Hi Tapani,
tos_partition=true is expected here when trusty is enabled. That's the reason system
failed to locate tos (trusty OS).
Flag tos_partition is introduced to support IVI with non-EFI based BIOS - ABL/SBL. Tos
partition is not a must per the customer request.
Let me note this down and check if we can reduce this config option.
Thanks,
Roger
-----Original Message-----
From: Palli, Tapani
Sent: Wednesday, January 2, 2019 7:28 PM
To: Feng, Roger <roger.feng(a)intel.com>; celadon(a)lists.01.org
Subject: Re: [
01.org Celadon] About install apk in Celadon
On 1/2/19 9:56 AM, Tapani Pälli wrote:
On 1/2/19 9:51 AM, Feng, Roger wrote:
> Hi Tapani,
>
> Trusty or sepolicy are not supposed to be the cause to fail the apk
> installation.
> If you find below operations are necessary to make the failure gone,
> there must be something wrong and please let me know:
> - disable trusty in mixins
> - setenforce 0
OK, I will build with trusty and see if things work. I remember that
'setenforce 0' used to be required for CTS/dEQP. I guess regular apps
would work without it. I'll let you know!
Well, turns out it does not work. When I boot it says following things:
Failed to read counter for simulate: Aborted key is not programmed, use the first derived
key.: Aborted Init RPMB key succesfully INSECURE BOOTLOADER - SYSTEM SECURITY IN RED
STATE
(also it does display "BOOT_STATE is RED but allow to boot anyway on eng
builds!" in green on the right side)
and after a short while it displays:
INSECURE BOOTLOADER - SYSTEM SECURITY IN RED STATE Partition tos not found: Not Found TOS
image loading failed: Not Found Load tos image failed: Not Found
then the device shuts itself down. I disabled 'trusty' and built again and this
time it works. This might be related to 'tos_partition=false'?
I'm setting it false because I'm disabling 'avb' and 'slot-ab' and
I thought it is somehow related.
Overall, I think it is a problem that there are so many settings in mixins.spec and the
defaults don't work ok for users. Also IMO mixin-update should run automatically
before the build, this is how mixins was originally designed to work.
Users/developers likely expect to be able to install apk's out of the box without any
changes to mixins.spec. If this is not the case, then we should somehow fix it.
> Thanks,
> Roger
> -----Original Message-----
> From: Celadon [mailto:celadon-bounces@lists.01.org] On Behalf Of
> Tapani Pälli
> Sent: Wednesday, January 2, 2019 3:25 PM
> To: celadon(a)lists.01.org
> Subject: Re: [
01.org Celadon] About install apk in Celadon
>
> Hi;
>
> On 12/25/18 7:23 AM, Tan, Ming wrote:
>> Dear all:
>>
>> I use the source code to build an image of Celadon, and use
>> userdebug build and celadon lunch target.
>>
>> I install it to a device and it can boot to UI.
>>
>> But when I try to install an apk in it, the installation failed.
>>
>> Has someone successfully install 3^rd party apk in a device
>> which installed the Celadon?
>>
>> Thank you.
>
> I'm not sure which of these steps does it but this is how I build so
> that I'm able to install apk's and run them:
>
> I disable 'avb', 'slot-ab' and 'trusty' in mixins and run
> mixin-update before building. I've also set 'tos_partition=false',
> don't remember exactly why though, I think in some point it used to
> fail if it was set to true.
>
> Before installing, I remove 'flashing lock' from installer.cmd script.
>
> Then depending what you are about to run, you might also need to run
> "setenforce 0" before executing the app (such as CTS tests).
>
> Disclaimer: I haven't done repo sync for some time so it could be
> that this will not work .. I'll sync today and let you know what
> happened :)
>
> // Tapani
> --
> Celadon mailing list
> Celadon(a)lists.01.org
>
https://lists.01.org/mailman/listinfo/celadon
>