summaryrefslogtreecommitdiffstats
path: root/Android.mk (follow)
Commit message (Collapse)AuthorAgeFilesLines
* libbootloader_message: convert to Android.bpTom Cherry2017-05-171-1/+0
| | | | | Test: build Change-Id: Ia0c2e141673e37eea29306817d2f4b2c944213b0
* Merge "otautil: Android.mk -> Android.bp"Treehugger Robot2017-05-101-1/+0
|\
| * otautil: Android.mk -> Android.bpSteven Moreland2017-05-101-1/+0
| | | | | | | | | | Test: flash and boot recovery on internal angler Change-Id: Id8845b4b422d0078b251333eb6d30ce14771ef10
* | recovery: Use libverifier instead of rebuilding the sources.Tao Bao2017-05-081-3/+1
|/ | | | | Test: mmma bootable/recovery Change-Id: Ie8cec009b00c121948179518ba9cbc26a82352bf
* fuse_sideload: Change the minimal block size to 4096.Tao Bao2017-05-031-1/+3
| | | | | | | | | | | | | | | | | | | run_fuse_sideload() is passing the block size as the max_read option, so it will only handle a request that involves at most two blocks at a time. However, the minimal allowed value was set to 1024 prior to this CL, which is inconsistent with the kernel code (fs/fuse/inode.c) that sets it to the greater of 4096 and the passed-in max_read option. This would fail the calls with a block size / max_read less than 4096 due to the wrongly computed block indices. Note that we didn't observe real issue in practice, because we have been using 64 KiB block sizes for both of adb and sdcard sideload calls. The issue only shows up in my local CL (to come later) that uses 1024 block size in run_fuse_sideload() tests. Test: recovery_component_test Test: adb sideload with the new recovery image on angler Change-Id: Id9f0cfea13d0d193dcb7cd41a1553a23739545f2
* libfusesideload: Clean up the CFLAGS for the module.Tao Bao2017-04-271-3/+2
| | | | | | | | Remove "-DADB_HOST=0" since it doesn't include adb related stuff. Test: mmma bootable/recovery Test: sideload on marlin Change-Id: Ia83a8edd31eedd803435d687513d561c873ffabe
* recovery: Remove the include of adb.h.Tao Bao2017-04-241-2/+0
| | | | | | | | | recovery.cpp doesn't have a direct dependency on adb.h (only minadbd does). 'adb.h' was once needed for DEFAULT_ADB_PORT, until being killed by commit acb2a2fa4c415944a27539461ba3757f3edbb128. Test: mmma bootable/recovery Change-Id: I84f87988d01c3f0c3d1383cc3cffde2e7d5e7aea
* librecovery: Remove -Wno-unused-parameter and add -Wall.Tao Bao2017-04-241-1/+1
| | | | | Test: mmma bootable/recovery Change-Id: I5598d32bebb9dbda4a183a1502e0b7dc4918392e
* Call libvintf to verify package compatibility.Tao Bao2017-04-201-0/+4
| | | | | | | | | | | | | The libvintf API has landed. Hook up to do the actual verification. Bug: 36597505 Test: recovery_component_test Test: m recoveryimage; adb sideload on angler and sailfish, with packages that contain dummy compatibility entries. Test: m recoveryimage; adb sideload on angler and sailfish, with packages that don't contain any compatibility entries. Change-Id: Idbd6f5aaef605ca51b20e667505d686de5ac781f (cherry picked from commit da320ac6ab53395ddff3cc08b88a61f977ed939a)
* Add the missing LOCAL_CFLAGS for librecovery.Tao Bao2017-04-181-0/+5
| | | | | | | | | | The -DAB_OTA_UDPATER part was missing when separating the librecovery module (commit 62e0bc7586077b3bde82759fb34b51b982cea20f). Bug: 37300957 Test: Build sailfish recovery image and sideload full OTA. Change-Id: Idd25662f6bc812c1aca95b096802f59b051f8d63 (cherry picked from commit 25dbe1717e3096ee59bfa4385cbcf80a972016a6)
* Verify the package compatibility with libvintf.Tao Bao2017-04-131-3/+21
| | | | | | | | | | | | | | | | verify_package_compatibility() is added to parse the compatibility entry (compatibility.zip) in a given OTA package. If entry is present, the information is sent to libvintf to check the compatibility. This CL doesn't actually call libvintf, since the API there is not available yet. Bug: 36597505 Test: Doesn't break the install with existing packages (i.e. w/o the compatibility entry). Test: recovery_component_test Change-Id: I3903ffa5f6ba33a5c0d761602ade6290c6752596 (cherry picked from commit 62e0bc7586077b3bde82759fb34b51b982cea20f)
* Boot control HAL based on the A/B headers.Alex Deymo2017-04-031-0/+1
| | | | | | | | | | | | | | The added bootctrl.bcb module implement the legacy interface for the bootctrl HAL based on the Boot Control Block (BCB) and the headers already specified in the booloader_message library. This serves as a reference implementation of the boot_control HAL. Bug: 32707546 Test: Tested internally that a device can use this HAL to flip slots and recovery from a /misc wipe. Change-Id: Ic02e5aaf4de7d0a1780eac4e8705dae20d0b3e10
* Log the error message when failing to mount/umount.Tao Bao2017-03-291-2/+4
| | | | | | Test: Observe the error messaage for a umount failure case. Bug: 36686818 Change-Id: I28e335c2df4454dd0192f95e3909599fcc9dc1c0
* Remove the dead #include's in verifier.cpp.Tao Bao2017-03-181-4/+1
| | | | | | | | | | A follow-up to commit 5e535014dd7961fbf812abeaa27f3339775031f1. Also clean up Android.mk, since libverifier no longer needs anything from libminui. Test: mmma bootable/recovery Test: recovery_component_test passes. Change-Id: I1c11e4bbeef67ca34a2054debf1f5b280d509217
* minui: Export minui/minui.h.Tao Bao2017-01-171-1/+5
| | | | | | | For libminui static and shared libraries. Test: build Change-Id: Ib30dc5e2ef4a3c8b3ca3a0cec68cb65e229a0c16
* Remove "_static" suffix from libsparseAlex Deymo2017-01-111-1/+1
| | | | | | Bug: 34220783 Change-Id: I358f931f0b29f5bd526e1475180e477e2e90b936
* Remove "_static" suffix from libext4_utils.Alex Deymo2017-01-111-1/+1
| | | | | Bug: 34220783 Change-Id: I34ccc3b11da0d1b48805967ad75b9ddade569930
* Merge "Cleanup the duplicates of logs rotation functions"Tianjie Xu2016-11-041-3/+8
|\ | | | | | | | | | | am: e2d05c5658 Change-Id: Ia63785d846ab05eca45ec1e548f7265d7feffdbb
| * Cleanup the duplicates of logs rotation functionsTianjie Xu2016-11-041-3/+8
| | | | | | | | | | | | | | | | Bug: 32067516 Test: Logs rotated successfully on angler, recovery-refresh/persist tests passed on an a/b device. Change-Id: Ie80adf0fa958ad3d7869d2d17f49489666b86c29
| * Create bootloader_message static library.Yabin Cui2016-10-181-6/+8
| | | | | | | | | | | | | | | | | | | | | | bootloader_messages merges bootloader_message_writer and bootloader.cpp, so we can use the same library to manage bootloader_message in normal boot and recovery mode. Bug: 29582118 Change-Id: I9efdf776ef8f02b53911ff43a518e035e0c29618 (cherry picked from commit 2f272c0551f984e83bc5abaf240e0dddb38a3326)
* | resolve merge conflicts of 6fba98c to stage-aosp-masterTianjie Xu2016-10-181-2/+3
|\| | | | | | | Change-Id: I2fa8b85109309ec88c1f8d8def593aa65ab885d7
| * Replace minzip with libziparchiveTianjie Xu2016-10-181-2/+3
| | | | | | | | | | | | | | | | | | | | | | Clean up the duplicated codes that handle the zip files in bootable/recovery; and rename the library of the remaining utility functions to libotautil. Test: Update package installed successfully on angler. Bug: 19472796 Change-Id: Iea8962fcf3004473cb0322b6bb3a9ea3ca7f679e
* | Merge "Update the header path for ext4_utils." am: 2bd94433f8 am: 00a9050815Tao Bao2016-10-111-4/+0
|\| | | | | | | | | | | am: 514dc15399 Change-Id: I38332f7eab24a49375ef0f410a3cd3d552749e06
| * Update the header path for ext4_utils.Tao Bao2016-10-091-4/+0
| | | | | | | | | | Test: `mmma bootable/recovery` Change-Id: I70ccddb3ddf46bb012fdc5f632afc46ebdd5473e
| * Disable the meaningless parts of the UI for A/B.Elliott Hughes2016-10-091-0/+4
| | | | | | | | | | | | | | Bug: http://b/28748484 Test: mmma bootable/recovery Change-Id: Ie86a265f4699503471e7c717d65677a916dbd25b (cherry picked from commit 01fcbe160bd49891c0680b80c5688cd4feb2adbc)
| * Turn on -Werror for recoveryTianjie Xu2016-09-301-1/+2
| | | | | | | | | | | | | | | | | | | | Also remove the 0xff comparison when validating the bootloader message fields. As the fields won't be erased to 0xff after we remove the MTD support. Bug: 28202046 Test: The recovery folder compiles for aosp_x86-eng Change-Id: Ibb30ea1b2b28676fb08c7e92a1e5f7b6ef3247ab
| * Switch recovery to libbase loggingTianjie Xu2016-09-011-1/+1
| | | | | | | | | | | | | | | | Clean up the recovery image and switch to libbase logging. Bug: 28191554 Change-Id: Icd999c3cc832f0639f204b5c36cea8afe303ad35 Merged-In: Icd999c3cc832f0639f204b5c36cea8afe303ad35
* | Turn on -Werror for recoveryTianjie Xu2016-09-301-1/+2
| | | | | | | | | | | | | | | | | | | | | | Also remove the 0xff comparison when validating the bootloader message fields. As the fields won't be erased to 0xff after we remove the MTD support. Bug: 28202046 Test: The recovery folder compiles for aosp_x86-eng Change-Id: Ibb30ea1b2b28676fb08c7e92a1e5f7b6ef3247ab (cherry picked from commit 7aa88748f6ec4e53333d1a15747bc44826ccc410)
* | Switch recovery to libbase loggingTianjie Xu2016-09-011-1/+1
| | | | | | | | | | | | | | | | Clean up the recovery image and switch to libbase logging. Bug: 28191554 Change-Id: Icd999c3cc832f0639f204b5c36cea8afe303ad35 (cherry picked from commit 747781433fb01f745529c7e9dd97c5599070ad0d)
* | Merge "Fix references to libcrypto_utils_static." am: b97da5e0f0 am: dc97404346Josh Gao2016-08-081-4/+4
|\| | | | | | | | | | | am: e6a4195bf7 Change-Id: Ib497de2a8e38d60cf6be058de919bd8f5e5871cb
| * Merge "Fix references to libcrypto_utils_static."Josh Gao2016-08-081-4/+4
| |\ | | | | | | | | | | | | | | | am: b97da5e0f0 Change-Id: Ia935df84e5ea36dfc6605b41872c36db69a114a0
| | * Fix references to libcrypto_utils_static.Josh Gao2016-08-061-4/+4
| | | | | | | | | | | | | | | Bug: http://b/30708454 Change-Id: I7a5048beff1d8b783a9683dcb4a79606a77f20ee
* | | resolve merge conflicts of 2f272c0 to nyc-mr1-dev-plus-aospYabin Cui2016-07-011-6/+8
|\ \ \ | | | | | | | | | | | | Change-Id: I889d94a723415ad2e660b8c99e66935142918bc4
| * | | Create bootloader_message static library.Yabin Cui2016-06-301-5/+7
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | bootloader_messages merges bootloader_message_writer and bootloader.cpp, so we can use the same library to manage bootloader_message in normal boot and recovery mode. Bug: 29582118 Change-Id: I9efdf776ef8f02b53911ff43a518e035e0c29618
* | | | resolve merge conflicts of 179c0d8 to stage-aosp-master am: 274d17dc0fElliott Hughes2016-06-161-9/+13
|\ \ \ \ | | |/ / | |/| | | | | | | | | | | | | | am: eaddde6888 Change-Id: I10d484d02389fa30cc8d8398bcf5b276de31432e
| * | | resolve merge conflicts of 179c0d8 to stage-aosp-masterElliott Hughes2016-06-161-9/+13
| |\ \ \ | | | |/ | | |/| | | | | Change-Id: Iba5aec266444cabf83f600f2bdb45a3c027e5995
| | * | Remove obsolete MTD support.Elliott Hughes2016-06-101-9/+13
| | | | | | | | | | | | | | | | | | | | Bug: http://b/29250988 Change-Id: Ia97ba9082a165c37f74d6e1c3f71a367adc59945
* | | | Disable the meaningless parts of the UI for A/B.Elliott Hughes2016-05-241-0/+4
|\ \ \ \ | |/ / / |/| | / | | |/ | |/| | | | | | | | | | | | | am: 01fcbe160b * commit '01fcbe160bd49891c0680b80c5688cd4feb2adbc': Disable the meaningless parts of the UI for A/B. Change-Id: I86466cac3623b62db07bf48a38428be715ac3d3a
| * | Disable the meaningless parts of the UI for A/B.Elliott Hughes2016-05-241-0/+4
| | | | | | | | | | | | | | | Bug: http://b/28748484 Change-Id: Ie86a265f4699503471e7c717d65677a916dbd25b
| * | Use BoringSSL instead of mincrypt to speed up package verification.Elliott Hughes2016-04-141-2/+3
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | This changes the verification code in bootable/recovery to use BoringSSL instead of mincrypt. Cherry-pick of 452df6d99c81c4eeee3d2c7b2171901e8b7bc54a, with merge conflict resolution, extra logging in verifier.cpp, and an increase in the hash chunk size from 4KiB to 1MiB. Bug: http://b/28135231 Change-Id: I1ed7efd52223dd6f6a4629cad187cbc383d5aa84
| * | recovery: use __android_log_pmsg_file_write for log filesMark Salyzyn2016-03-311-0/+24
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | (cherry-pick from commit a4f701af93a5a739f34823cde0c493dfbc63537a) - Add call to __android_log_pmsg_file_write for recovery logging. - Add call to refresh pmsg if we reboot back into recovery and then allow overwrite of those logs. - Add a new one-time executable recovery-refresh that refreshes pmsg in post-fs phase of init. We rely on pmsg eventually scrolling off to age the content after recovery-persist has done its job. - Add a new one-time executable recovery-persist that transfers from pmsg to /data/misc/recovery/ directory if /cache is not mounted in post-fs-data phase of init. - Build and appropriately trigger the above two as required if BOARD_CACHEIMAGE_PARTITION_SIZE is undefined. - Add some simple unit tests NB: Test failure is expected on systems that do not deliver either the recovery-persist or recovery-refresh executables, e.g. systems with /cache. Tests also require a timely reboot sequence of test to truly verify, tests provide guidance on stderr to direct. Bug: 27176738 Change-Id: I17bb95980234984f6b2087fd5941b0a3126b706b
* | | resolve merge conflicts of 2bf95ac to nyc-dev-plus-aospElliott Hughes2016-04-131-2/+4
|\ \ \ | | |/ | |/| | | | Change-Id: Iaf232fbe65879bad6e19c7a9600aa6303a491a67
| * | Convert recovery to use BoringSSL instead of mincrypt.Mattias Nissler2016-04-061-2/+4
| | | | | | | | | | | | | | | | | | | | | This changes the verification code in bootable/recovery to use BoringSSL instead of mincrypt. Change-Id: I37b37d84b22e81c32ac180cd1240c02150ddf3a7
* | | Merge "recovery: use __android_log_pmsg_file_write for log files" am: 75da771Mark Salyzyn2016-03-311-0/+24
|\| | | | | | | | | | | | | | | | | | | | | | | | | | am: 6f83130 * commit '6f83130d7acd85df89a80e691d3aa63bd2ceda39': recovery: use __android_log_pmsg_file_write for log files Change-Id: Id2e7a76bae8eb061f6f57249dd912f25cd6332c6
| * | recovery: use __android_log_pmsg_file_write for log filesMark Salyzyn2016-03-281-0/+24
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | - Add call to __android_log_pmsg_file_write for recovery logging. - Add call to refresh pmsg if we reboot back into recovery and then allow overwrite of those logs. - Add a new one-time executable recovery-refresh that refreshes pmsg in post-fs phase of init. We rely on pmsg eventually scrolling off to age the content after recovery-persist has done its job. - Add a new one-time executable recovery-persist that transfers from pmsg to /data/misc/recovery/ directory if /cache is not mounted in post-fs-data phase of init. - Build and appropriately trigger the above two as required if BOARD_CACHEIMAGE_PARTITION_SIZE is undefined. - Add some simple unit tests NB: Test failure is expected on systems that do not deliver either the recovery-persist or recovery-refresh executables, e.g. systems with /cache. Tests also require a timely reboot sequence of test to truly verify, tests provide guidance on stderr to direct. Bug: 27176738 Change-Id: I17bb95980234984f6b2087fd5941b0a3126b706b
* | | recovery: Move SwipeDetector into common locationPrashant Malani2016-03-181-0/+1
|\ \ \ | |/ / |/| / | |/ | | | | | | am: 9020e0f * commit '9020e0f141d1c26dcf8b6fa4212ee94b7891d53f': recovery: Move SwipeDetector into common location
| * recovery: Move SwipeDetector into common locationPrashant Malani2016-03-181-0/+1
| | | | | | | | | | | | | | | | | | | | | | | | The SwipeDetector class is used almost unchanged in all locations. This patch moves it into the recovery module, from which devices can reference it if required. The class is now renamed to WearSwipeDetector. Bug: 27407422 Change-Id: Ifd3c7069a287548b89b14ab5d6d2b90a298e0145
| * recovery: check battery level before installing package.Yabin Cui2016-02-231-0/+4
| | | | | | | | | | | | | | Bug: 26879394 Change-Id: I63dce5bc50c2e104129f1bcab7d3cad5682bf45d (cherry picked from commit 53e7a0628f4acc95481f556ba51800df4a1de37d)
| * Merge "Refactor existing tests to use gtest" am: 38b02cc6a0Tao Bao2016-02-051-19/+1
| |\ | | | | | | | | | | | | | | | | | | am: 9865c55254 * commit '9865c55254a1583e18a7e8ac502f2c2143ed8b82': Refactor existing tests to use gtest
| * | IO fault injection for OTA packagesJed Estep2016-01-061-0/+1
| | | | | | | | | | | | | | | Bug: 25951086 Change-Id: I31c74c735eb7a975b7f41fe2b2eff042e5699c0c
| * | Add update_verifier for A/B OTA update.Tao Bao2015-12-081-0/+1
| |\ \ | | | | | | | | | | | | | | | | | | | | | | | | am: 1171d3a12b * commit '1171d3a12b13ca3f1d4301985cf068076e55ae26': Add update_verifier for A/B OTA update.
| | * | Add update_verifier for A/B OTA update.Tao Bao2015-12-071-0/+1
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | update_verifier checks the integrity of the updated system and vendor partitions on the first boot post an A/B OTA update. It marks the current slot as having booted successfully if it passes the verification. This CL doesn't perform any actual verification work which will be addressed in follow-up CLs. Bug: 26039641 Change-Id: Ia5504ed25b799b48b5886c2fc68073a360127f42
| | * | Stop using libstdc++.Dan Albert2015-11-161-2/+0
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | These are already getting libc++, so it isn't necessary. If any of the other static libraries (such as adb) use new or delete from libc++, there will be symbol collisions. Change-Id: I55e43ec60006d3c2403122fa1174bde06f18e09f (cherry picked from commit e49a9e527a51f43db792263bb60bfc91293848da)
| | * | recovery: Switch to clangTao Bao2015-11-161-2/+4
| | | | | | | | | | | | | | | | | | | | | | | | | | | | And a few trival fixes to suppress warnings. Change-Id: Id28e3581aaca4bda59826afa80c0c1cdfb0442fc (cherry picked from commit 80e46e08de5f65702fa7f7cd3ef83f905d919bbc)
* | | | Fix the improper use of LOCAL_WHOLE_STATIC_LIBRARIES.Tao Bao2016-03-031-3/+6
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | If two libraries both use LOCAL_WHOLE_STATIC_LIBRARIES and include a same library, there would be linking errors when generating a shared library (or executable) that depends on the two libraries both. Also clean up Android.mk files. Remove the "LOCAL_MODULE_TAGS := eng" line for the updater module. The module will then default to "optional" which won't be built until needed. Change-Id: I3ec227109b8aa744b7568e7f82f575aae3fe0e6f
* | | | recovery: check battery level before installing package.Yabin Cui2016-02-201-0/+4
| | | | | | | | | | | | | | | | | | | | | | | | Bug: 26879394 Change-Id: I63dce5bc50c2e104129f1bcab7d3cad5682bf45d
* | | | IO fault injection for OTA packagesJed Estep2016-02-101-0/+1
| |_|/ |/| | | | | | | | | | | | | | Bug: 25951086 Change-Id: I31c74c735eb7a975b7f41fe2b2eff042e5699c0c (cherry-picked from commit f1fc48c6e62cfee42d25ad12f443e22d50c15d0b)
* | | Refactor existing tests to use gtestJed Estep2016-02-041-19/+1
| | | | | | | | | | | | | | | Bug: 26962907 Change-Id: I5f80636af1740badeff7d08193f08e23f4e4fee1
* | | Add update_verifier for A/B OTA update.Tao Bao2015-12-081-0/+1
|/ / | | | | | | | | | | | | | | | | | | | | | | | | update_verifier checks the integrity of the updated system and vendor partitions on the first boot post an A/B OTA update. It marks the current slot as having booted successfully if it passes the verification. This CL doesn't perform any actual verification work which will be addressed in follow-up CLs. Bug: 26039641 Change-Id: Ia5504ed25b799b48b5886c2fc68073a360127f42 (cherry picked from commit 1171d3a12b13ca3f1d4301985cf068076e55ae26)
* | Merge "recovery: Depend on mkfs.f2fs only if needed."Tao Bao2015-10-281-0/+2
|\ \ | | | | | | | | | | | | | | | | | | am: a412198699 * commit 'a4121986990d7dde7918252a96d87e4c3c11c13c': recovery: Depend on mkfs.f2fs only if needed.
| * | recovery: Depend on mkfs.f2fs only if needed.Tao Bao2015-10-281-0/+2
| | | | | | | | | | | | | | | | | | Don't build mkfs.f2fs unless device defines TARGET_USERIMAGES_USE_F2FS. Change-Id: Ifac592c30315bbe7590c8fbf3a0844e6a7a31a1a
| * | recovery: Switch fuse_* to C++.Tao Bao2015-07-201-2/+2
| | | | | | | | | | | | Change-Id: I68770ad1a9e99caee292f8010cfd37dfea3acc64
* | | am 337db14f: recovery: Factor out wear_ui.{cpp,h} into bootable/recovery.Tao Bao2015-08-251-0/+1
|\ \ \ | | |/ | |/| | | | | | | * commit '337db14f274fc73dd540aa71d2c21c431fe686ec': recovery: Factor out wear_ui.{cpp,h} into bootable/recovery.
| * | recovery: Factor out wear_ui.{cpp,h} into bootable/recovery.Tao Bao2015-08-251-0/+1
| | | | | | | | | | | | | | | | | | | | | | | | | | | Every watch has a (mostly identical) copy of the wear_ui. Factor them out into a single copy for easier maintenance. Device-specific settings should be defined in recovery_ui.cpp that inherits WearRecoveryUI class. Bug: 22451422 Change-Id: Id07efca37d1b1d330e6327506c7b73ccf6ae9241
* | | recovery: Switch fuse_* to C++.Tao Bao2015-07-241-2/+2
| |/ |/| | | | | | | Change-Id: Id50c3e6febd0ab61f10a654b9b265cf21a2d1701 (cherry picked from commit 71dc365f25676cfb3f62dbb7163697a8c3c5243d)
* | recovery: Switch to clangTao Bao2015-06-031-2/+4
| | | | | | | | | | | | And a few trival fixes to suppress warnings. Change-Id: I38734b5f4434643e85feab25f4807b46a45d8d65
* | Stop using libstdc++.Dan Albert2015-05-191-2/+0
|/ | | | | | | | These are already getting libc++, so it isn't necessary. If any of the other static libraries (such as adb) use new or delete from libc++, there will be symbol collisions. Change-Id: I55e43ec60006d3c2403122fa1174bde06f18e09f
* Move the menu header out of the menu.Elliott Hughes2015-04-141-0/+1
| | | | | | | | | | | This makes it easier for us to deal with arbitrary information at the top, and means that headers added by specific commands don't overwrite the default ones. Add the fingerprint back, but broken up so it fits even on sprout's display. Change-Id: Id71da79ab1aa455a611d72756a3100a97ceb4c1c
* Move "Mount /system" to the main menu.Elliott Hughes2015-04-101-1/+0
| | | | | | | Everyone's adding secret key combinations for this anyway, and it's very useful when debugging. Change-Id: Iad549452b872a7af963dd649f283ebcd3ea24234
* Move default implementations into Device.Elliott Hughes2015-04-091-5/+6
| | | | | | | | | | | | The current abstract class was a nice idea but has led to a lot of copy & paste in practice. Right now, no one we know of has any extra menu items, so let's make the default menu available to everyone. (If we assume that someone somewhere really does need custom device-specific menu options, a better API would let them add to our menu rather than replacing it.) Change-Id: I59f6a92f3ecd830c2ce78ce9da19eaaf472c5dfa
* Install the recovery binary directly to the recovery image.Ying Wang2015-03-101-5/+1
| | | | | | | | This eliminated the previous hack, that doesn't work reliably with the "LOCAL_REQUIRED_MODULES := mkfs.f2fs". Bug: 19666886 Change-Id: I1f0a2d41129f402c0165f3b86b6fda077291f282
* Kill of most of the remainder of minadbd.Dan Albert2015-02-201-1/+0
| | | | | | | | I think everything left now is here to stay (services.c might get massaged in to libadbd if it gets refactored). Bug: 17626262 Change-Id: I01faf8b277a601a40e3a0f4c3b8206c97f1d2ce6
* Use headers from adb.Dan Albert2015-02-191-3/+4
| | | | | | | adb.h has diverged a bit, so that one will be more involved, but these three are all trivial, unimportant changes. Change-Id: Ief8474c1c2927d7e955adf04f887c76ab37077a6
* Lose USB transport code to libadb.Dan Albert2015-02-191-1/+1
| | | | | Bug: 17626262 Change-Id: If41031ba20a3a75fa510f155c654a482b47e409d
* Merge "Fix build when TARGET_USERIMAGES_USE_EXT4 is not defined"Elliott Hughes2015-02-111-1/+3
|\
| * Fix build when TARGET_USERIMAGES_USE_EXT4 is not definedAdrien Grassein2014-11-071-1/+3
| | | | | | | | | | | | The cryptfs.h files is always included, but its path is only included when TARGET_USERIMAGES_USE_EXT4 is defined. Change-Id: Iec6aa4601a56a1feac456a21a53a08557dc1d00d
* | Merge "Start losing code to libadb."Dan Albert2015-01-271-0/+1
|\ \
| * | Start losing code to libadb.Dan Albert2014-11-251-0/+1
| |/ | | | | | | | | Bug: 17626262 Change-Id: I8ce7cff2b7789f39f35a4211d7120d072c05a863
* / Remove superfluous OpenSSL include paths.Adam Langley2015-01-231-1/+0
|/ | | | | | | | This include path was needed because system/vold/cryptfs.h included an OpenSSL header just to get the length of a SHA-256 hash. This has been fixed in https://android-review.googlesource.com/#/c/124477/1. Change-Id: I06a8ba0ee5b9efcc3260598f07d9819f065711de
* do sdcard sideloading through the fuse filesystemDoug Zongker2014-07-101-1/+2
| | | | | | | | | Make a fuse filesystem that sits on top of the selected package file on the sdcard, so we can verify that the file contents don't change while being read and avoid copying the file to /tmp (that is, RAM) before verifying and installing it. Change-Id: Ifd982aa68bfe469eda5f839042648654bf7386a1
* refactor fuse sideloading codeDoug Zongker2014-07-101-0/+13
| | | | | | | | | Split the adb-specific portions (fetching a block from the adb host and closing the connections) out from the rest of the FUSE filesystem code, so that we can reuse the fuse stuff for installing off sdcards as well. Change-Id: I0ba385fd35999c5f5cad27842bc82024a264dd14
* Use LOCAL_REQUIRED_MODULES for mkfs.f2fsJi-Hwan Lee2014-06-181-5/+3
| | | | | | Instead of LOCAL_ADDITIONAL_DEPENDENCIES. Bug: 15702524 Change-Id: Ic152ae60354bf09eccdb9a85dcd04f0f076a6422
* Support F2FS for the data partitionJP Abgrall2014-06-171-0/+6
| | | | | | | | | | | | This adds F2FS support - for wiping a device - for the install "format" command. Note: crypto data in "footer" with a default/negative length is not supported, unlike with "ext4". Change-Id: I8d141a0d4d14df9fe84d3b131484e9696fcd8870 Signed-off-by: JP Abgrall <jpa@google.com>
* Merge "Fix build break caused by vold change"Paul Lawrence2014-03-211-0/+1
|\
| * Fix build break caused by vold changePaul Lawrence2014-03-031-0/+1
| | | | | | | | | | | | cryptfs.h now includes sha header from libcrypto folder Change-Id: Icd02c88971aedf96040c3bd9ca759e531546023b
* | remove pixelflinger from recoveryDoug Zongker2014-03-111-1/+0
|/ | | | | | | | | | | | | | | | Recovery now draws directly to the framebuffer by rolling its own graphics code, rather than depending on libpixelflinger. The recovery UI is modified slightly to eliminate operations that are slow with the software implementation: when the text display / menu is turned on, it now appears on a black background instead of a dimmed version of the recovery icon. There's probably substantial room for optimization of the graphics operations. Bug: 12131110 Change-Id: Iab6520e0a7aaec39e2ce39377c10aef82ae0c595
* clean up some warnings when building recoveryDoug Zongker2014-02-141-0/+2
| | | | Change-Id: I1541534ee6978ddf8d548433986679ce9507d508
* remove 'retouch' ASLR supportDoug Zongker2014-02-141-1/+0
| | | | | | | | Older versions of android supported an ASLR system where binaries were randomly twiddled at OTA install time. Remove support for this; we now use the ASLR support in the linux kernel. Change-Id: I8348eb0d6424692668dc1a00e2416fbef6c158a2
* program to store unencrypted files in an encrypted filesystemDoug Zongker2014-01-161-0/+1
| | | | | | | | | | | | | | | uncrypt can read a file on an encrypted filesystem and rewrite it to the same blocks on the underlying (unencrypted) block device. This destroys the contents of the file as far as the encrypted filesystem is concerned, but allows the data to be read without the encryption key if you know which blocks of the raw device to access. uncrypt produces a "block map" file which lists the blocks that contain the file. For unencrypted filesystem, uncrypt will produce the block map without touching the data. Bug: 12188746 Change-Id: Ib7259b9e14dac8af406796b429d58378a00c7c63
* do verification and extraction on memory, not filesDoug Zongker2014-01-161-0/+1
| | | | | | | | | | | | | | | | Changes minzip and recovery's file signature verification to work on memory regions, rather than files. For packages which are regular files, install.cpp now mmap()s them into memory and then passes the mapped memory to the verifier and to the minzip library. Support for files which are raw block maps (which will be used when we have packages written to encrypted data partitions) is present but largely untested so far. Bug: 12188746 Change-Id: I12cc3e809834745a489dd9d4ceb558cbccdc3f71
* recovery: wipe encryption metadata along with data partitionDoug Zongker2013-12-131-1/+1
| | | | | | | | | This assumes that the metadata is correctly defined in fstab. Which apparently some devices don't do. Bug: 8766487 Bug: 12112624 Change-Id: I1b14b9d4c888e9348527984be3dce04bdd9f4de0
* am fc7eab96: am f4a6ab27: Merge "Add support for ECDSA signatures"Kenny Root2013-10-141-1/+10
|\ | | | | | | | | * commit 'fc7eab961f9dc85ee88e8c37ca1dc31a7f7b8331': Add support for ECDSA signatures
| * Add support for ECDSA signaturesKenny Root2013-10-101-1/+10
| | | | | | | | | | | | | | | | This adds support for key version 5 which is an EC key using the NIST P-256 curve parameters. OTAs may be signed with these keys using the ECDSA signature algorithm with SHA-256. Change-Id: Id88672a3deb70681c78d5ea0d739e10f839e4567
* | allow CheckKey to request mounting /systemDoug Zongker2013-09-051-0/+1
|/ | | | | | | Also provide a default implementation of CheckKey that's reasonable for many devices (those that have power and volume keys). Change-Id: Icf6c7746ebd866152d402059dbd27fd16bd51ff8
* Add liblogYing Wang2013-04-101-0/+1
| | | | | Bug: 8580410 Change-Id: Ie60dade81c06589cb0daee431611ded34adef8e6
* Move to using the new unified fstab in recovery.Ken Sumrall2013-02-201-0/+2
| | | | | | | Instead of reading it's own fstab, have recovery invoke fs_mgr to read the unified fstab. Change-Id: I80c75d2c53b809ac60a4a69f0ef7ebfa707c39e9
* resolved conflicts for merge of 78afed1c to jb-mr1-dev-plus-aospKenny Root2012-10-171-12/+1
|\ | | | | | | Change-Id: I861e3a6aa07c448909b2ae54618bba178bd6e457
| * Remove HAVE_SELINUX guardsKenny Root2012-10-161-12/+1
| | | | | | | | Change-Id: Ia96201f20f7838d7d9e8926208977d3f8318ced4
* | Add libm due to libpng dependency.Stephen Hines2012-08-241-0/+1
|/ | | | Change-Id: I0bdc2df5ef358813587f613a1b50eaa850e95782
* Use the static version of libsparseJoe Onorato2012-07-241-1/+1
| | | | Change-Id: I664f8dc7939f8f902e4775eaaf6476fcd4ab8ed2
* Multiple modules with the same name are going away.Joe Onorato2012-07-221-35/+59
| | | | Change-Id: I4154db066865d6031caa3c2c3b94064b2f28076e
* Link against libsparseColin Cross2012-07-181-2/+2
| | | | | | libext4_utils requires libsparse, link against it as well. Change-Id: I4d6aec0e5edcf1ed42118b7b77adcded2858d3dd
* resolved conflicts for merge of 0b1fee1b to masterKenny Root2012-03-311-0/+12
|\ | | | | | | Change-Id: I2e8298ff5988a96754f56f80a5186c9605ad9928
| * Extend recovery and updater to support setting file security contexts.Stephen Smalley2012-03-301-1/+2
| | | | | | | | | | | | | | Extend minzip, recovery, and updater to set the security context on files based on the file_contexts configuration included in the package. Change-Id: Ied379f266a16c64f2b4dca15dc39b98fcce16f29
| * Add libselinux to LOCAL_STATIC_LIBRARIES wherever libext4_utils is used.Stephen Smalley2012-01-241-0/+11
| | | | | | | | | | | | | | libext4_utils now calls libselinux in order to determine the file security context to set on files when creating ext4 images. Change-Id: I09fb9d563d22ee106bf100eacd4cd9c6300b1152
* | libz is a superset of libunz, so we don't need both.Elliott Hughes2012-01-311-2/+2
| | | | | | | | Change-Id: I082995c338feaf5d11288300768624cd51b027a4
* | support "sideload over ADB" modeDoug Zongker2012-01-101-2/+4
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Rather than depending on the existence of some place to store a file that is accessible to users on an an unbootable device (eg, a physical sdcard, external USB drive, etc.), add support for sideloading packages sent to the device with adb. This change adds a "minimal adbd" which supports nothing but receiving a package over adb (with the "adb sideload" command) and storing it to a fixed filename in the /tmp ramdisk, from where it can be verified and sideloaded in the usual way. This should be leave available even on locked user-build devices. The user can select "apply package from ADB" from the recovery menu, which starts minimal-adb mode (shutting down any real adbd that may be running). Once minimal-adb has received a package it exits (restarting real adbd if appropriate) and then verification and installation of the received package proceeds. Change-Id: I6fe13161ca064a98d06fa32104e1f432826582f5
* | move key processing to RecoveryUIDoug Zongker2011-11-041-2/+3
| | | | | | | | | | | | | | | | | | Move the key for handling keys from ScreenRecoveryUI to RecoveryUI, so it can be used by devices without screens. Remove the UIParameters struct and replace it with some new member variables in ScreenRecoveryUI. Change-Id: I70094ecbc4acbf76ce44d5b5ec2036c36bdc3414
* | C++ class for device-specific codeDoug Zongker2011-10-311-7/+7
| | | | | | | | | | | | | | | | | | | | Replace the device-specific functions with a class. Move some of the key handling (for log visibility toggling and rebooting) into the UI class. Fix up the key handling so there is less crosstalk between the immediate keys and the queued keys (an increasing annoyance on button-limited devices). Change-Id: I698f6fd21c67a1e55429312a0484b6c393cad46f
* | temporarily remove verifier_test binaryDoug Zongker2011-10-311-6/+6
| | | | | | | | Change-Id: I61f249861b27180225fb786901275d2da611531b
* | refactor ui functions into a classDoug Zongker2011-10-311-1/+1
| | | | | | | | | | | | | | | | | | | | | | Move all the functions in ui.c to be members of a ScreenRecoveryUI class, which is a subclass of an abstract RecoveryUI class. Recovery then creates a global singleton instance of this class and then invoke the methods to drive the UI. We use this to allow substitution of a different RecoveryUI implementation for devices with radically different form factors (eg, that don't have a screen). Change-Id: I76bdd34eca506149f4cc07685df6a4890473f3d9
* | turn recovery into a C++ binaryDoug Zongker2011-10-311-7/+7
|/ | | | Change-Id: I423a23581048d451d53eef46e5f5eac485b77555
* Remove the simulator target from all makefiles.Jeff Brown2011-07-121-4/+0
| | | | | | Bug: 5010576 Change-Id: Ib465fdb42c8621899bea15c04a427d7ab1641a8c
* Fix x86 build.Ying Wang2011-02-091-3/+0
| | | | Change-Id: Iada6268b0a72ee832113ea397334cc7950a37051
* remove encrypted filesystem code from recoveryDoug Zongker2011-01-181-2/+1
| | | | | | | This was never used; encrypted filesystems are being done a different way now. Change-Id: I519c57b9be44d001f0b81516af7bfc252069892b
* remove the notion of "root path"; support mixed flash typesDoug Zongker2010-09-211-2/+3
| | | | | | | | | | | | Remove the wacky notion of "roots" and "root paths" (those things that look like "FOO:some/path" instead of just "/foo/some/path"). Let each device specify its own table of available partitions and how to mount them (needed for devices that use both MTD/yaffs2 and EMMC/ext4 partitions). (Cherrypicked from gingerbread w/slight edits.) Change-Id: I2479ce76b13e73f1d12035c89386c3a82b3edf51
* Working ASLR implementationHristo Bojinov2010-08-021-0/+1
| | | | | | | | | | Separate files for retouch functionality are in minelf/* ASLR for shared libraries is controlled by "-a" in ota_from_target_files. Binary files are self-contained. Retouch logic can recover from crashes. Signed-off-by: Hristo Bojinov <hristo@google.com> Change-Id: I76c596abf4febd68c14f9d807ac62e8751e0b1bd
* support userdata and cache partitions using emmc/ext4 instead of mtd/yaffsDoug Zongker2010-06-301-1/+8
| | | | Change-Id: I827af624c9ec7c64decb702de8c0310cf19b4141
* Encrypted File Systems part 3. Recovery changes.Oscar Montemayor2010-03-151-1/+1
| | | | Change-Id: I932f73a6f937aac061128e1134eab08c30f0471d
* relocate applypatch; add type system and new functions to edifyDoug Zongker2010-02-181-0/+1
| | | | | | | | | | | | | | | | | | | | | | | | | - Move applypatch to this package (from build). - Add a rudimentary type system to edify: instead of just returning a char*, functions now return a Value*, which is a struct that can carry different types of value (currently just STRING and BLOB). Convert all functions to this new scheme. - Change the one-argument form of package_extract_file to return a Value of the new BLOB type. - Add read_file() to load a local file and return a blob, and sha1_check() to test a blob (or string) against a set of possible sha1s. read_file() uses the file-loading code from applypatch so it can read MTD partitions as well. This is the start of better integration between applypatch and the rest of edify. b/2361316 - VZW Issue PP628: Continuous reset to Droid logo: framework-res.apk update failed (CR LIBtt59130) Change-Id: Ibd038074749a4d515de1f115c498c6c589ee91e5
* bump updater API version to 3; deprecate firmware update commandDoug Zongker2010-02-031-2/+1
| | | | | | | | | Remove support for the HTC-specific "firmware" update command and the corresponding edify function write_firmware_update(). This functionality is now done by an edify extension library that lives in vendor/htc. Change-Id: I80858951ff10ed8dfff98aefb796bef009e05efb
* am 9b430e11: am 73ae31ce: add a simple unit test for the OTA package verifierDoug Zongker2009-12-111-0/+16
|\ | | | | | | | | | | | | Merge commit '9b430e11d6c4fb907d0aa96667142e2c00585e09' * commit '9b430e11d6c4fb907d0aa96667142e2c00585e09': add a simple unit test for the OTA package verifier
| * add a simple unit test for the OTA package verifierDoug Zongker2009-12-101-0/+16
| |
* | Recovery changes for Encrypted File Systems.Oscar Montemayor2009-12-101-8/+9
|/ | | | This change enables/disables the Encrypted file systems feature. It reads some properties form the data partition, wipes the partition out, and then rewrites the proper properties again into the data partition to signal that encrypted FS are enabled.
* resolved conflicts for merge of 64893ccc to masterDoug Zongker2009-07-161-3/+1
|\
| * remove amendDoug Zongker2009-07-151-3/+1
| | | | | | | | | | | | | | | | Yank all the code to install OTA packages out of the recovery binary itself. Now packages are installed by a binary included in the package (run as a child of recovery), so we can make improvements in the installation process without waiting for a new release to use them.
* | resolved conflicts for merge of fb2e3af3 to masterDoug Zongker2009-06-181-0/+3
|\|
| * let the "firmware" command take the file straight from the packageDoug Zongker2009-06-181-0/+3
| | | | | | | | | | | | | | | | To do a firmware-install-on-reboot, the update binary tells recovery what file to install before rebooting. Let this file be specified as "PACKAGE:<foo>" to indicate taking the file out of the OTA package, avoiding an extra copy to /tmp. Bump the API version number to reflect this change.
| * fix sim build in donut, tooDoug Zongker2009-06-121-4/+4
| |
* | am 9931f7f3: edify extensions for OTA package installation, part 1Doug Zongker2009-06-121-0/+2
|\| | | | | | | | | | | | | Merge commit '9931f7f3c1288171319e9ff7d053ebaad07db720' * commit '9931f7f3c1288171319e9ff7d053ebaad07db720': edify extensions for OTA package installation, part 1
| * edify extensions for OTA package installation, part 1Doug Zongker2009-06-121-0/+2
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Adds the following edify functions: mount unmount format show_progress delete delete_recursive package_extract symlink set_perm set_perm_recursive This set is enough to extract and install the system part of a (full) OTA package. Adds the updater binary that extracts an edify script from the OTA package and then executes it. Minor changes to the edify core (adds a sleep() builtin for debugging, adds "." to the set of characters that can appear in an unquoted string).
| * AI 144130: Don't build OTA package keys into the recovery binary; readDoug Zongker2009-04-021-13/+0
| | | | | | | | | | | | | | them from an external file in the recovery image. Use the test-keys for all builds. Automated import of CL 144130
| * AI 143128: Use PNG instead of BMP for recovery image icons. This savesDoug Zongker2009-03-271-1/+1
| | | | | | | | | | | | about 60k from the recovery and system images. Automated import of CL 143128
* | fix simulator build by excluding more of recoveryDoug Zongker2009-06-121-3/+4
| |
* | split out device-specific recovery UI code into vendor directoriesDoug Zongker2009-06-111-6/+11
| | | | | | | | | | | | | | | | | | Take some device-specific details of the recovery UI (eg, what keys to press to bring up the interface and perform actions, exact text of the menu, etc.) and split them out into separate C functions. Arrange to take implementations of those functions from the appropriate vendor directory at build time. Provide a default implementation in case no vendor-specific one is available.
* | AI 144132: am: CL 144130 Don't build OTA package keys into the recovery binary; readDoug Zongker2009-04-021-13/+0
| | | | | | | | | | | | | | | | | | them from an external file in the recovery image. Use the test-keys for all builds. Original author: dougz Merged from: //branches/donutburger/... Automated import of CL 144132
* | AI 143289: am: CL 143128 Use PNG instead of BMP for recovery image icons. This savesDoug Zongker2009-03-281-1/+1
|/ | | | | | | | about 60k from the recovery and system images. Original author: dougz Merged from: //branches/donutburger/... Automated import of CL 143289
* auto import from //depot/cupcake/@135843The Android Open Source Project2009-03-041-0/+60
|
* auto import from //depot/cupcake/@135843The Android Open Source Project2009-03-041-60/+0
|
* Code drop from //branches/cupcake/...@124589The Android Open Source Project2008-12-181-0/+3
|
* Initial ContributionThe Android Open Source Project2008-10-211-0/+57