diff options
-rw-r--r-- | core/OWNERS | 2 | ||||
-rw-r--r-- | core/build_id.mk | 2 | ||||
-rw-r--r-- | core/tasks/sts-lite.mk | 3 | ||||
-rw-r--r-- | core/tasks/tools/compatibility.mk | 1 | ||||
-rw-r--r-- | core/version_defaults.mk | 4 | ||||
-rw-r--r-- | target/product/module_common.mk | 5 | ||||
-rw-r--r-- | tools/releasetools/apex_utils.py | 26 | ||||
-rw-r--r-- | tools/releasetools/common.py | 20 | ||||
-rw-r--r-- | tools/releasetools/merge/merge_dexopt.py | 4 | ||||
-rwxr-xr-x | tools/releasetools/sign_target_files_apks.py | 21 |
10 files changed, 55 insertions, 33 deletions
diff --git a/core/OWNERS b/core/OWNERS index 8794434f7b..8d612e02d5 100644 --- a/core/OWNERS +++ b/core/OWNERS @@ -2,5 +2,5 @@ per-file dex_preopt*.mk = ngeoffray@google.com,calin@google.com,mathewi@google.c per-file verify_uses_libraries.sh = ngeoffray@google.com,calin@google.com,skvadrik@google.com # For version updates -per-file version_defaults.mk = aseaton@google.com,elisapascual@google.com,lubomir@google.com,pscovanner@google.com +per-file version_defaults.mk = aseaton@google.com,lubomir@google.com,pscovanner@google.com,bkhalife@google.com,jainne@google.com diff --git a/core/build_id.mk b/core/build_id.mk index 58f5ceb66b..6707398a8b 100644 --- a/core/build_id.mk +++ b/core/build_id.mk @@ -18,4 +18,4 @@ # (like "CRB01"). It must be a single word, and is # capitalized by convention. -BUILD_ID=331314000 +BUILD_ID=331910000 diff --git a/core/tasks/sts-lite.mk b/core/tasks/sts-lite.mk index dee25d4802..65c65c3dc6 100644 --- a/core/tasks/sts-lite.mk +++ b/core/tasks/sts-lite.mk @@ -29,7 +29,8 @@ $(sts_sdk_zip): $(MERGE_ZIPS) $(ZIP2ZIP) $(compatibility_zip) $(sts_sdk_samples) $(ZIP2ZIP) -i $(STS_LITE_ZIP) -o $(STS_LITE_ZIP)_filtered \ -x android-sts-lite/tools/sts-tradefed-tests.jar \ 'android-sts-lite/tools/*:sts-test/libs/' \ - 'android-sts-lite/testcases/*:sts-test/utils/' + 'android-sts-lite/testcases/*:sts-test/utils/' \ + 'android-sts-lite/jdk/**/*:sts-test/jdk/' $(MERGE_ZIPS) $@ $(STS_LITE_ZIP)_filtered $(STS_SDK_SAMPLES) rm -f $(STS_LITE_ZIP)_filtered diff --git a/core/tasks/tools/compatibility.mk b/core/tasks/tools/compatibility.mk index 4b8bd16c2e..cfae490c30 100644 --- a/core/tasks/tools/compatibility.mk +++ b/core/tasks/tools/compatibility.mk @@ -30,7 +30,6 @@ test_suite_subdir := android-$(test_suite_name) out_dir := $(HOST_OUT)/$(test_suite_name)/$(test_suite_subdir) test_artifacts := $(COMPATIBILITY.$(test_suite_name).FILES) test_tools := $(HOST_OUT_JAVA_LIBRARIES)/tradefed.jar \ - $(HOST_OUT_JAVA_LIBRARIES)/tradefed-no-fwk.jar \ $(HOST_OUT_JAVA_LIBRARIES)/tradefed-test-framework.jar \ $(HOST_OUT_JAVA_LIBRARIES)/loganalysis.jar \ $(HOST_OUT_JAVA_LIBRARIES)/compatibility-host-util.jar \ diff --git a/core/version_defaults.mk b/core/version_defaults.mk index c7aa309ffb..e54c2d7ea0 100644 --- a/core/version_defaults.mk +++ b/core/version_defaults.mk @@ -78,7 +78,7 @@ endif .KATI_READONLY := PLATFORM_SDK_VERSION # This is the sdk extension version of this tree. -PLATFORM_SDK_EXTENSION_VERSION := 5 +PLATFORM_SDK_EXTENSION_VERSION := 6 .KATI_READONLY := PLATFORM_SDK_EXTENSION_VERSION # This is the sdk extension version that PLATFORM_SDK_VERSION ships with. @@ -103,7 +103,7 @@ ifndef PLATFORM_SECURITY_PATCH # It must be of the form "YYYY-MM-DD" on production devices. # It must match one of the Android Security Patch Level strings of the Public Security Bulletins. # If there is no $PLATFORM_SECURITY_PATCH set, keep it empty. - PLATFORM_SECURITY_PATCH := 2022-12-01 + PLATFORM_SECURITY_PATCH := 2023-06-01 endif include $(BUILD_SYSTEM)/version_util.mk diff --git a/target/product/module_common.mk b/target/product/module_common.mk index 54f3949965..ec670ee4c9 100644 --- a/target/product/module_common.mk +++ b/target/product/module_common.mk @@ -25,3 +25,8 @@ PRODUCT_SHIPPING_API_LEVEL := 29 # Builds using a module product should build modules from source, even if # BRANCH_DEFAULT_MODULE_BUILD_FROM_SOURCE says otherwise. PRODUCT_MODULE_BUILD_FROM_SOURCE := true + +# Build sdk from source if the branch is not using slim manifests. +ifneq (,$(strip $(wildcard frameworks/base/Android.bp))) + UNBUNDLED_BUILD_SDKS_FROM_SOURCE := true +endif diff --git a/tools/releasetools/apex_utils.py b/tools/releasetools/apex_utils.py index fbe90abace..c3f7203b60 100644 --- a/tools/releasetools/apex_utils.py +++ b/tools/releasetools/apex_utils.py @@ -65,6 +65,8 @@ class ApexApkSigner(object): OPTIONS.search_path, "bin", "debugfs_static") self.fsckerofs_path = os.path.join( OPTIONS.search_path, "bin", "fsck.erofs") + self.blkid_path = os.path.join( + OPTIONS.search_path, "bin", "blkid_static") self.avbtool = avbtool if avbtool else "avbtool" self.sign_tool = sign_tool @@ -82,13 +84,8 @@ class ApexApkSigner(object): "Couldn't find location of debugfs_static: " + "Path {} does not exist. ".format(self.debugfs_path) + "Make sure bin/debugfs_static can be found in -p <path>") - if not os.path.exists(self.fsckerofs_path): - raise ApexSigningError( - "Couldn't find location of fsck.erofs: " + - "Path {} does not exist. ".format(self.fsckerofs_path) + - "Make sure bin/fsck.erofs can be found in -p <path>") list_cmd = ['deapexer', '--debugfs_path', self.debugfs_path, - '--fsckerofs_path', self.fsckerofs_path, 'list', self.apex_path] + 'list', self.apex_path] entries_names = common.RunAndCheckOutput(list_cmd).split() apk_entries = [name for name in entries_names if name.endswith('.apk')] @@ -128,9 +125,15 @@ class ApexApkSigner(object): "Couldn't find location of fsck.erofs: " + "Path {} does not exist. ".format(self.fsckerofs_path) + "Make sure bin/fsck.erofs can be found in -p <path>") + if not os.path.exists(self.blkid_path): + raise ApexSigningError( + "Couldn't find location of blkid: " + + "Path {} does not exist. ".format(self.blkid_path) + + "Make sure bin/blkid can be found in -p <path>") payload_dir = common.MakeTempDir() extract_cmd = ['deapexer', '--debugfs_path', self.debugfs_path, - '--fsckerofs_path', self.fsckerofs_path, 'extract', + '--fsckerofs_path', self.fsckerofs_path, + '--blkid_path', self.blkid_path, 'extract', self.apex_path, payload_dir] common.RunAndCheckOutput(extract_cmd) @@ -430,7 +433,6 @@ def SignCompressedApex(avbtool, apex_file, payload_key, container_key, The path to the signed APEX file. """ debugfs_path = os.path.join(OPTIONS.search_path, 'bin', 'debugfs_static') - fsckerofs_path = os.path.join(OPTIONS.search_path, 'bin', 'fsck.erofs') # 1. Decompress original_apex inside compressed apex. original_apex_file = common.MakeTempFile(prefix='original-apex-', @@ -438,7 +440,6 @@ def SignCompressedApex(avbtool, apex_file, payload_key, container_key, # Decompression target path should not exist os.remove(original_apex_file) common.RunAndCheckOutput(['deapexer', '--debugfs_path', debugfs_path, - '--fsckerofs_path', fsckerofs_path, 'decompress', '--input', apex_file, '--output', original_apex_file]) @@ -502,9 +503,7 @@ def SignApex(avbtool, apex_data, payload_key, container_key, container_pw, output_fp.write(apex_data) debugfs_path = os.path.join(OPTIONS.search_path, 'bin', 'debugfs_static') - fsckerofs_path = os.path.join(OPTIONS.search_path, 'bin', 'fsck.erofs') cmd = ['deapexer', '--debugfs_path', debugfs_path, - '--fsckerofs_path', fsckerofs_path, 'info', '--print-type', apex_file] try: @@ -577,10 +576,6 @@ def GetApexInfoFromTargetFiles(input_file, partition, compressed_only=True): if OPTIONS.search_path: debugfs_path = os.path.join(OPTIONS.search_path, "bin", "debugfs_static") - fsckerofs_path = "fsck.erofs" - if OPTIONS.search_path: - fsckerofs_path = os.path.join(OPTIONS.search_path, "bin", "fsck.erofs") - deapexer = 'deapexer' if OPTIONS.search_path: deapexer_path = os.path.join(OPTIONS.search_path, "bin", "deapexer") @@ -601,7 +596,6 @@ def GetApexInfoFromTargetFiles(input_file, partition, compressed_only=True): # Check if the file is compressed or not apex_type = RunAndCheckOutput([ deapexer, "--debugfs_path", debugfs_path, - "--fsckerofs_path", fsckerofs_path, 'info', '--print-type', apex_filepath]).rstrip() if apex_type == 'COMPRESSED': apex_info.is_compressed = True diff --git a/tools/releasetools/common.py b/tools/releasetools/common.py index 418d8daa85..ec49b0d36f 100644 --- a/tools/releasetools/common.py +++ b/tools/releasetools/common.py @@ -2309,12 +2309,22 @@ def GetMinSdkVersionInt(apk_name, codename_to_api_level_map): try: return int(version) except ValueError: - # Not a decimal number. Codename? - if version in codename_to_api_level_map: - return codename_to_api_level_map[version] + # Not a decimal number. + # + # It could be either a straight codename, e.g. + # UpsideDownCake + # + # Or a codename with API fingerprint SHA, e.g. + # UpsideDownCake.e7d3947f14eb9dc4fec25ff6c5f8563e + # + # Extract the codename and try and map it to a version number. + split = version.split(".") + codename = split[0] + if codename in codename_to_api_level_map: + return codename_to_api_level_map[codename] raise ExternalError( - "Unknown minSdkVersion: '{}'. Known codenames: {}".format( - version, codename_to_api_level_map)) + "Unknown codename: '{}' from minSdkVersion: '{}'. Known codenames: {}".format( + codename, version, codename_to_api_level_map)) def SignFile(input_name, output_name, key, password, min_api_level=None, diff --git a/tools/releasetools/merge/merge_dexopt.py b/tools/releasetools/merge/merge_dexopt.py index 7bf9bd4b17..16182b5cbb 100644 --- a/tools/releasetools/merge/merge_dexopt.py +++ b/tools/releasetools/merge/merge_dexopt.py @@ -164,6 +164,10 @@ def MergeDexopt(temp_dir, output_target_files_dir): 'deapexer', '--debugfs_path', 'debugfs_static', + '--blkid_path', + 'blkid', + '--fsckerofs_path', + 'fsck.erofs', 'extract', apex, apex_extract_dir, diff --git a/tools/releasetools/sign_target_files_apks.py b/tools/releasetools/sign_target_files_apks.py index 6f96d8f6a6..09d0b10a42 100755 --- a/tools/releasetools/sign_target_files_apks.py +++ b/tools/releasetools/sign_target_files_apks.py @@ -99,14 +99,14 @@ Usage: sign_target_files_apks [flags] input_target_files output_target_files The second dir will be used for lookup if BOARD_USES_RECOVERY_AS_BOOT is set to true. - --avb_{boot,recovery,system,system_other,vendor,dtbo,vbmeta,vbmeta_system, - vbmeta_vendor}_algorithm <algorithm> - --avb_{boot,recovery,system,system_other,vendor,dtbo,vbmeta,vbmeta_system, - vbmeta_vendor}_key <key> + --avb_{boot,init_boot,recovery,system,system_other,vendor,dtbo,vbmeta, + vbmeta_system,vbmeta_vendor}_algorithm <algorithm> + --avb_{boot,init_boot,recovery,system,system_other,vendor,dtbo,vbmeta, + vbmeta_system,vbmeta_vendor}_key <key> Use the specified algorithm (e.g. SHA256_RSA4096) and the key to AVB-sign the specified image. Otherwise it uses the existing values in info dict. - --avb_{apex,boot,recovery,system,system_other,vendor,dtbo,vbmeta, + --avb_{apex,init_boot,boot,recovery,system,system_other,vendor,dtbo,vbmeta, vbmeta_system,vbmeta_vendor}_extra_args <args> Specify any additional args that are needed to AVB-sign the image (e.g. "--signing_helper /path/to/helper"). The args will be appended to @@ -1032,7 +1032,7 @@ def ReplaceVerityKeyId(input_zip, output_zip, key_path): keyid, stderr = p.communicate() assert p.returncode == 0, "Failed to dump certificate: {}".format(stderr) keyid = re.search( - r'keyid:([0-9a-fA-F:]*)', keyid).group(1).replace(':', '').lower() + r'Authority Key Identifier:\s*(?:keyid:)?([0-9a-fA-F:]*)', keyid).group(1).replace(':', '').lower() print("Replacing verity keyid with {}".format(keyid)) out_buffer.append("veritykeyid=id:%s" % (keyid,)) @@ -1427,6 +1427,12 @@ def main(argv): OPTIONS.avb_algorithms['dtbo'] = a elif o == "--avb_dtbo_extra_args": OPTIONS.avb_extra_args['dtbo'] = a + elif o == "--avb_init_boot_key": + OPTIONS.avb_keys['init_boot'] = a + elif o == "--avb_init_boot_algorithm": + OPTIONS.avb_algorithms['init_boot'] = a + elif o == "--avb_init_boot_extra_args": + OPTIONS.avb_extra_args['init_boot'] = a elif o == "--avb_recovery_key": OPTIONS.avb_keys['recovery'] = a elif o == "--avb_recovery_algorithm": @@ -1518,6 +1524,9 @@ def main(argv): "avb_dtbo_algorithm=", "avb_dtbo_key=", "avb_dtbo_extra_args=", + "avb_init_boot_algorithm=", + "avb_init_boot_key=", + "avb_init_boot_extra_args=", "avb_recovery_algorithm=", "avb_recovery_key=", "avb_recovery_extra_args=", |