From eb32b1ff00878e7b01453450fcd04ecb9fcbba52 Mon Sep 17 00:00:00 2001 From: Ethan Yonker Date: Mon, 18 May 2015 10:23:03 -0500 Subject: Mount system as read-only by default Mounting system as rw can prevent future OTA updates. The purpose of this patch set is to prevent TWRP from mounting sytem as rw on the first boot. Device maintainers should update their twrp.fstab files on these devices to include an additional line: /system_image emmc /dev/block/../system This line will allow TWRP to create a raw system image backup to ensure that the user can return to an original state for future OTA updates. Change-Id: I8929d85bc3a5b96cc564bc7f734b58d5612ec833 --- gui/action.cpp | 54 +++++++++++++++ gui/devices/1080x1920/res/ui.xml | 1 + gui/devices/320x320/res/ui.xml | 3 +- gui/devices/480x800/res/ui.xml | 1 + gui/devices/landscape/res/landscape.xml | 98 +++++++++++++++++++++++++++ gui/devices/portrait/res/portrait.xml | 113 ++++++++++++++++++++++++++++++++ gui/devices/watch/res/watch.xml | 111 +++++++++++++++++++++++++++++++ gui/objects.hpp | 2 + 8 files changed, 382 insertions(+), 1 deletion(-) (limited to 'gui') diff --git a/gui/action.cpp b/gui/action.cpp index 342551247..7ecd0b46a 100644 --- a/gui/action.cpp +++ b/gui/action.cpp @@ -196,6 +196,8 @@ GUIAction::GUIAction(xml_node<>* node) ADD_ACTION(startmtp); ADD_ACTION(stopmtp); ADD_ACTION(cancelbackup); + ADD_ACTION(checkpartitionlifetimewrites); + ADD_ACTION(mountsystemtoggle); // remember actions that run in the caller thread for (mapFunc::const_iterator it = mf.begin(); it != mf.end(); ++it) @@ -1737,3 +1739,55 @@ int GUIAction::getKeyByName(std::string key) return atol(key.c_str()); } + +int GUIAction::checkpartitionlifetimewrites(std::string arg) +{ + int op_status = 0; + TWPartition* sys = PartitionManager.Find_Partition_By_Path(arg); + + operation_start("Check Partition Lifetime Writes"); + if (sys) { + if (sys->Check_Lifetime_Writes() != 0) + DataManager::SetValue("tw_lifetime_writes", 1); + else + DataManager::SetValue("tw_lifetime_writes", 0); + op_status = 0; // success + } else { + DataManager::SetValue("tw_lifetime_writes", 1); + op_status = 1; // fail + } + + operation_end(op_status); + return 0; +} + +int GUIAction::mountsystemtoggle(std::string arg) +{ + int op_status = 0; + bool remount_system = PartitionManager.Is_Mounted_By_Path("/system"); + + operation_start("Toggle System Mount"); + if (!PartitionManager.UnMount_By_Path("/system", true)) { + op_status = 1; // fail + } else { + TWPartition* Part = PartitionManager.Find_Partition_By_Path("/system"); + if (Part) { + if (DataManager::GetIntValue("tw_mount_system_ro")) { + DataManager::SetValue("tw_mount_system_ro", 0); + Part->Change_Mount_Read_Only(false); + } else { + DataManager::SetValue("tw_mount_system_ro", 1); + Part->Change_Mount_Read_Only(true); + } + if (remount_system) { + Part->Mount(true); + } + op_status = 0; // success + } else { + op_status = 1; // fail + } + } + + operation_end(op_status); + return 0; +} diff --git a/gui/devices/1080x1920/res/ui.xml b/gui/devices/1080x1920/res/ui.xml index 3135a03dc..a611d0582 100644 --- a/gui/devices/1080x1920/res/ui.xml +++ b/gui/devices/1080x1920/res/ui.xml @@ -86,6 +86,7 @@ + diff --git a/gui/devices/320x320/res/ui.xml b/gui/devices/320x320/res/ui.xml index 5495b7717..1dec40504 100644 --- a/gui/devices/320x320/res/ui.xml +++ b/gui/devices/320x320/res/ui.xml @@ -174,6 +174,7 @@ + @@ -189,7 +190,7 @@ - + diff --git a/gui/devices/480x800/res/ui.xml b/gui/devices/480x800/res/ui.xml index 3c320a7eb..984454109 100644 --- a/gui/devices/480x800/res/ui.xml +++ b/gui/devices/480x800/res/ui.xml @@ -82,6 +82,7 @@ + diff --git a/gui/devices/landscape/res/landscape.xml b/gui/devices/landscape/res/landscape.xml index 25b9b17e7..12c66290b 100644 --- a/gui/devices/landscape/res/landscape.xml +++ b/gui/devices/landscape/res/landscape.xml @@ -989,6 +989,27 @@ + + + + + Only mount system read-only + + + + + + + + + Only mount system read-only + + + tw_lifetime_writes=2 + system_readonly_check + + + main @@ -1035,6 +1056,31 @@ + + + /system + + + + + + + + mount + + + + + + + + + tw_back=mount + system_readonly + + + + @@ -3596,5 +3642,57 @@ + + + + + + + TWRP has detected an unmodified system partition. + + + + + TWRP can leave your system partition unmodified to make it easier for you to take official updates. + + + + + TWRP will be unable to prevent the stock ROM from replacing TWRP and will not offer to root your device. + + + + + Installing zips or performing adb operations may still modify the system partition. + + + + + + Never show this screen during boot again + + + + + + Keep Read Only + + tw_mount_system_ro=1 + tw_page_done=1 + %tw_back% + + + + + Swipe to Allow Modifications + + tw_mount_system_ro=0 + tw_page_done=1 + %tw_back% + + + + + diff --git a/gui/devices/portrait/res/portrait.xml b/gui/devices/portrait/res/portrait.xml index bd235981d..997da9d23 100644 --- a/gui/devices/portrait/res/portrait.xml +++ b/gui/devices/portrait/res/portrait.xml @@ -2105,6 +2105,27 @@ decrypt + + + + + Only mount system read-only + + + + + + + + + Only mount system read-only + + + tw_lifetime_writes=2 + system_readonly_check + + + main @@ -2161,6 +2182,31 @@ + + + /system + + + + + + + + mount + + + + + + + + + tw_back=mount + system_readonly + + + + @@ -3607,5 +3653,72 @@ + + + + + + + TWRP has detected an unmodified system partition. + + + + + TWRP can leave your system partition unmodified + + + + + to make it easier for you to take official updates. + + + + + TWRP will be unable to prevent the stock ROM from + + + + + replacing TWRP and will not offer to root your device. + + + + + Installing zips or performing adb operations may still + + + + + modify the system partition. + + + + + + Never show this screen during boot again + + + + + + Keep Read Only + + tw_mount_system_ro=1 + tw_page_done=1 + %tw_back% + + + + + Swipe to Allow Modifications + + tw_mount_system_ro=0 + tw_page_done=1 + %tw_back% + + + + + diff --git a/gui/devices/watch/res/watch.xml b/gui/devices/watch/res/watch.xml index 872c47b6b..f0f383dcb 100644 --- a/gui/devices/watch/res/watch.xml +++ b/gui/devices/watch/res/watch.xml @@ -2113,6 +2113,27 @@ decrypt + + + + + Only mount system read-only + + + + + + + + + Only mount system read-only + + + tw_lifetime_writes=2 + system_readonly_check + + + main @@ -2168,6 +2189,31 @@ + + + /system + + + + + + + + mount + + + + + + + + + tw_back=mount + system_readonly + + + + @@ -3596,5 +3642,70 @@ + + + + + + + TWRP has detected an unmodified system partition. + + + + + TWRP can leave your system partition unmodified + + + + + to make it easier for you to take official updates. + + + + + TWRP will be unable to prevent the stock ROM from + + + + + replacing TWRP and will not offer to root your device. + + + + + Installing zips or performing adb operations may still + + + + + modify the system partition. + + + + + + Never show this screen during boot again + + + + + + Keep Read Only + + tw_mount_system_ro=1 + tw_page_done=1 + %tw_back% + + + + + Swipe to Allow Modifications + + tw_mount_system_ro=0 + tw_page_done=1 + %tw_back% + + + diff --git a/gui/objects.hpp b/gui/objects.hpp index e70053e3b..ee0f08b8f 100644 --- a/gui/objects.hpp +++ b/gui/objects.hpp @@ -359,6 +359,8 @@ protected: int stopmtp(std::string arg); int flashimage(std::string arg); int cancelbackup(std::string arg); + int checkpartitionlifetimewrites(std::string arg); + int mountsystemtoggle(std::string arg); int simulate; }; -- cgit v1.2.3