6:23 a.m.
Dear all:
I use the source code to build an image of Celadon, and use userdebug build and celadon
lunch target.
I install it to a device and it can boot to UI.
But when I try to install an apk in it, the installation failed.
Has someone successfully install 3rd party apk in a device which installed the Celadon?
Thank you.
Tan Ming.
Software Engineer, SSG/OTC.
Mobile: +86 13651977713.
8:24 a.m.
Hi;
On 12/25/18 7:23 AM, Tan, Ming wrote:
Dear all:
I use the source code to build an image of Celadon, and use userdebug
build and celadon lunch target.
I install it to a device and it can boot to UI.
But when I try to install an apk in it, the installation failed.
Has someone successfully install 3^rd party apk in a device which
installed the Celadon?
Thank you.
I'm not sure which of these steps does it but this is how I build so
that I'm able to install apk's and run them:
I disable 'avb', 'slot-ab' and 'trusty' in mixins and run
mixin-update
before building. I've also set 'tos_partition=false', don't remember
exactly why though, I think in some point it used to fail if it was set
to true.
Before installing, I remove 'flashing lock' from installer.cmd script.
Then depending what you are about to run, you might also need to run
"setenforce 0" before executing the app (such as CTS tests).
Disclaimer: I haven't done repo sync for some time so it could be that
this will not work .. I'll sync today and let you know what happened :)
// Tapani
8:51 a.m.
Hi Tapani,
Trusty or sepolicy are not supposed to be the cause to fail the apk installation.
If you find below operations are necessary to make the failure gone, there must be
something wrong and please let me know:
- disable trusty in mixins
- setenforce 0
Thanks,
Roger
-----Original Message-----
From: Celadon [mailto:celadon-bounces@lists.01.org] On Behalf Of Tapani Pälli
Sent: Wednesday, January 2, 2019 3:25 PM
To: celadon(a)lists.01.org
Subject: Re: [01.org Celadon] About install apk in Celadon
Hi;
On 12/25/18 7:23 AM, Tan, Ming wrote:
Dear all:
I use the source code to build an image of Celadon, and use
userdebug build and celadon lunch target.
I install it to a device and it can boot to UI.
But when I try to install an apk in it, the installation failed.
Has someone successfully install 3^rd party apk in a device which
installed the Celadon?
Thank you.
I'm not sure which of these steps does it but this is how I build so that I'm able
to install apk's and run them:
I disable 'avb', 'slot-ab' and 'trusty' in mixins and run
mixin-update before building. I've also set 'tos_partition=false', don't
remember exactly why though, I think in some point it used to fail if it was set to true.
Before installing, I remove 'flashing lock' from installer.cmd script.
Then depending what you are about to run, you might also need to run "setenforce
0" before executing the app (such as CTS tests).
Disclaimer: I haven't done repo sync for some time so it could be that this will not
work .. I'll sync today and let you know what happened :)
// Tapani
--
Celadon mailing list
Celadon(a)lists.01.org
https://lists.01.org/mailman/listinfo/celadon
8:56 a.m.
On 1/2/19 9:51 AM, Feng, Roger wrote:
Hi Tapani,
Trusty or sepolicy are not supposed to be the cause to fail the apk installation.
If you find below operations are necessary to make the failure gone, there must be
something wrong and please let me know:
- disable trusty in mixins
- setenforce 0
OK, I will build with trusty and see if things work. I remember that
'setenforce 0' used to be required for CTS/dEQP. I guess regular apps
would work without it. I'll let you know!
Thanks,
Roger
-----Original Message-----
From: Celadon [mailto:celadon-bounces@lists.01.org] On Behalf Of Tapani Pälli
Sent: Wednesday, January 2, 2019 3:25 PM
To: celadon(a)lists.01.org
Subject: Re: [01.org Celadon] About install apk in Celadon
Hi;
On 12/25/18 7:23 AM, Tan, Ming wrote:
> Dear all:
>
> I use the source code to build an image of Celadon, and use
> userdebug build and celadon lunch target.
>
> I install it to a device and it can boot to UI.
>
> But when I try to install an apk in it, the installation failed.
>
> Has someone successfully install 3^rd party apk in a device which
> installed the Celadon?
>
> Thank you.
I'm not sure which of these steps does it but this is how I build so that I'm
able to install apk's and run them:
I disable 'avb', 'slot-ab' and 'trusty' in mixins and run
mixin-update before building. I've also set 'tos_partition=false', don't
remember exactly why though, I think in some point it used to fail if it was set to true.
Before installing, I remove 'flashing lock' from installer.cmd script.
Then depending what you are about to run, you might also need to run "setenforce
0" before executing the app (such as CTS tests).
Disclaimer: I haven't done repo sync for some time so it could be that this will not
work .. I'll sync today and let you know what happened :)
// Tapani
--
Celadon mailing list
Celadon(a)lists.01.org
https://lists.01.org/mailman/listinfo/celadon
12:28 p.m.
On 1/2/19 9:56 AM, Tapani Pälli wrote:
On 1/2/19 9:51 AM, Feng, Roger wrote:
> Hi Tapani,
>
> Trusty or sepolicy are not supposed to be the cause to fail the apk
> installation.
> If you find below operations are necessary to make the failure gone,
> there must be something wrong and please let me know:
> - disable trusty in mixins
> - setenforce 0
OK, I will build with trusty and see if things work. I remember that
'setenforce 0' used to be required for CTS/dEQP. I guess regular apps
would work without it. I'll let you know!
Well, turns out it does not work. When I boot it says following things:
Failed to read counter for simulate: Aborted
key is not programmed, use the first derived key.: Aborted
Init RPMB key succesfully
INSECURE BOOTLOADER - SYSTEM SECURITY IN RED STATE
(also it does display "BOOT_STATE is RED but allow to boot anyway on eng
builds!" in green on the right side)
and after a short while it displays:
INSECURE BOOTLOADER - SYSTEM SECURITY IN RED STATE
Partition tos not found: Not Found
TOS image loading failed: Not Found
Load tos image failed: Not Found
then the device shuts itself down. I disabled 'trusty' and built again
and this time it works. This might be related to 'tos_partition=false'?
I'm setting it false because I'm disabling 'avb' and 'slot-ab' and
I
thought it is somehow related.
Overall, I think it is a problem that there are so many settings in
mixins.spec and the defaults don't work ok for users. Also IMO
mixin-update should run automatically before the build, this is how
mixins was originally designed to work.
Users/developers likely expect to be able to install apk's out of the
box without any changes to mixins.spec. If this is not the case, then we
should somehow fix it.
> Thanks,
> Roger
> -----Original Message-----
> From: Celadon [mailto:celadon-bounces@lists.01.org] On Behalf Of
> Tapani Pälli
> Sent: Wednesday, January 2, 2019 3:25 PM
> To: celadon(a)lists.01.org
> Subject: Re: [01.org Celadon] About install apk in Celadon
>
> Hi;
>
> On 12/25/18 7:23 AM, Tan, Ming wrote:
>> Dear all:
>>
>> I use the source code to build an image of Celadon, and use
>> userdebug build and celadon lunch target.
>>
>> I install it to a device and it can boot to UI.
>>
>> But when I try to install an apk in it, the installation failed.
>>
>> Has someone successfully install 3^rd party apk in a device which
>> installed the Celadon?
>>
>> Thank you.
>
> I'm not sure which of these steps does it but this is how I build so
> that I'm able to install apk's and run them:
>
> I disable 'avb', 'slot-ab' and 'trusty' in mixins and run
mixin-update
> before building. I've also set 'tos_partition=false', don't remember
> exactly why though, I think in some point it used to fail if it was
> set to true.
>
> Before installing, I remove 'flashing lock' from installer.cmd script.
>
> Then depending what you are about to run, you might also need to run
> "setenforce 0" before executing the app (such as CTS tests).
>
> Disclaimer: I haven't done repo sync for some time so it could be that
> this will not work .. I'll sync today and let you know what happened :)
>
> // Tapani
> --
> Celadon mailing list
> Celadon(a)lists.01.org
> https://lists.01.org/mailman/listinfo/celadon
>
1:13 p.m.
Hi Tapani,
tos_partition=true is expected here when trusty is enabled. That's the reason system
failed to locate tos (trusty OS).
Flag tos_partition is introduced to support IVI with non-EFI based BIOS - ABL/SBL. Tos
partition is not a must per the customer request.
Let me note this down and check if we can reduce this config option.
Thanks,
Roger
-----Original Message-----
From: Palli, Tapani
Sent: Wednesday, January 2, 2019 7:28 PM
To: Feng, Roger <roger.feng(a)intel.com>; celadon(a)lists.01.org
Subject: Re: [01.org Celadon] About install apk in Celadon
On 1/2/19 9:56 AM, Tapani Pälli wrote:
On 1/2/19 9:51 AM, Feng, Roger wrote:
> Hi Tapani,
>
> Trusty or sepolicy are not supposed to be the cause to fail the apk
> installation.
> If you find below operations are necessary to make the failure gone,
> there must be something wrong and please let me know:
> - disable trusty in mixins
> - setenforce 0
OK, I will build with trusty and see if things work. I remember that
'setenforce 0' used to be required for CTS/dEQP. I guess regular apps
would work without it. I'll let you know!
Well, turns out it does not work. When I boot it says following things:
Failed to read counter for simulate: Aborted key is not programmed, use the first derived
key.: Aborted Init RPMB key succesfully INSECURE BOOTLOADER - SYSTEM SECURITY IN RED
STATE
(also it does display "BOOT_STATE is RED but allow to boot anyway on eng
builds!" in green on the right side)
and after a short while it displays:
INSECURE BOOTLOADER - SYSTEM SECURITY IN RED STATE Partition tos not found: Not Found TOS
image loading failed: Not Found Load tos image failed: Not Found
then the device shuts itself down. I disabled 'trusty' and built again and this
time it works. This might be related to 'tos_partition=false'?
I'm setting it false because I'm disabling 'avb' and 'slot-ab' and
I thought it is somehow related.
Overall, I think it is a problem that there are so many settings in mixins.spec and the
defaults don't work ok for users. Also IMO mixin-update should run automatically
before the build, this is how mixins was originally designed to work.
Users/developers likely expect to be able to install apk's out of the box without any
changes to mixins.spec. If this is not the case, then we should somehow fix it.
> Thanks,
> Roger
> -----Original Message-----
> From: Celadon [mailto:celadon-bounces@lists.01.org] On Behalf Of
> Tapani Pälli
> Sent: Wednesday, January 2, 2019 3:25 PM
> To: celadon(a)lists.01.org
> Subject: Re: [01.org Celadon] About install apk in Celadon
>
> Hi;
>
> On 12/25/18 7:23 AM, Tan, Ming wrote:
>> Dear all:
>>
>> I use the source code to build an image of Celadon, and use
>> userdebug build and celadon lunch target.
>>
>> I install it to a device and it can boot to UI.
>>
>> But when I try to install an apk in it, the installation failed.
>>
>> Has someone successfully install 3^rd party apk in a device
>> which installed the Celadon?
>>
>> Thank you.
>
> I'm not sure which of these steps does it but this is how I build so
> that I'm able to install apk's and run them:
>
> I disable 'avb', 'slot-ab' and 'trusty' in mixins and run
> mixin-update before building. I've also set 'tos_partition=false',
> don't remember exactly why though, I think in some point it used to
> fail if it was set to true.
>
> Before installing, I remove 'flashing lock' from installer.cmd script.
>
> Then depending what you are about to run, you might also need to run
> "setenforce 0" before executing the app (such as CTS tests).
>
> Disclaimer: I haven't done repo sync for some time so it could be
> that this will not work .. I'll sync today and let you know what
> happened :)
>
> // Tapani
> --
> Celadon mailing list
> Celadon(a)lists.01.org
> https://lists.01.org/mailman/listinfo/celadon
>
746
days inactive
754
days old
5 comments
3 participants
participants (3)
-
Feng, Roger -
Tan, Ming -
Tapani Pälli