#!/usr/bin/env python
|
#
|
# Copyright (C) 2018 The Android Open Source Project
|
#
|
# Licensed under the Apache License, Version 2.0 (the "License");
|
# you may not use this file except in compliance with the License.
|
# You may obtain a copy of the License at
|
#
|
# http://www.apache.org/licenses/LICENSE-2.0
|
#
|
# Unless required by applicable law or agreed to in writing, software
|
# distributed under the License is distributed on an "AS IS" BASIS,
|
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
# See the License for the specific language governing permissions and
|
# limitations under the License.
|
|
"""
|
apexer is a command line tool for creating an APEX file, a package format
|
for system components.
|
|
Typical usage: apexer input_dir output.apex
|
|
"""
|
|
import argparse
|
import hashlib
|
import os
|
import re
|
import shutil
|
import subprocess
|
import sys
|
import tempfile
|
import uuid
|
import xml.etree.ElementTree as ET
|
from apex_manifest import ValidateApexManifest
|
from apex_manifest import ApexManifestError
|
|
tool_path_list = None
|
BLOCK_SIZE = 4096
|
|
def ParseArgs(argv):
|
parser = argparse.ArgumentParser(description='Create an APEX file')
|
parser.add_argument('-f', '--force', action='store_true',
|
help='force overwriting output')
|
parser.add_argument('-v', '--verbose', action='store_true',
|
help='verbose execution')
|
parser.add_argument('--manifest', default='apex_manifest.json',
|
help='path to the APEX manifest file')
|
parser.add_argument('--android_manifest',
|
help='path to the AndroidManifest file. If omitted, a default one is created and used')
|
parser.add_argument('--assets_dir',
|
help='an assets directory to be included in the APEX')
|
parser.add_argument('--file_contexts',
|
help='selinux file contexts file. Required for "image" APEXs.')
|
parser.add_argument('--canned_fs_config',
|
help='canned_fs_config specifies uid/gid/mode of files. Required for ' +
|
'"image" APEXS.')
|
parser.add_argument('--key',
|
help='path to the private key file. Required for "image" APEXs.')
|
parser.add_argument('--pubkey',
|
help='path to the public key file. Used to bundle the public key in APEX for testing.')
|
parser.add_argument('input_dir', metavar='INPUT_DIR',
|
help='the directory having files to be packaged')
|
parser.add_argument('output', metavar='OUTPUT',
|
help='name of the APEX file')
|
parser.add_argument('--payload_type', metavar='TYPE', required=False, default="image",
|
choices=["zip", "image"],
|
help='type of APEX payload being built "zip" or "image"')
|
parser.add_argument('--override_apk_package_name', required=False,
|
help='package name of the APK container. Default is the apex name in --manifest.')
|
parser.add_argument('--android_jar_path', required=False,
|
default="prebuilts/sdk/current/public/android.jar",
|
help='path to use as the source of the android API.')
|
apexer_path_in_environ = "APEXER_TOOL_PATH" in os.environ
|
parser.add_argument('--apexer_tool_path', required=not apexer_path_in_environ,
|
default=os.environ['APEXER_TOOL_PATH'].split(":") if apexer_path_in_environ else None,
|
type=lambda s: s.split(":"),
|
help="""A list of directories containing all the tools used by apexer (e.g.
|
mke2fs, avbtool, etc.) separated by ':'. Can also be set using the
|
APEXER_TOOL_PATH environment variable""")
|
parser.add_argument('--target_sdk_version', required=False,
|
help='Default target SDK version to use for AndroidManifest.xml')
|
return parser.parse_args(argv)
|
|
def FindBinaryPath(binary):
|
for path in tool_path_list:
|
binary_path = os.path.join(path, binary)
|
if os.path.exists(binary_path):
|
return binary_path
|
raise Exception("Failed to find binary " + binary + " in path " + ":".join(tool_path_list))
|
|
def RunCommand(cmd, verbose=False, env=None):
|
env = env or {}
|
env.update(os.environ.copy())
|
|
cmd[0] = FindBinaryPath(cmd[0])
|
|
if verbose:
|
print("Running: " + " ".join(cmd))
|
p = subprocess.Popen(
|
cmd, stdout=subprocess.PIPE, stderr=subprocess.STDOUT, env=env)
|
output, _ = p.communicate()
|
|
if verbose or p.returncode is not 0:
|
print(output.rstrip())
|
|
assert p.returncode is 0, "Failed to execute: " + " ".join(cmd)
|
|
return (output, p.returncode)
|
|
def GetDirSize(dir_name):
|
size = 0
|
for dirpath, _, filenames in os.walk(dir_name):
|
size += RoundUp(os.path.getsize(dirpath), BLOCK_SIZE)
|
for f in filenames:
|
size += RoundUp(os.path.getsize(os.path.join(dirpath, f)), BLOCK_SIZE)
|
return size
|
|
def GetFilesAndDirsCount(dir_name):
|
count = 0;
|
for root, dirs, files in os.walk(dir_name):
|
count += (len(dirs) + len(files))
|
return count
|
|
def RoundUp(size, unit):
|
assert unit & (unit - 1) == 0
|
return (size + unit - 1) & (~(unit - 1))
|
|
def PrepareAndroidManifest(package, version):
|
template = """\
|
<?xml version="1.0" encoding="utf-8"?>
|
<manifest xmlns:android="http://schemas.android.com/apk/res/android"
|
package="{package}" android:versionCode="{version}">
|
<!-- APEX does not have classes.dex -->
|
<application android:hasCode="false" />
|
</manifest>
|
"""
|
return template.format(package=package, version=version)
|
|
def ValidateAndroidManifest(package, android_manifest):
|
tree = ET.parse(android_manifest)
|
manifest_tag = tree.getroot()
|
package_in_xml = manifest_tag.attrib['package']
|
if package_in_xml != package:
|
raise Exception("Package name '" + package_in_xml + "' in '" + android_manifest +
|
" differ from package name '" + package + "' in the apex_manifest.json")
|
|
def ValidateArgs(args):
|
if not os.path.exists(args.manifest):
|
print("Manifest file '" + args.manifest + "' does not exist")
|
return False
|
|
if not os.path.isfile(args.manifest):
|
print("Manifest file '" + args.manifest + "' is not a file")
|
return False
|
|
if args.android_manifest is not None:
|
if not os.path.exists(args.android_manifest):
|
print("Android Manifest file '" + args.android_manifest + "' does not exist")
|
return False
|
|
if not os.path.isfile(args.android_manifest):
|
print("Android Manifest file '" + args.android_manifest + "' is not a file")
|
return False
|
|
if not os.path.exists(args.input_dir):
|
print("Input directory '" + args.input_dir + "' does not exist")
|
return False
|
|
if not os.path.isdir(args.input_dir):
|
print("Input directory '" + args.input_dir + "' is not a directory")
|
return False
|
|
if not args.force and os.path.exists(args.output):
|
print(args.output + ' already exists. Use --force to overwrite.')
|
return False
|
|
if args.payload_type == "image":
|
if not args.key:
|
print("Missing --key {keyfile} argument!")
|
return False
|
|
if not args.file_contexts:
|
print("Missing --file_contexts {contexts} argument!")
|
return False
|
|
if not args.canned_fs_config:
|
print("Missing --canned_fs_config {config} argument!")
|
return False
|
|
return True
|
|
def CreateApex(args, work_dir):
|
if not ValidateArgs(args):
|
return False
|
|
if args.verbose:
|
print "Using tools from " + str(tool_path_list)
|
|
try:
|
with open(args.manifest, "r") as f:
|
manifest_raw = f.read()
|
manifest_apex = ValidateApexManifest(manifest_raw)
|
except ApexManifestError as err:
|
print("'" + args.manifest + "' is not a valid manifest file")
|
print err.errmessage
|
return False
|
except IOError:
|
print("Cannot read manifest file: '" + args.manifest + "'")
|
return False
|
|
# create an empty ext4 image that is sufficiently big
|
# sufficiently big = size + 16MB margin
|
size_in_mb = (GetDirSize(args.input_dir) / (1024*1024)) + 16
|
|
content_dir = os.path.join(work_dir, 'content')
|
os.mkdir(content_dir)
|
|
# APEX manifest is also included in the image. The manifest is included
|
# twice: once inside the image and once outside the image (but still
|
# within the zip container).
|
manifests_dir = os.path.join(work_dir, 'manifests')
|
os.mkdir(manifests_dir)
|
manifest_file = os.path.join(manifests_dir, 'apex_manifest.json')
|
if args.verbose:
|
print('Copying ' + args.manifest + ' to ' + manifest_file)
|
shutil.copyfile(args.manifest, manifest_file)
|
|
if args.payload_type == 'image':
|
key_name = os.path.basename(os.path.splitext(args.key)[0])
|
|
if manifest_apex.name != key_name:
|
print("package name '" + manifest_apex.name + "' does not match with key name '" + key_name + "'")
|
return False
|
img_file = os.path.join(content_dir, 'apex_payload.img')
|
|
# margin is for files that are not under args.input_dir. this consists of
|
# one inode for apex_manifest.json and 11 reserved inodes for ext4.
|
# TOBO(b/122991714) eliminate these details. use build_image.py which
|
# determines the optimal inode count by first building an image and then
|
# count the inodes actually used.
|
inode_num_margin = 12
|
inode_num = GetFilesAndDirsCount(args.input_dir) + inode_num_margin
|
|
cmd = ['mke2fs']
|
cmd.extend(['-O', '^has_journal']) # because image is read-only
|
cmd.extend(['-b', str(BLOCK_SIZE)])
|
cmd.extend(['-m', '0']) # reserved block percentage
|
cmd.extend(['-t', 'ext4'])
|
cmd.extend(['-I', '256']) # inode size
|
cmd.extend(['-N', str(inode_num)])
|
uu = str(uuid.uuid5(uuid.NAMESPACE_URL, "www.android.com"))
|
cmd.extend(['-U', uu])
|
cmd.extend(['-E', 'hash_seed=' + uu])
|
cmd.append(img_file)
|
cmd.append(str(size_in_mb) + 'M')
|
RunCommand(cmd, args.verbose, {"E2FSPROGS_FAKE_TIME": "1"})
|
|
# Compile the file context into the binary form
|
compiled_file_contexts = os.path.join(work_dir, 'file_contexts.bin')
|
cmd = ['sefcontext_compile']
|
cmd.extend(['-o', compiled_file_contexts])
|
cmd.append(args.file_contexts)
|
RunCommand(cmd, args.verbose)
|
|
# Add files to the image file
|
cmd = ['e2fsdroid']
|
cmd.append('-e') # input is not android_sparse_file
|
cmd.extend(['-f', args.input_dir])
|
cmd.extend(['-T', '0']) # time is set to epoch
|
cmd.extend(['-S', compiled_file_contexts])
|
cmd.extend(['-C', args.canned_fs_config])
|
cmd.append('-s') # share dup blocks
|
cmd.append(img_file)
|
RunCommand(cmd, args.verbose, {"E2FSPROGS_FAKE_TIME": "1"})
|
|
cmd = ['e2fsdroid']
|
cmd.append('-e') # input is not android_sparse_file
|
cmd.extend(['-f', manifests_dir])
|
cmd.extend(['-T', '0']) # time is set to epoch
|
cmd.extend(['-S', compiled_file_contexts])
|
cmd.extend(['-C', args.canned_fs_config])
|
cmd.append('-s') # share dup blocks
|
cmd.append(img_file)
|
RunCommand(cmd, args.verbose, {"E2FSPROGS_FAKE_TIME": "1"})
|
|
# Resize the image file to save space
|
cmd = ['resize2fs']
|
cmd.append('-M') # shrink as small as possible
|
cmd.append(img_file)
|
RunCommand(cmd, args.verbose, {"E2FSPROGS_FAKE_TIME": "1"})
|
|
|
cmd = ['avbtool']
|
cmd.append('add_hashtree_footer')
|
cmd.append('--do_not_generate_fec')
|
cmd.extend(['--algorithm', 'SHA256_RSA4096'])
|
cmd.extend(['--key', args.key])
|
cmd.extend(['--prop', "apex.key:" + key_name])
|
# Set up the salt based on manifest content which includes name
|
# and version
|
salt = hashlib.sha256(manifest_raw).hexdigest()
|
cmd.extend(['--salt', salt])
|
cmd.extend(['--image', img_file])
|
RunCommand(cmd, args.verbose)
|
|
# Get the minimum size of the partition required.
|
# TODO(b/113320014) eliminate this step
|
info, _ = RunCommand(['avbtool', 'info_image', '--image', img_file], args.verbose)
|
vbmeta_offset = int(re.search('VBMeta\ offset:\ *([0-9]+)', info).group(1))
|
vbmeta_size = int(re.search('VBMeta\ size:\ *([0-9]+)', info).group(1))
|
partition_size = RoundUp(vbmeta_offset + vbmeta_size, BLOCK_SIZE) + BLOCK_SIZE
|
|
# Resize to the minimum size
|
# TODO(b/113320014) eliminate this step
|
cmd = ['avbtool']
|
cmd.append('resize_image')
|
cmd.extend(['--image', img_file])
|
cmd.extend(['--partition_size', str(partition_size)])
|
RunCommand(cmd, args.verbose)
|
else:
|
img_file = os.path.join(content_dir, 'apex_payload.zip')
|
cmd = ['soong_zip']
|
cmd.extend(['-o', img_file])
|
cmd.extend(['-C', args.input_dir])
|
cmd.extend(['-D', args.input_dir])
|
cmd.extend(['-C', manifests_dir])
|
cmd.extend(['-D', manifests_dir])
|
RunCommand(cmd, args.verbose)
|
|
# package the image file and APEX manifest as an APK.
|
# The AndroidManifest file is automatically generated if not given.
|
android_manifest_file = os.path.join(work_dir, 'AndroidManifest.xml')
|
if not args.android_manifest:
|
if args.verbose:
|
print('Creating AndroidManifest ' + android_manifest_file)
|
with open(android_manifest_file, 'w+') as f:
|
app_package_name = manifest_apex.name
|
f.write(PrepareAndroidManifest(app_package_name, manifest_apex.version))
|
else:
|
ValidateAndroidManifest(manifest_apex.name, args.android_manifest)
|
shutil.copyfile(args.android_manifest, android_manifest_file)
|
|
# copy manifest to the content dir so that it is also accessible
|
# without mounting the image
|
shutil.copyfile(args.manifest, os.path.join(content_dir, 'apex_manifest.json'))
|
|
# copy the public key, if specified
|
if args.pubkey:
|
shutil.copyfile(args.pubkey, os.path.join(content_dir, "apex_pubkey"))
|
|
apk_file = os.path.join(work_dir, 'apex.apk')
|
cmd = ['aapt2']
|
cmd.append('link')
|
cmd.extend(['--manifest', android_manifest_file])
|
if args.override_apk_package_name:
|
cmd.extend(['--rename-manifest-package', args.override_apk_package_name])
|
# This version from apex_manifest.json is used when versionCode isn't
|
# specified in AndroidManifest.xml
|
cmd.extend(['--version-code', str(manifest_apex.version)])
|
if manifest_apex.versionName:
|
cmd.extend(['--version-name', manifest_apex.versionName])
|
if args.target_sdk_version:
|
cmd.extend(['--target-sdk-version', args.target_sdk_version])
|
if args.assets_dir:
|
cmd.extend(['-A', args.assets_dir])
|
# Default value for minSdkVersion.
|
cmd.extend(['--min-sdk-version', '29'])
|
cmd.extend(['-o', apk_file])
|
cmd.extend(['-I', args.android_jar_path])
|
RunCommand(cmd, args.verbose)
|
|
zip_file = os.path.join(work_dir, 'apex.zip')
|
cmd = ['soong_zip']
|
cmd.append('-d') # include directories
|
cmd.extend(['-C', content_dir]) # relative root
|
cmd.extend(['-D', content_dir]) # input dir
|
for file_ in os.listdir(content_dir):
|
if os.path.isfile(os.path.join(content_dir, file_)):
|
cmd.extend(['-s', file_]) # don't compress any files
|
cmd.extend(['-o', zip_file])
|
RunCommand(cmd, args.verbose)
|
|
unaligned_apex_file = os.path.join(work_dir, 'unaligned.apex')
|
cmd = ['merge_zips']
|
cmd.append('-j') # sort
|
cmd.append(unaligned_apex_file) # output
|
cmd.append(apk_file) # input
|
cmd.append(zip_file) # input
|
RunCommand(cmd, args.verbose)
|
|
# Align the files at page boundary for efficient access
|
cmd = ['zipalign']
|
cmd.append('-f')
|
cmd.append(str(BLOCK_SIZE))
|
cmd.append(unaligned_apex_file)
|
cmd.append(args.output)
|
RunCommand(cmd, args.verbose)
|
|
if (args.verbose):
|
print('Created ' + args.output)
|
|
return True
|
|
|
class TempDirectory(object):
|
def __enter__(self):
|
self.name = tempfile.mkdtemp()
|
return self.name
|
|
def __exit__(self, *unused):
|
shutil.rmtree(self.name)
|
|
|
def main(argv):
|
global tool_path_list
|
args = ParseArgs(argv)
|
tool_path_list = args.apexer_tool_path
|
with TempDirectory() as work_dir:
|
success = CreateApex(args, work_dir)
|
|
if not success:
|
sys.exit(1)
|
|
|
if __name__ == '__main__':
|
main(sys.argv[1:])
|
