fastbootd is a userspace daemon that runs in the recovery
ramdisk. It allows writing single partitions to the super
partition via fastboot CLI. When TWRP sees the fastboot option
in the misc partition during startup, it will start with
the fastbootd page and fastbootd running. Otherwise it will
run recovery normally.
Change-Id: Id7b12d29ef21dbd5950dc884dd1cd788f25357f0
This allows flame to boot TWRP. Still will need to work on
super partition for vendor and system access.
The plan will be to cherry-pick any updates to android-9.0
through gerrit.twrp.me to this branch as a WIP.
It should belong to the default /misc implementation of boot control
1.1. Right now, it's only used by cuttlefish. So move it over to reduce
confusion in bootloader_message.
Bug: 131775112
Test: build
Change-Id: If09bc6f4cc8adf74c8798048c8e54ec94566abaa
(cherry picked from commit dc4d2a70db40a302cb7001ddbc41816e7187d5c5)
This adds a sanity check in addition to the version number in case misc
contains random bits.
Bug: 139156011
Test: manual test
Change-Id: Ie4f3731d2b1795340881c88e0c4eec9cd4432653
The layout of the vendor space /misc partition was pretty confusing and
lead to some usage conflicts. To formalize the layout, we create a pixel
specific library with the definition & offset of various flags. The new
library also handles the R/W. As a result, we will leave system domain
/misc definitions in the libbootloader_message.
We also switch the misc_writer binary to use more specific options
instead of writing an arbitrary hex string. So we can avoid redefining
the string & offset in both init script and recovery ui.
Bug: 131775112
Test: unit tests pass, run misc_writer and check contents of /misc
Change-Id: I00f8842a81d1929e31a1de4d5eb09575ffad47c0
Move merge_status from bootloader_control_ab, which is in vendor space,
to a new generic AOSP struct in system space. This will allow more
devices to share the same HAL implementation.
This patch also changes libboot_control to compensate for merge_status
moving out of vendor space. The reference HAL library now also provides
separate helper functions for managing the merge status, so devices
using a custom boot control HAL can still take advantage of the new misc
implementation.
Bug: 139156011
Test: manual test
Change-Id: I5cd824e25f9d07aad1476301def5cdc3f506b029
This reduces the wipe space from 32K to 16K. The wipe space is now
at the 16K-32K region. The 32K-64K region is now "system space", to
complement the vendor space, for generic AOSP usage.
Bug: 139156011
Test: manual test
Change-Id: I1474bfa65a5f21049ab64ec0aee2f4585b55f60f
A global std::string, even if not used, pollutes the bss section
unnecessarily. Since this object is only there for testing, make it
std::optional<std::string>, which is constexpr constructible.
Bug: 138856262
Test: Along with a fix in fs_mgr, see that the bss section for
libbootloader_message.so is now clean on cuttlefish for several
processes.
Change-Id: I6df837dded88d979ffe14d5b2770b120bcf87341
bootloader_message.h currently divides /misc into four segments. The
space between 2K and 16K is reserved for vendor use (e.g. bootloader
persists flags). This CL adds a vendor tool "misc_writer", to allow
writing data to the vendor space in /misc, before getting a dedicated
HAL for accessing /misc partition (b/131775112).
Targets need to explicitly include the module, then invoke the
executable to write data. For example, the following command will write
3-byte data ("0xABCDEF") to offset 4 in vendor space (i.e. 2048 + 4 in
/misc).
$ /vendor/bin/misc_writer --vendor-space-offset 4 --hex-string 0xABCDEF
Bug: 132906936
Test: Run recovery_unit_test on crosshatch.
Test: Call the command via init.hardware.rc on crosshatch. Check that
the call finishes successfully. Then check the contents written to
/misc (`dd bs=1 skip=2048 if=/dev/block/sda2 count=32 | xxd`).
Change-Id: I79548fc63fc79b705a0320868690569c3106949f
Merged-In: I79548fc63fc79b705a0320868690569c3106949f
(cherry picked from commit 7ae0169842)
bootloader_message.h currently divides /misc into four segments. The
space between 2K and 16K is reserved for vendor use (e.g. bootloader
persists flags). This CL adds a vendor tool "misc_writer", to allow
writing data to the vendor space in /misc, before getting a dedicated
HAL for accessing /misc partition (b/131775112).
Targets need to explicitly include the module, then invoke the
executable to write data. For example, the following command will write
3-byte data ("0xABCDEF") to offset 4 in vendor space (i.e. 2048 + 4 in
/misc).
$ /vendor/bin/misc_writer --vendor-space-offset 4 --hex-string 0xABCDEF
Bug: 132906936
Test: Run recovery_unit_test on crosshatch.
Test: Call the command via init.hardware.rc on crosshatch. Check that
the call finishes successfully. Then check the contents written to
/misc (`dd bs=1 skip=2048 if=/dev/block/sda2 count=32 | xxd`).
Change-Id: I79548fc63fc79b705a0320868690569c3106949f
libfstab is not built for darwin, don't build libbootloader_message
either.
Bug: 131709594
Test: m PRODUCT-sdk-sdk sdk_repo
Change-Id: I6e3b04f1c3e97d5aa6ac0452bf13e714f8dae437
Also, strlcat is not available on host, so use
std::string::operator+= instead.
Test: cuttlefish
Bug: 79094284
Change-Id: I1e69daeb522ca73f43e0c4855cf099a021ed4d47
Also add libfstab dependencies where needed. Previously the
`typedef struct FstabEntry Volume;` line served to both define a
`struct FstabEntry` as well as alias Volume to it. With the new
namespace for android::fs_mgr::FstabEntry, `struct FstabEntry` isn't
compatible anymore, so we need to alias Volume to the real
android::fs_mgr::FstabEntry.
In doing so, we need to include <fstab/fstab.h> and this requires
libfstab as a library, which a few modules did not have before.
Test: treehugger
Change-Id: I655209a0efb304b3e0568db0748bd5cf7cecbdb7
And uses the shared lib version of libbase and libfs_mgr.
Bug: 78793464
Test: `m dist`
Test: Run recovery_{unit,component}_test on marlin.
Change-Id: I750c02d0bfccd6e58fb01f641de02532ace52e00
Libraries that are direct or indirect dependencies of modules installed
to recovery partition (e.g. adbd) are marked as recovery_available:
true. This allows a recovery variant of the lib is created when it is
depended by other recovery or recovery_available modules.
Bug: 79146551
Test: m -j
Change-Id: I9ca07ef53fbd89e7c86c0ba269fa52bb48d6deb4
The update_channel field is used to store the Omaha update channel
if update_engine is compiled with Omaha support.
We need it to be in misc to persist through factory reset.
Bug: 72332119
Test: mma
Change-Id: Ied4fecc6e78cc69d33a36ba4d101d675100f9d82
We encountered segfaults in Imgdiff host tests due to the failure to
reset states of getopt. The problem can be solved by switching to use
bionic's gtest where a new process is forked for each test.
Also modify the recovery_component_test to make sure it runs in parallel.
Changes include:
1. Merge the writes to misc partition into one single test.
2. Change the hard coded location "/cache/saved.file" into a configurable
variable.
Bug: 67849209
Test: recovery tests pass
Change-Id: I165d313f32b83393fb7922c5078636ac40b50bc2
Turn on -Wall for all modules. Also remove the obsolete file_cmp() in
apply_patch test and now() in wear_ui.
The only exception is lib_edify due to the unused functions in the
intermediate cpp files generated from the lex files. It will be handled
in a seperate CL.
Bug: 64939312
Test: mma, unit tests pass
Change-Id: Ic53f76b60b6401ab20db3d98130d674c08e3702f
The added bootctrl.bcb module implement the legacy interface for the
bootctrl HAL based on the Boot Control Block (BCB) and the headers
already specified in the booloader_message library.
This serves as a reference implementation of the boot_control HAL.
Bug: 32707546
Test: Tested internally that a device can use this HAL to flip slots and
recovery from a /misc wipe.
Change-Id: Ic02e5aaf4de7d0a1780eac4e8705dae20d0b3e10
This reverts commit 37bd44174b.
The logic here is better to be moved into fs_mgr, not fs_mgr clients.
Bug: 35811655
Bug: 36502022
Change-Id: Iae79bd8f7131516ad223f3323f1bc1d805206d51
Test: normal boot sailfish, go to Settings > System & tap
on "Factory Data reset"
Test: recovery boot sailfish
libbootloader_message is used by both normal boot and recovery boot.
It needs to use different fstab paths, respectively. Otherwise, factory
reset will fail when we move /fstab.{ro.hardware} to /vendor/etc/.
Recovery boot: fs_mgr_read_fstab_with_dt("/etc/recovery.fstab")
Normal boot: fs_mgr_read_fstab_default()
Bug: 35811655
Bug: 36502022
Test: normal boot sailfish, go to Settings > System & tap on
"Factory Data reset"
Test: recovery boot sailfish
Change-Id: I253f5bdfb9be8a01f80856eb1194f85cdf992bbd
The fstab settings of early-mounted partitions (e.g., /vendor) will be in
kernel device tree. Switch to the new API to get the whole settings with
those in device tree:
fs_mgr_read_fstab_with_dt("/etc/recovery.fstab")
The original default /fstab.{ro.hardware} might be moved to
/vendor/etc/. or /odm/etc/. Use another new API to get the default fstab
instead of using the hard-coded /fstab.{ro.hardware}. This API also
includes the settings from device tree:
fs_mgr_read_fstab_default()
Bug: 35811655
Test: boot sailfish recovery
Change-Id: Iaa56ac7f7b4c4dfc7180c65f03e9a37b94f1de09
It was pointed out to me by gmrt that O_APPEND is incorrect, as lseek
before writing would be undone (perhaps we avoided this issue due to
an inability to write beyond the end of a partition) and O_RDWR is not
necessary to lseek. When AOSP switched from fopen to open, they also
removed the full partition wipe (fopen in wb mode) before each write,
so this is no longer an issue. Completely restore the original AOSP
file access mode flags.
Change-Id: I42b4efc5f499360ce5b761d3a2a5d4dac4cdfb65
Globally define BOARD_RECOVERY_BLDRMSG_OFFSET with a decimal integer
to offset the read/write location in misc where the bootloader message
should appear. Example:
BOARD_GLOBAL_CFLAGS := -DBOARD_RECOVERY_BLDRMSG_OFFSET=2048
Edify commands get_stage and set_stage need to be aware of the
custom bootloader msg offset because they write the stage directly
to the BCB.
Change-Id: Ifdb5ffe3e893a651be59ae63e3a0ebadd828c9f2
* Rebase of https://gerrit.omnirom.org/#/c/20750/ patch-set 3
* Original commit message:
fix: recently a change in AOSP causes a bootloop to TWRP
(and therefore all ROM's based on it)
Reason: AOSP enables use of /misc partition and normally the fstab in
TWRP will not have /misc added. The problem is now when Android writes
a wipe command to /misc it will force TWRP to boot but TWRP will do
nothing - leaving the cmd in /misc. This results in a bootloop to TWRP.
Solution: I added a new var TW_IGNORE_MISC_WIPE_DATA which can be
set to "true" in Boardconfig.mk of a device requiring this which then
ignores /misc commands like it would be when /misc would be just not in
fstab BUT with this change TWRP clears the bit in /misc so a normal boot
can happen.
Besides that if the device do not have an own recovery key combo and
/misc is enabled we want to open TWRP after walking through the factory
reset screen - without actually doing a factory reset.
kudos to nailyk (and DevUt) for the help with the C++ code!
Change-Id: If6fed5872015f1a66304e3edbdb787c507236f69
This is a retry of commit 7e31f421a5.
Commit bd56f1590c switches to calling
write_bootloader_message(<options>) in get_args(), which
unintentionally resets the stage field thus breaks two-step OTAs.
This CL adds update_bootloader_message(<options>), which only sets
the command field (to "boot-recovery") and the recovery field (with
the specified options).
Bug: 33534933
Test: Apply a two-step package.
Test: recovery_component_test passes.
Change-Id: Ie0b1ed4053d2d3c97d9cb84310d616b28fcfc72e
Commit bd56f1590c switches to calling
write_bootloader_message(<options>) in get_args(), which
unintentionally resets the stage field thus breaks two-step OTAs.
This CL changes write_bootloader_message(<options>) to only set the
command field (to "boot-recovery") and the recovery field (with the
specified options).
Test: Apply a two-step package.
Change-Id: I6905918812c7d3402cc1524688079066a4d22d29
This single blank line was introduced by some cherry-pick, which is
causing merge conflicts.
Test: N/A
Change-Id: Ida527b76fca7cc916499c5f888476c8e51ba3eaa
Add read_bootloader_message_from() and write_bootloader_message_to() to
allow specifying the BCB device (/misc).
Also add testcases for set_stage() and get_stage().
Test: recovery_component_test passes.
Test: Build a recovery image and apply a two-step OTA package.
Change-Id: If5ab06a1aaaea168d2a9e5dd63c07c0a3190e4ae
