Older versions of android supported an ASLR system where binaries were
randomly twiddled at OTA install time. Remove support for this; we
now use the ASLR support in the linux kernel.
Change-Id: I8348eb0d6424692668dc1a00e2416fbef6c158a2
mzGetStoredEntry gives you a pointer and address to the data of a zip
entry, assuming that entry is stored rather than deflated.
Change-Id: Ifb39777c98d1d50475ef7de419cf28935f5f9965
Use intptr_t/uintptr_t to cast between pointer and int to allow
building with -Werror=pointer-to-int-cast and
Werror=int-to-pointer-cast turned on.
Cast to char* instead of unsigned int for pointer arithmetic.
Change-Id: Ia862306fdcca53866b330e8cf726f3d62f2248a0
When adbd runs as root, it should transition into the
su domain. This is needed to run the adbd and shell
domains in enforcing on userdebug / eng devices without
breaking developer workflows.
Use the new device_banner command line option.
Change-Id: Ib33c0dd2dd6172035230514ac84fcaed2ecf44d6
uncrypt can read a file on an encrypted filesystem and rewrite it to
the same blocks on the underlying (unencrypted) block device. This
destroys the contents of the file as far as the encrypted filesystem
is concerned, but allows the data to be read without the encryption
key if you know which blocks of the raw device to access. uncrypt
produces a "block map" file which lists the blocks that contain the file.
For unencrypted filesystem, uncrypt will produce the block map without
touching the data.
Bug: 12188746
Change-Id: Ib7259b9e14dac8af406796b429d58378a00c7c63
Changes minzip and recovery's file signature verification to work on
memory regions, rather than files.
For packages which are regular files, install.cpp now mmap()s them
into memory and then passes the mapped memory to the verifier and to
the minzip library.
Support for files which are raw block maps (which will be used when we
have packages written to encrypted data partitions) is present but
largely untested so far.
Bug: 12188746
Change-Id: I12cc3e809834745a489dd9d4ceb558cbccdc3f71
The syntax of init's mount command changed in April 2008 but
recovery's init.rc was never updated, so recovery's /tmp has been on
the root fs all this time. Fix.
Also add /system/bin to the PATH in recovery, which is handy for
debugging.
Change-Id: I39f7ae435a8ce3bad691e4b7c307db0bd8de1302
Otherwise everything is left running in the kernel domain when
booting recovery.
Change-Id: Ie3d86547d5be0b68dd1875a97afe1e00fc3e4da1
Signed-off-by: Stephen Smalley <sds@tycho.nsa.gov>
minzip had some features that were used when reading APKs, but APK
handling now uses libziparchive instead of minzip. Remove these
unused functions.
Change-Id: Iead89209a716bfe9e3d339bf85b3e97e33a41f35
These were attempts to write partitions "conservatively" in hopes of
fixing the problems with writing the radio partition on Nexus 4. They
didn't work (a kernel patch was needed), but got left in. They make
writing of partitions unnecessarily slow (ie, we really shouldn't need
to sync() after every 4kb). Roll back most of them, but leave the
verification read-back in.
Change-Id: I94badc0979e88816c5aa0485f6316c02be69173c
This assumes that the metadata is correctly defined in fstab.
Which apparently some devices don't do.
Bug: 8766487
Bug: 12112624
Change-Id: I1b14b9d4c888e9348527984be3dce04bdd9f4de0
In order to support multi-stage recovery packages, we add the
set_stage() and get_stage() functions, which store a short string
somewhere it can be accessed across invocations of recovery. We also
add reboot_now() which updater can invoke to immediately reboot the
device, without doing normal recovery cleanup. (It can also choose
whether to boot off the boot or recovery partition.)
If the stage string is of the form "#/#", recovery's UI will be
augmented with a simple indicator of what stage you're in, so it
doesn't look like a reboot loop.
Change-Id: I62f7ff0bc802b549c9bcf3cc154a6bad99f94603
A system/core change made in Mar 26 2012 6ebf12f "init: Change umask
of forked processes to 077" changed the default umask of services
forked from init.
Because recovery is forked from init, it has a umask of 077. Therefore
when update-binary is forked from recovery, it too has a umask of 077.
This umask is overly restrictive and can cause problems for scripts
relying on minzip to extract binaries directly into the target
filesystem. Any directories updated by minzip will have their
permissions reset to r-x------ and created files will have similarly
restrictive permissions.
As it seems unlikely this security measure was intended to have this
side effect on legacy sideloads that do not have chmods to repair
the damage done by minzip, this change reverts the umask to 022 in
the fork made for update-binary.
Change-Id: Ib1a3fc83aa4ecc7480b5d0c00f3c7d0d040d4887
Because backgroundIcon[] is not initialized by the ScreenRecoveryUI
constructor, it should be initialized explicitly to NULL in Init().
If it is not initialized, ScreenRecoveryUI::SetBackground() can fail
for the NONE icon because the NULL test can fail and junk will be
dereferenced.
Change-Id: I4e3738d2e241ed90df43c984fb41e0072933f50a
* commit '40dfc474c457f5be24e204e6a0c657c97acb8f3c':
Enable incremental builder to find files that moved, and try to process them via patch + rename, instead of delete + add.
* commit 'c64e76c75088b951f61a7f7bacf8af6eccd2ccfa':
Enable incremental builder to find files that moved, and try to process them via patch + rename, instead of delete + add.
