summaryrefslogtreecommitdiffstats
path: root/install (unfollow)
Commit message (Collapse)AuthorFilesLines
2021-05-19Check SPL downgrade before install OTA in recoveryKelvin Zhang5-0/+197
Applying an SPL downgrade package can cause boot failures (/data failed to decrypt). Today's ota_from_target_files tool already try to prevent this. But Packages generated using older tools are still around. Add check in recovery to prevent such OTA package from installing. Test: th Test: Sideload an OTA with newer SPL, make sure check passes Test; Sideload an OTA with older SPL, make sure check fails Bug: 186581246 Bug: 188575410 cherry-picked from aosp/1708986 cherry-picked from commit: 33c62fc4b81b93b29c7a94fba20ab56d7f5f6bd7 Change-Id: Icffe8097521c511e151af023a443ccbb4b59e22c
2021-05-17Check SPL downgrade before install OTA in recoveryKelvin Zhang5-0/+197
Applying an SPL downgrade package can cause boot failures (/data failed to decrypt). Today's ota_from_target_files tool already try to prevent this. But Packages generated using older tools are still around. Add check in recovery to prevent such OTA package from installing. Test: th Test: Sideload an OTA with newer SPL, make sure check passes Test; Sideload an OTA with older SPL, make sure check fails Bug: 186581246 Change-Id: Icffe8097521c511e151af023a443ccbb4b59e22c
2021-03-03Bring up the erase animation early for data wipeTianjie1-3/+5
Right now the "Erasing" animation displays after the merge step during the FDR process; and the merge can take 3-4 minutes. The users maybe confused about the blank screen and forcefully reboot the device. Bug: 181636823 Test: add sleep merge, check the animation displays correctly. Change-Id: Ib23b1ed3a84e95640271a429c51a3d3c142dc404
2021-02-14[LSC] Add LOCAL_LICENSE_KINDS to bootable/recoveryBob Badour1-0/+9
Added SPDX-license-identifier-Apache-2.0 to: applypatch/Android.bp bootloader_message/Android.bp edify/Android.bp fuse_sideload/Android.bp install/Android.bp minadbd/Android.bp minui/Android.bp otautil/Android.bp recovery_ui/Android.bp recovery_utils/Android.bp tests/Android.bp tools/image_generator/Android.bp tools/recovery_l10n/Android.bp uncrypt/Android.bp update_verifier/Android.bp updater/Android.bp updater/Android.mk updater_sample/Android.bp updater_sample/tests/Android.bp Added SPDX-license-identifier-Apache-2.0 SPDX-license-identifier-MIT SPDX-license-identifier-OFL to: Android.bp Android.mk Bug: 68860345 Bug: 151177513 Bug: 151953481 Test: m all Exempt-From-Owner-Approval: janitorial work Change-Id: I3da761b525452838977297f773974000d4de7bd6
2021-02-05Fix SnapshotManager instantiation.David Anderson1-2/+2
New() should be used instead of NewForFirstStageMount(). Bug: 168258606 Test: data wipe with VABC merge in progress Change-Id: Idf2b01a504b577766da303091721764242e99a69
2020-09-18Check for overflow before allocating memory fore decompression.Kelvin Zhang3-2/+19
On 32bit devices, an ZipEntry64 may have size > 2^32, we should check for such cases before attempting to allocate memory. Test: mm -j Change-Id: I0f916ef4b2a692f167719a74bd6ff2e887c6c2ce
2020-09-16Switch to zip64 in recoveryKelvin Zhang3-6/+6
There's already library support for zip64 in libziparchive. We just need to start using the new APIs. Bug: 167951876 Test: Sideload a large ota package in recovery Change-Id: I652741965f28de079d873c6822317ee9fa855201
2020-06-29Add recovery support of dynamic fingerprintsKelvin Zhang1-3/+23
After http://go/aog/1306461, the metadata in the OTA package can have multiple fingerprints or device names e.g. from pre-device=lmiin to pre-device=lmiin|lmiinpro This CL updates recovery code to recognize them Test: Added unit tests for this Bug: 159850736 Change-Id: If6315bf2d3dea77abb9d7d83145f55b0148cdfb1
2020-05-20Detect non-A/B vs. A/B packages correctly.Yifan Hong1-8/+19
Check the package metadata to determine whether this is an A/B or non-A/B update package. This is more accurate. Also checks ro.virtual_ab.allow_non_ab flag. This is useful for continuously supporting (and testing) non-A/B. Bug: 153581609 Test: apply non-A/B update on cuttlefish Change-Id: I629a533a67966d46d9cd87a59c6b9af26daf1667 (cherry picked from commit 2a4afd29a15522ccf3d8ca902214e68445bcac81) Merged-In: I629a533a67966d46d9cd87a59c6b9af26daf1667
2020-05-08Detect non-A/B vs. A/B packages correctly.Yifan Hong1-8/+19
Check the package metadata to determine whether this is an A/B or non-A/B update package. This is more accurate. Also checks ro.virtual_ab.allow_non_ab flag. This is useful for continuously supporting (and testing) non-A/B. Bug: 153581609 Test: apply non-A/B update on cuttlefish Change-Id: I629a533a67966d46d9cd87a59c6b9af26daf1667
2020-02-13Force off-device package installation with FUSETianjie Xu2-0/+51
The non-A/B package installation is subject to TOC/TOU flaw if the attacker can switch the package in the middle of installation. And the most pratical case is to store the package on an external device, e.g. a sdcard, and swap the device in the middle. To prevent that, we can adopt the same protection as used in sideloading a package with FUSE. Specifically, when we install the package with FUSE, we read the entire package to cryptographically verify its signature. The hash for each transfer block is recorded in the memory (TOC), and the subsequent reads (TOU) will be rejected upon dectecting a mismatch. This CL forces the package installation with FUSE when the package stays on a removable media. Bug: 136498130 Test: Run bin/recovery --update_package with various paths; and packages are installed from FUSE as expected Test: recovery_unit_test - no new failures Change-Id: Ia5afd19854c3737110339fd59491b96708926ae5 Merged-In: I35119c2334895aa0ef4ed71b3ddd08f280c0c031
2020-02-13Revert "Force package installation with FUSE unless the package stores on device"Raman Tenneti2-51/+0
This reverts commit 5e6c4e9a91674826bf11cab604250b41a9326fd8. Reason for revert: BUG: 149432069 - build failure on git_qt-qpr1-dev-plus-aosp on docs. 'otautil/roots.h' file not found is the error. Forrest run: https://android-build.googleplex.com/builds/forrest/run/L85900000460577420 Change-Id: I35119c2334895aa0ef4ed71b3ddd08f280c0c031 Merged-In: I35119c2334895aa0ef4ed71b3ddd08f280c0c031
2020-01-22Force package installation with FUSE unless the package stores on deviceTianjie Xu2-0/+51
The non-A/B package installation is subject to TOC/TOU flaw if the attacker can switch the package in the middle of installation. And the most pratical case is to store the package on an external device, e.g. a sdcard, and swap the device in the middle. To prevent that, we can adopt the same protection as used in sideloading a package with FUSE. Specifically, when we install the package with FUSE, we read the entire package to cryptographically verify its signature. The hash for each transfer block is recorded in the memory (TOC), and the subsequent reads (TOU) will be rejected upon dectecting a mismatch. This CL forces the package installation with FUSE when the package stays on a removable media. Bug: 136498130 Test: Run bin/recovery --update_package with various paths; and packages are installed from FUSE as expected Test: recovery_component_test - all passing Change-Id: Ibc9b095036a2fa624e8edf6c347ed4f12aef072f Merged-In: Ibc9b095036a2fa624e8edf6c347ed4f12aef072f
2020-01-21Force package installation with FUSE unless the package stores on deviceTianjie Xu2-0/+51
The non-A/B package installation is subject to TOC/TOU flaw if the attacker can switch the package in the middle of installation. And the most pratical case is to store the package on an external device, e.g. a sdcard, and swap the device in the middle. To prevent that, we can adopt the same protection as used in sideloading a package with FUSE. Specifically, when we install the package with FUSE, we read the entire package to cryptographically verify its signature. The hash for each transfer block is recorded in the memory (TOC), and the subsequent reads (TOU) will be rejected upon dectecting a mismatch. This CL forces the package installation with FUSE when the package stays on a removable media. Bug: 136498130 Test: Run bin/recovery --update_package with various paths; and packages are installed from FUSE as expected Test: recovery_component_test - all passing Merged-In: Ibc9b095036a2fa624e8edf6c347ed4f12aef072f Change-Id: Ibc9b095036a2fa624e8edf6c347ed4f12aef072f
2019-12-18Delete VINTF compatibility check during OTA.Yifan Hong3-86/+0
Test: sideload OTA Bug: 139300422 Change-Id: I3369b69242ccd7a64540a0c2d754a5d6fc50d072
2019-12-16Mount snapshotted /system in Virtual A/B devicesAlessio Balsini2-0/+34
Mounting /system in Virtual A/B devices may require the creation of the associated snapshot devices. This patch performs all the required initializations prior to attempting the mount of /system. Bug: 139157327 Test: manual /system partition mount on VAB device during OTA Depends-on: I7337bdd38d7016d12d3ee42be1c7893b10e9116d Change-Id: I71a9dfc57e1a1354f1f1edc5d287aca93c0c8924 Signed-off-by: Alessio Balsini <balsini@google.com>
2019-11-11Force merges to complete before wiping data or metadata.David Anderson4-0/+79
After an OTA is applied, a wipe in recovery may overwrite components of dynamic partitions living in userdata. If the OTA has not yet begun merging, we mark the current slot unbootable. If the OTA has begun merging, we wait for the merge to complete. This logic is encapsulated in libsnapshot. Bug: 139156011 Test: manual test Change-Id: Id6544a1b8583afcbba11559d46214ec2e68ffa40
2019-10-16Force package installation with FUSE unless the package stores on deviceTianjie Xu2-0/+51
The non-A/B package installation is subject to TOC/TOU flaw if the attacker can switch the package in the middle of installation. And the most pratical case is to store the package on an external device, e.g. a sdcard, and swap the device in the middle. To prevent that, we can adopt the same protection as used in sideloading a package with FUSE. Specifically, when we install the package with FUSE, we read the entire package to cryptographically verify its signature. The hash for each transfer block is recorded in the memory (TOC), and the subsequent reads (TOU) will be rejected upon dectecting a mismatch. This CL forces the package installation with FUSE when the package stays on a removable media. Bug: 136498130 Test: Run bin/recovery --update_package with various paths; and packages are installed from FUSE as expected Change-Id: Ibc9b095036a2fa624e8edf6c347ed4f12aef072f
2019-10-02otautil: Factor out the utils that're private to recovery.Tao Bao4-6/+7
A number of utility functions are intended for serving recovery's own use. Exposing them via libotautil (which is a static lib) would pass the dependencies onto libotautil's users (e.g. recovery image, updater, host simulator, device-specific recovery UI/updater extensions etc). This CL finds a new home for the utils that are private to recovery. Test: mmma bootable/recovery Change-Id: I575e97ad099b85fe1c1c8c7c9458a5a43d4e11e1
2019-09-26minadbd: Export minadbd/types.h to libinstall.Tao Bao2-5/+5
Test: mmma bootable/recovery Change-Id: I503e942b23cc51024aa752c1eb3db5455a44a9d1
2019-09-26Remove libhidltransport depsSteven Moreland1-1/+0
Since this was combined into libhidlbase. Bug: 135686713 Test: build only (libhidltransport is empty) Change-Id: I253e50726967044714275ab995fb8a8a57bcde36
2019-07-24Clean up some global variables in common.hTianjie Xu1-1/+4
Some global variables are only used for recovery.cpp and recovery_main.cpp, remove them from common.h and handle their usage accordingly. Variables include: static constexpr int kRecoveryApiVersion; extern struct selabel_handle* sehandle; extern RecoveryUI* ui; extern bool has_cache; bool is_ro_debuggable(); Test: unit tests pass, boot into recovery mode and run graphic tests Change-Id: If83a005786c9b38412731da97aaf85af69a3b917
2019-07-17minadbd sends heartbeat to rescue service for getprop command.Tao Bao1-1/+3
We start minadbd and rescue services in two processes. In particular, minadbd handles the requests from host, then communicates with rescue service to do install/wipe works. When resuce service doesn't see any request in a pre-defined timeout (currently 300s), rescue service will exit to avoid endless waiting. This CL changes minadbd to additionally send a no-op command to rescue service as a heartbeat signal, so that host side can finish time-consuming operations (e.g. downloading over network) while keeping rescue service alive. Bug: 136457446 Test: Enter resuce mode on blueline. Send `adb rescue getprop ro.build.fingerprint` and check that rescue service doesn't exit. Test: Stop sending the getprop command. Check that rescue service exits after 300s. Change-Id: Ib9d5ed710cfa94ecfe6cf393a71a0b67b2539531 Merged-In: Ib9d5ed710cfa94ecfe6cf393a71a0b67b2539531 (cherry picked from commit 2223e6a9f8bf24b023e8ae3103b50c37def3147e) (cherry picked from commit 0bbb2ed53eb4dc4ae8d447062482f9eda5ef9a91) (cherry picked from commit dd0158ac6016f2853d1af336e345980e06144abd)
2019-07-16minadbd sends heartbeat to rescue service for getprop command.Tao Bao1-1/+3
We start minadbd and rescue services in two processes. In particular, minadbd handles the requests from host, then communicates with rescue service to do install/wipe works. When resuce service doesn't see any request in a pre-defined timeout (currently 300s), rescue service will exit to avoid endless waiting. This CL changes minadbd to additionally send a no-op command to rescue service as a heartbeat signal, so that host side can finish time-consuming operations (e.g. downloading over network) while keeping rescue service alive. Bug: 136457446 Test: Enter resuce mode on blueline. Send `adb rescue getprop ro.build.fingerprint` and check that rescue service doesn't exit. Test: Stop sending the getprop command. Check that rescue service exits after 300s. Change-Id: Ib9d5ed710cfa94ecfe6cf393a71a0b67b2539531 Merged-In: Ib9d5ed710cfa94ecfe6cf393a71a0b67b2539531 (cherry picked from commit 2223e6a9f8bf24b023e8ae3103b50c37def3147e) (cherry picked from commit 0bbb2ed53eb4dc4ae8d447062482f9eda5ef9a91)
2019-07-11minadbd sends heartbeat to rescue service for getprop command.Tao Bao1-1/+3
We start minadbd and rescue services in two processes. In particular, minadbd handles the requests from host, then communicates with rescue service to do install/wipe works. When resuce service doesn't see any request in a pre-defined timeout (currently 300s), rescue service will exit to avoid endless waiting. This CL changes minadbd to additionally send a no-op command to rescue service as a heartbeat signal, so that host side can finish time-consuming operations (e.g. downloading over network) while keeping rescue service alive. Bug: 136457446 Test: Enter resuce mode on blueline. Send `adb rescue getprop ro.build.fingerprint` and check that rescue service doesn't exit. Test: Stop sending the getprop command. Check that rescue service exits after 300s. Change-Id: Ib9d5ed710cfa94ecfe6cf393a71a0b67b2539531 Merged-In: Ib9d5ed710cfa94ecfe6cf393a71a0b67b2539531 (cherry picked from commit 2223e6a9f8bf24b023e8ae3103b50c37def3147e)
2019-07-09Create a fallback to install from fuse if mmap failsTianjie Xu1-3/+4
We may fail to memory map the package on 32 bit builds for packages with 2GiB+ size. This cl tries to install the package with fuse when memory map fails in such cases. Bug: 127071893 Test: build 32 bit version sailfish, push package and block.map, reboot into recovery with the corresponding update_package argument. Change-Id: I5dae4f3e27ccaf8d64ff3657d36f0e75db2330b0
2019-07-09minadbd sends heartbeat to rescue service for getprop command.Tao Bao1-1/+3
We start minadbd and rescue services in two processes. In particular, minadbd handles the requests from host, then communicates with rescue service to do install/wipe works. When resuce service doesn't see any request in a pre-defined timeout (currently 300s), rescue service will exit to avoid endless waiting. This CL changes minadbd to additionally send a no-op command to rescue service as a heartbeat signal, so that host side can finish time-consuming operations (e.g. downloading over network) while keeping rescue service alive. Bug: 136457446 Test: Enter resuce mode on blueline. Send `adb rescue getprop ro.build.fingerprint` and check that rescue service doesn't exit. Test: Stop sending the getprop command. Check that rescue service exits after 300s. Change-Id: Ib9d5ed710cfa94ecfe6cf393a71a0b67b2539531
2019-06-20Support starting fuse from a block mapTianjie Xu3-26/+56
Factor out a new function from ApplyFromSdcard that installs a package from a local path. Inside this function, we start the fuse and choose the type of data provider depending on the path string. And similar to the existing logic, we treat the package as a block map if the path starts with a '@'. This is part of the effort to install larger than 2GiB packages on ILP32 devices. Bug: 127071893 Test: Build a 32 bit sailfish and create a 3GiB OTA package. Sideload the package, uncrypt and install the package from sdcard. Change-Id: I328ea34fa530731acbce7554bfc3059313ad6ece
2019-06-13InstallPackage now takes a package as parameterTianjie Xu6-52/+74
Therefore InstallPackage() doesn't need to worry about the details of a given Package. Bug: 127071893 Test: run update from /bin/recovery --update_package=@path, sideload a package Change-Id: I0caa36785b43924f884ee398e7ea640d7472a92e
2019-06-12Use the new ziparchive Next std::string_view overload.Elliott Hughes2-2/+2
Bug: http://b/129068177 Test: treehugger Change-Id: Ieec83126e36b330da33092a172e365376cd04dfe
2019-05-23Move off the Next ZipString overload.Elliott Hughes2-6/+5
Bug: http://b/129068177 Test: treehugger Change-Id: I3c8f70b0d8cc5dc6b3b4439dbe0b9a5bd85003c4
2019-05-09Track libziparchive API change.Elliott Hughes2-3/+2
Bug: http://b/129068177 Test: treehugger Change-Id: I618bbcf38914dd81e042e0cfd1976ff26274dc30
2019-05-06Track libziparchive API change.Elliott Hughes2-12/+6
Bug: http://b/129068177 Test: treehugger Change-Id: Ie5b2b0cff087f2e9e65a4e77c187e3173357f3ad
2019-04-30install: Install functions return InstallResult.Tao Bao6-31/+33
Test: `atest recovery_unit_test recovery_component_test` Test: Sideload a package on taimen. Change-Id: I2d42f55a89931ee495ea5c5d9e6b5ee1058e8e52
2019-04-30install: Return bool for a few check functions.Tao Bao4-42/+40
The results from these functions have boolean semantics. They're returning `int` prior to this CL, with some of them mixing 0 and InstallResult. Note that SetUpNonAbUpdateCommands() was returning INSTALL_CORRUPT / INSTALL_ERROR / 0 prior to this change, but all the callers handle INSTALL_CORRUPT and INSTALL_ERROR the same way. This CL changes them to return bool instead. Test: `mmma -j bootable/recovery` Test: TreeHugger Test: Sideload on taimen. Change-Id: Ic1b5dbf79aaca68b53ab8ea2c8ba3d19f988c571
2019-04-30Support wipe command in rescue modexunchang2-10/+16
Bug: 131037235 Test: unit tests pass, run `adb rescue wipe` Change-Id: I22668f2c98fe2d9195d2561f961c28a7c08e712c (cherry picked from commit fedeef6f6d1f7b8f1e5a8b9e77f8dc21ef6b3c95)
2019-04-28Parse BCB command to enter rescue mode.Tao Bao1-9/+15
bootloader will set `boot-rescue` in BCB command field to indicate booting into rescue mode. This CL adds the matching parsing code. This CL changes the on-screen UI to display the default image while waiting for each sideload / rescue command. It also changes the minadbd reboot handlers to use REBOOT_ instead of the previous ENTER_ actions. This ensures a reboot going through bootloader, which may load a newly installed bootloader/recovery. Bug: 128505466 Bug: 128415917 Test: Boot into rescue mode. Run `adb rescue getprop` and `adb rescue install`. Check the UI. Then run `adb reboot rescue`. Change-Id: I5b7de9dfd898ed8e14bea0d4ad7385a9bae26e94 Merged-In: I5b7de9dfd898ed8e14bea0d4ad7385a9bae26e94 (cherry picked from commit d9cb014d431fee946308bdb8979c8e8fa74b582f)
2019-04-27Add install/wipe_device.cpp.Tao Bao4-3/+228
Prior to this CL, GetWipePartitionList was declared in install.h (libinstall) but defined in recovery.cpp (librecovery). This CL addresses the issue by refactoring wipe-device related functions into install/wipe_device.cpp. Test: atest recovery_component_test Change-Id: I7ebe04ccfda3d793e085403560a0a202752d9ee3
2019-04-26minadbd: Support `adb reboot` under sideload/rescue modes.Tao Bao3-28/+79
Bug: 128415917 Test: Run the following commands under sideload and rescue modes respectively. $ adb reboot $ adb reboot bootloader $ adb reboot recovery $ adb reboot rescue $ adb reboot invalid Change-Id: I84daf63e3360b7b4a0af5e055149a4f54e10ba90 Merged-In: I84daf63e3360b7b4a0af5e055149a4f54e10ba90 (cherry picked from commit 10f441a9dbb91be3124f455439631abcf8e96cde)
2019-04-26Allow entering rescue mode via recovery UI.Tao Bao2-10/+23
Only enabled on debuggable builds. Bug: 128415917 Test: Sideload package on taimen. Test: Choose "Enter rescue" from recovery UI. Change-Id: I913dbdbcffd3179e6fa72ca862f74ca8f1364b02 Merged-In: I913dbdbcffd3179e6fa72ca862f74ca8f1364b02 (cherry picked from commit c6dc325e88a25201aa3856e6532c3ed14203a376)
2019-04-26Support wipe command in rescue modexunchang2-10/+16
Bug: 131037235 Test: unit tests pass, run `adb rescue wipe` Change-Id: I22668f2c98fe2d9195d2561f961c28a7c08e712c
2019-04-25Parse BCB command to enter rescue mode.Tao Bao1-9/+15
bootloader will set `boot-rescue` in BCB command field to indicate booting into rescue mode. This CL adds the matching parsing code. This CL changes the on-screen UI to display the default image while waiting for each sideload / rescue command. It also changes the minadbd reboot handlers to use REBOOT_ instead of the previous ENTER_ actions. This ensures a reboot going through bootloader, which may load a newly installed bootloader/recovery. Bug: 128505466 Test: Boot into rescue mode. Run `adb rescue getprop` and `adb rescue install`. Check the UI. Then run `adb reboot rescue`. Change-Id: I5b7de9dfd898ed8e14bea0d4ad7385a9bae26e94
2019-04-24minadbd: Support `adb reboot` under sideload/rescue modes.Tao Bao3-28/+79
Bug: 128415917 Test: Run the following commands under sideload and rescue modes respectively. $ adb reboot $ adb reboot bootloader $ adb reboot recovery $ adb reboot rescue $ adb reboot invalid Change-Id: I84daf63e3360b7b4a0af5e055149a4f54e10ba90
2019-04-17Allow entering rescue mode via recovery UI.Tao Bao2-10/+23
Only enabled on debuggable builds. Bug: 128415917 Test: Sideload package on taimen. Test: Choose "Enter rescue" from recovery UI. Change-Id: I913dbdbcffd3179e6fa72ca862f74ca8f1364b02
2019-04-16DO NOT MERGE: Move load & restore logs to logging.cppxunchang2-73/+4
We perform these steps to perserve the recovery logs when wiping /cache partition. Move them to logging.cpp to keep the actually EraseVolume function concise. Bug: 130166585 Test: unit tests pass, mount cache and check last log after cache Change-Id: Idc52833817a446f3a0148a3dd2112f911c9ef48d (cherry picked from commit 2239b9e4dd08e307ad74dc44b597fd53d2d17de8)
2019-04-16DO NOT MERGE: Move wipe cache|data to libinstallxunchang9-18/+249
Therefore, libinstall becomes the sole owner to handle the request from minadbd service. The change also includes 1. move logging.cpp out of librecovery 2. drop the dependency on common.h 3. now it's more sensible to move the wipe_cache as part of install_package. move the wipe_cache to the end of the function. Bug: 130166585 Test: wipe data and cache from menu Change-Id: I6f356dccdb38015c50acf756bac246f87c30fc1f (cherry picked from commit 316e9717461890dd319dc370970069fe4532a561)
2019-04-16DO NOT MERGE: Add socket communication between recovery and minadbdxunchang2-48/+241
This cl adds a socket pair to support the communication between recovery and minadbd. Therefore, minadbd will be able to issue multiple commands to recovery and get back the status of each command. This cl also switches the adb sideload from the recovery menu to use this protocol; and moves minadbd to a separate binary. Bug: 130166585 Test: sideload a package Change-Id: I80d36d5c4e6fe1ae3ea23640907bc50c0dc0d482 (cherry picked from commit 34690ced91e22f5d9b5dd19c33b11c8e0b4bafa0)
2019-04-16DO NOT MERGE: Build libinstall as a static library.Tao Bao1-1/+1
It was once considered to be shared between recovery and minadbd, so that the latter can start an install on its own. The plan has been changed, since package install -- including device wipe operations -- could be device-specific, which should be done by recovery only. This CL moves libinstall back to a static library, which also saves the overall size (reducing from 140256 + 660576 to 555880 bytes on aosp_taimen-userdebug). Bug: 130166585 Test: Run recovery_component_test. Test: `adb sideload` on taimen. Change-Id: Ib1f5f79f235df4682c0bd104425c9c122f6091ba
2019-04-16Move load & restore logs to logging.cppxunchang2-73/+4
We perform these steps to perserve the recovery logs when wiping /cache partition. Move them to logging.cpp to keep the actually EraseVolume function concise. Bug: 130166585 Test: unit tests pass, mount cache and check last log after cache Change-Id: Idc52833817a446f3a0148a3dd2112f911c9ef48d
2019-04-15Move wipe cache|data to libinstallxunchang9-18/+249
Therefore, libinstall becomes the sole owner to handle the request from minadbd service. The change also includes 1. move logging.cpp out of librecovery 2. drop the dependency on common.h 3. now it's more sensible to move the wipe_cache as part of install_package. move the wipe_cache to the end of the function. Bug: 130166585 Test: wipe data and cache from menu Change-Id: I6f356dccdb38015c50acf756bac246f87c30fc1f
2019-04-11Add socket communication between recovery and minadbdxunchang2-48/+241
This cl adds a socket pair to support the communication between recovery and minadbd. Therefore, minadbd will be able to issue multiple commands to recovery and get back the status of each command. This cl also switches the adb sideload from the recovery menu to use this protocol; and moves minadbd to a separate binary. Bug: 130166585 Test: sideload a package Change-Id: I80d36d5c4e6fe1ae3ea23640907bc50c0dc0d482
2019-04-08Build libinstall as a static library.Tao Bao1-1/+1
It was once considered to be shared between recovery and minadbd, so that the latter can start an install on its own. The plan has been changed, since package install -- including device wipe operations -- could be device-specific, which should be done by recovery only. This CL moves libinstall back to a static library, which also saves the overall size (reducing from 140256 + 660576 to 555880 bytes on aosp_taimen-userdebug). Bug: 130166585 Test: Run recovery_component_test. Test: `adb sideload` on taimen. Change-Id: Ib1f5f79f235df4682c0bd104425c9c122f6091ba
2019-04-03libotautil exports libfstab header.Tao Bao1-1/+0
otautil/roots.h includes <fstab/fstab.h>, but users of otautil/roots.h don't need to explicitly depend on libfstab unless they have a real need. Also remove the unneeded include of <fstab/fstab.h> from fsck_unshare_blocks.cpp. Test: mmma -j bootable/recovery Change-Id: Id3dc995a4769e631ab242843ee439bd94b2bf0bc
2019-03-29Move install to separate modulexunchang14-0/+2389
Build libinstall as a shared library. Also drop the dependency on the global variables in common.h. Test: unit tests pass, sideload an OTA Change-Id: I30a20047768ce00689fc0e7851c1c5d712a365a0