A Certificate is a pair of an RSAPublicKey and a particular hash. So v1
and v3 differ in the hash algorithm (SHA-1 vs SHA-256), similarly for
v2 and v4.
In verifier testcases, we used to load v1/v2 keys with an explicit
argument of "sha256" to test the v3/v4 keys. This CL switches to loading
v3/v4 keys directly and lets load_keys() to handle that, which is the
actual flow we use in practice.
Also remove the "fallback to v1 key" in the testcases, which is not the
actual behavior.
Bug: 30415901
Test: Run the verifier_test component test on device.
Change-Id: I3a2baa64826f1b6c4c367a560090df384c4521bb
After process the text images with pngquant, I encountered a
image-loading error when doing graphic tests on angler. The command
"pngcrush -c 0 $imagename" resolves this error and gives almost the
same compression rate. So regenerate all the text images with "pngcrush
-c 0"
Bug: 30415666
Test: Run graphics test on angler and the background text looks good.
Change-Id: I5d989c1230e826407287265fc559349a7bd29303
Update the text images according to the new translations of
"b+sr+Latn", "be-rBY", and "bs-rBA". Also switch to pngquant
which gives a better compression rate.
Bug: 30415666
Change-Id: I6eae5dd7be4c7f1f93c50113822caac9868e0f95
* Use const reference parameter type to avoid unnecessary copy.
* Use more efficient overloaded string methods.
Bug: 30407689
Bug: 30411878
Change-Id: Iefab05c077367f272abf545036b853e8a295c8cd
Test: build with WITH_TIDY=1
Distinguish our "services.cpp" more clearly from the regular adbd
"services.cpp", and remove a few useless includes of "sysdeps.h".
Change-Id: Ided4945a3ac5916133322ca7e95fa51add9abaa4
Move A/B-specific fields, effectively slot_suffix as in this CL, out of
bootloader_message struct. Those A/B-specific fields are expected to be
managed by the A/B-bootloader or boot control HAL, which shouldn't be
cleared by recovery or uncrypt.
Round up the bootloader_message struct to 2-KiB. Round up the
bootloader_message_ab struct to 4-KiB.
Bug: 29193360
Change-Id: I5740a612456da6d4d3b00e49a202d8f689d32690
When recovery starts with --brick, it tries to brick the device by
securely wiping all the partitions as listed in /etc/recovery.brick.
This is designed to support bricking lost devices.
Bug: 27253717
Change-Id: Ib0bd4f0a3bdaca4febc91fce6b682e3ec74354e2
In rootfs context, the verity mode must be supplied by the bootloader
to the kernel. This patch creates a new verity_corrupted field in the
slot metadata structure to remind that this slot is corrupted from a
dm-verity point of view.
If the bootloader receives the "dm-verity device corrupted" reboot
target, it should set this bit to 1. If this bit value is 1, the
bootloader should set the veritymode to "eio".
Change-Id: I9335a39d7d009200318c58c53a3139d542788a9b
Signed-off-by: Jeremy Compostella <jeremy.compostella@intel.com>
Remove O_SYNC from mzExtractRecursive() and PackageExtractFileFn().
These functions deal with extracting whole files from the update
package onto a filesystem. If run on ext4 on a rotating disk, for
example, the O_SYNC flag will cause serious performance problems
and the extraction proecss can take over 30 minutes, with no
obvious benefits.
This API function already calls fsync(fd) after each file is
extracted to ensure data and metadata is written to the underlying
block device, so the O_SYNC calls should be superfluous and safely
removable.
This change does not affect the OTA patch paths or any modification
of the bootloader partition or writes to other 'emmc' partitions.
Signed-off-by: Alistair Strachan <alistair.strachan@imgtec.com>
Change-Id: I9cbb98a98e6278bf5c0d7efaae340773d1fbfcd2
Some ADF drivers do some amount of state cleanup when the ADF device
node is closed, making and attempts to draw using it fail.
This changes the minui ADF backend to keep the adf_device open until it
is exited, fixing issues on such devices.
external/bsdiff uses divsufsort which is much faster, and also include
some bug fixes.
Bug: 26982501
Test: ./imgdiff_test.sh
Change-Id: I089a301c291ee55d79938c7a3ca6d509895440d1
An OTA may be skipped due to low battery. But we should always log it to
understand why an update _fails_ to apply.
Bug: 27893175
Change-Id: I50a3fbbb3e51035e0ac5f1cca150e283852825c3
(cherry picked from commit 5687001895)
