1. 28 Nov, 2017 4 commits
    • nkk71's avatar
      vold_decrypt: FDE Keymaster 3.0 support · 7d1222a5
      nkk71 authored
      * HTC U11 Oreo is using keymaster3 FDE encryption which requires
        the new services:
          1- /system/bin/hwservicemanager
          2- /vendor/bin/hw/android.hardware.keymaster@3.0-service
          3- /vendor/bin/qseecomd (instead of /system/bin/qseecomd)
        So in addition to /vendor/lib and /vendor/lib64 also
        symlink /system/vendor/bin to /vendor/bin.
      * vold_decrypt services now have separate prefixes:
          1- 'sys_' referring to /system/bin
          2- 'ven_' referring to /vendor/bin
      * The additional (hwservicemanager, keymaster-3-0) and modified
        (qseecomd) .rc files have been updated in the vold_decrypt
        Comments were added directly in the .rc files, please check
      * /etc/recovery.fstab needs to be temporarily moved since
        vold will use it if it finds the '/sbin/recovery' file
        (refer to fs_mgr for the fstab load code https://goo.gl/8KaZyf).
        Since fs_mgr cannot parse TWRP style fstab, we 'hide' it
        and attempt to create a symlink to /fstab.{ro.hardware}.
      Also remove shell dependencies, code cleanup, new error codes:
      * Critical sections of vold_decrypt should not rely on the external
        shell (and the available binaries) provided by TWFunc::Exec_Cmd.
        Doing so may lead to failures resulting from different shell
        provided binaries not working properly, especially since busybox
        can be inconsistent across different trees.
        In particular the following functions have been changed:
        * run_vdc() no longer uses daisy chained commands, instead
          it now forks and executes vdc directly including a 30 second
          built in timeout.
        * Symlink_Firmware_Files() no longer relies on the shell 'find'
          command to retrieve the list of firmware/vendor files and instead
          uses a built in function, Find_Firmware_Files(), which traverses
          the system partition to retrieve the list of files.
      * The code has also been cleaned up a little for better consistency,
        and vold_decrypt will now return various error codes for the
        different failures, as defined in vold_decrypt.h, which allows the
        gui_msg to be moved back to partitionmanager.cpp.
      Notes regarding pre Android 8.0 builds:
      * Service names in .rc files cannot exceed 16 characters (including
        the prepended 'sys_' or 'ven_') in Android 7.1 and below, so a
        service name such as 'sys_hwservicemanager' is out of the question
        for 7.1 and below.
      * hwservicemanager will check ACLs on 'hwservicemanager' and 'ITokenManager'
        if they are even allowed to run, otherwise the interfaces will fail.
        The policies have only been introduced in 8.0, and although it is possible
        to manually add them to the 7.1 policies it's not recommended.
      * Therefore the best course of action is to build in 8.0.
      * SIDE NOTE: On the HTC U11 we are actually using omni-7.1 with some changes
        in the device tree to support both Nougat and Oreo decryption, please
        refer to:
          1- https://gerrit.twrp.me/c/2756/ for the necessary sepolicy and
             BoardConfig changes.
          2- The Android.mk file for vold_decrypt was modified to truncate
             greater than 16 character service names (as mentioned therein)
      Other changes:
      * TW_CRYPTO_SYSTEM_VOLD_DISABLE_TIMEOUT is now deprecated due to built-
        in fork and timeout.
      * Output_dmesg_to_recovery_log() is also deprecated so upon a failed
        decryption the recovery.log will no longer append it, instead you can
        just use 'adb shell dmesg' to check it. Nonetheless if a true debug
        build is needed use the original TW_CRYPTO_SYSTEM_VOLD_DEBUG flag as
        outlined in the original commit message (see below).
      Usage info:
      This is an update to the initial vold_decrypt, for more info refer to
      Change-Id: Id7129d125ae7f5dcba0779489825add718022ba3
    • Ethan Yonker's avatar
      FBE for Pixel 2 · fefe5915
      Ethan Yonker authored
      Includes various minor fixes for building in Android 8 trees with r23+ tag
      Update FBE extended header in libtar to version 2 and include the entire
      ext4_encryption_policy structure now after translating the policy.
      See this post for more details:
      Change-Id: I2af981e51f459b17fcd895fb8c2d3f6c8200e24b
    • Dees Troy's avatar
    • Ethan Yonker's avatar
      Fix issues building with LineageOS cryptfs_hw · dcd9f3f3
      Ethan Yonker authored
      Change-Id: Ie22691433aefa3b8819ec14e0349ee12bd88a1c2
  2. 27 Nov, 2017 3 commits
    • Ethan Yonker's avatar
      Support v2 fstab format · 6e8c27a5
      Ethan Yonker authored
      Auto detect and support both the v1 and v2 fstab formats
      Support putting TWRP style flags in a separate /etc/twrp.flags file
      twrp.flags format is the same as twrp.fstab (v1 with TWRP flags)
      Support using a wildcard in a block device and find all partitions:
      /usb-otg vfat /dev/block/sda*
      Support using sysfs entries (voldmanaged) and read uevents and scan for
      wildcard partitions from uevent data. (twvold?)
      May not be complete for some of the newer flags found in fstabs in newer
      build trees and there is a slim chance of a crash if the user removes a
      removable device while TWRP is performing actions. May need to add some
      kind of mutex to prevent the 2 threads from causing this crash. We need
      to start somewhere though and this change is pretty innocuous when not
      using a v2 fstab.
      Change-Id: I617d97c7db332cbe671a9d2b8ad98b3d9c4f03cc
    • bigbiff bigbiff's avatar
      ADB Backup: Fix gzip backup and restore · adcb4d8c
      bigbiff bigbiff authored
      Change-Id: I92821c7053089d130a5ab73fa36aec486da77bf1
    • bigbiff bigbiff's avatar
      ADB Backup: add ability for TWRP GUI to restore · 19fb79c7
      bigbiff bigbiff authored
      Restore adb backup files that TWRP made to your PC.
      Put files in your backup directory to see them.
      e.g. /sdcard/TWRP/BACKUPS/<sn>
      Change-Id: I2c57970d77b64c39a302159041456e761c185259
  3. 20 Nov, 2017 1 commit
  4. 18 Nov, 2017 2 commits
  5. 17 Nov, 2017 3 commits
    • nkk71's avatar
      Auto detect possible use of legacy props · b4c35913
      nkk71 authored
      * Revert: Make legacy props an option disabled by default
        (reverted from commit 75aa6157)
      * Instead check for ANDROID_PROPERTY_WORKSPACE in the updater-
        binary to determine whether legacy property service can be
      Change-Id: If68d5cca9a2b56edcb1c73db0474668cf46d8c91
    • nkk71's avatar
      Fix mkfs.f2fs build error · 04ec0952
      nkk71 authored
      * OmniROM 8.0 uses AOSP f2fs-tools which builds a static
        mkfs.f2fs directly to $(TARGET_RECOVERY_ROOT_OUT)/sbin
      Change-Id: I364a13e33e71abceab2f9ba1bd3179c2d9672b27
    • nkk71's avatar
      Fix 'No OS' on System_Image restore after wipe · 884bb2bc
      nkk71 authored
      * When you format the system partition, it will remain
        in a mounted state.
      * Subsequently restoring a system_image (even though
        successfully) the Update_System_Details() function
        will not correctly update the system partition
      * Reproducible by:
        1- Advanced wipe: System
        2- Restore: System_Image
        3- Reboot -> No OS prompt
      * eg: [
             ~ # twrp get tw_min_system
                 tw_min_system = 50
             ~ # twrp get tw_backup_system_size
                 tw_backup_system_size = 8
             ~ # mount -o ro /system
             ~ # du -sh /system
                 3.5G    /system
      Change-Id: I99f75274816788dd38eccdd387f7ac691e1f3fab
  6. 26 Sep, 2017 1 commit
  7. 15 Sep, 2017 1 commit
  8. 12 Sep, 2017 1 commit
  9. 08 Sep, 2017 2 commits
  10. 25 Aug, 2017 1 commit
  11. 18 Aug, 2017 1 commit
  12. 15 Aug, 2017 1 commit
  13. 12 Aug, 2017 1 commit
  14. 08 Aug, 2017 1 commit
    • nkk71's avatar
      Show scrollbar on TWRP Settings · 1a230e46
      nkk71 authored
      * The scrollbar is not shown when more options
        are actually available.
      Change-Id: I78b223c5fe12f0cbd73357ca6615f83ff04201e1
  15. 07 Aug, 2017 1 commit
  16. 21 Jul, 2017 1 commit
  17. 06 Jul, 2017 2 commits
  18. 24 Jun, 2017 1 commit
  19. 18 Jun, 2017 1 commit
  20. 17 Jun, 2017 2 commits
    • nkk71's avatar
      Fix incorrect 'unlink' return value check · 9efbe769
      nkk71 authored
      Change-Id: I430f6bb21a5fd87e0422420463e8bb96c4a612e1
    • bigbiff bigbiff's avatar
      twrpDigest refactor · 56cf5646
      bigbiff bigbiff authored
      This patch is to refactor twrpDigest using polymorphism
      and inheritance to use the same call patterns for creating and
      reading a digest. Now a library.
      Use SHA2 from libcrypto. SHA2 is default if device has libcrypto.
      Change string MD5 everywhere to use digest or Digest instead. Updated
      string tags to digest. Translation will be required.
      Switch out digest code into a driver class from partitionmanager.
      SHA2 is better for digest creation due to decreased collision space
      compared to MD5 and SHA1.
      See https://en.wikipedia.org/wiki/SHA-2
      Change-Id: I74b5546789990b12aa4ce2e389d25f80a3fe213f
  21. 15 Jun, 2017 1 commit
    • Jeff Vander Stoep's avatar
      Fix "No file_contexts" warning · e35926e1
      Jeff Vander Stoep authored
      Fixed by Loading the file_contexts specified in libselinux, whereas
      previously recovery loaded /file_contexts which no longer exists.
      Bug: 62587423
      Test: build and flash recovery on Angler. Warning is gone.
      Test: Wipe data and cache.
      Test: sideload OTA
      Change-Id: I11581c878b860ac5f412e6e8e7acde811f37870f
      (cherry picked from commit 2330dd87)
  22. 10 Jun, 2017 1 commit
  23. 08 Jun, 2017 1 commit
  24. 07 Jun, 2017 1 commit
  25. 06 Jun, 2017 1 commit
    • Ethan Yonker's avatar
      Fix minui issues for some build trees · 39662b29
      Ethan Yonker authored
      In trees where TWRP is the primary recovery, minui.h was not setting rules
      properly for healthd because healthd uses clang. Must use
      CLANG_TARGET_GLOBAL_CFLAGS to set global flags.
      Change-Id: I4cd9c88f8fcaec345fe012d09abcb9f24be06ef4
  26. 05 Jun, 2017 1 commit
    • nailyk-fr's avatar
      ors: Update doc · 79605aec
      nailyk-fr authored
      Change-Id: Ia026a8578262d4bb231e1727313ed1f5e323b880
  27. 04 Jun, 2017 2 commits
    • nkk71's avatar
      Improve decrypted partition logging · ffb02bdf
      nkk71 authored
      * Partition information should be updated after successful
        decryption (both userdata and adopted) and then logged
      * Fix adopted storage nickname being ""
      Change-Id: Idcdab84f339e932e62880089bad36e206920dd70
    • bigbiff bigbiff's avatar
      adbbackup: write smaller reads less than 512 bytes · 4a2a1914
      bigbiff bigbiff authored
      This will allow the gzip compression header to be
      written properly to the adb stream.
      Thanks to nkk71 for finding the issue.
      Change-Id: I3d88c5f575ca3fac904d8279f1f246994be2b02f
  28. 03 Jun, 2017 1 commit
    • Ayke van Laethem's avatar
      Fix various memory errors · 05c2de4c
      Ayke van Laethem authored
      There were a few memory errors while restoring a backup via adb (created
      using `adb backup --twrp`).
      On my device (S5 mini) it resulted in this error message:
        FORTIFY: strlen: prevented read past end of buffer
      This commit fixes this issue and a few other potential issues.
      Change-Id: I5022c94c961217238b3fefec0b2c4b8c6fa26ec7