Commit graph

528 commits

Author SHA1 Message Date
Tianjie Xu
7aa88748f6 Turn on -Werror for recovery
Also remove the 0xff comparison when validating the bootloader
message fields. As the fields won't be erased to 0xff after we
remove the MTD support.

Bug: 28202046
Test: The recovery folder compiles for aosp_x86-eng
Change-Id: Ibb30ea1b2b28676fb08c7e92a1e5f7b6ef3247ab
2016-09-29 19:21:24 -07:00
Tianjie Xu
7b0ad9c638 Switch recovery to libbase logging
Clean up the recovery image and switch to libbase logging.

Bug: 28191554
Change-Id: Icd999c3cc832f0639f204b5c36cea8afe303ad35
Merged-In: Icd999c3cc832f0639f204b5c36cea8afe303ad35
2016-09-01 18:33:25 +00:00
Chih-Hung Hsieh
8b23811d2a Fix clang-tidy warnings in bootable/recovery.
* Use const reference type for read-only parameters.
Bug: 30407689
* Use faster overloaded string find function.
Bug: 30411878
* Add parentheses around macro parameters.
Bug: 28705665

Test: build with WITH_TIDY=1
Change-Id: I4e8e5748bfa4ae89871f1fb5fa4624d372530d75
2016-08-26 14:54:29 -07:00
Josh Gao
dc97404346 Merge "Fix references to libcrypto_utils_static."
am: b97da5e0f0

Change-Id: Ia935df84e5ea36dfc6605b41872c36db69a114a0
2016-08-08 18:33:51 +00:00
Josh Gao
073164f24b Fix references to libcrypto_utils_static.
Bug: http://b/30708454
Change-Id: I7a5048beff1d8b783a9683dcb4a79606a77f20ee
2016-08-05 18:08:03 -07:00
Tao Bao
717b49254b Merge \"Clean up verifier testcases.\"
am: e91aef0ee9

Change-Id: Ia130dc2a7f62ecf1ad40ec03d88a331a31800efa
2016-08-01 19:48:08 +00:00
Tao Bao
5af4b1901d Clean up verifier testcases.
A Certificate is a pair of an RSAPublicKey and a particular hash. So v1
and v3 differ in the hash algorithm (SHA-1 vs SHA-256), similarly for
v2 and v4.

In verifier testcases, we used to load v1/v2 keys with an explicit
argument of "sha256" to test the v3/v4 keys. This CL switches to loading
v3/v4 keys directly and lets load_keys() to handle that, which is the
actual flow we use in practice.

Also remove the "fallback to v1 key" in the testcases, which is not the
actual behavior.

Bug: 30415901
Test: Run the verifier_test component test on device.

Change-Id: I3a2baa64826f1b6c4c367a560090df384c4521bb
2016-08-01 11:32:28 -07:00
Tao Bao
ab2fb94bf4 tests: Remove obsolete MTD support.
Track the change in commit 63a319201f and
fix builds.

Bug: http://b/29250988
Change-Id: Iad5be953e102020931649629afc980d585ed2931
2016-06-15 21:18:13 -07:00
Tianjie Xu
cacb47b2a3 resolve merge conflicts of 5823dd4 to nyc-dev-plus-aosp
Change-Id: I4ec33904a6af38d81b422c7be6f40b828fbc7525
2016-05-02 18:09:26 +00:00
Tianjie Xu
35926c4b89 Add ability to show "installing security update"
Add a new command "--security" to boot commands. If this command is
observed as part of BCB, choose a different background text picture
for installing stage in recovery UI. As a result, users will see
"installing security update" instead of "installing system update"
when applying a security update package.

Bug: 27837319
Change-Id: I2e2253a124993ecc24804fa1ee0b918ac96837c5
2016-04-29 12:19:43 -07:00
Tianjie Xu
45609d37ef Merge "Fix matches_locale function" into nyc-dev
am: 8b86373

* commit '8b86373fd954276b18a6fba81afbe42c9caa49d3':
  Fix matches_locale function

Change-Id: If7726c2f381ba0e4ab0519b77c167e75a9d46104
2016-04-20 22:12:11 +00:00
Tianjie Xu
2430e2978b Fix matches_locale function
matches_locale was expecting input locale string to have at most one
underscore; as a result "zh_CN_#Hans" ignores "zh_CN" and matches into
"zh". Fix the match function and add unit tests.

Bug: 27837319
Change-Id: I4e8a66f91cae6ac2a46b6bf21f670d5ea564c7c8
2016-04-20 14:50:35 -07:00
Elliott Hughes
8febafa67e Use BoringSSL instead of mincrypt to speed up package verification.
This changes the verification code in bootable/recovery to use
BoringSSL instead of mincrypt.

Cherry-pick of 452df6d99c, with
merge conflict resolution, extra logging in verifier.cpp, and
an increase in the hash chunk size from 4KiB to 1MiB.

Bug: http://b/28135231
Change-Id: I1ed7efd52223dd6f6a4629cad187cbc383d5aa84
2016-04-13 16:39:56 -07:00
Elliott Hughes
6e2a8b11ec resolve merge conflicts of 2bf95ac to nyc-dev-plus-aosp
Change-Id: Iaf232fbe65879bad6e19c7a9600aa6303a491a67
2016-04-12 17:15:40 -07:00
Mattias Nissler
452df6d99c Convert recovery to use BoringSSL instead of mincrypt.
This changes the verification code in bootable/recovery to use
BoringSSL instead of mincrypt.

Change-Id: I37b37d84b22e81c32ac180cd1240c02150ddf3a7
2016-04-06 15:54:17 +02:00
Mark Salyzyn
9b9e5843d2 Merge "recovery: use __android_log_pmsg_file_write for log files" am: 75da771
am: 6f83130

* commit '6f83130d7acd85df89a80e691d3aa63bd2ceda39':
  recovery: use __android_log_pmsg_file_write for log files

Change-Id: Id2e7a76bae8eb061f6f57249dd912f25cd6332c6
2016-03-31 21:00:59 +00:00
Mark Salyzyn
13aca598f8 recovery: use __android_log_pmsg_file_write for log files
(cherry-pick from commit a4f701af93)

- Add call to __android_log_pmsg_file_write for recovery logging.
- Add call to refresh pmsg if we reboot back into recovery and then
  allow overwrite of those logs.
- Add a new one-time executable recovery-refresh that refreshes pmsg
  in post-fs phase of init. We rely on pmsg eventually scrolling off
  to age the content after recovery-persist has done its job.
- Add a new one-time executable recovery-persist that transfers from
  pmsg to /data/misc/recovery/ directory if /cache is not mounted
  in post-fs-data phase of init.
- Build and appropriately trigger the above two as required if
  BOARD_CACHEIMAGE_PARTITION_SIZE is undefined.
- Add some simple unit tests

NB: Test failure is expected on systems that do not deliver either
the recovery-persist or recovery-refresh executables, e.g. systems
with /cache. Tests also require a timely reboot sequence of test
to truly verify, tests provide guidance on stderr to direct.

Bug: 27176738
Change-Id: I17bb95980234984f6b2087fd5941b0a3126b706b
2016-03-31 13:52:54 -07:00
Mark Salyzyn
a4f701af93 recovery: use __android_log_pmsg_file_write for log files
- Add call to __android_log_pmsg_file_write for recovery logging.
- Add call to refresh pmsg if we reboot back into recovery and then
  allow overwrite of those logs.
- Add a new one-time executable recovery-refresh that refreshes pmsg
  in post-fs phase of init. We rely on pmsg eventually scrolling off
  to age the content after recovery-persist has done its job.
- Add a new one-time executable recovery-persist that transfers from
  pmsg to /data/misc/recovery/ directory if /cache is not mounted
  in post-fs-data phase of init.
- Build and appropriately trigger the above two as required if
  BOARD_CACHEIMAGE_PARTITION_SIZE is undefined.
- Add some simple unit tests

NB: Test failure is expected on systems that do not deliver either
the recovery-persist or recovery-refresh executables, e.g. systems
with /cache. Tests also require a timely reboot sequence of test
to truly verify, tests provide guidance on stderr to direct.

Bug: 27176738
Change-Id: I17bb95980234984f6b2087fd5941b0a3126b706b
2016-03-28 11:07:00 -07:00
Jed Estep
3f581f7828 Merge "Port applypatch.sh tests to recovery_component_tests" into nyc-dev
am: 761653a4ad

* commit '761653a4ad1c392fcd505e8909661fd64f02ce97':
  Port applypatch.sh tests to recovery_component_tests
2016-03-12 02:48:57 +00:00
Jed Estep
b8a693bbc7 Port applypatch.sh tests to recovery_component_tests
Bug: 27135282
Change-Id: If53682b591397ddfdb84860a3779b612904d4489
2016-03-11 18:37:34 -08:00
Jed Estep
e1305768f6 Fix verifier test base testdata directory after merge conflict
Change-Id: I7ffba0be5a6befc875ce59b51a008c1892e7d34b
2016-02-22 10:59:37 -08:00
Tao Bao
c213a7c1d1 Merge "verifier_test: Suppress the unused parameter warnings." 2016-02-09 04:06:18 +00:00
Jed Estep
d5a14c6a49 Change on-device directory for recovery test data
Test data needs to go outside the gtest module.

Change-Id: Ic444ca838cbafa651ec97ff8730129da84fafc09
2016-02-05 11:49:20 -08:00
Tao Bao
e1a16af3ea verifier_test: Suppress the unused parameter warnings.
Change-Id: I51fec30114c0a31efc9c2ac8472654baf8bb3e84
2016-02-05 10:41:53 -08:00
Jed Estep
432918603f Refactor existing tests to use gtest
Bug: 26962907
Change-Id: I5f80636af1740badeff7d08193f08e23f4e4fee1
2016-02-04 10:11:30 -08:00
Tao Bao
80e46e08de recovery: Switch to clang
And a few trival fixes to suppress warnings.

Change-Id: I38734b5f4434643e85feab25f4807b46a45d8d65
2015-06-03 11:30:03 -07:00
Dan Albert
13f21c2bc7 More test makefile cleanup.
Global variables kill.
No need to manually link gtest, and that causes problems with
libc++.

Change-Id: If804cdd436cf1addfa9a777708efbc37c27770b6
2014-10-17 01:05:08 +00:00
Kenny Root
7a4adb5268 Add support for ECDSA signatures
This adds support for key version 5 which is an EC key using the NIST
P-256 curve parameters. OTAs may be signed with these keys using the
ECDSA signature algorithm with SHA-256.

Change-Id: Id88672a3deb70681c78d5ea0d739e10f839e4567
2013-10-10 14:19:19 -07:00