| commit | aacc9912ba1894b018063a2af953dec395595762 | [log] [tgz] |
|---|---|---|
| author | Istvan Nador <[email protected]> | Fri May 12 12:08:52 2023 +0000 |
| committer | Istvan Nador <[email protected]> | Fri May 12 13:42:32 2023 +0000 |
| tree | fd11b5b02a9600fd67c21acbf21d6e293d830222 | |
| parent | f007162183431391b5fb084784315a999c9f4c35 [diff] |
Minidroid: use vbmeta_system for verifying system When both the avb, and the avb_keys= flags are specified then the latter takes precedence, and an image is verified using the VBMeta struct stored on the image itself, using the public keys located at the path on the file system specified by the avb_keys= flag. On Minidroid, this way of verification is incomplete: - the VBMeta struct on system does not have an algortihm specified for the verification*, - there are no keys stored at /avb. Minidroid boots, but the image is not actually verified, and there are errors logged during boot: Error verifying vbmeta image: OK_NOT_SIGNED Found unknown public key used to sign /system Returning avb_handle for '/system' with status: VerificationError So, for now, to fix the error and to simplify the setup, we'll only use the vbmeta_system partition to verify system. *see by running: avbtool info_image --image out/target/product/sdv_core_cf/system.img Bug: 281019451 Test: source build/envsetup.sh Test: lunch aosp_cf_x86_64_minidroid-userdebug Test: make Test: launch_cvd Test: # Check for AVB errors Test: adb logcat | grep libfs_avb Change-Id: If6e36c6dda97c8d33c1c392c40a4f720b28c51d1
Make sure virtualization with KVM is available.
grep -c -w "vmx\|svm" /proc/cpuinfo
This should return a non-zero value. If running on a cloud machine, this may take cloud-vendor-specific steps to enable. For Google Compute Engine specifically, see the GCE guide.
ARM specific steps:
/dev/kvm. Note that this method can also be used to confirm support of KVM on any environment.Download, build, and install the host debian packages:
sudo apt install -y git devscripts config-package-dev debhelper-compat golang curl git clone https://github.com/google/android-cuttlefish cd android-cuttlefish for dir in base frontend; do cd $dir debuild -i -us -uc -b -d cd .. done sudo dpkg -i ./cuttlefish-base_*_*64.deb || sudo apt-get install -f sudo dpkg -i ./cuttlefish-user_*_*64.deb || sudo apt-get install -f sudo usermod -aG kvm,cvdnetwork,render $USER sudo reboot
The reboot will trigger installing additional kernel modules and applying udev rules.
Go to http://ci.android.com/
Enter a branch name. Start with aosp-master if you don‘t know what you’re looking for
Navigate to aosp_cf_x86_64_phone and click on userdebug for the latest build
aosp-master-throttled-copped and device target aosp_cf_arm64_only_phone-userdebugClick on Artifacts
Scroll down to the OTA images. These packages look like aosp_cf_x86_64_phone-img-xxxxxx.zip -- it will always have img in the name. Download this file
Scroll down to cvd-host_package.tar.gz. You should always download a host package from the same build as your images.
On your local system, combine the packages:
mkdir cf cd cf tar xvf /path/to/cvd-host_package.tar.gz unzip /path/to/aosp_cf_x86_64_phone-img-xxxxxx.zip
Launch cuttlefish with:
$ HOME=$PWD ./bin/launch_cvd
You can use adb to debug it, just like a physical device:
$ ./bin/adb -e shell
When launching with ---start_webrtc (the default), you can see a list of all available devices at https://localhost:8443 . For more information, see the WebRTC on Cuttlefish documentation.
You will need to stop the virtual device within the same directory as you used to launch the device.
$ HOME=$PWD ./bin/stop_cvd