Google Git
Sign in
android / platform / build / 44fb3619d1
commit44fb3619d1960d8ed76283a64790fc4fb853e3df[log] [tgz]
authorYi-Yo Chiang <yochiang@google.com>Sat Jan 08 22:19:20 2022 +0800
committerYi-Yo Chiang <yochiang@google.com>Tue Jan 11 15:14:38 2022 +0800
tree3539054e72e4a56c8987971e890cb0066d9fadb5
parent27a309f62770b25b0bc604e51c3fe10f94dd5197 [diff]
Android T GKI certification scheme

New scheme is to certify kernel & ramdisk image separately, and
effectively decouple kernel & user space ramdisk image.

Under the new scheme, the --os_version and --os_patch_level boot header
field must be empty in order to maintain consistency.
Instead, these values must be in the vbmeta hash descriptor and
GKI certificate.

The new scheme also validates the image metadata, including the security
patch level.

The 'generic_kernel' certificate is associated with the 'boot' partition
and 'generic_ramdisk' certificate with 'init_boot' partition.

The 'generic_ramdisk' certificate may be packed into the 'boot' image if
product configuration doesn't have 'init_boot' image, this is only for
testing purposes and would be removed eventually.

Bug: 210367929
Bug: 211741246
Bug: 203698939
Test: unpack_bootimg --boot_img boot.img
Test: unpack_bootimg --boot_img init_boot.img
Test: avbtool info_image --image out/boot_signature
Change-Id: Iaf48a6e3d4b97fa6bfb5e1635a288b045baa248f
2 files changed
tree: 3539054e72e4a56c8987971e890cb0066d9fadb5
  1. common/
  2. core/
  3. packaging/
  4. target/
  5. tests/
  6. tools/
  7. .gitignore
  8. Android.bp
  9. banchanHelp.sh
  10. buildspec.mk.default
  11. Changes.md
  12. CleanSpec.mk
  13. Deprecation.md
  14. envsetup.sh
  15. help.sh
  16. METADATA
  17. navbar.md
  18. OWNERS
  19. PREUPLOAD.cfg
  20. rbesetup.sh
  21. README.md
  22. tapasHelp.sh
  23. Usage.txt
README.md

Android Make Build System

This is the Makefile-based portion of the Android Build System.

For documentation on how to run a build, see Usage.txt

For a list of behavioral changes useful for Android.mk writers see Changes.md

For an outdated reference on Android.mk files, see build-system.html. Our Android.mk files look similar, but are entirely different from the Android.mk files used by the NDK build system. When searching for documentation elsewhere, ensure that it is for the platform build system -- most are not.

This Makefile-based system is in the process of being replaced with Soong, a new build system written in Go. During the transition, all of these makefiles are read by Kati, and generate a ninja file instead of being executed directly. That's combined with a ninja file read by Soong so that the build graph of the two systems can be combined and run as one.