Google has website/platform where contributors to the Android Open Source Project can make live changes to the code and create builds on Google servers. The resulting GSI images can be downloaded here:
Android 13 from aosp-master branch:
Branch Grid
ci.android.com
Android 13 from aosp-android13-gsi branch:
Branch Grid
ci.android.com
The FAQ states that there is a two factor security system in place to ensure the added code is genuine and safe.
Reviewers check the added code and make sure it's consistent with Google Guidelines.
Verifiers build the changes and verify it if everything checks out.
If I understand correctly, there is only one reviewer who checks code changes in the branches mentioned above, before builds committed by these contributors can literally be downloaded by anyone, directly from Google's servers?
Seems a little insane tbh.
@tablet_seeker Thread closed as you've already created a subject matter related thread:
Malicious Code in GSI Images From Google's Developer AOSP Branch?
This Google website offers frequently updated daily GSI builds of AOSP, where code changes from literally any contributor to the Android Open Source Project are built and hosted on Google Servers...
forum.xda-developers.com
Welcome to XDA! I hope you'll always get the support you require. However, please review the XDA Forum Rules with special emphasis on rule no. 5, post only ONCE and post in the existing thread instead of creating a new one! Thanks for your cooperation. This is the second duplicate! Please read my message as a friendly warning.
Regards
Oswald Boelcke
Senior Moderator
Related
Hi,
Altough this is just the skeleton of it, let me share what I've set up until now.
I've also started a dedicated Google group here: https://groups.google.com/forum/?hl=en&fromgroups#!members/renesas-emev-osp
Anyone interested in contributing to develpment, plesae join!
1) Android
https://github.com/ffxx68/Renesas-device_emev
This is the entry-point to the GitHub repositories where I would put all the modification to the AOSP code which are specific to the Renesas EMEV for our Open Source Project.
Have a look at the README for further details and follow the progress, or open discussions, on our Google group.
2) Kernel
https://github.com/ffxx68/RenesasEV2-BSPGB-Kernel
This is the public GitHub repository for the 2.6.35.7 Kernel source code. It is customized to emxx code and it includes for the moment only the LCD patch that is necessary for the most common tablet (the kernel base code is aimed at the development board instead).
Same as above, anyone can contribute directly here.
3) Bootloader
https://github.com/ffxx68/RenesasEV2-bootloader
This is the public GitHub repository for the bootloader source code. It includes a patch for the 4 DDR tablet models.
I don't expect this to be changed much, but anyone can contribute directly pushing new files over here too.
4) Packaging
Some more details about how to wrap-up a fresh build and make a firmware for the tablet are found in the README mentieod above.
I've managed to boot Android from an SD card (see here: https://github.com/ffxx68/Renesas-BootSD) and I think a similar approach should be followed, at least for initial testing.
Kind of late to the party, but I'm really interested in this project... I applied to the Google Group, but I notice that the EV2 AOSP page you listed is gone... is there a specific reason for this? I would really love to contribute to this.
Hi, and welcome aboard!
I have edited a couple links above, which have changed a bit since then.
Thanks
I'm facing a problem with the touchscreen driver, which I have filed in the group list as well:
https://groups.google.com/forum/#!topic/renesas-emev-osp/smcwddwvNDo
(answer over there, if possible).
I can't understand why the driver for the touchscreen (found in drivers/input/touchscreen/pixcir_i2c_ts.c) is not loaded during the kernel init stages.
The touchkeys driver (ekt2201) is very similar in code structure and it's loaded as expected, while the _probe function of the PixCir is never called. This is the fragment from the dmesg kernel log:
...
<4>ekt2201_init
<4>ekt2201_i2c_ts_probe
<6>input: ekt2201 as /devices/i2c-0/0-0010/input/input0
<4>ekt2201:i2c_add_driver 0
<4>emxx_tsixcir_i2c_init
<4>emxx_tsixcir:i2c_add_driver 0
...
Note as the input device is created for the ekt2201 as the _probe is called, while the same doesn't happen for the pixcir.
Anyone with a clue?
thanks
Hi,
if anyone's interested in testing an experimental, pre-alpha version of the Open Source GB and Kernel build, leave a message here:
https://groups.google.com/forum/?hl=en&fromgroups#!topic/renesas-emev-osp/Mmd8r-YMaNo
Porting to JB has started: https://groups.google.com/forum/?fromgroups=#!topic/renesas-emev-osp/XSdLmPgD9Og
Dear developers and ROM chiefs.
It has come to our attention that ROMs in this section are released without proper kernel source being provided. The GPL license under which kernels are released requires the code transparency - in short sources must be pushed to some revision control system like github or bitbucket.
As per XDA rules, we're requesting you to provide proper kernel source or remove kernels from your builds.
If the OEM doesn't provide the kernel source code they are in violation of the GPL license and ROMs (with kernels) for these devices are not allowed on XDA.
Therefore we're giving you one week to either provide the source or remove the boot.img from your ROMs.
Thank you for your attention.
Tom
XDA Senior Moderator
Hello,
It has been brought to our attention that many kernels and/or ROM's (where applicable) posted in this section are not fully compliant with the GNU General Public Licence v2 (GPL v2) and for CyanogenMod ROM's the Apache licence.
This is quite frankly not acceptable so we are initiating a crackdown on this.
For kernel developers: You must provide FULL source code, not just the edits you made (reference here). Your source code must also be up-to-date with any binary releases. If in doubt, update your github first, then release the binary, NOT the other way round.
For CyanogenMod ROM developers: CyanogenMod is OpenSourced under the Apache Licence 2.0 and as such you don't need to upload your source code, though under the "spirit of OpenSource" it would be morally right to do so, however, we will not force you to do this, that is your choice to make.
For ALL ROM developers: If your ROM contains a boot.img file or a zimage file then you must state firstly whether it is your kernel or another user's kernel and secondly you must provide a link to the source code if it is your kernel and a link to the other user's kernel thread if you use another user's kernel.
The full GNU GPL v2 can be read here >>> http://www.gnu.org/licenses/gpl-2.0.html
The FAQ for the GPL v2 can be read here >>> http://www.gnu.org/licenses/old-licenses/gpl-2.0-faq.html
Why you cannot provide just the edits you made? Read here >>> http://www.gnu.org/licenses/old-licenses/gpl-2.0-faq.html#DistributingSourceIsInconvenient
The Apache Licence 2.0 can be read here >>> http://www.apache.org/licenses/LICENSE-2.0.html
XDA-Developers and the GPL article here >>> http://www.xda-developers.com/android/xda-developers-and-the-gpl/
I have posted notices in many users ROM/kernel threads and those people have 3 days (from the time this post was posted) to provide full kernel source. If you need more time then please contact me via PM. If you are unable to provide source code after the decided time then your thread will be closed and download links removed.
Regards,
Jonny
Ok, the 3 days were up yesterday but due to time constraints I won't start chasing people up on this until much later tonight or tomorrow. If users who were notified by me 4 days ago do not have source code up by tomorrow and have not contacted me, they have no excuse and their threads will be closed so I would suggest uploading it if not already done so.
So to preface, every Development thread on XDA has the following sticky:
1. If you are using a stock kernel you MUST mention where you obtained your source. Also, having a link leading to where the manufacturer has uploaded their source is always helpful.
2. If you are using a community driven source build (e.g. CyanogenMod, AOSP, or Parandroid) or a singular developer's source you MUST link directly to the repository that contains the kernel for that specific device. If you are only linking to another thread or to a general repository, this will not be considered as being GPL compliant unless the code has not been modified.
3. If you are forking a repository that is similar to the examples listed above in #2, you MUST publish and link your entire kernel source. This includes any and all changes that you have made. Two of the most common ways developers publish their source on XDA is either with Gerrit, or GitHub. While these two methods are recommended, they are not the only routes you can choose to accomplish this. All that is required is that the source can be viewed and downloaded by anyone who wishes to do so. When releasing an update, your repository must be updated the moment you release your kernel on XDA. If you can post your update to XDA, there should be no reason as to why you cannot release your source.
Click to expand...
Click to collapse
Yet, what are we to do with the tons of ROM development threads that has no reference to sources or general threads that are not possible to build? For me that's mainly a security concern, when a dev releases a ROM for general use, it's hard to check for the authenticity of the product.
Hello Folks,
I am searching Testers for DIOS 12.1 My new upcoming Xperia exclusive OS.
Things that don't work actually on Sagami Boards due to the Xperia Software Binaries:
-Mobile Data
-Wifi
-NFC
-Battery Status (No Infos)
Make sure You know what You do. Flash the OEM Software binaries to use this AOSP/SODP based ROM. Flash all Images included in My ZIPs. OTAs can be applied over ADB and Recovery after You have flashed My Kernels/Recoveries. Feel free to ask Me out if You have Questions and consider Joining Me on Social Media or Discord to stay up-to-date.
Sign in - Google Accounts
Device Trees & Kernel: https://github.com/sonyxperiadev/local_manifests
Hi OP, since you are the original developer for this ROM, I changed the tag from General to Development.
Also, because you are posting this ROM yourself, could you please also post a link to kernel source repo? As on XDA we need to comply with GPL v2 which requires kernel source to be open source.
Thank you very much.
jerryhou85 said:
Hi OP, since you are the original developer for this ROM, I changed the tag from General to Development.
Also, because you are posting this ROM yourself, could you please also post a link to kernel source repo? As on XDA we need to comply with GPL v2 which requires kernel source to be open source.
Thank you very much.
Click to expand...
Click to collapse
Thanks for the Help! Since i am using the SODP Device Trees are we going with Pre-Compiled Kernels from the SODP for now.
Source will be added to the first Post! https://github.com/sonyxperiadev/local_manifests