| Commit message (Collapse) | Author | Files | Lines |
|
Starting healthd in early-init can cause SELinux denials if healthd
or any device-specific libraries try to log.
Now healthd is starting at boot as usual service.
Bug: 30292927
Change-Id: I367d022f5885122da49181db3db536012e83f564
|
|
Starting healthd in early-init is not needed and can delay coldboot done
Now healthd is starting at boot as usual service.
Test: check kmsg that healthd starting after /dev/.coldboot_done
Bug: 30292927
Change-Id: I367d022f5885122da49181db3db536012e83f564
|
|
Change-Id: Iec1492dfaf2ceae6f4d8618dd725d07316ee960b
|
|
Bug: http://b/29250988
Change-Id: I61f8c6717b38de2242e4ea8e0913237c1ce5bfea
|
|
This patch mirrors what was done in the main init.rc to relabel
/postinstall.
Bug: 27178350
Bug: 27177071
(cherry picked from commit 6bcc8af6e5a5bf9cc0987305cdfa24d4f6e4afa9)
Change-Id: I8320559f014cfb14216dcc350e016fc1db05cb14
|
|
This patch mirrors what was done in the main init.rc to relabel
/postinstall.
Bug: 27178350
Bug: 27177071
Change-Id: I39cd03f3c55a42c03367957e8c259c9a3155203c
|
|
File level encryption must get the key between mounting userdata and
calling post_fs_data when the directories are created. This requires
access to keymaster, which in turn is found from a system property.
Split property loaded into system and data, and load in right order.
Bug: 22233063
Change-Id: I409c12e3f4a8cef474eb48818e96760fe292cc49
|
|
This reverts commit 98c1a3de23ae8b589c36e74939193c44d25cac65.
Change-Id: I524060418de18f97c3865ebc4435f501015e92ee
|
|
File level encryption must get the key between mounting userdata and
calling post_fs_data when the directories are created. This requires
access to keymaster, which in turn is found from a system property.
Split property loaded into system and data, and load in right order.
Bug: 22233063
Change-Id: I409c12e3f4a8cef474eb48818e96760fe292cc49
|
|
This fixes 'su' and 'strace' in the recovery image.
Change-Id: I83c2664d32a15da92bb6092fbdfc772184013c88
|
|
This reverts commit c819dbe95bf80645178b0180f519ab2983da01a0.
Bug: http://b/19702273
Change-Id: I5c75b148a12e644dd247a4df4f67dc9b4b9ff8cf
|
|
shamu isn't booting now
This reverts commit c57453d5377a13445c4b1d3f73c0e0ab19aa0c1e.
Change-Id: I8efbf6260f5fcf983e5056fac6d03916415b944e
|
|
Change-Id: I0a014f8dddfe775159903b5d6fa632733fef692c
|
|
Change-Id: Id3e2c0795b817db9a85bc84cba2aa05d20179d39
Bug: 18503789
(cherry picked from commit 5bf74b238b402eaaf8c5bd1663fe4d592e59421f)
|
|
Change-Id: Id3e2c0795b817db9a85bc84cba2aa05d20179d39
Bug: 18503789
|
|
ueventd will wait for /dev/.booting to go away before giving up
on loading firmware.
The issue was introduced in Ifdd5dd1e95d7e064dde5c80b70198882d949a710
which forgot to update recovery's init.rc
Bug: 17993625
Change-Id: I91205fe6eea50aaef9b401d650ec8d6843a92a57
|
|
Implement a new method of sideloading over ADB that does not require
the entire package to be held in RAM (useful for low-RAM devices and
devices using block OTA where we'd rather have more RAM available for
binary patching).
We communicate with the host using a new adb service called
"sideload-host", which makes the host act as a server, sending us
different parts of the package file on request.
We create a FUSE filesystem that creates a virtual file
"/sideload/package.zip" that is backed by the ADB connection -- users
see a normal file, but when they read from the file we're actually
fetching the data from the adb host. This file is then passed to the
verification and installation systems like any other.
To prevent a malicious adb host implementation from serving different
data to the verification and installation phases of sideloading, the
FUSE filesystem verifies that the contents of the file don't change
between reads -- every time we fetch a block from the host we compare
its hash to the previous hash for that block (if it was read before)
and cause the read to fail if it changes.
One necessary change is that the minadbd started by recovery in
sideload mode no longer drops its root privileges (they're needed to
mount the FUSE filesystem). We rely on SELinux enforcement to
restrict the set of things that can be accessed.
Change-Id: Ida7dbd3b04c1d4e27a2779d88c1da0c7c81fb114
|
|
Set panic_on_oops=1 to reboot if the kernel panics.
Change-Id: Id9e8689a570229db2ea2a3d72b52784f8a1ed107
|
|
Duplicate changes made to init.rc for https://android-review.googlesource.com/98852
in the init.rc used for recovery mode.
Bug 15849856
Change-Id: Ia376ddf6373a28718653f7fb1435bf7ecb33d813
|
|
In kernel 3.10, f_adb has been removed and adbd can use functionfs
instead. Mount functionfs on boot for adbd. On older kernels, mount
will fail silently and adbd will revert to f_adb.
Bug: 14160609
Change-Id: I5db57aaf35b35859ea88c7d0e0661d8c553e5811
|
|
In kernel 3.10, f_adb has been removed and adbd can use functionfs
instead. Mount functionfs on boot for adbd. On older kernels, mount
will fail silently and adbd will revert to f_adb.
Change-Id: I5db57aaf35b35859ea88c7d0e0661d8c553e5811
|
|
When adbd runs as root, it should transition into the
su domain. This is needed to run the adbd and shell
domains in enforcing on userdebug / eng devices without
breaking developer workflows.
Use the new device_banner command line option.
Change-Id: Ib33c0dd2dd6172035230514ac84fcaed2ecf44d6
|
|
The syntax of init's mount command changed in April 2008 but
recovery's init.rc was never updated, so recovery's /tmp has been on
the root fs all this time. Fix.
Also add /system/bin to the PATH in recovery, which is handy for
debugging.
Change-Id: I39f7ae435a8ce3bad691e4b7c307db0bd8de1302
|
|
Otherwise everything is left running in the kernel domain when
booting recovery.
Change-Id: Ie3d86547d5be0b68dd1875a97afe1e00fc3e4da1
Signed-off-by: Stephen Smalley <sds@tycho.nsa.gov>
|
|
Change-Id: I431ece69b6856fd1ea6079c38cdeb593c15d7385
|
|
Recovery's init.rc was missing a line (added to the main system's
init.rc in change Ic97fd464440ff4a29fc9da7ad15949ac5215ade3) is
required for secure adb to work.
Change-Id: Id79b94d2abb4cbe3cca7cabeb4bc5faf7205e56b
|
|
Change I84c0513acb549720cb0e8c9fcbda0050f5c396f5 moved reboot
functionality into init but did not update the recovery partition; so
"adb reboot" and /system/bin/reboot in recovery are both broken.
Change-Id: Ie2d14627a686ffb5064256b6c399723636dff116
|
|
Change-Id: I16e3e0ddb8ca062431deb4be83c5be5eb786d76f
|
|
Some devices need hardware specific services started in recovery, for
example watchdogd. Import init.recovery.${ro.hardware}.rc from the
recovery init.rc.
Bug: 6953625
Change-Id: I4a4cee210238150ffaabe774a44340ec3c8ff78c
|
|
Make minadbd drop its root privileges after initializing. We need to
make the /tmp directory writable by the shell group so that it can
drop the sideloaded file there.
|
|
Make minadbd drop its root privileges after initializing. We need to
make the /tmp directory writable by the shell group so that it can
drop the sideloaded file there.
Change-Id: I67b292cf769383f0f67fb934e5a80d408a4c131d
|
|
Rather than depending on the existence of some place to store a file
that is accessible to users on an an unbootable device (eg, a physical
sdcard, external USB drive, etc.), add support for sideloading
packages sent to the device with adb.
This change adds a "minimal adbd" which supports nothing but receiving
a package over adb (with the "adb sideload" command) and storing it to
a fixed filename in the /tmp ramdisk, from where it can be verified
and sideloaded in the usual way. This should be leave available even
on locked user-build devices.
The user can select "apply package from ADB" from the recovery menu,
which starts minimal-adb mode (shutting down any real adbd that may be
running). Once minimal-adb has received a package it exits
(restarting real adbd if appropriate) and then verification and
installation of the received package proceeds.
always initialize usb product, vendor, etc. for adb in recovery
Set these values even on non-debuggable builds, so that the mini-adb
now in recovery can work.
|
|
Set these values even on non-debuggable builds, so that the mini-adb
now in recovery can work.
Change-Id: If4c915403e6f43bfe922aa347e350a8982443106
|
|
Change-Id: I9451b8350d33806097598fb9e575b28fd8b292ad
Signed-off-by: Dima Zavin <dima@android.com>
|
|
Wrote some missing items in recovery, most notably the serial number so that it shows up correctly on adb.
Change-Id: If430c0b78191c8d77f781aa605b5081571451775
|
|
Always start adbd if ro.debuggable=1 rather than basing it on user preference
in persistent system properties.
Use new D001 product ID, which I just allocated for "android recovery mode"
Change-Id: I6f1eac5257eaad2e538c0a8dd549ad89219efa3e
Signed-off-by: Mike Lockwood <lockwood@android.com>
|
|
recovery's init.rc was missing lines that made adb root work.
Change-Id: I300e6997e3b5cb9c7b542b2012eed61deb2550f1
|
|
Change-Id: I8444f44d3194ff16ce54121633d5b255231393f5
Signed-off-by: Mike Lockwood <lockwood@android.com>
|
|
Change-Id: I8444f44d3194ff16ce54121633d5b255231393f5
Signed-off-by: Mike Lockwood <lockwood@android.com>
|
|
Change-Id: I74fa6edc4b001247b20be52e8301d18407fede2c
|
|
Change-Id: Iad448bc1608f88c5db2108475f35b88ea2877b07
|
|
|
|
|