summaryrefslogtreecommitdiffstats
path: root/updater/install.cpp (unfollow)
Commit message (Collapse)AuthorFilesLines
2016-06-11updater: Fix the broken ReadFileFn.Tao Bao1-1/+1
Was accidentally broken by the CL in [1]. [1]: commit d6c93afcc28cc65217ba65eeb646009c4f15a2ad Change-Id: I851e13ccea6f5be6fcd47f712cc95867245f9934
2016-06-10Remove obsolete MTD support.Elliott Hughes1-157/+11
Bug: http://b/29250988 Change-Id: Ia97ba9082a165c37f74d6e1c3f71a367adc59945
2016-05-23resolve merge conflicts of 50f6417Tianjie Xu1-1/+0
Fix a typo for ota_fclose(). Change-Id: Ia93e911aa5391afc604874fc3a09c5a45c094c80
2016-05-20Allow recovery to return error codesTianjie Xu1-59/+70
Write error code, cause code, and retry count into last_install. So we can have more information about the reason of a failed OTA. Example of new last_install: @/cache/recovery/block.map package name 0 install result retry: 1 retry count (new) error: 30 error code (new) cause: 12 error cause (new) Details in: go/android-ota-errorcode Bug: 28471955 Change-Id: I00e7153c821e7355c1be81a86c7f228108f3dc37
2016-05-06updater, minzip: Remove unnecessary O_SYNC flags.Alistair Strachan1-1/+1
Remove O_SYNC from mzExtractRecursive() and PackageExtractFileFn(). These functions deal with extracting whole files from the update package onto a filesystem. If run on ext4 on a rotating disk, for example, the O_SYNC flag will cause serious performance problems and the extraction proecss can take over 30 minutes, with no obvious benefits. This API function already calls fsync(fd) after each file is extracted to ensure data and metadata is written to the underlying block device, so the O_SYNC calls should be superfluous and safely removable. This change does not affect the OTA patch paths or any modification of the bootloader partition or writes to other 'emmc' partitions. Signed-off-by: Alistair Strachan <alistair.strachan@imgtec.com> Change-Id: I9cbb98a98e6278bf5c0d7efaae340773d1fbfcd2
2016-04-18Fix google-runtime-int warnings.Chih-Hung Hsieh1-5/+6
Bug: 28220065 Change-Id: Ida199c66692a1638be6990d583d2ed42583fb592
2016-04-02Move selinux dependencies out of header files.Elliott Hughes1-1/+2
Bug: http://b/27764900 Change-Id: Ib62a59edcb13054f40f514c404d32b87b14ed5f1
2016-03-19Control fault injection with config files instead of build flagsJed Estep1-1/+1
Bug: 27724259 Change-Id: I65bdefed10b3fb85fcb9e1147eaf0687d7d438f4
2016-03-17Revert "DO NOT MERGE Control fault injection with config files instead of build flags"Tao Bao1-1/+1
This reverts commit f73abf36bcfd433a3fdd1664a77e8e531346c1b1. Bug: 27724259 Change-Id: I1301fdad15650837d0b1febd0c3239134e2b94fb
2016-03-16DO NOT MERGE Control fault injection with config files instead of build flagsJed Estep1-1/+1
Bug: 26570379 Change-Id: I76109d09276d6e3ed3a32b6fedafb2582f545c0c
2016-03-11applypatch: use vector to store data in FileContents.Yabin Cui1-10/+11
Cherry pick this patch because it fixes the problem that a newed Value is released by free(). Bug: 26906416 Change-Id: Ib53b445cd415a1ed5e95733fbc4073f9ef4dbc43 (cherry picked from commit d6c93afcc28cc65217ba65eeb646009c4f15a2ad)
2016-02-23Control fault injection with config files instead of build flagsJed Estep1-1/+1
Bug: 26570379 Change-Id: I76109d09276d6e3ed3a32b6fedafb2582f545c0c (cherry picked from commit d940887dde23597dc358b16d96ca48dd7480fee6)
2016-02-20Control fault injection with config files instead of build flagsJed Estep1-1/+1
Bug: 26570379 Change-Id: I76109d09276d6e3ed3a32b6fedafb2582f545c0c
2016-02-12applypatch: use vector to store data in FileContents.Yabin Cui1-10/+11
Bug: 26906416 Change-Id: Ib53b445cd415a1ed5e95733fbc4073f9ef4dbc43
2016-02-10IO fault injection for OTA packagesJed Estep1-21/+22
Bug: 25951086 Change-Id: I31c74c735eb7a975b7f41fe2b2eff042e5699c0c (cherry-picked from commit f1fc48c6e62cfee42d25ad12f443e22d50c15d0b)
2016-02-04updater: fix memory leak based on static analysis.Yabin Cui1-44/+39
Bug: 26907377 Change-Id: I384c0131322b2d12f0ef489735e70e86819846a4
2016-02-04Switch from mincrypt to BoringSSL in applypatch and updater.Sen Jiang1-7/+7
Bug: 18790686 Change-Id: I7d2136fb39b2266f5ae5be24819c617b08a6c21e
2016-01-06IO fault injection for OTA packagesJed Estep1-12/+13
Bug: 25951086 Change-Id: I31c74c735eb7a975b7f41fe2b2eff042e5699c0c
2015-12-15updater: Use O_SYNC and fsync() for package_extract_file().Tao Bao1-6/+13
We are already using O_SYNC and fsync() for the recursive case (package_extract_dir()). Make it consistent for the single-file case. Bug: 20625549 Change-Id: I487736fe5a0647dd4a2428845e76bf642e0f0dff
2015-12-05Track rename from base/ to android-base/.Elliott Hughes1-3/+3
Change-Id: I354a8c424d340a9abe21fd716a4ee0d3b177d86f
2015-11-16DO NOT MERGE recovery: Switch applypatch/ and updater/ to cpp.Tao Bao1-91/+83
Mostly trivial changes to make cpp compiler happy. Change-Id: I69bd1d96fcccf506007f6144faf37e11cfba1270 (cherry picked from commit ba9a42aa7e10686de186636fe9fecbf8c4cc7c19)
2015-07-14recovery: Switch applypatch/ and updater/ to cpp.Tao Bao1-1630/+0
Mostly trivial changes to make cpp compiler happy. Change-Id: I1b0481465c67c3bbca35a839d0764190d84ff34e (cherry picked from commit ba9a42aa7e10686de186636fe9fecbf8c4cc7c19)
2015-07-14recovery: Switch applypatch/ and updater/ to cpp.Tao Bao1-1630/+0
Mostly trivial changes to make cpp compiler happy. Change-Id: I69bd1d96fcccf506007f6144faf37e11cfba1270
2015-06-03Fix build: fprintf without modifierTao Bao1-2/+1
Change-Id: I66ae21a25a25fa3c70837bc54a7d406182d4cf37
2015-06-03Log update outputs in orderTao Bao1-0/+6
Although stdout and stderr are both redirected to log file with no buffering, we are seeing some outputs are mixed in random order. This is because ui_print commands from the updater are passed to the recovery binary via a pipe, which may interleave with other outputs that go to stderr directly. In recovery, adding ui::PrintOnScreenOnly() function to handle ui_print command, which skips printing to stdout. Meanwhile, updater prints the contents to stderr in addition to piping them to recovery. Change-Id: Idda93ea940d2e23a0276bb8ead4aa70a3cb97700
2015-02-27Remove more dead code from minzip.Narayan Kamath1-1/+1
I've added explanatory comments to mzExtractRecursive because that function will live on as a utility even after we move the zip format related logic to libziparchive. bug: 19472796 Change-Id: Id69db859b9b90c13429134d40ba72c1d7c17aa8e
2015-02-27Remove more dead code from minzip.Narayan Kamath1-1/+1
I've added explanatory comments to mzExtractRecursive because that function will live on as a utility even after we move the zip format related logic to libziparchive. bug: 19472796 (cherry-picked from commit c9ccdfd7a42de08c47ab771b94dc5b9d1f957b95) Change-Id: I8b7fb6fa3eafb2e7ac080ef7a7eceb691b252d8a
2014-11-22Add support for tune2fs file operationsMichael Runge1-0/+33
This allows tune2fs to be executed from within OTA scripts, allowing for file system modifications without formatting the partition Bug: 18430740 Change-Id: I0c2e05b5ef4a81ecea043e9b7b99b545d18fe5e6
2014-11-21Add support for tune2fs file operationsMichael Runge1-0/+33
This allows tune2fs to be executed from within OTA scripts, allowing for file system modifications without formatting the partition Bug: 18430740 Change-Id: I0c2e05b5ef4a81ecea043e9b7b99b545d18fe5e6
2014-10-24Log mount/unmount errors to UIMichael Runge1-5/+9
Bug: 18092022 Change-Id: I6c42038ebeb1cfc1e7ca0d3e12310fdce1b990b0
2014-10-24unconditionally apply SELinux labels to symlinksNick Kralevich1-10/+9
At the end of the OTA script, we walk through /system, updating all the permissions on the filesystem, including the UID, GID, standard UNIX permissions, capabilities, and SELinux labels. In the case of a symbolic link, however, we want to skip most of those operations. The UID, GID, UNIX permissions, and capabilities don't meaningfully apply to symbolic links. However, that's not true with SELinux labels. The SELinux label on a symbolic link is important. We need to make sure the label on the symbolic link is always updated, even if none of the other attributes are updated. This change unconditionally updates the SELinux label on the symbolic link itself. lsetfilecon() is used, so that the link itself is updated, not what it's pointing to. In addition, drop the ENOTSUP special case. SELinux has been a requirement since Android 4.4. Running without filesystem extended attributes is no longer supported, and we shouldn't even try to handle non-SELinux updates anymore. (Note: this could be problematic if these scripts are ever used to produce OTA images for 4.2 devices) Bug: 18079773 Change-Id: I87f99a1c88fe02bb2914f1884cac23ce1b385f91
2014-10-23Allow passing of mount args to mountFnMichael Runge1-5/+18
Bug: 18079773 Bug: 18092222 Change-Id: Ifc3f3e123de729dfbb2f49414b3207afa96268d5
2014-10-23Log to UI any metadata setting errorsMichael Runge1-34/+50
Bug: 18079773 Change-Id: Ic6fddbcbcb6ddb9e1cbd1698df98387c0033ae15
2014-10-23Treat already-renamed files as having no problems.Michael Runge1-0/+3
This should help with reentrant OTAs. Bug: 18079773 Change-Id: I102fd738e3b450483ecd4471384c12e89fc586e2
2014-08-26remove code for original block OTA mechanismDoug Zongker1-207/+6
Superseded by newer code. Bug: 16984795 Change-Id: I842299f6a02af7ccf51ef2ca174d813ca53deef1
2014-08-25remove code for original block OTA mechanismDoug Zongker1-207/+6
Superseded by newer code. Bug: 16984795 Change-Id: I70c1d29dc03287b06ea909d17f729ec51ccb0344
2014-08-20installer for new block OTA systemDoug Zongker1-1/+1
(Cherry-pick back from master.) Bug: 16984795 Change-Id: Ifa3d8345c5e2a0be86fb28faa080ca82592a96b4
2014-08-19installer for new block OTA systemDoug Zongker1-1/+1
Bug: 16984795 Change-Id: I90f958446baed83dec658de2430c8fc5e9c3047e
2014-08-06remove spurious parens from error messageDoug Zongker1-4/+3
These error messages include empty parens after each string substition. Ill-advised cut and paste, probably. Bug: 16467401 Change-Id: Ib623172d6228354afdcc2e33442cc53a07f0ecbc
2014-07-22Auto create parent directories for rename supportMichael Runge1-3/+5
Sometimes renames will move a file into a directory that does not yet exist. This will create the parent directories, using the same symlink logic, to ensure that there is a valid destination. Bug: 16458395 Change-Id: Iaa005a12ce800c39f4db20f7c25a2a68cb40a52d
2014-07-22Auto create parent directories for rename supportMichael Runge1-3/+5
Sometimes renames will move a file into a directory that does not yet exist. This will create the parent directories, using the same symlink logic, to ensure that there is a valid destination. Change-Id: Iaa005a12ce800c39f4db20f7c25a2a68cb40a52d
2014-06-17Support F2FS for the data partitionJP Abgrall1-2/+35
This adds F2FS support - for wiping a device - for the install "format" command. Note: crypto data in "footer" with a default/negative length is not supported, unlike with "ext4". Change-Id: I8d141a0d4d14df9fe84d3b131484e9696fcd8870 Signed-off-by: JP Abgrall <jpa@google.com>
2014-06-09advance progress bar during block OTA installationsDoug Zongker1-2/+23
While executing syspatch and package_extract_file() calls with don't care maps (both of which are used to rewrite the system image in incremental and full block OTAs, respectively), pass a progress callback in and use it to update the visible progress bar. Change-Id: I1d3742d167c1bb2130571eb5103b7795c65ff371
2014-05-23disable async reboot during package installationDoug Zongker1-0/+11
The default recovery UI will reboot the device when the power key is pressed 7 times in a row, regardless of what recovery is doing. Disable this feature during package installation, to minimize the chance of corrupting the device due to a mid-install reboot. (Debug packages can explicitly request that the feature be reenabled.) Change-Id: I20f3ec240ecd344615d452005ff26d8dd7775acf
2014-05-02Allow lines without = signs.Michael Runge1-5/+3
The new build.prop for Sprout includes lines of the format: import xxx.prop These can be safely ignored when reading the property file. Change-Id: Ia84a138e71461ffe8e591e88143b9787873def29
2014-03-14Recovery 64-bit compile issuesMark Salyzyn1-2/+2
Change-Id: I92d5abd1a628feab3b0246924fab7f97ba3b9d34
2014-02-25support don't-care maps when writing the system imageDoug Zongker1-62/+172
Make package_extract_file() take an optional third argument which is the pathname (in the package zip) of a map of don't-care regions to skip over when writing the file. Modify syspatch() to take source and target don't-care maps and use them when patching the system partition. Add the wipe_block_device() function to do a discard of all data on the partition. Change-Id: I8c856054edfb6aab2f3e5177f16d9d78add20be4
2014-02-14clean up some warnings when building recoveryDoug Zongker1-3/+3
Change-Id: I1541534ee6978ddf8d548433986679ce9507d508
2014-02-14remove 'retouch' ASLR supportDoug Zongker1-1/+1
Older versions of android supported an ASLR system where binaries were randomly twiddled at OTA install time. Remove support for this; we now use the ASLR support in the linux kernel. Change-Id: I8348eb0d6424692668dc1a00e2416fbef6c158a2
2014-02-13add syspatch support to updaterDoug Zongker1-14/+113
Add the syspatch() function, which can apply xdelta3+xz patches using the libsyspatch library. Change-Id: Idc1921e449020923bcaf425a1983bec0833e47ed
2013-12-14Don't abort on read_file if the file is missing.Michael Runge1-5/+3
Change-Id: I85726bf736203d602428114145c3b98692580656
2013-11-27add the functions for multi-stage packages to updaterDoug Zongker1-1/+106
In order to support multi-stage recovery packages, we add the set_stage() and get_stage() functions, which store a short string somewhere it can be accessed across invocations of recovery. We also add reboot_now() which updater can invoke to immediately reboot the device, without doing normal recovery cleanup. (It can also choose whether to boot off the boot or recovery partition.) If the stage string is of the form "#/#", recovery's UI will be augmented with a simple indicator of what stage you're in, so it doesn't look like a reboot loop. Change-Id: I62f7ff0bc802b549c9bcf3cc154a6bad99f94603
2013-11-07Enable incremental builder to find files that moved, andMichael Runge1-0/+35
try to process them via patch + rename, instead of delete + add. b/11437930 Change-Id: I984349fbc9a8dac4379e00c0d66fc7d22c4eb834
2013-09-25verifier: update to support certificates using SHA-256Doug Zongker1-1/+1
(cherry picked from commit bac7fba02763ae5e78e8e4ba0bea727330ad953e) Change-Id: I01c38d7fea088622a8b0bbf2c833fa2d969417af
2013-09-17updater: Delete dead codeNick Kralevich1-87/+0
set_perm and set_perm_recursive are no longer used. Delete. (cherry picked from commit 08ef9a957027183dcf55e432441e8fb0d5299aba) Change-Id: I1bcc90ae19af9df4f0705496c5876987159f75ac
2013-09-11updater: Delete dead codeNick Kralevich1-87/+0
set_perm and set_perm_recursive are no longer used. Delete. Change-Id: I3bb40b934b6c093b24b88aa4ed6f3c7de2bb52f0
2013-09-11Don't apply permission changes to symlink.Nick Kralevich1-0/+5
Bug: 10183961 Bug: 10186213 Bug: 8985290 Change-Id: I57cb14af59682c5f25f1e091564548bdbf20f74e
2013-09-11Don't apply permission changes to symlink.Nick Kralevich1-0/+5
Bug: 10183961 Bug: 10186213 Bug: 8985290 Change-Id: I57cb14af59682c5f25f1e091564548bdbf20f74e
2013-09-10updater: introduce and set_metadata and set_metadata_recursiveNick Kralevich1-0/+274
Introduce two new updater functions: * set_metadata * set_metadata_recursive Long term, these functions are intended to be more flexible replacements for the following methods: * set_perm * set_perm_recursive Usage: set_metadata("filename", "key1", "value1", "key2", "value2", ...) set_metadata_recursive("dirname", "key1", "value1", "key2", "value2", ...) Description: set_metadata() and set_metadata_recursive() set the attributes on a file/directory according to the key/value pairs provided. Today, the following keys are supported: * uid * gid * mode (set_perm_extd only) * fmode (set_perm_extd_recursive only) * dmode (set_perm_extd_recursive only) * selabel * capabilities Unknown keys are logged as warnings, but are not fatal errors. Examples: * set_metadata("/system/bin/netcfg", "selabel", "u:object_r:system_file:s0"); This sets the SELinux label of /system/bin/netcfg to u:object_r:system_file:s0. No other changes occur. * set_metadata("/system/bin/netcfg", "uid", 0, "gid", 3003, "mode", 02750, "selabel", "u:object_r:system_file:s0", "capabilities", 0x0); This sets /system/bin/netcfg to uid=0, gid=3003, mode=02750, selinux label=u:object_r:system_file:s0, and clears the capabilities associated with the file. * set_metadata_recursive("/system", "uid", 0, "gid", 0, "fmode", 0644, "dmode", 0755, "selabel", "u:object_r:system_file:s0", "capabilities", 0x0); All files and directories under /system are set to uid=0, gid=0, and selinux label=u:object_r:system_file:s0. Directories are set to mode=0755. Files are set to mode=0644 and all capabilities are cleared. Bug: 10183961 Bug: 10186213 Bug: 8985290 Change-Id: Ifdcf186a7ed45265511dc493c4036e1ac5e3d0af
2013-09-09Revert "Update OTA installer to understand SELinux filesystem labels"Nick Kralevich1-24/+5
This reverts commit 627eb30f73c29257acaeb6568f3da38880784f7c. Bug: 10183961 Bug: 10186213
2013-07-19Update OTA installer to understand SELinux filesystem labelsNick Kralevich1-5/+24
Modify the OTA installer to understand SELinux filesystem labels. We do this by introducing new set_perm2 / set_perm2_recursive calls, which understand SELinux filesystem labels. These filesystem labels are applied at the same time that we apply the UID / GID / permission changes. For compatibility, we preserve the behavior of the existing set_perm / set_perm_recursive calls. If the destination kernel doesn't support security labels, don't fail. SELinux isn't enabled on all kernels. Bug: 8985290 Change-Id: I99800499f01784199e4918a82e3e2db1089cf25b
2013-07-09recovery: move log output to stdoutDoug Zongker1-36/+36
Recovery currently has a random mix of messages printed to stdout and messages printed to stderr, which can make logs hard to read. Move everything to stdout. Change-Id: Ie33bd4a9e1272e731302569cdec918e0534c48a6
2013-04-10verifier: update to support certificates using SHA-256Doug Zongker1-1/+1
Change-Id: Ifd5a29d459acf101311fa1c220f728c3d0ac2e4e
2012-10-16Remove HAVE_SELINUX guardsKenny Root1-4/+0
Change-Id: Ia96201f20f7838d7d9e8926208977d3f8318ced4
2012-08-21add bonus data feature to imgdiff/imgpatch/applypatchDoug Zongker1-1/+1
The bonus data option lets you give an additional blob of uncompressed data to be used when constructing a patch for chunk #1 of an image. The same blob must be available at patch time, and can be passed to the command-line applypatch tool (this feature is not accessible from edify scripts). This will be used to reduce the size of recovery-from-boot patches by storing parts of the recovery ramdisk (the UI images) on the system partition. Change-Id: Iac1959cdf7f5e4582f8d434e83456e483b64c02c
2012-08-07fix the symlink() command to create directories if neededDoug Zongker1-3/+29
Full OTAs currently fail if the build contains a directory containing only symlinks, because nothing creates that directory. Change the symlink() command to create any ancestor directories that don't exist. They're created as owner root perms 0700 because we assume that in practice subsequent set_perm_recursive() calls will fix up their ownership and permissions. Change-Id: I4681cbc85863d9778e36b924f0532b2b3ef14310
2012-04-03Change the format command to always take the mount point as an argument.Stephen Smalley1-13/+4
Requires I5a63fd61a7e74d386d0803946d06bcf2fa8a857e Change-Id: Ica5fb73d6f2ffb981b74d1896538988dbc4d9b24
2012-03-30Extend recovery and updater to support setting file security contexts.Stephen Smalley1-7/+39
Extend minzip, recovery, and updater to set the security context on files based on the file_contexts configuration included in the package. Change-Id: Ied379f266a16c64f2b4dca15dc39b98fcce16f29
2012-03-22fail edify script if set_perm() or symlink() failsDoug Zongker1-0/+13
It's surprising if these fail, so abort the whole edify script to catch any problems early. Bug: 2284848 Change-Id: Ia2a0b60e7f086fc590b242616028905a229c9e05
2012-02-28remove retouching code from updaterDoug Zongker1-118/+0
Removes the retouch_binaries and undo_retouch_binaries from updater; newly generated OTA packages should not call them any more. Note that applypatch retains the ability to unretouch a file as it reads it. This will be needed as long as we want to support OTAs from devices that were installed with retouching. Change-Id: Ib3f6baeae90c84ba85983f626d821ab7e436ceb2
2011-10-31C++ class for device-specific codeDoug Zongker1-1/+2
Replace the device-specific functions with a class. Move some of the key handling (for log visibility toggling and rebooting) into the UI class. Fix up the key handling so there is less crosstalk between the immediate keys and the queued keys (an increasing annoyance on button-limited devices). Change-Id: I698f6fd21c67a1e55429312a0484b6c393cad46f
2011-10-31C++ class for device-specific codeDoug Zongker1-1/+2
Replace the device-specific functions with a class. Move some of the key handling (for log visibility toggling and rebooting) into the UI class. Fix up the key handling so there is less crosstalk between the immediate keys and the queued keys (an increasing annoyance on button-limited devices). Change-Id: I8bdea6505da7974631bf3d9ac3ee308f8c0f76e1
2011-10-19allow recovery packages to wipe cacheDoug Zongker1-0/+10
updater now has a function "wipe_cache();" which causes recovery to wipe the cache partition after the successful installation of the package. Move log copying around a bit so logs and the last_install flag file are copied to cache after it's wiped. Bug: 5314244 Change-Id: Id35a9eb6dcd626c8f3a3a0076074f462ed3d44bd
2011-04-13make write_raw_image able to take a blobDoug Zongker1-27/+40
write_raw_image() can now take either a blob or a filename as the source. The blob format eliminates the need for a temp file. Change-Id: I0c6effec53d47862040efcec75e64b7c951cdcf7
2011-01-20Reserve the last 16 Kbytes of /data for the crypto footer.Ken Sumrall1-8/+11
When formatting /data, if it's an ext4 filesystem, reserve the last 16 Kbytes for the crypto footer. Change-Id: I7b401d851ee87732e5da5860df0287a1c331c5b7
2010-12-29Update arguments to make_ext4fsColin Cross1-1/+1
Change-Id: Id96e98da76b3091987b01651f980797b1d6b49d8
2010-09-16add missing sparseness parameterDoug Zongker1-1/+1
Change-Id: Ie6e309b127e80cd6475f1deaa5dbadf9f5cc2746
2010-09-16do not merge - update to match ext4utils apiBrian Swetland1-1/+1
Change-Id: I9d34e491022d7dfed653a861b0728a0a656f1fbe
2010-09-15support for ext4/EMMC filesystems in updater binaryDoug Zongker1-24/+57
Make the mount and format functions take extra parameters describing the filesystem type and add support for mounting and formatting ext4 filesystems on EMMC. Change recovery to consistently use stdout for status messages instead of mixing stdout and stderr.
2010-08-14Changes to work with updated make_ext4fs tool that supports creating sparse images.Ken Sumrall1-1/+1
An extra parameter was added to the make_ext4fs() function, we these tools need to be updated to match. Change-Id: Id640a7f2b03153eb333b00337f0f991ff5332349
2010-08-02Working ASLR implementationHristo Bojinov1-2/+122
Separate files for retouch functionality are in minelf/* ASLR for shared libraries is controlled by "-a" in ota_from_target_files. Binary files are self-contained. Retouch logic can recover from crashes. Signed-off-by: Hristo Bojinov <hristo@google.com> Change-Id: I76c596abf4febd68c14f9d807ac62e8751e0b1bd
2010-07-02support for ext4/EMMC filesystems in updater binaryDoug Zongker1-24/+57
Make the mount and format functions take extra parameters describing the filesystem type and add support for mounting and formatting ext4 filesystems on EMMC. Change recovery to consistently use stdout for status messages instead of mixing stdout and stderr.
2010-02-23refactor applypatch and friendsDoug Zongker1-65/+107
Change the applypatch function to take meaningful arguments instead of argc and argv. Move all the parsing of arguments into main.c (for the standalone binary) and into install.c (for the updater function). applypatch() takes patches as Value objects, so we can pass in blobs extracted from the package without ever writing them to temp files. The patching code is changed to read the patch from memory instead of a file. A bunch of compiler warnings (mostly about signed vs unsigned types) are fixed. Support for the IMGDIFF1 format is dropped. (We've been generating IMGDIFF2 packages for some time now.) Change-Id: I217563c500012750f27110db821928a06211323f
2010-02-18relocate applypatch; add type system and new functions to edifyDoug Zongker1-52/+184
- Move applypatch to this package (from build). - Add a rudimentary type system to edify: instead of just returning a char*, functions now return a Value*, which is a struct that can carry different types of value (currently just STRING and BLOB). Convert all functions to this new scheme. - Change the one-argument form of package_extract_file to return a Value of the new BLOB type. - Add read_file() to load a local file and return a blob, and sha1_check() to test a blob (or string) against a set of possible sha1s. read_file() uses the file-loading code from applypatch so it can read MTD partitions as well. This is the start of better integration between applypatch and the rest of edify. b/2361316 - VZW Issue PP628: Continuous reset to Droid logo: framework-res.apk update failed (CR LIBtt59130) Change-Id: Ibd038074749a4d515de1f115c498c6c589ee91e5
2010-02-03bump updater API version to 3; deprecate firmware update commandDoug Zongker1-39/+0
Remove support for the HTC-specific "firmware" update command and the corresponding edify function write_firmware_update(). This functionality is now done by an edify extension library that lives in vendor/htc. Change-Id: I80858951ff10ed8dfff98aefb796bef009e05efb
2010-02-01add a one-argument version of package_extract_fileDoug Zongker1-24/+69
Add a version of package_extract_file that returns the file data as its return value (to be consumed by some other edify function that expects to receive a bunch of binary data as an argument). Lets us avoid having two copies of a big file in memory (extracting it into /tmp, which is a ramdisk, and then having something load it into memory) when doing things like radio updates. Change-Id: Ie26ece5fbae457eb0ddcd8a13d74d78a769fbc70
2009-11-13eclair snapshotJean-Baptiste Queru1-3/+70
2009-09-19delete files before symlinking; log error messagesDoug Zongker1-3/+21
The symlink() function should remove existing files before creating symlinks, so scripts are idempotent. Log messages when various system calls fail (but don't make the whole script fail).
2009-09-10add a run_program() function to edifyDoug Zongker1-0/+49
Handy for producing debugging OTA packages (eg, running sqlite3 or whatever in recovery).
2009-06-25fix off-by-one error in set_perm()Doug Zongker1-1/+1
We were inadvertently skipping over the first filename in the list of arguments.
2009-06-24improve updater progress barDoug Zongker1-3/+21
Let recovery accept set_progress commands to control progress over the 'current segment' of the bar. Add a set_progress() builtin to the updater binary.
2009-06-18add file_getprop() to updaterDoug Zongker1-11/+100
Add a function to read a property from a ".prop"-formatted file (key=value pairs, one per line, ignore # comment lines and blank lines). Move ErrorAbort to the core of edify; it's not specific to updater now that errors aren't stored in the app cookie.
2009-06-12fixes to edify and updater scriptDoug Zongker1-62/+104
A few more changes to edify: - fix write_raw_image(); my last change neglected to close the write context, so the written image was corrupt. - each expression tracks the span of the source code from which it was compiled, so that assert()'s error message can include the source of the expression that failed. - the 'cookie' argument to each Function is replaced with a State object, which contains the cookie, the source script (for use with the above spans), and the current error message (replacing the global variables that were used for this purpose). - in the recovery image, a new command "ui_print" can be sent back through the command pipe to cause text to appear on the screen. Add a new ui_print() function to print things from scripts. Rename existing "print" function to "stdout".
2009-06-12edify extensions for OTA package installation, part 2Doug Zongker1-3/+272
Adds more edify functions for OTAs: is_mounted getprop apply_patch apply_patch_check apply_patch_space write_raw_image write_firmware_image package_extract_file This allows us to install radios, hboots, boot images, and install incremental OTA packages. Fixes a couple of dumb bugs in edify itself: - we were doubling the size of the function table each time it was *not* full, rather than each time it was full - "no such function" errors weren't visible to the parser, so they didn't prevent execution of the script.
2009-06-12edify extensions for OTA package installation, part 1Doug Zongker1-0/+370
Adds the following edify functions: mount unmount format show_progress delete delete_recursive package_extract symlink set_perm set_perm_recursive This set is enough to extract and install the system part of a (full) OTA package. Adds the updater binary that extracts an edify script from the OTA package and then executes it. Minor changes to the edify core (adds a sleep() builtin for debugging, adds "." to the set of characters that can appear in an unquoted string).