Merge "Remove protobuf vendorcompat from base_vendor.mk"
diff --git a/core/base_rules.mk b/core/base_rules.mk
index 7147f6d..3c973bb 100644
--- a/core/base_rules.mk
+++ b/core/base_rules.mk
@@ -716,6 +716,18 @@
endif
endif
+
+ifeq ($(use_testcase_folder),true)
+ifneq ($(my_test_data_file_pairs),)
+$(foreach pair, $(my_test_data_file_pairs), \
+ $(eval parts := $(subst :,$(space),$(pair))) \
+ $(eval src_path := $(word 1,$(parts))) \
+ $(eval file := $(word 2,$(parts))) \
+ $(foreach suite, $(LOCAL_COMPATIBILITY_SUITE), \
+ $(eval my_compat_dist_$(suite) += $(foreach dir, $(call compatibility_suite_dirs,$(suite),$(arch_dir)), \
+ $(call filter-copy-pair,$(src_path),$(call append-path,$(dir),$(file)),$(my_installed_test_data))))))
+endif
+else
ifneq ($(my_test_data_file_pairs),)
$(foreach pair, $(my_test_data_file_pairs), \
$(eval parts := $(subst :,$(space),$(pair))) \
@@ -725,6 +737,7 @@
$(eval my_compat_dist_$(suite) += $(foreach dir, $(call compatibility_suite_dirs,$(suite),$(arch_dir)), \
$(src_path):$(call append-path,$(dir),$(file))))))
endif
+endif
diff --git a/core/definitions.mk b/core/definitions.mk
index 381a2a7..a442bc0 100644
--- a/core/definitions.mk
+++ b/core/definitions.mk
@@ -2419,6 +2419,16 @@
$(if $(filter-out $(2), $(LOCAL_INSTALLED_MODULE)), $(1):$(2))
endef
+# Create copy pair for $(1) $(2)
+# If $(2) is substring of $(3) do nothing.
+# $(1): source path
+# $(2): destination path
+# $(3): filter-out target
+# The format of copy pair is src:dst
+define filter-copy-pair
+$(if $(findstring $(2), $(3)),,$(1):$(2))
+endef
+
# Copies many files.
# $(1): The files to copy. Each entry is a ':' separated src:dst pair
# $(2): An optional directory to prepend to the destination
diff --git a/core/main.mk b/core/main.mk
index 9eea513..ba04ece 100644
--- a/core/main.mk
+++ b/core/main.mk
@@ -44,11 +44,7 @@
.KATI_READONLY := BUILD_NUMBER_FILE
$(KATI_obsolete_var BUILD_NUMBER,See https://android.googlesource.com/platform/build/+/master/Changes.md#BUILD_NUMBER)
-ifeq ($(HOST_OS),darwin)
-DATE_FROM_FILE := date -r $(BUILD_DATETIME_FROM_FILE)
-else
DATE_FROM_FILE := date -d @$(BUILD_DATETIME_FROM_FILE)
-endif
.KATI_READONLY := DATE_FROM_FILE
# Pick a reasonable string to use to identify files.
@@ -1498,7 +1494,7 @@
# -------------------------------------------------------------------
.PHONY: checkbuild
-checkbuild: $(modules_to_check) droid_targets
+checkbuild: $(modules_to_check) droid_targets check-elf-files
ifeq (true,$(ANDROID_BUILD_EVERYTHING_BY_DEFAULT))
droid: checkbuild
diff --git a/core/version_defaults.mk b/core/version_defaults.mk
index 00c5ed0..30890c0 100644
--- a/core/version_defaults.mk
+++ b/core/version_defaults.mk
@@ -256,11 +256,7 @@
ifndef PLATFORM_SECURITY_PATCH_TIMESTAMP
# Used to indicate the matching timestamp for the security patch string in PLATFORM_SECURITY_PATCH.
- ifneq (,$(findstring Darwin,$(UNAME)))
- PLATFORM_SECURITY_PATCH_TIMESTAMP := $(shell date -jf '%Y-%m-%d %T %Z' '$(PLATFORM_SECURITY_PATCH) 00:00:00 GMT' +%s)
- else
- PLATFORM_SECURITY_PATCH_TIMESTAMP := $(shell date -d 'TZ="GMT" $(PLATFORM_SECURITY_PATCH)' +%s)
- endif
+ PLATFORM_SECURITY_PATCH_TIMESTAMP := $(shell date -d 'TZ="GMT" $(PLATFORM_SECURITY_PATCH)' +%s)
endif
.KATI_READONLY := PLATFORM_SECURITY_PATCH_TIMESTAMP
@@ -289,11 +285,7 @@
BUILD_DATETIME := $(shell date +%s)
endif
-ifneq (,$(findstring Darwin,$(UNAME)))
-DATE := date -r $(BUILD_DATETIME)
-else
DATE := date -d @$(BUILD_DATETIME)
-endif
.KATI_READONLY := DATE
# Everything should be using BUILD_DATETIME_FROM_FILE instead.
diff --git a/target/product/go_defaults_common.mk b/target/product/go_defaults_common.mk
index 7b9c783..d4655f1 100644
--- a/target/product/go_defaults_common.mk
+++ b/target/product/go_defaults_common.mk
@@ -39,6 +39,7 @@
# Do not spin up a separate process for the network stack on go devices, use an in-process APK.
PRODUCT_PACKAGES += InProcessNetworkStack
+PRODUCT_PACKAGES += CellBroadcastAppPlatform
# Strip the local variable table and the local variable type table to reduce
# the size of the system image. This has no bearing on stack traces, but will
diff --git a/target/product/handheld_product.mk b/target/product/handheld_product.mk
index 0d100b2..54dcaf2 100644
--- a/target/product/handheld_product.mk
+++ b/target/product/handheld_product.mk
@@ -27,7 +27,6 @@
Camera2 \
Contacts \
DeskClock \
- Email \
Gallery2 \
LatinIME \
Launcher3QuickStep \
diff --git a/target/product/security/Android.mk b/target/product/security/Android.mk
index a0b2d6d..3631cfd 100644
--- a/target/product/security/Android.mk
+++ b/target/product/security/Android.mk
@@ -1,7 +1,7 @@
LOCAL_PATH:= $(call my-dir)
#######################################
-# verity_key
+# verity_key (installed to /, i.e. part of system.img)
include $(CLEAR_VARS)
LOCAL_MODULE := verity_key
@@ -9,9 +9,29 @@
LOCAL_MODULE_CLASS := ETC
LOCAL_MODULE_PATH := $(TARGET_ROOT_OUT)
+# For devices using a separate ramdisk, we need a copy there to establish the chain of trust.
+ifneq ($(BOARD_BUILD_SYSTEM_ROOT_IMAGE),true)
+LOCAL_REQUIRED_MODULES := verity_key_ramdisk
+endif
+
include $(BUILD_PREBUILT)
#######################################
+# verity_key (installed to ramdisk)
+#
+# Enabling the target when using system-as-root would cause build failure, as TARGET_RAMDISK_OUT
+# points to the same location as TARGET_ROOT_OUT.
+ifneq ($(BOARD_BUILD_SYSTEM_ROOT_IMAGE),true)
+ include $(CLEAR_VARS)
+ LOCAL_MODULE := verity_key_ramdisk
+ LOCAL_MODULE_CLASS := ETC
+ LOCAL_SRC_FILES := verity_key
+ LOCAL_MODULE_STEM := verity_key
+ LOCAL_MODULE_PATH := $(TARGET_RAMDISK_OUT)
+ include $(BUILD_PREBUILT)
+endif
+
+#######################################
# adb key, if configured via PRODUCT_ADB_KEYS
ifdef PRODUCT_ADB_KEYS
ifneq ($(filter eng userdebug,$(TARGET_BUILD_VARIANT)),)
diff --git a/target/product/telephony_system.mk b/target/product/telephony_system.mk
index 584cf1e..4da9bdf 100644
--- a/target/product/telephony_system.mk
+++ b/target/product/telephony_system.mk
@@ -21,6 +21,6 @@
ONS \
CarrierDefaultApp \
CallLogBackup \
- CellBroadcastReceiver \
+ CellBroadcastAppPlatform \
PRODUCT_COPY_FILES := \
diff --git a/tools/extract_kernel.py b/tools/extract_kernel.py
index 42561cf..8ca11d1 100755
--- a/tools/extract_kernel.py
+++ b/tools/extract_kernel.py
@@ -100,19 +100,25 @@
return o
-def try_decompress(cmd, search_bytes, input_bytes):
- idx = input_bytes.find(search_bytes)
- if idx < 0:
- return None
-
- idx = 0
+def try_decompress_bytes(cmd, input_bytes):
sp = subprocess.Popen(cmd, stdin=subprocess.PIPE, stdout=subprocess.PIPE,
stderr=subprocess.PIPE)
- o, _ = sp.communicate(input=input_bytes[idx:])
+ o, _ = sp.communicate(input=input_bytes)
# ignore errors
return o
+def try_decompress(cmd, search_bytes, input_bytes):
+ idx = 0
+ while True:
+ idx = input_bytes.find(search_bytes, idx)
+ if idx < 0:
+ raise StopIteration()
+
+ yield try_decompress_bytes(cmd, input_bytes[idx:])
+ idx += 1
+
+
def decompress_dump(func, input_bytes):
"""
Run func(input_bytes) first; and if that fails (returns value evaluates to
@@ -122,15 +128,15 @@
if o:
return o
for cmd, search_bytes in COMPRESSION_ALGO:
- decompressed = try_decompress(cmd, search_bytes, input_bytes)
- if decompressed:
- o = func(decompressed)
- if o:
- return o
+ for decompressed in try_decompress(cmd, search_bytes, input_bytes):
+ if decompressed:
+ o = decompress_dump(func, decompressed)
+ if o:
+ return o
# Force decompress the whole file even if header doesn't match
- decompressed = try_decompress(cmd, b"", input_bytes)
+ decompressed = try_decompress_bytes(cmd, input_bytes)
if decompressed:
- o = func(decompressed)
+ o = decompress_dump(func, decompressed)
if o:
return o
diff --git a/tools/releasetools/ota_from_target_files.py b/tools/releasetools/ota_from_target_files.py
index 67cec1c..82ea539 100755
--- a/tools/releasetools/ota_from_target_files.py
+++ b/tools/releasetools/ota_from_target_files.py
@@ -250,6 +250,7 @@
TARGET_DIFFING_UNZIP_PATTERN = ['BOOT', 'RECOVERY', 'SYSTEM/*', 'VENDOR/*',
'PRODUCT/*', 'SYSTEM_EXT/*', 'ODM/*']
RETROFIT_DAP_UNZIP_PATTERN = ['OTA/super_*.img', AB_PARTITIONS]
+SECONDARY_IMAGES_SKIP_PARTITIONS = ['odm', 'product', 'system_ext', 'vendor']
class BuildInfo(object):
@@ -298,6 +299,9 @@
that it always uses the first dict to calculate the fingerprint or the
device name. The rest would be used for asserting OEM properties only
(e.g. one package can be installed on one of these devices).
+
+ Raises:
+ ValueError: On invalid inputs.
"""
self.info_dict = info_dict
self.oem_dicts = oem_dicts
@@ -312,6 +316,13 @@
self._device = self.GetOemProperty("ro.product.device")
self._fingerprint = self.CalculateFingerprint()
+ # Sanity check the build fingerprint.
+ if (' ' in self._fingerprint or
+ any(ord(ch) > 127 for ch in self._fingerprint)):
+ raise ValueError(
+ 'Invalid build fingerprint: "{}". See the requirement in Android CDD '
+ '3.2.2. Build Parameters.'.format(self._fingerprint))
+
@property
def is_ab(self):
return self._is_ab
@@ -1792,6 +1803,43 @@
Returns:
The filename of the target-files.zip for generating secondary payload.
"""
+
+ def GetInfoForSecondaryImages(info_file):
+ """Updates info file for secondary payload generation.
+
+ Scan each line in the info file, and remove the unwanted partitions from
+ the dynamic partition list in the related properties. e.g.
+ "super_google_dynamic_partitions_partition_list=system vendor product"
+ will become "super_google_dynamic_partitions_partition_list=system".
+
+ Args:
+ info_file: The input info file. e.g. misc_info.txt.
+
+ Returns:
+ A string of the updated info content.
+ """
+
+ output_list = []
+ with open(info_file) as f:
+ lines = f.read().splitlines()
+
+ # The suffix in partition_list variables that follows the name of the
+ # partition group.
+ LIST_SUFFIX = 'partition_list'
+ for line in lines:
+ if line.startswith('#') or '=' not in line:
+ output_list.append(line)
+ continue
+ key, value = line.strip().split('=', 1)
+ if key == 'dynamic_partition_list' or key.endswith(LIST_SUFFIX):
+ partitions = value.split()
+ partitions = [partition for partition in partitions if partition
+ not in SECONDARY_IMAGES_SKIP_PARTITIONS]
+ output_list.append('{}={}'.format(key, ' '.join(partitions)))
+ else:
+ output_list.append(line)
+ return '\n'.join(output_list)
+
target_file = common.MakeTempFile(prefix="targetfiles-", suffix=".zip")
target_zip = zipfile.ZipFile(target_file, 'w', allowZip64=True)
@@ -1808,12 +1856,32 @@
elif info.filename in ('IMAGES/system.img',
'IMAGES/system.map'):
pass
+ # Images like vendor and product are not needed in the secondary payload.
+ elif info.filename in ['IMAGES/{}.img'.format(partition) for partition in
+ SECONDARY_IMAGES_SKIP_PARTITIONS]:
+ pass
# Skip copying the postinstall config if requested.
elif skip_postinstall and info.filename == POSTINSTALL_CONFIG:
pass
- elif info.filename.startswith(('META/', 'IMAGES/', 'RADIO/')):
+ elif info.filename.startswith('META/'):
+ # Remove the unnecessary partitions for secondary images from the
+ # ab_partitions file.
+ if info.filename == AB_PARTITIONS:
+ with open(unzipped_file) as f:
+ partition_list = f.read().splitlines()
+ partition_list = [partition for partition in partition_list if partition
+ and partition not in SECONDARY_IMAGES_SKIP_PARTITIONS]
+ common.ZipWriteStr(target_zip, info.filename, '\n'.join(partition_list))
+ # Remove the unnecessary partitions from the dynamic partitions list.
+ elif (info.filename == 'META/misc_info.txt' or
+ info.filename == DYNAMIC_PARTITION_INFO):
+ modified_info = GetInfoForSecondaryImages(unzipped_file)
+ common.ZipWriteStr(target_zip, info.filename, modified_info)
+ else:
+ common.ZipWrite(target_zip, unzipped_file, arcname=info.filename)
+ elif info.filename.startswith(('IMAGES/', 'RADIO/')):
common.ZipWrite(target_zip, unzipped_file, arcname=info.filename)
common.ZipClose(target_zip)
diff --git a/tools/releasetools/sign_target_files_apks.py b/tools/releasetools/sign_target_files_apks.py
index 3119afa..1f41431 100755
--- a/tools/releasetools/sign_target_files_apks.py
+++ b/tools/releasetools/sign_target_files_apks.py
@@ -602,11 +602,16 @@
ReplaceVerityPrivateKey(misc_info, OPTIONS.replace_verity_private_key[1])
if OPTIONS.replace_verity_public_key:
- dest = "ROOT/verity_key" if system_root_image else "BOOT/RAMDISK/verity_key"
- # We are replacing the one in boot image only, since the one under
- # recovery won't ever be needed.
+ # Replace the one in root dir in system.img.
ReplaceVerityPublicKey(
- output_tf_zip, dest, OPTIONS.replace_verity_public_key[1])
+ output_tf_zip, 'ROOT/verity_key', OPTIONS.replace_verity_public_key[1])
+
+ if not system_root_image:
+ # Additionally replace the copy in ramdisk if not using system-as-root.
+ ReplaceVerityPublicKey(
+ output_tf_zip,
+ 'BOOT/RAMDISK/verity_key',
+ OPTIONS.replace_verity_public_key[1])
# Replace the keyid string in BOOT/cmdline.
if OPTIONS.replace_verity_keyid:
diff --git a/tools/releasetools/test_ota_from_target_files.py b/tools/releasetools/test_ota_from_target_files.py
index ee831e3..9b2fbb6 100644
--- a/tools/releasetools/test_ota_from_target_files.py
+++ b/tools/releasetools/test_ota_from_target_files.py
@@ -174,6 +174,14 @@
self.assertRaises(AssertionError, BuildInfo,
self.TEST_INFO_DICT_USES_OEM_PROPS, None)
+ def test_init_badFingerprint(self):
+ info_dict = copy.deepcopy(self.TEST_INFO_DICT)
+ info_dict['build.prop']['ro.build.fingerprint'] = 'bad fingerprint'
+ self.assertRaises(ValueError, BuildInfo, info_dict, None)
+
+ info_dict['build.prop']['ro.build.fingerprint'] = 'bad\x80fingerprint'
+ self.assertRaises(ValueError, BuildInfo, info_dict, None)
+
def test___getitem__(self):
target_info = BuildInfo(self.TEST_INFO_DICT, None)
self.assertEqual('value1', target_info['property1'])
@@ -588,11 +596,11 @@
with zipfile.ZipFile(target_file) as verify_zip:
namelist = verify_zip.namelist()
+ ab_partitions = verify_zip.read('META/ab_partitions.txt')
self.assertIn('META/ab_partitions.txt', namelist)
self.assertIn('IMAGES/boot.img', namelist)
self.assertIn('IMAGES/system.img', namelist)
- self.assertIn('IMAGES/vendor.img', namelist)
self.assertIn('RADIO/bootloader.img', namelist)
self.assertIn('RADIO/modem.img', namelist)
self.assertIn(POSTINSTALL_CONFIG, namelist)
@@ -600,6 +608,9 @@
self.assertNotIn('IMAGES/system_other.img', namelist)
self.assertNotIn('IMAGES/system.map', namelist)
+ expected_ab_partitions = ['boot', 'system', 'bootloader', 'modem']
+ self.assertEqual('\n'.join(expected_ab_partitions), ab_partitions)
+
@test_utils.SkipIfExternalToolsUnavailable()
def test_GetTargetFilesZipForSecondaryImages_skipPostinstall(self):
input_file = construct_target_files(secondary=True)
@@ -612,7 +623,6 @@
self.assertIn('META/ab_partitions.txt', namelist)
self.assertIn('IMAGES/boot.img', namelist)
self.assertIn('IMAGES/system.img', namelist)
- self.assertIn('IMAGES/vendor.img', namelist)
self.assertIn('RADIO/bootloader.img', namelist)
self.assertIn('RADIO/modem.img', namelist)
@@ -633,7 +643,6 @@
self.assertIn('META/ab_partitions.txt', namelist)
self.assertIn('IMAGES/boot.img', namelist)
self.assertIn('IMAGES/system.img', namelist)
- self.assertIn('IMAGES/vendor.img', namelist)
self.assertIn(POSTINSTALL_CONFIG, namelist)
self.assertNotIn('IMAGES/system_other.img', namelist)
@@ -642,6 +651,55 @@
self.assertNotIn('RADIO/modem.img', namelist)
@test_utils.SkipIfExternalToolsUnavailable()
+ def test_GetTargetFilesZipForSecondaryImages_dynamicPartitions(self):
+ input_file = construct_target_files(secondary=True)
+ misc_info = '\n'.join([
+ 'use_dynamic_partition_size=true',
+ 'use_dynamic_partitions=true',
+ 'dynamic_partition_list=system vendor product',
+ 'super_partition_groups=google_dynamic_partitions',
+ 'super_google_dynamic_partitions_group_size=4873781248',
+ 'super_google_dynamic_partitions_partition_list=system vendor product',
+ ])
+ dynamic_partitions_info = '\n'.join([
+ 'super_partition_groups=google_dynamic_partitions',
+ 'super_google_dynamic_partitions_group_size=4873781248',
+ 'super_google_dynamic_partitions_partition_list=system vendor product',
+ ])
+
+ with zipfile.ZipFile(input_file, 'a') as append_zip:
+ common.ZipWriteStr(append_zip, 'META/misc_info.txt', misc_info)
+ common.ZipWriteStr(append_zip, 'META/dynamic_partitions_info.txt',
+ dynamic_partitions_info)
+
+ target_file = GetTargetFilesZipForSecondaryImages(input_file)
+
+ with zipfile.ZipFile(target_file) as verify_zip:
+ namelist = verify_zip.namelist()
+ updated_misc_info = verify_zip.read('META/misc_info.txt')
+ updated_dynamic_partitions_info = verify_zip.read(
+ 'META/dynamic_partitions_info.txt')
+
+ self.assertIn('META/ab_partitions.txt', namelist)
+ self.assertIn('IMAGES/boot.img', namelist)
+ self.assertIn('IMAGES/system.img', namelist)
+ self.assertIn(POSTINSTALL_CONFIG, namelist)
+ self.assertIn('META/misc_info.txt', namelist)
+ self.assertIn('META/dynamic_partitions_info.txt', namelist)
+
+ self.assertNotIn('IMAGES/system_other.img', namelist)
+ self.assertNotIn('IMAGES/system.map', namelist)
+
+ # Check the vendor & product are removed from the partitions list.
+ expected_misc_info = misc_info.replace('system vendor product',
+ 'system')
+ expected_dynamic_partitions_info = dynamic_partitions_info.replace(
+ 'system vendor product', 'system')
+ self.assertEqual(expected_misc_info, updated_misc_info)
+ self.assertEqual(expected_dynamic_partitions_info,
+ updated_dynamic_partitions_info)
+
+ @test_utils.SkipIfExternalToolsUnavailable()
def test_GetTargetFilesZipWithoutPostinstallConfig(self):
input_file = construct_target_files()
target_file = GetTargetFilesZipWithoutPostinstallConfig(input_file)
diff --git a/tools/releasetools/test_validate_target_files.py b/tools/releasetools/test_validate_target_files.py
index 0f0d773..9c816eb 100644
--- a/tools/releasetools/test_validate_target_files.py
+++ b/tools/releasetools/test_validate_target_files.py
@@ -143,21 +143,52 @@
verity_image_builder.Build(output_file)
@test_utils.SkipIfExternalToolsUnavailable()
- def test_ValidateVerifiedBootImages_systemImage(self):
+ def test_ValidateVerifiedBootImages_systemRootImage(self):
input_tmp = common.MakeTempDir()
os.mkdir(os.path.join(input_tmp, 'IMAGES'))
system_image = os.path.join(input_tmp, 'IMAGES', 'system.img')
self._generate_system_image(system_image)
# Pack the verity key.
- verity_key_mincrypt = os.path.join(
- input_tmp, 'BOOT', 'RAMDISK', 'verity_key')
+ verity_key_mincrypt = os.path.join(input_tmp, 'ROOT', 'verity_key')
os.makedirs(os.path.dirname(verity_key_mincrypt))
shutil.copyfile(
os.path.join(self.testdata_dir, 'testkey_mincrypt'),
verity_key_mincrypt)
info_dict = {
+ 'system_root_image' : 'true',
+ 'verity' : 'true',
+ }
+ options = {
+ 'verity_key' : os.path.join(self.testdata_dir, 'testkey.x509.pem'),
+ 'verity_key_mincrypt' : verity_key_mincrypt,
+ }
+ ValidateVerifiedBootImages(input_tmp, info_dict, options)
+
+ @test_utils.SkipIfExternalToolsUnavailable()
+ def test_ValidateVerifiedBootImages_nonSystemRootImage(self):
+ input_tmp = common.MakeTempDir()
+ os.mkdir(os.path.join(input_tmp, 'IMAGES'))
+ system_image = os.path.join(input_tmp, 'IMAGES', 'system.img')
+ self._generate_system_image(system_image)
+
+ # Pack the verity key into the root dir in system.img.
+ verity_key_mincrypt = os.path.join(input_tmp, 'ROOT', 'verity_key')
+ os.makedirs(os.path.dirname(verity_key_mincrypt))
+ shutil.copyfile(
+ os.path.join(self.testdata_dir, 'testkey_mincrypt'),
+ verity_key_mincrypt)
+
+ # And a copy in ramdisk.
+ verity_key_ramdisk = os.path.join(
+ input_tmp, 'BOOT', 'RAMDISK', 'verity_key')
+ os.makedirs(os.path.dirname(verity_key_ramdisk))
+ shutil.copyfile(
+ os.path.join(self.testdata_dir, 'testkey_mincrypt'),
+ verity_key_ramdisk)
+
+ info_dict = {
'verity' : 'true',
}
options = {
@@ -167,6 +198,39 @@
ValidateVerifiedBootImages(input_tmp, info_dict, options)
@test_utils.SkipIfExternalToolsUnavailable()
+ def test_ValidateVerifiedBootImages_nonSystemRootImage_mismatchingKeys(self):
+ input_tmp = common.MakeTempDir()
+ os.mkdir(os.path.join(input_tmp, 'IMAGES'))
+ system_image = os.path.join(input_tmp, 'IMAGES', 'system.img')
+ self._generate_system_image(system_image)
+
+ # Pack the verity key into the root dir in system.img.
+ verity_key_mincrypt = os.path.join(input_tmp, 'ROOT', 'verity_key')
+ os.makedirs(os.path.dirname(verity_key_mincrypt))
+ shutil.copyfile(
+ os.path.join(self.testdata_dir, 'testkey_mincrypt'),
+ verity_key_mincrypt)
+
+ # And an invalid copy in ramdisk.
+ verity_key_ramdisk = os.path.join(
+ input_tmp, 'BOOT', 'RAMDISK', 'verity_key')
+ os.makedirs(os.path.dirname(verity_key_ramdisk))
+ shutil.copyfile(
+ os.path.join(self.testdata_dir, 'verity_mincrypt'),
+ verity_key_ramdisk)
+
+ info_dict = {
+ 'verity' : 'true',
+ }
+ options = {
+ 'verity_key' : os.path.join(self.testdata_dir, 'testkey.x509.pem'),
+ 'verity_key_mincrypt' : verity_key_mincrypt,
+ }
+ self.assertRaises(
+ AssertionError, ValidateVerifiedBootImages, input_tmp, info_dict,
+ options)
+
+ @test_utils.SkipIfExternalToolsUnavailable()
def test_ValidateFileConsistency_incompleteRange(self):
input_tmp = common.MakeTempDir()
os.mkdir(os.path.join(input_tmp, 'IMAGES'))
diff --git a/tools/releasetools/validate_target_files.py b/tools/releasetools/validate_target_files.py
index d189499..c299a48 100755
--- a/tools/releasetools/validate_target_files.py
+++ b/tools/releasetools/validate_target_files.py
@@ -276,15 +276,12 @@
# Verify verity signed system images in Verified Boot 1.0. Note that not using
# 'elif' here, since 'boot_signer' and 'verity' are not bundled in VB 1.0.
if info_dict.get('verity') == 'true':
- # First verify that the verity key that's built into the root image (as
- # /verity_key) matches the one given via command line, if any.
- if info_dict.get("system_root_image") == "true":
- verity_key_mincrypt = os.path.join(input_tmp, 'ROOT', 'verity_key')
- else:
- verity_key_mincrypt = os.path.join(
- input_tmp, 'BOOT', 'RAMDISK', 'verity_key')
+ # First verify that the verity key is built into the root image (regardless
+ # of system-as-root).
+ verity_key_mincrypt = os.path.join(input_tmp, 'ROOT', 'verity_key')
assert os.path.exists(verity_key_mincrypt), 'Missing verity_key'
+ # Verify /verity_key matches the one given via command line, if any.
if options['verity_key_mincrypt'] is None:
logging.warn(
'Skipped checking the content of /verity_key, as the key file not '
@@ -295,6 +292,18 @@
"Mismatching mincrypt verity key files"
logging.info('Verified the content of /verity_key')
+ # For devices with a separate ramdisk (i.e. non-system-as-root), there must
+ # be a copy in ramdisk.
+ if info_dict.get("system_root_image") != "true":
+ verity_key_ramdisk = os.path.join(
+ input_tmp, 'BOOT', 'RAMDISK', 'verity_key')
+ assert os.path.exists(verity_key_ramdisk), 'Missing verity_key in ramdisk'
+
+ assert filecmp.cmp(
+ verity_key_mincrypt, verity_key_ramdisk, shallow=False), \
+ 'Mismatching verity_key files in root and ramdisk'
+ logging.info('Verified the content of /verity_key in ramdisk')
+
# Then verify the verity signed system/vendor/product images, against the
# verity pubkey in mincrypt format.
for image in ('system.img', 'vendor.img', 'product.img'):