| Commit message (Collapse) | Author | Age | Files | Lines |
|
|
|
|
|
|
|
| |
Attempt to reboot using older methods in case the recovery that we
are updating does not support init reboots
Ticket: CYNGNOS-1242
Change-Id: I9d6ec23c65291221e99d67b2361a2bd150319eee
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
* Multiple fstab lines (supported in android) cause recovery to fail
to mount partitions if the fs type is not the same as the first
fstab entry. So when we attempt to find an fstab entry that matches
a path for an f2fs, ext4 or vfat type, check it against blkid's
determination of what filesystem type it is. If there is a discrepancy,
query fs_mgr for the next possible entry that matches that path until
either we find one that is good, or run out of fstab entries.
* Also attempt to autodetect the filesystem type for mounting from
update.zips.
Change-Id: Ib6f4535dd88ef714ae1ca6fb0ffae1c7dac0f7ce
|
|
|
|
|
|
| |
* Fix reboot_now comments to reflect actual usage.
Change-Id: I692d626185af24620382f7b318c2b77f643ccfb8
|
|
|
|
|
|
|
|
|
|
|
|
| |
Use board define BOARD_RECOVERY_BLDRMSG_OFFSET with a decimal integer
to define a custom offset where the bootloader message should be
read/written.
Edify commands get_stage and set_stage need to be aware of the
custom bootloader msg offset because they write the stage directly
to the BCB.
Change-Id: Id13a23dd41bb7d907b96d657b8e21eb839dfeaa9
|
|
|
|
| |
Change-Id: I63f28b3b4ba4185c23b972fc8f93517295b1672a
|
|
|
|
| |
Change-Id: I66ae21a25a25fa3c70837bc54a7d406182d4cf37
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Although stdout and stderr are both redirected to log file with no
buffering, we are seeing some outputs are mixed in random order.
This is because ui_print commands from the updater are passed to the
recovery binary via a pipe, which may interleave with other outputs
that go to stderr directly.
In recovery, adding ui::PrintOnScreenOnly() function to handle
ui_print command, which skips printing to stdout. Meanwhile, updater
prints the contents to stderr in addition to piping them to recovery.
Change-Id: Idda93ea940d2e23a0276bb8ead4aa70a3cb97700
|
|
|
|
|
|
| |
* Fix compilation on yaffs targets
Change-Id: Icd571dce3ee8c232b13ae199df6e0a4feeb7fb68
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
We now support upgrading from 32 to 64 bit builds.
The check for device to package compatibility now
takes into account if the product name on the device
vs the product name on the upgrade build differs
only by the _32 or _64 trailing chars. In addition
we also force compile the updater binary as 32 bit
executable so that it can run on the 32 bit build
we are upgrading from.
Change-Id: Iebe6107e55719141fbcc496efa0c60ef1f9368c8
|
|
|
|
|
|
|
|
|
|
|
|
| |
I've added explanatory comments to mzExtractRecursive because
that function will live on as a utility even after we move the
zip format related logic to libziparchive.
bug: 19472796
(cherry-picked from commit c9ccdfd7a42de08c47ab771b94dc5b9d1f957b95)
Change-Id: I8b7fb6fa3eafb2e7ac080ef7a7eceb691b252d8a
|
|
|
|
|
|
|
|
|
| |
This allows tune2fs to be executed from within OTA scripts,
allowing for file system modifications without formatting the
partition
Bug: 18430740
Change-Id: I0c2e05b5ef4a81ecea043e9b7b99b545d18fe5e6
|
|
|
|
|
| |
Bug: 18092022
Change-Id: I6c42038ebeb1cfc1e7ca0d3e12310fdce1b990b0
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
At the end of the OTA script, we walk through /system, updating
all the permissions on the filesystem, including the UID, GID,
standard UNIX permissions, capabilities, and SELinux labels.
In the case of a symbolic link, however, we want to skip most of
those operations. The UID, GID, UNIX permissions, and capabilities
don't meaningfully apply to symbolic links.
However, that's not true with SELinux labels. The SELinux label on
a symbolic link is important. We need to make sure the label on the
symbolic link is always updated, even if none of the other attributes
are updated.
This change unconditionally updates the SELinux label on the symbolic
link itself. lsetfilecon() is used, so that the link itself is updated,
not what it's pointing to.
In addition, drop the ENOTSUP special case. SELinux has been a
requirement since Android 4.4. Running without filesystem extended
attributes is no longer supported, and we shouldn't even try to handle
non-SELinux updates anymore. (Note: this could be problematic if
these scripts are ever used to produce OTA images for 4.2 devices)
Bug: 18079773
Change-Id: I87f99a1c88fe02bb2914f1884cac23ce1b385f91
|
|
|
|
|
|
|
| |
Bug: 18079773
Bug: 18092222
Change-Id: Ifc3f3e123de729dfbb2f49414b3207afa96268d5
|
|\ |
|
| |
| |
| |
| |
| | |
Bug: 18079773
Change-Id: Ic6fddbcbcb6ddb9e1cbd1698df98387c0033ae15
|
|/
|
|
|
|
|
|
| |
This should help with reentrant OTAs.
Bug: 18079773
Change-Id: I102fd738e3b450483ecd4471384c12e89fc586e2
|
|
|
|
|
|
|
| |
Superseded by newer code.
Bug: 16984795
Change-Id: I842299f6a02af7ccf51ef2ca174d813ca53deef1
|
|
|
|
|
|
|
| |
(Cherry-pick back from master.)
Bug: 16984795
Change-Id: Ifa3d8345c5e2a0be86fb28faa080ca82592a96b4
|
|
|
|
|
|
|
|
| |
These error messages include empty parens after each string
substition. Ill-advised cut and paste, probably.
Bug: 16467401
Change-Id: Ib623172d6228354afdcc2e33442cc53a07f0ecbc
|
|
|
|
|
|
|
|
|
| |
Sometimes renames will move a file into a directory
that does not yet exist. This will create the
parent directories, using the same symlink logic,
to ensure that there is a valid destination.
Change-Id: Iaa005a12ce800c39f4db20f7c25a2a68cb40a52d
|
|
|
|
|
|
|
|
|
|
|
|
| |
This adds F2FS support
- for wiping a device
- for the install "format" command.
Note: crypto data in "footer" with a default/negative length
is not supported, unlike with "ext4".
Change-Id: I8d141a0d4d14df9fe84d3b131484e9696fcd8870
Signed-off-by: JP Abgrall <jpa@google.com>
|
|
|
|
|
|
|
|
|
| |
While executing syspatch and package_extract_file() calls with don't
care maps (both of which are used to rewrite the system image in
incremental and full block OTAs, respectively), pass a progress
callback in and use it to update the visible progress bar.
Change-Id: I1d3742d167c1bb2130571eb5103b7795c65ff371
|
|
|
|
|
|
|
|
|
|
| |
The default recovery UI will reboot the device when the power key is
pressed 7 times in a row, regardless of what recovery is doing.
Disable this feature during package installation, to minimize the
chance of corrupting the device due to a mid-install reboot. (Debug
packages can explicitly request that the feature be reenabled.)
Change-Id: I20f3ec240ecd344615d452005ff26d8dd7775acf
|
|
|
|
|
|
|
|
|
| |
The new build.prop for Sprout includes lines of the format:
import xxx.prop
These can be safely ignored when reading the property file.
Change-Id: Ia84a138e71461ffe8e591e88143b9787873def29
|
|\
| |
| |
| |
| | |
* commit '4b6de1ba1ce0fff95c18a8abb7ba6e5762006d49':
Recovery 64-bit compile issues
|
| |\
| | |
| | |
| | |
| | | |
* commit '026ebe0214d6c1c9b3ddc22c35e9ac37e5f622bc':
Recovery 64-bit compile issues
|
| | |
| | |
| | |
| | | |
Change-Id: I92d5abd1a628feab3b0246924fab7f97ba3b9d34
|
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
Make package_extract_file() take an optional third argument which is
the pathname (in the package zip) of a map of don't-care regions to
skip over when writing the file.
Modify syspatch() to take source and target don't-care maps and use
them when patching the system partition.
Add the wipe_block_device() function to do a discard of all data on
the partition.
Change-Id: I8c856054edfb6aab2f3e5177f16d9d78add20be4
|
| | |
| | |
| | |
| | | |
Change-Id: I1541534ee6978ddf8d548433986679ce9507d508
|
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
Older versions of android supported an ASLR system where binaries were
randomly twiddled at OTA install time. Remove support for this; we
now use the ASLR support in the linux kernel.
Change-Id: I8348eb0d6424692668dc1a00e2416fbef6c158a2
|
|/ /
| |
| |
| |
| |
| |
| | |
Add the syspatch() function, which can apply xdelta3+xz patches using
the libsyspatch library.
Change-Id: Idc1921e449020923bcaf425a1983bec0833e47ed
|
|\ \
| | |
| | |
| | |
| | |
| | |
| | | |
klp-dev
* commit 'f9dd42de6034ab09f9fa649ed1fbea25bc05e598':
Don't abort on read_file if the file is missing.
|
| | |
| | |
| | |
| | | |
Change-Id: I85726bf736203d602428114145c3b98692580656
|
|\ \ \
| |/ /
| | /
| |/
|/| |
* commit 'c87bab101893e8322b49d7c8600e3367b20ab50a':
add the functions for multi-stage packages to updater
|
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
In order to support multi-stage recovery packages, we add the
set_stage() and get_stage() functions, which store a short string
somewhere it can be accessed across invocations of recovery. We also
add reboot_now() which updater can invoke to immediately reboot the
device, without doing normal recovery cleanup. (It can also choose
whether to boot off the boot or recovery partition.)
If the stage string is of the form "#/#", recovery's UI will be
augmented with a simple indicator of what stage you're in, so it
doesn't look like a reboot loop.
Change-Id: I62f7ff0bc802b549c9bcf3cc154a6bad99f94603
|
|\ \
| |/
| |
| |
| |
| |
| | |
try to process them via patch + rename, instead of delete + add." into klp-dev
* commit 'c64e76c75088b951f61a7f7bacf8af6eccd2ccfa':
Enable incremental builder to find files that moved, and try to process them via patch + rename, instead of delete + add.
|
| |
| |
| |
| |
| |
| |
| |
| |
| | |
try to process them via patch + rename, instead of
delete + add.
b/11437930
Change-Id: I984349fbc9a8dac4379e00c0d66fc7d22c4eb834
|
|/
|
|
|
|
|
|
| |
set_perm and set_perm_recursive are no longer used. Delete.
(cherry picked from commit 08ef9a957027183dcf55e432441e8fb0d5299aba)
Change-Id: I1bcc90ae19af9df4f0705496c5876987159f75ac
|
|
|
|
|
|
|
| |
Bug: 10183961
Bug: 10186213
Bug: 8985290
Change-Id: I57cb14af59682c5f25f1e091564548bdbf20f74e
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Introduce two new updater functions:
* set_metadata
* set_metadata_recursive
Long term, these functions are intended to be more flexible replacements
for the following methods:
* set_perm
* set_perm_recursive
Usage:
set_metadata("filename", "key1", "value1", "key2", "value2", ...)
set_metadata_recursive("dirname", "key1", "value1", "key2", "value2", ...)
Description:
set_metadata() and set_metadata_recursive() set the attributes on a file/directory
according to the key/value pairs provided. Today, the following keys are
supported:
* uid
* gid
* mode (set_perm_extd only)
* fmode (set_perm_extd_recursive only)
* dmode (set_perm_extd_recursive only)
* selabel
* capabilities
Unknown keys are logged as warnings, but are not fatal errors.
Examples:
* set_metadata("/system/bin/netcfg", "selabel", "u:object_r:system_file:s0");
This sets the SELinux label of /system/bin/netcfg to u:object_r:system_file:s0.
No other changes occur.
* set_metadata("/system/bin/netcfg", "uid", 0, "gid", 3003, "mode", 02750, "selabel", "u:object_r:system_file:s0", "capabilities", 0x0);
This sets /system/bin/netcfg to uid=0, gid=3003, mode=02750,
selinux label=u:object_r:system_file:s0, and clears the capabilities
associated with the file.
* set_metadata_recursive("/system", "uid", 0, "gid", 0, "fmode", 0644, "dmode", 0755, "selabel", "u:object_r:system_file:s0", "capabilities", 0x0);
All files and directories under /system are set to uid=0, gid=0,
and selinux label=u:object_r:system_file:s0. Directories are set to
mode=0755. Files are set to mode=0644 and all capabilities are cleared.
Bug: 10183961
Bug: 10186213
Bug: 8985290
Change-Id: Ifdcf186a7ed45265511dc493c4036e1ac5e3d0af
|
|
|
|
|
|
|
| |
This reverts commit 627eb30f73c29257acaeb6568f3da38880784f7c.
Bug: 10183961
Bug: 10186213
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Modify the OTA installer to understand SELinux filesystem labels.
We do this by introducing new set_perm2 / set_perm2_recursive
calls, which understand SELinux filesystem labels. These filesystem
labels are applied at the same time that we apply the
UID / GID / permission changes.
For compatibility, we preserve the behavior of the existing
set_perm / set_perm_recursive calls.
If the destination kernel doesn't support security labels, don't
fail. SELinux isn't enabled on all kernels.
Bug: 8985290
Change-Id: I99800499f01784199e4918a82e3e2db1089cf25b
|
|
|
|
|
|
|
|
| |
Recovery currently has a random mix of messages printed to stdout and
messages printed to stderr, which can make logs hard to read. Move
everything to stdout.
Change-Id: Ie33bd4a9e1272e731302569cdec918e0534c48a6
|
|
|
|
| |
Change-Id: Ifd5a29d459acf101311fa1c220f728c3d0ac2e4e
|
|\
| |
| |
| | |
Change-Id: I861e3a6aa07c448909b2ae54618bba178bd6e457
|
| |
| |
| |
| | |
Change-Id: Ia96201f20f7838d7d9e8926208977d3f8318ced4
|
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
The bonus data option lets you give an additional blob of uncompressed
data to be used when constructing a patch for chunk #1 of an image.
The same blob must be available at patch time, and can be passed to
the command-line applypatch tool (this feature is not accessible from
edify scripts).
This will be used to reduce the size of recovery-from-boot patches by
storing parts of the recovery ramdisk (the UI images) on the system
partition.
Change-Id: Iac1959cdf7f5e4582f8d434e83456e483b64c02c
|
|/
|
|
|
|
|
|
|
|
|
| |
Full OTAs currently fail if the build contains a directory containing
only symlinks, because nothing creates that directory. Change the
symlink() command to create any ancestor directories that don't exist.
They're created as owner root perms 0700 because we assume that in
practice subsequent set_perm_recursive() calls will fix up their
ownership and permissions.
Change-Id: I4681cbc85863d9778e36b924f0532b2b3ef14310
|
|\
| |
| |
| |
| |
| |
| | |
the mount point as an argument."
* commit '78911bdf4f9dfff6583f3f8150a3257212ceea13':
Change the format command to always take the mount point as an argument.
|