Commit Graph

2255 Commits

Author SHA1 Message Date
Android Build Merger (Role) 9216bccd16 [automerger skipped] DO NOT MERGE: Initialize the ZipArchive to zero before parsing skipped: e830a51351 skipped: 244aba4412
Change-Id: I7efba2ee6798c5fb71679bee7861d98f3643f414
2018-09-07 23:13:10 +00:00
Android Build Merger (Role) 244aba4412 [automerger skipped] DO NOT MERGE: Initialize the ZipArchive to zero before parsing skipped: e830a51351
Change-Id: I7e1da775a32b1f5ef72a2d95b94c0bf494251781
2018-09-07 23:13:09 +00:00
Tianjie Xu e830a51351 DO NOT MERGE: Initialize the ZipArchive to zero before parsing
The fields of the ZipArchive on the stack are not initialized before we
call libminzip to parse the zip file. As a result, some random memory
location is freed unintentionally when we close the ZipArchive upon
parsing failures.

Bug: 35385357
Test: recompile and run the poc with asan.
Change-Id: I7e7f8ab4816c84a158af7389e1a889f8fc65f079
2018-09-07 16:09:28 -07:00
Tianjie Xu 8e267878cc DO NOT MERGE: resolve merge conflicts of 5346da02 to klp-modular-dev am: 4eb997d52b -s ours am: 3591cb48f5 -s ours am: 8bdb13dd9a am: 0d750f900b -s ours am: 457ad2dc3c am: d1c3bdd8c2 am: 9930b28456 am: 0a627e5a5f -s ours am: 510b13acd8
am: 3d1f19c733

Change-Id: I4c3c665cb6aac08125817f26d788f9fb82b3ca92
2017-01-20 04:02:10 +00:00
Tianjie Xu 3d1f19c733 DO NOT MERGE: resolve merge conflicts of 5346da02 to klp-modular-dev am: 4eb997d52b -s ours am: 3591cb48f5 -s ours am: 8bdb13dd9a am: 0d750f900b -s ours am: 457ad2dc3c am: d1c3bdd8c2 am: 9930b28456 am: 0a627e5a5f -s ours
am: 510b13acd8

Change-Id: I4b0f915faac915a11917ebc8291de0ba782dd76b
2017-01-20 03:53:17 +00:00
Tianjie Xu 510b13acd8 DO NOT MERGE: resolve merge conflicts of 5346da02 to klp-modular-dev am: 4eb997d52b -s ours am: 3591cb48f5 -s ours am: 8bdb13dd9a am: 0d750f900b -s ours am: 457ad2dc3c am: d1c3bdd8c2 am: 9930b28456
am: 0a627e5a5f  -s ours

Change-Id: I503597404e665b723337ee56a46c719890a547a1
2017-01-20 03:38:14 +00:00
Tianjie Xu 0a627e5a5f DO NOT MERGE: resolve merge conflicts of 5346da02 to klp-modular-dev am: 4eb997d52b -s ours am: 3591cb48f5 -s ours am: 8bdb13dd9a am: 0d750f900b -s ours am: 457ad2dc3c am: d1c3bdd8c2
am: 9930b28456

Change-Id: Ib4853ac0b4f56534130a6b40fbe4ea1a95131cca
2017-01-20 03:23:12 +00:00
Tianjie Xu 9930b28456 DO NOT MERGE: resolve merge conflicts of 5346da02 to klp-modular-dev am: 4eb997d52b -s ours am: 3591cb48f5 -s ours am: 8bdb13dd9a am: 0d750f900b -s ours am: 457ad2dc3c
am: d1c3bdd8c2

Change-Id: I8dbfd452ad4bae3374efa7395b8189db00cdfbe1
2017-01-20 03:08:41 +00:00
Tianjie Xu d1c3bdd8c2 DO NOT MERGE: resolve merge conflicts of 5346da02 to klp-modular-dev am: 4eb997d52b -s ours am: 3591cb48f5 -s ours am: 8bdb13dd9a am: 0d750f900b -s ours
am: 457ad2dc3c

Change-Id: Ic6e056e6a50066eb6d123b150e928533633f96e0
2017-01-20 02:55:39 +00:00
Tianjie Xu 457ad2dc3c DO NOT MERGE: resolve merge conflicts of 5346da02 to klp-modular-dev am: 4eb997d52b -s ours am: 3591cb48f5 -s ours am: 8bdb13dd9a
am: 0d750f900b  -s ours

Change-Id: Iaab9c0e9d8e5a5198bcad373d229915c6bc62c79
2017-01-20 02:43:07 +00:00
Tianjie Xu 0d750f900b DO NOT MERGE: resolve merge conflicts of 5346da02 to klp-modular-dev am: 4eb997d52b -s ours am: 3591cb48f5 -s ours
am: 8bdb13dd9a

Change-Id: Ieb6efb9b8efec556f401325fb8449e56b2f9d4bc
2017-01-20 02:35:07 +00:00
Tianjie Xu 8bdb13dd9a DO NOT MERGE: resolve merge conflicts of 5346da02 to klp-modular-dev am: 4eb997d52b -s ours
am: 3591cb48f5  -s ours

Change-Id: I173c8f1c1f68b57b3046f91525c5ac3d3acf184d
2017-01-20 02:26:06 +00:00
Tianjie Xu 3591cb48f5 DO NOT MERGE: resolve merge conflicts of 5346da02 to klp-modular-dev
am: 4eb997d52b  -s ours

Change-Id: If5c4537e910fffddd757be2a80ca9c949e93ed93
2017-01-20 02:19:36 +00:00
Tianjie Xu 4eb997d52b DO NOT MERGE: resolve merge conflicts of 5346da02 to klp-modular-dev
Change-Id: Ie52a9abae416bbb84ddc61bb7159a531de778c15
2017-01-19 16:18:31 -08:00
Tianjie Xu 8953f919e4 DO NOT MERGE: Add a checker for signature boundary in verifier am: f616da1726 am: 5346da0220 -s ours am: a41cc29447 -s ours am: 051dfa7ec3 -s ours am: 94c8b5e5a6 am: 2b1bcab427 -s ours am: 37a5941440 am: ddca75fb0a am: b21b92b386 am: 8a51334062 -s ours am: 67b69c05c6
am: 8f9e3c9bd9

Change-Id: I83fa019edb9771cf799e691c9b6637aec75a4cc4
2017-01-19 19:00:11 +00:00
Tianjie Xu 8f9e3c9bd9 DO NOT MERGE: Add a checker for signature boundary in verifier am: f616da1726 am: 5346da0220 -s ours am: a41cc29447 -s ours am: 051dfa7ec3 -s ours am: 94c8b5e5a6 am: 2b1bcab427 -s ours am: 37a5941440 am: ddca75fb0a am: b21b92b386 am: 8a51334062 -s ours
am: 67b69c05c6

Change-Id: I32c16f13987f4b1b1c46af948c1a724d8225c0cc
2017-01-19 18:57:35 +00:00
Tianjie Xu 67b69c05c6 DO NOT MERGE: Add a checker for signature boundary in verifier am: f616da1726 am: 5346da0220 -s ours am: a41cc29447 -s ours am: 051dfa7ec3 -s ours am: 94c8b5e5a6 am: 2b1bcab427 -s ours am: 37a5941440 am: ddca75fb0a am: b21b92b386
am: 8a51334062  -s ours

Change-Id: I7f2969a4bd8192f2c700945a493d2c32af91af70
2017-01-19 18:55:04 +00:00
Tianjie Xu 8a51334062 DO NOT MERGE: Add a checker for signature boundary in verifier am: f616da1726 am: 5346da0220 -s ours am: a41cc29447 -s ours am: 051dfa7ec3 -s ours am: 94c8b5e5a6 am: 2b1bcab427 -s ours am: 37a5941440 am: ddca75fb0a
am: b21b92b386

Change-Id: I30cc5605866bc087fc6afdad2b2d7e033cd2f25e
2017-01-19 18:52:33 +00:00
Tianjie Xu b21b92b386 DO NOT MERGE: Add a checker for signature boundary in verifier am: f616da1726 am: 5346da0220 -s ours am: a41cc29447 -s ours am: 051dfa7ec3 -s ours am: 94c8b5e5a6 am: 2b1bcab427 -s ours am: 37a5941440
am: ddca75fb0a

Change-Id: I8010afacf2d0299715cb3b11b81f31d6baca1083
2017-01-19 18:50:33 +00:00
Tianjie Xu ddca75fb0a DO NOT MERGE: Add a checker for signature boundary in verifier am: f616da1726 am: 5346da0220 -s ours am: a41cc29447 -s ours am: 051dfa7ec3 -s ours am: 94c8b5e5a6 am: 2b1bcab427 -s ours
am: 37a5941440

Change-Id: I87b102e92e9ee2bc49af6b7c8ec4d0a48894f732
2017-01-19 18:48:03 +00:00
Tianjie Xu 37a5941440 DO NOT MERGE: Add a checker for signature boundary in verifier am: f616da1726 am: 5346da0220 -s ours am: a41cc29447 -s ours am: 051dfa7ec3 -s ours am: 94c8b5e5a6
am: 2b1bcab427  -s ours

Change-Id: I74119e64e0d5fe813c18191a201fadbf9870c400
2017-01-19 18:45:32 +00:00
Tianjie Xu 2b1bcab427 DO NOT MERGE: Add a checker for signature boundary in verifier am: f616da1726 am: 5346da0220 -s ours am: a41cc29447 -s ours am: 051dfa7ec3 -s ours
am: 94c8b5e5a6

Change-Id: I42132e10d5ba4cdf77232dadb88100e6c29acf80
2017-01-19 18:43:02 +00:00
Tianjie Xu 94c8b5e5a6 DO NOT MERGE: Add a checker for signature boundary in verifier am: f616da1726 am: 5346da0220 -s ours am: a41cc29447 -s ours
am: 051dfa7ec3  -s ours

Change-Id: I88ff80ef082f32825f4ed860af9b9d67d282e11a
2017-01-19 18:41:01 +00:00
Tianjie Xu 051dfa7ec3 DO NOT MERGE: Add a checker for signature boundary in verifier am: f616da1726 am: 5346da0220 -s ours
am: a41cc29447  -s ours

Change-Id: Ib3a827173380145bf7a3fcd7e4f8386571228699
2017-01-19 18:39:02 +00:00
Tianjie Xu a41cc29447 DO NOT MERGE: Add a checker for signature boundary in verifier am: f616da1726
am: 5346da0220  -s ours

Change-Id: I2952d0746c6cc00837c90370d09a30049d462df3
2017-01-19 18:36:01 +00:00
Tianjie Xu e4ec60e045 Add a checker for signature boundary in verifier am: 54ea136fde am: 0a34b17c8b am: fb80b4f72d am: d3d5e54a45 am: 6ea9888d51 am: a055eb93c3 am: 15ca2a4763 am: ca50d7b66a
am: 64f0de7a13

Change-Id: I3b67824479c820d06e84e6611e4aff87265dab11
2017-01-18 22:37:48 +00:00
Tianjie Xu 64f0de7a13 Add a checker for signature boundary in verifier am: 54ea136fde am: 0a34b17c8b am: fb80b4f72d am: d3d5e54a45 am: 6ea9888d51 am: a055eb93c3 am: 15ca2a4763
am: ca50d7b66a

Change-Id: Ic6e05b8812f4b765b9114149373c7a00ad9ec78d
2017-01-18 22:36:48 +00:00
Tianjie Xu ca50d7b66a Add a checker for signature boundary in verifier am: 54ea136fde am: 0a34b17c8b am: fb80b4f72d am: d3d5e54a45 am: 6ea9888d51 am: a055eb93c3
am: 15ca2a4763

Change-Id: I5481d39f0d2fdb92c95e964d2a55512f4df3acb3
2017-01-18 22:34:18 +00:00
Tianjie Xu 15ca2a4763 Add a checker for signature boundary in verifier am: 54ea136fde am: 0a34b17c8b am: fb80b4f72d am: d3d5e54a45 am: 6ea9888d51
am: a055eb93c3

Change-Id: I8d26eefd2de6b7245a110c27d4210d5fdd2bd151
2017-01-18 22:32:47 +00:00
Tianjie Xu a055eb93c3 Add a checker for signature boundary in verifier am: 54ea136fde am: 0a34b17c8b am: fb80b4f72d am: d3d5e54a45
am: 6ea9888d51

Change-Id: I7bbabdbe543c54f18dd42cb64030ca2174bf9bf2
2017-01-18 22:30:47 +00:00
Tianjie Xu 6ea9888d51 Add a checker for signature boundary in verifier am: 54ea136fde am: 0a34b17c8b am: fb80b4f72d
am: d3d5e54a45

Change-Id: Ib892c1745197ccb42d77c7bc8647f2e6b725a7dd
2017-01-18 22:28:46 +00:00
Tianjie Xu d3d5e54a45 Add a checker for signature boundary in verifier am: 54ea136fde am: 0a34b17c8b
am: fb80b4f72d

Change-Id: Iba2da78981e4bd7a2b263b2f6b18ab6c176e5fc8
2017-01-18 22:26:47 +00:00
Tianjie Xu fb80b4f72d Add a checker for signature boundary in verifier am: 54ea136fde
am: 0a34b17c8b

Change-Id: I4dbba92ea717951307dbcb6bf287edf4f6144a38
2017-01-18 22:24:16 +00:00
Tianjie Xu 0a34b17c8b Add a checker for signature boundary in verifier
am: 54ea136fde

Change-Id: Ide2da96e322c6a913b7f2e950e43c4d11278338e
2017-01-18 22:22:16 +00:00
Tianjie Xu 5346da0220 DO NOT MERGE: Add a checker for signature boundary in verifier
am: f616da1726

Change-Id: I05a1a6775229a1041e1a93388a86262d36d6581b
2017-01-18 22:22:16 +00:00
Tianjie Xu f616da1726 DO NOT MERGE: Add a checker for signature boundary in verifier
The 'signature_start' variable marks the location of the signature
from the end of a zip archive. And a boundary check is missing where
'signature_start' should be within the EOCD comment field. This causes
problems when sideloading a malicious package. Also add a corresponding
test.

Bug: 31914369
Test: Verification fails correctly when sideloading recovery_test.zip on
angler.

Change-Id: I6ea96bf04dac5d8d4d6719e678d504f957b4d5c1
(cherry-picked from f69e6a9475)
(cherry picked from commit 54ea136fde)
2016-12-19 16:46:44 -08:00
Tianjie Xu 54ea136fde Add a checker for signature boundary in verifier
The 'signature_start' variable marks the location of the signature
from the end of a zip archive. And a boundary check is missing where
'signature_start' should be within the EOCD comment field. This causes
problems when sideloading a malicious package. Also add a corresponding
test.

Bug: 31914369
Test: Verification fails correctly when sideloading recovery_test.zip on
angler.

Change-Id: I6ea96bf04dac5d8d4d6719e678d504f957b4d5c1
(cherry-picked from f69e6a9475)
2016-12-16 16:24:09 -08:00
Andriy Naborskyy 3fdf1fd515 DO NOT MERGE ANYWHERE init: move healthd to late-init am: 195ff7f79e -s ours am: 7ceb371048 -s ours am: b8c1788e7b -s ours
am: 8837b0d25d  -s ours

Change-Id: I7ecada4bf93f79a8b308064c417e85d4e7f9ecc3
2016-10-27 16:16:55 +00:00
Andriy Naborskyy 8837b0d25d DO NOT MERGE ANYWHERE init: move healthd to late-init am: 195ff7f79e -s ours am: 7ceb371048 -s ours
am: b8c1788e7b  -s ours

Change-Id: I14de8cfdef94dfcb2d3f0760daf519537fa796d5
2016-10-27 16:11:55 +00:00
Andriy Naborskyy b8c1788e7b DO NOT MERGE ANYWHERE init: move healthd to late-init am: 195ff7f79e -s ours
am: 7ceb371048  -s ours

Change-Id: I5c36f2e8ee5e410e9027376c32e86baa7fa2e65a
2016-10-27 16:07:25 +00:00
Andriy Naborskyy 7ceb371048 DO NOT MERGE ANYWHERE init: move healthd to late-init
am: 195ff7f79e  -s ours

Change-Id: Ibf16373a783458fd91284254156d5a9a0d70252d
2016-10-27 16:02:24 +00:00
Andriy Naborskyy 195ff7f79e DO NOT MERGE ANYWHERE init: move healthd to late-init
Starting healthd in early-init can cause SELinux denials if healthd
or any device-specific libraries try to log.

Now healthd is starting at boot as usual service.

Bug: 30292927
Change-Id: I367d022f5885122da49181db3db536012e83f564
2016-10-25 19:49:57 +00:00
Tianjie Xu 37d7d67ca2 DO NOT MERGE Report uncrypt errors in details
Add the error codes for uncrypt and report the failure details in
uncrypt_status.

Test: uncrypt_error logs correctly in last_install
Bug: 31603820
Change-Id: I8e0de845ce1707b6f8f5ae84564c5e93fd5f5ef5
(cherry picked from commit da44cf18f3)
2016-09-29 18:06:04 +00:00
Tao Bao a8c0d0b43a DO NOT MERGE Duplicate the last_install content into last_log.
Currently we save the OTA metrics in last_install, which keeps the data
for the _last_ install only. This CL logs the same content into last_log
so that we keep the metrics for every install.

Bug: 31607469
Test: Apply an update (via OTA and sideload) and check last_log and last_install.

Change-Id: Id8f174d79534fddc9f06d72a4e69b2b1d8ab186c
(cherry picked from commit f4885adc18)
2016-09-26 22:10:07 -07:00
Tianjie Xu 41a3fd4e20 Check corruption when reading uncrypt_status file
Bug: 31383361
Change-Id: I0de920916da213528d73b742e4823b4a98c63ea1
(cherry picked from commit 1c1864f321)
2016-09-13 14:04:55 -07:00
Tianjie Xu e16e799dfd save uncrypt status to last_install
Save the uncrypt time cost to /cache/recovery/uncrypt_status. Recovery
reads the file and saves its contents to last_install.

Bug: 31383361
Test: Tested on angler and uncrypt_time reports correctly.

(cherry picked from commit fe16b5ccaf)

Change-Id: Id69681a35c7eb2f0eb21b48e3616dcda82ce41b8
2016-09-12 16:59:48 -07:00
Tianjie Xu 62ab2a0fbc "view recovery logs" will show /tmp/recovery.log
For A/B devices, "view recovery logs" doesn't work due to the lack
of cache partition. To help debugging, we'll show /tmp/recovery.log
instead if /cache is not found.

Change-Id: Idb77c3a4c30388148a210b38d732a7b27e757bba
Test: Tested on an A/B device and /tmp/recovery.log showed up.
Bug: 30905700
(cherry picked from commit a54f75ede8)
2016-08-17 15:07:50 -07:00
Alex Deymo 53c107f068 Add inttypes.h for PRIu64.
This missing header is needed to use PRIu64 macros.

Bug: 27178350
TEST=`mma bootable/recovery` on the failing branch.

Change-Id: I165701e8019256426d3f6a4168db52c6a0197c4d
2016-08-12 13:46:17 -07:00
Alex Deymo 4344d636d4 Call update_engine_sideload from recovery.
This patch enables sideloading an OTA on A/B devices while running from
recovery. Recovery accepts the same OTA package format as recent
versions of GMS, which consists of .zip file with the payload in it.

Bug: 27178350
TEST=`adb sideload` successfully a full OTA (*)
TEST=Failed to take several invalid payloads (wrong product,
fingerprint, update type, serial, etc).

<small>(*) with no postinstall script.</small>

Change-Id: I951869340100feb5a37e41fac0ee59c10095659e
2016-08-11 18:55:11 -07:00
Bill Yi e49c0d6406 Import translations. DO NOT MERGE
Change-Id: If24c94c20f8e4c37c119dcaff765e9ee59e48ef4
Auto-generated-cl: translation import
2016-07-20 19:24:24 -07:00