Changes minzip and recovery's file signature verification to work on
memory regions, rather than files.
For packages which are regular files, install.cpp now mmap()s them
into memory and then passes the mapped memory to the verifier and to
the minzip library.
Support for files which are raw block maps (which will be used when we
have packages written to encrypted data partitions) is present but
largely untested so far.
Bug: 12188746
Change-Id: I12cc3e809834745a489dd9d4ceb558cbccdc3f71
minzip had some features that were used when reading APKs, but APK
handling now uses libziparchive instead of minzip. Remove these
unused functions.
Change-Id: Iead89209a716bfe9e3d339bf85b3e97e33a41f35
Modify the OTA installer to understand SELinux filesystem labels.
We do this by introducing new set_perm2 / set_perm2_recursive
calls, which understand SELinux filesystem labels. These filesystem
labels are applied at the same time that we apply the
UID / GID / permission changes.
For compatibility, we preserve the behavior of the existing
set_perm / set_perm_recursive calls.
If the destination kernel doesn't support security labels, don't
fail. SELinux isn't enabled on all kernels.
Bug: 8985290
Change-Id: I99800499f01784199e4918a82e3e2db1089cf25b
Make minzip log only a count of files when extracting, not individual
filenames. Make patching only chatter about free space if there's not
enough and compact the other messages.
Only the last 8k of the recovery log gets uploaded; this makes it more
likely that we will get all of it.
Change-Id: I529cb4947fe2185df82b9da5fae450a7480dcecd
Use of __inline__ by projects in bootable/* was causing problems with
clang. Following the BKM and replaced use of __inline__ with
__attribute((__gnu_inline)).
Change-Id: If4ccfded685bb2c9d9c23c9b92ee052208399ef0
Author: Edwin Vane <edwin.vane@intel.com>
Reviewed-by: Kevin P Schoedel <kevin.p.schoedel@intel.com>
Extend minzip, recovery, and updater to set the security context on
files based on the file_contexts configuration included in the package.
Change-Id: Ied379f266a16c64f2b4dca15dc39b98fcce16f29
Add a version of package_extract_file that returns the file data as
its return value (to be consumed by some other edify function that
expects to receive a bunch of binary data as an argument). Lets us
avoid having two copies of a big file in memory (extracting it into
/tmp, which is a ramdisk, and then having something load it into
memory) when doing things like radio updates.
Change-Id: Ie26ece5fbae457eb0ddcd8a13d74d78a769fbc70
Remove the memory alignment that mysteriously made OTA installs work,
in anticipation of a kernel that fixes the actual problem. Handle
EINTR properly.
In donut, OTA installation often encounters the write() system call
doing short writes -- which is legal but unexpected -- or failing with
ENOSPC when plenty of space is available. Passing aligned memory
buffers to write() appears to prevent (or at least reduce the
frequency) of these problems. b/1833052 has been filed to look at the
underlying problem, but this change aligns buffers we use with write()
so we can OTA for now (or see if this problem still occurs).
minzip fails if write() doesn't write all the data in one call.
Apparently this was good enough before, but it causes OTAs to fail all
the time now (maybe due to the recently-submitted kernel)? Change
code to attempt continuing after short writes.
