| #!/usr/bin/env python3 |
| import argparse |
| import os |
| |
| from bulletin import SecurityBulletin |
| from manifest import AndroidManifest |
| from utility import exec_command |
| |
| |
| args = None |
| |
| |
| def make_arg_parser(): |
| parser = argparse.ArgumentParser( |
| description="Apply or check for security bulletins." |
| ) |
| parser.add_argument( |
| "--aosp-root", |
| required=True, |
| type=str, |
| help="Path to AOSP root directory", |
| ) |
| parser.add_argument( |
| "--zipfile", |
| required=True, |
| type=str, |
| help="Path to Security Bulletin zipfile", |
| ) |
| parser.add_argument( |
| "--apply-to-branch", |
| type=str, |
| help="Branch to apply patches to, if this option is set patches will " |
| "be applied to this branch. Not setting this effectively results in a " |
| "dry run. No changes will be made in the tree.\n" |
| "WARNING: The branch set here will be abandoned if it already exists " |
| "and --skip-abandon is not set.", |
| ) |
| parser.add_argument( |
| "--use-a-number", |
| action="store_true", |
| help="Display A-number instead of patch path", |
| ) |
| parser.add_argument( |
| "--display-all", |
| action="store_true", |
| help="Display both the A-number and the patch path", |
| ) |
| parser.add_argument( |
| "--cleanup-after", |
| action="store_true", |
| help="Abandon the branch selected in --apply-to-branch after bullseye " |
| "is done. This implies --skip-amend.", |
| ) |
| parser.add_argument( |
| "--skip-amend", action="store_true", help="Skip amend step" |
| ) |
| parser.add_argument( |
| "--skip-abandon", |
| action="store_true", |
| help="Skip the default behavior of abandoning and recreating the " |
| "target repo branch before applying any patches.", |
| ) |
| parser.add_argument( |
| "--skip-patches", action="store_true", help="Skip the bulletin patches" |
| ) |
| parser.add_argument( |
| "--skip-snippets", |
| action="store_true", |
| help="Skip the bulletin code snippets (kernel)", |
| ) |
| parser.add_argument( |
| "--quiet", |
| action="store_true", |
| help="Be a bit quieter. (Suppress git output)", |
| ) |
| parser.add_argument( |
| "--use-old-format", |
| action="store_true", |
| help="Use old ZIPfile format. Equivalent to `--ignore-n-leading 2`.", |
| ) |
| parser.add_argument( |
| "--ignore-n-leading", |
| type=int, |
| default=3, |
| help="Number of leading slashes to ignore from path of patches in ZIP " |
| "file. Default: 3.", |
| ) |
| parser.add_argument( |
| "--version", default="7.1.2", help="Android version (e.g. 7.1.2)." |
| ) |
| return parser |
| |
| |
| def rollback(): |
| print("Abandoning repo branch {}".format(args.apply_to_branch)) |
| exec_command( |
| "( cd {root} && repo abandon {branch_name})".format( |
| root=args.aosp_root, branch_name=args.apply_to_branch |
| ), |
| args.quiet, |
| ) |
| |
| |
| if __name__ == "__main__": |
| parser = make_arg_parser() |
| args = parser.parse_args() |
| if not args.apply_to_branch: |
| print( |
| "INFO: This is a dry run, because --apply-to-branch is not " |
| "specified." |
| ) |
| if args.cleanup_after: |
| print( |
| "WARNING: Argument --cleanup-after will be ignored, because" |
| "--apply-to-branch is not specified." |
| ) |
| |
| manifest = AndroidManifest( |
| os.path.join(args.aosp_root, ".repo", "manifest.xml") |
| ) |
| if args.apply_to_branch is not None and not args.skip_abandon: |
| rollback() |
| |
| bulletin = SecurityBulletin(args, manifest) |
| bulletin.apply() |
| |
| if args.cleanup_after and args.apply_to_branch: |
| print("Abandoning the target branch as requested.") |
| rollback() |