diff options
-rw-r--r-- | core/build_id.mk | 2 | ||||
-rw-r--r-- | core/version_defaults.mk | 2 | ||||
-rw-r--r-- | tools/releasetools/apex_utils.py | 26 | ||||
-rw-r--r-- | tools/releasetools/merge/merge_dexopt.py | 4 | ||||
-rwxr-xr-x | tools/releasetools/sign_target_files_apks.py | 19 |
5 files changed, 30 insertions, 23 deletions
diff --git a/core/build_id.mk b/core/build_id.mk index 07de0a4d9d..fdf1f2e9f0 100644 --- a/core/build_id.mk +++ b/core/build_id.mk @@ -18,4 +18,4 @@ # (like "CRB01"). It must be a single word, and is # capitalized by convention. -BUILD_ID=331310000 +BUILD_ID=331410000 diff --git a/core/version_defaults.mk b/core/version_defaults.mk index c7aa309ffb..a2dcccbd21 100644 --- a/core/version_defaults.mk +++ b/core/version_defaults.mk @@ -103,7 +103,7 @@ ifndef PLATFORM_SECURITY_PATCH # It must be of the form "YYYY-MM-DD" on production devices. # It must match one of the Android Security Patch Level strings of the Public Security Bulletins. # If there is no $PLATFORM_SECURITY_PATCH set, keep it empty. - PLATFORM_SECURITY_PATCH := 2022-12-01 + PLATFORM_SECURITY_PATCH := 2023-01-01 endif include $(BUILD_SYSTEM)/version_util.mk diff --git a/tools/releasetools/apex_utils.py b/tools/releasetools/apex_utils.py index fbe90abace..ea099149dc 100644 --- a/tools/releasetools/apex_utils.py +++ b/tools/releasetools/apex_utils.py @@ -65,6 +65,8 @@ class ApexApkSigner(object): OPTIONS.search_path, "bin", "debugfs_static") self.fsckerofs_path = os.path.join( OPTIONS.search_path, "bin", "fsck.erofs") + self.blkid_path = os.path.join( + OPTIONS.search_path, "bin", "blkid") self.avbtool = avbtool if avbtool else "avbtool" self.sign_tool = sign_tool @@ -82,13 +84,8 @@ class ApexApkSigner(object): "Couldn't find location of debugfs_static: " + "Path {} does not exist. ".format(self.debugfs_path) + "Make sure bin/debugfs_static can be found in -p <path>") - if not os.path.exists(self.fsckerofs_path): - raise ApexSigningError( - "Couldn't find location of fsck.erofs: " + - "Path {} does not exist. ".format(self.fsckerofs_path) + - "Make sure bin/fsck.erofs can be found in -p <path>") list_cmd = ['deapexer', '--debugfs_path', self.debugfs_path, - '--fsckerofs_path', self.fsckerofs_path, 'list', self.apex_path] + 'list', self.apex_path] entries_names = common.RunAndCheckOutput(list_cmd).split() apk_entries = [name for name in entries_names if name.endswith('.apk')] @@ -128,9 +125,15 @@ class ApexApkSigner(object): "Couldn't find location of fsck.erofs: " + "Path {} does not exist. ".format(self.fsckerofs_path) + "Make sure bin/fsck.erofs can be found in -p <path>") + if not os.path.exists(self.blkid_path): + raise ApexSigningError( + "Couldn't find location of blkid: " + + "Path {} does not exist. ".format(self.blkid_path) + + "Make sure bin/blkid can be found in -p <path>") payload_dir = common.MakeTempDir() extract_cmd = ['deapexer', '--debugfs_path', self.debugfs_path, - '--fsckerofs_path', self.fsckerofs_path, 'extract', + '--fsckerofs_path', self.fsckerofs_path, + '--blkid_path', self.blkid_path, 'extract', self.apex_path, payload_dir] common.RunAndCheckOutput(extract_cmd) @@ -430,7 +433,6 @@ def SignCompressedApex(avbtool, apex_file, payload_key, container_key, The path to the signed APEX file. """ debugfs_path = os.path.join(OPTIONS.search_path, 'bin', 'debugfs_static') - fsckerofs_path = os.path.join(OPTIONS.search_path, 'bin', 'fsck.erofs') # 1. Decompress original_apex inside compressed apex. original_apex_file = common.MakeTempFile(prefix='original-apex-', @@ -438,7 +440,6 @@ def SignCompressedApex(avbtool, apex_file, payload_key, container_key, # Decompression target path should not exist os.remove(original_apex_file) common.RunAndCheckOutput(['deapexer', '--debugfs_path', debugfs_path, - '--fsckerofs_path', fsckerofs_path, 'decompress', '--input', apex_file, '--output', original_apex_file]) @@ -502,9 +503,7 @@ def SignApex(avbtool, apex_data, payload_key, container_key, container_pw, output_fp.write(apex_data) debugfs_path = os.path.join(OPTIONS.search_path, 'bin', 'debugfs_static') - fsckerofs_path = os.path.join(OPTIONS.search_path, 'bin', 'fsck.erofs') cmd = ['deapexer', '--debugfs_path', debugfs_path, - '--fsckerofs_path', fsckerofs_path, 'info', '--print-type', apex_file] try: @@ -577,10 +576,6 @@ def GetApexInfoFromTargetFiles(input_file, partition, compressed_only=True): if OPTIONS.search_path: debugfs_path = os.path.join(OPTIONS.search_path, "bin", "debugfs_static") - fsckerofs_path = "fsck.erofs" - if OPTIONS.search_path: - fsckerofs_path = os.path.join(OPTIONS.search_path, "bin", "fsck.erofs") - deapexer = 'deapexer' if OPTIONS.search_path: deapexer_path = os.path.join(OPTIONS.search_path, "bin", "deapexer") @@ -601,7 +596,6 @@ def GetApexInfoFromTargetFiles(input_file, partition, compressed_only=True): # Check if the file is compressed or not apex_type = RunAndCheckOutput([ deapexer, "--debugfs_path", debugfs_path, - "--fsckerofs_path", fsckerofs_path, 'info', '--print-type', apex_filepath]).rstrip() if apex_type == 'COMPRESSED': apex_info.is_compressed = True diff --git a/tools/releasetools/merge/merge_dexopt.py b/tools/releasetools/merge/merge_dexopt.py index 7bf9bd4b17..16182b5cbb 100644 --- a/tools/releasetools/merge/merge_dexopt.py +++ b/tools/releasetools/merge/merge_dexopt.py @@ -164,6 +164,10 @@ def MergeDexopt(temp_dir, output_target_files_dir): 'deapexer', '--debugfs_path', 'debugfs_static', + '--blkid_path', + 'blkid', + '--fsckerofs_path', + 'fsck.erofs', 'extract', apex, apex_extract_dir, diff --git a/tools/releasetools/sign_target_files_apks.py b/tools/releasetools/sign_target_files_apks.py index 6f96d8f6a6..837eaf9c1e 100755 --- a/tools/releasetools/sign_target_files_apks.py +++ b/tools/releasetools/sign_target_files_apks.py @@ -99,14 +99,14 @@ Usage: sign_target_files_apks [flags] input_target_files output_target_files The second dir will be used for lookup if BOARD_USES_RECOVERY_AS_BOOT is set to true. - --avb_{boot,recovery,system,system_other,vendor,dtbo,vbmeta,vbmeta_system, - vbmeta_vendor}_algorithm <algorithm> - --avb_{boot,recovery,system,system_other,vendor,dtbo,vbmeta,vbmeta_system, - vbmeta_vendor}_key <key> + --avb_{boot,init_boot,recovery,system,system_other,vendor,dtbo,vbmeta, + vbmeta_system,vbmeta_vendor}_algorithm <algorithm> + --avb_{boot,init_boot,recovery,system,system_other,vendor,dtbo,vbmeta, + vbmeta_system,vbmeta_vendor}_key <key> Use the specified algorithm (e.g. SHA256_RSA4096) and the key to AVB-sign the specified image. Otherwise it uses the existing values in info dict. - --avb_{apex,boot,recovery,system,system_other,vendor,dtbo,vbmeta, + --avb_{apex,init_boot,boot,recovery,system,system_other,vendor,dtbo,vbmeta, vbmeta_system,vbmeta_vendor}_extra_args <args> Specify any additional args that are needed to AVB-sign the image (e.g. "--signing_helper /path/to/helper"). The args will be appended to @@ -1427,6 +1427,12 @@ def main(argv): OPTIONS.avb_algorithms['dtbo'] = a elif o == "--avb_dtbo_extra_args": OPTIONS.avb_extra_args['dtbo'] = a + elif o == "--avb_init_boot_key": + OPTIONS.avb_keys['init_boot'] = a + elif o == "--avb_init_boot_algorithm": + OPTIONS.avb_algorithms['init_boot'] = a + elif o == "--avb_init_boot_extra_args": + OPTIONS.avb_extra_args['init_boot'] = a elif o == "--avb_recovery_key": OPTIONS.avb_keys['recovery'] = a elif o == "--avb_recovery_algorithm": @@ -1518,6 +1524,9 @@ def main(argv): "avb_dtbo_algorithm=", "avb_dtbo_key=", "avb_dtbo_extra_args=", + "avb_init_boot_algorithm=", + "avb_init_boot_key=", + "avb_init_boot_extra_args=", "avb_recovery_algorithm=", "avb_recovery_key=", "avb_recovery_extra_args=", |