Commit graph

37 commits

Author SHA1 Message Date
Abhishek Arpure
4fec8e9e9a Integer overflow observed while formatting volume
While calculating volume size, get_block_device_size() returns
u64 value but the returned value is assigned in ssize_t variable.
This may cause integer overflow if the volume size is beyond
ssize_t limit.

Use int64_t instead of ssize_t in get_file_size() and explicitly check
for overflow to fix the issue.

Bug: 65001754
Test: mmma bootable/recovery
Change-Id: I91eb30bff0bf7dcc48678efc2f414d2b79af6d0d
2017-09-11 17:13:15 -07:00
Tao Bao
3c00facb3d roots.cpp: Clean up format_volume().
Test: m -j bootable/recovery
Test: Wipe data/cache in recovery
Change-Id: I11a4bf34015e903992ae2fb100d0b59a9fb75e03
2017-07-25 15:26:32 -07:00
Jin Qian
f3ccad58dd recovery: handle security footer before passing size to mke2fs
mke2fs doesn't take negative size as reserved size. If footer is
specified, compute fs size to be
(max partition size - reserved footer size) / block_size

Bug: 23686092
Bug: 63968011
Change-Id: Iac4e143bd26a70cfc81eb52a399d687e19b1049c
2017-07-25 09:11:09 -07:00
Tao Bao
bb10e58eb1 roots.cpp: Reformatting the file.
Mostly cosmetic changes. Removed the use of errno, and added constness
to a few pointers.

format_volume() and exec_cmd() will be cleaned up in a separate CL.

Test: mmma -j bootable/recovery
Change-Id: Ia12ce25a91c0bdd0e319f6da02ce1dc8377f265d
2017-07-24 17:15:41 -07:00
Tao Bao
338be53ed3 Remove the obsolete reference to /file_contexts.
This file no longer exists:
- /file_contexts has been split into plat_file_contexts and
  nonplat_file_contexts since commit
  b236eb6ca204cefcb926e19bd5682f9dcad4021d (system/sepolicy).
- It was named /file_contexts.bin prior to the split.

'-S file_contexts' is also no longer required by e2fsdroid, since commit
2fff6fb036cbbb6dedd7da3d208b312a9038a5ce (external/e2fsprogs). It will
load the file contexts via libselinux.

Test: Trigger the path by performing a data wipe for converting to FBE.
Change-Id: I179939da409e5c0415ae0ea0bf5ddb23f9e6331e
(cherry picked from commit 7af933b6a6)
2017-07-22 16:16:21 -07:00
Jin Qian
ded2dac082 recovery: replace make_ext4 with e2fsprogs
Execute mke2fs to create empty ext4 filesystem.
Execute e2fsdroid to add files to filesystem.

Test: enter recovery mode and wipe data
Bug: 35219933
Change-Id: I10a9f4c1f4754ad864b2df45b1f879180ab33876
(cherry picked from commit ac31808cd3)
2017-07-20 11:42:17 -07:00
Tao Bao
57130c45f8 recovery: Skip "/" in setup_install_mounts().
We don't want to do anything for "/" when preparing for an install.

Bug: 36686818
Test: adb sideload on angler/marlin respectively.
Change-Id: Id854dd0a743a0e163a8f13baf2514105091ddc67
2017-05-10 12:11:21 -07:00
Jin Qian
adeb41a8c0 recovery: update mkfs.f2fs args to match f2fs-tools 1.8.0
mkfs.f2fs in 1.8.0 returns error if number of sectors is 0. Skip
this argument to let mkfs detect device size. 0 sector is also not
necessary for 1.4.1.

Test: format userdata to f2fs and boot
Bug: 37758867
Change-Id: If120988dfb678596c973d183572f870eb0b72a27
2017-05-05 11:07:46 -07:00
Bowgo Tsai
84a06485a9 recovery: switch to fs_mgr_read_fstab_default()
fs_mgr_read_fstab_default() is now aware of recovery mode so it's ok to
switch to this new API.

Bug: 35811655
Test: recovery boot sailfish
Change-Id: I1025b606fd96e74a893ae99cefc1da01e4b27a23
2017-03-29 16:31:29 +08:00
Bowgo Tsai
d13b6cf29c recovery: replacing fs_mgr_read_fstab() with new fs_mgr APIs
The fstab settings of early-mounted partitions (e.g., /vendor) will be in
kernel device tree. Switch to the new API to get the whole settings with
those in device tree:

    fs_mgr_read_fstab_with_dt("/etc/recovery.fstab")

The original default /fstab.{ro.hardware} might be moved to
/vendor/etc/. or /odm/etc/. Use another new API to get the default fstab
instead of using the hard-coded /fstab.{ro.hardware}. This API also
includes the settings from device tree:

    fs_mgr_read_fstab_default()

Bug: 35811655
Test: boot sailfish recovery
Change-Id: Iaa56ac7f7b4c4dfc7180c65f03e9a37b94f1de09
2017-03-10 17:27:31 +08:00
Tao Bao
3da880156b Replace _exit(-1) with _exit(EXIT_FAILURE).
-1 is not a valid exit status.

Also replace a few exit(1) with exit(EXIT_FAILURE).

Test: mmma bootable/recovery
Change-Id: I4596c8328b770bf95acccc06a4401bd5cabd4bfd
2017-02-03 14:11:11 -08:00
Connor O'Brien
98a658bb54 Use flash erase & logical block size for userdata wipe
If flash erase and logical block size are available, then pass them
to libext4_utils when rebuilding userdata.

Test: Factory reset marlin in recovery, confirmed params passed correctly
Bug: 33243520
Change-Id: I6bed976a73e7a64a80eaac50f48fbacb6d812517
Signed-off-by: Connor O'Brien <connoro@google.com>
2017-01-24 18:04:02 -08:00
Tao Bao
de40ba59c8 Update the header path for ext4_utils.
Test: `mmma bootable/recovery`
Change-Id: I70ccddb3ddf46bb012fdc5f632afc46ebdd5473e
2016-10-09 14:02:10 -07:00
Tianjie Xu
7b0ad9c638 Switch recovery to libbase logging
Clean up the recovery image and switch to libbase logging.

Bug: 28191554
Change-Id: Icd999c3cc832f0639f204b5c36cea8afe303ad35
Merged-In: Icd999c3cc832f0639f204b5c36cea8afe303ad35
2016-09-01 18:33:25 +00:00
Johan Harvyl
2f5cfdbb9d Merge "Format formattable partitions if mount fails"
am: cb76857147

Change-Id: I50c2045f56693e445922d30af72867e7ac55b61f
2016-08-15 18:03:37 +00:00
Johan Harvyl
29dd6b6c01 Format formattable partitions if mount fails
If mount fails and the partition has the formattable flag set in fstab
it is formatted and another attempt at the mount is made.

Change-Id: I44edafac7d7ff663489072c66b7e210466316b14
2016-08-12 16:13:50 +02:00
Elliott Hughes
274d17dc0f resolve merge conflicts of 179c0d8 to stage-aosp-master
Change-Id: Iba5aec266444cabf83f600f2bdb45a3c027e5995
2016-06-15 15:22:17 -07:00
Elliott Hughes
63a319201f Remove obsolete MTD support.
Bug: http://b/29250988
Change-Id: Ia97ba9082a165c37f74d6e1c3f71a367adc59945
2016-06-10 13:45:35 -07:00
Paul Lawrence
d0db337d72 Create convert_fbe breadcrumb file to support conversion to FBE
Change-Id: I38b29e1e34ea793e4b87cd27a1d39fa905fddf7a
2015-11-13 07:49:31 -08:00
Tao Bao
abb8f7785e recovery: Allow "Mount /system" for system_root_image.
When system images contain the root directory, there is no entry of
"/system" in the fstab. Change it to look for "/" instead if
ro.build.system_root_image is true. We actually mount the partition
to /system_root instead, and create a symlink to /system_root/system
for /system. This allows "adb shell" to work properly.

Bug: 22855115
Change-Id: Ibac493a5a9320c98ee3b60bd2cc635b925f5454a
2015-07-30 17:22:29 -07:00
Tao Bao
ba9a42aa7e recovery: Switch applypatch/ and updater/ to cpp.
Mostly trivial changes to make cpp compiler happy.

Change-Id: I69bd1d96fcccf506007f6144faf37e11cfba1270
2015-07-13 17:21:31 -07:00
Mohamad Ayyash
522ea72116 Allow mounting squashfs partitions
Change-Id: Ifb8f84063a406db7aad3f9ef12c349ea09a54e07
Signed-off-by: Mohamad Ayyash <mkayyash@google.com>

(cherry picked from commit 0ddfa329ac)
2015-07-06 22:01:25 +00:00
Tao Bao
6896f9d47d Merge "always use volume mount option when mounting a partition" 2015-03-31 23:56:02 +00:00
Andres Morales
c277762de1 Revert "Erase PST partition if its marked to be erased."
This now gets done at the framework level.
Doing it here breaks the signature on the partition.

This reverts commit ee19387905.

Bug: 19967123
Change-Id: I2a977cb0f0ba94defa1bf9091219398ddc1d3528
(cherry picked from commit 037444642b)
2015-03-31 09:48:50 -07:00
Gaelle Nassiet
e853e96b40 always use volume mount option when mounting a partition
From ROS, if enable adb using the vol.up and vol.down buttons, the
/system partition is mounted by the function ensure_path_mounted() but
with hardcoded mount options.  As a consequence, the blocks are
modified and the reboot in MOS is blocked by the dm_verity feature
that detects a corruption.

This patch forces the function ensure_path_mounted() to use the mount
options from the volume structure, that were previously read from the
fstab.

Change-Id: I748d32c14cb821f4aae5bcc430089dab45375515
Signed-off-by: Gaelle Nassiet <gaellex.nassiet@intel.com>
Signed-off-by: Jeremy Compostella <jeremy.compostella@intel.com>
2015-03-24 11:35:04 +01:00
Andres Morales
9dc71cfa52 Merge "Erase PST partition if its marked to be erased." into lmp-dev 2014-08-05 00:34:22 +00:00
Andres Morales
ee19387905 Erase PST partition if its marked to be erased.
We need to wipe the challenges on this partition
if OEM unlock is enabled, as this is a signal that
the user has opted out of factory reset protection.

go/factory-reset

Bug: 16633064
Change-Id: Icb8f1433bf99ca57813f5b72d5a3dd15fa94a263
2014-08-06 09:58:55 -07:00
JP Abgrall
78d458c3d2 Fix length printing + formats
Fix wrong argument order.
Fix for 32 vs 64 bit.

(reported by htc)

Change-Id: Ie37a280bed2848199bcc075500e1326e371cd326
2014-08-04 16:44:33 -07:00
JP Abgrall
37aedb3faf Support F2FS for the data partition
This adds F2FS support
- for wiping a device
- for the install "format" command.

Note: crypto data in "footer" with a default/negative length
is not supported, unlike with "ext4".

Change-Id: I8d141a0d4d14df9fe84d3b131484e9696fcd8870
Signed-off-by: JP Abgrall <jpa@google.com>
2014-06-16 19:07:39 -07:00
Sasha Levitskiy
346e11816d am ecf1f6c9: am 558f2700: Merge "Change filesystem add entry API call."
* commit 'ecf1f6c9299c0cae2f2bf1647f5d7d3a2690f819':
  Change filesystem add entry API call.
2014-04-12 00:02:32 +00:00
Sasha Levitskiy
85ef47dd84 Change filesystem add entry API call.
Needs fs_mgr matching change from: Icf23e659265d71d5226d527c2b40cfbc132320ee

Change-Id: I9adb470b04e4301989d128c9c3097b21b4dea431
Signed-off-by: Sasha Levitskiy <sanek@google.com>
2014-04-11 21:13:26 +00:00
Doug Zongker
99916f0496 do verification and extraction on memory, not files
Changes minzip and recovery's file signature verification to work on
memory regions, rather than files.

For packages which are regular files, install.cpp now mmap()s them
into memory and then passes the mapped memory to the verifier and to
the minzip library.

Support for files which are raw block maps (which will be used when we
have packages written to encrypted data partitions) is present but
largely untested so far.

Bug: 12188746
Change-Id: I12cc3e809834745a489dd9d4ceb558cbccdc3f71
2014-01-16 13:29:28 -08:00
Doug Zongker
f39989a36d recovery: wipe encryption metadata along with data partition
This assumes that the metadata is correctly defined in fstab.
Which apparently some devices don't do.


Bug: 8766487
Bug: 12112624
Change-Id: I1b14b9d4c888e9348527984be3dce04bdd9f4de0
2013-12-12 23:27:42 +00:00
Doug Zongker
239ac6abac recovery: install packages in a known mount environment
When installing a package, we should have /tmp and /cache mounted and
nothing else.  Ensure this is true by explicitly mounting them and
unmounting everything else as the first step of every install.

Also fix an error in the progress bar that crops up when you do
multiple package installs in one instance of recovery.

Change-Id: I4837ed707cb419ddd3d9f6188b6355ba1bcfe2b2
2013-08-21 13:44:35 -07:00
Ken Sumrall
f35d1cef7c Move to using the new unified fstab in recovery.
Instead of reading it's own fstab, have recovery invoke
fs_mgr to read the unified fstab.

Change-Id: I80c75d2c53b809ac60a4a69f0ef7ebfa707c39e9
2013-02-19 17:37:22 -08:00
Kenny Root
41dda82d84 resolved conflicts for merge of 0b1fee1b to master
Change-Id: I2e8298ff5988a96754f56f80a5186c9605ad9928
2012-03-30 21:26:01 -07:00
Doug Zongker
28ce47cfa6 turn recovery into a C++ binary
Change-Id: I423a23581048d451d53eef46e5f5eac485b77555
2011-10-31 10:24:09 -07:00
Renamed from roots.c (Browse further)