| author | Thomas Joseph Avila <tavila@google.com> | 2020-03-04 18:33:55 (GMT) |
|---|---|---|
| committer | Thomas Joseph Avila <tavila@google.com> | 2020-03-04 18:33:55 (GMT) |
| commit | aab0dc87f2ab7c9bc7062cece6a774591e4dd962 (patch) | |
| tree | 6e1f43b947597b4cd41f082cfdcb68f17d44e050 | |
| parent | bc870881c78abbc1208082df6e1a9f70aec20dd1 (diff) | |
| parent | 8fc34ab83723c215d5e6b35109ed282b88101d3f (diff) | |
| download | common-aab0dc87f2ab7c9bc7062cece6a774591e4dd962.zip common-aab0dc87f2ab7c9bc7062cece6a774591e4dd962.tar.gz common-aab0dc87f2ab7c9bc7062cece6a774591e4dd962.tar.bz2 | |
DO NOT MERGE Merge partner-master-tv-dev to r-tv-dev
28 files changed, 443 insertions, 734 deletions
diff --git a/Android.bp b/Android.bp new file mode 100644 index 0000000..76fe1f6 --- a/dev/null +++ b/Android.bp @@ -0,0 +1,5 @@ +soong_namespace { + imports: [ + "vendor/amlogic/common", + ], +} @@ -32,7 +32,6 @@ PRODUCT_PACKAGES += \ libhpeqwrapper \ libsrswrapper \ libtreblebasswrapper \ - libvirtualsurround \ #PRODUCT_COPY_FILES += \ # $(TARGET_PRODUCT_DIR)/audio_policy.conf:$(TARGET_COPY_OUT_VENDOR)/etc/audio_policy.conf \ diff --git a/audio/audio_effects.xml b/audio/audio_effects.xml index 5d71e99..c87e343 100644 --- a/audio/audio_effects.xml +++ b/audio/audio_effects.xml @@ -14,7 +14,6 @@ <library name="balance" path="libbalance.so"/> <library name="srs" path="libsrswrapper.so"/> <library name="treblebass" path="libtreblebasswrapper.so"/> - <library name="virtualsurround" path="libvirtualsurround.so"/> </libraries> <effects> <effect name="bassboost" library="bundle" uuid="8631f300-72e2-11df-b57e-0002a5d5c51b"/> diff --git a/core_amlogic.mk b/core_amlogic.mk index 860a007..17d10cd 100755 --- a/core_amlogic.mk +++ b/core_amlogic.mk @@ -56,6 +56,9 @@ PRODUCT_PROPERTY_OVERRIDES += \ endif +PRODUCT_HOST_PACKAGES += \ + imgdiff + ifeq ($(TARGET_BUILD_GOOGLE_ATV), true) $(call inherit-product, device/google/atv/products/atv_base.mk) else @@ -385,7 +388,8 @@ PRODUCT_PACKAGES += \ # HW Composer PRODUCT_PACKAGES += \ - android.hardware.graphics.composer@2.3-service.droidlogic + android.hardware.graphics.composer@2.3-impl \ + android.hardware.graphics.composer@2.3-service # dumpstate binderized PRODUCT_PACKAGES += \ @@ -442,8 +446,8 @@ PRODUCT_PACKAGES += \ PRODUCT_COPY_FILES += \ device/amlogic/common/thermal_info_config.json:$(TARGET_COPY_OUT_VENDOR)/etc/thermal_info_config.json -PRODUCT_PACKAGES += \ - android.hardware.cas@1.1-service +#PRODUCT_PACKAGES += \ +# android.hardware.cas@1.2-service #bt audio hal PRODUCT_PACKAGES += \ diff --git a/factory.mk b/factory.mk index 079050f..f768698 100755..100644 --- a/factory.mk +++ b/factory.mk @@ -708,6 +708,8 @@ ifeq ($(PRODUCT_USE_DYNAMIC_PARTITIONS), true) endif droidcore: $(INSTALLED_MANIFEST_XML) +otapackage: otatools-package + ifneq ($(BUILD_AMLOGIC_FACTORY_ZIP), false) droidcore: $(INSTALLED_AML_UPGRADE_PACKAGE_TARGET) $(INSTALLED_AML_FASTBOOT_ZIP) otapackage: $(INSTALLED_AML_UPGRADE_PACKAGE_TARGET) $(INSTALLED_MANIFEST_XML) $(INSTALLED_AML_FASTBOOT_ZIP) diff --git a/flash-all-dynamic-P2Q.bat b/flash-all-dynamic-P2Q.bat index f588f12..d1720bc 100755 --- a/flash-all-dynamic-P2Q.bat +++ b/flash-all-dynamic-P2Q.bat @@ -30,7 +30,6 @@ fastboot flashing unlock fastboot -w fastboot erase param fastboot erase tee -fastboot erase misc fastboot flash vbmeta vbmeta.img fastboot flash logo logo.img fastboot flash boot boot.img diff --git a/flash-all-dynamic-P2Q.sh b/flash-all-dynamic-P2Q.sh index 49fab80..9cc739c 100755 --- a/flash-all-dynamic-P2Q.sh +++ b/flash-all-dynamic-P2Q.sh @@ -66,7 +66,6 @@ fastboot $sern flashing unlock fastboot $sern -w fastboot $sern erase param fastboot $sern erase tee -fastboot $sern erase misc flash_with_retry vbmeta vbmeta.img flash_with_retry logo logo.img diff --git a/hidl_manifests/manifest_cas.xml b/hidl_manifests/manifest_cas.xml index 9009017..68155c8 100755 --- a/hidl_manifests/manifest_cas.xml +++ b/hidl_manifests/manifest_cas.xml @@ -2,7 +2,7 @@ <hal format="hidl" optional="true"> <name>android.hardware.cas</name> <transport>hwbinder</transport> - <version>1.0</version> + <version>1.1-2</version> <interface> <name>IMediaCasService</name> <instance>default</instance> diff --git a/hidl_manifests/manifest_common.xml b/hidl_manifests/manifest_common.xml index 3ff4c7a..e427fad 100755 --- a/hidl_manifests/manifest_common.xml +++ b/hidl_manifests/manifest_common.xml @@ -27,33 +27,6 @@ </interface> </hal> <hal format="hidl"> - <name>android.hardware.wifi</name> - <transport>hwbinder</transport> - <version>1.3</version> - <interface> - <name>IWifi</name> - <instance>default</instance> - </interface> - </hal> - <hal format="hidl"> - <name>android.hardware.wifi.hostapd</name> - <transport>hwbinder</transport> - <version>1.1</version> - <interface> - <name>IHostapd</name> - <instance>default</instance> - </interface> - </hal> - <hal format="hidl"> - <name>android.hardware.wifi.supplicant</name> - <transport>hwbinder</transport> - <version>1.2</version> - <interface> - <name>ISupplicant</name> - <instance>default</instance> - </interface> - </hal> - <hal format="hidl"> <name>android.hardware.power</name> <transport>hwbinder</transport> <version>1.0</version> @@ -166,6 +139,15 @@ <fqname>@1.2::ICryptoFactory/widevine</fqname> <fqname>@1.2::IDrmFactory/widevine</fqname> </hal> + <hal format="hidl"> + <name>android.hardware.graphics.composer</name> + <transport>hwbinder</transport> + <version>2.3</version> + <interface> + <name>IComposer</name> + <instance>default</instance> + </interface> + </hal> <hal> <name>android.hardware.tv.cec</name> <transport>hwbinder</transport> @@ -247,7 +229,4 @@ <instance>default</instance> </interface> </hal> - <sepolicy> - <version>27.0</version> - </sepolicy> </manifest> diff --git a/ota_amlogic.py b/ota_amlogic.py index de5ccf6..274fefa 100755 --- a/ota_amlogic.py +++ b/ota_amlogic.py @@ -38,8 +38,8 @@ Common options that apply to both of non-A/B and A/B OTAs -k (--package_key) <key> Key to use to sign the package (default is the value of default_system_dev_certificate from the input target-files's - META/misc_info.txt, or "build/target/product/security/testkey" if that - value is not specified). + META/misc_info.txt, or "build/make/target/product/security/testkey" if + that value is not specified). For incremental OTAs, the default value is based on the source target-file, not the target build. @@ -72,7 +72,7 @@ Common options that apply to both of non-A/B and A/B OTAs --skip_postinstall is implied. --skip_compatibility_check - Skip adding the compatibility package to the generated OTA package. + Skip checking compatibility of the input target files package. --output_metadata_path Write a copy of the metadata to a separate file. Therefore, users can @@ -139,6 +139,9 @@ Non-A/B OTA specific options A/B OTA specific options + --disable_fec_computation + Disable the on device FEC data computation for incremental updates. + --include_secondary Additionally include the payload for secondary slot images (default: False). Only meaningful when generating A/B OTAs. @@ -168,8 +171,16 @@ A/B OTA specific options --payload_signer_args <args> Specify the arguments needed for payload signer. + --payload_signer_maximum_signature_size <signature_size> + The maximum signature size (in bytes) that would be generated by the given + payload signer. Only meaningful when custom payload signer is specified + via '--payload_signer'. + If the signer uses a RSA key, this should be the number of bytes to + represent the modulus. If it uses an EC key, this is the size of a + DER-encoded ECDSA signature. + --payload_signer_key_size <key_size> - Specify the key size in bytes of the payload signer. + Deprecated. Use the '--payload_signer_maximum_signature_size' instead. --skip_postinstall Skip the postinstall hooks when generating an A/B OTA package (default: @@ -181,6 +192,7 @@ A/B OTA specific options from __future__ import print_function +import collections import logging import multiprocessing import os.path @@ -193,6 +205,7 @@ import zipfile import sys sys.path.append('build/make/tools/releasetools') +import check_target_files_vintf import common import edify_generator import verity_utils @@ -229,230 +242,31 @@ OPTIONS.stash_threshold = 0.8 OPTIONS.log_diff = None OPTIONS.payload_signer = None OPTIONS.payload_signer_args = [] -OPTIONS.payload_signer_key_size = None +OPTIONS.payload_signer_maximum_signature_size = None OPTIONS.extracted_input = None OPTIONS.key_passwords = [] OPTIONS.skip_postinstall = False OPTIONS.retrofit_dynamic_partitions = False OPTIONS.skip_compatibility_check = False OPTIONS.output_metadata_path = None +OPTIONS.disable_fec_computation = False METADATA_NAME = 'META-INF/com/android/metadata' POSTINSTALL_CONFIG = 'META/postinstall_config.txt' DYNAMIC_PARTITION_INFO = 'META/dynamic_partitions_info.txt' AB_PARTITIONS = 'META/ab_partitions.txt' -UNZIP_PATTERN = ['IMAGES/*', 'META/*', 'RADIO/*'] +UNZIP_PATTERN = ['IMAGES/*', 'META/*', 'OTA/*', 'RADIO/*'] +# Files to be unzipped for target diffing purpose. +TARGET_DIFFING_UNZIP_PATTERN = ['BOOT', 'RECOVERY', 'SYSTEM/*', 'VENDOR/*', + 'PRODUCT/*', 'SYSTEM_EXT/*', 'ODM/*'] RETROFIT_DAP_UNZIP_PATTERN = ['OTA/super_*.img', AB_PARTITIONS] - -class BuildInfo(object): - """A class that holds the information for a given build. - - This class wraps up the property querying for a given source or target build. - It abstracts away the logic of handling OEM-specific properties, and caches - the commonly used properties such as fingerprint. - - There are two types of info dicts: a) build-time info dict, which is generated - at build time (i.e. included in a target_files zip); b) OEM info dict that is - specified at package generation time (via command line argument - '--oem_settings'). If a build doesn't use OEM-specific properties (i.e. not - having "oem_fingerprint_properties" in build-time info dict), all the queries - would be answered based on build-time info dict only. Otherwise if using - OEM-specific properties, some of them will be calculated from two info dicts. - - Users can query properties similarly as using a dict() (e.g. info['fstab']), - or to query build properties via GetBuildProp() or GetVendorBuildProp(). - - Attributes: - info_dict: The build-time info dict. - is_ab: Whether it's a build that uses A/B OTA. - oem_dicts: A list of OEM dicts. - oem_props: A list of OEM properties that should be read from OEM dicts; None - if the build doesn't use any OEM-specific property. - fingerprint: The fingerprint of the build, which would be calculated based - on OEM properties if applicable. - device: The device name, which could come from OEM dicts if applicable. - """ - - _RO_PRODUCT_RESOLVE_PROPS = ["ro.product.brand", "ro.product.device", - "ro.product.manufacturer", "ro.product.model", - "ro.product.name"] - _RO_PRODUCT_PROPS_DEFAULT_SOURCE_ORDER = ["product", "product_services", - "odm", "vendor", "system"] - - def __init__(self, info_dict, oem_dicts): - """Initializes a BuildInfo instance with the given dicts. - - Note that it only wraps up the given dicts, without making copies. - - Arguments: - info_dict: The build-time info dict. - oem_dicts: A list of OEM dicts (which is parsed from --oem_settings). Note - that it always uses the first dict to calculate the fingerprint or the - device name. The rest would be used for asserting OEM properties only - (e.g. one package can be installed on one of these devices). - """ - self.info_dict = info_dict - self.oem_dicts = oem_dicts - - self._is_ab = info_dict.get("ab_update") == "true" - self._oem_props = info_dict.get("oem_fingerprint_properties") - - if self._oem_props: - assert oem_dicts, "OEM source required for this build" - - # These two should be computed only after setting self._oem_props. - self._device = self.GetOemProperty("ro.product.device") - self._fingerprint = self.CalculateFingerprint() - - @property - def is_ab(self): - return self._is_ab - - @property - def device(self): - return self._device - - @property - def fingerprint(self): - return self._fingerprint - - @property - def vendor_fingerprint(self): - return self._fingerprint_of("vendor") - - @property - def product_fingerprint(self): - return self._fingerprint_of("product") - - @property - def odm_fingerprint(self): - return self._fingerprint_of("odm") - - def _fingerprint_of(self, partition): - if partition + ".build.prop" not in self.info_dict: - return None - build_prop = self.info_dict[partition + ".build.prop"] - if "ro." + partition + ".build.fingerprint" in build_prop: - return build_prop["ro." + partition + ".build.fingerprint"] - if "ro." + partition + ".build.thumbprint" in build_prop: - return build_prop["ro." + partition + ".build.thumbprint"] - return None - - @property - def oem_props(self): - return self._oem_props - - def __getitem__(self, key): - return self.info_dict[key] - - def __setitem__(self, key, value): - self.info_dict[key] = value - - def get(self, key, default=None): - return self.info_dict.get(key, default) - - def items(self): - return self.info_dict.items() - - def GetBuildProp(self, prop): - """Returns the inquired build property.""" - if prop in BuildInfo._RO_PRODUCT_RESOLVE_PROPS: - return self._ResolveRoProductBuildProp(prop) - - try: - return self.info_dict.get("build.prop", {})[prop] - except KeyError: - raise common.ExternalError("couldn't find %s in build.prop" % (prop,)) - - def _ResolveRoProductBuildProp(self, prop): - """Resolves the inquired ro.product.* build property""" - prop_val = self.info_dict.get("build.prop", {}).get(prop) - if prop_val: - return prop_val - - source_order_val = self.info_dict.get("build.prop", {}).get( - "ro.product.property_source_order") - if source_order_val: - source_order = source_order_val.split(",") - else: - source_order = BuildInfo._RO_PRODUCT_PROPS_DEFAULT_SOURCE_ORDER - - # Check that all sources in ro.product.property_source_order are valid - if any([x not in BuildInfo._RO_PRODUCT_PROPS_DEFAULT_SOURCE_ORDER - for x in source_order]): - raise common.ExternalError( - "Invalid ro.product.property_source_order '{}'".format(source_order)) - - for source in source_order: - source_prop = prop.replace("ro.product", "ro.product.{}".format(source), - 1) - prop_val = self.info_dict.get("{}.build.prop".format(source), {}).get( - source_prop) - if prop_val: - return prop_val - - raise common.ExternalError("couldn't resolve {}".format(prop)) - - def GetVendorBuildProp(self, prop): - """Returns the inquired vendor build property.""" - try: - return self.info_dict.get("vendor.build.prop", {})[prop] - except KeyError: - raise common.ExternalError( - "couldn't find %s in vendor.build.prop" % (prop,)) - - def GetOemProperty(self, key): - if self.oem_props is not None and key in self.oem_props: - return self.oem_dicts[0][key] - return self.GetBuildProp(key) - - def CalculateFingerprint(self): - if self.oem_props is None: - try: - return self.GetBuildProp("ro.build.fingerprint") - except common.ExternalError: - return "{}/{}/{}:{}/{}/{}:{}/{}".format( - self.GetBuildProp("ro.product.brand"), - self.GetBuildProp("ro.product.name"), - self.GetBuildProp("ro.product.device"), - self.GetBuildProp("ro.build.version.release"), - self.GetBuildProp("ro.build.id"), - self.GetBuildProp("ro.build.version.incremental"), - self.GetBuildProp("ro.build.type"), - self.GetBuildProp("ro.build.tags")) - return "%s/%s/%s:%s" % ( - self.GetOemProperty("ro.product.brand"), - self.GetOemProperty("ro.product.name"), - self.GetOemProperty("ro.product.device"), - self.GetBuildProp("ro.build.thumbprint")) - - def WriteMountOemScript(self, script): - assert self.oem_props is not None - recovery_mount_options = self.info_dict.get("recovery_mount_options") - script.Mount("/oem", recovery_mount_options) - - def WriteDeviceAssertions(self, script, oem_no_mount): - # Read the property directly if not using OEM properties. - if not self.oem_props: - script.AssertDevice(self.device) - return - - # Otherwise assert OEM properties. - if not self.oem_dicts: - raise common.ExternalError( - "No OEM file provided to answer expected assertions") - - for prop in self.oem_props.split(): - values = [] - for oem_dict in self.oem_dicts: - if prop in oem_dict: - values.append(oem_dict[prop]) - if not values: - raise common.ExternalError( - "The OEM file is missing the property %s" % (prop,)) - script.AssertOemProperty(prop, values, oem_no_mount) +# Images to be excluded from secondary payload. We essentially only keep +# 'system_other' and bootloader partitions. +SECONDARY_PAYLOAD_SKIPPED_IMAGES = [ + 'boot', 'dtbo', 'modem', 'odm', 'product', 'radio', 'recovery', + 'system_ext', 'vbmeta', 'vbmeta_system', 'vbmeta_vendor', 'vendor'] class PayloadSigner(object): @@ -485,35 +299,31 @@ class PayloadSigner(object): self.signer = "openssl" self.signer_args = ["pkeyutl", "-sign", "-inkey", signing_key, "-pkeyopt", "digest:sha256"] - self.key_size = self._GetKeySizeInBytes(signing_key) + self.maximum_signature_size = self._GetMaximumSignatureSizeInBytes( + signing_key) else: self.signer = OPTIONS.payload_signer self.signer_args = OPTIONS.payload_signer_args - if OPTIONS.payload_signer_key_size: - self.key_size = int(OPTIONS.payload_signer_key_size) - assert self.key_size == 256 or self.key_size == 512, \ - "Unsupported key size {}".format(OPTIONS.payload_signer_key_size) + if OPTIONS.payload_signer_maximum_signature_size: + self.maximum_signature_size = int( + OPTIONS.payload_signer_maximum_signature_size) else: - self.key_size = 256 + # The legacy config uses RSA2048 keys. + logger.warning("The maximum signature size for payload signer is not" + " set, default to 256 bytes.") + self.maximum_signature_size = 256 @staticmethod - def _GetKeySizeInBytes(signing_key): - modulus_file = common.MakeTempFile(prefix="modulus-") - cmd = ["openssl", "rsa", "-inform", "PEM", "-in", signing_key, "-modulus", - "-noout", "-out", modulus_file] - common.RunAndCheckOutput(cmd, verbose=False) - - with open(modulus_file) as f: - modulus_string = f.read() - # The modulus string has the format "Modulus=$data", where $data is the - # concatenation of hex dump of the modulus. - MODULUS_PREFIX = "Modulus=" - assert modulus_string.startswith(MODULUS_PREFIX) - modulus_string = modulus_string[len(MODULUS_PREFIX):] - key_size = len(modulus_string) / 2 - assert key_size == 256 or key_size == 512, \ - "Unsupported key size {}".format(key_size) - return key_size + def _GetMaximumSignatureSizeInBytes(signing_key): + out_signature_size_file = common.MakeTempFile("signature_size") + cmd = ["delta_generator", "--out_maximum_signature_size_file={}".format( + out_signature_size_file), "--private_key={}".format(signing_key)] + common.RunAndCheckOutput(cmd) + with open(out_signature_size_file) as f: + signature_size = f.read().rstrip() + logger.info("% outputs the maximum signature size: %", cmd[0], + signature_size) + return int(signature_size) def Sign(self, in_file): """Signs the given input file. Returns the output filename.""" @@ -541,6 +351,15 @@ class Payload(object): self.payload_properties = None self.secondary = secondary + def _Run(self, cmd): # pylint: disable=no-self-use + # Don't pipe (buffer) the output if verbose is set. Let + # brillo_update_payload write to stdout/stderr directly, so its progress can + # be monitored. + if OPTIONS.verbose: + common.RunAndCheckOutput(cmd, stdout=None, stderr=None) + else: + common.RunAndCheckOutput(cmd) + def Generate(self, target_file, source_file=None, additional_args=None): """Generates a payload from the given target-files zip(s). @@ -560,8 +379,10 @@ class Payload(object): "--target_image", target_file] if source_file is not None: cmd.extend(["--source_image", source_file]) + if OPTIONS.disable_fec_computation: + cmd.extend(["--disable_fec_computation", "true"]) cmd.extend(additional_args) - common.RunAndCheckOutput(cmd) + self._Run(cmd) self.payload_file = payload_file self.payload_properties = None @@ -582,10 +403,10 @@ class Payload(object): metadata_sig_file = common.MakeTempFile(prefix="sig-", suffix=".bin") cmd = ["brillo_update_payload", "hash", "--unsigned_payload", self.payload_file, - "--signature_size", str(payload_signer.key_size), + "--signature_size", str(payload_signer.maximum_signature_size), "--metadata_hash_file", metadata_sig_file, "--payload_hash_file", payload_sig_file] - common.RunAndCheckOutput(cmd) + self._Run(cmd) # 2. Sign the hashes. signed_payload_sig_file = payload_signer.Sign(payload_sig_file) @@ -597,10 +418,10 @@ class Payload(object): cmd = ["brillo_update_payload", "sign", "--unsigned_payload", self.payload_file, "--payload", signed_payload_file, - "--signature_size", str(payload_signer.key_size), + "--signature_size", str(payload_signer.maximum_signature_size), "--metadata_signature_file", signed_metadata_sig_file, "--payload_signature_file", signed_payload_sig_file] - common.RunAndCheckOutput(cmd) + self._Run(cmd) # 4. Dump the signed payload properties. properties_file = common.MakeTempFile(prefix="payload-properties-", @@ -608,7 +429,7 @@ class Payload(object): cmd = ["brillo_update_payload", "properties", "--payload", signed_payload_file, "--properties_file", properties_file] - common.RunAndCheckOutput(cmd) + self._Run(cmd) if self.secondary: with open(properties_file, "a") as f: @@ -683,13 +504,12 @@ def _WriteRecoveryImageToBoot(script, output_zip): recovery_two_step_img_name = "recovery-two-step.img" recovery_two_step_img_path = os.path.join( - OPTIONS.input_tmp, "IMAGES", recovery_two_step_img_name) + OPTIONS.input_tmp, "OTA", recovery_two_step_img_name) if os.path.exists(recovery_two_step_img_path): - recovery_two_step_img = common.GetBootableImage( - recovery_two_step_img_name, recovery_two_step_img_name, - OPTIONS.input_tmp, "RECOVERY") - common.ZipWriteStr( - output_zip, recovery_two_step_img_name, recovery_two_step_img.data) + common.ZipWrite( + output_zip, + recovery_two_step_img_path, + arcname=recovery_two_step_img_name) logger.info( "two-step package: using %s in stage 1/3", recovery_two_step_img_name) script.WriteRawImage("/boot", recovery_two_step_img_name) @@ -699,10 +519,19 @@ def _WriteRecoveryImageToBoot(script, output_zip): script.WriteRawImage("/boot", "recovery.img") -def HasRecoveryPatch(target_files_zip): +def HasRecoveryPatch(target_files_zip, info_dict): + board_uses_vendorimage = info_dict.get("board_uses_vendorimage") == "true" + + if board_uses_vendorimage: + target_files_dir = "VENDOR" + else: + target_files_dir = "SYSTEM/vendor" + + patch = "%s/recovery-from-boot.p" % target_files_dir + img = "%s/etc/recovery.img" %target_files_dir + namelist = [name for name in target_files_zip.namelist()] - return ("SYSTEM/recovery-from-boot.p" in namelist or - "SYSTEM/etc/recovery.img" in namelist) + return (patch in namelist or img in namelist) def HasPartition(target_files_zip, partition): @@ -713,35 +542,17 @@ def HasPartition(target_files_zip, partition): return False -def HasVendorPartition(target_files_zip): - return HasPartition(target_files_zip, "vendor") +def HasTrebleEnabled(target_files, target_info): + def HasVendorPartition(target_files): + if os.path.isdir(target_files): + return os.path.isdir(os.path.join(target_files, "VENDOR")) + if zipfile.is_zipfile(target_files): + return HasPartition(zipfile.ZipFile(target_files), "vendor") + raise ValueError("Unknown target_files argument") - -def HasProductPartition(target_files_zip): - return HasPartition(target_files_zip, "product") - - -def HasOdmPartition(target_files_zip): - return HasPartition(target_files_zip, "odm") - - -def HasTrebleEnabled(target_files_zip, target_info): - return (HasVendorPartition(target_files_zip) and + return (HasVendorPartition(target_files) and target_info.GetBuildProp("ro.treble.enabled") == "true") -def ZipOtherImage(which, tmpdir, output): - """Returns an image object from IMAGES. - - 'which' partition eg "logo", "dtb". A prebuilt image and file - map must already exist in tmpdir. - """ - - amlogic_img_path = os.path.join(tmpdir, "IMAGES", which + ".img") - if os.path.exists(amlogic_img_path): - f = open(amlogic_img_path, "rb") - data = f.read() - f.close() - common.ZipWriteStr(output, which + ".img", data) def WriteFingerprintAssertion(script, target_info, source_info): source_oem_props = source_info.oem_props @@ -764,74 +575,23 @@ def WriteFingerprintAssertion(script, target_info, source_info): source_info.GetBuildProp("ro.build.thumbprint")) -def AddCompatibilityArchiveIfTrebleEnabled(target_zip, output_zip, target_info, - source_info=None): - """Adds compatibility info into the output zip if it's Treble-enabled target. +def CheckVintfIfTrebleEnabled(target_files, target_info): + """Checks compatibility info of the input target files. - Metadata used for on-device compatibility verification is retrieved from - target_zip then added to compatibility.zip which is added to the output_zip - archive. + Metadata used for compatibility verification is retrieved from target_zip. - Compatibility archive should only be included for devices that have enabled + Compatibility should only be checked for devices that have enabled Treble support. Args: - target_zip: Zip file containing the source files to be included for OTA. - output_zip: Zip file that will be sent for OTA. + target_files: Path to zip file containing the source files to be included + for OTA. Can also be the path to extracted directory. target_info: The BuildInfo instance that holds the target build info. - source_info: The BuildInfo instance that holds the source build info, if - generating an incremental OTA; None otherwise. """ - def AddCompatibilityArchive(framework_updated, device_updated): - """Adds compatibility info based on update status of both sides of Treble - boundary. - - Args: - framework_updated: If True, the system / product image will be updated - and therefore their metadata should be included. - device_updated: If True, the vendor / odm image will be updated and - therefore their metadata should be included. - """ - # Determine what metadata we need. Files are names relative to META/. - compatibility_files = [] - device_metadata = ("vendor_manifest.xml", "vendor_matrix.xml") - framework_metadata = ("system_manifest.xml", "system_matrix.xml") - if device_updated: - compatibility_files += device_metadata - if framework_updated: - compatibility_files += framework_metadata - - # Create new archive. - compatibility_archive = tempfile.NamedTemporaryFile() - compatibility_archive_zip = zipfile.ZipFile( - compatibility_archive, "w", compression=zipfile.ZIP_DEFLATED) - - # Add metadata. - for file_name in compatibility_files: - target_file_name = "META/" + file_name - - if target_file_name in target_zip.namelist(): - data = target_zip.read(target_file_name) - common.ZipWriteStr(compatibility_archive_zip, file_name, data) - - # Ensure files are written before we copy into output_zip. - compatibility_archive_zip.close() - - # Only add the archive if we have any compatibility info. - if compatibility_archive_zip.namelist(): - common.ZipWrite(output_zip, compatibility_archive.name, - arcname="compatibility.zip", - compress_type=zipfile.ZIP_STORED) - - def FingerprintChanged(source_fp, target_fp): - if source_fp is None or target_fp is None: - return True - return source_fp != target_fp - # Will only proceed if the target has enabled the Treble support (as well as # having a /vendor partition). - if not HasTrebleEnabled(target_zip, target_info): + if not HasTrebleEnabled(target_files, target_info): return # Skip adding the compatibility package as a workaround for b/114240221. The @@ -839,32 +599,100 @@ def AddCompatibilityArchiveIfTrebleEnabled(target_zip, output_zip, target_info, if OPTIONS.skip_compatibility_check: return - # Full OTA carries the info for system/vendor/product/odm - if source_info is None: - AddCompatibilityArchive(True, True) - return + if not check_target_files_vintf.CheckVintf(target_files, target_info): + raise RuntimeError("VINTF compatibility check failed") - source_fp = source_info.fingerprint - target_fp = target_info.fingerprint - system_updated = source_fp != target_fp - # other build fingerprints could be possibly blacklisted at build time. For - # such a case, we consider those images being changed. - vendor_updated = FingerprintChanged(source_info.vendor_fingerprint, - target_info.vendor_fingerprint) - product_updated = HasProductPartition(target_zip) and \ - FingerprintChanged(source_info.product_fingerprint, - target_info.product_fingerprint) - odm_updated = HasOdmPartition(target_zip) and \ - FingerprintChanged(source_info.odm_fingerprint, - target_info.odm_fingerprint) +def GetBlockDifferences(target_zip, source_zip, target_info, source_info, + device_specific): + """Returns a ordered dict of block differences with partition name as key.""" - AddCompatibilityArchive(system_updated or product_updated, - vendor_updated or odm_updated) + def GetIncrementalBlockDifferenceForPartition(name): + if not HasPartition(source_zip, name): + raise RuntimeError("can't generate incremental that adds {}".format(name)) + + partition_src = common.GetUserImage(name, OPTIONS.source_tmp, source_zip, + info_dict=source_info, + allow_shared_blocks=allow_shared_blocks) + + hashtree_info_generator = verity_utils.CreateHashtreeInfoGenerator( + name, 4096, target_info) + partition_tgt = common.GetUserImage(name, OPTIONS.target_tmp, target_zip, + info_dict=target_info, + allow_shared_blocks=allow_shared_blocks, + hashtree_info_generator= + hashtree_info_generator) + + # Check the first block of the source system partition for remount R/W only + # if the filesystem is ext4. + partition_source_info = source_info["fstab"]["/" + name] + check_first_block = partition_source_info.fs_type == "ext4" + # Disable using imgdiff for squashfs. 'imgdiff -z' expects input files to be + # in zip formats. However with squashfs, a) all files are compressed in LZ4; + # b) the blocks listed in block map may not contain all the bytes for a + # given file (because they're rounded to be 4K-aligned). + partition_target_info = target_info["fstab"]["/" + name] + disable_imgdiff = (partition_source_info.fs_type == "squashfs" or + partition_target_info.fs_type == "squashfs") + return common.BlockDifference(name, partition_src, partition_tgt, + check_first_block, + version=blockimgdiff_version, + disable_imgdiff=disable_imgdiff) + + if source_zip: + # See notes in common.GetUserImage() + allow_shared_blocks = (source_info.get('ext4_share_dup_blocks') == "true" or + target_info.get('ext4_share_dup_blocks') == "true") + blockimgdiff_version = max( + int(i) for i in target_info.get( + "blockimgdiff_versions", "1").split(",")) + assert blockimgdiff_version >= 3 + + block_diff_dict = collections.OrderedDict() + partition_names = ["system", "vendor", "product", "odm", "system_ext"] + for partition in partition_names: + if not HasPartition(target_zip, partition): + continue + # Full OTA update. + if not source_zip: + tgt = common.GetUserImage(partition, OPTIONS.input_tmp, target_zip, + info_dict=target_info, + reset_file_map=True) + block_diff_dict[partition] = common.BlockDifference(partition, tgt, + src=None) + # Incremental OTA update. + else: + block_diff_dict[partition] = GetIncrementalBlockDifferenceForPartition( + partition) + assert "system" in block_diff_dict + + # Get the block diffs from the device specific script. If there is a + # duplicate block diff for a partition, ignore the diff in the generic script + # and use the one in the device specific script instead. + if source_zip: + device_specific_diffs = device_specific.IncrementalOTA_GetBlockDifferences() + function_name = "IncrementalOTA_GetBlockDifferences" + else: + device_specific_diffs = device_specific.FullOTA_GetBlockDifferences() + function_name = "FullOTA_GetBlockDifferences" + + if device_specific_diffs: + assert all(isinstance(diff, common.BlockDifference) + for diff in device_specific_diffs), \ + "{} is not returning a list of BlockDifference objects".format( + function_name) + for diff in device_specific_diffs: + if diff.partition in block_diff_dict: + logger.warning("Duplicate block difference found. Device specific block" + " diff for partition '%s' overrides the one in generic" + " script.", diff.partition) + block_diff_dict[diff.partition] = diff + + return block_diff_dict def WriteFullOTAPackage(input_zip, output_file): - target_info = BuildInfo(OPTIONS.info_dict, OPTIONS.oem_dicts) + target_info = common.BuildInfo(OPTIONS.info_dict, OPTIONS.oem_dicts) # We don't know what version it will be installed on top of. We expect the API # just won't change very often. Similarly for fstab, it might have changed in @@ -894,7 +722,7 @@ def WriteFullOTAPackage(input_zip, output_file): metadata=metadata, info_dict=OPTIONS.info_dict) - assert HasRecoveryPatch(input_zip) + assert HasRecoveryPatch(input_zip, info_dict=OPTIONS.info_dict) # Assertions (e.g. downgrade check, device properties check). ts = target_info.GetBuildProp("ro.build.date.utc") @@ -904,6 +732,11 @@ def WriteFullOTAPackage(input_zip, output_file): target_info.WriteDeviceAssertions(script, OPTIONS.oem_no_mount) device_specific.FullOTA_Assertions() + block_diff_dict = GetBlockDifferences(target_zip=input_zip, source_zip=None, + target_info=target_info, + source_info=None, + device_specific=device_specific) + # Two-step package strategy (in chronological order, which is *not* # the order in which the generated script has things): # @@ -955,70 +788,39 @@ else if get_stage("%(bcb_dev)s") == "3/3" then device_specific.FullOTA_InstallBegin() - ZipOtherImage("super_empty_all", OPTIONS.input_tmp, output_zip) - script.AppendExtra('package_extract_file("super_empty_all.img", "/dev/block/super");') - - system_progress = 0.75 - + # All other partitions as well as the data wipe use 10% of the progress, and + # the update of the system partition takes the remaining progress. + system_progress = 0.9 - (len(block_diff_dict) - 1) * 0.1 if OPTIONS.wipe_user_data: system_progress -= 0.1 - if HasVendorPartition(input_zip): - system_progress -= 0.1 - - script.ShowProgress(system_progress, 0) - - def GetBlockDifference(partition): - # Full OTA is done as an "incremental" against an empty source image. This - # has the effect of writing new data from the package to the entire - # partition, but lets us reuse the updater code that writes incrementals to - # do it. - tgt = common.GetUserImage(partition, OPTIONS.input_tmp, input_zip, - info_dict=target_info, - reset_file_map=True) - diff = common.BlockDifference(partition, tgt, src=None) - return diff - - device_specific_diffs = device_specific.FullOTA_GetBlockDifferences() - if device_specific_diffs: - assert all(isinstance(diff, common.BlockDifference) - for diff in device_specific_diffs), \ - "FullOTA_GetBlockDifferences is not returning a list of " \ - "BlockDifference objects" - - progress_dict = dict() - block_diffs = [GetBlockDifference("system")] - if HasVendorPartition(input_zip): - block_diffs.append(GetBlockDifference("vendor")) - progress_dict["vendor"] = 0.1 - if device_specific_diffs: - block_diffs += device_specific_diffs + progress_dict = {partition: 0.1 for partition in block_diff_dict} + progress_dict["system"] = system_progress if target_info.get('use_dynamic_partitions') == "true": # Use empty source_info_dict to indicate that all partitions / groups must # be re-added. dynamic_partitions_diff = common.DynamicPartitionsDifference( info_dict=OPTIONS.info_dict, - block_diffs=block_diffs, + block_diffs=block_diff_dict.values(), progress_dict=progress_dict) dynamic_partitions_diff.WriteScript(script, output_zip, write_verify_script=OPTIONS.verify) else: - for block_diff in block_diffs: + for block_diff in block_diff_dict.values(): block_diff.WriteScript(script, output_zip, progress=progress_dict.get(block_diff.partition), write_verify_script=OPTIONS.verify) - AddCompatibilityArchiveIfTrebleEnabled(input_zip, output_zip, target_info) + CheckVintfIfTrebleEnabled(OPTIONS.input_tmp, target_info) boot_img = common.GetBootableImage( "boot.img", "boot.img", OPTIONS.input_tmp, "BOOT") common.CheckSize(boot_img.data, "boot.img", target_info) common.ZipWriteStr(output_zip, "boot.img", boot_img.data) - script.ShowProgress(0.05, 5) script.WriteRawImage("/boot", "boot.img") - script.ShowProgress(0.2, 10) + script.ShowProgress(0.1, 10) device_specific.FullOTA_InstallEnd() if OPTIONS.extra_script is not None: @@ -1069,7 +871,7 @@ def WriteMetadata(metadata, output): output: A ZipFile object or a string of the output file path. """ - value = "".join(["%s=%s\n" % kv for kv in sorted(metadata.iteritems())]) + value = "".join(["%s=%s\n" % kv for kv in sorted(metadata.items())]) if isinstance(output, zipfile.ZipFile): common.ZipWriteStr(output, METADATA_NAME, value, compress_type=zipfile.ZIP_STORED) @@ -1085,7 +887,7 @@ def HandleDowngradeMetadata(metadata, target_info, source_info): post_timestamp = target_info.GetBuildProp("ro.build.date.utc") pre_timestamp = source_info.GetBuildProp("ro.build.date.utc") - is_downgrade = long(post_timestamp) < long(pre_timestamp) + is_downgrade = int(post_timestamp) < int(pre_timestamp) if OPTIONS.downgrade: if not is_downgrade: @@ -1116,8 +918,8 @@ def GetPackageMetadata(target_info, source_info=None): Returns: A dict to be written into package metadata entry. """ - assert isinstance(target_info, BuildInfo) - assert source_info is None or isinstance(source_info, BuildInfo) + assert isinstance(target_info, common.BuildInfo) + assert source_info is None or isinstance(source_info, common.BuildInfo) metadata = { 'post-build' : target_info.fingerprint, @@ -1410,7 +1212,7 @@ class AbOtaPropertyFiles(StreamingPropertyFiles): payload_offset += len(payload_info.extra) + len(payload_info.filename) payload_size = payload_info.file_size - with input_zip.open('payload.bin', 'r') as payload_fp: + with input_zip.open('payload.bin') as payload_fp: header_bin = payload_fp.read(24) # network byte order (big-endian) @@ -1530,8 +1332,8 @@ def FinalizeMetadata(metadata, input_file, output_file, needed_property_files): def WriteBlockIncrementalOTAPackage(target_zip, source_zip, output_file): - target_info = BuildInfo(OPTIONS.target_info_dict, OPTIONS.oem_dicts) - source_info = BuildInfo(OPTIONS.source_info_dict, OPTIONS.oem_dicts) + target_info = common.BuildInfo(OPTIONS.target_info_dict, OPTIONS.oem_dicts) + source_info = common.BuildInfo(OPTIONS.source_info_dict, OPTIONS.oem_dicts) target_api_version = target_info["recovery_api_version"] source_api_version = source_info["recovery_api_version"] @@ -1578,69 +1380,13 @@ def WriteBlockIncrementalOTAPackage(target_zip, source_zip, output_file): target_recovery = common.GetBootableImage( "/tmp/recovery.img", "recovery.img", OPTIONS.target_tmp, "RECOVERY") - # See notes in common.GetUserImage() - allow_shared_blocks = (source_info.get('ext4_share_dup_blocks') == "true" or - target_info.get('ext4_share_dup_blocks') == "true") - system_src = common.GetUserImage("system", OPTIONS.source_tmp, source_zip, - info_dict=source_info, - allow_shared_blocks=allow_shared_blocks) - - hashtree_info_generator = verity_utils.CreateHashtreeInfoGenerator( - "system", 4096, target_info) - system_tgt = common.GetUserImage("system", OPTIONS.target_tmp, target_zip, - info_dict=target_info, - allow_shared_blocks=allow_shared_blocks, - hashtree_info_generator= - hashtree_info_generator) - - blockimgdiff_version = max( - int(i) for i in target_info.get("blockimgdiff_versions", "1").split(",")) - assert blockimgdiff_version >= 3 - - # Check the first block of the source system partition for remount R/W only - # if the filesystem is ext4. - system_src_partition = source_info["fstab"]["/system"] - check_first_block = system_src_partition.fs_type == "ext4" - # Disable using imgdiff for squashfs. 'imgdiff -z' expects input files to be - # in zip formats. However with squashfs, a) all files are compressed in LZ4; - # b) the blocks listed in block map may not contain all the bytes for a given - # file (because they're rounded to be 4K-aligned). - system_tgt_partition = target_info["fstab"]["/system"] - disable_imgdiff = (system_src_partition.fs_type == "squashfs" or - system_tgt_partition.fs_type == "squashfs") - system_diff = common.BlockDifference("system", system_tgt, system_src, - check_first_block, - version=blockimgdiff_version, - disable_imgdiff=disable_imgdiff) - - if HasVendorPartition(target_zip): - if not HasVendorPartition(source_zip): - raise RuntimeError("can't generate incremental that adds /vendor") - vendor_src = common.GetUserImage("vendor", OPTIONS.source_tmp, source_zip, - info_dict=source_info, - allow_shared_blocks=allow_shared_blocks) - hashtree_info_generator = verity_utils.CreateHashtreeInfoGenerator( - "vendor", 4096, target_info) - vendor_tgt = common.GetUserImage( - "vendor", OPTIONS.target_tmp, target_zip, - info_dict=target_info, - allow_shared_blocks=allow_shared_blocks, - hashtree_info_generator=hashtree_info_generator) - - # Check first block of vendor partition for remount R/W only if - # disk type is ext4 - vendor_partition = source_info["fstab"]["/vendor"] - check_first_block = vendor_partition.fs_type == "ext4" - disable_imgdiff = vendor_partition.fs_type == "squashfs" - vendor_diff = common.BlockDifference("vendor", vendor_tgt, vendor_src, - check_first_block, - version=blockimgdiff_version, - disable_imgdiff=disable_imgdiff) - else: - vendor_diff = None + block_diff_dict = GetBlockDifferences(target_zip=target_zip, + source_zip=source_zip, + target_info=target_info, + source_info=source_info, + device_specific=device_specific) - AddCompatibilityArchiveIfTrebleEnabled( - target_zip, output_zip, target_info, source_info) + CheckVintfIfTrebleEnabled(OPTIONS.target_tmp, target_info) # Assertions (e.g. device properties check). target_info.WriteDeviceAssertions(script, OPTIONS.oem_no_mount) @@ -1704,12 +1450,8 @@ else if get_stage("%(bcb_dev)s") != "3/3" then WriteFingerprintAssertion(script, target_info, source_info) # Check the required cache size (i.e. stashed blocks). - size = [] - if system_diff: - size.append(system_diff.required_cache) - if vendor_diff: - size.append(vendor_diff.required_cache) - + required_cache_sizes = [diff.required_cache for diff in + block_diff_dict.values()] if updating_boot: boot_type, boot_device = common.GetTypeAndDevice("/boot", source_info) d = common.Difference(target_boot, source_boot) @@ -1732,10 +1474,14 @@ else if get_stage("%(bcb_dev)s") != "3/3" then "{}:{}:{}:{}".format( boot_type, boot_device, source_boot.size, source_boot.sha1)) - size.append(target_boot.size) + required_cache_sizes.append(target_boot.size) - if size: - script.CacheFreeSpaceCheck(max(size)) + if required_cache_sizes: + script.CacheFreeSpaceCheck(max(required_cache_sizes)) + + # Verify the existing partitions. + for diff in block_diff_dict.values(): + diff.WriteVerifyScript(script, touched_blocks_only=True) device_specific.IncrementalOTA_VerifyEnd() @@ -1752,30 +1498,12 @@ else # Stage 3/3: Make changes. script.Comment("Stage 3/3") - # Verify the existing partitions. - system_diff.WriteVerifyScript(script, touched_blocks_only=True) - if vendor_diff: - vendor_diff.WriteVerifyScript(script, touched_blocks_only=True) - device_specific_diffs = device_specific.IncrementalOTA_GetBlockDifferences() - if device_specific_diffs: - assert all(isinstance(diff, common.BlockDifference) - for diff in device_specific_diffs), \ - "IncrementalOTA_GetBlockDifferences is not returning a list of " \ - "BlockDifference objects" - for diff in device_specific_diffs: - diff.WriteVerifyScript(script, touched_blocks_only=True) - script.Comment("---- start making changes here ----") device_specific.IncrementalOTA_InstallBegin() - block_diffs = [system_diff] - progress_dict = {"system": 0.8 if vendor_diff else 0.9} - if vendor_diff: - block_diffs.append(vendor_diff) - progress_dict["vendor"] = 0.1 - if device_specific_diffs: - block_diffs += device_specific_diffs + progress_dict = {partition: 0.1 for partition in block_diff_dict} + progress_dict["system"] = 1 - len(block_diff_dict) * 0.1 if OPTIONS.source_info_dict.get("use_dynamic_partitions") == "true": if OPTIONS.target_info_dict.get("use_dynamic_partitions") != "true": @@ -1784,12 +1512,12 @@ else dynamic_partitions_diff = common.DynamicPartitionsDifference( info_dict=OPTIONS.target_info_dict, source_info_dict=OPTIONS.source_info_dict, - block_diffs=block_diffs, + block_diffs=block_diff_dict.values(), progress_dict=progress_dict) dynamic_partitions_diff.WriteScript( script, output_zip, write_verify_script=OPTIONS.verify) else: - for block_diff in block_diffs: + for block_diff in block_diff_dict.values(): block_diff.WriteScript(script, output_zip, progress=progress_dict.get(block_diff.partition), write_verify_script=OPTIONS.verify) @@ -1877,12 +1605,52 @@ def GetTargetFilesZipForSecondaryImages(input_file, skip_postinstall=False): Returns: The filename of the target-files.zip for generating secondary payload. """ + + def GetInfoForSecondaryImages(info_file): + """Updates info file for secondary payload generation. + + Scan each line in the info file, and remove the unwanted partitions from + the dynamic partition list in the related properties. e.g. + "super_google_dynamic_partitions_partition_list=system vendor product" + will become "super_google_dynamic_partitions_partition_list=system". + + Args: + info_file: The input info file. e.g. misc_info.txt. + + Returns: + A string of the updated info content. + """ + + output_list = [] + with open(info_file) as f: + lines = f.read().splitlines() + + # The suffix in partition_list variables that follows the name of the + # partition group. + LIST_SUFFIX = 'partition_list' + for line in lines: + if line.startswith('#') or '=' not in line: + output_list.append(line) + continue + key, value = line.strip().split('=', 1) + if key == 'dynamic_partition_list' or key.endswith(LIST_SUFFIX): + partitions = value.split() + partitions = [partition for partition in partitions if partition + not in SECONDARY_PAYLOAD_SKIPPED_IMAGES] + output_list.append('{}={}'.format(key, ' '.join(partitions))) + elif key == 'virtual_ab' or key == "virtual_ab_retrofit": + # Remove virtual_ab flag from secondary payload so that OTA client + # don't use snapshots for secondary update + pass + else: + output_list.append(line) + return '\n'.join(output_list) + target_file = common.MakeTempFile(prefix="targetfiles-", suffix=".zip") target_zip = zipfile.ZipFile(target_file, 'w', allowZip64=True) with zipfile.ZipFile(input_file, 'r') as input_zip: infolist = input_zip.infolist() - namelist = input_zip.namelist() input_tmp = common.UnzipTemp(input_file, UNZIP_PATTERN) for info in infolist: @@ -1895,12 +1663,33 @@ def GetTargetFilesZipForSecondaryImages(input_file, skip_postinstall=False): 'IMAGES/system.map'): pass + # Copy images that are not in SECONDARY_PAYLOAD_SKIPPED_IMAGES. + elif info.filename.startswith(('IMAGES/', 'RADIO/')): + image_name = os.path.basename(info.filename) + if image_name not in ['{}.img'.format(partition) for partition in + SECONDARY_PAYLOAD_SKIPPED_IMAGES]: + common.ZipWrite(target_zip, unzipped_file, arcname=info.filename) + # Skip copying the postinstall config if requested. elif skip_postinstall and info.filename == POSTINSTALL_CONFIG: pass - elif info.filename.startswith(('META/', 'IMAGES/', 'RADIO/')): - common.ZipWrite(target_zip, unzipped_file, arcname=info.filename) + elif info.filename.startswith('META/'): + # Remove the unnecessary partitions for secondary images from the + # ab_partitions file. + if info.filename == AB_PARTITIONS: + with open(unzipped_file) as f: + partition_list = f.read().splitlines() + partition_list = [partition for partition in partition_list if partition + and partition not in SECONDARY_PAYLOAD_SKIPPED_IMAGES] + common.ZipWriteStr(target_zip, info.filename, '\n'.join(partition_list)) + # Remove the unnecessary partitions from the dynamic partitions list. + elif (info.filename == 'META/misc_info.txt' or + info.filename == DYNAMIC_PARTITION_INFO): + modified_info = GetInfoForSecondaryImages(unzipped_file) + common.ZipWriteStr(target_zip, info.filename, modified_info) + else: + common.ZipWrite(target_zip, unzipped_file, arcname=info.filename) common.ZipClose(target_zip) @@ -1957,7 +1746,7 @@ def GetTargetFilesZipForRetrofitDynamicPartitions(input_file, target_file = common.MakeTempFile(prefix="targetfiles-", suffix=".zip") shutil.copyfile(input_file, target_file) - with zipfile.ZipFile(input_file, 'r') as input_zip: + with zipfile.ZipFile(input_file) as input_zip: namelist = input_zip.namelist() input_tmp = common.UnzipTemp(input_file, RETROFIT_DAP_UNZIP_PATTERN) @@ -1981,8 +1770,8 @@ def GetTargetFilesZipForRetrofitDynamicPartitions(input_file, for partition in ab_partitions: if (partition in dynamic_partition_list and partition not in super_block_devices): - logger.info("Dropping %s from ab_partitions.txt", partition) - continue + logger.info("Dropping %s from ab_partitions.txt", partition) + continue f.write(partition + "\n") to_delete = [AB_PARTITIONS] @@ -1994,7 +1783,7 @@ def GetTargetFilesZipForRetrofitDynamicPartitions(input_file, to_delete += [DYNAMIC_PARTITION_INFO] # Remove the existing partition images as well as the map files. - to_delete += replace.values() + to_delete += list(replace.values()) to_delete += ['IMAGES/{}.map'.format(dev) for dev in super_block_devices] common.ZipDelete(target_file, to_delete) @@ -2004,7 +1793,7 @@ def GetTargetFilesZipForRetrofitDynamicPartitions(input_file, # Write super_{foo}.img as {foo}.img. for src, dst in replace.items(): assert src in namelist, \ - 'Missing {} in {}; {} cannot be written'.format(src, input_file, dst) + 'Missing {} in {}; {} cannot be written'.format(src, input_file, dst) unzipped_file = os.path.join(input_tmp, *src.split('/')) common.ZipWrite(target_zip, unzipped_file, arcname=dst) @@ -2016,8 +1805,7 @@ def GetTargetFilesZipForRetrofitDynamicPartitions(input_file, return target_file -def WriteABOTAPackageWithBrilloScript(target_file, output_file, - source_file=None): +def GenerateAbOtaPackage(target_file, output_file, source_file=None): """Generates an Android OTA package that has A/B update payload.""" # Stage the output zip package for package signing. if not OPTIONS.no_signing: @@ -2028,10 +1816,10 @@ def WriteABOTAPackageWithBrilloScript(target_file, output_file, compression=zipfile.ZIP_DEFLATED) if source_file is not None: - target_info = BuildInfo(OPTIONS.target_info_dict, OPTIONS.oem_dicts) - source_info = BuildInfo(OPTIONS.source_info_dict, OPTIONS.oem_dicts) + target_info = common.BuildInfo(OPTIONS.target_info_dict, OPTIONS.oem_dicts) + source_info = common.BuildInfo(OPTIONS.source_info_dict, OPTIONS.oem_dicts) else: - target_info = BuildInfo(OPTIONS.info_dict, OPTIONS.oem_dicts) + target_info = common.BuildInfo(OPTIONS.info_dict, OPTIONS.oem_dicts) source_info = None # Metadata to comply with Android OTA package format. @@ -2095,11 +1883,10 @@ def WriteABOTAPackageWithBrilloScript(target_file, output_file, else: logger.warning("Cannot find care map file in target_file package") - AddCompatibilityArchiveIfTrebleEnabled( - target_zip, output_zip, target_info, source_info) - common.ZipClose(target_zip) + CheckVintfIfTrebleEnabled(target_file, target_info) + # We haven't written the metadata entry yet, which will be handled in # FinalizeMetadata(). common.ZipClose(output_zip) @@ -2115,6 +1902,66 @@ def WriteABOTAPackageWithBrilloScript(target_file, output_file, FinalizeMetadata(metadata, staging_file, output_file, needed_property_files) +def GenerateNonAbOtaPackage(target_file, output_file, source_file=None): + """Generates a non-A/B OTA package.""" + # Sanity check the loaded info dicts first. + if OPTIONS.info_dict.get("no_recovery") == "true": + raise common.ExternalError( + "--- target build has specified no recovery ---") + + # Non-A/B OTAs rely on /cache partition to store temporary files. + cache_size = OPTIONS.info_dict.get("cache_size") + if cache_size is None: + logger.warning("--- can't determine the cache partition size ---") + OPTIONS.cache_size = cache_size + + if OPTIONS.extra_script is not None: + with open(OPTIONS.extra_script) as fp: + OPTIONS.extra_script = fp.read() + + if OPTIONS.extracted_input is not None: + OPTIONS.input_tmp = OPTIONS.extracted_input + else: + logger.info("unzipping target target-files...") + OPTIONS.input_tmp = common.UnzipTemp(target_file, UNZIP_PATTERN) + OPTIONS.target_tmp = OPTIONS.input_tmp + + # If the caller explicitly specified the device-specific extensions path via + # -s / --device_specific, use that. Otherwise, use META/releasetools.py if it + # is present in the target target_files. Otherwise, take the path of the file + # from 'tool_extensions' in the info dict and look for that in the local + # filesystem, relative to the current directory. + if OPTIONS.device_specific is None: + from_input = os.path.join(OPTIONS.input_tmp, "META", "releasetools.py") + if os.path.exists(from_input): + logger.info("(using device-specific extensions from target_files)") + OPTIONS.device_specific = from_input + else: + OPTIONS.device_specific = OPTIONS.info_dict.get("tool_extensions") + + if OPTIONS.device_specific is not None: + OPTIONS.device_specific = os.path.abspath(OPTIONS.device_specific) + + # Generate a full OTA. + if source_file is None: + with zipfile.ZipFile(target_file) as input_zip: + WriteFullOTAPackage( + input_zip, + output_file) + + # Generate an incremental OTA. + else: + logger.info("unzipping source target-files...") + OPTIONS.source_tmp = common.UnzipTemp( + OPTIONS.incremental_source, UNZIP_PATTERN) + with zipfile.ZipFile(target_file) as input_zip, \ + zipfile.ZipFile(source_file) as source_zip: + WriteBlockIncrementalOTAPackage( + input_zip, + source_zip, + output_file) + + def main(argv): def option_handler(o, a): @@ -2169,8 +2016,13 @@ def main(argv): OPTIONS.payload_signer = a elif o == "--payload_signer_args": OPTIONS.payload_signer_args = shlex.split(a) + elif o == "--payload_signer_maximum_signature_size": + OPTIONS.payload_signer_maximum_signature_size = a elif o == "--payload_signer_key_size": - OPTIONS.payload_signer_key_size = a + # TODO(Xunchang) remove this option after cleaning up the callers. + logger.warning("The option '--payload_signer_key_size' is deprecated." + " Use '--payload_signer_maximum_signature_size' instead.") + OPTIONS.payload_signer_maximum_signature_size = a elif o == "--extracted_input_target_files": OPTIONS.extracted_input = a elif o == "--skip_postinstall": @@ -2181,6 +2033,8 @@ def main(argv): OPTIONS.skip_compatibility_check = True elif o == "--output_metadata_path": OPTIONS.output_metadata_path = a + elif o == "--disable_fec_computation": + OPTIONS.disable_fec_computation = True else: return False return True @@ -2209,12 +2063,14 @@ def main(argv): "log_diff=", "payload_signer=", "payload_signer_args=", + "payload_signer_maximum_signature_size=", "payload_signer_key_size=", "extracted_input_target_files=", "skip_postinstall", "retrofit_dynamic_partitions", "skip_compatibility_check", "output_metadata_path=", + "disable_fec_computation", ], extra_option_handler=option_handler) if len(args) != 2: @@ -2284,80 +2140,34 @@ def main(argv): if OPTIONS.package_key is None: OPTIONS.package_key = OPTIONS.info_dict.get( "default_system_dev_certificate", - "build/target/product/security/testkey") + "build/make/target/product/security/testkey") # Get signing keys OPTIONS.key_passwords = common.GetKeyPasswords([OPTIONS.package_key]) if ab_update: - WriteABOTAPackageWithBrilloScript( + GenerateAbOtaPackage( target_file=args[0], output_file=args[1], source_file=OPTIONS.incremental_source) - logger.info("done.") - return - - # Sanity check the loaded info dicts first. - if OPTIONS.info_dict.get("no_recovery") == "true": - raise common.ExternalError( - "--- target build has specified no recovery ---") - - # Non-A/B OTAs rely on /cache partition to store temporary files. - cache_size = OPTIONS.info_dict.get("cache_size") - if cache_size is None: - logger.warning("--- can't determine the cache partition size ---") - OPTIONS.cache_size = cache_size - - if OPTIONS.extra_script is not None: - OPTIONS.extra_script = open(OPTIONS.extra_script).read() - - if OPTIONS.extracted_input is not None: - OPTIONS.input_tmp = OPTIONS.extracted_input - else: - logger.info("unzipping target target-files...") - OPTIONS.input_tmp = common.UnzipTemp(args[0], UNZIP_PATTERN) - OPTIONS.target_tmp = OPTIONS.input_tmp - - # If the caller explicitly specified the device-specific extensions path via - # -s / --device_specific, use that. Otherwise, use META/releasetools.py if it - # is present in the target target_files. Otherwise, take the path of the file - # from 'tool_extensions' in the info dict and look for that in the local - # filesystem, relative to the current directory. - if OPTIONS.device_specific is None: - from_input = os.path.join(OPTIONS.input_tmp, "META", "releasetools.py") - if os.path.exists(from_input): - logger.info("(using device-specific extensions from target_files)") - OPTIONS.device_specific = from_input - else: - OPTIONS.device_specific = OPTIONS.info_dict.get("tool_extensions") - - if OPTIONS.device_specific is not None: - OPTIONS.device_specific = os.path.abspath(OPTIONS.device_specific) - - # Generate a full OTA. - if OPTIONS.incremental_source is None: - with zipfile.ZipFile(args[0], 'r') as input_zip: - WriteFullOTAPackage( - input_zip, - output_file=args[1]) - - # Generate an incremental OTA. else: - logger.info("unzipping source target-files...") - OPTIONS.source_tmp = common.UnzipTemp( - OPTIONS.incremental_source, UNZIP_PATTERN) - with zipfile.ZipFile(args[0], 'r') as input_zip, \ - zipfile.ZipFile(OPTIONS.incremental_source, 'r') as source_zip: - WriteBlockIncrementalOTAPackage( - input_zip, - source_zip, - output_file=args[1]) + GenerateNonAbOtaPackage( + target_file=args[0], + output_file=args[1], + source_file=OPTIONS.incremental_source) - if OPTIONS.log_diff: - with open(OPTIONS.log_diff, 'w') as out_file: - import target_files_diff - target_files_diff.recursiveDiff( - '', OPTIONS.source_tmp, OPTIONS.input_tmp, out_file) + # Post OTA generation works. + if OPTIONS.incremental_source is not None and OPTIONS.log_diff: + logger.info("Generating diff logs...") + logger.info("Unzipping target-files for diffing...") + target_dir = common.UnzipTemp(args[0], TARGET_DIFFING_UNZIP_PATTERN) + source_dir = common.UnzipTemp( + OPTIONS.incremental_source, TARGET_DIFFING_UNZIP_PATTERN) + + with open(OPTIONS.log_diff, 'w') as out_file: + import target_files_diff + target_files_diff.recursiveDiff( + '', source_dir, target_dir, out_file) logger.info("done.") diff --git a/product_property.mk b/product_property.mk index aa8bb65..90cbef5 100755 --- a/product_property.mk +++ b/product_property.mk @@ -19,25 +19,9 @@ PRODUCT_PRODUCT_PROPERTIES += \ #PRODUCT_PRODUCT_PROPERTIES += \ # ro.product.first_api_level=26 -# VNDK version is specified -#PRODUCT_PRODUCT_PROPERTIES += \ -# ro.vendor.vndk.version=26.1.0 - -# Override heap growth limit due to high display density on device -PRODUCT_PROPERTY_OVERRIDES += \ - dalvik.vm.heapgrowthlimit=256m - -PRODUCT_PRODUCT_PROPERTIES += \ - ro.boot.fake_battery=42 - -#set audioflinger heapsize,for lowramdevice -#the default af heap size is 1M,it is not enough -PRODUCT_PRODUCT_PROPERTIES += \ - ro.af.client_heap_size_kbyte=1536 - #Enforce privapp-permissions whitelist -PRODUCT_PROPERTY_OVERRIDES += \ - ro.control_privapp_permissions=enforce +# PRODUCT_PROPERTY_OVERRIDES += \ +# ro.control_privapp_permissions=enforce # for device RAM <= 2G, which need use minfree levels PRODUCT_PRODUCT_PROPERTIES += \ diff --git a/products/mbox/g12a/g12a.mk b/products/mbox/g12a/g12a.mk index 70903f6..4ca9d92 100755 --- a/products/mbox/g12a/g12a.mk +++ b/products/mbox/g12a/g12a.mk @@ -95,6 +95,11 @@ BOARD_AVB_ENABLE := true BOARD_AVB_ALGORITHM := SHA256_RSA2048 BOARD_AVB_KEY_PATH := device/amlogic/common/security/testkey_rsa2048.pem BOARD_AVB_ROLLBACK_INDEX := 0 + +BOARD_AVB_RECOVERY_KEY_PATH := device/amlogic/common/security/testkey_rsa2048.pem +BOARD_AVB_RECOVERY_ALGORITHM := SHA256_RSA2048 +BOARD_AVB_RECOVERY_ROLLBACK_INDEX := $(PLATFORM_SECURITY_PATCH_TIMESTAMP) +BOARD_AVB_RECOVERY_ROLLBACK_INDEX_LOCATION := 2 endif ifeq ($(BUILD_WITH_AVB),true) diff --git a/products/mbox/g12a/recovery/init.recovery.amlogic.rc b/products/mbox/g12a/recovery/init.recovery.amlogic.rc index e84b4c2..6d4b3dc 100644 --- a/products/mbox/g12a/recovery/init.recovery.amlogic.rc +++ b/products/mbox/g12a/recovery/init.recovery.amlogic.rc @@ -37,7 +37,7 @@ on boot setprop sys.usb.configfs 1 setprop sys.usb.controller ${sys.usb.controller} -service console /sbin/sh +service console /system/bin/sh seclabel u:r:shell:s0 console diff --git a/products/mbox/gxl/recovery/init.recovery.amlogic.rc b/products/mbox/gxl/recovery/init.recovery.amlogic.rc index e84b4c2..6d4b3dc 100755..100644 --- a/products/mbox/gxl/recovery/init.recovery.amlogic.rc +++ b/products/mbox/gxl/recovery/init.recovery.amlogic.rc @@ -37,7 +37,7 @@ on boot setprop sys.usb.configfs 1 setprop sys.usb.controller ${sys.usb.controller} -service console /sbin/sh +service console /system/bin/sh seclabel u:r:shell:s0 console diff --git a/products/mbox/sm1/recovery/init.recovery.amlogic.rc b/products/mbox/sm1/recovery/init.recovery.amlogic.rc index e84b4c2..6d4b3dc 100644 --- a/products/mbox/sm1/recovery/init.recovery.amlogic.rc +++ b/products/mbox/sm1/recovery/init.recovery.amlogic.rc @@ -37,7 +37,7 @@ on boot setprop sys.usb.configfs 1 setprop sys.usb.controller ${sys.usb.controller} -service console /sbin/sh +service console /system/bin/sh seclabel u:r:shell:s0 console diff --git a/products/mbox/sm1/sm1.mk b/products/mbox/sm1/sm1.mk index d239d4d..0e115d9 100755 --- a/products/mbox/sm1/sm1.mk +++ b/products/mbox/sm1/sm1.mk @@ -98,6 +98,11 @@ BOARD_AVB_ENABLE := true BOARD_AVB_ALGORITHM := SHA256_RSA2048 BOARD_AVB_KEY_PATH := device/amlogic/common/security/testkey_rsa2048.pem BOARD_AVB_ROLLBACK_INDEX := 0 + +BOARD_AVB_RECOVERY_KEY_PATH := device/amlogic/common/security/testkey_rsa2048.pem +BOARD_AVB_RECOVERY_ALGORITHM := SHA256_RSA2048 +BOARD_AVB_RECOVERY_ROLLBACK_INDEX := $(PLATFORM_SECURITY_PATCH_TIMESTAMP) +BOARD_AVB_RECOVERY_ROLLBACK_INDEX_LOCATION := 2 endif ifeq ($(BUILD_WITH_AVB),true) diff --git a/products/tv/tl1/recovery/init.recovery.amlogic.rc b/products/tv/tl1/recovery/init.recovery.amlogic.rc index fe3c083..5b3918c 100755..100644 --- a/products/tv/tl1/recovery/init.recovery.amlogic.rc +++ b/products/tv/tl1/recovery/init.recovery.amlogic.rc @@ -36,7 +36,7 @@ on boot setprop sys.usb.configfs 1 setprop sys.usb.controller ${sys.usb.controller} -service console /sbin/sh +service console /system/bin/sh seclabel u:r:shell:s0 console diff --git a/products/tv/tm2/recovery/init.recovery.amlogic.rc b/products/tv/tm2/recovery/init.recovery.amlogic.rc index e84b4c2..6d4b3dc 100755..100644 --- a/products/tv/tm2/recovery/init.recovery.amlogic.rc +++ b/products/tv/tm2/recovery/init.recovery.amlogic.rc @@ -37,7 +37,7 @@ on boot setprop sys.usb.configfs 1 setprop sys.usb.controller ${sys.usb.controller} -service console /sbin/sh +service console /system/bin/sh seclabel u:r:shell:s0 console diff --git a/releasetools.py b/releasetools.py index 6d0da2f..c89f8de 100755 --- a/releasetools.py +++ b/releasetools.py @@ -160,7 +160,7 @@ def FullOTA_Assertions(info): if OPTIONS.ota_partition_change: info.script.AppendExtra('ui_print("update bootloader.img...");') info.script.AppendExtra('write_bootloader_image(package_extract_file("bootloader.img"));') - info.script.AppendExtra('set_bootloader_env("recovery_from_flash", "defenv_resev;save;reset");') + info.script.AppendExtra('set_bootloader_env("recovery_from_flash", "defenv_reserv;save;reset");') info.script.AppendExtra('write_dtb_image(package_extract_file("dt.img"));') info.script.WriteRawImage("/recovery", "recovery.img") if OPTIONS.backup_zip: diff --git a/sepolicy/file_contexts b/sepolicy/file_contexts index 138f7b8..684bf83 100755 --- a/sepolicy/file_contexts +++ b/sepolicy/file_contexts @@ -305,6 +305,8 @@ /vendor/bin/hw/android\.hardware\.dumpstate@1\.0-service.droidlogic u:object_r:hal_dumpstate_default_exec:s0 /vendor/bin/hw/android\.hardware\.drm@1\.2-service.widevine u:object_r:hal_drm_default_exec:s0 /vendor/bin/hw/android\.hardware\.drm@1\.2-service\.clearkey u:object_r:hal_drm_clearkey_exec:s0 +/vendor/bin/hw/android\.hardware\.drm@1\.3-service.widevine u:object_r:hal_drm_default_exec:s0 +/vendor/bin/hw/android\.hardware\.drm@1\.3-service\.clearkey u:object_r:hal_drm_clearkey_exec:s0 /vendor/bin/hw/android\.hardware\.power\.stats@1\.0-service\.mock u:object_r:hal_power_stats_default_exec:s0 /vendor/bin/hw/android\.hardware\.graphics\.composer@2\.3-service\.droidlogic u:object_r:hal_graphics_composer_default_exec:s0 /vendor/bin/hw/android\.hardware\.thermal@2\.0-service.droidlogic u:object_r:hal_thermal_default_exec:s0 diff --git a/sepolicy/hal_graphics_composer_default.te b/sepolicy/hal_graphics_composer_default.te index 0fa7a41..714196b 100755 --- a/sepolicy/hal_graphics_composer_default.te +++ b/sepolicy/hal_graphics_composer_default.te @@ -30,6 +30,8 @@ get_prop(hal_graphics_composer_default, media_prop) allow hal_graphics_composer_default sysfs_video:dir { search }; allow hal_graphics_composer_default sysfs_display:file { read write open getattr }; +allow hal_graphics_composer_default sysfs_cec:file r_file_perms; + allow hal_graphics_composer_default vendor_platform_prop:file {getattr open read}; get_prop(hal_graphics_composer_default, vendor_platform_prop) allow hal_graphics_composer_default kernel:process setsched; diff --git a/sepolicy/hal_power_default.te b/sepolicy/hal_power_default.te index e34d6e5..c782eda 100644 --- a/sepolicy/hal_power_default.te +++ b/sepolicy/hal_power_default.te @@ -4,4 +4,4 @@ allow hal_power_default sysfs_power_trigger:file { read write open }; allow hal_power_default hdmicecd_hwservice:hwservice_manager { find }; allow hal_power_default hdmicecd:binder { call transfer }; allow hal_power_default vendor_platform_prop:file { open read getattr }; -allow hal_power_default vendor_platform_prop:file { open read getattr }; +allow hal_power_default vendor_persist_prop:file { open read getattr }; diff --git a/sepolicy/hdcp_tx22.te b/sepolicy/hdcp_tx22.te index 45bc400..ba7f216 100644 --- a/sepolicy/hdcp_tx22.te +++ b/sepolicy/hdcp_tx22.te @@ -5,5 +5,6 @@ init_daemon_domain(hdcp_tx22) allow hdcp_tx22 hdcptx_device:chr_file { open read write getattr ioctl }; allow hdcp_tx22 sysfs:file rw_file_perms; +allow hdcp_tx22 sysfs_cec:file rw_file_perms; allow hdcp_tx22 sysfs_amhdmitx:dir search; allow hdcp_tx22 sysfs_amhdmitx:file { getattr open read write ioctl }; diff --git a/sepolicy/hdmicecd.te b/sepolicy/hdmicecd.te index 88f6865..b0eda46 100755 --- a/sepolicy/hdmicecd.te +++ b/sepolicy/hdmicecd.te @@ -8,6 +8,7 @@ allow hdmicecd vndservicemanager:binder { call transfer }; allow hdmicecd hwservicemanager:binder { call transfer }; allow hdmicecd { hdmicecd_hwservice hidl_base_hwservice }:hwservice_manager { add }; +allow hdmicecd hdmicecd_hwservice:hwservice_manager find; allow hdmicecd cec_device:chr_file { open read write ioctl }; allow hdmicecd hwservicemanager_prop:file { open read getattr }; @@ -21,4 +22,3 @@ allow hdmicecd tvserver:binder { transfer call }; allow hdmicecd { hal_tv_cec_default system_app platform_app }:binder { call transfer }; allow hdmicecd vendor_platform_prop:file { open read getattr }; - diff --git a/sepolicy/system_control.te b/sepolicy/system_control.te index 229d753..ce1348b 100755 --- a/sepolicy/system_control.te +++ b/sepolicy/system_control.te @@ -8,7 +8,8 @@ allow system_control vndservicemanager:binder { call transfer }; #allow system_control default_android_vndservice:service_manager { add }; allow system_control hwservicemanager:binder { call transfer }; -allow system_control { systemcontrol_hwservice hidl_base_hwservice }:hwservice_manager { add }; +allow system_control systemcontrol_hwservice:hwservice_manager { find add}; +allow system_control hidl_base_hwservice:hwservice_manager { add}; allow system_control sysfs:file rw_file_perms; allow system_control sysfs_devices_system_cpu:file rw_file_perms; @@ -38,8 +39,6 @@ allow system_control mnt_vendor_file:file { setattr getattr lock unlink }; # product_shipping_api_level=28 vendor/system cannot share prop #--------------------------------------------------------------------# get_prop(system_control, bcmdl_prop) -get_prop(system_control, safemode_prop) -get_prop(system_control, mmc_prop) get_prop(system_control, device_logging_prop) get_prop(system_control, vendor_platform_prop) set_prop(system_control, vendor_platform_prop) @@ -57,13 +56,7 @@ set_prop(system_control, netflix_prop) get_prop(system_control, netflix_prop) #get_prop(system_control, wifi_prop) -set_prop(system_control, boottime_prop) -get_prop(system_control, boottime_prop) -set_prop(system_control, overlay_prop) -get_prop(system_control, overlay_prop) -set_prop(system_control, net_dns_prop) -get_prop(system_control, net_dns_prop) set_prop(system_control, logpersistd_logging_prop) get_prop(system_control, logpersistd_logging_prop) set_prop(system_control, hwservicemanager_prop) @@ -72,14 +65,10 @@ set_prop(system_control, dumpstate_options_prop) #set_prop(system_control, bluetooth_prop) #get_prop(system_control, bluetooth_prop) -set_prop(system_control, persistent_properties_ready_prop) -get_prop(system_control, persistent_properties_ready_prop) - get_prop(system_control, system_boot_reason_prop) # ctl interface set_prop(system_control, ctl_default_prop) set_prop(system_control, ctl_dhcp_pan_prop) -set_prop(system_control, ctl_bugreport_prop) allow system_control sysfs_clock:file read; allow system_control sysfs_di:file read; diff --git a/sepolicy/untrusted_app_25.te b/sepolicy/untrusted_app_25.te index e93c87d..b2347d5 100644 --- a/sepolicy/untrusted_app_25.te +++ b/sepolicy/untrusted_app_25.te @@ -5,4 +5,4 @@ allow untrusted_app_25 debugfs_mali:dir search; allow untrusted_app_25 fuseblk:dir { search }; allow untrusted_app_25 fuseblk:file { read open getattr }; -allow untrusted_app_25 net_dns_prop:file { read }; +# allow untrusted_app_25 net_dns_prop:file { read }; diff --git a/sepolicy/vendor_init.te b/sepolicy/vendor_init.te index 7331756..08b0583 100644 --- a/sepolicy/vendor_init.te +++ b/sepolicy/vendor_init.te @@ -19,24 +19,21 @@ allow vendor_init self:capability sys_module; allow vendor_init proc:file write; allow vendor_init unlabeled:dir search; -allow vendor_init ffs_prop:property_service set; # optee allow vendor_init drm_device:chr_file setattr; # allow init mount a new filesystem and set its selinux contexts allow vendor_init unlabeled:dir { getattr read relabelfrom setattr }; -allow vendor_init proc_security:file rw_file_perms; - set_prop(vendor_init, vendor_platform_prop) -set_prop(vendor_init, shell_prop) +# set_prop(vendor_init, shell_prop) set_prop(vendor_init, vendor_app_prop) set_prop(vendor_init, media_prop) set_prop(vendor_init, audio_prop) set_prop(vendor_init, tv_prop) set_prop(vendor_init, netflix_prop) -set_prop(vendor_init, vold_prop) -set_prop(vendor_init, config_prop) +# set_prop(vendor_init, vold_prop) +# set_prop(vendor_init, config_prop) set_prop(vendor_init, oem_prop) set_prop(vendor_init, exported_default_prop) set_prop(vendor_init, system_prop) diff --git a/vndk/Android.mk b/vndk/Android.mk deleted file mode 100644 index 762a8a2..0000000 --- a/vndk/Android.mk +++ b/dev/null @@ -1,72 +0,0 @@ -# TODO(b/69526027): DEPRECATE USE OF THIS. -# USE BOARD_VNDK_VERSION:=current instead. - -LOCAL_PATH := $(call my-dir) - -# b/69526027: This VNDK-SP install routine must be removed. Instead, we must -# build vendor variants of the VNDK-SP modules. - -ifndef BOARD_VNDK_VERSION -# The libs with "vndk: {enabled: true, support_system_process: true}" will be -# added VNDK_SP_LIBRARIES automatically. And the core variants of the VNDK-SP -# libs will be copied to vndk-sp directory. -# However, some of those libs need FWK-ONLY libs, which must be listed here -# manually. -VNDK_SP_LIBRARIES := \ - libdexfile - -install_in_hw_dir := \ - android.hidl.memory@1.0-impl - -vndk_sp_dir := vndk-sp-$(PLATFORM_VNDK_VERSION) - -define define-vndk-sp-lib -include $$(CLEAR_VARS) -LOCAL_MODULE := $1.vndk-sp-gen -LOCAL_MODULE_CLASS := SHARED_LIBRARIES -LOCAL_PREBUILT_MODULE_FILE := $$(call intermediates-dir-for,SHARED_LIBRARIES,$1,,,,)/$1.so -LOCAL_STRIP_MODULE := false -LOCAL_MULTILIB := first -LOCAL_MODULE_TAGS := optional -LOCAL_INSTALLED_MODULE_STEM := $1.so -LOCAL_MODULE_SUFFIX := .so -LOCAL_MODULE_RELATIVE_PATH := $(vndk_sp_dir)$(if $(filter $1,$(install_in_hw_dir)),/hw) -include $$(BUILD_PREBUILT) - -ifneq ($$(TARGET_2ND_ARCH),) -ifneq ($$(TARGET_TRANSLATE_2ND_ARCH),true) -include $$(CLEAR_VARS) -LOCAL_MODULE := $1.vndk-sp-gen -LOCAL_MODULE_CLASS := SHARED_LIBRARIES -LOCAL_PREBUILT_MODULE_FILE := $$(call intermediates-dir-for,SHARED_LIBRARIES,$1,,,$$(TARGET_2ND_ARCH_VAR_PREFIX),)/$1.so -LOCAL_STRIP_MODULE := false -LOCAL_MULTILIB := 32 -LOCAL_MODULE_TAGS := optional -LOCAL_INSTALLED_MODULE_STEM := $1.so -LOCAL_MODULE_SUFFIX := .so -LOCAL_MODULE_RELATIVE_PATH := $(vndk_sp_dir)$(if $(filter $1,$(install_in_hw_dir)),/hw) -include $$(BUILD_PREBUILT) -endif # TARGET_TRANSLATE_2ND_ARCH is not true -endif # TARGET_2ND_ARCH is not empty -endef - -# Add VNDK-SP libs to the list if they are missing -$(foreach lib,$(VNDK_SAMEPROCESS_LIBRARIES),\ - $(if $(filter $(lib),$(VNDK_SP_LIBRARIES)),,\ - $(eval VNDK_SP_LIBRARIES += $(lib)))) - -# Remove libz from the VNDK-SP list (b/73296261) -VNDK_SP_LIBRARIES := $(filter-out libz,$(VNDK_SP_LIBRARIES)) - -$(foreach lib,$(VNDK_SP_LIBRARIES),\ - $(eval $(call define-vndk-sp-lib,$(lib)))) - -install_in_hw_dir := - -include $(CLEAR_VARS) -LOCAL_MODULE := vndk-sp -LOCAL_MODULE_OWNER := google -LOCAL_MODULE_TAGS := optional -LOCAL_REQUIRED_MODULES := $(addsuffix .vndk-sp-gen,$(VNDK_SP_LIBRARIES)) -include $(BUILD_PHONY_PACKAGE) -endif |