Reconcile with jb-mr2-release jb-mr2-zeroday-release - do not merge
Change-Id: I80cacfe6593b8595da9df2827790fc763c1a25ee
diff --git a/core/base_rules.mk b/core/base_rules.mk
index 188c352..f0a6398 100644
--- a/core/base_rules.mk
+++ b/core/base_rules.mk
@@ -529,7 +529,7 @@
ifdef LOCAL_DEX_PREOPT
installed_odex := $(basename $(LOCAL_INSTALLED_MODULE)).odex
built_odex := $(basename $(LOCAL_BUILT_MODULE)).odex
-$(installed_odex) : $(built_odex) | $(ACP)
+$(installed_odex) : $(built_odex) $(LOCAL_BUILT_MODULE) | $(ACP)
@echo "Install: $@"
$(copy-file-to-target)
diff --git a/core/build_id.mk b/core/build_id.mk
index 47f276d..ffff91e 100644
--- a/core/build_id.mk
+++ b/core/build_id.mk
@@ -1,4 +1,3 @@
-
#
# Copyright (C) 2008 The Android Open Source Project
#
@@ -14,9 +13,20 @@
# See the License for the specific language governing permissions and
# limitations under the License.
#
+
+#
+# Defines branch-specific values.
+#
+
# BUILD_ID is usually used to specify the branch name
# (like "MAIN") or a branch name and a release candidate
-# (like "CRB01"). It must be a single word, and is
+# (like "TC1-RC5"). It must be a single word, and is
# capitalized by convention.
+#
+BUILD_ID := JB_MR2
-export BUILD_ID=JWR66D
+# DISPLAY_BUILD_NUMBER should only be set for development branches,
+# If set, the BUILD_NUMBER (cl) is appended to the BUILD_ID for
+# a more descriptive BUILD_ID_DISPLAY, otherwise BUILD_ID_DISPLAY
+# is the same as BUILD_ID
+DISPLAY_BUILD_NUMBER := true
diff --git a/core/combo/TARGET_linux-arm.mk b/core/combo/TARGET_linux-arm.mk
index 371ba96..8fc39e9 100644
--- a/core/combo/TARGET_linux-arm.mk
+++ b/core/combo/TARGET_linux-arm.mk
@@ -101,7 +101,7 @@
-fstack-protector \
-Wa,--noexecstack \
-Werror=format-security \
- -D_FORTIFY_SOURCE=1 \
+ -D_FORTIFY_SOURCE=2 \
-fno-short-enums \
$(arch_variant_cflags)
diff --git a/core/combo/TARGET_linux-mips.mk b/core/combo/TARGET_linux-mips.mk
index 83fe657..c878ae5 100644
--- a/core/combo/TARGET_linux-mips.mk
+++ b/core/combo/TARGET_linux-mips.mk
@@ -89,7 +89,7 @@
-funwind-tables \
-Wa,--noexecstack \
-Werror=format-security \
- -D_FORTIFY_SOURCE=1 \
+ -D_FORTIFY_SOURCE=2 \
$(arch_variant_cflags)
android_config_h := $(call select-android-config-h,linux-mips)
diff --git a/core/combo/TARGET_linux-x86.mk b/core/combo/TARGET_linux-x86.mk
index 04531b2..5c9a76b 100644
--- a/core/combo/TARGET_linux-x86.mk
+++ b/core/combo/TARGET_linux-x86.mk
@@ -90,7 +90,7 @@
-Ulinux \
-Wa,--noexecstack \
-Werror=format-security \
- -D_FORTIFY_SOURCE=1 \
+ -D_FORTIFY_SOURCE=2 \
-Wstrict-aliasing=2 \
-fPIC -fPIE \
-ffunction-sections \
diff --git a/core/combo/arch/mips/mips32r2-fp-xburst.mk b/core/combo/arch/mips/mips32r2-fp-xburst.mk
new file mode 100644
index 0000000..3768226
--- /dev/null
+++ b/core/combo/arch/mips/mips32r2-fp-xburst.mk
@@ -0,0 +1,17 @@
+# Configuration for Android on Ingenic xb4780/Xburst MIPS CPU.
+# Generating binaries for MIPS32R2/hard-float/little-endian without
+# support for the Madd family of instructions.
+
+ARCH_MIPS_HAS_FPU :=true
+ARCH_HAVE_ALIGNED_DOUBLES :=true
+arch_variant_cflags := \
+ -EL \
+ -march=mips32r2 \
+ -mtune=mips32r2 \
+ -mips32r2 \
+ -mhard-float \
+ -msynci \
+ -mno-fused-madd
+
+arch_variant_ldflags := \
+ -EL
diff --git a/core/dex_preopt.mk b/core/dex_preopt.mk
index 82dd153..0c9904a 100644
--- a/core/dex_preopt.mk
+++ b/core/dex_preopt.mk
@@ -4,7 +4,7 @@
####################################
# TODO: replace it with device's BOOTCLASSPATH
-DEXPREOPT_BOOT_JARS := core:core-junit:bouncycastle:ext:framework:telephony-common:voip-common:mms-common:android.policy:services:apache-xml
+DEXPREOPT_BOOT_JARS := core:conscrypt:okhttp:core-junit:bouncycastle:ext:framework:telephony-common:voip-common:mms-common:android.policy:services:apache-xml
DEXPREOPT_BOOT_JARS_MODULES := $(subst :, ,$(DEXPREOPT_BOOT_JARS))
DEXPREOPT_BUILD_DIR := $(OUT_DIR)
diff --git a/core/llvm_config.mk b/core/llvm_config.mk
index c4b4af4..18e689e 100644
--- a/core/llvm_config.mk
+++ b/core/llvm_config.mk
@@ -64,7 +64,8 @@
-mtune=mips32r2 \
-march=mips32 \
-mtune=mips32 \
- -msynci
+ -msynci \
+ -mno-fused-madd
endif
ifeq ($(TARGET_ARCH),x86)
RS_TRIPLE := i686-unknown-linux
diff --git a/core/tasks/cts.mk b/core/tasks/cts.mk
index 5b041d6..9154f32 100644
--- a/core/tasks/cts.mk
+++ b/core/tasks/cts.mk
@@ -81,13 +81,15 @@
endef
CORE_INTERMEDIATES :=$(call intermediates-dir-for,JAVA_LIBRARIES,core,,COMMON)
+CONSCRYPT_INTERMEDIATES :=$(call intermediates-dir-for,JAVA_LIBRARIES,conscrypt,,COMMON)
BOUNCYCASTLE_INTERMEDIATES :=$(call intermediates-dir-for,JAVA_LIBRARIES,bouncycastle,,COMMON)
APACHEXML_INTERMEDIATES :=$(call intermediates-dir-for,JAVA_LIBRARIES,apache-xml,,COMMON)
+OKHTTP_INTERMEDIATES :=$(call intermediates-dir-for,JAVA_LIBRARIES,okhttp,,COMMON)
SQLITEJDBC_INTERMEDIATES :=$(call intermediates-dir-for,JAVA_LIBRARIES,sqlite-jdbc,,COMMON)
JUNIT_INTERMEDIATES :=$(call intermediates-dir-for,JAVA_LIBRARIES,core-junit,,COMMON)
CORETESTS_INTERMEDIATES :=$(call intermediates-dir-for,JAVA_LIBRARIES,core-tests,,COMMON)
-GEN_CLASSPATH := $(CORE_INTERMEDIATES)/classes.jar:$(BOUNCYCASTLE_INTERMEDIATES)/classes.jar:$(APACHEXML_INTERMEDIATES)/classes.jar:$(JUNIT_INTERMEDIATES)/classes.jar:$(SQLITEJDBC_INTERMEDIATES)/javalib.jar:$(CORETESTS_INTERMEDIATES)/javalib.jar
+GEN_CLASSPATH := $(CORE_INTERMEDIATES)/classes.jar:$(CONSCRYPT_INTERMEDIATES)/classes.jar:$(BOUNCYCASTLE_INTERMEDIATES)/classes.jar:$(APACHEXML_INTERMEDIATES)/classes.jar:$(OKHTTP_INTERMEDIATES)/classes.jar:$(JUNIT_INTERMEDIATES)/classes.jar:$(SQLITEJDBC_INTERMEDIATES)/javalib.jar:$(CORETESTS_INTERMEDIATES)/javalib.jar
CTS_CORE_XMLS := \
$(CTS_TESTCASES_OUT)/android.core.tests.libcore.package.dalvik.xml \
@@ -103,7 +105,7 @@
# build system requires that dependencies use javalib.jar. If
# javalib.jar is up-to-date, then classes.jar is as well. Depending
# on classes.jar will build the files incorrectly.
-$(CTS_CORE_XMLS): $(CTS_CORE_CASES) $(HOST_OUT_JAVA_LIBRARIES)/descGen.jar $(CORE_INTERMEDIATES)/javalib.jar $(BOUNCYCASTLE_INTERMEDIATES)/javalib.jar $(APACHEXML_INTERMEDIATES)/javalib.jar $(SQLITEJDBC_INTERMEDIATES)/javalib.jar $(JUNIT_INTERMEDIATES)/javalib.jar $(CORETESTS_INTERMEDIATES)/javalib.jar | $(ACP)
+$(CTS_CORE_XMLS): $(CTS_CORE_CASES) $(HOST_OUT_JAVA_LIBRARIES)/descGen.jar $(CORE_INTERMEDIATES)/javalib.jar $(BOUNCYCASTLE_INTERMEDIATES)/javalib.jar $(APACHEXML_INTERMEDIATES)/javalib.jar $(OKHTTP_INTERMEDIATES)/javalib.jar $(SQLITEJDBC_INTERMEDIATES)/javalib.jar $(JUNIT_INTERMEDIATES)/javalib.jar $(CORETESTS_INTERMEDIATES)/javalib.jar | $(ACP)
$(hide) mkdir -p $(CTS_TESTCASES_OUT)
$(call generate-core-test-description,$(CTS_TESTCASES_OUT)/android.core.tests.libcore.package.dalvik,\
cts/tests/core/libcore/dalvik/AndroidManifest.xml,\
diff --git a/core/version_defaults.mk b/core/version_defaults.mk
index 5812da0..b9e1456 100644
--- a/core/version_defaults.mk
+++ b/core/version_defaults.mk
@@ -41,7 +41,7 @@
# which is the version that we reveal to the end user.
# Update this value when the platform version changes (rather
# than overriding it somewhere else). Can be an arbitrary string.
- PLATFORM_VERSION := 4.3
+ PLATFORM_VERSION := 4.3.2.1.000.000
endif
ifeq "" "$(PLATFORM_SDK_VERSION)"
diff --git a/target/product/core.mk b/target/product/core.mk
index 0e7aad6..5285ba8 100644
--- a/target/product/core.mk
+++ b/target/product/core.mk
@@ -72,6 +72,7 @@
libwebrtc_audio_preprocessing \
mdnsd \
mms-common \
+ okhttp \
requestsync \
telephony-common \
voip-common
@@ -81,7 +82,9 @@
PRODUCT_PACKAGES += \
apache-xml-hostdex \
bouncycastle-hostdex \
+ conscrypt-hostdex \
core-hostdex \
+ okhttp-hostdex \
libcrypto \
libexpat \
libicui18n \
diff --git a/target/product/core_minimal.mk b/target/product/core_minimal.mk
index 96a8592..4f4623c 100644
--- a/target/product/core_minimal.mk
+++ b/target/product/core_minimal.mk
@@ -38,6 +38,7 @@
cacerts \
com.android.location.provider \
com.android.location.provider.xml \
+ conscrypt \
core \
core-junit \
dalvikvm \
diff --git a/target/product/mini.mk b/target/product/mini.mk
index 751b481..a1f6317 100644
--- a/target/product/mini.mk
+++ b/target/product/mini.mk
@@ -72,6 +72,7 @@
cacerts \
com.android.location.provider \
com.android.location.provider.xml \
+ conscrypt \
core \
core-junit \
dalvikvm \
@@ -144,6 +145,7 @@
libz \
mdnsd \
network \
+ okhttp \
pand \
requestsync \
screencap \
diff --git a/tools/droiddoc/templates-sac/assets/css/default.css b/tools/droiddoc/templates-sac/assets/css/default.css
index 1ce78fe..11bba80 100644
--- a/tools/droiddoc/templates-sac/assets/css/default.css
+++ b/tools/droiddoc/templates-sac/assets/css/default.css
@@ -1160,6 +1160,53 @@
tr:first-of-type th:first-of-type:empty {
visibility: hidden;
}
+
+/* opcodes table */
+
+table.instruc td:first-child {
+ width: 12%;
+}
+
+table.instruc td:first-child + td {
+ width: 23%;
+}
+
+table.instruc td:first-child + td + td {
+ width: 28%;
+}
+
+table.instruc td:first-child + td + td + td {
+ width: 37%;
+}
+
+/* supplemental opcode format table */
+
+table.supplement td:first-child {
+ width: 20%;
+}
+
+table.supplement td:first-child + td {
+ width: 20%;
+}
+
+table.supplement td:first-child + td + td {
+ width: 60%;
+}
+
+/* math details table */
+
+table.math td:first-child {
+ width: 10%;
+}
+
+table.math td:first-child + td {
+ width: 30%;
+}
+
+table.math td:first-child + td + td {
+ width: 60%;
+}
+
/* --------------------------------------------------------------------------
Footer
*/
diff --git a/tools/releasetools/common.py b/tools/releasetools/common.py
index 263ae11..58582ba 100644
--- a/tools/releasetools/common.py
+++ b/tools/releasetools/common.py
@@ -20,6 +20,7 @@
import os
import platform
import re
+import shlex
import shutil
import subprocess
import sys
@@ -40,6 +41,11 @@
class Options(object): pass
OPTIONS = Options()
OPTIONS.search_path = "out/host/linux-x86"
+OPTIONS.signapk_path = "framework/signapk.jar" # Relative to search_path
+OPTIONS.extra_signapk_args = []
+OPTIONS.java_path = "java" # Use the one on the path by default.
+OPTIONS.public_key_suffix = ".x509.pem"
+OPTIONS.private_key_suffix = ".pk8"
OPTIONS.verbose = False
OPTIONS.tempfiles = []
OPTIONS.device_specific = None
@@ -379,6 +385,7 @@
no_passwords = []
need_passwords = []
+ key_passwords = {}
devnull = open("/dev/null", "w+b")
for k in sorted(keylist):
# We don't need a password for things that aren't really keys.
@@ -386,19 +393,36 @@
no_passwords.append(k)
continue
- p = Run(["openssl", "pkcs8", "-in", k+".pk8",
+ p = Run(["openssl", "pkcs8", "-in", k+OPTIONS.private_key_suffix,
"-inform", "DER", "-nocrypt"],
stdin=devnull.fileno(),
stdout=devnull.fileno(),
stderr=subprocess.STDOUT)
p.communicate()
if p.returncode == 0:
+ # Definitely an unencrypted key.
no_passwords.append(k)
else:
- need_passwords.append(k)
+ p = Run(["openssl", "pkcs8", "-in", k+OPTIONS.private_key_suffix,
+ "-inform", "DER", "-passin", "pass:"],
+ stdin=devnull.fileno(),
+ stdout=devnull.fileno(),
+ stderr=subprocess.PIPE)
+ stdout, stderr = p.communicate()
+ if p.returncode == 0:
+ # Encrypted key with empty string as password.
+ key_passwords[k] = ''
+ elif stderr.startswith('Error decrypting key'):
+ # Definitely encrypted key.
+ # It would have said "Error reading key" if it didn't parse correctly.
+ need_passwords.append(k)
+ else:
+ # Potentially, a type of key that openssl doesn't understand.
+ # We'll let the routines in signapk.jar handle it.
+ no_passwords.append(k)
devnull.close()
- key_passwords = PasswordManager().GetPasswords(need_passwords)
+ key_passwords.update(PasswordManager().GetPasswords(need_passwords))
key_passwords.update(dict.fromkeys(no_passwords, None))
return key_passwords
@@ -426,11 +450,13 @@
else:
sign_name = output_name
- cmd = ["java", "-Xmx2048m", "-jar",
- os.path.join(OPTIONS.search_path, "framework", "signapk.jar")]
+ cmd = [OPTIONS.java_path, "-Xmx2048m", "-jar",
+ os.path.join(OPTIONS.search_path, OPTIONS.signapk_path)]
+ cmd.extend(OPTIONS.extra_signapk_args)
if whole_file:
cmd.append("-w")
- cmd.extend([key + ".x509.pem", key + ".pk8",
+ cmd.extend([key + OPTIONS.public_key_suffix,
+ key + OPTIONS.private_key_suffix,
input_name, sign_name])
p = Run(cmd, stdin=subprocess.PIPE, stdout=subprocess.PIPE)
@@ -494,12 +520,14 @@
r'private_key="(.*)"$', line)
if m:
name, cert, privkey = m.groups()
+ public_key_suffix_len = len(OPTIONS.public_key_suffix)
+ private_key_suffix_len = len(OPTIONS.private_key_suffix)
if cert in SPECIAL_CERT_STRINGS and not privkey:
certmap[name] = cert
- elif (cert.endswith(".x509.pem") and
- privkey.endswith(".pk8") and
- cert[:-9] == privkey[:-4]):
- certmap[name] = cert[:-9]
+ elif (cert.endswith(OPTIONS.public_key_suffix) and
+ privkey.endswith(OPTIONS.private_key_suffix) and
+ cert[:-public_key_suffix_len] == privkey[:-private_key_suffix_len]):
+ certmap[name] = cert[:-public_key_suffix_len]
else:
raise ValueError("failed to parse line from apkcerts.txt:\n" + line)
return certmap
@@ -543,8 +571,10 @@
try:
opts, args = getopt.getopt(
argv, "hvp:s:x:" + extra_opts,
- ["help", "verbose", "path=", "device_specific=", "extra="] +
- list(extra_long_opts))
+ ["help", "verbose", "path=", "signapk_path=", "extra_signapk_args=",
+ "java_path=", "public_key_suffix=", "private_key_suffix=",
+ "device_specific=", "extra="] +
+ list(extra_long_opts))
except getopt.GetoptError, err:
Usage(docstring)
print "**", str(err), "**"
@@ -560,6 +590,16 @@
OPTIONS.verbose = True
elif o in ("-p", "--path"):
OPTIONS.search_path = a
+ elif o in ("--signapk_path",):
+ OPTIONS.signapk_path = a
+ elif o in ("--extra_signapk_args",):
+ OPTIONS.extra_signapk_args = shlex.split(a)
+ elif o in ("--java_path",):
+ OPTIONS.java_path = a
+ elif o in ("--public_key_suffix",):
+ OPTIONS.public_key_suffix = a
+ elif o in ("--private_key_suffix",):
+ OPTIONS.private_key_suffix = a
elif o in ("-s", "--device_specific"):
OPTIONS.device_specific = a
elif o in ("-x", "--extra"):
diff --git a/tools/releasetools/sign_target_files_apks b/tools/releasetools/sign_target_files_apks
index eaad8a4..9fb1008 100755
--- a/tools/releasetools/sign_target_files_apks
+++ b/tools/releasetools/sign_target_files_apks
@@ -208,7 +208,7 @@
try:
keylist = input_tf_zip.read("META/otakeys.txt").split()
except KeyError:
- raise ExternalError("can't read META/otakeys.txt from input")
+ raise common.ExternalError("can't read META/otakeys.txt from input")
extra_recovery_keys = misc_info.get("extra_recovery_keys", None)
if extra_recovery_keys:
@@ -223,7 +223,7 @@
for k in keylist:
m = re.match(r"^(.*)\.x509\.pem$", k)
if not m:
- raise ExternalError("can't parse \"%s\" from META/otakeys.txt" % (k,))
+ raise common.ExternalError("can't parse \"%s\" from META/otakeys.txt" % (k,))
k = m.group(1)
mapped_keys.append(OPTIONS.key_map.get(k, k) + ".x509.pem")
@@ -247,7 +247,7 @@
stdout=subprocess.PIPE)
data, _ = p.communicate()
if p.returncode != 0:
- raise ExternalError("failed to run dumpkeys")
+ raise common.ExternalError("failed to run dumpkeys")
common.ZipWriteStr(output_tf_zip, "RECOVERY/RAMDISK/res/keys", data)
# SystemUpdateActivity uses the x509.pem version of the keys, but