make a copy of sideloaded packages in /tmp before verifying
Copy a sideloaded package into /tmp, then verify and install the copy,
to prevent malicious users from overwriting the package between
verification and install.
Bug: 2826890 package can be replaced during verification
Bug: 2058160 Recovery should copy sideloaded (sd card) update ...
Change-Id: I3de148b0f1a671f1974782b6855527caeaefda23
diff --git a/roots.c b/roots.c
index 8f8dace..d5754db 100644
--- a/roots.c
+++ b/roots.c
@@ -42,6 +42,7 @@
static const char g_mtd_device[] = "@\0g_mtd_device";
static const char g_raw[] = "@\0g_raw";
static const char g_package_file[] = "@\0g_package_file";
+static const char g_ramdisk[] = "@\0g_ramdisk";
static RootInfo g_roots[] = {
{ "BOOT:", g_mtd_device, NULL, "boot", NULL, g_raw },
@@ -53,7 +54,7 @@
{ "SDCARD:", "/dev/block/mmcblk0p1", "/dev/block/mmcblk0", NULL, "/sdcard", "vfat" },
{ "SYSTEM:", g_mtd_device, NULL, "system", "/system", "yaffs2" },
{ "MBM:", g_mtd_device, NULL, "mbm", NULL, g_raw },
- { "TMP:", NULL, NULL, NULL, "/tmp", NULL },
+ { "TMP:", NULL, NULL, NULL, "/tmp", g_ramdisk },
};
#define NUM_ROOTS (sizeof(g_roots) / sizeof(g_roots[0]))
@@ -180,7 +181,9 @@
if (info->mount_point == NULL) {
return -1;
}
-//xxx if TMP: (or similar) just say "yes"
+ if (info->filesystem == g_ramdisk) {
+ return 0;
+ }
/* See if this root is already mounted.
*/