Replace libcrypto with libcrypto_static, which can be protected through
visibility to ensure only modules that don't affect FIPS certification
can use it.
Bug: 141248879
Test: m checkbuild
Change-Id: I0affaa292237bdbc772d3adc36086905ed6fbe9d
Tested by running recovery_unit_test as described in
https://android.googlesource.com/platform/bootable/recovery/+/refs/heads/master/README.md
Attempted to build and boot a recovery image with the
same change to confirm it still works, but
m recoveryimage-nodeps
fails for me.
Bug: 140940227
Test: See above
Change-Id: I00545968a0e5684823e505f2ddbe7e993319b5d4
updater is built in Make and statically links libcrypto,
so it needs to set LOCAL_INJECT_BSSL_HASH to make the FIPS self
test pass.
Bug: 137267623
Test: m checkbuild
Change-Id: Ib253c870090ac8026f5cbb005d6b0e935c73edd1
If the HAL is run on a non-A/B device, it does not fail gracefully; it
will segfault because the current_slot is -1 and methods do not protect
against this. Instead, have Init() fail if we can't determine the
current slot.
Bug: 130078382
Test: vts tests
Change-Id: I2d3094518a842b1a764427d2da9d46781a9f26da
This extracts the implementation of boot_control into a new library,
libboot_control. The bootctrl.default module now wraps this library.
This refactoring will allow us to re-use the same implementation in
HIDL.
Bug: 138861550
Test: mm bootctrl.default
Change-Id: Ic0558da3c2d8e6f5ebec63a497825c24b51623b7
Additionally kill the global variable: reason, stage; move them to a
separate BootState class instead. Vendor specific recovery code will
need to call getters from Device() class to access these variables.
Bug: 137705917
Test: unit tests pass, boot sailfish into recovery, code search and no
code includes common.h in vendor specific recovery.
Change-Id: Ia50a5ea951212c25548562f29cc9cf78505b5e34
In the old code, the recovery only enumerated the input devices at the
startup, and read the input events from these devices.
So if a USB input device is probed after the recovery startup, then the
recovery can't read the events from this device.
This patch use inotify to monitor /dev/input for new added input
device, then support input device hotplug in recovery mode.
Bug: 111847510
Test: can use USB keyboard hotplugged in recovery mode
Change-Id: I7e7dcbd619d3c66a2f40a43418f5dac6a50c859e
Signed-off-by: Liu Shuo A <shuo.a.liu@intel.com>
Signed-off-by: Ming Tan <ming.tan@intel.com>
A global std::string, even if not used, pollutes the bss section
unnecessarily. Since this object is only there for testing, make it
std::optional<std::string>, which is constexpr constructible.
Bug: 138856262
Test: Along with a fix in fs_mgr, see that the bss section for
libbootloader_message.so is now clean on cuttlefish for several
processes.
Change-Id: I6df837dded88d979ffe14d5b2770b120bcf87341
Add the command line option to select the work directory and save the
updated image files. Because some people might have interested in
getting updated images from an ota file.
Also, fix a minor issue that the destination of package_extract_file
needs to be updated if it's a block device. Otherwise, an unintended
file may be extracted in the callers' directory.
Test: run simulation, run unit tests
Change-Id: Ic6a7db0580bc1748d6e080102e4654da4e41fd8c
Then we can override this function in the device specific recovery ui;
and allow customizing the help message.
Bug: 137965958
Test: Check the menu on sailfish
Change-Id: I09f23166f4205c5edf6c62eb42c8ada0fa710b26
Some global variables are only used for recovery.cpp and
recovery_main.cpp, remove them from common.h and handle their usage
accordingly. Variables include:
static constexpr int kRecoveryApiVersion;
extern struct selabel_handle* sehandle;
extern RecoveryUI* ui;
extern bool has_cache;
bool is_ro_debuggable();
Test: unit tests pass, boot into recovery mode and run graphic tests
Change-Id: If83a005786c9b38412731da97aaf85af69a3b917
We start minadbd and rescue services in two processes. In particular,
minadbd handles the requests from host, then communicates with rescue
service to do install/wipe works. When resuce service doesn't see any
request in a pre-defined timeout (currently 300s), rescue service will
exit to avoid endless waiting.
This CL changes minadbd to additionally send a no-op command to rescue
service as a heartbeat signal, so that host side can finish
time-consuming operations (e.g. downloading over network) while keeping
rescue service alive.
Bug: 136457446
Test: Enter resuce mode on blueline. Send `adb rescue getprop
ro.build.fingerprint` and check that rescue service doesn't exit.
Test: Stop sending the getprop command. Check that rescue service exits
after 300s.
Change-Id: Ib9d5ed710cfa94ecfe6cf393a71a0b67b2539531
Merged-In: Ib9d5ed710cfa94ecfe6cf393a71a0b67b2539531
(cherry picked from commit 2223e6a9f8)
(cherry picked from commit 0bbb2ed53e)
(cherry picked from commit dd0158ac60)
Add a command line parser. Also add the support to parse the oem
property file and skip certain functions.
Bug: 131911365
Test: run simulator for wear builds
Change-Id: Ide306b53d3f42b29c02279969aeb18bec4045d6f