The 'signature_start' variable marks the location of the signature
from the end of a zip archive. And a boundary check is missing where
'signature_start' should be within the EOCD comment field. This causes
problems when sideloading a malicious package. Also add a corresponding
test.
Bug: 31914369
Test: Verification fails correctly when sideloading recovery_test.zip on
angler.
Change-Id: I6ea96bf04dac5d8d4d6719e678d504f957b4d5c1
(cherry-picked from f69e6a9475)
(cherry picked from commit 54ea136fde)
The 'signature_start' variable marks the location of the signature
from the end of a zip archive. And a boundary check is missing where
'signature_start' should be within the EOCD comment field. This causes
problems when sideloading a malicious package. Also add a corresponding
test.
Bug: 31914369
Test: Verification fails correctly when sideloading recovery_test.zip on
angler.
Change-Id: I6ea96bf04dac5d8d4d6719e678d504f957b4d5c1
(cherry-picked from f69e6a9475)
am: 8a1d4e97ad
* commit '8a1d4e97ad3b748a06db618f9d7ccf5114ea16d0':
DO NOT MERGE Use updated libpng API
Change-Id: I09e8917976c05beec8bf881140539948c323ce58
am: ca45737e27
* commit 'ca45737e272aeefd657451a6faaa088d1903378c':
DO NOT MERGE Use updated libpng API
Change-Id: Ia9c36583c9d60d01fec7ee9aefc973dabb1c07d3
am: 1f814d7630
* commit '1f814d7630c56cc9e825ed411e068414c97acb6c':
DO NOT MERGE Use updated libpng API
Change-Id: Ib381e8ccefe9181911a2144d7255ecadefb42b5c
am: 36acff7d7e
* commit '36acff7d7e88549bbeab6a08488ab48596d7fbc5':
DO NOT MERGE Use updated libpng API
Change-Id: I7f01d932235ef69640ed4859d0e62344b3b774de
am: a5bc59620f
* commit 'a5bc59620fd43c99621eb98ac84cbeea867d0c93':
DO NOT MERGE Use updated libpng API
Change-Id: I3d8d27b08fd1fd89c6b8d9c39b883a45aecb83ce
am: 839b4e592a
* commit '839b4e592a7c81bdebe08fae4eef6e909c89acd6':
DO NOT MERGE Use updated libpng API
Change-Id: I7bbece70a4129554d953fd22c71527b2ca11262e
We need to ensure the renamed filename reaches the underlying storage.
Bug: 22840552
Change-Id: I824b6e9d8a9c5966035be7b42a73678d07376342
(cherry picked from commit dc3922622a)
File level encryption must get the key between mounting userdata and
calling post_fs_data when the directories are created. This requires
access to keymaster, which in turn is found from a system property.
Split property loaded into system and data, and load in right order.
Bug: 22233063
Change-Id: I409c12e3f4a8cef474eb48818e96760fe292cc49
This reverts commit b65f0272c8.
It slows down the update too much on some devices (e.g. increased
from 8 mins to 40 mins to take a full OTA update).
Bug: 22129621
Change-Id: I4e8d4f6734967caf4f0d19c734027f7b6c107370
A RangeSet has half-closed half-open bounds. For example, "3,5" contains
blocks 3 and 4. So "3,5" and "5,7" are actually not overlapped.
Bug: 22098085
Change-Id: I362d259f8b5d62478858ad0422b635bc5068698d
(cherry picked from commit c0f56ad766)
Failures are seen on devices with
Linux 3.10. And they are mainly due to this change:
https://lwn.net/Articles/546473/
The blocks reserved in this change is not the same thing as what we
think are reserved for common usage of root user. And this part is
included in free blocks but not in available blocks.
Bug: 22118089
Change-Id: I81c9531703298019a4fc11839f28d2cc8b9df34e
(cherry picked from commit 3b4977638f)
Tianjie Xu
Matt Sarett
Yabin Cui
Narayan Kamath
Tao Bao
Paul Lawrence
Mohamad Ayyash
Vincent Palatin
Stéphane Marchesin
caozhiyuan
Elliott Hughes