diff --git a/LICENSE b/LICENSE new file mode 100644 index 0000000..261eeb9 --- /dev/null +++ b/LICENSE @@ -0,0 +1,201 @@ + Apache License + Version 2.0, January 2004 + http://www.apache.org/licenses/ + + TERMS AND CONDITIONS FOR USE, REPRODUCTION, AND DISTRIBUTION + + 1. Definitions. + + "License" shall mean the terms and conditions for use, reproduction, + and distribution as defined by Sections 1 through 9 of this document. + + "Licensor" shall mean the copyright owner or entity authorized by + the copyright owner that is granting the License. + + "Legal Entity" shall mean the union of the acting entity and all + other entities that control, are controlled by, or are under common + control with that entity. For the purposes of this definition, + "control" means (i) the power, direct or indirect, to cause the + direction or management of such entity, whether by contract or + otherwise, or (ii) ownership of fifty percent (50%) or more of the + outstanding shares, or (iii) beneficial ownership of such entity. + + "You" (or "Your") shall mean an individual or Legal Entity + exercising permissions granted by this License. + + "Source" form shall mean the preferred form for making modifications, + including but not limited to software source code, documentation + source, and configuration files. + + "Object" form shall mean any form resulting from mechanical + transformation or translation of a Source form, including but + not limited to compiled object code, generated documentation, + and conversions to other media types. + + "Work" shall mean the work of authorship, whether in Source or + Object form, made available under the License, as indicated by a + copyright notice that is included in or attached to the work + (an example is provided in the Appendix below). + + "Derivative Works" shall mean any work, whether in Source or Object + form, that is based on (or derived from) the Work and for which the + editorial revisions, annotations, elaborations, or other modifications + represent, as a whole, an original work of authorship. For the purposes + of this License, Derivative Works shall not include works that remain + separable from, or merely link (or bind by name) to the interfaces of, + the Work and Derivative Works thereof. + + "Contribution" shall mean any work of authorship, including + the original version of the Work and any modifications or additions + to that Work or Derivative Works thereof, that is intentionally + submitted to Licensor for inclusion in the Work by the copyright owner + or by an individual or Legal Entity authorized to submit on behalf of + the copyright owner. For the purposes of this definition, "submitted" + means any form of electronic, verbal, or written communication sent + to the Licensor or its representatives, including but not limited to + communication on electronic mailing lists, source code control systems, + and issue tracking systems that are managed by, or on behalf of, the + Licensor for the purpose of discussing and improving the Work, but + excluding communication that is conspicuously marked or otherwise + designated in writing by the copyright owner as "Not a Contribution." + + "Contributor" shall mean Licensor and any individual or Legal Entity + on behalf of whom a Contribution has been received by Licensor and + subsequently incorporated within the Work. + + 2. Grant of Copyright License. Subject to the terms and conditions of + this License, each Contributor hereby grants to You a perpetual, + worldwide, non-exclusive, no-charge, royalty-free, irrevocable + copyright license to reproduce, prepare Derivative Works of, + publicly display, publicly perform, sublicense, and distribute the + Work and such Derivative Works in Source or Object form. + + 3. Grant of Patent License. Subject to the terms and conditions of + this License, each Contributor hereby grants to You a perpetual, + worldwide, non-exclusive, no-charge, royalty-free, irrevocable + (except as stated in this section) patent license to make, have made, + use, offer to sell, sell, import, and otherwise transfer the Work, + where such license applies only to those patent claims licensable + by such Contributor that are necessarily infringed by their + Contribution(s) alone or by combination of their Contribution(s) + with the Work to which such Contribution(s) was submitted. If You + institute patent litigation against any entity (including a + cross-claim or counterclaim in a lawsuit) alleging that the Work + or a Contribution incorporated within the Work constitutes direct + or contributory patent infringement, then any patent licenses + granted to You under this License for that Work shall terminate + as of the date such litigation is filed. + + 4. Redistribution. You may reproduce and distribute copies of the + Work or Derivative Works thereof in any medium, with or without + modifications, and in Source or Object form, provided that You + meet the following conditions: + + (a) You must give any other recipients of the Work or + Derivative Works a copy of this License; and + + (b) You must cause any modified files to carry prominent notices + stating that You changed the files; and + + (c) You must retain, in the Source form of any Derivative Works + that You distribute, all copyright, patent, trademark, and + attribution notices from the Source form of the Work, + excluding those notices that do not pertain to any part of + the Derivative Works; and + + (d) If the Work includes a "NOTICE" text file as part of its + distribution, then any Derivative Works that You distribute must + include a readable copy of the attribution notices contained + within such NOTICE file, excluding those notices that do not + pertain to any part of the Derivative Works, in at least one + of the following places: within a NOTICE text file distributed + as part of the Derivative Works; within the Source form or + documentation, if provided along with the Derivative Works; or, + within a display generated by the Derivative Works, if and + wherever such third-party notices normally appear. The contents + of the NOTICE file are for informational purposes only and + do not modify the License. You may add Your own attribution + notices within Derivative Works that You distribute, alongside + or as an addendum to the NOTICE text from the Work, provided + that such additional attribution notices cannot be construed + as modifying the License. + + You may add Your own copyright statement to Your modifications and + may provide additional or different license terms and conditions + for use, reproduction, or distribution of Your modifications, or + for any such Derivative Works as a whole, provided Your use, + reproduction, and distribution of the Work otherwise complies with + the conditions stated in this License. + + 5. Submission of Contributions. Unless You explicitly state otherwise, + any Contribution intentionally submitted for inclusion in the Work + by You to the Licensor shall be under the terms and conditions of + this License, without any additional terms or conditions. + Notwithstanding the above, nothing herein shall supersede or modify + the terms of any separate license agreement you may have executed + with Licensor regarding such Contributions. + + 6. Trademarks. This License does not grant permission to use the trade + names, trademarks, service marks, or product names of the Licensor, + except as required for reasonable and customary use in describing the + origin of the Work and reproducing the content of the NOTICE file. + + 7. Disclaimer of Warranty. Unless required by applicable law or + agreed to in writing, Licensor provides the Work (and each + Contributor provides its Contributions) on an "AS IS" BASIS, + WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or + implied, including, without limitation, any warranties or conditions + of TITLE, NON-INFRINGEMENT, MERCHANTABILITY, or FITNESS FOR A + PARTICULAR PURPOSE. You are solely responsible for determining the + appropriateness of using or redistributing the Work and assume any + risks associated with Your exercise of permissions under this License. + + 8. Limitation of Liability. In no event and under no legal theory, + whether in tort (including negligence), contract, or otherwise, + unless required by applicable law (such as deliberate and grossly + negligent acts) or agreed to in writing, shall any Contributor be + liable to You for damages, including any direct, indirect, special, + incidental, or consequential damages of any character arising as a + result of this License or out of the use or inability to use the + Work (including but not limited to damages for loss of goodwill, + work stoppage, computer failure or malfunction, or any and all + other commercial damages or losses), even if such Contributor + has been advised of the possibility of such damages. + + 9. Accepting Warranty or Additional Liability. While redistributing + the Work or Derivative Works thereof, You may choose to offer, + and charge a fee for, acceptance of support, warranty, indemnity, + or other liability obligations and/or rights consistent with this + License. However, in accepting such obligations, You may act only + on Your own behalf and on Your sole responsibility, not on behalf + of any other Contributor, and only if You agree to indemnify, + defend, and hold each Contributor harmless for any liability + incurred by, or claims asserted against, such Contributor by reason + of your accepting any such warranty or additional liability. + + END OF TERMS AND CONDITIONS + + APPENDIX: How to apply the Apache License to your work. + + To apply the Apache License to your work, attach the following + boilerplate notice, with the fields enclosed by brackets "[]" + replaced with your own identifying information. (Don't include + the brackets!) The text should be enclosed in the appropriate + comment syntax for the file format. We also recommend that a + file or class name and description of purpose be included on the + same "printed page" as the copyright notice for easier + identification within third-party archives. + + Copyright [yyyy] [name of copyright owner] + + Licensed under the Apache License, Version 2.0 (the "License"); + you may not use this file except in compliance with the License. + You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + + Unless required by applicable law or agreed to in writing, software + distributed under the License is distributed on an "AS IS" BASIS, + WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + See the License for the specific language governing permissions and + limitations under the License. diff --git a/core/abl_executable.mk b/core/abl_executable.mk new file mode 100755 index 0000000..c6fe2ed --- /dev/null +++ b/core/abl_executable.mk @@ -0,0 +1,54 @@ +ifeq ($(strip $(LOCAL_MODULE_CLASS)),) +LOCAL_MODULE_CLASS := ABL +endif + +ifeq ($(strip $(LOCAL_MODULE_SUFFIX)),) +LOCAL_MODULE_SUFFIX := .abl +endif + +ifeq ($(strip $(LOCAL_MODULE_PATH)),) +LOCAL_MODULE_PATH := $(PRODUCT_OUT)/abl +endif + +LOCAL_CC := $(IAFW_CC) +LOCAL_CLANG := true +LOCAL_SANITIZE := never +LOCAL_NO_DEFAULT_COMPILER_FLAGS := true +LOCAL_CFLAGS += $(TARGET_IAFW_GLOBAL_CFLAGS) +LOCAL_ASFLAGS += $(TARGET_IAFW_ASFLAGS) +LOCAL_LDFLAGS := $(TARGET_IAFW_GLOBAL_LDFLAGS) -static \ + -T $(TARGET_ABL_LDS) $(LOCAL_LDFLAGS) +# If kernel enforce superpages the .text section gets aligned at +# offset 0x200000 which break multiboot compliance. +LOCAL_LDFLAGS += -z max-page-size=0x1000 +LOCAL_ABL_LDFALGS := $(LOCAL_LDFLAGS) +LOCAL_OBJCOPY_FLAGS := $(TARGET_IAFW_GLOBAL_OBJCOPY_FLAGS) $(LOCAL_OBJCOPY_FLAGS) + +skip_build_from_source := +ifdef LOCAL_PREBUILT_MODULE_FILE +ifeq (,$(call if-build-from-source,$(LOCAL_MODULE),$(LOCAL_PATH))) +include $(BUILD_SYSTEM)/prebuilt_internal.mk +skip_build_from_source := true +endif +endif + +ifndef skip_build_from_source + +ifdef LOCAL_IS_HOST_MODULE +$(error This file should not be used to build host binaries. Included by (or near) $(lastword $(filter-out config/%,$(MAKEFILE_LIST)))) +endif + +WITHOUT_LIBCOMPILER_RT := true +include $(BUILD_SYSTEM)/binary.mk +WITHOUT_LIBCOMPILER_RT := + +LIBPAYLOAD_CRT0_LIB := $(call intermediates-dir-for,STATIC_LIBRARIES,$(LIBPAYLOAD_CRT0))/$(LIBPAYLOAD_CRT0).a +all_objects += $(LIBPAYLOAD_CRT0_LIB) + +$(LOCAL_BUILT_MODULE): PRIVATE_OBJCOPY_FLAGS := $(LOCAL_OBJCOPY_FLAGS) + +$(LOCAL_BUILT_MODULE): $(all_objects) $(all_libraries) $(ABLIMAGE) $(ABLSIGN) + $(call transform-o-to-sbl-executable,$(LOCAL_ABL_LDFALGS)) + +endif # skip_build_from_source + diff --git a/core/definitions.mk b/core/definitions.mk index 5a4a9f8..0a19e82 100755 --- a/core/definitions.mk +++ b/core/definitions.mk @@ -5,6 +5,7 @@ IAFW_BUILD_SYSTEM := $(INTEL_PATH_BUILD)/core BUILD_EFI_STATIC_LIBRARY := $(IAFW_BUILD_SYSTEM)/iafw_static_library.mk BUILD_IAFW_STATIC_LIBRARY := $(IAFW_BUILD_SYSTEM)/iafw_static_library.mk BUILD_EFI_EXECUTABLE := $(IAFW_BUILD_SYSTEM)/efi_executable.mk +BUILD_ABL_EXECUTABLE := $(IAFW_BUILD_SYSTEM)/abl_executable.mk # Override default definition CLEAR_VARS := $(IAFW_BUILD_SYSTEM)/clear_vars.mk @@ -14,6 +15,8 @@ FASTBOOT := $(HOST_OUT_EXECUTABLES)/fastboot GENERATE_VERITY_KEY := $(HOST_OUT_EXECUTABLES)/generate_verity_key$(HOST_EXECUTABLE_SUFFIX) OPENSSL := openssl SBSIGN := sbsign +ABLIMAGE := $(HOST_OUT_EXECUTABLES)/ias_image_app$(HOST_EXECUTABLE_SUFFIX) +ABLSIGN := $(HOST_OUT_EXECUTABLES)/ias_image_signer$(HOST_EXECUTABLE_SUFFIX) MKDOSFS := mkdosfs MKEXT2IMG := $(HOST_OUT_EXECUTABLES)/mkext2img DUMPEXT2IMG := $(HOST_OUT_EXECUTABLES)/dumpext2img @@ -22,12 +25,31 @@ SESL := sign-efi-sig-list$(HOST_EXECUTABLE_SUFFIX) CTESL := cert-to-efi-sig-list$(HOST_EXECUTABLE_SUFFIX) IASL := $(INTEL_PATH_BUILD)/acpi-tools/linux64/bin/iasl +# Generation +KF4ABL_SYMBOLS_ZIP := $(PRODUCT_OUT)/kf4abl_symbols.zip +FB4ABL_SYMBOLS_ZIP := $(PRODUCT_OUT)/fb4abl_symbols.zip + # Extra host tools we need built to use our *_from_target_files # or sign_target_files_* scripts INTEL_OTATOOLS := \ $(GENERATE_VERITY_KEY) \ $(AVBTOOL) +ifeq ($(KERNELFLINGER_SUPPORT_NON_EFI_BOOT),true) +# NON UEFI platform +INTEL_OTATOOLS += \ + $(ABLIMAGE) \ + $(ABLSIGN) \ + $(MKEXT2IMG) \ + $(DUMPEXT2IMG) \ + $(FASTBOOT) \ + $(IASL) +endif + +ifeq ($(BOARD_USE_ABL),true) +INTEL_OTATOOLS += abl_toolchain +endif + otatools: $(INTEL_OTATOOLS) # FIXME: may be unsafe to omit -no-sse @@ -73,6 +95,7 @@ GNU_EFI_CRT0 := crt0-efi-$(TARGET_IAFW_ARCH_NAME) LIBPAYLOAD_CRT0 := crt0-libpayload-$(TARGET_IAFW_ARCH_NAME) TARGET_EFI_LDS := $(IAFW_BUILD_SYSTEM)/elf_$(TARGET_IAFW_ARCH_NAME)_efi.lds +TARGET_ABL_LDS := $(IAFW_BUILD_SYSTEM)/elf_$(TARGET_IAFW_ARCH_NAME)_abl.lds TARGET_IAFW_GLOBAL_OBJCOPY_FLAGS := \ -j .text -j .sdata -j .data \ -j .dynamic -j .dynsym -j .rel \ @@ -125,6 +148,76 @@ $(hide) $(IAFW_OBJCOPY) $(PRIVATE_OBJCOPY_FLAGS) \ $(hide) $(SBSIGN) --key $1 --cert $2 --output $@ $(@:.efi=.efiunsigned) endef +define transform-o-to-abl-executable +@echo "target ABL Executable: $(PRIVATE_MODULE) ($@)" +$(hide) mkdir -p $(dir $@) +$(hide) $(IAFW_LD) $1 \ + --defsym=CONFIG_LP_BASE_ADDRESS=$(LIBPAYLOAD_BASE_ADDRESS) \ + --defsym=CONFIG_LP_HEAP_SIZE=$(LIBPAYLOAD_HEAP_SIZE) \ + --defsym=CONFIG_LP_STACK_SIZE=$(LIBPAYLOAD_STACK_SIZE) \ + --whole-archive $(call module-built-files,$(LIBPAYLOAD_CRT0)) --no-whole-archive \ + $(PRIVATE_ALL_OBJECTS) --start-group $(PRIVATE_ALL_STATIC_LIBRARIES) --end-group $(IAFW_LIBCLANG) \ + -Map $(@:.abl=.map) -o $(@:.abl=.sym.elf) +$(hide)$(IAFW_STRIP) --strip-all $(@:.abl=.sym.elf) -o $(@:.abl=.elf) + +$(hide) if [ -e $(TARGET_DEVICE_DIR)/ablvars/acpi_table ]; then \ + cp $(TARGET_DEVICE_DIR)/ablvars/acpi_table $(dir $@)/ -rf; \ + fi + +$(hide) wait + +$(hide) if [ -e $(dir $@)/acpi.tables ]; then \ + rm -rf $(dir $@)/acpi.tables; \ + fi +$(hide) find $(dir $@)/acpi_table -type f | while read file; do \ + detect_size=`od -j4 -N4 -An -t u4 $${file}`; \ + [ -z "$${detect_size}" ] && detect_size=0; \ + actual_size=`stat -c '%s' $${file}`; \ + if [ $${detect_size} -eq $${actual_size} ]; then \ + echo ACPI table length match: $${file}; \ + printf "Signature: %s, Length: $${actual_size}\n" `head -c 4 $${file}`; \ + cat $${file} >> $(dir $@)/acpi.tables; \ + fi; \ +done +$(hide) dd if=/dev/zero of=$(dir $@)/cmdline bs=512 count=1; +$(hide) if [ -s $(dir $@)/acpi.tables ];then \ + echo 8600b1ac | xxd -r -ps > $(dir $@)/acpi_tag; \ + $(ABLIMAGE) create -o $(@:.abl=.ablunsigned) -i 0x40300 $(dir $@)/cmdline $(@:.abl=.elf) $(dir $@)/acpi_tag $(dir $@)/acpi.tables; else \ + $(ABLIMAGE) create -o $(@:.abl=.ablunsigned) -i 0x40300 $(dir $@)/cmdline $(@:.abl=.elf); fi + $(ABLSIGN) $(@:.abl=.ablunsigned) \ + $(ABL_OS_KERNEL_KEY).pk8 \ + $(ABL_OS_KERNEL_KEY).x509.pem \ + $@ +$(hide) if [ "$(PRIVATE_MODULE:debug=)" = fb4abl-user ]; then \ + zip -juy $(FB4ABL_SYMBOLS_ZIP) $(@:.abl=.map) $(@:.abl=.sym.elf); \ + zip -juy $(FB4ABL_SYMBOLS_ZIP) $@; \ +elif [ "$(PRIVATE_MODULE:debug=)" = kf4abl-user ]; then \ + zip -juy $(KF4ABL_SYMBOLS_ZIP) $(@:.abl=.map) $(@:.abl=.sym.elf); \ +fi +endef + +define transform-o-to-sbl-executable +@echo "target SBL Executable: $(PRIVATE_MODULE) ($@)" +$(hide) mkdir -p $(dir $@) +$(hide) $(IAFW_LD) $1 \ + --defsym=CONFIG_LP_BASE_ADDRESS=$(LIBPAYLOAD_BASE_ADDRESS) \ + --defsym=CONFIG_LP_HEAP_SIZE=$(LIBPAYLOAD_HEAP_SIZE) \ + --defsym=CONFIG_LP_STACK_SIZE=$(LIBPAYLOAD_STACK_SIZE) \ + --whole-archive $(call module-built-files,$(LIBPAYLOAD_CRT0)) --no-whole-archive \ + $(PRIVATE_ALL_OBJECTS) --start-group $(PRIVATE_ALL_STATIC_LIBRARIES) --end-group $(IAFW_LIBCLANG) \ + -Map $(@:.abl=.map) -o $(@:.abl=.sym.elf) +$(hide)$(IAFW_STRIP) --strip-all $(@:.abl=.sym.elf) -o $(@:.abl=.elf) +$(hide) cp $(@:.abl=.elf) $@ + +$(hide) if [ "$(PRIVATE_MODULE:debug=)" = fb4abl-user ]; then \ + zip -juy $(FB4ABL_SYMBOLS_ZIP) $(@:.abl=.map) $(@:.abl=.sym.elf); \ + zip -juy $(FB4ABL_SYMBOLS_ZIP) $@; \ +elif [ "$(PRIVATE_MODULE:debug=)" = kf4abl-user ]; then \ + zip -juy $(KF4ABL_SYMBOLS_ZIP) $(@:.abl=.map) $(@:.abl=.sym.elf); \ +fi +endef + + # Hook up the prebuilts generation mechanism include $(INTEL_PATH_COMMON)/external/external.mk diff --git a/core/elf_ia32_abl.lds b/core/elf_ia32_abl.lds new file mode 100644 index 0000000..bcb2165 --- /dev/null +++ b/core/elf_ia32_abl.lds @@ -0,0 +1,87 @@ +/* + * This file is part of the libpayload project. + * + * Copyright (C) 2008 Advanced Micro Devices, Inc. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * 3. The name of the author may not be used to endorse or promote products + * derived from this software without specific prior written permission. + * + * THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + */ + +OUTPUT_FORMAT(elf32-i386) +OUTPUT_ARCH(i386) + +ENTRY(_entry) + +SECTIONS +{ + . = CONFIG_LP_BASE_ADDRESS; + + . = ALIGN(16); + _start = .; + + .text : { + *(.text._entry) + *(.text) + *(.text.*) + } + + .rodata : { + *(.rodata) + *(.rodata.*) + } + + .data : { + *(.data) + *(.data.*) + } + + _edata = .; + + .bss : { + *(.sbss) + *(.sbss.*) + *(.bss) + *(.bss.*) + *(COMMON) + + /* Stack and heap */ + + . = ALIGN(16); + _heap = .; + . += CONFIG_LP_HEAP_SIZE; + . = ALIGN(16); + _eheap = .; + + _estack = .; + . += CONFIG_LP_STACK_SIZE; + . = ALIGN(16); + _stack = .; + } + + _end = .; + + /DISCARD/ : { + *(.comment) + *(.note*) + } +} diff --git a/core/elf_x86_64_abl.lds b/core/elf_x86_64_abl.lds new file mode 100644 index 0000000..1eb9e25 --- /dev/null +++ b/core/elf_x86_64_abl.lds @@ -0,0 +1,87 @@ +/* + * This file is part of the libpayload project. + * + * Copyright (C) 2008 Advanced Micro Devices, Inc. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * 3. The name of the author may not be used to endorse or promote products + * derived from this software without specific prior written permission. + * + * THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + */ + +OUTPUT_FORMAT("elf64-x86-64", "elf64-x86-64", "elf64-x86-64") +OUTPUT_ARCH(i386:x86-64) + +ENTRY(_entry) + +SECTIONS +{ + . = CONFIG_LP_BASE_ADDRESS; + + . = ALIGN(16); + _start = .; + + .text : { + *(.text._entry) + *(.text) + *(.text.*) + } + + .rodata : { + *(.rodata) + *(.rodata.*) + } + + .data : { + *(.data) + *(.data.*) + } + + _edata = .; + + .bss : { + *(.sbss) + *(.sbss.*) + *(.bss) + *(.bss.*) + *(COMMON) + + /* Stack and heap */ + + . = ALIGN(16); + _heap = .; + . += CONFIG_LP_HEAP_SIZE; + . = ALIGN(16); + _eheap = .; + + _estack = .; + . += CONFIG_LP_STACK_SIZE; + . = ALIGN(32); + _stack = .; + } + + _end = .; + + /DISCARD/ : { + *(.comment) + *(.note*) + } +} diff --git a/fastboot-test-prepare b/fastboot-test-prepare new file mode 100755 index 0000000..17fd831 --- /dev/null +++ b/fastboot-test-prepare @@ -0,0 +1,83 @@ +#!/bin/bash + +# Bail on any errors +set -e + +if [ -z "$ANDROID_BUILD_TOP" ]; then + echo "Run lunch first!" + exit 1 +fi + +function usage { + echo "Usage:" + echo + echo " fastboot-test-prepare [-V ]" + echo " Generate a set of images from a target-files-package to use during testing" + echo + echo "Valid options:" + echo "-V : Device variant for IRDA builds" + echo "-M : MV configuration type for Sofia builds" +} + +if [[ -z "$1" ]]; then + usage + exit 1 +fi + +export tfp=$1 +shift $((OPTIND)) + +export IRDA_VARIANT= +export MV_CONFIG_TYPE= +while getopts "V:M:" opt; do + case $opt in + V) + export IRDA_VARIANT="--variant $OPTARG" + ;; + M) + export MV_CONFIG_TYPE="-M $OPTARG" + ;; + \?) + usage + exit 1 + ;; + esac +done + +pushd $ANDROID_BUILD_TOP &> /dev/null + +rm -rf fastboot +mkdir fastboot + +cp $tfp fastboot/tfp.zip + +make clean +make -j16 fastboot otatools + +./build/tools/releasetools/img_from_target_files --verbose fastboot/tfp.zip fastboot/update.zip +./device/intel/build/releasetools/flashfiles_from_target_files --verbose $IRDA_VARIANT $MV_CONFIG_TYPE fastboot/tfp.zip fastboot/flashfiles.zip +unzip fastboot/flashfiles.zip -d fastboot/ + +# if .fls files are found extract fastboot images out of them +for file in fastboot/*.fls +do + dirname=${file%.fls} + filename_signed=${dirname##*/} + filename=${filename_signed%_signed} + ./device/intel-imc/common/tools/FlsTool -o ${dirname} -x $file + cp ${dirname}/${filename}.*_LoadMap0.bin fastboot/${filename}.img + rm -rf ${dirname} $file +done + +simg2img fastboot/system.img fastboot/unsparse.img + +# if sofia bootloader image is found do not try to generate it +if [ ! -e fastboot/fwu_image.img ]; then + ./device/intel/build/releasetools/bootloader_from_target_files --bootable --verbose fastboot/tfp.zip fastboot/fastboot-usb.zip +fi + +cp device/intel/build/testkeys/oem.pk8 fastboot/oem.pk8 +cp device/intel/build/testkeys/oem.x509.pem fastboot/oem.x509.pem +openssl rsa -pubout -inform DER -outform DER -in device/intel/build/testkeys/production-test/verity.pk8 -out fastboot/verity.pub + +popd diff --git a/releasetools/bootimg_sig_struct.py b/releasetools/bootimg_sig_struct.py deleted file mode 100644 index 26530a2..0000000 --- a/releasetools/bootimg_sig_struct.py +++ /dev/null @@ -1,172 +0,0 @@ -import binascii - -from pyasn1.type import univ, namedtype, char -from pyasn1.codec.der import encoder as der_encoder -from pyasn1_modules import rfc2459 as x509 -from pyasn1_modules import rfc2437 as pkcs1 - -# ========================================================================== -# From Google verified boot design doc (pseudo ASN.1) -# ========================================================================== -# -# AndroidVerifiedBootSignature DEFINITIONS ::= -# BEGIN -# FormatVersion ::= INTEGER -# AlgorithmIdentifier ::= SEQUENCE { -# algorithm OBJECT IDENTIFIER, -# parameters ANY DEFINED BY algorithm OPTIONAL -# } -# AuthenticatedAttributes ::= SEQUENCE { -# target CHARACTER STRING, -# length INTEGER -# } -# Signature ::= OCTET STRING -# END -# -# AndroidVerifiedBootKeystore DEFINITIONS ::= -# BEGIN -# FormatVersion ::= INTEGER -# KeyBag ::= SEQUENCE { -# Key ::= SEQUENCE { -# AlgorithmIdentifier ::= SEQUENCE { -# algorithm OBJECT IDENTIFIER, -# parameters ANY DEFINED BY algorithm OPTIONAL -# } -# KeyMaterial ::= RSAPublicKey -# } -# } -# Signature ::= AndroidVerifiedBootSignature -# END -# -# ========================================================================== -# As Implemented and Confirmed Against L Source (valid ASN.1) -# ========================================================================== -# -# AndroidVerifiedBoot DEFINITIONS ::= BEGIN -# -- From PKCS #1/RFC3279 ASN.1 module -# RSAPublicKey ::= SEQUENCE { -# modulus INTEGER, -- n -# publicExponent INTEGER -- e -# } -# -# AlgorithmIdentifier ::= SEQUENCE { -# algorithm OBJECT IDENTIFIER, -# parameters ANY DEFINED BY algorithm OPTIONAL -# } -# -# AuthenticatedAttributes ::= SEQUENCE { -# target PrintableString, -- specific version of CHARACTER STRING accepted by a compiler -# length INTEGER -# } -# -# AndroidVerifiedBootSignature ::= SEQUENCE { -# formatVersion INTEGER, -# algorithmId AlgorithmIdentifier, -# attributes AuthenticatedAttributes, -# signature OCTET STRING -# } -# -# KeyBag ::= SEQUENCE OF KeyInfo -# -# KeyInfo ::= SEQUENCE { -# algorithm AlgorithmIdentifier, -# keyMaterial RSAPublicKey -# } -# -# InnerKeystore ::= SEQUENCE { -# formatVersion INTEGER, -# bag KeyBag -# } -# -# AndroidVerifiedBootKeystore ::= SEQUENCE { -# formatVersion INTEGER, -# bag KeyBag, -# signature AndroidVerifiedBootSignature -# } -# END - -sha1WithRSAEncryptionOID = univ.ObjectIdentifier((1, 2, 840, 113549, 1, 1, 5)) -sha256WithRSAEncryptionOID = univ.ObjectIdentifier((1, 2, 840, 113549, 1, 1, 11)) - - -class AuthenticatedAttributes(univ.Sequence): - componentType = namedtype.NamedTypes( - namedtype.NamedType('target', char.PrintableString()), - namedtype.NamedType('length', univ.Integer()) - ) - - -class AndroidVerifiedBootSignature(univ.Sequence): - componentType = namedtype.NamedTypes( - namedtype.NamedType('formatVersion', univ.Integer()), - namedtype.NamedType('algorithmId', x509.AlgorithmIdentifier()), - namedtype.NamedType('attributes', AuthenticatedAttributes()), - namedtype.NamedType('signature', univ.OctetString()) - ) - - -class KeyInfo(univ.Sequence): - componentType = namedtype.NamedTypes( - namedtype.NamedType('algorithm', x509.AlgorithmIdentifier()), - namedtype.NamedType('keyMaterial', pkcs1.RSAPublicKey()) - ) - -class KeyBag(univ.SequenceOf): - componentType = KeyInfo() - - -class InnerKeystore(univ.Sequence): - componentType = namedtype.NamedTypes( - namedtype.NamedType('formatVersion', univ.Integer()), - namedtype.NamedType('bag', KeyBag()), - ) - - -class AndroidVerifiedBootKeystore(univ.Sequence): - componentType = namedtype.NamedTypes( - namedtype.NamedType('formatVersion', univ.Integer()), - namedtype.NamedType('bag', KeyBag()), - namedtype.NamedType('signature', AndroidVerifiedBootSignature()) - ) - - -# if run as main, build a sample of each structure a smoke test -def main(): - attributes = AuthenticatedAttributes() - attributes.setComponentByName("target", "test") - attributes.setComponentByName("length", 1024) - data = der_encoder.encode(attributes) - print("attributes " + binascii.hexlify(data)) - - ident = x509.AlgorithmIdentifier() - ident.setComponentByName("algorithm", sha256WithRSAEncryptionOID) - data = der_encoder.encode(ident) - print("ident " + binascii.hexlify(data)) - - sig = AndroidVerifiedBootSignature() - sig.setComponentByName('formatVersion', 1) - sig.setComponentByName('algorithmId', ident) - sig.setComponentByName('attributes', attributes) - sig.setComponentByName('signature', univ.OctetString('abcdef0123456789')) - data = der_encoder.encode(sig) - print("sig " + binascii.hexlify(data)) - - material = pkcs1.RSAPublicKey() - material.setComponentByName('modulus', 'abc123') - material.setComponentByName('publicExponent', (1 << 16) + 1) - - keyinfo = KeyInfo() - keyinfo.setComponentByName('algorithm', ident) - keyinfo.setComponentByName('keyMaterial', material) - - bag = KeyBag() - bag.setComponentByPosition(0, keyinfo) - - keystore = AndroidVerifiedBootKeystore() - keystore.setComponentByName('formatVersion', 1) - keystore.setComponentByName('bag', bag) - keystore.setComponentByName('signature', sig) - - -if __name__ == "__main__": - main() diff --git a/releasetools/bootloader_from_target_files b/releasetools/bootloader_from_target_files deleted file mode 100755 index 50618f5..0000000 --- a/releasetools/bootloader_from_target_files +++ /dev/null @@ -1,98 +0,0 @@ -#!/usr/bin/env python -# -# Copyright (C) 2008 The Android Open Source Project -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -""" -Generates a VFAT EFI System partition image from a provided -target-files-package - - -V (--variant) IRDA device variant, if applicable -""" - -import sys -import os -import tempfile -import zipfile -import shutil - -if sys.hexversion < 0x02040000: - print >> sys.stderr, "Python 2.4 or newer is required." - sys.exit(1) - -# Android Release Tools -sys.path.append("build/tools/releasetools") -import common - -sys.path.append("device/intel/build/releasetools") -import intel_common - -OPTIONS = common.OPTIONS -OPTIONS.bootable = False -OPTIONS.variant = None - -def main(argv): - - def option_handler(o, a): - if o in ("-u", "--bootable"): - OPTIONS.bootable = True - elif o in ("-V", "--variant"): - OPTIONS.variant = a - else: - return False - return True - - args = common.ParseOptions(argv, __doc__, extra_opts="uV:", - extra_long_opts=["bootable", "variant="], - extra_option_handler=option_handler) - - if len(args) != 2: - common.Usage(__doc__) - sys.exit(1) - - print "unzipping target-files..." - OPTIONS.input_tmp = common.UnzipTemp(args[0]) - input_zip = zipfile.ZipFile(args[0], "r") - OPTIONS.info_dict = common.LoadInfoDict(input_zip) - - extras = [] - if OPTIONS.bootable: - tf = tempfile.NamedTemporaryFile() - tf.write("foo") - tf.flush() - data = intel_common.GetBootloaderImageFromTFP(OPTIONS.input_tmp, - extra_files=[(tf.name,"force_fastboot")], autosize=True, - variant=OPTIONS.variant) - tf.close() - else: - data = intel_common.GetBootloaderImageFromTFP(OPTIONS.input_tmp, - variant=OPTIONS.variant) - - f = open(args[1], "w") - f.write(data) - f.close() - - -if __name__ == '__main__': - try: - common.CloseInheritedPipes() - main(sys.argv[1:]) - except common.ExternalError, e: - print - print " ERROR: %s" % (e,) - print - sys.exit(1) - finally: - common.Cleanup() - diff --git a/releasetools/flash_cmd_generator.py b/releasetools/flash_cmd_generator.py deleted file mode 100755 index bd50b17..0000000 --- a/releasetools/flash_cmd_generator.py +++ /dev/null @@ -1,358 +0,0 @@ -#!/usr/bin/env python - -import sys -import json -import iniparser - -from sys import version_info - -# main Class to generate json file from ini configuration file -class FlashFileJson: - - def __init__(self, section, ip, variant): - self.ip = ip - self.flist = [] - self.flash = {'osplatform': 'android', - 'parameters': {}, 'configurations': {}, - 'commands': [], 'groups': {}} - self.gloption = {} - self.preconditions = {} - self.variant = variant - self.section = section - - def add_file(self, longname, filename, shortname): - if shortname in self.flash['parameters']: - return - fsection = 'file.' + filename - if fsection in self.ip.sections(): - new = {'type': 'file', - 'name': shortname, - 'options': {}} - - for option in self.ip.options(fsection): - value = self.ip.get(fsection, option) - new['options'][option] = {'description': value, - 'value': value} - self.flist.append(longname.rsplit(':')[0] + ':' + value) - else: - new = {'type': 'file', - 'name': shortname, - 'value': filename, - 'description': filename} - self.flist.append(longname) - self.flash['parameters'][shortname] = new - - def parse_variables(self, string, cmd_sec): - for index, a in enumerate(string): - if a.startswith('$'): - longname = self.ip.get(cmd_sec, a[1:]) - filename = longname.split(':')[-1] - shortname = filename.split('.')[0] - self.add_file(longname, filename, shortname) - string[index] = '${' + shortname + '}' - self.var_filter.append(a[1:]) - return string - - def group_default(self, group, c): - cfg_sec = 'configuration.' + c - if self.ip.has_option(cfg_sec, 'override-' + group): - return self.ip.get(cfg_sec, 'override-' + group) - if self.ip.has_option('group.' + group, 'default'): - return self.ip.get('group.' + group, 'default') - return False - - def add_group(self, group, c): - conf = self.flash['configurations'][c] - - if 'groupsState' not in conf: - conf['groupsState'] = {} - - conf['groupsState'][group] = self.group_default(group, c) - - def parse_global_cmd_option(self, opt): - tool = opt[:-len('-command-options')] - self.gloption[tool] = {} - for parameter in self.ip.get(self.section, opt).split(): - p, v = parameter.split('=') - self.gloption[tool][p] = self.ip.fix_type(v) - - def parse_precondition(self, precondition, tool): - prec = {} - section = 'precondition.' + precondition - to_copy = ['description', 'expression', 'skipOnFailure' ] - prec['section'] = self.ip.copy_option(section, to_copy) - if self.ip.has_option(section, 'exception'): - prec['exception'] = self.ip.get(section, 'exception') - cmd_name = 'command.' + precondition - if cmd_name in self.ip.seclist: - to_copy = ['tool', 'description', 'variable', 'mandatory', - 'group', 'defaultValue'] - cmd = self.ip.copy_option(cmd_name, to_copy) - cmd = self.add_global_cmd_option(cmd) - prec['cmd'] = cmd - if 'group' in cmd: - for config in self.ip.get(self.section, 'configurations').split(): - self.add_group(cmd['group'], config) - self.preconditions[tool] = prec - - def parse_global_cmd_precondition(self, opt): - tool = opt[:-len('-command-preconditions')] - for parameter in self.ip.get(self.section, opt).split(): - self.parse_precondition(parameter, tool) - - def parse_global_option(self): - for opt in self.ip.options(self.section): - if opt.endswith('-command-options'): - self.parse_global_cmd_option(opt) - elif opt.endswith('-command-preconditions'): - self.parse_global_cmd_precondition(opt) - else: - continue - - def add_global_cmd_option(self, cmd): - if cmd['tool'] in self.gloption: - cmd = dict(list(self.gloption[cmd['tool']].items()) + list(cmd.items())) - return cmd - - def add_global_cmd_precondition(self, cmd, cmd_set): - if cmd['tool'] in self.preconditions: - prec = self.preconditions[cmd['tool']] - if 'exception' in prec and cmd_set == prec['exception']: - return cmd - cmd['precondition'] = prec['section'] - - if 'cmd' in prec: - new = prec['cmd'].copy() - new['restrict'] = cmd['restrict'] - self.flash['commands'].append(new) - - return cmd - - def parse_cmd(self, cmd_set, configuration): - - for section, c in self.ip.sectionsfilter('command.' + cmd_set + '.'): - self.var_filter = [] - if self.ip.has_option(section, 'variant'): - self.var_filter = ['variant'] - if self.variant not in self.ip.get(section, 'variant').split(): - continue - new = {'restrict': [configuration]} - - for opt in self.ip.options(section): - val = self.ip.get(section, opt) - if not type(val) is str: - new[opt] = val - continue - val = self.parse_variables(val.split(), section) - new[opt] = ' '.join(val) - - for variable in self.var_filter: - del new[variable] - - if 'group' in new: - self.add_group(new['group'], configuration) - - new = self.add_global_cmd_precondition(new, cmd_set) - new = self.add_global_cmd_option(new) - self.flash['commands'].append(new) - - def add_parameter(self, section, parameter=None): - if self.ip.has_option(section, 'parameters'): - parameters = self.ip.get(section, 'parameters') - plist = [p.split(':') for p in parameters.split()] - pdict = {f: p for f, p in plist} - self.flash['configurations'][section.split('.')[1]]['parameters'] = pdict - else: - to_copy = ['name', 'type', 'description', 'filter', 'computedValue', 'value'] - new = self.ip.copy_option(section, to_copy) - if self.ip.has_option(section, 'tool'): - to_copy = ['description', 'tool'] - subcommand = self.ip.copy_option(section, to_copy) - if self.ip.has_option(section, 'arg'): - subcommand['args'] = self.ip.get(section, 'arg') - subcommand = self.add_global_cmd_option(subcommand) - new['subCommand'] = subcommand - self.flash['parameters'][parameter] = new - - def clean_config_parameters(self): - for config in self.flash['configurations']: - if 'parameters' in self.flash['configurations'][config]: - for param in list(self.flash['configurations'][config]['parameters'].keys()): - if param not in self.flash['parameters']: - del self.flash['configurations'][config]['parameters'][param] - - def parse(self): - for config in self.ip.get(self.section, 'configurations').split(): - section = 'configuration.' + config - to_copy = ['startState', 'brief', 'description', 'default'] - - self.flash['configurations'][config] = self.ip.copy_option(section, to_copy) - self.flash['configurations'][config]['name'] = config - - self.parse_global_option() - - version = self.ip.get(self.section, 'version') - self.flash['version'] = version - - for section, g in self.ip.sectionsfilter('group.'): - to_copy = ['name', 'description'] - self.flash['groups'][g] = self.ip.copy_option(section, to_copy) - - for section, p in self.ip.sectionsfilter('parameter.'): - self.add_parameter(section, p) - - for config in self.ip.get(self.section, 'configurations').split(): - section = 'configuration.' + config - to_copy = ['startState', 'brief', 'description', 'default'] - - for s in self.ip.get(section, 'sets').split(): - self.parse_cmd(s, config) - if self.ip.has_option('configuration.' + config, 'parameters'): - self.add_parameter('configuration.' + config) - - self.clean_config_parameters() - - def files(self): - return self.flist - - def finish(self): - return json.dumps({'flash': self.flash}, indent=4, sort_keys=True) - - def merge_jsons(self, j1, j2): - for key in set(j1.keys()) & set(j2.keys()): - if version_info < (3, 0, 1): - if type(j2[key]) == unicode: - j2[key] = j2[key].encode('utf-8') - else: - if type(j2[key]) == str: - j2[key] = j2[key].encode('utf-8') - if type(j1[key]) != type(j2[key]): - raise TypeError("Can't merge keys %s of different type (%s,%s)"%(key,type(j1[key]),type(j2[key]))) - if type(j1[key]) == list: - j1[key].extend(j2[key]) - continue - if type(j1[key]) == dict: - self.merge_jsons(j1[key], j2[key]) - continue - if j1[key] != j2[key]: - raise ValueError("key %s has different values (%s,%s)"%(key, j1[key], j2[key])) - - for key in set(j2.keys()) - set(j1.keys()): - j1[key] = j2[key] - - def merge(self, output): - j = json.loads(output)['flash'] - self.merge_jsons(self.flash, j) - return self.finish() - -# main Class to generate installer cmd file from ini configuration file -class FlashFileCmd: - def __init__(self, section, ip, variant): - self.ip = ip - self.section = section - self.variant = variant - self.cmd = "" - self.flist = [] - - def parse_cmd(self, section, c): - if self.ip.has_option(section, 'variant'): - if self.variant not in self.ip.get(section, 'variant').split(): - return - if not self.ip.has_option(section, 'tool'): - return - if self.ip.get(section, 'tool') != 'fastboot': - return - - args = self.ip.get(section, 'args').split() - - for index, a in enumerate(args): - if a.startswith('$'): - filename = self.ip.get(section, a[1:]) - filename_l = filename.split(":") - file_section = "file." + filename_l[-1] - if file_section in self.ip.sections(): - suffix = self.ip.get(self.section, "suffix") - filename_l[-1] = self.ip.get(file_section, suffix) - filename = ":".join(filename_l) - self.flist.append(filename) - filename = filename.split(':')[-1] - args[index] = filename - if self.ip.has_option(section, 'mandatory') and not self.ip.get(section, 'mandatory'): - self.cmd += '[o] ' - self.cmd += ' '.join(args) + '\n' - - def parse(self): - for s in self.ip.get(self.section, 'sets').split(): - for section, c in self.ip.sectionsfilter('command.' + s + '.'): - self.parse_cmd(section, c) - - def finish(self): - return self.cmd - - def files(self): - if self.ip.has_option(self.section, 'additional-files'): - self.flist.extend(self.ip.get(self.section, 'additional-files').split()) - - return self.flist - - -def parse_config(ips, variant, platform): - results = {} - files = [] - - for ip in ips: - if ip.has_option('global', 'additional-files'): - files += ip.get('global', 'additional-files').split() - - for section, filename in ip.sectionsfilter('output.'): - if ip.has_option(section, 'enable') and not ip.get(section, 'enable'): - continue - - if filename.endswith('.json'): - f = FlashFileJson(section, ip, variant) - elif filename.endswith('.cmd'): - f = FlashFileCmd(section, ip, variant) - else: - print("Warning, don't know how to generate", filename) - print("Please fix flashfiles.ini for this target") - continue - - f.parse() - if filename in results: - if filename.endswith('.json'): - results[filename] = f.merge(results[filename]) - else: - raise NotImplementedError("Don't know how to merge %s"%filename) - else: - results[filename] = f.finish() - files.extend(f.files()) - - results_list = [] - for k,v in results.items(): - results_list.append((k,v)) - flist = [f.rsplit(':', 1) for f in set(files)] - return results_list, flist - - -def main(): - if len(sys.argv) != 4: - print('Usage : ', sys.argv[0], 'pft.ini target variant') - print(' write json to stdout') - sys.exit(1) - - file = sys.argv[1] - target = sys.argv[2] - variant = sys.argv[3] - - with open(file, 'r') as f: - ip = iniparser.IniParser() - ip.parse(f) - - results, files = parse_config([ip], variant, target) - for fname, content in results: - print(fname) - print(content) - print(files) - -if __name__ == "__main__": - main() diff --git a/releasetools/flashfiles_from_target_files b/releasetools/flashfiles_from_target_files deleted file mode 100755 index 02de5ff..0000000 --- a/releasetools/flashfiles_from_target_files +++ /dev/null @@ -1,496 +0,0 @@ -#!/usr/bin/env python -# -# Copyright (C) 2008 The Android Open Source Project -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -""" -Usage: flashfiles_from_target_files [options] - - -U (--unified-variants) - Toggle ON mega (all variants) flash files from target file. - - -V (--variant) - Generate a single variant-specific flash files from target file. - - -f (--fast) - Generate a Fast flashfiles (take images directly from out/, and - use hardlink instead of doing a big zip) - - -M (--mv_config_default) - Specify the default mv configuration to flash - This option is mandatory for Sofia targets only - - -S (--add_image) - Add additional img into unzip tmp folder of flash target zip. -""" - -import sys -import os -import re -import tempfile -import zipfile -import shutil -import iniparser -import flash_cmd_generator -import flashxml -import flashflsxml -import json - -# Sources: -# fastboot - build a Fastboot boot image -# boot:xxxx - build an AOSP boot image xxxx (either "boot" or "recovery") -# provdatazip: Pull a named file out of RADIO/flashfiles.zip -# images - pull a named file out of tfp IMAGES/ -# bootloader - Build a bootloader image -# bootloaderzip - Pull a named file out of RADIO/bootloader.zip - -# Import Android Release Tools -sys.path.append("build/tools/releasetools") -import common - -sys.path.append("device/intel/build/releasetools") -import intel_common - -OPTIONS = common.OPTIONS -OPTIONS.variants = None -OPTIONS.unified_variants = False -OPTIONS.fast = False -OPTIONS.mv_config_default = None -OPTIONS.add_image = None - -flashfile_content = [] -variant_files = ["bootloader", "btsdata.ini", "firmware.bin", "oem.img", "cse_spi.bin", "firmware-info.txt", "cfgpart.xml", "ifwi.bin", "ifwi_debug.bin"] - -class VariantIpGenerator: - def __init__(self, ip, configs, variants, variant_files, flashfile): - # Original iniparser object - self.ip = ip - # List of variant IPs - self.variant_ips = [] - # List of variants - self.variants = variants - # List of variant-specific files - self.variant_files_common = variant_files - # List of output "sections" to cycle through - self.output_sections = [] - for c in configs: - self.output_sections.append('output.' + c[0]) - # Prefix path for variants flashfiles - self.flashfile = flashfile - # Only one configuration can be the default one, - # save it when parsing variants configurations - self.default_config = None - - self.variant_exclude_files = [] - self.variant_include_files = [] - - def __add_variant_flashfile(self, ip, variant): - variant_flashfile = self.flashfile + "_" + variant + ".ini" - print "Variant flashfile = %s"%variant_flashfile - # Sanity check to avoid future silent removal - eg = self.empty_groups(ip) - if eg: - raise AssertionError("Unexpected malformed section %s" % eg[0]) - - if os.path.isfile(variant_flashfile): - print "Reading INI configuration for %s ..."%variant - with open(variant_flashfile, "r") as f: - ip.parse(f) - self.variant_files = self.variant_files_common - # Remove variant 'additional-files' from list to avoid Phone Flash Tool issues - if ip.has_option('global', 'additional-files'): - exclude_files_variant = set(ip.get('global', 'additional-files').split()) - exclude_files_generic = set(self.ip.get('global', 'additional-files').split()) - self.variant_files = sorted(set(self.variant_files) - exclude_files_variant) - - exclude = set(exclude_files_generic) - set(exclude_files_variant) - include = set(exclude_files_variant) - set(exclude_files_generic) - for f in exclude: - _,name = f.split(":") - self.variant_exclude_files.append(variantFilename(name, variant)) - for f in include: - self.variant_include_files.append((variant, f)) - # Remove empty groups from list to avoid Phone Flash Tool issues. - # This may happen when a mixin (platform level) disables a feature, while - # local flashfile.ini (variant level) is kept and customizes this feature. - for s in self.empty_groups(ip): - print "Removing malformed section : ", s - ip.delete_section(s) - - def empty_groups(self, ip): - return [s for s, _ in ip.sectionsfilter("group.") if \ - not "name" in ip.options(s) or not "description" in ip.options(s)] - - def generate_variant_ip(self): - # Add variant files to ip - - for variant in self.variants: - new_ip = self.ip.copy() - self.variant_ips.append(new_ip) - self.__add_variant_flashfile(new_ip, variant) - self.__add_variant_files(new_ip, variant) - - # Cycle through output "sections" - for section,_ in new_ip.sectionsfilter("output."): - config_list = [] - if not new_ip.has_option(section, 'configurations'): - # For outputs without "configurations" like - # installer.cmd, we will have to generate one output - # file per variant. - self.variantize_output(variant, new_ip, section) - continue - # Add variant configs for each configuration "section" - for config in new_ip.get(section, 'configurations').split(): - config_list.append(self.variantize_config(variant, new_ip, config)) - # Modify output "section" to use new variant configs instead of original "generics" - new_ip.sec[section]['configurations'] = ' '.join(config_list) - - def __add_variant_files(self, ip, variant): - # add all files from provdata into the variant files as well - commands = [c for c,_ in ip.sectionsfilter('command.')] - all_files = set([]) - for command in commands: - for option in ip.options(command): - opt_arg = ip.get(command, option) - if type(opt_arg) != str: - continue - all_files |= set([ip.get(command, a[1:]) for a in opt_arg.split() if a.startswith('$')]) - - all_filenames = set(a.split(':')[-1] for a in all_files) - provdata_files = set(f[len('provdatazip:'):] for f in all_files - if f.startswith('provdatazip:')) - if ip.has_option('global', 'additional-files'): - provdata_files -= set(ip.get('global', 'additional-files').split()) - self.variant_files = sorted((provdata_files | set(self.variant_files)) & all_filenames) - - for item in self.variant_files: - ip.new_section('[file.{}]'.format(item)) - ip.append_option(variant, variantFilename(item, variant)) - - def variantize_output(self, variant, ip, output): - l = output.split(".") - l[len(l) - 2] += "_" + variant - new_output = '.'.join(l) - ip.rename_section(output, new_output) - ip.append_option("suffix", variant) - - def variantize_config(self, variant, ip, config): - section = 'configuration.' + config - if ip.has_option(section, "default") and ip.get(section, "default") == True: - if self.default_config == None: - self.default_config = config - else: - ip.sec[section]["default"] = False - new_config = config + "_" + variant - new_section = 'configuration.' + new_config - ip.rename_section(section, new_section) - for item in self.variant_files: - ip.append_option('parameters', '{}:{}'.format(os.path.splitext(item)[0], variant)) - return new_config - -def variantFilename(filename, variant): - base, suffix = os.path.splitext(filename) - return base + "_" + variant + suffix - -def getBuildProp(path, prop): - with open(os.path.join(path, "build.prop"), "r") as fp: - for line in fp.readlines(): - if line.startswith(prop): - return line.split("=")[1].strip() - raise Exception("property not found in build.prop: " + prop) - -def getFromZip(zip_path, filename): - with zipfile.ZipFile(zip_path, "r") as zf: - data = zf.open(filename).read() - info = zf.getinfo(filename) - return (common.File(filename, data), (info.external_attr >> 16L) & 0xFFFF) - -def getProvdataVariants(unpack_dir): - variants = [] - working_path = os.path.join(unpack_dir, "RADIO") - # Use regex analysis of provdata files to determine current variants - regex = re.compile('provdata_(?P\w+).zip') - for f in os.listdir(working_path): - m = regex.match(os.path.basename(f)) - if m and m.group('variant'): - variants.append(m.group('variant')) - return variants - -def getProvdataVariants_fast(product_out): - variants = [] - working_path = os.path.join(product_out, "obj", "PACKAGING", "flashfiles_intermediates") - # Use regex analysis of provdata files to determine current variants - regex = re.compile('provdata_(?P\w+).zip') - for f in os.listdir(working_path): - m = regex.match(os.path.basename(f)) - if m and m.group('variant'): - variants.append(m.group('variant')) - return variants - -def getIntermediates(product_out, component, subdir): - return os.path.join(product_out, "obj", "PACKAGING", - component + "_intermediates", subdir) - -def process_image(unpack_dir, dest_zip, source, target, configs, variant=None, target_out=None): - if target_out is None: - target_out = target - - # Determine if target is already inserted into zipfile - if target_out in flashfile_content: - return - else: - print "-- Adding", target_out - # Default is no special permissions - perms = None - # retrieve file from target file package based on source & target strings - if source == "fastboot": - ifile = intel_common.GetFastbootImage(unpack_dir) - elif source == "bootloader": - bdata = intel_common.GetBootloaderImageFromTFP(unpack_dir, variant=variant) - ifile = common.File(target, bdata) - elif source == "images": - ifile = common.File.FromLocalFile(target, os.path.join(unpack_dir, "IMAGES", target)) - elif source == "fls_images": - intel_common.build_fls(unpack_dir, target, variant=variant) - ifile = common.File.FromLocalFile(target, os.path.join(unpack_dir, "IMAGES", target)) - elif source == "provdatazip": - suffix = "_" + variant if variant else "" - (ifile, perms) = getFromZip(os.path.join(unpack_dir, "RADIO", "provdata%s.zip" % suffix), os.path.basename(target)) - elif source == "bootloaderzip": - (ifile, perms) = getFromZip(os.path.join(unpack_dir, "RADIO", "bootloader.zip"), target) - elif source.startswith("boot:"): - _, iname = source.split(":") - ifile = common.GetBootableImage(target, iname+".img", unpack_dir, iname.upper()) - elif source == "radio": - ifile = common.File.FromLocalFile(target, os.path.join(unpack_dir, "RADIO", target)) - else: - raise Exception("unknown source image type " + source) - - # Split flashed filename to severl parts according image size if size is larger than 4GiB - # Which is Vfat file limit if write the image to U disk. - # The change just impact the command in installer.cmd but not file itself, we need - # split >4G file in another script. - # Here we specify the splited filename should [filename].part00, [filename].part02,... - # Split sample: - # split --bytes=4G --numeric-suffixes [filename] [filename].part - if ifile.size >= (1 << 32): - image_part="" - count = int(ifile.size/(1 << 32)) + 1 - for i in range(count): - image_part+=target_out+".part0"+str(i)+" " - configs[1]=tuple([(x== configs[1][1] and configs[1][1].replace(target_out, image_part) or x )for x in configs[1]]) - - # Add file to zip, using target_out for naming. According to the - # documentation the File.AddToZip() interface is not suitable for - # file larger than 2GiB and common.ZipWrite() must be used - # instead. - if ifile.size >= (1 << 31): - tmpfile = ifile.WriteToTemp() - common.ZipWrite(dest_zip, tmpfile.name, target_out) - else: - ifile.name = target_out - common.ZipWriteStr(dest_zip, ifile.name, ifile.data, perms=perms) - flashfile_content.append(target_out) - -def process_image_fast(product_out, flashfiles_out, source, target, variant=None, target_out=None): - if target_out is None: - target_out = target - - if target_out in flashfile_content: - return - - print "-- Adding", target_out - outfile = os.path.join(flashfiles_out, target_out) - if not os.path.exists(os.path.dirname(outfile)): - os.mkdir(os.path.dirname(outfile)) - - if source == "bootloader": - bdir = getIntermediates(product_out, "bootloader_zip", "root") - intel_common.GetBootloaderImageFromOut(product_out, bdir, outfile) - elif source == "images" or source == "radio" or source.startswith("boot:") or source == "fastboot": - os.link(os.path.join(product_out, target), outfile) - elif source == "provdatazip": - suffix = "_" + variant if variant else "" - infile = os.path.join(getIntermediates(product_out, "flashfiles", "root%s" % suffix), os.path.basename(target)) - if not os.path.isfile(infile): - infile = os.path.join(getIntermediates(product_out, "flashfiles", "provdata%s" % suffix), os.path.basename(target)) - os.link(infile, outfile) - elif source == "bootloaderzip": - infile = os.path.join(getIntermediates(product_out, "bootloader_zip", "root"), target) - os.link(infile, outfile) - elif source == "fls_images": - intermediate = getIntermediates(product_out, "flashfiles", "provdata") - - intel_common.build_fls_out(product_out, intermediate, target, outfile, variant=OPTIONS.variants) - else: - raise Exception("unknown source image type " + source) - - flashfile_content.append(target_out) - -def main(argv): - def option_handler(o, a): - if o in ("-V", "--variant"): - OPTIONS.variants = [a] - elif o in ("-U", "--unified-variants"): - OPTIONS.unified_variants = True - elif o in ("-f", "--fast"): - OPTIONS.fast = True - elif o in ("-M", "--mv_config_default"): - OPTIONS.mv_config_default = a - elif o in ("-S", "--add_image"): - OPTIONS.add_image = a - - else: - return False - return True - - args = common.ParseOptions(argv, __doc__, - extra_opts = "V:UfM:", - extra_long_opts = ["variant=","unified-variants","fast","mv_config_default=", "add_image="], - extra_option_handler = option_handler) - if len(args) < 2 or (OPTIONS.variants and OPTIONS.unified_variants): - common.Usage(__doc__) - sys.exit(1) - - if OPTIONS.fast: - product_out = args[0] - if OPTIONS.unified_variants: - OPTIONS.variants = getProvdataVariants_fast(product_out) - - system = os.path.join(product_out, "system") - build_type = getBuildProp(system, "ro.build.type") - platform = getBuildProp(system, "ro.product.system.name") - - flashfile = getIntermediates(product_out, "flashfiles", "flashfiles") - else: - print "Unzipping target-files..." - unpack_dir = common.UnzipTemp(args[0]) - if OPTIONS.add_image: - input_super = os.path.join(unpack_dir, "IMAGES") - shutil.copy2(OPTIONS.add_image, input_super) - input_zip = zipfile.ZipFile(args[0], "r") - OPTIONS.info_dict = common.LoadInfoDict(input_zip) - if OPTIONS.unified_variants: - OPTIONS.variants = getProvdataVariants(unpack_dir) - - system = os.path.join(unpack_dir, "SYSTEM") - build_type = getBuildProp(system, "ro.build.type") - platform = getBuildProp(system, "ro.product.system.name") - - flashfile = os.path.join(unpack_dir, "RADIO", "flashfiles") - - # Retrieve "generic" PFT instructions from target file package - if os.path.isfile(flashfile + ".ini"): - print "Reading INI configuration..." - with open(flashfile + ".ini", "r") as f: - ip = iniparser.IniParser() - ip.parse(f) - configs, files = flash_cmd_generator.parse_config([ip], build_type, platform) - elif os.path.isfile(flashfile + ".json") and not OPTIONS.unified_variants: - print "Reading JSON configuration..." - with open(flashfile + ".json", "r") as f: - conf = json.loads(f.read()) - configs, files = flashxml.parse_config(conf, build_type, platform) - elif os.path.isfile(flashfile + "_fls.json") and not OPTIONS.unified_variants: - if not OPTIONS.mv_config_default: - common.Usage(__doc__) - sys.exit(1) - print "Reading JSON FLS configuration..." - with open(flashfile + "_fls.json", "r") as f: - conf = json.loads(f.read()) - configs, files = flashflsxml.parse_config(conf, build_type, platform, OPTIONS.mv_config_default, system) - else: - print "Exiting, Missing correct flashfile configuration for generating Flashfiles." - sys.exit(1) - - if OPTIONS.fast: - fastff_dir = args[1] - # If mega flashfile is enabled, create multi-variant version of PFT instructions - if OPTIONS.unified_variants or OPTIONS.variants : - print "Adding variant specific configurations to ip..." - vip = VariantIpGenerator(ip, configs, OPTIONS.variants, variant_files, flashfile) - vip.generate_variant_ip() - configs, cmd_files = flash_cmd_generator.parse_config(vip.variant_ips, build_type, platform) - cmd_files = set([i for _,i in cmd_files]) - - print "Adding required binaries..." - for src, target in files: - if OPTIONS.variants: - for variant in OPTIONS.variants: - target_out = None - if variantFilename(target, variant) in cmd_files or target in variant_files: - target_out = variantFilename(target, variant) - if variantFilename(target, variant) in vip.variant_exclude_files \ - or (target_out == None and target not in cmd_files): - continue - process_image_fast(product_out, fastff_dir, src, target, variant, target_out) - else: - process_image_fast(product_out, fastff_dir, src, target) - if OPTIONS.variants: - for variant, file in vip.variant_include_files: - src,target = file.split(":") - process_image_fast(product_out, fastff_dir, src, target, variant, variantFilename(target, variant)) - - print "Generating JSON flash configuration files..." - for fn, data in configs: - with open(os.path.join(fastff_dir,fn), 'w') as file: - file.write(data) - else: - with zipfile.ZipFile(args[1], "w", zipfile.ZIP_DEFLATED,allowZip64=True) as dest_zip: - # If mega flashfile is enabled, create multi-variant version of PFT instructions - if OPTIONS.unified_variants or OPTIONS.variants : - print "Adding variant specific configurations to ip..." - vip = VariantIpGenerator(ip, configs, OPTIONS.variants, variant_files, flashfile) - vip.generate_variant_ip() - configs, cmd_files = flash_cmd_generator.parse_config(vip.variant_ips, build_type, platform) - cmd_files = set([i for _,i in cmd_files]) - - # Using "generic" instructions as reference, grab required files & insert into flashfile zip - print "Adding required binaries..." - for src, target in files: - if OPTIONS.variants: - for variant in OPTIONS.variants: - target_out = None - if variantFilename(target, variant) in cmd_files or target in variant_files: - target_out = variantFilename(target, variant) - if variantFilename(target, variant) in vip.variant_exclude_files \ - or (target_out == None and target not in cmd_files): - continue - process_image(unpack_dir, dest_zip, src, target, configs, variant, target_out) - else: - process_image(unpack_dir, dest_zip, src, target, configs) - if OPTIONS.variants: - for variant, file in vip.variant_include_files: - src,target = file.split(":") - - process_image(unpack_dir, dest_zip, src, target, configs, variant, variantFilename(target, variant)) - - # Write flash_cmd_generator parsed PFT flashing instructions to file & insert into flashfile zip - print "Generating JSON flash configuration files..." - for fn, data in configs: - ifile = common.File(fn, data) - ifile.AddToZip(dest_zip) - print "All done." - -if __name__ == '__main__': - try: - common.CloseInheritedPipes() - main(sys.argv[1:]) - except common.ExternalError, e: - print - print " ERROR: %s" % (e,) - print - sys.exit(1) - finally: - common.Cleanup() diff --git a/releasetools/flashflsxml.py b/releasetools/flashflsxml.py deleted file mode 100755 index 32e3fb2..0000000 --- a/releasetools/flashflsxml.py +++ /dev/null @@ -1,174 +0,0 @@ -#!/usr/bin/env python - -import os -import json -import re - -# main Class to generate json file from json configuration file -class FlashFileJson: - - def __init__(self, config, mv_config_default): - self.flist = {} - self.flash = {'version': '2.1', - 'groups': {}, - 'osplatform': 'android', - 'parameters': {}, - 'configurations': {}, - 'commands': []} - self.prop = {} - self.mv_args = {} - self.mv_config_default = mv_config_default - self.extracts = {'psi': '.fls_ID0_PSI_LoadMap0.bin', - 'slb': '.fls_ID0_SLB_LoadMap0.bin', - 'hypervisor': '.fls_ID0_CODE_LoadMap0.bin', - 'vrl': '.fls_ID0_PSI_LoadMap0.bin'} - self.default_params = {"timeout":60000, "retry":2, "mandatory":True} - - def add_file(self, shortname, target, source, file_type): - filename = os.path.basename(target) - if filename in self.flist: - return - if "mvconfig_" in filename and re.split("mvconfig_|_signed|\.fls", filename)[1] != self.mv_config_default: - target = "mvconfigs/" + filename - if file_type == "file": - self.flist[target] = source - new = {'type': file_type, 'name': shortname, 'value': target, 'description': filename} - self.flash['parameters'][shortname] = new - - def add_configuration(self, config, default): - new = {config['config_name']: {}} - for key in config: - if key != 'config_name': - new[config['config_name']][key] = config[key] - new[config['config_name']]['default'] = default - self.flash['configurations'].update(new) - - - def add_command(self, tool, args, description, restrict, timeout_retry_mandatory): - (timeout, retry, mandatory) = timeout_retry_mandatory - new = {'tool': tool, - 'args': args, - 'description': description, - 'timeout': timeout, - 'retry': retry, - 'mandatory': mandatory, - 'restrict': [restrict]} - self.flash['commands'].append(new) - - def add_popup(self, ptype, description, restrict): - new = {'tool': 'popup', - 'type': ptype, - 'description': description, - 'restrict': [restrict]} - self.flash['commands'].append(new) - - def add_buildproperties(self, path): - - with open(os.path.join(path, 'build.prop'), 'r') as f: - for line in f.readlines(): - if not line.startswith("#") and line.count("=") == 1: - name, value = line.strip().split("=") - self.prop[name] = value - - def parse_command(self, commands): - - for cmd in commands: - if cmd['type'] in ['fls']: - fname = os.path.basename(cmd['target']) - shortname = fname.split('.')[0].lower() - self.add_file(shortname, cmd['target'], cmd['source'], 'file') - cmd['pftname'] = '${' + shortname + '}' - - if 'core' in cmd: - for s in cmd['core'].split(','): - self.mv_args[s + '_fls_config'] += cmd['pftname'] + ' ' - else: - for mv in self.mv_args: - self.mv_args[mv] += cmd['pftname'] + ' ' - - if 'fastboot' in cmd and cmd['fastboot'] == "yes": - extracted_suff = self.extracts.get(cmd['partition'], '.fls_ID0_CUST_LoadMap0.bin') - fname_temp = re.split("_signed|\.fls", fname)[0] + extracted_suff - shortname_temp = shortname + '_temp' - self.add_file(shortname_temp, fname_temp, cmd['source'], 'temporary_file') - - params = (cmd.get('timeout', self.default_params['timeout']), cmd.get('retry', self.default_params['retry']), cmd.get('mandatory', self.default_params['mandatory'])) - self.add_command('flsTool', ' -x ${' + shortname + '} --replace -o ${' + shortname_temp + '}', 'Extract image parts from ' + fname, 'fastboot_config', params) - self.add_command('fastboot', ' flash ' + cmd['partition'] + ' ${' + shortname_temp + '}/' + fname_temp, 'Flashing ' + cmd['partition'] + ' with fastboot', 'fastboot_config', params) - - if cmd['type'] == 'info': - fname = os.path.basename(cmd['target']) - shortname = fname.split('.')[0].lower() - self.add_file(shortname, cmd['target'], cmd['source'], 'file') - continue - - tools = 'flsDownloader' - for config_name in self.flash['configurations']: - c = self.flash['configurations'][config_name] - if config_name == "fastboot_config": - self.add_command('fastboot', ' flashing lock', 'lock the device', config_name, (self.default_params['timeout'], self.default_params['retry'], self.default_params['mandatory'])) - self.add_command('fastboot', ' continue ', 'fastboot continue', config_name, (self.default_params['timeout'], self.default_params['retry'], self.default_params['mandatory'])) - continue - mv_desc = "Flashing " + c['name'] + " image" - params = (c.get('timeout'), c.get('retry', self.default_params['retry']), c.get('mandatory', self.default_params['mandatory'])) - if 'erase' in config_name: - self.mv_args[config_name] = '--erase-mode=1 ' + self.mv_args[config_name] - self.add_popup('warn', "This configuration will erase *all* your NVM, including calibration data. Unplug now your board to abort", config_name) - self.add_command(tools, self.mv_args[config_name], mv_desc, config_name, params) - - - def parse_configuration(self, configurations): - for config in configurations: - default = False - if config['config_name'] == "fastboot_config": - self.add_command('fastboot', ' flashing unlock', 'unlock the device', config['config_name'], (self.default_params['timeout'], self.default_params['retry'], self.default_params['mandatory'])) - else: - self.mv_args[config['config_name']] = "" - if config['config_name'].split("_fls_config")[0] == self.mv_config_default: - default = True - - self.add_configuration(config, default) - - def files(self): - return self.flist - - def finish(self): - return json.dumps({'flash': self.flash, 'build_info': self.prop}, indent=4, sort_keys=True) - - -def parse_config(conf, variant, platform, mv_config_default, prop_path): - - results = [] - files = [] - - for c in conf['config']: - if c['filename'][-5:] == '.json': - f = FlashFileJson(c, mv_config_default) - elif c['filename'][-4:] == '.xml': - print("warning: xml format not supported. Skipping.") - continue - elif c['filename'][-4:] == '.cmd': - print("warning: cmd format not supported. Skipping.") - continue - elif c['filename'][-3:] == '.sh': - print("warning: sh format not supported. Skipping.") - continue - else: - print("warning: unknown format. Skipping.") - continue - - commands = conf['commands'] - commands = [cmd for cmd in commands if not 'restrict' in cmd or c['name'] in cmd['restrict']] - - f.add_buildproperties(prop_path) - if c['filename'][-5:] == '.json': - configurations = conf['configurations'] - f.parse_configuration(configurations) - - f.parse_command(commands) - - results.append((c['filename'], f.finish())) - files = [[src, file] for file, src in list(f.files().items())] - - return results, files - diff --git a/releasetools/flashxml.py b/releasetools/flashxml.py deleted file mode 100755 index 2054fc4..0000000 --- a/releasetools/flashxml.py +++ /dev/null @@ -1,242 +0,0 @@ -#!/usr/bin/env python - -import os -import json -import copy -from optparse import OptionParser -import xml.etree.ElementTree as etree -from xml.dom import minidom -import tempfile -import io - -# main Class to generate xml file from json configuration file -class FlashFileXml: - - def __init__(self, config, platform): - self.flist = [] - flashtype = config['flashtype'] - self.xml = etree.Element('flashfile') - self.xml.set('version', '1.0') - self.add_sub(self.xml, 'id', flashtype) - self.add_sub(self.xml, 'platform', platform) - - def add_sub(self, parent, name, text): - sub = etree.SubElement(parent, name) - sub.text = text - - def add_file(self, filetype, filename, version): - if filename in self.flist: - return - cg = etree.SubElement(self.xml, 'code_group') - cg.set('name', filetype) - fl = etree.SubElement(cg, 'file') - fl.set('TYPE', filetype) - self.add_sub(fl, 'name', filename) - self.add_sub(fl, 'version', version) - - self.flist.append(filename) - - def add_command(self, command, description, timeout_retry_mandatory): - (timeout, retry, mandatory) = timeout_retry_mandatory - mandatory = {True: "1", False: "0"}[mandatory] - cmd = etree.SubElement(self.xml, 'command') - self.add_sub(cmd, 'string', command) - self.add_sub(cmd, 'timeout', str(timeout)) - self.add_sub(cmd, 'retry', str(retry)) - self.add_sub(cmd, 'description', description) - self.add_sub(cmd, 'mandatory', mandatory) - - def parse_command(self, commands): - for cmd in commands: - if 'target' in cmd and 'format' not in cmd['args']: - fname = cmd['target'] - shortname = fname.split('.')[0] - self.add_file(shortname, fname, 'unspecified') - cmd['pftname'] = '$' + shortname.lower() + '_file' - - for cmd in commands: - params = (cmd.get('timeout', 60000), cmd.get('retry', 2), cmd.get('mandatory', True)) - if cmd['type'] == 'fastboot': - desc = cmd.get('desc', cmd['args']) - command = 'fastboot ' + cmd['args'] - if 'pftname' in cmd: - command += ' ' + cmd['pftname'] - elif cmd['type'] == 'waitForDevice' or cmd['type'] == 'sleep': - desc = cmd.get('desc', 'Sleep for ' + str(params[0] / 1000) + ' seconds') - command = 'sleep' - else: - continue - self.add_command(command, desc, params) - - def finish(self): - tree = etree.ElementTree(self.xml) - tf = io.StringIO() - tree.write(tf, xml_declaration=True, encoding="utf-8") - data = tf.getvalue() - tf.close() - pretty = minidom.parseString(data) - return pretty.toprettyxml(encoding="utf-8") - -# main Class to generate json file from json configuration file -class FlashFileJson: - - def __init__(self, config): - self.flist = {} - - self.configurations = config - out_cfg = copy.deepcopy(config) - for cfg_name, cfg in list(out_cfg.items()): - cfg.pop('commands') - if 'subgroup' in cfg: - cfg.pop('subgroup') - cfg['name'] = cfg_name - - self.flash = {'version': '2.0', 'osplatform': 'android', - 'parameters': {}, 'configurations': out_cfg, 'commands': []} - - def add_file(self, shortname, filename, source): - if filename in self.flist: - return - self.flist[filename] = source - new = {'type': 'file', 'name': shortname, 'value': filename, 'description': filename} - self.flash['parameters'][shortname] = new - - def add_command(self, new, cmd): - - new['restrict'] = [] - for cfg_name, cfg in list(self.configurations.items()): - if cfg['commands'] != self.cmd_grp: - continue - if not filter_command(cmd, None, None, cfg.get('subgroup', 'default')): - continue - new['restrict'].append(cfg_name) - if len(new['restrict']): - self.flash['commands'].append(new) - - def parse_command(self, commands, options, variant, platform): - for cmd in commands: - if not filter_command(cmd, variant, platform, None): - continue - if 'target' in cmd: - if not isinstance(cmd['target'], list): - cmd['target'] = [cmd['target']] - if 'format' not in cmd['args']: - cmd['pftname'] = [] - for f in cmd['target']: - shortname = f.split('.')[0].lower() - self.add_file(shortname, f, cmd['source']) - cmd['pftname'].append('${' + shortname + '}') - - for cmd in commands: - new = {} - new['timeout'] = cmd.get('timeout', 60000) - new['retry'] = cmd.get('retry', 2) - new['mandatory'] = cmd.get('mandatory', True) - if 'group' in cmd: - new['group'] = cmd['group'] - - if not filter_command(cmd, variant, platform, None): - continue - - if cmd['type'] in ('fastboot', 'dldr'): - new['description'] = cmd.get('desc', cmd['args']) - new['tool'] = cmd['type'] - if options and 'fastboot' in options: - for opt in options['fastboot']: - new[opt] = options['fastboot'][opt] - new['args'] = cmd['args'] - if 'pftname' in cmd: - if '$' in new['args']: - for i, f in enumerate(cmd['pftname']): - new['args'] = new['args'].replace('$' + str(i + 1), f) - else: - new['args'] += ' ' + cmd['pftname'][0] - elif cmd['type'] == 'waitForDevice': - new['state'] = cmd.get('state','pos') - new['description'] = cmd.get('desc', 'Wait for device to enumerate in ' + new['state']) - new['tool'] = 'waitForDevice' - elif cmd['type'] == 'sleep': - new['description'] = cmd.get('desc', 'Wait for ' + str(new['timeout']/1000) + ' seconds') - new['tool'] = 'sleep' - new['duration'] = new['timeout'] - else: - continue - self.add_command(new, cmd) - - def parse_command_grp(self, cmd_groups, options, variant, platform): - for grp in cmd_groups: - self.cmd_grp = grp - self.parse_command(cmd_groups[grp], options, variant, platform) - - def add_groups(self, groups): - self.flash['groups'] = groups - - def files(self): - return self.flist - - def finish(self): - return json.dumps({'flash': self.flash}, indent=4, sort_keys=True) - -# main Class to generate installer cmd file from json configuration file -class FlashFileCmd: - def __init__(self, config): - self.cmd = "" - - def parse_command(self, commands): - for cmd in commands: - if cmd['type'] == 'fastboot': - self.cmd += cmd['args'] - if 'target' in cmd and 'format' not in cmd['args']: - self.cmd += " " + cmd['target'][0] - self.cmd += "\n" - - def finish(self): - return self.cmd - - -def filter_command(cmd, variant, platform, subgroup): - # You can filter-out items by prefixing with !. So cmd["!platform"] matches all platforms - # except those in the list - for k, v in [('variant', variant), ('restrict', subgroup), ('platform', platform)]: - nk = "!" + k - - if not v: - continue - if k in cmd and v not in cmd[k]: - return False - if nk in cmd and v in cmd[nk]: - return False - return True - - -def parse_config(conf, variant, platform): - results = [] - files = [] - - for c in conf['config']: - print("Generating", c['filename']) - - # Special case for json, because it can have multiple configurations - if c['filename'][-5:] == '.json': - f = FlashFileJson(conf['configurations']) - options = conf.get('options', "") - f.parse_command_grp(conf['commands'], options, variant, platform) - if 'groups' in conf: - f.add_groups(conf['groups']) - results.append((c['filename'], f.finish())) - files = [[src, file] for file, src in list(f.files().items())] - continue - - if c['filename'][-4:] == '.xml': - f = FlashFileXml(c, platform) - elif c['filename'][-4:] == '.cmd': - f = FlashFileCmd(c) - - commands = conf['commands'][c['commands']] - commands = [cmd for cmd in commands if - filter_command(cmd, variant, platform, c['subgroup'])] - - f.parse_command(commands) - results.append((c['filename'], f.finish())) - return results, files - diff --git a/releasetools/generate_otas b/releasetools/generate_otas deleted file mode 100755 index 8a035d9..0000000 --- a/releasetools/generate_otas +++ /dev/null @@ -1,303 +0,0 @@ -#!/usr/bin/env python - -""" -This script generates ota files for current target (lunch must have been called before) -It takes care of generating an ota file for each derivative platform if needed. -By default, full OTA package is generated with TFP_DST. -Incremental OTA can be generated too using the options. - -Usage: generate_otas [options] TFP_DST - -Options: - -h, --help - Display this help - - -v, --verbose - Show command lines being executed - - -F, --file_based - Build a file based OTA (default is block based) - - -V VARIANT, --variant=VARIANT - Build OTA only for VARIANT (relevant only if lunch target uses variants) - - -k KEY, --package_key=KEY - Use KEY to sign the output OTA package - Defaults to AOSP testkey - - -o DIR, --output_dir=DIR - Store ota files and metadata file into DIR. Default to current directory - - -s TFP, --tfp_source=TFP - Generate incremental OTA from TFP to target_files_package instead of full OTA - - -a, --all - Generate full OTA and incremental OTA (-s is then mandatory) - - -f FILE, --output_file FILE - This option is valid if only one file is generated - In this case, the generated file will be FILE and -o is ignored -""" - -import sys -import os -import zipfile -import getopt -import subprocess -import re -import threading -import json -import signal - -class GLOBAL : - def __init__(self): - return - -gbl = GLOBAL() -gbl.output_dir = os.getcwd() -gbl.tfp_source = None -gbl.tfp_destination = None -gbl.processes = [] -gbl.ota_list = [] -gbl.variants = None -gbl.target_product = None -gbl.ota_args = ["--block"] -gbl.android_top = None -gbl.package_key = None -gbl.generate_all = False -gbl.output_file = None - -def check_tfp(tfp): - zip = zipfile.ZipFile(tfp) - product_line = "ro.product.system.name=%s\n" % gbl.target_product - if not product_line in zip.open("SYSTEM/build.prop").readlines(): - raise Exception("package %s is not for product %s" % (tfp, gbl.target_product)) - -def finish_all(signal, frame): - for p in gbl.processes: - p.terminate() - -def generate_variants(lock, type, ota_generic): - processes = [] - ota_list = [] - - for var in gbl.variants: - ota_file = "%s-ota-%s-%s.zip" % (gbl.target_product, type, var) - cmd = [os.path.join(gbl.android_top, "device/intel/build/releasetools/ota_deployment_fixup")] - cmd.extend(["--variant", var]) - - if type == "incremental": - cmd.extend(["--source_target_files", gbl.tfp_source]) - if gbl.package_key: - cmd.extend(gbl.package_key) - - cmd.extend(["--target_files", gbl.tfp_destination]) - cmd.append(os.path.join(gbl.output_dir, ota_generic)) - cmd.append(os.path.join(gbl.output_dir, ota_file)) - if "" in cmd: - cmd.remove("") - - p = subprocess.Popen(cmd) - processes.append((p, var, "".join(cmd))) - ota_list.append((type, ota_file)) - - lock.acquire() - gbl.processes.append(p) - lock.release() - - for p, var, cmd in processes: - if p.wait() != 0: - raise Exception("Failed to generate variant %s\nCommand was: %s" % (var, cmd)) - - return ota_list - -def generate(lock, type): - ota_generic = "%s-ota-%s.zip" % (gbl.target_product, type) - ota_list = [(type, ota_generic)] - - - cmd = [os.path.join(gbl.android_top, "build/tools/releasetools/ota_from_target_files")] - if type == "incremental": - cmd.extend(["--incremental_from", gbl.tfp_source]) - if gbl.package_key: - cmd.extend(gbl.package_key) - cmd.extend(gbl.ota_args) - cmd.append(gbl.tfp_destination) - cmd.append(os.path.join(gbl.output_dir, ota_generic)) - if "" in cmd: - cmd.remove("") - - subprocess.check_call(cmd) - - if gbl.variants: - ota_list = generate_variants(lock, type, ota_generic) - os.unlink(os.path.join(gbl.output_dir, ota_generic)) - - lock.acquire() - gbl.ota_list.extend(ota_list) - lock.release() - -def main(argv): - def option_handler(o, a): - if o in ("-h", "--help"): - print __doc__ - sys.exit(1) - elif o in ("-v", "--verbose"): - gbl.ota_args.append("--verbose") - elif o in ("-F", "--file_based"): - gbl.ota_args.remove("--block") - elif o in ("-V", "--variant"): - gbl.variants = [a] - elif o in ("-k", "--package_key"): - gbl.package_key = a - elif o in ("-o", "--output_dir"): - gbl.output_dir = a - elif o in ("-s", "--tfp_source"): - gbl.tfp_source = a - elif o in ("-a", "--all"): - gbl.generate_all = True - elif o in ("-f", "--output_file"): - gbl.output_file = a - else: - return False - return True - - try: - opts, args = getopt.gnu_getopt(argv[1:], "hvFV:k:o:s:af:", - ["help", "verbose", "file_based", - "variant=", "package_key=", - "output_dir=", "tfp_source=", "all", - "output_file="]) - except getopt.GetoptError as err: - print __doc__ - print "**", str(err), "**" - sys.exit(1) - - for o,a in opts: - if not option_handler(o,a): - assert False, "unknown option \"%s\"" % o - - if len(args) != 1: - print __doc__ - sys.exit(1) - gbl.tfp_destination = args[0] - - gbl.android_top = os.environ.get('ANDROID_BUILD_TOP') - if None == gbl.android_top: - raise Exception("ANDROID_BUILD_TOP undefined, please execute lunch") - - gbl.target_product = os.environ.get('TARGET_PRODUCT') - if None == gbl.target_product: - raise Exception("TARGET_PRODUCT undefined, please execute lunch") - - if gbl.generate_all and gbl.output_file: - raise Exception("-f option can't be used with -a\n" - "Try %s --help for more information" % os.path.basename(argv[0])) - - if gbl.generate_all and not gbl.tfp_source: - raise Exception("tfp_source is needed to generate incremental OTA") - - if not os.path.exists(gbl.output_dir): - os.makedirs(gbl.output_dir) - - check_tfp(gbl.tfp_destination) - if gbl.tfp_source: - check_tfp(gbl.tfp_source) - - ### Get variants informations ### - variants_enable_string = "BOARD_DEVICE_MAPPING :=" - omitstring = ('! -path */build/* -prune ! -path */common/* -prune ! -path */mixins/* -prune ' - '! -path */sepolicy/* -prune ! -path */path_config.mk -prune') - cmd = "find %s/device -type f -name *.mk %s -exec grep -l" % (gbl.android_top, omitstring) - cmd = cmd.split(" ") - cmd.append("PRODUCT_NAME := %s$" % gbl.target_product) - cmd.extend("{} ;".split(" ")) - product_dir = os.path.dirname(subprocess.check_output(cmd)) - has_variants = 0 == subprocess.call(["grep", variants_enable_string, - os.path.join(product_dir, "AndroidBoard.mk")], - stdout = os.open(os.devnull, os.O_WRONLY)) - - if has_variants: - if not gbl.variants: - cmd = "make -p -f %s/variants-%s.mk" % (product_dir, gbl.target_product) - p = subprocess.Popen(cmd.split(" "), stdout=subprocess.PIPE, stderr=subprocess.PIPE) - o,_ = p.communicate() - for line in o.split("\n"): - if "ROOT_VARIANTS" in line: - _, root_variants = line.split("=") - gbl.variants = re.sub(' +', ' ', root_variants.strip()).split(" ") - else: - if gbl.variants: - raise Exception("target %s does not support variant.\n" - "Please remove -V option" % gbl.target_product) - - # Get package_key path relative to ANDROID_BUILD_TOP, required to get password file working - if gbl.package_key: - gbl.package_key = ["--package_key", os.path.relpath(gbl.package_key, gbl.android_top)] - - lock = threading.Lock() - signal.signal(signal.SIGINT, finish_all) - threads = [] - ### Generate full OTA ### - if not gbl.tfp_source or gbl.generate_all: - t = threading.Thread(target=generate, args=[lock, "full"]) - t.start() - threads.append(t) - - ### Generate incremental OTA ### - if gbl.tfp_source: - t = threading.Thread(target=generate, args=[lock, "incremental"]) - t.start() - threads.append(t) - - for t in threads: - t.join() - - if gbl.output_file: - _, file = gbl.ota_list.pop() - os.rename(os.path.join(gbl.output_dir,file), gbl.output_file) - sys.exit(0) - - ### Generate metadata.json ### - metadata = os.path.join(gbl.output_dir, "metadata.json") - js = {} - js["version"] = 1 - js["files"] = {} - - for type, file in gbl.ota_list: - zip = zipfile.ZipFile(os.path.join(gbl.output_dir,file)) - data = zip.open("META-INF/com/android/metadata") - pre_build = None - for line in data: - if "pre-build" in line: - _, pre_build = line.strip().split("=") - if "post-build" in line: - _, post_build = line.strip().split("=") - if "pre-device" in line: - _, pre_device = line.strip().split("=") - - if pre_build: - pre_tag = "-"+pre_build.split("/")[4].split(":")[0] - else: - pre_tag = "" - - post_tag = post_build.split("/")[4].split(":")[0] - - rename_file = type + "_ota-" + pre_device + pre_tag + "-" + post_tag + ".zip" - os.rename(os.path.join(gbl.output_dir, file), os.path.join(gbl.output_dir, rename_file)) - - entry = {} - if pre_tag: - entry["pre_build"] = pre_build - entry["post_build"] = post_build - entry["pre_device"] = pre_device - js["files"][rename_file] = entry - - meta_file = open(metadata, "w") - meta_file.write(json.dumps(js, indent=4)) - meta_file.close() - - return 0 - -if __name__ == '__main__': - main(sys.argv) diff --git a/releasetools/iniparser.py b/releasetools/iniparser.py deleted file mode 100755 index 59d0edb..0000000 --- a/releasetools/iniparser.py +++ /dev/null @@ -1,120 +0,0 @@ -#!/usr/bin/env python - - -class IniParser: - - def __init__(self): - self.sec = {'DEFAULT': {}} - self.cursec = self.sec['DEFAULT'] - # We need to have the ordered list of sections - # so that command sets will be executed in the order of the .ini - self.seclist = [] - - def fix_type(self, s): - if s.lower() == 'true': - return True - if s.lower() == 'false': - return False - if s.lower() == 'null': - return None - if s.isdigit(): - return int(s) - return s - - def new_section(self, line): - section = line[1:len(line) - 1] - if section not in self.sec: - self.sec[section] = {} - self.seclist.append(section) - self.cursec = self.sec[section] - - def append_option(self, option, data): - option = option.strip() - if type(data) == str: - data = data.strip() - if option in self.cursec: - self.cursec[option] = ' '.join([self.cursec[option], data]) - else: - self.cursec[option] = data - - def remove_option(self, option, data): - option = option.strip() - if type(data) == str: - data = data.strip() - if option in self.cursec: - self.cursec[option] = self.cursec[option].replace(data, "").strip() - - def new_option(self, line): - option, data = line.split('=', 1) - if option[-1] == '+': - self.append_option(option[:-1], data) - return - if option[-1] == '-': - self.remove_option(option[:-1], data) - return - - option = option.strip() - data = data.strip() - self.cursec[option] = self.fix_type(data) - - def parse(self, f): - for line in f: - l = line.strip() - if l.startswith('[') and l.endswith(']'): - self.new_section(l) - continue - if not l: - continue - if l.startswith('#') or l.startswith(';'): - continue - if l.find('=') > 1: - self.new_option(l) - continue - raise Exception('INI Parsing error, offending line is ' + l) - - def sectionsfilter(self, start): - return [(s, s[len(start):]) - for s in self.seclist if s.startswith(start)] - - def sections(self): - return self.seclist - - def copy(self): - copy = IniParser() - for section in self.sections(): - copy.sec[section] = self.copy_option(section) - copy.seclist.append(section) - return copy - - def options(self, section): - return list(self.sec[section].keys()) - - def has_option(self, section, option): - if section not in self.sec: - return False - if option in self.sec[section]: - return True - return False - - def get(self, section, option): - return self.sec[section][option] - - def rename_section(self, section, new_name): - val = self.sec[section] - self.delete_section(section) - self.seclist.append(new_name) - self.sec[new_name] = val - self.cursec = self.sec[new_name] - - def delete_section(self, section): - del self.sec[section] - self.seclist.remove(section) - - def copy_option(self, section, opt_list=None): - option = {} - if not opt_list: - opt_list = self.options(section) - for opt in opt_list: - if self.has_option(section, opt): - option[opt] = self.get(section, opt) - return option diff --git a/releasetools/intel_common.py b/releasetools/intel_common.py deleted file mode 100644 index c2267e9..0000000 --- a/releasetools/intel_common.py +++ /dev/null @@ -1,1074 +0,0 @@ - -# -# Copyright (C) 2014 The Android Open Source Project -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - - -import tempfile -import os, errno -import sys -import subprocess -import shlex -import shutil -import imp -import time -import collections -import fnmatch -import time -import json -import zipfile -import re -import random -from io import StringIO - -sys.path.append("build/tools/releasetools") -import common - -_FASTBOOT = "out/host/linux-x86/bin/fastboot" - -def load_device_mapping(path): - try: - mod = imp.load_module("device_mapping", open(path, "U"), path, - (".py", "U", imp.PY_SOURCE)) - except ImportError: - print("Device mapping not found") - return None - - return mod.dmap - - -def load_device_mapping_from_tfp(tfp_path): - return load_device_mapping(os.path.join(tfp_path, "RADIO", - "device_mapping.py")) - - -def der_pub_from_pem_cert(cert_path): - tf = tempfile.NamedTemporaryFile(prefix="der_pub_from_pem_cert") - - cmd1 = ["openssl", "x509", - "-in", cert_path, - "-noout", "-pubkey"] - cmd2 = ["openssl", "rsa", - "-inform", "PEM", - "-pubin", - "-outform", "DER", - "-out", tf.name] - p1 = common.Run(cmd1, stdout=subprocess.PIPE) - p2 = common.Run(cmd2, stdin=p1.stdout) - p2.communicate() - p1.wait() - assert p1.returncode == 0, "extracting verity public key failed" - assert p2.returncode == 0, "verity public key conversion failed" - - tf.seek(os.SEEK_SET, 0) - return tf - - -def pem_cert_to_der_cert(pem_cert_path): - tf = tempfile.NamedTemporaryFile(prefix="pem_cert_to_der_cert") - - cmd = ["openssl", "x509", "-inform", "PEM", "-outform", "DER", - "-in", pem_cert_path, "-out", tf.name] - p = common.Run(cmd, stdin=subprocess.PIPE, stdout=subprocess.PIPE) - p.communicate() - assert p.returncode == 0, "openssl cert conversion failed" - tf.seek(os.SEEK_SET, 0) - return tf - - -def pk8_to_pem(der_key_path, password=None, none_on_fail_convert=False): - # If the key is already available in converted form, then use that - # file. This is important for .pk8 files that actually contain references - # to ECSS keys, because they are not fully parseable by openssl. - (der_key_path_root,der_key_path_ext) = os.path.splitext(der_key_path) - der_key_path_pem = der_key_path_root + ".pem" - if os.path.exists(der_key_path_pem): - return open(der_key_path_pem) - - # Defaults to 0600 permissions which is defintitely what we want! - tf = tempfile.NamedTemporaryFile(prefix="pk8_to_pem") - - cmd = ["openssl", "pkcs8"]; - if password: - cmd.extend(["-passin", "stdin"]) - else: - cmd.append("-nocrypt") - - cmd.extend(["-inform", "DER", "-outform", "PEM", - "-in", der_key_path, "-out", tf.name]) - p = common.Run(cmd, stdin=subprocess.PIPE, stdout=subprocess.PIPE) - if password is not None: - password += "\n" - p.communicate(password) - if none_on_fail_convert: - if p.returncode != 0: - tf.close() - return None - else: - assert p.returncode == 0, "openssl key conversion failed" - tf.seek(os.SEEK_SET, 0) - return tf - - -def WriteFileToDest(img, dest): - """Write common.File to destination""" - fid = open(dest, 'w') - fid.write(img.data) - fid.flush() - fid.close() - - -def patch_or_verbatim_exists(filepath, ota_zip): - patchpath = os.path.join("patch", filepath + ".p") - return filepath in ota_zip.namelist() or patchpath in ota_zip.namelist() - - -def AddFWImageFile(input_dir, output_zip, variant=None): - # AddFWImageFile reads the fwu_image file from provdata in input_dir - # and writes it into the output_zip. - # When called by ota_from_target_files for specifc variants an empty - # fwu_image is written into output_zip. - fwu_image = readfile_from_provdata(input_dir, "fwu_image.bin", variant) - - if fwu_image is None: - fwu_image = "" - common.ZipWriteStr(output_zip, "fwu_image.bin", fwu_image) - -def readfile_from_provdata(tmpdir, path, variant=None): - if variant: - provdata = "provdata_" + variant + ".zip" - else: - provdata = "provdata.zip" - provdata_name = os.path.join(tmpdir, "RADIO", provdata) - provdata_dir = os.path.join(tmpdir, "RADIO") - - if provdata in os.listdir(provdata_dir): - with zipfile.ZipFile(provdata_name) as provdata_zip: - data = provdata_zip.read(path) - return data - -def ComputeBinOrImgPatches(source_tfp_dir, target_tfp_dir, filename=None, variant=None, - existing_ota_zip=None): - patch_list = [] - verbatim = None - output_files = None - - if filename is None: - print("Error input, no filename ") - return [None, None, None] - - source_loader_filepath = os.path.join(source_tfp_dir, "RADIO", filename) - if not os.path.exists(source_loader_filepath): - print("Source:Can't find ", source_loader_filepath) - return [None, None, None] - source_loader_file = open(source_loader_filepath) - source_loader_data = source_loader_file.read() - source_loader_file.close() - - target_loader_filepath = os.path.join(target_tfp_dir, "RADIO", filename) - if not os.path.exists(target_loader_filepath): - print("Target Can't find ", target_loader_filepath) - return [None, None, None] - target_loader_file = open(target_loader_filepath) - target_loader_data = target_loader_file.read() - target_loader_file.close() - - src_bin = common.File(filename, source_loader_data) - tgt_bin = common.File(filename, target_loader_data) - - diffs = [common.Difference(tgt_bin, src_bin)] - common.ComputeDifferences(diffs) - tf, sf, d = diffs[0].GetPatch() - verbatim = False - # If the patch size is almost as big as the actual file - # the image will be included in the OTA verbatim. - if d is None or len(d) > tf.size * 0.95: - print(filename, "update will be included verbatim") - verbatim = True - else: - patch_list = (tf,sf) - output_files = d - return verbatim, patch_list, output_files - -def ComputeFWUpdatePatches(source_tfp_dir, target_tfp_dir, variant=None, - existing_ota_zip=None): - patch_list = None - verbatim = None - output_files = None - - # In case an already "fixed up" ota package is passed - Do nothing - if existing_ota_zip and patch_or_verbatim_exists("fwu_image.bin", existing_ota_zip): - return verbatim, patch_list, output_files - - src_fwupdate_data = readfile_from_provdata(source_tfp_dir, "fwu_image.bin", variant) - if not src_fwupdate_data: - return verbatim, patch_list, output_files - - tgt_fwupdate_data = readfile_from_provdata(target_tfp_dir, "fwu_image.bin", variant) - if not tgt_fwupdate_data: - return verbatim, patch_list, output_files - - src_fwupdate = common.File("fwu_image.bin", src_fwupdate_data) - tgt_fwupdate = common.File("fwu_image.bin", tgt_fwupdate_data) - - diffs = [common.Difference(tgt_fwupdate, src_fwupdate)] - common.ComputeDifferences(diffs) - - tf, sf, d = diffs[0].GetPatch() - verbatim = False - # If the patch size is almost as big as the actual file - # the fwu_image will be included in the OTA verbatim. - if d is None or len(d) > tf.size * 0.95: - print("Firmware update image will be included verbatim") - verbatim = True - else: - patch_list = (tf,sf) - output_files = d - return verbatim, patch_list, output_files - - -def ComputeBootloaderPatch(source_tfp_dir, target_tfp_dir, variant=None, - base_variant=None, existing_ota_zip=None): - target_data = LoadBootloaderFiles(target_tfp_dir, variant=variant, base_variant=base_variant) - source_data = LoadBootloaderFiles(source_tfp_dir, variant=variant, base_variant=base_variant) - - diffs = [] - - # List of files that will be included in the OTA verbatim because - # they are either new or the patch is > 95% in size of the original - # file. If this isn't empty you just need to call edify generator - # UnpackPackageDir("bootloader", "/bootloader") - verbatim_targets = [] - - # Returned list of common.File objects that need to be added to - # the OTA archive, for each one call AddToZip() - output_files = [] - - # Returned list of patches to be created. - # Each element is a tuple of the form (path, target File object, - # source File object, target file size) - patch_list = [] - - for fn in sorted(target_data.keys()): - filepath = os.path.join('bootloader', fn) - if existing_ota_zip and patch_or_verbatim_exists(filepath, existing_ota_zip): - continue - - tf = target_data[fn] - sf = source_data.get(fn, None) - - if sf is None: - verbatim_targets.append(fn) - output_files.append(tf) - elif tf.sha1 != sf.sha1: - diffs.append(common.Difference(tf, sf)) - - common.ComputeDifferences(diffs) - - for diff in diffs: - tf, sf, d = diff.GetPatch() - if d is None or len(d) > tf.size * 0.95: - output_files.append(tf) - verbatim_targets.append(tf.name) - else: - output_files.append(common.File("patch/" + tf.name + ".p", d)) - patch_list.append((tf, sf)) - - # output list of files that need to be deleted, pass this to - # edify generator DeleteFiles in InstallEnd - delete_files = ["/bootloader/"+i for i in sorted(source_data) if i not in target_data] - - return (output_files, delete_files, patch_list, verbatim_targets) - -def fastboot_get_hw_revision(): - fastboot_data = subprocess.check_output([_FASTBOOT, "getvar", "hw-revision"], stderr=subprocess.STDOUT) - board_type = fastboot_data.split(':',1)[1] - space=re.compile('^ '); - board_type=space.sub('',board_type) - board_type = board_type.split('\n',1)[0] - variant=None - - if cmp(board_type, '50') == 0: - variant='gr_mrb' - else: - if cmp(board_type, '51') == 0: - variant='gr_mrb_b1' - return variant - -def LoadBootloaderFiles(tfpdir, extra_files=None, variant=None, base_variant=None): - out = {} - data = GetBootloaderImageFromTFP(tfpdir, extra_files=extra_files, - variant=variant, base_variant=base_variant) - image = common.File("bootloader.img", data).WriteToTemp() - - # Extract the contents of the VFAT bootloader image so we - # can compute diffs on a per-file basis - esp_root = tempfile.mkdtemp(prefix="bootloader-") - common.OPTIONS.tempfiles.append(esp_root) - add_dir_to_path("/sbin") - subprocess.check_output(["mcopy", "-s", "-i", image.name, "::*", esp_root]); - image.close(); - - for dpath, dname, fnames in os.walk(esp_root): - for fname in fnames: - # Capsule update file -- gets consumed and deleted by the firmware - # at first boot, shouldn't try to patch it - if (fname == "BIOSUPDATE.fv"): - continue - abspath = os.path.join(dpath, fname) - relpath = os.path.relpath(abspath, esp_root) - data = open(abspath).read() - out[relpath] = common.File("bootloader/" + relpath, data) - - return out - - -def GetBootloaderImageFromTFP(unpack_dir, autosize=False, extra_files=None, variant=None, base_variant=None): - info_dict = common.OPTIONS.info_dict - if extra_files == None: - extra_files = [] - platform_efi, platform_sflte = CheckIfSocEFI(unpack_dir, variant) - - if variant and platform_efi: - provdata_name = os.path.join(unpack_dir, "RADIO", "provdata_" + variant +".zip") - if base_variant and (os.path.isfile(provdata_name) == False): - provdata_name = os.path.join(unpack_dir, "RADIO", "provdata_" + base_variant +".zip") - provdata = common.UnzipTemp(provdata_name) - provdata_zip = zipfile.ZipFile(provdata_name, "r") - cap_path = os.path.join(provdata,"capsule.fv") - if os.path.exists(cap_path): - extra_files.append((cap_path, "capsules/current.fv")) - extra_files.append((cap_path, "BIOSUPDATE.fv")) - else: - print("No capsule.fv found in provdata_" + variant + ".zip") - base_bootloader = os.path.join(provdata, "BOOTLOADER") - if os.path.exists(base_bootloader): - for root, dirs, files in os.walk(base_bootloader): - for name in files: - fullpath = os.path.join(root, name) - relpath = os.path.relpath(fullpath, base_bootloader) - print("Adding extra bootloader file", relpath) - extra_files.append((fullpath, relpath)) - - if not platform_efi: - if variant is None: - variant=fastboot_get_hw_revision() - if variant: - provdata_name = os.path.join(unpack_dir, "RADIO", "provdata_" + variant + ".zip") - else: - provdata_name = os.path.join(unpack_dir, "RADIO", "provdata" + ".zip") - provdata = common.UnzipTemp(provdata_name) - provdata_zip = zipfile.ZipFile(provdata_name, "r") - filename = os.path.join(provdata, "bootloader") - else: - bootloader = tempfile.NamedTemporaryFile(delete=False) - filename = bootloader.name - bootloader.close() - - fastboot = GetFastbootImage(unpack_dir) - if fastboot: - fastboot_file = fastboot.WriteToTemp() - extra_files.append((fastboot_file.name,"fastboot.img")) - - tdos = GetTdosImage(unpack_dir) - if tdos: - tdos_file = tdos.WriteToTemp() - extra_files.append((tdos_file.name,"tdos.img")) - - info_dir = os.path.join(unpack_dir, "RADIO") - info = GetBootloaderInfo(info_dir, autosize) - - MakeVFATFilesystem(os.path.join(unpack_dir, "RADIO", "bootloader.zip"), - filename, size=int(info["size"]), - block_size=info["block_size"], - extra_files=extra_files) - - bootloader = open(filename) - data = bootloader.read() - bootloader.close() - os.unlink(filename) - return data - -def GetBootloaderInfo(info_dir, autosize): - info_file = os.path.join(info_dir, "bootloader_image_info.txt") - if os.path.isfile(info_file): - info = common.LoadDictionaryFromLines(open(info_file).readlines()) - else: - # Preserve legacy way to get size to keep OTA generation scripts working - info = {} - info_file = os.path.join(info_dir, "bootloader-size.txt") - info["size"] = int(open(info_file).read().strip()) - info["block_size"] = None - - if autosize: - info["size"] = 0 - - return info - -def GetBootloaderImageFromOut(product_out, intermediate_dir, filename, autosize=False, extra_files=None): - if extra_files == None: - extra_files = [] - - fastboot = os.path.join(product_out, "fastboot.img") - if os.path.exists(fastboot): - print("add fastboot.img to bootloader") - extra_files.append((fastboot, "fastboot.img")) - - tdos = os.path.join(product_out, "tdos.img") - if os.path.exists(tdos): - print("add tdos.img to bootloader") - extra_files.append((tdos, "tdos.img")) - - info_dir = os.path.join(intermediate_dir, "../") - info = GetBootloaderInfo(info_dir, autosize) - - MakeVFATFilesystem(intermediate_dir, filename, size=int(info["size"]), - block_size=info["block_size"], - extra_files=extra_files, zipped=False) - -def MakeVFATFilesystem(root_zip, filename, title="ANDROIDIA", size=0, block_size=None, extra_size=0, - extra_files=[], zipped=True): - """Create a VFAT filesystem image with all the files in the provided - root zipfile. The size of the filesystem, if not provided by the - caller, will be 101% the size of the containing files""" - - if zipped: - root = common.UnzipTemp(root_zip) - root_zip = zipfile.ZipFile(root_zip, "r") - else: - root = root_zip - - for fn_src, fn_dest in extra_files: - fn_dest = os.path.join(root, fn_dest) - if not os.path.exists(os.path.dirname(fn_dest)): - os.makedirs(os.path.dirname(fn_dest)) - shutil.copy(fn_src, fn_dest) - - if size == 0: - for dpath, dnames, fnames in os.walk(root): - for f in fnames: - size += os.path.getsize(os.path.join(dpath, f)) - - # Add 1% extra space, minimum 32K - extra = size / 100 - if extra < (32 * 1024): - extra = 32 * 1024 - size += extra - - size += extra_size - - # Round the size of the disk up to 32K so that total sectors is - # a multiple of sectors per track (mtools complains otherwise) - mod = size % (32 * 1024) - if mod != 0: - size = size + (32 * 1024) - mod - - # mtools freaks out otherwise - if os.path.exists(filename): - os.unlink(filename) - - add_dir_to_path("/sbin") - cmd = ["mkdosfs"] - if block_size: - cmd.extend(["-S", str(block_size)]) - cmd.extend(["-n", title, "-C", filename, str(size / 1024)]) - try: - p = common.Run(cmd) - except Exception as exc: - print("Error: Unable to execute command: {}".format(' '.join(cmd))) - raise exc - p.wait() - assert p.returncode == 0, "mkdosfs failed" - for f in os.listdir(root): - in_p = os.path.join(root, f) - out_p = os.path.relpath(in_p, root) - PutFatFile(filename, in_p, out_p) - - -def GetTdosImage(unpack_dir, info_dict=None): - if info_dict is None: - info_dict = common.OPTIONS.info_dict - - prebuilt_path = os.path.join(unpack_dir, "RADIO", "tdos.img") - if (os.path.exists(prebuilt_path)): - print("using prebuilt tdos.img") - return common.File.FromLocalFile("tdos.img", prebuilt_path) - - ramdisk_path = os.path.join(unpack_dir, "RADIO", "ramdisk-tdos.img") - if not os.path.exists(ramdisk_path): - print("no TDOS ramdisk found") - return None - - print("building TDOS image from target_files...") - ramdisk_img = tempfile.NamedTemporaryFile() - img = tempfile.NamedTemporaryFile() - - # use MKBOOTIMG from environ, or "mkbootimg" if empty or not set - mkbootimg = os.getenv('MKBOOTIMG') or "mkbootimg" - - cmd = [mkbootimg, "--kernel", os.path.join(unpack_dir, "BOOT", "kernel")] - fn = os.path.join(unpack_dir, "BOOT", "cmdline") - if os.access(fn, os.F_OK): - cmd.append("--cmdline") - cmd.append(open(fn).read().rstrip("\n")) - - # Add 2nd-stage loader, if it exists - fn = os.path.join(unpack_dir, "BOOT", "second") - if os.access(fn, os.F_OK): - cmd.append("--second") - cmd.append(fn) - - args = info_dict.get("mkbootimg_args", None) - if args and args.strip(): - cmd.extend(shlex.split(args)) - - cmd.extend(["--ramdisk", ramdisk_path, - "--output", img.name]) - - try: - p = common.Run(cmd, stdin=subprocess.PIPE, stdout=subprocess.PIPE) - except Exception as exc: - print("Error: Unable to execute command: {}".format(' '.join(cmd))) - raise exc - p.communicate() - assert p.returncode == 0, "mkbootimg of fastboot image failed" - - # Sign the image using BOOT_SIGNER env variable, or "boot_signer" command - signing_key = info_dict.get("verity_key") - if info_dict.get("verity") == "true" and signing_key: - boot_signer = os.getenv('BOOT_SIGNER') or "boot_signer" - cmd = [boot_signer, "/tdos", img.name, - signing_key + common.OPTIONS.private_key_suffix, - signing_key + common.OPTIONS.public_key_suffix, img.name]; - try: - p = common.Run(cmd, stdin=subprocess.PIPE, stdout=subprocess.PIPE) - except Exception as exc: - print("Error: Unable to execute command: {}".format(' '.join(cmd))) - raise exc - p.communicate() - assert p.returncode == 0, "boot signing of tdos image failed" - - img.seek(os.SEEK_SET, 0) - data = img.read() - - img.close() - - return common.File("tdos.img", data) - - -def GetFastbootImage(unpack_dir, info_dict=None): - """Return a File object 'fastboot.img' with the Fastboot boot image. - It will either be fetched from RADIO/fastboot.img or built - using RADIO/ufb_ramdisk.zip, RADIO/ufb_cmdline, and BOOT/kernel""" - - if info_dict is None: - info_dict = common.OPTIONS.info_dict - - prebuilt_path = os.path.join(unpack_dir, "RADIO", "fastboot.img") - if (os.path.exists(prebuilt_path)): - print("using prebuilt fastboot.img") - return common.File.FromLocalFile("fastboot.img", prebuilt_path) - - ramdisk_path = os.path.join(unpack_dir, "RADIO", "ufb-ramdisk.zip") - if not os.path.exists(ramdisk_path): - print("no user fastboot image found, assuming efi fastboot") - return None - - print("building Fastboot image from target_files...") - ramdisk_img = tempfile.NamedTemporaryFile() - img = tempfile.NamedTemporaryFile() - - ramdisk_tmp = common.UnzipTemp(ramdisk_path) - ramdisk_zip = zipfile.ZipFile(ramdisk_path, "r") - - cmd1 = ["mkbootfs", ramdisk_tmp] - try: - p1 = common.Run(cmd1, stdout=subprocess.PIPE) - except Exception as exc: - print("Error: Unable to execute command: {}".format(' '.join(cmd1))) - shutil.rmtree(ramdisk_tmp) - raise exc - - cmd2 = ["minigzip"] - try: - p2 = common.Run( - cmd2, stdin=p1.stdout, stdout=ramdisk_img.file.fileno()) - except Exception as exc: - print("Error: Unable to execute command: {}".format(' '.join(cmd2))) - shutil.rmtree(ramdisk_tmp) - raise exc - - p1.stdout.close() - p2.communicate() - p1.wait() - assert p1.returncode == 0, "mkbootfs of fastboot ramdisk failed" - assert p2.returncode == 0, "minigzip of fastboot ramdisk failed" - - # use MKBOOTIMG from environ, or "mkbootimg" if empty or not set - mkbootimg = os.getenv('MKBOOTIMG') or "mkbootimg" - - cmd = [mkbootimg, "--kernel", os.path.join(unpack_dir, "BOOT", "kernel")] - fn = os.path.join(unpack_dir, "RADIO", "ufb-cmdline") - if os.access(fn, os.F_OK): - cmd.append("--cmdline") - cmd.append(open(fn).read().rstrip("\n")) - - # Add 2nd-stage loader, if it exists - fn = os.path.join(unpack_dir, "RADIO", "ufb-second") - if os.access(fn, os.F_OK): - cmd.append("--second") - cmd.append(fn) - - args = info_dict.get("mkbootimg_args", None) - if args and args.strip(): - cmd.extend(shlex.split(args)) - - cmd.extend(["--ramdisk", ramdisk_img.name, - "--output", img.name]) - - try: - p = common.Run(cmd, stdin=subprocess.PIPE, stdout=subprocess.PIPE) - except Exception as exc: - print("Error: Unable to execute command: {}".format(' '.join(cmd))) - raise exc - p.communicate() - assert p.returncode == 0, "mkbootimg of fastboot image failed" - - # Sign the image using BOOT_SIGNER env variable, or "boot_signer" command - signing_key = info_dict.get("verity_key") - if info_dict.get("verity") == "true" and signing_key: - boot_signer = os.getenv('BOOT_SIGNER') or "boot_signer" - cmd = [boot_signer, "/fastboot", img.name, - signing_key + common.OPTIONS.private_key_suffix, - signing_key + common.OPTIONS.public_key_suffix, img.name]; - try: - p = common.Run(cmd, stdin=subprocess.PIPE, stdout=subprocess.PIPE) - except Exception as exc: - print("Error: Unable to execute command: {}".format(' '.join(cmd))) - raise exc - p.communicate() - assert p.returncode == 0, "boot signing of fastboot image failed" - - img.seek(os.SEEK_SET, 0) - data = img.read() - - ramdisk_img.close() - img.close() - - return common.File("fastboot.img", data) - - -def PutFatFile(fat_img, in_path, out_path): - cmd = ["mcopy", "-s", "-Q", "-i", fat_img, in_path, - "::" + out_path] - try: - p = common.Run(cmd) - except Exception as exc: - print("Error: Unable to execute command: {}".format(' '.join(cmd))) - raise exc - p.wait() - assert p.returncode == 0, "couldn't insert %s into FAT image" % (in_path,) - - -def add_dir_to_path(dir_name, end=True): - """ - I add a directory to the PATH environment variable, if not already in the - path. By default it gets added to the end of the PATH - """ - dir_name = os.path.abspath(dir_name) - path_env_var = os.environ.get('PATH', "") - for path_dir in path_env_var.split(os.pathsep): - path_dir = os.path.abspath(path_dir) - if dir_name == path_dir: - return - if end: - path_env_var += ":" + dir_name - else: - path_env_var = dir_name + ":" + path_env_var - os.environ['PATH'] = path_env_var - - -# dictionnary to translate Makefile "target" name to filename -def init_t2f_dict(t2f_list): - d = {} - for l in t2f_list.split(): - target, fname = l.split(':') - d[target] = fname - return d - - -def get_tag(target): - t2tag = { "system": "SYSTEM", - "userdata": "USERDATA", - "cache": "CACHE", - "boot": "BOOT_IMG", - "recovery": "RECOVERY"} - return t2tag[target] - - -def get_psi(dir, t2f): - if (t2f["PSI_RAM_FLS"] != '') and (t2f["EBL_FLS"] != ''): - return [os.path.join(dir, os.path.basename(t2f["PSI_RAM_FLS"])), - os.path.join(dir, os.path.basename(t2f["EBL_FLS"]))] - return [None, None] - - -def check_signed_fls(target): - if target.endswith("_signed.fls"): - return [True, target[:-11]] - elif target.endswith(".fls"): - return [False, target[:-4]] - raise Exception("Unknown target type") - - -def run_cmd(cmd): - try: - p = common.Run(cmd) - except Exception as exc: - print("Error: Unable to execute command: {}".format(' '.join(cmd))) - raise exc - p.communicate() - assert p.returncode == 0, "Command failed: {}".format(' '.join(cmd)) - - -def run_fls(flstool, prg, output, tag, infile, psi, eblsec): - - cmd = [flstool, "--prg", prg, - "--output", output, - "--tag", tag] - - if psi and eblsec: - cmd.extend(["--psi", psi]) - cmd.extend(["--ebl-sec", eblsec]) - - cmd.append(infile) - cmd.extend(["--replace", "--to-fls2"]) - - run_cmd(cmd) - - -def sign_fls(flstool, sign, script, output, psi, eblsec): - - cmd = [flstool, "--sign", sign, - "--script", script, - "--output", output] - - if psi and eblsec: - cmd.extend(["--psi", psi]) - cmd.extend(["--ebl-sec", eblsec]) - - cmd.append("--replace") - - run_cmd(cmd) - - -def build_fls(unpack_dir, target, variant=None): - """Build fls flash file out of tfp""" - - sign, target2tag = check_signed_fls(target) - tag = get_tag(target2tag) - provdata_zip = 'provdata_%s.zip' % variant if variant else 'provdata.zip' - provdata_name = os.path.join(unpack_dir, "RADIO", provdata_zip) - provdata = common.UnzipTemp(provdata_name) - provdata_zip = zipfile.ZipFile(provdata_name, "r") - - target2file = open(os.path.join(provdata, "fftf_build.opt")).read().strip() - t2f = init_t2f_dict(target2file) - flstool = os.path.join(provdata, os.path.basename(t2f["FLSTOOL"])) - - prg = os.path.join(provdata, os.path.basename(t2f["INTEL_PRG_FILE"])) - out = os.path.join(unpack_dir, "IMAGES", target2tag + '.fls') - infile = os.path.join(unpack_dir, "IMAGES", target2tag + '.img') - psi, eblsec = get_psi(provdata, t2f) - - run_fls(flstool, prg, out, tag, infile, psi, eblsec) - - if sign: - script = os.path.join(provdata, os.path.basename(t2f["SYSTEM_FLS_SIGN_SCRIPT"])) - out_signed = os.path.join(unpack_dir, "IMAGES", target) - - sign_fls(flstool, out, script, out_signed, psi, eblsec) - - try: - os.makedirs(os.path.join(t2f["FASTBOOT_IMG_DIR"])) - except OSError as exc: - if exc.errno == errno.EEXIST and os.path.isdir(os.path.join(t2f["FASTBOOT_IMG_DIR"])): - pass - else: raise - - shutil.copyfile(os.path.join(unpack_dir, "IMAGES", target2tag + '.img'), - os.path.join(t2f["FASTBOOT_IMG_DIR"], target2tag + '.bin')) - - -def build_fls_out(product_out, intermediate_dir, target, outfile, variant=None): - """Build fls flash file from raw out folder""" - - target2file = open(os.path.join(intermediate_dir, "../", "fftf_build.opt")).read().strip() - t2f = init_t2f_dict(target2file) - - sign, target2tag = check_signed_fls(target) - tag = get_tag(target2tag) - flstool = t2f["FLSTOOL"] - - prg = os.path.join(intermediate_dir, os.path.basename(t2f["INTEL_PRG_FILE"])) - - if sign: - out = outfile[:-7] - else: - out = outfile - infile = os.path.join(product_out, target2tag + '.img') - psi, eblsec = get_psi(intermediate_dir, t2f) - - run_fls(flstool, prg, out, tag, infile, psi, eblsec) - - if sign: - script = t2f["SYSTEM_FLS_SIGN_SCRIPT"] - sign_fls(flstool, out, script, outfile, psi, eblsec) - -def escaped_value(value): - result = '' - for char in value: - result += "%%%02x" % ord(char) - return result - - -def get_efi_sig_list(pem_cert, guid_str, name): - tf = tempfile.NamedTemporaryFile(prefix="pem_cert_to_esl-"+name+"-") - if pem_cert: - cmd = ["cert-to-efi-sig-list", "-g", guid_str, pem_cert, tf.name] - p = common.Run(cmd) - p.communicate() - assert p.returncode == 0, "cert-to-efi-sig-list failed" - tf.seek(os.SEEK_SET, 0) - return tf - - -def get_auth_data(timestamp, sign_pair, password, pem_cert, guid_str, name, payload = None): - esl = get_efi_sig_list(pem_cert, guid_str, name) - - if payload: - esl.write(payload) - esl.seek(os.SEEK_SET, 0) - - pem_key = pk8_to_pem(sign_pair + common.OPTIONS.private_key_suffix, password) - - tf = tempfile.NamedTemporaryFile(prefix="auth_file-"+name+"-") - timestampfmt = "%Y-%m-%d %I:%M:%S" - - cmd = ["sign-efi-sig-list", "-t", - time.strftime(timestampfmt, time.strptime(time.ctime(timestamp))), - "-c", sign_pair + common.OPTIONS.public_key_suffix, - "-g", guid_str, "-k", pem_key.name, name, esl.name, tf.name] - p = common.Run(cmd) - p.communicate() - assert p.returncode == 0, "sign-efi-sig-list failed" - tf.seek(os.SEEK_SET, 0) - pem_key.close() - esl.close() - data = tf.read() - tf.close() - return data - - -def get_bootloader_list(unpack_dir): - """ Return an sorted list of the bootloader components by parsing the - flashfiles_fls.json file. """ - - bootloader_list = [] - flashfls_path = os.path.join(unpack_dir, "RADIO", "flashfiles_fls.json") - - if not os.path.exists(flashfls_path): - return - with open(flashfls_path, 'r') as flashfls_json: - data = json.loads(flashfls_json.read()) - for cmd in data['commands']: - if (cmd['type'] == "fls" and cmd['source'] == "provdatazip"): - if (cmd['partition'] != 'oem' and cmd['partition'] != 'modem' - and cmd['partition'] != 'vrl' and (cmd['partition'] not in bootloader_list)): - bootloader_list.append(cmd['partition']) - - return sorted(bootloader_list) - - -def get_partition_target_hash(unpack_dir): - """ Return a hash comprising of the mapping of partition name - to target name. """ - - partition_target = {} - flashfls_path = os.path.join(unpack_dir, "RADIO", "flashfiles_fls.json") - - if not os.path.exists(flashfls_path): - return - with open(flashfls_path, 'r') as flashfls_json: - data = json.loads(flashfls_json.read()) - for cmd in data['commands']: - if (cmd['type'] == "fls"): - # FIXME We do not compare the image partitions with - # smp_profiling images in the TFP assuming smp_profiling - # images are never flashed on the device being verified - # Remove this assumption. - - if (cmd.get('core') != 'smp_profiling'): - partition_target[cmd['partition']] = cmd['target'] - - return partition_target - - -def get_provdata_variants(unpack_dir): - """ Return a list of variants for a TFP. """ - - variants = [] - working_path = os.path.join(unpack_dir, "RADIO") - # Use regex analysis of provdata files to determine current variants - regex = re.compile('provdata_(?P\w+).zip') - for f in os.listdir(working_path): - m = regex.match(os.path.basename(f)) - if m and m.group('variant'): - variants.append(m.group('variant')) - return variants - - -def CheckIfSocEFI(unpack_dir, variant): - """ Non-EFI SOC (Sofia and its variants), have fftf_build.opt file - in the provdata which is used to check if the DUT is efi or not. - If the variant is not provided as an option, get the variant list - and read the fftf_build.opt in the first variant in the list. - For Sofia SOC also use SECPACK_IN_SLB = true to check if is sofialte """ - - if not variant: - variants_list = get_provdata_variants(unpack_dir) - if not variants_list: - provdata_name = os.path.join(unpack_dir, "RADIO", "provdata" + ".zip") - else: - variant = variants_list[0] - provdata_name = os.path.join(unpack_dir, "RADIO", "provdata_" + variant + ".zip") - else: - provdata_name = os.path.join(unpack_dir, "RADIO", "provdata_" + variant + ".zip") - - provdata = zipfile.ZipFile(provdata_name, 'r') - fftf_build_file = 'fftf_build.opt' - - if (fftf_build_file in provdata.namelist()): - target2file = provdata.read(fftf_build_file) - t2f = init_t2f_dict(target2file) - provdata.close() - if (t2f["SOC_FIRMWARE_TYPE"] == "slb"): - if (t2f["SECPACK_IN_SLB"] == "true"): - return False, True - else: - return False, False - elif (t2f["SOC_FIRMWARE_TYPE"] == "abl"): - return False, False - elif (t2f["SOC_FIRMWARE_TYPE"] == "sbl"): - return False, False - elif (t2f["SOC_FIRMWARE_TYPE"] == "vsbl"): - return False, False - - provdata.close() - return True, False - -def GenerateBootloaderSecbin(unpack_dir, variant): - """ Generate bootloader with secpack for Non-EFI(example Sofialte); The partitions are - obtained from get_bootloader_list() in GetBootloaderImagesfromFls. - use tool binary_merge to generate Merged.secbin with SecureBlock.bin + LoadMap.bin - """ - - for current_file in os.listdir(unpack_dir): - if fnmatch.fnmatch(current_file, '*LoadMap0.bin'): - loader_mapdatafile = current_file - - assert loader_mapdatafile is not None, "Error in extracting the LoadMap.bin" - for current_file in os.listdir(unpack_dir): - if fnmatch.fnmatch(current_file, '*SecureBlock.bin'): - loader_scublockfile = current_file - - assert loader_scublockfile is not None, "Error in extracting the SecureBlock.bin" - binary_merge = "hardware/intel/sofia_lte-fls/tools/binary_merge" - cmd = [binary_merge, "-o", os.path.join(unpack_dir, "Merged.secbin"), - "-b 1 -p 0"] - cmd.append(os.path.join(unpack_dir, loader_scublockfile)) - cmd.append(os.path.join(unpack_dir, loader_mapdatafile)) - print("execute 3.command: {}".format(' '.join(cmd))) - try: - p = common.Run(cmd) - except Exception as exc: - print("Error: Unable to execute command: {}".format(' '.join(cmd))) - raise exc - p.communicate() - assert p.returncode == 0, "binary_merge failed" - -def GetBootloaderImagesfromFls(unpack_dir, variant=None): - """ Non-EFI bootloaders (example Sofia and its variants), comprise of - various partitions. The partitions are obtained from get_bootloader_list(). - Extract and return the *LoadMap.bin files from the *.fls files. """ - - bootloader_list = get_bootloader_list(unpack_dir) - if variant is None: - variant=fastboot_get_hw_revision() - if variant: - provdata_name = os.path.join(unpack_dir, "RADIO", "provdata_" + variant + ".zip") - else: - provdata_name = os.path.join(unpack_dir, "RADIO", "provdata" + ".zip") - provdata = common.UnzipTemp(provdata_name) - provdata_zip = zipfile.ZipFile(provdata_name, "r") - additional_data_hash = collections.OrderedDict() - partition_to_target = get_partition_target_hash(unpack_dir) - - platform_efi, platform_sflte = CheckIfSocEFI(unpack_dir, variant) - - if not bootloader_list: - return None - - for loader_partition in bootloader_list: - curr_loader = partition_to_target[loader_partition] - loader_filepath = os.path.join(provdata, curr_loader) - extract = tempfile.mkdtemp(prefix=curr_loader) - common.OPTIONS.tempfiles.append(extract) - flstool = os.path.join(provdata, "FlsTool") - cmd = [flstool, "-x", loader_filepath, "-o", extract] - try: - p = common.Run(cmd) - except Exception as exc: - print("Error: Unable to execute command: {}".format(' '.join(cmd))) - raise exc - p.communicate() - assert p.returncode == 0, "FlsTool failed to extract LoadMap.bin" - if platform_sflte : - #for psi: it is verfied by bootrom, - #so no need add secpack header, need bypass; - #for bootloader: the combinded images in this partition already has secpack - #so no need add secpack header, need bypass - if (loader_partition == 'psi') or (loader_partition == 'bootloader'): - for current_file in os.listdir(extract): - if fnmatch.fnmatch(current_file, '*LoadMap0.bin'): - loader_datafile = current_file - else: - #generate Merged.secbin with tool binary_merge - GenerateBootloaderSecbin(extract, variant) - for current_file in os.listdir(extract): - if fnmatch.fnmatch(current_file, 'Merged.secbin'): - loader_datafile = current_file - else: - for current_file in os.listdir(extract): - if fnmatch.fnmatch(current_file, '*LoadMap0.bin'): - loader_datafile = current_file - - loader_abspath = os.path.join(extract ,loader_datafile) - assert loader_datafile is not None, "Error in extracting the LoadMap.bin" - loader_file = open(loader_abspath) - loader_data = loader_file.read() - additional_data_hash[loader_partition] = loader_data - loader_file.close() - - return additional_data_hash diff --git a/releasetools/ota_deployment_fixup b/releasetools/ota_deployment_fixup deleted file mode 100755 index 141bde9..0000000 --- a/releasetools/ota_deployment_fixup +++ /dev/null @@ -1,433 +0,0 @@ -#!/usr/bin/env python - -""" -Fix-up the product information in an OTA package to match deployment -fingerprints for individual devices. The meta-data pre-build, post-build, and -pre-device fields are adjusted according the fingerprint parameters. - -Usage: ota_deployment_fixup - - -k (--package_key) - Use the specified key pair to sign the output OTA package. - Defaults to AOSP testkey. - -M (--pre_fish_name) Optional fish name on prior build. - - -V (--variant) Name of the IRDA variant as expressed in the - board configuration FLASHFILES_VARIANTS. Required. - -T (--target_files) Path to target files package used to create - the supplied OTA update zip. Required. - -S (--source_target_files) If the OTA is incremental, path to - source TFP used to create the supplied OTA (the --incremental_from - argument to ota_from_target_files) - - -f (--fish_name) The fish name that this is built for - -l (--lunch) The lunch target used for this project - -B (--brand) - -P (--product) - -D (--device) - Replacement parameters for the brand, product, and device portions of - the deployment fingerprints. All of these parameters must - be specified on the command line if this information can't be retrieved - from the target-files-package. -""" - -import sys -import os -import zipfile -import tempfile -import imp -import re -import shutil -import hashlib - -if None == os.environ.get('ANDROID_BUILD_TOP'): - print "I'm hungry. Feed me lunch." - sys.exit(1) - -# Android Release Tools -sys.path.append(os.environ['ANDROID_BUILD_TOP']+"/build/tools/releasetools") -import common -import edify_generator - -sys.path.append(os.environ['ANDROID_BUILD_TOP']+"/device/intel/build/releasetools") -import intel_common -import multiprocessing - -OPTIONS = common.OPTIONS -OPTIONS.pre_fish_name = None -OPTIONS.brand = None -OPTIONS.device = None -OPTIONS.product = None -OPTIONS.fish_name = None -OPTIONS.tfp = None -OPTIONS.source_tfp = None -OPTIONS.lunch = None -OPTIONS.incremental = False -OPTIONS.variant = False -OPTIONS.base_variant = False -OPTIONS.source_info_dict = None -OPTIONS.buildnum = None - -# TODO: fetch default for this out default_system_dev_certificate in the TFP -# once a TFP is a required argument -OPTIONS.package_key = os.path.join(os.environ['ANDROID_BUILD_TOP'], - "build/target/product/security/testkey") - -verify_end_str = "---- start making changes here ----" - -OPTIONS.worker_threads = multiprocessing.cpu_count() - -_TARGET_LINE_PREFIX = "(bootloader) target: " -_HASH_LINE_PREFIX = "(bootloader) hash: " -_IFWI_PREFIX = "(bootloader) version: " - -def process_metadata(data): - lines = data.split("\n") - linesout = [] - fingerprint_new = OPTIONS.brand+'/'+OPTIONS.product+'/'+OPTIONS.device - for line in lines: - if line == "": - linesout.append(line) - continue - k,v = line.split('=') - if k == "pre-build": - segments = v.split(':') - segments[0] = fingerprint_new - linesout.append('='.join([k,':'.join(segments)])) -# elif k == "pre-device": -# if OPTIONS.device: -# linesout.append('='.join([k,OPTIONS.device])) - elif k == "post-build-incremental": - if OPTIONS.buildnum: - linesout.append('='.join([k,OPTIONS.buildnum])) - else: - linesout.append(line) - return '\n'.join(linesout) - -def process_hashfile(data, bootloader): - linesout = [] - line_bootloader = "" - lines = data.split("\n") - index = 0 - for i in range(len(lines)): - line = lines[i] - if not line.startswith(_TARGET_LINE_PREFIX): - continue - - target = line[len(_TARGET_LINE_PREFIX):] - i = i + 1 - linesout.append(line) - line = lines[i] - - if line.startswith(_IFWI_PREFIX): - linesout.append(line) - else: - if not line.startswith(_HASH_LINE_PREFIX): - raise Exception("unexpected Fastboot output") - if target == '/bootloader': - line_bootloader = _HASH_LINE_PREFIX + str(hashlib.sha1(bootloader).hexdigest()) - print "dbg: ", line_bootloader - linesout.append(line_bootloader) - else: - linesout.append(line) - - return '\n'.join(linesout) - -def process_updater_script(data, unpack_dir): - lines = data.split("\n") - linesout = [] - fingerprint_new = OPTIONS.brand+'/'+OPTIONS.product+'/'+OPTIONS.device - fingerprint_old = ['intel/'+OPTIONS.fish_name+'/'+OPTIONS.fish_name] - if OPTIONS.pre_fish_name: - fingerprint_old.append('intel/'+OPTIONS.pre_fish_name+'/'+OPTIONS.pre_fish_name) - fingerprint_old.append('intel/'+OPTIONS.pre_fish_name+'/'+OPTIONS.fish_name) - if OPTIONS.lunch: - fingerprint_old.append('intel/'+OPTIONS.lunch+'/'+OPTIONS.lunch) - fingerprint_old.append('intel/'+OPTIONS.lunch+'/'+OPTIONS.fish_name) - - - pfx = re.compile('|'.join(fingerprint_old)) - for line in lines: - if line.startswith('getprop("ro.product.device") =='): - linesout.append(line.replace(OPTIONS.fish_name, OPTIONS.device)) - else: - linesout.append(pfx.sub(fingerprint_new, line)) - - # Check the provdata archive for extra edify commands to inject into the OTA - # script - provdata = common.UnzipTemp(os.path.join(unpack_dir, - "RADIO", "provdata_" + OPTIONS.variant +".zip")) - provdata_zip = zipfile.ZipFile(os.path.join(unpack_dir, - "RADIO", "provdata_" + OPTIONS.variant +".zip"), "r") - extra_script_path = os.path.join(provdata, "extra_script.edify") - if os.path.exists(extra_script_path): - print "Appending extra Edify script commands" - with open(extra_script_path) as es: - linesout.extend(es.readlines()) - - return '\n'.join(linesout) - -def patch_edify_script(verify_script, script_data, install_script): - # Patches the existing edify script_data with the verify_script, - # which is the script to be inserted at the end of the VerifyEnd - # section and the install_script, which is the script to be inserted - # at the beginning of the InstallEnd section. - lines = script_data.split("\n") - for i in range(len(lines)): - if verify_end_str in lines[i]: - verify_index = i - break - - # All lines up to the verification line - lines1 = lines[:verify_index] - # The verification line - vline = [lines[verify_index]] - # All lines after the verification line - lines2 = lines[(verify_index + 1):] - - newlines = lines1 + verify_script + vline + install_script + lines2; - return "\n".join(newlines) - -def compute_new_bootloader_patches_efi(source_tfp_dir, target_tfp_dir, ota_zip, - output_zip, script_data): - print "Computing new bootloader patches..." - output_files, delete_files, patch_list, verbatim_targets = \ - intel_common.ComputeBootloaderPatch(source_tfp_dir, - target_tfp_dir, - variant=OPTIONS.variant, - base_variant=OPTIONS.base_variant, - existing_ota_zip=ota_zip) - for f in output_files: - print "Adding",f.name - f.AddToZip(output_zip) - - # This script needs to be inserted into the main script at the - # end of VerifyEnd section - vscript = edify_generator.EdifyGenerator(3, OPTIONS.info_dict, - fstab=OPTIONS.source_info_dict["fstab"]) - - for tf, sf in patch_list: - vscript.PatchCheck("/"+tf.name, tf.sha1, sf.sha1) - vscript = vscript.script - - # This script needs to be inserted into the main script at the - # beginning of InstallEnd section - script = edify_generator.EdifyGenerator(3, OPTIONS.info_dict, - fstab=OPTIONS.source_info_dict["fstab"]) - - if delete_files: - script.Print("Removing unnecessary firmware files...") - script.DeleteFiles(delete_files) - - if patch_list: - script.Print("Patching firmware files...") - for tf, sf in patch_list: - script.ApplyPatch("/"+tf.name, "-", tf.size, tf.sha1, sf.sha1, "patch/"+tf.name+".p") - - if verbatim_targets: - script.Print("Adding firmware files...") - script.UnpackPackageDir("bootloader", "/bootloader") - script = script.script - - edify_patch = patch_edify_script(vscript, script_data, script) - return edify_patch - -def compute_new_bootloader_patches_sofia(source_tfp_dir, target_tfp_dir, ota_zip, - output_zip, script_data): - print "Computing new fwupdater patches..." - verbatim, fwu_patch, output_file = \ - intel_common.ComputeFWUpdatePatches(source_tfp_dir, - target_tfp_dir, - variant=OPTIONS.variant, - existing_ota_zip=ota_zip) - # The verify_script needs to be inserted into the main edify script - # at the end of VerifyEnd section. The verify_script edify code ensures - # fwupdate partition is in an expected state before the OTA system makes - # any changes. - verify_script = edify_generator.EdifyGenerator(3, OPTIONS.info_dict) - - fwu_type, fwu_device = common.GetTypeAndDevice("/fwupdate", OPTIONS.info_dict) - if not verbatim and fwu_patch: - (tf, sf) = fwu_patch - verify_script.PatchCheck("%s:%s:%d:%s:%d:%s" % - (fwu_type, fwu_device, sf.size, - sf.sha1, tf.size, tf.sha1)) - common.ZipWriteStr(output_zip, "patch/fwu_image.bin.p", output_file) - - verify_script = verify_script.script - - # The install_script needs to be inserted into the main script at the - # beginning of InstallEnd section. The install_script edify code applies - # the patch diffs. - install_script = edify_generator.EdifyGenerator(3, OPTIONS.info_dict) - - if verbatim: - install_script.Print("Adding FWImage verbatim...") - intel_common.AddFWImageFile(target_tfp_dir, output_zip, OPTIONS.variant) - - #Set progress bar to end of FLS extraction - install_script.SetProgress(0.6) - install_script.WriteRawImage("/fwupdate", "fwu_image.bin"); - elif fwu_patch: - install_script.Print("Patching firmware files...") - install_script.ApplyPatch("%s:%s:%d:%s:%d:%s" % (fwu_type, fwu_device, sf.size, - sf.sha1, tf.size, tf.sha1), - "-", tf.size, tf.sha1, sf.sha1, - "patch/fwu_image.bin.p") - - install_script = install_script.script - edify_patch = patch_edify_script(verify_script, script_data, install_script) - return edify_patch - -def check_arg(arg, errortext): - if not arg: - sys.stderr.write(errortext + "\n") - common.Usage(__doc__) - sys.exit(1) - -def replace_in_zip(zip_filename, data, item): - os.system("zip -d %s %s"%(zip_filename, item)) - zip = zipfile.ZipFile(zip_filename, "a") - zip.writestr(item, data, compress_type=zipfile.ZIP_DEFLATED) - zip.close() - -def main(argv): - def option_handler(o, a): - if o in ("-B", "--brand"): - OPTIONS.brand = a - elif o in ("-P", "--product"): - OPTIONS.product = a - elif o in ("-D", "--device"): - OPTIONS.device = a - elif o in ("-k", "--package_key"): - OPTIONS.package_key = a - elif o in ("-M", "--pre_fish_name"): - OPTIONS.pre_fish_name = a - elif o in ("-f", "--fish_name"): - OPTIONS.fish_name = a - elif o in ("-T", "--target_files"): - OPTIONS.tfp = a - elif o in ("-S", "--source_target_files"): - OPTIONS.source_tfp = a - OPTIONS.incremental = True - elif o in ("-V", "--variant"): - OPTIONS.variant = a - elif o in ("-L", "--legacy_variant"): - OPTIONS.base_variant = a - elif o in ("-l", "--lunch"): - OPTIONS.lunch = a - elif o in ("-b", "--buildnum"): - OPTIONS.buildnum = a - else: - return False - return True - - args = common.ParseOptions(argv, __doc__, - extra_opts = "B:P:D:k:M:f:T:S:V:L:l:b", - extra_long_opts = ["brand=","pre_fish_name=","fish_name=", - "product=", "device=", "package_key=", "target_files=", - "source_target_files=", "variant=", "legacy_variant=", - "lunch=","buildnum="], - extra_option_handler = option_handler) - - check_arg(OPTIONS.tfp, "Missing --target_files option") - check_arg(OPTIONS.variant, "Missing --variant option") - - # TODO would be nice to analyze the OTA package to determine whether it is - # a full image or incremental update and require or reject -S accordingly - - if len(args) != 2: - common.Usage(__doc__) - sys.exit(1) - - input_zip = zipfile.ZipFile(args[0]) - - print "Decompressing target-files-packages..." - tfp_dir = common.UnzipTemp(OPTIONS.tfp, ["RADIO/*"]) - tfp_zip = zipfile.ZipFile(OPTIONS.tfp, "r") - OPTIONS.info_dict = common.LoadInfoDict(tfp_zip) - - if OPTIONS.incremental: - source_tfp_dir = common.UnzipTemp(OPTIONS.source_tfp, ["RADIO/*"]) - source_tfp_zip = zipfile.ZipFile(OPTIONS.source_tfp, "r") - OPTIONS.source_info_dict = common.LoadInfoDict(source_tfp_zip) - - dmap = intel_common.load_device_mapping_from_tfp(tfp_dir) - if dmap: - if OPTIONS.variant in dmap: - if '__version__' in dmap: # Versions >= 1 have the version key - if dmap['__version__'] == 1: - OPTIONS.brand, OPTIONS.product, OPTIONS.device, \ - OPTIONS.lunch, OPTIONS.fish_name, \ - OPTIONS.base_variant = dmap[OPTIONS.variant] - else: - print "Invalid/unsupported device map version number" - else: # Version 0 does not have the version key - OPTIONS.brand, OPTIONS.product, OPTIONS.device, \ - OPTIONS.fish_name, OPTIONS.base_variant = dmap[OPTIONS.variant] - else: - print "Missing information for target variant", OPTIONS.variant - else: - print "Couldn't get device mapping information from", OPTIONS.tfp - - if OPTIONS.base_variant == OPTIONS.variant: - OPTIONS.base_variant = None - check_arg(OPTIONS.brand and OPTIONS.product and OPTIONS.device and OPTIONS.fish_name, - "Missing one of -B, -P, -D, -f and cannot get this info from target-files") - - platform_efi, sofia = intel_common.CheckIfSocEFI(tfp_dir, OPTIONS.variant) - OPTIONS.info_dict = common.LoadInfoDict(tfp_zip) - print "Processing OTA update contents.." - _, temp_zip = tempfile.mkstemp(suffix=".zip") - shutil.copyfile(input_zip.filename, temp_zip) - for zi in input_zip.infolist(): - if zi.filename == "META-INF/com/android/metadata": - data = process_metadata(input_zip.read(zi)) - replace_in_zip(temp_zip, data, zi.filename) - elif zi.filename == "META-INF/com/google/android/updater-script": - sdata = input_zip.read(zi) - sdata = process_updater_script(sdata, tfp_dir) - if OPTIONS.incremental and platform_efi: - output_zip = zipfile.ZipFile(temp_zip, "a") - sdata = compute_new_bootloader_patches_efi(source_tfp_dir, - tfp_dir, input_zip, output_zip, sdata) - output_zip.close() - elif OPTIONS.incremental and not platform_efi: - output_zip = zipfile.ZipFile(temp_zip, "a") - sdata = compute_new_bootloader_patches_sofia(source_tfp_dir, - tfp_dir, input_zip, output_zip, sdata) - output_zip.close() - replace_in_zip(temp_zip, sdata, zi.filename) - elif zi.filename == "bootloader.img": - new_bi = intel_common.GetBootloaderImageFromTFP(tfp_dir, - variant=OPTIONS.variant) - replace_in_zip(temp_zip, new_bi, zi.filename) - elif zi.filename == "verify/hashesfromtgt.txt": - new_bi = intel_common.GetBootloaderImageFromTFP(tfp_dir, - variant=OPTIONS.variant) - data = process_hashfile(input_zip.read(zi),new_bi) - replace_in_zip(temp_zip, data, zi.filename) - elif zi.filename == "fwu_image.bin" and not platform_efi: - os.system("zip -d %s %s"%(temp_zip, zi.filename)) - output_zip = zipfile.ZipFile(temp_zip, "a") - intel_common.AddFWImageFile(tfp_dir, output_zip, variant=OPTIONS.variant) - output_zip.close() - - print "Signing fixed-up package", args[1] - passwords = common.GetKeyPasswords([OPTIONS.package_key]) - common.SignFile(temp_zip, args[1], OPTIONS.package_key, passwords[OPTIONS.package_key], whole_file=True) - os.unlink(temp_zip) - - print "All done." - -if __name__ == '__main__': - try: - main(sys.argv[1:]) - except common.ExternalError, e: - print - print " ERROR: %s" % (e,) - print - sys.exit(1) - finally: - common.Cleanup() - diff --git a/releasetools/sign_target_files_efis b/releasetools/sign_target_files_efis deleted file mode 100755 index f7f349f..0000000 --- a/releasetools/sign_target_files_efis +++ /dev/null @@ -1,460 +0,0 @@ -#!/usr/bin/env python -# -# Copyright (C) 2014 The Android Open Source Project -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -""" -Re-sign EFI bootloader binaries found in RADIO/bootloader.zip or in RADIO/esp.zip -with production keys. -Can also substitute the vendor key inside the uefi_shim, or substitute -a new shim entirely. If needed the resigned loader is copied to vendor partition. - -Usage: sign_target_files_efiss - - -k (--key-mapping) - For the loader binary specified, if found inside the TFP will be re-signed - with the pair key provided. Call this multiple times to set the mapping for - different loader binaries. Do not provide filename extensions; by default - assumes private key ends in .pk8 and public key with .x509.pem - - Example: -k gummiboot.efi=path/to/keys/vendor - Will use vendor.pk8 and vendor.x509.pem in the provided PATH to re-sign - gummiboot.efi. - - This is a bit different from the --key_mapping option for - sign_target_files_apks, as typically there are only 2 loaders to sign. - - -R (--replace) = - Replace existing EFI binary with one supplied on the command line. Intended - for situations where we want to use a first stage loader signed by Microsoft. - - -O (--oem-keystore) - If used, generates a new OEM keystore with the supplied public key in .x509.pem - format. This may be called multiple times to include multiple keys in the - keystore. - Expects a key pair assuming public key ends with .x509.pem; the private key - is not used. - - -K (--oem-key) - Replace the OEM key inside kernelflinger with the replacement copy. - The OEM keystore must be signed with this key. - Expects a key pair assuming private key ends in .pk8 and public key - with .x509.pem - - -A (--avb-key) - Replace the Android Verified Boot key with the key in path - - -L (--kernelflinger) - Path inside ESP to kernelflinger binary. Defaults to the first-stage loader. - - -F (--first-stage) - Indicate the name of the first-stage loader. Put a copy of it in - EFI/BOOT/bootx64.efi or EFI/BOOT/bootia32.efi (depending on the type of - PE/COFF executable it is. Defaults to "loader.efi" -""" - -import sys -import shutil -import zipfile -import os -import os.path -import shlex -import tempfile -import subprocess -import struct -from pyasn1.error import PyAsn1Error -from pyasn1.codec.ber import decoder as ber_decoder -from pyasn1_modules import rfc5208 as pkcs8 - -import json - -unpack_dir = "" -loader_name = "kernelflinger.efi" - -if sys.hexversion < 0x02040000: - print >> sys.stderr, "Python 2.4 or newer is required." - sys.exit(1) - -# Android Release Tools -sys.path.append("build/tools/releasetools") -import common - -sys.path.append("device/intel/build/releasetools") -import intel_common - -OPTIONS = common.OPTIONS -OPTIONS.key_map = {} -OPTIONS.first_stage = "loader.efi" -OPTIONS.kernelflinger = None # if None, use OPTIONS.first_stage -OPTIONS.replace = {} -OPTIONS.all_keys = set() -OPTIONS.keystore_certs = [] -OPTIONS.oem_key = None -OPTIONS.target_product = None -GiB = (1 << 30) - -def is_32bit_efi(data): - tf = tempfile.NamedTemporaryFile() - tf.write(data) - cmd = ["file", tf.name] - out = subprocess.check_output(cmd) - tf.close() - return "80386" in out - - -def sign_ecss(src_path, dest_path, priv_path, cert_path): - signfile_path = os.environ.get('SIGNFILE_PATH') - assert signfile_path is not None, "Must set SIGNFILE_PATH environment variable" - - # extract content of private key - with open(priv_path, 'rb') as priv_key: - key_data = priv_key.read() - try: - parsed_pk8, remaining = ber_decoder.decode(key_data, asn1Spec = pkcs8.PrivateKeyInfo()) - params_octets, remaining = ber_decoder.decode(parsed_pk8['privateKey']) - params = ("%s" % params_octets).split() - assert params[0] == 'ECSS!', "Input private key is not an ECSS reference" - params = params[1:] - except PyAsn1Error: - raise Exception("'%s' does not contain a valid private key." % priv_path) - - # FIXME -- FIXME -- FIXME - # This is a hack to re-sign the input file with the testkey so that the - # signature is valid before passing it to the ECSS SignFile, which - # requires signature to be valid before resigning. - # Uncomment -out parameter to SignFile when this hack is removed - testpriv = intel_common.pk8_to_pem("build/target/product/security/testkey.pk8") - sign_efi(src_path, dest_path, testpriv.name, "build/target/product/security/testkey.x509.pem") - # END FIXME -- END FIXME -- END FIXME - - cmd = [os.path.join(signfile_path, 'SignFile'), - '-vv', '-ts', - '-ha', 'SHA256'] - cmd.extend(params) - cmd.append('-sb') - cmd.append(dest_path) - #cmd.append(src_path) - #cmd.extend(['-out', dest_path]) - p = common.Run(cmd) - p.wait() - assert p.returncode == 0, "SignFile failed: %d" % p.returncode - -def sign_efi(src_path, dest_path, priv_path, cert_path): - cmd = ["sbsign", "--key", priv_path, "--cert", cert_path, - "--output", dest_path, src_path,] - p = common.Run(cmd) - p.communicate() - assert p.returncode == 0, "sbsign failed" - - -def get_named_temp(prefix=None): - f = tempfile.NamedTemporaryFile(prefix=prefix, delete=False) - OPTIONS.tempfiles.append(f.name) - f.close() - return f.name - - -def extract_to_temp(input_zip, path, prefix=None): - f = tempfile.NamedTemporaryFile(prefix=prefix, delete=False) - OPTIONS.tempfiles.append(f.name) - f.write(input_zip.read(path)) - f.close() - return f.name - - -def zero_pad(data, size): - if len(data) > size: - raise common.ExternalError("Binary is already larger than pad size") - - return data + (b'\x00' * (size - len(data))) - - -# Useful: http://bbs.pediy.com/upload/bbs/unpackfaq/ARTeam%20PE_appendix1_offsets.htm -def get_section(data, name): - pe_header_offset = struct.unpack_from("= 2 * GiB): - common.ZipWrite(output_zip, os.path.join(unpack_dir, zi.filename), zi.filename) - else: - common.ZipWriteStr(output_zip, zi, input_zip.read(zi)) - - common.ZipClose(output_zip) - print "All done." - -if __name__ == '__main__': - try: - main(sys.argv[1:]) - except common.ExternalError, e: - print - print " ERROR: %s" % (e,) - print - sys.exit(1) - finally: - common.Cleanup() - diff --git a/releasetools/verified_boot_common.py b/releasetools/verified_boot_common.py deleted file mode 100644 index 4789138..0000000 --- a/releasetools/verified_boot_common.py +++ /dev/null @@ -1,410 +0,0 @@ -import os -import subprocess -import struct -import binascii -import string -import tempfile -from pyasn1.codec.ber import decoder as ber_decoder -from pyasn1_modules import rfc2315 as pkcs7 - -class Options(): - pass -OPTIONS = Options() -OPTIONS.verbose = False -OPTIONS.legacy = False -OPTIONS.ignore_legacy = False -OPTIONS.signfile_path_env = "SIGNFILE_PATH" - - - -def Run(args, **kwargs): - """Create and return a subprocess.Popen object, printing the command - line on the terminal if -v was specified.""" - if OPTIONS.verbose: - print(" running: ", " ".join(args)) - return subprocess.Popen(args, **kwargs, shell=False) - - -SIGNER_TYPE_UNKNOWN = 0 -SIGNER_TYPE_PEM = 1 -SIGNER_TYPE_PKCS8 = 2 -SIGNER_TYPE_CSS = 3 - - -def DetectSignerType(privkey_filename): - keyfile = open(privkey_filename, "rb") - canary_byte = keyfile.read(1) - keyfile.close() - if canary_byte == "\x30": - # Found ASN.1 'sequence' indicator. Assume PKCS #8 DER format. - return SIGNER_TYPE_PKCS8 - if canary_byte == "-": - # Found character at start of a PEM block. Assume PEM format. - return SIGNER_TYPE_PEM - if canary_byte[0] in string.printable: - # Found a printable character. Assume file containing CSS key name. - return SIGNER_TYPE_CSS - return SIGNER_TYPE_UNKNOWN - - -# To generate signature with OpenSSL -# openssl dgst -DIGEST_NAME -binary CANDIDATE_FILE | -# openssl pkeyutl -sign -keyform DER -inkey PKCS8_FILE \ -# -pkeyopt digest:DIGEST_NAME -# -# To verify signature with OpenSSL -# openssl dgst -DIGEST_NAME -binary CANDIDATE_FILE | -# openssl pkeyutl -verify -inkey PEM_FILE -sigfile SIGNATURE_FILE -def DoSign(candidate_filename, privkey_filename, - digest_name, privkey_password=None): - sign_type = DetectSignerType(privkey_filename) - - if sign_type == SIGNER_TYPE_PEM or sign_type == SIGNER_TYPE_PKCS8: - format_spec = "DER" if sign_type == SIGNER_TYPE_PKCS8 else "PEM" - - # openssl pkeyutl does not support passwords for pk8 -- only PEM -- - # so convert to PEM in a temp file and use the temp file - if format_spec == "DER" and privkey_password is not None: - pem_privkey = tempfile.NamedTemporaryFile() - p0 = Run(["openssl", "pkcs8", - "-inform", "DER", - "-outform", "PEM", - "-passin", "stdin", - "-in", privkey_filename, - "-out", pem_privkey.name], - stdin=subprocess.PIPE) - p0.communicate(privkey_password+"\n") - assert p0.returncode == 0, ("openssl pkcs8 of %s failed" % - privkey_filename) - format_spec = "PEM" - privkey_filename = pem_privkey.name - - dgstfile = tempfile.NamedTemporaryFile() - p1 = Run(["openssl", - "dgst", "-" + digest_name, - "-binary", "-out", dgstfile.name, - candidate_filename]) - p1.wait() - assert p1.returncode == 0, ("openssl dgst of %s failed" % - (candidate_filename,)) - pkeyutl_cmd = ["openssl", - "pkeyutl", "-sign", - "-in", dgstfile.name] - if privkey_password is not None: - pkeyutl_cmd.extend(["-passin", "stdin"]) - pkeyutl_cmd.extend(["-keyform", format_spec, - "-inkey", privkey_filename, - "-pkeyopt", "digest:" + digest_name]) - p2 = Run(pkeyutl_cmd, - stdin=subprocess.PIPE, - stderr=subprocess.PIPE, - stdout=subprocess.PIPE) - if privkey_password is not None: - privkey_password += '\n' - (sig, err) = p2.communicate(privkey_password) - print(err) - assert p2.returncode == 0, ("openssl pkeyutl of %s failed" % - (candidate_filename,)) - - elif sign_type == SIGNER_TYPE_CSS: - signfile_path = os.environ[OPTIONS.signfile_path_env] + "SignFile" - - # Get the CSS key name from the private key file - privkey_file = open(privkey_filename) - signer_cert_name = privkey_file.readline().strip() - privkey_file.close() - - # Create a temporary file for the signature output - signature_file = tempfile.NamedTemporaryFile(delete=False) - signature_file_name = signature_file.name - signature_file.close() - - p1 = Run([signfile_path, - "-s", "cl", - "-ts", "-vv", - "-ha", digest_name.upper(), - "-cf", signature_file_name, - "-c", signer_cert_name, - candidate_filename], - stdout=subprocess.PIPE, stderr=subprocess.PIPE) - (out, err) = p1.communicate() - if OPTIONS.verbose: - print(out) - print(err) - assert p1.returncode == 0, ("%s signing of %s failed" % - (signfile_path, candidate_filename)) - - # Read the signature result and pull out the signature block - signature_file = open(signature_file_name, "rb") - sig_content_data = signature_file.read() - signature_file.close() - os.remove(signature_file_name) - (content, remain) = ber_decoder.decode(sig_content_data, - asn1Spec=pkcs7.ContentInfo()) - assert content.getComponentByName('contentType') == pkcs7.signedData, ( - "%s output is not expected PKCS #7 SignedData" % signfile_path) - (content, remain) = ber_decoder.decode(content.getComponentByName('content'), - asn1Spec=pkcs7.SignedData()) - sig = content.getComponentByName('signerInfos')[0].getComponentByName('encryptedDigest').asOctets() - - else: - print("Sign type:", sign_type) - assert False, "%s does not contain a recognized key." % privkey_filename - - return sig - - -# To generate signature with OpenSSL -# openssl dgst -DIGEST_NAME -binary CANDIDATE_FILE | -# openssl pkeyutl -sign -keyform DER -inkey PKCS8_FILE \ -# -pkeyopt digest:DIGEST_NAME -# -# To verify signature with OpenSSL -# openssl dgst -DIGEST_NAME -binary CANDIDATE_FILE | -# openssl pkeyutl -verify -inkey PEM_FILE -sigfile SIGNATURE_FILE -def DoVerify(candidate_filename, signature_filename, - digest_name, cert_filename): - p1 = Run(["openssl", - "dgst", "-" + digest_name, - "-binary", candidate_filename], stdout=subprocess.PIPE) - p2 = Run(["openssl", - "pkeyutl", "-verify", - "-certin", "-keyform", "PEM", "-inkey", cert_filename, - "-sigfile", signature_filename, - "-pkeyopt", "digest:" + digest_name], - stdin=p1.stdout, stdout=subprocess.PIPE, stderr=subprocess.PIPE) - (out, err) = p2.communicate() - p1.wait() - assert p1.returncode == 0, ("openssl dgst of %s failed" % - (candidate_filename,)) - if OPTIONS.verbose: - print(out) - print(err) - - # openssl pkeyutl has a bug that always returns 1 regardless of verify - # success or failure, so check the output against the know success string - return out.strip() == "Signature Verified Successfully" - - -def copy_file_bytes(infile, outfile, num_bytes, block_size=(1024 * 64)): - remaining_size = num_bytes - buf = infile.read(min(remaining_size, block_size)) - while len(buf) == block_size: - remaining_size -= block_size - outfile.write(buf) - buf = infile.read(min(remaining_size, block_size)) - if len(buf) != remaining_size: - raise EOFError("Unexpected end of file") - outfile.write(buf) - - return remaining_size - - -def process_page_buffer(buf, page_size, infile, outfile): - outfile.write(buf) - padlen = (page_size - (len(buf) % page_size)) % page_size - - process_page_padding(infile, outfile, padlen) - return len(buf) + padlen - - -def process_page_file(sectionlen, page_size, infile, outfile): - try: - remaining_size = copy_file_bytes(infile, outfile, sectionlen, page_size) - except EOFError: - raise BootimgFormatException("Unexpected end of file (header incorrect?)") - - padlen = (page_size - remaining_size) % page_size - process_page_padding(infile, outfile, padlen) - - return sectionlen + padlen - - -def process_page_padding(infile, outfile, padlen): - if padlen == 0: - return - - if infile: - # read what should be either padlen bytes of pad, or EOF - padbuf = infile.read(padlen) - if len(padbuf) != padlen and padlen != 0: - raise BootimgFormatException( - "Unexpected section padding; expected 0 or %d, found %d" % ( - padlen, len(padbuf))) - else: - padbuf = "" - - # verify the content of the pad - if len(padbuf) == 0: - padbuf = "\x00" * padlen - elif len(padbuf.strip("\x00")) != 0: - # test by stripping characters. If any remain, the pad is invalid - raise BootimgFormatException( - "Unexpected section padding; non-zero bytes found") - - # write pad to output - outfile.write(padbuf) - - -# From hardware/intel/mkbootimg_secure/bootimg.h, which is derived from -# system/core/mkbootimg/bootimg.h. -# -# Differences from system/core/mkbootimg/bootimg.h are the following: -# - First unsigned of the 'unused' field is replaced with 'sig_size' in -# initial Intel format -# - 'extra_cmdline' appears at the end of the header -# -# #define BOOT_MAGIC "ANDROID!" -# #define BOOT_MAGIC_SIZE 8 -# #define BOOT_NAME_SIZE 16 -# #define BOOT_ARGS_SIZE 512 -# #define BOOT_EXTRA_ARGS_SIZE 1024 -# -# struct boot_img_hdr -# { -# unsigned char magic[BOOT_MAGIC_SIZE]; -# -# unsigned kernel_size; /* size in bytes */ -# unsigned kernel_addr; /* physical load addr */ -# -# unsigned ramdisk_size; /* size in bytes */ -# unsigned ramdisk_addr; /* physical load addr */ -# -# unsigned second_size; /* size in bytes */ -# unsigned second_addr; /* physical load addr */ -# -# unsigned tags_addr; /* physical addr for kernel tags */ -# unsigned page_size; /* flash page size we assume */ -# unsigned sig_size; /* if initial Intel signature format: -# bootimage signature size or 0 */ -# unsigned unused; /* future expansion: should be 0 */ -# -# unsigned char name[BOOT_NAME_SIZE]; /* asciiz product name */ -# -# unsigned char cmdline[BOOT_ARGS_SIZE]; -# -# unsigned id[8]; /* timestamp / checksum / sha1 / etc */ -# -# /* Supplemental command line data; kept here to maintain -# * binary compatibility with older versions of mkbootimg */ -# unsigned char extra_cmdline[BOOT_EXTRA_ARGS_SIZE]; -# }; -# -# -# +-----------------+ -# | boot header | 1 page -# +-----------------+ -# | kernel | n pages -# +-----------------+ -# | ramdisk | m pages -# +-----------------+ -# | second stage | o pages -# +-----------------+ -# | signature | p pages -# +-----------------+ -# -# n = (kernel_size + page_size - 1) / page_size -# m = (ramdisk_size + page_size - 1) / page_size -# o = (second_size + page_size - 1) / page_size -# p = (sig_size + page_size - 1) / page_size -# -# 0. all entities are page_size aligned in flash -# 1. kernel and ramdisk are required (size != 0) -# 2. second is optional (second_size == 0 -> no second) -# 3. load each element (kernel, ramdisk, second) at -# the specified physical address (kernel_addr, etc) -# 4. prepare tags at tag_addr. kernel_args[] is -# appended to the kernel commandline in the tags. -# 5. r0 = 0, r1 = MACHINE_TYPE, r2 = tags_addr -# 6. if second_size != 0: jump to second_addr -# else: jump to kernel_addr -# 7. signature is optional; size should be 0 if not -# present. signature type specified by bootloader -# - -class BootimgFormatException(Exception): - """Exception raised for errors format of input boot images. - - Attributes: - msg -- explanation of the error - """ - - def __init__(self, msg): - self.msg = msg - - -class BootimgHeader(): - __BOOTIMG_PACK_FORMAT = "8s10I16s512s32s1024s" - __header_parser = struct.Struct(__BOOTIMG_PACK_FORMAT) - BOOTIMG_HEADER_SIZE = __header_parser.size - BOOTIMG_MAGIC = "ANDROID!" - - def __init__(self, src, options): - force_unused0 = False - buf = src.read(BootimgHeader.BOOTIMG_HEADER_SIZE) - if len(buf) != BootimgHeader.BOOTIMG_HEADER_SIZE: - raise BootimgFormatException("Not a valid boot image (incomplete header)") - - h = {} - (h["magic"], - h["kernel_size"], h["kernel_addr"], - h["ramdisk_size"], h["ramdisk_addr"], - h["second_size"], h["second_addr"], - h["tags_addr"], - h["page_size"], - h["unused0"], - h["unused1"], - h["product_name"], - h["cmdline"], - h["img_id"], - h["extra_cmdline"]) = BootimgHeader.__header_parser.unpack(buf) - # print h - self.header_buf = buf - for key in h: - setattr(self, key, h[key]) - - if self.magic != BootimgHeader.BOOTIMG_MAGIC: - raise BootimgFormatException( - "Not a valid boot image (magic mismatch)") - if self.page_size < BootimgHeader.BOOTIMG_HEADER_SIZE: - raise BootimgFormatException( - "'page_size' must be at least the size of the header (>=%d)" % BootimgHeader.BOOTIMG_HEADER_SIZE) - if self.unused0 != 0: - # Original Intel signature used this field to indicate signature length - if not options.legacy and not options.ignore_legacy: - raise BootimgFormatException("Invalid header (Unused[0] is not zero). Use --legacy or --ignore-legacy") - else: - force_unused0 = True - if self.unused1 != 0: - raise BootimgFormatException("Invalid header (Unused[1] is not zero)") - if self.ramdisk_size == 0 or self.kernel_size == 0: - raise BootimgFormatException("Invalid boot image (empty ramdisk or kernel") - - # If legacy mode is being used, tweak the header to treat 'unused0' - # as 'sig_size'. - if options.legacy: - self.header_buf = buf[0:40] + struct.pack("I", options.legacy_siglen / 8) + buf[44:] - elif force_unused0: - self.header_buf = buf[0:40] + struct.pack("I", 0) + buf[44:] - - def __str__(self): - s = ("=" * 75) + "\n" - s += " Magic: %s\n" % self.magic - s += " Kernel size/addr: %d/0x%08X\n" % (self.kernel_size, - self.kernel_addr) - s += " Ramdisk size/addr: %d/0x%08X\n" % (self.ramdisk_size, - self.ramdisk_addr) - s += " Second size/addr: %d/0x%08X\n" % (self.second_size, - self.second_addr) - s += " Tags addr: 0x%08X\n" % self.tags_addr - s += " Page size: %d\n" % self.page_size - s += " Unused: 0x%08X %08X\n" % (self.unused0, - self.unused1) - s += " Product name: %s\n" % self.product_name.rstrip("\x00") - s += " Command line: %s\n" % self.cmdline.rstrip("\x00") - s += " ID: %s\n" % binascii.hexlify(self.img_id) - s += "Extra command line: %s\n" % self.extra_cmdline.rstrip("\x00") - s += "=" * 75 - return s - - diff --git a/releasetools/verifybootimg b/releasetools/verifybootimg deleted file mode 100755 index f178934..0000000 --- a/releasetools/verifybootimg +++ /dev/null @@ -1,105 +0,0 @@ -#!/usr/bin/python - -import tempfile -import argparse - -import verified_boot_common as vbc -import bootimg_sig_struct as bss -from pyasn1.type import univ -from pyasn1.codec.der import encoder as der_encoder -from pyasn1.codec.ber import decoder as ber_decoder - - -def main(): - argparser = argparse.ArgumentParser( - description='Verify an Android boot image.') - argparser.add_argument("input_image", help="Boot image file to sign.") - arggroup = argparser.add_mutually_exclusive_group(required=True) - arggroup.add_argument("--legacy", - choices=["sha1", "sha256"], default=None, - help="Digest algorithm to use for signture.") - arggroup.add_argument("-t", "--target", - help="Partition where the image should be found.") - arggroup = argparser.add_mutually_exclusive_group(required=True) - arggroup.add_argument("--cert", - help="Verify using certificate.") - argparser.add_argument("-v", "--verbose", action="store_true", - help="Show debug info and commands being run.") - argparser.parse_args(namespace=vbc.OPTIONS) - - try: - infile = open(vbc.OPTIONS.input_image, "rb") - header = vbc.BootimgHeader(infile, vbc.OPTIONS) - if vbc.OPTIONS.verbose: - print header - - with tempfile.NamedTemporaryFile() as interfile: - # Process all sections of the input file, padding as necessary. 'targetlen' - # will contain the length of the content prior to signature block. - targetlen = 0 - targetlen = vbc.process_page_buffer(header.header_buf, header.page_size, - infile, interfile) - targetlen += vbc.process_page_file(header.kernel_size, header.page_size, - infile, interfile) - targetlen += vbc.process_page_file(header.ramdisk_size, header.page_size, - infile, interfile) - if header.second_size > 0: - targetlen += vbc.process_page_file(header.second_size, header.page_size, - infile, interfile) - - # Read the signature block - if vbc.OPTIONS.legacy: - sigblock = infile.read(header.unused0) - if len(sigblock) != header.unused0: - raise vbc.BootimgFormatException("Signature block is too short. Expected %d bytes." % header.unused0) - digest_name = vbc.OPTIONS.legacy - else: - sigblock = infile.read() - (sig_struct,remaining) = ber_decoder.decode(sigblock, asn1Spec=bss.AndroidVerifiedBootSignature()) - if len(remaining) > 0: - raise vbc.BootimgFormatException("Unexpected data after signature block.") - if sig_struct.getComponentByName('formatVersion') != 1: - raise vbc.BootimgFormatException("Unknown signature format version.") - - # verify authenticated attributes - attributes = bss.AuthenticatedAttributes() - attributes["target"] = vbc.OPTIONS.target - attributes["length"] = targetlen - if attributes != sig_struct['attributes']: - if vbc.OPTIONS.verbose: - print "Signature Attributes\n", sig_struct['attributes'].prettyPrint() - print "Image Attributes\n", attributes.prettyPrint() - raise vbc.BootimgFormatException("Verified attributes mismatch") - - # Get digest name from signature algorithm - if sig_struct['algorithmId']['algorithm'] == bss.sha1WithRSAEncryptionOID: - digest_name = "sha1" - elif sig_struct['algorithmId']['algorithm'] == bss.sha256WithRSAEncryptionOID: - digest_name = "sha256" - - # Add authenticated attributes to candidate file - data = der_encoder.encode(attributes) - interfile.write(data) - - # Extract bytes of the signature. - sigblock = sig_struct['signature'].asOctets() - - interfile.flush() - with tempfile.NamedTemporaryFile(delete=False) as sigfile: - sigfile.write(sigblock); - sigfile.flush() - - # Sign the cadidate blob - if vbc.DoVerify(interfile.name, sigfile.name, digest_name, vbc.OPTIONS.cert): - print "Verification succeeded" - return 0 - else: - print "Verification failed" - return -1 - except Exception as e: - print "Error: %s" % e.msg - return -1 - - -if __name__ == "__main__": - main() diff --git a/tasks/checkvendor.mk b/tasks/checkvendor.mk deleted file mode 100644 index 6d36d23..0000000 --- a/tasks/checkvendor.mk +++ /dev/null @@ -1,7 +0,0 @@ -# Target checkvendor will be built in latest builds (when target publish is built) -.PHONY: checkvendor -checkvendor: - @$(INTEL_PATH_BUILD)/tasks/checkvendor.py -l -p vendor/intel - -publish_ci: checkvendor - diff --git a/tasks/checkvendor.py b/tasks/checkvendor.py deleted file mode 100755 index 86e3ba2..0000000 --- a/tasks/checkvendor.py +++ /dev/null @@ -1,189 +0,0 @@ -#!/usr/bin/env python - -import sys -import os -import re -from optparse import OptionParser - -informative_message = "Proprietary device-specific files must be stored in vendor partition. \n\ -LOCAL_PROPRIETARY_MODULE := true should be used in module definition. \n\ -Path (LOCAL_MODULE_PATH) will be defined by Android build system using LOCAL_MODULE_CLASS information. \n\ - \n\ ------------------------------------------------------------------------------------------------------\n\ -|LOCAL_MODULE_CLASS | vendor partition activated | vendor partition NOT activated |\n\ -|---------------------------------------------------------------------------------------------------|\n\ -|EXECUTABLES | /vendor/bin/ | /system/vendor/bin/ |\n\ -|SHARED_LIBRARIES | /vendor/lib/ or /vendor/lib64/ | /system/vendor/lib/ or /system/vendor/lib64/ |\n\ -|JAVA_LIBRARIES | /vendor/framework | /system/vendor/framework |\n\ -|APPS | /vendor/app | /system/vendor/app |\n\ -|ETC | /vendor/etc | /system/vendor/etc |\n\ ------------------------------------------------------------------------------------------------------\n\ - \n\ -If binary location cannot be defined by Android build system, LOCAL_MODULE_PATH should be defined using TARGET_OUT_VENDOR.\n\ - \n\ -PRODUCT_COPY_FILES must be avoided to be compliant with Android build system requirements. \n\ -If PRODUCT_COPY_FILES are used, usage of TARGET_COPY_OUT_VENDOR is required \n\ - \n\ -Exemples of module: \n\ - include $(CLEAR_VARS) \n\ - LOCAL_MODULE := module_intel \n\ - LOCAL_MODULE_CLASS := ETC \n\ - LOCAL_MODULE_OWNER := intel \n\ - LOCAL_SRC_FILES := file \n\ - LOCAL_PROPRIETARY_MODULE := true \n\ - include $(BUILD_PREBUILT) \n\ - \n\ - include $(CLEAR_VARS) \n\ - LOCAL_MODULE := module_intel_fw \n\ - LOCAL_MODULE_CLASS := ETC \n\ - LOCAL_MODULE_OWNER := intel \n\ - LOCAL_SRC_FILES := fw \n\ - LOCAL_PROPRIETARY_MODULE := true \n\ - LOCAL_MODULE_PATH := $(TARGET_OUT_VENDOR) \n\ - LOCAL_MODULE_RELATIVE_PATH := firmware \n\ - include $(BUILD_PREBUILT) \n\ - \n\ -https://wiki.ith.intel.com/display/ANDROIDSI/Vendor \n" - -informative_message_light = "https://wiki.ith.intel.com/display/ANDROIDSI/Vendor \n" - -warning_message1 = "WARNING: Prefer usage of LOCAL_PROPRIETARY_MODULE" -warning_message2 = "WARNING: Module will not be in vendor !" -separative_line = "================================================================================" - - -def get_sections(f, out): - out.append("##########MAKEFILE: " + f + " ##########") - # Use "with" so the file will automatically be closed - with open(f, "r") as fobj: - text = fobj.read() - - pattern = re.compile(r'(include \S+CLEAR_VARS\S\s*)(.*?)\s*(include \S+BUILD_\w+)', re.DOTALL) - - matches = pattern.findall(text) - out.append(matches) - - return matches, out - - -def print_vendor(message): - print("[NOT IN VENDOR] " + message) - - -def warning_message(err_num, f, message, section): - print(separative_line) - print_vendor(str(err_num)+'/ '+f+' : '+message) - - -def light_message(makefile, section): - module = get_module(section) - print_vendor("In "+makefile+" module "+str(module)+" will not be in vendor") - - -def search_string(light, tup, f, nb_err, out): - sections, out = get_sections(f, out) - for s in sections: - for (include, local_module_path) in tup: - if include in ''.join(s): - if "LOCAL_PROPRIETARY_MODULE" not in ''.join(s): - if local_module_path in ''.join(s): - nb_err = nb_err+1 - if not light: - warning_message(nb_err, f, warning_message1, s) - print_vendor("instead of "+local_module_path+" to have module in vendor in :") - for l in s: - print(l) - else: - if local_module_path not in ''.join(s): - nb_err = nb_err+1 - if light: - light_message(f, s) - else: - warning_message(nb_err, f, warning_message2, s) - for l in s: - print(l) - else: - if re.search(r"LOCAL_MODULE_PATH.*TARGET_OUT(?!_VENDOR).*", ''.join(s)) is not None: - nb_err = nb_err+1 - if light: - light_message(f, s) - else: - warning_message(nb_err, f, warning_message2, s) - print_vendor("Remove TARGET_OUT to let Android build system detect path using LOCAL_PROPRIETARY_MODULE:=true or use TARGET_OUT_VENDOR :") - for l in s: - print(l) - - return nb_err, out - - -def get_module(section): - try: - found = re.search(r"LOCAL_MODULE(?!_).*(:=)(.*)", '\n'.join(section)).group(2) - except AttributeError: - found = None - return found - - -def find_makefiles(directory): - makefiles = [] - for root, dirs, files in os.walk(directory): - for f in files: - if f.endswith('.mk'): - makefiles.append(root+'/'+f) - return makefiles - - -def main(): - - usage = "usage: %prog [options] makefile1 makefile2 ..." - description = ("Tool to verify if Intel binaries are going to the right output path. \n \ - If option -p is selected makefiles listed (makefile1 makefile2 ...) will be ignored.") - - parser = OptionParser(usage, description=description) - - parser.add_option("-p", "--path", dest="path", - help=("All makefiles will be checked in the given path")) - - parser.add_option("-l", "--light", dest="light", action='store_true', - help=("Messages will be limited to one line per module")) - - (options, args) = parser.parse_args() - - nb_err = 0 - nb_err_tmp = 0 - num_mk = 0 - - if options.path: - makefile = find_makefiles(options.path) - else: - makefile = args - - tup = [('BUILD_EXECUTABLE', 'TARGET_OUT_VENDOR_EXECUTABLES'), - ('BUILD_PREBUILT', 'TARGET_OUT_VENDOR'), - ('BUILD_SHARED_LIBRARY', 'TARGET_OUT_VENDOR_SHARED_LIBRARIES'), - ('BUILD_JAVA_LIBRARY', 'TARGET_OUT_VENDOR_JAVA_LIBRARIES'), - ('BUILD_PACKAGE', 'TARGET_OUT_VENDOR_APPS')] - - searched_output = [] - try: - for mk in makefile: - nb_err, searched_output = search_string(options.light, tup, mk, nb_err, searched_output) - if nb_err is not nb_err_tmp: - num_mk = num_mk+1 - nb_err_tmp = nb_err - - if not options.light: - if nb_err is not 0: - print(separative_line) - print_vendor(informative_message) - print(separative_line) - else: - print("\n") - print(informative_message_light) - - except IOError: - print('No *.mk found in this folder') - return 0 - -if __name__ == "__main__": - exit(main()) diff --git a/tasks/code_check.mk b/tasks/code_check.mk deleted file mode 100644 index 538dabb..0000000 --- a/tasks/code_check.mk +++ /dev/null @@ -1,20 +0,0 @@ - - - -flashfiles: warn_vendor_modules warn_local_module_tags -publish_ci: warn_vendor_modules warn_local_module_tags - -.PHONY: warn_vendor_modules warn_local_module_tags -# for each module in $(DELINQUANT_VENDOR_MODULES) if LOCAL_MODULE_INSTALLED exists, warn -warn_vendor_modules: - @for i in $(DELINQUANT_VENDOR_MODULES); \ - do echo [NOT IN VENDOR][$$TARGET_PRODUCT]\ - module:`echo $$i | cut -d: -f1` installed in:`echo $$i | cut -d: -f2` \ - by:`echo $$i | cut -d: -f3` should be installed either in /system/vendor \ - or /vendor; done - -warn_local_module_tags: - @for i in $(DELINQUANT_TAGS_MODULES); \ - do echo [LOCAL_MODULE_TAGS][$$TARGET_PRODUCT]\ - `echo $$i | cut -d: -f1` have LOCAL_MODULE_TAGS := `echo $$i | cut -d: -f2` \ - defined in `echo $$i | cut -d: -f3`; done diff --git a/tasks/create_usb_disk_image.mk b/tasks/create_usb_disk_image.mk deleted file mode 100644 index 752e899..0000000 --- a/tasks/create_usb_disk_image.mk +++ /dev/null @@ -1,43 +0,0 @@ -ifeq ($(BOARD_HAS_USB_DISK),true) - -.PHONY: usb_disk_images - -ifeq ($(FLASHFILE_VARIANTS),) -# 0x7e0000 is multiple of sectors/track(32 or 63), avoid mtools check error. -usb_disk_images: fast_flashfiles - $(hide) rm -f $(BOARD_USB_DISK_IMAGES) && $(MKDOSFS) -n UDISK -C $(BOARD_USB_DISK_IMAGES) 0x7e0000 - $(hide) $(MCOPY) -Q -i $(BOARD_USB_DISK_IMAGES) $(FAST_FLASHFILES_DIR)/* :: -else -usb_disk_images: fast_flashfiles - for variant in $(FLASHFILE_VARIANTS); do \ - eval "usb_disk$${variant}_files=(`ls $(FAST_FLASHFILES_DIR)/*_$${variant}*`)"; \ - done; \ - usb_disk_files=(`ls $(FAST_FLASHFILES_DIR)/*`); \ - usb_disk_common_files=(); \ - for file in $${usb_disk_files[@]}; do \ - match=false; \ - for variant in $(FLASHFILE_VARIANTS); do \ - name=usb_disk$${variant}_files[*]; \ - grep -q " $${file} " <<< " $${!name} " && match=true && break; \ - done; \ - $${match} && continue; \ - usb_disk_common_files+=($${file}); \ - done; \ - for variant in $(FLASHFILE_VARIANTS); do \ - name=usb_disk$${variant}_files[@]; \ - rm -f $(BOARD_USB_DISK_IMAGE_PFX)-$${variant}.img; \ - $(MKDOSFS) -n UDISK -C $(BOARD_USB_DISK_IMAGE_PFX)-$${variant}.img 0x7e0000; \ - $(MCOPY) -Q -i $(BOARD_USB_DISK_IMAGE_PFX)-$${variant}.img $(FAST_FLASHFILES_DIR)/installer_$${variant}.cmd ::installer.cmd; \ - $(MCOPY) -Q -i $(BOARD_USB_DISK_IMAGE_PFX)-$${variant}.img $${usb_disk_common_files[@]} $${!name} ::; \ - done; -endif - -publish_usb_disk_image: usb_disk_images | publish_mkdir_dest - for image in $(BOARD_USB_DISK_IMAGES); do \ - $(INTEL_PATH_BUILD)/createcraffimage.py --image $${image}; \ - $(ACP) $${image/.img/.craff} $(publish_dest); \ - done - -publish_ci: publish_usb_disk_image - -endif # BOARD_USB_DISK_IMAGES diff --git a/tasks/factory_scripts.mk b/tasks/factory_scripts.mk deleted file mode 100644 index 9477a79..0000000 --- a/tasks/factory_scripts.mk +++ /dev/null @@ -1,32 +0,0 @@ -# ----------------------------------------------------------------- -# Factory Scripts - -# FIXME why the conversion to lowercase?? -BUILD_ID_LC := $(shell echo $(BUILD_ID) | tr A-Z a-z) -FACTORY_SCRIPTS_PACKAGE_TARGET := $(PRODUCT_OUT)/$(TARGET_PRODUCT)-$(BUILD_ID_LC)-factory.tgz -FACTORY_SCRIPTS_RADIO := $(if $(BOARD_RADIOIMAGE), --radio $(BOARD_RADIOIMAGE)) - -$(FACTORY_SCRIPTS_PACKAGE_TARGET): \ - $(INTEL_PATH_BUILD)/generate_factory_images \ - $(PRODUCT_OUT)/bootloader.img \ - $(INTERNAL_UPDATE_PACKAGE_TARGET) \ - $(BOARD_RADIOIMAGE) \ - $(DISTTOOLS) $(SELINUX_DEPENDS) \ - - @echo "Package: $@" - # Generate Package - $(hide) ./$(INTEL_PATH_BUILD)/generate_factory_images \ - --product $(TARGET_PRODUCT) --release $(BUILD_ID) \ - --bootloader $(PRODUCT_OUT)/bootloader.img \ - --update-archive $(INTERNAL_UPDATE_PACKAGE_TARGET) \ - $(FACTORY_SCRIPTS_RADIO) \ - --sleeptime 45 \ - --output $@ - -.PHONY: factoryscripts -factoryscripts: $(FACTORY_SCRIPTS_PACKAGE_TARGET) - -ifeq ($(TARGET_BUILD_INTEL_FACTORY_SCRIPTS),true) -$(call dist-for-goals,droidcore,$(FACTORY_SCRIPTS_PACKAGE_TARGET)) -endif - diff --git a/tasks/flashfiles.mk b/tasks/flashfiles.mk deleted file mode 100755 index 4c80b78..0000000 --- a/tasks/flashfiles.mk +++ /dev/null @@ -1,461 +0,0 @@ -name := $(TARGET_PRODUCT) -ifneq ($(findstring acrn,$(TARGET_PRODUCT)),) -name := $(TARGET_PRODUCT)-guest -endif -ifeq ($(TARGET_BUILD_TYPE),debug) - name := $(name)_debug -endif -ifeq ($(RELEASE_BUILD),true) -flash_name := $(name)-sign-flashfiles-$(FILE_NAME_TAG) -target_name := $(name)-sign-targetfile-$(FILE_NAME_TAG) -gpt_name := $(PRODUCT_OUT)/release_sign/$(name).img -endif -name := $(name)-flashfiles-$(FILE_NAME_TAG) -BUILDNUM := $(shell $(DATE) +%H%M%3S) -ifeq ($(RELEASE_BUILD),true) -BUILT_RELEASE_FLASH_FILES_PACKAGE := $(PRODUCT_OUT)/$(flash_name).zip -BUILT_RELEASE_TARGET_FILES_PACKAGE := $(PRODUCT_OUT)/$(target_name).zip -ifeq ($(SUPER_IMG_IN_FLASHZIP),true) -BUILT_RELEASE_SUPER_IMAGE := $(PRODUCT_OUT)/release_sign/super.img -endif -SOONG_HOST_TOOL := \ - PATH="$(SOONG_HOST_OUT)/bin:$$PATH" -$(BUILT_RELEASE_TARGET_FILES_PACKAGE):$(BUILT_TARGET_FILES_PACKAGE) - @echo "Package release: $@" - $(SOONG_HOST_TOOL) \ - $(HOST_OUT_EXECUTABLES)/sign_target_files_apks -o \ - -d device/intel/build/testkeys/cts-release-test \ - --key_mapping build/target/product/security/networkstack=device/intel/build/testkeys/cts-release-test/networkstack \ - $(BUILT_TARGET_FILES_PACKAGE) $@ - -ifeq ($(SUPER_IMG_IN_FLASHZIP),true) -$(BUILT_RELEASE_SUPER_IMAGE):$(BUILT_RELEASE_TARGET_FILES_PACKAGE) - mkdir -p $(PRODUCT_OUT)/release_sign - build/make/tools/releasetools/build_super_image.py -v $< $@ - -GPT_DIR := $(PRODUCT_OUT)/ff_temp -tos_image := $(GPT_DIR)/tos.img -ifeq ($(tos_bin),none) -tos_image := none -endif - -ifeq ($(BUILD_GPTIMAGE), true) -$(gpt_name):$(BUILT_RELEASE_FLASH_FILES_PACKAGE) - rm -rf $(GPT_DIR) - mkdir -p $(GPT_DIR) - unzip $< -d $(GPT_DIR) - $(SIMG2IMG) $(GPT_DIR)/super.img $(GPT_DIR)/super.img.raw - $(SIMG2IMG) $(GPT_DIR)/config.img $(GPT_DIR)/config.img.raw - - $(INTEL_PATH_BUILD)/create_gpt_image.py \ - --create $@ \ - --block $(BOARD_FLASH_BLOCK_SIZE) \ - --table $(BOARD_GPT_INI) \ - --size $(gptimage_size) \ - --bootloader $(GPT_DIR)/bootloader.img \ - --tos $(tos_image) \ - --boot $(GPT_DIR)/boot.img \ - --vbmeta $(GPT_DIR)/vbmeta.img \ - --super $(GPT_DIR)/super.img.raw \ - --acpio $(GPT_DIR)/acpio.img \ - --vendor_boot $(GPT_DIR)/vendor_boot.img \ - --config $(GPT_DIR)/config.img.raw - $(hide) rm -f $@.gz - $(hide) gzip -f $@ - $(hide) rm -rf $(GPT_DIR) -else -$(gpt_name): - @echo "skip build gptimages" -endif - -$(BUILT_RELEASE_FLASH_FILES_PACKAGE):$(BUILT_RELEASE_SUPER_IMAGE) $(fftf) $(UEFI_ADDITIONAL_TOOLS) - $(hide) mkdir -p $(dir $@) - $(fftf) $(FLASHFILES_ADD_ARGS) --mv_config_default=$(notdir $(mvcfg_default_arg)) --add_image=$(BUILT_RELEASE_SUPER_IMAGE) $(BUILT_RELEASE_TARGET_FILES_PACKAGE) $@ - #remove system.img vendor.img product.img from flashfiles.zip - $(hide)zip -d $@ "system.img" "product.img" "vendor.img"; -else -$(BUILT_RELEASE_FLASH_FILES_PACKAGE):$(BUILT_RELEASE_TARGET_FILES_PACKAGE) $(fftf) $(UEFI_ADDITIONAL_TOOLS) - $(hide) mkdir -p $(dir $@) - $(fftf) $(FLASHFILES_ADD_ARGS) --mv_config_default=$(notdir $(mvcfg_default_arg)) $(BUILT_RELEASE_TARGET_FILES_PACKAGE) $@ -endif -endif - -ifeq ($(USE_INTEL_FLASHFILES),true) -fftf := $(INTEL_PATH_BUILD)/releasetools/flashfiles_from_target_files -odf := $(INTEL_PATH_BUILD)/releasetools/ota_deployment_fixup - -ifneq ($(FLASHFILE_VARIANTS),) - # Generate variant specific flashfiles if VARIANT_SPECIFIC_FLASHFILES is True - ifeq ($(VARIANT_SPECIFIC_FLASHFILES),true) - INTEL_FACTORY_FLASHFILES_TARGET := - $(foreach var,$(FLASHFILE_VARIANTS), \ - $(info Adding $(var)) \ - $(eval fn_prefix := $(PRODUCT_OUT)/$(TARGET_PRODUCT)) \ - $(eval fn_suffix := $(var)-$(FILE_NAME_TAG)) \ - $(eval ff_zip := $(fn_prefix)-flashfiles-$(fn_suffix).zip) \ - $(eval INTEL_FACTORY_FLASHFILES_TARGET += $(ff_zip)) \ - $(call dist-for-goals,droidcore,$(ff_zip):$(notdir $(ff_zip)))) - - $(INTEL_FACTORY_FLASHFILES_TARGET): $(BUILT_TARGET_FILES_PACKAGE) $(fftf) $(UEFI_ADDITIONAL_TOOLS) - $(hide) mkdir -p $(dir $@) - $(eval y = $(subst -, ,$(basename $(@F)))) - $(eval DEV = $(word 3, $(y))) - $(eval mvcfg_dev = $(MV_CONFIG_DEFAULT_TYPE.$(DEV))) - $(if $(mvcfg_dev), $(eval mvcfg_default_arg = $(mvcfg_dev)),$(eval mvcfg_default_arg = $(MV_CONFIG_DEFAULT_TYPE))) - $(hide) $(fftf) --variant=$(DEV) --mv_config_default=$(notdir $(mvcfg_default_arg)) $(BUILT_TARGET_FILES_PACKAGE) $@ - endif - -ifneq ($(TARGET_SKIP_OTA_PACKAGE), true) - # Generate OTA fixup files - INTEL_OTA_PACKAGES := - $(foreach var,$(OTA_VARIANTS), \ - $(info Adding $(var)) \ - $(eval fn_prefix := $(PRODUCT_OUT)/$(TARGET_PRODUCT)) \ - $(eval fn_suffix := $(var)-$(FILE_NAME_TAG)) \ - $(eval ota_zip := $(fn_prefix)-ota-$(fn_suffix).zip) \ - $(eval INTEL_OTA_PACKAGES += $(ota_zip)) \ - $(call dist-for-goals,droidcore,$(ota_zip):$(notdir $(ota_zip)))) - - $(INTEL_OTA_PACKAGES): $(INTERNAL_OTA_PACKAGE_TARGET) $(BUILT_TARGET_FILES_PACKAGE) $(odf) $(DISTTOOLS) - $(hide) mkdir -p $(dir $@) - $(eval y = $(subst -, ,$(basename $(@F)))) - $(eval DEV = $(word 3, $(y))) - $(hide) export ANDROID_BUILD_TOP=$(PWD); $(odf) --verbose --buildnum=$(BUILDNUM) --variant=$(DEV) \ - --target_files $(BUILT_TARGET_FILES_PACKAGE) \ - $(INTERNAL_OTA_PACKAGE_TARGET) $@ - - otapackage: $(INTEL_OTA_PACKAGES) -endif - -endif # Generate variant-specific files - -#Flag for unified flashfile when variants exist -ifneq ($(FLASHFILE_VARIANTS),) -FLASHFILES_ADD_ARGS := '--unified-variants' -endif - -INTEL_FACTORY_FLASHFILES_TARGET := $(PRODUCT_OUT)/$(name).zip - -ifneq ($(SOFIA_FIRMWARE_VARIANTS),) -mvcfg_default_arg = $(MV_CONFIG_DEFAULT_TYPE.$(firstword $(SOFIA_FIRMWARE_VARIANTS))) -else -mvcfg_default_arg = $(MV_CONFIG_DEFAULT_TYPE) -endif - -ifeq ($(SUPER_IMG_IN_FLASHZIP),true) -$(INTEL_FACTORY_FLASHFILES_TARGET): $(BUILT_TARGET_FILES_PACKAGE) $(fftf) $(UEFI_ADDITIONAL_TOOLS) $(INTERNAL_SUPERIMAGE_DIST_TARGET) - $(hide) mkdir -p $(dir $@) - $(fftf) $(FLASHFILES_ADD_ARGS) --mv_config_default=$(notdir $(mvcfg_default_arg)) --add_image=$(INTERNAL_SUPERIMAGE_DIST_TARGET) $(BUILT_TARGET_FILES_PACKAGE) $@ - #remove system.img vendor.img product.img from flashfiles.zip - $(hide)zip -d $@ "system.img" "product.img" "vendor.img"; -else -$(INTEL_FACTORY_FLASHFILES_TARGET): $(BUILT_TARGET_FILES_PACKAGE) $(fftf) $(UEFI_ADDITIONAL_TOOLS) - $(hide) mkdir -p $(dir $@) - $(fftf) $(FLASHFILES_ADD_ARGS) --mv_config_default=$(notdir $(mvcfg_default_arg)) $(BUILT_TARGET_FILES_PACKAGE) $@ -endif - -ifeq ($(PUBLISH_CMCC_IMG),true) -CMCC_TARGET := $(PRODUCT_OUT)/$(subst -flashfiles-,-cmcc-,$(name)).zip -CMCC_IMG_PATH := $(PRODUCT_OUT)/fls/fls/CMCC - -$(CMCC_TARGET): droidcore - $(hide) mkdir -p $(dir $@) - $(hide) zip -j $@ $(CMCC_IMG_PATH)/* -endif - -ifneq ($(FAST_FLASHFILES),false) -# Fast flashfiles is for engineering purpose only -# Should not be used on end-user product -.PHONY: fast_flashfiles - -FAST_FLASHFILES_DIR := $(PRODUCT_OUT)/fast_flashfiles - -FAST_FLASHFILES_DEPS := \ - $(INSTALLED_BOOTIMAGE_TARGET) \ - $(INSTALLED_RADIOIMAGE_TARGET) \ - $(INSTALLED_RECOVERYIMAGE_TARGET) \ - $(INSTALLED_SYSTEMIMAGE) \ - $(INSTALLED_USERDATAIMAGE_TARGET) \ - $(INSTALLED_CACHEIMAGE_TARGET) \ - $(INSTALLED_VENDORIMAGE_TARGET) \ - $(USERFASTBOOT_BOOTIMAGE) \ - $(INSTALLED_VBMETAIMAGE_TARGET) \ - -fast_flashfiles: $(fftf) $(UEFI_ADDITIONAL_TOOLS) $(FAST_FLASHFILES_DEPS) | $(ACP) - $(hide) rm -rf $(FAST_FLASHFILES_DIR) - $(hide) mkdir -p $(FAST_FLASHFILES_DIR) - $(fftf) $(FLASHFILES_ADD_ARGS) --mv_config_default=$(notdir $(mvcfg_default_arg)) --fast $(PRODUCT_OUT) $(FAST_FLASHFILES_DIR) - -# add dependencies -droid: fast_flashfiles -flashfiles: fast_flashfiles -else -droid: $(INSTALLED_RADIOIMAGE_TARGET) -endif #FAST_FLASHFILES - -ifeq ($(RELEASE_BUILD),true) -$(call dist-for-goals,droidcore,$(BUILT_RELEASE_FLASH_FILES_PACKAGE)) -endif - -$(call dist-for-goals,droidcore,$(INTEL_FACTORY_FLASHFILES_TARGET)) - -ifneq ($(BOARD_HAS_NO_IFWI),true) - -# $1 is ifwi variable suffix -# $2 is the folder where ifwi are published on buildbot - -define ifwi_target - -ifneq ($$($(1)),) - -PUB_IFWI := pub/$(TARGET_PRODUCT)/IFWI/ifwi_uefi_$(TARGET_PRODUCT) -IFWI_NAME :=$$(addprefix $$(TARGET_BUILD_VARIANT)_,$$(notdir $$(realpath $$($(1))))) - -ifneq ($$(IFWI_NAME),) -INTEL_FACTORY_$(1) := $$(PRODUCT_OUT)/$$(IFWI_NAME) -else -INTEL_FACTORY_$(1) := $$(PRODUCT_OUT)/$$(TARGET_PRODUCT)_$(1).bin -endif - -$$(INTEL_FACTORY_$(1)): $$($(1)) | $$(ACP) - $$(hide) $$(ACP) $$< $$@ - -PUB_$(1) := $$(PUB_IFWI)/$(2)/$$(notdir $$(INTEL_FACTORY_$(1))) - -$$(PUB_$(1)): $$(INTEL_FACTORY_$(1)) - mkdir -p $$(@D) - $$(hide) $$(ACP) $$< $$@ - -ifwi: $$(INTEL_FACTORY_$(1)) - -publish_ifwi: $$(PUB_$(1)) - -endif -endef - -.PHONY: ifwi -.PHONY: publish_ifwi - -IFWI_LIST := EFI_IFWI_BIN IFWI_RVP_BIN IFWI_2GB_BIN IFWI_D0_BIN IFWI_D0_2GB_BIN EFI_AFU_BIN AFU_2GB_BIN AFU_D0_2GB_BIN AFU_D0_BIN BOARD_SFU_UPDATE CAPSULE_2GB EFI_EMMC_BIN - -PUB_EFI_IFWI_BIN := dediprog -PUB_IFWI_RVP_BIN := dediprog -PUB_IFWI_2GB_BIN := dediprog -PUB_IFWI_D0_2GB_BIN := dediprog -PUB_IFWI_D0_BIN := dediprog -PUB_EFI_AFU_BIN := afu -PUB_AFU_2GB_BIN := afu -PUB_AFU_D0_2GB_BIN := afu -PUB_AFU_D0_BIN := afu -PUB_BOARD_SFU_UPDATE := capsule -PUB_CAPSULE_2GB := capsule -PUB_EFI_EMMC_BIN := stage2 - -$(foreach ifwi,$(IFWI_LIST),$(eval $(call ifwi_target,$(ifwi),$(PUB_$(ifwi))))) - -else -publish_ifwi: - @echo "Info: board has no ifwi to publish" -endif # BOARD_HAS_NO_IFWI - -endif # USE_INTEL_FLASHFILES - -# Publish the vertical patches to vertical release tar ball -.PHONY: publish_vertical -publish_vertical: -ifneq (,$(wildcard vendor/intel/utils_vertical)) -publish_vertical: - @echo "Identified Vertical repo and copy the patches to the tar ball" - $(hide) mkdir -p $(publish_dest) - $(hide) rm -rf $(TOP)/pub/$(TARGET_PRODUCT)/$(TARGET_BUILD_VARIANT)/Release_Files - $(hide) mkdir -p $(TOP)/pub/$(TARGET_PRODUCT)/$(TARGET_BUILD_VARIANT)/Release_Files - $(hide) cp -r vendor/intel/utils_vertical $(TOP)/pub/$(TARGET_PRODUCT)/$(TARGET_BUILD_VARIANT)/Release_Files - $(hide) mv $(TOP)/pub/$(TARGET_PRODUCT)/$(TARGET_BUILD_VARIANT)/Release_Files/utils_vertical $(TOP)/pub/$(TARGET_PRODUCT)/$(TARGET_BUILD_VARIANT)/Release_Files/vertical_patches -ifneq (,$(wildcard vendor/intel/fw/keybox_provisioning)) - $(hide) cp -r vendor/intel/fw/keybox_provisioning $(TOP)/pub/$(TARGET_PRODUCT)/$(TARGET_BUILD_VARIANT)/Release_Files - $(hide) mv $(TOP)/pub/$(TARGET_PRODUCT)/$(TARGET_BUILD_VARIANT)/Release_Files/keybox_provisioning $(TOP)/pub/$(TARGET_PRODUCT)/$(TARGET_BUILD_VARIANT)/Release_Files/vertical_keybox_provisioning -endif - -else -publish_vertical: - $(hide) rm -rf $(TOP)/pub/$(TARGET_PRODUCT)/$(TARGET_BUILD_VARIANT)/Release_Files -endif - -ifeq ($(RELEASE_BUILD),true) -ISO_INSTALL_IMG = $(PRODUCT_OUT)/$(TARGET_PRODUCT)-sign-flashfile-$(FILE_NAME_TAG).iso -else -ISO_INSTALL_IMG = $(PRODUCT_OUT)/$(TARGET_PRODUCT)-flashfile-$(FILE_NAME_TAG).iso -endif -ISO_INSTALL_IMG_ZIP = $(ISO_INSTALL_IMG).zip -ISO_RELEASE_TAR = $(PRODUCT_OUT)/$(TARGET_PRODUCT)-releasefile-$(TARGET_BUILD_VARIANT).iso.tar.gz -ISO_EFI = $(PRODUCT_OUT)/iso_tmp.efi - -LOCAL_TOOL:= \ - PATH="/bin:$$PATH" - -.PHONY: flashfiles -ifeq ($(RELEASE_BUILD),true) -flashfiles: $(INTEL_FACTORY_FLASHFILES_TARGET) $(BUILT_RELEASE_FLASH_FILES_PACKAGE) $(gpt_name) publish_mkdir_dest publish_vertical host-pkg - @$(ACP) $(BUILT_RELEASE_FLASH_FILES_PACKAGE) $(publish_dest) - @echo "Publishing Release files started ..." - $(hide) mkdir -p $(TOP)/pub/$(TARGET_PRODUCT)/$(TARGET_BUILD_VARIANT)/Release_Files - $(hide) cp -r $(PRODUCT_OUT)/*-flashfiles-*.zip $(TOP)/pub/$(TARGET_PRODUCT)/$(TARGET_BUILD_VARIANT)/Release_Files - $(hide) cp -r $(PRODUCT_OUT)/scripts $(TOP)/pub/$(TARGET_PRODUCT)/$(TARGET_BUILD_VARIANT)/Release_Files - $(hide) cp -r vendor/intel/utils/host $(TOP)/pub/$(TARGET_PRODUCT)/$(TARGET_BUILD_VARIANT)/Release_Files - $(hide) mv $(TOP)/pub/$(TARGET_PRODUCT)/$(TARGET_BUILD_VARIANT)/Release_Files/host $(TOP)/pub/$(TARGET_PRODUCT)/$(TARGET_BUILD_VARIANT)/Release_Files/patches - $(hide) cp -r $(TOP)/pub/$(TARGET_PRODUCT)/$(TARGET_BUILD_VARIANT)/Release_Files/* $(TOP) -ifneq (,$(wildcard vendor/intel/utils_vertical)) -ifneq (,$(wildcard vendor/intel/fw/keybox_provisioning)) - @echo "vertical_keybox_provisioning included" - $(hide) tar --exclude=*.git -czf $(TARGET_PRODUCT)-releasefiles-$(TARGET_BUILD_VARIANT).tar.gz scripts *patches $(TARGET_PRODUCT)-flashfiles-*.zip *provisioning -else - $(hide) tar --exclude=*.git -czf $(TARGET_PRODUCT)-releasefiles-$(TARGET_BUILD_VARIANT).tar.gz scripts *patches $(TARGET_PRODUCT)-flashfiles-*.zip -endif -else - $(hide) tar --exclude=*.git -czf $(TARGET_PRODUCT)-releasefiles-$(TARGET_BUILD_VARIANT).tar.gz scripts *patches $(TARGET_PRODUCT)-flashfiles-*.zip -endif - $(hide) cp -r $(TOP)/$(TARGET_PRODUCT)-releasefiles-$(TARGET_BUILD_VARIANT).tar.gz $(TOP)/pub/$(TARGET_PRODUCT)/$(TARGET_BUILD_VARIANT) - $(hide) cp -r $(TOP)/$(TARGET_PRODUCT)-releasefiles-$(TARGET_BUILD_VARIANT).tar.gz $(PRODUCT_OUT) - @echo "Release files are published" -ifneq (,$(filter caas_dev caas_cfc,$(TARGET_PRODUCT))) -ifneq (,$(wildcard out/dist)) - @echo "Publish the CaaS image as debian_package" - $(hide)rm -rf $(TOP)/pub/$(TARGET_PRODUCT)/$(TARGET_BUILD_VARIANT)/Release/ - $(hide)rm -rf $(PRODUCT_OUT)/RELEASE - $(hide)mkdir -p $(TOP)/pub/$(TARGET_PRODUCT)/$(TARGET_BUILD_VARIANT)/Release/Release_Deb -ifeq ($(BUILD_GPTIMAGE), true) - $(hide)cp -r $(PRODUCT_OUT)/release_sign/caas*.img.gz $(TOP)/pub/$(TARGET_PRODUCT)/$(TARGET_BUILD_VARIANT)/Release/Release_Deb -endif - $(hide)mkdir -p $(TOP)/pub/$(TARGET_PRODUCT)/$(TARGET_BUILD_VARIANT)/Release/DEBIAN - $(hide)cp -r device/intel/mixins/groups/device-specific/caas_dev/addon/debian/* $(TOP)/pub/$(TARGET_PRODUCT)/$(TARGET_BUILD_VARIANT)/Release/DEBIAN/ - $(hide)cp -r $(PRODUCT_OUT)/scripts $(TOP)/pub/$(TARGET_PRODUCT)/$(TARGET_BUILD_VARIANT)/Release/Release_Deb - $(hide)cp -r $(TOP)/pub/$(TARGET_PRODUCT)/$(TARGET_BUILD_VARIANT)/Release/ $(PRODUCT_OUT) - $(hide)(cd $(PRODUCT_OUT) && $(LOCAL_TOOL) dpkg-deb --build Release/) - $(hide) cp -r $(PRODUCT_OUT)/*.deb $(TOP)/pub/$(TARGET_PRODUCT)/$(TARGET_BUILD_VARIANT) -else - $(hide)rm -rf $(PRODUCT_OUT)/*.deb - $(hide)rm -rf $(PRODUCT_OUT)/Release - $(hide)rm -rf $(TOP)/pub/$(TARGET_PRODUCT)/$(TARGET_BUILD_VARIANT)/Release -endif -else - $(hide)rm -rf $(PRODUCT_OUT)/*.deb - $(hide)rm -rf $(PRODUCT_OUT)/Release - $(hide)rm -rf $(TOP)/pub/$(TARGET_PRODUCT)/$(TARGET_BUILD_VARIANT)/Release -endif -else -flashfiles: $(INTEL_FACTORY_FLASHFILES_TARGET) publish_gptimage_var publish_mkdir_dest publish_vertical host-pkg - @echo "Publishing Release files started" - $(hide) mkdir -p $(TOP)/pub/$(TARGET_PRODUCT)/$(TARGET_BUILD_VARIANT)/Release_Files - $(hide) cp -r $(PRODUCT_OUT)/*-flashfiles-*.zip $(TOP)/pub/$(TARGET_PRODUCT)/$(TARGET_BUILD_VARIANT)/Release_Files - $(hide) cp -r $(PRODUCT_OUT)/scripts $(TOP)/pub/$(TARGET_PRODUCT)/$(TARGET_BUILD_VARIANT)/Release_Files - $(hide) cp -r vendor/intel/utils/host $(TOP)/pub/$(TARGET_PRODUCT)/$(TARGET_BUILD_VARIANT)/Release_Files - $(hide) mv $(TOP)/pub/$(TARGET_PRODUCT)/$(TARGET_BUILD_VARIANT)/Release_Files/host $(TOP)/pub/$(TARGET_PRODUCT)/$(TARGET_BUILD_VARIANT)/Release_Files/patches - $(hide) cp -r $(TOP)/pub/$(TARGET_PRODUCT)/$(TARGET_BUILD_VARIANT)/Release_Files/* $(TOP) -ifneq (,$(wildcard vendor/intel/utils_vertical)) -ifneq (,$(wildcard vendor/intel/fw/keybox_provisioning)) - @echo "vertical_keybox_provisioning included" - $(hide) tar --exclude=*.git -czf $(TARGET_PRODUCT)-releasefiles-$(TARGET_BUILD_VARIANT).tar.gz scripts *patches $(TARGET_PRODUCT)-flashfiles-*.zip *provisioning -else - $(hide) tar --exclude=*.git -czf $(TARGET_PRODUCT)-releasefiles-$(TARGET_BUILD_VARIANT).tar.gz scripts *patches $(TARGET_PRODUCT)-flashfiles-*.zip -endif -else - $(hide) tar --exclude=*.git -czf $(TARGET_PRODUCT)-releasefiles-$(TARGET_BUILD_VARIANT).tar.gz scripts *patches $(TARGET_PRODUCT)-flashfiles-*.zip -endif - $(hide) cp -r $(TOP)/$(TARGET_PRODUCT)-releasefiles-$(TARGET_BUILD_VARIANT).tar.gz $(TOP)/pub/$(TARGET_PRODUCT)/$(TARGET_BUILD_VARIANT) - $(hide) cp -r $(TOP)/$(TARGET_PRODUCT)-releasefiles-$(TARGET_BUILD_VARIANT).tar.gz $(PRODUCT_OUT) - @echo "Release files are published" -ifneq (,$(filter caas_dev caas_cfc,$(TARGET_PRODUCT))) -ifneq (,$(wildcard out/dist)) - @echo "Publish the CaaS image as debian package" - $(hide)rm -rf $(TOP)/pub/$(TARGET_PRODUCT)/$(TARGET_BUILD_VARIANT)/Release/ - $(hide)rm -rf $(PRODUCT_OUT)/RELEASE - $(hide)mkdir -p $(TOP)/pub/$(TARGET_PRODUCT)/$(TARGET_BUILD_VARIANT)/Release/Release_Deb -ifeq ($(BUILD_GPTIMAGE), true) - $(hide)cp -r $(PRODUCT_OUT)/caas*.img.gz $(TOP)/pub/$(TARGET_PRODUCT)/$(TARGET_BUILD_VARIANT)/Release/Release_Deb -endif - $(hide)mkdir -p $(TOP)/pub/$(TARGET_PRODUCT)/$(TARGET_BUILD_VARIANT)/Release/DEBIAN - $(hide)cp -r device/intel/mixins/groups/device-specific/caas_dev/addon/debian/* $(TOP)/pub/$(TARGET_PRODUCT)/$(TARGET_BUILD_VARIANT)/Release/DEBIAN/ - $(hide)cp -r $(PRODUCT_OUT)/scripts $(TOP)/pub/$(TARGET_PRODUCT)/$(TARGET_BUILD_VARIANT)/Release/Release_Deb - $(hide)cp -r $(TOP)/pub/$(TARGET_PRODUCT)/$(TARGET_BUILD_VARIANT)/Release/ $(PRODUCT_OUT) - $(hide)(cd $(PRODUCT_OUT) && $(LOCAL_TOOL) dpkg-deb --build Release/) - $(hide) cp -r $(PRODUCT_OUT)/*.deb $(TOP)/pub/$(TARGET_PRODUCT)/$(TARGET_BUILD_VARIANT) -else - $(hide)rm -rf $(PRODUCT_OUT)/*.deb - $(hide)rm -rf $(PRODUCT_OUT)/Release - $(hide)rm -rf $(TOP)/pub/$(TARGET_PRODUCT)/$(TARGET_BUILD_VARIANT)/Release -endif -else - $(hide)rm -rf $(PRODUCT_OUT)/*.deb - $(hide)rm -rf $(PRODUCT_OUT)/Release - $(hide)rm -rf $(TOP)/pub/$(TARGET_PRODUCT)/$(TARGET_BUILD_VARIANT)/Release -endif -endif -ifeq ($(USE_INTEL_FLASHFILES),false) -publish_ifwi: - @echo "Warning: Unable to fulfill publish_ifwi makefile request" -endif - - @echo "Generating ISO image $(ISO_INSTALL_IMG) ..."; - $(hide)rm -rf $(PRODUCT_OUT)/efi_images_tmp/; - $(hide)rm -rf $(ISO_INSTALL_IMG) $(ISO_INSTALL_IMG_ZIP) - $(hide)mkdir -p $(PRODUCT_OUT)/efi_images_tmp; - -ifeq ($(RELEASE_BUILD),true) - $(hide)unzip $(BUILT_RELEASE_FLASH_FILES_PACKAGE) -d $(PRODUCT_OUT)/efi_images_tmp/ > /dev/null; -else - - $(hide)unzip $(INTEL_FACTORY_FLASHFILES_TARGET) -d $(PRODUCT_OUT)/efi_images_tmp/ > /dev/null; -endif - G_size=`echo "$$((1 << 32))"`; \ - for img in `ls $(PRODUCT_OUT)/efi_images_tmp/`;do \ - size=`stat -c %s $(PRODUCT_OUT)/efi_images_tmp/$${img}`; \ - if [[ $${size} -gt $${G_size} ]]; then \ - echo "Split $${img} due to its size bigger than 4G"; \ - split --bytes=`expr $${G_size} - 1` --numeric-suffixes $(PRODUCT_OUT)/efi_images_tmp/$${img} $(PRODUCT_OUT)/efi_images_tmp/$${img}.part; \ - rm $(PRODUCT_OUT)/efi_images_tmp/$${img}; \ - fi;\ - done; - - $(hide)rm -rf $(ISO_EFI); \ - flashfile_size=`du -s ${PRODUCT_OUT}/efi_images_tmp/ | awk '{print $$1}'`; \ - flashfile_size=`expr $${flashfile_size} + 102400`; \ - flashfile_size=`expr $${flashfile_size} / 63 + 1 `; \ - flashfile_size=`expr $${flashfile_size} \* 63 `; \ - dd if=/dev/zero of=$(ISO_EFI) bs=1024 count=$${flashfile_size}; - - $(hide)mkdosfs -F32 -n EFI $(ISO_EFI); - $(hide)mmd -i $(ISO_EFI) ::EFI; - $(hide)mmd -i $(ISO_EFI) ::EFI/BOOT; - $(hide)mcopy -Q -i $(ISO_EFI) $(PRODUCT_OUT)/efi_images_tmp/installer.efi ::EFI/BOOT/bootx64.efi; - $(hide)mcopy -Q -i $(ISO_EFI) $(PRODUCT_OUT)/efi_images_tmp/* ::; - - $(hide)rm -rf $(PRODUCT_OUT)/iso - $(hide)mkdir -p $(PRODUCT_OUT)/iso - $(hide)xorriso -as mkisofs -iso-level 3 -r -V "Civ ISO" -J -joliet-long -append_partition 2 0xef $(ISO_EFI) \ - -partition_cyl_align all -o $(ISO_INSTALL_IMG) $(PRODUCT_OUT)/iso/ - - @echo "Zipping ISO image $(ISO_INSTALL_IMG_ZIP) ..." - $(hide)zip -r -j $(ISO_INSTALL_IMG_ZIP) $(ISO_INSTALL_IMG) - - @echo "Zipping ISO release image $(ISO_RELEASE_TAR) ..." - $(hide)rm -rf $(ISO_RELEASE_TAR) - $(hide)cp $(ISO_INSTALL_IMG) $(TOP)/ -ifneq (,$(wildcard vendor/intel/utils_vertical)) -ifneq (,$(wildcard vendor/intel/fw/keybox_provisioning)) - @echo "vertical_keybox_provisioning included" - $(hide) tar --exclude=*.git -czf $(ISO_RELEASE_TAR) scripts *patches *-flashfile-*.iso *provisioning -else - $(hide) tar --exclude=*.git -czf $(ISO_RELEASE_TAR) scripts *patches *-flashfile-*.iso -endif -else - $(hide) tar --exclude=*.git -czf $(ISO_RELEASE_TAR) scripts *patches *-flashfile-*.iso -endif - - @echo "make ISO image done ---" - $(hide) cp -r $(ISO_RELEASE_TAR) $(TOP)/pub/$(TARGET_PRODUCT)/$(TARGET_BUILD_VARIANT) - $(hide) cp -r $(ISO_INSTALL_IMG_ZIP) $(TOP)/pub/$(TARGET_PRODUCT)/$(TARGET_BUILD_VARIANT) - - $(hide)rm -rf $(PRODUCT_OUT)/efi_images_tmp/ $(PRODUCT_OUT)/iso $(ISO_EFI) - $(hide)rm -rf $(TOP)/$(TARGET_PRODUCT)-releasefiles-$(TARGET_BUILD_VARIANT).tar.gz && rm -rf $(TOP)/Release_Files && rm -rf $(TOP)/$(TARGET_PRODUCT)-flashfiles-*.zip && rm -rf $(TOP)/scripts && rm -rf $(TOP)/*patches && rm -rf $(TOP)/*provisioning && rm -rf $(TOP)/pub/$(TARGET_PRODUCT)/$(TARGET_BUILD_VARIANT)/Release_Files $(TOP)/*-flashfile-*.iso - - @echo "ISO Release files are published" diff --git a/tasks/intel_prebuilts.mk b/tasks/intel_prebuilts.mk deleted file mode 100644 index ccc9034..0000000 --- a/tasks/intel_prebuilts.mk +++ /dev/null @@ -1,47 +0,0 @@ -ifneq ($(TARGET_OUT_prebuilts),) -intel_prebuilts_top_makefile := $(TARGET_OUT_prebuilts)/Android.mk -$(intel_prebuilts_top_makefile): - @mkdir -p $(dir $@) - @echo 'LOCAL_PATH := $$(call my-dir)' > $@ - @echo 'ifeq ($$(TARGET_ARCH),x86)' >> $@ - @echo 'include $$(shell find $$(LOCAL_PATH) -mindepth 2 -name "Android.mk")' >> $@ - @echo 'endif' >> $@ -endif - -.PHONY: intel_prebuilts publish_intel_prebuilts generate_intel_prebuilts -intel_prebuilts: $(filter-out intel_prebuilts, $(MAKECMDGOALS)) - @$(MAKE) publish_intel_prebuilts - -publish_intel_prebuilts: generate_intel_prebuilts - -generate_intel_prebuilts: $(intel_prebuilts_top_makefile) - @$(if $(TARGET_OUT_prebuilts), \ - echo did make following prebuilts Android.mk: \ - $(foreach m, $?,\ - echo " " $(m);) \ - find $(TARGET_OUT_prebuilts) -name Android.mk -print -exec cat {} \;) - - -PUB_INTEL_PREBUILTS := prebuilts.zip - -EXTERNAL_CUSTOMER ?= "g" - -INTEL_PREBUILTS_LIST := $(shell repo forall -g bsp-priv -a $(EXTERNAL_CUSTOMER)_external=bin -p -c echo 2> /dev/null) -INTEL_PREBUILTS_LIST := $(filter-out project,$(INTEL_PREBUILTS_LIST)) -INTEL_PREBUILTS_LIST := $(addprefix prebuilts/intel/, $(subst /PRIVATE/,/prebuilts/$(REF_PRODUCT_NAME)/,$(INTEL_PREBUILTS_LIST))) -INTEL_PREBUILTS_LIST += prebuilts/intel/Android.mk - -.PHONY: $(PUB_INTEL_PREBUILTS) -$(PUB_INTEL_PREBUILTS): generate_intel_prebuilts - @echo "Publish prebuilts for external release" - $(hide) rm -f $(abspath pub/$(TARGET_PRODUCT)/$@) - $(hide) mkdir -p $(abspath pub/$(TARGET_PRODUCT)) - $(hide) cd $(PRODUCT_OUT) && zip -r $(abspath pub/$(TARGET_PRODUCT)/$@) $(INTEL_PREBUILTS_LIST) - -# publish external if buildbot set EXTERNAL_BINARIES env variable -# and only for userdebug -ifeq (userdebug,$(TARGET_BUILD_VARIANT)) -ifeq ($(EXTERNAL_BINARIES),true) -publish_intel_prebuilts: $(PUB_INTEL_PREBUILTS) -endif -endif diff --git a/tasks/limit_lunch_target.mk b/tasks/limit_lunch_target.mk deleted file mode 100644 index 91235c9..0000000 --- a/tasks/limit_lunch_target.mk +++ /dev/null @@ -1,7 +0,0 @@ -ifneq ($(NON_GMIN_BUILD),true) -count = $(shell echo -n $(TARGET_PRODUCT) | wc -m) -evaluate = $(shell bash -c '[ "$(count)" -gt "22" ] && echo true') -ifeq ($(evaluate), true) -$(error TARGET_PRODUCT=$(TARGET_PRODUCT) has $(count) characters; must not exceed 11) -endif -endif diff --git a/tasks/liveimage.mk b/tasks/liveimage.mk deleted file mode 100644 index 7edc301..0000000 --- a/tasks/liveimage.mk +++ /dev/null @@ -1,120 +0,0 @@ -# Determine if we are doing a 'make liveimage' -LIVEIMAGE_GOAL := $(strip $(filter liveimage,$(MAKECMDGOALS))) - -ifeq (liveimage,$(LIVEIMAGE_GOAL)) -name := $(TARGET_PRODUCT) -ifeq ($(TARGET_BUILD_TYPE),debug) - name := $(name)_debug -endif -name := $(name)-liveimage-$(FILE_NAME_TAG) -INTEL_LIVEIMAGE_TARGET := $(PRODUCT_OUT)/$(name).img -$(call dist-for-goals,liveimage,$(INTEL_LIVEIMAGE_TARGET)) - -ifeq ($(TARGET_UEFI_ARCH),i386) -efi_default_name := bootia32.efi -else -efi_default_name := bootx64.efi -endif - -ramdisk_dir := $(call intermediates-dir-for,PACKAGING,live-ramdisk) -live_artifact_dir := $(call intermediates-dir-for,PACKAGING,live-image-items) -sfs_dir := $(call intermediates-dir-for,PACKAGING,live-sfs) -disk_dir := $(live_artifact_dir)/root - -live_ramdisk := $(live_artifact_dir)/ramdisk-live.img -live_bootimage := $(live_artifact_dir)/boot-live.img -live_sfs := $(live_artifact_dir)/images.sfs -liveimage_zip := $(live_artifact_dir)/live.zip - -$(live_sfs): \ - $(INTEL_PATH_BUILD)/tasks/liveimage.mk \ - $(INSTALLED_SYSTEMIMAGE) \ - $(HOST_OUT_EXECUTABLES)/simg2img \ - | $(ACP) \ - - $(hide) mkdir -p $(dir $@) - $(hide) rm -rf $(sfs_dir) - $(hide) mkdir -p $(sfs_dir) -ifeq ($(TARGET_USERIMAGES_SPARSE_EXT_DIABLED),true) - $(hide) $(ACP) $(INSTALLED_SYSTEMIMAGE) $(sfs_dir)/system.img -else - $(hide) $(HOST_OUT_EXECUTABLES)/simg2img $(INSTALLED_SYSTEMIMAGE) $(sfs_dir)/system.img -endif - $(hide) PATH=/sbin:/usr/sbin:$(PATH) mksquashfs $(sfs_dir) $@ -no-recovery -noappend - -live_initrc := $(INTEL_PATH_COMMON)/boot/init.live.rc - -$(live_ramdisk): \ - $(INTEL_PATH_BUILD)/tasks/liveimage.mk \ - $(PRODUCT_OUT)/preinit/preinit \ - $(INSTALLED_RAMDISK_TARGET) \ - $(MKBOOTFS) \ - $(live_initrc) \ - | $(MINIGZIP) $(ACP) \ - - $(hide) mkdir -p $(dir $@) - $(hide) rm -rf $(ramdisk_dir) - $(hide) mkdir -p $(ramdisk_dir) - $(hide) $(ACP) -rfd $(TARGET_ROOT_OUT)/* $(ramdisk_dir) - $(hide) mv $(ramdisk_dir)/init $(ramdisk_dir)/init2 - $(hide) $(ACP) -p $(PRODUCT_OUT)/preinit/preinit $(ramdisk_dir)/init - $(hide) mkdir -p $(ramdisk_dir)/installmedia - $(hide) mkdir -p $(ramdisk_dir)/tmp - $(hide) echo "import init.live.rc" >> $(ramdisk_dir)/init.rc - $(hide) sed -i -r 's/^[\t ]*(mount_all|mount yaffs|mount ext).*//g' $(ramdisk_dir)/init*.rc - $(hide) $(ACP) $(live_initrc) $(ramdisk_dir) - $(hide) $(MKBOOTFS) $(ramdisk_dir) | $(MINIGZIP) > $@ - -$(live_bootimage): \ - $(INTEL_PATH_BUILD)/tasks/liveimage.mk \ - $(INSTALLED_KERNEL_TARGET) \ - $(live_ramdisk) \ - $(MKBOOTIMG) $(BOOT_SIGNER) \ - - $(hide) mkdir -p $(dir $@) - $(hide) $(MKBOOTIMG) --kernel $(INSTALLED_KERNEL_TARGET) \ - --ramdisk $(live_ramdisk) \ - --cmdline "$(BOARD_KERNEL_CMDLINE)" \ - $(BOARD_MKBOOTIMG_ARGS) \ - --output $@ - $(hide) $(BOOT_SIGNER) /fastboot $@ $(PRODUCTS.$(INTERNAL_PRODUCT).PRODUCT_VERITY_SIGNING_KEY).pk8 $(PRODUCTS.$(INTERNAL_PRODUCT).PRODUCT_VERITY_SIGNING_KEY).x509.pem $@ - -$(liveimage_zip): \ - $(INTEL_PATH_BUILD)/tasks/liveimage.mk \ - $(live_sfs) \ - $(BOARD_FIRST_STAGE_LOADER) \ - $(BOARD_EFI_MODULES) \ - - $(hide) mkdir -p $(dir $@) - $(hide) rm -rf $(disk_dir) - $(hide) mkdir -p $(disk_dir) - $(hide) $(ACP) -f $(live_sfs) $(disk_dir)/images.sfs - $(hide) mkdir -p $(disk_dir)/images - $(hide) mkdir -p $(disk_dir)/EFI/BOOT - $(hide) touch $(disk_dir)/iago-cookie -ifneq ($(BOARD_EXTRA_EFI_MODULES),) - $(hide) $(ACP) $(BOARD_EXTRA_EFI_MODULES) $(disk_dir)/ -endif - $(hide) $(ACP) $(BOARD_FIRST_STAGE_LOADER) $(disk_dir)/EFI/BOOT/$(efi_default_name) - $(hide) (cd $(disk_dir) && zip -qry ../$(notdir $@) .) - - -$(INTEL_LIVEIMAGE_TARGET): \ - $(INTEL_PATH_BUILD)/tasks/liveimage.mk \ - $(liveimage_zip) \ - $(MKDOSFS) \ - $(MCOPY) \ - $(live_bootimage) \ - $(INTEL_PATH_BUILD)/bootloader_from_zip \ - - $(hide) $(INTEL_PATH_BUILD)/bootloader_from_zip \ - --fastboot $(live_bootimage) \ - --zipfile $(liveimage_zip) \ - --bootable \ - $@ - -.PHONY: liveimage -liveimage: $(INTEL_LIVEIMAGE_TARGET) - $(warning USE OF THE LIVE IMAGE IS UNSUPPORTED - YOU WILL NEED TO WORK THROUGH BUGS ON YOUR OWN!) - -endif # ifeq (liveimage,$(LIVEIMAGE_GOAL)) diff --git a/tasks/ota.mk b/tasks/ota.mk deleted file mode 100644 index e918dc7..0000000 --- a/tasks/ota.mk +++ /dev/null @@ -1,8 +0,0 @@ -# INTEL_OTATOOLS defined in $(INTEL_PATH_BUILD)/core/definitions.mk -# These are here because these INTERNAL_* variables are only defined -# halfway through build/core/Makefile, long after definitions.mk has -# been imported - -$(INTERNAL_OTA_PACKAGE_TARGET): $(INTEL_OTATOOLS) -$(INTERNAL_UPDATE_PACKAGE_TARGET): $(INTEL_OTATOOLS) - diff --git a/tasks/publish.mk b/tasks/publish.mk deleted file mode 100644 index d4c981e..0000000 --- a/tasks/publish.mk +++ /dev/null @@ -1,291 +0,0 @@ -# This provides the 'publish' and 'publish_ci' makefile targets. -# -# PUBLISH target: -# NOTE: When using the 'publish' target you MUST also use the 'dist' -# target. The 'dist' target is a special target and unfortunately we -# can't just depend on the 'dist' target :( -# e.g. 'make dist publish' -# e.g. 'make droid dist publish' -# -# DO NOT DO: 'make publish' as it will not work -# -# PUBLISH_CI target: -# The 'publish_ci' target may be called by itself as it has a dependency -# on the one file we need. -# e.g. 'make publish_ci' - -publish_dest := $(TOP)/pub/$(TARGET_PRODUCT)/$(TARGET_BUILD_VARIANT) -publish_tool_dest := $(publish_dest)/../tools -publish_tool_destw := $(publish_tool_dest)/windows-x86/ -publish_tool_destl := $(publish_tool_dest)/linux-x86/ -publish_make_dir = $(if $(wildcard $1),,mkdir -p $1) - -.PHONY: publish_mkdir_dest -publish_mkdir_dest: - $(call publish_make_dir, $(publish_dest)) - -# Publish System symbols -PUB_SYSTEM_SYMBOLS := symbols.tar.gz - -.PHONY: $(PUB_SYSTEM_SYMBOLS) -$(PUB_SYSTEM_SYMBOLS): $(systemtarball) - @echo "Publish system symbols" - $(hide) mkdir -p $(publish_dest) - tar -czf $(publish_dest)/$@ $(PRODUCT_OUT)/symbols - -.PHONY: publish_system_symbols -publish_system_symbols: $(PUB_SYSTEM_SYMBOLS) - -# Publish Scripts needed for QEMU -PUB_QEMU_SCRIPTS := qemu_scripts.tar.gz - -.PHONY: $(PUB_QEMU_SCRIPTS) -$(PUB_QEMU_SCRIPTS): $(scriptstarball) - @echo "Publish scripts" - $(hide) mkdir -p $(publish_dest) - tar -czf $(publish_dest)/$@ $(PRODUCT_OUT)/scripts - -.PHONY: publish_qemu_scripts -publish_qemu_scripts: $(PUB_QEMU_SCRIPTS) - -.PHONY: publish_kernel_debug -# if kernel is not a prebuilt one -# and kernel is built locally -ifeq ($(TARGET_PREBUILT_KERNEL),) -ifneq ($(LOCAL_KERNEL_PATH),) -# Publish Kernel debug -PUB_KERNEL_DBG := vmlinux.bz2 System.map.bz2 -PUB_KERNEL_DBG_PATH := $(publish_dest)/kernel -#PUB_KERNEL_DBG := $(addprefix $(PUB_KERNEL_DBG_PATH)/,$(PUB_KERNEL_DBG)) - -.PHONY: $(PUB_KERNEL_DBG) -$(PUB_KERNEL_DBG): $(LOCAL_KERNEL) - @echo "Publish $(basename $(@F))" - $(hide) mkdir -p $(PUB_KERNEL_DBG_PATH) - $(hide) bzip2 -c $(LOCAL_KERNEL_PATH)/$(basename $(@F)) > $(PUB_KERNEL_DBG_PATH)/$@ - -PUB_KERNEL_MODULES = kernel_modules-$(TARGET_BUILD_VARIANT).tar.bz2 - -.PHONY: $(PUB_KERNEL_MODULES) -$(PUB_KERNEL_MODULES): $(LOCAL_KERNEL_PATH)/copy_modules - @echo "Publish Kernel Modules" - $(hide) mkdir -p $(PUB_KERNEL_DBG_PATH) - -tar -cjf $(PUB_KERNEL_DBG_PATH)/$@ -C $(LOCAL_KERNEL_PATH)/lib/modules . - -publish_kernel_debug: $(PUB_KERNEL_DBG) $(PUB_KERNEL_MODULES) - @echo "Publish kernel debug: $(notdir $^)" -endif # $(LOCAL_KERNEL_PATH) -else -publish_kernel_debug: - @echo "Publish kernel debug: skipped" -endif - -# Publish Sofia LTE CMCC images -ifeq ($(PUBLISH_CMCC_IMG),true) -PUB_CMCC_ZIP := $(publish_dest)/$(notdir $(CMCC_TARGET)) -$(PUB_CMCC_ZIP): publish_mkdir_dest $(CMCC_TARGET) - $(hide) $(ACP) $(CMCC_TARGET) $@ -endif - -# Publish OS agnostic tag -ifneq ($(OS_AGNOSTIC_INFO),) -PUB_OSAGNOSTIC_TAG := $(publish_dest)/$(notdir $(OS_AGNOSTIC_INFO)) -$(PUB_OSAGNOSTIC_TAG): publish_mkdir_dest $(OS_AGNOSTIC_INFO) - $(hide)($(ACP) $(OS_AGNOSTIC_INFO) $@) -endif - -# Publish kf4abl symbols files -.PHONY: publish_kf4abl_symbols -ifeq ($(TARGET_BUILD_VARIANT:debug=)|$(KERNELFLINGER_SUPPORT_NON_EFI_BOOT),user|true) -publish_kf4abl_symbols: publish_mkdir_dest kf4abl-$(TARGET_BUILD_VARIANT) fb4abl-$(TARGET_BUILD_VARIANT) - $(hide)($(ACP) $(KF4ABL_SYMBOLS_ZIP) $(FB4ABL_SYMBOLS_ZIP) $(publish_dest)) -else -publish_kf4abl_symbols: - @echo "Publish kf4abl symbols: skipped" -endif - -# Publish Firmware symbols -.PHONY: publish_firmware_symbols -FIRMWARE_SYMBOLS_FILE := $(TARGET_DEVICE)-symbols_firmware.zip -FIRMWARE_SYMBOLS_PATH := $(wildcard $(INTEL_PATH_HARDWARE)/$(TARGET_BOARD_PLATFORM)-fls/$(PRODUCT_MODEL)/symbols/*.elf) - -publish_firmware_symbols: publish_mkdir_dest publish_flashfiles -ifneq ($(BUILD_OSAS),1) # prebuilt - @echo "------------Publish prebuilt firmware symbols from $(FIRMWARE_SYMBOLS_PATH) -----------" -ifneq ($(FIRMWARE_SYMBOLS_PATH),) - $(hide)-(zip -jry $(publish_dest)/$(FIRMWARE_SYMBOLS_FILE) $(FIRMWARE_SYMBOLS_PATH)) -endif -else # built from source - @echo "------------Publish compiled firmware symbols-----------" - $(info $(BOOTLOADER_BIN_PATH) $(VMM_BUILD_OUT) $(SECVM_BUILD_DIR)) - $(hide)-(zip -jry $(publish_dest)/$(FIRMWARE_SYMBOLS_FILE) $(BOOTLOADER_BIN_PATH)/*/*.elf $(VMM_BUILD_OUT)/*/*.elf $(SECVM_BUILD_DIR)/*.elf $(THREADX_BUILD_DIR)/*.elf) -endif - -# Are we doing an 'sdk' type lunch target -PUBLISH_SDK := $(strip $(filter sdk sdk_x86,$(TARGET_PRODUCT))) - -ifndef PUBLISH_SDK - -.PHONY: publish_flashfiles -ifdef INTEL_FACTORY_FLASHFILES_TARGET -publish_flashfiles: publish_mkdir_dest $(INTEL_FACTORY_FLASHFILES_TARGET) - @$(ACP) $(INTEL_FACTORY_FLASHFILES_TARGET) $(publish_dest) -else -publish_flashfiles: - @echo "Warning: Unable to fulfill publish_flashfiles makefile request" -endif - -.PHONY:publish_ifwi -ifeq ($(USE_INTEL_FLASHFILES),false) -publish_ifwi: - @echo "Warning: Unable to fulfill publish_ifwi makefile request" -endif - -.PHONY: publish_liveimage -ifdef INTEL_LIVEIMAGE_TARGET -publish_liveimage: publish_mkdir_dest $(INTEL_LIVEIMAGE_TARGET) - @$(ACP) $(INTEL_LIVEIMAGE_TARGET) $(publish_dest) -else -publish_liveimage: - @echo "Warning: Unable to fulfill publish_liveimage makefile request" -endif - -.PHONY: publish_gptimage -ifdef GPTIMAGE_BIN -ifeq ($(COMPRESS_GPTIMAGE), true) -publish_gptimage: publish_mkdir_dest $(GPTIMAGE_BIN) - @echo compress $(GPTIMAGE_BIN) into $(GPTIMAGE_GZ) - @gzip -fk $(GPTIMAGE_BIN) - @$(ACP) $(GPTIMAGE_GZ) $(publish_dest) -else # COMPRESS_GPTIMAGE is not true -publish_gptimage: publish_mkdir_dest $(GPTIMAGE_BIN) - @$(ACP) $(GPTIMAGE_BIN) $(publish_dest) -endif # COMPRESS_GPTIMAGE -ifdef CRAFFIMAGE_BIN - $(TOP)/$(INTEL_PATH_BUILD)/createcraffimage.py --image $(GPTIMAGE_BIN) - @$(ACP) $(CRAFFIMAGE_BIN) $(publish_dest) -endif -else # GPTIMAGE_BIN is not defined -publish_gptimage: - @echo "Warning: Unable to fulfill publish_gptimage makefile request" -endif # GPTIMAGE_BIN - -.PHONY: publish_gptimage_var -ifeq ($(BUILD_GPTIMAGE), true) -publish_gptimage_var: publish_gptimage - @echo "building gptimages ..." -else # GPTIMAGE_BIN is not defined -publish_gptimage_var: - @echo "skip build gptimage" -endif # GPTIMAGE_BIN - -.PHONY: publish_androidia_image -ifdef ANDROID_IA_IMAGE -publish_androidia_image: publish_mkdir_dest $(ANDROID_IA_IMAGE) - @$(ACP) $(ANDROID_IA_IMAGE) $(publish_dest) -else -publish_androidia_image: - @echo "Warning: Unable to fulfill publish_androidia_image makefile request" -endif - -.PHONY: publish_otapackage -publish_otapackage: publish_mkdir_dest $(INTERNAL_OTA_PACKAGE_TARGET) - @$(ACP) $(INTERNAL_OTA_PACKAGE_TARGET) $(publish_dest) - -.PHONY: publish_ota_targetfiles -publish_ota_targetfiles: publish_mkdir_dest $(BUILT_TARGET_FILES_PACKAGE) - @$(ACP) $(BUILT_TARGET_FILES_PACKAGE) $(publish_dest) - -.PHONY: publish_ota_flashfile -ifneq ($(PUBLISH_CONF),) -BUILDBOT_PUBLISH_DEPS := $(shell python -c 'import json,os ; print " ".join(json.loads(os.environ["PUBLISH_CONF"]).get("$(TARGET_BUILD_VARIANT)",[]))') - -# Translate buildbot target to makefile target -publish_ota_flashfile: $(BUILDBOT_PUBLISH_DEPS) - -full_ota: publish_otapackage -full_ota_flashfile: -ota_target_files: publish_ota_targetfiles -system_img: -else -publish_ota_flashfile: - @echo "Do not publish ota_flashfile" -endif # PUBLISH_CONF - -PUBLISH_CI_FILES := out/dist/fastboot out/dist/adb -.PHONY: publish_ci -ifeq ($(ANDROID_AS_GUEST), true) -publish_ci: aic - @echo Publish AIC docker images... - $(hide) mkdir -p $(TOP)/pub/$(TARGET_PRODUCT)/$(TARGET_BUILD_VARIANT) - $(hide) cp $(PRODUCT_OUT)/$(TARGET_AIC_FILE_NAME) $(TOP)/pub/$(TARGET_PRODUCT)/$(TARGET_BUILD_VARIANT) -else # ANDROID_AS_GUEST -ifeq ($(KERNELFLINGER_SUPPORT_NON_EFI_BOOT), false) -publish_ci: publish_liveimage publish_ota_flashfile publish_gptimage publish_grubinstaller publish_ifwi publish_firmware_symbols $(PUB_OSAGNOSTIC_TAG) $(PUB_CMCC_ZIP) $(PLATFORM_RMA_TOOLS_ZIP) - $(if $(wildcard $(publish_dest)), \ - $(foreach f,$(PUBLISH_CI_FILES), \ - $(if $(wildcard $(f)),$(ACP) $(f) $(publish_dest);,)),) - @$(hide) mkdir -p $(publish_tool_destl) - @$(hide) $(ACP) $(PLATFORM_RMA_TOOLS_ZIP) $(publish_tool_destl) - - -.PHONY: publish_windows_tools -publish_windows_tools: $(PLATFORM_RMA_TOOLS_CROSS_ZIP) - @$(hide) mkdir -p $(publish_tool_destw) - @$(hide) $(ACP) $(PLATFORM_RMA_TOOLS_CROSS_ZIP) $(publish_tool_destw) -else -publish_ci: publish_liveimage publish_ota_flashfile publish_gptimage_var publish_grubinstaller publish_ifwi publish_firmware_symbols $(PUB_OSAGNOSTIC_TAG) $(PUB_CMCC_ZIP) - $(if $(wildcard $(publish_dest)), \ - $(foreach f,$(PUBLISH_CI_FILES), \ - $(if $(wildcard $(f)),$(ACP) $(f) $(publish_dest);,)),) -endif -endif # ANDROID_AS_GUEST - -else # !PUBLISH_SDK -# Unfortunately INTERNAL_SDK_TARGET is always defined, so its existence does -# not indicate that we are building the SDK - -.PHONY: publish_ci -publish_ci: publish_sdk_target - - -.PHONY: publish_sdk_target -publish_sdk_target: publish_mkdir_dest $(INTERNAL_SDK_TARGET) - @$(ACP) $(INTERNAL_SDK_TARGET) $(publish_dest) - - -endif # !PUBLISH_SDK - -# We need to make sure our 'publish' target depends on the other targets so -# that it will get done at the end. Logic copied from build/core/distdir.mk -PUBLISH_GOALS := $(strip $(filter-out publish publish_ci,$(MAKECMDGOALS))) -PUBLISH_GOALS := $(strip $(filter-out $(INTERNAL_MODIFIER_TARGETS),$(PUBLISH_GOALS))) -ifeq (,$(PUBLISH_GOALS)) -# The commandline was something like "make publish" or "make publish showcommands". -# Add a dependency on a real target. -PUBLISH_GOALS := $(DEFAULT_GOAL) -endif - -.PHONY: publish_grubinstaller -ifeq ($(ENABLE_GRUB_INSTALLER),true) -ifneq ($(TARGET_BUILD_VARIANT),user) -publish_grubinstaller: publish_mkdir_dest $(PROJECT_CELADON-EFI) - echo compress $(PROJECT_CELADON-EFI) into $(PROJECT_CELADON-EFI).gz - gzip -f $(PROJECT_CELADON-EFI) - @$(ACP) $(PROJECT_CELADON-EFI).gz $(publish_dest) -else -publish_grubinstaller: - echo "Do not publish grub installer in user mode" -endif -endif # ENABLE_GRUB_INSTALLER - -.PHONY: publish -ifeq ($(ANDROID_AS_GUEST), true) -publish: aic - @echo Publish AIC docker images... - $(hide) mkdir -p $(TOP)/pub/$(TARGET_PRODUCT)/$(TARGET_BUILD_VARIANT) - $(hide) cp $(PRODUCT_OUT)/$(TARGET_AIC_FILE_NAME) $(TOP)/pub/$(TARGET_PRODUCT)/$(TARGET_BUILD_VARIANT) -else # ANDROID_AS_GUEST -publish: publish_mkdir_dest $(PUBLISH_GOALS) publish_ifwi publish_gptimage_var publish_firmware_symbols $(PUB_OSAGNOSTIC_TAG) publish_kf4abl_symbols $(PUB_CMCC_ZIP) publish_androidia_image publish_grubinstaller - @$(ACP) out/dist/* $(publish_dest) -endif # ANDROID_AS_GUEST diff --git a/tasks/resign.mk b/tasks/resign.mk deleted file mode 100644 index 877d892..0000000 --- a/tasks/resign.mk +++ /dev/null @@ -1,12 +0,0 @@ -otp := $(INTEL_PATH_BUILD)/test/ota-test-prepare - -.PHONY: publish_resign -publish_resign: dist_files - export ANDROID_BUILD_TOP=$(PWD); $(otp) -o -s -t $(BUILT_TARGET_FILES_PACKAGE) resigned \ - && echo "Resign succeed" || { echo "Resign failed"; exit 0; } - @$(ACP) ota/$(TARGET_PRODUCT)/tfp-resigned.zip $(publish_dest) \ - && echo "tfp-resigned.zip copy succeed" || echo "tfp-resigned.zip copy failed" - @$(ACP) ota/$(TARGET_PRODUCT)/flashfiles-resigned.zip $(publish_dest) \ - && echo "flashfiles-resigned.zip copy succeed" || echo "flashfiles-resigned.zip copy failed" - @$(ACP) ota/$(TARGET_PRODUCT)/ota-resigned.zip $(publish_dest) \ - && echo "ota-resigned.zip copy succeed" || echo "ota-resigned.zip copy failed" diff --git a/test/avb_test_prepare b/test/avb_test_prepare deleted file mode 100755 index dcd306e..0000000 --- a/test/avb_test_prepare +++ /dev/null @@ -1,420 +0,0 @@ -#!/bin/bash -# Author : Xiang Deng - -export OPENSSL_CONF=${OPENSSL_CONF:-/etc/ssl/openssl.cnf} - -ANDROID_BUILD_TOP=`readlink -f ${ANDROID_BUILD_TOP:-""}` -AVB_TOOL="avbtool" -AVB_ALGORITHM_ARGS="--algorithm SHA256_RSA4096" -AVB_OEM_KEY="$ANDROID_BUILD_TOP/external/avb/test/data/testkey_rsa4096" - -SIMG_DUMP="$ANDROID_BUILD_TOP/system/core/libsparse/simg_dump.py" -SCRIPT_ABS_NAME=`readlink -f $0` -UNSIGN_BOOT_TOOL=`dirname $SCRIPT_ABS_NAME`"/unsign_boot_img.py" - -TMPDIR=${TMPDIR:-/tmp} -PREFIX="$TMPDIR/$USER" -IMG_DIR="$PREFIX/img" -TMP_DIR="$PREFIX/tmp" -IMG="" -KEYS_DIR="$PREFIX/keys" -USERKEY="$KEYS_DIR/userkey" -WD=`pwd` - -function usage { - echo "usage: `basename $0` [-b | -s | -v | -c | -h]" - echo " -c: clean everything" - echo " -b : name of the boot/recovery image to split/sign" - echo " -s : name of the system image to corrupt" - echo " -v : name of the vendor image to corrupt" - echo " -h: print this message" - echo "example:" - echo " $0 -b ~/boot.img" - exit 1 -} - -function create_dir { - [ ! -d "$1" ] && mkdir -p "$1" -} - -function generate_user_keys { - if [ ! -e $USERKEY ] - then - cd $KEYS_DIR - echo "Generating userkey and certificates." - # generate userkey to sign bootimages - openssl genrsa -out $USERKEY.pem 4096 - # extract DER pub key from the $USERKEY - openssl rsa -in $USERKEY.pem -pubout -out $USERKEY.pub - cd $WD - else - echo "Using existing user key and certificate, use -c if you want to force regenerating new ones." - fi -} - -function generate_corrupted_system_images { - LIST_VBMETA_IMGS=("verity.img" "system_metadata.img") - START_OFFSET=() - TMP_VBMETA_IMG="$TMP_DIR/tmp.img" - - # for system.img - read fec_size <<< "$($AVB_TOOL info_image --image $TMP_DIR/$IMG.img | grep 'FEC size:' | awk -F" " '{print $3}')" - - # for vbmeta.img - read authen_blksize <<< "$($AVB_TOOL info_image --image $TMP_DIR/vbmeta.img | grep 'Authentication Block:' | awk -F" " '{print $3}')" - read auxil_blksize <<< "$($AVB_TOOL info_image --image $TMP_DIR/vbmeta.img | grep 'Auxiliary Block:' | awk -F" " '{print $3}')" - - authen_offset=256 - hash_offset=$authen_offset - sign_offset=`expr $authen_offset + 32` - sign_size=512 - auxil_offset=`expr $authen_offset + $authen_blksize` - descr_offset=$auxil_offset - # echo "authen_offset : $authen_offset , hash_offset : $hash_offset , sign_offset : $sign_offset , auxil_offset : $auxil_offset , descr_offset : $descr_offset " - - if [ $fec_size -ne 0 ] - then - fec_supported=1 - read tree_offset tree_len <<< "$($SIMG_DUMP -v $TMP_DIR/$IMG.img | tail -6 | head -1 | awk '{print $2" "$3}')" - read fec_offset fec_size <<< "$($SIMG_DUMP -v $TMP_DIR/$IMG.img | tail -5 | head -1 | awk '{print $2" "$3}')" - # echo "fec_offset = $fec_offset, fec_size = $fec_size" - else - fec_supported=0 - read tree_offset tree_len <<< "$($SIMG_DUMP -v $TMP_DIR/$IMG.img | tail -5 | head -1 | awk '{print $2" "$3}')" - fec_offset=0 - fi - - # echo "tree offset : $tree_offset , tree len : $tree_len " - - if [ $fec_supported -eq 1 ] - then - dd if=$TMP_DIR/$IMG.img of=$TMP_VBMETA_IMG bs=$tree_offset skip=1 2>/dev/null - dd if=$TMP_VBMETA_IMG of=$TMP_DIR/${LIST_VBMETA_IMGS[0]} bs=$tree_len count=1 2>/dev/null - START_OFFSET[0]=$tree_offset - else - i=0 - while read start length; do - # use of tmp file but save us some unreliable arithmetic - dd if=$TMP_DIR/$IMG.img of=$TMP_VBMETA_IMG bs=$start skip=1 2>/dev/null - dd if=$TMP_VBMETA_IMG of=$TMP_DIR/${LIST_VBMETA_IMGS[$i]} bs=$length count=1 2>/dev/null - START_OFFSET[$i]=$start - # echo "fec_supported = 0 ,start = $start, length = $length" - done <<< "$($SIMG_DUMP -v $TMP_DIR/$IMG.img | tail -5 | head -1 | awk '{print $2" "$3}')" - fi - - # ready for vbmeta's corrupt... - dd if=$TMP_DIR/vbmeta.img of=$TMP_VBMETA_IMG bs=$sign_offset skip=1 2>/dev/null - dd if=$TMP_VBMETA_IMG of=$TMP_DIR/${LIST_VBMETA_IMGS[1]} bs=$sign_size count=1 2>/dev/null - START_OFFSET[1]=$sign_offset - - for i in "${!LIST_VBMETA_IMGS[@]}" - do - # make a copy to keep originals - cp $TMP_DIR/${LIST_VBMETA_IMGS[$i]} $TMP_DIR/corrupted_${LIST_VBMETA_IMGS[$i]} - if [ "${LIST_VBMETA_IMGS[$i]}" = "system_metadata.img" ] - then - # for vbmeta.img - # skip 256 + 32 first bytes to corrupt signature data - # and introduce some random bytes - bs=1 - count=20 - seek=$sign_offset - else - # by default corrupt the first block - bs=4096 - count=1 - seek=0 - fi - - echo "Corrupting ${LIST_VBMETA_IMGS[$i]}..." - dd if=/dev/urandom bs=$bs count=$count conv=notrunc seek=$seek of=$TMP_DIR/corrupted_${LIST_VBMETA_IMGS[$i]} - - if [ "${LIST_VBMETA_IMGS[$i]}" = "system_metadata.img" ] - then - # create vbmeta_corrupted_system_verity.img for vbmeta.img - echo "Creating vbmeta_corrupted_${LIST_VBMETA_IMGS[$i]}..." - cp $TMP_DIR/vbmeta.img $IMG_DIR/vbmeta_corrupted_${LIST_VBMETA_IMGS[$i]} - # echo "for vbmeta.img -----> START_OFFSET[$i] = ${START_OFFSET[$i]}" - dd if=$TMP_DIR/corrupted_${LIST_VBMETA_IMGS[$i]} bs=${START_OFFSET[$i]} conv=notrunc seek=1 of=$IMG_DIR/vbmeta_corrupted_${LIST_VBMETA_IMGS[$i]} - else - # create system_corrupted_verity.img for system.img - echo "Creating system_corrupted_${LIST_VBMETA_IMGS[$i]}..." - cp $TMP_DIR/$IMG.img $IMG_DIR/system_corrupted_${LIST_VBMETA_IMGS[$i]} - # echo "for system.img -----> START_OFFSET[$i] = ${START_OFFSET[$i]}" - dd if=$TMP_DIR/corrupted_${LIST_VBMETA_IMGS[$i]} bs=${START_OFFSET[$i]} conv=notrunc seek=1 of=$IMG_DIR/system_corrupted_${LIST_VBMETA_IMGS[$i]} - fi - done - - # corrupt bootanimation binary - echo "Corrupting bootanimation binary..." - strings $TMP_DIR/$IMG.img | grep -m 1 "SurfaceFlinger died" &>/dev/null - if [ $? -ne 0 ] - then - echo "'SurfaceFlinger died' cannot be found in $TMP_DIR/$IMG.img, please find an other string to modify..." - exit 1 - fi - cp $TMP_DIR/$IMG.img $IMG_DIR/system_corrupted_block.img - sed -i 's/SurfaceFlinger died/FlingerSurface died/' $IMG_DIR/system_corrupted_block.img -} - -function generate_corrupted_vendor_images { - LIST_VBMETA_IMGS=("verity.img" "vendor_metadata.img") - START_OFFSET=() - TMP_VBMETA_IMG="$TMP_DIR/tmp.img" - - # for vendor.img - read fec_size <<< "$($AVB_TOOL info_image --image $TMP_DIR/$IMG.img | grep 'FEC size:' | awk -F" " '{print $3}')" - - # for vbmeta.img - read authen_blksize <<< "$($AVB_TOOL info_image --image $TMP_DIR/vbmeta.img | grep 'Authentication Block:' | awk -F" " '{print $3}')" - read auxil_blksize <<< "$($AVB_TOOL info_image --image $TMP_DIR/vbmeta.img | grep 'Auxiliary Block:' | awk -F" " '{print $3}')" - - authen_offset=256 - hash_offset=$authen_offset - sign_offset=`expr $authen_offset + 32` - sign_size=512 - auxil_offset=`expr $authen_offset + $authen_blksize` - descr_offset=$auxil_offset - # echo "authen_offset : $authen_offset , hash_offset : $hash_offset , sign_offset : $sign_offset , auxil_offset : $auxil_offset , descr_offset : $descr_offset " - - if [ $fec_size -ne 0 ] - then - fec_supported=1 - read tree_offset tree_len <<< "$($SIMG_DUMP -v $TMP_DIR/$IMG.img | tail -6 | head -1 | awk '{print $2" "$3}')" - read fec_offset fec_size <<< "$($SIMG_DUMP -v $TMP_DIR/$IMG.img | tail -5 | head -1 | awk '{print $2" "$3}')" - # echo "fec_offset = $fec_offset, fec_size = $fec_size" - else - fec_supported=0 - read tree_offset tree_len <<< "$($SIMG_DUMP -v $TMP_DIR/$IMG.img | tail -5 | head -1 | awk '{print $2" "$3}')" - fec_offset=0 - fi - - # echo "tree offset : $tree_offset , tree len : $tree_len " - - if [ $fec_supported -eq 1 ] - then - dd if=$TMP_DIR/$IMG.img of=$TMP_VBMETA_IMG bs=$tree_offset skip=1 2>/dev/null - dd if=$TMP_VBMETA_IMG of=$TMP_DIR/${LIST_VBMETA_IMGS[0]} bs=$tree_len count=1 2>/dev/null - START_OFFSET[0]=$tree_offset - else - i=0 - while read start length; do - # use of tmp file but save us some unreliable arithmetic - dd if=$TMP_DIR/$IMG.img of=$TMP_VBMETA_IMG bs=$start skip=1 2>/dev/null - dd if=$TMP_VBMETA_IMG of=$TMP_DIR/${LIST_VBMETA_IMGS[$i]} bs=$length count=1 2>/dev/null - START_OFFSET[$i]=$start - # echo "fec_supported = 0 ,start = $start, length = $length" - done <<< "$($SIMG_DUMP -v $TMP_DIR/$IMG.img | tail -5 | head -1 | awk '{print $2" "$3}')" - fi - - # ready for vbmeta's corrupt... - dd if=$TMP_DIR/vbmeta.img of=$TMP_VBMETA_IMG bs=$sign_offset skip=1 2>/dev/null - dd if=$TMP_VBMETA_IMG of=$TMP_DIR/${LIST_VBMETA_IMGS[1]} bs=$sign_size count=1 2>/dev/null - START_OFFSET[1]=$sign_offset - - for i in "${!LIST_VBMETA_IMGS[@]}" - do - # make a copy to keep originals - cp $TMP_DIR/${LIST_VBMETA_IMGS[$i]} $TMP_DIR/corrupted_${LIST_VBMETA_IMGS[$i]} - if [ "${LIST_VBMETA_IMGS[$i]}" = "vendor_metadata.img" ] - then - # for vbmeta.img - # skip 256 + 32 first bytes to corrupt signature data - # and introduce some random bytes - bs=1 - count=20 - seek=$sign_offset - else - # by default corrupt the first block - bs=4096 - count=1 - seek=0 - fi - - echo "Corrupting ${LIST_VBMETA_IMGS[$i]}..." - dd if=/dev/urandom bs=$bs count=$count conv=notrunc seek=$seek of=$TMP_DIR/corrupted_${LIST_VBMETA_IMGS[$i]} - - if [ "${LIST_VBMETA_IMGS[$i]}" = "vendor_metadata.img" ] - then - # create vbmeta_corrupted_vendor_verity.img for vbmeta.img - echo "Creating vbmeta_corrupted_${LIST_VBMETA_IMGS[$i]}..." - cp $TMP_DIR/vbmeta.img $IMG_DIR/vbmeta_corrupted_${LIST_VBMETA_IMGS[$i]} - # echo "for vbmeta.img -----> START_OFFSET[$i] = ${START_OFFSET[$i]}" - dd if=$TMP_DIR/corrupted_${LIST_VBMETA_IMGS[$i]} bs=${START_OFFSET[$i]} conv=notrunc seek=1 of=$IMG_DIR/vbmeta_corrupted_${LIST_VBMETA_IMGS[$i]} - else - # create vendor_corrupted_verity.img for vendor.img - echo "Creating vendor_corrupted_${LIST_VBMETA_IMGS[$i]}..." - cp $TMP_DIR/$IMG.img $IMG_DIR/vendor_corrupted_${LIST_VBMETA_IMGS[$i]} - # echo "for vendor.img -----> START_OFFSET[$i] = ${START_OFFSET[$i]}" - dd if=$TMP_DIR/corrupted_${LIST_VBMETA_IMGS[$i]} bs=${START_OFFSET[$i]} conv=notrunc seek=1 of=$IMG_DIR/vendor_corrupted_${LIST_VBMETA_IMGS[$i]} - fi - done - - # corrupt android.hardware.wifi@1.0-service binary - echo "Corrupting android.hardware.wifi@1.0-service binary..." - strings $TMP_DIR/$IMG.img | grep -m 1 "Wifi Hal is booting up" &>/dev/null - if [ $? -ne 0 ] - then - echo "'Wifi Hal is booting up' cannot be found in $TMP_DIR/$IMG.img, please find an other string to modify..." - exit 1 - fi - cp $TMP_DIR/$IMG.img $IMG_DIR/vendor_corrupted_block.img - sed -i 's/Wifi Hal is booting up/booting up Wifi Hal is/' $IMG_DIR/vendor_corrupted_block.img -} - -function generate_corrupted_boot_images { - TMP_BOOT_IMG="$TMP_DIR/tmp.img" - - echo "Calculate boot partition size." - read boot_parsize <<< "$($AVB_TOOL info_image --image $TMP_DIR/$IMG.img | grep 'Image size:' | awk -F" " '{print $3}')" - echo "Unsigning $IMG image." - - $UNSIGN_BOOT_TOOL $TMP_DIR/$IMG.img > $TMP_DIR/raw_$IMG.img - cp $TMP_DIR/raw_$IMG.img $TMP_DIR/unsigned_$IMG.img - - $AVB_TOOL add_hash_footer --image $TMP_DIR/unsigned_$IMG.img --partition_size $boot_parsize --partition_name boot - - echo "Generating $IMG image signed with oem key." - cp $TMP_DIR/raw_$IMG.img $TMP_DIR/oem_signed_$IMG.img - $AVB_TOOL add_hash_footer --image $TMP_DIR/oem_signed_$IMG.img --partition_size $boot_parsize --partition_name boot $AVB_ALGORITHM_ARGS --key $AVB_OEM_KEY.pem - echo "Corrupting a copy of $IMG image signed with oem key." - cp $TMP_DIR/oem_signed_$IMG.img $TMP_DIR/oem_signed_corrupted_$IMG.img - sed -i 's/loglevel=./loglevel=9/' $TMP_DIR/oem_signed_corrupted_$IMG.img - echo "Corrupting the signature of a copy of $IMG image signed with oem key." - cp $TMP_DIR/oem_signed_$IMG.img $TMP_DIR/oem_signed_corrupted_signature_$IMG.img - # replaces 8 bytes in the signature - du -b $TMP_DIR/raw_$IMG.img | while read size image; do dd if=/dev/urandom bs=1 count=8 conv=notrunc seek=4096 of=$TMP_DIR/oem_signed_corrupted_signature_$IMG.img; done - - if [ -e $USERKEY.pem ] - then - echo "Generating $IMG image signed with userkey key." - cp $TMP_DIR/raw_$IMG.img $TMP_DIR/user_signed_$IMG.img - $AVB_TOOL add_hash_footer --image $TMP_DIR/user_signed_$IMG.img --partition_size $boot_parsize --partition_name boot $AVB_ALGORITHM_ARGS --key $USERKEY.pem - echo "Corrupting a copy of $IMG image signed with userkey." - cp $TMP_DIR/user_signed_$IMG.img $TMP_DIR/user_signed_corrupted_$IMG.img - sed -i 's/loglevel=./loglevel=9/' $TMP_DIR/user_signed_corrupted_$IMG.img - # echo "Generating $IMG image signed with signed user certificate." - # cp $TMP_DIR/raw_$IMG.img $TMP_DIR/user_verified_signed_$IMG.img - # $AVB_TOOL add_hash_footer --image $TMP_DIR/user_verified_signed_$IMG.img --partition_size $boot_parsize --partition_name boot $AVB_ALGORITHM_ARGS --key $USERKEY.pem - fi - - echo "Moving images into $IMG_DIR/" - mv $TMP_DIR/oem_signed_$IMG.img $IMG_DIR - mv $TMP_DIR/oem_signed_corrupted_$IMG.img $IMG_DIR - mv $TMP_DIR/oem_signed_corrupted_signature_$IMG.img $IMG_DIR - mv $TMP_DIR/unsigned_$IMG.img $IMG_DIR - if [ -e $USERKEY.pem ] - then - mv $TMP_DIR/user_signed_$IMG.img $IMG_DIR - mv $TMP_DIR/user_signed_corrupted_$IMG.img $IMG_DIR - fi -} - -while getopts "b:chs:v:" opt; do - case $opt in - h) - usage - ;; - b) - IMG=`strings $OPTARG | grep -e 'boot$'` - IMG="boot" - if [ "X$IMG" = "X" ] - then - IMG=`strings $OPTARG | grep -e 'recovery$'` - fi - if [ "X$IMG" = "X" ] - then - echo "error! $OPTARG is neither detected as /boot or as /recovery image" - exit 1 - fi - IMG=`echo $IMG | sed 's_/__'` - create_dir $TMP_DIR - cp $OPTARG $TMP_DIR/$IMG.img - ;; - s) - IMG="system" - size=$(du -BM $OPTARG | awk '{print $1}') - echo "Warning, this operation will consume 4 * $size on your disk" - echo "Would you like to continue? [y/N]" - read v - case "$v" in - "y" | "Y" | "yes") - ;; - *) - echo "Aborted!" - exit 1 - ;; - esac - echo "Copying $OPTARG..." - create_dir $TMP_DIR - cp $OPTARG $TMP_DIR/$IMG.img - VBMETA_NAME=`echo $OPTARG | sed 's/system/vbmeta/'` - echo "Copying $VBMETA_NAME..." - cp $VBMETA_NAME $TMP_DIR/ - ;; - v) - IMG="vendor" - size=$(du -BM $OPTARG | awk '{print $1}') - echo "Warning, this operation will consume 4 * $size on your disk" - echo "Would you like to continue? [y/N]" - read v - case "$v" in - "y" | "Y" | "yes") - ;; - *) - echo "Aborted!" - exit 1 - ;; - esac - echo "Copying $OPTARG..." - create_dir $TMP_DIR - cp $OPTARG $TMP_DIR/$IMG.img - VBMETA_NAME=`echo $OPTARG | sed 's/vendor/vbmeta/'` - echo "Copying $VBMETA_NAME..." - cp $VBMETA_NAME $TMP_DIR/ - ;; - c) - echo "Cleaning $TMP_DIR, $IMG_DIR, $KEYS_DIR..." - rm -rf $TMP_DIR - rm -rf $IMG_DIR - rm -rf $KEYS_DIR - exit 1 - ;; - \?) - echo "Invalid option: -$OPTARG" - usage - ;; - esac -done - -# Make sure all varables are defined -if [ "X$ANDROID_BUILD_TOP" = "X" ] -then - echo "Please source build/envsetup.sh and lunch with the appropriate target prior to use this script." - usage -fi - -if [ ! -e $TMP_DIR/$IMG.img ] -then - echo "Image $TMP_DIR/$IMG.img not found, did you forgot -b or -s option?" - usage -fi - -# Main -create_dir $IMG_DIR - -if [ "$IMG" = "system" ] -then - generate_corrupted_system_images -elif [ "$IMG" = "vendor" ] -then - generate_corrupted_vendor_images -else - create_dir $KEYS_DIR - generate_user_keys - generate_corrupted_boot_images -fi - -echo "Computing md5sum of images." -md5sum $IMG_DIR/*.img > $IMG_DIR/checksum.md5 -echo "Your images are available in $IMG_DIR/" diff --git a/test/corrupt_bootloader_img.py b/test/corrupt_bootloader_img.py deleted file mode 100755 index 1c67070..0000000 --- a/test/corrupt_bootloader_img.py +++ /dev/null @@ -1,92 +0,0 @@ -#!/usr/bin/env python -# -""" -Corrupt data section & signed section of kf4abl binary from bootloader.img binary. - -Usage: corrupt_bootloader_img.py - -Author: xiangx.deng@intel.com - -""" - -import sys -import struct -import argparse -import shutil -import os -import subprocess - -from sys import exit, stderr -from argparse import ArgumentParser - -if sys.hexversion < 0x02070000: - print("Python 2.7 or newer is required.", file=sys.stderr) - sys.exit(1) - -sign_filename = "bootloader_corrupted_signature" -data_filename = "bootloader_corrupted_data" - -crc_len = 4 -sign_len = 256 -ran_sz = 16 -osloader_offset = 16384 * 1024 -old_strings = 'efiwrapper library initialization failed' -new_strings = 'failed library efiwrapper initialization' - -def corrupt_data_section(out_f): - """ - corrupt data section of iasimage with specified strings - """ - subprocess.check_output(["sed", "-i", "s/%s/%s/g" % (old_strings, new_strings), out_f]) - -def corrupt_signature_section(out_f): - """ - corrupt signature section of iasimage with random number - """ - #get the abl binary from the in_f - #the method is to get the payload offset plus - #palyload length plus the crc checksum - s = struct.Struct('I I I I I I I') - with open(out_f, "rb+") as fh: - fh.seek(osloader_offset, 0) - u = s.unpack(fh.read(struct.calcsize(s.format))) - data_len = u[3] - data_off = u[4] - print(('get fh data_len = %d data_off = %x' % (data_len, data_off))) - unsigned_len = data_off + data_len + crc_len - sign_off = ((unsigned_len + sign_len - 1) // sign_len) * sign_len - print(('unsigned_len = %d sign_off = %x' % (unsigned_len, sign_off))) - fh.seek(osloader_offset + sign_off, 0) - random_str = open('/dev/random').read(ran_sz) - # print("get random string = %s" % random_str) - fh.write(random_str) - fh.close() - -def main(): - parser = argparse.ArgumentParser(description='corrupt data&signature section of iasimage') - parser.add_argument('filename', type=str, help='filename, e.g. bootloader_gr_mrb_b1') - args = parser.parse_args() - - print("entering corrupt process") - in_f = args.filename - bootloader_path = os.path.dirname(os.path.abspath(args.filename)) - # corrupt data section - out_f = os.path.join(bootloader_path, data_filename) - shutil.copy2(in_f, out_f) - corrupt_data_section(out_f) - print("bootloader corrupt data section done!") - # corrupt signature section - out_f = os.path.join(bootloader_path, sign_filename) - shutil.copy2(in_f, out_f) - corrupt_signature_section(out_f) - print("bootloader corrupt sign section done!") - -if __name__ == '__main__': - try: - main() - except Exception as e: - print() - print(" ERROR: %s" % (e,)) - print() - sys.exit(1) - diff --git a/test/extract_fastboot.py b/test/extract_fastboot.py deleted file mode 100755 index 2750bf0..0000000 --- a/test/extract_fastboot.py +++ /dev/null @@ -1,250 +0,0 @@ -#!/usr/bin/env python -# -# Copyright (C) 2016 The Android Open Source Project -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -""" -Extract fastboot binary from TFP and resign fastboot binary in ABL based platform -keys. -Usage: extract_fastboot.py - -K (--oem-key) - Replace the OEM key inside kernelflinger with the replacement copy. - The OEM keystore must be signed with this key. - Expects a key pair assuming private key ends in .pk8 and public key - with .x509.pem - - -A (--avb-key) - Replace the Android Verified Boot key with the key in path - - -I (--ifwi-directory) - Path to the resigned IFWI, which is a directory contain all the resigned IFWI binaries. - - -V (--variant) variant - variant can be gr_mrb(A0) or gr_mrb_b1(B1) -""" - -import sys -import shutil -import zipfile -import os -import os.path -import shlex -import tempfile -import subprocess -import struct -import json - -if sys.hexversion < 0x02040000: - print("Python 2.4 or newer is required.", file=sys.stderr) - sys.exit(1) - -# Android Release Tools -sys.path.append("build/tools/releasetools") -import common - -sys.path.append("device/intel/build/releasetools") -import intel_common - -OPTIONS = common.OPTIONS -OPTIONS.ifwi_directory = "" -OPTIONS.variant = "" -OPTIONS.all_keys = set() -OPTIONS.oem_key = None -OPTIONS.avb_key = None -OPTIONS.target_product = None - -crc_len = 4 -ias_image_type_str = "0x40300" -section_entry_sz = 0x28 -fastboot_component_num = 4 - -def get_section(data, name): - section_table_offset = struct.unpack_from(" size: - raise common.ExternalError("Binary is already larger than pad size") - - return data + (b'\x00' * (size - len(data))) - -def process_fastboot(in_f, out_f): - """ - get the abl binary from the in_f - replace the .oemkeys section - then combine back to a signed ias image - with the new key - """ - s = struct.Struct('11I') - fh = open(in_f, "rb") - u = s.unpack(fh.read(struct.calcsize(s.format))) - data_len = u[3] - data_off = u[4] - - fp = os.path.dirname(os.path.abspath(in_f)) - fh.seek(data_off, 0) - for i in range(fastboot_component_num): - comp_len = u[7+i] - fn = os.path.join(fp, "comp"+str(i)) - fc = open(fn, "wb") - data = fh.read(comp_len) - if i == 1: - print("Replacing .oemkeys inside abl binary") - password = None - data = replace_raw_keys(data, OPTIONS.avb_key, password) - fc.write(data) - fc.close() - - #combine the individual component files back into the ias image - unsigned_fastboot_fn = os.path.join(fp, "fastboot_unsigned.bin") - cmd = ["ias_image_app", "create"] - cmd.extend(["-i", ias_image_type_str]) - cmd.extend(["-o", unsigned_fastboot_fn]) - for i in range(fastboot_component_num): - fn = os.path.join(fp, "comp"+str(i)) - cmd.append(fn) - p = common.Run(cmd) - p.wait() - fh.close() - - process_iasimage(unsigned_fastboot_fn, out_f) - -def process_provzip(input_provzip, output_fn): - path = "fastboot" - dn = tempfile.mkdtemp() - in_fname = input_provzip.extract(path, dn) - if OPTIONS.avb_key == None: - process_iasimage(in_fname, output_fn) - else: - process_fastboot(in_fname, output_fn) - shutil.rmtree(dn) - -def process_iasimage(in_f, out_f): - """ - resign the iasimage with new verity key - """ - #get the unsigned iasimage binary - #the method is to get the payload offset plus - #palyload length plus the crc checksum - s = struct.Struct('I I I I I I I') - with open(in_f, 'rb') as fh: - u = s.unpack(fh.read(struct.calcsize(s.format))) - data_len = u[3] - data_off = u[4] - unsigned_len = data_off + data_len + crc_len - fh.seek(0,0) - data = fh.read(unsigned_len) - - tf = tempfile.NamedTemporaryFile() - tf.write(data) - tf.flush() - - #resign the fastboot with new verity key - cmd = ["ias_image_signer"] - cmd.append(tf.name) - cmd.extend([OPTIONS.oem_key+".pk8", OPTIONS.oem_key+".x509.pem"]) - cmd.append(out_f) - p = common.Run(cmd) - p.wait() - tf.close() - -def main(argv): - def option_handler(o, a): - if o in ("-I", "--ifwi-directory"): - OPTIONS.ifwi_directory = a - elif o in ("-A", "--avb-key"): - OPTIONS.avb_key = a - OPTIONS.all_keys.add(a) - elif o in ("-K", "--oem-key"): - OPTIONS.oem_key = a - OPTIONS.all_keys.add(a) - elif o in ("-V", "--variant"): - OPTIONS.variant = a - else: - return False - return True - - args = common.ParseOptions(argv, __doc__, - extra_opts = "I:A:K:V:", - extra_long_opts = ["ifwi-directory=", "avb-key=", "oem-key=", "variant="], - extra_option_handler = option_handler) - - if len(args) != 2: - common.Usage(__doc__) - sys.exit(1) - - output_fastboot_fn = args[1] - - print("Extracting the provdata.zip") - prov_file = "provdata_"+OPTIONS.variant+".zip" - unpack_dir = common.UnzipTemp(args[0]) - input_zip = zipfile.ZipFile(args[0], "r") - input_provzip = zipfile.ZipFile(os.path.join(unpack_dir, - "RADIO", prov_file), "r") - - print("Parsing build.prop for target_product") - d = {} - try: - with open(os.path.join(unpack_dir, "SYSTEM", "build.prop")) as f: - d = common.LoadDictionaryFromLines(f.read().split("\n")) - except IOError as e: - if e.errno == errno.ENOENT: - raise KeyError(f) - OPTIONS.target_product = d["ro.product.system.name"] - - print("Processing private keys") - OPTIONS.info_dict = common.LoadInfoDict(input_zip) - passwords = common.GetKeyPasswords(OPTIONS.all_keys) - - #process the provdata.zip to generate resigned one - process_provzip(input_provzip, output_fastboot_fn) - - common.ZipClose(input_zip) - print("Extract done.") - -if __name__ == '__main__': - try: - main(sys.argv[1:]) - except common.ExternalError as e: - print() - print(" ERROR: %s" % (e,)) - print() - sys.exit(1) - finally: - common.Cleanup() diff --git a/test/extract_ias_img_payload.py b/test/extract_ias_img_payload.py deleted file mode 100755 index cca290a..0000000 --- a/test/extract_ias_img_payload.py +++ /dev/null @@ -1,38 +0,0 @@ -#!/usr/bin/python -import struct -import sys -# #define KPI_MAGIC_PATTERN 0x2E6B7069 // ".kpi" -# From kp_image.h -# struct kpi_header // a KP image generic header: -# { -# uint32_t magic_pattern; // identifies structure (acts as valid flag) -# uint32_t image_type; // image and compression type; values TBD -# uint32_t version; // header version -# uint32_t data_length; // size of payload (data) in image -# uint32_t data_offset; // offset to payload data from header -# uint32_t uncompressed_len; // uncompresse data length -# uint32_t header_crc; // CRC-32C over entire hheader -# }; -# -# We do not need to read the whole header, we only need data_length -# data_offset -# -# [0] magic -# | [1] image_type -# | | [2] version -# | | | [3] data_length -# | | | | [4] data_offset -# | | | | | [5] uncompressed_len -# | | | | | | [6] header_crc -# | | | | | | | -# v v v v v v v -s = struct.Struct('I I I I I I I') -f = open(sys.argv[1], "rb") -u = s.unpack(f.read(struct.calcsize(s.format))) -data_len = u[3] -data_off = u[4] - -# Write the payload to stdout -f.seek(data_off, 0) -sys.stdout.write(f.read(data_len)) -f.close() diff --git a/test/flash-update b/test/flash-update deleted file mode 100755 index 0213d17..0000000 --- a/test/flash-update +++ /dev/null @@ -1,128 +0,0 @@ -#!/bin/bash - -set -e - -PACKAGE="$OUT/ota-dev.zip" -dutID=$(adb devices | grep -v 'List' | awk '{print ($1)}') -AndroidVer=$(adb shell getprop ro.build.version.release | awk '{print ($1)}') -HasFotaAPP=-1 -UPDATE_CMD=update_from_mos -OFF="" - -function usage { - echo "Usage: ${0} [-h] [-p package_name.zip] [-r] [-s dutID] [-o]" - echo " Flash the update package to the device and apply it" - echo "Options:" - echo " -h : print this help message" - echo " -p : name of package to apply, default - package is $OUT/ota-dev.zip" - echo " -r : use sideload method: reboot to recovery first and - push the package via sideload, default behavior is to push the - package when the device is in MOS, uncrypting it if needed, then - rebooting to recovery (as the fota app will do)" - echo " -s : id of the DUT in case more than one device - is connected to the host" - echo " -o : turn off the device after applying the OTA instead - of rebooting it" - exit 1 -} - -function wait_for_adb { - while [ -z "$(adb devices | grep $dutID | awk '{print($1)}')" ]; do - sleep 1 - done -} - -function adb_root { - echo "Waiting for device : $dutID" - wait_for_adb - echo "Setting root permissions..." - adb -s $dutID root - sleep 1 - wait_for_adb -} - -function check_has_fota { - FotainSys=$(adb -s $dutID shell ls -l /system/vendor/app/AFotaApp | grep 'Fota' | awk '{print($8)}') - FotainData=$(adb -s $dutID shell ls -l /data/app | grep 'fota' | awk '{print($8)}') - - if [ ! -z "$FotainSys" ]; then - echo "There is $FotainSys in system" - HasFotaAPP=1 - fi - - if [ ! -z "$FotainData" ]; then - echo "There is $FotainData in data" - HasFotaAPP=2 - fi -} - -function wait_for_uncrypt { - GET_PROGRESS="adb -s $dutID shell tail /cache/recovery/uncrypt_status" - - echo "Uncrypting $(basename $PACKAGE)..." - # returns when the file /cache/recovery/uncrypt_status is created - adb -s $dutID shell "while [ ! -f /cache/recovery/uncrypt_status ];do sleep 1; done" - progress=0 - while [ $progress -ne 100 ]; do - progress=$($GET_PROGRESS | tail -1 | sed 's/\r//g') - echo -ne "\r$progress%" - sleep 1 - done - echo " done!" -} - -function update_from_mos { - echo "Device is runnig Android: $AndroidVer" - adb_root - echo "Copying OTA image $(basename $PACKAGE) to device..." - adb -s $dutID push $PACKAGE /data/local/tmp/update.zip - check_has_fota - if [ $HasFotaAPP -gt 0 ]; then - echo "Doing uncrypt and rebooting into recovery console with Fota app..." - adb -s $dutID shell "am broadcast -a com.intel.afotaapp.INSTALL_LOCAL_OTA -e com.intel.afotaapp.extra.LOCAL_OTA_PATH /data/local/tmp/update.zip" - else - echo "" - echo "Run failed, No fota app in your device!" - echo "Please install it first! AFotaApp.apk can be found in system/vendor/app/AFotaApp." - fi -} - -function update_from_ros { - adb_root - echo "Rebooting device $dutID to sideload..." - adb -s $dutID reboot sideload-auto-reboot - sleep 1 - wait_for_adb - echo "Enter into sideload status ok,will do updating" - sleep 3 - adb -s $dutID sideload $PACKAGE -} - -while getopts ":s:p:orh" opt; do - case $opt in - h) - usage - ;; - p) - PACKAGE=$OPTARG - ;; - r) - UPDATE_CMD=update_from_ros - ;; - s) - dutID=$OPTARG - ;; - o) - OFF="--shutdown_after\n" - ;; - \?) - echo "Invalid option: -$OPTARG" - usage - ;; - esac -done - -# Run the update command, default (update_from_mos) is using the same -# flow as the fota app will do -$UPDATE_CMD diff --git a/test/ota-gen-dummy b/test/ota-gen-dummy deleted file mode 100755 index 3dfca06..0000000 --- a/test/ota-gen-dummy +++ /dev/null @@ -1,119 +0,0 @@ -#!/bin/bash - -# Generation of dummy OTA package files -# -# The generated files are around 500ko so they are -# fast for generating and testing. They don't update -# the board (no payload), but are convenient for testing -# all the OTA process : -# - basic OTA flow (reboot in ROS, apply update, reboot in MOS) -# - signing keys check -# - updater-script sanity checks like board or date - -function warning_msg { - echo "" - echo "" - echo "WARNING : $1" - echo "WARNING : We don't garantee this script to work as expected." - echo "" - echo "" -} - -while getopts "sdp:" opt; do - case $opt in - s) - set -x - ;; - p) - export PRODUCT_NAME=$OPTARG - ;; - d) - export CHECK_DATE=true - ;; - \?) - echo "Usage:" - echo " ota-gen-dummy [-s] [-d] [-p ]" - echo - echo "Generates a dummy OTA file for test prupose" - echo " -s : set -x for debug purpose" - echo " -d : will add a check on date (Jan 01 1970). OTA failure is expected." - echo " -p : will add a check on product name. OTA failure is expected." - exit 1 - ;; - esac -done - -# Sanity -if [ -z "$ANDROID_BUILD_TOP" -o -z "$PRODUCT_OUT" ] -then - echo "Run lunch first!" - exit 1 -fi - -if [ ! -f $PRODUCT_OUT/system/bin/updater ] -then - echo "Run 'make updater' first!" - exit 1 -fi - -VERSION_FILE=$ANDROID_BUILD_TOP/build/core/version_defaults.mk -if [ ! -f $VERSION_FILE ] -then - warning_msg "Can't find Android version." -else - ANDROID_VERSION=`grep 'PLATFORM_VERSION :=' $VERSION_FILE | grep -Eo '[0-9]+' | head -n 1` - if [ $ANDROID_VERSION -gt 6 ] - then - warning_msg "Incorrect Android version." - fi -fi - -# Create and populate temp directory with an OTA package -TMP_OTA_DIR=`mktemp -d` -pushd $TMP_OTA_DIR &> /dev/null -mkdir -p META-INF/com/google/android - -UPDATER_SCRIPT="META-INF/com/google/android/updater-script" -# Check product name if provided by option -if [ ! -z "$PRODUCT_NAME" ] -then - echo "getprop(\"ro.product.device\") == \"$PRODUCT_NAME\" || abort(\"This package is for \\\"$PRODUCT_NAME\\\" devices; this is a \\\"\" + getprop(\"ro.product.device\") + \"\\\".\");" >> $UPDATER_SCRIPT -fi - -# Check date if enabled by option -if [ ! -z "$CHECK_DATE" ] -then - echo "(!less_than_int(0, getprop(\"ro.build.date.utc\"))) || abort(\"Can't install this package (Thu Jan 1 00:00:00 UTC 1970) over newer build (\" + getprop(\"ro.build.date\") + \").\");" >> $UPDATER_SCRIPT -fi - -echo "show_progress(0.500000, 0);" >> $UPDATER_SCRIPT - -cat $UPDATER_SCRIPT - -cp $PRODUCT_OUT/system/bin/updater META-INF/com/google/android/update-binary -zip -r dummy_ota_unsigned.zip META-INF/ -popd - -# Create alternate key/certificates -TMP_KEY_DIR=`mktemp -d` -USERKEY=dummykey -pushd $TMP_KEY_DIR &> /dev/null -export OPENSSL_CONF=${OPENSSL_CONF:-/etc/ssl/openssl.cnf} - -openssl genpkey -out $USERKEY -algorithm rsa -pkeyopt rsa_keygen_bits:2048 -openssl rsa -in $USERKEY -pubout -outform DER -out $USERKEY.pub -openssl pkcs8 -in $USERKEY -topk8 -outform DER -out $USERKEY.pk8 -nocrypt -openssl req -new -x509 -sha256 -key $USERKEY -out $USERKEY.x509.pem -days 10000 -batch -popd - -pushd $ANDROID_BUILD_TOP -mv $TMP_OTA_DIR/dummy_ota_unsigned.zip . - -java -Xmx3072m -jar out/host/linux-x86/framework/signapk.jar -w ./bootable/recovery/testdata/testkey.x509.pem ./bootable/recovery/testdata/testkey.pk8 dummy_ota_unsigned.zip dummy_ota.zip -java -Xmx3072m -jar out/host/linux-x86/framework/signapk.jar -w $TMP_KEY_DIR/$USERKEY.x509.pem $TMP_KEY_DIR/$USERKEY.pk8 dummy_ota_unsigned.zip dummy_ota_alternate_signed.zip - -rm -rf $TMP_OTA_DIR -rm -rf $TMP_KEY_DIR - -popd -echo "OTA dummy generation complete!" diff --git a/test/ota-test-prepare b/test/ota-test-prepare deleted file mode 100755 index fe6c1b1..0000000 --- a/test/ota-test-prepare +++ /dev/null @@ -1,480 +0,0 @@ -#!/bin/bash - -# Allow job control -set -m - -# make sure our trap works -set -o pipefail -set -o errtrace -set -o errexit - -function bail { - local CALLER_LINENO=$1 - local EXIT_CODE=${2:-1} - echo "Failed near line $CALLER_LINENO with status $EXIT_CODE" - exit $EXIT_CODE -} - -trap 'bail ${LINENO}' ERR - -# Get the exact value of a external variable. -function get_external_var() -{ - local T=$ANDROID_BUILD_TOP - if [ ! "$T" ]; then - echo "Couldn't locate the top of the tree. Try setting TOP." >&2 - return - fi - (\cd $T; build/soong/soong_ui.bash --dumpvar-mode $1 ) -} - -export DEVICENAME=$(get_external_var TARGET_DEVICE) -echo "get TARGET_DEVICE: $DEVICENAME" - -export TESTKEYS=device/intel/build/testkeys -export PRODKEYS=device/intel/build/testkeys/production-test -export ANDROID_PW_FILE=$PRODKEYS/pwfile -export BOARD_VARIANT= -export PARALLEL= -export NO_LOGS= -export NO_BUILD_OTATOOLS= -export TFP= -export QUICK= -export FORCE_BUILD_TFPS= -export HAS_VARIANTS= -export PRODUCT_OUT=out/target/product/${DEVICENAME} -export HAS_SUPER= -export OPENSSL_CONF=${OPENSSL_CONF:-/etc/ssl/openssl.cnf} - -TOS_IMAGE_PARTITION_SIZE=10485760 -while getopts "qst:V:jlof" opt; do - case $opt in - s) - set -x - ;; - q) - export QUICK=1 - ;; - t) - export TFP=$OPTARG - ;; - V) - export BOARD_VARIANT=$OPTARG - ;; - j) - export PARALLEL=YES - ;; - l) - export NO_LOGS=YES - ;; - o) - export NO_BUILD_OTATOOLS=YES - ;; - f) - export FORCE_BUILD_TFPS=YES - ;; - \?) - echo "Usage:" - echo - echo " ota-test-prepare [-s -q -d ]" - echo " Create two builds A and B with deliverables for performing OTA + Secure Boot test cases" - echo - echo "OR" - echo - echo " ota-test-prepare [-s -d ] -t " - echo " Use an existing TFP and create 1 set of deliverables for performing OTA + Secure Boot test cases" - echo " The ota/ directory will contain a re-signed TFP, factory archive, and full-image OTA." - echo " The build name identifies the build, using A or B is typical" - echo - echo "Valid options:" - echo "-q: Just build testkey signed images for the 'quick' test cases" - echo "-s: Show commands being run" - echo "-t : Don't do own build; use supplied target-files to create a re-signed release" - echo "-V : Device variant" - echo "-j: Build output images in parallel (SSD recommended)" - echo "-l: Don't save log files, just emit everything to stdout (don't use with -j)" - echo "-o: skip building otatools, assume they are there" - echo "-f: force building target files packages even if they exist" - exit 1 - ;; - esac -done - -shift $((OPTIND-1)) - -NUM_CPUS=`grep -c ^processor /proc/cpuinfo` -if [ -n "`grep -o '^flags\b.*: .*\bht\b' /proc/cpuinfo | tail -1`" ]; then - NUM_CPUS=$(($NUM_CPUS / 2)) -fi - -export CONCURRENCY_LEVEL=$(($NUM_CPUS * 2 + 1)) -export OTA_TMP_DIR=ota/tmp/ -export MKTEMP="mktemp --tmpdir=ota/tmp/" -export product_dir=$(dirname $(find ${ANDROID_BUILD_TOP}/device/intel -name *.mk \ - ! \( -path "*/build/*" -prune \) ! \( -path "*/common/*" -prune \) \ - ! \( -path "*/mixins/*" -prune \) ! \( -path "*/sepolicy/*" -prune \) \ - ! \( -path "*/path_config.mk" -prune \) \ - -exec grep -l "PRODUCT_NAME := ${TARGET_PRODUCT}$" {} \;)) - -variants_enable_string="BOARD_DEVICE_MAPPING :=" -function has_variants { - if [ -z "$TFP" ]; then - HAS_VARIANTS=$(grep "$variants_enable_string" ${product_dir}/AndroidBoard.mk | wc -l || true) - else - HAS_VARIANTS=$(unzip -l ${TFP} | grep device_mapping.py | wc -l || true) - fi -} - -avb_enable_string="BOARD_AVB_ENABLE := true" -function check_avb { - IS_AVB=$(grep "$avb_enable_string" ${product_dir}/BoardConfig.mk | wc -l || true) -} - -dynamic_partition_enable_string="SUPER_IMG_IN_FLASHZIP := true" -function check_dynamic_partition { - HAS_SUPER=$(grep "$dynamic_partition_enable_string" ${product_dir}/device.mk | wc -l || true) -} - -function is_avb_enabled { - if [[ $IS_AVB -ge 1 ]]; then - return 0 # 0 is true - fi - return 1 # 1 is false -} - -# Args: -function sign_tfp { - t1=`$MKTEMP tmp.tfp1.XXXXXXXX` - t2=`$MKTEMP tmp.derkey.XXXXXXXX` - - generate_verity_key -convert $PRODKEYS/verity.x509.pem $t2 - - check_avb - - if is_avb_enabled; then - unzip $1 RADIO/tos.img -d $OTA_TMP_DIR - - device/intel/build/test/unsign_boot_img.py $OTA_TMP_DIR/RADIO/tos.img > ${PRODUCT_OUT}/tos.img - - avbtool add_hash_footer --image ${PRODUCT_OUT}/tos.img --partition_size $TOS_IMAGE_PARTITION_SIZE --partition_name tos --algorithm SHA256_RSA4096 --key $PRODKEYS/avb_releasekey.pem - - avbtool extract_public_key --key $PRODKEYS/avb_releasekey.pem --output $OTA_TMP_DIR/avb_pk.bin - - prebuilts/build-tools/linux-x86/bin/acp $PRODKEYS/avb_releasekey.pem external/avb/test/data/testkey_rsa4096.pem - fi - - if is_avb_enabled; then - ./device/intel/build/releasetools/sign_target_files_efis \ - --verbose \ - --oem-key $PRODKEYS/verity \ - --avb-key $OTA_TMP_DIR/avb_pk.bin \ - --key-mapping loader.efi=$PRODKEYS/DB \ - --key-mapping EFI/INTEL/KF4UEFI.EFI=$PRODKEYS/DB \ - $1 $t1 - - ./build/tools/releasetools/sign_target_files_apks \ - --verbose \ - --replace_ota_keys \ - --default_key_mappings $PRODKEYS $t1 $2 - - else - ./device/intel/build/releasetools/sign_target_files_efis \ - --verbose \ - --oem-key $PRODKEYS/verity \ - --key-mapping loader.efi=$PRODKEYS/DB \ - --key-mapping EFI/INTEL/KF4UEFI.EFI=$PRODKEYS/DB \ - $1 $t1 - - ./build/tools/releasetools/sign_target_files_apks \ - --verbose \ - --replace_ota_keys \ - --replace_verity_public_key ${t2}.pub \ - --replace_verity_private_key $PRODKEYS/verity \ - --default_key_mappings $PRODKEYS $t1 $2 - fi - - rm -f ${t2}.pub $t2 - rm $t1 -} - -# Args: -function build_provimg { - local add_image= - check_dynamic_partition - if [[ HAS_SUPER -ge 1 ]]; then - local img=ota/tmp/super.img - ./build/make/tools/releasetools/build_super_image.py -v $1 $img - add_image="--add_image=$img" - fi - if [ -z "$BOARD_VARIANT" ]; then - ./device/intel/build/releasetools/flashfiles_from_target_files \ - --verbose $add_image $1 $2 - else - ./device/intel/build/releasetools/flashfiles_from_target_files \ - --verbose --variant $BOARD_VARIANT $add_image $1 $2 - fi -} - -# Args: -function build_ota { - if [ -n "$3" ]; then - EXTRA_ARGS="--package_key $3" - else - EXTRA_ARGS= - fi - - [ -n "$BOARD_VARIANT" ] && EXTRA_ARGS="$EXTRA_ARGS --variant $BOARD_VARIANT" - - ./device/intel/build/releasetools/generate_otas --verbose \ - $EXTRA_ARGS $1 -f $2 -} - -# Args: -function build_inc_ota { - if [ -n "$4" ]; then - EXTRA_ARGS="--package_key $4" - else - EXTRA_ARGS= - fi - - [ -n "$BOARD_VARIANT" ] && EXTRA_ARGS="$EXTRA_ARGS --variant $BOARD_VARIANT" - - ./device/intel/build/releasetools/generate_otas --verbose \ - $EXTRA_ARGS -s $1 $2 -f $3 -} - -function rename_in_zip { - printf "@ $2\n@=$3\n" | zipnote -w $1 -} - -function reset_tree { - # Force EFI binaries to be rebuilt - rm -rf $OUT/obj/EFI - - echo "Cleaning source tree" - make installclean &> /dev/null -} - -function build_release { - RELNAME=$1 - BLOB=$2 - F1=$3 - F2=$4 - - reset_tree - - echo "Building source software version $RELNAME" - log_to make-${RELNAME}.log make -j$CONCURRENCY_LEVEL target-files-package - cp $OUT/obj/PACKAGING/target_files_intermediates/$TARGET_PRODUCT-target_files*.zip \ - $BASEDIR/tfp-$RELNAME-testkey.zip - - if [[ "$RELNAME" == "A" ]]; then - BBIN=blob1.bin - BLOBS1="A.bin" - BLOBS2="BOOTLOADER/D.bin" - else - BBIN=blob2.bin - BLOBS1="C.bin" - BLOBS2="BOOTLOADER/F.bin" - fi - - echo "Adding extra test case files to TFP for $RELNAME" - season_tfp $BASEDIR/tfp-$RELNAME-testkey.zip \ - ${INTEL_PATH_HARDWARE}/bootctrl/recovery/$BBIN \ - bootloader.zip $BLOBS1 B.bin - - if [ -n "$BOARD_VARIANT" ]; then - season_tfp $BASEDIR/tfp-$RELNAME-testkey.zip \ - ${INTEL_PATH_HARDWARE}/bootctrl/recovery/$BBIN \ - provdata_${BOARD_VARIANT}.zip \ - $BLOBS2 BOOTLOADER/E.bin - fi -} - - -# Does an in-place modification of a target-files-package to ensure that -# bootloader updates are working corectly. We add two extra files to -# the bootloader image which are copies of the supplied blob. -# In the source TFP, these will be called A.bin and B.bin. -# In the target TFP, these will be B.bin and C.bin. -# During the incremental OTA, A should be deleted, C created, -# and B patched. -# ARGS: -function season_tfp { - local_archive=`$MKTEMP tmp.bootloader.XXXXXXXX` - tfp=$1 - blob=$2 - archive=RADIO/$3 - fn1=$4 - fn2=$5 - - unzip -jp $tfp $archive > $local_archive - - zip -j $local_archive $blob - rename_in_zip $local_archive $(basename $blob) $fn1 - - zip -j $local_archive $blob - rename_in_zip $local_archive $(basename $blob) $fn2 - - zip -d $tfp $archive - zip -jm $tfp $local_archive - rename_in_zip $tfp $(basename $local_archive) $archive - - rm -rf $local_archive -} - - -# Args: -function background { - if [ -n "$PARALLEL" ]; then - log_to $@ & - else - log_to $@ - fi -} - -# Args: -function log_to { - if [ -n "$NO_LOGS" ]; then - shift - $@ - else - local LOGFILE=$BASEDIR/logs/$1 - shift - $@ &> $LOGFILE - fi -} - -# Args: -function wait_complete { - if [ -n "$PARALLEL" ]; then - for i in `seq 1 $1`; do - wait -n - done - fi -} - -if [ -z "$ANDROID_BUILD_TOP" ]; then - echo "Run lunch first!" - exit 1 -fi -if [[ -n "$TFP" ]]; then - if [[ -z "$1" ]]; then - echo "No build name provided!" - exit 1 - fi -fi - -if [ -z "$BOARD_VARIANT" ]; then - has_variants - if [ $HAS_VARIANTS -ge 1 ]; then - echo "${TARGET_PRODUCT} builds require use of -V parameter" - exit 1 - fi - - BASEDIR=ota/$TARGET_PRODUCT/ -else - BASEDIR=ota/$TARGET_PRODUCT-$BOARD_VARIANT/ -fi - -pushd $ANDROID_BUILD_TOP &> /dev/null -mkdir -p $BASEDIR -rm -rf $BASEDIR/ota*.zip $BASEDIR/flashfiles*.zip $BASEDIR/*.unfixed -rm -rf ota/tmp -mkdir -p ota/tmp -rm -rf $BASEDIR/logs -mkdir -p $BASEDIR/logs - -if [ -z "$NO_BUILD_OTATOOLS" ]; then - echo "Building support tools" - log_to make-otatools.log make -j$CONCURRENCY_LEVEL otatools -fi - -TS=`date +"%s"` - -echo "Generating lockdown oemvars" -background oemvars-pt.log device/intel/build/generate_bios_oemvars \ - -D $PRODKEYS/DB \ - -K $PRODKEYS/KEK \ - -P $PRODKEYS/PK \ - -T $TS \ - --unlock ota/unlock-pt.txt ota/oemvars-pt.txt - -background oemvars-testkeys.log device/intel/build/generate_bios_oemvars \ - -D $TESTKEYS/DB \ - -K $TESTKEYS/KEK \ - -P $TESTKEYS/PK \ - -T $TS \ - --unlock ota/unlock-testkeys.txt ota/oemvars-testkeys.txt - - -wait_complete 2 - -if [[ -n "$TFP" ]]; then - log_to sign_tfp-${1}.log sign_tfp $TFP $BASEDIR/tfp-${1}.zip - background flashfiles-${1}.log build_provimg $BASEDIR/tfp-${1}.zip $BASEDIR/flashfiles-${1}.zip - background ota-${1}.log build_ota $BASEDIR/tfp-${1}.zip $BASEDIR/ota-${1}.zip $PRODKEYS/releasekey - wait_complete 2 - echo "All done!" - exit -fi - -if [[ -n $FORCE_BUILD_TFPS || ! -f $BASEDIR/tfp-A-testkey.zip ]]; then - build_release A - RESIGN_A=true -fi - -if [[ -n $FORCE_BUILD_TFPS || ! -f $BASEDIR/tfp-B-testkey.zip ]]; then - build_release B - RESIGN_B=true -fi - -if [[ "$QUICK" != "1" ]]; then - echo "Re-signing target-files-packages" - NUM_WAIT=0 - if [[ -n "$RESIGN_A" || ! -f $BASEDIR/tfp-A.zip ]]; then - NUM_WAIT=$(($NUM_WAIT + 1)) - background sign_tfp-A.log sign_tfp $BASEDIR/tfp-A-testkey.zip $BASEDIR/tfp-A.zip - fi - if [[ -n "$RESIGN_B" || ! -f $BASEDIR/tfp-B.zip ]]; then - NUM_WAIT=$(($NUM_WAIT + 1)) - background sign_tfp-B.log sign_tfp $BASEDIR/tfp-B-testkey.zip $BASEDIR/tfp-B.zip - fi - wait_complete $NUM_WAIT -fi - -echo "Building flashfiles..." -NUM_WAIT=0 -if [[ "$QUICK" != "1" ]]; then - background flashfiles-A.log build_provimg $BASEDIR/tfp-A.zip $BASEDIR/flashfiles-A.zip - background flashfiles-B.log build_provimg $BASEDIR/tfp-B.zip $BASEDIR/flashfiles-B.zip - NUM_WAIT=$(($NUM_WAIT + 2)) -fi - -background flashfiles-A-testkey.log build_provimg $BASEDIR/tfp-A-testkey.zip $BASEDIR/flashfiles-A-testkey.zip -background flashfiles-B-testkey.log build_provimg $BASEDIR/tfp-B-testkey.zip $BASEDIR/flashfiles-B-testkey.zip -NUM_WAIT=$(($NUM_WAIT + 2)) - -wait_complete $NUM_WAIT - -NUM_WAIT=0 -echo "Building OTA update packages..." -if [[ "$QUICK" != "1" ]]; then - background ota-A.log build_ota $BASEDIR/tfp-A.zip $BASEDIR/ota-A.zip $PRODKEYS/releasekey - background ota-B.log build_ota $BASEDIR/tfp-B.zip $BASEDIR/ota-B.zip $PRODKEYS/releasekey - background ota-A-B.log build_inc_ota $BASEDIR/tfp-A.zip $BASEDIR/tfp-B.zip $BASEDIR/ota-A-B.zip $PRODKEYS/releasekey - background ota-B-A.log build_inc_ota $BASEDIR/tfp-B.zip $BASEDIR/tfp-A.zip $BASEDIR/ota-B-A.zip $PRODKEYS/releasekey - NUM_WAIT=$(($NUM_WAIT + 4)) -fi - -background ota-A-testkey.log build_ota $BASEDIR/tfp-A-testkey.zip $BASEDIR/ota-A-testkey.zip -background ota-B-testkey.log build_ota $BASEDIR/tfp-B-testkey.zip $BASEDIR/ota-B-testkey.zip -background ota-A-B-testkey.log build_inc_ota $BASEDIR/tfp-A-testkey.zip $BASEDIR/tfp-B-testkey.zip $BASEDIR/ota-A-B-testkey.zip -background ota-B-A-testkey.log build_inc_ota $BASEDIR/tfp-B-testkey.zip $BASEDIR/tfp-A-testkey.zip $BASEDIR/ota-B-A-testkey.zip -NUM_WAIT=$(($NUM_WAIT + 4)) - -wait_complete $NUM_WAIT - -popd -echo "OTA preparations complete!" - diff --git a/test/ota-test-secureboot b/test/ota-test-secureboot deleted file mode 100755 index be43f5b..0000000 --- a/test/ota-test-secureboot +++ /dev/null @@ -1,369 +0,0 @@ -#!/usr/bin/env bash - -# TODO: Add provision to store logcat logs for critical instances. -# TODO: Sideload test-cases are not covered. -# TODO: Consider creating configuration file for parameters. -# TODO: Interrupt at different OTA completion %age not in random time intervals. -# TODO: Use mechanical arm for VOL-UP key press and remove this workaround. -# TODO: In Official build test-cases, VOL-Up key intervention is required and USB connection loses. - -# Commented this, as this is breaking on negative test case execution and 'interrupt_OTA_update' tests when DUT is not detected. -# Bail on any errors -#set -e - -# Allow job control -set -m - -#set -x -#trap read debug - -# Print date and time after each command -export PROMPT_COMMAND=date - -# User Configurations -PRODUCT_NAME=$2 -BUILD_VARIANT=$3 -USERNAME=$4 -PASSWORD=$5 -BUILD_TARGET=$PRODUCT_NAME-$BUILD_VARIANT -if [ "$6" == "IRDA" ]; then - TARGET_FILE_SUFFIX=COHOL00 - OFFICIAL_REL_DST_B=$((OFFICIAL_REL_SRC_A+10)) - OFFICIAL_REL_URL=https://jfstor001.jf.intel.com/artifactory/irda-jf/irda-l/releases/$TARGET_FILE_SUFFIX -else - TARGET_FILE_SUFFIX=GMINLMASTER - OFFICIAL_REL_DST_B=$((OFFICIAL_REL_SRC_A+1)) - OFFICIAL_REL_URL=https://mcg-depot.intel.com/artifactory/simple/otc-jf/releases/gmin-l/ -fi -OFFICIAL_REL_SRC_A=$7 -# ISSUE: ANDROID_SERIAL doesn't behave well when PFT UI is open on same machine. -if [ ! "$8" ]; then ANDROID_DEVICEID=$(adb devices | grep -v 'List' | awk '{print ($1)}'); else ANDROID_SERIAL=$8; ANDROID_DEVICEID=$8; fi - - -case $1 in - -q) - export OTA_TESTS=1 - ;; - -s) - export OTA_TESTS=2 - STRESS_TEST_COUNT=1; - ;; - -r) - export OTA_TESTS=2 - STRESS_TEST_COUNT=100; - ;; - -o) - export OTA_TESTS=4 - ;; - -a) - export OTA_TESTS=7 - STRESS_TEST_COUNT=100; - ;; - *) - echo "Usage:" - echo - echo " ota-test-secureboot [-q -s -r -o -a] PRODUCT_NAME BUILD_VARIANT IDSID PASSWORD GMINL/IRDA OFFICIAL_REL_SRC_A ANDROID_DEVICEID" - echo - echo " Valid options [-o -q -r -s -a] :" - echo " -q: Execute QUICK test cases, requires first two parameters only" - echo " -s: Execute STANDARD test cases, requires first two parameters only" - echo " -r: Execute STANDARD test cases with stress test , requires first two parameters only" - echo " -o: Execute test cases on OFFICIAL BUILD" - echo " -a: Execute ALL (QUICK + STANDARD + STRESS + OFFICIAL BUILD) test cases" - echo - echo " Parameters" - echo " PRODUCT_NAME: Product name like byt_mrd7 / ecs_e7 / fxn_anchor8 / coho" - echo " BUILD_VARIANT: userdebug / user / eng" - echo " IDSID: Intel's IDSID" - echo " PASSWORD: Password associated with IDSID" - echo " GMINL/IRDA : Supply GMINL or IRDA for selecting official build. " - echo " OFFICIAL_REL_SRC_A: Official Release # '107' to be used as source, its consecutive release will be used as Destination in GMINL and +10 in IRDA" - echo " ANDROID_DEVICEID [Optional parameter]: Supply Android DUT Device ID in case multiple devices are connected to Host machine " - echo - [[ $PS1 ]]&&return||exit; - ;; -esac - - -##### Functions - -function confirmStateSleepNReboot { - WaitForDUTStateTOCnt=1 - if [ "$1" == "fastboot" ]; then COMMAND=fastboot; else COMMAND=adb; fi - while true - do - if ($COMMAND -s $ANDROID_DEVICEID devices | grep $1) || [ $WaitForDUTStateTOCnt -eq 200 ] - then - echo $(date) 'Entered '$1' Mode in '`expr $WaitForDUTStateTOCnt \\* 3`' seconds'; break - else - echo $(date) 'Waiting to enter into '$1' Mode' $((WaitForDUTStateTOCnt++)); sleep 3 - fi - done - sleep $2 - if [ "$3" == "reboot" ]; then $COMMAND -s $ANDROID_DEVICEID reboot; fi -} - - -function provisionDevice { - echo $(date) 'provisionDevice('$1')' - adb -s $ANDROID_DEVICEID reboot dnx - confirmStateSleepNReboot fastboot 2 noReboot - echo $(date) 'Flash Source software A' - cflasher -f $1 -x flash.xml - echo $(date) 'Wait for UI to reach lock screen' - adb -s $ANDROID_DEVICEID wait-for-device - # If 'Boot has been completed' gives timing trouble, use 'HWC_POWER_MODE_OFF' instead - adb -s $ANDROID_DEVICEID logcat -v time | grep -e 'Boot has been completed' --max-count=1 -} - -function verify_SW { - echo $(date) 'verify_SW('$1')' - adb -s $ANDROID_DEVICEID wait-for-device - echo $(date) 'Reboot into fastboot mode' - adb -s $ANDROID_DEVICEID reboot fastboot - confirmStateSleepNReboot fastboot 2 noReboot - # ISSUE: If VOL-UP key is not pressed and timeout happens. DUT boots into normal mode than fastboot mode. - echo $(date) 'Confirm whether update in DUT is done' - ./device/intel/build/verify_from_target_files $1 - echo $(date) 'Boot into normal mode' - fastboot -s $ANDROID_DEVICEID reboot - adb -s $ANDROID_DEVICEID wait-for-device - adb -s $ANDROID_DEVICEID logcat -v time | grep -e 'Boot has been completed' --max-count=1 - batteryLevel=$(adb -s $ANDROID_DEVICEID shell dumpsys battery | grep level | awk '{print ($2)}' | tr -d '\r') - if [ $batteryLevel -le 10 ]; then echo Low Battery = $batteryLevel, Charging for 30 minutes; sleep 1800; else echo Battery is $batteryLevel%; fi -} - -function interrupt_OTA_update { - echo $(date) 'Waiting for DUT to enter recovery mode' - echo $(date) 'Interrupt/Power-Off DUT at different completion %age during OTA update.' - #confirmStateSleepNReboot recovery 5 reboot - confirmStateSleepNReboot recovery 10 reboot - #confirmStateSleepNReboot recovery 15 reboot - #confirmStateSleepNReboot recovery 20 reboot - #confirmStateSleepNReboot recovery 25 reboot - #confirmStateSleepNReboot recovery 30 reboot - #confirmStateSleepNReboot recovery 35 reboot - #confirmStateSleepNReboot recovery 40 reboot - echo $(date) 'Let OTA update finish which can even take few minutes and boot to UI' - adb -s $ANDROID_DEVICEID wait-for-device - adb -s $ANDROID_DEVICEID logcat -v time | grep -e 'Boot has been completed' --max-count=1 -} - -##### MAIN CODE begins - -echo $(date) 'Make sure BIOS settings are correct' -echo $(date) 'This script will take few hours to execute !!!' -echo $(date) 'Setup environment and confirm DUT provisioning before tests execution' - -echo $(date) 'Skip VOL-UP key user inputs using this work-around.' -cd hardware/intel/kernelflinger/ -if git log | grep -e 'I7993d46f75aa11b7efec032daf3272f4c4011de9' --max-count=1 -then - echo $(date) 'Commit Exists' -else - git fetch git://android.intel.com/a/bsp/hardware/intel/efi/kernelflinger refs/changes/75/297975/1 && git cherry-pick FETCH_HEAD -fi -cd - - -echo $(date) 'Setting Build Environment' -. build/envsetup.sh -lunch $BUILD_TARGET - -if [ "$OTA_TESTS" -eq 7 ]; then - echo $(date) "ALL OTA Secure boot TESTS : QUICK + STANDARD + STRESS + OFFICIAL BUILD" -fi - -if [ "$OTA_TESTS" -eq 1 ] || [ "$OTA_TESTS" -eq 7 ]; then - echo $(date) "Test_Q: QUICK OTA Secure boot TESTS" - - rm -rf ota_q - echo $(date) 'Test_Q: Create quick test packages : ota-test-prepare -q' - ./device/intel/build/test/ota-test-prepare -q - echo $(date) 'Test_Q: Backup quick test packages to another folder to save from overwriting' - cp -rfv ota ota_q - - echo $(date) 'Test_Q: Test update from A->B and DUT will boot with B' - provisionDevice ota/flashfiles-A-testkey.zip - adb -s $ANDROID_DEVICEID shell getprop > ota_q/getprop_A.log - verify_SW ota/tfp-A-testkey.zip - ./device/intel/build/test/flash-update ota/ota-A-B-testkey.zip $ANDROID_DEVICEID - interrupt_OTA_update - adb -s $ANDROID_DEVICEID shell getprop > ota_q/getprop_B.log - verify_SW ota/tfp-B-testkey.zip - - echo $(date) 'Test_Q: Test update from B->A' - ./device/intel/build/test/flash-update ota/ota-B-A-testkey.zip $ANDROID_DEVICEID - interrupt_OTA_update - adb -s $ANDROID_DEVICEID shell getprop > ota_q/getprop_A1.log - verify_SW ota/tfp-A-testkey.zip -fi - -if [ "$OTA_TESTS" -eq 2 ] || [ "$OTA_TESTS" -eq 7 ]; then - echo $(date) "Test_S: STANDARD OTA Secure boot TESTS" - - rm -rf ota_s - - # Provision DUT before starting tests to ensure build/DUT is good. - make -j12 - make flashfiles -j12 - provisionDevice $OUT/$PRODUCT_NAME-flashfiles-eng.$USER.zip - adb -s $ANDROID_DEVICEID shell getprop > ota_s/getprop_A.log - - echo $(date) 'Test_S: Create standard test packages : ota-test-prepare -s' - ./device/intel/build/test/ota-test-prepare -s - echo $(date) 'Test_S: Backup test packages to another folder to save from overwriting' - cp -rfv ota ota_s - -: <<'COMMENT_LOCAL-TEST_UPDATE-KEY' - echo $(date) 'Test_S: Provision with production keys' - fastboot -s $ANDROID_DEVICEID oem unlock - sleep 10 - fastboot -s $ANDROID_DEVICEID flash efirun hardware/intel/efi_prebuilts/efitools/linux-x86_64/production-test/LockDownPT.efi - sleep 10 - fastboot -s $ANDROID_DEVICEID reboot-bootloader - sleep 10 - fastboot -s $ANDROID_DEVICEID oem verified - sleep 10 - fastboot -s $ANDROID_DEVICEID reboot-bootloader -COMMENT_LOCAL-TEST_UPDATE-KEY - - provisionDevice ota/flashfiles-A.zip - adb -s $ANDROID_DEVICEID shell getprop > ota_s/getprop_A0.log - echo $(date) 'Test_S: verify provisioned SW with wrong input, negative testcase' - verify_SW ota/tfp-B-testkey.zip - echo $(date) 'Test_S: verify provisioned SW with correct input' - # DOUBT: Which key we should use for verification. - verify_SW ota/tfp-A.zip - echo $(date) 'Test_S: verify provisioned SW with correct input and interruption' - # ISSUE: DUT becomes unresponsive after executing this test-case. -: <<'COMMENT_FAILURE_TESTCASE_VERIFY_INTERRUPT' - adb reboot fastboot - confirmStateSleepNReboot fastboot 2 noReboot - ./device/intel/build/verify_from_target_files ota/tfp-A.zip & - sleep 5 - pkill fastboot -COMMENT_FAILURE_TESTCASE_VERIFY_INTERRUPT - - echo $(date) 'Test_S: Full image update from A->B' - echo $(date) 'Test_S: Negative test case, send same SW which is provisioned.' - # ISSUE: ./device/intel/build/test/flash-update fails if multiple devices are connected with Host. And there is no provision for providing DUT DeviceID. - ./device/intel/build/test/flash-update ota/ota-A.zip $ANDROID_DEVICEID - interrupt_OTA_update - # ISSUE: It tries to update the provisioned SW. - adb -s $ANDROID_DEVICEID shell getprop > ota_s/getprop_A0.1.log - verify_SW ota/tfp-A.zip - echo $(date) 'Test_S: Provide correct inputs for full image update.' - ./device/intel/build/test/flash-update ota/ota-B.zip $ANDROID_DEVICEID - interrupt_OTA_update - adb -s $ANDROID_DEVICEID shell getprop > ota_s/getprop_B1.log - verify_SW ota/tfp-B.zip - # ISSUE: Cannot update back to Software A. Remove comments and below provisioning line after this issue is resolved. -: <<'COMMENT_FAILURE_TESTCASE_FULL_OTA_ANTIROLLBACK' - echo $(date) 'Test_S: Full image update from B->A' - ./device/intel/build/test/flash-update ota/ota-A.zip $ANDROID_DEVICEID - interrupt_OTA_update -COMMENT_FAILURE_TESTCASE_FULL_OTA_ANTIROLLBACK - provisionDevice ota/flashfiles-A.zip - adb -s $ANDROID_DEVICEID shell getprop > ota_s/getprop_A1.log - verify_SW ota/tfp-A.zip - - LoopCounter=1 - while [ $LoopCounter -le $STRESS_TEST_COUNT ] - do - echo $(date) 'Test_R: OTA Update Count # ' $((LoopCounter++)) - echo $(date) 'Test_R: Update from A->B' - ./device/intel/build/test/flash-update ota/ota-A-B.zip $ANDROID_DEVICEID - interrupt_OTA_update - adb -s $ANDROID_DEVICEID shell getprop > ota_s/getprop_B$LoopCounter.log - verify_SW ota/tfp-B.zip - - echo $(date) 'Test_R: Update from B->A' - echo $(date) 'Test_R: Send wrong update package, it should fail. Negative testcase' - ./device/intel/build/test/flash-update ota/ota-A-B.zip $ANDROID_DEVICEID - echo $(date) 'Test_R: Wait for device to fail update and reboot into normal mode' - sleep 15 - adb -s $ANDROID_DEVICEID wait-for-device - adb -s $ANDROID_DEVICEID logcat -v time | grep -e 'Boot has been completed' --max-count=1 - verify_SW ota/tfp-B.zip - echo $(date) 'Test_R: Send correct update package' - ./device/intel/build/test/flash-update ota/ota-B-A.zip $ANDROID_DEVICEID - interrupt_OTA_update - adb -s $ANDROID_DEVICEID shell getprop > ota_s/getprop_A$LoopCounter.log - verify_SW ota/tfp-A.zip - done - # ISSUE: adb reboot dnx stops working after exiting the loop. -fi - -if [ "$OTA_TESTS" -eq 4 ] || [ "$OTA_TESTS" -eq 7 ]; then - echo $(date) "OFFICIAL BUILD OTA Secure boot TESTS" - - echo $(date) 'Test_O: Download Official Releases' - mkdir -p downloadRelease - cd downloadRelease - wget --no-proxy --user=$USERNAME --password=$PASSWORD $OFFICIAL_REL_URL$OFFICIAL_REL_SRC_A/$BUILD_TARGET/out/dist/$PRODUCT_NAME-target_files-$TARGET_FILE_SUFFIX$OFFICIAL_REL_SRC_A.zip - wget --no-proxy --user=$USERNAME --password=$PASSWORD $OFFICIAL_REL_URL$OFFICIAL_REL_DST_B/$BUILD_TARGET/out/dist/$PRODUCT_NAME-target_files-$TARGET_FILE_SUFFIX$OFFICIAL_REL_DST_B.zip - croot - - rm -rf ota_o - echo $(date) 'Test_O: Create test packages from Official Release' - echo $(date) 'Test_O: Create TFP source package' - ./device/intel/build/test/ota-test-prepare -s -t downloadRelease/$PRODUCT_NAME-target_files-GMINLMASTER$OFFICIAL_REL_SRC_A.zip A - echo $(date) 'Test_O: Create TFP destination package' - ./device/intel/build/test/ota-test-prepare -s -t downloadRelease/$PRODUCT_NAME-target_files-GMINLMASTER$OFFICIAL_REL_DST_B.zip B - echo $(date) 'Test_O: Create ota package from A->B' - ./build/tools/releasetools/ota_from_target_files --verbose -i ota/tfp-A.zip ota/tfp-B.zip ota/ota-A-B.zip - echo $(date) 'Test_O: Create ota package from B->A' - ./build/tools/releasetools/ota_from_target_files --verbose -i ota/tfp-B.zip ota/tfp-A.zip ota/ota-B-A.zip - echo $(date) 'Test_O: Backup official test packages to another folder to save from overwriting' - rm -rf downloadRelease/ - cp -rfv ota ota_o - - echo $(date) 'Test_O: Full image update from A->B' - provisionDevice ota/flashfiles-A.zip - adb -s $ANDROID_DEVICEID shell getprop > ota_o/getprop_A.log - ./device/intel/build/test/flash-update ota/ota-B.zip $ANDROID_DEVICEID - # ISSUE: Enters into recovery screen with options enabled. Signature verification failed. - # ISSUE: Enters into recovery screen with options enabled. While OTA update in recovery mode, UI was blank. - # ISSUE: If VOL-UP is not pressed immediately before DUT goes to sleep, OTA process doesn't start on Power-On again. - confirmStateSleepNReboot recovery 0 noReboot - adb -s $ANDROID_DEVICEID wait-for-device - adb -s $ANDROID_DEVICEID logcat -v time | grep -e 'Boot has been completed' --max-count=1 - # TODO: Confirm the verification key input zip file name - #verify_SW ota/ota-B.zip - adb -s $ANDROID_DEVICEID shell getprop > ota_o/getprop_B.log - echo $(date) 'Test_O: Full image update from B->A' - ./device/intel/build/test/flash-update ota/ota-A.zip $ANDROID_DEVICEID - # ISSUE: Cannot update back to Software A. - #interrupt_OTA_update - confirmStateSleepNReboot recovery 0 noReboot - adb -s $ANDROID_DEVICEID wait-for-device - adb -s $ANDROID_DEVICEID logcat -v time | grep -e 'Boot has been completed' --max-count=1 - #verify_SW ota/tfp-A.zip - adb -s $ANDROID_DEVICEID shell getprop > ota_o/getprop_A1.log - - echo $(date) 'Test_O: Update from A->B' - # TODO: Remove below lines as SW A already rolled-back so no need to reprovision. - provisionDevice ota/flashfiles-A.zip - adb -s $ANDROID_DEVICEID shell getprop > ota_o/getprop_A2.log - ./device/intel/build/test/flash-update ota/ota-A-B.zip $ANDROID_DEVICEID - # Issue: Interrupting OTA is not working. - #interrupt_OTA_update - adb -s $ANDROID_DEVICEID shell getprop > ota_o/getprop_B1.log - verify_SW ota/tfp-B.zip - - echo $(date) 'Test_O: Update from B->A' - ./device/intel/build/test/flash-update ota/ota-B-A.zip $ANDROID_DEVICEID - #interrupt_OTA_update - adb -s $ANDROID_DEVICEID shell getprop > ota_o/getprop_A2.log - verify_SW ota/tfp-A.zip -fi - -rm -rf ota/ - -echo $(date) 'Please manually delete ota_q/ota_s/ota_r folders, if not required.' -echo $(date) 'OTA Secure test cases finished execution' - -##### MAIN CODE ends - - - diff --git a/test/parse_rsci_table.py b/test/parse_rsci_table.py deleted file mode 100755 index 08991cc..0000000 --- a/test/parse_rsci_table.py +++ /dev/null @@ -1,151 +0,0 @@ -#!/usr/bin/env python - -# Copyright (c) 2015, Intel Corporation. -# Author: Leo Sartre - -import sys -import struct -import array - -rsci_header = struct.Struct('< 4c I B B 6c 8c I 4c I') -rsci_fields_v1 = struct.Struct('< B B B B I') -rsci_fields_v2 = struct.Struct('< B B B B I I') - -# dictionary to translate values into a human readable format -translate_dict = {'wake_source': ["WAKE_NOT_APPLICABLE", - "WAKE_BATTERY_INSERTED", - "WAKE_USB_CHARGER_INSERTED", - "WAKE_ACDC_CHARGER_INSERTED", - "WAKE_POWER_BUTTON_PRESSED", - "WAKE_RTC_TIMER", - "WAKE_BATTERY_REACHED_IA_THRESHOLD"], - 'reset_source_v1': ["RESET_NOT_APPLICABLE", - "RESET_OS_INITIATED", - "RESET_FORCED", - "RESET_FW_UPDATE", - "RESET_KERNEL_WATCHDOG", - "RESET_SECURITY_WATCHDOG", - "RESET_SECURITY_INITIATED", - "RESET_PMC_WATCHDOG", - "RESET_EC_WATCHDOG", - "RESET_PLATFORM_WATCHDOG"], - 'reset_source_v2': ["RESET_NOT_APPLICABLE", - "RESET_OS_INITIATED", - "RESET_FORCED", - "RESET_FW_UPDATE", - "RESET_KERNEL_WATCHDOG", - "RESERVED_5", - "RESERVED_6", - "RESERVED_7", - "RESET_EC_WATCHDOG", - "RESET_PMIC_WATCHDOG", - "RESERVED_10", - "RESET_SHORT_POWER_LOSS", - "RESET_PLATFORM_SPECIFIC"], - 'shutdown_source': ["SHTDWN_NOT_APPLICABLE", - "SHTDWN_POWER_BUTTON_OVERRIDE", - "SHTDWN_BATTERY_REMOVAL", - "SHTDWN_VCRIT", - "SHTDWN_THERMTRIP", - "SHTDWN_PMICTEMP", - "SHTDWN_SYSTEMP", - "SHTDWN_BATTEMP", - "SHTDWN_SYSUVP", - "SHTDWN_SYSOVP", - "SHTDWN_SECURITY_WATCHDOG", - "SHTDWN_SECURITY_INITIATED", - "SHTDWN_PMC_WATCHDOG", - "SHTDWN_EC_WATCHDOG", - "SHTDWN_PLATFORM_WATCHDOG"], - 'reset_type': ["NOT_APPLICABLE", - "WARM_RESET", - "COLD_RESET", - "RESERVED_3", - "RESERVED_4", - "RESERVED_5", - "RESERVED_6", - "GLOBAL_RESET"] -} - - -def translate(field, value): - ret = "NO_TRANSLATION_AVAILABLE" - if (field in list(translate_dict.keys())): - if (value < len(translate_dict[field])): - ret = translate_dict[field][value] - else: - ret = "UNKNOWN_VALUE" - return ret - - -def usage(): - print("usage: {0} ".format(sys.argv[0])) - - -def verify_checksum(f): - fd = open(f, mode='rb') - rsci_table = array.array('B', fd.read()) - fd.close() - return sum(rsci_table) % 0x100 - - -def print_header(header): - print("RSCI HEADER") - print("\tsignature : {}".format(''.join(header[0:4]))) - print("\tlength : {}".format(header[4])) - print("\trevision : {}".format(header[5])) - print("\toemid : {}".format(''.join(header[7:13]))) - print("\toem_table_id : {}".format(''.join(header[13:21]))) - print("\toem_revision : {}".format(header[21])) - print("\tcreator_id : {}".format(''.join(header[22:26]))) - print("\tcreator_revision : 0x{0:x}".format(header[26])) - - -def print_fields(fields, revision): - print("RSCI FIELDS") - print("\twake_source : {0} ({1})".format(fields[0], translate('wake_source', fields[0]))) - if (revision == 2): - print("\treset_source : {0} ({1})".format(fields[1], translate('reset_source_v2', fields[1]))) - else: - print("\treset_source : {0} ({1})".format(fields[1], translate('reset_source_v1', fields[1]))) - print("\treset_type : {0} ({1})".format(fields[2], translate('reset_type', fields[2]))) - print("\tshutdown_source : {0} ({1})".format(fields[3], translate('shutdown_source', fields[3]))) - print("\tindicator : {0}".format(fields[4])) - if (revision == 2): - print("\treset extra info : 0x{0:x}".format(fields[5])) - - -def print_table(header, fields, revision): - print_header(header) - print_fields(fields, revision) - - -def dump_binary_table(f): - fd = open(f, mode='rb') - header = rsci_header.unpack(fd.read(rsci_header.size)) - revision = header[5] - if (revision == 1): - fields = rsci_fields_v1.unpack(fd.read(rsci_fields_v1.size)) - elif (revision == 2): - fields = rsci_fields_v2.unpack(fd.read(rsci_fields_v2.size)) - else: - print("Error: Unknown revision {}".format(revision)) - fd.close() - exit(-1) - print_table(header, fields, revision) - fd.close() - - -if __name__ == "__main__": - if len(sys.argv) == 2: - # Before using the table, we compute the sum of fields - # It should be equal to zero (mod 0x100), otherwise the table - # is corrupted - if (verify_checksum(sys.argv[1]) == 0): - dump_binary_table(sys.argv[1]) - else: - print("Error: Table is corrupted!") - exit(-1) - else: - usage() - exit(-1) diff --git a/test/releasetools.py b/test/releasetools.py deleted file mode 100644 index 834f870..0000000 --- a/test/releasetools.py +++ /dev/null @@ -1,481 +0,0 @@ -import common -import fnmatch -import os -import sys -import tempfile -import subprocess -import zipfile -import json -import hashlib -import os, errno -import shlex -import shutil -import imp -import time -import collections -import time -import re -import random - -from io import StringIO - -sys.path.append("device/intel/build/releasetools") -import intel_common - -_SIMG2IMG = "out/host/linux-x86/bin/simg2img" -_FASTBOOT = "out/host/linux-x86/bin/fastboot" -_STRINGS = "out/host/linux-x86/poky/sysroots/x86_64-pokysdk-linux/usr/bin/x86_64-poky-linux/x86_64-poky-linux-strings" -_VERIFYTOOL = "device/intel/build/test/verify_from_ota" -OPTIONS = common.OPTIONS -need_verify = 1 -verify_multiboot = None -multiboot_patchinfo = None -tos_patchinfo = None -vbmeta_patchinfo = None -verify_vbmeta = None -verify_recovery = None -verify_acpi = None -verify_acpio = None -verify_product = None - -def hash_sparse_ext4_image(image_name): - - print("TFP: ", image_name) - t = tempfile.NamedTemporaryFile(delete=False) - OPTIONS.tempfiles.append(t.name) - t.close() - - subprocess.check_call([_SIMG2IMG, image_name, t.name]) - remain = os.path.getsize(t.name) - fd = open(t.name) - hc = hashlib.sha1() - - while (remain): - data = fd.read(1024 * 1024) - hc.update(data) - remain = remain - len(data) - - print("system hash", hc.hexdigest()) - fd.close() - return hc.hexdigest() - - -def GetBootloaderImagesfromFls(unpack_dir, variant=None): - """ ABL bootloaders, comprise of - various partitions. The partitions are fixed """ - global verify_multiboot, verify_recovery, verify_vbmeta - global verify_acpi, verify_acpio, verify_product - - additional_data_hash = collections.OrderedDict() - #need get boot/recovery/system data first - curr_loader = "bootloader.img" - loader_filepath = os.path.join(unpack_dir, "RADIO", curr_loader) - if not os.path.exists(loader_filepath): - print("Can't find ", loader_filepath) - print("GetBootloaderImagesfromFls failed") - return - loader_file = open(loader_filepath) - loader_data = loader_file.read() - additional_data_hash['bootloader'] = loader_data - loader_file.close() - strings_out = subprocess.check_output([_STRINGS, loader_filepath], stderr=subprocess.STDOUT); - for firmware in strings_out.split('\n'): - if "rel." in firmware: - firmware_pattern=re.compile(r'(rel.\d+)(.*-(HF|hf)\d+\h*)?') - additional_data_hash['firmware'] = re.search(firmware_pattern,firmware).group() - break; - - #need get boot/recovery/system data first - curr_loader = "boot.img" - loader_filepath = os.path.join(unpack_dir, "IMAGES", curr_loader) - if not os.path.exists(loader_filepath): - print("Can't find ", loader_filepath) - print("GetBootloaderImagesfromFls failed") - return - loader_file = open(loader_filepath) - loader_data = loader_file.read() - additional_data_hash['boot'] = loader_data - loader_file.close() - - if verify_recovery is not None: - curr_loader = "recovery.img" - loader_filepath = os.path.join(unpack_dir, "IMAGES", curr_loader) - if not os.path.exists(loader_filepath): - print("Can't find ", loader_filepath) - print("GetBootloaderImagesfromFls failed") - return - loader_file = open(loader_filepath) - loader_data = loader_file.read() - additional_data_hash['recovery'] = loader_data - loader_file.close() - - if verify_vbmeta is not None: - curr_loader = "vbmeta.img" - loader_filepath = os.path.join(unpack_dir, "IMAGES", curr_loader) - if not os.path.exists(loader_filepath): - print("Can't find ", loader_filepath) - print("GetBootloaderImagesfromFls failed") - return - loader_file = open(loader_filepath) - loader_data = loader_file.read() - additional_data_hash['vbmeta'] = loader_data - loader_file.close() - - curr_loader = "system.img" - loader_filepath = os.path.join(unpack_dir, "IMAGES", curr_loader) - if not os.path.exists(loader_filepath): - print("Can't find ", loader_filepath) - print("GetBootloaderImagesfromFls failed") - return - additional_data_hash['system'] = str(hash_sparse_ext4_image(loader_filepath)) - - if verify_multiboot is not None: - curr_loader = "multiboot.img" - loader_filepath = os.path.join(unpack_dir, "RADIO", curr_loader) - if os.path.exists(loader_filepath): - loader_file = open(loader_filepath) - loader_data = loader_file.read() - additional_data_hash['multiboot'] = loader_data - loader_file.close() - curr_loader = "tos.img" - loader_filepath = os.path.join(unpack_dir, "RADIO", curr_loader) - if os.path.exists(loader_filepath): - loader_file = open(loader_filepath) - loader_data = loader_file.read() - additional_data_hash['tos'] = loader_data - loader_file.close() - - curr_loader = "vendor.img" - loader_filepath = os.path.join(unpack_dir, "IMAGES", curr_loader) - if not os.path.exists(loader_filepath): - print("Can't find ", loader_filepath) - print("GetBootloaderImagesfromFls failed") - return - additional_data_hash['vendor'] = str(hash_sparse_ext4_image(loader_filepath)) - - if verify_acpi is not None: - curr_loader = "acpi.img" - loader_filepath = os.path.join(unpack_dir, "RADIO", curr_loader) - if not os.path.exists(loader_filepath): - print("Can't find ", loader_filepath) - print("GetBootloaderImagesfromFls failed") - return - loader_file = open(loader_filepath) - loader_data = loader_file.read() - additional_data_hash['acpi'] = loader_data - loader_file.close() - - if verify_acpio is not None: - curr_loader = "acpio.img" - loader_filepath = os.path.join(unpack_dir, "RADIO", curr_loader) - if not os.path.exists(loader_filepath): - print("Can't find ", loader_filepath) - print("GetBootloaderImagesfromFls failed") - return - loader_file = open(loader_filepath) - loader_data = loader_file.read() - additional_data_hash['acpio'] = loader_data - loader_file.close() - - if verify_product is not None: - curr_loader = "product.img" - loader_filepath = os.path.join(unpack_dir, "IMAGES", curr_loader) - if not os.path.exists(loader_filepath): - print("Can't find ", loader_filepath) - print("GetBootloaderImagesfromFls failed") - return - additional_data_hash['product'] = str(hash_sparse_ext4_image(loader_filepath)) - - return additional_data_hash - -def Get_verifydata(info,infoinput): - print("Trying to get verify data...") - variant = None - - for app in [_SIMG2IMG, _FASTBOOT, _VERIFYTOOL, _STRINGS]: - if not os.path.exists(app): - print("Can't find", app) - print("Get_verifydata failed") - return - - print("Extracting bootloader archive...") - additional_data = GetBootloaderImagesfromFls(infoinput,None) - if not additional_data: - print("additional_data is None") - return - bootloader_sizes = "" - imghash_value = "..." - imghash_bootloader = "" - - for imgname, imgdata in additional_data.items(): - print("OTA verify with ", imgname) - if imgname != 'system' and imgname != 'boot' and imgname != 'recovery' and imgname != 'vbmeta' \ - and imgname != 'vendor' and imgname != 'multiboot' and imgname != 'tos' and imgname != 'firmware' \ - and imgname != 'acpi' and imgname != 'acpio' and imgname != 'product': - bootloader_sizes += ":" + str(len(imgdata)) - if imgname != 'system' and imgname != 'vendor' and imgname != 'firmware' and imgname != 'product': - imghash_value += "\n(bootloader) target: /" + str(imgname) - imghash_value += "\n(bootloader) hash: " + str(hashlib.sha1(imgdata).hexdigest()) - if imgname == 'system' or imgname == 'vendor' or imgname == 'product': - imghash_value += "\n(bootloader) target: /" + str(imgname) - imghash_value += "\n(bootloader) hash: " + str(imgdata) - if imgname == 'firmware': - imghash_value += "\n(bootloader) target: /" + str(imgname) - imghash_value += "\n(bootloader) version: " + imgdata - imghash_value += imghash_bootloader + "\n" - - common.ZipWriteStr(info.output_zip, "verify/fastbootcmd.txt", bootloader_sizes) - common.ZipWriteStr(info.output_zip, "verify/hashesfromtgt.txt", imghash_value) - #write fastboot tool - f = open(_FASTBOOT, "rb") - fbbin = f.read() - common.ZipWriteStr(info.output_zip, "verify/fastboot", fbbin, perms=0o755) - f.close() - #Save verify_from_ota script to OTA package - f = open(_VERIFYTOOL, "r") - data = f.read() - common.ZipWriteStr(info.output_zip, "verify/verify_from_ota", data, perms=0o755) - f.close() - -def WriteMultiboot(info, multiboot_img): - common.ZipWriteStr(info.output_zip, "multiboot.img", multiboot_img) - try: - info.script.WriteRawImage("/multiboot", "multiboot.img") - except (IOError, KeyError): - print("no /multiboot partition in target_files; skipping install") - -def WriteTos(info, tos_img): - common.ZipWriteStr(info.output_zip, "tos.img", tos_img) - try: - info.script.WriteRawImage("/tos", "tos.img") - except (IOError, KeyError): - print("no /tos partition in target_files; skipping install") - -def WriteVbmeta(info, vbmeta_img): - common.ZipWriteStr(info.output_zip, "vbmeta.img", vbmeta_img) - try: - info.script.WriteRawImage("/vbmeta", "vbmeta.img") - except (IOError, KeyError): - print("no /vbmeta partition in target_files; skipping install") - -def WriteBldr(info, bootloader_img): - common.ZipWriteStr(info.output_zip, "bootloader.img", bootloader_img) - info.script.WriteRawImage("/bootloader", "bootloader.img") - info.script.script.append('capsule_abl("m1:@0");') - -def IncrementalOTA_VerifyEnd(info): - global multiboot_patchinfo - global tos_patchinfo - - fstab = info.script.info.get("fstab", None) - try: - if fstab['/multiboot'].device: - multibootimg_type, multibootimg_device = common.GetTypeAndDevice("/multiboot", OPTIONS.info_dict) - verbatim_targets, m_patch_list, output_files = \ - intel_common.ComputeBinOrImgPatches(OPTIONS.source_tmp, - OPTIONS.target_tmp, "multiboot.img") - if output_files is None: - print("multiboot.img is none, skipping install") - else: - print("multiboot.img is exist. Add the patch.") - if not verbatim_targets and m_patch_list: - (tf,sf) = m_patch_list - info.script.PatchCheck("%s:%s:%d:%s:%d:%s" % - (multibootimg_type, multibootimg_device, sf.size, - sf.sha1, tf.size, tf.sha1)) - multiboot_patchinfo = (multibootimg_type, multibootimg_device, sf, tf) - common.ZipWriteStr(info.output_zip, "patch/multiboot.img.p", output_files) - if fstab['/tos'].device: - tosimg_type, tosimg_device = common.GetTypeAndDevice("/tos", OPTIONS.info_dict) - verbatim_targets, m_patch_list, output_files = \ - intel_common.ComputeBinOrImgPatches(OPTIONS.source_tmp, - OPTIONS.target_tmp, "tos.img") - if output_files is None: - print("tos.img is none, skipping install") - else: - print("tos.img is exist. Add the patch.") - if not verbatim_targets and m_patch_list: - (tf,sf) = m_patch_list - info.script.PatchCheck("%s:%s:%d:%s:%d:%s" % - (tosimg_type, tosimg_device, sf.size, - sf.sha1, tf.size, tf.sha1)) - tos_patchinfo = (tosimg_type, tosimg_device, sf, tf) - common.ZipWriteStr(info.output_zip, "patch/tos.img.p", output_files) - if fstab['/vbmeta'].device: - vbmetaimg_type, vbmetaimg_device = common.GetTypeAndDevice("/vbmeta", OPTIONS.info_dict) - verbatim_targets, m_patch_list, output_files = \ - intel_common.ComputeBinOrImgPatches(OPTIONS.source_tmp, - OPTIONS.target_tmp, "vbmeta.img") - if output_files is None: - print("vbmeta.img is none, skipping install") - else: - print("vbmeta.img is exist. Add the patch.") - if not verbatim_targets and m_patch_list: - (tf,sf) = m_patch_list - info.script.PatchCheck("%s:%s:%d:%s:%d:%s" % - (vbmetaimg_type, vbmetaimg_device, sf.size, - sf.sha1, tf.size, tf.sha1)) - vbmeta_patchinfo = (vbmetaimg_type, vbmetaimg_device, sf, tf) - common.ZipWriteStr(info.output_zip, "patch/vbmeta.img.p", output_files) - except (IOError, KeyError): - print("No multiboot/tos/vbmeta partition in iOTA Verify") - -def FullOTA_InstallEnd(info): - global verify_multiboot, verify_recovery, verify_vbmeta; - global verify_acpi, verify_acpio, verify_product; - - try: - bootloader_img = info.input_zip.read("RADIO/bootloader.img") - except KeyError: - print("no bootloader.img in target_files; skipping install") - else: - print("Add update for bootloader") - WriteBldr(info, bootloader_img) - - try: - multiboot_img = info.input_zip.read("RADIO/multiboot.img") - except (IOError, KeyError): - print("no multiboot.img in target target_files; skipping install") - else: - fstab = info.script.info.get("fstab", None) - try: - if fstab['/multiboot'].device: - print("multiboot partition exist and multiboot.img changed; adding it") - WriteMultiboot(info, multiboot_img) - verify_multiboot = need_verify - except (IOError, KeyError): - print("No multiboot partition") - - try: - tos_img = info.input_zip.read("RADIO/tos.img") - except (IOError, KeyError): - print("no tos.img in target target_files; skipping install") - else: - fstab = info.script.info.get("fstab", None) - try: - if fstab['/tos'].device: - print("tos partition exist and tos.img changed; adding it") - WriteTos(info, tos_img) - verify_multiboot = need_verify - except (IOError, KeyError): - print("No tos partition") - - try: - vbmeta_img = info.input_zip.read("IMAGES/vbmeta.img") - except (IOError, KeyError): - print("no vbmeta.img in target target_files; skipping install") - else: - fstab = info.script.info.get("fstab", None) - try: - if fstab['/vbmeta'].device: - print("vbmeta partition exist and vbmeta.img changed; adding it") - verify_vbmeta = need_verify - WriteVbmeta(info, vbmeta_img) - except (IOError, KeyError): - print("No vbmeta partition") - - try: - recovery_img = info.input_zip.read("IMAGES/recovery.img") - except (IOError, KeyError): - print("no recovery.img in target target_files; skipping install") - else: - fstab = info.script.info.get("fstab", None) - try: - if fstab['/recovery'].device: - print("recovery partition exist and recovery.img changed; adding it") - verify_recovery = need_verify - except (IOError, KeyError): - print("No recovery partition") - - try: - acpi_img = info.input_zip.read("RADIO/acpi.img") - verify_acpi = need_verify - except (IOError, KeyError): - print("no acpi.img in target target_files; skipping install") - - try: - acpio_img = info.input_zip.read("RADIO/acpio.img") - verify_acpio = need_verify - except (IOError, KeyError): - print("no acpio.img in target target_files; skipping install") - - try: - product_img = info.input_zip.read("IMAGES/product.img") - verify_product = need_verify - except (IOError, KeyError): - print("no product.img in target target_files; skipping install") - - Get_verifydata(info, info.input_tmp) - -def IncrementalOTA_InstallEnd(info): - global verify_multiboot - try: - target_bootloader_img = info.target_zip.read("RADIO/bootloader.img") - try: - source_bootloader_img = info.source_zip.read("RADIO/bootloader.img") - except KeyError: - source_bootloader_img = None - - if source_bootloader_img == target_bootloader_img: - print("bootloader.img unchanged; skipping") - else: - print("bootloader.img changed; adding it") - WriteBldr(info, target_bootloader_img) - - try: - multiboot_img = info.target_zip.read("RADIO/multiboot.img") - except (IOError, KeyError): - print("no multiboot.img in target target_files; skipping install") - else: - fstab = info.script.info.get("fstab", None) - try: - if fstab['/multiboot'].device: - print("multiboot partition exist and multiboot.img changed; adding it") - multibootimg_type, multibootimg_device, sf, tf = multiboot_patchinfo - info.script.ApplyPatch("%s:%s:%d:%s:%d:%s" % (multibootimg_type, multibootimg_device, sf.size, - sf.sha1, tf.size, tf.sha1), - "-", tf.size, tf.sha1, sf.sha1, - "patch/multiboot.img.p") - verify_multiboot = need_verify - except (IOError, KeyError): - print("No multiboot partition") - - try: - tos_img = info.target_zip.read("RADIO/tos.img") - except (IOError, KeyError): - print("no tos.img in target target_files; skipping install") - else: - fstab = info.script.info.get("fstab", None) - try: - if fstab['/tos'].device: - print("tos partition exist and tos.img changed; adding it") - tosimg_type, tosimg_device, sf, tf = tos_patchinfo - info.script.ApplyPatch("%s:%s:%d:%s:%d:%s" % (tosimg_type, tosimg_device, sf.size, - sf.sha1, tf.size, tf.sha1), - "-", tf.size, tf.sha1, sf.sha1, - "patch/tos.img.p") - verify_multiboot = need_verify - except (IOError, KeyError): - print("No tos partition") - - try: - vbmeta_img = info.target_zip.read("IMAGES/vbmeta.img") - except (IOError, KeyError): - print("no vbmeta.img in target target_files; skipping install") - else: - fstab = info.script.info.get("fstab", None) - try: - if fstab['/vbmeta'].device: - print("vbmeta partition exist and vbmeta.img changed; adding it") - vbmetaimg_type, vbmetaimg_device, sf, tf = vbmeta_patchinfo - info.script.ApplyPatch("%s:%s:%d:%s:%d:%s" % (vbmetaimg_type, vbmetaimg_device, sf.size, - sf.sha1, tf.size, tf.sha1), - "-", tf.size, tf.sha1, sf.sha1, - "patch/tos.img.p") - except (IOError, KeyError): - print("No vbmeta partition") - - Get_verifydata(info, OPTIONS.target_tmp) - except KeyError: - print("no bootloader.img in target target_files; skipping install") - diff --git a/test/unsign_boot_img.py b/test/unsign_boot_img.py deleted file mode 100755 index 550310c..0000000 --- a/test/unsign_boot_img.py +++ /dev/null @@ -1,78 +0,0 @@ -#!/usr/bin/python -# Author : Leo Sartre - -import struct -import sys - -# From bootimg.h -# -##define BOOT_MAGIC_SIZE 8 -#struct boot_img_hdr -#{ -# uint8_t magic[BOOT_MAGIC_SIZE]; -# -# uint32_t kernel_size; /* size in bytes */ -# uint32_t kernel_addr; /* physical load addr */ -# -# uint32_t ramdisk_size; /* size in bytes */ -# uint32_t ramdisk_addr; /* physical load addr */ -# -# uint32_t second_size; /* size in bytes */ -# uint32_t second_addr; /* physical load addr */ -# -# uint32_t tags_addr; /* physical addr for kernel tags */ -# uint32_t page_size; /* flash page size we assume */ -# uint32_t unused[2]; /* future expansion: should be 0 */ -# -# uint8_t name[BOOT_NAME_SIZE]; /* asciiz product name */ -# -# uint8_t cmdline[BOOT_ARGS_SIZE]; -# -# uint32_t id[8]; /* timestamp / checksum / sha1 / etc */ -# -# /* Supplemental command line data; kept here to maintain -# * binary compatibility with older versions of mkbootimg */ -# uint8_t extra_cmdline[BOOT_EXTRA_ARGS_SIZE]; -#} __attribute__((packed)); - -# We do not need to read the whole header, we only need kernel_size, -# ramdisk_size, second_size and page_size -# -# [0-7] magic[BOOT_MAGIC_SIZE] -# | [8] kernel_size -# | | [9] kernel_addr -# | | | [10] ramdisk_size -# | | | | [11] ramdisk_addr -# | | | | | [12] second_size -# | | | | | | [13] second_addr -# | | | | | | | [14] tags_addr -# | | | | | | | | [15] page_size -# | | | | | | | | | -# v v v v v v v v v -s = struct.Struct('8B I I I I I I I I') -f = open(sys.argv[1], "rb") -u = s.unpack(f.read(struct.calcsize(s.format))) -kernelSize = u[8] -ramdskSize = u[10] -secondSize = u[12] -pageSize = u[15] - -# Compute the length of the image. -# According to BootSIgnature.java -# -# int length = pageSize // include the page aligned image header -# + ((kernelSize + pageSize - 1) / pageSize) * pageSize -# + ((ramdskSize + pageSize - 1) / pageSize) * pageSize -# + ((secondSize + pageSize - 1) / pageSize) * pageSize; -# length = ((length + pageSize - 1) / pageSize) * pageSize; - -length = pageSize \ - + ((kernelSize + pageSize - 1) / pageSize) * pageSize \ - + ((ramdskSize + pageSize - 1) / pageSize) * pageSize \ - + ((secondSize + pageSize - 1) / pageSize) * pageSize -length = ((length + pageSize - 1) / pageSize) * pageSize - -# Write the unsigned image to stdout -f.seek(0, 0) -sys.stdout.write(f.read(length)) -f.close() diff --git a/test/unsign_ias_img.py b/test/unsign_ias_img.py deleted file mode 100755 index 43c990b..0000000 --- a/test/unsign_ias_img.py +++ /dev/null @@ -1,40 +0,0 @@ -#!/usr/bin/python -import struct -import sys -# #define KPI_MAGIC_PATTERN 0x2E6B7069 // ".kpi" -# From kp_image.h -# struct kpi_header // a KP image generic header: -# { -# uint32_t magic_pattern; // identifies structure (acts as valid flag) -# uint32_t image_type; // image and compression type; values TBD -# uint32_t version; // header version -# uint32_t data_length; // size of payload (data) in image -# uint32_t data_offset; // offset to payload data from header -# uint32_t uncompressed_len; // uncompresse data length -# uint32_t header_crc; // CRC-32C over entire hheader -# }; -# -# We do not need to read the whole header, we only need data_length -# data_offset -# -# [0] magic -# | [1] image_type -# | | [2] version -# | | | [3] data_length -# | | | | [4] data_offset -# | | | | | [5] uncompressed_len -# | | | | | | [6] header_crc -# | | | | | | | -# v v v v v v v -s = struct.Struct('I I I I I I I') -f = open(sys.argv[1], "rb") -u = s.unpack(f.read(struct.calcsize(s.format))) -data_len = u[3] -data_off = u[4] -crc_len = 4 - -length = data_off + data_len + crc_len -# Write the unsigned image to stdout -f.seek(0, 0) -sys.stdout.write(f.read(length)) -f.close() diff --git a/test/verify_from_ota b/test/verify_from_ota deleted file mode 100644 index c7d31ad..0000000 --- a/test/verify_from_ota +++ /dev/null @@ -1,130 +0,0 @@ -#!/usr/bin/env python -""" -Given a ota-files zipfile, connect to the device over Fastboot and verify that -the installed system exactly matches that build. - -unzip -e ota.zip -d test01 -cd test01/verify -chmod 755 fastboot -chmod 755 verify_from_ota -adb reboot fastboot //put DUT in fastboot mode -./fastboot devices //Check DUT connected with PC sucessfully -./verify_from_ota //OR python ./verify_from_ota - - -Succefully output: -Running... -Checking hashes from OTA package... -OTA reported /bootloader/loader.efi 3fcf6cff4b77baac99472e112a05cad6de9cd0d0 -OTA reported /bootloader/EFI/BOOT/bootx64.efi 3fcf6cff4b77baac99472e112a05cad6de9cd0d0 -OTA reported /bootloader/manifest.txt c3dbdc50ec44b12a66d71ae89b4d0b83e92c48a1 -OTA reported /bootloader/capsules/current.fv 3840700198d5ee662f3e3293e6784dd66f038645 -OTA reported /boot 8312a755a077bedd92b037099d56e76792029ed3 -OTA reported /recovery b7e30eb71c9daeed374467503ab3e6a8614275ea -OTA reported /system 3093d5aa36ba38ef4086011cadbb9a209e414489 -Running 'fastboot oem get-hashes '... -DUT reported /boot 8312a755a077bedd92b037099d56e76792029ed3 -/boot OK -DUT reported /recovery b7e30eb71c9daeed374467503ab3e6a8614275ea -/recovery OK -DUT reported /bootloader/EFI/BOOT/bootx64.efi 3fcf6cff4b77baac99472e112a05cad6de9cd0d0 -/bootloader/EFI/BOOT/bootx64.efi OK -DUT reported /bootloader/manifest.txt c3dbdc50ec44b12a66d71ae89b4d0b83e92c48a1 -/bootloader/manifest.txt OK -DUT reported /bootloader/capsules/current.fv 3840700198d5ee662f3e3293e6784dd66f038645 -/bootloader/capsules/current.fv OK -DUT reported /bootloader/loader.efi 3fcf6cff4b77baac99472e112a05cad6de9cd0d0 -/bootloader/loader.efi OK -DUT reported /system 3093d5aa36ba38ef4086011cadbb9a209e414489 -/system OK -All tests completed successfully - -""" - -import sys -import os -import subprocess -import re - - -_FASTBOOT = "./fastboot" - -_TARGET_LINE_PREFIX = "(bootloader) target: " -_HASH_LINE_PREFIX = "(bootloader) hash: " -_IFWI_PREFIX = "(bootloader) version: " - -def process_hashdata(data): - hashes = {} - lines = data.split("\n") - index = 0 - for i in range(len(lines)): - line = lines[i] - if not line.startswith(_TARGET_LINE_PREFIX): - continue - - target = line[len(_TARGET_LINE_PREFIX):] - i = i + 1 - line = lines[i] - if line.startswith(_IFWI_PREFIX): - hashdata = line[len(_IFWI_PREFIX):] - print "OTA reported", target, hashdata - hashes[target] = hashdata - else: - if not line.startswith(_HASH_LINE_PREFIX): - raise Exception("unexpected Fastboot output") - - hashdata = line[len(_HASH_LINE_PREFIX):] - print "OTA reported", target, hashdata - hashes[target] = hashdata - return hashes - -def process_check_fastbootdata(data, hashtgt): - rt = True - lines = data.split("\n") - index = 0 - - for i in range(len(lines)): - line = lines[i] - if not line.startswith(_TARGET_LINE_PREFIX): - continue - - target = re.sub("_a$|_b$", "", line[len(_TARGET_LINE_PREFIX):]) - i = i + 1 - line = lines[i] - if not line.startswith(_HASH_LINE_PREFIX): - raise Exception("unexpected Fastboot output") - - hashdata = line[len(_HASH_LINE_PREFIX):] - print "DUT reported", target, hashdata - if hashdata != hashtgt[target]: - print "OTA reported", target, hashtgt[target], "Failed" - rt = False - continue - else: - print target, "OK" - continue - return rt - -def main(argv): - print "Running..." - hashdicttgt = {} - #get hashdata in build - print "Checking hashes from OTA package..." - hashdata = open("hashesfromtgt.txt", "r").read() - hashdicttgt = process_hashdata(hashdata) - - print "Running 'fastboot oem get-hashes" + " " + "'..." - fastboot_data = subprocess.check_output([_FASTBOOT, "oem", "get-hashes"], stderr=subprocess.STDOUT) - success = process_check_fastbootdata(fastboot_data,hashdicttgt) - - if success: - print "All tests completed successfully" - else: - print "OTA Tests FAILED!" - sys.exit(1) - -if __name__ == '__main__': - try: - main(sys.argv[0:]) - finally: - sys.exit(1)