Age | Commit message (Collapse) | Author |
|
lmp-mr1-dev
|
|
Due to OEM requests, add a reference implementation for boot/recovery
image signature verification in C. The tool uses OpenSSL for ASN.1 and
crypto routines.
Bug: 18120110
Change-Id: I9f6c59e0b338b68f35ac1c2c4d83c10d31d70cd9
|
|
automerge: 8f85f69
* commit '8f85f69f43dc3a2943d33d0d47740b2528a0735f':
Support [-j <journal_size>] in mkuserimg.sh
|
|
Bug: 18430740
(cherry picked from commit 1ec61e7ac5fd7553b143231e8d650ef4ba432344)
Change-Id: I8704dfd4f91373261b03d7943e40cc9fdf39a0a7
|
|
Bug: 18430740
Change-Id: Ia76cd4ef1b35c48c60c4922d7d28b21978d56159
|
|
This change adds -verify flags to keystore and verity signers for
verifying the signatures of the signed content generated by the
same tools. This allows implementers of verified boot to test and
verify the correctness of their implementations.
Bug: 15984840
Change-Id: I327de9c3a9e035cd11dc5022e978c840cd37581c
|
|
Clearly mark the comment above main() as an example and fix
the parameters in the example command. Also briefly document
the arguments in the main function for clarity.
Bug: 18376609
Change-Id: I84eaf75799a8128100eb97c70e04563c609e9928
|
|
Adds signature verification support to BootSignature.java.
Bug: 15984840
Bug: 18120110
Change-Id: Ib1a67573bdcd0f41e2d920f518de15993c8750e0
(cherry picked from commit 7999c089cfa82d63d4a28606c78b381b74509175)
|
|
Use the same PKCS8 format as every other signing tool, and update
the signature format to use SHA-256 instead of SHA-1.
Bug: 15984840
Bug: 18120110
Change-Id: I6ac9e3594b5ae572f5b6763f3bd5b1bdb6ba2ad2
(cherry picked from commit 19c6bb5fe97c877976ef79762c6051223b8d2213)
|
|
fs_mgr requires an RSA public key in mincrypt format for verifying
dm-verity hash tables. Add support for extracting public keys from
existing X.509 certificates and converting it into mincrypt format
for use with fs_mgr.
Bug: 15984840
Bug: 18120110
Change-Id: Ibcdca116cdc32dfa33d8f5636ec728244cbf6fd5
(cherry picked from commit 82d824a6b5028930abd87ecd870924c72d3b3931)
|
|
This tool takes a sparse ext4 image file, reads verity metadata
from it, and verifies the signature of the verity table.
Bug: 15984840
Bug: 18120110
Change-Id: I384a9ff885a0ffcd8febf100e76f3a1e5c7bbdab
(cherry picked from commit c18aa9d69a69549b50966e322abe59cfa04edfe4)
|
|
This reverts commit 7377e002421ed9a04cc94cd808c234f48d93924d.
Change-Id: I4b1d83b62ae4d4dd6952663744b1171b3e0d0766
Signed-off-by: Iliyan Malchev <malchev@google.com>
|
|
This reverts commit b62eabde2db40f01dfed1cef48ac2cbabdff4d03.
Change-Id: I98019b7990c5436fe6ad5ef1052729478bccbe17
|
|
Add the full X.509v3 certificate to the signature footer for easier
verification.
Change-Id: Ic969e9c1e4ab1a25ffdde2ab818b8edf2ad95253
(cherry picked from commit f67d3764c641e53d4a1b925b4d02fec92b7e894a)
|
|
In particular this changes the OID to the SHA1 OID and
appends the full BootSignature.
This is cherry-picked from a WIP bug checked into master, but is complete.
The work in finalized by further changes from Sami Tolvanen
Bug: 15984840
Change-Id: Ic43784fc339b9aedf91363c9ec9a453c3bb53294
(cherry picked from commit 1f2ebbd57e86fb0749aeb453fb337065985ab9c6)
|
|
Bug: 17360804
Bug: 17332389
Change-Id: I1bc5441eec9fcfb61d4ba41bd74e895fc5978a4f
Signed-off-by: Daniel Rosenberg <drosen@google.com>
|
|
This reverts commit 4bf06a51869f49d7ee3fb0163a2517ec5e33ba1f.
Bug: 17360804
Bug: 17332389
Change-Id: I7e4d55215f391f5b3f71388943e9d95e5eff6f81
|
|
see comment above pagemap_read() from the kernel
Bug: 17332389
Change-Id: Iaec9a2c8d2783f5c1e7ba06d9c7156305abe0453
Signed-off-by: Daniel Rosenberg <drosen@google.com>
|
|
Bug: 15749466
Change-Id: I3f7f13698e88efd7ffeb00c1ba3a070527a3f6a0
Signed-off-by: Daniel Rosenberg <drosen@google.com>
|
|
Bug: 15749466
Change-Id: I31ecefc0cf2ebfba1652a8b87fd70b045624ffa4
Signed-off-by: Daniel Rosenberg <drosen@google.com>
|
|
Bug: 15749466
Change-Id: Idca63cf0ddc84462485cdd266d473a32833fed74
Signed-off-by: Daniel Rosenberg <drosen@google.com>
|
|
Bug: 15749466
Change-Id: I27b386e708e04d449fe460d1f9be553b438c9156
Signed-off-by: Daniel Rosenberg <drosen@google.com>
|
|
inode_allocate_file_extents should return NULL if allocation fails.
Bug: 16984795
Change-Id: I7d2b9d61ca81f8e1869dbac3d8bde79bb5799fa9
|
|
Add the -B option to make_ext4fs, which causes it to record the block
ranges used for each (regular) file in the image. We can use this
information to construct more efficient block-based incremental OTAs.
Bug: 16984795
Change-Id: I2a5325bb89948f63c76e93fdfa84c51f9b050104
|
|
Rename micro_bench32 to micro_bench for backwards compatibility.
Change-Id: I130f281967cffc3e337d27e84c4caa66d39d1385
|
|
BootSigner -> BootSignature mixup.
Change-Id: Ifae0f5d69540996f8b71dfccf4df0db7349269c4
|
|
Change-Id: Iea200def2fdd8a0d366888bb7b1ae401297063f1
|
|
The tools fills up the filesystem completely then removes a set of files
of predefined size to free up some predefined non-contiguous free space.
It is used with benchmarking tools like fio to collect metrics on a used filesystem with sparse free space.
Change-Id: Ieb1d38c0f95c51462060e541a662c378b79d81fb
|
|
mkf2fsuserimg.sh)"
* commit 'f4fca2d557337f739fdc1617816a3f7d45c0a124':
f2fs_utils: make Mac builds happy (copy out mkf2fsuserimg.sh)
|
|
dynamic libf2fs"
* commit 'e36eaf9d3c84b381d3d6556efc00a454eb0d69e8':
f2fs utils: set correct dependency on dynamic libf2fs
|
|
* commit '8cfc86f43db78ad9ce72c6bbb40b980b2aab0a3c':
f2fs utils: Add mkf2fsuserimg.sh and make_f2fs
f2fs_utils: support new f2fs-tools f2fs_finalize_device API.
f2fs_utils: provide sparse io and dynamic load.
|
|
mkf2fsuserimg.sh)"
* commit '2dd33a8f11b320fc5decd5de57730ab4a1d3aaa4':
f2fs_utils: make Mac builds happy (copy out mkf2fsuserimg.sh)
|
|
* commit 'a5dc6a8e3ca30e815d59cab72e7b0abf9a147e30':
f2fs utils: set correct dependency on dynamic libf2fs
|
|
* commit 'd2f07839cb85ad5b78665892deb12d2d353daab0':
f2fs utils: Add mkf2fsuserimg.sh and make_f2fs
f2fs_utils: support new f2fs-tools f2fs_finalize_device API.
f2fs_utils: provide sparse io and dynamic load.
|
|
|
|
Change-Id: I8f911f2d084aee08f3f53da984d5c3d2a252cb05
Signed-off-by: JP Abgrall <jpa@google.com>
|
|
* changes:
f2fs utils: Add mkf2fsuserimg.sh and make_f2fs
f2fs_utils: support new f2fs-tools f2fs_finalize_device API.
f2fs_utils: provide sparse io and dynamic load.
|
|
This is used to generate empty userdata.img files.
Normally, "fastboot format userdata" should be used.
Caveats:
- It only builds an empty sparse image.
- windows/mac unsupported
Change-Id: I5fbd9724fdd3f4513e7c91f123fc5fffcb475012
Signed-off-by: JP Abgrall <jpa@google.com>
|
|
Change-Id: Id5a6a7edc7871a6c0eb452ad7136732b9a730e6a
Signed-off-by: JP Abgrall <jpa@google.com>
|
|
This uses
external/f2fs-tools LGPL v2.1
It provides low-level IO functions that f2fs-tools/mkfs expects
for writing to the media. In this case we use the sparse lib.
Change-Id: I8d141a0d4d14df9fe84d3b131484e9696fcd8870
Signed-off-by: JP Abgrall <jpa@google.com>
|
|
|
|
Don't link against it anymore.
Just let dlopen() deal with it correctly.
The "config" struct will come from the f2fs_ioutils
and libf2fs_fmt_host expects to have it global, so let
link with -rdynamic and let dlopen() resolve it.
Be more aggressive with linux-only builds.
Bug: 15717498
Change-Id: I03ebebed1fc652170b44f809df42c1f8595216eb
Signed-off-by: JP Abgrall <jpa@google.com>
|
|
* commit 'ab3233befb8381bd1a15f81f3261fa81dd55f297':
Create 32 bit and 64 bit versions of exes.
|
|
* commit '6aa751752e36c570415919990d1ca35d564f09b9':
Create 32 bit and 64 bit versions of exes.
|
|
|
|
Change-Id: Ifc639b7ed97c75faf0ce52475e7c3ec0dc2dd9b9
|
|
arc4random."
* commit '676880b973daa4f0b214b51596e138a3702e5f17':
Remove a useless so-called test for arc4random.
|
|
* commit '0795553f0c913f3a9086aff42b9ee483c09cf18e':
Remove a useless so-called test for arc4random.
|
|
|
|
Bug: 14499627
Change-Id: I01308d022da007f814f3fd8927341dfb3bf7e4cd
|