Gitiles
Code Review Sign In
review.shift-gmbh.com / SHIFTPHONES / android_build / 02a0859b3caf280efc37219798c1e234dce8ff47
commit02a0859b3caf280efc37219798c1e234dce8ff47[log] [tgz]
authorTao Bao <tbao@google.com>Sun Jul 22 12:40:45 2018 -0700
committerTao Bao <tbao@google.com>Mon Jul 23 15:20:14 2018 -0700
tree3e894a08ceece1b119098ee17e9117175d33c5f4
parent540a71d2b367f9307107882134f7bbb3ba7b1328 [diff]
releasetools: Support verifying AVB signed images with chained partitions.

For example, verify a target_files.zip that has system AVB-signed as a
chained partition.

  $ build/make/tools/releasetools/validate_target_files.py \
      signed-target_files-4904652.zip \
      --verity_key verifiedboot_pub.pem \
      --avb_system_key_path system_pub.pem

Note that verifiedboot_pub.pem should be the key (either public or
private) to verify vbmeta.img, and 'system_pub.pem' should be the key
(either public or private) for the chained partition of system.

testdata/testkey.key is the private key converted from
testdata/testkey.pk8 for testing purpose (`openssl pkcs8 -in
testdata/testkey.pk8 -inform DER -out testdata/testkey.key -nocrypt`).

Bug: 63706333
Test: python -m unittest test_common
Test: python -m unittest test_add_img_to_target_files
Test: `m dist` on aosp_walleye-userdebug; Run validate_target_files.py
      on the generated target_files.zip.
Test: Set up walleye with chained system partition; `m dist`; Run
      validate_target_files.py on the generated target_files.zip.
Change-Id: I38517ab39baf8a5bc1a6062fab2fe229b68e897d
5 files changed
tree: 3e894a08ceece1b119098ee17e9117175d33c5f4
  1. core/
  2. target/
  3. tests/
  4. tools/
  5. .gitignore
  6. Android.mk
  7. buildspec.mk.default
  8. Changes.md
  9. CleanSpec.mk
  10. envsetup.sh
  11. help.sh
  12. navbar.md
  13. OWNERS
  14. README.md
  15. tapasHelp.sh
  16. Usage.txt
README.md

Android Make Build System

This is the Makefile-based portion of the Android Build System.

For documentation on how to run a build, see Usage.txt

For a list of behavioral changes useful for Android.mk writers see Changes.md

For an outdated reference on Android.mk files, see build-system.html. Our Android.mk files look similar, but are entirely different from the Android.mk files used by the NDK build system. When searching for documentation elsewhere, ensure that it is for the platform build system -- most are not.

This Makefile-based system is in the process of being replaced with Soong, a new build system written in Go. During the transition, all of these makefiles are read by Kati, and generate a ninja file instead of being executed directly. That's combined with a ninja file read by Soong so that the build graph of the two systems can be combined and run as one.