Browse Source

recovery: Allow bypassing signature verification on non-release builds

For non-release (userdebug, eng) builds, when signature verification
fails, ask the user whether they wish to install anyway.

Change-Id: I950ad455e6f698cabe348f0482eb64287cc88a08
Tom Marshall 3 years ago
parent
commit
7dd1fe8874
5 changed files with 35 additions and 14 deletions
  1. 2
    2
      adb_install.cpp
  2. 1
    1
      adb_install.h
  3. 5
    5
      install.cpp
  4. 2
    2
      install.h
  5. 25
    4
      recovery.cpp

+ 2
- 2
adb_install.cpp View File

@@ -144,7 +144,7 @@ void sideload_wait(bool cancel) {
144 144
   pthread_join(sideload_thread, nullptr);
145 145
 }
146 146
 
147
-int sideload_install(bool* wipe_cache, const char* install_file) {
147
+int sideload_install(bool* wipe_cache, const char* install_file, bool verify) {
148 148
   int result = INSTALL_ERROR;
149 149
   if (sideload_started) {
150 150
     modified_flash = true;
@@ -154,7 +154,7 @@ int sideload_install(bool* wipe_cache, const char* install_file) {
154 154
     result = install_package(FUSE_SIDELOAD_HOST_PATHNAME,
155 155
                              wipe_cache,
156 156
                              install_file,
157
-                             false, 0);
157
+                             false, 0, verify);
158 158
 
159 159
     set_perf_mode(false);
160 160
   }

+ 1
- 1
adb_install.h View File

@@ -19,7 +19,7 @@
19 19
 
20 20
 void sideload_start();
21 21
 void sideload_wait(bool cancel);
22
-int  sideload_install(bool* wipe_cache, const char* install_file);
22
+int  sideload_install(bool* wipe_cache, const char* install_file, bool verify);
23 23
 void sideload_stop();
24 24
 
25 25
 #endif

+ 5
- 5
install.cpp View File

@@ -572,7 +572,7 @@ bool verify_package_compatibility(ZipArchiveHandle package_zip) {
572 572
 
573 573
 static int really_install_package(std::string path, bool* wipe_cache, bool needs_mount,
574 574
                                   std::vector<std::string>* log_buffer, int retry_count,
575
-                                  int* max_temperature) {
575
+                                  bool verify, int* max_temperature) {
576 576
   ui->SetBackground(RecoveryUI::INSTALLING_UPDATE);
577 577
   ui->Print("Finding update package...\n");
578 578
   // Give verification half the progress bar...
@@ -617,10 +617,10 @@ static int really_install_package(std::string path, bool* wipe_cache, bool needs
617 617
 
618 618
   // Verify package.
619 619
   set_perf_mode(true);
620
-  if (!verify_package(map.addr, map.length)) {
620
+  if (verify && !verify_package(map.addr, map.length)) {
621 621
     log_buffer->push_back(android::base::StringPrintf("error: %d", kZipVerificationFailure));
622 622
     set_perf_mode(false);
623
-    return INSTALL_CORRUPT;
623
+    return INSTALL_UNVERIFIED;
624 624
   }
625 625
 
626 626
   // Try to open the package.
@@ -658,7 +658,7 @@ static int really_install_package(std::string path, bool* wipe_cache, bool needs
658 658
 }
659 659
 
660 660
 int install_package(const std::string& path, bool* wipe_cache, const std::string& install_file,
661
-                    bool needs_mount, int retry_count) {
661
+                    bool needs_mount, int retry_count, bool verify) {
662 662
   CHECK(!path.empty());
663 663
   CHECK(!install_file.empty());
664 664
   CHECK(wipe_cache != nullptr);
@@ -676,7 +676,7 @@ int install_package(const std::string& path, bool* wipe_cache, const std::string
676 676
     result = INSTALL_ERROR;
677 677
   } else {
678 678
     result = really_install_package(path, wipe_cache, needs_mount, &log_buffer, retry_count,
679
-                                    &max_temperature);
679
+                                    verify, &max_temperature);
680 680
   }
681 681
 
682 682
   // Measure the time spent to apply OTA update in seconds.

+ 2
- 2
install.h View File

@@ -21,12 +21,12 @@
21 21
 #include <ziparchive/zip_archive.h>
22 22
 
23 23
 enum { INSTALL_SUCCESS, INSTALL_ERROR, INSTALL_CORRUPT, INSTALL_NONE, INSTALL_SKIPPED,
24
-        INSTALL_RETRY };
24
+        INSTALL_RETRY, INSTALL_UNVERIFIED };
25 25
 
26 26
 // Installs the given update package. If INSTALL_SUCCESS is returned and *wipe_cache is true on
27 27
 // exit, caller should wipe the cache partition.
28 28
 int install_package(const std::string& package, bool* wipe_cache, const std::string& install_file,
29
-                    bool needs_mount, int retry_count);
29
+                    bool needs_mount, int retry_count, bool verify);
30 30
 
31 31
 // Verify the package by ota keys. Return true if the package is verified successfully,
32 32
 // otherwise return false.

+ 25
- 4
recovery.cpp View File

@@ -901,6 +901,15 @@ static bool yes_no(Device* device, const char* question1, const char* question2)
901 901
     return (chosen_item == 1);
902 902
 }
903 903
 
904
+static bool ask_to_continue_unverified_install(Device* device) {
905
+#ifdef RELEASE_BUILD
906
+    return false;
907
+#else
908
+    ui->SetProgressType(RecoveryUI::EMPTY);
909
+    return yes_no(device, "Signature verification failed", "Install anyway?");
910
+#endif
911
+}
912
+
904 913
 static bool ask_to_wipe_data(Device* device) {
905 914
     return yes_no(device, "Wipe all user data?", "  THIS CAN NOT BE UNDONE!");
906 915
 }
@@ -1240,7 +1249,14 @@ static int apply_from_storage(Device* device, VolumeInfo& vi, bool* wipe_cache)
1240 1249
     VolumeManager::Instance()->volumeUnmount(vi.mId, true);
1241 1250
 
1242 1251
     status = install_package(FUSE_SIDELOAD_HOST_PATHNAME, wipe_cache,
1243
-                                 TEMPORARY_INSTALL_FILE, false, 0/*retry_count*/);
1252
+                                 TEMPORARY_INSTALL_FILE, false, 0/*retry_count*/,
1253
+                                 true/*verify*/);
1254
+    if (status == INSTALL_UNVERIFIED &&
1255
+      ask_to_continue_unverified_install(device)) {
1256
+        status = install_package(FUSE_SIDELOAD_HOST_PATHNAME, wipe_cache,
1257
+                                 TEMPORARY_INSTALL_FILE, false, 0/*retry_count*/,
1258
+                                 false/*verify*/);
1259
+    }
1244 1260
 
1245 1261
     finish_sdcard_fuse(token);
1246 1262
     return status;
@@ -1287,10 +1303,15 @@ refresh:
1287 1303
                                       false, 0, device);
1288 1304
         if (item == Device::kRefresh) {
1289 1305
             sideload_wait(false);
1290
-            status = sideload_install(wipe_cache, TEMPORARY_INSTALL_FILE);
1306
+            status = sideload_install(wipe_cache, TEMPORARY_INSTALL_FILE, true);
1307
+            if (status == INSTALL_UNVERIFIED &&
1308
+              ask_to_continue_unverified_install(device)) {
1309
+                status = sideload_install(wipe_cache, TEMPORARY_INSTALL_FILE, false);
1310
+            }
1291 1311
         }
1292 1312
         else {
1293 1313
             sideload_wait(true);
1314
+            status = INSTALL_NONE;
1294 1315
         }
1295 1316
         sideload_stop();
1296 1317
     }
@@ -1892,7 +1913,7 @@ int main(int argc, char **argv) {
1892 1913
       }
1893 1914
 
1894 1915
       status = install_package(update_package, &should_wipe_cache, TEMPORARY_INSTALL_FILE, true,
1895
-                               retry_count);
1916
+                               retry_count, true);
1896 1917
       if (status == INSTALL_SUCCESS && should_wipe_cache) {
1897 1918
         wipe_cache(false, device);
1898 1919
       }
@@ -1955,7 +1976,7 @@ int main(int argc, char **argv) {
1955 1976
     }
1956 1977
     sideload_start();
1957 1978
     sideload_wait(false);
1958
-    status = sideload_install(&should_wipe_cache, TEMPORARY_INSTALL_FILE);
1979
+    status = sideload_install(&should_wipe_cache, TEMPORARY_INSTALL_FILE, true);
1959 1980
     sideload_stop();
1960 1981
     if (status == INSTALL_SUCCESS && should_wipe_cache) {
1961 1982
       if (!wipe_cache(false, device)) {