| Commit message (Collapse) | Author | Files | Lines |
|
We shouldn't load libraries from some random working directory.
For example it breaks busybox when you're in /system/lib.
Change-Id: Ia1f8f4fda9e6182c0cd8c5ac727c2b1eb09c84a2
|
|
Init now handles this property change directly.
Bug: 37209359
Bug: 37415192
Test: Init reboots normally.
Change-Id: I9a4925897fb83bed180d12c871d9a71126fa4aa8
(cherry picked from commit 4608daf0fe6b5feb11afbfb6ae613d7a5161c95d)
|
|
Init now handles this property change directly.
Bug: 37209359
Bug: 37415192
Test: Init reboots normally.
Change-Id: I9a4925897fb83bed180d12c871d9a71126fa4aa8
|
|
If TWRP crypto fails to decrypt partition, mount the system
partition and use system's own vold to attempt decryption.
This provides a fallback for proprietary OEM encryption as well as
encryption methods which TWRP hasn't been updated for.
Requirements in device tree:
* fstab.{ro.hardware} in device/recovery/root
The fstab does not need to be complete, but it does need the
data partition and the encryption entries.
* 'TW_CRYPTO_USE_SYSTEM_VOLD := true' in BoardConfig
or
* 'TW_CRYPTO_USE_SYSTEM_VOLD := <list of services>'
Notes:
* Setting the flag to 'true' will just use system's vdc+vold
or
* Setting the flag with additional services, will also start them
prior to attempting vdc+vold decryption, eg: for qualcomm based
devices you usually need 'TW_CRYPTO_USE_SYSTEM_VOLD := qseecomd'
* For each service listed an additional import will be automatically
added to the vold_decrypt.rc file in the form of
init.recovery.vold_decrypt.{service}.rc
You will need to add any not already existing .rc files in
your device/recovery/root folder.
* The service names specified in the vold_decrypt.{service}.rc files
have to be named 'sys_{service}'
eg: 'service sys_qseecomd /system/bin/qseecomd'
* Any service already existing in TWRP as {service} or sbin{service} will
be stopped and restarted as needed.
* You can override the default init.recovery.vold_decrypt.rc file(s)
by placing same named ones in your device/recovery/root folder.
If you do, you'll need to manually add the needed imports.
* If /vendor and /firmware folders are temporarily moved and symlinked
to the folders and files in the system partition, the properties
'vold_decrypt.symlinked_vendor' and 'vold_decrypt.symlinked_firmware'
will be set to 1.
This allows for additional control in the .rc files for any extra
actions (symlinks, cp files, etc) that may be needed for decryption
by using: on property:vold_decrypt.symlinked_vendor=1 and/or
on property:vold_decrypt.symlinked_firmware=1 triggers.
Debug mode: 'TW_CRYPTO_SYSTEM_VOLD_DEBUG := true' in BoardConfig
* Specifying this flag, will enable strace on init and vdc, which will
create separate log files in /tmp for every process created, allowing
for detailed analysis of which services and files are being accessed.
* Note that enabling strace will expose the password in the logs!!
* You need to manually add strace to your build.
Thanks to @Captain_Throwback for co-authoring and testing.
Tested successfully on HTC devices:
M8 (KK through MM), M9 (MM and N), A9 (N), 10 (N), Bolt (N),
Desire 626s (MM), U Ultra (N)
HTC One X9 (MTK device)
And by Nikolay Jeliazkov on: Xiaomi Mi Max
Change-Id: I4d22ab55baf6a2a50adde2e4c1c510c142714227
|
|
Change-Id: If9bfcf6bdeac91e82e9615b671acbee5acffe0cc
|
|
Commit 'Do not toggle USB ID during MTP startup if not needed' changed
the default USB mode to 'mtp,adb'. Depending on the device, this can
result in an unfortunate side effect of crashing an ORS sideload
midway through the process (it's not clear to me whether the kernel or
the connected computer is responsible). Only put USB into mtp mode
when MTP storage is starting-up.
The hack to change the USB mode to adb when a user compiles TWRP
without MTP support is no longer necessary now that 'adb' is the
startup mode.
Change-Id: I8ed13d6ab8e85621533997b8c37ef7ebec0fcf85
|
|
Change-Id: I29ba5c4d78be24de3dabc0083fe291fb2b65fa54
|
|
This is necessary to support kernel changes
that allow for multiple ffs functions. Some
kernels require aliases in order to name
function instances before mount time.
Test: Reboot into recovery, verify adb works
Bug: 34070894
Change-Id: I8376304d92af9b3e8c734fdb8cc77f0dc8bc4850
(cherry picked from commit e66f861a7c71f0d59fabd8ec1d096485faf0901e)
|
|
This is necessary to support kernel changes
that allow for multiple ffs functions. Some
kernels require aliases in order to name
function instances before mount time.
Test: Reboot into recovery, verify adb works
Bug: 34070894
Change-Id: I8376304d92af9b3e8c734fdb8cc77f0dc8bc4850
|
|
This is necessary to support kernel changes
that allow for multiple ffs functions. Some
kernels require aliases in order to name
function instances before mount time.
Test: Reboot into recovery, verify adb works
Bug: 34070894
Change-Id: I8376304d92af9b3e8c734fdb8cc77f0dc8bc4850
|
|
This is triggered by changes in healthd which spits out 2 binaries.
Recovery needs to use static binary which is now renamed to 'charger'.
So, change the .rc file to match the rename.
Update the seclable according to new healthd-charger split
Test: Tested recovery on angler using 'reboot recovery' to ensure
healthd is working as before
Change-Id: I9e6018156e677e7224dd2e5894941ed2a7cac1d0
Signed-off-by: Sandeep Patil <sspatil@google.com>
|
|
Starting healthd in early-init can cause SELinux denials if healthd
or any device-specific libraries try to log.
Now healthd is starting at boot as usual service.
Bug: 30292927
Change-Id: I367d022f5885122da49181db3db536012e83f564
|
|
Starting healthd in early-init is not needed and can delay coldboot done
Now healthd is starting at boot as usual service.
Test: check kmsg that healthd starting after /dev/.coldboot_done
Bug: 30292927
Change-Id: I367d022f5885122da49181db3db536012e83f564
|
|
Change-Id: Ifcaf00c760ff452b0e85a88b54e91ca0f2f4644a
|
|
Change-Id: I668604cddc8e8afbf78709f3f872bea4e9f4aa06
|
|
Change-Id: Iec1492dfaf2ceae6f4d8618dd725d07316ee960b
|
|
Bug: http://b/29250988
Change-Id: I61f8c6717b38de2242e4ea8e0913237c1ce5bfea
|
|
This patch mirrors what was done in the main init.rc to relabel
/postinstall.
Bug: 27178350
Bug: 27177071
(cherry picked from commit 6bcc8af6e5a5bf9cc0987305cdfa24d4f6e4afa9)
Change-Id: I8320559f014cfb14216dcc350e016fc1db05cb14
|
|
This patch mirrors what was done in the main init.rc to relabel
/postinstall.
Bug: 27178350
Bug: 27177071
Change-Id: I39cd03f3c55a42c03367957e8c259c9a3155203c
|
|
logd, the init.recovery.logd.rc, and other related files were
included by default if your device configs specified
TARGET_USES_LOGD := true which would be the case for any device
that has a full ROM tree instead of a minimal TWRP tree.
Change-Id: Ia1e55703631f0f22beab2f4d4479599b88539e1a
|
|
Developers and device maintainers may find it useful to have access
to logcat in recovery. This patch set adds the following build flags:
TARGET_USES_LOGD - This is an Android build flag that enables logd
support. Devices that don't have built in kernel logging to dev/log/*
will need this flag for logcat. We'll also use this to include the
necessary support files for logd in TWRP.
TWRP_INCLUDE_LOGCAT - This enables logcat support in recovery.
I pulled the init entries from my HTC One M8 GPE boot.img,
so I'm not certain whether these will work for all devices
or if they're all necessary.
Feedback is welcome.
PS2: Use "TARGET_USES_LOGD" instead as this flag already exists, and
previous flag was named incorrectly (logd isn't kernel logging)
PS3: Start logd service on load_persist_props action, needed for 6.0+
PS4: More info on "TARGET_USES_LOGD" flag as related to liblog
compilation can be found at the below links:
https://android.googlesource.com/platform/system/core/+/android-6.0.1_r10/liblog/Android.mk#27
https://android.googlesource.com/platform/system/core/+/android-6.0.1_r10/liblog/Android.mk#50
Whether or not this flag is needed for logcat in TWRP is dependent
on whether liblog was compiled with this flag.
PS5: Update commit message to better describe "TARGET_USES_LOGD" flag
PS6: Another commit message update
Change-Id: Iaac6c6c822dc93fbe4b6eadcf24eef6995dd6b50
|
|
Both Omni and CM split props loading into load_system_props_action and
load_persist_props_actions in Android 6.0 instead of all_props action.
Add these triggers. Unrecognized triggers do not cause failures in init
for versions of Android which do not have these.
Change-Id: I9682690ff7d378dc0d5e1598754f7a29600c1c2d
|
|
Reinstate some SELinux stuff in the default init.rc (noticed by
Kra1o5)
Add permissive.sh script to dependencies list for CM trees.
Change-Id: I36ade54378c413081d202002488309af35486d5f
|
|
Use sys.usb.config also for ums, but leave sys.storage.ums.enabled for compatibility with custom init.rc that use it.
PS2: Rebased - moved updates to init.recovery.usb.rc
Change-Id: Iad3441d23ac37612e58f63e4038d05c5c1a37b25
|
|
This enables devices to provide their own USB configuration. The
contents of init.recovery.usb.rc can most simply be modified and
included in a device's init.recovery.${ro.hardware}.rc.
Use option:
TW_EXCLUDE_DEFAULT_USB_INIT := true
Rationale: Some devices handle USB pid switching in the kernel. In this
case, USB init provides switching functions which differ from the
standard on property:sys.usb.config=xyz. Other devices should not see
USB attempt mtp,adb mode when TW_EXCLUDE_MTP is set.
Cherry-picked from android-5.0
Change-Id: Ief0fcaf46a1782102166fc1b733a34b1a1ba0802
|
|
This reverts commit 98c1a3de23ae8b589c36e74939193c44d25cac65.
Change-Id: I524060418de18f97c3865ebc4435f501015e92ee
|
|
File level encryption must get the key between mounting userdata and
calling post_fs_data when the directories are created. This requires
access to keymaster, which in turn is found from a system property.
Split property loaded into system and data, and load in right order.
Bug: 22233063
Change-Id: I409c12e3f4a8cef474eb48818e96760fe292cc49
|
|
This reverts commit 98c1a3de23ae8b589c36e74939193c44d25cac65.
Change-Id: I524060418de18f97c3865ebc4435f501015e92ee
|
|
File level encryption must get the key between mounting userdata and
calling post_fs_data when the directories are created. This requires
access to keymaster, which in turn is found from a system property.
Split property loaded into system and data, and load in right order.
Bug: 22233063
Change-Id: I409c12e3f4a8cef474eb48818e96760fe292cc49
|
|
The proper order is mass_storage,adb.
Some systems cannot recognize the mass storage otherwise.
Change-Id: I2a79ac6dfd7247032f774125c75586e45fea7633
Signed-off-by: ramsudharsan <ramsudharsanm@gmail.com>
|
|
This fixes 'su' and 'strace' in the recovery image.
Change-Id: I83c2664d32a15da92bb6092fbdfc772184013c88
|
|
This reverts commit c819dbe95bf80645178b0180f519ab2983da01a0.
Bug: http://b/19702273
Change-Id: I5c75b148a12e644dd247a4df4f67dc9b4b9ff8cf
|
|
shamu isn't booting now
This reverts commit c57453d5377a13445c4b1d3f73c0e0ab19aa0c1e.
Change-Id: I8efbf6260f5fcf983e5056fac6d03916415b944e
|
|
Change-Id: I0a014f8dddfe775159903b5d6fa632733fef692c
|
|
* pstore filesystem is evolution of ram_console and contains
kmsg from previous boot (previously in /proc/last_kmsg).
* Lollipop init.rc does this. If device doesn't have
pstore fs, it will simply be ignored
Change-Id: Id3bf8763ccde54f87fde5cdf2db511649c376aa4
Signed-off-by: Vojtech Bocek <vbocek@gmail.com>
|
|
Change-Id: Id3e2c0795b817db9a85bc84cba2aa05d20179d39
Bug: 18503789
(cherry picked from commit 5bf74b238b402eaaf8c5bd1663fe4d592e59421f)
|
|
Change-Id: Id3e2c0795b817db9a85bc84cba2aa05d20179d39
Bug: 18503789
|
|
In most cases MTP is enabled so it is better to start our init.rc
with MTP enabled and try not to toggle USB IDs during TWRP boot so
that we can keep adb running to make debugging easier.
Change-Id: Idf122c5ad4deeef7e1ed775d495989c502ddfb19
|
|
This will only work if the sepolicy is changed by also applying:
https://gerrit.omnirom.org/10924
Otherwise the sepolicy will deny the request.
Change-Id: I8a52cdfdd38bda19aa89686ff0ad31b90e1aa3b7
|
|
Migrate previous minzip to minzipold replacing the existing
minzipold. This will break compatibility with trees that do not
support selinux (ICS and older). Migrate former verifier files to
verifierold.
Add fuse.h to recovery source because older trees do not have it.
Add LOCAL_MODULE_TAGS where needed for 4.1 tree.
Change-Id: Iade57cb2b0115af7fce9f56aa98636b1744a1ef4
|
|
ueventd will wait for /dev/.booting to go away before giving up
on loading firmware.
The issue was introduced in Ifdd5dd1e95d7e064dde5c80b70198882d949a710
which forgot to update recovery's init.rc
Bug: 17993625
Change-Id: I91205fe6eea50aaef9b401d650ec8d6843a92a57
|
|
In kernel 3.10, f_adb has been removed and adbd can use functionfs
instead. Mount functionfs on boot for adbd. On older kernels, mount
will fail silently and adbd will revert to f_adb.
Change-Id: I5db57aaf35b35859ea88c7d0e0661d8c553e5811
|
|
Big thanks to Dees_Troy for helping with the implementation.
Change-Id: I6c9c522b9c9de5dc139e2ecb0141008182ba07f0
|
|
Implement a new method of sideloading over ADB that does not require
the entire package to be held in RAM (useful for low-RAM devices and
devices using block OTA where we'd rather have more RAM available for
binary patching).
We communicate with the host using a new adb service called
"sideload-host", which makes the host act as a server, sending us
different parts of the package file on request.
We create a FUSE filesystem that creates a virtual file
"/sideload/package.zip" that is backed by the ADB connection -- users
see a normal file, but when they read from the file we're actually
fetching the data from the adb host. This file is then passed to the
verification and installation systems like any other.
To prevent a malicious adb host implementation from serving different
data to the verification and installation phases of sideloading, the
FUSE filesystem verifies that the contents of the file don't change
between reads -- every time we fetch a block from the host we compare
its hash to the previous hash for that block (if it was read before)
and cause the read to fail if it changes.
One necessary change is that the minadbd started by recovery in
sideload mode no longer drops its root privileges (they're needed to
mount the FUSE filesystem). We rely on SELinux enforcement to
restrict the set of things that can be accessed.
Change-Id: Ida7dbd3b04c1d4e27a2779d88c1da0c7c81fb114
|
|
Set panic_on_oops=1 to reboot if the kernel panics.
Change-Id: Id9e8689a570229db2ea2a3d72b52784f8a1ed107
|
|
Duplicate changes made to init.rc for https://android-review.googlesource.com/98852
in the init.rc used for recovery mode.
Bug 15849856
Change-Id: Ia376ddf6373a28718653f7fb1435bf7ecb33d813
|
|
In kernel 3.10, f_adb has been removed and adbd can use functionfs
instead. Mount functionfs on boot for adbd. On older kernels, mount
will fail silently and adbd will revert to f_adb.
Bug: 14160609
Change-Id: I5db57aaf35b35859ea88c7d0e0661d8c553e5811
|
|
The syntax of init's mount command changed in April 2008 but
recovery's init.rc was never updated, so recovery's /tmp has been on
the root fs all this time. Fix.
Also add /system/bin to the PATH in recovery, which is handy for
debugging.
Change-Id: I9e60d18803906bc75c263f12c8863cfd6a14147b
|
|
In kernel 3.10, f_adb has been removed and adbd can use functionfs
instead. Mount functionfs on boot for adbd. On older kernels, mount
will fail silently and adbd will revert to f_adb.
Change-Id: I5db57aaf35b35859ea88c7d0e0661d8c553e5811
|
|
Change-Id: I4c369222cf16cb5bd87f007c3b172cd787d20fb1
|
|
When adbd runs as root, it should transition into the
su domain. This is needed to run the adbd and shell
domains in enforcing on userdebug / eng devices without
breaking developer workflows.
Use the new device_banner command line option.
Change-Id: Ib33c0dd2dd6172035230514ac84fcaed2ecf44d6
|
|
The syntax of init's mount command changed in April 2008 but
recovery's init.rc was never updated, so recovery's /tmp has been on
the root fs all this time. Fix.
Also add /system/bin to the PATH in recovery, which is handy for
debugging.
Change-Id: I39f7ae435a8ce3bad691e4b7c307db0bd8de1302
|
|
Otherwise everything is left running in the kernel domain when
booting recovery.
Change-Id: Ie3d86547d5be0b68dd1875a97afe1e00fc3e4da1
Signed-off-by: Stephen Smalley <sds@tycho.nsa.gov>
|
|
|
|
|
|
Change-Id: I431ece69b6856fd1ea6079c38cdeb593c15d7385
|
|
Recovery's init.rc was missing a line (added to the main system's
init.rc in change Ic97fd464440ff4a29fc9da7ad15949ac5215ade3) is
required for secure adb to work.
Change-Id: Id79b94d2abb4cbe3cca7cabeb4bc5faf7205e56b
|
|
Change I84c0513acb549720cb0e8c9fcbda0050f5c396f5 moved reboot
functionality into init but did not update the recovery partition; so
"adb reboot" and /system/bin/reboot in recovery are both broken.
Change-Id: Ie2d14627a686ffb5064256b6c399723636dff116
|
|
Change-Id: I16e3e0ddb8ca062431deb4be83c5be5eb786d76f
|
|
|
|
|
|
|
|
Add flag parsing from recovery.fstab
|
|
Pull in most TWRP sources
Stub out partition management code
Make it compile -- probably will not boot
Kind of a mess but have to start somewhere
|
|
Some devices need hardware specific services started in recovery, for
example watchdogd. Import init.recovery.${ro.hardware}.rc from the
recovery init.rc.
Bug: 6953625
Change-Id: I4a4cee210238150ffaabe774a44340ec3c8ff78c
|
|
Make minadbd drop its root privileges after initializing. We need to
make the /tmp directory writable by the shell group so that it can
drop the sideloaded file there.
|
|
Make minadbd drop its root privileges after initializing. We need to
make the /tmp directory writable by the shell group so that it can
drop the sideloaded file there.
Change-Id: I67b292cf769383f0f67fb934e5a80d408a4c131d
|
|
Rather than depending on the existence of some place to store a file
that is accessible to users on an an unbootable device (eg, a physical
sdcard, external USB drive, etc.), add support for sideloading
packages sent to the device with adb.
This change adds a "minimal adbd" which supports nothing but receiving
a package over adb (with the "adb sideload" command) and storing it to
a fixed filename in the /tmp ramdisk, from where it can be verified
and sideloaded in the usual way. This should be leave available even
on locked user-build devices.
The user can select "apply package from ADB" from the recovery menu,
which starts minimal-adb mode (shutting down any real adbd that may be
running). Once minimal-adb has received a package it exits
(restarting real adbd if appropriate) and then verification and
installation of the received package proceeds.
always initialize usb product, vendor, etc. for adb in recovery
Set these values even on non-debuggable builds, so that the mini-adb
now in recovery can work.
|
|
Set these values even on non-debuggable builds, so that the mini-adb
now in recovery can work.
Change-Id: If4c915403e6f43bfe922aa347e350a8982443106
|
|
Change-Id: I9451b8350d33806097598fb9e575b28fd8b292ad
Signed-off-by: Dima Zavin <dima@android.com>
|
|
Wrote some missing items in recovery, most notably the serial number so that it shows up correctly on adb.
Change-Id: If430c0b78191c8d77f781aa605b5081571451775
|
|
Always start adbd if ro.debuggable=1 rather than basing it on user preference
in persistent system properties.
Use new D001 product ID, which I just allocated for "android recovery mode"
Change-Id: I6f1eac5257eaad2e538c0a8dd549ad89219efa3e
Signed-off-by: Mike Lockwood <lockwood@android.com>
|
|
recovery's init.rc was missing lines that made adb root work.
Change-Id: I300e6997e3b5cb9c7b542b2012eed61deb2550f1
|
|
Change-Id: I8444f44d3194ff16ce54121633d5b255231393f5
Signed-off-by: Mike Lockwood <lockwood@android.com>
|
|
Change-Id: I8444f44d3194ff16ce54121633d5b255231393f5
Signed-off-by: Mike Lockwood <lockwood@android.com>
|
|
Change-Id: I74fa6edc4b001247b20be52e8301d18407fede2c
|
|
Change-Id: Iad448bc1608f88c5db2108475f35b88ea2877b07
|
|
|
|
|