| Commit message (Collapse) | Author | Age | Files | Lines |
|---|
| |\
| |
| |
| |
| |
| | |
am: 7720e1ab48
Change-Id: Ia09ba6d6b82a088142a964b8223bb2576d78604c
|
| | |
| |
| |
| |
| | |
Test: recovery_unit_test passes.
Change-Id: I8ad364e88aaee31579ed7206aad8e5620518d797
|
| |/
|
|
|
|
|
|
|
|
|
|
|
|
| |
The 'signature_start' variable marks the location of the signature
from the end of a zip archive. And a boundary check is missing where
'signature_start' should be within the EOCD comment field. This causes
problems when sideloading a malicious package. Also add a corresponding
test.
Bug: 31914369
Test: Verification fails correctly when sideloading recovery_test.zip on
angler.
Change-Id: I6ea96bf04dac5d8d4d6719e678d504f957b4d5c1
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
This is a retry of commit 7e31f421a514da09b90e46dbd642a5e9b16e0003.
Commit bd56f1590c967205dc45eb2ec298aa8d2aacb740 switches to calling
write_bootloader_message(<options>) in get_args(), which
unintentionally resets the stage field thus breaks two-step OTAs.
This CL adds update_bootloader_message(<options>), which only sets
the command field (to "boot-recovery") and the recovery field (with
the specified options).
Bug: 33534933
Test: Apply a two-step package.
Test: recovery_component_test passes.
Change-Id: Ie0b1ed4053d2d3c97d9cb84310d616b28fcfc72e
|
| |\ |
|
| | |
| |
| |
| |
| | |
Test: recovery_component_test passes.
Change-Id: Ib9aa2ffd6b018546223c76b7424f4ba355f5b088
|
| |\ \
| |/
|/| |
|
| | |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
This allows recovery to work on devices without screen.
The stub recovery UI does nothing except print to stdout.
Test: write 'recovery\n--wipe_data\n--reason=wipe_data_from_ota\n'
to misc and boot to recovery on a device without screen.
Bug: 33175036
Change-Id: Icde698aa2e2e29f4b3d0532dfd3c6a939ac2bc63
|
| |/
|
|
|
|
|
|
|
|
| |
Bug: http://b/33534933
Test: recovery_component_test passes (and fails on buggy build due to
the CL in [1]).
[1]: commit 7e31f421a514da09b90e46dbd642a5e9b16e0003
Change-Id: I120498048ec1db8f9fcbb3cf135c05d3a48cfcdf
|
| |
|
|
|
|
|
|
|
|
|
|
|
| |
There're two types of targets in applypatch: regular files and EMMC
targets. We have two sets of functions to handle them respectively.
This CL adds testcases to use "EMMC:filename:size:sha1" as the target
name, which triggers the code path for patching EMMC targets.
Bug: 33034669
Test: recovery_component_test passes.
Change-Id: I8f10c6c8d2c1fb083f06a83de91d9e23cb41fb6d
|
| |
|
|
|
|
|
|
|
|
|
| |
Add read_bootloader_message_from() and write_bootloader_message_to() to
allow specifying the BCB device (/misc).
Also add testcases for set_stage() and get_stage().
Test: recovery_component_test passes.
Test: Build a recovery image and apply a two-step OTA package.
Change-Id: If5ab06a1aaaea168d2a9e5dd63c07c0a3190e4ae
|
| |
|
|
|
| |
Test: recovery_component_test passes.
Change-Id: I3af4707bc42c7331ca961be8b967a53de82ea25b
|
| |
|
|
|
|
|
|
|
|
|
|
|
| |
write_value(value, filename) writes 'value' to 'filename'. It can be
used to tune device settings when applying an OTA package. For example,
write_value("960000", "/sys/devices/system/cpu/cpu0/cpufreq/scaling_max_freq").
Bug: 32463933
Test: recovery_component_test passes.
Test: Apply an OTA package that contains a call to write_value(), and
check the result.
Change-Id: Ib009ecb8a45a94353f10c59e2383fe1f49796e35
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
'bool success = ExtractEntryToFile()' gives opposite result. Fix the
issue and add testcases.
Change the one-argument version of package_extract_file() to explicitly
abort for non-existent zip entry. Note that this is NOT changing the
behavior. Prior to this CL, it aborts from Evaluate() function, by
giving a general cause code. Now it returns kPackageExtractFileFailure.
BUg: 32903624
Test: recovery_component_test works.
Change-Id: I7a273e9c0d9aaaf8c472b2c778f7b8d90362c24f
|
| |
|
|
|
|
|
|
| |
Clean up SymlinkFn() a bit. Also clean up the temp files created when
running the tests; otherwise non-empty TemporaryDir won't be removed.
Test: recovery_component_test passes.
Change-Id: Id3844abebd168c40125c4dcec54e6ef680a83c3a
|
| |\ |
|
| | |
| |
| |
| |
| |
| |
| |
| | |
Switch to use const std::string; and add corresponding tests.
Bug: 32649858
Test: Component tests pass
Change-Id: I640f3ec81f1481fa91aa310f8d4d96dac9649cb9
|
| | |
| |
| |
| |
| |
| |
| |
| | |
Move recovery-refresh/persist tests out because these tests need special
steps to run. Also switch the constants to std::string.
Test: recovery_manual_test passed on an A/B device
Change-Id: I60b3ec6f094044945c3aafc1fae540896a6ddea6
|
| |/
|
|
|
|
|
|
|
|
| |
Add unit testcases for sysMapFile().
Test: recovery_unit_test passes.
Test: Build and use the new recovery image to sideload a package.
Test: Build and use the new recovery image to install an update.
Change-Id: I77d8f1ea151ab513865d992c256ba93a1fcb51a4
|
| |
|
|
|
|
|
|
|
| |
It's accidentally broken when refactoring the testdata path. Also clean
up the testcase a bit by simplying the file reading.
Test: recovery_unit_test passes.
Change-Id: I592a1cf5a4eb9a7a5f4eecbc6426baeedeb02781
|
| |
|
|
|
|
| |
Test: recovery_component_test passes.
Change-Id: Iba5a0fdf6c79e2bed6b30b8fc19a306c1ab29d8a
|
| |
|
|
|
|
|
| |
Also add a testcase for delete() function.
Test: recovery_component_test passes.
Change-Id: I064d1ad4693c3ed339d0a69eabadd08a61a2ea86
|
| |
|
|
|
|
|
|
| |
Also add a testcase for file_getprop().
Test: recovery_component_test passes.
Change-Id: I8eb2f9a5702b43997ac9f4b29665eea087b1c146
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
continuous_native_tests expects the testdata under DATA/ in
continuous_native_tests.zip. This CL packs a copy of the testdata into
continuous_native_tests.zip as DATA/nativetest/recovery/testdata (via
LOCAL_PICKUP_FILES).
This CL also removes the extra copy for nativetest64. Testdata will
always stay at /data/nativetest/recovery/testdata, even for 64-bit
version. Otherwise we will unnecessarily get four copies (two for data/
and another two for DATA/).
Bug: 32123241
Test: mmma bootable/recovery && adb sync data. On bullhead,
/data/nativetest/recovery_component_test/recovery_component_test works;
/data/nativetest64/recovery_component_test/recovery_component_test works.
Test: m continuous_native_test; DATA/nativetest/recovery/testdata exists.
Change-Id: Ifefa0309de7af23c77654e8e450848ca2da218c2
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Refactor applypatch/main.cpp into libapplypatch_modes so that we can add
testcases.
Some changes to applypatch/main.cpp:
- Replace char** argv with const char**;
- Use android::base::Split() to split ":";
- Use android::base::ParseUInt().
Bug: 32383590
Test: Unit tests pass, install-recovery.sh works.
Change-Id: I44e7bfa5ab717d439ea1d0ee9ddb7b2c40bb95a4
|
| |
|
|
|
|
| |
Test: Unit tests and install-recovery.sh pass on angler and dragon.
Change-Id: I328e6554edca667cf850f5584ebf1ac211e3d4d1
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
| |
We currently only copy the testdata to
$(TARGET_OUT_DATA_NATIVE_TESTS)/recovery, which fails the tests
generated for 2nd arch (TARGET_2ND_ARCH). For example, on angler
/data/nativetest/recovery_component_test/recovery_component_test fails
due to missing testdata.
Bug: 32123241
Test: Both of /data/nativetest/recovery... and /data/nativetest64/recovery...
work on angler.
Change-Id: Ib76264b4408d01c08b2619c8ac84b2476ea5a8bc
|
| |
|
|
|
|
|
|
|
| |
If no sha1 is specified, applypatch_check should pass as long as
the file content loads successfully. Add a unit case acccordingly.
Test: Unit tests passed
Bug: 32243751
Change-Id: I8c013be67c197d2935e11cf6acc59fb9b943cfd9
|
| |
|
|
|
|
|
|
|
|
|
| |
Clean up the duplicated codes that handle the zip files in
bootable/recovery; and rename the library of the remaining
utility functions to libotautil.
Test: Update package installed successfully on angler.
Bug: 19472796
Change-Id: Iea8962fcf3004473cb0322b6bb3a9ea3ca7f679e
|
| |
|
|
|
|
|
|
|
|
|
| |
Changing the field of 'Value' in edify to std::string from char*.
Meanwhile cleaning up the users of 'Value' and switching them to
cpp style.
Test: compontent tests passed.
Bug: 31713288
Change-Id: Iec5a7d601b1e4ca40935bf1c70d325dafecec235
|
| |
|
|
|
|
|
|
|
|
|
|
| |
- Remove dead declarations in expr.h: SetError(), GetError(),
ClearError().
- Remove the declaration of Build() out of expr.h.
- Use std::unordered_map to implement RegisterFunction() and
FindFunction(); kill FinishRegistration().
- Add a testcase for calling unknown functions.
Test: mmma bootable/recovery; recovery_component_test passes.
Change-Id: I9af6825ae677f92b22d716a4a5682f58522af03b
|
| |
|
|
|
|
|
|
| |
Also add a testcase for sha1_check().
Test: mmma bootable/recovery; recovery_component_test passes.
Change-Id: I4d06d551a771aec84e460148544f68b247a7e721
|
| |
|
|
|
|
|
|
|
| |
So that we can write native tests for updater functions. This CL adds a
testcase for getprop() function.
Test: mmma bootable/recovery; Run recovery_component_test on device.
Change-Id: Iff4c1ff63c5c71aded2f9686fed6b71cc298c228
|
| |
|
|
|
|
|
|
|
|
|
| |
This way we kill a few strdup() and free() calls.
Test: 1. recovery_component_test still passes;
2. Applying an update with the new updater works;
3. The error code in a script with abort("E310: xyz") is recorded into
last_install correctly.
Change-Id: Ibda4da5937346e058a0d7cc81764d6f02920010a
|
| |\ |
|
| | |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
private/android_logger.h contains all we need.
Test: compile
Bug: 26552300
Bug: 31289077
Bug: 31456426
Change-Id: I6714d730372dc81f784e7f9dfee8a33848643a5d
|
| |/
|
|
|
|
|
|
|
|
|
|
|
| |
Now they live in tests/component/edify_test.cpp.
Also rename edify/main.cpp to edify/edify_parser.cpp. It becomes a
host-side debugging tool that validates the input edify script. However,
it supports edify builtin functions only and doesn't recognize the ones
defined via updater.
Test: recovery_component_test passes on device.
Change-Id: Ib94a787bf15098a9cc078d256b6a6dc96ff12b2e
|
| |
|
|
|
|
|
|
|
|
| |
Also remove the 0xff comparison when validating the bootloader
message fields. As the fields won't be erased to 0xff after we
remove the MTD support.
Bug: 28202046
Test: The recovery folder compiles for aosp_x86-eng
Change-Id: Ibb30ea1b2b28676fb08c7e92a1e5f7b6ef3247ab
|
| |
|
|
|
|
|
|
| |
Clean up the recovery image and switch to libbase logging.
Bug: 28191554
Change-Id: Icd999c3cc832f0639f204b5c36cea8afe303ad35
Merged-In: Icd999c3cc832f0639f204b5c36cea8afe303ad35
|
| |
|
|
|
|
|
|
|
|
|
|
| |
* Use const reference type for read-only parameters.
Bug: 30407689
* Use faster overloaded string find function.
Bug: 30411878
* Add parentheses around macro parameters.
Bug: 28705665
Test: build with WITH_TIDY=1
Change-Id: I4e8e5748bfa4ae89871f1fb5fa4624d372530d75
|
| |\
| |
| |
| |
| |
| | |
am: b97da5e0f0
Change-Id: Ia935df84e5ea36dfc6605b41872c36db69a114a0
|
| | |
| |
| |
| |
| | |
Bug: http://b/30708454
Change-Id: I7a5048beff1d8b783a9683dcb4a79606a77f20ee
|
| |\|
| |
| |
| |
| |
| | |
am: e91aef0ee9
Change-Id: Ia130dc2a7f62ecf1ad40ec03d88a331a31800efa
|
| | |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
A Certificate is a pair of an RSAPublicKey and a particular hash. So v1
and v3 differ in the hash algorithm (SHA-1 vs SHA-256), similarly for
v2 and v4.
In verifier testcases, we used to load v1/v2 keys with an explicit
argument of "sha256" to test the v3/v4 keys. This CL switches to loading
v3/v4 keys directly and lets load_keys() to handle that, which is the
actual flow we use in practice.
Also remove the "fallback to v1 key" in the testcases, which is not the
actual behavior.
Bug: 30415901
Test: Run the verifier_test component test on device.
Change-Id: I3a2baa64826f1b6c4c367a560090df384c4521bb
|
| | |
| |
| |
| |
| |
| |
| |
| | |
Track the change in commit 63a319201fc0f5c34c1c62b446527e06f57f8d40 and
fix builds.
Bug: http://b/29250988
Change-Id: Iad5be953e102020931649629afc980d585ed2931
|
| |\ \
| | |
| | |
| | | |
Change-Id: I4ec33904a6af38d81b422c7be6f40b828fbc7525
|
| | | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
Add a new command "--security" to boot commands. If this command is
observed as part of BCB, choose a different background text picture
for installing stage in recovery UI. As a result, users will see
"installing security update" instead of "installing system update"
when applying a security update package.
Bug: 27837319
Change-Id: I2e2253a124993ecc24804fa1ee0b918ac96837c5
|
| |\| |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
am: 8b86373
* commit '8b86373fd954276b18a6fba81afbe42c9caa49d3':
Fix matches_locale function
Change-Id: If7726c2f381ba0e4ab0519b77c167e75a9d46104
|
| | | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
matches_locale was expecting input locale string to have at most one
underscore; as a result "zh_CN_#Hans" ignores "zh_CN" and matches into
"zh". Fix the match function and add unit tests.
Bug: 27837319
Change-Id: I4e8a66f91cae6ac2a46b6bf21f670d5ea564c7c8
|
| | | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
This changes the verification code in bootable/recovery to use
BoringSSL instead of mincrypt.
Cherry-pick of 452df6d99c81c4eeee3d2c7b2171901e8b7bc54a, with
merge conflict resolution, extra logging in verifier.cpp, and
an increase in the hash chunk size from 4KiB to 1MiB.
Bug: http://b/28135231
Change-Id: I1ed7efd52223dd6f6a4629cad187cbc383d5aa84
|
| | | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
(cherry-pick from commit a4f701af93a5a739f34823cde0c493dfbc63537a)
- Add call to __android_log_pmsg_file_write for recovery logging.
- Add call to refresh pmsg if we reboot back into recovery and then
allow overwrite of those logs.
- Add a new one-time executable recovery-refresh that refreshes pmsg
in post-fs phase of init. We rely on pmsg eventually scrolling off
to age the content after recovery-persist has done its job.
- Add a new one-time executable recovery-persist that transfers from
pmsg to /data/misc/recovery/ directory if /cache is not mounted
in post-fs-data phase of init.
- Build and appropriately trigger the above two as required if
BOARD_CACHEIMAGE_PARTITION_SIZE is undefined.
- Add some simple unit tests
NB: Test failure is expected on systems that do not deliver either
the recovery-persist or recovery-refresh executables, e.g. systems
with /cache. Tests also require a timely reboot sequence of test
to truly verify, tests provide guidance on stderr to direct.
Bug: 27176738
Change-Id: I17bb95980234984f6b2087fd5941b0a3126b706b
|
| |\ \ \
| | |/
| |/|
| | | |
Change-Id: Iaf232fbe65879bad6e19c7a9600aa6303a491a67
|
| | | |
| | |
| | |
| | |
| | |
| | |
| | | |
This changes the verification code in bootable/recovery to use
BoringSSL instead of mincrypt.
Change-Id: I37b37d84b22e81c32ac180cd1240c02150ddf3a7
|
| |\| |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
am: 6f83130
* commit '6f83130d7acd85df89a80e691d3aa63bd2ceda39':
recovery: use __android_log_pmsg_file_write for log files
Change-Id: Id2e7a76bae8eb061f6f57249dd912f25cd6332c6
|
| | | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
- Add call to __android_log_pmsg_file_write for recovery logging.
- Add call to refresh pmsg if we reboot back into recovery and then
allow overwrite of those logs.
- Add a new one-time executable recovery-refresh that refreshes pmsg
in post-fs phase of init. We rely on pmsg eventually scrolling off
to age the content after recovery-persist has done its job.
- Add a new one-time executable recovery-persist that transfers from
pmsg to /data/misc/recovery/ directory if /cache is not mounted
in post-fs-data phase of init.
- Build and appropriately trigger the above two as required if
BOARD_CACHEIMAGE_PARTITION_SIZE is undefined.
- Add some simple unit tests
NB: Test failure is expected on systems that do not deliver either
the recovery-persist or recovery-refresh executables, e.g. systems
with /cache. Tests also require a timely reboot sequence of test
to truly verify, tests provide guidance on stderr to direct.
Bug: 27176738
Change-Id: I17bb95980234984f6b2087fd5941b0a3126b706b
|
| |\ \ \
| |/ /
|/| /
| |/
| |
| |
| | |
am: 761653a4ad
* commit '761653a4ad1c392fcd505e8909661fd64f02ce97':
Port applypatch.sh tests to recovery_component_tests
|
| | |
| |
| |
| |
| | |
Bug: 27135282
Change-Id: If53682b591397ddfdb84860a3779b612904d4489
|
| | |
| |
| |
| | |
Change-Id: I7ffba0be5a6befc875ce59b51a008c1892e7d34b
|
| |\ \ |
|
| | |/
| |
| |
| | |
Change-Id: I51fec30114c0a31efc9c2ac8472654baf8bb3e84
|
| |/
|
|
|
|
| |
Test data needs to go outside the gtest module.
Change-Id: Ic444ca838cbafa651ec97ff8730129da84fafc09
|
| |
|
|
|
| |
Bug: 26962907
Change-Id: I5f80636af1740badeff7d08193f08e23f4e4fee1
|
| |
|
|
|
|
| |
And a few trival fixes to suppress warnings.
Change-Id: I38734b5f4434643e85feab25f4807b46a45d8d65
|
| |
|
|
|
|
|
| |
Global variables kill.
No need to manually link gtest, and that causes problems with
libc++.
Change-Id: If804cdd436cf1addfa9a777708efbc37c27770b6
|
|
|
This adds support for key version 5 which is an EC key using the NIST
P-256 curve parameters. OTAs may be signed with these keys using the
ECDSA signature algorithm with SHA-256.
Change-Id: Id88672a3deb70681c78d5ea0d739e10f839e4567
|
