aboutsummaryrefslogtreecommitdiffstats
path: root/etc
Commit message (Collapse)AuthorAgeFilesLines
* sideload without holding the whole package in RAMDoug Zongker2014-07-021-0/+1
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Implement a new method of sideloading over ADB that does not require the entire package to be held in RAM (useful for low-RAM devices and devices using block OTA where we'd rather have more RAM available for binary patching). We communicate with the host using a new adb service called "sideload-host", which makes the host act as a server, sending us different parts of the package file on request. We create a FUSE filesystem that creates a virtual file "/sideload/package.zip" that is backed by the ADB connection -- users see a normal file, but when they read from the file we're actually fetching the data from the adb host. This file is then passed to the verification and installation systems like any other. To prevent a malicious adb host implementation from serving different data to the verification and installation phases of sideloading, the FUSE filesystem verifies that the contents of the file don't change between reads -- every time we fetch a block from the host we compare its hash to the previous hash for that block (if it was read before) and cause the read to fail if it changes. One necessary change is that the minadbd started by recovery in sideload mode no longer drops its root privileges (they're needed to mount the FUSE filesystem). We rely on SELinux enforcement to restrict the set of things that can be accessed. Change-Id: Ida7dbd3b04c1d4e27a2779d88c1da0c7c81fb114
* am 3e0fc39e: am 974fe112: Merge "Fix recovery mode."Riley Andrews2014-06-251-1/+19
|\ | | | | | | | | * commit '3e0fc39ec27c0ed96ffd2a617f1841fe3bf3c8f6': Fix recovery mode.
| * Fix recovery mode.Riley Andrews2014-06-241-1/+19
| | | | | | | | | | | | | | | | | | Duplicate changes made to init.rc for https://android-review.googlesource.com/98852 in the init.rc used for recovery mode. Bug 15849856 Change-Id: Ia376ddf6373a28718653f7fb1435bf7ecb33d813
* | recovery: enable panic_on_oopsColin Cross2014-06-241-0/+2
| | | | | | | | | | | | Set panic_on_oops=1 to reboot if the kernel panics. Change-Id: Id9e8689a570229db2ea2a3d72b52784f8a1ed107
* | am ed75be6d: am ac189bf6: Merge "recovery: Fix adb with linux 3.10"Benoit Goby2014-02-211-0/+6
|\ \ | |/ | | | | | | * commit 'ed75be6de9d883a2524065940d732593fa26ac19': recovery: Fix adb with linux 3.10
| * recovery: Fix adb with linux 3.10Benoit Goby2014-02-191-0/+6
| | | | | | | | | | | | | | | | In kernel 3.10, f_adb has been removed and adbd can use functionfs instead. Mount functionfs on boot for adbd. On older kernels, mount will fail silently and adbd will revert to f_adb. Change-Id: I5db57aaf35b35859ea88c7d0e0661d8c553e5811
* | am f4641299: am 295e74aa: Merge "adbd: switch to su domain when running as root"Nick Kralevich2014-01-241-1/+1
|\ \ | |/ | | | | | | * commit 'f464129950eaea49b1234fdcfd04ec8723e3c672': adbd: switch to su domain when running as root
| * adbd: switch to su domain when running as rootNick Kralevich2014-01-181-1/+1
| | | | | | | | | | | | | | | | | | | | | | When adbd runs as root, it should transition into the su domain. This is needed to run the adbd and shell domains in enforcing on userdebug / eng devices without breaking developer workflows. Use the new device_banner command line option. Change-Id: Ib33c0dd2dd6172035230514ac84fcaed2ecf44d6
* | am a01b6467: am 772f6e2a: Merge "correctly mount tmpfs as /tmp in recovery"Doug Zongker2014-01-141-2/+2
|\ \ | |/ | | | | | | * commit 'a01b646794fc207da657d7b8ef779c9d842acfde': correctly mount tmpfs as /tmp in recovery
| * correctly mount tmpfs as /tmp in recoveryDoug Zongker2014-01-141-2/+2
| | | | | | | | | | | | | | | | | | | | | | The syntax of init's mount command changed in April 2008 but recovery's init.rc was never updated, so recovery's /tmp has been on the root fs all this time. Fix. Also add /system/bin to the PATH in recovery, which is handy for debugging. Change-Id: I39f7ae435a8ce3bad691e4b7c307db0bd8de1302
* | am 7e0d3066: am fc729512: Merge "Set SELinux security contexts correctly for ↵Nick Kralevich2014-01-131-0/+11
|\ \ | |/ | | | | | | | | | | init and services." * commit '7e0d30667cf53a182525f87dd0c8cb0e2628a1ed': Set SELinux security contexts correctly for init and services.
| * Set SELinux security contexts correctly for init and services.Stephen Smalley2014-01-131-0/+11
| | | | | | | | | | | | | | | | Otherwise everything is left running in the kernel domain when booting recovery. Change-Id: Ie3d86547d5be0b68dd1875a97afe1e00fc3e4da1 Signed-off-by: Stephen Smalley <sds@tycho.nsa.gov>
* | start healthd in recovery modeTodd Poynor2013-09-131-1/+1
|/ | | | Change-Id: I431ece69b6856fd1ea6079c38cdeb593c15d7385
* fix secure adb in recoveryDoug Zongker2013-09-111-0/+1
| | | | | | | | Recovery's init.rc was missing a line (added to the main system's init.rc in change Ic97fd464440ff4a29fc9da7ad15949ac5215ade3) is required for secure adb to work. Change-Id: Id79b94d2abb4cbe3cca7cabeb4bc5faf7205e56b
* recovery: fix rebootingDoug Zongker2013-08-301-0/+3
| | | | | | | | Change I84c0513acb549720cb0e8c9fcbda0050f5c396f5 moved reboot functionality into init but did not update the recovery partition; so "adb reboot" and /system/bin/reboot in recovery are both broken. Change-Id: Ie2d14627a686ffb5064256b6c399723636dff116
* start healthd in recoveryTodd Poynor2013-06-181-0/+4
| | | | Change-Id: I16e3e0ddb8ca062431deb4be83c5be5eb786d76f
* recovery: import init.recovery.${ro.hardware}.rcColin Cross2012-08-081-0/+2
| | | | | | | | | Some devices need hardware specific services started in recovery, for example watchdogd. Import init.recovery.${ro.hardware}.rc from the recovery init.rc. Bug: 6953625 Change-Id: I4a4cee210238150ffaabe774a44340ec3c8ff78c
* run minadbd as shell userDoug Zongker2012-03-191-0/+3
| | | | | | | | Make minadbd drop its root privileges after initializing. We need to make the /tmp directory writable by the shell group so that it can drop the sideloaded file there. Change-Id: I67b292cf769383f0f67fb934e5a80d408a4c131d
* always initialize usb product, vendor, etc. for adb in recoveryDoug Zongker2012-01-101-7/+9
| | | | | | | Set these values even on non-debuggable builds, so that the mini-adb now in recovery can work. Change-Id: If4c915403e6f43bfe922aa347e350a8982443106
* recovery: convert all usages of $prop to ${prop}Dima Zavin2012-01-101-3/+3
| | | | | Change-Id: I9451b8350d33806097598fb9e575b28fd8b292ad Signed-off-by: Dima Zavin <dima@android.com>
* Add missing commands to recovery init.rcMichael Ward2011-07-071-0/+3
| | | | | | Wrote some missing items in recovery, most notably the serial number so that it shows up correctly on adb. Change-Id: If430c0b78191c8d77f781aa605b5081571451775
* init.rc: Simplify logic for starting adbd in recoveryMike Lockwood2011-06-291-25/+6
| | | | | | | | | | Always start adbd if ro.debuggable=1 rather than basing it on user preference in persistent system properties. Use new D001 product ID, which I just allocated for "android recovery mode" Change-Id: I6f1eac5257eaad2e538c0a8dd549ad89219efa3e Signed-off-by: Mike Lockwood <lockwood@android.com>
* fix adb root in recoveryDoug Zongker2011-06-231-0/+4
| | | | | | recovery's init.rc was missing lines that made adb root work. Change-Id: I300e6997e3b5cb9c7b542b2012eed61deb2550f1
* Fix starting adb in recovery modeMike Lockwood2011-06-191-3/+27
| | | | | Change-Id: I8444f44d3194ff16ce54121633d5b255231393f5 Signed-off-by: Mike Lockwood <lockwood@android.com>
* am ecc76ba5: Set adbd to be disabled by default in recoveryKenny Root2010-06-281-0/+1
|\ | | | | | | | | | | | | Merge commit 'ecc76ba5516d62a886f9c290906e0ca50702c9ab' into gingerbread * commit 'ecc76ba5516d62a886f9c290906e0ca50702c9ab': Set adbd to be disabled by default in recovery
| * Set adbd to be disabled by default in recoveryKenny Root2010-06-281-0/+1
| | | | | | | | Change-Id: I74fa6edc4b001247b20be52e8301d18407fede2c
* | recovery: Add ueventd serviceColin Cross2010-05-141-0/+4
|/ | | | Change-Id: Iad448bc1608f88c5db2108475f35b88ea2877b07
* auto import from //depot/cupcake/@135843The Android Open Source Project2009-03-032-0/+41
|
* auto import from //depot/cupcake/@135843The Android Open Source Project2009-03-032-41/+0
|
* Initial ContributionThe Android Open Source Project2008-10-212-0/+41
generated by cgit v1.1 at 2024-06-23 03:24:55 +0000