anonymous/android_bootable_recovery - Team Win Recovery Project (TWRP)

	Commit message (Collapse)	Author	Age	Files	Lines
*	Detect non-A/B vs. A/B packages correctly.	Yifan Hong	2020-05-08	1	-8/+19
\| \| \| \| \| \| \| \| \| \| \| \| \|	Check the package metadata to determine whether this is an A/B or non-A/B update package. This is more accurate. Also checks ro.virtual_ab.allow_non_ab flag. This is useful for continuously supporting (and testing) non-A/B. Bug: 153581609 Test: apply non-A/B update on cuttlefish Change-Id: I629a533a67966d46d9cd87a59c6b9af26daf1667
*	Merge "Delete VINTF compatibility check during OTA." am: cae99c43de am: 567ae2f9e1 am: 9d090b2ca6	Automerger Merge Worker	2019-12-19	1	-81/+0
\|\ \| \| \| \| \| \|	Change-Id: I1737066e72ac821759f0f2d1af41b9e025bf9719
\| *	Delete VINTF compatibility check during OTA.	Yifan Hong	2019-12-18	1	-81/+0
\| \| \| \| \| \| \| \| \| \| \| \|	Test: sideload OTA Bug: 139300422 Change-Id: I3369b69242ccd7a64540a0c2d754a5d6fc50d072
* \|	Force package installation with FUSE unless the package stores on device	Tianjie Xu	2019-10-16	1	-0/+47
\|/ \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \|	The non-A/B package installation is subject to TOC/TOU flaw if the attacker can switch the package in the middle of installation. And the most pratical case is to store the package on an external device, e.g. a sdcard, and swap the device in the middle. To prevent that, we can adopt the same protection as used in sideloading a package with FUSE. Specifically, when we install the package with FUSE, we read the entire package to cryptographically verify its signature. The hash for each transfer block is recorded in the memory (TOC), and the subsequent reads (TOU) will be rejected upon dectecting a mismatch. This CL forces the package installation with FUSE when the package stays on a removable media. Bug: 136498130 Test: Run bin/recovery --update_package with various paths; and packages are installed from FUSE as expected Change-Id: Ibc9b095036a2fa624e8edf6c347ed4f12aef072f
*	otautil: Factor out the utils that're private to recovery.	Tao Bao	2019-10-02	1	-2/+2
\| \| \| \| \| \| \| \| \| \| \|	A number of utility functions are intended for serving recovery's own use. Exposing them via libotautil (which is a static lib) would pass the dependencies onto libotautil's users (e.g. recovery image, updater, host simulator, device-specific recovery UI/updater extensions etc). This CL finds a new home for the utils that are private to recovery. Test: mmma bootable/recovery Change-Id: I575e97ad099b85fe1c1c8c7c9458a5a43d4e11e1
*	Clean up some global variables in common.h	Tianjie Xu	2019-07-24	1	-1/+4
\| \| \| \| \| \| \| \| \| \| \| \| \| \|	Some global variables are only used for recovery.cpp and recovery_main.cpp, remove them from common.h and handle their usage accordingly. Variables include: static constexpr int kRecoveryApiVersion; extern struct selabel_handle* sehandle; extern RecoveryUI* ui; extern bool has_cache; bool is_ro_debuggable(); Test: unit tests pass, boot into recovery mode and run graphic tests Change-Id: If83a005786c9b38412731da97aaf85af69a3b917
*	Merge "InstallPackage now takes a package as parameter"	Tianjie Xu	2019-06-14	1	-43/+32
\|\
\| *	InstallPackage now takes a package as parameter	Tianjie Xu	2019-06-13	1	-43/+32
\| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \|	Therefore InstallPackage() doesn't need to worry about the details of a given Package. Bug: 127071893 Test: run update from /bin/recovery --update_package=@path, sideload a package Change-Id: I0caa36785b43924f884ee398e7ea640d7472a92e
* \|	Use the new ziparchive Next std::string_view overload.	Elliott Hughes	2019-06-12	1	-1/+1
\|/ \| \| \| \| \|	Bug: http://b/129068177 Test: treehugger Change-Id: Ieec83126e36b330da33092a172e365376cd04dfe
*	Move off the Next ZipString overload.	Elliott Hughes	2019-05-23	1	-2/+2
\| \| \| \| \| \|	Bug: http://b/129068177 Test: treehugger Change-Id: I3c8f70b0d8cc5dc6b3b4439dbe0b9a5bd85003c4
*	Track libziparchive API change.	Elliott Hughes	2019-05-09	1	-1/+1
\| \| \| \| \| \|	Bug: http://b/129068177 Test: treehugger Change-Id: I618bbcf38914dd81e042e0cfd1976ff26274dc30
*	Track libziparchive API change.	Elliott Hughes	2019-05-06	1	-10/+5
\| \| \| \| \| \|	Bug: http://b/129068177 Test: treehugger Change-Id: Ie5b2b0cff087f2e9e65a4e77c187e3173357f3ad
*	install: Install functions return InstallResult.	Tao Bao	2019-04-30	1	-13/+14
\| \| \| \| \| \|	Test: `atest recovery_unit_test recovery_component_test` Test: Sideload a package on taimen. Change-Id: I2d42f55a89931ee495ea5c5d9e6b5ee1058e8e52
*	install: Return bool for a few check functions.	Tao Bao	2019-04-30	1	-33/+31
\| \| \| \| \| \| \| \| \| \| \| \| \| \| \|	The results from these functions have boolean semantics. They're returning `int` prior to this CL, with some of them mixing 0 and InstallResult. Note that SetUpNonAbUpdateCommands() was returning INSTALL_CORRUPT / INSTALL_ERROR / 0 prior to this change, but all the callers handle INSTALL_CORRUPT and INSTALL_ERROR the same way. This CL changes them to return bool instead. Test: `mmma -j bootable/recovery` Test: TreeHugger Test: Sideload on taimen. Change-Id: Ic1b5dbf79aaca68b53ab8ea2c8ba3d19f988c571
*	Move wipe cache\|data to libinstall	xunchang	2019-04-15	1	-5/+13
\| \| \| \| \| \| \| \| \| \| \| \| \| \| \|	Therefore, libinstall becomes the sole owner to handle the request from minadbd service. The change also includes 1. move logging.cpp out of librecovery 2. drop the dependency on common.h 3. now it's more sensible to move the wipe_cache as part of install_package. move the wipe_cache to the end of the function. Bug: 130166585 Test: wipe data and cache from menu Change-Id: I6f356dccdb38015c50acf756bac246f87c30fc1f
*	Move install to separate module	xunchang	2019-03-29	1	-0/+730
	Build libinstall as a shared library. Also drop the dependency on the global variables in common.h. Test: unit tests pass, sideload an OTA Change-Id: I30a20047768ce00689fc0e7851c1c5d712a365a0