Commit graph

16 commits

Author SHA1 Message Date
Elliott Hughes
dbb20c4863 Fix mips64 minadbd_test build.
Looks like the mips64 linker isn't as good as the others at GCing
unused stuff, which means it needs libcutils.

Change-Id: I5f768e44514350fb81e5360351db3e9cc4201702
2015-05-01 22:29:01 -07:00
Elliott Hughes
4039933c62 Move minadb over to new API.
Change-Id: I889bcf2222245c7665287513669cae8831e37081
2015-05-01 17:07:44 -07:00
Elliott Hughes
20531ef605 Switch minadb over to C++.
Change-Id: I5afaf70caa590525627c676c88b445d3162de33e
2015-04-10 13:59:19 -07:00
Dan Albert
b2f945932c Remove unused libutils references.
Change-Id: I22797643103ce1d4371198433ad9849cc83d3d7c
2015-03-13 22:33:38 -07:00
Dan Albert
ffd6c31a77 Add tests for read_block_adb.
These tests aren't completely representative in that they don't run in
the recovery image. We might want to look in to adding a self-test
option to the recovery UI. Until then, these can be run on a normal
device (which is easier to do anyway).

Bug: 19522788
Change-Id: Idb20feb55d10c62905c2480ab1b61a2e4b5f60d8
2015-02-26 17:00:11 -08:00
Dan Albert
2404370589 Remove _(GNU|XOPEN)_SORUCE makefile cruft.
None of the functions needing these are used.

Change-Id: Ibe3ca24d993788bf2f1108bac8417a7094ef386b
2015-02-24 22:41:07 -08:00
Dan Albert
8f6eb5c045 Fix build from implicit declaration.
Turn the warning on by default and turn on -Werror so this doesn't
happen next time.

Change-Id: Id65bf0cb63bbf0ff224655b425463ae2f55435df
2015-02-24 22:07:18 -08:00
Dan Albert
f3a5726919 Kill of most of the remainder of minadbd.
I think everything left now is here to stay (services.c might get
massaged in to libadbd if it gets refactored).

Bug: 17626262
Change-Id: I01faf8b277a601a40e3a0f4c3b8206c97f1d2ce6
2015-02-19 15:41:35 -08:00
Dan Albert
9a894b7ece Move adb_main to its own file.
Change-Id: Ia5150e1ef8be5a8f2d2da0fdca9383e22218f4ac
2015-02-19 10:40:17 -08:00
Dan Albert
1ddd350504 Use headers from adb.
adb.h has diverged a bit, so that one will be more involved, but these
three are all trivial, unimportant changes.

Change-Id: Ief8474c1c2927d7e955adf04f887c76ab37077a6
2015-02-18 16:14:16 -08:00
Dan Albert
2b2a14ff35 Remove unused code.
Change-Id: Ie37734e75bc4d1e284dcb5dee4c0512021663dbd
2015-02-18 15:11:29 -08:00
Dan Albert
8f1bfead3f Lose USB transport code to libadb.
Bug: 17626262
Change-Id: If41031ba20a3a75fa510f155c654a482b47e409d
2015-02-18 15:11:29 -08:00
Dan Albert
a01ce3a229 Start losing code to libadb.
Bug: 17626262
Change-Id: I8ce7cff2b7789f39f35a4211d7120d072c05a863
2014-11-25 10:59:42 -08:00
Doug Zongker
18a78e0a16 refactor fuse sideloading code
Split the adb-specific portions (fetching a block from the adb host
and closing the connections) out from the rest of the FUSE filesystem
code, so that we can reuse the fuse stuff for installing off sdcards
as well.

Change-Id: I0ba385fd35999c5f5cad27842bc82024a264dd14
2014-07-10 10:55:07 -07:00
Doug Zongker
075ad800c5 sideload without holding the whole package in RAM
Implement a new method of sideloading over ADB that does not require
the entire package to be held in RAM (useful for low-RAM devices and
devices using block OTA where we'd rather have more RAM available for
binary patching).

We communicate with the host using a new adb service called
"sideload-host", which makes the host act as a server, sending us
different parts of the package file on request.

We create a FUSE filesystem that creates a virtual file
"/sideload/package.zip" that is backed by the ADB connection -- users
see a normal file, but when they read from the file we're actually
fetching the data from the adb host.  This file is then passed to the
verification and installation systems like any other.

To prevent a malicious adb host implementation from serving different
data to the verification and installation phases of sideloading, the
FUSE filesystem verifies that the contents of the file don't change
between reads -- every time we fetch a block from the host we compare
its hash to the previous hash for that block (if it was read before)
and cause the read to fail if it changes.

One necessary change is that the minadbd started by recovery in
sideload mode no longer drops its root privileges (they're needed to
mount the FUSE filesystem).  We rely on SELinux enforcement to
restrict the set of things that can be accessed.

Change-Id: Ida7dbd3b04c1d4e27a2779d88c1da0c7c81fb114
2014-07-02 12:16:36 -07:00
Doug Zongker
9270a20a80 support "sideload over ADB" mode
Rather than depending on the existence of some place to store a file
that is accessible to users on an an unbootable device (eg, a physical
sdcard, external USB drive, etc.), add support for sideloading
packages sent to the device with adb.

This change adds a "minimal adbd" which supports nothing but receiving
a package over adb (with the "adb sideload" command) and storing it to
a fixed filename in the /tmp ramdisk, from where it can be verified
and sideloaded in the usual way.  This should be leave available even
on locked user-build devices.

The user can select "apply package from ADB" from the recovery menu,
which starts minimal-adb mode (shutting down any real adbd that may be
running).  Once minimal-adb has received a package it exits
(restarting real adbd if appropriate) and then verification and
installation of the received package proceeds.

Change-Id: I6fe13161ca064a98d06fa32104e1f432826582f5
2012-01-10 10:18:17 -08:00