* Export vendor paths for boot-hal as some libs are present in vendor
* hwservicemanager and vndservicemanager are also required by health hal amd boot hal
Change-Id: I9017e0692cdb917db86629588726ba11eafd1e81
Signed-off-by: Mohd Faraz <androiabledroid@gmail.com>
Until the code can be removed, we will turn off openaes encryption
of data files by default. There are many restore issues that are
caused with openaes enabled. For maintainers who want to enable it
set TW_EXCLUDE_ENCRYPTED_BACKUPS := false on BoardConfig.
Change-Id: Ie284b03c7cc4c77a0a9dbcc460817fe3fe08b839
To support all partitions that are on the super partition
we now parse for the logical flag in fstab to denote super
status.
- Remove guards for the first character being '/'.
- Skip commented lines in fstab
- Build Backup_Display_Name from partitions in super.
The first four lines that are in fstab will be
displayed.
Change-Id: I3f8980187bd4a136257dd6eeaeddd7ea71706cd3
Change-Id: I1ee7c02f91aafb646beaf401a43bcb22fa8c8c7a
Since recent kernels seem to limit the number of loopback
devices to 7, we now just mount the required apex files in TWRP.
To mount additional apex files specify TW_ADDITIONAL_APEX_FILES
in your BoardConfig, for example:
TW_ADDITIONAL_APEX_FILES := "apex1 apex2"
To disable Apex in your builds use:
TW_EXLUCDE_APEX := true
Change-Id: Ib55529a4dc17ce2b737b01b86100dca3dc75e6c9
Change-Id: I3b4dfbb164838ffb126016b0d862f67d3f170bf3
This patchset introduces support decryption for Android 11.
In this update we deprecate ext4crypt. To specify the
policy version to use, use TW_USE_FSCRYPT_POLICY := 1 or
TW_USE_FSCRYPT_POLICY := 2. By default policy version will
be set to 2 if this variable is omitted.
Change-Id: I62a29c1bef36c259ec4b11259f71be613d20a112
Simplifies code for retrieving this list rather than using
every possible specified super partition group
Change-Id: I1a3bd8e4b73ce18a176c74a52eb91d25709080f4
Use 'TW_EXCLUDE_NANO := true' to exclude from build
Will be excluded by default if 'TW_OEM_BUILD := true' is set
Change-Id: I812399ef9f3f5d3c7d4baf981924d49255c16e5a
Fixes "__bionic_open_tzdata" errors in recovery log
Use "TW_EXCLUDE_TZDATA := true" flag to exclude from build
if needed for space reasons. Will automatically be excluded
is "TW_OEM_BUILD := true" flag is present
Change-Id: I2f4a0f3a354a32c2f4f9733b3e88beedc4773020
This library will need to mirror AOSP for any changes to installing
packages. The library has been separated out in order to make importing
updates from AOSP into the TWRP project.
twinstall.cpp has been removed from the recovery binary and added to
this library. It has been refactored for libziparchive.
Sideload has been reworked to use the newer methods from AOSP on
flashing packages through adb sideload.
We are also removing old libraries for adb and verifier.
Lastly before flashing a zip or image, we want to unlock block devices
for writing so that when an OTA is flashed to the inactive slot,
the flash will succeed.
Change-Id: I6d8702fc9031ffaf9f666b4ba375dc7d9362e473
Only include hwservicemanager if CRYPTO flag is set and
only include servicemanager if FBE is included.
Only include health-hal if device uses dynamic partitions
Change-Id: I056d0246e406dc9f00bda65247455741ef986a37
BUG: prebuilt vendor blobs are being overriden by vendor partition, which causes failed to decrypt the device
TEST: after this patch vendor is no more overriding and decryption working as expected.
* Devices using the stock or the rom based libs then it needed to add the TW_USES_VENDOR_LIBS := true in the BoardConfig
Change-Id: I3cbc7fe6df2289081e9198941cfb65a1a7e0e6a3
Signed-off-by: Mohd Faraz <androiabledroid@gmail.com>
vndservicemanager should be included with crypto support
boot and health services are needed for bootctrl and fastbootd
hwservicemanager and servicemanager should be included
regardless of crypto status
Change-Id: Ie76dac11b733c4549c2d55301cf614fe82905884
For the back-up menu, we can detail what the super partition includes by
aggregating one of BOARD_GOOGLE_DYNAMIC_PARTITIONS_PARTITION_LIST or
BOARD_QTI_DYNAMIC_PARTITIONS_PARTITION_LIST.
We comma-separate the list and capitalise the first letter of each
dynamic partition.
Change-Id: I663eaf4f28b4591293aae21c2dd11f615f625746
fastbootd is a userspace daemon that runs in the recovery
ramdisk. It allows writing single partitions to the super
partition via fastboot CLI. When TWRP sees the fastboot option
in the misc partition during startup, it will start with
the fastbootd page and fastbootd running. Otherwise it will
run recovery normally.
Change-Id: Id7b12d29ef21dbd5950dc884dd1cd788f25357f0
hwservicemanager and servicemanager are needed for decryption
and fastbootd in TWRP. Include these services by default since
they are standard Android services and independent of device
tree or SoC.
Change-Id: Id0ec73d9a6ca0289c7b4f67e9dcf541b2157c04e
for android-10
This will support updating the ramdisk to a different
compression format and co-exist with magisk.
We are also cleaning up and removing non android-10
api makefile actions.
We are also moving twrp repacking to its own class. We
check the new ramdisk format and if it's different
we have magisk compress using the new ramdisk format.
Change-Id: I770030aae7797e75817178b2f0fccd9f39dc23af
fscrypt aosp doc: https://source.android.com/security/encryption/file-based
kernel fscrypt doc: https://www.kernel.org/doc/html/v4.18/filesystems/fscrypt.html
This commit implements the ability for TWRP to use fscrypt to decrypt
files on the fscrypt implementation. It has been implemented mostly
in a new successor library to e4crypt called libtwrpfscrypt. Most of the
code was ported from AOSP vold.
Notable updates include:
- updated policy storage by libtar
- lookup of fbe policies by libtwrpfscrypt
- threaded keystore operations
Big thanks to Dees_Troy for the initial trailblazing
of encryption in TWRP.
Change-Id: I69cd2eba3693a9914e00213d4943229635d0cdae
This function will automatically decrypt .ozip file in a .zip and it will
save the .zip in the same folder of the .ozip and with the same name.
After the decryption, the flash will start.
To enable this function you have to set a Boardconfig flag with the
decryption key like i did here:
a30625f80a
Original projects:
https://github.com/sabpprook/ozip2ziphttps://github.com/bkerler/oppo_ozip_decrypt
Change-Id: Ic93243a565008c442bcf2992069b2801532ac7c1
(cherry picked from commit 0ff59845f2f8dddedb4cee9a9faf86a6294cce66)
This patch uses the loop device to mount files under
/sbin/ from /system/apex in order for the device to
use libraries or other files store inside these files.
Each apex file is mounted over a loop device into a
directory correpsonding to the apex filename under
/sbin/.
Once apex mounting is completed, TWRP will set a
property twrp.apex.loaded to true so that init
can use them as a LD_LIBARY_PATH source.
Change-Id: I69f14a969123ac9cf1afc85b6cf76836cb092fb2
Change-Id: Ica6a7d8e479bcaec8bec4483b5e8d2b45ee105fb
We are now requiring fstab v2 for android-10+ trees. You can
specify twrp flags using /etc/twrp.flags to label and
annotate partitions.
This patchset uses fs_mgr to load the super partition and build
device mapper blocks off vendor and system depending on the slot
in use. These are mapped to partitions in TWRP and allowed to
be mounted read-only. The super partition is also mapped into a
TWRP partition in order to backup the entire partition. You cannot
backup individual device mapper blocks due to the device can only
be read-only. Therefore you cannot write back to the device mapper.
Change-Id: Icc1d895dcf96ad5ba03989c9bf759419d83673a3
The current fastbootd only supports USB protocol. But some Android TV
devices are built without USB port. The fastbootd cannot be used on
those ATV devices due to it. aosp/1295566 enables fastbootd over
ethernet.
This change adds an EthernetDevice to manage ethernet connection and set
fastbootd protcol property fastbootd.protocol to enable fastbootd over
ethernet in recovery mode. It uses IPv6 link-local address to not expose
the devices out of the network segment. The devices who want to use this
EthernetDevice should add
“TARGET_RECOVERY_UI_LIB := librecovery_ui_ethernet” into BoardConfig.mk.
BUG: 152544169
BUG: 155198345
Test: Enter and exit fastboot mode and check eth0 IPv6 link-local address
on screen UI.
Change-Id: I73fe44be3790bdba5a6059fbba3f7264b21eed99
Merged-In: I73fe44be3790bdba5a6059fbba3f7264b21eed99
I created also a new flag for who wants to use busybox
on android 9+ trees.
To use busybox set the flag like this:
TW_FORCE_USE_BUSYBOX := true
Change-Id: If2231e71c008b36e9ae09857539b82d77e2a9a06
(cherry picked from commit 8ff93eb2234f31298d4f3cfe903887c3f6ecc583)
- Requires TW_INCLUDE_LIBRESETPROP
(set automatically if TW_OEM_BUILD is not set)
- Set based on installed system (if present)
- Will set values back to TWRP defaults
after decryption completes
- Only included/run on Oreo+ systems
Change-Id: I41fcc1af8cd4b15329574f7403f7491320199f48
(cherry picked from commit 3284a66e23fbc6e1a82df668b497ef931d9c0081)
* On multiline string variable it adds spaces
Change-Id: I0f9140f3840b0238009af2271ac67b25754f76c9
Signed-off-by: Mohd Faraz <androiabledroid@gmail.com>
Add missing init.rc files for recovery.
Cleanup init symbolic links.
Comment out removing the source file in relink.sh because we need
to retain files in /system in the ramdisk.
Change-Id: Ie959024296738538f3b3161e38027a44525b0696
Change-Id: I5b1a744414b88a9a15c56bd81f37091664d5cdf1
Starting with android-10.0 we should only use tools from toybox.
Toyxbox in android-10.0 is specified as a recovery target, so
we just move the symlinks in our relink target.
Change-Id: Ic0116a7d583519b39422ac4d82d30e00918eb29d
This allows flame to boot TWRP. Still will need to work on
super partition for vendor and system access.
The plan will be to cherry-pick any updates to android-9.0
through gerrit.twrp.me to this branch as a WIP.
