The fopen_path will fail here e.g. if /cache is corrupt and could
not be mounted. Not properly handling an error code from
fopen_path() results in a boot loop into recovery as fwrite() on
a NULL FILE object will crash the recovery app.
Change-Id: I1ccff5a8cb620a32f32adfe97a3fae8e5e908f39
[root cause ] miniui has no mechanism to protect
the buffer which is displaying
[changes ] recovery
[side effects] ui show
[self test ] sc9850-2 general operation has not display abnormal
[reviewers ] xinglong.zhu
Signed-off-by: xinglong.zhu <xinglong.zhu@spreadtrum.com>
[change_type ] AOB --> google_original
[tag_product ] common
Change-Id: I989a0b2943ff6070a0e98718cfbe95144510d3a2
A Certificate is a pair of an RSAPublicKey and a particular hash. So v1
and v3 differ in the hash algorithm (SHA-1 vs SHA-256), similarly for
v2 and v4.
In verifier testcases, we used to load v1/v2 keys with an explicit
argument of "sha256" to test the v3/v4 keys. This CL switches to loading
v3/v4 keys directly and lets load_keys() to handle that, which is the
actual flow we use in practice.
Also remove the "fallback to v1 key" in the testcases, which is not the
actual behavior.
Bug: 30415901
Test: Run the verifier_test component test on device.
Change-Id: I3a2baa64826f1b6c4c367a560090df384c4521bb
After process the text images with pngquant, I encountered a
image-loading error when doing graphic tests on angler. The command
"pngcrush -c 0 $imagename" resolves this error and gives almost the
same compression rate. So regenerate all the text images with "pngcrush
-c 0"
Bug: 30415666
Test: Run graphics test on angler and the background text looks good.
Change-Id: I5d989c1230e826407287265fc559349a7bd29303
Update the text images according to the new translations of
"b+sr+Latn", "be-rBY", and "bs-rBA". Also switch to pngquant
which gives a better compression rate.
Bug: 30415666
Change-Id: I6eae5dd7be4c7f1f93c50113822caac9868e0f95
* Use const reference parameter type to avoid unnecessary copy.
* Use more efficient overloaded string methods.
Bug: 30407689
Bug: 30411878
Change-Id: Iefab05c077367f272abf545036b853e8a295c8cd
Test: build with WITH_TIDY=1
Distinguish our "services.cpp" more clearly from the regular adbd
"services.cpp", and remove a few useless includes of "sysdeps.h".
Change-Id: Ided4945a3ac5916133322ca7e95fa51add9abaa4
Move A/B-specific fields, effectively slot_suffix as in this CL, out of
bootloader_message struct. Those A/B-specific fields are expected to be
managed by the A/B-bootloader or boot control HAL, which shouldn't be
cleared by recovery or uncrypt.
Round up the bootloader_message struct to 2-KiB. Round up the
bootloader_message_ab struct to 4-KiB.
Bug: 29193360
Change-Id: I5740a612456da6d4d3b00e49a202d8f689d32690
When recovery starts with --brick, it tries to brick the device by
securely wiping all the partitions as listed in /etc/recovery.brick.
This is designed to support bricking lost devices.
Bug: 27253717
Change-Id: Ib0bd4f0a3bdaca4febc91fce6b682e3ec74354e2
In rootfs context, the verity mode must be supplied by the bootloader
to the kernel. This patch creates a new verity_corrupted field in the
slot metadata structure to remind that this slot is corrupted from a
dm-verity point of view.
If the bootloader receives the "dm-verity device corrupted" reboot
target, it should set this bit to 1. If this bit value is 1, the
bootloader should set the veritymode to "eio".
Change-Id: I9335a39d7d009200318c58c53a3139d542788a9b
Signed-off-by: Jeremy Compostella <jeremy.compostella@intel.com>