-
Notifications
You must be signed in to change notification settings - Fork 17
Building AOSP 5.0.2_r1 with efs tools on Nexus 7 Tablet
The following steps will guide you to download, build and install AOSP 5.0.2_r1 together with ecryptfs and efs-tools on a Nexus 7 tablet.
-
Install repo client from Google
$ mkdir ~/bin $ PATH=~/bin:$PATH $ curl http://commondatastorage.googleapis.com/git-repo-downloads/repo > ~/bin/repo $ chmod a+x ~/bin/repo
-
Get AOSP source code:
$ mkdir AOSP_TREE $ cd AOSP_TREE $ repo init -u https://android.googlesource.com/platform/manifest -b android-5.0.2_r1 $ repo sync -j8
-
Download and install binaries for Nexus 7 device (tilapialrx22g):
$ wget https://dl.google.com/dl/android/aosp/asus-tilapia-lrx22g-77f3f95b.tgz $ wget https://dl.google.com/dl/android/aosp/broadcom-tilapia-lrx22g-2cff7a17.tgz $ wget https://dl.google.com/dl/android/aosp/elan-tilapia-lrx22g-4cbfd4bc.tgz $ wget https://dl.google.com/dl/android/aosp/invensense-tilapia-lrx22g-51819e4e.tgz $ wget https://dl.google.com/dl/android/aosp/nvidia-tilapia-lrx22g-33c49b1c.tgz $ wget https://dl.google.com/dl/android/aosp/nxp-tilapia-lrx22g-bd4a7a34.tgz $ wget https://dl.google.com/dl/android/aosp/widevine-tilapia-lrx22g-6ee5ee5d.tgz $ tar -xvf asus-tilapia-lrx22g-77f3f95b.tgz && tar -xvf broadcom-tilapia-lrx22g-2cff7a17.tgz && tar -xvf elan-tilapia-lrx22g-4cbfd4bc.tgz && tar -xvf invensense-tilapia-lrx22g-51819e4e.tgz && tar -xvf nvidia-tilapia-lrx22g-33c49b1c.tgz && tar -xvf nxp-tilapia-lrx22g-bd4a7a34.tgz && tar -xvf widevine-tilapia-lrx22g-6ee5ee5d.tgz $ chmod a+x extract-* $ ./extract-asus-tilapia.sh && ./extract-broadcom-tilapia.sh && ./extract-elan-tilapia.sh && ./extract-invensense-tilapia.sh && ./extract-nvidia-tilapia.sh && ./extract-nxp-tilapia.sh && ./extract-widevine-tilapia.sh
-
Setup build environment http://source.android.com/source/initializing.html
-
Build images
$ source build/envsetup.sh $ lunch full_tilapia-eng $ make -j8
-
Get the kernel source code
$ git clone https://android.googlesource.com/kernel/tegra.git nexus7_kernel $ cd nexus7_kernel $ git checkout android-tegra3-grouper-3.1-lollipop-release
-
Setup build environment
$ git clone https://android.googlesource.com/platform/prebuilts/gcc/linux-x86/arm/arm-linux-androideabi-4.7 $ export CROSS_COMPILE=arm-linux-androideabi-4.7/bin/arm-linux-androideabi- $ export ARCH=arm $ export SUBARCH=arm
-
Create kernel build config
$ make tegra3_android_defconfig
-
Add the following to the kernel config:
CONFIG_KEYS=y CONFIG_CRYPTO=y CONFIG_CRYPTO_ALGAPI=y CONFIG_CRYPTO_BLKCIPHER=y CONFIG_CRYPTO_HASH=y CONFIG_CRYPTO_MANAGER=y CONFIG_CRYPTO_MD5=y CONFIG_CRYPTO_ECB=y CONFIG_CRYPTO_CBC=y CONFIG_CRYPTO_AES=y CONFIG_ECRYPT_FS=y
-
Build the kernel:
$ make -j8
-
Overwrite the new kernel zImage to AOSP tree
$ cp /nexus7_kernel/arch/arm/boot/zImage /AOSP_TREE/out/target/product/tilapia/kernel
-
Get the source code
$ git clone https://github.com/catalinionita/Ecryptfs-Tools-for-Android.git git_efstools
-
Move the folder to /AOSP_TREE/external/efs-tools
$ mv Ecryptfs-Tools-for-Android AOSP_TREE/external/efs-tools
-
Apply integration patches
$ cd /AOSP_TREE/external/efs-tools $ git pull $ repo forall -c git reset --hard $ repo forall -c git clean -df $ croot $ external/efs-tools/integration/apply_patches.sh
-
Rebuild AOSP tree
$ make -j8
-
Enable device connection
$ lsusb
You will see a list of USB devices. Among them, find: the Google Inc. device and save the ID: (e.g +18d1:4ee2). Edit udev rules and add Nexus 7 rules:
$ sudo emacs /etc/udev/rules.d/70-persistent-net.rules
#ASUS - Nexus 7 18d1:4ee2
SUBSYSTEM=="usb", ATTR{idVendor}=="18d1", MODE="0666"
-
Restart udev:
$ sudo service udev restart
-
Plug and unplug the device and check connectivity:
$ adb devices
You should be able to see the List of devices attached, containing the Nexus 7 tablet’s serial number.
-
Flash build images to Nexus 7 device
$ adb reboot bootloader $ cd $OUT $ fastboot -w flashall
The phone should be flashed properly and rebooted. At this point you have installed a vanilla 5.0.2 Lollipop image on a Nexus 7 tablet with ecryptfs and efs-tools support.
-
Check if ecryptfs module is active:
$ adb shell $ cat proc/kallsyms | grep ecryptfs $ exit
You should see output containing ecryptfs_. If not, the ecryptfs support was not compiled in the kernel.
-
Run efs-tools tests:
$ cd /AOSP_TREE/external/efs-tools/test $ ./testsuite.sh
-
Checkout the graphical interface for encrypt user data
Go to Settings→Security. First, set a password for the screen lock. Then click on the "Encrypt my data" option. Follow the instructions and encrypt your data.