Multi cutout: replace wide with double overlay
am: 17444d16c2
Change-Id: I422c6a829f507245b4b180ec14129e9ed48afdd2
diff --git a/core/Makefile b/core/Makefile
index c03f21f..9cf539d 100644
--- a/core/Makefile
+++ b/core/Makefile
@@ -2781,9 +2781,15 @@
$(hide) $(call fs_config,$(zip_root)/PRODUCT,product/) > $(zip_root)/META/product_filesystem_config.txt
endif
ifeq ($(BOARD_BUILD_SYSTEM_ROOT_IMAGE),true)
+ @# When using BOARD_BUILD_SYSTEM_ROOT_IMAGE, ROOT always contains the files for the root under
+ @# normal boot. BOOT/RAMDISK exists only if additionally using BOARD_USES_RECOVERY_AS_BOOT.
$(hide) $(call fs_config,$(zip_root)/ROOT,) > $(zip_root)/META/root_filesystem_config.txt
-endif
+ifeq ($(BOARD_USES_RECOVERY_AS_BOOT),true)
$(hide) $(call fs_config,$(zip_root)/BOOT/RAMDISK,) > $(zip_root)/META/boot_filesystem_config.txt
+endif
+else # BOARD_BUILD_SYSTEM_ROOT_IMAGE != true
+ $(hide) $(call fs_config,$(zip_root)/BOOT/RAMDISK,) > $(zip_root)/META/boot_filesystem_config.txt
+endif
ifneq ($(INSTALLED_RECOVERYIMAGE_TARGET),)
$(hide) $(call fs_config,$(zip_root)/RECOVERY/RAMDISK,) > $(zip_root)/META/recovery_filesystem_config.txt
endif
diff --git a/core/base_rules.mk b/core/base_rules.mk
index ff48930..22e7aef 100644
--- a/core/base_rules.mk
+++ b/core/base_rules.mk
@@ -494,12 +494,15 @@
endif
endif
-# For modules tagged as tests but lacking a suite tag, set null-suite as the default.
+# For test modules that lack a suite tag, set null-suite as the default.
# We only support adding a default suite to native tests, native benchmarks, and instrumentation tests.
# This is because they are the only tests we currently auto-generate test configs for.
-ifneq ($(filter $(my_module_tags),tests),)
ifndef LOCAL_COMPATIBILITY_SUITE
-ifneq ($(filter NATIVE_TESTS NATIVE_BENCHMARK APPS, $(LOCAL_MODULE_CLASS)),)
+ifneq ($(filter NATIVE_TESTS NATIVE_BENCHMARK, $(LOCAL_MODULE_CLASS)),)
+LOCAL_COMPATIBILITY_SUITE := null-suite
+endif
+ifneq ($(filter APPS, $(LOCAL_MODULE_CLASS)),)
+ifneq ($(filter $(my_module_tags),tests),)
LOCAL_COMPATIBILITY_SUITE := null-suite
endif
endif
diff --git a/core/clear_vars.mk b/core/clear_vars.mk
index 270a140..43e1e0d 100644
--- a/core/clear_vars.mk
+++ b/core/clear_vars.mk
@@ -241,12 +241,13 @@
LOCAL_SHARED_LIBRARIES:=
LOCAL_SOONG_CLASSES_JAR :=
LOCAL_SOONG_DEX_JAR :=
+LOCAL_SOONG_EXPORT_PROGUARD_FLAGS :=
LOCAL_SOONG_HEADER_JAR :=
LOCAL_SOONG_JACOCO_REPORT_CLASSES_JAR :=
LOCAL_SOONG_PROGUARD_DICT :=
LOCAL_SOONG_RESOURCE_EXPORT_PACKAGE :=
LOCAL_SOONG_RRO_DIRS :=
-LOCAL_DROIDDOC_STUBS_JAR :=
+LOCAL_DROIDDOC_STUBS_SRCJAR :=
LOCAL_DROIDDOC_DOC_ZIP :=
# '',true
LOCAL_SOURCE_FILES_ALL_GENERATED:=
diff --git a/core/config.mk b/core/config.mk
index 917729a..4695aa5 100644
--- a/core/config.mk
+++ b/core/config.mk
@@ -610,6 +610,7 @@
SOONG_ZIP := $(SOONG_HOST_OUT_EXECUTABLES)/soong_zip
MERGE_ZIPS := $(SOONG_HOST_OUT_EXECUTABLES)/merge_zips
XMLLINT := $(SOONG_HOST_OUT_EXECUTABLES)/xmllint
+XZ := $(prebuilt_build_tools)/$(HOST_PREBUILT_TAG)/bin/xz
ZIP2ZIP := $(SOONG_HOST_OUT_EXECUTABLES)/zip2zip
ZIPTIME := $(prebuilt_build_tools_bin)/ziptime
diff --git a/core/config_sanitizers.mk b/core/config_sanitizers.mk
index 9415143..35d077c 100644
--- a/core/config_sanitizers.mk
+++ b/core/config_sanitizers.mk
@@ -217,19 +217,17 @@
# Respect LOCAL_NOSANITIZE for integer-overflow flags.
ifeq ($(filter signed-integer-overflow, $(strip $(LOCAL_NOSANITIZE))),)
- my_cflags += -fsanitize=signed-integer-overflow
+ my_sanitize += signed-integer-overflow
endif
ifeq ($(filter unsigned-integer-overflow, $(strip $(LOCAL_NOSANITIZE))),)
- my_cflags += -fsanitize=unsigned-integer-overflow
+ my_sanitize += unsigned-integer-overflow
endif
- my_cflags += -fsanitize-trap=all
- my_cflags += -ftrap-function=abort
my_cflags += $(INTEGER_OVERFLOW_EXTRA_CFLAGS)
# Check for diagnostics mode (on by default).
ifneq ($(filter integer_overflow,$(my_sanitize_diag)),)
- my_cflags += -fno-sanitize-trap=signed-integer-overflow,unsigned-integer-overflow
- my_shared_libraries := $($(LOCAL_2ND_ARCH_VAR_PREFIX)UBSAN_RUNTIME_LIBRARY) $(my_shared_libraries)
+ my_sanitize_diag += signed-integer-overflow
+ my_sanitize_diag += unsigned-integer-overflow
endif
endif
endif
@@ -326,6 +324,27 @@
endif
endif
+# Use minimal diagnostics when integer overflow is enabled
+ifndef LOCAL_IS_HOST_MODULE
+ # Pre-emptively add UBSAN minimal runtime incase a static library dependency requires it
+ ifeq ($(filter STATIC_LIBRARIES,$(LOCAL_MODULE_CLASS)),)
+ ifndef LOCAL_SDK_VERSION
+ my_static_libraries += $($(LOCAL_2ND_ARCH_VAR_PREFIX)UBSAN_MINIMAL_RUNTIME_LIBRARY)
+ endif
+ endif
+ ifneq ($(filter unsigned-integer-overflow signed-integer-overflow integer,$(my_sanitize)),)
+ ifeq ($(filter unsigned-integer-overflow signed-integer overflow integer,$(my_sanitize_diag)),)
+ ifeq ($(filter cfi,$(my_sanitize_diag)),)
+ ifeq ($(filter address,$(my_sanitize)),)
+ my_cflags += -fsanitize-minimal-runtime
+ my_cflags += -fno-sanitize-trap=integer
+ my_cflags += -fno-sanitize-recover=integer
+ endif
+ endif
+ endif
+ endif
+endif
+
ifneq ($(strip $(LOCAL_SANITIZE_RECOVER)),)
recover_arg := $(subst $(space),$(comma),$(LOCAL_SANITIZE_RECOVER)),
my_cflags += -fsanitize-recover=$(recover_arg)
diff --git a/core/definitions.mk b/core/definitions.mk
index 1fb03ff..52a9996 100644
--- a/core/definitions.mk
+++ b/core/definitions.mk
@@ -1853,7 +1853,7 @@
$(PRIVATE_OBJCOPY) -S --remove-section .gdb_index --remove-section .comment --keep-symbols=$@.keep_symbols $@.mini_debuginfo && \
$(PRIVATE_OBJCOPY) --rename-section saved_debug_frame=.debug_frame $@.mini_debuginfo && \
rm -f $@.mini_debuginfo.xz && \
- xz $@.mini_debuginfo && \
+ $(XZ) $@.mini_debuginfo && \
$(PRIVATE_OBJCOPY) --add-section .gnu_debugdata=$@.mini_debuginfo.xz $@; \
else \
cp -f $< $@; \
@@ -2326,9 +2326,9 @@
$(addprefix --classpath ,$(strip \
$(call normalize-path-list,$(PRIVATE_ALL_JAVA_HEADER_LIBRARIES)))) \
|| ( rm -rf $(dir $@)/classes-turbine ; exit 41 ) && \
- $(MERGE_ZIPS) -j -stripDir META-INF $@.tmp $@.premerged $(call reverse-list,$(PRIVATE_STATIC_JAVA_HEADER_LIBRARIES)) ; \
+ $(MERGE_ZIPS) -j --ignore-duplicates -stripDir META-INF $@.tmp $@.premerged $(call reverse-list,$(PRIVATE_STATIC_JAVA_HEADER_LIBRARIES)) ; \
else \
- $(MERGE_ZIPS) -j -stripDir META-INF $@.tmp $(call reverse-list,$(PRIVATE_STATIC_JAVA_HEADER_LIBRARIES)) ; \
+ $(MERGE_ZIPS) -j --ignore-duplicates -stripDir META-INF $@.tmp $(call reverse-list,$(PRIVATE_STATIC_JAVA_HEADER_LIBRARIES)) ; \
fi
$(hide) $(ZIPTIME) $@.tmp
$(hide) $(call commit-change-for-toc,$@)
diff --git a/core/dynamic_binary.mk b/core/dynamic_binary.mk
index f44b8a8..ebbe71c 100644
--- a/core/dynamic_binary.mk
+++ b/core/dynamic_binary.mk
@@ -145,15 +145,15 @@
ifeq ($(my_strip_module),mini-debug-info)
# Strip the binary, but keep debug frames and symbol table in a compressed .gnu_debugdata section.
-$(strip_output): $(strip_input) | $($(LOCAL_2ND_ARCH_VAR_PREFIX)TARGET_STRIP) $($(LOCAL_2ND_ARCH_VAR_PREFIX)TARGET_OBJCOPY) $($(LOCAL_2ND_ARCH_VAR_PREFIX)TARGET_NM)
+$(strip_output): $(strip_input) $($(LOCAL_2ND_ARCH_VAR_PREFIX)TARGET_STRIP) $($(LOCAL_2ND_ARCH_VAR_PREFIX)TARGET_OBJCOPY) $($(LOCAL_2ND_ARCH_VAR_PREFIX)TARGET_NM) $(XZ)
$(transform-to-stripped-keep-mini-debug-info)
else ifneq ($(filter true no_debuglink,$(my_strip_module)),)
# Strip the binary
-$(strip_output): $(strip_input) | $($(LOCAL_2ND_ARCH_VAR_PREFIX)TARGET_STRIP)
+$(strip_output): $(strip_input) $($(LOCAL_2ND_ARCH_VAR_PREFIX)TARGET_STRIP)
$(transform-to-stripped)
else ifeq ($(my_strip_module),keep_symbols)
# Strip only the debug frames, but leave the symbol table.
-$(strip_output): $(strip_input) | $($(LOCAL_2ND_ARCH_VAR_PREFIX)TARGET_STRIP)
+$(strip_output): $(strip_input) $($(LOCAL_2ND_ARCH_VAR_PREFIX)TARGET_STRIP)
$(transform-to-stripped-keep-symbols)
# A product may be configured to strip everything in some build variants.
diff --git a/core/java_common.mk b/core/java_common.mk
index c97653b..4e9d685 100644
--- a/core/java_common.mk
+++ b/core/java_common.mk
@@ -428,7 +428,7 @@
endif
endif
-$(LOCAL_INTERMEDIATE_TARGETS): PRIVATE_AAPT_FLAGS := $(LOCAL_AAPT_FLAGS) $(PRODUCT_AAPT_FLAGS)
+$(LOCAL_INTERMEDIATE_TARGETS): PRIVATE_AAPT_FLAGS := $(LOCAL_AAPT_FLAGS)
$(LOCAL_INTERMEDIATE_TARGETS): PRIVATE_TARGET_AAPT_CHARACTERISTICS := $(TARGET_AAPT_CHARACTERISTICS)
$(LOCAL_INTERMEDIATE_TARGETS): PRIVATE_MANIFEST_PACKAGE_NAME := $(LOCAL_MANIFEST_PACKAGE_NAME)
$(LOCAL_INTERMEDIATE_TARGETS): PRIVATE_MANIFEST_INSTRUMENTATION_FOR := $(LOCAL_MANIFEST_INSTRUMENTATION_FOR)
diff --git a/core/package_internal.mk b/core/package_internal.mk
index e25fd99..fb1710c 100644
--- a/core/package_internal.mk
+++ b/core/package_internal.mk
@@ -473,7 +473,6 @@
endif # need_compile_res
framework_res_package_export :=
-framework_res_package_export_deps :=
ifneq ($(LOCAL_NO_STANDARD_LIBRARIES),true)
# Most packages should link against the resources defined by framework-res.
@@ -485,15 +484,9 @@
# for released sdk versions, the platform resources were built into android.jar.
framework_res_package_export := \
$(HISTORICAL_SDK_VERSIONS_ROOT)/$(LOCAL_SDK_RES_VERSION)/android.jar
-framework_res_package_export_deps := $(framework_res_package_export)
else # LOCAL_SDK_RES_VERSION
framework_res_package_export := \
$(call intermediates-dir-for,APPS,framework-res,,COMMON)/package-export.apk
-# We can't depend directly on the export.apk file; it won't get its
-# PRIVATE_ vars set up correctly if we do. Instead, depend on the
-# corresponding R.stamp file, which lists the export.apk as a dependency.
-framework_res_package_export_deps := \
- $(dir $(framework_res_package_export))src/R.stamp
endif # LOCAL_SDK_RES_VERSION
endif # LOCAL_NO_STANDARD_LIBRARIES
@@ -503,7 +496,7 @@
$(call intermediates-dir-for,APPS,$(lib),,COMMON)/package-export.apk)
all_library_res_package_export_deps := \
- $(framework_res_package_export_deps) \
+ $(framework_res_package_export) \
$(foreach lib,$(LOCAL_RES_LIBRARIES),\
$(call intermediates-dir-for,APPS,$(lib),,COMMON)/src/R.stamp)
$(resource_export_package) $(R_file_stamp) $(LOCAL_BUILT_MODULE): $(all_library_res_package_export_deps)
diff --git a/core/prebuilt_internal.mk b/core/prebuilt_internal.mk
index d4f5522..96e2613 100644
--- a/core/prebuilt_internal.mk
+++ b/core/prebuilt_internal.mk
@@ -615,18 +615,14 @@
endif
framework_res_package_export :=
-framework_res_package_export_deps :=
# Please refer to package.mk
ifneq ($(LOCAL_NO_STANDARD_LIBRARIES),true)
ifneq ($(filter-out current system_current test_current,$(LOCAL_SDK_RES_VERSION))$(if $(TARGET_BUILD_APPS),$(filter current system_current test_current,$(LOCAL_SDK_RES_VERSION))),)
framework_res_package_export := \
$(HISTORICAL_SDK_VERSIONS_ROOT)/$(LOCAL_SDK_RES_VERSION)/android.jar
-framework_res_package_export_deps := $(framework_res_package_export)
else
framework_res_package_export := \
$(call intermediates-dir-for,APPS,framework-res,,COMMON)/package-export.apk
-framework_res_package_export_deps := \
- $(dir $(framework_res_package_export))src/R.stamp
endif
endif
@@ -644,7 +640,7 @@
$(my_res_package): PRIVATE_PRODUCT_AAPT_CONFIG :=
$(my_res_package): PRIVATE_PRODUCT_AAPT_PREF_CONFIG :=
$(my_res_package): PRIVATE_TARGET_AAPT_CHARACTERISTICS :=
-$(my_res_package) : $(framework_res_package_export_deps)
+$(my_res_package) : $(framework_res_package_export)
full_android_manifest :=
my_res_resources :=
diff --git a/core/sdk_check.mk b/core/sdk_check.mk
index c09fc7c..49ea2a8 100644
--- a/core/sdk_check.mk
+++ b/core/sdk_check.mk
@@ -8,11 +8,6 @@
whitelisted_modules := framework-res__auto_generated_rro
-
-ifeq (,$(JAVA_SDK_ENFORCEMENT_ERROR))
- JAVA_SDK_ENFORCEMENT_ERROR := APPS
-endif
-
ifeq ($(LOCAL_SDK_VERSION)$(LOCAL_PRIVATE_PLATFORM_APIS),)
ifeq (,$(filter $(LOCAL_MODULE),$(whitelisted_modules)))
ifneq ($(JAVA_SDK_ENFORCEMENT_WARNING)$(JAVA_SDK_ENFORCEMENT_ERROR),)
diff --git a/core/soong_app_prebuilt.mk b/core/soong_app_prebuilt.mk
index f8d1ef0..ae0d196 100644
--- a/core/soong_app_prebuilt.mk
+++ b/core/soong_app_prebuilt.mk
@@ -34,13 +34,13 @@
$(intermediates.COMMON)/proguard_dictionary)
endif
-ifneq ($(TURBINE_DISABLED),false)
+ifneq ($(TURBINE_ENABLED),false)
ifdef LOCAL_SOONG_HEADER_JAR
$(eval $(call copy-one-file,$(LOCAL_SOONG_HEADER_JAR),$(full_classes_header_jar)))
else
$(eval $(call copy-one-file,$(full_classes_jar),$(full_classes_header_jar)))
endif
-endif # TURBINE_DISABLED != false
+endif # TURBINE_ENABLED != false
$(eval $(call copy-one-file,$(LOCAL_PREBUILT_MODULE_FILE),$(LOCAL_BUILT_MODULE)))
@@ -55,6 +55,7 @@
@echo "Copy: $$@"
$(copy-file-to-target)
touch $(PRIVATE_STAMP)
+$(call add-dependency,$(LOCAL_BUILT_MODULE),$(resource_export_package))
endif # LOCAL_SOONG_RESOURCE_EXPORT_PACKAGE
diff --git a/core/soong_config.mk b/core/soong_config.mk
index bf5034b..02d221d 100644
--- a/core/soong_config.mk
+++ b/core/soong_config.mk
@@ -108,7 +108,6 @@
$(call add_json_bool, ArtUseReadBarrier, $(call invert_bool,$(filter false,$(PRODUCT_ART_USE_READ_BARRIER))))
$(call add_json_bool, Binder32bit, $(BINDER32BIT))
-$(call add_json_bool, Brillo, $(BRILLO))
$(call add_json_str, BtConfigIncludeDir, $(BOARD_BLUETOOTH_BDROID_BUILDCFG_INCLUDE_DIR))
$(call add_json_bool, Device_uses_hwc2, $(filter true,$(TARGET_USES_HWC2)))
$(call add_json_list, DeviceKernelHeaders, $(TARGET_PROJECT_SYSTEM_INCLUDES))
diff --git a/core/soong_java_prebuilt.mk b/core/soong_java_prebuilt.mk
index e5d4410..36a71e3 100644
--- a/core/soong_java_prebuilt.mk
+++ b/core/soong_java_prebuilt.mk
@@ -23,8 +23,8 @@
$(eval $(call copy-one-file,$(LOCAL_PREBUILT_MODULE_FILE),$(full_classes_jar)))
$(eval $(call copy-one-file,$(LOCAL_PREBUILT_MODULE_FILE),$(full_classes_pre_proguard_jar)))
-ifdef LOCAL_DROIDDOC_STUBS_JAR
-$(eval $(call copy-one-file,$(LOCAL_DROIDDOC_STUBS_JAR),$(OUT_DOCS)/$(LOCAL_MODULE)-stubs.srcjar))
+ifdef LOCAL_DROIDDOC_STUBS_SRCJAR
+$(eval $(call copy-one-file,$(LOCAL_DROIDDOC_STUBS_SRCJAR),$(OUT_DOCS)/$(LOCAL_MODULE)-stubs.srcjar))
ALL_DOCS += $(OUT_DOCS)/$(LOCAL_MODULE)-stubs.srcjar
endif
@@ -39,13 +39,31 @@
$(intermediates.COMMON)/jacoco-report-classes.jar)
endif
-ifneq ($(TURBINE_DISABLED),false)
+ifdef LOCAL_SOONG_EXPORT_PROGUARD_FLAGS
+ $(eval $(call copy-one-file,$(LOCAL_SOONG_EXPORT_PROGUARD_FLAGS),\
+ $(intermediates.COMMON)/export_proguard_flags))
+ $(call add-dependency,$(LOCAL_BUILT_MODULE),\
+ $(intermediates.COMMON)/export_proguard_flags)
+endif
+
+ifdef LOCAL_SOONG_RESOURCE_EXPORT_PACKAGE
+my_res_package := $(intermediates.COMMON)/package-res.apk
+
+$(my_res_package): $(LOCAL_SOONG_RESOURCE_EXPORT_PACKAGE)
+ @echo "Copy: $$@"
+ $(copy-file-to-target)
+
+$(call add-dependency,$(LOCAL_BUILT_MODULE),$(my_res_package))
+
+endif # LOCAL_SOONG_RESOURCE_EXPORT_PACKAGE
+
+ifneq ($(TURBINE_ENABLED),false)
ifdef LOCAL_SOONG_HEADER_JAR
$(eval $(call copy-one-file,$(LOCAL_SOONG_HEADER_JAR),$(full_classes_header_jar)))
else
$(eval $(call copy-one-file,$(full_classes_jar),$(full_classes_header_jar)))
endif
-endif # TURBINE_DISABLED != false
+endif # TURBINE_ENABLED != false
ifdef LOCAL_SOONG_DEX_JAR
ifndef LOCAL_IS_HOST_MODULE
diff --git a/core/static_java_library.mk b/core/static_java_library.mk
index b8f508b..bc5ee73 100644
--- a/core/static_java_library.mk
+++ b/core/static_java_library.mk
@@ -106,18 +106,14 @@
endif
framework_res_package_export :=
-framework_res_package_export_deps :=
# Please refer to package.mk
ifneq ($(LOCAL_NO_STANDARD_LIBRARIES),true)
ifneq ($(filter-out current system_current test_current,$(LOCAL_SDK_RES_VERSION))$(if $(TARGET_BUILD_APPS),$(filter current system_current test_current,$(LOCAL_SDK_RES_VERSION))),)
framework_res_package_export := \
$(HISTORICAL_SDK_VERSIONS_ROOT)/$(LOCAL_SDK_RES_VERSION)/android.jar
-framework_res_package_export_deps := $(framework_res_package_export)
else
framework_res_package_export := \
$(call intermediates-dir-for,APPS,framework-res,,COMMON)/package-export.apk
-framework_res_package_export_deps := \
- $(dir $(framework_res_package_export))src/R.stamp
endif
endif
@@ -181,10 +177,10 @@
endif # renderscript_target_api < 21
endif # renderscript_target_api is set
include $(BUILD_SYSTEM)/aapt2.mk
-$(my_res_package) : $(framework_res_package_export_deps)
+$(my_res_package) : $(framework_res_package_export)
else
$(R_file_stamp): PRIVATE_RESOURCE_LIST := $(all_resources)
-$(R_file_stamp) : $(all_resources) $(full_android_manifest) $(AAPT) $(framework_res_package_export_deps)
+$(R_file_stamp) : $(all_resources) $(full_android_manifest) $(AAPT) $(framework_res_package_export)
@echo "target R.java/Manifest.java: $(PRIVATE_MODULE) ($@)"
$(create-resource-java-files)
$(hide) find $(PRIVATE_SOURCE_INTERMEDIATES_DIR) -name R.java | xargs cat > $@
diff --git a/core/tasks/check_boot_jars/check_boot_jars.py b/core/tasks/check_boot_jars/check_boot_jars.py
index 1b4540c..9d71553 100755
--- a/core/tasks/check_boot_jars/check_boot_jars.py
+++ b/core/tasks/check_boot_jars/check_boot_jars.py
@@ -39,7 +39,7 @@
return True
-def CheckJar(jar):
+def CheckJar(whitelist_path, jar):
"""Check a jar file.
"""
# Get the list of files inside the jar file.
@@ -55,8 +55,9 @@
package_name = package_name.replace('/', '.')
# Skip class without a package name
if package_name and not whitelist_re.match(package_name):
- print >> sys.stderr, ('Error: %s contains class file %s, which is not in the whitelist'
- % (jar, f))
+ print >> sys.stderr, ('Error: %s contains class file %s, whose package name %s is not '
+ 'in the whitelist %s of packages allowed on the bootclasspath.'
+ % (jar, f, package_name, whitelist_path))
return False
return True
@@ -65,13 +66,14 @@
if len(argv) < 2:
print __doc__
return 1
+ whitelist_path = argv[0]
- if not LoadWhitelist(argv[0]):
+ if not LoadWhitelist(whitelist_path):
return 1
passed = True
for jar in argv[1:]:
- if not CheckJar(jar):
+ if not CheckJar(whitelist_path, jar):
passed = False
if not passed:
return 1
diff --git a/target/product/treble_common.mk b/target/product/treble_common.mk
index cd5442f..8fa2974 100644
--- a/target/product/treble_common.mk
+++ b/target/product/treble_common.mk
@@ -66,6 +66,12 @@
PRODUCT_COPY_FILES += \
device/generic/goldfish/data/etc/apns-conf.xml:system/etc/apns-conf.xml
+# NFC:
+# Provide default libnfc-nci.conf file for devices that does not have one in
+# vendor/etc
+PRODUCT_COPY_FILES += \
+ device/generic/common/nfc/libnfc-nci.conf:system/etc/libnfc-nci.conf
+
# Support for the devices with no VNDK enforcing
PRODUCT_COPY_FILES += \
build/make/target/product/vndk/init.gsi.rc:system/etc/init/init.gsi.rc \
diff --git a/tools/releasetools/test_validate_target_files.py b/tools/releasetools/test_validate_target_files.py
new file mode 100644
index 0000000..bae648f
--- /dev/null
+++ b/tools/releasetools/test_validate_target_files.py
@@ -0,0 +1,180 @@
+#
+# Copyright (C) 2018 The Android Open Source Project
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+#
+
+"""Unittests for validate_target_files.py.
+
+Note: This file calls functions in build_image.py that hard-code the path in
+relative to ANDROID_BUILD_TOP (e.g.
+system/extras/verity/build_verity_metadata.py). So the test needs to be
+triggered under ANDROID_BUILD_TOP or the top-level OTA tools directory (i.e.
+the one after unzipping otatools.zip).
+
+ (from ANDROID_BUILD_TOP)
+ $ PYTHONPATH=build/make/tools/releasetools python -m unittest \\
+ test_validate_target_files
+
+ (from OTA tools directory)
+ $ PYTHONPATH=releasetools python -m unittest test_validate_target_files
+"""
+
+from __future__ import print_function
+
+import os
+import os.path
+import shutil
+import subprocess
+import unittest
+
+import build_image
+import common
+import test_utils
+from validate_target_files import ValidateVerifiedBootImages
+
+
+class ValidateTargetFilesTest(unittest.TestCase):
+
+ def setUp(self):
+ self.testdata_dir = test_utils.get_testdata_dir()
+
+ def tearDown(self):
+ common.Cleanup()
+
+ def _generate_boot_image(self, output_file):
+ kernel = common.MakeTempFile(prefix='kernel-')
+ with open(kernel, 'wb') as kernel_fp:
+ kernel_fp.write(os.urandom(10))
+
+ cmd = ['mkbootimg', '--kernel', kernel, '-o', output_file]
+ proc = common.Run(cmd, stdout=subprocess.PIPE, stderr=subprocess.STDOUT)
+ stdoutdata, _ = proc.communicate()
+ self.assertEqual(
+ 0, proc.returncode,
+ "Failed to run mkbootimg: {}".format(stdoutdata))
+
+ cmd = ['boot_signer', '/boot', output_file,
+ os.path.join(self.testdata_dir, 'testkey.pk8'),
+ os.path.join(self.testdata_dir, 'testkey.x509.pem'), output_file]
+ proc = common.Run(cmd, stdout=subprocess.PIPE, stderr=subprocess.STDOUT)
+ stdoutdata, _ = proc.communicate()
+ self.assertEqual(
+ 0, proc.returncode,
+ "Failed to sign boot image with boot_signer: {}".format(stdoutdata))
+
+ def test_ValidateVerifiedBootImages_bootImage(self):
+ input_tmp = common.MakeTempDir()
+ os.mkdir(os.path.join(input_tmp, 'IMAGES'))
+ boot_image = os.path.join(input_tmp, 'IMAGES', 'boot.img')
+ self._generate_boot_image(boot_image)
+
+ info_dict = {
+ 'boot_signer' : 'true',
+ }
+ options = {
+ 'verity_key' : os.path.join(self.testdata_dir, 'testkey.x509.pem'),
+ }
+ ValidateVerifiedBootImages(input_tmp, info_dict, options)
+
+ def test_ValidateVerifiedBootImages_bootImage_wrongKey(self):
+ input_tmp = common.MakeTempDir()
+ os.mkdir(os.path.join(input_tmp, 'IMAGES'))
+ boot_image = os.path.join(input_tmp, 'IMAGES', 'boot.img')
+ self._generate_boot_image(boot_image)
+
+ info_dict = {
+ 'boot_signer' : 'true',
+ }
+ options = {
+ 'verity_key' : os.path.join(self.testdata_dir, 'verity.x509.pem'),
+ }
+ self.assertRaises(
+ AssertionError, ValidateVerifiedBootImages, input_tmp, info_dict,
+ options)
+
+ def test_ValidateVerifiedBootImages_bootImage_corrupted(self):
+ input_tmp = common.MakeTempDir()
+ os.mkdir(os.path.join(input_tmp, 'IMAGES'))
+ boot_image = os.path.join(input_tmp, 'IMAGES', 'boot.img')
+ self._generate_boot_image(boot_image)
+
+ # Corrupt the late byte of the image.
+ with open(boot_image, 'r+b') as boot_fp:
+ boot_fp.seek(-1, os.SEEK_END)
+ last_byte = boot_fp.read(1)
+ last_byte = chr(255 - ord(last_byte))
+ boot_fp.seek(-1, os.SEEK_END)
+ boot_fp.write(last_byte)
+
+ info_dict = {
+ 'boot_signer' : 'true',
+ }
+ options = {
+ 'verity_key' : os.path.join(self.testdata_dir, 'testkey.x509.pem'),
+ }
+ self.assertRaises(
+ AssertionError, ValidateVerifiedBootImages, input_tmp, info_dict,
+ options)
+
+ def _generate_system_image(self, output_file):
+ verity_fec = True
+ partition_size = 1024 * 1024
+ adjusted_size, verity_size = build_image.AdjustPartitionSizeForVerity(
+ partition_size, verity_fec)
+
+ # Use an empty root directory.
+ system_root = common.MakeTempDir()
+ cmd = ['mkuserimg_mke2fs.sh', '-s', system_root, output_file, 'ext4',
+ '/system', str(adjusted_size), '-j', '0']
+ proc = common.Run(cmd, stdout=subprocess.PIPE, stderr=subprocess.STDOUT)
+ stdoutdata, _ = proc.communicate()
+ self.assertEqual(
+ 0, proc.returncode,
+ "Failed to create system image with mkuserimg_mke2fs.sh: {}".format(
+ stdoutdata))
+
+ # Append the verity metadata.
+ prop_dict = {
+ 'original_partition_size' : str(partition_size),
+ 'partition_size' : str(adjusted_size),
+ 'verity_block_device' : '/dev/block/system',
+ 'verity_key' : os.path.join(self.testdata_dir, 'testkey'),
+ 'verity_signer_cmd' : 'verity_signer',
+ 'verity_size' : str(verity_size),
+ }
+ self.assertTrue(
+ build_image.MakeVerityEnabledImage(output_file, verity_fec, prop_dict))
+
+ def test_ValidateVerifiedBootImages_systemImage(self):
+ input_tmp = common.MakeTempDir()
+ os.mkdir(os.path.join(input_tmp, 'IMAGES'))
+ system_image = os.path.join(input_tmp, 'IMAGES', 'system.img')
+ self._generate_system_image(system_image)
+
+ # Pack the verity key.
+ verity_key_mincrypt = os.path.join(
+ input_tmp, 'BOOT', 'RAMDISK', 'verity_key')
+ os.makedirs(os.path.dirname(verity_key_mincrypt))
+ shutil.copyfile(
+ os.path.join(self.testdata_dir, 'testkey_mincrypt'),
+ verity_key_mincrypt)
+
+ info_dict = {
+ 'verity' : 'true',
+ }
+ options = {
+ 'verity_key' : os.path.join(self.testdata_dir, 'testkey.x509.pem'),
+ 'verity_key_mincrypt' : verity_key_mincrypt,
+ }
+ ValidateVerifiedBootImages(input_tmp, info_dict, options)
diff --git a/tools/releasetools/testdata/testkey_mincrypt b/tools/releasetools/testdata/testkey_mincrypt
new file mode 100644
index 0000000..7f5d31b
--- /dev/null
+++ b/tools/releasetools/testdata/testkey_mincrypt
Binary files differ
diff --git a/tools/releasetools/validate_target_files.py b/tools/releasetools/validate_target_files.py
index db1ba2e..e8cea29 100755
--- a/tools/releasetools/validate_target_files.py
+++ b/tools/releasetools/validate_target_files.py
@@ -17,16 +17,25 @@
"""
Validate a given (signed) target_files.zip.
-It performs checks to ensure the integrity of the input zip.
+It performs the following checks to assert the integrity of the input zip.
+
- It verifies the file consistency between the ones in IMAGES/system.img (read
via IMAGES/system.map) and the ones under unpacked folder of SYSTEM/. The
same check also applies to the vendor image if present.
+
+ - It verifies the install-recovery script consistency, by comparing the
+ checksums in the script against the ones of IMAGES/{boot,recovery}.img.
+
+ - It verifies the signed Verified Boot related images, for both of Verified
+ Boot 1.0 and 2.0 (aka AVB).
"""
+import argparse
+import filecmp
import logging
import os.path
import re
-import sys
+import subprocess
import zipfile
import common
@@ -177,33 +186,152 @@
logging.info('Done checking %s', script_path)
-def main(argv):
- def option_handler():
- return True
+def ValidateVerifiedBootImages(input_tmp, info_dict, options):
+ """Validates the Verified Boot related images.
- args = common.ParseOptions(
- argv, __doc__, extra_opts="",
- extra_long_opts=[],
- extra_option_handler=option_handler)
+ For Verified Boot 1.0, it verifies the signatures of the bootable images
+ (boot/recovery etc), as well as the dm-verity metadata in system images
+ (system/vendor/product). For Verified Boot 2.0, it calls avbtool to verify
+ vbmeta.img, which in turn verifies all the descriptors listed in vbmeta.
- if len(args) != 1:
- common.Usage(__doc__)
- sys.exit(1)
+ Args:
+ input_tmp: The top-level directory of unpacked target-files.zip.
+ info_dict: The loaded info dict.
+ options: A dict that contains the user-supplied public keys to be used for
+ image verification. In particular, 'verity_key' is used to verify the
+ bootable images in VB 1.0, and the vbmeta image in VB 2.0, where
+ applicable. 'verity_key_mincrypt' will be used to verify the system
+ images in VB 1.0.
+
+ Raises:
+ AssertionError: On any verification failure.
+ """
+ # Verified boot 1.0 (images signed with boot_signer and verity_signer).
+ if info_dict.get('boot_signer') == 'true':
+ logging.info('Verifying Verified Boot images...')
+
+ # Verify the boot/recovery images (signed with boot_signer), against the
+ # given X.509 encoded pubkey (or falling back to the one in the info_dict if
+ # none given).
+ verity_key = options['verity_key']
+ if verity_key is None:
+ verity_key = info_dict['verity_key'] + '.x509.pem'
+ for image in ('boot.img', 'recovery.img', 'recovery-two-step.img'):
+ image_path = os.path.join(input_tmp, 'IMAGES', image)
+ if not os.path.exists(image_path):
+ continue
+
+ cmd = ['boot_signer', '-verify', image_path, '-certificate', verity_key]
+ proc = common.Run(cmd, stdout=subprocess.PIPE, stderr=subprocess.STDOUT)
+ stdoutdata, _ = proc.communicate()
+ assert proc.returncode == 0, \
+ 'Failed to verify {} with boot_signer:\n{}'.format(image, stdoutdata)
+ logging.info(
+ 'Verified %s with boot_signer (key: %s):\n%s', image, verity_key,
+ stdoutdata.rstrip())
+
+ # Verify verity signed system images in Verified Boot 1.0. Note that not using
+ # 'elif' here, since 'boot_signer' and 'verity' are not bundled in VB 1.0.
+ if info_dict.get('verity') == 'true':
+ # First verify that the verity key that's built into the root image (as
+ # /verity_key) matches the one given via command line, if any.
+ if info_dict.get("system_root_image") == "true":
+ verity_key_mincrypt = os.path.join(input_tmp, 'ROOT', 'verity_key')
+ else:
+ verity_key_mincrypt = os.path.join(
+ input_tmp, 'BOOT', 'RAMDISK', 'verity_key')
+ assert os.path.exists(verity_key_mincrypt), 'Missing verity_key'
+
+ if options['verity_key_mincrypt'] is None:
+ logging.warn(
+ 'Skipped checking the content of /verity_key, as the key file not '
+ 'provided. Use --verity_key_mincrypt to specify.')
+ else:
+ expected_key = options['verity_key_mincrypt']
+ assert filecmp.cmp(expected_key, verity_key_mincrypt, shallow=False), \
+ "Mismatching mincrypt verity key files"
+ logging.info('Verified the content of /verity_key')
+
+ # Then verify the verity signed system/vendor/product images, against the
+ # verity pubkey in mincrypt format.
+ for image in ('system.img', 'vendor.img', 'product.img'):
+ image_path = os.path.join(input_tmp, 'IMAGES', image)
+
+ # We are not checking if the image is actually enabled via info_dict (e.g.
+ # 'system_verity_block_device=...'). Because it's most likely a bug that
+ # skips signing some of the images in signed target-files.zip, while
+ # having the top-level verity flag enabled.
+ if not os.path.exists(image_path):
+ continue
+
+ cmd = ['verity_verifier', image_path, '-mincrypt', verity_key_mincrypt]
+ proc = common.Run(cmd, stdout=subprocess.PIPE, stderr=subprocess.STDOUT)
+ stdoutdata, _ = proc.communicate()
+ assert proc.returncode == 0, \
+ 'Failed to verify {} with verity_verifier (key: {}):\n{}'.format(
+ image, verity_key_mincrypt, stdoutdata)
+ logging.info(
+ 'Verified %s with verity_verifier (key: %s):\n%s', image,
+ verity_key_mincrypt, stdoutdata.rstrip())
+
+ # Handle the case of Verified Boot 2.0 (AVB).
+ if info_dict.get("avb_enable") == "true":
+ logging.info('Verifying Verified Boot 2.0 (AVB) images...')
+
+ key = options['verity_key']
+ if key is None:
+ key = info_dict['avb_vbmeta_key_path']
+ # avbtool verifies all the images that have descriptors listed in vbmeta.
+ image = os.path.join(input_tmp, 'IMAGES', 'vbmeta.img')
+ cmd = ['avbtool', 'verify_image', '--image', image, '--key', key]
+ proc = common.Run(cmd, stdout=subprocess.PIPE, stderr=subprocess.STDOUT)
+ stdoutdata, _ = proc.communicate()
+ assert proc.returncode == 0, \
+ 'Failed to verify {} with verity_verifier (key: {}):\n{}'.format(
+ image, key, stdoutdata)
+
+ logging.info(
+ 'Verified %s with avbtool (key: %s):\n%s', image, key,
+ stdoutdata.rstrip())
+
+
+def main():
+ parser = argparse.ArgumentParser(
+ description=__doc__,
+ formatter_class=argparse.RawDescriptionHelpFormatter)
+ parser.add_argument(
+ 'target_files',
+ help='the input target_files.zip to be validated')
+ parser.add_argument(
+ '--verity_key',
+ help='the verity public key to verify the bootable images (Verified '
+ 'Boot 1.0), or the vbmeta image (Verified Boot 2.0), where '
+ 'applicable')
+ parser.add_argument(
+ '--verity_key_mincrypt',
+ help='the verity public key in mincrypt format to verify the system '
+ 'images, if target using Verified Boot 1.0')
+ args = parser.parse_args()
+
+ # Unprovided args will have 'None' as the value.
+ options = vars(args)
logging_format = '%(asctime)s - %(filename)s - %(levelname)-8s: %(message)s'
date_format = '%Y/%m/%d %H:%M:%S'
logging.basicConfig(level=logging.INFO, format=logging_format,
datefmt=date_format)
- logging.info("Unzipping the input target_files.zip: %s", args[0])
- input_tmp = common.UnzipTemp(args[0])
+ logging.info("Unzipping the input target_files.zip: %s", args.target_files)
+ input_tmp = common.UnzipTemp(args.target_files)
- with zipfile.ZipFile(args[0], 'r') as input_zip:
+ with zipfile.ZipFile(args.target_files, 'r') as input_zip:
ValidateFileConsistency(input_zip, input_tmp)
info_dict = common.LoadInfoDict(input_tmp)
ValidateInstallRecoveryScript(input_tmp, info_dict)
+ ValidateVerifiedBootImages(input_tmp, info_dict, options)
+
# TODO: Check if the OTA keys have been properly updated (the ones on /system,
# in recovery image).
@@ -212,6 +340,6 @@
if __name__ == '__main__':
try:
- main(sys.argv[1:])
+ main()
finally:
common.Cleanup()