363,6 +363,8 @@
LOCAL_INIT_RC_32:=
LOCAL_INIT_RC_64:=
LOCAL_JAVA_LANGUAGE_VERSION:=
+LOCAL_IS_RUNTIME_RESOURCE_OVERLAY:=
+LOCAL_RRO_SKU:=
# Trim MAKEFILE_LIST so that $(call my-dir) doesn't need to
# iterate over thousands of entries every time.
diff --git a/core/config.mk b/core/config.mk
index 94c880f..6152060 100644
--- a/core/config.mk
+++ b/core/config.mk
@@ -85,6 +85,7 @@
BUILD_HOST_EXECUTABLE:= $(BUILD_SYSTEM)/host_executable.mk
BUILD_PACKAGE:= $(BUILD_SYSTEM)/package.mk
BUILD_PHONY_PACKAGE:= $(BUILD_SYSTEM)/phony_package.mk
+BUILD_RRO_PACKAGE:= $(BUILD_SYSTEM)/build_rro_package.mk
BUILD_HOST_PREBUILT:= $(BUILD_SYSTEM)/host_prebuilt.mk
BUILD_PREBUILT:= $(BUILD_SYSTEM)/prebuilt.mk
BUILD_MULTI_PREBUILT:= $(BUILD_SYSTEM)/multi_prebuilt.mk
diff --git a/tools/releasetools/add_img_to_target_files.py b/tools/releasetools/add_img_to_target_files.py
index 6acc69d..446b94f 100755
--- a/tools/releasetools/add_img_to_target_files.py
+++ b/tools/releasetools/add_img_to_target_files.py
@@ -19,7 +19,31 @@
not have an IMAGES/ top-level subdirectory), produce the images and
add them to the zipfile.
-Usage: add_img_to_target_files target_files
+Usage: add_img_to_target_files [flag] target_files
+
+ -a (--add_missing)
+ Build and add missing images to "IMAGES/". If this option is
+ not specified, this script will simply exit when "IMAGES/"
+ directory exists in the target file.
+
+ -r (--rebuild_recovery)
+ Rebuild the recovery patch and write it to the system image. Only
+ meaningful when system image needs to be rebuilt.
+
+ --replace_verity_private_key
+ Replace the private key used for verity signing. (same as the option
+ in sign_target_files_apks)
+
+ --replace_verity_public_key
+ Replace the certificate (public key) used for verity verification. (same
+ as the option in sign_target_files_apks)
+
+ --is_signing
+ Skip building & adding the images for "userdata" and "cache" if we
+ are signing the target files.
+
+ --verity_signer_path
+ Specify the signer path to build verity metadata.
"""
import sys
@@ -45,6 +69,7 @@
OPTIONS.rebuild_recovery = False
OPTIONS.replace_verity_public_key = False
OPTIONS.replace_verity_private_key = False
+OPTIONS.is_signing = False
OPTIONS.verity_signer_path = None
def GetCareMap(which, imgname):
@@ -356,10 +381,11 @@
if has_system_other:
banner("system_other")
AddSystemOther(output_zip)
- banner("userdata")
- AddUserdata(output_zip)
- banner("cache")
- AddCache(output_zip)
+ if not OPTIONS.is_signing:
+ banner("userdata")
+ AddUserdata(output_zip)
+ banner("cache")
+ AddCache(output_zip)
# For devices using A/B update, copy over images from RADIO/ to IMAGES/ and
# make sure we have all the needed images ready under IMAGES/.
@@ -406,6 +432,8 @@
OPTIONS.replace_verity_private_key = (True, a)
elif o == "--replace_verity_public_key":
OPTIONS.replace_verity_public_key = (True, a)
+ elif o == "--is_signing":
+ OPTIONS.is_signing = True
elif o == "--verity_signer_path":
OPTIONS.verity_signer_path = a
else:
@@ -417,6 +445,7 @@
extra_long_opts=["add_missing", "rebuild_recovery",
"replace_verity_public_key=",
"replace_verity_private_key=",
+ "is_signing",
"verity_signer_path="],
extra_option_handler=option_handler)
diff --git a/tools/releasetools/sign_target_files_apks.py b/tools/releasetools/sign_target_files_apks.py
index 0f20f82..6d68be1 100755
--- a/tools/releasetools/sign_target_files_apks.py
+++ b/tools/releasetools/sign_target_files_apks.py
@@ -713,7 +713,9 @@
common.ZipClose(input_zip)
common.ZipClose(output_zip)
- add_img_to_target_files.AddImagesToTargetFiles(args[1])
+ # Skip building userdata.img and cache.img when signing the target files.
+ new_args = ["--is_signing", args[1]]
+ add_img_to_target_files.main(new_args)
print "done."