summaryrefslogtreecommitdiffstats
path: root/fuse_sideload.cpp (unfollow)
Commit message (Collapse)AuthorFilesLines
2016-08-25Make it backwards compatible with 4.4Ethan Yonker1-0/+15
Change-Id: I668604cddc8e8afbf78709f3f872bea4e9f4aa06
2016-04-14Use BoringSSL instead of mincrypt to speed up package verification.Elliott Hughes1-9/+10
This changes the verification code in bootable/recovery to use BoringSSL instead of mincrypt. Cherry-pick of 452df6d99c81c4eeee3d2c7b2171901e8b7bc54a, with merge conflict resolution, extra logging in verifier.cpp, and an increase in the hash chunk size from 4KiB to 1MiB. Bug: http://b/28135231 Change-Id: I1ed7efd52223dd6f6a4629cad187cbc383d5aa84
2015-07-24recovery: Switch fuse_* to C++.Tao Bao1-9/+6
Change-Id: Id50c3e6febd0ab61f10a654b9b265cf21a2d1701 (cherry picked from commit 71dc365f25676cfb3f62dbb7163697a8c3c5243d)
2015-07-20recovery: Switch fuse_* to C++.Tao Bao1-527/+0
Change-Id: I68770ad1a9e99caee292f8010cfd37dfea3acc64
2015-04-30Check all lseek calls succeed.Elliott Hughes1-9/+7
Also add missing TEMP_FAILURE_RETRYs on read, write, and lseek. Bug: http://b/20625546 Change-Id: I03b198e11c1921b35518ee2dd005a7cfcf4fd94b (cherry picked from commit 7bad7c4646ee8fd8d6e6ed0ffd3ddbb0c1b41a2f)
2015-04-30Check all lseek calls succeed.Elliott Hughes1-9/+7
Also add missing TEMP_FAILURE_RETRYs on read, write, and lseek. Bug: http://b/20625546 Change-Id: I03b198e11c1921b35518ee2dd005a7cfcf4fd94b
2015-03-23Always use strerror to report errno in recovery.Elliott Hughes1-3/+3
Change-Id: I7009959043150fabf5853a43ee2448c7fbea176e
2014-12-02 Make the android-5.0 branch compile in 4.4 to 4.1Ethan Yonker1-1/+1
Migrate previous minzip to minzipold replacing the existing minzipold. This will break compatibility with trees that do not support selinux (ICS and older). Migrate former verifier files to verifierold. Add fuse.h to recovery source because older trees do not have it. Add LOCAL_MODULE_TAGS where needed for 4.1 tree. Change-Id: Iade57cb2b0115af7fce9f56aa98636b1744a1ef4
2014-09-18Use the correct fuse_init_out structure size.Christopher Ferris1-2/+28
Kernel 2.6.16 is the first stable kernel with struct fuse_init_out defined (fuse version 7.6). The structure is the same from 7.6 through 7.22. Beginning with 7.23, the structure increased in size and added new parameters. If the kernel only works on minor revs older than or equal to 22, then use the older structure size since this code only uses the 7.22 version of the structure. Change-Id: I00d7530e01e6b4718dcd04ad2484959d12ef4a65
2014-07-10refactor fuse sideloading codeDoug Zongker1-24/+19
Split the adb-specific portions (fetching a block from the adb host and closing the connections) out from the rest of the FUSE filesystem code, so that we can reuse the fuse stuff for installing off sdcards as well. Change-Id: I0ba385fd35999c5f5cad27842bc82024a264dd14
2014-07-02sideload without holding the whole package in RAMDoug Zongker1-0/+508
Implement a new method of sideloading over ADB that does not require the entire package to be held in RAM (useful for low-RAM devices and devices using block OTA where we'd rather have more RAM available for binary patching). We communicate with the host using a new adb service called "sideload-host", which makes the host act as a server, sending us different parts of the package file on request. We create a FUSE filesystem that creates a virtual file "/sideload/package.zip" that is backed by the ADB connection -- users see a normal file, but when they read from the file we're actually fetching the data from the adb host. This file is then passed to the verification and installation systems like any other. To prevent a malicious adb host implementation from serving different data to the verification and installation phases of sideloading, the FUSE filesystem verifies that the contents of the file don't change between reads -- every time we fetch a block from the host we compare its hash to the previous hash for that block (if it was read before) and cause the read to fail if it changes. One necessary change is that the minadbd started by recovery in sideload mode no longer drops its root privileges (they're needed to mount the FUSE filesystem). We rely on SELinux enforcement to restrict the set of things that can be accessed. Change-Id: Ida7dbd3b04c1d4e27a2779d88c1da0c7c81fb114