Always bundle the public key for APEX (42cca6c9) · Commits · e / os / android_build_soong

apex/apex.go

+14 −14

Original line number	Diff line number	Diff line
		@@ -398,7 +398,6 @@ type apexBundle struct {

		public_key_file android.Path
		private_key_file android.Path
		bundle_public_key bool

		container_certificate_file android.Path
		container_private_key_file android.Path
		@@ -746,10 +745,6 @@ func (a *apexBundle) GenerateAndroidBuildActions(ctx android.ModuleContext) {
		if key, ok := child.(*apexKey); ok {
		a.private_key_file = key.private_key_file
		a.public_key_file = key.public_key_file
		// If the key is not installed, bundled it with the APEX.
		// Note: this bundled key is valid only for non-production builds
		// (eng/userdebug).
		a.bundle_public_key = !key.installable() && ctx.Config().Debuggable()
		return false
		} else {
		ctx.PropertyErrorf("key", "%q is not an apex_key module", depName)
		@@ -968,11 +963,8 @@ func (a *apexBundle) buildUnflattenedApex(ctx android.ModuleContext, apexType ap
		optFlags := []string{}

		// Additional implicit inputs.
		implicitInputs = append(implicitInputs, cannedFsConfig, fileContexts, a.private_key_file)
		if a.bundle_public_key {
		implicitInputs = append(implicitInputs, a.public_key_file)
		implicitInputs = append(implicitInputs, cannedFsConfig, fileContexts, a.private_key_file, a.public_key_file)
		optFlags = append(optFlags, "--pubkey "+a.public_key_file.String())
		}

		manifestPackageName, overridden := ctx.DeviceConfig().OverrideManifestPackageNameFor(ctx.ModuleName())
		if overridden {
		@@ -1057,7 +1049,7 @@ func (a *apexBundle) buildUnflattenedApex(ctx android.ModuleContext, apexType ap

		func (a *apexBundle) buildFlattenedApex(ctx android.ModuleContext) {
		if a.installable() {
		// For flattened APEX, do nothing but make sure that apex_manifest.json file is also copied along
		// For flattened APEX, do nothing but make sure that apex_manifest.json and apex_pubkey are also copied along
		// with other ordinary files.
		manifest := android.PathForModuleSrc(ctx, proptools.StringDefault(a.properties.Manifest, "apex_manifest.json"))

		@@ -1070,6 +1062,15 @@ func (a *apexBundle) buildFlattenedApex(ctx android.ModuleContext) {
		})
		a.filesInfo = append(a.filesInfo, apexFile{copiedManifest, ctx.ModuleName() + ".apex_manifest.json", ".", etc, nil, nil})

		// rename to apex_pubkey
		copiedPubkey := android.PathForModuleOut(ctx, "apex_pubkey")
		ctx.Build(pctx, android.BuildParams{
		Rule: android.Cp,
		Input: a.public_key_file,
		Output: copiedPubkey,
		})
		a.filesInfo = append(a.filesInfo, apexFile{copiedPubkey, ctx.ModuleName() + ".apex_pubkey", ".", etc, nil, nil})

		if ctx.Config().FlattenApex() {
		for _, fi := range a.filesInfo {
		dir := filepath.Join("apex", ctx.ModuleName(), fi.installDir)
		@@ -1215,7 +1216,6 @@ func (a *apexBundle) androidMkForType(apexType apexPackaging) android.AndroidMkD
		fmt.Fprintln(w, "LOCAL_MODULE_PATH :=", filepath.Join("$(OUT_DIR)", a.installDir.RelPathString()))
		fmt.Fprintln(w, "LOCAL_MODULE_STEM :=", name+apexType.suffix())
		fmt.Fprintln(w, "LOCAL_UNINSTALLABLE_MODULE :=", !a.installable())
		fmt.Fprintln(w, "LOCAL_REQUIRED_MODULES :=", String(a.properties.Key))
		if a.installable() && a.mergedNoticeFile != nil {
		fmt.Fprintln(w, "LOCAL_NOTICE_FILE :=", a.mergedNoticeFile.String())
		}

apex/apex_test.go

+4 −8

Original line number	Diff line number	Diff line
		@@ -299,6 +299,10 @@ func TestBasicApex(t *testing.T) {
		`)

		apexRule := ctx.ModuleForTests("myapex", "android_common_myapex").Rule("apexRule")

		optFlags := apexRule.Args["opt_flags"]
		ensureContains(t, optFlags, "--pubkey vendor/foo/devkeys/testkey.avbpubkey")

		copyCmds := apexRule.Args["copy_commands"]

		// Ensure that main rule creates an output
		@@ -1197,14 +1201,6 @@ func TestApexInProductPartition(t *testing.T) {
		if actual != expected {
		t.Errorf("wrong install path. expected %q. actual %q", expected, actual)
		}

		apex_key := ctx.ModuleForTests("myapex.key", "android_common").Module().(*apexKey)
		expected = "target/product/test_device/product/etc/security/apex"
		actual = apex_key.installDir.RelPathString()
		if actual != expected {
		t.Errorf("wrong install path. expected %q. actual %q", expected, actual)
		}

		}

		func TestApexKeyFromOtherModule(t *testing.T) {

apex/key.go

+1 −23

Original line number	Diff line number	Diff line
		@@ -16,8 +16,6 @@ package apex

		import (
		"fmt"
		"io"
		"path/filepath"
		"strings"

		"android/soong/android"
		@@ -39,7 +37,6 @@ type apexKey struct {

		public_key_file android.Path
		private_key_file android.Path
		installDir android.OutputPath

		keyName string
		}
		@@ -64,7 +61,7 @@ func apexKeyFactory() android.Module {
		}

		func (m *apexKey) installable() bool {
		return m.properties.Installable == nil \|\| proptools.Bool(m.properties.Installable)
		return false
		}

		func (m *apexKey) GenerateAndroidBuildActions(ctx android.ModuleContext) {
		@@ -99,25 +96,6 @@ func (m *apexKey) GenerateAndroidBuildActions(ctx android.ModuleContext) {
		return
		}
		m.keyName = pubKeyName

		m.installDir = android.PathForModuleInstall(ctx, "etc/security/apex")
		if m.installable() {
		ctx.InstallFile(m.installDir, m.keyName, m.public_key_file)
		}
		}

		func (m *apexKey) AndroidMk() android.AndroidMkData {
		return android.AndroidMkData{
		Class: "ETC",
		OutputFile: android.OptionalPathForPath(m.public_key_file),
		Extra: []android.AndroidMkExtraFunc{
		func(w io.Writer, outputFile android.Path) {
		fmt.Fprintln(w, "LOCAL_MODULE_PATH :=", filepath.Join("$(OUT_DIR)", m.installDir.RelPathString()))
		fmt.Fprintln(w, "LOCAL_INSTALLED_MODULE_STEM :=", m.keyName)
		fmt.Fprintln(w, "LOCAL_UNINSTALLABLE_MODULE :=", !m.installable())
		},
		},
		}
		}

		////////////////////////////////////////////////////////////////////////