The 'signature_start' variable marks the location of the signature
from the end of a zip archive. And a boundary check is missing where
'signature_start' should be within the EOCD comment field. This causes
problems when sideloading a malicious package. Also add a corresponding
test.
Bug: 31914369
Test: Verification fails correctly when sideloading recovery_test.zip on
angler.
Change-Id: I6ea96bf04dac5d8d4d6719e678d504f957b4d5c1
(cherry-picked from f69e6a9475)
(cherry picked from commit 54ea136fde)
The 'signature_start' variable marks the location of the signature
from the end of a zip archive. And a boundary check is missing where
'signature_start' should be within the EOCD comment field. This causes
problems when sideloading a malicious package. Also add a corresponding
test.
Bug: 31914369
Test: Verification fails correctly when sideloading recovery_test.zip on
angler.
Change-Id: I6ea96bf04dac5d8d4d6719e678d504f957b4d5c1
(cherry-picked from f69e6a9475)
Starting healthd in early-init can cause SELinux denials if healthd
or any device-specific libraries try to log.
Now healthd is starting at boot as usual service.
Bug: 30292927
Change-Id: I367d022f5885122da49181db3db536012e83f564
Increase the number of attempts of an OTA update from 3 to 5 in case
an I/O error happened. This should increase the success rate of the
update.
Bug: 29619468
Change-Id: I88a067d9debd55a07be22ed981f395f6e47ec28f
Check the results from applypatch in PerformCommandDiff; and abort the
update on failure.
Bug:29339536
Change-Id: I5087d79ba532b54250f4c17560524255c8a4fabc
We may have expanded_len == 0 when calling inflate(). After switching to
using std::vector, it passes a nullptr buffer to inflate() and leads to
Z_STREAM_ERROR.
Bug: 29312140
Change-Id: Iab7c6c07a9e8488e844e7cdda76d02bd60d2ea98
Parse the build.version.incremental from the metadata of the update
package; and log it to last_install.
Example:
In metadata we read:
post-build-incremental=2951741
pre-build-incremental=2943039
In last install we log:
source_build: 2943039
target_build: 2951741
Bug: 28658632
Change-Id: I0a9cc2d01644846e18bda31f4193ff40e8924486
If the update is a retry, ioctl(BLKDISCARD) the destination blocks before
writing to these blocks.
Bug: 28990135
Change-Id: I1e703808e68ebb1292cd66afd76be8fd6946ee59
Write error code, cause code, and retry count into last_install. So we
can have more information about the reason of a failed OTA.
Example of new last_install:
@/cache/recovery/block.map package name
0 install result
retry: 1 retry count (new)
error: 30 error code (new)
cause: 12 error cause (new)
Details in:
go/android-ota-errorcode
Bug: 28471955
Change-Id: I00e7153c821e7355c1be81a86c7f228108f3dc37
am: b02b2fe392
* commit 'b02b2fe392827a423c7783522edc5b9ad3d4f130':
DO NOT MERGE Use updated libpng API
Change-Id: Ie6e8c5118687f0d34fc4acffdcb1d784e71e411f
am: fc1d9a49d1
* commit 'fc1d9a49d1e33c133c96cf6b04d6f47d3cfaa496':
DO NOT MERGE Use updated libpng API
Change-Id: Id9da4d3980f394bf19032581629d0baf9c30e0fc
am: 300af0779d
* commit '300af0779de3c2658f32e3de40adc41dae92df1e':
DO NOT MERGE Use updated libpng API
Change-Id: Iac60caa51e747fcde2c08ddf06323e8b1e98f36a
am: aa02888e55
* commit 'aa02888e55147ec78fa5636a87e2447bda136d68':
DO NOT MERGE Use updated libpng API
Change-Id: I10705dd579623e4b208093cfc4839aad496081c8
am: 8a1d4e97ad
* commit '8a1d4e97ad3b748a06db618f9d7ccf5114ea16d0':
DO NOT MERGE Use updated libpng API
Change-Id: I09e8917976c05beec8bf881140539948c323ce58
am: ca45737e27
* commit 'ca45737e272aeefd657451a6faaa088d1903378c':
DO NOT MERGE Use updated libpng API
Change-Id: Ia9c36583c9d60d01fec7ee9aefc973dabb1c07d3
am: 1f814d7630
* commit '1f814d7630c56cc9e825ed411e068414c97acb6c':
DO NOT MERGE Use updated libpng API
Change-Id: Ib381e8ccefe9181911a2144d7255ecadefb42b5c
am: 36acff7d7e
* commit '36acff7d7e88549bbeab6a08488ab48596d7fbc5':
DO NOT MERGE Use updated libpng API
Change-Id: I7f01d932235ef69640ed4859d0e62344b3b774de
am: a5bc59620f
* commit 'a5bc59620fd43c99621eb98ac84cbeea867d0c93':
DO NOT MERGE Use updated libpng API
Change-Id: I3d8d27b08fd1fd89c6b8d9c39b883a45aecb83ce
am: 839b4e592a
* commit '839b4e592a7c81bdebe08fae4eef6e909c89acd6':
DO NOT MERGE Use updated libpng API
Change-Id: I7bbece70a4129554d953fd22c71527b2ca11262e
An OTA may be skipped due to low battery. But we should always log it to
understand why an update _fails_ to apply.
Bug: 27893175
Change-Id: I50a3fbbb3e51035e0ac5f1cca150e283852825c3
Add a new command "--security" to boot commands. If this command is
observed as part of BCB, choose a different background text picture
for installing stage in recovery UI. As a result, users will see
"installing security update" instead of "installing system update"
when applying a security update package.
Bug: 27837319
Change-Id: I2e2253a124993ecc24804fa1ee0b918ac96837c5