| Commit message (Collapse) | Author | Age | Files | Lines |
|
|
|
|
|
|
| |
* Conditionally compile support based on TARGET_HAVE_OEMLOCK.
* Use liboemunlock for device specific support.
Change-Id: I1cf1fef8e30075b0586bb86625b7df49723974cb
|
|
|
|
| |
Change-Id: I4cef82973a15111bee92cd7c81f0e1db8d211991
|
|
|
|
| |
Change-Id: I13f0c9ae5444652a2141442ef24258679a78d320
|
|
|
|
|
|
|
| |
Some hardware doesn't like having the panel on and still
active during pwoer cycles, so just turn it off.
Change-Id: Ied1f0802f5a2d45980ee33abf2456a291ba64beb
|
|
|
|
|
|
|
| |
The backlight is not turned on by default in some devices. This leads to
nothing displayed in recovery mode.
Change-Id: Iae5b0440f79fdcb79e103744a242e12c96b02c00
|
|
|
|
|
|
| |
A minimal vold client for recovery.
Change-Id: Id25d955dc1861a910e5f5fc27d9a19e245d66833
|
|
|
|
| |
Change-Id: I5abac0f1b59d480b859f77ce16126f13fccd440b
|
|
|
|
|
|
|
|
|
| |
* Secure ADB support
* Toybox applets
* mksh
* Various other tools
Change-Id: I80b0e2aa5eb7142eaa9f157709f4e029077d8dfa
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Fork a logger process and send over the log lines through a pipe.
Prepend a timestamp to each line for debugging purpose. Timestamps are
relative to the start of the logger.
Example lines with the change in this CL:
[ 445.948393] Verifying update package...
[ 446.279139] I:comment is 1738 bytes; signature 1720 bytes from end
[ 449.463652] I:whole-file signature verified against RSA key 0
[ 449.463704] I:verify_file returned 0
Change-Id: I139d02ed8f2e944c1618c91d5cc43282efd50b99
|
|
|
|
|
|
|
|
|
| |
When calling ScreenRecoveryUI::ShowFile(), the only thing that gets
inadequately logged is the progress bar. Replace the call to
ScreenRecoveryUI::Print() with ScreenRecoveryUI::PrintOnScreenOnly() for
the progress bar, so we can avoid calling redirect_stdio().
Change-Id: I4d7c5d5b39bebe0d5880a99d7a72cee4f0b8f325
|
|
|
|
|
|
|
|
|
| |
Malloc might fail when replacing package path. In this case, print a
clear error message in the logs and let the OTA fails.
Change-Id: I7209d95edc025e3ee1b4478f5e04f6e852d97205
Signed-off-by: Jeremy Compostella <jeremy.compostella@intel.com>
Signed-off-by: Gaelle Nassiet <gaellex.nassiet@intel.com>
|
|
|
|
|
|
|
|
|
|
|
| |
When system images contain the root directory, there is no entry of
"/system" in the fstab. Change it to look for "/" instead if
ro.build.system_root_image is true. We actually mount the partition
to /system_root instead, and create a symlink to /system_root/system
for /system. This allows "adb shell" to work properly.
Bug: 22855115
Change-Id: Ibac493a5a9320c98ee3b60bd2cc635b925f5454a
|
|
|
|
| |
Change-Id: I12b4f880802135a98dbc11a19e74172a3a5ef921
|
|
|
|
|
|
| |
And a few trival fixes to suppress warnings.
Change-Id: I38734b5f4434643e85feab25f4807b46a45d8d65
|
|
|
|
|
|
| |
Allow overriding of reboot reason.
Change-Id: I73d9debaed8224bf6877008b15aa95c6c404c624
|
|
|
|
|
|
| |
Bug: http://b/21760064
Change-Id: Idde268fe4d7e27586ca4469de16783f1ffdc5069
(cherry picked from commit 945548ef7b3eee5dbfb46f6291465d4b0b6d02e1)
|
|
|
|
|
|
|
|
|
|
| |
This makes it easier to go back and forth without losing current output.
Also make the display more like regular more(1).
Bug: http://b/20834540
Change-Id: Icc5703e9c8a378cc7072d8ebb79e34451267ee1b
(cherry picked from commit c049163234003ef463bca018920622bc8269c69b)
|
|
|
|
|
|
|
|
|
| |
Currently we are keeping one copy of the kernel log (LAST_KMSG_FILE).
This CL changes to keep up to KEEP_LOG_COUNT copies for kernel logs.
Bug: http://b/18092237
Change-Id: Ied862b5b70cbbae7775f59c78c32ec62aeeca655
(cherry picked from commit bef39710ff50cedf6a4de8eb6c7802f66930aab4)
|
|
|
|
|
|
|
|
|
|
| |
For userdebug and eng builds, turn on the text display automatically
if no command is specified.
(cherry-pick of 785d22c88cda46972331c04ebc9df97371a696da.)
Bug: http://b/17489952
Change-Id: I38377c45f2a8e45ca788e5506695aa88c769cbcf
|
|
|
|
|
|
|
|
|
|
|
| |
This makes it easier for us to deal with arbitrary information at the
top, and means that headers added by specific commands don't overwrite
the default ones.
Add the fingerprint back, but broken up so it fits even on sprout's
display.
Change-Id: Id71da79ab1aa455a611d72756a3100a97ceb4c1c
|
|
|
|
| |
Change-Id: I280a478526f033f5c0041d7e8a818fce6177d732
|
|
|
|
|
|
| |
This reverts commit 2ec803f4350f7b72f5dd65c5f27656c6807e2966.
Change-Id: I419025a772ef99db4c0a78bfa7ef66767f3fa062
|
|
|
|
|
|
|
|
| |
Currently we are keeping one copy of the kernel log (LAST_KMSG_FILE).
This CL changes to append it to the recovery log.
Bug: 18092237
Change-Id: I06ad5629016846927153064f1663753a90296f79
|
|
|
|
| |
Change-Id: I5afaf70caa590525627c676c88b445d3162de33e
|
|
|
|
|
|
|
|
| |
Currently fugu has a custom subclass to handle this. The default code
supports devices with trackballs but not all shipping Nexus devices?
That's just silly.
Change-Id: Id2779c91284899a26b4bb1af41e7033aa889df10
|
|
|
|
|
|
|
| |
Everyone's adding secret key combinations for this anyway, and it's
very useful when debugging.
Change-Id: Iad549452b872a7af963dd649f283ebcd3ea24234
|
|
|
|
|
|
|
|
| |
Rather than add code to wrap menu items, let's just put output the
recovery version to the log. It'll be visible at the bottom of the
screen and automatically wrap.
Change-Id: I158fe2d85bc56b195e00619fba455321743923bd
|
|
|
|
|
|
| |
This fixes the N9 performance problem.
Change-Id: I00c10d4162ff266a6243285e5a5e768217f6f799
|
|
|
|
|
|
|
| |
The original attempt missed the fact that Print is a member function,
so the first argument is the implicit 'this'.
Change-Id: I963b668c5432804c767f0a2e3ef7dea5978a1218
|
|
|
|
|
|
|
|
|
|
| |
Currently it rotates the log files every time it boots into the recovery
mode. We lose useful logs after ten times. This CL changes the rotation
condition so that it will rotate only if it performs some actual
operations that modify the flash (installs, wipes, sideloads and etc).
Bug: 19695622
Change-Id: Ie708ad955ef31aa500b6590c65faa72391705940
|
|
|
|
|
|
|
| |
It also changes the return type of wipe_data/wipe_cache to bool, so the
caller can get the status accordingly.
Change-Id: I3022dcdadd6504dac757a52c2932d1176ffd1918
|
|
|
|
|
|
|
|
|
|
|
| |
This now gets done at the framework level.
Doing it here breaks the signature on the partition.
This reverts commit ee19387905650cab5da7dd97ada5502cd17ac93d.
Bug: 19967123
Change-Id: I2a977cb0f0ba94defa1bf9091219398ddc1d3528
(cherry picked from commit 037444642bc32d8fed3bb996823b6a62faa57195)
|
|
|
|
|
|
|
|
|
|
|
|
| |
When the command file contains "--sideload" (as a result of 'adb reboot
sideload'), it goes into sideload mode directly. Text display will be
turned on by default. It waits for user interaction upon finishing.
When the command file contains "--sideload_auto_reboot", it enters
sideload mode silently. And it will reboot after the installation
regardless of its result, which is designed for automated testing purpose.
Change-Id: Ifdf173351221c7bbf635cfd32463b48e1fff5740
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
It's surprising that only one of the wipe options asks for confirmation.
This change makes it easier to add confirmation to any action.
I've also removed the version information from all but the main menu,
because I find I'm not really reading the red text because there's
so much of it all the time.
(Given that fingerprints are long and menu items aren't wrapped, we
might want to go with an actual "About" menu item instead.)
Change-Id: I7d809fdd53f9af32efc78bee618f98a69883fffe
|
|
|
|
| |
Change-Id: Ia897aa43e44d115bde6de91789b35723826ace22
|
|
|
|
|
|
|
|
|
| |
Add support for the wipe command when using sideload within the
recovery. All the support for this command is in place, only the
execution of the actual wipe command itself was missing.
Change-Id: Ia9cdfc912bfb9f558fa89b9f0ed54e843ede41f2
Signed-off-by: Christian Poetzsch <christian.potzsch@imgtec.com>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
At the moment, this is the only difference in the sprout recovery
image. That's silly. Let's just improve the error handling slightly
and always have this option present.
Also make the obscure "<3e>" less unclear.
Also use "power button" as the default text rather than "enter button",
because it's been years since anyone had one of those. (Longer term we
should let subclassers tell us the keycode and we translate it to the
correct string.)
Also move the two "Reboot" options together, put "Power off" at the
bottom (and use that terminology, like the real UI, rather than
"Power down"), and use capitals throughout.
Finally, add a README.md with some useful instructions.
Change-Id: I94fb19f73d79c54fed2dda30cefb884426641b5c
|
|\
| |
| |
| |
| | |
* commit '2d1022250941873f8748e6a159d4e5bf976e511f':
Kill of most of the remainder of minadbd.
|
| |
| |
| |
| |
| |
| |
| |
| | |
I think everything left now is here to stay (services.c might get
massaged in to libadbd if it gets refactored).
Bug: 17626262
Change-Id: I01faf8b277a601a40e3a0f4c3b8206c97f1d2ce6
|
|\ \
| |/
| |
| | |
Change-Id: I6f2ea07df2ab80a44301d9c3a2a8841c40a46002
|
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
The recovery system behaves a little bit differently on userdebug or
eng builds by presenting error reports to the user in the ui.
This is controlled by checking the build fingerprint for the string
:userdebug/ or :eng/. But with AOSP version numbers most AOSP
builds blows the 92 char limit of ro.build.fingerprint and therefore
the property is not set, so this condition will always be evaluated
to false, for most builds.
Instead of depending on the flaky ro.build.fingerprint this change
uses ro.debuggable.
Change-Id: I74bc00c655ac596aaf4b488ecea58f0a8de9c26b
|
| |
| |
| |
| |
| |
| |
| | |
Bug: 18642766
Change-Id: I95a6c8edf83513d421a041e79c15111b5c991dde
Signed-off-by: Patrick Tjin <pattjin@google.com>
|
| |
| |
| |
| |
| |
| |
| | |
Bug: 18642766
Change-Id: I6c8b7d8f9ffb688d3afdfe0d47c4142e711e421d
Signed-off-by: Patrick Tjin <pattjin@google.com>
|
|/
|
|
|
|
|
|
|
|
| |
Create a new recovery UI option to allow the user to view
/cache/recovery/last_log for their device. This gives enhanced
debugging information which may be necessary when a failed
OTA occurs.
Bug: 18094012
Change-Id: Ic3228de96e9bfc2a0141c7aab4ce392a38140cf3
|
|
|
|
|
|
|
| |
This will help us track down who requested a data wipe.
Bug: 17412160
Change-Id: I1c439fbd29f96b9851810baca9101f683a0f18d8
|
|
|
|
|
|
|
|
|
|
|
| |
We need to wipe the challenges on this partition
if OEM unlock is enabled, as this is a signal that
the user has opted out of factory reset protection.
go/factory-reset
Bug: 16633064
Change-Id: Icb8f1433bf99ca57813f5b72d5a3dd15fa94a263
|
|
|
|
|
|
|
|
|
| |
Make a fuse filesystem that sits on top of the selected package file
on the sdcard, so we can verify that the file contents don't change
while being read and avoid copying the file to /tmp (that is, RAM)
before verifying and installing it.
Change-Id: Ifd982aa68bfe469eda5f839042648654bf7386a1
|
|
|
|
|
|
|
|
|
| |
Drop support for sideloading OTA packages of the cache partition (a
half-solution that's long since been deprecated by "adb sideload").
Refactor the code to sideload OTA packages from SD cards: remove the
installation code from the file browser.
Change-Id: Id0dff6b27c4a5837546f174f50e2e1d0379c43db
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Implement a new method of sideloading over ADB that does not require
the entire package to be held in RAM (useful for low-RAM devices and
devices using block OTA where we'd rather have more RAM available for
binary patching).
We communicate with the host using a new adb service called
"sideload-host", which makes the host act as a server, sending us
different parts of the package file on request.
We create a FUSE filesystem that creates a virtual file
"/sideload/package.zip" that is backed by the ADB connection -- users
see a normal file, but when they read from the file we're actually
fetching the data from the adb host. This file is then passed to the
verification and installation systems like any other.
To prevent a malicious adb host implementation from serving different
data to the verification and installation phases of sideloading, the
FUSE filesystem verifies that the contents of the file don't change
between reads -- every time we fetch a block from the host we compare
its hash to the previous hash for that block (if it was read before)
and cause the read to fail if it changes.
One necessary change is that the minadbd started by recovery in
sideload mode no longer drops its root privileges (they're needed to
mount the FUSE filesystem). We rely on SELinux enforcement to
restrict the set of things that can be accessed.
Change-Id: Ida7dbd3b04c1d4e27a2779d88c1da0c7c81fb114
|
|
|
|
|
|
| |
Useful when debugging or developing for recovery.
Change-Id: Ic3ab42d5e848ad3488f1c575339b55e45c8a024b
|