summaryrefslogtreecommitdiffstats
path: root/update_verifier/Android.mk (unfollow)
Commit message (Collapse)AuthorFilesLines
2017-05-24update_verifier: Support AVB.David Zeuthen1-0/+4
When using AVB, PRODUCT_SUPPORTS_VERITY is not set so check for BOARD_ENABLE_AVB as well. Also AVB sets up the root filesystem as 'vroot' so map that to 'system' since this is what is expected. Managed to test at least that the code is at least compiled in: $ fastboot --set-active=_a Setting current slot to 'a'... OKAY [ 0.023s] finished. total time: 0.023s $ fastboot reboot rebooting... finished. total time: 0.050s $ adb wait-for-device $ adb logcat |grep update_verifier 03-04 05:28:56.773 630 630 I /system/bin/update_verifier: Started with arg 1: nonencrypted 03-04 05:28:56.776 630 630 I /system/bin/update_verifier: Booting slot 0: isSlotMarkedSuccessful=0 03-04 05:28:56.776 630 630 W /system/bin/update_verifier: Failed to open /data/ota_package/care_map.txt: No such file or directory 03-04 05:28:56.788 630 630 I /system/bin/update_verifier: Marked slot 0 as booted successfully. 03-04 05:28:56.788 630 630 I /system/bin/update_verifier: Leaving update_verifier. Bug: None Test: Manually tested on device using AVB bootloader. Change-Id: I13c0fe1cc5d0f397e36f5e62fcc05c8dfee5fd85
2017-04-27Separate libupdate_verifier module and add testcases.Tao Bao1-8/+34
Enable -Wall and expose verify_image() for testing purpose. Test: mmma bootable/recovery Test: recovery_component_test Change-Id: I1ee1db2a775bafdc1112e25a1bc7194d8d6aee4f
2017-03-29update_verifier: raise priority and ioprio and start with exec_startTom Cherry1-0/+2
Raise the priority and ioprio of update_verifier and launch with exec_start. This saves ~100ms of time before `class_start main` is executed. Bug: 36511808 Bug: 36102163 Test: Boot bullhead Test: Verify boottime decrease on sailfish Change-Id: I944a6c0d4368ead5b99171f49142da2523ed1bdd
2017-03-11update_verifier: Set the success flag if dm-verity is not enabled.Tao Bao1-0/+4
For devices that are not using dm-verity, update_verifier can't verify anything, but to mark the successfully booted flag unconditionally. Test: Successfully-booted flag is set on devices w/o dm-verity. Test: Successfully-booted flag is set after verification on devices w/ dm-verity. Change-Id: I79ab2caec2d4284aad0d66dd161adabebde175b6
2016-11-21Switch update verifier to HIDL HALConnor O'Brien1-1/+4
Test: UV logs show success in both binderized and passthrough modes. Bug: 31864052 Change-Id: Ied67a52c458dba7fe600e0fe7eca84db1a9f2587 Signed-off-by: Connor O'Brien <connoro@google.com>
2016-11-19update_verifier: Sync Android.mk with aosp-master.Tao Bao1-2/+6
It's out of sync due to the cherry-pick in commit d007cf2da29f05eee002dd33e6c04262f709b274. Test: mmma bootable/recovery Change-Id: I286fe89c4c7d09de3a06d09f9a2b0cdecef326f5
2016-11-18Revert "Convert update_verifier to boot HIDL HAL"Connor O'Brien1-8/+1
This reverts commit 86199a47e18942c49423b04eb1f3deacd6072849. Bug: 32973182 Change-Id: If3eab18cc2e810446da447fadfd0fb44c02b771b
2016-11-18Revert "Convert update_verifier to boot HIDL HAL"Connor O'Brien1-4/+1
This reverts commit f50593c447faf8415615b5dea2666d7f0f24a0fb. Bug: 32973182 Change-Id: I5b14a812671ea02575cb452242ff1a6f05edb9c1
2016-11-17Convert update_verifier to boot HIDL HALConnor O'Brien1-1/+8
Test: Flashed device and confirmed update_verifier runs successfully Change-Id: I5bce4ece1e3ba98f57299c9cf469a5e2a5226ff2 Signed-off-by: Connor O'Brien <connoro@google.com>
2016-11-16Convert update_verifier to boot HIDL HALConnor O'Brien1-1/+4
Test: Flashed device and confirmed update_verifier runs successfully Change-Id: I5bce4ece1e3ba98f57299c9cf469a5e2a5226ff2 Merged-In: I5bce4ece1e3ba98f57299c9cf469a5e2a5226ff2 Signed-off-by: Connor O'Brien <connoro@google.com>
2016-11-09Touch blocks in care_map in update_verifierTianjie Xu1-1/+8
Read all blocks in system and vendor partition during boot time so that dm-verity could verify this partition is properly flashed. Bug: 27175949 Change-Id: I38ff7b18ee4f2733e639b89633d36f5ed551c989 Test: mma (cherry picked from commit 03ca853a1c8b974152b7c56cb887ac2f36cfd833) (cherry picked from commit 4bbe0c93c80789891d54a74424731caffda0d0db) (Fix a typo when comparing the verity mode) (cherry picked from commit da654af606d700c0a467c27025fb7f6ef745936d) (Skip update verification if care_map is not found)
2016-09-30Turn on -Werror for recoveryTianjie Xu1-0/+1
Also remove the 0xff comparison when validating the bootloader message fields. As the fields won't be erased to 0xff after we remove the MTD support. Bug: 28202046 Test: The recovery folder compiles for aosp_x86-eng Change-Id: Ibb30ea1b2b28676fb08c7e92a1e5f7b6ef3247ab (cherry picked from commit 7aa88748f6ec4e53333d1a15747bc44826ccc410)
2016-09-30Turn on -Werror for recoveryTianjie Xu1-0/+1
Also remove the 0xff comparison when validating the bootloader message fields. As the fields won't be erased to 0xff after we remove the MTD support. Bug: 28202046 Test: The recovery folder compiles for aosp_x86-eng Change-Id: Ibb30ea1b2b28676fb08c7e92a1e5f7b6ef3247ab
2016-09-01Switch recovery to libbase loggingTianjie Xu1-1/+1
Clean up the recovery image and switch to libbase logging. Bug: 28191554 Change-Id: Icd999c3cc832f0639f204b5c36cea8afe303ad35 Merged-In: Icd999c3cc832f0639f204b5c36cea8afe303ad35
2016-07-14Touch blocks in care_map in update_verifierTianjie Xu1-1/+4
Read all blocks in system and vendor partition during boot time so that dm-verity could verify this partition is properly flashed. Bug: 27175949 Change-Id: I38ff7b18ee4f2733e639b89633d36f5ed551c989
2015-12-08update_verifier: Log to logd instead of kernel log.Tao Bao1-1/+1
logd already gets started before we call update_verifier. Bug: 26039641 Change-Id: If00669a77bf9a6e5534e33f4e50b42eabba2667a (cherry picked from commit 45eac58ef188679f6df2d80efc0391c6d7904cd8)
2015-12-08Add update_verifier for A/B OTA update.Tao Bao1-11/+4
update_verifier checks the integrity of the updated system and vendor partitions on the first boot post an A/B OTA update. It marks the current slot as having booted successfully if it passes the verification. This CL doesn't perform any actual verification work which will be addressed in follow-up CLs. Bug: 26039641 Change-Id: Ia5504ed25b799b48b5886c2fc68073a360127f42 (cherry picked from commit 1171d3a12b13ca3f1d4301985cf068076e55ae26)
2015-11-16recovery: Switch to clangTao Bao1-0/+2
And a few trival fixes to suppress warnings. Change-Id: Id28e3581aaca4bda59826afa80c0c1cdfb0442fc (cherry picked from commit 80e46e08de5f65702fa7f7cd3ef83f905d919bbc)
2015-09-04move uncrypt from init.rc to uncrypt.rcTom Cherry1-0/+2
Move uncrypt from /init.rc to /system/etc/init/uncrypt.rc using the LOCAL_INIT_RC mechanism Bug 23186545 Change-Id: Ib8cb6dffd2212f524298279787fd557bc84aa7b9
2015-08-10Use unique_ptr and unique_fd to manager FDs.Tao Bao1-0/+2
Clean up leaky file descriptors in uncrypt/uncrypt.cpp. Add unique_fd for open() and unique_file for fopen() to close FDs on destruction. Bug: 21496020 Change-Id: I0174db0de9d5f59cd43b44757b8ef0f5912c91a2
2015-06-10Separate uncrypt into two modesTao Bao1-1/+1
uncrypt needs to be triggered to prepare the OTA package before rebooting into the recovery. Separate uncrypt into two modes. In mode 1, it uncrypts the OTA package, but will not reboot the device. In mode 2, it wipes the /misc partition and reboots. Needs matching changes in frameworks/base, system/core and external/sepolicy to work properly. Bug: 20012567 Bug: 20949086 (cherry picked from commit 158e11d6738a751b754d09df7275add589c31191) Change-Id: I349f6d368a0d6f6ee4332831c4cd4075a47426ff
2015-06-03recovery: Switch to clangTao Bao1-0/+2
And a few trival fixes to suppress warnings. Change-Id: I38734b5f4434643e85feab25f4807b46a45d8d65
2015-05-28Separate uncrypt into two modesTao Bao1-1/+1
uncrypt needs to be triggered to prepare the OTA package before rebooting into the recovery. Separate uncrypt into two modes. In mode 1, it uncrypts the OTA package, but will not reboot the device. In mode 2, it wipes the /misc partition and reboots. Needs matching changes in frameworks/base, system/core and external/sepolicy to work properly. Bug: 20012567 Bug: 20949086 Change-Id: I14d25cb62770dd405cb56824d05d649c3a94f315
2015-05-06uncrypt: Switch to C++Tao Bao1-1/+1
Also apply some trivial changes like int -> bool and clean-ups. Change-Id: I5c6c42d34965305c394f4f2de78487bd1174992a (cherry picked from commit 381f455cac0905b023dde79625b06c27b6165dd0)
2015-05-06uncrypt: Switch to C++Tao Bao1-1/+1
Also apply some trivial changes like int -> bool and clean-ups. Change-Id: Ic55fc8b82d7e91b321f69d10175be23d5c04eb92
2014-08-26open misc device in write-only modeDoug Zongker1-1/+1
Opening the misc block device in read-write mode runs afoul of SELinux, which keeps the wipe code from working. Fix. Also change various things to log to logcat so we can see them happening, for future debugging. Bug: 16715412 Change-Id: Ia14066f0a371cd605fcb544547b58a41acca70b9
2014-08-14revert uncrypt back to dynamic linking, fix libsDoug Zongker1-6/+1
Bug: 17029174, 17015157 Change-Id: I1d24f3402875dfb972daa6daef0f385baeff84e9
2014-08-14change uncrypt to static linkingDoug Zongker1-0/+2
Bug: 17015157 Change-Id: I3c4bdcf4f11d44b617bb731a48413e3707044d1c
2014-01-16program to store unencrypted files in an encrypted filesystemDoug Zongker1-8/+9
uncrypt can read a file on an encrypted filesystem and rewrite it to the same blocks on the underlying (unencrypted) block device. This destroys the contents of the file as far as the encrypted filesystem is concerned, but allows the data to be read without the encryption key if you know which blocks of the raw device to access. uncrypt produces a "block map" file which lists the blocks that contain the file. For unencrypted filesystem, uncrypt will produce the block map without touching the data. Bug: 12188746 Change-Id: Ib7259b9e14dac8af406796b429d58378a00c7c63
2010-08-02Working ASLR implementationHristo Bojinov1-0/+27
Separate files for retouch functionality are in minelf/* ASLR for shared libraries is controlled by "-a" in ota_from_target_files. Binary files are self-contained. Retouch logic can recover from crashes. Signed-off-by: Hristo Bojinov <hristo@google.com> Change-Id: I76c596abf4febd68c14f9d807ac62e8751e0b1bd