Set up Design Secure Develop Configure 참조
코드로 이동
개요 Architecture Compatibility Display Settings Tests

Building Product Partitions

Android 9​ includes support for building /product partitions using the Android build system. Previously, Android 8.x enforced the separation of System-on-Chip (SoC)-specific components from the /system partition to the /vendor partition without dedicating space for OEM-specific components built from Android build system.

About product partitions

Many OEMs customize the AOSP system image to implement their own features and requirements from carriers. However, such customizations make it impossible to use a single system image for multiple software SKUs as each image must be different to support a different locale, carrier, etc. Using a separate /product partition to contain customizations makes it possible to use a single system image for multiple software SKUs (the /system partition hosts generic code that can be shared among many software SKUs). The /vendor partition continues to host SoC-specific Board-Specific (BSP) code that can be shared among multiple devices based on the given SoC.

Using separate partitions has some disadvantages, such as difficulties in managing disk space (a limited amount of space should be reserved for future growth) and in maintaining stable Application Binary Interface (ABI) between partitions. Before deciding to use /product partitions, take time to consider your unique AOSP implementation and possible mitigation tactics (such as repartitioning a device during an Over-the-Air (OTA) update, which is not done by Google but is done by some OEMs).

Legacy /oem vs /product

The new /product partition is incompatible with the legacy /oem partition:

Partition Attributes
/oem
  • Not updateable; usually flashed once at factory.
  • Built per small variations such as branding and color. Different /oem partition contents do not make them different product software.
  • System partition does not depend on /oem (it uses the partition only when a specific file is found there).
  • Does not use API on system other than public API.
/product
  • Updateable
  • Coupled with the system image (they update together)
  • Built per product or product families.
  • System partition can depend on /product partition.
  • Can use non-public APIs since they are updated simultaneously.

For these reasons, Android 9 supports the new /product partition and also retains support for the legacy /oem partition for devices that depend on it.

/product components

The /product partition contains the following components:

  • Product-specific system properties (/product/build.prop)
  • Product-specific RROs (/product/overlay/*.apk)
  • Product-specific apps (/product/app/*.apk)
  • Product-specific priv-apps (/product/priv-app/*.apk)
  • Product-specific libraries (/product/lib/*)
  • Product-specific java libraries (/product/framework/*.jar)
  • Product-specific Android Framework system configs (/product/etc/sysconfig/* and /product/etc/permissions/*)
  • Product-specific media files (/product/media/audio/*)
  • Product-specific bootanimation files

No custom_images

You cannot use custom_images as they lack support for the following:

  • Installing modules into a specific target. custom_images support copying artifacts into an image but cannot install a module into a specific partition by specifying its target partition as a part of a build rule.
  • Soong support. custom_images cannot be built using the Soong build system.
  • OTA update support. custom_images are used as factory ROM images that cannot be OTA-ed.

Maintaining ABIs between partitions

The /product partition in Android 9 is an extension of the /system partition. As there is weak ABI between /product and /system partitions, both must be upgraded at the same time and the ABI should be System SDK-based. If the System SDK doesn't cover all API surfaces between /product and /system, it is up to the OEM to maintain their own ABI between the two partitions.

The /product and /system partitions can have dependency on each other. However, tests with the Generic System Image (GSI) must work properly without the /product partition.

The /product partition must not have any dependency on /vendor partition and no direct interaction between the /product partition and the /vendor is permitted (enforced by SEpolicy).

Implementing product partitions

Before implementing a new product partition, review the related product partition changes in AOSP. Then, to set up /product, include the following board or product build flags.

  • BOARD_USES_PRODUCTIMAGE
  • BOARD_PRODUCTIMAGE_PARTITION_SIZE
  • BOARD_PRODUCTIMAGE_FILE_SYSTEM_TYPE
  • PRODUCT_PRODUCT_PROPERTIES for /product/build.prop. Should be within a $(call inherit-product path/to/device.mk), e.g., PRODUCT_PRODUCT_PROPERTIES += product.abc=ok.

Enabling verified boot

To prevent the /product partition from being tampered with by malicious software, you should enable Android Verified Boot (AVB) for that partition (just as you do for /vendor and /system partitions). To enable AVB, include the following build flags: BOARD_AVB_PRODUCT_ADD_HASHTREE_FOOTER_ARGS